/** * @method POST */ function post() { // get token $token = Utilities::ValidateJWTToken(apache_request_headers()); // check if token is not null if ($token != NULL) { $user = User::GetByUserId($token->UserId); // creates an access object $access = Utilities::SetAccess($user); parse_str($this->request->data, $request); // parse request $pageId = $request['pageId']; $tags = $request['tags']; // get page $page = Page::GetByPageId($pageId); // check permissions if (Utilities::CanPerformAction($page['PageTypeId'], $access['CanEdit']) == false) { return new Tonic\Response(Tonic\Response::BADREQUEST); } $page = Page::EditTags($pageId, $tags, $token->UserId); // return a json response $response = new Tonic\Response(Tonic\Response::OK); $response->contentType = 'application/json'; $response->body = json_encode($page); return $response; } else { // unauthorized access return new Tonic\Response(Tonic\Response::UNAUTHORIZED); } }