CRC_(CSI-2483,CR-441)_Approval - resend sms

Specification

user POST /api/patients/{id}/approvals/{id}/actions/resend_sms

Validate request

Authorize

1. Verify the validity of access token

2. Check user scope approval:create in order to perform this action

Validate authorize with

If authorize_with exists in approval and is not empty, check:

• Authentication method exists in person_authentication_methods table in MPI DB (with is_active=true), is active (ended_at > now() or null)

• Get value of THIRD_PERSON_CONFIDANT_PERSON_RELATIONSHIP_CHECK config parameter, if it is set to true - for authentication method with type = THIRD_PERSON check that person from value is an approved confidant for a person from approval – exists active and approved confidant person relationship between person from request and confidant_person_id from authentication method value (using following logic: https://e-health-ua.atlassian.net/wiki/spaces/CSI/pages/17667883028 with person_id = person from request and confidant_person_id = value from auth method) - expected :ok, :approved response)

  • in case of error - return 409 ('Authentication method doesn't exist, is inactive or does not belong to this person')

Logic

1. Search for approval by patient_id + approval_id

2. If not found

   1. return error

3. send SMS to the auth_phone via otp_verification service POST /verifications