ЕСОЗ - публічна документація
[DRAFT] Create/Update Legal Entity V2 [API-005-009-002-0178]
Сторінка знаходиться в процесі розробки. Інформація на ній може бути застарілою.
https://e-health-ua.atlassian.net/wiki/spaces/EN/pages/17591304241 (remove the link block before publishing the document)
Document type | Метод REST API |
---|---|
Document title | [DRAFT] Create/Update Legal Entity V2 [API-005-009-002-0178] |
Guideline ID | GUI-0011 |
Author | @ |
Document version | 1 |
Document status | DRAFT |
Date of creation | ХХ.ХХ.ХХХХ (дата фінальної версії документа – RC або PROD) |
Date of update | ХХ.ХХ.ХХХХ (дата зміни версії) |
Method API ID | API-005-009-002-0178 |
Microservices (namespace) | IL |
Component | Legal Entities |
Component ID | COM-005-009 |
Link на API-специфікацію | |
Resource | {{host}}/api/v2/legal_entities |
Scope | legal_entity:write |
Protocol type | REST |
Request type | PUT |
Sync/Async | Sync |
Public/Private | Public |
Purpose
This WS is designed to create legal entities in eHealth system or update existing ones.
Key points
This is a REST method used by MIS
Legal entity request must be signed with DS
This is a second version of create / update legal entity endpoint. Main differences from version 1 are descriped below
Main diffenrences from V1
Legal entity types and licenses are created/updated one by one, i.e. one legal entity type and one license are accepted in one call
medical_services_providers structure is removed, accreditation parameter is moved to edr_legal_entities table
legal entity type calculation rules are removed
Validation and merge of kveds step is removed
Mithrill AuthAPI call is changed
MIS verification is removed
Suspend contract on name change is removed
Owner employee can be updated
Logic
Search for existing legal entity in PRM DB based on data from request:
legal_entities.edrpou = $.edrpou
legal_entities.type = $.type
legal_entities.status = ‘ACTIVE’ or ‘SUSPENDED’
If such legal entity is not found, proceed to Create legal entity process
If such legal entity is found, proceed to Update legal entity process
Create legal entity
Save signed content to media storage.
Get detailed data from EDR for active EDR record of legal entity (described at EDR data validation )
Create or update edr_data record based on logic:
If active EDR record of legal entity exists in edr_data table in PRM DB (edr_data.edr_id = $.id of EDR response), update record in edr_data table with following fields from EDR response:
name = names.display
short_name = names.short
public_name = names.name
legal_form = olf_code
kveds = activity_kinds
registration_address = address
updated_by = consumer_id from MIS API token
updated_at = now()
If active EDR record of legal entity does not exist in edr_data table in PRM DB (edr_data.edr_id = $.id of EDR response), create new record in edr_data table with following fields from EDR response:
id = generate (uuid)
edr_id = id
name = names.display
short_name = names.short
public_name = names.name
legal_form = olf_code
kveds = activity_kinds
registration_address = address
is_active = true
inserted_by = consumer_id from MIS API token
updated_by = consumer_id from MIS API token
inserted_at = now()
updated_at = now()
Generate legal_entity_id that will be used also as client_id
Create new record in legal_entities table in PRM DB according to received request, also add following fields:
id = legal_entity_id
name = edr_data.name from created EDR data record
public_name = edr_data.public_name from created EDR data record
short_name = edr_data.short_name from created EDR data record
status = value according to LEGAL_ENTITY_CREATE_STATUS chart parameter (described at Legal Entities configurable parameters )
is_active = true
inserted_by = consumer_id from MIS API token
updated_by = consumer_id from MIS API token
inserted_at = now()
updated_at = now()
created_by_mis_client_id = client_id from MIS API token
nhs_unverified_at = now()
nhs_verified = false
nhs_reviewed = false
edr_data_id = edr_data.id from created EDR data record
Create new record in licenses table in PRM DB according to received request, also add following fields:
is_primary = true
legal_entity_id = legal_entities.id
is_active = true
inserted_by = consumer_id from MIS API token
updated_by = consumer_id from MIS API token
inserted_at = now()
updated_at = now()
Create employee request for owner according to Create employee request v2
Create client details and connection in MITHRIL DB:
Generate client record using legal_entities.id in MITHRIL DB.
Get consumer_id from MIS API token
Create client connection in MITHRIL DB for client and consumer
Create response with following data
Legal entity, primary license and edr data details
Created employee request id
Client connection details
Update legal entity
Save signed content to media storage
Get detailed data from EDR for active EDR record (described at EDR data validation )
Create or update edr_data record based on logic:
If active EDR record of legal entity exists in edr_data table in PRM DB (edr_data.edr_id = $.id of EDR response) and corresponds to legal entity that is being updated (legal_entities.edr_data_id=edr_data.id), update record in edr_data table with following fields from EDR response:
name = names.display
short_name = names.short
public_name = names.name
legal_form = olf_code
kveds = activity_kinds
registration_address = address
updated_by = consumer_id from MIS API token
updated_at = now()
If active EDR record of legal entity does not exist in edr_data table in PRM DB (edr_data.edr_id = $.id of EDR response), create new record in edr_data table with following fields from EDR response:
id = generate (uuid)
edr_id = id
name = names.display
short_name = names.short
public_name = names.name
legal_form = olf_code
kveds = activity_kinds
registration_address = address
is_active = true
inserted_by = consumer_id from MIS API token
updated_by = consumer_id from MIS API token
inserted_at = now()
updated_at = now()
If edr_data.state is not in ACTIVE_EDR_STATES chart parameter, update legal entity status in legal_entities table (PRM DB):
status = ‘SUSPENDED’
status_reason = 'MANUAL_LEGAL_ENTITY_STATUS_UPDATE'
If legal entity status was changed to SUSPENDED:
terminate related capitation contract requests
suspend related capitation contracts
Update license with following logic:
If $.license_id is null then
Check if any attribute has changed comparing request and licenses data. If any, then:
Update license data in licenses table (PRM DB) according to received request for is_primary license record, additionally:
updated_by = consumer_id from MIS API token
updated_at = now()
For legal entity record in legal_entities related to the primary license, update following parameters in PRM DB:
set nhs_reviewed = false
set nhs_verified = false
set nhs_unverified_at = now()
If $.license_id is not null then skip license update
Update legal_entities data in PRM DB according to received request, also update following fields:
name = edr_data.name from created EDR data record (if edr_data was updated)
public_name = edr_data.public_name from created EDR data record (if edr_data was updated)
short_name = edr_data.short_name from created EDR data record (if edr_data was updated)
updated_by = consumer_id from MIS API token
updated_at = now()
edr_data_id = edr_data.id from created EDR data record (if edr_data was updated)
Create employee request for owner according to Create employee request v2
Update client details and connection in MITHRIL DB:
Get consumer_id from MIS API token
Create new client connection in MITHRIL DB for client and consumer_id
Create response with following data
Legal entity, primary license and edr data details
Created employee request id
Client connection details
Update accreditation with following logic:
if "category": "NO_ACCREDITATION" than check if only required fields are filled, also update following fields:
“issued_date” set null
“expiry_date" set null
“order_date" set null
if it is another category- update all fields with the values they were filled with
Configuration parameters
N/A
Dictionaries
N/A
Input parameters
Input parameter | Mandatory | Type | Description | Example | |
---|---|---|---|---|---|
1 |
|
|
|
|
|
2 |
|
|
|
|
|
Request structure
See on API-specification
Headers
Request data validation
Authorize
Verify that MIS API token exists in request
in case of error - return 401 (“Api key is not set")
Verify the validity of MIS API token
in case of error - return 401 (“Invalid api key”)
Verify that MIS API token is not expired
in case of error - return 401 (“Invalid api key”)
Check MIS scopes in order to perform this action (scope = 'legal_entity:write')
return 403 (“Your scope does not allow to access this resource. Missing allowances: legal_entity:write”) in case of invalid scope(s)
Validate Digital signature
Validate decoded input data is signed
in case of error - return 422 (“document must contain 1 signature and 0 stamps but contains 0 signatures and 0 stamps”)
Check DS is valid and not expired
Check that Last Name from DS and Owner last_name from request matches
in case of error - return 422 (“Does not match the signer last name“)
If EDRPOU in Certificate details exists and not empty
Check that EDRPOU in Certificate details is valid according to
([0-9]{8,10}|[А-ЯЁЇIЄҐ]{2}\d{6})
regular expressionin case of error - return 422 (“string does not match pattern")
Check that EDRPOU in Certificate details is equal to $.edrpou in payload
in case of error - return 422 (“EDRPOU does not match legal_entity edrpou“)
If EDRPOU in Certificate details is empty and if DRFO in Certificate details exists and not empty
Check that DRFO in Certificate details is valid according to
([0-9]{9,10}|[А-ЯЁЇIЄҐ]{2}\d{6})
regular expressionin case of error - return 422 (“string does not match pattern")
Check that DRFO in Certificate details is equal to $.edrpou in payload
in case of error - return 422 (“DRFO does not match signer drfo“)
If EDRPOU and DRFO in Certificate details are empty - return 422 (“EDRPOU and DRFO is empty in digital sign“)
Validate request
Validate request using JSON schema
in case of error - return 422
Validate decoded input data $.signed_legal_entity_request using JSON schema
in case of error - return 422
Validate uniqueness of object for arrays
$.phones (one unique $.phones.type per array)
$.owner.phones (one unique $.owner.phones.type per array)
$.owner.documents (one unique $.owner.documents.type per array)
in case of error - return 422 (“No duplicate values.”)
Validate residence address
Check that $.residence_address.settlement_id exists in uadresses resource
in case of error - return 422 (“settlement with id = $.residence_address.settlement_id does not exist“)
Check that $.residence_address.settlement corresponds to settlement_name by settlement_id in uadresses resource
in case of error - return 422 (“invalid settlement value“)
Check that $.residence_address.area corresponds to area_name by settlement_id in uadresses resource
in case of error - return 422 (“invalid area value“)
Validate owner
Validate tax_id
If $.owner.no_tax_id does not exists in request or exists and equals false, check that $.owner.tax_id is valid according to
^[0-9]{10}$
regular expressionin case of error - return 422 (“invalid tax_id value“)
If $.owner.no_tax_id equals true, check that $.owner.tax_id is valid according to
([0-9]{9}|[А-ЯЁЇIЄҐ]{2}\d{6})
regular expressionin case of error - return 422 (“invalid tax_id value”)
Validate birth date
Check that $.owner.birth_date is greater than MIN_BIRTH_DATE chart parameter
in case of error - return 422 (“invalid birth_date value”)
Check that owners age is greater than MIN_AGE chart parameter
in case of error - return 422 (“invalid birth_date value”)
Validate owners position
Check that $.owner.position exists in OWNER_POSITIONS chart parameter (described at Legal Entities configurable parameters)
in case of error - return 422 (“invalid owner position value“)
Validate existing owner
Existing owner must be validated only if $.owner.employee_id is passed in request.
Check that employee with id = $.owner.employee_id exists in PRM DB
in case of error - return 422 (“Employee not found“)
Check that employee with id = $.owner.employee_id corresponds to Legal entity from payload
in case of error - return 409 (“Employee doesn't belong to your legal entity“)
Check that employee with id = $.owner.employee_id is an employee with employee_type = ‘OWNER’ or ‘PHARMACY_OWNER’
in case of error - return 409 (“Invalid employee type”)
Check that employee with id = $.owner.employee_id is an employee with status = ‘APPROVED’ and is_active = true
in case of error - return 409 (“Invalid employee status“)
Check $.owner.tax_id from request is equal to parties.tax_id for $.owner.employee_id
in case of error - return 409 (“tax_id doesn't match“)
Check $.owner.tax_id from request is not empty if parties.tax_id for $.owner.employee_id is not empty:
in case of error - return 422 (“
required property tax_id was not present
“)
Check $.owner.birth_date from request is equal to parties.birth_date of $.owner.employee_id
in case of error - return 409 (“birth_date doesn't match“)
If parties.no_tax_id for $.owner.employee_id is true check $.owner.tax_id from request:
$.owner.tax_id is valid according to
([0-9]{9}|[А-ЯЁЇIЄҐ]{2}\d{6})
regular expressionin case of error - return 422 (“
string does not match pattern \"^([0-9]{9,10}|[А-ЯЁЇIЄҐ]{2}\\d{6})$\"
”)
Validate legal entity with EDR
If new legal entity is created or legal entity with empty edr_data_id is updated
Check that legal entity $.edrpou exists in EDR
in case of error - return 422 (“Provided EDRPOU is not active in EDR”)
Check that there is only one active record in EDR for legal entity $.edrpou
in case of error - return 422 (“More than 1 active entities in EDR“)
Validate license
Check license according to the schema below.
License from request must be validated with related primary license (licenses.is_primary=true where licenses.legal_entity_id=legal_entities.id).
Check if license is needed for legal entity type is performed based on LEGAL_ENTITY_<LEGAL_ENTITY_TYPE>_PRIMARY_LICENSE_TYPES chart parameter (described at Legal Entities configurable parameters )
Processing
Save signed content
Generate RESOURCE_NAME for signed content
Generate RESOURCE_ID for Legal Entity
Invoke Media Content Storage to get upload URL for the document
Parameter | Source |
---|---|
action | 'PUT' |
bucket | 'LEGAL_ENTITIES' |
resource_id | :RESOURCE_NAME |
resource_name | :RESOURCE_ID |
Refresh EDR data
Get detailed data from EDR for active EDR record: call EDR data validation using id, received on step EDR Validation.
Create or Update record in prm.edr_data for active EDR record data.
Search Legal Entity using EDRPOU from Signer Certificate
Search Legal Entity in prm.legal_entities using EDRPOU from Signer Certificate where legal_entities.type = Request: $.type and status = active or suspended
If Legal Entity not found go to Generate client and legal entity identifier
If Legal Entity found go to Update Client in Auth
Update Client in Auth
Update Redirect URI
Update Legal Entity
Create/Update licenses
If $.license_id is not null then
Check if any attribute has changed comparing request and prm.licenses data. If any, then:
For each record in prm.legal_entities related to the license:
If nhs_reviewed = true reset it to false
If nhs_verified = true
reset it to false
set nhs_verified_change_date to current date
Update prm.licenses data according to received request
If $.license_id is null then create new record according to received request
link license and edr_data record
Update legal_entities
Update prm.legal_entities data according to received request
link to the license if license_id is not null
populate updated_by, updated_at
If nhs_reviewed = true reset it to false
If nhs_verified = true reset it to false and set nhs_verified_change_date to current date
Update LE official name
Extract official name from Digital signature.
Update `legal_entities.public_name` in prm with official name from Digital signature
Update `clients.name` in mithril with official name from Digital signature
Update Contract Request
Find contract requests related to current legal entity in status = NEW, APPROVED, PENDING_NHS_SIGN, NHS_SIGNED, set status = 'TERMINATED', status_reason "Legal Entity Data has changed"
Generate client and legal entity identifier
Generate UUID as client identifier and legal entity identifier
Create client and connection in Auth
Invoke Auth API (idempotent PUT) to register new client and generate client secret key
Determine MIS_ID (consumer_id) using api-key
Invoke Put client connection in order to UpSet connection in Mithril for this client and consumer
Create new Legal Entity
Create/Update licenses
If $.license_id is not null then
Check if any attribute has changed comparing request and prm.licenses data. If any, then:
For each record in prm.legal_entities related to the license:
If nhs_reviewed = true reset it to false
If nhs_verified = true
reset it to false
set nhs_verified_change_date to current date
Update prm.licenses data according to received request
If $.license_id is null then create new record according to received request
link license and edr_data record
Populate legal_entities table
Create new record according to received request
Link it to the license
Link it to edr_data record
Set `nhs_reviewed` and `nhs_verified` to false
Set status = active suspended
Set nhs_verified_change_date to current date
Save LE official name
Extract official name from Digital signature.
Save LE official name to prm DB = legal_entities.public_name
Save LE official name to mithril DB = clients.name
Data sources which are using during creation of prm.legal_entities
Register employee
Create or update new employee request with employee_type == 'OWNER'
Init Create employee request V2
Mapping
Parameter | Source |
---|---|
employee_id | Request: $.employee_id |
legal_entity_id | Generated previously |
employee_type | Const: OWNER |
position | Request: $.owner.position |
status | Const: ACTIVE |
start_date | now() |
party | Request: $.owner |
Response structure examples
See on API-specification
HTTP status codes
Response code | HTTP Status code | Message | Internal name | Description | |
---|---|---|---|---|---|
1 | Базові | ||||
2 |
| 200 | Response |
|
|
3 |
| 401 | Api key is not set |
|
|
4 |
| 401 | Invalid api key |
|
|
5 |
| 403 | Your scope does not allow to access this resource. Missing allowances: legal_entity:write |
|
|
6 |
| 409 | birth_date doesn't match |
|
|
7 |
| 409 | Invalid employee status |
|
|
8 |
| 409 | Invalid employee type |
|
|
9 |
| 409 | Employee doesn't belong to your legal entity |
|
|
10 |
| 409 | tax_id doesn't match |
|
|
11 |
| 422 | document must contain 1 signature and 0 stamps but contains 0 signatures and 0 stamps |
|
|
12 |
| 422 | Does not match the signer last name |
|
|
13 |
| 422 | DRFO does not match signer drfo |
|
|
14 |
| 422 | EDRPOU does not match legal_entity edrpou |
|
|
15 |
| 422 | Employee not found |
|
|
16 |
| 422 | EDRPOU and DRFO is empty in digital sign |
|
|
17 |
| 422 | invalid owner position value |
|
|
18 |
| 422 | invalid birth_date value |
|
|
19 |
| 422 | invalid tax_id value |
|
|
20 |
| 422 | invalid area value |
|
|
21 |
| 422 | invalid settlement value |
|
|
22 |
| 422 | More than 1 active entities in EDR |
|
|
23 |
| 422 | No duplicate values. |
|
|
24 |
| 422 | Provided EDRPOU is not active in EDR |
|
|
25 |
| 422 |
|
|
|
26 |
| 422 | settlement with id = $.residence_address.settlement_id does not exist |
|
|
27 |
| 422 | string does not match pattern |
|
|
28 |
| 422 | Validate request using JSON schema failed |
|
|
29 |
| 422 | Validate decoded input data $.signed_legal_entity_request using JSON schema failed |
|
|
30 | Специфічні | ||||
31 |
|
|
|
|
|
Post-processing processes
N/A
Technical modules where the method is used
N/A
ЕСОЗ - публічна документація