silverstripe-framework/docs/en/changelogs/rc/3.2.0.md

# 3.2.0 (unreleased)

## Overview

### CMS

 * Moved SS_Report and ReportAdmin out to a separate module. If you're using
composer or downloading a release, this module should be included for you.
Otherwise, you'll need to include the module yourself 
(https://github.com/silverstripe-labs/silverstripe-reports)

### Framework

 * API: Removed URL routing by controller name
 * Security: The multiple authenticator login page should now be styled manually - i.e. without the default jQuery UI layout. A new template, Security_MultiAuthenticatorLogin.ss is available.
 * Security: This controller's templates can be customised by overriding the `getTemplate` function.

## Details

### API: Removed URL routing by controller name

The auto-routing of controller class names to URL endpoints
has been removed (rule: `'$Controller//$Action/$ID/$OtherID': '*'`).
This increases clarity in routing since it makes URL entpoints explicit,
and thereby simplifies system and security reviews.

Please access any custom controllers exclusively through self-defined
[routes](/reference/director). For controllers extending `Page_Controller`,
simply use the provided page URLs.

	:::php
	class MyController extends Controller {
		static $allowed_actions = array('myaction');
		public function myaction($request) {
			// ...
		}
	}

Create a new file `mysite/_config/routes.yml` 
(read more about the [config format](/topics/configuration)).
Your controller is now available on `http://yourdomain.com/my-controller-endpoint`,
after refreshing the configuration cache through `?flush=all`.

	:::yaml
	---
	Name: my-routes
	After: framework/routes#coreroutes
	---
	Director:
  		rules:
    		'my-controller-endpoint//$Action' : 'MyController'


The auto-routing is still in place for unit tests,
since its a frequently used feature there. Although we advise against it,
you can reinstate the old behaviour through a director rule:

	:::yaml
	---
	Name: my-routes
	After: framework/routes#coreroutes
	---
	Director:
  		rules:
    		'$Controller//$Action/$ID/$OtherID':  '*'
Added note about reports API change in 3.2.0 changelog 2013-01-17 09:54:33 +01:00			`# 3.2.0 (unreleased)`

API Removed auto-routing of controller name Use custom routing rules to achieve this effect (see changelog) 2013-01-29 14:14:47 +01:00			`## Overview`
Added note about reports API change in 3.2.0 changelog 2013-01-17 09:54:33 +01:00
API Removed auto-routing of controller name Use custom routing rules to achieve this effect (see changelog) 2013-01-29 14:14:47 +01:00			`### CMS`
Added note about reports API change in 3.2.0 changelog 2013-01-17 09:54:33 +01:00
API Removed auto-routing of controller name Use custom routing rules to achieve this effect (see changelog) 2013-01-29 14:14:47 +01:00			`* Moved SS_Report and ReportAdmin out to a separate module. If you're using`
Added note about reports API change in 3.2.0 changelog 2013-01-17 09:54:33 +01:00			`composer or downloading a release, this module should be included for you.`
			`Otherwise, you'll need to include the module yourself`
			`(https://github.com/silverstripe-labs/silverstripe-reports)`

API Removed auto-routing of controller name Use custom routing rules to achieve this effect (see changelog) 2013-01-29 14:14:47 +01:00			`### Framework`

			`* API: Removed URL routing by controller name`
Updating docs for Security template changes See https://github.com/silverstripe/sapphire/pull/1807 2013-05-08 12:52:36 +02:00			`* Security: The multiple authenticator login page should now be styled manually - i.e. without the default jQuery UI layout. A new template, Security_MultiAuthenticatorLogin.ss is available.`
			* Security: This controller's templates can be customised by overriding the `getTemplate` function.
API Removed auto-routing of controller name Use custom routing rules to achieve this effect (see changelog) 2013-01-29 14:14:47 +01:00
			`## Details`

			`### API: Removed URL routing by controller name`

			`The auto-routing of controller class names to URL endpoints`
			has been removed (rule: `'$Controller//$Action/$ID/$OtherID': '*'`).
			`This increases clarity in routing since it makes URL entpoints explicit,`
			`and thereby simplifies system and security reviews.`

			`Please access any custom controllers exclusively through self-defined`
			[routes](/reference/director). For controllers extending `Page_Controller`,
			`simply use the provided page URLs.`

			`:::php`
			`class MyController extends Controller {`
			`static $allowed_actions = array('myaction');`
			`public function myaction($request) {`
			`// ...`
			`}`
			`}`

			Create a new file `mysite/_config/routes.yml`
			`(read more about the [config format](/topics/configuration)).`
			Your controller is now available on `http://yourdomain.com/my-controller-endpoint`,
			after refreshing the configuration cache through `?flush=all`.

			`:::yaml`
			`---`
			`Name: my-routes`
			`After: framework/routes#coreroutes`
			`---`
			`Director:`
			`rules:`
			`'my-controller-endpoint//$Action' : 'MyController'`


			`The auto-routing is still in place for unit tests,`
			`since its a frequently used feature there. Although we advise against it,`
			`you can reinstate the old behaviour through a director rule:`

			`:::yaml`
			`---`
			`Name: my-routes`
			`After: framework/routes#coreroutes`
			`---`
			`Director:`
			`rules:`
Updating docs for Security template changes See https://github.com/silverstripe/sapphire/pull/1807 2013-05-08 12:52:36 +02:00			`'$Controller//$Action/$ID/$OtherID': '*'`