/**
* @method POST
*/
function post()
{
// get token
$token = Utilities::ValidateJWTToken(apache_request_headers());
// check if token is not null
if ($token != NULL) {
$user = User::GetByUserId($token->UserId);
// creates an access object
$access = Utilities::SetAccess($user);
parse_str($this->request->data, $request);
// parse request
$pageId = $request['pageId'];
$tags = $request['tags'];
// get page
$page = Page::GetByPageId($pageId);
// check permissions
if (Utilities::CanPerformAction($page['PageTypeId'], $access['CanEdit']) == false) {
return new Tonic\Response(Tonic\Response::BADREQUEST);
}
$page = Page::EditTags($pageId, $tags, $token->UserId);
// return a json response
$response = new Tonic\Response(Tonic\Response::OK);
$response->contentType = 'application/json';
$response->body = json_encode($page);
return $response;
} else {
// unauthorized access
return new Tonic\Response(Tonic\Response::UNAUTHORIZED);
}
}
