Purpose

This process describes approving previously created Confidant Person relationship request.

Key points

1. This WS is used to approve Confidant Person relationship requests for creating new or deactivating existing confidant person relationships.

2. Confidant Person relationship requests flow is based on action field of request.

Specification

Apiary

Authorization

• Verify the validity of access token

  • Return (401, 'Invalid access token') in case of validation fails

• Verify that token is not expired

  • in case of error - return (401, 'Invalid access token')

• Check user scopes in order to perform this action (scope = confidant_person_relationship_request:write)

  • Return (403, 'Your scope does not allow to access this resource. Missing allowances: confidant_person_relationship_request:write') in case of invalid scope(s)

Validation

Validate Person

• Get person_id from URL

• Validate person status is active (status = ‘active' & is_active = 'true’)

  • in case of error - return 404 ('Person is not found')

Validate request

• Check that confidant person relationship request from URL exists in https://e-health-ua.atlassian.net/wiki/spaces/CSI/pages/17613422609/IL#confidant_person_relationship_requests table with person_id = person_id from URL

  • in case of error - return 404 ('Confidant person relationship request is not found')

• Check that confidant person relationship request from URL has status = NEW and channel = MIS

  • in case of error - return 409 ('Invalid transition')

• Check absence of extra parameters from request

  • in case of error - return 422 ('schema does not allow additional properties')

Validate confidant person relationship

• If authorize_with of confidant person relationship request is not empty and contains auth method with type = THIRD_PERSON - validate that person from value is an approved confidant for a person from request – exists active and approved confidant person relationship between person from request and person_id from authentication method value (using following logic: https://e-health-ua.atlassian.net/wiki/spaces/CSI/pages/17667883028 with person_id = person from request and confidant_person_id = value from auth method - expected :ok, :approved response)

  • in case of error - return 422 ('Cannot be confirmed by method with not approved confidant person relationship')

Validate OTP

Based on value of authentication_method_current.type of confidant person relationship request:

• if type = OTP - invoke OTP Verification module to verify OTP that is submitted in $.verification_code field

  • in case of error - return 403 ('Invalid verification code')

• if type = OFFLINE - proceed to Check uploaded documents

Check uploaded documents

Get list of document types that must be uploaded to media content storage in documents_relationship field of confidant person relationship request.

• If list is empty - skip validation

• If list is not empty - check that documents were uploaded, using Media Content Storage

  • in case of error - return 409 ('Document <<document_types_to_upload>> is not uploaded') with types of documents that must be uploaded to media content storage

Service logic

Create or deactivate confidant person relationship

Based on action field of confidant person relationship request:

Create confidant person relationship (action = INSERT)

Create confidant person relationship between person and confidant person:

• Call https://e-health-ua.atlassian.net/wiki/spaces/CSI/pages/17612832814 , set values:

  1. person_id = confidant_person_relationship_request.person_id

  2. confidant_person_id = confidant_person_relationship_request.confidant_person_id

  3. verification_status = “VERIFICATION_NEEDED”

  4. verification_reason = “MANUAL_CREATED_BY_DOCTOR“

  5. confidant_person_relationship_documents = confidant_person_relationship_request.confidant_person_relationship.documents_relationship

  In case if persons age < person_full_legal_capacity_age years old:

  • calculate relationship_expiration_date - date when person becomes person_full_legal_capacity_age years old

  • check if $.active_to <= relationship_expiration_date

    • if true - set active_to = $.active_to

    • if false or $.active_to = null - set active_to = relationship_expiration_date

Check existence of authentication method with type = THIRD_PERSON, value = confidant_person_id from request, is_active = true and ended_at > now() or null

• if not found - create authentication method for person, set values:

  • id = autogenerate uuid

  • person_id = confidant_person_relationship_request.person_id

  • type = THIRD_PERSON

  • value = confidant_person_relationship_request.confidant_person_id

  • inserted_at = now()

  • updated_at = now()

  • started_at = now()

  • ended_at: if person.age < person_full_legal_capacity_age

    • ended_at = birth_date + person_full_legal_capacity_age - 1d

      • else ended_at = start_date + third_person_term global parameter

  • inserted_by = user_id (from token)

  • updated_by = user_id (from token)

• If found - do not create authentication method for person

Deactivate confidant person relationship (action = DEACTIVATE)

Deactivate existing confidant person relationship for person:

• Deactivate relationship record in relationship https://e-health-ua.atlassian.net/wiki/spaces/CSI/pages/17613488166/MPI#confidant_person_relationships table where id = confidant_person_relationship_id and is_active = true, set values:

  • active_to = now()

  • updated_at = now()

  • updated_by = user_id (from token)

• Save documents from documents_relationship field to https://e-health-ua.atlassian.net/wiki/spaces/CSI/pages/17613488166/MPI#confidant_person_relationship_documents table for deactivated confidant person relationship, set values:

  • id = autogenerate uuid

  • confidant_person_relationship_id = confidant_person_relationship_id of deactivated relationship

  • type = documents_relationship[i].type

  • number = documents_relationship[i].number

  • issued_at = documents_relationship[i].issued_at

  • issued_by = documents_relationship[i].issued_by

  • inserted_by = user_id (from token)

  • updated_by = user_id (from token)

  • inserted_at = now()

  • updated_at = now()

• For deactivated relationship - deactivate person authentication methods in https://e-health-ua.atlassian.net/wiki/spaces/CSI/pages/17613488166/MPI#person_authentication_methods table with type = THIRD_PERSON and value = confidant_person_relationships.confidant_person_id, set values:

  • ended_at = now()

  • updated_at = now()

  • updated_by = user_id (from token)

Update confidant person relationship request

Update confidant person relationship request in https://e-health-ua.atlassian.net/wiki/spaces/CSI/pages/17613422609/IL#confidant_person_relationship_requests table, set values:

• status = COMPLETED

• updated_at = now()

• updated_by = user_id (from token)

• confidant_person_relationship_id = confidant_person_relationship.id of created relationship (from action = INSERT)