ЕСОЗ - публічна документація

RCGet Specimen details

Owned by Mykhailo Troinin (SoE eHealth) (Unlicensed)
Nov 23, 2023
1 min read

Purpose

This WS allows to get a single Specimen by its identifier.

Key points

  1. Only authenticated and authorized employee with appropriate scope can get a Specimen.

  2. Method returns a single Specimen that belongs to the specified patient.

  3. ABAC rules are used here

Specification

Apiary

Authorization

  • Verify the validity of access token

    • in case of error - return 401 “Invalid access token” in case of validation fails

  • Verify that token is not expired

    • in case of error - return 401 “Invalid access token”

  • Check user and client scopes in order to perform this action (scope = 'specimen:read')

    • return 403 “Your scope does not allow to access this resource. Missing allowances: specimen:read” in case of invalid scope(s)

  • Access to the resource is also managed by ABAC module

Validate Patient

  • Get Patient identifier from the URL

  • Check it exists in DB

    • Return 404 ('not found') in case of error

Validate Specimen

  • Get Specimen identifier from the URL

  • Check it exists in DB

    • Return 404 ('not found') in case of error

  • Check Specimen belongs to patient

    • Return 404 ('not found') in case of error

Service logic

Service returns specified Specimen related to the patient:

  • Get Specimen by ID from specimens collection (MongoDB)

  • Render a response according to specification

ЕСОЗ - публічна документація