1 Purpose
2 Specification
3 Logic
4 Request structure
5 Authorize
6 Headers
7 Request data validation
- 7.1 Validate legal entity
- 7.2 Validate digital signature
- 7.3 Validate request using JSON Schema
- 7.4 Validate permission to cancel
- 7.5 Validate transition
- 7.6 Validate cancelation reason
- 7.7 Validate content
8 Processing
- 8.1 Service logic
9 Response structure
10 Post-processing processes
11 HTTP status codes

Purpose

This method must be used to cancel existing Service Request.

Specification

Link	https://medicaleventsmisapi.docs.apiary.io/#reference/service-requests/manage-service-requests-in-patient-context/cancel-service-request
Resource	/api/patients/{{id}}/service_requests/{{id}}/actions/cancel
Scope	service_request:cancel
Components	Service request
Microservices	API paragraph not found
Protocol type	REST
Request type	PATCH
Sync/Async	Async
Public/Private/Internal	Public

Logic

https://e-health-ua.atlassian.net/wiki/spaces/EH/pages/583402503

This method must be used to cancel existing Service Request. Method receives signed message (pkcs7) that consists of signed content, digital signature and signer public key. All signature fields will be validated (including signer certificate authority)

Important

Signed content of service request must be equal to service request stored in DB. See Get Service Request details
status_reason and explanatory_letter (optional) must be added to signed content

Please see Service request (Referral) state model and Dummy Cancel Service Request for more details

Scopes required: service_request:cancel

It can be processed in both sync and async methods depends on Server decision.

Request structure

See on Apiary

Example:

{
  "signed_data": "ew0KICAicGVyaW9kIjogew0KIC..."
}

Authorize

Verify the validity of access token
- Return (401, 'unauthorized') in case of validation fails
Verify that token is not expired
- in case of error - return (401, 'unauthorized')
Check user scopes in order to perform this action (scope = 'service_request:cancel')
1. Return (403, 'invalid scopes') in case of invalid scope(s)

Request to process the request using a token in the headers

Headers

Наприклад:

Content-Type:application/json
Authorization:Bearer: {{access_token}}
api-key: {{secret}}

Request data validation

Validate legal entity

Check legal entity type: it has to be in me_allowed_transactions_le_types config parameter, has status = active and nhs_verified = true
- in case of error return 409 "Action is not allowed for the legal entity"

Validate digital signature

Decode content that is encrypted in an electronic digital signature.
Use Digital signature WS. Method checks digital signature and returns result.
See service specification

Ensure that digital signature is valid
Validate that requester of service request is a current user

2.1. Get token metadata

Extract user_id, client_id, client_type

2.2. Determine the party_id associated with this user_id

SELECT pu.party_id FROM party_users pu
WHERE pu.user_id = :user_id;

2.3. Determine employees related to this party_id in current MSP

SELECT e.id FROM employees e WHERE e.party_id = :party_id
AND e.legal_entity_id = :client_id;

2.4 Ensure that $.requester.identifier.value matches with user employees

Validate that DS belongs to the requester of encounter

3.1. Determine the party_id associated with requester ($.requester.identifier.value)

Validate request using JSON Schema

Return 422 with the list of validation errors in case validation fails

Validate permission to cancel

Only doctor who signed this service request is able to cancel this service request

Implemented by DS validation (see Validate digital signature p.2)

Validate transition

Only active service request can be canceled

Get current service request status
1. Check that status in ('active', 'completed')
  1. in case of error - return 409 error ('Service request in status %status% cannot be canceled')

Validate cancelation reason

Validate $.status_reason.code is a value from eHealth/service_request_cancel_reasons dictionary
1. in case of error - return 422 ("value is not allowed in enum")

Validate content

Signed content must match with service request in DB in order to be canceled

Render service request from DB
Exclude $.status_reason and $.explanatory_letter from signed content
Compare rendered service request and signed content
1. In case both object doesn't match - return 422 ('Signed content doesn't match with previously created service request')

Processing

Service logic

Save signed content to media storage
Update service request status to entered_in_error (update also updated_at, updated_by)
Write record to status history
Send SMS to patient (if authentication_method_current == SMS)
1. Template - TBD
Async! Revoke all approvals made by this service request
if the service request is based on the activity with quantity:
1. Recalculate and set remaining_quantity for the activity as described at PreQualify Service Request | Validate service request

Response structure

See on Apiary

Example:

Post-processing processes

API paragraph not found

HTTP status codes

HTTP status code	Message	What caused the error

HTTP status code	Message	What caused the error
201	use payload from response	sync
202	use Get job details to get processing result. Response payload will be returned in the job details	async: default method