ЕСОЗ - публічна документація

[DRAFT] Approve Declaration Request V3 [API-005-004-002-0075]

Сторінка знаходиться в процесі розробки. Інформація на ній може бути застарілою.

https://e-health-ua.atlassian.net/wiki/spaces/EN/pages/17591304241 (remove the link block before publishing the document)

Properties of a REST API method document

Document type

Метод REST API

Document title

[Document status] REST API [Назва методу] [ID методу]

Guideline ID

GUI-0011

Author

@

Document version

1

Document status

DRAFT

Date of creation

ХХ.ХХ.ХХХХ (дата фінальної версії документа – RC або PROD)

Date of update

ХХ.ХХ.ХХХХ (дата зміни версії)

Method API ID

API-005-004-002-0075

Microservices (namespace)

IL

Component

Declarations

Component ID

COM-005-004

Link на API-специфікацію

https://ehealthmisapi1.docs.apiary.io/#reference/public.-medical-service-provider-integration-layer/declaration-requests/approve-declaration-request-v3

Resource

{{host}}/api/v3/declaration_requests/{{id}}/actions/approve

Scope

declaration_request:approve

Protocol type

REST

Request type

PATCH

Sync/Async

Sync

Public/Private

Public

Purpose

Use this method to approve previously created Declaration Request.

Key points

  1. In case if persons current authentication method is OTP, request body must contain verification_code field with OTP.

  2. For any other authentication method, request body must be empty, but additional documents upload is needed for OFFLINE authentication method.

Logic

Description of the working algorithm of the API method and the interaction of services with each other add Service logic (if necessary)

Configuration parameters

Description of the configuration parameters that are used when processing a request in the system

Dictionaries

Provides a list of links to dictionaries that are available in Confluence

Input parameters

Input parameter

Mandatory

Type

Description

Example

Input parameter

Mandatory

Type

Description

Example

1

 

 

 

 

 

2

 

 

 

 

 

Request structure

See on API-specification

Headers

Key

Value

Mandatory

Description

Example

Key

Value

Mandatory

Description

Example

1

 

 

 

 

 

2

 

 

 

 

 

3

 

 

 

 

 

Request data validation

Authorize user

  1. Verify the validity of access token

  2. Check user scopes declaration_request:write in order to perform this action

    1. In case error - generate 401 response

Validate request

  1. Validate request using JSON schema

    1. In case validation failed - generate 422 error

JSON Schema 

{ "$schema": "http://json-schema.org/draft-04/schema#", "type": "object", "properties": { "verification_code": { "type": "string" } }, "required": [ "verification_code" ], "additionalProperties": false }

Validate person verification status

  • validate patient's verification_status is not equal to NOT_VERIFIED.

    • in case of error return 409, "Patient is not verified"

Get declaration request details

Get declaration request from IL_DB.declaration_request

Determine authorization method

Get authorization_method from IL_DB.declaration_request

SELECT IL_DB.declaration_request.authentication_method FROM   IL_DB.declaration_request WHERE IL_DB.declaration_request.id = :id

If authentication_method_current is NULL - return Error

If authentication_method_current == OFFLINE - check uploaded document

If authentication_method_current = OTP - verify SMS code

If authentication_method_current = NA - verify Parent declaration

Verify code

Invoke verification module to verify OTP

OTP Verification

Check uploaded documents

Invoke Media Content Storage to check documents exist

Verify Parent declaration

Get parent_declaration_id from IL_DB.declaration_requests.parent_declaration_id:

  • If parent_declaration_id is null, validate declaration request with current authentication_method_current = NA logic

  • If parent_declaration_id is not null, check that parent declaration exists and in status 'active'

    • In case of error - return 404 (‘Active parent declaration was not found’)

Processing

Generate printout form

Prepare data for declaration request printout form

  1. Call MAN service to render printout form

  2. Get template id from config (DECLARATION_REQUEST_PRINTOUT_FORM_TEMPLATE_ID)

  3. Prepare printout content based on declaration request data

  4. Render printout form and save to declaration request

 

Set IL.declaration_request.printout_content:

MANResponse.$.data

Change patient_signed and process_disclosure_data_consent values

If parent_declaration_id is not null and authentication_method_current = NA, update following fields values at data_to_be_signed field:

  • patient_signed = null

  • process_disclosure_data_consent = null

Generate hash ‘seed’

Generate hash seed - Hash of previous block in declarations chain or other random component that should be signed with declaration

Change declaration request

  1. Change entity status in IL_DB.declaration_request to APPROVED

  2. Set status_reason to doctor_confirmed

  3. Set is_shareable to true

  4. Set updated_at - now() (Get current date-time)

  5. Set updated_by - user_id (Extract user from token)

Response structure examples

See on API-specification

HTTP status codes

Response code

HTTP Status code

Message

Internal name

Description

Response code

HTTP Status code

Message

Internal name

Description

1

Базові

2

 

201

 Response

 

 

3

 

401

 

Invalid scopes

 

4

 

404

Active parent declaration was not found

 

 

5

 

409

Patient is not verified

 

 

6

 

422

This doctor has X declarations and could not sign more

 

 

7

Специфічні

8

 

 

 

 

 

Post-processing processes

Description of actions performed on data after processing

Technical modules where the method is used

List of pages describing technical modules where the method is used

 

ЕСОЗ - публічна документація