ЕСОЗ - публічна документація
ARCHIVE_Reject Medication request_EN (DRACS, DRFO)
Purpose
This WS is designed to reject previously created Medication Request.
Key points
Only authenticated and authorized user with appropriate scope can reject Medication Request.
Medication Request can be rejected only from ‘ACTIVE' status.
Specification
Authorization
Verify the validity of access token
in case of error - return 401 (“Invalid access token”) in case of validation fails
Verify that token is not expired
in case of error - return 401 (“Invalid access token”)
Check user scopes in order to perform this action (scope = 'medication_request:reject')
return 403 (“Your scope does not allow to access this resource. Missing allowances: medication_request:reject”) in case of invalid scope(s)
If BLOCK_UNVERIFIED_PARTY_USERS is true, then check party's data match following condition: verification_status != NOT_VERIFIED or (verification_status = NOT_VERIFIED and updated_at <= current_date - UNVERIFIED_PARTY_PERIOD_DAYS_ALLOWED):
in case not match - return 403 ("Access denied. Party is not verified")
Validations
Validate Digital Sign
Validate request is signed
in case of error - return 400 (“document must be signed by 1 signer but contains 0 signatures”)
Check DS is valid and not expired
Validate that DS belongs to the user
Check that DRFO from DS and party.tax_id matches
in case of error - return 422 (“Does not match the signer drfo“)
Validate Medication request
Get Medication request identifier from the URL. Check Medication request exists in OPS DB
in case of error - return 404
Validate user
Medication Request rejection is allowed for user if he has one of the following active and approved employee that:
is an author of the Medication request Request (medication_request.employee_id)
has an approval on write Care plan if Medication Request based on the Care plan (medication_request.based_on)
is Med_Admin from legal entity where Medication Request is created
in case of error - return 409 ("Employee is not author of medication request, doesn't have approval or required employee type")
Validate content
Validate request using JSON schema
in case of error - return 422
Check that signed content contains all required fields and is equal to stored object
Decode signed content
Render requested medication request
Check that rendered and decoded data matches (except for reject_reason_code and reject_reason fields)
in case of error - return 422 ("Signed content does not match the previously created content")
Note! Medication Request with intent plan and order has different structure:
Medical program is required in order
Medical program is absent in plan
Validation transition
Get status of Medication request by $.id in OPS DB. Check that Medication request is in status ‘ACTIVE’
if invalid - return 409 ("Invalid status Medication request for reject transition!")
For more information look at Medication request data model
Service logic
Save signed content to media storage.
Update Medication request in OPS DB:
set status = 'REJECTED'
set reject_reason_code = $.reject_reason_code
set reject_reason = $.reject_reason
set updated_by = user_id
set updated_at = now()
Send SMS for person
If Medication request has program with medical program setting medication_request_notification_disabled = true, then don't send SMS.
Else:
Get authentication_method of person from MPI
If authentication_method == OTP, then send SMS to a person from Medication request:
Generate SMS text (
get template from reject_template_sms parameter
enrich template with data from Medication request
Send SMS to a person
Add new status to event manager
field | value |
---|---|
|
|
|
|
| $.id |
| $.status |
| $.update_at |
| $.changed_by |
ЕСОЗ - публічна документація