Private. Unblock Medication request

1 Purpose
2 Key points
3 Specification
4 Authorization
5 Validations
- 5.1 Validate request
- 5.2 Validate Medication request
- 5.3 Validation transition
- 5.4 Validate legal entity type
6 Service logic

Purpose

This WS is designed to unblock previously blocked Medication request with indicating block_reason_code and block_reason by NHS employee with appropriate scope.

Key points

Only authenticated and authorized NHS admin-panel user with appropriate scope can unblock Medication request.
In the response of these endpoint person_id is returned in hashed form.
Medication request can be unblocked only from ‘ACTIVE' status.

Specification

"Unblock a `MedicationRequest` using its unique ID."
  unblockMedicationRequest(
    input: UnblockMedicationRequestInput!
  ): UnblockMedicationRequestPayload

"""
Input for `unblockMedicationRequest` mutation.
User must have a scope **medication_request_admin:unblock**
"""
input UnblockMedicationRequestInput {
  "Unique ID of the medication request which should be unblocked."
  id: ID!
}

"""
Return type for `unblockMedicationRequest` mutation.
"""
type UnblockMedicationRequestPayload {
  "Medication request unblock reason"
  blockReason: String!
  "Medication request unblock reason code from `MEDICATION_REQUEST_UNBLOCK_REASON` dictionary"
  blockReasonCode: UnblockReasonCode!
}

"""
List of unblock reason codes. According to `MEDICATION_REQUEST_UNBLOCK_REASON` dictionary
"""
enum UnblockReasonCode {
"Reason code `DEFAULT` to unblock medication request"
DEFAULT
}

Authorization

Verify the validity of access token
- in case of error - return 401 (“Invalid access token”) in case of validation fails
Verify that token is not expired
- in case of error - return 401 (“Invalid access token”)
Check user scopes in order to perform this action (scope = 'medication_request_admin:unblock')
- return 403 (“Your scope does not allow to access this resource. Missing allowances: medication_request_admin:unblock”) in case of invalid scope(s)

Validations

Validate request

Validate request using JSON schema
- in case of error - return 422

Validate Medication request

Get Medication request identifier from the URL. Check Medication request exists in OPS DB
- in case of error - return 404

Validation transition

Get Medication request by $.id in OPS DB. Check that Medication request status = ‘ACTIVE’
- in case of error - return 409 ("Medication request must be in active status")
Get Medication request by $.id in OPS DB. Check that Medication request is blocked, i.e. is_blocked = true
- in case of error - return 409 ("Medication request is already unblocked")

Validate legal entity type

Validate type of legal entity which is related to blocking = NHS. Using ops.medication_requests.(by $.id).block_legal_entity_id
- in case of error - return 422 ("It is not allowed to unblock medication request, which is blocked not by NHS")

Service logic

Update Medication request in OPS DB:
1. set is_blocked = false
2. set block_reason_code = $.block_reason_code
3. set block_reason = $.block_reason
4. set updated_by = user_id
5. set updated_at = now()
6. set block_legal_entity_id = legal entity id out of token
Send SMS for person
1. If Medication request has program with medical program setting medication_request_notification_disabled = true, then don't send SMS.
  Else:
  1. Get authentication_method of person from MPI
  2. If authentication_method == OTP, then send SMS to a person from Medication request:
    1. Generate SMS text
      1. get template from unblock_template_sms_nhs parameter
      2. enrich template with data from Medication request
    2. Send SMS to a person
Return Medication request data with hashed person_id