Properties of a REST API method document

Purpose

This WS is designed to block previously created Medication request with indicating block_reason_code and block_reason by NHS employee with appropriate scope.

Logic

1. Only authenticated and authorized NHS admin-panel user with appropriate scope can block Medication request.

2. In the response of these endpoint person_id is returned in hashed form.

3. Medication request can be blocked only from ‘ACTIVE' status.

1. Update Medication request in OPS DB:

   1. set is_blocked = true

   2. set block_reason_code = $.block_reason_code

   3. set block_reason = $.block_reason

   4. set updated_by = user_id

   5. set updated_at = now()

   6. set block_legal_entity_id = legal entity id out of token

2. Send SMS for person

   1. If Medication request has program with medical program setting medication_request_notification_disabled = true, then don't send SMS.

      Else:

      1. Get authentication_method of person from MPI

      2. If authentication_method == OTP, then send SMS to a person from Medication request:

         1. Generate SMS text

            1. get template from block_template_sms_nhs parameter

            2. enrich template with data from Medication request

         2. Send SMS to a person

3. Return Medication request data with hashed person_id

Configuration parameters

N/A

Dictionaries

MEDICATION_REQUEST_BLOCK_REASON

MEDICATION_REQUEST_INTENT

MEDICATION_REQUEST_CATEGORY

MEDICATION_REQUEST_PRIORITY

eHealth/SNOMED/additional_dosage_instructions

eHealth/SNOMED/anatomical_structure_administration_site_codes

eHealth/SNOMED/route_codes

eHealth/SNOMED/administration_methods

eHealth/SNOMED/dose_and_rate

eHealth/ICD10_AM/condition_codes

eHealth/ICPC2/condition_codes

ADDRESS_TYPE

SETTLEMENT_TYPE

STREET_TYPE

PHONE_TYPE

DIVISION_TYPE

POSITION

MEDICATION_FORM

MEDICATION_UNIT

eHealth/clinical_impression_patient_categories

LICENSE_TYPE

FUNDING_SOURCE

MR_BLANK_TYPES

MEDICATION_REQUEST_REJECT_REASON

Input parameters

Request structure

See on API-specification

Headers

Headers

Request data validation

Authorization

1. Verify the validity of access token

   1. in case of error - return 401 (“Invalid access token”) in case of validation fails

2. Verify that token is not expired

   1. in case of error - return 401 (“Invalid access token”)

3. Check user scopes in order to perform this action (scope = 'medication_request_admin:block')

   1. return 403 (“Your scope does not allow to access this resource. Missing allowances: medication_request_admin:block”) in case of invalid scope(s)

Validations

Validate request

1. Validate request using JSON schema

   1. in case of error - return 422

Validate Medication request

1. Get Medication request identifier from the URL. Check Medication request exists in OPS DB

   1. in case of error - return 404

Validation transition

1. Get Medication request by $.id in OPS DB. Check that Medication request status = ‘ACTIVE’

   1. in case of error - return 409 ("Medication request must be in active status")

2. Get Medication request by $.id in OPS DB. Check that Medication request is not blocked, i.e. is_blocked = false

   1. in case of error - return 409 ("Medication request is already blocked")

Processing

N/A

Response structure examples

See on API-specification

HTTP status codes

Post-processing processes

N/A

Technical modules where the method is used