Overview

This WS is designed to return records about procedures by patient_id or/and search_params.

Specification

• Apiary - get by search parameters

• Apiary - get by ID

Authorization

Validate token

• Verify the validity of access token

  • Return 401 in case validation fails

• Verify token is not expired

  • in case error return 401 

Validate scopes

• Check user scopes in order to perform this action (scope = 'procedure:read')

  1. Return 403 in case invalid scope(s)

Access to the resource is also managed by ABAC module.

Validation

1. validate person_id
   
   

   1. validate $person_id is existing ID in mpi.persons.id And person is_active=true and status='active

      1. in case error return 404,

      2. "Person not found"

Response

1. Return response according to json schema

2. Filter response using submitted query params

   1. Query param device_id must be applied to focal_device

3. Return procedures where

   1. managing_organization.identifier.value=$Client_id

   2. consumer_id is a doctor with active declaration for current patient ($.person_id)