Properties of a REST API method document

Purpose

This WS is designed to initialize person documents uploading proccess through person information system (PIS).

Key points

1. This method is used only by PIS.

2. This method returns list of documents that needs to be uploaded for person and urls. In case no documents must be uploaded - empty list is returned.

3. Person is obtained from user that performs method.

Logic

Service logic

1. GService logic

   1. Get list of person documents that must be uploaded to media content storage (for each type of documents, if couple of rules worked - only one file is expected):

      1. Call https://e-health-ua.atlassian.net/wiki/spaces/PCAB/pages/17415995422 , send person_id = person.id and confidant_person_id = applicant_person_id (from token)
         in case if method returns “ok”:

         1. Check for documents with name confidant_person.{confidant_person_id}.documents_relationship.[:].{type}

      2. If one of persons document has type = ‘BIRTH_CERTIFICATE_FOREIGN’ and there is no same document in {person.confidant_person.[:].documents_relationship.[:]}

         and persons age < no_self_auth_age global parameter value then

         1. Check for document with name person.BIRTH_CERTIFICATE_FOREIGN

      3. If one of persons document has type = ‘PERMANENT_RESIDENCE_PERMIT’ and persons age >= no_self_auth_age global parameter value then

         1. Check for document with name person.PERMANENT_RESIDENCE_PERMIT

      4. If persons authentication method = ‘OFFLINE’ or ‘THIRD_PERSON’ authentication method = ‘OFFLINE’

         1. Check for documents with name person.{documents.[:].type} or third_person.{third_person.documents.[:].type}

      5. If person.unzr field is not empty and first 8 digits of unzr != persons birth_date

         1. Check for document with name person.unzr

      6. If persons age is greater then no_self_registration_age global parameter, but less then person_full_legal_capacity_age global parameter
         and one of persons documents has type from PIS_PERSON_LEGAL_CAPACITY_DOCUMENT_TYPESconfig parameter then

         1. Get type of document that has been found
            AND check for documents with name person.{type}

   2. Check existence of each document in existing media content storages for person:

      1. persons

      2. person_requests

      3. authentication_method_requests

   3. Generate signed urls for each document that must be uploaded but does not exist in persons media content storage.

   4. Render a response according to specification.

Configuration parameters

N/A

Dictionaries

N/A

Input parameters

Request structure

See on API-specification

Headers

Headers

Request data validation

Authorization

• Verify the validity of the access token

  • in case of error - return 401 (“Invalid access token”)

• Verify that token is not expired

  • in case of error - return 401 (“Invalid access token”)

• Check user scopes in order to perform this action (scope = 'person_documents:write_pis')

  • in case of invalid scope(s) - return 403 (“Your scope does not allow to access this resource. Missing allowances: person_documents:write_pis”)

Validate person

• Get person_id from user

• Check person exists in mpi database and is active (status = ‘active’ and is_active=true)

  • in case of error - return 404 ('Person does not exist or is not active')

Processing

N/A

Response structure examples

See on API-specification

HTTP status codes

Post-processing processes

N/A

Technical modules where the method is used