fixing conflit with api branch

Leandro Santos
2 parents 2066e859 5fc16fc4
Showing 45 changed files with 706 additions and 774 deletions Show diff stats
AUTHORS.md
Gemfile
app/models/add_friend.rb
app/models/add_member.rb
app/models/approve_article.rb
app/models/change_password.rb
app/models/create_community.rb
app/models/create_enterprise.rb
app/models/email_activation.rb
app/models/enterprise_activation.rb
app/models/invitation.rb
app/models/moderate_user_registration.rb
app/models/profile.rb
app/models/suggest_article.rb
app/models/task.rb
app/views/api/playground.html.erb
config.ru
config/application.rb
config/initializers/eager_load.rb
debian/changelog
@@ -83,6 +83,9 @@ Carlos Morais + Eduardo Morais &lt;carlos88morais@gmail.com&gt;
 Carlos Morais + Paulo Meirelles <carlos88morais@gmail.com>
 Carlos Morais + Pedro Leal <carlos88morais@gmail.com>
 Carlos Morais <carlos88morais@gmail.com>
+Christophe DANIEL <papaeng@gmail.com>
+Daniel Alves + Diego Araújo <danpaulalves@gmail.com>
+Daniel Alves + Diego Araújo <diegoamc90@gmail.com>
 Daniel Alves + Diego Araújo + Guilherme Rojas <danpaulalves@gmail.com>
 Daniel Alves + Diego Araújo + Guilherme Rojas <diegoamc90@gmail.com>
 Daniel Alves + Diego Araújo + Guilherme Rojas <guilhermehrojas@gmail.com>
@@ -128,6 +131,7 @@ Eduardo Vital &lt;vitaldu@gmail.com&gt;
 Evandro Jr <evandrojr@gmail.com>
 Evandro Junior <evandrojr@gmail.com>
 Evandro Magalhaes Leite Junior <evandro.leite@serpro.gov.br>
+Fabio Teixeira <fabio1079@gmail.com>
 FAMMA TV NOTICIAS MEDIOS DE CO <revistafammatvmusic.oficial@gmail.com>
 Fabio Teixeira <fabio1079@gmail.com>
 Fernanda Lopes <nanda.listas+psl@gmail.com>
@@ -18,6 +18,7 @@ gem &#39;exception_notification&#39;,   &#39;~&gt; 4.0.1&#39;
 gem 'gettext',                  '~> 2.2.1', :require => false
 gem 'locale',                   '~> 2.0.5'
 gem 'whenever', :require => false
+gem 'eita-jrails', '~> 0.9.5', require: 'jrails'
 gem 'grape',                    '~> 0.11.0'
 gem 'grape-entity'
 gem 'grape-swagger'
@@ -30,7 +31,9 @@ gem &#39;liquid&#39;,                    &#39;~&gt; 3.0.3&#39;
 # FIXME list here all actual dependencies (i.e. the ones in debian/control),
 # with their GEM names (not the Debian package names)
-gem 'eita-jrails', '~> 0.9.5', require: 'jrails'
+
+# FIXME list here all actual dependencies (i.e. the ones in debian/control),
+# with their GEM names (not the Debian package names)
 # asset pipeline
 gem 'uglifier', '>= 1.0.3'
@@ -14,6 +14,9 @@ class AddFriend &lt; Task
   alias :friend :target
   alias :friend= :target=
+	validates :requestor, :kind_of => { :kind => Person }
+	validates :target, :kind_of => { :kind => Person }
+
   after_create do |task|
     TaskMailer.invitation_notification(task).deliver unless task.friend
     remove_from_suggestion_list(task)
@@ -2,6 +2,9 @@ class AddMember &lt; Task
   validates_presence_of :requestor_id, :target_id
+  validates :requestor, kind_of: {kind: Person}
+  validates :target, kind_of: {kind: Organization}
+
   alias :person :requestor
   alias :person= :requestor=
 class ApproveArticle < Task
   validates_presence_of :requestor_id, :target_id
+  validates :requestor, kind_of: {kind: Person}
+  validate :allowed_requestor
+
+  def allowed_requestor
+    if target
+      if target.person? && requestor != target
+        self.errors.add(:requestor, _('You can not post articles to other users.'))
+      end
+      if target.organization? && !target.members.include?(requestor) && target.environment.portal_community != target
+        self.errors.add(:requestor, _('Only members can post articles on communities.'))
+      end
+    end
+  end
+
   def article_title
     article ? article.title : _('(The original text was removed)')
   end
-  
+
   def article
     Article.find_by_id data[:article_id]
   end
@@ -124,4 +138,9 @@ class ApproveArticle &lt; Task
     message
   end
+  def request_is_member_of_target
+    unless requestor.is_member_of?(target)
+      errors.add(:approve_article, N_('Requestor must be a member of target.'))
+    end
+  end
 end
@@ -18,6 +18,8 @@ class ChangePassword &lt; Task
   validates_presence_of :requestor
+  validates :requestor, kind_of: {kind: Person}
+
   ###################################################
   # validations for updating a ChangePassword task 
@@ -3,6 +3,9 @@ class CreateCommunity &lt; Task
   validates_presence_of :requestor_id, :target_id
   validates_presence_of :name
+  validates :requestor, kind_of: {kind: Person}
+  validates :target, kind_of: {kind: Environment}
+
   alias :environment :target
   alias :environment= :target=
@@ -27,6 +27,8 @@ class CreateEnterprise &lt; Task
   # checks for actual attributes
   validates_presence_of :requestor_id, :target_id
+  validates :requestor, kind_of: {kind: Person}
+
   # checks for admins required attributes
   DATA_FIELDS.each do |attribute|
     validates_presence_of attribute, :if => lambda { |obj| obj.environment.required_enterprise_fields.include?(attribute) }
 class EmailActivation < Task
   validates_presence_of :requestor_id, :target_id
+
+  validates :requestor, kind_of: {kind: Person}
+  validates :target, kind_of: {kind: Environment}
+
   validate :already_requested, :on => :create
   alias :environment :target
   alias :person :requestor
   def already_requested
-    if !self.requestor.nil? && self.requestor.user.email_activation_pending?
+    if !self.requestor.nil? && self.requestor.person? && self.requestor.user.email_activation_pending?
       self.errors.add(:base, _('You have already requested activation of your mailbox.'))
     end
   end
@@ -8,6 +8,8 @@ class EnterpriseActivation &lt; Task
   validates_presence_of :enterprise
+  validates :target, kind_of: {kind: Enterprise}
+
   def perform
     self.enterprise.enable self.requestor
   end
@@ -6,6 +6,8 @@ class Invitation &lt; Task
   validates_presence_of :target_id, :if => Proc.new{|invite| invite.friend_email.blank?}
+  validates :requestor, kind_of: {kind: Person}
+
   validates_presence_of :friend_email, :if => Proc.new{|invite| invite.target_id.blank?}
   validates_format_of :friend_email, :with => Noosfero::Constants::EMAIL_FORMAT, :if => Proc.new{|invite| invite.target_id.blank?}
@@ -34,7 +36,7 @@ class Invitation &lt; Task
   end
   def not_invite_yourself
-    email = friend ? friend.user.email : friend_email
+    email = friend && friend.person? ? friend.user.email : friend_email
     if person && email && person.user.email == email
       self.errors.add(:base, _("You can't invite youself"))
     end
@@ -136,7 +138,11 @@ class Invitation &lt; Task
   end
   def environment
-    self.requestor.environment
+    if self.requestor
+      self.requestor.environment
+    else
+      nil
+    end
   end
 end
@@ -7,6 +7,8 @@ class ModerateUserRegistration &lt; Task
   after_create :schedule_spam_checking
+  validates :target, kind_of: {kind: Environment}
+
   alias :environment :target
   alias :environment= :target=
@@ -204,9 +204,9 @@ class Profile &lt; ActiveRecord::Base
     Profile.column_names.map{|n| [Profile.table_name, n].join('.')}.join(',')
   end
-  scope :visible, :conditions => { :visible => true }
+  scope :visible, :conditions => { :visible => true, :secret => false }
   scope :disabled, :conditions => { :visible => false }
-  scope :public, :conditions => { :visible => true, :public_profile => true }
+  scope :public, :conditions => { :visible => true, :public_profile => true, :secret => false }
   scope :enabled, :conditions => { :enabled => true }
   # Subclasses must override this method
@@ -92,4 +92,5 @@ class SuggestArticle &lt; Task
   def after_ham!
     self.delay.marked_as_ham
   end
+
 end
@@ -133,6 +133,51 @@ class Task &lt; ActiveRecord::Base
     end
   end
+  class KindOfValidator < ActiveModel::EachValidator
+    def validate_each(record, attribute, value)
+      environment = record.environment || Environment.default
+      klass = options[:kind]
+      group = klass.to_s.downcase.pluralize
+      id = attribute.to_s + "_id"
+      if environment.respond_to?(group)
+        attrb = value || environment.send(group).find_by_id(record.send(id))
+      else
+        attrb = value || klass.find_by_id(record.send(id))
+      end
+      if attrb.respond_to?(klass.to_s.downcase + "?")
+        unless attrb.send(klass.to_s.downcase + "?")
+          record.errors[attribute] << (options[:message] || "should be "+ klass.to_s.downcase)
+        end
+      else
+        unless attrb.class == klass
+          record.errors[attribute] << (options[:message] || "should be "+ klass.to_s.downcase)
+        end
+      end
+    end
+  end
+
+  def requestor_is_of_kind(klass, message = nil)
+    error_message = message ||= _('Task requestor must be '+klass.to_s.downcase)
+    group = klass.to_s.downcase.pluralize
+    if environment.respond_to?(group) and requestor_id
+      requestor = requestor ||= environment.send(klass.to_s.downcase.pluralize).find_by_id(requestor_id)
+    end
+    unless requestor.class == klass
+      errors.add(error_message)
+    end
+  end
+
+  def target_is_of_kind(klass, message = nil)
+    error_message = message ||= _('Task target must be '+klass.to_s.downcase)
+    group = klass.to_s.downcase.pluralize
+    if environment.respond_to?(group) and target_id
+      target = target ||= environment.send(klass.to_s.downcase.pluralize).find_by_id(target_id)
+    end
+    unless target.class == klass
+      errors.add(error_message)
+    end
+  end
+
   def close(status, closed_by)
     self.status = status
     self.end_date = Time.now
@@ -12,7 +12,11 @@ endpoints.map do |endpoint|
       }
     end
   end
-end.flatten.compact.sort{|a,b| a[:path]=='/api/v1/login' ? -1:1}.to_json %>;
+end.flatten.compact.sort{|a,b|
+  a[:path]=='/api/v1/login' ? -1 :
+  b[:path]=='/api/v1/login' ?  1 :
+  a[:path] <=> b[:path]
+}.to_json %>;
 </script>
 <form id="api-form">
@@ -6,6 +6,13 @@ require ::File.expand_path(&#39;../config/environment&#39;,  __FILE__)
 #use Rails::Rack::Static
 #run ActionController::Dispatcher.new
+use Rack::Cors do
+  allow do
+    origins '*'
+    resource '/api/*', :headers => :any, :methods => [:get, :post]
+  end
+end
+
 rails_app = Rack::Builder.new do
   run Noosfero::Application
 end
@@ -135,12 +135,5 @@ module Noosfero
     Noosfero::Plugin.setup(config)
-    config.middleware.use Rack::Cors do
-      allow do
-        origins '*'
-        resource '/api/*', :headers => :any, :methods => [:get, :post]
-      end
-    end
-
   end
 end
@@ -0,0 +1 @@
+Rails.application.eager_load!
-noosfero (1.2~1) UNRELEASED; urgency=medium
-
-  [ Antonio Terceiro ]
-  * Temporary version in heavy development
+noosfero (1.2~rc1) wheezy; urgency=medium
   [ Joenio Costa ]
   * Build noosfero-chat package
-  [ root ]
-  * Api test
+  [ Antonio Terceiro ]
+  * Noosfero 1.2 RC1
- -- root <root@17edebf1ae91>  Mon, 06 Jul 2015 14:39:06 +0000
+ -- Antonio Terceiro <terceiro@colivre.coop.br>  Mon, 13 Jul 2015 15:44:17 -0300
 noosfero (1.1) wheezy; urgency=low
@@ -52,7 +52,8 @@
         end
       end
-      ARTICLE_TYPES = Article.descendants.map{|a| a.to_s}
+      ARTICLE_TYPES = ['Article'] + Article.descendants.map{|a| a.to_s}
+      TASK_TYPES = ['Task'] + Task.descendants.map{|a| a.to_s}
       def find_article(articles, id)
         article = articles.find(id)
@@ -97,11 +98,39 @@
         if params[:categories_ids]
           articles = articles.joins(:categories).where('category_id in (?)', params[:categories_ids])
         end
+        articles
       end
-      def find_task(tasks, id)
-        task = tasks.find(id)
-        task.display_to?(current_user.person) ? task : forbidden!
+      def find_task(asset, id)
+        task = asset.tasks.find(id)
+        current_person.has_permission?(task.permission, asset) ? task : forbidden!
+      end
+
+      def post_task(asset, params)
+        klass_type= params[:content_type].nil? ? 'Task' : params[:content_type]
+        return forbidden! unless TASK_TYPES.include?(klass_type)
+
+        task = klass_type.constantize.new(params[:task])
+        task.requestor_id = current_person.id
+        task.target_id = asset.id
+        task.target_type = 'Profile'
+
+        if !task.save
+          render_api_errors!(task.errors.full_messages)
+        end
+        present task, :with => Entities::Task, :fields => params[:fields]
+      end
+
+      def present_task(asset)
+        task = find_task(asset, params[:id])
+        present task, :with => Entities::Task, :fields => params[:fields]
+      end
+
+      def present_tasks(asset)
+        tasks = select_filtered_collection_of(asset, 'tasks', params)
+        tasks = tasks.select {|t| current_person.has_permission?(t.permission, asset)}
+        return forbidden! if tasks.empty? && !current_person.has_permission?(:perform_task, asset)
+        present tasks, :with => Entities::Task, :fields => params[:fields]
       end
       def make_conditions_with_parameter(params = {})
@@ -318,7 +347,13 @@
         https.use_ssl = true
         request = Net::HTTP::Post.new(uri.path)
         request.set_form_data(verify_hash)
-        body = https.request(request).body
+        begin
+          body = https.request(request).body
+        rescue Exception => e
+          logger.error e
+          return _("Google recaptcha error: #{e.message}")
+        end
+        body = JSON.parse(body)
         body == "true\nsuccess" ? true : body
       end
@@ -337,20 +372,36 @@
         https.use_ssl = true
         request = Net::HTTP::Post.new(uri.path)
         request.set_form_data(verify_hash)
-        captcha_result = JSON.parse(https.request(request).body)
+        begin
+          body = https.request(request).body
+        rescue Exception => e
+          logger.error e
+          return _("Google recaptcha error: #{e.message}")
+        end
+        captcha_result = JSON.parse(body)
         captcha_result["success"] ? true : captcha_result
       end
       def verify_serpro_captcha(client_id, token, captcha_text, verify_uri)
-        if token == nil || captcha_text == nil
-          return _('Missing captcha data')
-        end
+        return _('Missing Serpro Captcha token') if token == nil
+        return _('Captcha text has not been filled') if captcha_text == nil
         uri = URI(verify_uri)
         http = Net::HTTP.new(uri.host, uri.port)
         request = Net::HTTP::Post.new(uri.path)
         verify_string = "#{client_id}&#{token}&#{captcha_text}"
         request.body = verify_string
+<<<<<<< HEAD
         body = http.request(request).body
+=======
+        begin
+          body = http.request(request).body
+        rescue Exception => e
+          logger.error e
+          return _("Serpro captcha error: #{e.message}")
+        end
+        return _("Wrong captcha text, please try again") if body == 0
+        return _("Token not found") if body == 2
+>>>>>>> serpro_api
         body == '1' ? true : body
       end
@@ -18,146 +18,41 @@ module Noosfero
           # Example Request:
           #  GET host/api/v1/tasks?from=2013-04-04-14:41:43&until=2015-04-04-14:41:43&limit=10&private_token=e96fff37c2238fdab074d1dcea8e6317
           get do
-            #FIXME check for permission
             tasks = select_filtered_collection_of(environment, 'tasks', params)
+            tasks = tasks.select {|t| current_person.has_permission?(t.permission, environment)}
             present tasks, :with => Entities::Task, :fields => params[:fields]
           end
           desc "Return the task id"
           get ':id' do
-            task = find_task(environment.tasks, params[:id])
+            task = find_task(environment, params[:id])
             present task, :with => Entities::Task, :fields => params[:fields]
           end
-
-
         end
-        resource :communities do
-          segment '/:community_id' do
-            resource :tasks do
-              get do
-                #FIXME check for permission
-                community = environment.communities.find(params[:community_id])
-                tasks = select_filtered_collection_of(community, 'tasks', params)
-                present tasks, :with => Entities::Task, :fields => params[:fields]
-              end
-
-              get ':id' do
-                community = environment.communities.find(params[:community_id])
-                task = find_task(community.tasks, params[:id])
-                present task, :with => Entities::Task, :fields => params[:fields]
-              end
-
-              # Example Request:
-              #  POST api/v1/communites/:community_id/articles?private_token=234298743290432&article[name]=title&article[body]=body
-              post do
-                community = environment.communities.find(params[:community_id])
-#FIXME see the correct permission
-                return forbidden! unless current_person.can_post_content?(community)
-#FIXME check the task type before create
-                klass_type= params[:content_type].nil? ? 'Task' : params[:content_type]
-#                return forbidden! unless ARTICLE_TYPES.include?(klass_type)
-#
-                task = klass_type.constantize.new(params[:task])
-                task.requestor = current_person
-                task.target = community
-
-                if !task.save
-                  render_api_errors!(task.errors.full_messages)
+        kinds = %w[community person enterprise]
+        kinds.each do |kind|
+          resource kind.pluralize.to_sym do
+            segment "/:#{kind}_id" do
+              resource :tasks do
+                get do
+                  profile = environment.send(kind.pluralize).find(params["#{kind}_id"])
+                  present_tasks(profile)
                 end
-                present task, :with => Entities::Task, :fields => params[:fields]
-              end
-
-            end
-          end
-
-        end
-
-        resource :people do
-          segment '/:person_id' do
-            resource :tasks do
-              get do
-#                person = environment.people.find(params[:person_id])
-#                articles = select_filtered_collection_of(person, 'articles', params)
-#                articles = articles.display_filter(current_person, person)
-tasks = Task.all
-                present tasks, :with => Entities::Task, :fields => params[:fields]
-              end
-
-              get ':id' do
-#                person = environment.people.find(params[:person_id])
-#                article = find_article(person.articles, params[:id])
-task = Task.first
-                present task, :with => Entities::Task, :fields => params[:fields]
-              end
-              post do
-#                person = environment.people.find(params[:person_id])
-#                return forbidden! unless current_person.can_post_content?(person)
-#
-#                klass_type= params[:content_type].nil? ? 'TinyMceArticle' : params[:content_type]
-#                return forbidden! unless ARTICLE_TYPES.include?(klass_type)
-#
-#                article = klass_type.constantize.new(params[:article])
-#                article.last_changed_by = current_person
-#                article.created_by= current_person
-#                article.profile = person
-#
-#                if !article.save
-#                  render_api_errors!(article.errors.full_messages)
-#                end
-task = Task.first
-                present task, :with => Entities::Task, :fields => params[:fields]
-              end
-
-            end
-          end
-
-        end
-
-        resource :enterprises do
-          segment '/:enterprise_id' do
-            resource :tasks do
-              get do
-#                enterprise = environment.enterprises.find(params[:enterprise_id])
-#                articles = select_filtered_collection_of(enterprise, 'articles', params)
-#                articles = articles.display_filter(current_person, enterprise)
-tasks = Task.all
-                present tasks, :with => Entities::Task, :fields => params[:fields]
-              end
-
-              get ':id' do
-#                enterprise = environment.enterprises.find(params[:enterprise_id])
-#                article = find_article(enterprise.articles, params[:id])
-task = Task.first
-                present task, :with => Entities::Task, :fields => params[:fields]
-              end
+                get ':id' do
+                  profile = environment.send(kind.pluralize).find(params["#{kind}_id"])
+                  present_task(profile)
+                end
-              post do
-#                enterprise = environment.enterprises.find(params[:enterprise_id])
-#                return forbidden! unless current_person.can_post_content?(enterprise)
-#
-#                klass_type= params[:content_type].nil? ? 'TinyMceArticle' : params[:content_type]
-#                return forbidden! unless ARTICLE_TYPES.include?(klass_type)
-#
-#                article = klass_type.constantize.new(params[:article])
-#                article.last_changed_by = current_person
-#                article.created_by= current_person
-#                article.profile = enterprise
-#
-#                if !article.save
-#                  render_api_errors!(article.errors.full_messages)
-#                end
-task = Task.first
-                present task, :with => Entities::Task, :fields => params[:fields]
+                post do
+                  profile = environment.send(kind.pluralize).find(params["#{kind}_id"])
+                  post_task(profile, params)
+                end
               end
-
             end
           end
-
         end
-
-
       end
     end
   end
 module Noosfero
   PROJECT = 'noosfero'
-  VERSION = '1.2~1'
+  VERSION = '1.2~rc1'
 end
 root = File.expand_path(File.dirname(__FILE__) + '/../..')
-Subproject commit a8aed5d9befec360868155eba1be426cee015a18
+Subproject commit 1f2171520eb4719fefc5a32f26ef2a002cd61f0d
-Subproject commit b50fd52ad1e3a1178757ea61d26e96628f7d59ae
+Subproject commit e6cd995bbde179a2b941d80ae5c1a05a4bf7ffa5
@@ -6,11 +6,11 @@ msgid &quot;&quot;
 msgstr ""
 "Project-Id-Version: 1.1-2519-g5b6a4ea\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2015-07-07 15:26-0300\n"
-"PO-Revision-Date: 2015-03-12 16:11+0200\n"
-"Last-Translator: Tuux <tuxa@galaxie.eu.org>\n"
-"Language-Team: French <https://hosted.weblate.org/projects/noosfero/noosfero/"
-"fr/>\n"
+"POT-Creation-Date: 2015-06-01 17:26-0300\n"
+"PO-Revision-Date: 2015-07-13 10:39+0200\n"
+"Last-Translator: Christophe DANIEL <papaeng@gmail.com>\n"
+"Language-Team: French "
+"<https://hosted.weblate.org/projects/noosfero/noosfero/fr/>\n"
 "Language: fr\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -7744,31 +7744,22 @@ msgstr &quot;Type&quot;
 msgid "Last update"
 msgstr "Dernière mise à jour"
-#: app/views/cms/view.html.erb:48 app/views/cms/view.html.erb:50
-#, fuzzy
-msgid "parent folder"
-msgstr "Catégorie courante :"
+#: app/views/profile_roles/destroy.html.erb:13
+msgid "To which role do you want to change them?"
+msgstr "Pour quel rôle voulez-vous les changer ?"
-#: app/views/cms/_media_new_folder.html.erb:1
-#, fuzzy
-msgid "Create new folder"
-msgstr "Créer un nouveau groupe"
+#: app/views/profile_roles/destroy.html.erb:20
+msgid "Delete role"
+msgstr "Supprimer le rôle"
 #: app/views/cms/_media_new_folder.html.erb:3
 #, fuzzy
 msgid "Choose parent folder:"
 msgstr "Catégorie courante :"
-#: app/views/cms/_media_new_folder.html.erb:13
-#: app/views/memberships/new_community.html.erb:52
-#: app/views/profile_themes/new.html.erb:8
-msgid "Create"
-msgstr "Créer"
-
-#: app/views/cms/_link_article.html.erb:3
-#, fuzzy
-msgid "Reference"
-msgstr "Adresse :"
+#: app/views/profile_roles/index.html.erb:5 app/views/role/index.html.erb:5
+msgid "Role"
+msgstr "Rôle"
 #: app/views/cms/upload_files.html.erb:3
 msgid "This file couldn't be saved"
@@ -7806,9 +7797,9 @@ msgstr &quot;Catégorie courante :&quot;
 msgid "License"
 msgstr ""
-#: app/views/cms/_blog.html.erb:3
-msgid "My Blog"
-msgstr "Mon blog"
+#: app/views/comment_notifier/mail_to_followers.html.erb:1
+msgid "Hi!"
+msgstr "Bonjour !"
 #: app/views/cms/_blog.html.erb:42
 #: app/views/profile_editor/_organization.html.erb:48
@@ -7825,10 +7816,10 @@ msgstr &quot;&quot;
 "les liens extérieurs menant à la page d'accueil ou le contenu du site lui-"
 "même. Voulez-vous vraiment la modifier ?"
-#: app/views/cms/_blog.html.erb:59
-#, fuzzy
-msgid "Cover image:"
-msgstr "image"
+#: app/views/comment_notifier/mail_to_followers.html.erb:5
+#: app/views/comment_notifier/notification.text.erb:5
+msgid "Title: %s"
+msgstr "Titre : %s"
 #: app/views/cms/_blog.html.erb:64
 #, fuzzy
@@ -7918,18 +7909,17 @@ msgstr &quot;Plus de documents&quot;
 msgid "Upload"
 msgstr "Téléverser"
-#: app/views/cms/_text_fields.html.erb:1
-#, fuzzy
-msgid "Publish date"
-msgstr "Publier le média"
+#: app/views/templates/index.html.erb:31
+msgid "Edit settings"
+msgstr "Modifier les paramètres"
 #: app/views/cms/_enterprise_homepage.html.erb:3
 msgid "Text"
 msgstr "Texte"
-#: app/views/cms/why_categorize.html.erb:1 app/views/cms/edit.html.erb:31
-msgid "Why categorize?"
-msgstr "Pourquoi catégoriser ?"
+#: app/views/templates/index.html.erb:35
+msgid "Edit header/footer"
+msgstr "Modifier en-tête/pied de page"
 #: app/views/cms/why_categorize.html.erb:4
 msgid ""
@@ -7948,10 +7938,13 @@ msgstr &quot;&quot;
 msgid "Start date and time"
 msgstr "Date de début"
-#: app/views/cms/_event.html.erb:13
-#, fuzzy
-msgid "End date and time"
-msgstr "Date de fin"
+#: app/views/home/terms.html.erb:1
+msgid "Terms of use - %s"
+msgstr "Conditions d'utilisation - %s"
+
+#: app/views/home/welcome.html.erb:4
+msgid "Welcome to %s!"
+msgstr "Bienvenue sur %s !"
 #: app/views/cms/_event.html.erb:15
 msgid "Presenter:"
@@ -7961,10 +7954,9 @@ msgstr &quot;&quot;
 msgid "Event website:"
 msgstr "Site web de l'événement :"
-#: app/views/cms/select_article_type.html.erb:3
-#, fuzzy
-msgid "Choose the type of content:"
-msgstr "Choisissez le type de l'article :"
+#: app/views/home/welcome.html.erb:11
+msgid "Confirm your account!"
+msgstr "Confirmer votre compte !"
 #: app/views/cms/_drag_and_drop_note.html.erb:3
 msgid "Drag images to add them to the text."
@@ -8038,10 +8030,9 @@ msgid &quot;&quot;
 "just search for the community below."
 msgstr ""
-#: app/views/cms/publish.html.erb:42
-#, fuzzy
-msgid "Type in a search for your community"
-msgstr "Désactiver la recherche d'entreprises"
+#: app/views/home/welcome.html.erb:25
+msgid "Invite and find"
+msgstr "Inviter et trouver"
 #: app/views/cms/publish.html.erb:55
 msgid ""
@@ -8053,15 +8044,15 @@ msgstr &quot;&quot;
 msgid "Textile markup quick reference"
 msgstr ""
-#: app/views/cms/_textile_quick_reference.html.erb:4
-#, fuzzy
-msgid "(show)"
-msgstr "Voir le diaporama"
+#: app/views/home/index.html.erb:2
+msgid "News"
+msgstr "Nouveautés"
-#: app/views/cms/_textile_quick_reference.html.erb:5
-#, fuzzy
-msgid "(hide)"
-msgstr "Cacher"
+#: app/views/home/index.html.erb:45
+#: app/views/profile/_profile_activities_list.html.erb:14
+#: app/views/profile/_profile_network_activities.html.erb:6
+msgid "View more"
+msgstr "Voir plus"
 #: app/views/cms/_textile_quick_reference.html.erb:8
 #, fuzzy
@@ -8072,15 +8063,15 @@ msgstr &quot;Informations fournies&quot;
 msgid "italics"
 msgstr ""
-#: app/views/cms/_textile_quick_reference.html.erb:8
-#, fuzzy
-msgid "bold"
-msgstr "travail"
+#: app/views/features/_manage_enterprise_fields.html.erb:8
+msgid "Display on registration?"
+msgstr "Afficher à l'inscription ?"
-#: app/views/cms/_textile_quick_reference.html.erb:8
-#, fuzzy
-msgid "striked"
-msgstr "Contact"
+#: app/views/features/_manage_enterprise_fields.html.erb:13
+#: app/views/features/_manage_community_fields.html.erb:13
+#: app/views/features/_manage_person_fields.html.erb:13
+msgid "Check/Uncheck All"
+msgstr "Tout cocher/décocher"
 #: app/views/cms/_textile_quick_reference.html.erb:9
 #, fuzzy
@@ -8125,20 +8116,17 @@ msgstr &quot;&quot;
 msgid "Insert media"
 msgstr ""
-#: app/views/cms/_text_editor_sidebar.html.erb:8
-#, fuzzy
-msgid "Show/Hide"
-msgstr "Voir le diaporama"
+#: app/views/features/index.html.erb:15
+msgid "Feature"
+msgstr "Fonctionnalité"
-#: app/views/cms/_text_editor_sidebar.html.erb:21
-#, fuzzy
-msgid "New folder"
-msgstr "Catégorie courante :"
+#: app/views/features/index.html.erb:16
+msgid "Enabled?"
+msgstr "Activé ?"
-#: app/views/cms/_text_editor_sidebar.html.erb:26
-#, fuzzy
-msgid "Hide all uploads"
-msgstr "Voir tous les produits"
+#: app/views/features/index.html.erb:27
+msgid "Configure features"
+msgstr "Editer les fonctionnalités"
 #: app/views/cms/_text_editor_sidebar.html.erb:27
 #, fuzzy
@@ -8167,14 +8155,9 @@ msgstr &quot;Ma page d&#39;accueil&quot;
 msgid "My groups"
 msgstr "Mes groupes"
-#: app/views/shared/user_menu.html.erb:32
-msgid "Webmail"
-msgstr "Webmail"
-
-#: app/views/shared/_profile_suggestions_list.html.erb:6
-#, fuzzy
-msgid "You have no more suggestions :("
-msgstr "Vous avez des requêtes en attente"
+#: app/views/chat/start_session_error.html.erb:3
+msgid "Could not connect to chat"
+msgstr "Impossible de se connecter au chat"
 #: app/views/shared/_profile_suggestions_list.html.erb:19
 #: app/views/shared/_profile_suggestions_list.html.erb:26
@@ -8205,46 +8188,65 @@ msgstr &quot;Contenu principal&quot;
 msgid "This link might be unavailable if the content is removed"
 msgstr ""
-#: app/views/shared/reported_versions/profile/_folder.html.erb:1
-#, fuzzy
-msgid "Reported folder"
-msgstr "Catégorie courante :"
+#: app/views/themes/_select_theme.html.erb:5
+msgid "Use the default theme"
+msgstr "Utiliser le thème par défaut"
-#: app/views/shared/reported_versions/profile/_comment.html.erb:3
-#, fuzzy
-msgid "Comment"
-msgstr "Commentaires"
+#: app/views/themes/_select_theme.html.erb:5
+msgid "Are you sure you want to use the environment default theme?"
+msgstr "Etes-vous sûr que vous voulez utiliser le thème par défaut ?"
-#: app/views/shared/_organization_custom_fields.html.erb:12
-#: app/views/maps/edit_location.html.erb:13
-#: app/views/profile_editor/_person_form.html.erb:25
-msgid "Address (street and number)"
-msgstr "Adresse (n° et rue)"
+#: app/views/file_presenter/_image.html.erb:7
+#: app/views/file_presenter/_image.html.erb:9
+msgid "&laquo; Previous"
+msgstr "&laquo; Précédent"
-#: app/views/shared/_profile_connections.html.erb:2
-#, fuzzy
-msgid "Profiles in common:"
-msgstr "Informations fournies"
+#: app/views/file_presenter/_image.html.erb:13
+#: app/views/file_presenter/_image.html.erb:15
+msgid "Next &raquo;"
+msgstr "Suivant &raquo;"
 #: app/views/shared/_profile_connections.html.erb:17
 msgid "Tags in common:"
 msgstr ""
-#: app/views/shared/logged_in/xmpp_chat.html.erb:10
-msgid ""
-"The user is not online now. He/She will receive these messages as soon as he/"
-"she gets online."
+#: app/views/profile_members/unassociate.html.erb:2
+#: app/views/profile_members/remove_admin.html.erb:2
+#: app/views/profile_members/_members_list.html.erb:2
+#: app/views/profile_members/add_member.html.erb:2
+#: app/views/profile_members/add_admin.html.erb:2
+msgid "Current members"
+msgstr "Les membres actuels"
+
+#: app/views/profile_members/_manage_roles.html.erb:21
+msgid "Type in a search term for users"
 msgstr ""
-#: app/views/shared/logged_in/xmpp_chat.html.erb:25
-#, fuzzy
-msgid "Offline"
-msgstr "Uniquement dans %s"
+#: app/views/profile_members/_add_admins.html.erb:1
+msgid "Add admins to %s"
+msgstr "Ajouter un admin à %s"
-#: app/views/shared/logged_in/xmpp_chat.html.erb:60
-#, fuzzy
-msgid "Join room"
-msgstr "Se joindre"
+#: app/views/profile_members/affiliate.html.erb:7
+#: app/views/environment_role_manager/affiliate.html.erb:7
+msgid "Affiliate"
+msgstr "Affilié"
+
+#: app/views/profile_members/_index_buttons.html.erb:3
+msgid "Add members"
+msgstr "Ajouter des membres"
+
+#: app/views/profile_members/_index_buttons.html.erb:5
+#: app/views/invite/select_friends.html.erb:6
+#: app/views/invite/invite_friends.html.erb:5
+#: app/views/profile/members.html.erb:21
+msgid "Invite people to join"
+msgstr "Invitez les personnes à joindre"
+
+#: app/views/profile_members/_index_buttons.html.erb:8
+#: app/views/profile/send_mail.html.erb:3
+#: app/views/profile/members.html.erb:24
+msgid "Send e-mail to members"
+msgstr "Envoyer un e-mail aux membres"
 #: app/views/shared/logged_in/xmpp_chat.html.erb:61
 #, fuzzy
@@ -8255,26 +8257,22 @@ msgstr &quot;Entrez votre commentaire&quot;
 msgid "\"Published at: #{show_date(content.updated_at)}\""
 msgstr ""
-#: app/views/shared/_profile_search_form.html.erb:1
-#: app/views/shared/_profile_search_form.html.erb:9
-#, fuzzy
-msgid "Find in %s's content"
-msgstr "Contenu principal"
+#: app/views/profile_members/add_members.html.erb:1
+msgid "Add members to %s"
+msgstr "Ajouter des membres à %s"
 #: app/views/shared/_profile_search_form.html.erb:10
 #, fuzzy
 msgid "General"
 msgstr "Tâche générique"
-#: app/views/shared/_profile_search_form.html.erb:10
-#, fuzzy
-msgid "Search all content"
-msgstr "Tout le contenu"
+#: app/views/profile_members/change_role.html.erb:15
+msgid "Custom Roles:"
+msgstr "Rôles personnalisés :"
-#: app/views/shared/_select_subcategories.html.erb:3
-#, fuzzy
-msgid "Click to select a category"
-msgstr "Choisissez une catégorie :"
+#: app/views/maps/edit_location.html.erb:15
+msgid "Locate in the map"
+msgstr "Localiser sur la carte"
 #: app/views/shared/not_found.html.erb:2
 msgid "There is no such page: %s"
@@ -8313,10 +8311,9 @@ msgstr &quot;Aller à la page d&#39;accueil du site&quot;
 msgid "Open chat"
 msgstr "Un contact"
-#: app/views/shared/profile_actions/xmpp_chat.html.erb:1
-#, fuzzy
-msgid "Join chat room"
-msgstr "Se joindre"
+#: app/views/maps/_google_map.js.erb:137
+msgid "Request denied"
+msgstr "Demande refusée"
 #: app/views/shared/access_denied.html.erb:3 lib/authenticated_system.rb:83
 msgid "Access denied"
@@ -8334,9 +8331,19 @@ msgstr &quot;&quot;
 "Si vous êtes supposé(e) avoir accès à cette zone, vous devriez sans doute en "
 "référer aux responsable et leur demander de vous y donner accès."
-#: app/views/shared/access_denied.html.erb:14 public/500.html.erb:28
-msgid "Go to the site home page"
-msgstr "Aller à la page d'accueil du site"
+#: app/views/categories/new.html.erb:1 app/views/categories/index.html.erb:7
+#: app/views/categories/index.html.erb:16
+#: app/views/categories/index.html.erb:25
+msgid "New category"
+msgstr "Nouvelle catégorie"
+
+#: app/views/categories/_category.html.erb:10
+msgid "Show"
+msgstr "Voir"
+
+#: app/views/categories/_category.html.erb:12
+msgid "Hide"
+msgstr "Cacher"
 #: app/views/shared/_lead_and_body.html.erb:18
 msgid "Used when a short version of your text is needed."
@@ -8354,13 +8361,13 @@ msgstr &quot;&quot;
 "Vous pouvez déplacer cette fenêtre pour avoir une meilleure vue sur "
 "certaines parties de l'écran."
-#: app/views/shared/theme_test_panel.html.erb:9
-msgid "Finished testing"
-msgstr "Test terminé"
+#: app/views/categories/_form.html.erb:22
+msgid "Display in the menu"
+msgstr "Afficher dans le menu"
-#: app/views/shared/theme_test_panel.html.erb:10
-msgid "Edit theme"
-msgstr "Éditer le thème"
+#: app/views/categories/_form.html.erb:24
+msgid "Pick a color"
+msgstr "Choisir la couleur"
 #: app/views/shared/_list_groups.html.erb:9
 msgid "Role: %s"
@@ -8374,14 +8381,13 @@ msgstr &quot;Type : %s&quot;
 msgid "Members: %s"
 msgstr "Membres : %s"
-#: app/views/shared/_list_groups.html.erb:13
-msgid "Created at: %s"
-msgstr "Créé le : %s"
+#: app/views/memberships/welcome.html.erb:1
+msgid "Community created"
+msgstr "Communauté créée"
-#: app/views/shared/_list_groups.html.erb:16
-#, fuzzy
-msgid "Control panel of this group"
-msgstr "Panneau de contrôle"
+#: app/views/memberships/welcome.html.erb:2
+msgid "Your community (%s) was successfully created."
+msgstr "Votre communauté (%s) a été créée avec succès."
 #: app/views/shared/_remove_suggestion.html.erb:4
 #, fuzzy
@@ -67,7 +67,7 @@
       <div id='fr' style='display: none' class='message'>
-        <h1>Problème temporaire du système.</h1>
+        <h1>Problème temporaire du système</h1>
         <p>
         Notre équipe technique est en train d'y travailler. Merci de réessayer plus tard. Nous sommes désolés de la gêne occasionnée.
         </p>
-Subproject commit 571085f87ca4820b178f27cd7de68fd784a12d6e
+Subproject commit 7434555263662042b20ff7ccc2b484a6939c62fa
@@ -32,12 +32,10 @@ class CategoriesControllerTest &lt; ActionController::TestCase
   end
   def test_edit
-    cat = Category.new
-    env.categories.expects(:find).with('1').returns(cat)
-    get :edit, :id => '1'
+    get :edit, :id => cat1
     assert_response :success
     assert_template 'edit'
-    assert_equal cat, assigns(:category)
+    assert_equal cat1, assigns(:category)
   end
   def test_edit_save
@@ -145,15 +145,23 @@ class TasksControllerTest &lt; ActionController::TestCase
   end
   should 'affiliate roles to user after finish add member task' do
-    community = fast_create(Community)
-    community.add_member(person)
-    another_person = fast_create(Person)
-    t = AddMember.create!(:person => another_person, :organization => community)
-    count = community.members.size
-    @controller.stubs(:profile).returns(community)
+    c = fast_create(Community)
+    p = create_user('member').person
+
+    @controller.stubs(:profile).returns(c)
+    c.affiliate(profile, Profile::Roles.all_roles(profile.environment.id))
+
+    t = AddMember.create!(:person => p, :organization => c)
+
+    count = c.members.size
+
     post :close, :tasks => {t.id => {:decision => 'finish', :task => {}}}
-    community = Profile.find(community.id)
-    assert_equal count + 1, community.members.size
+    t.reload
+    
+    ok('task should be finished') { t.status == Task::Status::FINISHED }
+
+    c.reload
+    assert_equal count + 1, c.members.size
   end
   should 'display a create ticket form' do
@@ -269,6 +277,7 @@ class TasksControllerTest &lt; ActionController::TestCase
     @controller.stubs(:profile).returns(c)
     c.affiliate(person, Profile::Roles.all_roles(c.environment))
     person = create_user('test_user').person
+    c.add_member(person)
     p_blog = Blog.create!(:profile => person, :name => 'Blog')
     c_blog1 = Blog.create!(:profile => c, :name => 'Blog')
     c_blog2 = Blog.new(:profile => c); c_blog2.name = 'blog2'; c_blog2.save!
@@ -31,7 +31,7 @@ class ArticlesTest &lt; ActiveSupport::TestCase
   end
   should 'not return article if user has no permission to view it' do
-    person = fast_create(Person)
+    person = fast_create(Person, :environment_id => environment.id)
     article = fast_create(Article, :profile_id => person.id, :name => "Some thing", :published => false)
     assert !article.published?
@@ -49,7 +49,7 @@ class ArticlesTest &lt; ActiveSupport::TestCase
   end
   should 'not list children of forbidden article' do
-    person = fast_create(Person)
+    person = fast_create(Person, :environment_id => environment.id)
     article = fast_create(Article, :profile_id => person.id, :name => "Some thing", :published => false)
     child1 = fast_create(Article, :parent_id => article.id, :profile_id => person.id, :name => "Some thing")
     child2 = fast_create(Article, :parent_id => article.id, :profile_id => person.id, :name => "Some thing")
@@ -58,7 +58,7 @@ class ArticlesTest &lt; ActiveSupport::TestCase
   end
   should 'not return child of forbidden article' do
-    person = fast_create(Person)
+    person = fast_create(Person, :environment_id => environment.id)
     article = fast_create(Article, :profile_id => person.id, :name => "Some thing", :published => false)
     child = fast_create(Article, :parent_id => article.id, :profile_id => person.id, :name => "Some thing")
     get "/api/v1/articles/#{article.id}/children/#{child.id}?#{params.to_query}"
@@ -66,7 +66,7 @@ class ArticlesTest &lt; ActiveSupport::TestCase
   end
   should 'not return private child' do
-    person = fast_create(Person)
+    person = fast_create(Person, :environment_id => environment.id)
     article = fast_create(Article, :profile_id => person.id, :name => "Some thing")
     child = fast_create(Article, :parent_id => article.id, :profile_id => person.id, :name => "Some thing", :published => false)
     get "/api/v1/articles/#{article.id}/children/#{child.id}?#{params.to_query}"
@@ -74,7 +74,7 @@ class ArticlesTest &lt; ActiveSupport::TestCase
   end
   should 'not list private child' do
-    person = fast_create(Person)
+    person = fast_create(Person, :environment_id => environment.id)
     article = fast_create(Article, :profile_id => person.id, :name => "Some thing")
     child = fast_create(Article, :parent_id => article.id, :profile_id => person.id, :name => "Some thing", :published => false)
     get "/api/v1/articles/#{article.id}/children?#{params.to_query}"
@@ -89,7 +89,7 @@ class ArticlesTest &lt; ActiveSupport::TestCase
   profile_kinds = %w(community person enterprise)
   profile_kinds.each do |kind|
     should "return article by #{kind}" do
-      profile = fast_create(kind.camelcase.constantize)
+      profile = fast_create(kind.camelcase.constantize, :environment_id => environment.id)
       article = fast_create(Article, :profile_id => profile.id, :name => "Some thing")
       get "/api/v1/#{kind.pluralize}/#{profile.id}/articles/#{article.id}?#{params.to_query}"
       json = JSON.parse(last_response.body)
@@ -97,7 +97,7 @@ class ArticlesTest &lt; ActiveSupport::TestCase
     end
     should "not return article by #{kind} if user has no permission to view it" do
-      profile = fast_create(kind.camelcase.constantize)
+      profile = fast_create(kind.camelcase.constantize, :environment_id => environment.id)
       article = fast_create(Article, :profile_id => profile.id, :name => "Some thing", :published => false)
       assert !article.published?
@@ -106,7 +106,7 @@ class ArticlesTest &lt; ActiveSupport::TestCase
     end
     should "not list forbidden article when listing articles by #{kind}" do
-      profile = fast_create(kind.camelcase.constantize)
+      profile = fast_create(kind.camelcase.constantize, :environment_id => environment.id)
       article = fast_create(Article, :profile_id => profile.id, :name => "Some thing", :published => false)
       assert !article.published?
@@ -123,7 +123,7 @@ class ArticlesTest &lt; ActiveSupport::TestCase
   group_kinds = %w(community enterprise)
   group_kinds.each do |kind|
     should "#{kind}: create article" do
-      profile = fast_create(kind.camelcase.constantize)
+      profile = fast_create(kind.camelcase.constantize, :environment_id => environment.id)
       give_permission(user.person, 'post_content', profile)
       params[:article] = {:name => "Title"}
       post "/api/v1/#{kind.pluralize}/#{profile.id}/articles?#{params.to_query}"
@@ -132,16 +132,16 @@ class ArticlesTest &lt; ActiveSupport::TestCase
     end
     should "#{kind}: do not create article if user has no permission to post content" do
-      profile = fast_create(kind.camelcase.constantize)
+      profile = fast_create(kind.camelcase.constantize, :environment_id => environment.id)
       give_permission(user.person, 'invite_members', profile)
       params[:article] = {:name => "Title"}
       post "/api/v1/#{kind.pluralize}/#{profile.id}/articles?#{params.to_query}"
       assert_equal 403, last_response.status
     end
-    should "#{kind}: create article with parent" do
-      profile = fast_create(kind.camelcase.constantize)
-      profile.add_member(user.person)
+    should "#{kind} create article with parent" do
+      profile = fast_create(kind.camelcase.constantize, :environment_id => environment.id)
+      Person.any_instance.stubs(:can_post_content?).with(profile).returns(true)
       article = fast_create(Article)
       params[:article] = {:name => "Title", :parent_id => article.id}
@@ -150,9 +150,9 @@ class ArticlesTest &lt; ActiveSupport::TestCase
       assert_equal article.id, json["article"]["parent"]["id"]
     end
-    should "#{kind}: create article with content type passed as parameter" do
-      profile = fast_create(kind.camelcase.constantize)
-      profile.add_member(user.person)
+    should "#{kind} create article with content type passed as parameter" do
+      profile = fast_create(kind.camelcase.constantize, :environment_id => environment.id)
+      Person.any_instance.stubs(:can_post_content?).with(profile).returns(true)
       Article.delete_all
       params[:article] = {:name => "Title"}
@@ -164,8 +164,8 @@ class ArticlesTest &lt; ActiveSupport::TestCase
     end
     should "#{kind}: create article of TinyMceArticle type if no content type is passed as parameter" do
-      profile = fast_create(kind.camelcase.constantize)
-      profile.add_member(user.person)
+      profile = fast_create(kind.camelcase.constantize, :environment_id => environment.id)
+      Person.any_instance.stubs(:can_post_content?).with(profile).returns(true)
       params[:article] = {:name => "Title"}
       post "/api/v1/#{kind.pluralize}/#{profile.id}/articles?#{params.to_query}"
@@ -175,7 +175,7 @@ class ArticlesTest &lt; ActiveSupport::TestCase
     end
     should "#{kind}: not create article with invalid article content type" do
-      profile = fast_create(kind.camelcase.constantize)
+      profile = fast_create(kind.camelcase.constantize, :environment_id => environment.id)
       profile.add_member(user.person)
       params[:article] = {:name => "Title"}
@@ -186,20 +186,20 @@ class ArticlesTest &lt; ActiveSupport::TestCase
       assert_equal 403, last_response.status
     end
-    should "#{kind}: create article defining the correct profile" do
-      profile = fast_create(kind.camelcase.constantize)
-      profile.add_member(user.person)
+    should "#{kind} create article defining the correct profile" do
+      profile = fast_create(kind.camelcase.constantize, :environment_id => environment.id)
+      Person.any_instance.stubs(:can_post_content?).with(profile).returns(true)
       params[:article] = {:name => "Title"}
       post "/api/v1/#{kind.pluralize}/#{profile.id}/articles?#{params.to_query}"
       json = JSON.parse(last_response.body)
-      assert_equal profile, Article.last.profile
+      assert_equal profile.id, json['article']['profile']['id']
     end
     should "#{kind}: create article defining the created_by" do
-      profile = fast_create(kind.camelcase.constantize)
-      profile.add_member(user.person)
+      profile = fast_create(kind.camelcase.constantize, :environment_id => environment.id)
+      Person.any_instance.stubs(:can_post_content?).with(profile).returns(true)
       params[:article] = {:name => "Title"}
       post "/api/v1/#{kind.pluralize}/#{profile.id}/articles?#{params.to_query}"
@@ -209,8 +209,8 @@ class ArticlesTest &lt; ActiveSupport::TestCase
     end
     should "#{kind}: create article defining the last_changed_by" do
-      profile = fast_create(kind.camelcase.constantize)
-      profile.add_member(user.person)
+      profile = fast_create(kind.camelcase.constantize, :environment_id => environment.id)
+      Person.any_instance.stubs(:can_post_content?).with(profile).returns(true)
       params[:article] = {:name => "Title"}
       post "/api/v1/#{kind.pluralize}/#{profile.id}/articles?#{params.to_query}"
@@ -232,7 +232,7 @@ class ArticlesTest &lt; ActiveSupport::TestCase
   end
   should 'person do not create article if user has no permission to post content' do
-    person = fast_create(Person)
+    person = fast_create(Person, :environment_id => environment.id)
     params[:article] = {:name => "Title"}
     post "/api/v1/people/#{person.id}/articles?#{params.to_query}"
     assert_equal 403, last_response.status
@@ -7,25 +7,25 @@ class CategoriesTest &lt; ActiveSupport::TestCase
   end
   should 'list categories' do
-    category = fast_create(Category)
+    category = fast_create(Category, :environment_id => environment.id)
     get "/api/v1/categories/?#{params.to_query}"
     json = JSON.parse(last_response.body)
     assert_includes json["categories"].map { |c| c["name"] }, category.name
   end
   should 'get category by id' do
-    category = fast_create(Category)
+    category = fast_create(Category, :environment_id => environment.id)
     get "/api/v1/categories/#{category.id}/?#{params.to_query}"
     json = JSON.parse(last_response.body)
     assert_equal category.name, json["category"]["name"]
   end
   should 'list parent and children when get category by id' do
-    parent = fast_create(Category)
-    child_1 = fast_create(Category)
-    child_2 = fast_create(Category)
+    parent = fast_create(Category, :environment_id => environment.id)
+    child_1 = fast_create(Category, :environment_id => environment.id)
+    child_2 = fast_create(Category, :environment_id => environment.id)
-    category = fast_create(Category)
+    category = fast_create(Category, :environment_id => environment.id)
     category.parent = parent
     category.children << child_1
     category.children << child_2
@@ -38,11 +38,11 @@ class CategoriesTest &lt; ActiveSupport::TestCase
   end
   should 'include parent in categories list if params is true' do
-    parent_1 = fast_create(Category) # parent_1 has no parent category
-    child_1 = fast_create(Category)
-    child_2 = fast_create(Category)
+    parent_1 = fast_create(Category, :environment_id => environment.id) # parent_1 has no parent category
+    child_1 = fast_create(Category, :environment_id => environment.id)
+    child_2 = fast_create(Category, :environment_id => environment.id)
-    parent_2 = fast_create(Category)
+    parent_2 = fast_create(Category, :environment_id => environment.id)
     parent_2.parent = parent_1
     parent_2.children << child_1
     parent_2.children << child_2
@@ -60,10 +60,10 @@ class CategoriesTest &lt; ActiveSupport::TestCase
   end
   should 'include children in categories list if params is true' do
-    category = fast_create(Category)
-    child_1 = fast_create(Category)
-    child_2 = fast_create(Category)
-    child_3 = fast_create(Category)
+    category = fast_create(Category, :environment_id => environment.id)
+    child_1 = fast_create(Category, :environment_id => environment.id)
+    child_2 = fast_create(Category, :environment_id => environment.id)
+    child_3 = fast_create(Category, :environment_id => environment.id)
     category.children << child_1
     category.children << child_2
@@ -8,8 +8,8 @@ class CommunitiesTest &lt; ActiveSupport::TestCase
   end
   should 'list only communities' do
-    community = fast_create(Community)
-    enterprise = fast_create(Enterprise) # should not list this enterprise
+    community = fast_create(Community, :environment_id => environment.id)
+    enterprise = fast_create(Enterprise, :environment_id => environment.id) # should not list this enterprise
     get "/api/v1/communities?#{params.to_query}"
     json = JSON.parse(last_response.body)
     assert_not_includes json['communities'].map {|c| c['id']}, enterprise.id
@@ -17,16 +17,16 @@ class CommunitiesTest &lt; ActiveSupport::TestCase
   end
   should 'list all communities' do
-    community1 = fast_create(Community, :public_profile => true)
-    community2 = fast_create(Community)
+    community1 = fast_create(Community, :environment_id => environment.id, :public_profile => true)
+    community2 = fast_create(Community, :environment_id => environment.id)
     get "/api/v1/communities?#{params.to_query}"
     json = JSON.parse(last_response.body)
     assert_equivalent [community1.id, community2.id], json['communities'].map {|c| c['id']}
   end
   should 'not list invisible communities' do
-    community1 = fast_create(Community)
-    fast_create(Community, :visible => false)
+    community1 = fast_create(Community, :environment_id => environment.id)
+    fast_create(Community, :environment_id => environment.id, :visible => false)
     get "/api/v1/communities?#{params.to_query}"
     json = JSON.parse(last_response.body)
@@ -34,8 +34,8 @@ class CommunitiesTest &lt; ActiveSupport::TestCase
   end
   should 'not list private communities without permission' do
-    community1 = fast_create(Community)
-    fast_create(Community, :public_profile => false)
+    community1 = fast_create(Community, :environment_id => environment.id)
+    fast_create(Community, :environment_id => environment.id, :public_profile => false)
     get "/api/v1/communities?#{params.to_query}"
     json = JSON.parse(last_response.body)
@@ -43,8 +43,8 @@ class CommunitiesTest &lt; ActiveSupport::TestCase
   end
   should 'list private community for members' do
-    c1 = fast_create(Community)
-    c2 = fast_create(Community, :public_profile => false)
+    c1 = fast_create(Community, :environment_id => environment.id)
+    c2 = fast_create(Community, :environment_id => environment.id, :public_profile => false)
     c2.add_member(person)
     get "/api/v1/communities?#{params.to_query}"
@@ -66,7 +66,7 @@ class CommunitiesTest &lt; ActiveSupport::TestCase
   end
   should 'get community' do
-    community = fast_create(Community)
+    community = fast_create(Community, :environment_id => environment.id)
     get "/api/v1/communities/#{community.id}?#{params.to_query}"
     json = JSON.parse(last_response.body)
@@ -74,7 +74,7 @@ class CommunitiesTest &lt; ActiveSupport::TestCase
   end
   should 'not get invisible community' do
-    community = fast_create(Community, :visible => false)
+    community = fast_create(Community, :environment_id => environment.id, :visible => false)
     get "/api/v1/communities/#{community.id}?#{params.to_query}"
     json = JSON.parse(last_response.body)
@@ -82,8 +82,8 @@ class CommunitiesTest &lt; ActiveSupport::TestCase
   end
   should 'not get private communities without permission' do
-    community = fast_create(Community)
-    fast_create(Community, :public_profile => false)
+    community = fast_create(Community, :environment_id => environment.id)
+    fast_create(Community, :environment_id => environment.id, :public_profile => false)
     get "/api/v1/communities/#{community.id}?#{params.to_query}"
     json = JSON.parse(last_response.body)
@@ -91,17 +91,18 @@ class CommunitiesTest &lt; ActiveSupport::TestCase
   end
   should 'get private community for members' do
-    community = fast_create(Community, :public_profile => false)
+    community = fast_create(Community, :environment_id => environment.id, :public_profile => false, :visible => true)
     community.add_member(person)
+
     get "/api/v1/communities/#{community.id}?#{params.to_query}"
     json = JSON.parse(last_response.body)
     assert_equal community.id, json['community']['id']
   end
   should 'list person communities' do
-    community = fast_create(Community)
-    fast_create(Community)
+    community = fast_create(Community, :environment_id => environment.id)
+    fast_create(Community, :environment_id => environment.id)
     community.add_member(person)
     get "/api/v1/people/#{person.id}/communities?#{params.to_query}"
@@ -110,8 +111,8 @@ class CommunitiesTest &lt; ActiveSupport::TestCase
   end
   should 'not list person communities invisible' do
-    c1 = fast_create(Community)
-    c2 = fast_create(Community, :visible => false)
+    c1 = fast_create(Community, :environment_id => environment.id)
+    c2 = fast_create(Community, :environment_id => environment.id, :visible => false)
     c1.add_member(person)
     c2.add_member(person)
@@ -8,8 +8,8 @@ class EnterprisesTest &lt; ActiveSupport::TestCase
   end
   should 'list only enterprises' do
-    community = fast_create(Community) # should not list this community
-    enterprise = fast_create(Enterprise, :public_profile => true)
+    community = fast_create(Community, :environment_id => environment.id) # should not list this community
+    enterprise = fast_create(Enterprise, :environment_id => environment.id, :public_profile => true)
     get "/api/v1/enterprises?#{params.to_query}"
     json = JSON.parse(last_response.body)
     assert_includes json['enterprises'].map {|c| c['id']}, enterprise.id
@@ -17,15 +17,15 @@ class EnterprisesTest &lt; ActiveSupport::TestCase
   end
   should 'list all enterprises' do
-    enterprise1 = fast_create(Enterprise, :public_profile => true)
-    enterprise2 = fast_create(Enterprise)
+    enterprise1 = fast_create(Enterprise, :environment_id => environment.id, :public_profile => true)
+    enterprise2 = fast_create(Enterprise, :environment_id => environment.id)
     get "/api/v1/enterprises?#{params.to_query}"
     json = JSON.parse(last_response.body)
     assert_equivalent [enterprise1.id, enterprise2.id], json['enterprises'].map {|c| c['id']}
   end
   should 'not list invisible enterprises' do
-    enterprise1 = fast_create(Enterprise)
+    enterprise1 = fast_create(Enterprise, :environment_id => environment.id)
     fast_create(Enterprise, :visible => false)
     get "/api/v1/enterprises?#{params.to_query}"
@@ -34,8 +34,8 @@ class EnterprisesTest &lt; ActiveSupport::TestCase
   end
   should 'not list private enterprises without permission' do
-    enterprise1 = fast_create(Enterprise)
-    fast_create(Enterprise, :public_profile => false)
+    enterprise1 = fast_create(Enterprise, :environment_id => environment.id)
+    fast_create(Enterprise, :environment_id => environment.id, :public_profile => false)
     get "/api/v1/enterprises?#{params.to_query}"
     json = JSON.parse(last_response.body)
@@ -43,8 +43,8 @@ class EnterprisesTest &lt; ActiveSupport::TestCase
   end
   should 'list private enterprise for members' do
-    c1 = fast_create(Enterprise)
-    c2 = fast_create(Enterprise, :public_profile => false)
+    c1 = fast_create(Enterprise, :environment_id => environment.id)
+    c2 = fast_create(Enterprise, :environment_id => environment.id, :public_profile => false)
     c2.add_member(person)
     get "/api/v1/enterprises?#{params.to_query}"
@@ -53,7 +53,7 @@ class EnterprisesTest &lt; ActiveSupport::TestCase
   end
   should 'get enterprise' do
-    enterprise = fast_create(Enterprise)
+    enterprise = fast_create(Enterprise, :environment_id => environment.id)
     get "/api/v1/enterprises/#{enterprise.id}?#{params.to_query}"
     json = JSON.parse(last_response.body)
@@ -69,8 +69,8 @@ class EnterprisesTest &lt; ActiveSupport::TestCase
   end
   should 'not get private enterprises without permission' do
-    enterprise = fast_create(Enterprise)
-    fast_create(Enterprise, :public_profile => false)
+    enterprise = fast_create(Enterprise, :environment_id => environment.id)
+    fast_create(Enterprise, :environment_id => environment.id, :public_profile => false)
     get "/api/v1/enterprises/#{enterprise.id}?#{params.to_query}"
     json = JSON.parse(last_response.body)
@@ -87,8 +87,8 @@ class EnterprisesTest &lt; ActiveSupport::TestCase
   end
   should 'list person enterprises' do
-    enterprise = fast_create(Enterprise)
-    fast_create(Enterprise)
+    enterprise = fast_create(Enterprise, :environment_id => environment.id)
+    fast_create(Enterprise, :environment_id => environment.id)
     enterprise.add_member(person)
     get "/api/v1/people/#{person.id}/enterprises?#{params.to_query}"
@@ -97,8 +97,8 @@ class EnterprisesTest &lt; ActiveSupport::TestCase
   end
   should 'not list person enterprises invisible' do
-    c1 = fast_create(Enterprise)
-    c2 = fast_create(Enterprise, :visible => false)
+    c1 = fast_create(Enterprise, :environment_id => environment.id)
+    c2 = fast_create(Enterprise, :environment_id => environment.id, :visible => false)
     c1.add_member(person)
     c2.add_member(person)
@@ -209,7 +209,9 @@ class APIHelpersTest &lt; ActiveSupport::TestCase
         serpro_client_id:  '0000000000000000',
         verify_uri:   'http://localhost/api/verify',
     }
-    assert_equal test_captcha("127.0.0.1", {}, environment), "Missing captcha data"
+    params = {}
+    params[:txtToken_captcha_serpro_gov_br] = '4324343'
+    assert_equal test_captcha("127.0.0.1", params, environment), _('Captcha text has not been filled')
   end
   should 'render not_found if endpoint is unavailable' do
@@ -234,6 +236,23 @@ class APIHelpersTest &lt; ActiveSupport::TestCase
   end
+  should 'captcha serpro say Name or service not known' do
+    environment = Environment.new
+    environment.api_captcha_settings = {
+        enabled: true,
+        provider: 'serpro',
+        serpro_client_id:  '0000000000000000',
+        verify_uri:  'http://someserverthatdoesnotexist.mycompanythatdoesnotexist.com/validate',
+    }
+    params = {}
+    params[:txtToken_captcha_serpro_gov_br] = '4324343'
+    params[:captcha_text] = '4324343'
+    logger = Logger.new(File.join(Rails.root, 'log', 'test_api.log'))
+    stubs(:logger).returns(logger)
+    assert_equal test_captcha('127.0.0.1', params, environment), 'Serpro captcha error: getaddrinfo: Name or service not known'
+  end
+
+
   protected
   def error!(info, status)
@@ -12,6 +12,7 @@ class TasksTest &lt; ActiveSupport::TestCase
   attr_accessor :person, :community, :environment
   should 'list tasks of environment' do
+    environment.add_admin(person)
     task = create(Task, :requestor => person, :target => environment)
     get "/api/v1/tasks?#{params.to_query}"
     json = JSON.parse(last_response.body)
@@ -26,364 +27,147 @@ class TasksTest &lt; ActiveSupport::TestCase
     assert_equal task.id, json["task"]["id"]
   end
-#  should 'not return environmet task if user has no permission to view it' do
-#    person = fast_create(Person)
-#    task = create(Task, :requestor => person, :target => environment)
-#
-#    get "/api/v1/tasks/#{task.id}?#{params.to_query}"
-#    assert_equal 403, last_response.status
-#  end
-#
-#  #############################
-#  #     Community Tasks    #
-#  #############################
-#
-#  should 'return task by community' do
-#    community = fast_create(Community)
-#    task = create(Task, :requestor => person, :target => community)
-#    get "/api/v1/communities/#{community.id}/tasks/#{task.id}?#{params.to_query}"
-#    json = JSON.parse(last_response.body)
-#    assert_equal task.id, json["task"]["id"]
-#  end
-#
-#  should 'not return task by community if user has no permission to view it' do
-#    community = fast_create(Community)
-#    task = create(Task, :requestor => person, :target => community)
-#    assert !person.is_member_of?(community)
-#
-#    get "/api/v1/communities/#{community.id}/tasks/#{task.id}?#{params.to_query}"
-#    assert_equal 403, last_response.status
-#  end
-#
-##  should 'not list forbidden article when listing articles by community' do
-##    community = fast_create(Community)
-##    article = fast_create(Article, :profile_id => community.id, :name => "Some thing", :published => false)
-##    assert !article.published?
-##
-##    get "/api/v1/communities/#{community.id}/articles?#{params.to_query}"
-##    json = JSON.parse(last_response.body)
-##    assert_not_includes json['articles'].map {|a| a['id']}, article.id
-##  end
-#
-#  should 'create task in a community' do
-#    community = fast_create(Community)
-#    give_permission(person, 'post_content', community)
-#    post "/api/v1/communities/#{community.id}/tasks?#{params.to_query}"
-#    json = JSON.parse(last_response.body)
-#    assert_not_nil json["task"]["id"]
-#  end
-#
-#  should 'do not create article if user has no permission to post content' do
-#assert false
-##    community = fast_create(Community)
-##    give_permission(user.person, 'invite_members', community)
-##    params[:article] = {:name => "Title"}
-##    post "/api/v1/communities/#{community.id}/articles?#{params.to_query}"
-##    assert_equal 403, last_response.status
-#  end
-#
-##  should 'create article with parent' do
-##    community = fast_create(Community)
-##    community.add_member(user.person)
-##    article = fast_create(Article)
-##
-##    params[:article] = {:name => "Title", :parent_id => article.id}
-##    post "/api/v1/communities/#{community.id}/articles?#{params.to_query}"
-##    json = JSON.parse(last_response.body)
-##    assert_equal article.id, json["article"]["parent"]["id"]
-##  end
-#
-#  should 'create task defining the requestor as current profile logged in' do
-#    community = fast_create(Community)
-#    community.add_member(person)
-#
-#    post "/api/v1/communities/#{community.id}/tasks?#{params.to_query}"
-#    json = JSON.parse(last_response.body)
-#    
-#    assert_equal person, Task.last.requestor
-#  end
-#
-#  should 'create task defining the target as the community' do
-#    community = fast_create(Community)
-#    community.add_member(person)
-#
-#    post "/api/v1/communities/#{community.id}/tasks?#{params.to_query}"
-#    json = JSON.parse(last_response.body)
-#    
-#    assert_equal community, Task.last.target
-#  end
-#
-##  #############################
-##  #       Person Articles     #
-##  #############################
-##
-##  should 'return article by person' do
-##    person = fast_create(Person)
-##    article = fast_create(Article, :profile_id => person.id, :name => "Some thing")
-##    get "/api/v1/people/#{person.id}/articles/#{article.id}?#{params.to_query}"
-##    json = JSON.parse(last_response.body)
-##    assert_equal article.id, json["article"]["id"]
-##  end
-##
-##  should 'not return article by person if user has no permission to view it' do
-##    person = fast_create(Person)
-##    article = fast_create(Article, :profile_id => person.id, :name => "Some thing", :published => false)
-##    assert !article.published?
-##
-##    get "/api/v1/people/#{person.id}/articles/#{article.id}?#{params.to_query}"
-##    assert_equal 403, last_response.status
-##  end
-##
-##  should 'not list forbidden article when listing articles by person' do
-##    person = fast_create(Person)
-##    article = fast_create(Article, :profile_id => person.id, :name => "Some thing", :published => false)
-##    assert !article.published?
-##    get "/api/v1/people/#{person.id}/articles?#{params.to_query}"
-##    json = JSON.parse(last_response.body)
-##    assert_not_includes json['articles'].map {|a| a['id']}, article.id
-##  end
-##
-##  should 'create article in a person' do
-##    params[:article] = {:name => "Title"}
-##    post "/api/v1/people/#{user.person.id}/articles?#{params.to_query}"
-##    json = JSON.parse(last_response.body)
-##    assert_equal "Title", json["article"]["title"]
-##  end
-##
-##  should 'person do not create article if user has no permission to post content' do
-##    person = fast_create(Person)
-##    params[:article] = {:name => "Title"}
-##    post "/api/v1/people/#{person.id}/articles?#{params.to_query}"
-##    assert_equal 403, last_response.status
-##  end
-##
-##  should 'person create article with parent' do
-##    article = fast_create(Article)
-##
-##    params[:article] = {:name => "Title", :parent_id => article.id}
-##    post "/api/v1/people/#{user.person.id}/articles?#{params.to_query}"
-##    json = JSON.parse(last_response.body)
-##    assert_equal article.id, json["article"]["parent"]["id"]
-##  end
-##
-##  should 'person create article with content type passed as parameter' do
-##    Article.delete_all
-##    params[:article] = {:name => "Title"}
-##    params[:content_type] = 'TextArticle'
-##    post "/api/v1/people/#{user.person.id}/articles?#{params.to_query}"
-##    json = JSON.parse(last_response.body)
-##    
-##    assert_kind_of TextArticle, Article.last
-##  end
-##  
-##  should 'person create article of TinyMceArticle type if no content type is passed as parameter' do
-##    params[:article] = {:name => "Title"}
-##    post "/api/v1/people/#{user.person.id}/articles?#{params.to_query}"
-##    json = JSON.parse(last_response.body)
-##    
-##    assert_kind_of TinyMceArticle, Article.last
-##  end
-##
-##  should 'person not create article with invalid article content type' do
-##    params[:article] = {:name => "Title"}
-##    params[:content_type] = 'Person'
-##    post "/api/v1/people/#{user.person.id}/articles?#{params.to_query}"
-##    json = JSON.parse(last_response.body)
-##    
-##    assert_equal 403, last_response.status
-##  end
-##
-##  should 'person create article defining the correct profile' do
-##    params[:article] = {:name => "Title"}
-##    post "/api/v1/people/#{user.person.id}/articles?#{params.to_query}"
-##    json = JSON.parse(last_response.body)
-##    
-##    assert_equal user.person, Article.last.profile
-##  end
-##
-##  should 'person create article defining the created_by' do
-##    params[:article] = {:name => "Title"}
-##    post "/api/v1/people/#{user.person.id}/articles?#{params.to_query}"
-##    json = JSON.parse(last_response.body)
-##    
-##    assert_equal user.person, Article.last.created_by
-##  end
-##
-##  should 'person create article defining the last_changed_by' do
-##    params[:article] = {:name => "Title"}
-##    post "/api/v1/people/#{user.person.id}/articles?#{params.to_query}"
-##    json = JSON.parse(last_response.body)
-##    
-##    assert_equal user.person, Article.last.last_changed_by
-##  end
-##
-##  #############################
-##  #     Enterprise Articles    #
-##  #############################
-##
-##  should 'return article by enterprise' do
-##    enterprise = fast_create(Enterprise)
-##    article = fast_create(Article, :profile_id => enterprise.id, :name => "Some thing")
-##    get "/api/v1/enterprises/#{enterprise.id}/articles/#{article.id}?#{params.to_query}"
-##    json = JSON.parse(last_response.body)
-##    assert_equal article.id, json["article"]["id"]
-##  end
-##
-##  should 'not return article by enterprise if user has no permission to view it' do
-##    enterprise = fast_create(Enterprise)
-##    article = fast_create(Article, :profile_id => enterprise.id, :name => "Some thing", :published => false)
-##    assert !article.published?
-##
-##    get "/api/v1/enterprises/#{enterprise.id}/articles/#{article.id}?#{params.to_query}"
-##    assert_equal 403, last_response.status
-##  end
-##
-##  should 'not list forbidden article when listing articles by enterprise' do
-##    enterprise = fast_create(Enterprise)
-##    article = fast_create(Article, :profile_id => enterprise.id, :name => "Some thing", :published => false)
-##    assert !article.published?
-##
-##    get "/api/v1/enterprises/#{enterprise.id}/articles?#{params.to_query}"
-##    json = JSON.parse(last_response.body)
-##    assert_not_includes json['articles'].map {|a| a['id']}, article.id
-##  end
-##
-##  should 'create article in a enterprise' do
-##    enterprise = fast_create(Enterprise)
-##    give_permission(user.person, 'post_content', enterprise)
-##    params[:article] = {:name => "Title"}
-##    post "/api/v1/enterprises/#{enterprise.id}/articles?#{params.to_query}"
-##    json = JSON.parse(last_response.body)
-##    assert_equal "Title", json["article"]["title"]
-##  end
-##
-##  should 'enterprise: do not create article if user has no permission to post content' do
-##    enterprise = fast_create(Enterprise)
-##    give_permission(user.person, 'invite_members', enterprise)
-##    params[:article] = {:name => "Title"}
-##    post "/api/v1/enterprises/#{enterprise.id}/articles?#{params.to_query}"
-##    assert_equal 403, last_response.status
-##  end
-##
-##  should 'enterprise: create article with parent' do
-##    enterprise = fast_create(Enterprise)
-##    enterprise.add_member(user.person)
-##    article = fast_create(Article)
-##
-##    params[:article] = {:name => "Title", :parent_id => article.id}
-##    post "/api/v1/enterprises/#{enterprise.id}/articles?#{params.to_query}"
-##    json = JSON.parse(last_response.body)
-##    assert_equal article.id, json["article"]["parent"]["id"]
-##  end
-##
-##  should 'enterprise: create article with content type passed as parameter' do
-##    enterprise = fast_create(Enterprise)
-##    enterprise.add_member(user.person)
-##
-##    Article.delete_all
-##    params[:article] = {:name => "Title"}
-##    params[:content_type] = 'TextArticle'
-##    post "/api/v1/enterprises/#{enterprise.id}/articles?#{params.to_query}"
-##    json = JSON.parse(last_response.body)
-##    
-##    assert_kind_of TextArticle, Article.last
-##  end
-##  
-##  should 'enterprise: create article of TinyMceArticle type if no content type is passed as parameter' do
-##    enterprise = fast_create(Enterprise)
-##    enterprise.add_member(user.person)
-##
-##    params[:article] = {:name => "Title"}
-##    post "/api/v1/enterprises/#{enterprise.id}/articles?#{params.to_query}"
-##    json = JSON.parse(last_response.body)
-##    
-##    assert_kind_of TinyMceArticle, Article.last
-##  end
-##
-##  should 'enterprise: not create article with invalid article content type' do
-##    enterprise = fast_create(Enterprise)
-##    enterprise.add_member(user.person)
-##
-##    params[:article] = {:name => "Title"}
-##    params[:content_type] = 'Person'
-##    post "/api/v1/enterprises/#{enterprise.id}/articles?#{params.to_query}"
-##    json = JSON.parse(last_response.body)
-##    
-##    assert_equal 403, last_response.status
-##  end
-##
-##  should 'enterprise: create article defining the correct profile' do
-##    enterprise = fast_create(Enterprise)
-##    enterprise.add_member(user.person)
-##
-##    params[:article] = {:name => "Title"}
-##    post "/api/v1/enterprises/#{enterprise.id}/articles?#{params.to_query}"
-##    json = JSON.parse(last_response.body)
-##    
-##    assert_equal enterprise, Article.last.profile
-##  end
-##
-##  should 'enterprise: create article defining the created_by' do
-##    enterprise = fast_create(Enterprise)
-##    enterprise.add_member(user.person)
-##
-##    params[:article] = {:name => "Title"}
-##    post "/api/v1/enterprises/#{enterprise.id}/articles?#{params.to_query}"
-##    json = JSON.parse(last_response.body)
-##    
-##    assert_equal user.person, Article.last.created_by
-##  end
-##
-##  should 'enterprise: create article defining the last_changed_by' do
-##    enterprise = fast_create(Enterprise)
-##    enterprise.add_member(user.person)
-##
-##    params[:article] = {:name => "Title"}
-##    post "/api/v1/enterprises/#{enterprise.id}/articles?#{params.to_query}"
-##    json = JSON.parse(last_response.body)
-##    
-##    assert_equal user.person, Article.last.last_changed_by
-##  end
-##
-##  should 'list article children with partial fields' do
-##    article = fast_create(Article, :profile_id => user.person.id, :name => "Some thing")
-##    child1 = fast_create(Article, :parent_id => article.id, :profile_id => user.person.id, :name => "Some thing")
-##    params[:fields] = [:title]
-##    get "/api/v1/articles/#{article.id}/children?#{params.to_query}"
-##    json = JSON.parse(last_response.body)
-##    assert_equal ['title'], json['articles'].first.keys
-##  end
-##
-##  should 'suggest article children' do
-##    article = fast_create(Article, :profile_id => user.person.id, :name => "Some thing")
-##    params[:target_id] = user.person.id
-##    params[:article] = {:name => "Article name", :body => "Article body"}
-##    assert_difference "SuggestArticle.count" do
-##      post "/api/v1/articles/#{article.id}/children/suggest?#{params.to_query}"
-##    end
-##    json = JSON.parse(last_response.body)
-##    assert_equal 'SuggestArticle', json['type']
-##  end
-##
-##  should 'suggest event children' do
-##    article = fast_create(Article, :profile_id => user.person.id, :name => "Some thing")
-##    params[:target_id] = user.person.id
-##    params[:article] = {:name => "Article name", :body => "Article body", :type => "Event"}
-##    assert_difference "SuggestArticle.count" do
-##      post "/api/v1/articles/#{article.id}/children/suggest?#{params.to_query}"
-##    end
-##    json = JSON.parse(last_response.body)
-##    assert_equal 'SuggestArticle', json['type']
-##  end
-##
-##  should 'update hit attribute of article children' do
-##    a1 = fast_create(Article, :profile_id => user.person.id)
-##    a2 = fast_create(Article, :parent_id => a1.id, :profile_id => user.person.id)
-##    a3 = fast_create(Article, :parent_id => a1.id, :profile_id => user.person.id)
-##    get "/api/v1/articles/#{a1.id}/children?#{params.to_query}"
-##    json = JSON.parse(last_response.body)
-##    assert_equal [1, 1], json['articles'].map { |a| a['hits']}
-##    assert_equal [0, 1, 1], [a1.reload.hits, a2.reload.hits, a3.reload.hits]
-##  end
-##
+  should 'not return environmet task if user has no permission to view it' do
+    person = fast_create(Person)
+    task = create(Task, :requestor => person, :target => environment)
+
+    get "/api/v1/tasks/#{task.id}?#{params.to_query}"
+    assert_equal 403, last_response.status
+  end
+
+ #############################
+ #     Community Tasks    #
+ #############################
+
+  should 'return task by community' do
+    community = fast_create(Community)
+    community.add_admin(person)
+
+    task = create(Task, :requestor => person, :target => community)
+    assert person.is_member_of?(community)
+
+    get "/api/v1/communities/#{community.id}/tasks/#{task.id}?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+    assert_equal task.id, json["task"]["id"]
+  end
+
+  should 'not return task by community if user has no permission to view it' do
+    community = fast_create(Community)
+    task = create(Task, :requestor => person, :target => community)
+    assert !person.is_member_of?(community)
+
+    get "/api/v1/communities/#{community.id}/tasks/#{task.id}?#{params.to_query}"
+    assert_equal 403, last_response.status
+  end
+
+  should 'create task in a community' do
+    community = fast_create(Community)
+    give_permission(person, 'perform_task', community)
+    post "/api/v1/communities/#{community.id}/tasks?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+    assert_not_nil json["task"]["id"]
+  end
+
+  should 'create task defining the requestor as current profile logged in' do
+    community = fast_create(Community)
+    community.add_member(person)
+
+    post "/api/v1/communities/#{community.id}/tasks?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+
+    assert_equal person, Task.last.requestor
+  end
+
+  should 'create task defining the target as the community' do
+    community = fast_create(Community)
+    community.add_member(person)
+
+    post "/api/v1/communities/#{community.id}/tasks?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+
+    assert_equal community, Task.last.target
+  end
+
+ #############################
+ #        Person Tasks       #
+ #############################
+
+  should 'return task by person' do
+    task = create(Task, :requestor => person, :target => person)
+    get "/api/v1/people/#{person.id}/tasks/#{task.id}?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+    assert_equal task.id, json["task"]["id"]
+  end
+
+  should 'not return task by person if user has no permission to view it' do
+    some_person = fast_create(Person)
+    task = create(Task, :requestor => person, :target => some_person)
+
+    get "/api/v1/people/#{some_person.id}/tasks/#{task.id}?#{params.to_query}"
+    assert_equal 403, last_response.status
+  end
+
+  should 'create task for person' do
+    post "/api/v1/people/#{person.id}/tasks?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+    assert_not_nil json["task"]["id"]
+  end
+
+  should 'create task for another person' do
+    some_person = fast_create(Person)
+    post "/api/v1/people/#{some_person.id}/tasks?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+
+    assert_equal some_person, Task.last.target
+  end
+
+  should 'create task defining the target as a person' do
+    post "/api/v1/people/#{person.id}/tasks?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+
+    assert_equal person, Task.last.target
+  end
+
+ #############################
+ #      Enterprise Tasks     #
+ #############################
+
+  should 'return task by enterprise' do
+    enterprise = fast_create(Enterprise)
+    enterprise.add_admin(person)
+
+    task = create(Task, :requestor => person, :target => enterprise)
+    assert person.is_member_of?(enterprise)
+
+    get "/api/v1/enterprises/#{enterprise.id}/tasks/#{task.id}?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+    assert_equal task.id, json["task"]["id"]
+  end
+
+  should 'not return task by enterprise if user has no permission to view it' do
+    enterprise = fast_create(Enterprise)
+    task = create(Task, :requestor => person, :target => enterprise)
+    assert !person.is_member_of?(enterprise)
+
+    get "/api/v1/enterprises/#{enterprise.id}/tasks/#{task.id}?#{params.to_query}"
+    assert_equal 403, last_response.status
+  end
+
+  should 'create task in a enterprise' do
+    enterprise = fast_create(Enterprise)
+    give_permission(person, 'perform_task', enterprise)
+    post "/api/v1/enterprises/#{enterprise.id}/tasks?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+    assert_not_nil json["task"]["id"]
+  end
+
+  should 'create task defining the target as the enterprise' do
+    enterprise = fast_create(Enterprise)
+    enterprise.add_member(person)
+
+    post "/api/v1/enterprises/#{enterprise.id}/tasks?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+
+    assert_equal enterprise, Task.last.target
+  end
 end
@@ -9,7 +9,8 @@ class ActiveSupport::TestCase
   end
   def login_api
-    @user = User.create!(:login => 'testapi', :password => 'testapi', :password_confirmation => 'testapi', :email => 'test@test.org', :environment => Environment.default)
+    @environment = Environment.default
+    @user = User.create!(:login => 'testapi', :password => 'testapi', :password_confirmation => 'testapi', :email => 'test@test.org', :environment => @environment)
     @user.activate
     @person = @user.person
@@ -18,7 +19,7 @@ class ActiveSupport::TestCase
     @private_token = json["private_token"]
     @params = {:private_token => @private_token}
   end
-  attr_accessor :private_token, :user, :person, :params
+  attr_accessor :private_token, :user, :person, :params, :environment
   private
@@ -9,6 +9,7 @@ class ApproveArticleTest &lt; ActiveSupport::TestCase
     @profile = create_user('test_user').person
     @article = fast_create(TextileArticle, :profile_id => @profile.id, :name => 'test name', :abstract => 'Lead of article', :body => 'This is my article')
     @community = fast_create(Community)
+    @community.add_member(@profile)
   end
   attr_reader :profile, :article, :community
@@ -251,6 +252,8 @@ class ApproveArticleTest &lt; ActiveSupport::TestCase
   end
   should 'not group trackers activity of article\'s creation' do
+    other_community = fast_create(Community)
+    other_community.add_member(profile)
     ActionTracker::Record.delete_all
     article = fast_create(TextileArticle)
@@ -262,20 +265,20 @@ class ApproveArticleTest &lt; ActiveSupport::TestCase
     a.finish
     article = fast_create(TextileArticle)
-    other_community = fast_create(Community)
     a = create(ApproveArticle, :name => 'another bar', :article => article, :target => other_community, :requestor => profile)
     a.finish
     assert_equal 3, ActionTracker::Record.count
   end
   should 'not create trackers activity when updating articles' do
+    other_community = fast_create(Community)
+    other_community.add_member(profile)
     ActionTracker::Record.delete_all
     article1 = fast_create(TextileArticle)
     a = create(ApproveArticle, :name => 'bar', :article => article1, :target => community, :requestor => profile)
     a.finish
     article2 = fast_create(TinyMceArticle)
-    other_community = fast_create(Community)
     a = create(ApproveArticle, :name => 'another bar', :article => article2, :target => other_community, :requestor => profile)
     a.finish
     assert_equal 2, ActionTracker::Record.count
@@ -283,7 +286,7 @@ class ApproveArticleTest &lt; ActiveSupport::TestCase
     assert_no_difference 'ActionTracker::Record.count' do
       published = article1.class.last
       published.name = 'foo';published.save!
-  
+
       published = article2.class.last
       published.name = 'another foo';published.save!
     end
@@ -307,7 +310,7 @@ class ApproveArticleTest &lt; ActiveSupport::TestCase
     person = fast_create(Person)
     person.stubs(:notification_emails).returns(['target@example.org'])
-    a = create(ApproveArticle, :article => article, :target => person, :requestor => profile)
+    a = create(ApproveArticle, :article => article, :target => person, :requestor => person)
     a.finish
     approved_article = person.articles.find_by_name(article.name)
@@ -427,7 +430,7 @@ class ApproveArticleTest &lt; ActiveSupport::TestCase
     article = fast_create(Article)
     profile.domains << create(Domain, :name => 'example.org')
     assert_nothing_raised do
-      create(ApproveArticle, :article => article, :target => profile, :requestor => community)
+      create(ApproveArticle, :article => article, :target => profile, :requestor => profile)
     end
   end
@@ -440,4 +443,47 @@ class ApproveArticleTest &lt; ActiveSupport::TestCase
     assert_equal article, LinkArticle.last.reference_article
   end
+  should 'not allow non-person requestor' do
+    task = ApproveArticle.new(:requestor => Community.new)
+    task.valid?
+    assert task.invalid?(:requestor)
+  end
+
+  should 'allow only self requestors when the target is a person' do
+    person = fast_create(Person)
+    another_person = fast_create(Person)
+
+    t1 = ApproveArticle.new(:requestor => person, :target => person)
+    t2 = ApproveArticle.new(:requestor => another_person, :target => person)
+
+    assert t1.valid?
+    assert !t2.valid?
+    assert t2.invalid?(:requestor)
+  end
+
+  should 'allow only members to be requestors when target is a community' do
+    community = fast_create(Community)
+    member = fast_create(Person)
+    community.add_member(member)
+    non_member = fast_create(Person)
+
+    t1 = ApproveArticle.new(:requestor => member, :target => community)
+    t2 = ApproveArticle.new(:requestor => non_member, :target => community)
+
+    assert t1.valid?
+    assert !t2.valid?
+    assert t2.invalid?(:requestor)
+  end
+
+  should 'allow any user to be requestor whe the target is the portal community' do
+    community = fast_create(Community)
+    environment = community.environment
+    environment.portal_community = community
+    environment.save!
+    person = fast_create(Person)
+
+    task = ApproveArticle.new(:requestor => person, :target => community)
+
+    assert task.valid?
+  end
 end
@@ -913,6 +913,7 @@ class ArticleTest &lt; ActiveSupport::TestCase
   should 'not doubly escape quotes in the name' do
     person = fast_create(Person)
     community = fast_create(Community)
+    community.add_member(profile)
     article = fast_create(Article, :name => 'article name', :profile_id => person.id)
     a = create(ApproveArticle, :article => article, :target => community, :requestor => profile)
     a.finish
@@ -759,13 +759,10 @@ class EnvironmentTest &lt; ActiveSupport::TestCase
   should 'set custom_person_fields with its dependecies' do
     env = Environment.new
-    env.custom_person_fields = {'cell_phone' => {'required' => 'true', 'active' => '', 'signup' => ''}, 'comercial_phone'=>  {'required' => '', 'active' => 'true', 'signup' => '' }, 'description' => {'required' => '', 'active' => '', 'signup' => 'true'}}
+    data = {'cell_phone' => {'required' => 'true', 'active' => '', 'signup' => ''}, 'comercial_phone'=>  {'required' => '', 'active' => 'true', 'signup' => '' }, 'description' => {'required' => '', 'active' => '', 'signup' => 'true'}}
+    env.custom_person_fields = data
-    assert_equal({'cell_phone' => {'required' => 'true', 'active' => 'true', 'signup' => 'true'}, 'comercial_phone'=>  {'required' => '', 'active' => 'true', 'signup' => '' }, 'description' => {'required' => '', 'active' => 'true', 'signup' => 'true'}}, env.custom_person_fields)
-  end
-
-  should 'have no custom_person_fields by default' do
-    assert_equal({}, Environment.new.custom_person_fields)
+    assert(env.custom_person_fields.merge(data) == env.custom_person_fields)
   end
   should 'not set in custom_person_fields if not in person.fields' do
@@ -773,7 +770,8 @@ class EnvironmentTest &lt; ActiveSupport::TestCase
     Person.stubs(:fields).returns(['cell_phone', 'comercial_phone'])
     env.custom_person_fields = { 'birth_date' => {'required' => 'true', 'active' => 'true'}, 'cell_phone' => {'required' => 'true', 'active' => 'true'}}
-    assert_equal({'cell_phone' => {'required' => 'true','signup' => 'true',  'active' => 'true'}}, env.custom_person_fields)
+    expected_hash = {'cell_phone' => {'required' => 'true', 'active' => 'true', 'signup' => 'true'}}
+    assert(env.custom_person_fields.merge(expected_hash) == env.custom_person_fields)
     assert ! env.custom_person_fields.keys.include?('birth_date')
   end
@@ -782,7 +780,8 @@ class EnvironmentTest &lt; ActiveSupport::TestCase
     Person.stubs(:fields).returns(['cell_phone', 'schooling'])
     env.custom_person_fields = { 'schooling' => {'required' => 'true', 'active' => 'true'}}
-    assert_equal({'schooling' => {'required' => 'true', 'signup' => 'true', 'active' => 'true'}, 'schooling_status' => {'required' => 'true', 'signup' => 'true', 'active' => 'true'}}, env.custom_person_fields)
+    expected_hash = {'schooling' => {'required' => 'true', 'active' => 'true', 'signup' => 'true'}, 'schooling_status' => {'required' => 'true', 'signup' => 'true', 'active' => 'true'}}
+    assert(env.custom_person_fields.merge(expected_hash) == env.custom_person_fields)
     assert ! env.custom_person_fields.keys.include?('birth_date')
   end
@@ -93,6 +93,7 @@ class FolderTest &lt; ActiveSupport::TestCase
     image = UploadedFile.create!(:profile => person, :uploaded_data => fixture_file_upload('/files/rails.png', 'image/png'))
     community = fast_create(Community)
+    community.add_member(person)
     folder = fast_create(Folder, :profile_id => community.id)
     a = create(ApproveArticle, :article => image, :target => community, :requestor => person, :article_parent => folder)
     a.finish
@@ -101,6 +101,7 @@ class GalleryTest &lt; ActiveSupport::TestCase
     i = UploadedFile.create!(:profile => p, :uploaded_data => fixture_file_upload('/files/rails.png', 'image/png'))
     c = fast_create(Community)
+    c.add_member(p)
     gallery = fast_create(Gallery, :profile_id => c.id)
     a = create(ApproveArticle, :article => i, :target => c, :requestor => p, :article_parent => gallery)
@@ -218,7 +218,7 @@ class ScrapTest &lt; ActiveSupport::TestCase
   should "update the scrap on reply creation" do
     person = create_user.person
     s = fast_create(Scrap, :updated_at => DateTime.parse('2010-01-01'))
-    assert_equal DateTime.parse('2010-01-01'), s.updated_at.strftime('%Y-%m-%d')
+    assert_equal DateTime.parse('2010-01-01'), s.updated_at
     DateTime.stubs(:now).returns(DateTime.parse('2010-09-07'))
     s1 = create(Scrap, :content => 'some content', :sender => person, :receiver => person, :scrap_id => s.id)
     s.reload
 This directory contains the basic structure to test the installation of
 Noosfero debian packages, using a fresh Vagrant VM and packages built in
 ${NOOSFEROROOT}/pkg/.
+
+To perform a test, do
+
+```
+$ cd /path/to/noosfero
+$ rake noosfero:deb
+$ cd util/debian-install/
+$ vagrant up
+```
+
+To reset the environment in preparation for a new test, destroy the VM and
+remove any local `*.deb` files :
+
+```
+$ cd util/debian-install/
+$ vagrant halt
+$ vagrant destroy
+$ rm -f *.deb
+```
@@ -5,7 +5,7 @@
 VAGRANTFILE_API_VERSION = "2"
 require 'fileutils'
-debs = `find ../../pkg/ -name '*.deb' | sort -t _ -V | tail -2`.split
+debs = `find ../../pkg/ -name '*.deb' | sort -t _ -V`.split
 if debs.empty?
   puts "W: no debs built in ../../pkg/; will either install existing local"
   puts "   ones, or the ones from the remote repository"
@@ -16,7 +16,7 @@ else
     local_debs.delete(fn)
-    if File.stat(f) != File.stat(fn)
+    if !File.exist?(fn) || File.stat(f) != File.stat(fn)
       FileUtils::Verbose.rm_f(fn)
       FileUtils::Verbose.ln f, '.'
     end
	@@ -2,6 +2,9 @@ class AddMember < Task		@@ -2,6 +2,9 @@ class AddMember < Task
2		2
3	validates_presence_of :requestor_id, :target_id	3	validates_presence_of :requestor_id, :target_id
4		4
		5	+ validates :requestor, kind_of: {kind: Person}
		6	+ validates :target, kind_of: {kind: Organization}
		7	+
5	alias :person :requestor	8	alias :person :requestor
6	alias :person= :requestor=	9	alias :person= :requestor=
7		10
1	class ApproveArticle < Task	1	class ApproveArticle < Task
2	validates_presence_of :requestor_id, :target_id	2	validates_presence_of :requestor_id, :target_id
3		3
		4	+ validates :requestor, kind_of: {kind: Person}
		5	+ validate :allowed_requestor
		6	+
		7	+ def allowed_requestor
		8	+ if target
		9	+ if target.person? && requestor != target
		10	+ self.errors.add(:requestor, _('You can not post articles to other users.'))
		11	+ end
		12	+ if target.organization? && !target.members.include?(requestor) && target.environment.portal_community != target
		13	+ self.errors.add(:requestor, _('Only members can post articles on communities.'))
		14	+ end
		15	+ end
		16	+ end
		17	+
4	def article_title	18	def article_title
5	article ? article.title : _('(The original text was removed)')	19	article ? article.title : _('(The original text was removed)')
6	end	20	end
7	-	21	+
8	def article	22	def article
9	Article.find_by_id data[:article_id]	23	Article.find_by_id data[:article_id]
10	end	24	end
	@@ -124,4 +138,9 @@ class ApproveArticle < Task		@@ -124,4 +138,9 @@ class ApproveArticle < Task
124	message	138	message
125	end	139	end
126		140
		141	+ def request_is_member_of_target
		142	+ unless requestor.is_member_of?(target)
		143	+ errors.add(:approve_article, N_('Requestor must be a member of target.'))
		144	+ end
		145	+ end
127	end	146	end
	@@ -18,6 +18,8 @@ class ChangePassword < Task		@@ -18,6 +18,8 @@ class ChangePassword < Task
18		18
19	validates_presence_of :requestor	19	validates_presence_of :requestor
20		20
		21	+ validates :requestor, kind_of: {kind: Person}
		22	+
21	###################################################	23	###################################################
22	# validations for updating a ChangePassword task	24	# validations for updating a ChangePassword task
23		25
	@@ -8,6 +8,8 @@ class EnterpriseActivation < Task		@@ -8,6 +8,8 @@ class EnterpriseActivation < Task
8		8
9	validates_presence_of :enterprise	9	validates_presence_of :enterprise
10		10
		11	+ validates :target, kind_of: {kind: Enterprise}
		12	+
11	def perform	13	def perform
12	self.enterprise.enable self.requestor	14	self.enterprise.enable self.requestor
13	end	15	end
	@@ -7,6 +7,8 @@ class ModerateUserRegistration < Task		@@ -7,6 +7,8 @@ class ModerateUserRegistration < Task
7		7
8	after_create :schedule_spam_checking	8	after_create :schedule_spam_checking
9		9
		10	+ validates :target, kind_of: {kind: Environment}
		11	+
10	alias :environment :target	12	alias :environment :target
11	alias :environment= :target=	13	alias :environment= :target=
12		14
	@@ -204,9 +204,9 @@ class Profile < ActiveRecord::Base		@@ -204,9 +204,9 @@ class Profile < ActiveRecord::Base
204	Profile.column_names.map{\|n\| [Profile.table_name, n].join('.')}.join(',')	204	Profile.column_names.map{\|n\| [Profile.table_name, n].join('.')}.join(',')
205	end	205	end
206		206
207	- scope :visible, :conditions => { :visible => true }	207	+ scope :visible, :conditions => { :visible => true, :secret => false }
208	scope :disabled, :conditions => { :visible => false }	208	scope :disabled, :conditions => { :visible => false }
209	- scope :public, :conditions => { :visible => true, :public_profile => true }	209	+ scope :public, :conditions => { :visible => true, :public_profile => true, :secret => false }
210	scope :enabled, :conditions => { :enabled => true }	210	scope :enabled, :conditions => { :enabled => true }
211		211
212	# Subclasses must override this method	212	# Subclasses must override this method
	@@ -92,4 +92,5 @@ class SuggestArticle < Task		@@ -92,4 +92,5 @@ class SuggestArticle < Task
92	def after_ham!	92	def after_ham!
93	self.delay.marked_as_ham	93	self.delay.marked_as_ham
94	end	94	end
		95	+
95	end	96	end
	@@ -133,6 +133,51 @@ class Task < ActiveRecord::Base		@@ -133,6 +133,51 @@ class Task < ActiveRecord::Base
133	end	133	end
134	end	134	end
135		135
		136	+ class KindOfValidator < ActiveModel::EachValidator
		137	+ def validate_each(record, attribute, value)
		138	+ environment = record.environment \|\| Environment.default
		139	+ klass = options[:kind]
		140	+ group = klass.to_s.downcase.pluralize
		141	+ id = attribute.to_s + "_id"
		142	+ if environment.respond_to?(group)
		143	+ attrb = value \|\| environment.send(group).find_by_id(record.send(id))
		144	+ else
		145	+ attrb = value \|\| klass.find_by_id(record.send(id))
		146	+ end
		147	+ if attrb.respond_to?(klass.to_s.downcase + "?")
		148	+ unless attrb.send(klass.to_s.downcase + "?")
		149	+ record.errors[attribute] << (options[:message] \|\| "should be "+ klass.to_s.downcase)
		150	+ end
		151	+ else
		152	+ unless attrb.class == klass
		153	+ record.errors[attribute] << (options[:message] \|\| "should be "+ klass.to_s.downcase)
		154	+ end
		155	+ end
		156	+ end
		157	+ end
		158	+
		159	+ def requestor_is_of_kind(klass, message = nil)
		160	+ error_message = message \|\|= _('Task requestor must be '+klass.to_s.downcase)
		161	+ group = klass.to_s.downcase.pluralize
		162	+ if environment.respond_to?(group) and requestor_id
		163	+ requestor = requestor \|\|= environment.send(klass.to_s.downcase.pluralize).find_by_id(requestor_id)
		164	+ end
		165	+ unless requestor.class == klass
		166	+ errors.add(error_message)
		167	+ end
		168	+ end
		169	+
		170	+ def target_is_of_kind(klass, message = nil)
		171	+ error_message = message \|\|= _('Task target must be '+klass.to_s.downcase)
		172	+ group = klass.to_s.downcase.pluralize
		173	+ if environment.respond_to?(group) and target_id
		174	+ target = target \|\|= environment.send(klass.to_s.downcase.pluralize).find_by_id(target_id)
		175	+ end
		176	+ unless target.class == klass
		177	+ errors.add(error_message)
		178	+ end
		179	+ end
		180	+
136	def close(status, closed_by)	181	def close(status, closed_by)
137	self.status = status	182	self.status = status
138	self.end_date = Time.now	183	self.end_date = Time.now
	@@ -6,6 +6,13 @@ require ::File.expand_path('../config/environment', __FILE__)		@@ -6,6 +6,13 @@ require ::File.expand_path('../config/environment', __FILE__)
6	#use Rails::Rack::Static	6	#use Rails::Rack::Static
7	#run ActionController::Dispatcher.new	7	#run ActionController::Dispatcher.new
8		8
		9	+use Rack::Cors do
		10	+ allow do
		11	+ origins '*'
		12	+ resource '/api/*', :headers => :any, :methods => [:get, :post]
		13	+ end
		14	+end
		15	+
9	rails_app = Rack::Builder.new do	16	rails_app = Rack::Builder.new do
10	run Noosfero::Application	17	run Noosfero::Application
11	end	18	end
	@@ -135,12 +135,5 @@ module Noosfero		@@ -135,12 +135,5 @@ module Noosfero
135		135
136	Noosfero::Plugin.setup(config)	136	Noosfero::Plugin.setup(config)
137		137
138	- config.middleware.use Rack::Cors do
139	- allow do
140	- origins '*'
141	- resource '/api/*', :headers => :any, :methods => [:get, :post]
142	- end
143	- end
144	-
145	end	138	end
146	end	139	end