RC-[UPD] Get Device request details

Purpose

This WS is designed to return Device request details by identifier.

Specification

Apiary

Authorization

• Verify the validity of access token

  • Return (401, 'Invalid access token') in case of validation fails

• Verify that token is not expired

  • in case of error - return (401, 'Invalid access token')

• Check user scopes in order to perform this action (scope = 'device_request:read')

  • Return (403, 'Your scope does not allow to access this resource. Missing allowances: device_request:read') in case of invalid scope(s)

Access to the resource is also managed by RC-[UPD] ABAC rulesarchived.

Service logic

Service returns specified Device requests related to the patient:

1. Get Device requests from device_request collection (MongoDB)

2. Validate data consistency:

   1. Ensure that requested Device requests relates to requested Patient (from URL)

      1. Return 403 ('Access denied') in case of error

3. Fill in urgent block with current authentication method and verification_code field:

   1. Get program from request and (if provided) get program setting request_notification_disabled

   2. If person has OTP authentication method and request_notification_disabled = false/null (or absent), then set phone_number and verification_code=null

   3. if person has OTP authentication method and request_notification_disabled = true, then set verification_code and phone_number

4. Render a response according to the specification

   1. Calculate remaining quantity:

      1. Select all Device dispenses in status in_progress and completed related to the Device request

      2. Sum quantity in the filtered Device dispenses as dispensed_qty

      3. Calculate remaining_quantity = requested_quantity- dispensed_quantity

   2. Return remaining_quantity in the response