ЕСОЗ - публічна документація

[DRAFT] Update Episode [API-007-006-001-0271]

https://e-health-ua.atlassian.net/wiki/spaces/EN/pages/17591304241 (remove the link block before publishing the document)

Properties of a REST API method document

Document type

Метод REST API

Document title

[Document status] REST API [Назва методу] [ID методу]

Guideline ID

GUI-0011

Author

@

Document version

1

Document status

DRAFT

Date of creation

ХХ.ХХ.ХХХХ (дата фінальної версії документа – RC або PROD)

Date of update

ХХ.ХХ.ХХХХ (дата зміни версії)

Method API ID

API-007-006-001-0271

Microservices (namespace)

ME

Component

Episode

Component ID

COM-007-006

Link на API-специфікацію

https://medicaleventsmisapi.docs.apiary.io/#reference/medical-events/episode-of-care/update-episode

Resource

{{host}}/api/patients/{{patient_id}}/episodes/{{episode_id}}

Scope

episode:write

Protocol type

REST

Request type

PATCH

Sync/Async

Async

Public/Private

Public

Purpose

This web service is designed to update existing episode of care for the patient

Logic

This web service is designed to update existing episode of care for the patient

Configuration parameters

Medical Events Dictionaries and configurations | ALLOWED_EPISODE_CARE_MANAGER_EMPLOYEE_TYPES

Dictionaries

Provides a list of links to dictionaries that are available in Confluence

Input parameters

Input parameter

Mandatory

Type

Description

Example

Input parameter

Mandatory

Type

Description

Example

1

patient_id

 

String

Patient identifier

70a9e15b-b71b-4caf-8f2e-ff247e8a5677

2

episode_id

 

String

Episode identifier

a10aeafb-0df2-4091-bc83-f07e92a100ae

Request structure

See on Apiary

See on API-specification

{ "name": "Інсулінонезалежний діабет", "care_manager": { "identifier": { "type": { "coding": [ { "system": "eHealth/resources", "code": "employee" } ] }, "value": "9183a36b-4d45-4244-9339-63d81cd08d9c" } } }Headers

Headers

Key

Value

Mandatory

Description

Example

Key

Value

Mandatory

Description

Example

1

Content-Type

application/json

M

Тип контенту

Content-Type:application/json

2

Authorization

Bearer {{access_token}}

 

 

Authorization:Bearer {{access_token}}

3

API-key

{{secret}}

 

 

API-key:{{secret}}

Request data validation

Authorize

Request to process the request using a token in the headers

  • Verify the validity of access token

    • Return 401 in case validation fails

  • Verify token is not expired

    • in case of error return 401 

  • Check user scopes in order to perform this action (scope = 'episode:write')

    • Return 403 in case invalid scope(s)

Validate token

  • check value of ALLOW_OTHER_LE_EMPLOYEES_TO_MANAGE_EPISODE variable in charts configuration

    • if its value is equal to false, verify that user’s employees from care_manager belongs to one of the user_id from token

      • in case of error - return 422 ('User is not allowed to perform this action')

    • otherwise, verify that user’s employees from care_manager belongs to the same Legal Entity as author of the episode

      • in case of error - return 422 ('User is not allowed to perfom this action')

Validate legal entity

  • Validate episode belongs to the legal entity where the current user works

    • ME.episode.managing_organization==token.client_id

      • in case of error return 422 "Managing_organization in the episode does not correspond to user`s legal_entity"

Validate request

  1. ME.episode.status == "active"

    1. in case of error "Episode in status {episode_status} can not be updated"

  2. Validate care_manager

    1. $.care_manager.identifier.type.coding.[0].code = "employee"

      1. in case of error return 422 "Submitted code is not allowed for this field"

    2. $.care_manager.identifier.type.coding.[0].system = "eHealth/resources"

      1. in case of error return 422 "Submitted system is not allowed for this field"

    3. $.care_manager.identifier.value must meet the following requirements

      1. PRM.employee.type = value from list of employee_types in configuration:
        ALLOWED_EPISODE_CARE_MANAGER_EMPLOYEE_TYPES

        1. in case of error return 409 "Employee submitted as a care_manager is not a not in the list of allowed employee types"

      2. PRM.employee.status= "active"

        1. in case of error return 409 "Employee submitted as a care_manager is not active "

      3. PRM.employee.legal_entity = token.client_id=ME.episode.care_manager.identifier.value

        1. in case of error return 409 "User doesn`t have permitions to set the employee as a care_manager of the episode" 

 

Processing

  1. Set patients.episodes.#{id}.care_manager.display_value= ((PRM.parties.first_name + PRM.parties.second_name  + PRM.parties.last_name) where PRM.parties.id == PRM.employees.party_id) where PRM.employees.id== $.care_manager.identifier.value

  2. Set episodes.managing_organization.display_value = PRM.legal_entities.public_name where ( PRM.legal_entities.id == $.managing_organization.identifier.value) 

Response structure examples

See on Apiary

See on API-specification

{ "data": { "status": "pending", "eta": "2018-08-02T10:45:16.000Z", "links": [ { "entity": "job", "href": "/Jobs/NBXk9EyErUZv1RhXgyvgg" } ] }, "meta": { "code": 202, "url": "http://example.com/resource", "type": "object", "request_id": "req-adasdoijasdojsda" } }
{ "meta": { "code": 404, "url": "http://example.com/resource", "type": "object", "request_id": "req-adasdoijasdojsda" }, "error": { "type": "NOT_FOUND", "message": "Patient not found" } }

HTTP status codes

Response code

HTTP Status code

Message

Internal name

Description

Response code

HTTP Status code

Message

Internal name

Description

1

Базові

2

 

202

 Response

 

 

3

 

401

 

Access token validation failed

 

4

 

403

 

Invalid scope

 

5

 

404

 Patient not found

 

 

6

 

409

 

Validation failed

 

7

 

409

Employee submitted as a care_manager is not a not in the list of allowed employee types

 

 

8

 

409

Employee submitted as a care_manager is not active

 

 

9

 

409

User doesn`t have permitions to set the employee as a care_manager of the episode

 

 

10

 

422

 

Validation failed

 

11

 

422

Managing_organization in the episode does not correspond to user`s legal_entity

 

 

12

 

422

Submitted code is not allowed for this field

 

 

13

 

422

Submitted system is not allowed for this field

 

 

14

 

422

User is not allowed to perform this action

 

 

15

 

422

User is not allowed to perfom this action

 

 

16

Специфічні

17

 

 

 

 

 

Post-processing processes

Description of actions performed on data after processing

Technical modules where the method is used

List of pages describing technical modules where the method is used

 

ЕСОЗ - публічна документація