Open

Validate request

Open

Validate request using JSON schema

JSON Schema

Authorize

1.  

   1. Verify the validity of access token

   2. Check user scope declaration_request:create in order to perform this action

Validate Legal Entity Type

Validate legal entity from token:  legal_entities.type should be in DECLARATION_REQUEST_LEGAL_ENTITY_TYPES and legal_entities.status =='active' 

Validate doctor

Get employee details

Invoke Get employee details

Validate Response $.data.employee_type == DOCTOR

Calculate patient age

Calculate patient age

Get global parameters

Invoke Global parameters to get following parameters:

• ADULT_AGE

• DECLARATION_TERM

• phone_number_auth_limit

cURL example

Response example

Check that doctor speciality meets the patient age requirements

1. Get doctor's speciality_officio (speciality object where speciality_officio == true)

2. Check age requirements according to global parameters

Check phone number

Invoke Check phone number WS in order to check phone number exists in DB.

Phone number: $.declaration_request.person.phones.[0].number

cURL example

Successful response example

Failed response example

Search pending declaration requests

Search declarations in IL_DB.declaration_requests to prevent requests duplication:

• if tax_id is not null

• if tax_id is null

Cancel declaration requests

Change status of all found declarations:

Search pending declaration requests

Search persons request in IL_DB.person_requests to prevent requests duplication:

• if tax_id is not null

• if tax_id is null

If found person request - don't create person request. Return error "This person already has a person request"

Calculate declaration end/start date

Declaration 

Start date:

End date:

Validate confidant person

If person age < 14 check existence of confidant_person

 - in case error return 422 - msg "Confidant person is mandatory for children"

Save declaration request

Insert record to IL.declaration_request in status 'NEW'

Check "no_tax_id" flag

• If "no_tax_id"= true, tax_id field should be empty, in case error return 422

• If "no_tax_id"=false and age>14, tax_id should be present, in case error return 422

Validate person_id

USE_DEDUPLICATION_MODEL - is a flag in in ehealth.charts that turn on logic:

If person.id is in request then 

• validate person.id is UUID

  • in case error return 422

• search person by person.id in MPI 

  • in case error return 422, "such person doesn't exist"

• search persons in mpi (Пошук персон. Версія 3)

  • If new person's tax_id and authentication_number match with founded person by passed person.id - add mpi_id to declaration request
    
    

    • else validate person be deduplication model (if score >  PERSON_ONLINE_DEDUPLICATION_MATCH_SCORE, then add mpi_id to declaration request)

      • else return error 409, "such person can't be updated. New person should be created instead"

If person.id is not in request then 

• search persons in mpi (Пошук персон. Версія 3)

  • If we found person by tax_id and authentication_number

    • return error 409, "such person exists. Update this person."

  • In case authentication_method = OFFLINE, or don't found authentication_number, or we found authentication_number but tax_id don't match - We create pairs of new person with people from cluster and send to the model.
    
    

    • in case deduplication model gave score <  PERSON_ONLINE_DEDUPLICATION_MATCH_SCORE, create new person

    • else return error 409, "such person exists. Update this person.

Validate phone number limit

USE_PHONE_NUMBER_AUTH_LIMIT is a flag in ehealth.charts that shows whether we count phones or not.

• in case person is found, person_id will be saved to declaration_request, and person has the same authentication_methods.phone_number, we do not count phone numbers and do not compare the phone number with global_parameters.phone_number_auth_limit. So that we can update person, but still can not use phone over limit.

• In case person is not found

  • Check if (SELECT count(*) from persons where authentication_methods::json->0->>'phone_number'='$.phone_number' and persons.status='active' and is_active=true)<global_parameters.phone_number_auth_limit
    in case error return 422, msg "This phone number is present more then $.global_parameters.phone_number_auth_limit times in the system"

Validate declaration limit

1. Count all declarations in status active where OPS.declarations.employee_id==$.declaration_request.employee_id
   1.1 If there is an active declaration with the current person, exclude it from the selection in order to let doctor resign declaration with current patient

2. Count all declaration_requests in status approved where IL.declaration_requests.data($.employee.id) ==$.declaration_request.employee_id

3. Get all specialities of current doctor

   1. Select speciality from PRM.employees where PRM.employees.party_id == (select PRM.employees.party_id where PRM.employees.id=$.declaration_request.employee_id)

4. Select config parameter for declarations_limit where speciality == select 3 

5. Compare the result of selections 1+2 with the lowest config parameter from select 4. In case count (declarations+declaration_requests )> config_parameter, return 409 "The employee has reached the declaration limit"

Validate person authentication phone

USE_DEDUPLICATION_MODEL - is a flag in in ehealth.charts that turn on logic:

If person have confidant_person, then person.auth_phone = person.confident_person.phone

• in case error return 422 - msg "Person must have same phone as the confidant person"

Validate person documents

1. issued_at, issued_by is mandatory for documents

2. Validate dates

   1. issued_at <= now() and issued_at => birth_date

      1.  in case `issued_at > now()` show error 422, "Document issued date should be in the past"

      2.  in case `issued_at < person.birth_date` show error 422, "Document issued date should greater than person.birth_date "

   2. expiration_date > now()

      1.  in case error show 422, "Document expiration_date should be in future"

      2. expiration_date is mandatory for document_type

         • NATIONAL_ID

         • COMPLEMENTARY_PROTECTION_CERTIFICATE

         • PERMANENT_RESIDENCE_PERMIT

         • REFUGEE_CERTIFICATE

         • TEMPORARY_CERTIFICATE

         • TEMPORARY_PASSPORT

      3. in case error return 422, "expiration_date is mandatory for document_type $.documents.type"

3. Validate documents_type.number according to json schema 

   1. PASSPORT - `^((?![ЫЪЭЁ])([А-ЯҐЇІЄ])){2}[0-9]{6}$`

   2. NATIONAL_ID - `^[0-9]{9}$`

   3. BIRTH_CERTIFICATE - ` ^(?![ЫЪЭЁыъэё@%&$^#`~:,.*|}{?!])[A-ZА-ЯҐЇІЄ0-9№\\/()-]+$ `

   4. COMPLEMENTARY_PROTECTION_CERTIFICATE - `^((?![ЫЪЭЁ])([А-ЯҐЇІЄ])){2}[0-9]{6}$`

   5. PERMANENT_RESIDENCE_PERMIT - `^((?![ЫЪЭЁ])([А-ЯҐЇІЄ])){2}[0-9]{6}$`

   6. REFUGEE_CERTIFICATE - `^((?![ЫЪЭЁ])([А-ЯҐЇІЄ])){2}[0-9]{6}$`

   7. TEMPORARY_CERTIFICATE - `^((?![ЫЪЭЁ])([А-ЯҐЇІЄ])){2}[0-9]{6}$`

   8. TEMPORARY_PASSPORT - `` ^(?![ыъэ@%&$^#`~:,.*|}{?!])[А-ЯҐЇІЄа-яґїіє0-9 №\\\"()-]+$ `

4. if `unzr`exists and is not null and matches "^[0-9]{8}-[0-9]{5}$" check if first 8 symbols = birth_date

   1. in case error return 422, msg "unzr or birthdate are not correct"

5. if documents.type=NATIONAL_ID

   1. check if unzr exists in request, in case error return 422, msg "unzr is mandatory for document type NATIONAL_ID"

6. Document numbersmaxLength < 25 

Determine auth method

Determine Channel

1. channel from url
   
   

   1. if url is for cabinet сhannel set declaration_request.сhannel = CABINET

      1. if not - set declaration_request.сhannel = MIS

Generate printout form

Invoke MAN to render print form.

Request mapping:

cURL example

Set IL.declaration_request.printout_content:

Generate upload URL

Depending on the payload system generates list of signed urls for document scan-copies upload.

Signed URLs to be expired after some period of time (configurable `SECRETS_TTL`). If it has been expired - new declaration request should be created.

Each link is generated for one one-page document in jpeg format. Document should be no more than 10MB.

For On-line

1. if no_tax_id = true

   1. Generate URL with type person.no_tax_id

For Offline

1. If $.declaration_request.person.tax_id not null:

• Generate URL with type person.tax_id

2. For each $.declaration_request.person.documents:

• Generate URL's with type person.{$.declaration_request.person.documents.[:].type}

3. If $.declaration_request.person.confidant_person.[:].tax_id not null, for each:

• Generate URL with type confidant_person.{confidant_person.type}.tax_id

4. For each $.declaration_request.person.confidant_person.[:].documents_person:

• Generate URL's with type confidant_person.{confidant_person.type}.{$.declaration_request.person.confidant_person.[:].documents_person.[:].type}

5. For each $.declaration_request.person.confidant_person.[:].documents_relationship:

• Generate URL's with type confidant_person.{confidant_person.type}.{$.declaration_request.person.confidant_person.[:].documents_relationship.[:].type}

6.  If no_tax_id = true

1. Generate URL with type person.no_tax_id

Invoke Media Content Storage to generate upload URL for each document obtained by executing logic above

IL.declaration_request.documents structure:

Save documents to DB.

Generate verification code

Invoke Initialize OTP to generate one time password and send it to client number.

Phone_number: IL.declaration_request.authentication_method_current.$.authentication_number

cURL example

Generate human readable declaration number

• Use algorithm to generate declaration_number

• Declaration number should consist of a 4 serial symbols and 8 number symbols and looks like XXXX-12H4-245D

• Add field to ops.declarations and il.declaration_requests - declaration_number 

• Add declaration_number to print out form

Validate uniqueness of human readable declaration number

• generate declaration_number

• Search declaration_number in declaration_requests.declaration_number

• if exists = go to 'generate declaration_number'

• else save declaration_number to declaration_request