ЕСОЗ - публічна документація
[DRAFT] Update MPI [API-005-010-006-0205]
- Mykhailo Troinin (SoE eHealth) (Unlicensed)
- Anastasiia Prokhorova (SoE eHealth)
- Anzhela Kovalenko (SoE eHealth)
- Kateryna Yakovleva
Сторінка знаходиться в процесі розробки. Інформація на ній може бути застарілою.
REST API method / Метод REST API (настанова) (remove the link block before publishing the document)
Properties of a REST API method document
Document type | Метод REST API |
|---|---|
Document title | [DRAFT] Update MPI [API-005-010-006-0205] |
Guideline ID | GUI-0011 |
Author | @Viacheslav Tybin (SoE eHealth) |
Document version | 1 |
Document status | DRAFT |
Date of creation | ХХ.ХХ.ХХХХ (дата фінальної версії документа – RC або PROD) |
Date of update | ХХ.ХХ.ХХХХ (дата зміни версії) |
Method API ID | API-005-010-006-0205 |
Microservices (namespace) | IL |
Component | Patient Cabinet |
Component ID | COM-005-010 |
Link на API-специфікацію | https://ehealthmisapi1.docs.apiary.io/#reference/public.-patient-cabinet/cabinet/update-mpi |
Resource | {{host}}/api/cabinet/persons/{{id}} |
Scope | person:write |
Protocol type | REST |
Request type | PATCH |
Sync/Async | Sync |
Public/Private | Public |
Purpose
This WS is designed to change some personal information in cabinet by patient. Method receives signed message (pkcs7) including signed content, digital signature and signer public key. All signature fields will be validated (including signer certificate authority).
Overview
patient could change only its own information
patient should sign changes to mpi with DS. Signed content should be saved to storage
the payload for upload mpi should be the same as for sign-up
on get mpi by id we do not show "process_disclosure_data_consent", but sign it with DS and save it to the storage with all data
Only patients that made sign-in to cabinet with DS has scope "person:write", otherwise only person:read.
Logic
Configuration parameters
N/A
Dictionaries
GENDER
DOCUMENT_TYPE
ADDRESS_TYPE
COUNTRY
SETTLEMENT_TYPE
STREET_TYPE
PHONE_TYPE
AUTHENTICATION_METHOD
PREFERRED_WAY_COMMUNICATION
Input parameters
Input parameter | Mandatory | Type | Description | Example | |
|---|---|---|---|---|---|
| 1 |
|
|
|
|
|
| 2 |
|
|
|
|
|
Request structure
See on API-specification
Headers
Request data validation
Authorize
Verify the validity of access token
Return 401 in case validation fails
Validate client type
Check client_type = cabimet
in case error return 403 forbidden
Validate token
Only patients that made sign-in to cabinet with DS has scope "person:write", othewise only person:read.
Extract user_id from token.
Check if users.person_id=$.persons.id
in case error return 403
Check scopes person:write
in case error return 403 - "Your scope does not allow to access this resource. Missing allowances: person:write"
Validate MPI
Check mpi.persons.status = 'active'
in case error return 409
Sign MPI
All mpi that are saved to DB should be signed by digital signature. Signed fields for update person should be the same as signed fields for create person.
Sign fields
name | type | o/m |
|---|---|---|
last_name | varchar | M |
first_name | varchar | M |
second_name | varchar | O |
birth_date | date | M |
birth_country | varchar | M |
birth_settlement | varchar | M |
gender | varchar | M |
varchar | O | |
tax_id | varchar | O |
documents | jsonb[ ] | M |
addresses | jsonb[ ] | M |
phones | jsonb[ ] | O |
secret | varchar | O |
emergency_contact | jsonb | M |
process_disclosure_data_consent | boolean | M |
authentication_methods | jsonb | M |
preferred_way_communication | varchar | M |
Validate request
Validate request using JSON schema
in case error return - 422
Check authentication number in verification DB
in case error return 422 - authentication number is not verified
Check last_name, first_name, tax_id was not changed
in case error return 403 - forbidden "fields last_name, first_name, tax_id could not be changed from cabinet"
Check $.gender in dictionaries.GENDER
in case error return 422 - value is not allowed in enum
Check $.documents.type in dictionaries.DOCUMENT_TYPE
in case error return 422 - value is not allowed in enum
Check person age < 14 and DOCUMENT_TYPE = BIRTH_CERTIFICATE
in case error return 422 - Must contain required item BIRTH_CERTIFICATE.
Check $.phones.type in dictionaries.PHONE_TYPE
in case error return 422 - value is not allowed in enum
Check authentication_methods
$.authentication_methods in dictionaries.AUTHENTICATION_METHOD
in case error return 422 - value is not allowed in enum
$.authentication_methods=OPT
in case error return 422 - OFFLINE method could not be used in cabinet
Check adresses
$.addresses.type in dictionaries.ADDRESS_TYPE
$.addresses.settlement_type in dictionaries.SETTLEMENT_TYPE
$.addresses.street_type in dictionaries.STREET_TYPE
in case error return 422 - value is not allowed in enum
$.settlement = uaddresses.settlements.name and $.settlement_id = uaddresses.settlements.id
in case error return 422- invalid settlement value
Validate DS
Extract party from token
Extract tax_id from DS
Check if user.tax_id = DS.tax_id = person.tax_id = $.tax_id
in case error return 409 (Person that loged in, person that is changed and person that sign should be the same)
Processing
Update data in DB, save signed content to media storage
Response structure examples
See on API-specification
HTTP status codes
Response code | HTTP Status code | Message | Internal name | Description | |
|---|---|---|---|---|---|
| 1 | Базові | ||||
| 2 |
| 200 | Response |
|
|
| 3 |
| 403 | Fields last_name, first_name, tax_id could not be changed from cabinet | Validation failed |
|
| 4 |
| 403 | Your scope does not allow to access this resource. Missing allowances: person:write |
|
|
| 5 |
| 409 | Person that loged in, person that is changed and person that sign should be the same | Validation failed |
|
| 6 |
| 422 | Authentication number is not verified | Validation failed |
|
| 7 |
| 422 | Invalid settlement value |
|
|
| 8 |
| 422 | Must contain required item BIRTH_CERTIFICATE |
|
|
| 9 |
| 422 | OFFLINE method could not be used in cabinet |
|
|
| 10 |
| 422 | Value is not allowed in enum |
|
|
| 11 | Специфічні | ||||
| 12 |
|
|
|
|
|
Post-processing processes
N/A
Technical modules where the method is used
Название | ID ТМ | Статус |
|---|---|---|
TM0112 |
| |
|
|
ЕСОЗ - публічна документація