ЕСОЗ - публічна документація
Approve person request
- Aleksandra Novokhatnia (Deactivated)
- Yuliia Mazur (UA SoE eHealth)
- Dmytro Kulibaba (Unlicensed)
Purpose
Use this method to approve previously created Person Request.
Key features
Only authenticated and authorized user can use this service
Only NEW person request can be activated
The request can be activated only by the employee who works in the same legal entity in which the request was made.
Specification
Link | Посилання на Apiary або Swagger | |
Resource | /api/person_requests/{{id}}/actions/approve | Посилання на ресурс, наприклад: /api/persons/create |
Scope | person_request:write | Scope для доступу |
Components | Patient registry | Зазначається перелік бізнес компонентів, які використовують цей метод, наприклад: ePrescription |
Microservices | il/api fe/admin-web | Перелік мікросервісів, які використовує метод API, наприклад: Auth, ABAC |
Protocol type | REST | Тип протоколу, який використовується запитом, наприклад: SOAP | REST |
Request type | PATCH | Тип запиту API, наприклад: GET, POST, PATCH… |
Sync/Async | Sync | Метод є синхронним чи асинхронним? |
Public/Private/Internal | Public |
|
Logic
Preconditions
Person request must be created.
Input parameters
Input parameter | Values | Type | Description | Example |
|---|---|---|---|---|
id |
| String | Required | eeebb86d-5cba-43c9-885b-6482ecaf826b |
Dictionaries
GENDER
DOCUMENT_TYPE
ADDRESS_TYPE
COUNTRY
SETTLEMENT_TYPE
STREET_TYPE
PHONE_TYPE
CONFIDANT_PERSON_TYPE
PREFERRED_WAY_COMMUNICATION
DOCUMENT_RELATIONSHIP_TYPE
Request structure
Example:
Authorize
Verify the validity of access token
Return 401 in case validation fails.
Check scopes in order to perform this action (scope = 'person_request:write')
Return 403 in case invalid scope(s).
Headers
Content-Type:application/json
Authorization:Bearer {{access_token}}
api-key:{{secret}}
Request data validation
Validate request using JSON schema
In case validation failed - generate 422 error
JSON Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"verification_code": {
"type": "string"
}
},
"required": [
"verification_code"
],
"additionalProperties": false
}
Processing
Get person request details
Get person request from IL_DB.person_request
Determine authorization method
Get authorization_method from IL_DB.person_request
SELECT IL_DB.person_request.authentication_method
FROM IL_DB.person_request
WHERE IL_DB.person_request.id = :id
If authentication_method is NA - return error
If person have block confidant_person - check uploaded the confidant person's document and the document which confirms the guardianship.
If person's authentication_method == OFFLINE - check uploaded documents
If authentication_method = OTP (or THIRD_PERSON.auth_method = OTP) - verify SMS code and add phone to db.verification.verified_phones
If authentication_method = THIRD_PERSON and third_person.auth_method = OFFLINE - check uploaded documents from third person
Invoke verification module to verify OTP
Check uploaded documents
Invoke Media Content Storage to check documents exist
Generate printout form
Invoke MAN to render print form.
Request mapping:
Parameter | Source |
|---|---|
id | PERSON REQUEST |
cURL example
Set IL.person_request.printout_content:
Change person request
Change entity status in IL_DB.person_request to APPROVED
Set updated_at - now() (Get current date-time)
Set updated_by - user_id (Extract user from token)
Response structure
Example:
HTTP status codes
HTTP status code | Message | What caused the error |
|---|---|---|
201 | Response |
|
401 |
| Validation failed |
403 | Invalid scope | Invalid scope |
422 | Invalid verification code | Validation failed |
ЕСОЗ - публічна документація