ЕСОЗ - публічна документація

RС_[UPD] API. Get activity by ID

Purpose

This WS allows to get detailed information of the patient’s Care plan activity. To obtain activity list for the Care plan RС_[UPD] API. Get activities by search paramsarchived should be used.

Specification

Apiary

Authorization

  • Verify the validity of access token

    • Return (401, 'Invalid access token') in case of validation fails

  • Verify that token is not expired

    • in case of error - return (401, 'Invalid access token')

  • Check user scopes in order to perform this action (scope = 'care_plan:read')

    • Return (403, 'Your scope does not allow to access this resource. Missing allowances: care_plan:read') in case of invalid scope(s)

Validate Patient

  • Get Patient identifier from the URL

  • Check it exists in DB

    • Return 404 ('not found') in case of error

Validate Care plan

  • Get Care plan identifier from the URL

  • Check it exists in DB

    • Return 404 ('not found') in case of error

Validate User

  • Extract user_id from token.

  • Check user has an active and approved employee from legal entity (token) for which one of the conditions is TRUE:

    • has an active Approval granted by the Patient on write or read the Care plan resource (care plan id from URL)

      • Return 403 ('Access denied') in case employee has no Approval on read or write

    • has an active declaration with the patient

      • Return 403 ('Access denied') in case there no active declaration with patient and none of other conditions is true

    • user belongs to the legal entity where the care_plans were created

      • Return 403 ('Access denied') in case employee belongs to another legal_entity and none of conditions above is true

Service logic

Service returns activity within specified Care plan related to the patient:

  • Get activity by ID from care_plan_activities collection (MongoDB)

  • Validate data consistency:

    • Ensure that requested activity relates to requested Patient and Care Plan (from URL)

      • Return 404 ('not found') in case of error

  • Render a response according to specification

 

ЕСОЗ - публічна документація