/
[DRAFT] [NEW] Create Composition Title [API-007-011-001-0471]

ЕСОЗ - публічна документація

[DRAFT] [NEW] Create Composition Title [API-007-011-001-0471]

Owned by Serhii.Matiushyn
Last updated: Jan 27, 2025 by Mariana Veremeieva (UA SoE eHealth)
3 min read

REST API method / Метод REST API (настанова) (remove the link block before publishing the document)

Properties of a REST API method document

Document type

Метод REST API

Document title

[DRAFT] [NEW] Create Composition Title [API-007-011-001-0471]

Guideline ID

GUI-0011

Author

@Mariana Veremeieva (UA SoE eHealth)

Document version

1

Document status

DRAFT

Date of creation

ХХ.ХХ.ХХХХ (дата фінальної версії документа – RC або PROD)

Date of update

ХХ.ХХ.ХХХХ (дата зміни версії)

Method API ID

API-007-011-001-0471

Microservices (namespace)

ME

Component

Compositions_ME

Component ID

COM-007-011

Link на API-специфікацію

MEDICAL EVENTS MIS API · Apiary

Resource

{{host}}//api.ehealth.gov.ua/api/patients/patient_id/composition_title

Scope

composition:create

Protocol type

REST

Request type

POST

Sync/Async

Async

Public/Private

Public

Purpose

This WS allows to create a unique requisition number that can be later used as a Composition title in Create Composition method. Generated requisition number is stored in ME database until it is expired.

Logic

Service logic

  1. Generate requisition number using Human readable requisition number algorithm based on patient_id

  2. Use prefix from configuration instead of first 4 symbols: {{composition_type}}_TITLE_PREFIX (ex. ADOPTION_TITLE_PREFIX) If prefix can't be get from chart-parameters Return 500 error

  3. Check that there is no Composition in ME.Compositions collection with such title

    1. if it already exists generate new requisition as it is described in Human readable requisition number | Solution section

  4. Check that there is no record in ME.requisition_number with such requisition

    1. if it already exists generate new requisition as it is described in Human readable requisition number | Solution section

  5. Save generated title in ME.requisition_number

    1. requisition_number = generated requisition

    2. patient_id = patient id from the request

    3. expiration_date = current datetime + COMPOSITION_TITLE_EXPIRATION_PERIOD (config parameter in ehealth.charts)

    4. composition_type = composition_type from query parameters

Configuration parameters

N/A

Dictionaries

N/A

Input parameters

Input parameter

Mandatory

Type

Description

Example

Input parameter

Mandatory

Type

Description

Example

1

composition_type

M

 String

 Composition type

 ADOPTION

2

patient_id

M

String ($uuid) (path)

Unique patient identifier

 7075e0e2-6b57-47fd-aff7-324806efa7e5

Request structure

See on API-specification

Headers

Headers

Request data validation

Validations

  1. Validate composition_type is COMPOSITION_TYPES dictionary

    1. in case of error - return 422 ('value is not allowed in enum')

  2. Check that сomposition_type is NOT from COMPOSITION_TYPE_BLACK_LIST

    1. Return 422 ("сomposition_type is not allowed by configuration") in case of error

Authorization

  1. Verify the validity of access token

    1. in case of error - return 401 (“Invalid access token”) in case of validation fails

  2. Verify that token is not expired

    1. in case of error - return 401 (“Invalid access token”)

  3. Check user scopes in order to perform this action (scope = 'composition:create')

    1. return 403 (“Your scope does not allow to access this resource. Missing allowances: composition:create”) in case of invalid scope

  4. If BLOCK_UNVERIFIED_PARTY_USERS is true, then check party's data match following condition: verification_status != NOT_VERIFIED or (verification_status = NOT_VERIFIED and updated_at > current_date - UNVERIFIED_PARTY_PERIOD_DAYS_ALLOWED):

    • in case not match - return 403 ("Access denied. Party is not verified")

  5. If BLOCK_DECEASED_PARTY_USERS is true, check that party is not deceased (party_verification record does not equal to: dracs_death_verification_status = VERIFIED and dracs_death_verification_reason = MANUAL_CONFIRMED):

    • in case of error - return 403 ("Access denied. Party is deceased")

Processing

N/A

Response structure examples

See on API-specification

{ "data": { "title": "1011-55XT-HA3A-HAK8" }, "meta": { "code": 200, "type": "object", "url": "http://api-medical-events.me.svc.cluster.local/api/patients/0f54931e-506c-4389-8fff-2ca87fa480d8/composition_title", "request_id": "28f32142-c942-45a7-ad2d-552566a7e095#9747" } }

HTTP status codes

Response code

HTTP Status code

Message

Internal name

Description

Response code

HTTP Status code

Message

Internal name

Description

1

Базові

2

 

401

Invalid access token

 

 

3

 

403

Access denied. Party is not verified

 

 

4

 

403

Access denied. Party is deceased

 

 

5

 

403

Your scope does not allow to access this resource. Missing allowances: composition:create

 

 

6

 

422

сomposition_type is not allowed by configuration

 

 

7

 

422

value is not allowed in enum

 

 

8

Специфічні

9

 

 

 

 

 

Post-processing processes

[Job] Deactivate requisition numbers

Purpose

This procedure (automatic schedule task) is designed to deactivate Requisition numbers when it became expired.

Process configuration

Name

Description

Format

Default value

Name

Description

Format

Default value

MEDICATION_DEACTIVATION_SCHEDULE

How often to perform this task

Cron Format

`0 24 * * *`

Job logic

  1. Delete records from ME.requisition_number, where:

    1. end_date < current_date()

  2. Write changes to audit log

Technical modules where the method is used

Название

ID ТМ

Статус

Название

ID ТМ

Статус

RC-V.2.1 [TM-011] Відхилення ЕР фармацевтом

TM0112

 

RC-V.2.1 [TM-011] Відхилення ЕР фармацевтом

 

 

 

ЕСОЗ - публічна документація