ЕСОЗ - публічна документація

Private. Approve Contract Request by NHS

Owned by sveta vedmed (Unlicensed)
Last updated: Feb 22, 2023 by Oleksandr Zhuk (SoE eHealth)
13 min read

Purpose

This WS is designed to change status of contract request to APPROVED by NHS ADMIN SIGNER. NHS employee can change status of contract request through Admin portal

Specification

Link

https://ehealthmisapi1.docs.apiary.io/#reference/public.-contracts/contract-request/private.-approve-contract-request-by-nhs

Посилання на Apiary або Swagger

Resource

/api/contract_requests/{{id}}/actions/approve

Посилання на ресурс, наприклад: /api/persons/create

Scope

contract_request:update

Scope для доступу

Components

Contracts

Зазначається перелік бізнес компонентів, які використовують цей метод, наприклад: ePrescription

Microservices

API paragraph not found

Перелік мікросервісів, які використовує метод API, наприклад: Auth, ABAC

Protocol type

REST

Тип протоколу, який використовується запитом, наприклад: SOAP | REST

Request type

PATCH

Тип запиту API, наприклад: GET, POST, PATCH…

Sync/Async

API paragraph not found

Метод є синхронним чи асинхронним?

Public/Private/Internal

Private

Потрібно зазначити тип методу за ступенем доступності

Preconditions

Before this the contract request should Updated by NHS employee

Logic

To approve contract next fields must be signed by NHS employee and sent by same NHS employee in base64 format (all fields below are required): In DS EDRPOU/DRFO must be equal to contractor_legal_entity.edrpou

Input parameters

Input parameter

Values

Type

Description

Example

Input parameter

Values

Type

Description

Example

id

 

String

Required

b075f148-7f93-4fc2-b2ec-2d81b19a9b7b

Request structure

Example:

{ "signed_content": "ew0KImlkIjoiMDkxMDZiNzAtMThiMC00NzI2LWIwZWQtNmJkYTEzNjlmZDUyIiwNCiJjb250cmFjdG9yX2xlZ2FsX2VudGl0eSI6IHsNCiAgICAgICJpZCI6ICJkZjlmNzBlZS00YjEyLTQ3NDAtYjBmNS1iYjVhZWExMTY4NjMiLA0KICAgICAgIm5hbWUiOiAi0JrQu9GW0L3RltC60LAg0J3QvtGD0L3QtdC50LwiLA0KICAgICAgImVkcnBvdSI6ICIzMjMyMzQ1NCINCiAgICB9LA0KInRleHQiOiAic3RhdGljX3RleHQiDQp9", "signed_content_encoding": "base64" }

Authorize

Request to process the request using a token in the headers

Headers

Наприклад:

Content-Type:application/json

Authorization:Bearer c2778f3064753ea70de870a53795f5c9

Request data validation

Validate token

  • Verify the validity of access token

    • Return 401 in case validation fails

  • Check if token is not expired

    • in case error return 401 - "Token is expired"

Validate user

extract user_id from token

extract client_id from token

  • Check if user is active

    • in case error return 403 - (user is not active)

  • check nhs_legal_entity is active

    • in case error return 403 - (Client is not active)

  • Check user role = "NHS ADMIN SIGNER"

    • in case error return 403 "User is not allowed to perform this action"

Validate scopes

  • Check user scopes in order to perform this action (scope = 'contract_requests:update')

    • Return 403 in case invalid scope(s) "Your scope does not allow to access this resource. Missing allowances: contract_requests:update"

Digital signature

Decode content that is encrypted in an electronic digital signature.
Use Digital signature WS. Method checks digital signature and returns result.

Validate EDRPOU

  1. Check that EDRPOU in Certificate details exists and not empty

    1. in case of error return 422 error ('Invalid EDRPOU in DS')

  2. Check that EDRPOU in Certificate details is equal to EDPOU in legal entity

    1. Get client_id from token.

    2. Find prm.legal_entities id by client_id

    3. Compare EDRPOU in Certificate with legal_entities.edrpou

    4. In case validation fails - generate 422 error

  3. Check that SURNAME in Certificate details is equal to LAST_NAME in Party

    1. Get user_id → user_parties.party_id → parties.last_name and compare to surname from DS

      1. Convert prm.parties.LAST_NAME and Certificate details.SURNAME to uppercase

      2. Compare prm.parties.LAST_NAME and Certificate details.SURNAME as Cyrillic letters

      3. In case validation fails - generate 422 error

Validate DRFO

  1. Get parties.tax_id using party_users.party_id by user_id.

  2. Compare DRFO in Certificate with party.tax_id

    1. Convert DRFO and TAX_ID to uppercase

    2. Compare DRFO and TAX_ID as Cyrillic letters

    3. Convert DRFO to Cyrillic and compare as Cyrillic letters

  3. In case validation fails - generate 422 error

Validate request

  1. Check that all fields are present in signed content

    1. "id"

    2. "contractor_legal_entity":

      1. "id"

      2. "name"

      3. "edrpou"

    3. next_status

    4.  "text"

  2. Check next_status

    1. for contract type CAPITATION='APPROVED'. In case error return 422 "Incorrect next_status"

    2. for contract type REIMBURSEMENT='PENDING_NHS_SIGN'. In case error return 422 "Incorrect next_status"

  3. Validate contract request id

    1. Check contract request with contract_request.id = $.id exists

      1. in case of error return 404 ("not_found")

    2. Check contract_requests.id = $.id

      1. in case of error return 422 ("Signed content does not match the previously created content")

  4. Validate contract_request.status=IN_PROCESS

    1. in case error return 409 - "Incorrect status of contract request to modify it"

  5. Validate nhs side fields are not empty - in case error return 422 "Field $ could not be empty"

    1. nhs_signer_id

    2. nhs_legal_entity_id 

    3. nhs_signer_base

    4. nhs_contract_price - for capitation only

    5. nhs_payment_method 

    6. issue_city

    7. medical_program_id - for reimbursement only

  6. Validate contractor_legal_entity_id

    1. Legal_entities.id = $.contractor_legal_entity_id and Legal_entities.status='ACTIVE' and is_active=true,

      1. in case error return 422 ('Legal entity is not active')

    2. $contractor_legal_entity.edrpou in request=prm.legal_entities.edrpou

    3. $contractor_legal_entity.name in request=prm.legal_entities.name

  7. Validate contractor_owner_id

    1. Employee is_active=true and status='APPROVED' and employees.legal_entity_id=contractor_legal_entity_id

      1. in case error return 422, $contractor_owner_id ('Contractor owner must be active within current legal entity in contract request')

  8. Validate contractor_divisions

    1. Check divisions belongs to legal_entity and divisions.status='active'

      1. in case of error return 422  error view $divisions ('Division must be active and within current legal_entity')

  9. Capitation only: Validate contractor_employee_divisions

    1. Check contractor_employee_divisions is not null

      1. in case of error return 422  error ('contractor_employee_divisions can not be  empty')

    2. Employees from employee_divisions has employee_type='DOCTOR', status='APPROVED'

      1. in case of error return 422  error view $employee ('Employee must be an active DOCTOR')

    3. Check contractor_employee_divisions.division_id is present in contractor_divisions.id

      1. in case of error return 422 error $divisions ('The division is not belong to contractor_divisions')

  10. Validate start_date

    1. start_date > now()

      1. in case error return 422 $start_date ("Contract request start date should be in future")

  11. Reimbursement only: Validate medical_program_id  is an ID of an ACTIVE medical program.

Check uploaded documents

Invoke Media Content Storage to check documents exist.

Return validation error if it's not

Dictionaries

  • CONTRACT_PAYMENT_METHOD

  • CONTRACT_TYPE

  • REIMBURSEMENT_CONTRACT_TYPE

  • ADDRESS_TYPE

  • COUNTRY

  • SETTLEMENT_TYPE

  • STREET_TYPE

  • PHONE_TYPE

  • SPECIALITY_TYPE

  • SPECIALITY_LEVEL

  • SPEC_QUALIFICATION_TYPE

Processing

Generate contract number

In case contract_number is null generate new contract number according to the rules

Save response data to DB

After response is generated response.data should be saved to DB contract_requests.data 

Validate status

  • if contract_request.type=CAPITATION - set status=APPROVED

  • if contract_request.type=REIMBURSEMENT - set status=PENDING_NHS_SIGN

Mapping

field

value

field

value

nhs_signer_id

 $.user_id

nhs_legal_entity_id

 $.client_id

updated_by

 $.user_id

updated_at

 now()

status

 APPROVED, PENDING_NHS_SIGN

data

$.data

 

Save signed contract request to media storage

  1. Get url for contract request upload

     

     

  2. Upload signed declaration to media storage

Add to event manager

After status was changed (status = APPROVED, PENDING_NHS_SIGN, DECLINED, TERMINATED or SIGNED) - add new status to event_manager

field

value

field

value

event_type

StatusChangeEvent

entity_type

Contract_request

entity_id

$.id

properties.status.new_value

$.status

event_time

$.update_at

changed_by

$.user_id

inserted_at

now()

updated_at

now()

Response structure

Example:

{ "meta": { "code": 201, "url": "https://example.com/resource", "type": "object", "request_id": "6617aeec-15e2-4d6f-b9bd-53559c358f97#17810" }, "data": { "id": "09106b70-18b0-4726-b0ed-6bda1369fd52", "contract_type": "CAPITATION", "contractor_legal_entity": { "id": "df9f70ee-4b12-4740-b0f5-bb5aea116863", "name": "Клініка Ноунейм", "edrpou": "32323454", "addresses": [ { "type": "RESIDENCE", "country": "UA", "area": "Житомирська", "region": "Бердичівський", "settlement": "Київ", "settlement_type": "CITY", "settlement_id": "b075f148", "street_type": "STREET", "street": "вул. Ніжинська", "building": "15", "apartment": "23", "zip": "02090" } ] }, "contractor_owner": { "id": "b075f148-7f93-4fc2-b2ec-2d81b19a9b7b", "party": { "first_name": "Петро", "last_name": "Іванов", "second_name": "Миколайович" } }, "contractor_base": "на підставі закону про Медичне обслуговування населення", "contractor_payment_details": { "bank_name": "Банк номер 1", "MFO": "351005", "payer_account": "32009102701026" }, "contractor_rmsp_amount": 50000, "contractor_divisions": [ { "id": "2922a240-63db-404e-b730-09222bfeb2dd", "name": "Бориспільське відділення Клініки Ноунейм", "addresses": [ { "type": "RESIDENCE", "country": "UA", "area": "Житомирська", "region": "Бердичівський", "settlement": "Київ", "settlement_type": "CITY", "settlement_id": "b075f148", "street_type": "STREET", "street": "вул. Ніжинська", "building": "15", "apartment": "23", "zip": "02090" } ], "phones": [ { "type": "MOBILE", "number": "+380503410870" } ], "email": "email@example.com", "working_hours": { "mon": [ [ "08.00", "12.00" ], [ "14.00", "18.00" ] ], "tue": [ [ "08.00", "12.00" ] ], "wed": [ [ "08.00", "12.00" ] ], "thu": [ [ "08.00", "12.00" ] ], "fri": [ [ "08.00", "12.00" ] ] }, "mountain_group": false } ], "contractor_employee_divisions": [ { "employee": { "id": "b075f148-7f93-4fc2-b2ec-2d81b19a9b7b", "party": { "first_name": "Петро", "last_name": "Іванов", "second_name": "Миколайович" }, "speciality": { "speciality": "THERAPIST", "speciality_officio": true, "level": "FIRST", "qualification_type": "AWARDING", "attestation_name": "Академія Богомольця", "attestation_date": "2017-02-28", "valid_to_date": "2020-02-28", "certificate_number": "AB/21331" } }, "staff_units": 0.5, "declaration_limit": 2000, "division_id": "2922a240-63db-404e-b730-09222bfeb2dd" } ], "external_contractor_flag": true, "external_contractors": [ { "legal_entity": { "id": "b075f148-7f93-4fc2-b2ec-2d81b19a9b7b", "name": "Клініка Ноунейм" }, "contract": { "number": "1234567", "issued_at": "2018-01-01", "expires_at": "2019-01-01" }, "divisions": [ { "id": "2922a240-63db-404e-b730-09222bfeb2dd", "name": "Бориспільське відділення Клініки Ноунейм", "medical_service": "Послуга ПМД" } ] } ], "id_form": "PMD_1", "nhs_signer": { "id": "b075f148-7f93-4fc2-b2ec-2d81b19a9b7b", "party": { "first_name": "Петро", "last_name": "Іванов", "second_name": "Миколайович" } }, "nhs_legal_entity": { "id": "df9f70ee-4b12-4740-b0f5-bb5aea116863", "name": "Клініка Ноунейм", "edrpou": "32323454", "addresses": [ { "type": "RESIDENCE", "country": "UA", "area": "Житомирська", "region": "Бердичівський", "settlement": "Київ", "settlement_type": "CITY", "settlement_id": "b075f148", "street_type": "STREET", "street": "вул. Ніжинська", "building": "15", "apartment": "23", "zip": "02090" } ] }, "nhs_signer_base": "на підставі наказу", "nhs_contract_price": 50000, "nhs_payment_method": "BACKWARD", "status": "NEW", "status_reason": "Не відповідає попереднім домовленостям", "issue_city": "Київ", "contract_number": "0000-9EAX-XT7X-3115", "contract_id": "df9f70ee-4b12-4740-b0f5-bb5aea116863", "parent_contract_id": "22e416c4-5747-41cd-9f73-c3a85cdee885", "start_date": "2017-04-20", "end_date": "2017-04-20", "printout_content": "Contract request content", "previous_request_id": "df9f70ee-4b12-4740-b0f5-bb5aea116863", "assignee_id": "22e416c4-5747-41cd-9f73-c3a85cdee885", "updated_at": "2017-04-20T19:14:13Z", "inserted_at": "2017-04-20T19:14:13Z" } }

 

{ "meta": { "code": 201, "url": "https://example.com/resource", "type": "object", "request_id": "6617aeec-15e2-4d6f-b9bd-53559c358f97#17810" }, "data": { "id": "09106b70-18b0-4726-b0ed-6bda1369fd52", "contract_type": "REIMBURSEMENT", "contractor_legal_entity": { "id": "df9f70ee-4b12-4740-b0f5-bb5aea116863", "name": "Клініка Ноунейм", "edrpou": "32323454", "addresses": [ { "type": "RESIDENCE", "country": "UA", "area": "Житомирська", "region": "Бердичівський", "settlement": "Київ", "settlement_type": "CITY", "settlement_id": "b075f148", "street_type": "STREET", "street": "вул. Ніжинська", "building": "15", "apartment": "23", "zip": "02090" } ] }, "contractor_owner": { "id": "b075f148-7f93-4fc2-b2ec-2d81b19a9b7b", "party": { "first_name": "Петро", "last_name": "Іванов", "second_name": "Миколайович" } }, "contractor_base": "на підставі закону про Медичне обслуговування населення", "contractor_payment_details": { "bank_name": "Банк номер 1", "MFO": "351005", "payer_account": "32009102701026" }, "id_form": "RMB-1", "nhs_signer": { "id": "b075f148-7f93-4fc2-b2ec-2d81b19a9b7b", "party": { "first_name": "Петро", "last_name": "Іванов", "second_name": "Миколайович" } }, "nhs_legal_entity": { "id": "df9f70ee-4b12-4740-b0f5-bb5aea116863", "name": "Клініка Ноунейм", "edrpou": "32323454", "addresses": [ { "type": "RESIDENCE", "country": "UA", "area": "Житомирська", "region": "Бердичівський", "settlement": "Київ", "settlement_type": "CITY", "settlement_id": "b075f148", "street_type": "STREET", "street": "вул. Ніжинська", "building": "15", "apartment": "23", "zip": "02090" } ] }, "nhs_signer_base": "на підставі наказу", "nhs_contract_price": 50000, "nhs_payment_method": "BACKWARD", "status": "NEW", "status_reason": "Не відповідає попереднім домовленостям", "issue_city": "Київ", "contract_number": "0000-9EAX-XT7X-3115", "contract_id": "df9f70ee-4b12-4740-b0f5-bb5aea116863", "parent_contract_id": "22e416c4-5747-41cd-9f73-c3a85cdee885", "start_date": "2017-04-20", "end_date": "2017-04-20", "printout_content": "Contract request content", "previous_request_id": "df9f70ee-4b12-4740-b0f5-bb5aea116863", "assignee_id": "22e416c4-5747-41cd-9f73-c3a85cdee885", "medical_programs": [ "3914a240-63db-404e-b730-09222bfeb2d0" ], "updated_at": "2017-04-20T19:14:13Z", "inserted_at": "2017-04-20T19:14:13Z" } }

HTTP status codes

HTTP status code

Message

What caused the error

HTTP status code

Message

What caused the error

 201

 Response

 

 401

  1.  Error

  2. Token is expired

  1.   Access token validation failed

403

  • User is not active

  • Client is not active

  • User is not allowed to perform this action

  • Your scope does not allow to access this resource. Missing allowances: contract_requests:update

 

404

not_found

 

409

Incorrect status of contract request to modify it

 

422

 

Validation failed

ЕСОЗ - публічна документація