ЕСОЗ - публічна документація
RC_(CSI-2672) Update Person verification status
- Yuliia Mazur (UA SoE eHealth)
Purpose
This WS allows to update current verification status of specified person. Now updating of DRACS death stream verification status is allowed.
Specification
Authorization
Verify the validity of access token
Return (401, 'Invalid access token') in case of validation fails
Verify that token is not expired
in case of error - return (401, 'Invalid access token')
Check user scopes in order to perform this action (scope = 'person_verification:write')
Return (403, 'Your scope does not allow to access this resource. Missing allowances: person_verification:write') in case of invalid scope(s)
Validate signed content
Check that
$.signed_contentfield contains digital signaturein case of error - return 400 ('Invalid signature')
Check digital signature of
$.signed_contentis validin case of error - return 400 with digital signature validation error message
Check that
drfofield exists in digital signature and is not emptyin case of error - return 410 ('Invalid drfo')
Check that
drfofield in digital signature equals totax_idof party that is related to employee that performs requestin case of error - return 422 ('Does not match the signer drfo')
Validate Patient
Get Patient identifier from the URL
Check it exists in mpi DB, persons table
Return 404 ('not found') in case of error
Check if person verification record exists in
mpi.person_verificationstableReturn 404 ('not found') in case of error
Check if person.dracs_death.verification_status is equal to “NOT_VERIFIED”
in case of error - return 422 (“verification details for person in <person.dracs_death.verification_status> status can not be updated)
Validations
Validate schema
Validate request according to JSON Schema
Check presence of extra parameters
In case of error - return 422 ('schema does not allow additional properties')
Check presence of required parameters
In case of error - return 422 ('required property %{property} was not present')
Validate DRACS verification status
Validate $.dracs_death.verification_status
Check if $.dracs_death.verification_status value is "VERIFICATION_NEEDED" "VERIFIED" (from PERSON_VERIFICATION_STATUSES dictionary)
In case of error - return 422 error ("value is not allowed in enum")
Validate DRACS verification reason
Validate $.dracs_death.verification_reason
Check if $.dracs_death.verification_reason value is MANUAL_CONFIRMED or MANUAL_NOT_CONFIRMED from PERSON_VERIFICATION_STATUS_REASONS dictionary
in case of error - return 422 ("verification reason (<$.dracs_death.verification_reason>) is not allowed for person DRACS death status")
Validate death_date
Validate $.dracs_death.death_date if exist
Check if $.dracs_death.death_date value is correct format ‘dd.mm.yyyy’
in case of error - return 422 ("Invalid. Expected \"%{actual}\" to be a valid ISO 8601 date")
Check if $.dracs_death.death_date value in the past ($.dracs_death.death_date =< date.today()) (expected \"$.dracs_death.death_date\" to be less then or equal to current date)
in case of error - return 409 (“Death date must not be in the future“)
Check if $.dracs_death.death_date is absent if $.dracs_death.verification_reason = “MANUAL_NOT_CONFIRMED”
in case of error - return 422 (“Death date must not be present with MANUAL_NOT_CONFIRMED verification_reason“)
Service logic
Set person DRACS verification status to
mpi.person_verificationstable:person.dracs_death_verification_status = $.dracs_death.verification_status
person.dracs_death_verification_reason = $.dracs_death.verification_reason
person.dracs_death_verification_comment = $.dracs_death.verification_comment
updated_at = now()
updated_by = user_id (from token)
If $.dracs_death.verification_status: VERIFIED and $.dracs_death.verification_reason: MANUAL_CONFIRMED in request - next steps are needed:
Deactivate person:
set persons.status = inactive, persons.updated_at = now(),
set persons.death_date = $.dracs_death.death_date (if death date in content)
terminate active declarations for person with reason = MANUAL_DEATH_REGISTRATION_BY_DOCTOR
deactivate active persons authentication methods
revert active verification candidates for person in person_verification_candidates table in MPI DB by person_id
set status = ‘NOT_CONFIRMED’
set updated_at = now()
Deactivate user
search user by person_id, if exists (Mithril.users DB)
set is_active = false
set updated_at = now()
call expire_user_tokens function
Deactivate relationships
Get relationships between two persons from MPI | confidant_person_relationships table where:
(person_id is equal to $.person_id OR confidant_person_id is equal to $.person_id)
is_active = true
Deactivate each found relationship from previous step, set values:
active_to = now()
updated_by = system_user()
updated_at = now()
Deactivate auth methods in MPI | person_authentication_methods table with type = THIRD_PERSON and value = confidant_person_id from each found relationship from previoud step, set values:
ended_at = now()
updated_by = system_user()
updated_at = now()
If $.dracs_death.verification_status: VERIFIED and $.dracs_death.verification_reason: MANUAL_NOT_CONFIRMED in request:
revert active verification candidates for person in person_verification_candidates table in MPI DB by person_id
set status = ‘NOT_CONFIRMED’
set updated_at = now()
Calculate cumulative verification status based on persons verification status in each stream:
Manual NHS verification, DRFO registry verification, DRACS death acts registry verification according to logic described at Person verification status model | Cumulative verification status:Set calculated status to persons.verification_status field
Create StatusChangeEvent in event manager with new verification status if it was changed
Store
signed_contentin appropriatePerson Bucket.Bucket name (
Person)Person identifier
Folder for signed content of verification
File with signed content. Has name with timestamp (
epoch||"_verification") which corresponds toupdated_attimestamp of updated Person verification record.
Render a response according to specification
ЕСОЗ - публічна документація