Сторінка знаходиться в процесі розробки. Інформація на ній може бути застарілою.

https://e-health-ua.atlassian.net/wiki/spaces/EN/pages/17591304241 (remove the link block before publishing the document)

Properties of a REST API method document

Document type	Метод REST API
Document title	[Document status] REST API [Назва методу] [ID методу]
Guideline ID	GUI-0011
Author	@
Document version	1
Document status	DRAFT
Date of creation	ХХ.ХХ.ХХХХ (дата фінальної версії документа – RC або PROD)
Date of update	ХХ.ХХ.ХХХХ (дата зміни версії)
Method API ID	API-005-002-002-0046
Microservices (namespace)	IL
Component	Contracts
Component ID	COM-005-002
Link на API-специфікацію
Resource	{{host}}/api/contract_requests/{{id}}/actions/approve
Scope	contract_request:update
Protocol type	REST
Request type	PATCH
Sync/Async	Sync
Public/Private	Private

Purpose

This WS is designed to change status of contract request to APPROVED by NHS ADMIN SIGNER. NHS employee can change status of contract request through Admin portal

Logic

To approve contract next fields must be signed by NHS employee and sent by same NHS employee in base64 format (all fields below are required): In DS EDRPOU/DRFO must be equal to contractor_legal_entity.edrpou

Configuration parameters

Description of the configuration parameters that are used when processing a request in the system

Dictionaries

Provides a list of links to dictionaries that are available in Confluence

Input parameters

Description of input parameters

	Input parameter	Mandatory	Type	Description	Example

	Input parameter	Mandatory	Type	Description	Example
1	id		String	Required	b075f148-7f93-4fc2-b2ec-2d81b19a9b7b
2

Request structure

See on API-specification (посилання на сторінку з API-специфікацією)

Description of the REST API request structure, example

{
  "signed_content": "ew0KImlkIjoiMDkxMDZiNzAtMThiMC00NzI2LWIwZWQtNmJkYTEzNjlmZDUyIiwNCiJjb250cmFjdG9yX2xlZ2FsX2VudGl0eSI6IHsNCiAgICAgICJpZCI6ICJkZjlmNzBlZS00YjEyLTQ3NDAtYjBmNS1iYjVhZWExMTY4NjMiLA0KICAgICAgIm5hbWUiOiAi0JrQu9GW0L3RltC60LAg0J3QvtGD0L3QtdC50LwiLA0KICAgICAgImVkcnBvdSI6ICIzMjMyMzQ1NCINCiAgICB9LA0KInRleHQiOiAic3RhdGljX3RleHQiDQp9",
  "signed_content_encoding": "base64"
}

Headers

	Key	Value	Mandatory	Description	Example

	Key	Value	Mandatory	Description	Example
1	Content-Type	application/json	M	Тип контенту	Content-Type:application/json
2	Authorization	Bearer c2778f3064753ea70de870a53795f5c9	M	Перевірка користувача	Authorization:Bearer c2778f3064753ea70de870a53795f5c9
3

Request data validation

Validate token

Verify the validity of access token
- Return 401 in case validation fails
Check if token is not expired
- in case error return 401 - "Token is expired"

Validate user

extract user_id from token

extract client_id from token

Check if user is active
- in case error return 403 - (user is not active)
check nhs_legal_entity is active
- in case error return 403 - (Client is not active)
Check user role = "NHS ADMIN SIGNER"
- in case error return 403 "User is not allowed to perform this action"

Validate scopes

Check user scopes in order to perform this action (scope = 'contract_requests:update')
- Return 403 in case invalid scope(s) "Your scope does not allow to access this resource. Missing allowances: contract_requests:update"

Digital signature

Decode content that is encrypted in an electronic digital signature.
Use Digital signature WS. Method checks digital signature and returns result.

Validate EDRPOU

Check that EDRPOU in Certificate details exists and not empty
1. in case of error return 422 error ('Invalid EDRPOU in DS')
Check that EDRPOU in Certificate details is equal to EDPOU in legal entity
1. Get client_id from token.
2. Find prm.legal_entities id by client_id
3. Compare EDRPOU in Certificate with legal_entities.edrpou
4. In case validation fails - generate 422 error
Check that SURNAME in Certificate details is equal to LAST_NAME in Party
1. Get user_id → user_parties.party_id → parties.last_name and compare to surname from DS
  1. Convert prm.parties.LAST_NAME and Certificate details.SURNAME to uppercase
  2. Compare prm.parties.LAST_NAME and Certificate details.SURNAME as Cyrillic letters
  3. In case validation fails - generate 422 error

Validate DRFO

Get parties.tax_id using party_users.party_id by user_id.
Compare DRFO in Certificate with party.tax_id
1. Convert DRFO and TAX_ID to uppercase
2. Compare DRFO and TAX_ID as Cyrillic letters
3. Convert DRFO to Cyrillic and compare as Cyrillic letters
In case validation fails - generate 422 error

Validate request

Check that all fields are present in signed content
1. "id"
2. "contractor_legal_entity":
  1. "id"
  2. "name"
  3. "edrpou"
3. next_status
4. "text"
Check next_status
1. for contract type CAPITATION='APPROVED'. In case error return 422 "Incorrect next_status"
2. for contract type REIMBURSEMENT='PENDING_NHS_SIGN'. In case error return 422 "Incorrect next_status"
Validate contract request id
1. Check contract request with contract_request.id = $.id exists
  1. in case of error return 404 ("not_found")
2. Check contract_requests.id = $.id
  1. in case of error return 422 ("Signed content does not match the previously created content")
Validate contract_request.status=IN_PROCESS
1. in case error return 409 - "Incorrect status of contract request to modify it"
Validate nhs side fields are not empty - in case error return 422 "Field $ could not be empty"
1. nhs_signer_id
2. nhs_legal_entity_id
3. nhs_signer_base
4. nhs_contract_price - for capitation only
5. nhs_payment_method
6. issue_city
7. medical_program_id - for reimbursement only
Validate contractor_legal_entity_id
1. Legal_entities.id = $.contractor_legal_entity_id and Legal_entities.status='ACTIVE' and is_active=true,
  1. in case error return 422 ('Legal entity is not active')
2. $contractor_legal_entity.edrpou in request=prm.legal_entities.edrpou
3. $contractor_legal_entity.name in request=prm.legal_entities.name
Validate contractor_owner_id
1. Employee is_active=true and status='APPROVED' and employees.legal_entity_id=contractor_legal_entity_id
  1. in case error return 422, $contractor_owner_id ('Contractor owner must be active within current legal entity in contract request')
Validate contractor_divisions
1. Check divisions belongs to legal_entity and divisions.status='active'
  1. in case of error return 422 error view $divisions ('Division must be active and within current legal_entity')
Capitation only: Validate contractor_employee_divisions
1. Check contractor_employee_divisions is not null
  1. in case of error return 422 error ('contractor_employee_divisions can not be empty')
2. Employees from employee_divisions has employee_type='DOCTOR', status='APPROVED'
  1. in case of error return 422 error view $employee ('Employee must be an active DOCTOR')
3. Check contractor_employee_divisions.division_id is present in contractor_divisions.id
  1. in case of error return 422 error $divisions ('The division is not belong to contractor_divisions')
Validate start_date
1. start_date > now()
  1. in case error return 422 $start_date ("Contract request start date should be in future")
Reimbursement only: Validate medical_program_id is an ID of an ACTIVE medical program.

Check uploaded documents

Invoke Media Content Storage to check documents exist.

Return validation error if it's not

Processing

Generate contract number

In case contract_number is null generate new contract number according to the rules

Save response data to DB

After response is generated response.data should be saved to DB contract_requests.data

Validate status

if contract_request.type=CAPITATION - set status=APPROVED
if contract_request.type=REIMBURSEMENT - set status=PENDING_NHS_SIGN

Mapping

field	value

field	value
nhs_signer_id	$.user_id
nhs_legal_entity_id	$.client_id
updated_by	$.user_id
updated_at	now()
status	APPROVED, PENDING_NHS_SIGN
data	$.data

Save signed contract request to media storage

Get url for contract request upload

Parameter
Source
action
'GET'
bucket
'CONTRACT_REQUEST'
resource_id
: CONTRACT_REQUEST_ID
resource_name
: CONTRACT_REQUEST_APPROVED
timestamp
:TIMESTAMP
Upload signed declaration to media storage

Add to event manager

After status was changed (status = APPROVED, PENDING_NHS_SIGN, DECLINED, TERMINATED or SIGNED) - add new status to event_manager

field	value

field	value
event_type	StatusChangeEvent
entity_type	Contract_request
entity_id	$.id
properties.status.new_value	$.status
event_time	$.update_at
changed_by	$.user_id
inserted_at	now()
updated_at	now()

Response structure examples

Description of the REST API response structure, example

Example:

{
  "meta": {
    "code": 201,
    "url": "https://example.com/resource",
    "type": "object",
    "request_id": "6617aeec-15e2-4d6f-b9bd-53559c358f97#17810"
  },
  "data": {
    "id": "09106b70-18b0-4726-b0ed-6bda1369fd52",
    "contract_type": "CAPITATION",
    "contractor_legal_entity": {
      "id": "df9f70ee-4b12-4740-b0f5-bb5aea116863",
      "name": "Клініка Ноунейм",
      "edrpou": "32323454",
      "addresses": [
        {
          "type": "RESIDENCE",
          "country": "UA",
          "area": "Житомирська",
          "region": "Бердичівський",
          "settlement": "Київ",
          "settlement_type": "CITY",
          "settlement_id": "b075f148",
          "street_type": "STREET",
          "street": "вул. Ніжинська",
          "building": "15",
          "apartment": "23",
          "zip": "02090"
        }
      ]
    },
    "contractor_owner": {
      "id": "b075f148-7f93-4fc2-b2ec-2d81b19a9b7b",
      "party": {
        "first_name": "Петро",
        "last_name": "Іванов",
        "second_name": "Миколайович"
      }
    },
    "contractor_base": "на підставі закону про Медичне обслуговування населення",
    "contractor_payment_details": {
      "bank_name": "Банк номер 1",
      "MFO": "351005",
      "payer_account": "32009102701026"
    },
    "contractor_rmsp_amount": 50000,
    "contractor_divisions": [
      {
        "id": "2922a240-63db-404e-b730-09222bfeb2dd",
        "name": "Бориспільське відділення Клініки Ноунейм",
        "addresses": [
          {
            "type": "RESIDENCE",
            "country": "UA",
            "area": "Житомирська",
            "region": "Бердичівський",
            "settlement": "Київ",
            "settlement_type": "CITY",
            "settlement_id": "b075f148",
            "street_type": "STREET",
            "street": "вул. Ніжинська",
            "building": "15",
            "apartment": "23",
            "zip": "02090"
          }
        ],
        "phones": [
          {
            "type": "MOBILE",
            "number": "+380503410870"
          }
        ],
        "email": "email@example.com",
        "working_hours": {
          "mon": [
            [
              "08.00",
              "12.00"
            ],
            [
              "14.00",
              "18.00"
            ]
          ],
          "tue": [
            [
              "08.00",
              "12.00"
            ]
          ],
          "wed": [
            [
              "08.00",
              "12.00"
            ]
          ],
          "thu": [
            [
              "08.00",
              "12.00"
            ]
          ],
          "fri": [
            [
              "08.00",
              "12.00"
            ]
          ]
        },
        "mountain_group": false
      }
    ],
    "contractor_employee_divisions": [
      {
        "employee": {
          "id": "b075f148-7f93-4fc2-b2ec-2d81b19a9b7b",
          "party": {
            "first_name": "Петро",
            "last_name": "Іванов",
            "second_name": "Миколайович"
          },
          "speciality": {
            "speciality": "THERAPIST",
            "speciality_officio": true,
            "level": "FIRST",
            "qualification_type": "AWARDING",
            "attestation_name": "Академія Богомольця",
            "attestation_date": "2017-02-28",
            "valid_to_date": "2020-02-28",
            "certificate_number": "AB/21331"
          }
        },
        "staff_units": 0.5,
        "declaration_limit": 2000,
        "division_id": "2922a240-63db-404e-b730-09222bfeb2dd"
      }
    ],
    "external_contractor_flag": true,
    "external_contractors": [
      {
        "legal_entity": {
          "id": "b075f148-7f93-4fc2-b2ec-2d81b19a9b7b",
          "name": "Клініка Ноунейм"
        },
        "contract": {
          "number": "1234567",
          "issued_at": "2018-01-01",
          "expires_at": "2019-01-01"
        },
        "divisions": [
          {
            "id": "2922a240-63db-404e-b730-09222bfeb2dd",
            "name": "Бориспільське відділення Клініки Ноунейм",
            "medical_service": "Послуга ПМД"
          }
        ]
      }
    ],
    "id_form": "PMD_1",
    "nhs_signer": {
      "id": "b075f148-7f93-4fc2-b2ec-2d81b19a9b7b",
      "party": {
        "first_name": "Петро",
        "last_name": "Іванов",
        "second_name": "Миколайович"
      }
    },
    "nhs_legal_entity": {
      "id": "df9f70ee-4b12-4740-b0f5-bb5aea116863",
      "name": "Клініка Ноунейм",
      "edrpou": "32323454",
      "addresses": [
        {
          "type": "RESIDENCE",
          "country": "UA",
          "area": "Житомирська",
          "region": "Бердичівський",
          "settlement": "Київ",
          "settlement_type": "CITY",
          "settlement_id": "b075f148",
          "street_type": "STREET",
          "street": "вул. Ніжинська",
          "building": "15",
          "apartment": "23",
          "zip": "02090"
        }
      ]
    },
    "nhs_signer_base": "на підставі наказу",
    "nhs_contract_price": 50000,
    "nhs_payment_method": "BACKWARD",
    "status": "NEW",
    "status_reason": "Не відповідає попереднім домовленостям",
    "issue_city": "Київ",
    "contract_number": "0000-9EAX-XT7X-3115",
    "contract_id": "df9f70ee-4b12-4740-b0f5-bb5aea116863",
    "parent_contract_id": "22e416c4-5747-41cd-9f73-c3a85cdee885",
    "start_date": "2017-04-20",
    "end_date": "2017-04-20",
    "printout_content": "Contract request content",
    "previous_request_id": "df9f70ee-4b12-4740-b0f5-bb5aea116863",
    "assignee_id": "22e416c4-5747-41cd-9f73-c3a85cdee885",
    "updated_at": "2017-04-20T19:14:13Z",
    "inserted_at": "2017-04-20T19:14:13Z"
  }
}

{
  "meta": {
    "code": 201,
    "url": "https://example.com/resource",
    "type": "object",
    "request_id": "6617aeec-15e2-4d6f-b9bd-53559c358f97#17810"
  },
  "data": {
    "id": "09106b70-18b0-4726-b0ed-6bda1369fd52",
    "contract_type": "REIMBURSEMENT",
    "contractor_legal_entity": {
      "id": "df9f70ee-4b12-4740-b0f5-bb5aea116863",
      "name": "Клініка Ноунейм",
      "edrpou": "32323454",
      "addresses": [
        {
          "type": "RESIDENCE",
          "country": "UA",
          "area": "Житомирська",
          "region": "Бердичівський",
          "settlement": "Київ",
          "settlement_type": "CITY",
          "settlement_id": "b075f148",
          "street_type": "STREET",
          "street": "вул. Ніжинська",
          "building": "15",
          "apartment": "23",
          "zip": "02090"
        }
      ]
    },
    "contractor_owner": {
      "id": "b075f148-7f93-4fc2-b2ec-2d81b19a9b7b",
      "party": {
        "first_name": "Петро",
        "last_name": "Іванов",
        "second_name": "Миколайович"
      }
    },
    "contractor_base": "на підставі закону про Медичне обслуговування населення",
    "contractor_payment_details": {
      "bank_name": "Банк номер 1",
      "MFO": "351005",
      "payer_account": "32009102701026"
    },
    "id_form": "RMB-1",
    "nhs_signer": {
      "id": "b075f148-7f93-4fc2-b2ec-2d81b19a9b7b",
      "party": {
        "first_name": "Петро",
        "last_name": "Іванов",
        "second_name": "Миколайович"
      }
    },
    "nhs_legal_entity": {
      "id": "df9f70ee-4b12-4740-b0f5-bb5aea116863",
      "name": "Клініка Ноунейм",
      "edrpou": "32323454",
      "addresses": [
        {
          "type": "RESIDENCE",
          "country": "UA",
          "area": "Житомирська",
          "region": "Бердичівський",
          "settlement": "Київ",
          "settlement_type": "CITY",
          "settlement_id": "b075f148",
          "street_type": "STREET",
          "street": "вул. Ніжинська",
          "building": "15",
          "apartment": "23",
          "zip": "02090"
        }
      ]
    },
    "nhs_signer_base": "на підставі наказу",
    "nhs_contract_price": 50000,
    "nhs_payment_method": "BACKWARD",
    "status": "NEW",
    "status_reason": "Не відповідає попереднім домовленостям",
    "issue_city": "Київ",
    "contract_number": "0000-9EAX-XT7X-3115",
    "contract_id": "df9f70ee-4b12-4740-b0f5-bb5aea116863",
    "parent_contract_id": "22e416c4-5747-41cd-9f73-c3a85cdee885",
    "start_date": "2017-04-20",
    "end_date": "2017-04-20",
    "printout_content": "Contract request content",
    "previous_request_id": "df9f70ee-4b12-4740-b0f5-bb5aea116863",
    "assignee_id": "22e416c4-5747-41cd-9f73-c3a85cdee885",
    "medical_programs": [
      "3914a240-63db-404e-b730-09222bfeb2d0"
    ],
    "updated_at": "2017-04-20T19:14:13Z",
    "inserted_at": "2017-04-20T19:14:13Z"
  }
}

HTTP status codes

	Response code	HTTP Status code	Message	Internal name	Description

	Response code	HTTP Status code	Message	Internal name	Description
1	Базові
2		201	Response
3		401	Error
4		401	Token is expired
5		403	User is not active Client is not active User is not allowed to perform this action Your scope does not allow to access this resource. Missing allowances: contract_requests:update
6	1000	404	Composition not found	COMPOSITION_NOT_FOUND_404	Не знайдено медичний висновок
7		404	not_found
8		409	Incorrect status of contract request to modify it
9		422		Validation failed	Помилка підтвердження
10		422	Contractor owner must be active within current legal entity in contract request
11		422	Contract request start date should be in future
12		422	contractor_employee_divisions can not be empty
13		422	Division must be active and within current legal_entity
14		422	Employee must be an active DOCTOR
15		422	Field $ could not be empty
16		422	Incorrect next_status
17		422	Invalid EDRPOU in DS
18		422	Legal entity is not activ
19		422	Signed content does not match the previously created content
20		422	The division is not belong to contractor_divisions
21	Специфічні
22		422	Only for active MPI record can be created medication request!

Post-processing processes

Description of actions performed on data after processing

Technical modules where the method is used

List of pages describing technical modules where the method is used

ЕСОЗ публічна документація

[DRAFT] Private. Approve Contract Request by NHS [API-005-002-002-0046]