ЕСОЗ - публічна документація
RC_CSI-2483_Get Device request details
Purpose
This WS is designed to return Device request details by identifier.
Specification
Authorization
Verify the validity of access token
Return (401, 'Invalid access token') in case of validation fails
Verify that token is not expired
in case of error - return (401, 'Invalid access token')
Check user scopes in order to perform this action (scope = 'device_request:read')
Return (403, 'Your scope does not allow to access this resource. Missing allowances: device_request:read') in case of invalid scope(s)
Access to the resource is also managed by https://e-health-ua.atlassian.net/wiki/spaces/RMDN/pages/17671028956.
Service logic
Service returns specified Device requests related to the patient:
Get Device requests from device_request collection (MongoDB)
Validate data consistency:
Ensure that requested Device requests relates to requested Patient (from URL)
Return 403 ('Access denied') in case of error
Fill in
urgent
block with current authentication method and verification_code field:Get program from request and (if provided) get program setting
request_notification_disabled
Get person authentication method according to logic:
If authorize_with exists in device request and is not empty, check:
Authentication method exists in person_authentication_methods table in MPI DB (with is_active=true), is active (ended_at > now() or null)
Get value of
THIRD_PERSON_CONFIDANT_PERSON_RELATIONSHIP_CHECK
config parameter, if it is set totrue
- for authentication method with type = THIRD_PERSON check that person from value is an approved confidant for a person from device request – exists active and approved confidant person relationship between person from request and confidant_person_id from authentication method value (using following logic: https://e-health-ua.atlassian.net/wiki/spaces/CSI/pages/17667883028 withperson_id
= person from request andconfidant_person_id
= value from auth method - expected:ok, :approved
response)in case any validation failed - set verification_code and phone_number=null
else - get persons authentication method from authorize_with
if authorize_with does not exist in device request or is empty - get default authentication method of person from MPI using https://e-health-ua.atlassian.net/wiki/spaces/CSI/pages/17613029453
If person has OTP or THIRD_PERSON (with OTP) authentication method and
request_notification_disabled
= false/null (or absent), then set phone_number and verification_code=nullif person has OTP or THIRD_PERSON (with OTP) authentication method and
request_notification_disabled
= true, then set verification_code and phone_number
Render a response according to the specification
Calculate remaining quantity:
Select all Device dispenses in status completed related to the Device request
Sum
quantity
in the filtered Device dispenses as dispensed_qtyCalculate remaining_quantity = requested_quantity- dispensed_quantity
Return remaining_quantity in the response
ЕСОЗ - публічна документація