RC_REHAB_Reject Medication request by Pharmacy User+

Purpose

This WS is designed to Reject Medication Request by Pharmacy users.

Key points

1. Only authenticated and authorized user with appropriate scope can reject Medication Request.

2. In request in signed content the Medication Request data should be used the same as in response of Get Medication Request by Pharmacy User.

3. In the response of this endpoint legal entity, division and employee details are trimmed, according to business requirements (limitations) for Pharmacy.

4. Medication Request can be rejected only from ‘ACTIVE' status.

Specification

Apiary

Authorization

1. Verify the validity of access token

   • in case of error - return 401 (“Invalid access token”) in case of validation fails

2. Verify that token is not expired

   • in case of error - return 401 (“Invalid access token”)

3. Check user scopes in order to perform this action (scope = 'medication_request:reject_pharm')

   • return 403 (“Your scope does not allow to access this resource. Missing allowances: medication_request:reject_pharm”) in case of invalid scope(s)

Validations

Validate Digital Sign

• Validate request is signed

  • in case of error - return 400 (“document must be signed by 1 signer but contains 0 signatures”)

• Check DS is valid and not expired

• Validate that DS belongs to the user

  • Check that DRFO from DS and party.tax_id matches

    • in case of error - return 422 (“Does not match the signer drfo“)

Validate Medication request

• Get Medication request identifier from the URL. Check Medication request exists in OPS DB

  • in case of error - return 404 (“Medication request does not exist")

Validate user

Medication Request rejection is allowed for user if he has active and approved employee

• in case of error - return 409 ("Only active and approved employee can reject medication request")

Validate content

• Validate request using JSON schema

  • in case of error - return 422 with appropriate validation error

• Check that signed content contains all required fields and is equal to stored object

  • Decode signed content

  • Render requested medication request using Get Medication request by ID by Pharmacy User

  • Check that rendered and decoded data matches (except for reject_reason_code and reject_reason fields)

    • in case of error - return 422 ("Signed content does not match the previously created content")

Validation transition

• Get status of Medication request by $.id in OPS DB. Check that Medication request is in status ‘ACTIVE’

  • if invalid - return 409 ("Invalid status Medication request for reject transition!")

For more information look at Medication request status model

Validate reject reason code

• Validate $.reject_reason_code is a value from MEDICATION_REQUEST_REJECT_REASON dictionary

  • in case of error - return 422 ("value is not allowed in enum")

Validate reject reason

• Validate $.reject_reason is set in case $.reject_reason_code = 'OTHER'

  • in case of error - return 422 ("required property reject_reason was not present")

  • for such case JSON schema for $.reject_reason - minimum 1 symbol

    • in case of error - return 422 (“expected value to have a minimum length of 1 but was 0”)

Service logic

1. Save signed content to media storage.

2. Update Medication request in OPS DB:

   1. set status = 'REJECTED'

   2. set reject_reason_code = $.reject_reason_code

   3. set reject_reason = $.reject_reason

   4. set updated_by = user_id

   5. set updated_at = now()

   6. set rejected_by = user_id

   7. set rejected_at = now()

3. Send SMS for person

   1. If Medication request has program with medical program setting medication_request_notification_disabled = true, then don't send SMS.

      Else:

      1. Get authentication_method of person from MPI

      2. If authentication_method == OTP, then send SMS to a person from Medication request:

         1. Generate SMS text

            1. get template from reject_template_sms parameter

            2. enrich template with data from Medication request

         2. Send SMS to a person

4. Render response according to specification

5. Add new record to Event manager

6. If the medication request is based on the activity with quantity:

1. Recalculate and set remaining_quantity for the activity as described at Create Medication Request: Validate based_on (p. 2.d.1 ) and do not include current MR but include all MD which related to current MR