ЕСОЗ - публічна документація

RC_CSI-2483_Resend Medication request

Purpose

This WS is designed to resend SMS to person with Medication request info.

Key points

  1. Only authenticated and authorized user with appropriate scope can resend Medication request info.

  2. Medication request info can be resend only to person with verification_type = OTP.

  3. Medication request info can be resend only for medication requests with intent order.

  4. Medication request info can be resend only from ‘ACTIVE' status.

Specification

Apiary

Authorization

  1. Verify the validity of access token

    • in case of error - return 401 (“Invalid access token”) in case of validation fails

  2. Verify that token is not expired

    • in case of error - return 401 (“Invalid access token”)

  3. Check user scopes in order to perform this action (scope = 'medication_request:resend')

    • return 403 (“Your scope does not allow to access this resource. Missing allowances: medication_request:resend”) in case of invalid scope(s)

Validations

Validate Medication request

  • Get Medication request identifier from the URL. Check Medication request exists in OPS DB

    • in case of error - return 404 ('Not found')

Validate intent

  • Get Medication request by $.id in OPS DB. Check that Medication request intent = ‘order’

    • if invalid - return 409 ("For medication request plan information cannot be resent")

Validate status

  • Get Medication request by $.id in OPS DB. Check that Medication request status = ‘ACTIVE’

    • if invalid - return 409 ("Invalid status Medication request for resend action!")

Validate medical program

Get Medication request by $.id in OPS DB. If medical program exists in the medication request:

  • Get medical program settings by $.medical_program.id

  • Check request_notification_disabled = false or null/absent

    • if true - return 409 ("Notifications are not allowed for the medical program!")

Validate verification code

  • Get Medication request by $.id in OPS DB. Check that Medication request verification code is not null

    • if invalid - return 403 ("Can't resend Medication request without verification code!")

Validate person

  • If authorize_with exists in medication request and is not empty, check:

  • If authorize_with does not exist in medication request or is empty - get authentication_method of person from MPI DB

  • Check that persons authentication_method == ‘OTP’ or ‘THIRD_PERSON’ with authentication_method == ‘OTP’

    • if invalid - return 409 ("Person or third person has no OTP auth method")

Service logic

  1. Call SMS timeout procedure to check if resending is allowed using:
    - MR_MAX_ATTEMPTS_COUNT as MAX_ATTEMPTS_COUNT
    - MR_SEND_TIMEOUT as SEND_TIMEOUT
    - "medication_request" as entity_name
    - medication_request_id as entity_id

    in case of error - return 429 ("Sending SMS timeout. Try later. Next attempt will be available at <attempts.oldest.value + SEND_TIMEOUT>")

  2. Generate SMS text

    1. get template from sign_template_sms parameter

    2. enrich template with data from Medication request

  3. Send SMS to a person

ЕСОЗ - публічна документація