Purpose
Use this method to approve previously created Declaration Request.
Specification
Link | |
Resource | /api/v3/declaration_requests/{{id}}/actions/approve |
Scope | declaration_request:approve |
Components | Declarations |
Using Dictionaries | API paragraph not found |
Using Microservices | API paragraph not found |
Protocol type | REST |
Request type | PATCH |
Sync/Async | Sync |
Public/Private/Internal | Public |
Logic
In case if authentication_method is OTP, request exampleMA{ "verification_code": 2836 }
In case if authentication_method is OFFLINE or N/A, request body should be empty.
Before approve patient's scanned documents should be uploaded to the (Signed URL's). All links are generated for one one-page document in jpeg format. Document should be no more than 10 MB. If make declaration request via cabinet then nothing must be uploaded to URL. Clients can use signed URL's to directly access s3 storage and upload files via API.
Input parameters
Filter | Values | Type | Description | Example |
---|---|---|---|---|
id | String | Required | b075f148-7f93-4fc2-b2ec-2d81b19a9b7b |
Request structure
{ "verification_code": 2836 }
Authorize
Verify the validity of access token
Check user scopes declaration_request:write in order to perform this action
In case error - generate 401 response
Request to process the request using a token in the headers
Headers
Content-Type:application/json
Authorization:Bearer c2778f3064753ea70de870a53795f5c9
Validate request
Validate request using JSON schema
In case validation failed - generate 422 error
Validation data request
Validate person verification status
validate patient's verification_status is not equal to NOT_VERIFIED.
in case of error return 409, "Patient is not verified"
Processing
Get declaration request details
Get declaration request from IL_DB.declaration_request
Determine authorization method
Get authorization_method from IL_DB.declaration_request
SELECT IL_DB.declaration_request.authentication_method FROM IL_DB.declaration_request WHERE IL_DB.declaration_request.id = :id |
If authentication_method_current is NULL - return Error
If authentication_method_current == OFFLINE - check uploaded document
If authentication_method_current = OTP - verify SMS code
If authentication_method_current = NA - verify Parent declaration
Verify code
Invoke verification module to verify OTP
Check uploaded documents
Invoke Media Content Storage to check documents exist
Verify Parent declaration
Get parent_declaration_id from IL_DB.declaration_requests.parent_declaration_id:
If parent_declaration_id is null, validate declaration request with current authentication_method_current = NA logic
If parent_declaration_id is not null, check that parent declaration exists and in status 'active'
In case of error - return 404 (‘Active parent declaration was not found’)
Change patient_signed and process_disclosure_data_consent values
If parent_declaration_id is not null and authentication_method_current = NA, update following fields values at data_to_be_signed field:
patient_signed = null
process_disclosure_data_consent = null
Generate hash ‘seed’
Generate hash seed
- Hash of previous block in declarations chain or other random component that should be signed with declaration
Change patient request
Change entity status in IL_DB.declaration_request to APPROVED
Set updated_at - now() (Get current date-time)
Set updated_by - user_id (Extract user from token)
Generate printout form
Invoke MAN to render print form.
Request mapping:
Parameter | Source |
---|---|
id | DECLARATION REQUEST |
cURL example
Set IL.declaration_request.printout_content:
Response structure
Post-processing processes
API paragraph not found
HTTP status codes
HTTP status code | Message | What caused the error |
---|---|---|
201 | Response |
|
401 | Invalid scopes | |
409 | Patient is not verified | |
422 | This doctor has X declarations and could not sign more |
Backward compatibility
API paragraph not found