Commit 08d0a1ac by Klimov Paul

Merge branch 'master' of github.com:yiisoft/yii2

parents 3abefac6 2e4625d6
......@@ -9,6 +9,7 @@ Yii Framework 2 Change Log
- Bug #5314: Fixed typo in the implementation of `yii\web\Session::getHasSessionId()` (qiangxue)
- Bug #5323: Nested dropdown does not work for `yii\bootstrap\DropDown` (aryraditya)
- Bug #5336: `yii\bootstrap\DropDown` should register bootstrap plugin asset (zelenin)
- Bug #5379: `Module::afterAction()` was called even when `beforeAction()` returned false (cebe)
- Bug: Date and time formatting now assumes UTC as the timezone for input dates unless a timezone is explicitly given (cebe)
- Enh #4040: Added `$viewFile` and `$params` to the `EVENT_BEFORE_RENDER` and `EVENT_AFTER_RENDER` events for `View` (qiangxue)
- Enh #4275: Added `removeChildren()` to `yii\rbac\ManagerInterface` and implementations (samdark)
......
......@@ -134,6 +134,7 @@ class Controller extends Component implements ViewContextInterface
$modules = [];
$runAction = true;
// call beforeAction on modules
foreach ($this->getModules() as $module) {
if ($module->beforeAction($action)) {
array_unshift($modules, $module);
......@@ -145,17 +146,18 @@ class Controller extends Component implements ViewContextInterface
$result = null;
if ($runAction) {
if ($this->beforeAction($action)) {
if ($runAction && $this->beforeAction($action)) {
// run the action
$result = $action->runWithParams($params);
$result = $this->afterAction($action, $result);
}
}
// call afterAction on modules
foreach ($modules as $module) {
/* @var $module Module */
$result = $module->afterAction($action, $result);
}
}
$this->action = $oldAction;
......
......@@ -15,7 +15,7 @@ use yii\web\Response;
/**
* Cors filter implements [Cross Origin Resource Sharing](http://en.wikipedia.org/wiki/Cross-origin_resource_sharing).
* Make sure to read carefully what CORS does and does not. CORS do not secure your API,
* but allow the developper to grant access to third party code (ajax calls from external domain)
* but allow the developer to grant access to third party code (ajax calls from external domain)
*
* You may use CORS filter by attaching it as a behavior to a controller or module, like the following,
*
......@@ -120,7 +120,7 @@ class Cors extends ActionFilter
}
/**
* Extract CORS headers fron the request
* Extract CORS headers from the request
* @return array CORS headers to handle
*/
public function extractHeaders()
......@@ -177,7 +177,7 @@ class Cors extends ActionFilter
* Handle classic CORS request to avoid duplicate code
* @param string $type the kind of headers we would handle
* @param array $requestHeaders CORS headers request by client
* @param array $responseHeaders CORS response headers sent to the clinet
* @param array $responseHeaders CORS response headers sent to the client
*/
protected function prepareAllowHeaders($type, $requestHeaders, &$responseHeaders)
{
......@@ -205,7 +205,7 @@ class Cors extends ActionFilter
/**
* Adds the CORS headers to the response
* @param Response $response
* @param array CORS headers which have been compouted
* @param array CORS headers which have been computed
*/
public function addCorsHeaders($response, $headers)
{
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment