Purpose
This API allows to cancel the activity with specifying a status reason in cases it has been rejected or entered in error.
Key points
Status can be changed by employee who has an Approval granted by the patient on write Care plan resource.
Cancel should be signed with DS. So, all the activity data should be submitted.
Activities status has changed in async way. The result of the job should be a link on the Care plan activity details.
Specification
Authorization
Verify the validity of access token
Return (401, 'Invalid access token') in case of validation fails
Verify that token is not expired
in case of error - return (401, 'Invalid access token')
Check user scopes in order to perform this action (scope = 'care_plan:write')
Return (403, 'Your scope does not allow to access this resource. Missing allowances: care_plan:write') in case of invalid scope(s)
Validate legal entity
Extract client_id from token
Check legal entity status is ACTIVE
In case of error - return 409 (Legal entity must be ACTIVE)
Check legal entity type in ME_ALLOWED_TRANSACTIONS_LE_TYPES config parameter
in case of error - return 409 ('client_id refers to legal entity with type that is not allowed to create medical events transactions')
Validate User
Extract user_id from token.
Check user has an active and approved employee that:
has an active Approval granted by the Patient on write the Care plan resource (care plan id from URL)
Return 403 ('Access denied') in case employee has no Approval on write
Validate data consistency
Ensure that submitted activity relates to the Patient and Care Plan (from URL)
Return 404 (not found) in case of error
Validate Digital Sign
Check DS is valid and not expired
Validate that DS belongs to the user
Check that DRFO from DS and user's party.tax_id matches
Validate status transition
Get activity by id
Check activity.detail.status: activity status should be changed according to activity status model.
Return 409 (Invalid activity status) in case of error
Validate status reason
Validate value in the field $.detail.status_reason, required
Validate field type is codeable concept
Check that codeable concept refers to the
eHealth/care_plan_activity_cancel_reasons
dictionaryValidate value within dictionary specified above
in case of error - return 422 ('value is not allowed in enum')
Validate related entities
if activity kind = medication_request:
Check there is no medication request requests in status
NEW
based on the activityin case of error - return 409 (Unable to cancel activity with new Medication Request requests).
Check there is no medication requests in status
ACTIVE
based on the activityin case of error - return 409 (Unable to cancel activity with active Medication requests).
if activity kind = service_request:
Check there is no service requests in status =
active
AND program_processing_status !=completed
based on the activity:in case of error - return 409 (Unable to complete activity with Service requests in status <status value> and program processing status not completed or undefined).
Validate content
Signed content must match with activity in DB in order to be changed
Render activity from DB
Exclude $.detail.status_reason from signed content
Compare rendered activity and signed content
In case both object doesn't match - return 422 ('Signed content doesn't match with previously created activity')
Service logic
Save signed content to media storage
Update activity status (update also updated_at, updated_by)
Set detail.status_reason