ЕСОЗ - публічна документація

Public. Sign Contract Request by MSP

Purpose

The process is initiated by Legal Entity's side and involves the signature previously signed contract request. 

Contract must be 2 time signed: from legal_entity and NHS sides. There is a particular order who must signed first - NHS side. After that legal entity owner or admin can either sign contract request (will be created contract) or terminate contract request.

 

Specification

Link

https://ehealthmisapi1.docs.apiary.io/#reference/public.-contracts/contract-request/public.-sign-contract-request-by-msp

Resource

/api/contract_requests/{{contract_type}}/{{id}}/actions/sign_msp

Scope

contract_request:sign

Components

Contracts

Microservices

API paragraph not found

Protocol type

REST

Request type

PATCH

Sync/Async

Sync

Public/Private/Internal

Public

 

Logic

This WS is designed to sign contract request from MSP side. Contract request's status must be in status ='NHS_SIGNED'. EDRPOU in DS certeficate = contractor_owner_id.lega_entity.edrpou and suranme in DS=contractor_owner_id.party_id.last_name Method receives signed message (pkcs7) including signed content, digital signature of first signer, digital stamp of first signer, digital signature of second signer and signer public key in signed_content property. All signature fields will be validated (including signer certificate authority). This service will store signed copy of Contract Request in Media Content Storage (will update previous version of file),created contract records and linked employees_divisions if signature is all checks is passed. Object that need to be signed is returned by Get Contract request by ID, urgent, type='signed_content'. In response will be receive a link to download a file in pkcs7 format (signed by NHS side). This data must be signed.

In DS EDRPOU/DRFO must be equal to contractor_legal_entity.edrpou

 

Input parameters

Input parameter

Values

Type

Description

Example

Input parameter

Values

Type

Description

Example

id

 

String

 

b075f148-7f93-4fc2-b2ec-2d81b19a9b7b

Invoke service 'Get Partially Signed Contract Reqeust by ID'. In the response will be received link to download file in PKCS7 format, which contains data (json + printout form + signature of responsible person from NHS side + digital stamp from NHS side).

This PKCS7 file must be signed and decode in base64.

 

Request structure

See on Apiary

Example:

{ "signed_content": "MIIU2wYJKoZIhvcNAQcCoIIUzDCCFMgCAQExDjAMBgoqhiQCAQEBAQIBMIIG+QYJKoZIhvcNAQcBoIIG6gSCBuZ7CiAgICAiaWQiOiAiMDkxMDZiNzAtMThiMC00NzI2LWIwZWQtNmJkYTEzNjlmZDUyIiwKICAgICJjb250cmFjdG9yX293bmVyX2lkIjogImRmOWY3MGVlLTRiMTItNDc0MC1iMGY1LWJiNWFlYTExNjg2MyIsCiAgICAiY29udHJhY3Rvcl9iYXNlIjogItC90LAg0L/RltC00YHRgtCw0LLRliDQt9Cw0LrQvtC90YMg0L/RgNC+INCc0LXQtNC40YfQvdC1INC+0LHRgdC70YPQs9C+0LLRg9Cy0LDQvdC90Y8g0L3QsNGB0LXQu9C10L3QvdGPIiwKICAgICJjb250cmFjdG9yX3BheW1lbnRfZGV0YWlscyI6IHsKICAgICAgImJhbmtfbmFtZSI6ICLQkdCw0L3QuiDQvdC+0LzQtdGAIDEiLAogICAgICAiTUZPIjogIjM1MTAwNSIsCiAgICAgICJwYXllcl9hY2NvdW50IjogIjMyMDA5MTAyNzAxMDI2IgogICAgfSwKICAgICJjb250cmFjdG9yX3Jtc3BfYW1vdW50IjogNTAwMDAsCiAgICAiZXh0ZXJuYWxfY29udHJhY3Rvcl9mbGFnIjogdHJ1ZSwKICAgICJleHRlcm5hbF9jb250cmFjdG9ycyI6IHsKICAgICAgImxlZ2FsX2VudGl0eV9pZCI6ICIyOTIyYTI0MC02M2RiLTQwNGUtYjczMC0wOTIyMmJmZWIyZGQiLAogICAgICAiY29udHJhY3QiOiB7CiAgICAgICAgIm51bWJlciI6ICIxMjM0NTY3IiwKICAgICAgICAiaXNzdWVkX2F0IjogIjIwMTgtMDEtMDEiLAogICAgICAgICJleHBpcmVzX2F0IjogIjIwMTktMDEtMDEiCiAgICAgIH0sCiAgICAgICJkaXZpc2lvbnMiOiBbCiAgICAgICAgewogICAgICAgICAgImlkIjogIjI5MjJhMjQwLTYzZGItNDA0ZS1iNzMwLTA5MjIyYmZlYjJkZCIsCiAgICAgICAgICAibWVkaWNhbF9zZXJ2aWNlIjogItCf0L7RgdC70YPQs9CwINCf0JzQlCIKICAgICAgICB9CiAgICAgIF0KICAgIH0sCiAgICAiY29udHJhY3Rvcl9lbXBsb3llZV9kaXZpc2lvbnMiOiBbCiAgICAgIHsKICAgICAgICAiZW1wbG95ZWVfaWQiOiAiMjkyMmEyNDAtNjNkYi00MDRlLWI3MzAtMDkyMjJiZmViMmRkIiwKICAgICAgICAic3RhZmZfdW5pdHMiOiAwLjUsCiAgICAgICAgImRlY2xhcmF0aW9uX2xpbWl0IjogMjAwMCwKICAgICAgICAiZGl2aXNpb25faWQiOiAiMjkyMmEyNDAtNjNkYi00MDRlLWI3MzAtMDkyMjJiZmViMmRkIgogICAgICB9CiAgICBdLAogICAgImlkX2Zvcm0iOiAiNSIsCiAgICAibmhzX3NpZ25lcl9iYXNlIjogItC90LAg0L/RltC00YHRgtCw0LLRliDQvdCw0LrQsNC30YMiLAogICAgIm5oc19jb250cmFjdF9wcmljZSI6IDUwMDAwLAogICAgIm5oc19wYXltZW50X21ldGhvZCI6ICJwcmVwYXltZW50IiwKICAgICJpc3N1ZV9jaXR5IjogItCa0LjRl9CyIiwKICAgICJzdGF0dXMiOiAiTkVXIiwKICAgICJzdGF0dXNfcmVhc29uIjogItCd0LUg0LLRltC00L/QvtCy0ZbQtNCw0ZQg0L/QvtC/0LXRgNC10LTQvdGW0Lwg0LTQvtC80L7QstC70LXQvdC+0YHRgtGP0LwiLAogICAgIm5oc19zaWduZXJfaWQiOiAiZGY5ZjcwZWUtNGIxMi00NzQwLWIwZjUtYmI1YWVhMTE2ODYzIiwKICAgICJuaHNfbGVnYWxfZW50aXR5X2lkIjogImRmOWY3MGVlLTRiMTItNDc0MC1iMGY1LWJiNWFlYTExNjg2MyIsCiAgICAiY29udHJhY3RfbnVtYmVyIjogIjAwMDAtOUVBWC1YVDdYLTMxMTUiLAogICAgImNvbnRyYWN0X2lkIjogImRmOWY3MGVlLTRiMTItNDc0MC1iMGY1LWJiNWFlYTExNjg2MyIsCiAgICAic3RhcnRfZGF0ZSI6ICIyMDE3LTA0LTIwIiwKICAgICJlbmRfZGF0ZSI6ICIyMDE3LTA0LTIwIiwKICAgICJwcmludG91dF9jb250ZW50IjogIkNvbnRyYWN0IHJlcXVlc3QgY29udGVudCIKICB9CqCCBbkwggW1MIIFXaADAgECAhQNhO2hu5OB6AQAAABetCIAv7N0ADANBgsqhiQCAQEBAQMBATCCAUIxfDB6BgNVBAoMc9Cf0KPQkdCb0IbQp9Cd0JUg0JDQmtCm0IbQntCd0JXQoNCd0JUg0KLQntCS0JDQoNCY0KHQotCS0J4g0JrQntCc0JXQoNCm0IbQmdCd0JjQmSDQkdCQ0J3QmiDCq9Cf0KDQmNCS0JDQotCR0JDQndCawrsxETAPBgNVBAsMCNCQ0KbQodCaMTYwNAYDVQQDDC3QkNCm0KHQmiDQn9CQ0KIg0JrQkSDCq9Cf0KDQmNCS0JDQotCR0JDQndCawrsxFjAUBgNVBAUMDVVBLTE0MzYwNTcwLTExCzAJBgNVBAYTAlVBMScwJQYDVQQHDB7QlNC90ZbQv9GA0L7Qv9C10YLRgNC+0LLRgdGM0LoxKTAnBgNVBAgMINCU0L3RltC/0YDQvtC/0LXRgtGA0L7QstGB0YzQutCwMB4XDTE4MDEyMzE0NTMzNFoXDTE5MDEyMzIxNTk1OVowggETMSIwIAYDVQQKDBnQpNCG0JfQmNCn0J3QkCDQntCh0J7QkdCQMTkwNwYDVQQDDDDQn9CY0KDQntCT0J7QkiDQhNCS0JPQldCdINCS0JDQm9CV0KDQhtCZ0J7QktCY0KcxFzAVBgNVBAQMDtCf0JjQoNCe0JPQntCSMSowKAYDVQQqDCHQhNCS0JPQldCdINCS0JDQm9CV0KDQhtCZ0J7QktCY0KcxEDAOBgNVBAUMBzIyNzQzOTgxCzAJBgNVBAYTAlVBMScwJQYDVQQHDB7QnC4g0JrQoNCe0J/QmNCS0J3QmNCm0KzQmtCY0JkxJTAjBgNVBAgMHNCa0IbQoNCe0JLQntCT0KDQkNCU0KHQrNCa0JAwRjAeBgsqhiQCAQEBAQMBATAPBg0qhiQCAQEBAQMBAQIGAyQABCGNGaguWpXdyBk172CZxkuWynHt6GAUImGZI9ZFJp6oMAGjggJqMIICZjApBgNVHQ4EIgQgztjUwYvcULAWp/FyOQUBNpFx9HsyWh9lgiY21nLzYEkwKwYDVR0jBCQwIoAgjYTtobuTgejDEZCorJKFP8TYx4TGSgG4NxFX2F0YVVcwLwYDVR0QBCgwJqARGA8yMDE4MDEyMzE0NTMzNFqhERgPMjAxOTAxMjMyMTU5NTlaMA4GA1UdDwEB/wQEAwIGwDAZBgNVHSABAf8EDzANMAsGCSqGJAIBAQECAjAMBgNVHRMBAf8EAjAAMB4GCCsGAQUFBwEDAQH/BA8wDTALBgkqhiQCAQEBAgEwOAYDVR0fBDEwLzAtoCugKYYnaHR0cDovL2Fjc2sucHJpdmF0YmFuay51YS9jcmwvUEItUzkuY3JsMEMGA1UdLgQ8MDowOKA2oDSGMmh0dHA6Ly9hY3NrLnByaXZhdGJhbmsudWEvY3JsZGVsdGEvUEItRGVsdGEtUzkuY3JsMIGUBggrBgEFBQcBAQSBhzCBhDA0BggrBgEFBQcwAYYoaHR0cDovL2Fjc2sucHJpdmF0YmFuay51YS9zZXJ2aWNlcy9vY3NwLzBMBggrBgEFBQcwAoZAaHR0cDovL2Fjc2sucHJpdmF0YmFuay51YS9kb3dubG9hZC9jZXJ0aWZpY2F0ZXMvY2VydGlmaWNhdGVzLnA3YjBDBggrBgEFBQcBCwQ3MDUwMwYIKwYBBQUHMAOGJ2h0dHA6Ly9hY3NrLnByaXZhdGJhbmsudWEvc2VydmljZXMvdHNwLzAnBgNVHQkEIDAeMBwGDCqGJAIBAQELAQQBATEMEwozMjI4NTEyNTk3MA0GCyqGJAIBAQEBAwEBA0MABEDV3X/RhIP0TLUcuXc1cIKv01Z1mOPnNhodBM1sVKyxJji/HjkgYpt48+Eew05fWwuFs9LytruxRJ16E7mL7G1PMYIH9zCCB/MCAQEwggFcMIIBQjF8MHoGA1UECgxz0J/Qo9CR0JvQhtCn0J3QlSDQkNCa0KbQhtCe0J3QldCg0J3QlSDQotCe0JLQkNCg0JjQodCi0JLQniDQmtCe0JzQldCg0KbQhtCZ0J3QmNCZINCR0JDQndCaIMKr0J/QoNCY0JLQkNCi0JHQkNCd0JrCuzERMA8GA1UECwwI0JDQptCh0JoxNjA0BgNVBAMMLdCQ0KbQodCaINCf0JDQoiDQmtCRIMKr0J/QoNCY0JLQkNCi0JHQkNCd0JrCuzEWMBQGA1UEBQwNVUEtMTQzNjA1NzAtMTELMAkGA1UEBhMCVUExJzAlBgNVBAcMHtCU0L3RltC/0YDQvtC/0LXRgtGA0L7QstGB0YzQujEpMCcGA1UECAwg0JTQvdGW0L/RgNC+0L/QtdGC0YDQvtCy0YHRjNC60LACFA2E7aG7k4HoBAAAAF60IgC/s3QAMAwGCiqGJAIBAQEBAgGgggYtMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTE4MDQyMzExMTY1MlowLwYJKoZIhvcNAQkEMSIEIMAdYVO8e/4E9usncxHy/CN128dFo878R/guITulNEtLMIIBtQYLKoZIhvcNAQkQAi8xggGkMIIBoDCCAZwwggGYMAwGCiqGJAIBAQEBAgEEIA7ygmjZ8tufBvOKqZW++z4W7TJu9MmyYGLG7gQ/RMCOMIIBZDCCAUqkggFGMIIBQjF8MHoGA1UECgxz0J/Qo9CR0JvQhtCn0J3QlSDQkNCa0KbQhtCe0J3QldCg0J3QlSDQotCe0JLQkNCg0JjQodCi0JLQniDQmtCe0JzQldCg0KbQhtCZ0J3QmNCZINCR0JDQndCaIMKr0J/QoNCY0JLQkNCi0JHQkNCd0JrCuzERMA8GA1UECwwI0JDQptCh0JoxNjA0BgNVBAMMLdCQ0KbQodCaINCf0JDQoiDQmtCRIMKr0J/QoNCY0JLQkNCi0JHQkNCd0JrCuzEWMBQGA1UEBQwNVUEtMTQzNjA1NzAtMTELMAkGA1UEBhMCVUExJzAlBgNVBAcMHtCU0L3RltC/0YDQvtC/0LXRgtGA0L7QstGB0YzQujEpMCcGA1UECAwg0JTQvdGW0L/RgNC+0L/QtdGC0YDQvtCy0YHRjNC60LACFA2E7aG7k4HoBAAAAF60IgC/s3QAMIIEBwYLKoZIhvcNAQkQAhQxggP2MIID8gYJKoZIhvcNAQcCoIID4zCCA98CAQMxDjAMBgoqhiQCAQEBAQIBMGsGCyqGSIb3DQEJEAEEoFwEWjBYAgEBBgoqhiQCAQEBAgMBMDAwDAYKKoYkAgEBAQECAQQgwB1hU7x7/gT26ydzEfL8I3Xbx0WjzvxH+C4hO6U0S0sCBA7BQYgYDzIwMTgwNDIzMTExNzI1WjGCA1swggNXAgEBMIIBEzCB+jE/MD0GA1UECgw20JzRltC90ZbRgdGC0LXRgNGB0YLQstC+INGO0YHRgtC40YbRltGXINCj0LrRgNCw0ZfQvdC4MTEwLwYDVQQLDCjQkNC00LzRltC90ZbRgdGC0YDQsNGC0L7RgCDQhtCi0KEg0KbQl9CeMUkwRwYDVQQDDEDQptC10L3RgtGA0LDQu9GM0L3QuNC5INC30LDRgdCy0ZbQtNGH0YPQstCw0LvRjNC90LjQuSDQvtGA0LPQsNC9MRkwFwYDVQQFDBBVQS0wMDAxNTYyMi0yMDEyMQswCQYDVQQGEwJVQTERMA8GA1UEBwwI0JrQuNGX0LICFDAEdR3vLHiuAgAAAAEAAABKAAAAMAwGCiqGJAIBAQEBAgGgggHaMBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRABBDAcBgkqhkiG9w0BCQUxDxcNMTgwNDIzMTExNzI1WjAvBgkqhkiG9w0BCQQxIgQgCJtCNs3qiVo9TGE/mRMPNzCm/+JJKMtYsovNFgQLyPAwggFrBgsqhkiG9w0BCRACLzGCAVowggFWMIIBUjCCAU4wDAYKKoYkAgEBAQECAQQg2Q2mtkhTwy2/l7j25VzNasV5UgPimES648nWVhtnvOowggEaMIIBAKSB/TCB+jE/MD0GA1UECgw20JzRltC90ZbRgdGC0LXRgNGB0YLQstC+INGO0YHRgtC40YbRltGXINCj0LrRgNCw0ZfQvdC4MTEwLwYDVQQLDCjQkNC00LzRltC90ZbRgdGC0YDQsNGC0L7RgCDQhtCi0KEg0KbQl9CeMUkwRwYDVQQDDEDQptC10L3RgtGA0LDQu9GM0L3QuNC5INC30LDRgdCy0ZbQtNGH0YPQstCw0LvRjNC90LjQuSDQvtGA0LPQsNC9MRkwFwYDVQQFDBBVQS0wMDAxNTYyMi0yMDEyMQswCQYDVQQGEwJVQTERMA8GA1UEBwwI0JrQuNGX0LICFDAEdR3vLHiuAgAAAAEAAABKAAAAMA0GCyqGJAIBAQEBAwEBBEDE0LghB5AMretfTrP7pmjj0cylQFjujnRSeUBFXCcvPDF+6IWQ5lhhvgxVNsUFPVfd4TKdcBxe3NQa90gvYxRAMA0GCyqGJAIBAQEBAwEBBED0SMMU1AsD2jQYZw8yVJMcrgpsVIhaPx+v7qWaNo5KRc8F/v8xoDQAmts/LmvybnwRuAOOiKPw4MwZEG2KIoNO", "signed_content_encoding": "base64" }

 

Authorize

  1. Verify the validity of access token

  2. Check user scopes in order to perform this action

    1. In case error - generate 401 response

Request to process the request using a token in the headers

 

Headers

Наприклад:

  • Content-Type:application/json

  • Authorization:Bearer c2778f3064753ea70de870a53795f5c9

 

Request data validation

Check employee

Contract_request can be signed by owner or admin with necessary scopes in equal legal_entity_id and same id as was perviously input in contract_request.

  1. Extract legal_entity_id (client_id) from token. Take contract_request_id.

  2. Check client_id=contractor_legal_entity_id (contractor_side)

  3. Validate that contract_request hasn't been signed by  contractor_side already

    1. Check status<>'SIGNED'.

    2. In case of error return 422 error ('The contract was already signed by contractor')

Digital signature

Decode content that is encrypted in an electronic digital signature.
Use Digital signature WS. Method checks digital signature and returns result.

Validate DRFO or EDRPOU

We need to check DS based on legal entity legal form. DS can belong to individual entrepreneur or to legal entity. As previous version of DS can contain tax_id in EDRPOU field, not in DRFO validation must be done as described below:

  1. Get client_id from token

  2. Find prn.legal_entities by client_id

  3. Check EDRPOU or DRFO matches prm.legal_entities.EDRPOU

    1. Check if  EDRPOU in Certificate details exists and not empty

      1. Check if  Certificate_details.EDRPOU=prm.legal_entities.EDRPOU

    2. in case validation from a. didn't pass - Check that DRFO in Certificate details exists and not empty

      1. Convert DRFO and prm.legal_entities.EDRPOU to uppercase

      2. Compare DRFO and prm.legal_entities.EDRPOU as Cyrillic letters

      3. Convert DRFO to Cyrillic and compare as Cyrillic letters

      4. Check if  Certificate_details.DRFO=prm.legal_entities.EDRPOU 

    3. In case validation fails - generate 422 error

  4. Check that SURNAME in Certificate details is equal to LAST_NAME in Party

    1. Get party.last_name using contractor_owner_id from contract_request (employees.employee_id=contractor_owner_id and client_id=employee.legal_entity_id –> parties.id)

      1. Convert prm.parties.LAST_NAME and Certificate details.SURNAME to uppercase

      2. Compare prm.parties.LAST_NAME and Certificate details.SURNAME as Cyrillic letters

      3. In case validation fails - generate 422 error

Validate DRFO

  1. Get parties.tax_id using party_users.party_id by user_id.

  2. Compare DRFO in Certificate with party.tax_id

    1. Convert DRFO and TAX_ID to uppercase

    2. Compare DRFO and TAX_ID as Cyrillic letters

    3. Convert DRFO to Cyrillic and compare as Cyrillic letters

  3. In case validation fails - generate 422 error

Validate Status

  1. Check contract_request.status='NHS_SIGNED'

    1. in case of error return 422 Error 'Incorrect status for signing'

Check signed content

  1. Check decoded signed content with previously created on IL.db

SELECT data FROM contract_requests WHERE id = {:id}

In case if they are not equal - generate 422 error (message: "Signed content does not match the previously created content")

  1. Actualize data:

Invoke service 'Get Contract Reqeust by ID'. In the response will be received printout form and json. Compare it with previously created on IL.db

In case if they are not equal - generate 422 error (message: "Signed content does not match the previously created content")

Validate 1st Signature

  1. Get client_id from token

  2. Find prm.legal_entities by  nhs_signer_id → prm.employee→ legal_entity

  3. Check EDRPOU or DRFO matches prn.legal_entities.EDRPOU

    1. Check if  EDRPOU in Certificate details exists and not empty

      1. Check if  Certificate_details.EDRPOU=prm.legal_entities.EDRPOU

    2. in case validation from a. didn't pass - Check that DRFO in Certificate details exists and not empty

      1. Convert DRFO and prn.legal_entities.EDRPOU to uppercase

      2. Compare DRFO and prn.legal_entities.EDRPOU as Cyrillic letters

      3. Convert DRFO to Cyrillic and compare as Cyrillic letters

      4. Check if  Certificate_details.DRFO=prn.legal_entities.EDRPOU 

    3. In case validation fails - generate 422 error

  4. Check that SURNAME in Certificate details is equal to LAST_NAME in Party

    1. Get party.last_name using nhs_signer_id from contract_request (employees.employee_id=nhs_signer_id –> parties.id)

      1. Convert prm.parties.LAST_NAME and Certificate details.SURNAME to uppercase

      2. Compare prm.parties.LAST_NAME and Certificate details.SURNAME as Cyrillic letters

      3. In case validation fails - generate 422 error

  5. Validate DRFO

    1. Get parties.tax_id using party_users.party_id by user_id.

    2. Compare DRFO in Certificate with party.tax_id

      1. Convert DRFO and TAX_ID to uppercase

      2. Compare DRFO and TAX_ID as Cyrillic letters

      3. Convert DRFO to Cyrillic and compare as Cyrillic letters

    3. In case validation fails - generate 422 error

Validate Digital Stamp

  1. Check that EDRPOU in Certificate details is equal to EDROU in legal entity by nhs_signer_id → prm.employee→ legal_entity

    1. Check if  EDRPOU in Certificate details exists and not empty

    2. Check if  Certificate_details.EDRPOU=prm.legal_entities.EDRPOU

    3. In case validation fails - generate 422 error

Validate request

  1. Validate request using JSON schema

    1. In case validation fails - generate 422 error

  2. Check contract request status

    1. If status is not APPROVED - returned error 'Incorrect status'

  3. Capitation only: Validate contractor_employee_divisions

    1. Employees from employee_divisions has employee_type='DOCTOR', status='APPROVED', division is not null

      1. in case of error return 422  error view $employee ('Employee must be an active DOCTOR with linked division')

    2. Check divisions belongs to legal_entity and divisions.status='active'

      1. in case of error return 422  error view $divisions ('Division must be active and within current legal_entity')

    3. Check employee belongs to division

      1.  in case of error return 422  error view $employee  ('Employee must be within current division')

  4. Validate start_date

    1. start_date>now()

      1. in case of error return 422 error $start_date ('Start date must be greater than create date')

  5. Check whether all id is resolved and valid. For
     - contractor_legal_entity_id and nhs_legal_entity_id in status='active'  and nhs_verified = true (prm.legal_entities)
     - contractor_owner_id and nhs_signer_id in status = 'APPROVED' (prm.employees)

  6. Search contract_number in contracts.contract_number. if found none or one contract in status='VERIFIED' - validation passed.

    1. In case found contract(s), but in status='TERMINATED' show an error 422 ('There is no active contract with such contract_number')

  7. Reimbursement only: validate that medical_program_id is a valid ID of an ACTIVE medical_program with type 'medication'

    1. in case of error return "Medical program is not active"

 

Processing

Save signed contract to media storage

  1. Get url for declaration upload

  2. Upload signed contract to media storage.

Parameter

Source

Parameter

Source

action

'GET'

bucket

'CONTRACTS'

resource_id

: CONTRACT_ID

resource_name

: CONTRACT_NAME

timestamp

:TIMESTAMP

Update contract request

  1. update contract_request.status='SIGNED'

  2. update contract_request.contract_id=contract.id

    UPDATE contract_requests SET status = 'SIGNED' WHERE id = {:id}

Create Contract

If status='SIGNED'

  • Create a new record in PRM.contracts with status='VERIFIED'

  • set is_suspended=false, is_active=true

  • for each division from array contract_divisions create a new row in contract_divisions

  • capitation only: for each employee from array create a new row in PRM.contract_employees

Check parent_contract_id

Search parent_contract_id in contracts.id.

  1. Get contract.id by parent_contract_id and status='VERIFIED'

    1. fetch all records in contract_employees by contract_id and end_date is null

      1. set for those records end_date=$contract_request.start_date

  2. In case active contract found - terminate by changing status to TERMINATED.

Check parent contracts

  1. Find there is no contracts 

  • for same contractor_legal_entity_id

  • within same period [start_date, end_date]

  • status = VERIFIED

  • id_form

  • medical_program_id 

In case there is such contract change its' status to 'TERMINATE' and fetch all records in contract_employees by contract_id and end_date is null

  1. set for those records end_date=$contract_request.start_date

Add status to event manager

After status was changed (status = SIGNED) - add new status to event_manager

field

value

field

value

event_type

StatusChangeEvent

entity_type

Contract_request

entity_id

$.id

properties.status.new_value

$.status

event_time

$.update_at

changed_by

$.changed_by

Deactivate Medical Program Provision

If contract update operation (Sign Contract Request by MSP api with contract_number) (according to link):

  • define medical programs that are not present in the new contract.

  • deactivate all active medical program provision for defined programs within contract number and current legal entity: 

    • set is_active = false

    • set deactivate_reason = AUTO_CONTRACT_TERMINATION

    • set updated_at, updated by
      Note: Status of medical program provision entities for the programs remained in the new contract should not be changed.

 

Dictionaries

  • CONTRACT_PAYMENT_METHOD

  • CONTRACT_TYPE

  • REIMBURSEMENT_CONTRACT_TYPE

Response structure

See on Apiary

Example:

 

 

HTTP status codes

HTTP status code

Message

What caused the error

HTTP status code

Message

What caused the error

 200

 

 

 

ЕСОЗ - публічна документація