ЕСОЗ - публічна документація

Get equipment details by ID

Purpose

This WS is designed to receive detailed information about equipment by ID

Specification

Link

https://ehealthmisapi1.docs.apiary.io/#reference/public.-medical-service-provider-integration-layer/equipment/get-equipment-details-by-id

Посилання на Apiary або Swagger

Resource

/api/equipment/{{id}}

Посилання на ресурс, наприклад: /api/persons/create

Scope

equipment:read

Scope для доступу

Components

Devices and equipment

Зазначається перелік бізнес компонентів, які використовують цей метод, наприклад: ePrescription

Microservices

API paragraph not found

Перелік мікросервісів, які використовує метод API, наприклад: Auth, ABAC

Protocol type

REST

Тип протоколу, який використовується запитом, наприклад: SOAP | REST

Request type

GET

Тип запиту API, наприклад: GET, POST, PATCH…

Sync/Async

Sync

Метод є синхронним чи асинхронним?

Public/Private/Internal

Public

Потрібно зазначити тип методу за ступенем доступності

Logic

  1. Only authenticated and authorized HR, ADMIN, OWNER employees from MSP, OUTPATIENT, PRIMARY_CARE, EMERGENCY legal entities can get the equipment by id.

  2. Service returns only equipment related to the same legal entity as the user. User with role NHS ADMIN can get any equipment from any legal entity.

  1. Get equipment details from prm.equipments table by equipment id from request

  2. Preload equipment names from prm.equipment_names

  3. Render response according to specification.

Input parameters

Input parameter

Values

Type

Description

Example

Input parameter

Values

Type

Description

Example

id

 

String

Equipment identifier.

Required

d290f1ee-6c54-4b01-90e6-d701748f0851

Request structure

API paragraph not found

Authorize

  1. Verify the validity of access token

    1. Return 401 in case validation fails

  2. Verify that token is not expired

    • in case of error - return (401, 'Invalid access token')

  3. Check scopes in order to perform this action (scope = 'equipment:read')

    1. Return 403 in case invalid scope(s)

Headers

Наприклад:

Content-Type:application/json

Authorization:Bearer c2778f3064753ea70de870a53795f5c9

api-key:uXhEczJ56adsfh3Ri9SUkc4en

Request data validation

Validate equipment

  1. Check that equipment with such ID exists in the system (is_active = true)

    1. In case of error - return 404

  2. Check that equipment with such ID belongs to to the same legal entity as the user OR user has NHS ADMIN role.

    1. In case of error - return 403

Validate legal entity

Check that requested equipment belongs to the same legal entity as user

  • Extract client_id from token

  • Check that equipments.legal_entity_id == client_id

    • in case of error - return 403

Processing

Response structure

Example:

{ "meta": { "code": 200, "url": "https://example.com/resource", "type": "object", "request_id": "6617aeec-15e2-4d6f-b9bd-53559c358f97#17810" }, "data": { "id": "7c3da506-804d-4550-8993-bf17f9ee0402", "division_id": "8be63914-a278-470b-b868-1af5b9087332", "legal_entity_id": "483af06f-d4c6-4c9e-8d9b-680b5ef7270d", "type": "23143534", "external_id": "123-ASD-#1", "udi": [ { "value": "IMEI 49015420323751", "type": "default", "assigner_name": "Ukrainian center of the certification" } ], "lot_number": "RZ12345678", "manufacturer": "GlobalMed, Inc", "manufacture_date": "1999-01-01", "expiration_date": "2020-01-01", "model_number": "NSPX30", "part_number": "#e30-SD", "version": "v1.0.1", "name": "Рентген апарат флюрографічній", "serial_number": "S/N234554", "note": "Технічний огляд раз на рік", "status": "ACTIVE", "is_active": true, "inserted_at": "2017-04-20T19:14:13Z", "inserted_by": "e1453f4c-1077-4e85-8c98-c13ffca0063e", "updated_at": "2017-04-20T19:14:13Z", "updated_by": "2922a240-63db-404e-b730-09222bfeb2dd" } }

HTTP status codes

HTTP status code

Message

What caused the error

HTTP status code

Message

What caused the error

200

 Response

 

401

 

Access token validation failed

403

 

  • Invalid scope(s)

  • Validation failed

404

 

Validation failed

 

ЕСОЗ - публічна документація