Purpose

This WS serves for receiving approval from person on action of merge with preperson.

Specification

Apiary

Service logic

1. Only authenticated and authorized SPECIALIST, ASSISTANT or RECEPTIONIST employees can use this WS.

2. Usage of this WS allowed in EMERGENCY or OUTPATIENT legal entities.

3. Person should confirm merge with preperson by auth method chosen on create patient request or create declaration request processes.

4. The request can be approved only by employee who made the request.

5. Change status should be logged in the Event manager.

Authentication

1. Verify the validity of access token

   1. Return 401 in case validation fails

2. Check user scopes in order to perform this action (scope = 'merge_request:write')

   1. Return 403 in case invalid scope(s)

3. Check the employee has created this merge request. Thus select inserted_by from il.merge_requests of this merge request and compare it with user_id from the token.

   1. If not match - return 403 error (Only author of merge request is allowed to approve it)

4. Check that client_id from the token maches with il.merge_requests.legal_entity_id

   1. If not match - return 422 error (User doesn’t belong to legal entity where the merge request was created)

Validate schema

Validate request using schema.

Validate merge request

1. Validate merge request id exists in DB

   1. In case of error - return 404

2. Check merge request status is NEW

   1. In case of error - return 422 (Incorrect status to approve merge request)

Validate legal entity

Validate legal entity as on create merge request process.

Validate person

Validate person as on create merge request process.

Validate confidant person relationship

If authorize_with of merge request is not empty and contains auth method with type = THIRD_PERSON - validate that person from value is an approved confidant for a person from request – exists active and approved confidant person relationship between person from request and person_id from authentication method value (using following logic: Check confidant person relationship with person_id = person from request and confidant_person_id = value from auth method - expected :ok, :approved response)

1. in case of error - return 409 ‘Cannot be confirmed by method with not approved confidant person relationship’

Validate preperson

Validate preperson as on create merge request process, but w/o searching pending merge requests and episodes.

Determine authorization method

Get authorization_method from il.merge_requests.authentication_method_current.

Next steps is similar to determine authorization method and check OTP/check Documents process on approve patient request.

Get preperson episodes

Get all the preperson episodes for the printout form (mongodb, episodes collection).

Generate printout form

1. Define printout form template based on authorize_with field of merge request:

   1. If authorize_with is not empty and contains auth method with type = THIRD_PERSON - select printout form with confidant person

   2. else - select printout form w/o confidant person

2. Invoke MAN to render print form.

For printout form with confidant person - preload confidant person object from MPI using auth method value:

• get confidant person details from personstable

• get confidant person documents from person_documents table

• get relation documents from confidant_person_relationship_documentstable

Setil.merge_requests.printout_form

Update object in DB

il.merge_requeststable