1 Purpose
- 1.1 Key features
2 Specification
3 Logic
4 Preconditions
5 Input parameters
6 Dictionaries
7 Request structure
8 Authorize
9 Headers
10 Request data validation
- 10.1 JSON Schema
11 Processing
- 11.1 Get person request details
- 11.2 Determine authorization method
- 11.3 Check uploaded documents
- 11.4 Generate printout form
  - 11.4.1 cURL example
- 11.5 Change person request
12 Response structure
13 HTTP status codes

Purpose

Use this method to approve previously created Person Request.

Key features

Only authenticated and authorized user can use this service
Only NEW person request can be activated
The request can be activated only by the employee who works in the same legal entity in which the request was made.

Specification

Link	https://ehealthmisapi1.docs.apiary.io/#reference/public.-medical-service-provider-integration-layer/person-requests/approve-person-request	Посилання на Apiary або Swagger
Resource	/api/person_requests/{{id}}/actions/approve	Посилання на ресурс, наприклад: /api/persons/create
Scope	person_request:write	Scope для доступу
Components	Patient registry	Зазначається перелік бізнес компонентів, які використовують цей метод, наприклад: ePrescription
Microservices	il/api fe/admin-web	Перелік мікросервісів, які використовує метод API, наприклад: Auth, ABAC
Protocol type	REST	Тип протоколу, який використовується запитом, наприклад: SOAP \| REST
Request type	PATCH	Тип запиту API, наприклад: GET, POST, PATCH…
Sync/Async	Sync	Метод є синхронним чи асинхронним?
Public/Private/Internal	Public

Logic

approve_request.graphml

Preconditions

Person request must be created.

Input parameters

Input parameter	Values	Type	Description	Example

Input parameter	Values	Type	Description	Example
id		String	Required	eeebb86d-5cba-43c9-885b-6482ecaf826b

Dictionaries

GENDER
DOCUMENT_TYPE
ADDRESS_TYPE
COUNTRY
SETTLEMENT_TYPE
STREET_TYPE
PHONE_TYPE
CONFIDANT_PERSON_TYPE
PREFERRED_WAY_COMMUNICATION
DOCUMENT_RELATIONSHIP_TYPE

Request structure

Example:

{
  "verification_code": 6598
}

Authorize

Verify the validity of access token
1. Return 401 in case validation fails.
Check scopes in order to perform this action (scope = 'person_request:write')
1. Return 403 in case invalid scope(s).

Headers

Content-Type:application/json

Authorization:Bearer {{access_token}}

api-key:{{secret}}

Request data validation

Validate request using JSON schema
1. In case validation failed - generate 422 error

JSON Schema

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "properties": {
    "verification_code": {
      "type": "string"
    }
  },
  "required": [
    "verification_code"
  ],
  "additionalProperties": false
}

Processing

Get person request details

Get person request from IL_DB.person_request

Determine authorization method

Get authorization_method from IL_DB.person_request

SELECT IL_DB.person_request.authentication_method
FROM   IL_DB.person_request
WHERE IL_DB.person_request.id = :id

If authentication_method is NA - return error

If person have block confidant_person - check uploaded the confidant person's document and the document which confirms the guardianship.

If person's authentication_method == OFFLINE - check uploaded documents

If authentication_method = OTP (or THIRD_PERSON.auth_method = OTP) - verify SMS code and add phone to db.verification.verified_phones

If authentication_method = THIRD_PERSON and third_person.auth_method = OFFLINE - check uploaded documents from third person

Invoke verification module to verify OTP

OTP Verification

Check uploaded documents

Invoke Media Content Storage to check documents exist

Media Content Storage

Generate printout form

Invoke MAN to render print form.

Request mapping:

Parameter	Source

Parameter	Source
id	PERSON REQUEST

cURL example

Set IL.person_request.printout_content:

Change person request

Change entity status in IL_DB.person_request to APPROVED
Set updated_at - now() (Get current date-time)
Set updated_by - user_id (Extract user from token)

Response structure