/** * @method POST */ function post() { // get token $token = Utilities::ValidateJWTToken(apache_request_headers()); // check if token is not null if ($token != NULL) { $site = Site::GetBySiteId($token->SiteId); $user = User::GetByUserId($token->UserId); // creates an access object $access = Utilities::SetAccess($user); parse_str($this->request->data, $request); // parse request // get page id $pageId = $request['pageId']; // get page and site $page = Page::GetByPageId($pageId); // default is root $pageTypeId = $page['PageTypeId']; // get permissions $canEdit = Utilities::CanPerformAction($pageTypeId, $access['CanEdit']); $canPublish = Utilities::CanPerformAction($pageTypeId, $access['CanPublish']); // check permissions if ($canEdit == false && $canPublish == false) { return new Tonic\Response(Tonic\Response::UNAUTHORIZED); } // removes the draft for the page Publish::RemoveDraft($pageId); // return successful response return new Tonic\Response(Tonic\Response::OK); } else { // unauthorized access return new Tonic\Response(Tonic\Response::UNAUTHORIZED); } }