1 Purpose
2 Specification
3 Logic
4 Dictionaries
5 Request structure
6 Authorize
7 Headers
8 Request data validation
- 8.1 Validate request
- 8.2 Validate legal entity
- 8.3 Validate person
- 8.4 Validate preperson
- 8.5 Validate authorize_with
9 Generate verification code
10 Processing
- 10.1 Save object to DB
11 Response structure
12 HTTP status codes

Purpose

This WS allows linking medical data of an unidentified person to a person in eHealth. Thus it helps a person who was unidentified during some period to store all its medical history.

Specification

Link	https://ehealthmisapi1.docs.apiary.io/#reference/public.-medical-service-provider-integration-layer/merge-request/create-merge-request	Посилання на Apiary або Swagger
Resource	/api/merge_requests	Посилання на ресурс, наприклад: /api/persons/create
Scope	merge_request:write	Scope для доступу
Components	Patient registry	Зазначається перелік бізнес компонентів, які використовують цей метод, наприклад: ePrescription
Microservices	il/api mpi/api fe/admin-web	Перелік мікросервісів, які використовує метод API, наприклад: Auth, ABAC
Protocol type	REST	Тип протоколу, який використовується запитом, наприклад: SOAP \| REST
Request type	POST	Тип запиту API, наприклад: GET, POST, PATCH…
Sync/Async	Sync	Метод є синхронним чи асинхронним?
Public/Private/Internal	Public	Потрібно зазначити тип методу за ступенем доступності

Logic

Only authenticated and authorized SPECIALIST, ASSISTANT or RECEPTIONIST employees can merge prepersons with prepersons.
Prepersons can be merged in EMERGENCY or OUTPATIENT legal entities.
Employee can merge any active preperson to any active person.
To merge person with preperson only their MPI ids needed.
Change status should be logged in the Event manager.

Dictionaries

AUTHENTICATION_METHOD
DOCUMENT_TYPE

Request structure

Example:

{
  "master_person_id": "7c3da506-804d-4550-8993-bf17f9ee0402",
  "merge_person_id": "7c3da506-804d-4550-8993-bf17f9ee0403",
  "authorize_with": "cc949559-5dfe-420f-ac05-065e443b2cc6"
}

Authorize

Verify the validity of access token
1. Return 401 in case validation fails
Check user scopes in order to perform this action (scope = 'merge_request:write')
1. Return 403 in case invalid scope(s)

Headers

Content-Type:application/json

Authorization:Bearer {{access_token}}

Api-key:{{secret}}

Request data validation

Validate request

Validate request using schema (TBD)

Validate legal entity

Check that legal entity is active (status = ACTIVE)

Extract client_id from token
Check legal entity status (status = ACTIVE)
1. In case of error - return 409 (Legal entity must be ACTIVE)

Validate person

Ensure master_person_id is person

Validate master_person_id UUID
1. In case of error - return 422
Find person by id in mpi.persons
1. In case of error - return 404 ( Person not found)
Check person status is active
1. In case of error - return 409 (Person is not active)

Validate preperson

Ensure merge_person_id is preperson

Validate merge_person_id UUID
1. In case of error - return 422
Find preperson by id in mpi.prepersons
1. In case of error - return 404 (Preperson not found)
Check preperson status is active in mpi.prepersons
1. In case of error - return 409 (Preperson is not active)
Check if exists another preperson merge requests with status NEW or APPROVED for this preperson
1. if exists - update status of another requests to CANCELLED
Check if preperson has at least one episode( status!= "entered_in_error")
1. if no episodes - return 409 (Preperson has no episodes)

Validate authorize_with

If submitted, validate authorize_with field for a person as described on create Person request process. But for success case set it to il.merge_requests.authentication_method_current field instead.

Generate verification code

Validate person authentication method in mpi.person_authentication_methods table:

If type is OTP or THIRD_PERSON - Generate verification code as on create patient request process.
If type is OFFLINE - Generate uploaded URLs as on create patient request process. Set il.merge_requests.documents

In case no auth methods found (null) - return error with code 409 (Person has no auth methods)

Processing

Save object to DB

il.merge_requests table

Parameter	Source	Description

Parameter	Source	Description
id	uuid	Autogenerated
data	jsonb	Contains data for signed_content in json format. At this step is null. Optional field
master_person_id	Request: master_person_id	Person identifier in MPI (mpi.persons.id). Required
merge_person_id	Request: merge_person_id	Preperson identifier that corresponds to MPI.prepersons.id (returned on create preperson). Required
status	string	Status of the request, required. Set NEW
merged_pair_id	uuid	Reference to mpi.merged_pairs table when person becomes merged with preperson (on sign). By default is null.
printout_form	text	Printout form of preperson merge request in html format. By default is null at this step
legal_entity_id	Request: client_id	Legal entity where request was created. Client_id extracted from token. Required
documents	jsonb	urls of the person`s documents if chosen authentication method is OFFLINE
authentication_method_current	jsonb	Person current authentication method.
is_active	bool	Technical flag. By default is true
inserted_by	uuid	Extract user from token
inserted_at	timestamp	Get current date-time
updated_by	uuid	Extract user from token
updated_at	timestamp	Get current date-time

Response structure

See on Apiary