diff --git a/context-and-scope/context-and-scope.adoc b/context-and-scope/context-and-scope.adoc
index 2a611d0898c1ae972942ce3c8aa5c2ec284e6d18..71b07a015b8fe14cc85d46a3737329648cdc778b 100644
--- a/context-and-scope/context-and-scope.adoc
+++ b/context-and-scope/context-and-scope.adoc
@@ -1,7 +1,16 @@
= Context and scope
-The system is currently isolated from external systems.
The users of the system are employees of the health department and state office,
as well as citizens. The users interact with the system via different web clients.
The communication architecture is described
-link:../solution-strategy/service-mesh/service-mesh.adoc[here].
\ No newline at end of file
+link:../solution-strategy/service-mesh/service-mesh.adoc[here].
+
+== External Interfaces
+For citizens and companies, the connection to external interfaces has been established in order to ensure verification of the entity.
+Citizens can log in into the Online-Portal using the
+
+* link:interfaces/bund-id-interface.adoc[BundID].
+
+Companies can log in into the Online-Portal using the
+
+* link:interfaces/mein-unternehmenskonto-interface.adoc[Mein Unternehmenskonto (MUK)].
\ No newline at end of file
diff --git a/context-and-scope/interfaces/bund-id-interface.adoc b/context-and-scope/interfaces/bund-id-interface.adoc
new file mode 100644
index 0000000000000000000000000000000000000000..3ce3716d71c3a8bcea753ba6738c849f0fb17507
--- /dev/null
+++ b/context-and-scope/interfaces/bund-id-interface.adoc
@@ -0,0 +1,27 @@
+= BundID
+
+BundID is a digital identity service provided by the German government.
+It allows citizens to securely access various online services offered by public authorities, e.g. health departments.
+It ensures reliable verification and authentication and enhances security and privacy for users while simplifying the process of accessing digital services.
+See https://id.bund.de/de for more details.
+
+== Integration
+BundID is configured as an external Identity Provider in link:../../solution-strategy/base-modules/keycloak/keycloak.adoc[Keycloak].
+Authenticated users inherit the realm role of a "BundID Benutzer" in Keycloak.
+
+For our use-cases (see below) it is required to have the trust level "high".
+
+== Attribute Mapping
+ToDo
+
+== Connection to Reference Data in Central File
+Citizens logged in with BundID need access to their personal data within the application.
+Consequently, a connection of the entity with the link:../../solution-strategy/base-modules/central-file/central-file.adoc[Central File] has to be established.
+Entries in the link:../../solution-strategy/base-modules/central-file/central-file.adoc[Central File] might have been created long before the first login with BundID into the application.
+Therefore, a retroactive identification of the correct Person Reference Data object in the link:../../solution-strategy/base-modules/central-file/central-file.adoc[Central File] is necessary in that case.
+See link:../../solution-strategy/base-modules/central-file/central-file.adoc[Central File] for more details.
+
+
+== Use-Case
+Currently, the BundID login is of most importance for exercising link:../../crosscutting-concepts/gdpr/gdpr.adoc[GDPR] rights as a citizen via a digital process.
+Only if the citizen is securely identified this way, it is possible to get access to stored personal data, request deletion, etc. through the Citizen Portal.
\ No newline at end of file
diff --git a/context-and-scope/interfaces/mein-unternehmenskonto-interface.adoc b/context-and-scope/interfaces/mein-unternehmenskonto-interface.adoc
new file mode 100644
index 0000000000000000000000000000000000000000..2899e95ecb33eab7481ee65702f1cdbde618dec0
--- /dev/null
+++ b/context-and-scope/interfaces/mein-unternehmenskonto-interface.adoc
@@ -0,0 +1,29 @@
+= Mein Unternehmenskonto
+
+"Mein Unternehmenskonto" (MUK) is a digital identity service provided by the German government.
+It is designed for companies to manage their administrative tasks online and simplifies interactions with government agencies, e.g. health departments.
+It ensures reliable verification and authentication and enhances security and privacy for users while simplifying the process of accessing digital services.
+
+MUK is based on the so-called "ELSTER" certificate, which was introduced as part of the tax digitization initiative by the German government.
+See https://info.mein-unternehmenskonto.de/ for more details.
+
+== Integration
+MUK is configured as an external Identity Provider in link:../../solution-strategy/base-modules/keycloak/keycloak.adoc[Keycloak].
+Authenticated users inherit the realm role of a "Mein Unternehmenskonto Benutzer" in Keycloak.
+
+
+== Attribute Mapping
+ToDo
+
+== Connection to Reference Data in Central File
+Users logged in with MUK need access to their company-related data within the application.
+Consequently, a connection of the entity with the link:../../solution-strategy/base-modules/central-file/central-file.adoc[Central File] has to be established.
+Entries in the link:../../solution-strategy/base-modules/central-file/central-file.adoc[Central File] might have been created long before the first login with MUK into the application.
+Therefore, a retroactive identification of the correct Facility Reference Data object in the link:../../solution-strategy/base-modules/central-file/central-file.adoc[Central File] is necessary in that case.
+See link:../../solution-strategy/base-modules/central-file/central-file.adoc[Central File] for more details.
+
+== Use-Cases
+It is planned that companies have to use the MUK login to access all services provided by the health department in the Citizen Portal.
+
+In particular, the MUK login can be used for getting access to stored data, request deletion, etc. through a digital process in the Citizen Portal.
+This is part of the transparency feature of the application and relates to the link:../../crosscutting-concepts/gdpr/gdpr.adoc[GDPR] rights, that citizens can exercise.
diff --git a/crosscutting-concepts/gdpr/domain/gdpr-domain-model-validation-task.puml b/crosscutting-concepts/gdpr/domain/gdpr-domain-model-validation-task.puml
new file mode 100644
index 0000000000000000000000000000000000000000..c562e22e7d2a45e7a52a0299bddb4a26ec0dc7e9
--- /dev/null
+++ b/crosscutting-concepts/gdpr/domain/gdpr-domain-model-validation-task.puml
@@ -0,0 +1,27 @@
+@startuml
+skinparam linetype ortho
+
+title GDPR Validation Task
+
+class "GDPR Validation Task" as GdprValidationTask{
+ id: long [1..1]
+ procedureId: UUID [0..1]
+ status: GdprValidationTaskStatus [1..1]
+ type: GdprValidationTaskType [1..1]
+ createdAt: DateTime [1..1]
+ modifiedAt: DateTime [1..1]
+ closedAt: DateTime [0..1]
+}
+
+enum GdprValidationTaskStatus {
+ OPEN
+ CLOSED
+}
+
+enum GdprValidationTaskType {
+ RIGHT_OF_ACCESS
+ RIGHT_TO_ERASURE
+}
+
+
+@enduml
\ No newline at end of file
diff --git a/crosscutting-concepts/gdpr/domain/gdpr-domain-model.puml b/crosscutting-concepts/gdpr/domain/gdpr-domain-model.puml
index 890b7cea0e56be46b5ea0a0dfa4f2837d049347a..1000e3e760c3f8dcca3fcca39f69c59c439771bd 100644
--- a/crosscutting-concepts/gdpr/domain/gdpr-domain-model.puml
+++ b/crosscutting-concepts/gdpr/domain/gdpr-domain-model.puml
@@ -12,7 +12,7 @@ class "GDPR Procedure" as GdprProcedure{
createdAt: DateTime [1..1]
modifiedAt: DateTime [1..1]
closedAt: DateTime [0..1]
- result: GdprProcedureResult [0..1]
+ internalNote: String [0..1]
downloads: UUID [0..*]
}
@@ -61,7 +61,7 @@ enum CountryCode {
# List of Countries Codes as ISO-3166-1
}
-enum Status {
+enum GdprProcedureStatus {
DRAFT
OPEN
IN_PROGRESS
@@ -69,11 +69,7 @@ enum Status {
ABORTED
}
-enum Result {
-SUCCESS
-}
-
-enum Type {
+enum GdprProcedureType {
RIGHT_OF_ACCESS
RIGHT_TO_ERASURE
RIGHT_TO_OBJECT
diff --git a/crosscutting-concepts/gdpr/gdpr-objection-flow.puml b/crosscutting-concepts/gdpr/gdpr-objection-flow.puml
new file mode 100644
index 0000000000000000000000000000000000000000..741c977e4ce41898c57fa6104780f490b3f52220
--- /dev/null
+++ b/crosscutting-concepts/gdpr/gdpr-objection-flow.puml
@@ -0,0 +1,96 @@
+@startuml
+
+skinparam BoxPadding 30
+title Workflow for GDPR: Right of Object (Art. 21) triggered by an employee
+actor "GDPR Clerk" as Clerk
+box "Base Module"
+participant "GDPR Overview GUI Tab" as FE
+participant "GDPR Base Service" as BE
+database CentralFile as CF
+end box
+
+
+group Create draft "Right to Object" GDPR-Procedure
+Clerk -> FE: Press button to start new draft GDPR-Procedure
+Activate FE
+Clerk <-- FE: Display input for person data
+Clerk -> FE: Fill out person data from id card of citizen
+FE -> BE: POST /gdpr-procedures with type RIGHT_TO_OBJECT \nand identification data
+Activate BE
+BE -> BE: Create GDPR-Procedure \nin status "draft"
+FE <-- BE: Ok
+Deactivate BE
+Clerk <-- FE: GDPR-Procedure successfully created
+Deactivate FE
+end group
+
+group Add Central File Connection
+Clerk -> FE: Edit "Central File connections" for GDPR-Procedure
+Activate FE
+FE -> CF: GET /persons with knowledge factors
+Activate CF
+FE <-- CF: List of persons
+Deactivate CF
+Clerk <-- FE: Display list of possible results
+Clerk -> FE: Choose person from list
+FE -> BE: POST /gdpr-procedures/{id}
+Activate BE
+BE -> BE: Add referencePerson with id from \nCentral File to GDPR-Procedure
+FE <-- BE: Ok
+Deactivate BE
+Clerk <-- FE: Display connection in draft GDPR-Procedure
+Deactivate FE
+end group
+
+group Add Matter of Concern
+Clerk -> FE: Edit "Additional Information" for GDPR-Procedure \nand enter a matter of concern
+Activate FE
+FE -> BE: PUT /gdpr-procedures/{id}/matter-of-concern
+Activate BE
+BE -> BE: Add matter of concern to \nGDPR-Procedure
+FE <-- BE: Ok
+Deactivate BE
+Clerk <-- FE: Display matter of concern in draft GDPR-Procedure
+Deactivate FE
+end group
+
+group Start GDPR-Procedure
+Clerk -> FE: Click "Start" GDPR-Procedure
+Activate FE
+FE -> BE: POST /gdpr-procedures/{id}/start-procedure
+Activate BE
+BE -> BE: Update status of GDPR-Procedure \nto "in progress"
+BE -> BE: Create report document for the objection
+FE <-- BE: Ok
+Deactivate BE
+Clerk <-- FE: "It's in progress"
+Deactivate FE
+end group
+
+group Download Report Document
+FE <- Clerk: Click Button "View Document"
+Activate FE
+FE -> BE: GET /gdpr-procedures/{id}/report-document
+Activate BE
+FE <-- BE: report document
+Deactivate BE
+FE --> Clerk: Download report document
+Deactivate FE
+Clerk -> Clerk: Inform responsible legal department
+Clerk -> Clerk: Wait for the legal department to contact \nthe employee with the outcome
+end group
+
+group Complete GDPR-Procedure
+Clerk -> FE: Press button "Complete GDPR-Procedure" \nand fill in an internal note if necessary
+Activate FE
+FE -> BE: POST /gdpr-procedures/{id}/close-procedure
+Activate BE
+BE -> BE: Persist internal note and update status \nof GDRP-Procedure to "closed"
+FE <-- BE: Ok
+Deactivate BE
+Clerk <-- FE: GDPR-Procedure completed
+Deactivate FE
+end group
+
+
+@enduml
\ No newline at end of file
diff --git a/crosscutting-concepts/gdpr/gdpr-rectification-flow.puml b/crosscutting-concepts/gdpr/gdpr-rectification-flow.puml
new file mode 100644
index 0000000000000000000000000000000000000000..0218cbf4b4f12aecac460fad956d141a53d75c32
--- /dev/null
+++ b/crosscutting-concepts/gdpr/gdpr-rectification-flow.puml
@@ -0,0 +1,95 @@
+@startuml
+
+skinparam BoxPadding 30
+title Workflow for GDPR: Right of Rectification (Art. 16) triggered by an employee
+actor "GDPR Clerk" as Clerk
+box "Base Module"
+participant "GDPR Overview GUI Tab" as FE
+participant "GDPR Base Service" as BE
+database CentralFile as CF
+end box
+
+
+group Create draft "Right to Rectification" GDPR-Procedure
+Clerk -> FE: Press button to start new draft GDPR-Procedure
+Activate FE
+Clerk <-- FE: Display input for person data
+Clerk -> FE: Fill out person data from id card of citizen
+FE -> BE: POST /gdpr-procedures with type RIGHT_TO_RECTIFICATION \nand identification data
+Activate BE
+BE -> BE: Create GDPR-Procedure \nin status "draft"
+FE <-- BE: Ok
+Deactivate BE
+Clerk <-- FE: GDPR-Procedure successfully created
+Deactivate FE
+end group
+
+group Add Central File Connection
+Clerk -> FE: Edit "Central File connections" for GDPR-Procedure
+Activate FE
+FE -> CF: GET /persons with knowledge factors
+Activate CF
+FE <-- CF: List of persons
+Deactivate CF
+Clerk <-- FE: Display list of possible results
+Clerk -> FE: Choose person from list
+FE -> BE: POST /gdpr-procedures/{id}
+Activate BE
+BE -> BE: Add referencePerson with id from \nCentral File to GDPR-Procedure
+FE <-- BE: Ok
+Deactivate BE
+Clerk <-- FE: Display connection in draft GDPR-Procedure
+Deactivate FE
+end group
+
+group Add Matter of Concern
+Clerk -> FE: Edit "Additional Information" for GDPR-Procedure \nand enter a matter of concern
+Activate FE
+FE -> BE: PUT /gdpr-procedures/{id}/matter-of-concern
+Activate BE
+BE -> BE: Add matter of concern to \nGDPR-Procedure
+FE <-- BE: Ok
+Deactivate BE
+Clerk <-- FE: Display matter of concern in draft GDPR-Procedure
+Deactivate FE
+end group
+
+group Start GDPR-Procedure
+Clerk -> FE: Click "Start" GDPR-Procedure
+Activate FE
+FE -> BE: POST /gdpr-procedures/{id}/start-procedure
+Activate BE
+BE -> BE: Update status of GDPR-Procedure \nto "in progress"
+FE <-- BE: Ok
+Deactivate BE
+Clerk <-- FE: "It's in progress"
+Deactivate FE
+end group
+
+group Correct Reference Data in Central File
+FE <- Clerk: Click "Edit" button for data of person
+Activate FE
+Clerk <-- FE: Display update sidebar
+Clerk -> FE: Change data of the citizen as \nrequested in matter of concern
+FE -> CF: POST /persons/reference/{id}/update
+Activate CF
+FE <-- CF: Ok
+Deactivate CF
+Clerk <-- FE: Display updated data of person
+Deactivate FE
+end group
+
+group Complete GDPR-Procedure
+Clerk -> FE: Press button "Complete GDPR-Procedure" \nand fill in an internal note if necessary
+Activate FE
+FE -> BE: POST /gdpr-procedures/{id}/close-procedure
+Activate BE
+BE -> BE: Persist internal note and update status \nof GDRP-Procedure to "closed"
+FE <-- BE: Ok
+Deactivate BE
+Clerk <-- FE: GDPR-Procedure completed
+Deactivate FE
+end group
+
+
+@enduml
\ No newline at end of file
diff --git a/crosscutting-concepts/gdpr/gdpr.adoc b/crosscutting-concepts/gdpr/gdpr.adoc
index 941750339763e1d3fe442c3261de49c6ed4519e6..825ca7e5d200e63ec627a6dfa84ba0005f23e9b4 100644
--- a/crosscutting-concepts/gdpr/gdpr.adoc
+++ b/crosscutting-concepts/gdpr/gdpr.adoc
@@ -3,7 +3,7 @@
German: Datenschutz-Grundverordnung (DSGVO)
=== GDPR Use-cases
-There are four different use-cases that the system supports:
+There are four different use-cases that the system currently supports:
* Art. 15 Right of access (German: Datenauskunft)
* Art. 16 Right to rectification (German: Berichtigung)
@@ -12,10 +12,14 @@ There are four different use-cases that the system supports:
NOTE: Art. 18 Right to restriction of processing (German: Einschränkung der Verarbeitung) is handled as part of the implementation for Art. 21 and shall be stated in the process as the matter of concern.
+IMPORTANT: The created infrastructure to exercise GDPR rights as a Persons is reused for the right of transparency that Facilities shall have in this application.
+Therefore, the implementation in the backend is completely unchanged for Facilities, since both are handled analogously
+in the link:../../solution-strategy/base-modules/central-file/central-file.adoc[Central File] and
+in link:../../crosscutting-concepts/abstract-domain-model/procedures/Procedures.adoc[Procedures].
=== GDPR Procedure
-The main object to enable GDPR rights is the GDPR Procedure.
-It vaguely follows the idea of the "normal" Procedure in Business Modules, but has reduced capabilities.
+The main object to enable GDPR rights in the Base Module is the GDPR Procedure.
+It vaguely follows the idea of the "normal" link:../../crosscutting-concepts/abstract-domain-model/procedures/Procedures.adoc[Procedure] in Business Modules, but has reduced capabilities.
==== Domain Model
[plantuml, gdpr.domain-model, svg]
@@ -39,7 +43,7 @@ The Base Module API offers an endpoint to create new GDPR Procedures:
POST /gdpr-procedures
----
-The Base Module API offers an endpoint to get all FileStateIds from the Central Files, which are related to the ReferenceData that has been associated the GDPR Procedure.
+The Base Module API offers an endpoint to get all FileStateIds from the link:../../solution-strategy/base-modules/central-file/central-file.adoc[Central Files], which are related to the ReferenceData that has been associated the GDPR Procedure.
[source]
----
GET /gdpr-procedures/{id}/fileStateIds
@@ -53,16 +57,30 @@ GET /gdpr-procedures/{id}/report-document
----
The Base Module API offers various endpoints to modify the GDPR Procedure.
-IDs (e.g. from a Reference Data of the Central Files) can be connected to the GDPR Procedures by using:
+IDs (e.g. from a Reference Data of the link:../../solution-strategy/base-modules/central-file/central-file.adoc[Central Files]) can be connected to the GDPR Procedures by using:
[source]
----
POST /gdpr-procedures/{id}
----
+A `matter of concern` (relevant for right to rectification and right to objection) can be added/updated by using:
+[source]
+----
+PUT /gdpr-procedures/{id}/matter-of-concern
+----
+
The status of the GDPR Procedure can be changed by using:
[source]
----
-POST /gdpr-procedures/{id}/change-status
+POST /gdpr-procedures/{id}/start-procedure
+POST /gdpr-procedures/{id}/cancel-procedure
+POST /gdpr-procedures/{id}/close-procedure
+----
+
+The status of the GDPR Procedure can be refreshed by using:
+[source]
+----
+POST /gdpr-procedures/{id}/refresh-status
----
Downloads (i.e. IDs for created zip packages of data in the Business Modules) can be added, deleted and requested by using:
@@ -73,16 +91,42 @@ DELETE /gdpr-procedures/{id}/downloads
GET /gdpr-procedures/{id}/downloads
----
-A `matter of concern` (relevant for right to rectification and right to objection.) can be added/updated by using:
+=== GDPR Validation Task
+Before deleting or publishing data, an employee in the Business Module has to verify, that everything is correct and the request is valid.
+For that, GDPR validation tasks are provided via a shared library to every Business Module.
+
+==== Domain Model
+[plantuml, gdpr.domain-model-validation-task, svg]
+....
+include::./domain/gdpr-domain-model-validation-task.puml[]
+....
+
+==== API
+All Business Modules APIs also provide endpoints to handle the validation tasks there.
+New validation tasks are created by using the following endpoint:
[source]
----
-PUT /gdpr-procedures/{id}/matter-of-concern
+POST /gdpr-validation-tasks
----
-For more details, see below.
+There are multiple endpoints to get information about validation tasks:
+[source]
+----
+GET /gdpr-validation-tasks
+GET /gdpr-validation-tasks/{gdprProcedureId}
+GET /gdpr-validation-tasks/notification-banner
+GET /gdpr-validation-tasks/{gdprProcedureId}/business-procedures
+----
+
+For the decision that the data of a link:../../crosscutting-concepts/abstract-domain-model/procedures/Procedures.adoc[Procedure] can be published, the following endpoint can be used:
+[source]
+----
+POST /gdpr-validation-tasks/{gdprProcedureId}/business-procedures/{businessProcedureId}/downloadPackage
+----
-==== Manual initiation of a GDPR Procedure
+
+=== Manual initiation of a GDPR Procedure
When a citizen appears in the health department in person or only communicates by post (including ensured identification)
and has no access to the Citizen Portal, he or she should also have all GDPR rights available.
Therefore, a special employee or ombudsman can trigger a GDPR Procedure manually.
@@ -93,18 +137,39 @@ processed afterwards.
NOTE: GDPR Procedures can only be initiated manually for Persons, not for Facilities.
-==== Initiation via the Citizen Portal
+=== Initiation via the Citizen Portal
ToDo
-==== Processing of a GDPR Procedure
+=== Processing of a GDPR Procedure
Every GDPR Procedure (manual and those from the Citizen Portal) has to be processed manually.
During the processing, an employee has to connect all records in our databases including possible duplicates, which have not
been noticed yet, with the GDPR Procedure.
-Currently, the implementation is restricted to one set of Reference Data from the Central Files, but this can be extended
-in the future (e.g. to also check the Contact Management).
+Currently, the implementation is restricted to one set of Reference Data from the link:../../solution-strategy/base-modules/central-file/central-file.adoc[Central Files],
+but this can be extended in the future (e.g. to also check the Contact Management).
When the employee has finished the processing, the automatic workflow (i.e. the broadcast and its replies) can be
triggered by pressing "Start" in the GUI.
-==== Broadcast
-ToDo
\ No newline at end of file
+=== Sequence diagrams of the process
+The following sequence diagrams are simplified representations of the flow, which is performed for a GDPR Procedure.
+
+==== Right of access
+ToDo
+
+==== Right to rectification
+The following sequence diagram shows the use-case, where an individual appears in person in the health department or communicates by post and wants to exercise the right to rectification.
+The current scope of this right is to be able to change the data of the referencePerson in the link:../../solution-strategy/base-modules/central-file/central-file.adoc[Central Files].
+[plantuml, gdpr.rectification-flow, svg]
+....
+include::gdpr-rectification-flow.puml[]
+....
+
+==== Right to erasure
+ToDo
+
+==== Right to object
+The following sequence diagram shows the use-case, where an individual appears in person in the health department or communicates by post and wants to exercise the right to object.
+[plantuml, gdpr.objection-flow, svg]
+....
+include::gdpr-objection-flow.puml[]
+....
\ No newline at end of file
diff --git a/open-api/base/openApiSpec.yaml b/open-api/base/openApiSpec.yaml
index e9b0ff9687e914f8a9c8617dffdcd07371a06034..ddbccd1a2419a4e238efc265b871c31710c8322e 100644
--- a/open-api/base/openApiSpec.yaml
+++ b/open-api/base/openApiSpec.yaml
@@ -996,8 +996,6 @@ paths:
Add a new facility file state and associate it with a reference facility.
If no reference id is provided, an existing reference facility with matching facility data is selected or (if
it does not exist) created for this purpose.
- If the partial match parameter is provided as true, only the knowledge factors name and address
- (regardless of address addition and different name) are considered for the linking.
tags:
- Facility
/facilities/centralfilestates/archive-deletion:
@@ -3435,8 +3433,7 @@ paths:
name: role
required: false
schema:
- type: string
- description: A filter for a role users can have
+ $ref: "#/components/schemas/UserRole"
- description: "The start of the first name, last name, username or email of\
\ a User which shall be searched for."
in: query
@@ -4455,7 +4452,6 @@ components:
- CHAT_USERNAME
- SEARCH_PROCEDURES
- INBOX
- - INSPECTION_INBOX
- STI_PROTECTION
- VERIFICATION_OF_EXTERNAL_DATA
- OPEN_DATA
@@ -4523,6 +4519,7 @@ components:
- STI_PROTECTION
- MEDICAL_REGISTRY
- DENTAL
+ - OFFICIAL_MEDICAL_SERVICE
Calendar:
type: object
properties:
@@ -4640,6 +4637,7 @@ components:
- DOCTORS_OFFICE
- HEALTH_DEPARTMENT
- MISC
+ - DAYCARE
ContactHistoryEntry:
type: object
properties:
@@ -8980,6 +8978,7 @@ components:
- user
UserRole:
type: string
+ description: A filter for a role users can have
enum:
- INSPECTION_LEADER
- INSPECTION_LANDESAMT_LEADER
@@ -9053,6 +9052,9 @@ components:
- OPEN_DATA_ADMIN
- OPEN_DATA_LEADER
- MEDICAL_REGISTRY_IMPORT
+ - OFFICIAL_MEDICAL_SERVICE_LEADER
+ - OFFICIAL_MEDICAL_SERVICE_ADMIN
+ - OFFICIAL_MEDICAL_SERVICE_PHYSICIAN
VCardAddress:
type: object
properties:
diff --git a/open-api/inspection/openApiSpec.yaml b/open-api/inspection/openApiSpec.yaml
index c97364831d478f57ee4e3bbf2b56eef9d20393c1..fdcce2c5f414c99c363b710ae05e5934b9c54f17 100644
--- a/open-api/inspection/openApiSpec.yaml
+++ b/open-api/inspection/openApiSpec.yaml
@@ -1403,6 +1403,48 @@ paths:
tags:
- File
/gdpr-validation-tasks:
+ get:
+ operationId: getAllGdprValidationTasks
+ parameters:
+ - in: query
+ name: status
+ required: false
+ schema:
+ $ref: "#/components/schemas/GdprValidationTaskStatus"
+ - in: query
+ name: sortKey
+ required: false
+ schema:
+ $ref: "#/components/schemas/GdprValidationTaskSortKey"
+ - in: query
+ name: sortDirection
+ required: false
+ schema:
+ $ref: "#/components/schemas/SortDirection"
+ - in: query
+ name: pageNumber
+ required: false
+ schema:
+ type: integer
+ format: int32
+ minimum: 0
+ - in: query
+ name: pageSize
+ required: false
+ schema:
+ type: integer
+ format: int32
+ minimum: 1
+ responses:
+ "200":
+ content:
+ '*/*':
+ schema:
+ $ref: "#/components/schemas/GetAllValidationTasksResponse"
+ description: OK
+ summary: Get all GDPR validation tasks
+ tags:
+ - GdprValidationTask
post:
operationId: addGdprValidationTask
requestBody:
@@ -1417,6 +1459,27 @@ paths:
summary: Add a GDPR validation task
tags:
- GdprValidationTask
+ /gdpr-validation-tasks/download-packages/{id}:
+ get:
+ operationId: getGdprDownloadPackage
+ parameters:
+ - in: path
+ name: id
+ required: true
+ schema:
+ type: string
+ format: uuid
+ responses:
+ "200":
+ content:
+ '*/*':
+ schema:
+ type: string
+ format: binary
+ description: OK
+ summary: Get Gdpr Download Package by its id
+ tags:
+ - GdprValidationTask
/gdpr-validation-tasks/notification-banner:
get:
operationId: getGdprNotificationBanner
@@ -1494,6 +1557,42 @@ paths:
the data from the procedure with businessProcedureId
tags:
- GdprValidationTask
+ /gdpr-validation-tasks/{gdprProcedureId}/close:
+ post:
+ operationId: closeGdprValidationTask
+ parameters:
+ - in: path
+ name: gdprProcedureId
+ required: true
+ schema:
+ type: string
+ format: uuid
+ responses:
+ "200":
+ description: Close a GDPR validation task
+ summary: Close a GDPR validation task
+ tags:
+ - GdprValidationTask
+ /gdpr-validation-tasks/{gdprProcedureId}/download-packages:
+ get:
+ operationId: getGdprDownloadPackagesInfo
+ parameters:
+ - in: path
+ name: gdprProcedureId
+ required: true
+ schema:
+ type: string
+ format: uuid
+ responses:
+ "200":
+ content:
+ '*/*':
+ schema:
+ $ref: "#/components/schemas/GetGdprDownloadPackagesInfoResponse"
+ description: OK
+ summary: Get approved Gdpr Download Packages by Gdpr Procedure Id
+ tags:
+ - GdprValidationTask
/import:
post:
operationId: importProcesses
@@ -2141,6 +2240,23 @@ paths:
associated reference facility
tags:
- Inspection
+ /inspections/{id}/viewed:
+ post:
+ operationId: inspectionViewed
+ parameters:
+ - description: The id of the inspection
+ in: path
+ name: id
+ required: true
+ schema:
+ type: string
+ format: uuid
+ responses:
+ "200":
+ description: OK
+ summary: Mark inspection as viewed in audit-log
+ tags:
+ - Inspection
/inspections/{inspectionId}/incidents:
get:
operationId: getIncidents
@@ -3682,6 +3798,8 @@ components:
example: "['+4912345678901','+4912345678902','+4912345678903']"
items:
type: string
+ maxLength: 23
+ minLength: 1
referenceFacilityId:
type: string
format: uuid
@@ -3876,6 +3994,7 @@ components:
- STI_PROTECTION
- MEDICAL_REGISTRY
- DENTAL
+ - OFFICIAL_MEDICAL_SERVICE
BusinessProcedureInclusionStatus:
type: string
enum:
@@ -5467,6 +5586,8 @@ components:
example: "['+4912345678901','+4912345678902','+4912345678903']"
items:
type: string
+ maxLength: 23
+ minLength: 0
required:
- name
FacilityDuplicateReview:
@@ -5522,6 +5643,8 @@ components:
example: "['+4912345678901','+4912345678902','+4912345678903']"
items:
type: string
+ maxLength: 23
+ minLength: 1
referenceVersion:
type: integer
format: int64
@@ -5605,6 +5728,14 @@ components:
enum:
- REVIEW
- DOCUMENT_INSPECTION
+ GdprDownloadPackageInfo:
+ type: object
+ properties:
+ id:
+ type: string
+ format: uuid
+ required:
+ - id
GdprFacility:
type: object
allOf:
@@ -5706,6 +5837,9 @@ components:
GdprValidationTask:
type: object
properties:
+ dueDate:
+ type: string
+ format: date
identificationData:
oneOf:
- $ref: "#/components/schemas/GdprFacility"
@@ -5713,8 +5847,13 @@ components:
status:
$ref: "#/components/schemas/GdprValidationTaskStatus"
required:
+ - dueDate
- identificationData
- status
+ GdprValidationTaskSortKey:
+ type: string
+ enum:
+ - CREATED_AT
GdprValidationTaskStatus:
type: string
enum:
@@ -5765,6 +5904,20 @@ components:
- deletable
- deleted
- fileId
+ GetAllValidationTasksResponse:
+ type: object
+ properties:
+ elements:
+ type: array
+ items:
+ $ref: "#/components/schemas/GdprValidationTask"
+ totalNumberOfElements:
+ type: integer
+ format: int64
+ minimum: 0
+ required:
+ - elements
+ - totalNumberOfElements
GetArchivableProceduresResponse:
type: object
properties:
@@ -5911,6 +6064,8 @@ components:
example: "['+4912345678901','+4912345678902','+4912345678903']"
items:
type: string
+ maxLength: 23
+ minLength: 1
referenceVersion:
type: integer
format: int64
@@ -5927,6 +6082,15 @@ components:
- outdated
- phoneNumbers
- referenceVersion
+ GetGdprDownloadPackagesInfoResponse:
+ type: object
+ properties:
+ downloadPackages:
+ type: array
+ items:
+ $ref: "#/components/schemas/GdprDownloadPackageInfo"
+ required:
+ - downloadPackages
GetGdprNotificationBannerResponse:
type: object
properties:
@@ -6131,6 +6295,8 @@ components:
example: "['+4912345678901','+4912345678902','+4912345678903']"
items:
type: string
+ maxLength: 23
+ minLength: 1
placeOfBirth:
type: string
description: The place of birth (without country) of the Person.
@@ -6324,6 +6490,8 @@ components:
example: "['+4912345678901','+4912345678902','+4912345678903']"
items:
type: string
+ maxLength: 23
+ minLength: 1
version:
type: integer
format: int64
@@ -7026,8 +7194,7 @@ components:
enum:
- OFFLINE
- IMPORT
- - BANNED_FACILITIES_EXPORT
- - FACILITY_HISTORY
+ - STATISTICS
InspectionFollowupInfo:
type: object
properties:
diff --git a/open-api/measles-protection/openApiSpec.yaml b/open-api/measles-protection/openApiSpec.yaml
index 2359aece8c86bc2cf272d1dfd8e59f113c40d6a8..f265f3263e576c7b55197ca3c0ff5abcab23a5f2 100644
--- a/open-api/measles-protection/openApiSpec.yaml
+++ b/open-api/measles-protection/openApiSpec.yaml
@@ -556,6 +556,48 @@ paths:
tags:
- File
/gdpr-validation-tasks:
+ get:
+ operationId: getAllGdprValidationTasks
+ parameters:
+ - in: query
+ name: status
+ required: false
+ schema:
+ $ref: "#/components/schemas/GdprValidationTaskStatus"
+ - in: query
+ name: sortKey
+ required: false
+ schema:
+ $ref: "#/components/schemas/GdprValidationTaskSortKey"
+ - in: query
+ name: sortDirection
+ required: false
+ schema:
+ $ref: "#/components/schemas/SortDirection"
+ - in: query
+ name: pageNumber
+ required: false
+ schema:
+ type: integer
+ format: int32
+ minimum: 0
+ - in: query
+ name: pageSize
+ required: false
+ schema:
+ type: integer
+ format: int32
+ minimum: 1
+ responses:
+ "200":
+ content:
+ '*/*':
+ schema:
+ $ref: "#/components/schemas/GetAllValidationTasksResponse"
+ description: OK
+ summary: Get all GDPR validation tasks
+ tags:
+ - GdprValidationTask
post:
operationId: addGdprValidationTask
requestBody:
@@ -570,6 +612,27 @@ paths:
summary: Add a GDPR validation task
tags:
- GdprValidationTask
+ /gdpr-validation-tasks/download-packages/{id}:
+ get:
+ operationId: getGdprDownloadPackage
+ parameters:
+ - in: path
+ name: id
+ required: true
+ schema:
+ type: string
+ format: uuid
+ responses:
+ "200":
+ content:
+ '*/*':
+ schema:
+ type: string
+ format: binary
+ description: OK
+ summary: Get Gdpr Download Package by its id
+ tags:
+ - GdprValidationTask
/gdpr-validation-tasks/notification-banner:
get:
operationId: getGdprNotificationBanner
@@ -647,6 +710,42 @@ paths:
the data from the procedure with businessProcedureId
tags:
- GdprValidationTask
+ /gdpr-validation-tasks/{gdprProcedureId}/close:
+ post:
+ operationId: closeGdprValidationTask
+ parameters:
+ - in: path
+ name: gdprProcedureId
+ required: true
+ schema:
+ type: string
+ format: uuid
+ responses:
+ "200":
+ description: Close a GDPR validation task
+ summary: Close a GDPR validation task
+ tags:
+ - GdprValidationTask
+ /gdpr-validation-tasks/{gdprProcedureId}/download-packages:
+ get:
+ operationId: getGdprDownloadPackagesInfo
+ parameters:
+ - in: path
+ name: gdprProcedureId
+ required: true
+ schema:
+ type: string
+ format: uuid
+ responses:
+ "200":
+ content:
+ '*/*':
+ schema:
+ $ref: "#/components/schemas/GetGdprDownloadPackagesInfoResponse"
+ description: OK
+ summary: Get approved Gdpr Download Packages by Gdpr Procedure Id
+ tags:
+ - GdprValidationTask
/inbox-procedures:
get:
description: |
@@ -1461,14 +1560,12 @@ paths:
name: sortBy
required: false
schema:
- type: string
- default: CREATED_AT
+ $ref: "#/components/schemas/GetMeaslesProtectionProceduresSortBy"
- in: query
name: sortOrder
required: false
schema:
- type: string
- default: DESC
+ $ref: "#/components/schemas/GetMeaslesProtectionProceduresSortOrder"
- description: |
Filter logic:
- If 'creationDate' is submitted, only measles procedures which were created at the provided date are returned.
@@ -2707,6 +2804,8 @@ components:
example: "['+4912345678901','+4912345678902','+4912345678903']"
items:
type: string
+ maxLength: 23
+ minLength: 1
referenceFacilityId:
type: string
format: uuid
@@ -2808,6 +2907,8 @@ components:
example: "['+4912345678901','+4912345678902','+4912345678903']"
items:
type: string
+ maxLength: 23
+ minLength: 1
placeOfBirth:
type: string
description: The place of birth (without country) of the Person.
@@ -3167,6 +3268,7 @@ components:
- STI_PROTECTION
- MEDICAL_REGISTRY
- DENTAL
+ - OFFICIAL_MEDICAL_SERVICE
BusinessProcedureInclusionStatus:
type: string
enum:
@@ -4050,6 +4152,8 @@ components:
example: "['+4912345678901','+4912345678902','+4912345678903']"
items:
type: string
+ maxLength: 23
+ minLength: 1
required:
- name
Facility:
@@ -4155,6 +4259,8 @@ components:
example: "['+4912345678901','+4912345678902','+4912345678903']"
items:
type: string
+ maxLength: 23
+ minLength: 1
referenceVersion:
type: integer
format: int64
@@ -4192,6 +4298,14 @@ components:
- PNG
- PDF
- EML
+ GdprDownloadPackageInfo:
+ type: object
+ properties:
+ id:
+ type: string
+ format: uuid
+ required:
+ - id
GdprFacility:
type: object
allOf:
@@ -4293,6 +4407,9 @@ components:
GdprValidationTask:
type: object
properties:
+ dueDate:
+ type: string
+ format: date
identificationData:
oneOf:
- $ref: "#/components/schemas/GdprFacility"
@@ -4300,8 +4417,13 @@ components:
status:
$ref: "#/components/schemas/GdprValidationTaskStatus"
required:
+ - dueDate
- identificationData
- status
+ GdprValidationTaskSortKey:
+ type: string
+ enum:
+ - CREATED_AT
GdprValidationTaskStatus:
type: string
enum:
@@ -4352,6 +4474,20 @@ components:
- deletable
- deleted
- fileId
+ GetAllValidationTasksResponse:
+ type: object
+ properties:
+ elements:
+ type: array
+ items:
+ $ref: "#/components/schemas/GdprValidationTask"
+ totalNumberOfElements:
+ type: integer
+ format: int64
+ minimum: 0
+ required:
+ - elements
+ - totalNumberOfElements
GetAppointmentBlock:
type: object
description: A planned appointment block. Appointment blocks offer a set of
@@ -4512,6 +4648,15 @@ components:
$ref: "#/components/schemas/Appointment"
required:
- appointments
+ GetGdprDownloadPackagesInfoResponse:
+ type: object
+ properties:
+ downloadPackages:
+ type: array
+ items:
+ $ref: "#/components/schemas/GdprDownloadPackageInfo"
+ required:
+ - downloadPackages
GetGdprNotificationBannerResponse:
type: object
properties:
@@ -4631,6 +4776,24 @@ components:
- procedures
- totalElements
- totalPages
+ GetMeaslesProtectionProceduresSortBy:
+ type: string
+ default: CREATED_AT
+ enum:
+ - FIRST_NAME
+ - LAST_NAME
+ - DATE_OF_BIRTH
+ - CREATED_AT
+ - FACILITY_NAME
+ - FACILITY_TYPE
+ - CASE_STATUS
+ - PROCEDURE_STATUS
+ GetMeaslesProtectionProceduresSortOrder:
+ type: string
+ default: DESC
+ enum:
+ - ASC
+ - DESC
GetMetaDataHistoryResponse:
type: object
properties:
@@ -4703,6 +4866,8 @@ components:
example: "['+4912345678901','+4912345678902','+4912345678903']"
items:
type: string
+ maxLength: 23
+ minLength: 1
placeOfBirth:
type: string
description: The place of birth (without country) of the Person.
diff --git a/open-api/procedure/openApiSpec.yaml b/open-api/procedure/openApiSpec.yaml
index d16e6d7a84486d1b01e1d17ad9b5befab37a1f26..5df5b3bcc1a7379315c3575016400dda3d5be638 100644
--- a/open-api/procedure/openApiSpec.yaml
+++ b/open-api/procedure/openApiSpec.yaml
@@ -385,6 +385,48 @@ paths:
tags:
- File
/gdpr-validation-tasks:
+ get:
+ operationId: getAllGdprValidationTasks
+ parameters:
+ - in: query
+ name: status
+ required: false
+ schema:
+ $ref: "#/components/schemas/GdprValidationTaskStatus"
+ - in: query
+ name: sortKey
+ required: false
+ schema:
+ $ref: "#/components/schemas/GdprValidationTaskSortKey"
+ - in: query
+ name: sortDirection
+ required: false
+ schema:
+ $ref: "#/components/schemas/SortDirection"
+ - in: query
+ name: pageNumber
+ required: false
+ schema:
+ type: integer
+ format: int32
+ minimum: 0
+ - in: query
+ name: pageSize
+ required: false
+ schema:
+ type: integer
+ format: int32
+ minimum: 1
+ responses:
+ "200":
+ content:
+ '*/*':
+ schema:
+ $ref: "#/components/schemas/GetAllValidationTasksResponse"
+ description: OK
+ summary: Get all GDPR validation tasks
+ tags:
+ - GdprValidationTask
post:
operationId: addGdprValidationTask
requestBody:
@@ -399,6 +441,27 @@ paths:
summary: Add a GDPR validation task
tags:
- GdprValidationTask
+ /gdpr-validation-tasks/download-packages/{id}:
+ get:
+ operationId: getGdprDownloadPackage
+ parameters:
+ - in: path
+ name: id
+ required: true
+ schema:
+ type: string
+ format: uuid
+ responses:
+ "200":
+ content:
+ '*/*':
+ schema:
+ type: string
+ format: binary
+ description: OK
+ summary: Get Gdpr Download Package by its id
+ tags:
+ - GdprValidationTask
/gdpr-validation-tasks/notification-banner:
get:
operationId: getGdprNotificationBanner
@@ -476,6 +539,42 @@ paths:
the data from the procedure with businessProcedureId
tags:
- GdprValidationTask
+ /gdpr-validation-tasks/{gdprProcedureId}/close:
+ post:
+ operationId: closeGdprValidationTask
+ parameters:
+ - in: path
+ name: gdprProcedureId
+ required: true
+ schema:
+ type: string
+ format: uuid
+ responses:
+ "200":
+ description: Close a GDPR validation task
+ summary: Close a GDPR validation task
+ tags:
+ - GdprValidationTask
+ /gdpr-validation-tasks/{gdprProcedureId}/download-packages:
+ get:
+ operationId: getGdprDownloadPackagesInfo
+ parameters:
+ - in: path
+ name: gdprProcedureId
+ required: true
+ schema:
+ type: string
+ format: uuid
+ responses:
+ "200":
+ content:
+ '*/*':
+ schema:
+ $ref: "#/components/schemas/GetGdprDownloadPackagesInfoResponse"
+ description: OK
+ summary: Get approved Gdpr Download Packages by Gdpr Procedure Id
+ tags:
+ - GdprValidationTask
/inbox-procedures:
get:
description: |
@@ -1810,6 +1909,7 @@ components:
- STI_PROTECTION
- MEDICAL_REGISTRY
- DENTAL
+ - OFFICIAL_MEDICAL_SERVICE
BusinessProcedureInclusionStatus:
type: string
enum:
@@ -2463,6 +2563,14 @@ components:
- PNG
- PDF
- EML
+ GdprDownloadPackageInfo:
+ type: object
+ properties:
+ id:
+ type: string
+ format: uuid
+ required:
+ - id
GdprFacility:
type: object
allOf:
@@ -2564,6 +2672,9 @@ components:
GdprValidationTask:
type: object
properties:
+ dueDate:
+ type: string
+ format: date
identificationData:
oneOf:
- $ref: "#/components/schemas/GdprFacility"
@@ -2571,8 +2682,13 @@ components:
status:
$ref: "#/components/schemas/GdprValidationTaskStatus"
required:
+ - dueDate
- identificationData
- status
+ GdprValidationTaskSortKey:
+ type: string
+ enum:
+ - CREATED_AT
GdprValidationTaskStatus:
type: string
enum:
@@ -2623,6 +2739,20 @@ components:
- deletable
- deleted
- fileId
+ GetAllValidationTasksResponse:
+ type: object
+ properties:
+ elements:
+ type: array
+ items:
+ $ref: "#/components/schemas/GdprValidationTask"
+ totalNumberOfElements:
+ type: integer
+ format: int64
+ minimum: 0
+ required:
+ - elements
+ - totalNumberOfElements
GetArchivableProceduresResponse:
type: object
properties:
@@ -2691,6 +2821,15 @@ components:
- persons
- procedure
- tasks
+ GetGdprDownloadPackagesInfoResponse:
+ type: object
+ properties:
+ downloadPackages:
+ type: array
+ items:
+ $ref: "#/components/schemas/GdprDownloadPackageInfo"
+ required:
+ - downloadPackages
GetGdprNotificationBannerResponse:
type: object
properties:
@@ -3820,6 +3959,11 @@ components:
format: int64
required:
- taskVersion
+ SortDirection:
+ type: string
+ enum:
+ - ASC
+ - DESC
SystemProgressEntry:
type: object
allOf:
diff --git a/open-api/school-entry/openApiSpec.yaml b/open-api/school-entry/openApiSpec.yaml
index caeb39153beba8075c9a0fdb2552d9c25d3d8211..63fc87affc5c803c8d191de1892705dbfbb40ee2 100644
--- a/open-api/school-entry/openApiSpec.yaml
+++ b/open-api/school-entry/openApiSpec.yaml
@@ -673,6 +673,48 @@ paths:
tags:
- File
/gdpr-validation-tasks:
+ get:
+ operationId: getAllGdprValidationTasks
+ parameters:
+ - in: query
+ name: status
+ required: false
+ schema:
+ $ref: "#/components/schemas/GdprValidationTaskStatus"
+ - in: query
+ name: sortKey
+ required: false
+ schema:
+ $ref: "#/components/schemas/GdprValidationTaskSortKey"
+ - in: query
+ name: sortDirection
+ required: false
+ schema:
+ $ref: "#/components/schemas/SortDirection"
+ - in: query
+ name: pageNumber
+ required: false
+ schema:
+ type: integer
+ format: int32
+ minimum: 0
+ - in: query
+ name: pageSize
+ required: false
+ schema:
+ type: integer
+ format: int32
+ minimum: 1
+ responses:
+ "200":
+ content:
+ '*/*':
+ schema:
+ $ref: "#/components/schemas/GetAllValidationTasksResponse"
+ description: OK
+ summary: Get all GDPR validation tasks
+ tags:
+ - GdprValidationTask
post:
operationId: addGdprValidationTask
requestBody:
@@ -687,6 +729,27 @@ paths:
summary: Add a GDPR validation task
tags:
- GdprValidationTask
+ /gdpr-validation-tasks/download-packages/{id}:
+ get:
+ operationId: getGdprDownloadPackage
+ parameters:
+ - in: path
+ name: id
+ required: true
+ schema:
+ type: string
+ format: uuid
+ responses:
+ "200":
+ content:
+ '*/*':
+ schema:
+ type: string
+ format: binary
+ description: OK
+ summary: Get Gdpr Download Package by its id
+ tags:
+ - GdprValidationTask
/gdpr-validation-tasks/notification-banner:
get:
operationId: getGdprNotificationBanner
@@ -764,6 +827,42 @@ paths:
the data from the procedure with businessProcedureId
tags:
- GdprValidationTask
+ /gdpr-validation-tasks/{gdprProcedureId}/close:
+ post:
+ operationId: closeGdprValidationTask
+ parameters:
+ - in: path
+ name: gdprProcedureId
+ required: true
+ schema:
+ type: string
+ format: uuid
+ responses:
+ "200":
+ description: Close a GDPR validation task
+ summary: Close a GDPR validation task
+ tags:
+ - GdprValidationTask
+ /gdpr-validation-tasks/{gdprProcedureId}/download-packages:
+ get:
+ operationId: getGdprDownloadPackagesInfo
+ parameters:
+ - in: path
+ name: gdprProcedureId
+ required: true
+ schema:
+ type: string
+ format: uuid
+ responses:
+ "200":
+ content:
+ '*/*':
+ schema:
+ $ref: "#/components/schemas/GetGdprDownloadPackagesInfoResponse"
+ description: OK
+ summary: Get approved Gdpr Download Packages by Gdpr Procedure Id
+ tags:
+ - GdprValidationTask
/icd10-codes:
get:
operationId: searchIcd10Codes
@@ -775,6 +874,7 @@ paths:
required: false
schema:
type: string
+ default: ""
description: "Search for a string within the ICD-10 codes, groups and their\
\ title. The search supports a fuzzy search mechanism."
- in: query
@@ -3550,6 +3650,7 @@ components:
- STI_PROTECTION
- MEDICAL_REGISTRY
- DENTAL
+ - OFFICIAL_MEDICAL_SERVICE
BusinessProcedureInclusionStatus:
type: string
enum:
@@ -4242,6 +4343,8 @@ components:
type: array
items:
type: string
+ maxLength: 254
+ minLength: 6
firstName:
type: string
maxLength: 80
@@ -4260,6 +4363,8 @@ components:
type: array
items:
type: string
+ maxLength: 23
+ minLength: 1
placeOfBirth:
type: string
maxLength: 50
@@ -4778,6 +4883,8 @@ components:
example: "['+4912345678901','+4912345678902','+4912345678903']"
items:
type: string
+ maxLength: 23
+ minLength: 1
referenceVersion:
type: integer
format: int64
@@ -4852,6 +4959,14 @@ components:
- PNG
- PDF
- EML
+ GdprDownloadPackageInfo:
+ type: object
+ properties:
+ id:
+ type: string
+ format: uuid
+ required:
+ - id
GdprFacility:
type: object
allOf:
@@ -4953,6 +5068,9 @@ components:
GdprValidationTask:
type: object
properties:
+ dueDate:
+ type: string
+ format: date
identificationData:
oneOf:
- $ref: "#/components/schemas/GdprFacility"
@@ -4960,8 +5078,13 @@ components:
status:
$ref: "#/components/schemas/GdprValidationTaskStatus"
required:
+ - dueDate
- identificationData
- status
+ GdprValidationTaskSortKey:
+ type: string
+ enum:
+ - CREATED_AT
GdprValidationTaskStatus:
type: string
enum:
@@ -5021,6 +5144,20 @@ components:
- FLUID_WITH_MINOR_ERRORS
- FAULTLESS
- UNKNOWN
+ GetAllValidationTasksResponse:
+ type: object
+ properties:
+ elements:
+ type: array
+ items:
+ $ref: "#/components/schemas/GdprValidationTask"
+ totalNumberOfElements:
+ type: integer
+ format: int64
+ minimum: 0
+ required:
+ - elements
+ - totalNumberOfElements
GetAppointmentBlock:
type: object
description: A planned appointment block. Appointment blocks offer a set of
@@ -5278,6 +5415,15 @@ components:
$ref: "#/components/schemas/Appointment"
required:
- appointments
+ GetGdprDownloadPackagesInfoResponse:
+ type: object
+ properties:
+ downloadPackages:
+ type: array
+ items:
+ $ref: "#/components/schemas/GdprDownloadPackageInfo"
+ required:
+ - downloadPackages
GetGdprNotificationBannerResponse:
type: object
properties:
@@ -5446,6 +5592,8 @@ components:
example: "['+4912345678901','+4912345678902','+4912345678903']"
items:
type: string
+ maxLength: 23
+ minLength: 1
placeOfBirth:
type: string
description: The place of birth (without country) of the Person.
@@ -6446,6 +6594,8 @@ components:
type: array
items:
type: string
+ maxLength: 254
+ minLength: 6
fileStateId:
type: string
format: uuid
@@ -6473,6 +6623,8 @@ components:
type: array
items:
type: string
+ maxLength: 23
+ minLength: 1
placeOfBirth:
type: string
maxLength: 50
@@ -7791,6 +7943,8 @@ components:
type: array
items:
type: string
+ maxLength: 254
+ minLength: 6
firstName:
type: string
description: First name of the person.
@@ -7813,6 +7967,8 @@ components:
type: array
items:
type: string
+ maxLength: 23
+ minLength: 1
placeOfBirth:
type: string
maxLength: 50
diff --git a/open-api/statistic/openApiSpec.yaml b/open-api/statistic/openApiSpec.yaml
index 55b494899bc2977f2643ee8e5b7f47f1dafe0b1b..869e8d5916b20d41462539f68f5dfa424788ad13 100644
--- a/open-api/statistic/openApiSpec.yaml
+++ b/open-api/statistic/openApiSpec.yaml
@@ -112,7 +112,7 @@ paths:
- StatisticsCentralRepository
/data-export/diagram/{diagramId}:
get:
- operationId: exportData
+ operationId: exportDiagramData
parameters:
- in: path
name: diagramId
@@ -131,6 +131,48 @@ paths:
summary: Export diagram data
tags:
- DataExport
+ /data-export/evaluation/{evaluationId}:
+ get:
+ operationId: exportEvaluationData
+ parameters:
+ - in: path
+ name: evaluationId
+ required: true
+ schema:
+ type: string
+ format: uuid
+ responses:
+ "200":
+ content:
+ application/json:
+ schema:
+ type: string
+ format: binary
+ description: Exported evaluation raw data
+ summary: Export evaluation data
+ tags:
+ - DataExport
+ /data-export/report/{reportId}:
+ get:
+ operationId: exportReportData
+ parameters:
+ - in: path
+ name: reportId
+ required: true
+ schema:
+ type: string
+ format: uuid
+ responses:
+ "200":
+ content:
+ application/json:
+ schema:
+ type: string
+ format: binary
+ description: Exported report raw data
+ summary: Export report data
+ tags:
+ - DataExport
/data-source:
get:
operationId: getAvailableDataSources
@@ -1318,10 +1360,15 @@ components:
type: string
contact:
type: string
+ description:
+ type: string
+ name:
+ type: string
templateId:
type: string
format: uuid
required:
+ - name
- templateId
AddEvaluationTemplateWithDataSourcesRequest:
type: object
@@ -1598,20 +1645,23 @@ components:
properties:
code:
type: string
- name:
+ displayName:
type: string
required:
- code
- - name
+ - displayName
BaseDataSourceAttribute:
type: object
properties:
code:
type: string
+ displayName:
+ type: string
name:
type: string
required:
- code
+ - displayName
- name
BinningMode:
type: string
@@ -2097,6 +2147,8 @@ components:
type: string
maxItems: 2147483647
minItems: 1
+ exportable:
+ type: boolean
id:
type: string
format: uuid
@@ -2117,6 +2169,7 @@ components:
- anonymized
- createdAt
- dataSourceNames
+ - exportable
- id
- name
- state
@@ -3062,6 +3115,8 @@ components:
executionDate:
type: string
format: date
+ exportable:
+ type: boolean
id:
type: string
format: uuid
@@ -3081,6 +3136,7 @@ components:
minimum: 0
required:
- executionDate
+ - exportable
- id
- name
- state
@@ -3248,7 +3304,6 @@ components:
type: string
enum:
- REPORTS
- - CLONE_STATISTIC
- FAKE_ANONYMIZATION
TableColumnFilterParameter:
type: object
@@ -3279,11 +3334,14 @@ components:
format: uuid
dataSourceName:
type: string
+ displayName:
+ type: string
required:
- attribute
- businessModule
- dataSourceId
- dataSourceName
+ - displayName
TestHelperClockSetRequest:
type: object
properties:
diff --git a/open-api/travel-medicine/openApiSpec.yaml b/open-api/travel-medicine/openApiSpec.yaml
index bef57e3943b42e65abb882ab0cbaf22e15e1aebb..71f8c0d1cf143b0bdbe5bd060bf9e180b898a390 100644
--- a/open-api/travel-medicine/openApiSpec.yaml
+++ b/open-api/travel-medicine/openApiSpec.yaml
@@ -963,6 +963,48 @@ paths:
tags:
- File
/gdpr-validation-tasks:
+ get:
+ operationId: getAllGdprValidationTasks
+ parameters:
+ - in: query
+ name: status
+ required: false
+ schema:
+ $ref: "#/components/schemas/GdprValidationTaskStatus"
+ - in: query
+ name: sortKey
+ required: false
+ schema:
+ $ref: "#/components/schemas/GdprValidationTaskSortKey"
+ - in: query
+ name: sortDirection
+ required: false
+ schema:
+ $ref: "#/components/schemas/SortDirection"
+ - in: query
+ name: pageNumber
+ required: false
+ schema:
+ type: integer
+ format: int32
+ minimum: 0
+ - in: query
+ name: pageSize
+ required: false
+ schema:
+ type: integer
+ format: int32
+ minimum: 1
+ responses:
+ "200":
+ content:
+ '*/*':
+ schema:
+ $ref: "#/components/schemas/GetAllValidationTasksResponse"
+ description: OK
+ summary: Get all GDPR validation tasks
+ tags:
+ - GdprValidationTask
post:
operationId: addGdprValidationTask
requestBody:
@@ -977,6 +1019,27 @@ paths:
summary: Add a GDPR validation task
tags:
- GdprValidationTask
+ /gdpr-validation-tasks/download-packages/{id}:
+ get:
+ operationId: getGdprDownloadPackage
+ parameters:
+ - in: path
+ name: id
+ required: true
+ schema:
+ type: string
+ format: uuid
+ responses:
+ "200":
+ content:
+ '*/*':
+ schema:
+ type: string
+ format: binary
+ description: OK
+ summary: Get Gdpr Download Package by its id
+ tags:
+ - GdprValidationTask
/gdpr-validation-tasks/notification-banner:
get:
operationId: getGdprNotificationBanner
@@ -1054,6 +1117,42 @@ paths:
the data from the procedure with businessProcedureId
tags:
- GdprValidationTask
+ /gdpr-validation-tasks/{gdprProcedureId}/close:
+ post:
+ operationId: closeGdprValidationTask
+ parameters:
+ - in: path
+ name: gdprProcedureId
+ required: true
+ schema:
+ type: string
+ format: uuid
+ responses:
+ "200":
+ description: Close a GDPR validation task
+ summary: Close a GDPR validation task
+ tags:
+ - GdprValidationTask
+ /gdpr-validation-tasks/{gdprProcedureId}/download-packages:
+ get:
+ operationId: getGdprDownloadPackagesInfo
+ parameters:
+ - in: path
+ name: gdprProcedureId
+ required: true
+ schema:
+ type: string
+ format: uuid
+ responses:
+ "200":
+ content:
+ '*/*':
+ schema:
+ $ref: "#/components/schemas/GetGdprDownloadPackagesInfoResponse"
+ description: OK
+ summary: Get approved Gdpr Download Packages by Gdpr Procedure Id
+ tags:
+ - GdprValidationTask
/inbox-procedures:
get:
description: |
@@ -3774,6 +3873,7 @@ components:
- STI_PROTECTION
- MEDICAL_REGISTRY
- DENTAL
+ - OFFICIAL_MEDICAL_SERVICE
BusinessProcedureInclusionStatus:
type: string
enum:
@@ -4664,6 +4764,14 @@ components:
- PNG
- PDF
- EML
+ GdprDownloadPackageInfo:
+ type: object
+ properties:
+ id:
+ type: string
+ format: uuid
+ required:
+ - id
GdprFacility:
type: object
allOf:
@@ -4765,6 +4873,9 @@ components:
GdprValidationTask:
type: object
properties:
+ dueDate:
+ type: string
+ format: date
identificationData:
oneOf:
- $ref: "#/components/schemas/GdprFacility"
@@ -4772,8 +4883,13 @@ components:
status:
$ref: "#/components/schemas/GdprValidationTaskStatus"
required:
+ - dueDate
- identificationData
- status
+ GdprValidationTaskSortKey:
+ type: string
+ enum:
+ - CREATED_AT
GdprValidationTaskStatus:
type: string
enum:
@@ -4824,6 +4940,20 @@ components:
- deletable
- deleted
- fileId
+ GetAllValidationTasksResponse:
+ type: object
+ properties:
+ elements:
+ type: array
+ items:
+ $ref: "#/components/schemas/GdprValidationTask"
+ totalNumberOfElements:
+ type: integer
+ format: int64
+ minimum: 0
+ required:
+ - elements
+ - totalNumberOfElements
GetAppointmentBlock:
type: object
description: A planned appointment block. Appointment blocks offer a set of
@@ -5139,6 +5269,15 @@ components:
$ref: "#/components/schemas/Appointment"
required:
- appointments
+ GetGdprDownloadPackagesInfoResponse:
+ type: object
+ properties:
+ downloadPackages:
+ type: array
+ items:
+ $ref: "#/components/schemas/GdprDownloadPackageInfo"
+ required:
+ - downloadPackages
GetGdprNotificationBannerResponse:
type: object
properties:
diff --git a/solution-strategy/base-modules/calendar/calendars-and-appointments.adoc b/solution-strategy/base-modules/calendar/calendars-and-appointments.adoc
index fc7dfaf542439b5fd70a832186196e0ed4311e25..efe90663320588bc02f32d273406cdf46f901486 100644
--- a/solution-strategy/base-modules/calendar/calendars-and-appointments.adoc
+++ b/solution-strategy/base-modules/calendar/calendars-and-appointments.adoc
@@ -95,7 +95,7 @@ include::uml/business-event-read.puml[]
Our software offers efficient calendaring functionalities managed through robust
APIs. +
-See also link:../../../open-api/base/openApiSpec.yaml[Open API Spec].
+See also link:../../../../../ga-lotse-code/-/blob/main/backend/base/data/test/validation/BaseOpenApiTest/openApiSpec.yaml[Open API Spec]
include::./calendar-api.adoc[]
diff --git a/solution-strategy/base-modules/central-file/central-file.adoc b/solution-strategy/base-modules/central-file/central-file.adoc
index a827e155c17ea0022bb87c01fb44fd164f9c60f8..07644a7719407785206499a49fc5dd11db8805c4 100644
--- a/solution-strategy/base-modules/central-file/central-file.adoc
+++ b/solution-strategy/base-modules/central-file/central-file.adoc
@@ -109,12 +109,12 @@ or decided to create a new entry.
== Automatic import of data
-The Central File API offers an endpoint for Persons (currently not for Facilities) to import them in a batch:
+The Central File API offers an endpoint for Facilities to import them in a batch:
[source]
----
-POST /persons/centralfilestates/bulk-create
+POST /facilities/centralfilestates/bulk-add
----
-For a connection to existing data, the Knowledge Factors are used.
+For a connection to existing data, the Knowledge Factors (and additionally the address, i.e. `street`, `houseNumber`, `postalCode` and `countryCode`, for Facilities) are used.
* Case 1:
If no entry with the same Knowledge Factors exists, Reference Data and File State are created.
@@ -136,16 +136,6 @@ IMPORTANT: The usage of this bulk endpoint requires a manual verification step a
sufficient if all Procedures are opened manually afterwards (i.e. when working on them) to check the automatic
connection to existing data.
-For Facilities, there is a similar option, but not as a bulk endpoint.
-By choosing the boolean `partialMatch` as `true` in the request
-[source]
-----
-POST /facilities/centralfilestates
-----
-the matching is only relying on the `name` and the address (i.e. `street`, `houseNumber`, `postalCode` and `countryCode`).
-The matching behaviour follows the three cases described above.
-
-NOTE: `IMPORT` would also be the best fit as `dataOrigin` in this case.
== External Source
The Central File API offers an endpoint to create an "unverified" Facility, where no matching is done and both
@@ -330,4 +320,51 @@ This is also a soft-delete.
*Case 3:* GDPR deletion
-Not yet implemented.
\ No newline at end of file
+Not yet implemented.
+
+== Connection to BundID and "Mein Unternehmenskonto"
+Citizens logged in with link:../../../context-and-scope/interfaces/bund-id-interface.adoc[BundID]
+and companies logged in with link:../../../context-and-scope/interfaces/mein-unternehmenskonto-interface.adoc[Mein Unternehmenskonto (MUK)]
+need access to their own data within the application.
+Consequently, a connection of these entities with the Central File has to be established.
+Entries in the Central File might have been created long before the first login with link:../../../context-and-scope/interfaces/bund-id-interface.adoc[BundID]
+or link:../../../context-and-scope/interfaces/mein-unternehmenskonto-interface.adoc[MUK] into the application.
+Therefore, a retroactive identification of the correct Reference Data object is necessary in that case.
+
+=== API
+The Base Module API offers an endpoint to create links between a
+link:../../../context-and-scope/interfaces/bund-id-interface.adoc[BundID]/link:../../../context-and-scope/interfaces/mein-unternehmenskonto-interface.adoc[MUK]
+account and the Central File:
+[source]
+----
+POST /muk-facility-link
+POST /bundid-person-link
+----
+
+When the link is established, users logged in with link:../../../context-and-scope/interfaces/bund-id-interface.adoc[BundID]
+or link:../../../context-and-scope/interfaces/mein-unternehmenskonto-interface.adoc[MUK] can view their Reference Data in the Online-Portal with the endpoint:
+[source]
+----
+GET /muk-facility-link/self/facility
+GET /bundid-person-link/self/person
+----
+
+=== Domain Model
+[plantuml, muk-facility-bundid-person-link.domain-model, svg]
+....
+include::./domain/muk-facility-bundid-person-link.puml[]
+....
+
+For link:../../../context-and-scope/interfaces/bund-id-interface.adoc[BundID], the connection to a Person is one-to-one.
+For link:../../../context-and-scope/interfaces/mein-unternehmenskonto-interface.adoc[MUK], up to 1000 employees of a company can have their own
+link:../../../context-and-scope/interfaces/mein-unternehmenskonto-interface.adoc[MUK] account with an individual ELSTER certificates.
+Since the `DatenuebermittlerPseudonymId` is the same for every of these employee accounts, the connection to a Facility can still be modelled as one-to-one.
+
+
+=== Usage
+The connection is established when entities interact with the health department and initiate new link:../../../crosscutting-concepts/abstract-domain-model/procedures/Procedures.adoc[Procedures]
+or link:../../../crosscutting-concepts/gdpr/gdpr.adoc[GDPR Procedures].
+This means, that Business Modules have to implement the handling of external data (see above) in connection with
+link:../../../context-and-scope/interfaces/bund-id-interface.adoc[BundID] and link:../../../context-and-scope/interfaces/mein-unternehmenskonto-interface.adoc[MUK].
+In fact, whenever the connection is established, external data from the Online-Portal is a trustworthy source and can be handled without an additional verification step.
+
diff --git a/solution-strategy/base-modules/central-file/domain/muk-facility-bundid-person-link.puml b/solution-strategy/base-modules/central-file/domain/muk-facility-bundid-person-link.puml
new file mode 100644
index 0000000000000000000000000000000000000000..8a80c64a3d38b8f3aa637908c21501ced58b1235
--- /dev/null
+++ b/solution-strategy/base-modules/central-file/domain/muk-facility-bundid-person-link.puml
@@ -0,0 +1,18 @@
+@startuml
+skinparam linetype ortho
+
+title MUK-Facility and BundID-Person Link
+
+class "MukFacilityLink" as MukFacilityLink{
+ id: long [1..1]
+ mukId: String [1..1]
+ referenceFacility: Facility [1..1]
+}
+
+class "BundIdPersonLink" as BundIdPersonLink{
+ id: long [1..1]
+ bundId: String [1..1]
+ referencePerson: Person [1..1]
+}
+
+@enduml
\ No newline at end of file
diff --git a/solution-strategy/base-modules/contact-management/contacts.adoc b/solution-strategy/base-modules/contact-management/contacts.adoc
index dda0ed0c90255ca370db9b3c550abbba3e8482a3..9aa7c468b95c26193d7478d1c07be00383c406f7 100644
--- a/solution-strategy/base-modules/contact-management/contacts.adoc
+++ b/solution-strategy/base-modules/contact-management/contacts.adoc
@@ -5,8 +5,8 @@ Contacts in the Contact Management can either be Persons or Institutions with wh
If a Person or Institution is subject to a Procedure, they are normally part of the link:../central-file/central-file.adoc[Central File] with its increased requirements on privacy and data security (e.g., File State concept).
However, there are exceptions if the requirements for privacy and data security do not have to be that high:
-E.g., in the ESU, a school is mainly functioning as a contact, in whose building the examinations are performed.
-In that case, the school is listed as an institution in the Contact Management.
+E.g., in the link:../../business-modules/school-entry/SchoolEntry.adoc[ESU Module], a school is mainly functioning as a Contact, in whose building the examinations are performed.
+In that case, the school is listed as an Institution in the Contact Management.
In fact, the same school may exist in the link:../central-file/central-file.adoc[Central File] as well, if it is subject to a Procedure (e.g., of measles protection).
Contacts can be administered and viewed in the Base Module.
@@ -57,6 +57,12 @@ The Contacts API additionally offers an endpoint to get a list of Contacts which
GET /contacts/{id}/merged-contacts
----
+In addition, a broadcast to Business Modules, that strongly rely on Contacts, has been implemented.
+For instance, the link:../../business-modules/school-entry/SchoolEntry.adoc[School Entry Module] associates schools,
+which are modelled as Institutions in the Contact Management, in their
+link:../../../crosscutting-concepts/abstract-domain-model/procedures/Procedures.adoc[Procedures] as locations for the examination.
+In order to sustain features like filtering for those schools, the module is informed about merges this way and processes them.
+
== Searching and getting existing Contacts
The Contacts API offers endpoints to get information on existing/given Contacts:
[source]
@@ -88,7 +94,7 @@ For a Person, the parsed `firstName` and `name` are used to perform a search in
If none are found, the normal dialog for adding a new Contact is shown.
If similar already existing entries are found, those are displayed.
The user can then choose to either merge the imported Contact data into an existing one or create a new Contact nonetheless.
-For an institution, `name` and `street` are used.
+For an Institution, `name` and `street` are used.
== History
The Contact Management API offers an endpoint to get the complete history of changes for each Contact:
diff --git a/solution-strategy/base-modules/procedure-metrics/procedure-metrics.adoc b/solution-strategy/base-modules/procedure-metrics/procedure-metrics.adoc
index e51b1e1585d94cb1b2ca97f1a47129193e5a98e7..3e508b303faaddaf96c08689beb0cd1a2fe4c997 100644
--- a/solution-strategy/base-modules/procedure-metrics/procedure-metrics.adoc
+++ b/solution-strategy/base-modules/procedure-metrics/procedure-metrics.adoc
@@ -1,20 +1,91 @@
-= Procedure Metrics
+= Procedure- and Task Metrics
-The Procedure Metrics are a high-level overview about the procedure-states of all procedure types, grouped by the
-respective business module.
+The Procedure Metrics are a high-level overview about the procedure-states of
+all procedure types, grouped by the respective business module.
+
+Task Metrics are a high-level overview about the Tasks of a specific procedure type (i.e. process) of a specific business module.
+
+It is meant as a monitoring view for heads of the health department and its
+business departments.
+
+== Communication: Procedure Metrics Retrieval
+
+link:../../../glossary/P/procedure.adoc[Procedures] are entities of the
+different business modules. Given the appropriate role, a user can access the
+metrics of all business modules via the GA-Lotse employee portal. The portal
+retrieves metrics information by querying the base module, which in turn
+interacts with all relevant business modules to extract the required data.
+
+.Data flow for procedure metrics
+[plantuml, bar, svg]
+....
+include::uml/procedure-metrics-read.puml[]
+....
-It is meant as a monitoring view for heads of the health department and its business departments.
== Display: Procedure Metrics Tables
-There is a table for each business module on the procedure metrics page. If several procedure definitions are
-implemented for a business module, more than one row is displayed. The frequency is displayed in columns for each
-procedure status. The average processing time is also displayed.
-In addition, there are global metrics at the top of the page that show frequencies across all procedure definitions.
+On the procedure metrics page, a dedicated table is provided for each business
+module. Each table displays multiple rows if multiple procedure definitions
+(i.e. processes) are implemented within that business module. Each row
+represents a specific process, listing its total count followed by the counts of
+procedures categorized by their state (such as `OPEN`, `IN_PROGRESS`, `ABORTED`,
+or `CLOSED`). Additionally, the table highlights the average processing time for
+each process, providing a comprehensive view of the operational metrics.
+
+In addition, there are global metrics at the top of the page that show
+frequencies across all procedure definitions (processes).
-the following endpoint of the base API is called, which returns the frequencies and average processing times.
+the following endpoint of the base API is called, which returns the counts and
+average processing time for each available process.
[source]
----
GET /procedure-metrics
-----
\ No newline at end of file
+----
+
+By selecting a specific process, a user with the appropriate role can access the
+task metrics page of that process that provides detailed information gathered
+from the closed procedures in a given timeframe.
+
+== Communication: Task Metrics Retrieval
+
+link:../../../glossary/T/tasks.adoc[Tasks] are defined as steps within a
+business module process, and thus, also of the procedures that are the instances
+of these processes.
+
+Users with the appropriate roles can access task metrics for a specified process
+through the GA-Lotse employee portal, specifically via the procedure metrics
+page. The portal gathers task metrics by querying the base module, which then
+communicates with the relevant business module to extract the necessary data.
+
+.Data flow for task metrics
+[plantuml, bar, svg]
+....
+include::uml/procedure-metrics-read.puml[]
+....
+
+
+== Display: Task Metrics Tables
+
+On the task metrics page, a table is displayed for a specified process (i.e.,
+procedure type) over a selectable timeframe. Each row within the table
+represents an individual task from the selected process, detailing the task
+description, its average duration, and the counts of closed procedures that
+performed the task once, twice, more than twice, or not at all.
+
+Additionally, two separate tables present the five fastest and the five slowest
+procedures respectively from the selected process within the chosen timeframe.
+
+At the top of the page, the total number of closed procedures for the selected
+process is displayed, along with the duration of the fastest and slowest
+procedures recorded in the specified timeframe.
+
+To fetch this data, the following endpoint from the base API is called, which
+returns all relevant task metrics based on the specified time range, business
+module, and process (i.e. procedure type).
+
+[source]
+----
+GET /task-metrics
+----
diff --git a/solution-strategy/base-modules/procedure-metrics/uml/procedure-metrics-read.puml b/solution-strategy/base-modules/procedure-metrics/uml/procedure-metrics-read.puml
new file mode 100644
index 0000000000000000000000000000000000000000..0283e47012d717fb33a0a6f2149c5d883e33d11e
--- /dev/null
+++ b/solution-strategy/base-modules/procedure-metrics/uml/procedure-metrics-read.puml
@@ -0,0 +1,44 @@
+@startuml
+skinparam maxMessageSize 600
+skinparam sequence {
+ LifeLineBorderColor Blue
+ LifeLineBackgroundColor Lightblue
+}
+
+skinparam actor {
+ BackgroundColor Lightgrey
+ BorderColor Blue
+}
+
+skinparam Participant {
+ BackgroundColor Lightgrey
+ FontColor Black
+ BorderColor Blue
+}
+
+skinparam Arrow {
+ Color Black
+}
+
+actor "User with\nmetrics access" as user
+participant "Employee-\nportal" as gui
+participant "Base Module" as base
+participant "Business Module" as business
+
+user -> gui : Opens procedure-\nmetrics page
+activate gui
+gui -> base : ""GET /procedure-metrics""\n + ""see OpenApiSpec for relevant data""
+activate base
+
+par for each available ""Business Module""
+ base -> business : ""GET procedureMetrics""
+ activate business
+ business ->> base: procedureMetrics
+ deactivate business
+end par
+
+base -->> gui: ""procedureMetrics""-object
+gui -->> user: Displays procedure-\nmetrics page
+
+@enduml
+
diff --git a/solution-strategy/base-modules/procedure-metrics/uml/task-metrics-read.puml b/solution-strategy/base-modules/procedure-metrics/uml/task-metrics-read.puml
new file mode 100644
index 0000000000000000000000000000000000000000..b6f996f1adcdce49a1a8f4bc262c9bc30d077471
--- /dev/null
+++ b/solution-strategy/base-modules/procedure-metrics/uml/task-metrics-read.puml
@@ -0,0 +1,43 @@
+@startuml
+skinparam maxMessageSize 600
+skinparam sequence {
+ LifeLineBorderColor Blue
+ LifeLineBackgroundColor Lightblue
+}
+
+skinparam actor {
+ BackgroundColor Lightgrey
+ BorderColor Blue
+}
+
+skinparam Participant {
+ BackgroundColor Lightgrey
+ FontColor Black
+ BorderColor Blue
+}
+
+skinparam Arrow {
+ Color Black
+}
+
+actor "User with\nmetrics access" as user
+participant "Employee-\nportal" as gui
+participant "Base Module" as base
+participant "Selected Business Module" as business
+
+user -> gui : Opens task-\nmetrics page
+activate gui
+gui -> base : ""GET /task-metrics""\n + ""see OpenApiSpec for relevant data""
+activate base
+
+base -> business : ""GET taskMetrics""
+activate business
+business ->> base: taskMetrics
+deactivate business
+
+
+base -->> gui: ""taskMetrics""-object
+gui -->> user: Displays task-\nmetrics page
+
+@enduml
+
diff --git a/solution-strategy/business-modules/inspection/include/facility.adoc b/solution-strategy/business-modules/inspection/include/facility.adoc
index bcdda8acbb1a48813b797f3a28d12cf61f14007e..fc50eef237b410853305ee3adb7b957068115606 100644
--- a/solution-strategy/business-modules/inspection/include/facility.adoc
+++ b/solution-strategy/business-modules/inspection/include/facility.adoc
@@ -35,17 +35,18 @@ For the front end, the following services are available, see also xref:#user-con
* Get an existing or create a new inspection facility based on facility of the base module +
`POST /facilities/base`
+* export banned facilities +
+`GET /facilities/export-banned`
+
* Get overview of facilities with pending inspections +
`GET /facilities/pending`
-* Get a facility +
-`GET /facilities/{id}`
* Update a facility +
`PUT /facilities/{id}`
-* Create a new inspection for a facility +
-`POST /facilities/{id}/inspection`
+* Get history of inspections for the current facility +
+`GET /facilities/{id}/history`
[.text-right]
xref:#user-content-preface[top]
\ No newline at end of file
diff --git a/solution-strategy/business-modules/inspection/include/inspection-procedure.adoc b/solution-strategy/business-modules/inspection/include/inspection-procedure.adoc
index a8faa7d6ee98c4bd0eb2724a28937d5b9672a911..cdc4630016b867434de5f07c672bb5abd13fda9f 100644
--- a/solution-strategy/business-modules/inspection/include/inspection-procedure.adoc
+++ b/solution-strategy/business-modules/inspection/include/inspection-procedure.adoc
@@ -121,11 +121,10 @@ For the attributes of the entities checklist, facility, report, and inspection t
For the front end, the following services are available, see also xref:#user-content-inspection-api[Inspection API].
+* Download an inspection report +
+`GET /inspections/report/{reportId}`
-* Create a new inspection +
-`POST /inspections`
-
* Get details of an inspection +
`GET /inspections/{id}`
@@ -134,21 +133,67 @@ For the front end, the following services are available, see also xref:#user-con
`PATCH /inspections/{id}`
-* Get available checklist definition versions to choose from for this inspection +
+* Starts a new inspection +
+`POST /inspections/{id}`
+
+
+* Approve an inspection (after finalization) +
+`POST /inspections/{id}/approve`
+
+
+* Get available checklist definition versions to choose from for this inspection +
`GET /inspections/{id}/cldversions`
-* Update an inspection: add, update or remove inventory +
+* Get facility duplicates of an inspection +
+`GET /inspections/{id}/facility-duplicates`
+
+
+* Finalize an inspection +
+`POST /inspections/{id}/finalize`
+
+
+* Get inspection duplicates of an inspection +
+`GET /inspections/{id}/inspection-duplicates`
+
+
+* Update an inspection: add, update or remove inventory +
`PUT /inspections/{id}/inventory`
-* Update an inspection: add resource +
+* Get available packlist definition revisions to choose from for this inspection +
+`GET /inspections/{id}/pldrevisions`
+
+
+* Resolves a facility duplicate for an inspection by choosing a facility +
+`POST /inspections/{id}/resolve-facility-duplicate`
+
+
+* Resolves an inspection duplicate for an inspection by choosing whether to keep or discard an inspection +
+`POST /inspections/{id}/resolve-inspection-duplicate`
+
+
+* Update an inspection: add resource +
`POST /inspections/{id}/resource`
-* Update an inspection: remove resource +
+* Update an inspection: remove resource +
`DELETE /inspections/{id}/resource/{resourceId}`
+* Update a differing facility file state by taking over the data from the associated reference facility +
+`POST /inspections/{id}/sync-file-state`
+
+
+* Perform a consistent update of the existent facility file state and its associated reference facility
+`POST /inspections/{id}/update-file-state-and-reference`
+
+
+
+
+
+
+
+
[.text-right]
xref:#user-content-preface[top]
\ No newline at end of file
diff --git a/solution-strategy/business-modules/medical-registry/medical-registry.adoc b/solution-strategy/business-modules/medical-registry/medical-registry.adoc
index 3e462220e3a37a19f8cb2306c338729ab4c90dad..993d456e00d406f93c84e09853d06bf23dc6ea68 100644
--- a/solution-strategy/business-modules/medical-registry/medical-registry.adoc
+++ b/solution-strategy/business-modules/medical-registry/medical-registry.adoc
@@ -41,11 +41,13 @@ The form in the Citizen Portal offers the same functionality for all persons who
The system generates a draft procedure from the data transmitted in the form.
This draft procedure must be verified by an employee in the next step.
-The data contained in the form is transferred with the following request:
+The data contained in the form is transferred with the following request
+ (the “/public†endpoint is used by the online portal):
[source]
----
POST /medical-registry-entries
+POST /medical-registry-entries/public
----
The transferred data is saved in different locations.
@@ -105,7 +107,15 @@ The following endpoint is offered for this purpose:
POST /medical-registry-entries/{procedureId}/confirmEntry
----
-Several cases must be distinguished in the backend.
+In order to offer the user a selection of persons from the central file who pontentially belong to the draft procedure,
+the following endpoint is used to query the corresponding persons:
+[source]
+----
+GET /procedures/searchByPerson
+----
+
+Depending on whether a person and/or an institution has been selected by the user,
+different endpoints of the base module are used.
==== A “personId†has been transferred
@@ -160,15 +170,22 @@ the existing procedure is closed.
Before using the medical registry for the first time, the existing medical registry can be imported
from the old system.
A separate page is available to employees with the MEDICAL_REGISTRY_IMPORT role in the GUI for this purpose.
-There they have the option of downloading an Excel template.
+There they have the option of downloading an Excel template:
+[source]
+----
+POST /import
+----
+
+
In a second step the import job then imports all entries from the uploaded Excel into the system.
-*Important*: The import-job should only be carried out once!
+*Important*: Data records should only ever be imported once,
+as otherwise duplicates are created in the system that cannot be easily removed.
The following endpoint is used for the import.
[source]
----
-POST /medicalRegitry/import
+GET /import/template
----
The transferred data is saved in different locations.
diff --git a/solution-strategy/business-modules/medical-registry/uml/medical-registry-procedure.puml b/solution-strategy/business-modules/medical-registry/uml/medical-registry-procedure.puml
index e6ace70bbf690e810296b285bf62454885558d15..e3aff7d3b3edc7a237456d4368f81c7d333bd3c3 100644
--- a/solution-strategy/business-modules/medical-registry/uml/medical-registry-procedure.puml
+++ b/solution-strategy/business-modules/medical-registry/uml/medical-registry-procedure.puml
@@ -80,6 +80,8 @@ class "Procedure"{
typeOfChange: ENUM [1..1]
}
+ note right of Procedure : Depending on the typeOfChange, there are slightly different versions of the procedure.
+
class "RelatedPerson"{
id: long [1..1]
externalId: UUID [1..1]
diff --git a/solution-strategy/solution-strategy.adoc b/solution-strategy/solution-strategy.adoc
index 8117c56b2339e2413dbf8458e1b9e33490f4c204..e1823d58b2e1e7b0d2d1418ff9cac0d56f33faf6 100644
--- a/solution-strategy/solution-strategy.adoc
+++ b/solution-strategy/solution-strategy.adoc
@@ -12,7 +12,7 @@
- link:service-mesh/certificate-management/certificate-management.adoc[Certificate Management]
* link:central-services/central-services.adoc[Central services]
- link:central-services/central-repository/central-repository.adoc[Central Repository]
-* Base modules
+* Base module
- link:base-modules/calendar/calendars-and-appointments.adoc[Calendar]
- link:base-modules/central-file/central-file.adoc[Central file]
- link:base-modules/contact-management/contacts.adoc[Contact management]
@@ -24,6 +24,7 @@
- link:base-modules/keycloak/permissions-roles-groups.adoc[Roles, Groups, Permissions]
- link:base-modules/statistics-module/statistics.adoc[Statistics]
- link:base-modules/dashboard/dashboard.adoc[Dashboard]
+- link:base-modules/procedure-metrics/procedure-metrics.adoc[Procedure- and Task Metrics]
- link:base-modules/general-inbox/general-inbox.adoc[General inbox]
- link:base-modules/department-info/department-info.adoc[Department Information]
- link:base-modules/email/email.adoc[Email]