RC_Get Short Diagnostic Reports by Service Groups (CSI-1834)

Purpose

This WS is designed to search Diagnostic Reports grouped by Service Groups. If the user has approval on the Group of Services, he will receive a list of Diagnostic Reports (short information), which contain service from this Group. To receive full Diagnostic Report data user must have the access according to ABAC rules (EN) and use Get Diagnostic Report by id endpoint.

Also https://e-health-ua.atlassian.net/wiki/x/lQBrLQE logic includes this method.

Specification

https://ehealthmedicaleventsapi.docs.apiary.io/reference/medical-events/diagnostic-report/get-short-diagnostic-reports-by-service-groups

Authorization

• Verify the validity of access token

  • Return (401, 'Invalid access token') in case of validation fails

• Verify that token is not expired

  • in case of error - return (401, 'Invalid access token')

• Check user scopes in order to perform this action (scope = 'diagnostic_report:read')

  • Return (403, 'Your scope does not allow to access this resource. Missing allowances: diagnostic_report:read') in case of invalid scope(s)

Service logic

Service returns list of short Diagnostic Reports, which contain services from Groups of Services user has approval on, filtered by submitted parameters:

1. Select list of employees from PRM.employees related to the current user in the current legal_entity, using data from the token.

2. Select all active approvals on service_groups from ME.approvals (Mongo DB), where these employees referenced as granted_to.

3. Get services (PRM.service_inclusions DB) by service_group_id. Save service to services list.

4. Get Diagnostic Reports by person_id from ME.diagnostic_reports (Mongo DB) where:

   1. code.identifier.value is in services list (from previous step)

5. Filter Diagnostic Reports by submitted search params (service_group_id, managing_organization_id…).

6. Order Diagnostic Reports by inserted_at and render a response according to specification