Merge branch 'master' into rails3-custom_fields

Conflicts: app/helpers/application_helper.rb app/views/profile/_person_profile.html.erb

Merge branch 'master' into rails3-custom_fields
Conflicts: app/helpers/application_helper.rb app/views/profile/_person_profile.html.erb
Victor Costa
2 parents bb996411 c5265b67
Showing 1380 changed files with 86898 additions and 157983 deletions Show diff stats
.ackrc
AUTHORS.md
DEVELOPMENT.md
Gemfile
Gemfile.lock
INSTALL.https.md
INSTALL.locales.md
INSTALL.md
Rakefile
Vagrantfile
app/controllers/admin/admin_panel_controller.rb
app/controllers/admin/plugin_admin_controller.rb
app/controllers/admin/templates_controller.rb
app/controllers/application_controller.rb
app/controllers/my_profile/cms_controller.rb
app/controllers/my_profile/friends_controller.rb
app/controllers/my_profile/profile_design_controller.rb
app/controllers/my_profile/profile_editor_controller.rb
app/controllers/my_profile/profile_members_controller.rb
app/controllers/public/account_controller.rb
 --ignore-dir=log
 --ignore-dir=tmp
 --ignore-dir=pkg
+--ignore-dir=public/javascripts/cache
+--ignore-dir=public/stylesheets/cache
@@ -40,7 +40,9 @@ Alessandro Palmeira + João M. M. Silva &lt;alessandro.palmeira@gmail.com&gt;
 Alessandro Palmeira + Paulo Meirelles <alessandro.palmeira@gmail.com>
 Alessandro Palmeira + Paulo Meirelles + João M. M. da Silva <alessandro.palmeira@gmail.com>
 Alessandro Palmeira + Rafael Manzo <alessandro.palmeira@gmail.com>
+analosnak <analosnak@gmail.com>
 Ana Losnak <analosnak@gmail.com>
+Andre Bernardes <andrebsguedes@gmail.com>
 Antonio Terceiro + Carlos Morais <terceiro@colivre.coop.br>
 Antonio Terceiro + Paulo Meirelles <terceiro@colivre.coop.br>
 Antonio Terceiro <terceiro@colivre.coop.br>
@@ -80,7 +82,6 @@ Carlos Morais + Diego Araújo &lt;diegoamc90@gmail.com&gt;
 Carlos Morais + Eduardo Morais <carlos88morais@gmail.com>
 Carlos Morais + Paulo Meirelles <carlos88morais@gmail.com>
 Carlos Morais + Pedro Leal <carlos88morais@gmail.com>
-Daniela Feitosa <dani@dohko.(none)>
 Daniel Alves + Diego Araújo <danpaulalves@gmail.com>
 Daniel Alves + Diego Araújo <diegoamc90@gmail.com>
 Daniel Alves + Diego Araújo + Guilherme Rojas <danpaulalves@gmail.com>
@@ -118,7 +119,6 @@ Diego Araújo + Renan Teruo &lt;diegoamc90@gmail.com&gt;
 Diego Araujo + Rodrigo Souto + Rafael Manzo <rr.manzo@gmail.com>
 Diego + Jefferson <diegoamc90@gmail.com>
 Diego Martinez <diegoamc90@gmail.com>
-Diego Martinez <diego@diego-K55A.(none)>
 Diego + Renan <renanteruoc@gmail.com>
 Eduardo Tourinho Edington <eduardo.edington@serpro.gov.br>
 Evandro Jr <evandrojr@gmail.com>
@@ -132,6 +132,7 @@ Francisco Marcelo de Araújo Lima Júnior &lt;maljunior@gmail.com&gt;
 Gabriela Navarro <navarro1703@gmail.com>
 Grazieno Pellegrino <grazieno@gmail.com>
 Gust <darksshades@hotmail.com>
+Hebert Douglas <hebertdougl@gmail.com>
 Hugo Melo <hugo@riseup.net>
 Isaac Canan <isaac@intelletto.com.br>
 Italo Valcy <italo@dcc.ufba.br>
@@ -193,9 +194,11 @@ Luis David Aguilar Carlos &lt;ludwig9003@gmail.com&gt;
 Luiz Fernando de Freitas Matos <luiz@luizff.matos@gmail.com>
 Marcos Ramos <ms.ramos@outlook.com>
 Martín Olivera <molivera@solar.org.ar>
+Michal Čihař <michal@cihar.com>
 Moises Machado <moises@colivre.coop.br>
 Naíla Alves <naila@colivre.coop.br>
 Nanda Lopes <nanda.listas+psl@gmail.com>
+Parley Martins <parleypachecomartins@gmail.com>
 Paulo Meirelles + Alessandro Palmeira + João M. M. da Silva <paulo@softwarelivre.org>
 Paulo Meirelles + Alessandro Palmeira <paulo@softwarelivre.org>
 Paulo Meirelles + Carlos Morais <paulo@softwarelivre.org>
@@ -218,6 +221,7 @@ Rafael Reggiani Manzo + João M. M. da Silva &lt;rr.manzo@gmail.com&gt;
 Rafael Reggiani Manzo <rr.manzo@gmail.com>
 Raphaël Rousseau <raph@r4f.org>
 Raquel Lira <raquel.lira@gmail.com>
+Raquel <rcordioli@gmail.com>
 Renan Teruo + Caio Salgado <renanteruoc@gmail.com>
 Renan Teruoc + Diego Araujo <renanteruoc@gmail.com>
 Renan Teruo + Diego Araujo <renanteruoc@gmail.com>
@@ -225,11 +229,13 @@ Renan Teruo + Diego Araújo &lt;renanteruoc@gmail.com&gt;
 Renan Teruo + Paulo Meirelles <renanteruoc@gmail.com>
 Renan Teruo + Rafael Manzo <renanteruoc@gmail.com>
 Rodrigo Souto + Ana Losnak + Daniel Bucher + Caio Almeida + Leandro Nunes + Daniela Feitosa + Mariel Zasso <noosfero-br@listas.softwarelivre.org>
-Rodrigo Souto <diguliu@gmail.com>
 Rodrigo Souto <rodrigo@colivre.coop.br>
 Ronny Kursawe <kursawe.ronny@googlemail.com>
 root <root@debian.sdr.serpro>
 Samuel R. C. Vale <srcvale@holoscopio.com>
+Tallys Martins <tallysmartins@gmail.com>
+tallys <tallys@tallys.(none)>
+Thiago Zoroastro <thiago.zoroastro@bol.com.br>
 Valessio Brito <contato@valessiobrito.com.br>
 Valessio Brito <contato@valessiobrito.info>
 Valessio Brito <valessio@gmail.com>
@@ -0,0 +1,124 @@
+# Noosfero Development Policy
+
+## Developer Roles
+
+* *Developers* are everyone that is contributing code to Noosfero.
+* *Committers* are the people with direct commit access to the Noosfero source
+  code. They are responsible for reviewing contributions from other developers
+  and integrating them in the Noosfero code base. They are the members of the
+  [Noosfero group on Gitlab](https://gitlab.com/groups/noosfero/members).
+* *Release managers* are the people that are managing the release of a new
+  Noosfero version and/or the maintainance work of an existing Noosfero stable
+  branch. See MAINTAINANCE.md for details on the maintaince policy.
+
+## Development process
+
+* Every new feature or non-trivial bugfix should be reviewed by at least one
+  committer. This must be the case even if the original author is a committer.
+
+  * In the case the original author is a committer, he/she should feel free to
+    commit directly if after 1 week nobody has provided any kind of feedback.
+
+  * Developers who are not committers should feel free to ping committers if
+    they do not get feedback on their contributions after 1 week.
+
+    * On GitLab, one can just add a comment to the merge request; one can also
+      @-mention specific committers or other developers who have expertise on
+      the area of the contribution.
+
+  * Committers should follow the activity of the project, and try to help
+    reviewing contributions from others as much as possible.
+
+    * On GitLab one can get emails for all activity on a project by setting the
+      [notification settings](https://gitlab.com/profile/notifications) to
+      "watch".
+
+  * Anyone can help by reviewing contributions. Committers are the only ones
+    who can give the final approval to a contribution, but everyone is welcome
+    to help with code review, testing, etc.
+
+    * See note above about setting up notification on GitLab.
+
+* Committers should feel free to push trivial (or urgent) changes directly.
+  There are no strict rule on what makes a change trivial or urgent; committers
+  are expected to exercise good judgement on a case by case basis.
+
+  * Usually changes to the database are not trivial.
+
+* In the case of unsolvable conflict between commiters regarding any change to
+  the code, the current release manager(s) will have the final say in the
+  matter.
+
+* Release managers are responsible for stablishing a release schedule, and
+  about deciding when and what to release.
+
+  * Release managers should announce release schedules to the project mailing
+    lists in advance.
+
+  * The release schedule may include a period of feature freeze, during which
+    no new features or any other changes that are not pre-approved by the
+    release manager must be committed to the repository.
+
+  * Committers must respect the release schedule and feature freezes.
+
+## Maintainance process
+
+### Not all feature releases will be maintained as a stable release
+
+We will be choosing specific release series to be maintained as stable
+releases.
+
+This means that a given release is not guaranteed to be maintained as a stable
+release, but does *not* mean it won't be. Any committer (or anyone, really) can
+decide to maintain a given release as stable and seek help from others to do
+so.
+
+### No merges from stable branches to master
+
+*All* changes must be submitted against the master branch first, and when
+applicable, backported to the desired stable releases. Exceptions to this rules
+are bug fixes that only apply to a given stable branch and not to master.
+
+In the past we had non-trivial changes accepted into stable releases while
+master was way ahead (e.g. during the rails3 migration period), that made the
+merge back into master very painful.  By eliminating the need to do these
+merges, we save time for the people responsible for the release, and eliminate
+the possibility of human errors or oversights causing changes to be accepted
+into stable that will be a problem to merge back into master.
+
+By getting all fixes in master first, we improve the chances that  a future
+release will not present regressions against bugs that should already be fixed,
+but the fixes got lost in a big, complicated merge (and those won't exist
+anymore, at least not from stable branches to master).
+
+After a fix gets into master, backporting changes into a stable release branch
+is the responsibility of whoever is maintaing that branch, and those interested
+in it. The stable branch release manager(s) are entitled the final say on any
+matters related to that branch.
+
+## Apendix A: how to become a committer
+
+Every developer that wants to be a committer should create [an issue on
+Gitlab](https://gitlab.com/noosfero/noosfero/issues) requesting to be added as
+a committer. This request must include information about the requestor's
+previous contributions to the project.
+
+If 2 or more commiters consider second the request, the requestor is accepted
+as new commiter and added to the Noosfero group.
+
+The existing committers are free to choose whatever criteria they want to
+second the request, but they must be sure that the new committer is a
+responsible developer and knows what she/he is doing. They must be aware that
+seconding these requests means seconding the actions of the new committer: if
+the new committer screw up, her/his seconds screwed up.
+
+## Apendix B: how to become a release manager
+
+A new release manager for the development version of Noosfero (i.e. the one
+that includes new features, a.k.a. the master branch) is apointed by the
+current release manager, and must be a committer first.
+
+Release managers for stable branches are self-appointed, i.e. whoever takes the
+work takes the role. In case of a conflict (e.g. 2+ different people want to do
+the work but can't agree on working together), the development release manager
+decides.
 source "https://rubygems.org"
-gem 'rails'
-gem 'fast_gettext'
-gem 'acts-as-taggable-on'
-gem 'prototype-rails'
-gem 'prototype_legacy_helper', '0.0.0', :path => 'vendor/prototype_legacy_helper'
-gem 'rails_autolink'
-gem 'pg'
-gem 'rmagick'
-gem 'RedCloth'
-gem 'will_paginate'
-gem 'ruby-feedparser'
-gem 'daemons'
-gem 'thin'
-gem 'hpricot'
-gem 'nokogiri'
+gem 'rails',                    '~> 3.2.19'
+gem 'fast_gettext',             '~> 0.6.8'
+gem 'acts-as-taggable-on',      '~> 3.0.2'
+gem 'prototype-rails',          '~> 3.2.1'
+gem 'prototype_legacy_helper',  '0.0.0', :path => 'vendor/prototype_legacy_helper'
+gem 'rails_autolink',           '~> 1.1.5'
+gem 'pg',                       '~> 0.13.2'
+gem 'rmagick',                  '~> 2.13.1'
+gem 'RedCloth',                 '~> 4.2.9'
+gem 'will_paginate',            '~> 3.0.3'
+gem 'ruby-feedparser',          '~> 0.7'
+gem 'daemons',                  '~> 1.1.5'
+gem 'thin',                     '~> 1.3.1'
+gem 'hpricot',                  '~> 0.8.6'
+gem 'nokogiri',                 '~> 1.5.5'
 gem 'rake', :require => false
-gem 'rest-client'
-gem 'exception_notification'
+gem 'rest-client',              '~> 1.6.7'
+gem 'exception_notification',   '~> 4.0.1'
+gem 'gettext',                  '~> 2.2.1', :require => false, :group => :development
+gem 'locale',                   '~> 2.0.5'
  
 # FIXME list here all actual dependencies (i.e. the ones in debian/control),
 # with their GEM names (not the Debian package names)
  
 group :production do
-  gem 'dalli'
+  gem 'dalli', '~> 2.7.0'
 end
  
 group :test do
-  gem 'rspec'
-  gem 'rspec-rails'
-  gem 'mocha', :require => false
+  gem 'rspec',                  '~> 2.10.0'
+  gem 'rspec-rails',            '~> 2.10.1'
+  gem 'mocha',                  '~> 1.1.0', :require => false
 end
  
 group :cucumber do
-  gem 'cucumber-rails', :require => false
-  gem 'capybara'
-  gem 'cucumber'
-  gem 'database_cleaner'
-  gem 'selenium-webdriver'
+  gem 'cucumber-rails',         '~> 1.0.6', :require => false
+  gem 'capybara',               '~> 2.1.0'
+  gem 'cucumber',               '~> 1.0.6'
+  gem 'database_cleaner',       '~> 1.2.0'
+  gem 'selenium-webdriver',     '~> 2.39.0'
 end
  
-# include plugin gemfiles
-Dir.glob(File.join('config', 'plugins', '*')).each do |plugin|
-  plugin_gemfile = File.join(plugin, 'Gemfile')
-  eval File.read(plugin_gemfile) if File.exists?(plugin_gemfile)
+# include gemfiles from enabled plugins
+# plugins in baseplugins/ are not included on purpose. They should not have any
+# dependencies.
+Dir.glob('config/plugins/*/Gemfile').each do |gemfile|
+  eval File.read(gemfile)
 end
@@ -1,191 +0,0 @@
-PATH
-  remote: vendor/prototype_legacy_helper
-  specs:
-    prototype_legacy_helper (0.0.0)
-
-GEM
-  remote: https://rubygems.org/
-  specs:
-    RedCloth (4.2.9)
-    actionmailer (3.2.6)
-      actionpack (= 3.2.6)
-      mail (~> 2.4.4)
-    actionpack (3.2.6)
-      activemodel (= 3.2.6)
-      activesupport (= 3.2.6)
-      builder (~> 3.0.0)
-      erubis (~> 2.7.0)
-      journey (~> 1.0.1)
-      rack (~> 1.4.0)
-      rack-cache (~> 1.2)
-      rack-test (~> 0.6.1)
-      sprockets (~> 2.1.3)
-    activemodel (3.2.6)
-      activesupport (= 3.2.6)
-      builder (~> 3.0.0)
-    activerecord (3.2.6)
-      activemodel (= 3.2.6)
-      activesupport (= 3.2.6)
-      arel (~> 3.0.2)
-      tzinfo (~> 0.3.29)
-    activeresource (3.2.6)
-      activemodel (= 3.2.6)
-      activesupport (= 3.2.6)
-    activesupport (3.2.6)
-      i18n (~> 0.6)
-      multi_json (~> 1.0)
-    acts-as-taggable-on (3.0.2)
-      rails (>= 3, < 5)
-    arel (3.0.2)
-    builder (3.0.0)
-    capybara (2.1.0)
-      mime-types (>= 1.16)
-      nokogiri (>= 1.3.3)
-      rack (>= 1.0.0)
-      rack-test (>= 0.5.4)
-      xpath (~> 2.0)
-    childprocess (0.3.3)
-      ffi (~> 1.0.6)
-    cucumber (1.0.6)
-      builder (>= 2.1.2)
-      diff-lcs (>= 1.1.2)
-      gherkin (~> 2.4.18)
-      json (>= 1.4.6)
-      term-ansicolor (>= 1.0.6)
-    cucumber-rails (1.0.6)
-      capybara (>= 1.1.1)
-      cucumber (>= 1.0.6)
-      nokogiri (>= 1.5.0)
-    daemons (1.1.5)
-    dalli (2.7.0)
-    database_cleaner (1.2.0)
-    diff-lcs (1.1.3)
-    erubis (2.7.0)
-    eventmachine (0.12.10)
-    exception_notification (4.0.1)
-      actionmailer (>= 3.0.4)
-      activesupport (>= 3.0.4)
-    fast_gettext (0.6.8)
-    ffi (1.0.11)
-    gherkin (2.4.21)
-      json (>= 1.4.6)
-    hike (1.2.1)
-    hpricot (0.8.6)
-    i18n (0.6.0)
-    journey (1.0.3)
-    json (1.7.3)
-    mail (2.4.4)
-      i18n (>= 0.4.0)
-      mime-types (~> 1.16)
-      treetop (~> 1.4.8)
-    metaclass (0.0.1)
-    mime-types (1.19)
-    mocha (0.11.3)
-      metaclass (~> 0.0.1)
-    multi_json (1.3.6)
-    nokogiri (1.5.5)
-    pg (0.13.2)
-    polyglot (0.3.3)
-    prototype-rails (3.2.1)
-      rails (~> 3.2)
-    rack (1.4.1)
-    rack-cache (1.2)
-      rack (>= 0.4)
-    rack-ssl (1.3.2)
-      rack
-    rack-test (0.6.1)
-      rack (>= 1.0)
-    rails (3.2.6)
-      actionmailer (= 3.2.6)
-      actionpack (= 3.2.6)
-      activerecord (= 3.2.6)
-      activeresource (= 3.2.6)
-      activesupport (= 3.2.6)
-      bundler (~> 1.0)
-      railties (= 3.2.6)
-    rails_autolink (1.1.5)
-      rails (> 3.1)
-    railties (3.2.6)
-      actionpack (= 3.2.6)
-      activesupport (= 3.2.6)
-      rack-ssl (~> 1.3.2)
-      rake (>= 0.8.7)
-      rdoc (~> 3.4)
-      thor (>= 0.14.6, < 2.0)
-    rake (0.9.2.2)
-    rdoc (3.9.4)
-    rest-client (1.6.7)
-      mime-types (>= 1.16)
-    rmagick (2.13.1)
-    rspec (2.10.0)
-      rspec-core (~> 2.10.0)
-      rspec-expectations (~> 2.10.0)
-      rspec-mocks (~> 2.10.0)
-    rspec-core (2.10.1)
-    rspec-expectations (2.10.0)
-      diff-lcs (~> 1.1.3)
-    rspec-mocks (2.10.1)
-    rspec-rails (2.10.1)
-      actionpack (>= 3.0)
-      activesupport (>= 3.0)
-      railties (>= 3.0)
-      rspec (~> 2.10.0)
-    ruby-feedparser (0.7)
-    rubyzip (1.1.2)
-    selenium-webdriver (2.39.0)
-      childprocess (>= 0.2.5)
-      multi_json (~> 1.0)
-      rubyzip (~> 1.0)
-      websocket (~> 1.0.4)
-    sprockets (2.1.3)
-      hike (~> 1.2)
-      multi_json (~> 1.0)
-      rack (~> 1.0)
-      tilt (~> 1.1, != 1.3.0)
-    term-ansicolor (1.0.7)
-    thin (1.3.1)
-      daemons (>= 1.0.9)
-      eventmachine (>= 0.12.6)
-      rack (>= 1.0.0)
-    thor (0.15.3)
-    tilt (1.3.3)
-    treetop (1.4.10)
-      polyglot
-      polyglot (>= 0.3.1)
-    tzinfo (0.3.33)
-    websocket (1.0.7)
-    will_paginate (3.0.3)
-    xpath (2.0.0)
-      nokogiri (~> 1.3)
-
-PLATFORMS
-  ruby
-
-DEPENDENCIES
-  RedCloth
-  acts-as-taggable-on
-  capybara
-  cucumber
-  cucumber-rails
-  daemons
-  dalli
-  database_cleaner
-  exception_notification
-  fast_gettext
-  hpricot
-  mocha
-  nokogiri
-  pg
-  prototype-rails
-  prototype_legacy_helper (= 0.0.0)!
-  rails
-  rails_autolink
-  rake
-  rest-client
-  rmagick
-  rspec
-  rspec-rails
-  ruby-feedparser
-  selenium-webdriver
-  thin
-  will_paginate
-Setup Noosfero to use HTTPS
-===========================
+# Setup Noosfero to use HTTPS
  
 This document assumes that you have a fully and clean Noosfero
 installation as explained at the `INSTALL.md` file.
  
-SSL certificate
-+++++++++++++++
+## Creating a self-signed SSL certificate
  
 You should get a valid SSL certificate, but if you want to test
 your setup before, you could generate a self-signed certificate
@@ -17,99 +15,106 @@ as below:
     # openssl req -new -x509 -nodes -sha1 -days $[10*365] -key noosfero.key > noosfero.cert
     # cat noosfero.key noosfero.cert > noosfero.pem
  
+## Web server configuration
+
 There are two ways of using SSL with Noosfero: 1) If you are not using
 Varnish; and 2) If you are using Varnish.
  
-1) If you are are not using Varnish
-+++++++++++++++++++++++++++++++++++
+### 1) If you are are not using Varnish
  
 Simply do a redirect in apache to force all connections with SSL:
  
-  <VirtualHost *:8080>
-    ServerName test.stoa.usp.br
-   
-    Redirect / https://example.com/
-  </VirtualHost>
+```
+<VirtualHost *:8080>
+  ServerName test.stoa.usp.br
+  Redirect / https://example.com/
+</VirtualHost>
+```
  
 And set a vhost to receive then:
  
-  <VirtualHost *:443>
-    ServerName example.com
-   
-    SSLEngine On
-    SSLCertificateFile    /etc/ssl/certs/cert.pem
-    SSLCertificateKeyFile /etc/ssl/private/cert.key
-   
-    Include /etc/noosfero/apache/virtualhost.conf
-  </VirtualHost>
+```
+<VirtualHost *:443>
+  ServerName example.com
+  SSLEngine On
+  SSLCertificateFile    /etc/ssl/certs/cert.pem
+  SSLCertificateKeyFile /etc/ssl/private/cert.key
+  Include /etc/noosfero/apache/virtualhost.conf
+</VirtualHost>
+```
  
 Be aware that if you had configured varnish, the requests won't reach
 it with this configuration.
  
-2) If you are using Varnish
-+++++++++++++++++++++++++++
-
-Varnish isn't able to communicate with the SSL protocol, so we will
-need some one who do this and Pound[1] can do the job. In order to
-install it in Debian based systems:
+### 2) If you are using Varnish
  
-  $ sudo apt-get install pound
+Varnish isn't able to communicate with the SSL protocol, so we will need some
+one else who do this and [Pound](http://www.apsis.ch/pound) can do the job. In
+order to install it in Debian based systems:
  
-Set Varnish to listen in other port than 80:
+```
+$ sudo apt-get install pound
+```
  
-/etc/defaults/varnish
----------------------
+Set Varnish to listen in other port than 80 in `/etc/defaults/varnish`:
  
-  DAEMON_OPTS="-a localhost:6081 \
-               -T localhost:6082 \ 
-               -f /etc/varnish/default.vcl \ 
-               -S /etc/varnish/secret \ 
-               -s file,/var/lib/varnish/$INSTANCE/varnish_storage.bin,1G"
+```
+DAEMON_OPTS="-a localhost:6081 \
+             -T localhost:6082 \
+             -f /etc/varnish/default.vcl \
+             -S /etc/varnish/secret \
+             -s file,/var/lib/varnish/$INSTANCE/varnish_storage.bin,1G"
+```
  
 Configure Pound:
  
-    # cp /usr/share/noosfero/etc/pound.cfg /etc/pound/
-
-Edit /etc/pound.cfg and set the IP and domain of your server.
+```
+# cp /usr/share/noosfero/etc/pound.cfg /etc/pound/
+```
  
-Configure Pound to start at system initialization:
+Edit `/etc/pound.cfg` and set the IP and domain of your server.
  
-/etc/default/pound
+Configure Pound to start at system initialization. At `/etc/default/pound`:
 ------------------
  
-  startup=1
+```
+startup=1
+```
  
-Set Apache to only listen to localhost:
+Set Apache to only listen to localhost, at `/etc/apache2/ports.conf`:
  
-/etc/apache2/ports.conf
------------------------
-
-  Listen 127.0.0.1:8080
+```
+Listen 127.0.0.1:8080
+```
  
 Restart the services:
  
-  $ sudo service apache2 restart
-  $ sudo service varnish restart
+```
+$ sudo service apache2 restart
+$ sudo service varnish restart
+```
  
 Start pound:
  
-  $ sudo service pound start
-
-[1] http://www.apsis.ch/pound
+```
+$ sudo service pound start
+```
  
-Noosfero XMPP chat
-++++++++++++++++++
+## Noosfero XMPP chat
  
 If you want to use chat over HTTPS, then you should add the domain
-and IP of your server in the /etc/hosts file, example:
+and IP of your server in the /etc/hosts file, example
  
-/etc/hosts
-----------
+`/etc/hosts:`
  
-  192.168.1.86	mydomain.example.com
+```
+192.168.1.86	mydomain.example.com
+```
  
-Also, it's recomended that you remove lines above from the file
+Also, it's recomended that you remove the lines below from the file
 `/etc/apache2/sites-enabled/noosfero`:
  
-    RewriteEngine On
-    Include /usr/share/noosfero/util/chat/apache/xmpp.conf
+```
+RewriteEngine On
+Include /usr/share/noosfero/util/chat/apache/xmpp.conf
+```
@@ -0,0 +1,29 @@
+Using custom locales
+====================
+
+Personalized translations go into the `config/custom_locales/` directory.
+Custom locales can be identified by the rails environment, schema name in a
+multitenancy setup or domain name until the first dot (e.g env1.coop.br for the
+example below).
+
+Currently, the only filename prefix for the localization file which is
+processed is "environment". For instance, a POT file would be called
+"environment.pot".
+
+The structure of an environment named env1 with custom translations for both
+Portuguese and Spanish and an environment named env2 with custom Russian
+translation would be:
+
+    config/
+      custom_locales/
+        env1/
+          environment.pot
+          pt/
+            environment.po
+          es/
+            environment.po
+        env2/
+          environment.pot
+          ru/
+            environment.po
+
@@ -186,8 +186,8 @@ Apache instalation
  
     # apt-get install apache2
  
-Apache configuration
---------------------
+Configuration - noosfero at /
+-----------------------------
  
 First you have to enable the following some apache modules:
  
@@ -257,6 +257,62 @@ Now restart your apache server (as root):
  
     # invoke-rc.d apache2 restart
  
+Configuration - noosfero at a /subdirectory
+-------------------------------------------
+
+This section describes how to configure noosfero at a subdirectory, what is
+specially useful when you want Noosfero to share a domain name with other
+applications. For example you can host noosfero at yourdomain.com/social, a
+webmail application at yourdomain.com/webmail, and have a static HTML website
+at yourdomain.com/.
+
+**NOTE:** Some plugins might not work well with this setting. Before deploying
+this setting, make sure you test that everything  you need works properly with
+it.
+
+The configuration is similar to the main configuration instructions, except for
+the following points. In the description below, replace '/subdirectory' with
+the actual subdirectory you want.
+
+1) add a `prefix: /subdirectory` line to your thin configuration file (thin.yml).
+
+1.1) remember to restart the noosfero application server whenever you make
+changes to that configuration file.
+
+    # service noosfero restart
+
+2) add a line saying `export RAILS_RELATIVE_URL_ROOT=/subdirectory` to
+/etc/default/noosfero (you can create it with just this line if it does not
+exist already).
+
+3) You should add the following apache configuration to an existing virtual
+host (plus the `<Proxy balancer://noosfero>` section as displayed above):
+
+```
+Alias /subdirectory /path/to/noosfero/public
+<Directory "/path/to/noosfero/public">
+  Options FollowSymLinks
+  AllowOverride None
+  Order Allow,Deny
+  Allow from all
+
+  Include /path/to/noosfero/etc/noosfero/apache/cache.conf
+
+  RewriteEngine On
+  RewriteBase /subdirectory
+  # Rewrite index to check for static index.html
+  RewriteRule ^$ index.html [QSA]
+  # Rewrite to check for Rails cached page
+  RewriteRule ^([^.]+)$ $1.html [QSA]
+  RewriteCond %{REQUEST_FILENAME} !-f
+  RewriteRule ^(.*)$ http://localhost:3000%{REQUEST_URI} [P,QSA,L]
+</Directory>
+```
+
+3.1) remember to reload the apache server whenever any apache configuration
+file changes.
+
+    # sudo service apache2 reload
  
 Enabling exception notifications
 ================================
@@ -6,3 +6,13 @@
 require File.expand_path('../config/application', __FILE__)
  
 Noosfero::Application.load_tasks
+
+[
+  "baseplugins/*/{tasks,lib/tasks,rails/tasks}/**/*.rake",
+  "config/plugins/*/{tasks,lib/tasks,rails/tasks}/**/*.rake",
+  "config/plugins/*/vendor/plugins/*/{tasks,lib/tasks,rails/tasks}/**/*.rake",
+].map do |pattern|
+  Dir.glob(pattern).sort
+end.flatten.each do |taskfile|
+  load taskfile
+end
@@ -3,7 +3,7 @@
  
 VAGRANTFILE_API_VERSION = "2"
 Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
-  config.vm.box = "debian-wheezy"
+  config.vm.box = ENV.fetch('VAGRANT_BOX', "debian-wheezy")
   config.vm.network :forwarded_port, host: 3000, guest: 3000
   config.vm.provision :shell do |shell|
     shell.inline = 'su vagrant -c /vagrant/script/vagrant'
@@ -71,4 +71,22 @@ class AdminPanelController &lt; AdminController
       end
     end
   end
+
+  def manage_organizations_status
+    scope = environment.organizations
+    @filter = params[:filter] || 'any'
+    @title = "Organization profiles"
+    @title = @title+" - "+@filter if @filter != 'any'
+
+    if @filter == 'enabled'
+      scope = scope.visible
+    elsif @filter == 'disabled'
+      scope = scope.disabled
+    end
+
+    scope = scope.order('name ASC')
+
+    @q = params[:q]
+    @collection = find_by_contents(:organizations, scope, @q, {:per_page => 10, :page => params[:npage]})[:results]
+  end
 end
@@ -0,0 +1,5 @@
+class PluginAdminController < AdminController
+
+  protect 'edit_environment_features', :environment
+
+end
@@ -40,8 +40,67 @@ class TemplatesController &lt; AdminController
     end
   end
  
+  def set_community_as_default
+    begin
+      community = environment.communities.find(params[:template_id])
+    rescue ActiveRecord::RecordNotFound
+      message = _('Community not found. The template could no be changed.')
+      community = nil
+    end
+
+    message = _('%s defined as default') % community.name if set_as_default(community)
+    session[:notice] = message
+
+    redirect_to :action => 'index'
+  end
+
+  def set_person_as_default
+    begin
+      person = environment.people.find(params[:template_id])
+    rescue ActiveRecord::RecordNotFound
+      message = _('Person not found. The template could no be changed.')
+      person = nil
+    end
+
+    message = _('%s defined as default') % person.name if set_as_default(person)
+    session[:notice] = message
+
+    redirect_to :action => 'index'
+  end
+
+  def set_enterprise_as_default
+    begin
+      enterprise = environment.enterprises.find(params[:template_id])
+    rescue ActiveRecord::RecordNotFound
+      message = _('Enterprise not found. The template could no be changed.')
+      enterprise = nil
+    end
+
+    message = _('%s defined as default') % enterprise.name if set_as_default(enterprise)
+    session[:notice] = message
+
+    redirect_to :action => 'index'
+  end
+
   private
  
+  def set_as_default(obj)
+    return nil if obj.nil?
+    case obj.class.name
+      when 'Community' then
+        environment.community_default_template = obj
+        environment.save!
+      when 'Person' then
+        environment.person_default_template = obj
+        environment.save!
+      when 'Enterprise' then
+        environment.enterprise_default_template = obj
+        environment.save!
+      else
+        nil
+    end
+  end
+
   def create_organization_template(klass)
     identifier = params[:name].to_slug
     template = klass.new(:name => params[:name], :identifier => identifier, :is_template => true)
@@ -40,7 +40,7 @@ class ApplicationController &lt; ActionController::Base
  
     theme_layout = theme_option(:layout)
     if theme_layout
-      theme_view_file('layouts/'+theme_layout) || theme_layout
+      (theme_view_file('layouts/'+theme_layout) || theme_layout).to_s
     else
      'application'
     end
@@ -127,6 +127,9 @@ class ApplicationController &lt; ActionController::Base
  
   # TODO: move this logic somewhere else (Domain class?)
   def detect_stuff_by_domain
+    # Sets text domain based on request host for custom internationalization
+    FastGettext.text_domain = Domain.custom_locale(request.host)
+
     @domain = Domain.find_by_name(request.host)
     if @domain.nil?
       @environment = Environment.default
@@ -174,6 +174,8 @@ class CmsController &lt; MyProfileController
  
   post_only :set_home_page
   def set_home_page
+    return render_access_denied unless user.can_change_homepage?
+
     article = params[:id].nil? ? nil : profile.articles.find(params[:id])
     profile.update_attribute(:home_page, article)
  
@@ -212,6 +214,7 @@ class CmsController &lt; MyProfileController
       if @errors.any?
         render :action => 'upload_files', :parent_id => @parent_id
       else
+        session[:notice] = _('File(s) successfully uploaded') 
         if @back_to
           redirect_to @back_to
         elsif @parent
@@ -227,7 +230,7 @@ class CmsController &lt; MyProfileController
     @article = profile.articles.find(params[:id])
     if request.post?
       @article.destroy
-      session[:notice] = _("\"#{@article.name}\" was removed.")
+      session[:notice] = _("\"%s\" was removed." % @article.name)
       referer = Rails.application.routes.recognize_path URI.parse(request.referer).path rescue nil
       if referer and referer[:controller] == 'cms' and referer[:action] != 'edit'
         redirect_to referer
@@ -20,7 +20,7 @@ class FriendsController &lt; MyProfileController
  
   class << self
     def per_page
-      10
+      12
     end
   end
   def per_page
@@ -3,7 +3,16 @@ class ProfileDesignController &lt; BoxOrganizerController
   needs_profile
  
   protect 'edit_profile_design', :profile
-  
+
+  before_filter :protect_fixed_block, :only => [:save, :move_block]
+
+  def protect_fixed_block
+    block = boxes_holder.blocks.find(params[:id].gsub(/^block-/, ''))
+    if block.fixed && !current_person.is_admin?
+      render_access_denied
+    end
+  end
+
   def available_blocks
     blocks = [ ArticleBlock, TagsBlock, RecentDocumentsBlock, ProfileInfoBlock, LinkListBlock, MyNetworkBlock, FeedReaderBlock, ProfileImageBlock, LocationBlock, SlideshowBlock, ProfileSearchBlock, HighlightsBlock ]
  
@@ -19,14 +19,16 @@ class ProfileEditorController &lt; MyProfileController
         params[:profile_data][:custom_fields] ||= {}
       end
       Profile.transaction do
-      Image.transaction do
-        if @profile_data.update_attributes(params[:profile_data])
-          redirect_to :action => 'index', :profile => profile.identifier
-        else
-          profile.identifier = params[:profile] if profile.identifier.blank?
+        Image.transaction do
+          begin
+            @plugins.dispatch(:profile_editor_transaction_extras)
+            @profile_data.update_attributes!(params[:profile_data])
+            redirect_to :action => 'index', :profile => profile.identifier
+          rescue Exception => ex
+            profile.identifier = params[:profile] if profile.identifier.blank?
+          end
         end
       end
-      end
     end
   end
  
@@ -75,10 +77,51 @@ class ProfileEditorController &lt; MyProfileController
     if request.post?
       if @profile.destroy
         session[:notice] = _('The profile was deleted.')
-        redirect_to :controller => 'home'
+        if(params[:return_to])
+          redirect_to params[:return_to]
+        else
+          redirect_to :controller => 'home'
+        end
       else
         session[:notice] = _('Could not delete profile')
       end
     end
   end
+
+  def deactivate_profile
+    if environment.admins.include?(current_person)
+      profile = environment.profiles.find(params[:id])
+      if profile.disable
+        profile.save
+        session[:notice] = _("The profile '#{profile.name}' was deactivated.")
+      else
+        session[:notice] = _('Could not deactivate profile.')
+      end
+    end
+
+    redirect_to_previous_location
+  end
+
+  def activate_profile
+    if environment.admins.include?(current_person)
+      profile = environment.profiles.find(params[:id])
+
+      if profile.enable
+        session[:notice] = _("The profile '#{profile.name}' was activated.")
+      else
+        session[:notice] = _('Could not activate the profile.')
+      end
+    end
+
+    redirect_to_previous_location
+  end
+
+  protected
+
+  def redirect_to_previous_location
+    back = request.referer
+    back = "/" if back.nil?
+
+    redirect_to back
+  end
 end
@@ -20,7 +20,7 @@ class ProfileMembersController &lt; MyProfileController
         redirect_to :action => :last_admin
       elsif @person.define_roles(@roles, profile)
         session[:notice] = _('Roles successfuly updated')
-        redirect_to :controller => 'profile_editor'
+        redirect_to :action => 'index'
       else
         session[:notice] = _('Couldn\'t change the roles')
         redirect_to :action => 'index'
@@ -104,6 +104,7 @@ class AccountController &lt; ApplicationController
       @user.return_to = session[:return_to]
       @person = Person.new(params[:profile_data])
       @person.environment = @user.environment
+
       if request.post?
         if may_be_a_bot
           set_signup_start_time_for_now
@@ -122,6 +123,14 @@ class AccountController &lt; ApplicationController
             invitation.update_attributes!({:friend => @user.person})
             invitation.finish
           end
+
+          unless params[:file].nil?
+            image = Image::new :uploaded_data=> params[:file][:image]
+
+            @user.person.image = image
+            @user.person.save
+          end
+
           if @user.activated?
             self.current_user = @user
             check_join_in_community(@user)
@@ -191,7 +200,7 @@ class AccountController &lt; ApplicationController
         else
           @change_password.errors[:base] << _('Could not find any user with %s equal to "%s".') % [fields_label, params[:value]]
         end
-      rescue ActiveRecord::RecordInvald
+      rescue ActiveRecord::RecordInvalid
         @change_password.errors[:base] << _('Could not perform password recovery for the user.')
       end
     end
@@ -19,9 +19,13 @@ class ChatController &lt; PublicController
   def avatar
     profile = environment.profiles.find_by_identifier(params[:id])
     filename, mimetype = profile_icon(profile, :minor, true)
-    data = File.read(File.join(Rails.root, 'public', filename))
-    render :text => data, :layout => false, :content_type => mimetype
-    expires_in 24.hours
+    if filename =~ /^(https?:)?\/\//
+      redirect_to filename
+    else
+      data = File.read(File.join(Rails.root, 'public', filename))
+      render :text => data, :layout => false, :content_type => mimetype
+      expires_in 24.hours
+    end
   end
  
   def index
 class ContactController < PublicController
  
-  before_filter :login_required
-
   needs_profile
  
   def new
-    @contact
+    @contact = build_contact
     if request.post? && params[:confirm] == 'true'
-      @contact = user.build_contact(profile, params[:contact])
       @contact.city = (!params[:city].blank? && City.exists?(params[:city])) ? City.find(params[:city]).name : nil
       @contact.state = (!params[:state].blank? && State.exists?(params[:state])) ? State.find(params[:state]).name : nil
       if @contact.deliver
@@ -16,8 +13,17 @@ class ContactController &lt; PublicController
       else
         session[:notice] = _('Contact not sent')
       end
+    end
+  end
+
+  protected
+
+  def build_contact
+    params[:contact] ||= {}
+    if logged_in?
+      user.build_contact profile, params[:contact]
     else
-      @contact = user.build_contact(profile)
+      Contact.new params[:contact].merge(dest: profile)
     end
   end
  
@@ -126,7 +126,7 @@ class ContentViewerController &lt; ApplicationController
     elsif !@page.display_to?(user)
       if !profile.public?
         private_profile_partial_parameters
-        render :template => 'profile/_private_profile', :status => 403
+        render :template => 'profile/_private_profile', :status => 403, :formats => [:html]
         allowed = false
       else #if !profile.visible?
         render_access_denied
@@ -216,8 +216,6 @@ class ContentViewerController &lt; ApplicationController
     if @page.has_posts?
       posts = get_posts(params[:year], params[:month])
  
-      posts = posts.includes(:parent, {:profile => [:domains, :environment]}, :author)
-
       #FIXME Need to run this before the pagination because this version of
       #      will_paginate returns a will_paginate collection instead of a
       #      relation.
@@ -17,7 +17,11 @@ class ProfileController &lt; PublicController
     end
     @tags = profile.article_tags
     unless profile.display_info_to?(user)
-      profile.visible? ? private_profile : invisible_profile
+      if profile.visible?
+        private_profile
+      else
+        invisible_profile
+      end
     end
   end
  
@@ -61,13 +65,13 @@ class ProfileController &lt; PublicController
  
   def friends
     if is_cache_expired?(profile.friends_cache_key(params))
-      @friends = profile.friends.includes(relations_to_include).paginate(:per_page => per_page, :page => params[:npage])
+      @friends = profile.friends.includes(relations_to_include).paginate(:per_page => per_page, :page => params[:npage], :total_entries => profile.friends.count)
     end
   end
  
   def members
     if is_cache_expired?(profile.members_cache_key(params))
-      @members = profile.members_by_name.includes(relations_to_include).paginate(:per_page => members_per_page, :page => params[:npage])
+      @members = profile.members_by_name.includes(relations_to_include).paginate(:per_page => members_per_page, :page => params[:npage], :total_entries => profile.members.count)
     end
   end
  
@@ -315,7 +319,7 @@ class ProfileController &lt; PublicController
         abuse_report = AbuseReport.new(params[:abuse_report])
         if !params[:content_type].blank?
           article = params[:content_type].constantize.find(params[:content_id])
-          abuse_report.content = instance_eval(&article.reported_version)
+          abuse_report.content = article_reported_version(article)
         end
  
         user.register_report(abuse_report, profile)
@@ -394,6 +398,7 @@ class ProfileController &lt; PublicController
  
   def private_profile
     private_profile_partial_parameters
+    render :action => 'index', :status => 403
   end
  
   def invisible_profile
@@ -90,10 +90,14 @@ class SearchController &lt; PublicController
   end
  
   def events
-    year = (params[:year] ? params[:year].to_i : Date.today.year)
-    month = (params[:month] ? params[:month].to_i : Date.today.month)
-    day = (params[:day] ? params[:day].to_i : Date.today.day)
-    @date = build_date(year, month, day)
+    if params[:year].blank? && params[:year].blank? && params[:day].blank?
+      @date = Date.today
+    else
+      year = (params[:year] ? params[:year].to_i : Date.today.year)
+      month = (params[:month] ? params[:month].to_i : Date.today.month)
+      day = (params[:day] ? params[:day].to_i : 1)
+      @date = build_date(year, month, day)
+    end
     date_range = (@date - 1.month).at_beginning_of_month..(@date + 1.month).at_end_of_month
  
     @events = []
@@ -304,7 +304,7 @@ module ApplicationHelper
   def partial_for_class(klass, prefix=nil, suffix=nil)
     raise ArgumentError, 'No partial for object. Is there a partial for any class in the inheritance hierarchy?' if klass.nil?
     name = klass.name.underscore
-    controller.view_paths.reverse_each do |view_path|
+    controller.view_paths.each do |view_path|
       partial = partial_for_class_in_view_path(klass, view_path, prefix, suffix)
       return partial if partial
     end
@@ -433,19 +433,19 @@ module ApplicationHelper
   end
  
   def theme_site_title
-    theme_include('site_title')
+    @theme_site_title ||= theme_include 'site_title'
   end
  
   def theme_header
-    theme_include('header')
+    @theme_header ||= theme_include 'header'
   end
  
   def theme_footer
-    theme_include('footer')
+    @theme_footer ||= theme_include 'footer'
   end
  
   def theme_extra_navigation
-    theme_include('navigation')
+    @theme_extra_navigation ||= theme_include 'navigation'
   end
  
   def is_testing_theme
@@ -482,7 +482,12 @@ module ApplicationHelper
             '/images/icons-app/enterprise-'+ size.to_s() +'.png'
           end
         else
-          '/images/icons-app/person-'+ size.to_s() +'.png'
+          pixels = Image.attachment_options[:thumbnails][size].split('x').first
+          gravatar_profile_image_url(
+            profile.email,
+            :size => pixels,
+            :d => gravatar_default
+          )
         end
       filename = default_or_themed_icon(icon)
     end
@@ -602,7 +607,7 @@ module ApplicationHelper
   end
  
   def gravatar_default
-    (respond_to?(:theme_option) && theme_option.present? && theme_option['gravatar']) || NOOSFERO_CONF['gravatar']
+    (respond_to?(:theme_option) && theme_option.present? && theme_option['gravatar']) || NOOSFERO_CONF['gravatar'] || 'mm'
   end
  
   attr_reader :environment
@@ -669,13 +674,14 @@ module ApplicationHelper
     html.join "\n"
   end
  
+  def theme_javascript_src
+    script = File.join theme_path, 'theme.js'
+    script if File.exists? File.join(Rails.root, 'public', script)
+  end
+
   def theme_javascript_ng
-    script = File.join(theme_path, 'theme.js')
-    if File.exists?(File.join(Rails.root, 'public', script))
-      javascript_include_tag script
-    else
-      nil
-    end
+    script = theme_javascript_src
+    javascript_include_tag script if script
   end
  
   def file_field_or_thumbnail(label, image, i)
@@ -856,8 +862,9 @@ module ApplicationHelper
   end
  
   def base_url
-    environment.top_url
+    environment.top_url(request.scheme)
   end
+  alias :top_url :base_url
  
   def helper_for_article(article)
     article_helper = ActionView::Base.new
@@ -902,13 +909,15 @@ module ApplicationHelper
   end
  
   def page_title
-    (@page ? @page.title + ' - ' : '') +
-    (@topic ? @topic.title + ' - ' : '') +
-    (@section ? @section.title + ' - ' : '') +
-    (@toc ? _('Online Manual') + ' - ' : '') +
-    (controller.controller_name == 'chat' ? _('Chat') + ' - ' : '') +
-    (profile ? profile.short_name : environment.name) +
-    (@category ? " - #{@category.full_name}" : '')
+    CGI.escapeHTML(
+      (@page ? @page.title + ' - ' : '') +
+      (@topic ? @topic.title + ' - ' : '') +
+      (@section ? @section.title + ' - ' : '') +
+      (@toc ? _('Online Manual') + ' - ' : '') +
+      (controller.controller_name == 'chat' ? _('Chat') + ' - ' : '') +
+      (profile ? profile.short_name : environment.name) +
+      (@category ? " - #{@category.full_name}" : '')
+    )
   end
  
   # DEPRECATED. Do not use this.
@@ -937,9 +946,9 @@ module ApplicationHelper
   # from Article model for an ArticleBlock.
   def reference_to_article(text, article, anchor=nil)
     if article.profile.domains.empty?
-      href = "/#{article.url[:profile]}/"
+      href = "#{Noosfero.root}/#{article.url[:profile]}/"
     else
-      href = "http://#{article.profile.domains.first.name}/"
+      href = "http://#{article.profile.domains.first.name}#{Noosfero.root}/"
     end
     href += article.url[:page].join('/')
     href += '#' + anchor if anchor
@@ -1280,11 +1289,13 @@ module ApplicationHelper
   end
  
   def delete_article_message(article)
-    if article.folder?
-      _("Are you sure that you want to remove the folder \"#{article.name}\"? Note that all the items inside it will also be removed!")
-    else
-      _("Are you sure that you want to remove the item \"#{article.name}\"?")
-    end
+    CGI.escapeHTML(
+      if article.folder?
+        _("Are you sure that you want to remove the folder \"%s\"? Note that all the items inside it will also be removed!") % article.name
+      else
+        _("Are you sure that you want to remove the item \"%s\"?") % article.name
+      end
+    )
   end
  
   def expirable_link_to(expired, content, url, options = {})
@@ -1301,7 +1312,7 @@ module ApplicationHelper
   end
  
   def template_options(kind, field_name)
-    templates = environment.send(kind).templates.order('name')
+    templates = environment.send(kind).templates
     return '' if templates.count == 0
     if templates.count == 1
       if templates.first.custom_fields == {}
@@ -1315,10 +1326,16 @@ module ApplicationHelper
         content_tag('div', custom_fields)
       end
     else
-      options = options_for_select(templates.collect{ |template| [template.name, template.id]})
-      content_tag('div',
-        content_tag('div', content_tag('label', _('Profile organization'), :class => 'formlabel') + (select_tag 'profile_data[template_id]', options, :onchange => 'show_fields_for_template(this);')),
-        :id => 'template-options')
+      radios = templates.map do |template|
+        content_tag('li', labelled_radio_button(link_to(template.name, template.url, :target => '_blank'), "#{field_name}[template_id]", template.id, environment.is_default_template?(template)))
+      end.join("\n")
+
+      content_tag('div', content_tag('label', _('Profile organization'), :for => 'template-options', :class => 'formlabel') +
+        content_tag('p', _('Your profile will be created according to the selected template. Click on the options to view them.'), :style => 'margin: 5px 15px;padding: 0px 10px;') +
+        content_tag('ul', radios, :style => 'list-style: none; padding-left: 20px; margin-top: 0.5em;'),
+        :id => 'template-options',
+        :style => 'margin-top: 1em'
+      )
     end
   end
  
@@ -1375,7 +1392,7 @@ module ApplicationHelper
       #     are old things that do not support it we are keeping this hot spot.
       html = @plugins.pipeline(:parse_content, html, source).first
     end
-    html
+    html && html.html_safe
   end
  
   def convert_macro(html, source)
@@ -3,6 +3,12 @@ module ArticleHelper
   include PrototypeHelper
   include TokenHelper
  
+  def article_reported_version(article)
+    search_path = Rails.root.join('app', 'views', 'shared', 'reported_versions')
+    partial_path = File.join('shared', 'reported_versions', 'profile', partial_for_class_in_view_path(article.class, search_path))
+    render_to_string(:partial => partial_path, :locals => {:article => article})
+  end
+
   def custom_options_for_article(article, tokenized_children)
     @article = article
  
@@ -71,12 +77,59 @@ module ArticleHelper
       content_tag('div',
         radio_button(:article, :published, false) +
           content_tag('label', _('Private'), :for => 'article_published_false', :id => "label_private")
-       ) +
-      (article.profile.community? ? content_tag('div',
-        content_tag('label', _('Fill in the search field to add the exception users to see this content'), :id => "text-input-search-exception-users") +
-        token_input_field_tag(:q, 'search-article-privacy-exceptions', {:action => 'search_article_privacy_exceptions'},
-          {:focus => false, :hint_text => _('Type in a search term for a user'), :pre_populate => tokenized_children})) :
-          ''))
+      ) +
+      privacity_exceptions(article, tokenized_children)
+    )
+  end
+
+  def privacity_exceptions(article, tokenized_children)
+    content_tag('div',
+      content_tag('div',
+        (
+          if article.profile
+            add_option_to_followers(article, tokenized_children)
+          else
+            ''
+          end
+        )
+      ),
+      :style => "margin-left:10px"
+    )
+  end
+
+  def add_option_to_followers(article, tokenized_children)
+    label_message = article.profile.organization? ? _('For all community members') : _('For all your friends')
+
+    check_box(
+      :article,
+      :show_to_followers,
+      {:class => "custom_privacy_option"}
+    ) +
+    content_tag(
+      'label',
+      label_message,
+      :for => 'article_show_to_followers',
+      :id => 'label_show_to_followers'
+    ) +
+    (article.profile.community? ?
+      content_tag(
+        'div',
+        content_tag(
+          'label',
+          _('Fill in the search field to add the exception users to see this content'),
+          :id => "text-input-search-exception-users"
+        ) +
+        token_input_field_tag(
+          :q,
+          'search-article-privacy-exceptions',
+          {:action => 'search_article_privacy_exceptions'},
+          {
+            :focus => false,
+            :hint_text => _('Type in a search term for a user'),
+            :pre_populate => tokenized_children
+          }
+        )
+      ) : '')
   end
  
   def prepare_to_token_input(array)
@@ -170,49 +170,54 @@ module BoxesHelper
       else
         "before-block-#{block.id}"
       end
-
-    content_tag('div', '&nbsp;', :id => id, :class => 'block-target' ) + drop_receiving_element(id, :url => { :action => 'move_block', :target => id }, :accept => box.acceptable_blocks, :hoverclass => 'block-target-hover')
+    if block.nil? or modifiable?(block)
+      content_tag('div', '&nbsp;', :id => id, :class => 'block-target' ) + drop_receiving_element(id, :url => { :action => 'move_block', :target => id }, :accept => box.acceptable_blocks, :hoverclass => 'block-target-hover')
+    else
+      ""
+    end
   end
  
   # makes the given block draggable so it can be moved away.
   def block_handle(block)
-    draggable_element("block-#{block.id}", :revert => true)
+    modifiable?(block) ? draggable_element("block-#{block.id}", :revert => true) : ""
   end
  
   def block_edit_buttons(block)
     buttons = []
     nowhere = 'javascript: return false;'
  
-    if block.first?
-      buttons << icon_button('up-disabled', _("Can't move up anymore."), nowhere)
-    else
-      buttons << icon_button('up', _('Move block up'), { :action => 'move_block_up', :id => block.id }, { :method => 'post' })
-    end
+    if modifiable?(block)
+      if block.first?
+        buttons << icon_button('up-disabled', _("Can't move up anymore."), nowhere)
+      else
+        buttons << icon_button('up', _('Move block up'), { :action => 'move_block_up', :id => block.id }, { :method => 'post' })
+      end
  
-    if block.last?
-      buttons << icon_button('down-disabled', _("Can't move down anymore."), nowhere)
-    else
-      buttons << icon_button(:down, _('Move block down'), { :action => 'move_block_down' ,:id => block.id }, { :method => 'post'})
-    end
+      if block.last?
+        buttons << icon_button('down-disabled', _("Can't move down anymore."), nowhere)
+      else
+        buttons << icon_button(:down, _('Move block down'), { :action => 'move_block_down' ,:id => block.id }, { :method => 'post'})
+      end
  
-    holder = block.owner
-    # move to opposite side
-    # FIXME too much hardcoded stuff
-    if holder.layout_template == 'default'
-      if block.box.position == 2 # area 2, left side => move to right side
-        buttons << icon_button('right', _('Move to the opposite side'), { :action => 'move_block', :target => 'end-of-box-' + holder.boxes[2].id.to_s, :id => block.id }, :method => 'post' )
-      elsif block.box.position == 3 # area 3, right side => move to left side
-        buttons << icon_button('left', _('Move to the opposite side'), { :action => 'move_block', :target => 'end-of-box-' + holder.boxes[1].id.to_s, :id => block.id }, :method => 'post' )
+      holder = block.owner
+      # move to opposite side
+      # FIXME too much hardcoded stuff
+      if holder.layout_template == 'default'
+        if block.box.position == 2 # area 2, left side => move to right side
+          buttons << icon_button('right', _('Move to the opposite side'), { :action => 'move_block', :target => 'end-of-box-' + holder.boxes[2].id.to_s, :id => block.id }, :method => 'post' )
+        elsif block.box.position == 3 # area 3, right side => move to left side
+          buttons << icon_button('left', _('Move to the opposite side'), { :action => 'move_block', :target => 'end-of-box-' + holder.boxes[1].id.to_s, :id => block.id }, :method => 'post' )
+        end
       end
-    end
  
-    if block.editable?
-      buttons << colorbox_icon_button(:edit, _('Edit'), { :action => 'edit', :id => block.id })
-    end
+      if block.editable?
+        buttons << colorbox_icon_button(:edit, _('Edit'), { :action => 'edit', :id => block.id })
+      end
  
-    if !block.main?
-      buttons << icon_button(:delete, _('Remove block'), { :action => 'remove', :id => block.id }, { :method => 'post', :confirm => _('Are you sure you want to remove this block?')})
-      buttons << icon_button(:clone, _('Clone'), { :action => 'clone_block', :id => block.id }, { :method => 'post' })
+      if !block.main?
+        buttons << icon_button(:delete, _('Remove block'), { :action => 'remove', :id => block.id }, { :method => 'post', :confirm => _('Are you sure you want to remove this block?')})
+        buttons << icon_button(:clone, _('Clone'), { :action => 'clone_block', :id => block.id }, { :method => 'post' })
+      end
     end
  
     if block.respond_to?(:help)
@@ -248,5 +253,7 @@ module BoxesHelper
     classes
   end
  
-
+  def modifiable?(block)
+    return !block.fixed || environment.admins.include?(user)
+  end
 end
@@ -10,7 +10,7 @@ module ContentViewerHelper
   end
  
   def number_of_comments(article)
-    display_number_of_comments(article.comments_count - article.spam_comments_count)
+    display_number_of_comments(article.comments_count - article.spam_comments_count.to_i)
   end
  
   def article_title(article, args = {})
@@ -45,7 +45,7 @@ module ContentViewerHelper
         { article.environment.locales[translation.language] => { :href => url_for(translation.url) } }
       end
       content_tag(:div, link_to(_('Translations'), '#',
-                                :onmouseover => "toggleSubmenu(this, '#{_('Translations')}', #{links.to_json}); return false",
+                                :onmouseover => "toggleSubmenu(this, '#{_('Translations')}', #{CGI::escape_html(links.to_json)}); return false",
                                 :class => 'article-translations-menu simplemenu-trigger up'),
                   :class => 'article-translations')
     end
@@ -2,12 +2,31 @@ module LayoutHelper
  
   def body_classes
     # Identify the current controller and action for the CSS:
+    (logged_in? ? " logged-in" : "") +
     " controller-#{controller.controller_name}" +
     " action-#{controller.controller_name}-#{controller.action_name}" +
     " template-#{@layout_template || if profile.blank? then 'default' else profile.layout_template end}" +
     (!profile.nil? && profile.is_on_homepage?(request.path,@page) ? " profile-homepage" : "")
   end
  
+  def html_tag_classes
+    [
+      body_classes, (
+        profile.blank? ? nil : [
+          'profile-type-is-' + profile.class.name.downcase,
+          'profile-name-is-' + profile.identifier,
+        ]
+      ), 'theme-' + current_theme,
+      @plugins.dispatch(:html_tag_classes).map do |content|
+        if content.respond_to?(:call)
+          instance_exec(&content)
+        else
+          content.html_safe
+        end
+      end
+    ].flatten.compact.join(' ')
+  end
+
   def noosfero_javascript
     plugins_javascripts = @plugins.map { |plugin| [plugin.js_files].flatten.map { |js| plugin.class.public_path(js) } }.flatten
  
@@ -17,6 +36,8 @@ module LayoutHelper
     unless plugins_javascripts.empty?
       output += javascript_include_tag plugins_javascripts, :cache => "cache/plugins-#{Digest::MD5.hexdigest plugins_javascripts.to_s}"
     end
+    output += theme_javascript_ng.to_s
+
     output
   end
  
@@ -84,6 +105,10 @@ module LayoutHelper
     theme_path + '/style.css'
   end
  
+  def layout_template
+    if profile then profile.layout_template else environment.layout_template end
+  end
+
   def addthis_javascript
     if NOOSFERO_CONF['addthis_enabled']
       '<script src="https://s7.addthis.com/js/152/addthis_widget.js"></script>'
@@ -91,7 +116,7 @@ module LayoutHelper
   end
  
   def meta_description_tag(article=nil)
-    article ? truncate(strip_tags(article.body.to_s), :length => 200) : environment.name
+    article ? CGI.escapeHTML(truncate(strip_tags(article.body.to_s), :length => 200)) : environment.name
   end
 end
  
@@ -1,15 +0,0 @@
-module PersonNotifierHelper
-
-  include ApplicationHelper
-
-  private
-
-  def path_to_image(source)
-    top_url + source
-  end
-
-  def top_url
-    top_url = @profile.environment ? @profile.environment.top_url : ''
-  end
-
-end
 module ProfileHelper
  
-  def display_field(title, profile, field, force = false)
+  COMMON_CATEGORIES = ActiveSupport::OrderedHash.new
+  COMMON_CATEGORIES[:content] = [:blogs, :image_galleries, :events, :article_tags]
+  COMMON_CATEGORIES[:interests] = [:interests]
+  COMMON_CATEGORIES[:general] = nil
+
+  PERSON_CATEGORIES = ActiveSupport::OrderedHash.new
+  PERSON_CATEGORIES[:basic_information] = [:nickname, :sex, :birth_date, :location, :privacy_setting, :created_at]
+  PERSON_CATEGORIES[:contact] = [:contact_phone, :cell_phone, :comercial_phone, :contact_information, :email, :personal_website, :jabber_id]
+  PERSON_CATEGORIES[:location] = [:address, :address_reference, :zip_code, :city, :state, :district, :country, :nationality]
+  PERSON_CATEGORIES[:work] = [:organization, :organization_website, :professional_activity]
+  PERSON_CATEGORIES[:study] = [:schooling, :formation, :area_of_study]
+  PERSON_CATEGORIES[:network] = [:friends, :communities, :enterprises]
+  PERSON_CATEGORIES.merge!(COMMON_CATEGORIES)
+
+  ORGANIZATION_CATEGORIES = ActiveSupport::OrderedHash.new
+  ORGANIZATION_CATEGORIES[:basic_information] = [:display_name, :created_at, :foundation_year, :type, :language, :members_count, :location, :address_reference, :historic_and_current_context, :admins]
+  ORGANIZATION_CATEGORIES[:contact] = [:contact_person, :contact_phone, :contact_email, :organization_website, :jabber_id]
+  ORGANIZATION_CATEGORIES[:economic] = [:business_name, :acronym, :economic_activity, :legal_form, :products, :activities_short_description, :management_information]
+  ORGANIZATION_CATEGORIES.merge!(COMMON_CATEGORIES)
+
+  CATEGORY_MAP = ActiveSupport::OrderedHash.new
+  CATEGORY_MAP[:person] = PERSON_CATEGORIES
+  CATEGORY_MAP[:organization] = ORGANIZATION_CATEGORIES
+
+  FORCE = {
+    :person => [:privacy_setting],
+    :organization => [:privacy_setting, :location],
+  }
+
+  MULTIPLE = {
+    :person => [:blogs, :image_galleries, :interests],
+    :organization => [:blogs, :image_galleries, :interests],
+  }
+
+  CUSTOM_LABELS = {
+    :zip_code => _('ZIP code'),
+    :email => _('e-Mail'),
+    :jabber_id => _('Jabber'),
+    :birth_date => _('Date of birth'),
+    :created_at => _('Profile created at'),
+    :members_count => _('Members'),
+    :privacy_setting => _('Privacy setting'),
+    :article_tags => _('Tags')
+  }
+
+  EXCEPTION = {
+    :person => [:image, :preferred_domain, :description, :tag_list],
+    :organization => [:image, :preferred_domain, :description, :tag_list, :address, :zip_code, :city, :state, :country, :district]
+  }
+
+  def general_fields
+    categorized_fields = CATEGORY_MAP[kind].values.flatten
+    profile.class.fields.map(&:to_sym) - categorized_fields - EXCEPTION[kind]
+  end
+
+  def kind
+    if profile.kind_of?(Person)
+      :person
+    else
+      :organization
+    end
+  end
+
+  def title(field, entry = nil)
+    return self.send("#{field}_custom_title", entry) if MULTIPLE[kind].include?(field) && entry.present?
+    CUSTOM_LABELS[field.to_sym] || _(field.to_s.humanize)
+  end
+
+  def display_field(field)
+    force = FORCE[kind].include?(field)
+    multiple = MULTIPLE[kind].include?(field)
     unless force || profile.may_display_field_to?(field, user)
       return ''
     end
-    value = profile.send(field)
-    if !value.blank?
-      if block_given?
-        value = yield(value)
-      end
-      content_tag('tr', content_tag('td', title, :class => 'field-name') + content_tag('td', value))
+    value = begin profile.send(field) rescue nil end
+    return '' if value.blank?
+    if value.kind_of?(Hash)
+      content = self.send("treat_#{field}", value)
+      content_tag('tr', content_tag('td', title(field), :class => 'field-name') + content_tag('td', content))
     else
-      ''
+      entries = multiple ? value : [] << value
+      entries.map do |entry|
+        content = self.send("treat_#{field}", entry)
+        unless content.blank?
+          content_tag('tr', content_tag('td', title(field, entry), :class => 'field-name') + content_tag('td', content))
+        end
+      end.join("\n")
     end
   end
  
-  def display_contact(profile)
-    fields = []
-    fields << display_field(_('Address:'), profile, :address).html_safe
-    fields << display_field(_('ZIP code:'), profile, :zip_code).html_safe
-    fields << display_field(_('Contact phone:'), profile, :contact_phone).html_safe
-    fields << display_field(_('e-Mail:'), profile, :email) { |email| link_to_email(email) }.html_safe
-    fields << display_field(_('Personal website:'), profile, :personal_website).html_safe
-    fields << display_field(_('Jabber:'), profile, :jabber_id).html_safe
-    if fields.reject!(&:blank?).empty?
-      ''
-    else
-      content_tag('tr', content_tag('th', _('Contact'), { :colspan => 2 })) + fields.join.html_safe
+  def treat_email(email)
+    link_to_email(email)
+  end
+
+  def treat_organization_website(url)
+    link_to(url, url)
+  end
+
+  def treat_sex(gender)
+    { 'male' => _('Male'), 'female' => _('Female') }[gender]
+  end
+
+  def treat_date(date)
+    show_date(date.to_date)
+  end
+  alias :treat_birth_date :treat_date
+  alias :treat_created_at :treat_date
+
+  def treat_friends(friends)
+     link_to friends.count, :controller => 'profile', :action => 'friends'
+  end
+
+  def treat_communities(communities)
+    link_to communities.count, :controller => "profile", :action => 'communities'
+  end
+
+  def treat_enterprises(enterprises)
+    if environment.disabled?('disable_asset_enterprises')
+      link_to enterprises.count, :controller => "profile", :action => 'enterprises'
+    end
+  end
+
+  def treat_members_count(count)
+    link_to count, :controller => 'profile', :action => 'members'
+  end
+
+  def treat_products(products)
+    if profile.kind_of?(Enterprise) && profile.environment.enabled?('products_for_enterprises')
+      link_to _('Products/Services'), :controller => 'catalog', :action => 'index'
     end
   end
  
-  def display_work_info(profile)
-    organization = display_field(_('Organization:'), profile, :organization)
-    organization_site = display_field(_('Organization website:'), profile, :organization_website) { |url| link_to(url, url) }
-    if organization.blank? && organization_site.blank?
-      ''
+  def treat_admins(admins)
+    profile.admins.map { |admin| link_to(admin.short_name, admin.url)}.join(', ')
+  end
+
+  def treat_blogs(blog)
+    link_to(n_('One post', '%{num} posts', blog.posts.published.count) % { :num => blog.posts.published.count }, blog.url)
+  end
+
+  def treat_image_galleries(gallery)
+    link_to(n_('One picture', '%{num} pictures', gallery.images.published.count) % { :num => gallery.images.published.count }, gallery.url)
+  end
+
+  def treat_events(events)
+    link_to events.published.count, :controller => 'events', :action => 'events'
+  end
+
+  def treat_article_tags(tags)
+    tag_cloud @tags, :id, { :action => 'tags' }, :max_size => 18, :min_size => 10
+  end
+
+  def treat_interests(interest)
+    link_to interest.name, :controller => 'search', :action => 'category_index', :category_path => interest.explode_path
+  end
+
+  def article_custom_title(article)
+    article.name
+  end
+  alias :blogs_custom_title :article_custom_title
+  alias :image_galleries_custom_title :article_custom_title
+
+  def interests_custom_title(interest)
+    ''
+  end
+
+  def method_missing(method, *args, &block)
+    if method.to_s =~ /^treat_(.+)$/
+      args[0]
+    elsif method.to_s =~ /^display_(.+)$/ && CATEGORY_MAP[kind].has_key?($1.to_sym)
+      category = $1.to_sym
+      fields = category == :general ? general_fields : CATEGORY_MAP[kind][category]
+      contents = []
+
+      fields.each do |field|
+        contents << display_field(field).html_safe
+      end
+
+      contents = contents.delete_if(&:blank?)
+
+      unless contents.empty?
+        content_tag('tr', content_tag('th', title(category), { :colspan => 2 })) + contents.join.html_safe
+      else
+        ''
+      end
     else
-      content_tag('tr', content_tag('th', _('Work'), { :colspan => 2 })) + organization + organization_site
+      super
     end
   end
  
 module RoleHelper
+
+  def role_available_permissions(role)
+    role.kind == "Environment" ? ['Environment', 'Profile'] : [role.kind]
+  end
+
 end
@@ -21,6 +21,12 @@ module SearchHelper
     'more_comments' => _('More comments')
   }
  
+  COMMON_PROFILE_LIST_BLOCK = [
+    :enterprises,
+    :people,
+    :communities
+  ]
+
   # FIXME remove it after search_controler refactored
   include EventsHelper
  
@@ -94,7 +100,7 @@ module SearchHelper
       compact_link = display?(asset, :compact) ? (display == 'compact' ? _('Compact') : link_to(_('Compact'), params.merge(:display => 'compact'))) : nil
       map_link = display?(asset, :map) ? (display == 'map' ? _('Map') : link_to(_('Map'), params.merge(:display => 'map'))) : nil
       full_link = display?(asset, :full) ? (display == 'full' ? _('Full') : link_to(_('Full'), params.merge(:display => 'full'))) : nil
-      content_tag('div', 
+      content_tag('div',
         content_tag('strong', _('Display')) + ': ' + [compact_link, map_link, full_link].compact.join(' | ').html_safe,
         :class => 'search-customize-options'
       )
@@ -56,12 +56,12 @@ module SweeperHelper
     if profile
       profile.blocks.each {|block|
         conditions = block.class.expire_on
-        blocks_to_expire << block unless (conditions[:profile] & causes).empty?
+        blocks_to_expire << block unless (conditions[:profile] & causes).blank?
       }
     end
     environment.blocks.each {|block|
       conditions = block.class.expire_on
-      blocks_to_expire << block unless (conditions[:environment] & causes).empty?
+      blocks_to_expire << block unless (conditions[:environment] & causes).blank?
     }
  
     blocks_to_expire.uniq!
@@ -0,0 +1,51 @@
+module TinymceHelper
+  include MacrosHelper
+
+  def tinymce_js
+    output = ''
+    output += javascript_include_tag 'tinymce/js/tinymce/tinymce.min.js'
+    output += javascript_include_tag 'tinymce/js/tinymce/jquery.tinymce.min.js'
+    output += javascript_include_tag 'tinymce.js'
+    output += include_macro_js_files.to_s
+    output
+  end
+
+  def tinymce_init_js options = {}
+    options.merge! :document_base_url => top_url,
+      :content_css => "/stylesheets/tinymce.css,#{macro_css_files}",
+      :plugins => %w[compat3x advlist autolink lists link image charmap print preview hr anchor pagebreak
+        searchreplace wordcount visualblocks visualchars code fullscreen
+        insertdatetime media nonbreaking save table contextmenu directionality
+        emoticons template paste textcolor colorpicker textpattern],
+      :language => tinymce_language
+
+    options[:toolbar1] = "insertfile undo redo | copy paste | bold italic underline | styleselect fontsizeselect | forecolor backcolor | alignleft aligncenter alignright alignjustify | bullist numlist outdent indent | link image"
+    if options[:mode] == 'simple'
+      options[:menubar] = false
+    else
+      options[:menubar] = 'edit insert view tools'
+      options[:toolbar2] = 'print preview code media | table'
+
+      options[:toolbar2] += ' | macros'
+      macros_with_buttons.each do |macro|
+        options[:toolbar2] += " #{macro.identifier}"
+      end
+    end
+
+    options[:macros_setup] = macros_with_buttons.map do |macro|
+      <<-EOS
+        ed.addButton('#{macro.identifier}', {
+          title: #{macro_title(macro).to_json},
+          onclick: #{generate_macro_config_dialog macro},
+          image : '#{macro.configuration[:icon_path]}'
+        });
+      EOS
+    end
+
+    #cleanup non tinymce options
+    options = options.except :mode
+
+    "noosfero.tinymce.init(#{options.to_json})"
+  end
+
+end
@@ -2,7 +2,14 @@ require &#39;hpricot&#39;
  
 class Article < ActiveRecord::Base
  
-  attr_accessible :name, :body, :abstract, :profile, :tag_list, :parent, :allow_members_to_edit, :translation_of_id, :language, :license_id, :parent_id, :display_posts_in_current_language, :category_ids, :posts_per_page, :moderate_comments, :accept_comments, :feed, :published, :source, :highlighted, :notify_comments, :display_hits, :slug, :external_feed_builder, :display_versions, :external_link, :image_builder
+  attr_accessible :name, :body, :abstract, :profile, :tag_list, :parent,
+                  :allow_members_to_edit, :translation_of_id, :language,
+                  :license_id, :parent_id, :display_posts_in_current_language,
+                  :category_ids, :posts_per_page, :moderate_comments,
+                  :accept_comments, :feed, :published, :source,
+                  :highlighted, :notify_comments, :display_hits, :slug,
+                  :external_feed_builder, :display_versions, :external_link,
+                  :image_builder, :show_to_followers
  
   acts_as_having_image
  
@@ -157,14 +164,17 @@ class Article &lt; ActiveRecord::Base
     self.profile
   end
  
-  def self.human_attribute_name(attrib, options = {})
+  def self.human_attribute_name_with_customization(attrib, options={})
     case attrib.to_sym
     when :name
       _('Title')
     else
-      _(self.superclass.human_attribute_name(attrib))
+      _(self.human_attribute_name_without_customization(attrib))
     end
   end
+  class << self
+    alias_method_chain :human_attribute_name, :customization
+  end
  
   def css_class_list
     [self.class.name.to_css_class]
@@ -282,13 +292,6 @@ class Article &lt; ActiveRecord::Base
     end
   end
  
-  def reported_version(options = {})
-    article = self
-    search_path = Rails.root.join('app', 'views', 'shared', 'reported_versions')
-    partial_path = File.join('shared', 'reported_versions', partial_for_class_in_view_path(article.class, search_path))
-    lambda { render_to_string(:partial => partial_path, :locals => {:article => article}) }
-  end
-
   # returns the data of the article. Must be overriden in each subclass to
   # provide the correct content for the article.
   def data
@@ -337,7 +340,7 @@ class Article &lt; ActiveRecord::Base
   def belongs_to_blog?
     self.parent and self.parent.blog?
   end
-  
+
   def belongs_to_forum?
     self.parent and self.parent.forum?
   end
@@ -449,6 +452,7 @@ class Article &lt; ActiveRecord::Base
       if self.parent && !self.parent.published?
         return false
       end
+
       true
     else
       false
@@ -480,14 +484,17 @@ class Article &lt; ActiveRecord::Base
     {:conditions => ["  articles.published = ? OR
                         articles.last_changed_by_id = ? OR
                         articles.profile_id = ? OR
-                        ?",
-                        true, user.id, user.id, user.has_permission?(:view_private_content, profile)] }
+                        ? OR  articles.show_to_followers = ? AND ?",
+                        true, user.id, user.id, user.has_permission?(:view_private_content, profile),
+                        true, user.follows?(profile)]}
   end
  
+
   def display_unpublished_article_to?(user)
     user == author || allow_view_private_content?(user) || user == profile ||
     user.is_admin?(profile.environment) || user.is_admin?(profile) ||
-    article_privacy_exceptions.include?(user)
+    article_privacy_exceptions.include?(user) ||
+    (self.show_to_followers && user.follows?(profile))
   end
  
   def display_to?(user = nil)
 class Block < ActiveRecord::Base
  
-  attr_accessible :title, :display, :limit, :box_id, :posts_per_page, :visualization_format, :language, :display_user, :box
+  attr_accessible :title, :display, :limit, :box_id, :posts_per_page, :visualization_format, :language, :display_user, :box, :fixed
  
   # to be able to generate HTML
   include ActionView::Helpers::UrlHelper
@@ -64,7 +64,7 @@ class Block &lt; ActiveRecord::Base
   end
  
   def display_to_user?(user)
-    display_user == 'all' || (user.nil? && display_user == 'not_logged') || (user && display_user == 'logged')
+    display_user == 'all' || (user.nil? && display_user == 'not_logged') || (user && display_user == 'logged') || (user && display_user == 'followers' && user.follows?(owner))
   end
  
   def display_always(context)
@@ -75,7 +75,7 @@ class Block &lt; ActiveRecord::Base
     if context[:article]
       return context[:article] == owner.home_page
     else
-      return context[:request_path] == '/'
+      return home_page_path?(context[:request_path])
     end
   end
  
@@ -83,7 +83,7 @@ class Block &lt; ActiveRecord::Base
     if context[:article]
       return context[:article] != owner.home_page
     else
-      return context[:request_path] != '/' + (owner.kind_of?(Profile) ? owner.identifier : '')
+      return !home_page_path?(context[:request_path])
     end
   end
  
@@ -110,11 +110,14 @@ class Block &lt; ActiveRecord::Base
   # * <tt>'all'</tt>: the block is always displayed
   settings_items :language, :type => :string, :default => 'all'
  
+  # The block can be configured to be fixed. Only can be edited by environment admins
+  settings_items :fixed, :type => :boolean, :default => false
+
   # returns the description of the block, used when the user sees a list of
   # blocks to choose one to include in the design.
   #
   # Must be redefined in subclasses to match the description of each block
-  # type. 
+  # type.
   def self.description
     '(dummy)'
   end
@@ -124,13 +127,13 @@ class Block &lt; ActiveRecord::Base
   # This method can return several types of objects:
   #
   # * <tt>String</tt>: if the string starts with <tt>http://</tt> or <tt>https://</tt>, then it is assumed to be address of an IFRAME. Otherwise it's is used as regular HTML.
-  # * <tt>Hash</tt>: the hash is used to build an URL that is used as the address for a IFRAME. 
+  # * <tt>Hash</tt>: the hash is used to build an URL that is used as the address for a IFRAME.
   # * <tt>Proc</tt>: the Proc is evaluated in the scope of BoxesHelper. The
   # block can then use <tt>render</tt>, <tt>link_to</tt>, etc.
   #
   # The method can also return <tt>nil</tt>, which means "no content".
   #
-  # See BoxesHelper#extract_block_content for implementation details. 
+  # See BoxesHelper#extract_block_content for implementation details.
   def content(args={})
     "This is block number %d" % self.id
   end
@@ -192,7 +195,7 @@ class Block &lt; ActiveRecord::Base
  
   # Override in your subclasses.
   # Define which events and context should cause the block cache to expire
-  # Possible events are: :article, :profile, :friendship, :category
+  # Possible events are: :article, :profile, :friendship, :category, :role_assignment
   # Possible contexts are: :profile, :environment
   def self.expire_on
     {
@@ -221,6 +224,7 @@ class Block &lt; ActiveRecord::Base
       'all'            => _('All users'),
       'logged'         => _('Logged'),
       'not_logged'     => _('Not logged'),
+      'followers'      => owner.class != Environment && owner.organization? ? _('Members') : _('Friends')
     }
   end
  
@@ -234,4 +238,26 @@ class Block &lt; ActiveRecord::Base
     duplicated_block
   end
  
+  def copy_from(block)
+    self.settings = block.settings
+    self.position = block.position
+  end
+
+  private
+
+  def home_page_path
+    home_page_url = Noosfero.root('/')
+
+    if owner.kind_of?(Profile)
+      home_page_url += "profile/" if owner.home_page.nil?
+      home_page_url += owner.identifier
+    end
+
+    return home_page_url
+  end
+
+  def home_page_path? path
+    return path == home_page_path || path == (home_page_path + '/')
+  end
+
 end
@@ -53,7 +53,7 @@ class Blog &lt; Folder
   def prepare_external_feed
     unless self.external_feed_data.nil?
       if self.external_feed(true) && self.external_feed.id == self.external_feed_data[:id].to_i
-        self.external_feed.attributes = self.external_feed_data
+        self.external_feed.attributes = self.external_feed_data.except(:id)
       else
         self.build_external_feed(self.external_feed_data, :without_protection => true)
       end
@@ -2,16 +2,19 @@ class ChangePassword &lt; Task
  
   attr_accessor :password, :password_confirmation
  
-  def self.human_attribute_name(attrib, options = {})
+  def self.human_attribute_name_with_customization(attrib, options={})
     case attrib.to_sym
     when :password
       _('Password')
     when :password_confirmation
       _('Password Confirmation')
     else
-      _(self.superclass.human_attribute_name(attrib))
+      _(self.human_attribute_name_without_customization(attrib))
     end
   end
+  class << self
+    alias_method_chain :human_attribute_name, :customization
+  end
  
   validates_presence_of :requestor
  
@@ -50,16 +50,6 @@ class Community &lt; Organization
     super + FIELDS
   end
  
-  validate :presence_of_required_fieds
-
-  def presence_of_required_fieds
-    self.required_fields.each do |field|
-      if self.send(field).blank?
-        self.errors.add_on_blank(field)
-      end
-    end
-  end
-
   def active_fields
     environment ? environment.active_community_fields : []
   end
@@ -78,7 +68,7 @@ class Community &lt; Organization
   end
  
   def default_template
-    environment.community_template
+    environment.community_default_template
   end
  
   def news(limit = 30, highlight = false)
@@ -92,4 +92,11 @@ class Domain &lt; ActiveRecord::Base
     @hosting = {}
   end
  
+  # Detects a domain's custom text domain chain if available based on a domain
+  # served on multitenancy configuration or a registered domain.
+  def self.custom_locale(domainname)
+    domain = Noosfero::MultiTenancy.mapping[domainname] || domainname[/(.*?)\./,1]
+    FastGettext.translation_repositories.keys.include?(domain) ? domain : FastGettext.default_text_domain
+  end
+
 end
@@ -59,16 +59,6 @@ class Enterprise &lt; Organization
     super + FIELDS
   end
  
-  validate :presence_of_required_fieds
-
-  def presence_of_required_fieds
-    self.required_fields.each do |field|
-      if self.send(field).blank?
-        self.errors.add_on_blank(field)
-      end
-    end
-  end
-
   def active_fields
     environment ? environment.active_enterprise_fields : []
   end
@@ -107,7 +97,12 @@ class Enterprise &lt; Organization
     self.tasks.where(:type => 'EnterpriseActivation').first
   end
  
-  def enable(owner)
+  def enable(owner = nil)
+    if owner.nil?
+      self.visible = true
+      return self.save
+    end
+
     return if enabled
     # must be set first for the following to work
     self.enabled = true
@@ -169,7 +164,7 @@ class Enterprise &lt; Organization
   end
  
   def default_template
-    environment.enterprise_template
+    environment.enterprise_default_template
   end
  
   def template_with_inactive_enterprise
@@ -283,6 +283,7 @@ class Environment &lt; ActiveRecord::Base
     www.flickr.com
     www.gmodules.com
     www.youtube.com
+    openstreetmap.org
   ] + ('a' .. 'z').map{|i| "#{i}.yimg.com"}
  
   settings_items :enabled_plugins, :type => Array, :default => Noosfero::Plugin.available_plugin_names
@@ -656,10 +657,11 @@ class Environment &lt; ActiveRecord::Base
     { :controller => 'admin_panel', :action => 'index' }
   end
  
-  def top_url
-    url = 'http://'
+  def top_url(scheme = 'http')
+    url = scheme + '://'
     url << (Noosfero.url_options.key?(:host) ? Noosfero.url_options[:host] : default_hostname)
     url << ':' << Noosfero.url_options[:port].to_s if Noosfero.url_options.key?(:port)
+    url << Noosfero.root('')
     url
   end
  
@@ -727,31 +729,50 @@ class Environment &lt; ActiveRecord::Base
     ]
   end
  
-  def community_template
+  def is_default_template?(template)
+    is_default = template == community_default_template 
+    is_default = is_default || template == person_default_template 
+    is_default = is_default || template == enterprise_default_template
+    is_default
+  end
+
+  def community_templates
+    self.communities.templates
+  end
+
+  def community_default_template
     template = Community.find_by_id settings[:community_template_id]
-    template if template && template.is_template
+    template if template && template.is_template?
+  end
+
+  def community_default_template=(value)
+    settings[:community_template_id] = value.kind_of?(Community) ? value.id : value
   end
  
-  def community_template=(value)
-    settings[:community_template_id] = value.id
+  def person_templates
+    self.people.templates
   end
  
-  def person_template
+  def person_default_template
     template = Person.find_by_id settings[:person_template_id]
-    template if template && template.is_template
+    template if template && template.is_template?
+  end
+
+  def person_default_template=(value)
+    settings[:person_template_id] = value.kind_of?(Person) ? value.id : value
   end
  
-  def person_template=(value)
-    settings[:person_template_id] = value.id
+  def enterprise_templates
+    self.enterprises.templates
   end
  
-  def enterprise_template
+  def enterprise_default_template
     template = Enterprise.find_by_id settings[:enterprise_template_id]
-    template if template && template.is_template
+    template if template && template.is_template?
   end
  
-  def enterprise_template=(value)
-    settings[:enterprise_template_id] = value.id
+  def enterprise_default_template=(value)
+    settings[:enterprise_template_id] = value.kind_of?(Enterprise) ? value.id : value
   end
  
   def inactive_enterprise_template
@@ -804,7 +825,7 @@ class Environment &lt; ActiveRecord::Base
   end
  
   def notification_emails
-    [noreply_email.blank? ? nil : noreply_email].compact + admins.map(&:email)
+    [contact_email].select(&:present?) + admins.map(&:email)
   end
  
   after_create :create_templates
@@ -849,10 +870,10 @@ class Environment &lt; ActiveRecord::Base
     person_template.visible = false
     person_template.save!
  
-    self.enterprise_template = enterprise_template
+    self.enterprise_default_template = enterprise_template
     self.inactive_enterprise_template = inactive_enterprise_template
-    self.community_template = community_template
-    self.person_template = person_template
+    self.community_default_template = community_template
+    self.person_default_template = person_template
     self.save!
   end
  
@@ -916,6 +937,10 @@ class Environment &lt; ActiveRecord::Base
     locales_list
   end
  
+  def has_license?
+    self.licenses.any?
+  end
+
   private
  
   def default_language_available
@@ -19,7 +19,7 @@ class Event &lt; Article
     maybe_add_http(self.setting[:link])
   end
  
-  xss_terminate :only => [ :body, :link, :address ], :with => 'white_list', :on => 'validation'
+  xss_terminate :only => [ :name, :body, :link, :address ], :with => 'white_list', :on => 'validation'
  
   def initialize(*args)
     super(*args)
@@ -10,9 +10,10 @@ class ExternalFeed &lt; ActiveRecord::Base
     { :conditions => ['(fetched_at is NULL) OR (fetched_at < ?)', Time.now - FeedUpdater.update_interval] }
   }
  
-  attr_accessible :address, :enabled
+  attr_accessible :address, :enabled, :only_once
  
   def add_item(title, link, date, content)
+    return if content.blank?
     doc = Hpricot(content)
     doc.search('*').each do |p|
       if p.instance_of? Hpricot::Elem
@@ -30,6 +31,7 @@ class ExternalFeed &lt; ActiveRecord::Base
     article.source = link 
     article.profile = blog.profile 
     article.parent = blog
+    article.author_name = self.feed_title
     unless blog.children.exists?(:slug => article.slug)
       article.save!
       article.delay.create_activity
@@ -85,8 +85,4 @@ class FeedReaderBlock &lt; Block
     block_title(title) + formatted_feed_content
   end
  
-  def editable?
-    true
-  end
-
 end
@@ -12,7 +12,7 @@ class Folder &lt; Article
  
   acts_as_having_settings :field => :setting
  
-  xss_terminate :only => [ :body ], :with => 'white_list', :on => 'validation'
+  xss_terminate :only => [ :name, :body ], :with => 'white_list', :on => 'validation'
  
   include WhiteListFilter
   filter_iframes :body
@@ -65,18 +65,16 @@ class Invitation &lt; Task
  
       task_args = if user.nil?
         {:person => person, :friend_name => friend_name, :friend_email => friend_email, :message => message}
-      elsif !user.person.is_a_friend?(person)
+      else
         {:person => person, :target => user.person}
       end
  
-      if !task_args.nil?
-        if profile.person?
-          InviteFriend.create(task_args)
-        elsif profile.community?
-          InviteMember.create(task_args.merge(:community_id => profile.id))
-        else
-          raise NotImplementedError, 'Don\'t know how to invite people to a %s' % profile.class.to_s
-        end
+      if profile.person?
+        InviteFriend.create(task_args) if user.nil? || !user.person.is_a_friend?(person)
+      elsif profile.community?
+        InviteMember.create(task_args.merge(:community_id => profile.id)) if user.nil? || !user.person.is_member_of?(profile)
+      else
+        raise NotImplementedError, 'Don\'t know how to invite people to a %s' % profile.class.to_s
       end
     end
   end
@@ -78,16 +78,17 @@ class LinkListBlock &lt; Block
       address
     end
     if add !~ /^[a-z]+:\/\// && add !~ /^\//
-      'http://' + add
+      '//' + add
     else
+      if root = Noosfero.root
+        if !add.starts_with?(root)
+          add = root + add
+        end
+      end
       add
     end
   end
  
-  def editable?
-    true
-  end
-
   def icons_options
     ICONS.map do |i|
       "<span title=\"#{i[1]}\" class=\"icon-#{i[0]}\" onclick=\"changeIcon(this, '#{i[0]}')\"></span>".html_safe
@@ -100,4 +101,5 @@ class LinkListBlock &lt; Block
     sanitizer = HTML::WhiteListSanitizer.new
     sanitizer.sanitize(text)
   end
+
 end
@@ -16,10 +16,6 @@ class MainBlock &lt; Block
     true
   end
  
-  def editable?
-    true
-  end
-
   def cacheable?
     false
   end
@@ -30,6 +30,16 @@ class Organization &lt; Profile
  
   scope :more_popular, :order => 'members_count DESC'
  
+  validate :presence_of_required_fieds, :unless => :is_template
+
+  def presence_of_required_fieds
+    self.required_fields.each do |field|
+      if self.send(field).blank?
+        self.errors.add_on_blank(field)
+      end
+    end
+  end
+
   def validation_methodology
     self.validation_info ? self.validation_info.validation_methodology : nil
   end
@@ -135,7 +145,11 @@ class Organization &lt; Profile
   end
  
   def notification_emails
-    [contact_email.blank? ? nil : contact_email].compact + admins.map(&:email)
+    emails = [contact_email].select(&:present?) + admins.map(&:email)
+    if emails.empty?
+      emails << environment.contact_email
+    end
+    emails
   end
  
   def already_request_membership?(person)
@@ -21,6 +21,12 @@ class Person &lt; Profile
     { :select => 'DISTINCT profiles.*', :joins => :role_assignments, :conditions => [conditions] }
   }
  
+  scope :by_role, lambda { |roles|
+    roles = [roles] unless roles.kind_of?(Array)
+    { :select => 'DISTINCT profiles.*', :joins => :role_assignments, :conditions => ['role_assignments.role_id IN (?)',
+roles] }
+  }
+
   def has_permission_with_plugins?(permission, profile)
     permissions = [has_permission_without_plugins?(permission, profile)]
     permissions += plugins.map do |plugin|
@@ -74,6 +80,10 @@ class Person &lt; Profile
  
   belongs_to :user, :dependent => :delete
  
+  def can_change_homepage?
+    !environment.enabled?('cant_change_homepage') || is_admin?
+  end
+
   def can_control_scrap?(scrap)
     begin
       !self.scraps(scrap).nil?
@@ -161,7 +171,7 @@ class Person &lt; Profile
     FIELDS
   end
  
-  validate :presence_of_required_fields
+  validate :presence_of_required_fields, :unless => :is_template
  
   def presence_of_required_fields
     self.required_fields.each do |field|
@@ -300,7 +310,7 @@ class Person &lt; Profile
   end
  
   def default_template
-    environment.person_template
+    environment.person_default_template
   end
  
   def apply_type_specific_template(template)
@@ -67,7 +67,7 @@ class PersonNotifier
  
   class Mailer < ActionMailer::Base
  
-    add_template_helper(PersonNotifierHelper)
+    add_template_helper(ApplicationHelper)
  
     def session
       {:theme => nil}
@@ -11,7 +11,7 @@ class Product &lt; ActiveRecord::Base
  
   SEARCH_DISPLAYS = %w[map full]
  
-  attr_accessible :name, :product_category, :highlighted, :price, :enterprise, :image_builder, :description, :available, :qualifiers, :unit_id, :discount, :inputs
+  attr_accessible :name, :product_category, :highlighted, :price, :enterprise, :image_builder, :description, :available, :qualifiers, :unit_id, :discount, :inputs, :qualifiers_list
  
   def self.default_search_display
     'full'
@@ -125,7 +125,7 @@ class Profile &lt; ActiveRecord::Base
   end
  
   def members_by_name
-    members.order(:name)
+    members.order('profiles.name')
   end
  
   class << self
@@ -136,8 +136,8 @@ class Profile &lt; ActiveRecord::Base
     alias_method_chain :count, :distinct
   end
  
-  def members_by_role(role)
-    Person.members_of(self).all(:conditions => ['role_assignments.role_id = ?', role.id])
+  def members_by_role(roles)
+    Person.members_of(self).by_role(roles)
   end
  
   acts_as_having_boxes
@@ -149,7 +149,9 @@ class Profile &lt; ActiveRecord::Base
   end
  
   scope :visible, :conditions => { :visible => true }
+  scope :disabled, :conditions => { :visible => false }
   scope :public, :conditions => { :visible => true, :public_profile => true }
+  scope :enabled, :conditions => { :enabled => true }
  
   # Subclasses must override this method
   scope :more_popular
@@ -374,16 +376,17 @@ class Profile &lt; ActiveRecord::Base
   end
  
   def copy_blocks_from(profile)
+    template_boxes = profile.boxes.select{|box| box.position}
     self.boxes.destroy_all
-    profile.boxes.each do |box|
-      new_box = Box.new
+    self.boxes = template_boxes.size.times.map { Box.new }
+
+    template_boxes.each_with_index do |box, i|
+      new_box = self.boxes[i]
       new_box.position = box.position
-      self.boxes << new_box
       box.blocks.each do |block|
         new_block = block.class.new(:title => block[:title])
-        new_block.settings = block.settings
-        new_block.position = block.position
-        self.boxes[-1].blocks << new_block
+        new_block.copy_from(block)
+        new_box.blocks << new_block
       end
     end
   end
@@ -418,7 +421,7 @@ class Profile &lt; ActiveRecord::Base
   end
  
   xss_terminate :only => [ :name, :nickname, :address, :contact_phone, :description ], :on => 'validation'
-  xss_terminate :only => [ :custom_footer, :custom_header ], :with => 'white_list', :on => 'validation'
+  xss_terminate :only => [ :custom_footer, :custom_header ], :with => 'white_list'
  
   include WhiteListFilter
   filter_iframes :custom_header, :custom_footer
@@ -802,7 +805,7 @@ private :generate_url, :url_options
   end
  
   include Noosfero::Plugin::HotSpot
-  
+
   def folder_types
     types = Article.folder_types
     plugins.dispatch(:content_types).each {|type|
@@ -926,6 +929,13 @@ private :generate_url, :url_options
   end
  
   def disable
+    self.visible = false
+    self.save
+  end
+
+  def enable
+    self.visible = true
+    self.save
   end
  
   def control_panel_settings_button
@@ -23,10 +23,6 @@ class ProfileImageBlock &lt; Block
     end
   end
  
-  def editable?
-    true
-  end
-
   def cacheable?
     false
   end
@@ -15,10 +15,6 @@ class ProfileInfoBlock &lt; Block
     end
   end
  
-  def editable?
-    false
-  end
-
   def cacheable?
     false
   end
@@ -11,8 +11,4 @@ class ProfileSearchBlock &lt; Block
     end
   end
  
-  def editable?
-    true
-  end
-
 end
@@ -285,8 +285,9 @@ class Task &lt; ActiveRecord::Base
   # If
   def send_notification(action)
     if sends_email?
-      if self.requestor
-         TaskMailer.generic_message("task_#{action}", self)
+      if self.requestor && !self.requestor.notification_emails.empty?
+        message = TaskMailer.generic_message("task_#{action}", self)
+        message.deliver if message
       end
     end
   end
@@ -16,15 +16,18 @@ class User &lt; ActiveRecord::Base
   end
  
   # FIXME ugly workaround
-  def self.human_attribute_name(attrib, options={})
+  def self.human_attribute_name_with_customization(attrib, options={})
     case attrib.to_sym
       when :login
         return [_('Username'), _('Email')].join(' / ')
       when :email
         return _('e-Mail')
-      else _(self.superclass.human_attribute_name(attrib))
+      else _(self.human_attribute_name_without_customization(attrib))
     end
   end
+  class << self
+    alias_method_chain :human_attribute_name, :customization
+  end
  
   before_create do |user|
     if user.environment.nil?
@@ -198,6 +201,10 @@ class User &lt; ActiveRecord::Base
     Digest::MD5.hexdigest(password)
   end
  
+  add_encryption_method :salted_md5 do |password, salt|
+    Digest::MD5.hexdigest(password+salt)
+  end
+
   add_encryption_method :clear do |password, salt|
     password
   end
@@ -347,6 +354,7 @@ class User &lt; ActiveRecord::Base
     end
  
     def delay_activation_check
+      return if person.is_template?
       Delayed::Job.enqueue(UserActivationJob.new(self.id), {:priority => 0, :run_at => 72.hours.from_now})
     end
 end
@@ -13,20 +13,22 @@ class RoleAssignmentSweeper &lt; ActiveRecord::Observer
 protected
  
   def expire_caches(role_assignment)
-    expire_cache(role_assignment.accessor)
-    expire_cache(role_assignment.resource) if role_assignment.resource.respond_to?(:cache_keys)
+    expire_cache(role_assignment.accessor) if role_assignment.accessor.kind_of?(Profile)
+    expire_cache(role_assignment.resource) if role_assignment.resource.kind_of?(Profile)
   end
  
   def expire_cache(profile)
     per_page = Noosfero::Constants::PROFILE_PER_PAGE
-    profile.cache_keys(:per_page => per_page).each { |ck|
-      expire_timeout_fragment(ck)
-    }
+
+    profile.cache_keys(:per_page => per_page).each { |ck| expire_timeout_fragment(ck) }
+    expire_timeout_fragment(profile.members_cache_key(:per_page => per_page))
  
     profile.blocks_to_expire_cache.each { |block|
       blocks = profile.blocks.select{|b| b.kind_of?(block)}
       BlockSweeper.expire_blocks(blocks)
     }
+
+    expire_blocks_cache(profile, [:role_assignment])
   end
  
 end
@@ -20,6 +20,7 @@
   <tr><td><%= link_to _('Users'), :controller => 'users' %></td></tr>
   <tr><td><%= link_to _('Profile templates'), :controller => 'templates' %></td></tr>
   <tr><td><%= link_to _('Fields'), :controller => 'features', :action => 'manage_fields' %></td></tr>
+  <tr><td><%= link_to _('Manage organizations status'), :action => 'manage_organizations_status' %></td></tr>
 </table>
  
  
@@ -0,0 +1,69 @@
+<h1><%= _('Manage organizations') %></h1>
+
+<%= form_tag( { :action => 'manage_organizations_status' }, :method => 'get', :class => 'users-search' ) do %>
+
+  <div class="search-field">
+    <span class="formfield">
+      <%= text_field_tag 'q', @q, :title => _("Find profiles"), :style=>"width:85%" %>
+    </span>
+
+    <%= submit_button(:search, _('Search')) %>
+  </div>
+
+  <div class="environment-users-results-header">
+    <div id='environment-users-filter-title'><%= @title %></div>
+
+    <div id="environment-users-filter-filter">
+      <strong><%= _("Filter by: ") %></strong>
+
+      <select id="profile_filter_select">
+        <%= options_for_select([['Any', 'any'],["Disabled profiles", "disabled"], ["Enabled profiles", "enabled"]], @filter) %>
+      </select>
+    </div>
+    <div style="clear: both"></div>
+  </div>
+
+  <table>
+    <colgroup>
+      <col width="80%">
+      <col width="20%">
+    </colgroup>
+
+    <tr>
+      <th><%= _('Member') %></th>
+      <th><%= _('Actions') %></th>
+    </tr>
+
+    <% @collection.each do |p| %>
+      <tr title="<%= p.name %>">
+        <td><%= link_to_profile p.short_name, p.identifier, :title => p.name %> </td>
+
+        <td class='actions'>
+          <div class="members-buttons-cell">
+            <% if p.visible %>
+              <%= button_without_text :'deactivate-user', _('Deactivate'), {:controller => "profile_editor", :action => 'deactivate_profile', :profile => p.identifier, :id => p.id}, :confirm => _("Do you want to deactivate this profile ?") %>
+            <% else %>
+              <%= button_without_text :'activate-user', _('Activate'), {:controller => "profile_editor", :action => 'activate_profile', :profile => p.identifier, :id => p.id}, :confirm => _("Do you want to activate this profile ?") %>
+            <% end %>
+              <%= button_without_text :'delete', _('Remove'), {:controller => "profile_editor", :action => 'destroy_profile', :profile => p.identifier, :id => p.id, :return_to => "/admin/admin_panel/manage_organizations_status"}, :method => :post, :confirm => _("Do you want to deactivate this profile ?") %>
+         </div>
+        </td>
+      </tr>
+    <% end %>
+  </table>
+
+<% end %>
+
+<%= pagination_links @collection, {:param_name => 'npage', :page_links => true} %>
+
+<% button_bar do %>
+  <%= button :back, _('Back'), :controller => 'admin_panel' %>
+<% end %>
+
+<script type="text/javascript">
+  jQuery(document).ready(function(){
+    jQuery("#profile_filter_select").change(function(){
+      document.location.href = '/admin/admin_panel/manage_organizations_status?filter='+this.value;
+    });
+  });
+</script>
 \ No newline at end of file
@@ -5,6 +5,12 @@
  
     <%= labelled_form_field(_('Custom title for this block: '), text_field(:block, :title, :maxlength => 20)) %>
  
+    <% if environment.admins.include?(user) %>
+      <div class="fixed_block">
+        <%= labelled_check_box(_("Fixed"), "block[fixed]", value = "1", checked = @block.fixed) %>
+      </div>
+    <% end %>
+
     <%= render :partial => partial_for_class(@block.class) %>
  
     <div class="display">
@@ -14,8 +14,8 @@
  
 <ul id="product-list">
   <% @products.each do |product| %>
-    <% extra_content = @plugins.dispatch(:catalog_item_extras, product).collect { |content| instance_eval(&content) } %>
-    <% extra_content_list = @plugins.dispatch(:catalog_list_item_extras, product).collect { |content| instance_eval(&content) } %>
+    <% extra_content = @plugins.dispatch(:catalog_item_extras, product).collect { |content| instance_exec(&content) } %>
+    <% extra_content_list = @plugins.dispatch(:catalog_list_item_extras, product).collect { |content| instance_exec(&content) } %>
  
     <% status = [] %>
     <% status << 'not-available' if !product.available %>
 <%= select_profile_folder(_('Parent folder:'), 'article[parent_id]', profile, @article.parent_id) %>
-<%= labelled_form_field(_('License'), select(:article, :license_id, options_for_select_with_title([[_('None'), nil]] + profile.environment.licenses.map {|license| [license.name, license.id]}, @article.license ? @article.license.id : nil))) %>
+<% if profile.environment.has_license? %>
+  <%= labelled_form_field(_('License'), select(:article, :license_id, options_for_select_with_title([[_('None'), nil]] + profile.environment.licenses.map {|license| [license.name, license.id]}, @article.license ? @article.license.id : nil))) %>
+<% end %>
@@ -20,5 +20,10 @@
 <h5><%= _('Uploading files to %s') % content_tag('code', @target) %></h5>
  
 <%= form_for('uploaded_file', :url => { :action => 'upload_files' }, :html => {:multipart => true}) do |f| %>
+
+  <%= @plugins.dispatch(:upload_files_extra_fields, params[:parent_id]).collect { |content| instance_exec(&content) }.join("") %>
+
   <%= render :partial => 'upload_file_form', :locals => { :size => '45'} %>
-<% end %>
+
+<% end %> 
+
@@ -2,7 +2,7 @@
   <%= _('Content management') %>
 </h1>
  
-<% if !environment.enabled?('cant_change_homepage') && !remove_content_button(:home) %>
+<% if user.can_change_homepage? && !remove_content_button(:home) %>
   <div class="cms-homepage">
     <%= _('Profile homepage:') %>
     <% if profile.home_page %>
@@ -69,7 +69,7 @@
         <%= expirable_button article, :edit, _('Edit'), {:action => 'edit', :id => article.id} if !remove_content_button(:edit) %>
         <%= button_without_text :eyes, _('Public view'), article.view_url %>
         <%= display_spread_button(profile, article) unless article.folder? || remove_content_button(:spread)%>
-        <% if !environment.enabled?('cant_change_homepage') && !remove_content_button(:home) %>
+        <% if user.can_change_homepage? && !remove_content_button(:home) %>
           <% if profile.home_page != article %>
             <%= expirable_button article, :home, _('Use as homepage'), { :action => 'set_home_page', :id => article.id }, :method => :post %>
           <% else %>
@@ -13,11 +13,16 @@
  
   <%= required_fields_message %>
  
-  <% location_fields = select_city(true) %>
+  <% unless logged_in? %>
+    <%= required f.text_field(:name) %>
+    <%= required f.text_field(:email) %>
+  <% end %>
  
+  <% location_fields = select_city(true) %>
   <% unless environment.enabled?('disable_select_city_for_contact') || location_fields.blank? %>
     <%= labelled_form_field _('City and state'), location_fields %>
   <% end %>
+
   <%= required f.text_field(:subject) %>
  
   <%= render :file => 'shared/tiny_mce' %>
@@ -25,5 +30,9 @@
  
   <%= labelled_form_field check_box(:contact, :receive_a_copy) + _('I want to receive a copy of the message in my e-mail.'), '' %>
  
-  <%= submit_button(:send, _('Send'), :onclick => "$('confirm').value = 'true'") %>
+  <% unless logged_in? %>
+    <%= recaptcha_tags :ajax => true, :display => {:theme => 'clean'} %>
+  <% end %>
+
+  <%= submit_button(:send, _('Send'), :onclick => "jQuery('#confirm').val('true')") %>
 <% end %>
@@ -70,37 +70,36 @@
  
 <%= @plugins.dispatch(:article_extra_contents, @page).collect { |content| instance_exec(&content) }.join("") %>
  
-<div class="comments" id="comments_list">
-
-  <% if @page.accept_comments? || @comments_count > 0 %>
+<% if @page.accept_comments? || @comments_count > 0 %>
+  <div class="comments" id="comments_list">
     <h3 <%= 'class="no-comments-yet"' if @comments_count == 0 %>>
       <%= display_number_of_comments(@comments_count) %>
     </h3>
-  <% end %>
  
-  <% if @comments.present? && @comments.count > 1 %>
-    <%= link_to(_('Post a comment'), '#', :class => 'display-comment-form', :id => 'top-post-comment-button', :onclick => "jQuery('#page-comment-form .display-comment-form').first().click();") if @page.accept_comments? %>
+    <% if @comments.present? && @comments.count > 1 %>
+      <%= link_to(_('Post a comment'), '#', :class => 'display-comment-form', :id => 'top-post-comment-button', :onclick => "jQuery('#page-comment-form .display-comment-form').first().click();") if @page.accept_comments? %>
+
+      <%= hidden_field_tag("page_url", url_for(:controller=>'content_viewer', :action=>'view_page', :profile=>profile.identifier, :page => @page.explode_path)) %>
+      <%= javascript_include_tag "comment_order.js" %>
+      <div class="comment-order">
+        <%= form_tag({:controller=>'content_viewer' , :action=>'view_page'}, {:method=>'get', :id=>"form_order"}) do %>
+          <%= select_tag 'comment_order', options_for_select({_('Oldest first')=>'oldest', _('Newest first')=>'newest'}, @comment_order) %>
+        <% end %>
+      </div>
+    <% end %>
  
-    <%= hidden_field_tag("page_url", url_for(:controller=>'content_viewer', :action=>'view_page', :profile=>profile.identifier, :page => @page.explode_path)) %>
-    <%= javascript_include_tag "comment_order.js" %>
-    <div class="comment-order">
-      <%= form_tag({:controller=>'content_viewer' , :action=>'view_page'}, {:method=>'get', :id=>"form_order"}) do %>
-        <%= select_tag 'comment_order', options_for_select({_('Oldest first')=>'oldest', _('Newest first')=>'newest'}, @comment_order) %>
+    <ul class="article-comments-list">
+      <% if @comments.present? %>
+        <%= render :partial => 'comment/comment', :collection => @comments %>
+        <%= pagination_links @comments, :param_name => 'comment_page' %>
       <% end %>
-    </div>
-  <% end %>
+    </ul>
  
-  <ul class="article-comments-list">
-    <% if @comments.present? %>
-      <%= render :partial => 'comment/comment', :collection => @comments %>
-      <%= pagination_links @comments, :param_name => 'comment_page' %>
+    <% if @page.accept_comments? %>
+      <div id='page-comment-form' class='page-comment-form'><%= render :partial => 'comment/comment_form', :locals =>{:url => {:controller => :comment, :action => :create}, :display_link => true, :cancel_triggers_hide => true}%></div>
     <% end %>
-  </ul>
-
-  <% if @page.accept_comments? %>
-    <div id='page-comment-form' class='page-comment-form'><%= render :partial => 'comment/comment_form', :locals =>{:url => {:controller => :comment, :action => :create}, :display_link => true, :cancel_triggers_hide => true}%></div>
-  <% end %>
-</div><!-- end class="comments" -->
+  </div><!-- end class="comments" -->
+<% end %>
  
 </div><!-- end id="article" -->
 <%= add_zoom_to_article_images %>
@@ -20,7 +20,7 @@
  
   <%= labelled_form_for :create_enterprise do |f| %>
     <%= required f.text_field 'name', :onchange => "updateUrlField(this, 'create_enterprise_identifier')", :size => 40 %>
-    <%= required labelled_form_field(_('Address'), content_tag('code', environment.top_url + "/" + text_field(:create_enterprise, 'identifier', :size => 26))) %>
+    <%= required labelled_form_field(_('Address'), content_tag('code', top_url + "/" + text_field(:create_enterprise, 'identifier', :size => 26))) %>
     <%= render :partial => 'shared/organization_custom_fields', :locals => { :f => f, :object_name => :create_enterprise, :profile => @create_enterprise } %>
     <%= required labelled_form_field(_('Region'), f.select('region_id', @regions)) if @validation == :region %>
  
@@ -13,8 +13,8 @@
                 date.day,
                 :url => {:action => 'events_by_day', :year => date.year, :month => date.month, :day => date.day, :category_id => @category_id},
                 :update => 'events-of-the-day',
-                :loading => '$("events-of-the-day").addClassName("loading")',
-                :complete => '$("events-of-the-day").removeClassName("loading")'
+                :loading => "$('events-of-the-day').addClassName('loading')",
+                :complete => "$('events-of-the-day').removeClassName('loading')"
               ) :
               date.day
             %>
@@ -3,7 +3,7 @@
 <div id='agenda-toolbar'>
   <%= button :back, _('Back to %s') % profile.name, profile.url %>
   <% if user && user.has_permission?('post_content', profile) %>
-    <%= button :new, _('New event'), myprofile_url(:controller => 'cms', :action => 'new', :type => 'Event') %>
+    <%= button :new, _('New event'), myprofile_path(:controller => 'cms', :action => 'new', :type => 'Event') %>
   <% end %>
 </div>
  
 <span class="download-link">
   <span>Download</span>
-  <strong><%= link_to generic.filename, generic.public_filename %></strong>
+  <strong><%= link_to generic.filename, [Noosfero.root, generic.public_filename].join %></strong>
 </span>
  
 <div class="uploaded-file-description <%= 'empty' if generic.abstract.blank? %>">
@@ -28,7 +28,7 @@
  
 <%# image_tag(article.public_filename(:display), :class => article.css_class_name, :style => 'max-width: 100%') %>
  
-<img src="<%=image.public_filename(:display)%>" class="<%=image.css_class_name%>">
+<img src="<%= [Noosfero.root, image.public_filename(:display)].join %>" class="<%=image.css_class_name%>">
  
 <div class="uploaded-file-description <%= 'empty' if image.abstract.blank? %>">
   <%= image.abstract %>
@@ -61,9 +61,6 @@
         <%= submit_button(:search, _('Search')) %>
       </div>
  
-      <div>
-        <%= lightbox_link_to _('More options'), :controller => 'search', :action => 'popup' %>
-      </div>
     <% end %>
   </div>
 <% end %>
@@ -0,0 +1,4 @@
+<div id="content-inner">
+  <%= insert_boxes(yield) %>
+  <br style='clear: both'/>
+</div><!-- end id="content-inner" -->
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<%= html_language %>" lang="<%= html_language %>">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<%= html_language %>" lang="<%= html_language %>" class="<%= h html_tag_classes %>">
   <head>
     <title><%= h page_title %></title>
     <%= yield(:feeds) %>
@@ -12,20 +12,8 @@
     <meta name="twitter:title" content="<%= h page_title %>">
     <meta name="twitter:description" content="<%= meta_description_tag(@page) %>">
  
-    <!-- Open Graph -->
-    <meta property="og:type" content="<%= @page ? 'article' : 'website' %>">
-    <meta property="og:url" content="<%= @page ? url_for(@page.url) : @environment.top_url %>">
-    <meta property="og:title" content="<%= h page_title %>">
-    <meta property="og:site_name" content="<%= profile ? profile.name : @environment.name %>">
-    <meta property="og:description" content="<%= @page ? truncate(strip_tags(@page.body.to_s), :length => 200) : @environment.name %>">
-
-    <% if @page %>
-      <meta property="article:published_time" content="<%= show_date(@page.published_at) %>">
-      <% @page.body_images_paths.each do |img| %>
-        <meta name="twitter:image" content="<%= img.to_s %>">
-        <meta property="og:image" content="<%= img.to_s %>">
-      <% end %>
-    <% end %>
+    <!-- site root -->
+    <meta property="noosfero:root" content="<%= Noosfero.root %>"/>
  
     <link rel="shortcut icon" href="<%= image_path(theme_favicon) %>" type="image/x-icon" />
     <%= noosfero_javascript %>
@@ -69,10 +57,7 @@
           <div id="navigation-end"></div>
         </div><!-- end id="navigation" -->
         <div id="content">
-          <div id="content-inner">
-            <%= insert_boxes(yield) %>
-            <br style='clear: both'/>
-          </div><!-- end id="content-inner" -->
+          <%= render 'layouts/content' %>
         </div><!-- end id="content" -->
       </div><!-- end id="wrap-2" -->
     </div><!-- end id="wrap-1" -->
@@ -81,7 +66,6 @@
       <%= theme_footer %>
     </div><!-- end id="theme-footer" -->
     <%= noosfero_layout_features %>
-    <%= theme_javascript_ng %>
     <%= addthis_javascript %>
     <%=
       @plugins.dispatch(:body_ending).map do |content|
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<%= html_language %>" lang="<%= html_language %>">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<%= html_language %>" lang="<%= html_language %>" class="<%= h html_tag_classes %>">
   <head>
     <title><%= h page_title %></title>
     <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
@@ -68,7 +68,7 @@
  
         <div id="navigation_bar">
           <%= link_to "<span>"+ @environment.name() +"</span>",
-                      @environment.top_url,
+                        top_url,
                         :id=>"menu_link_to_envhome",
                         :title=>@environment.name  %>
           <% unless environment.enabled?(:disable_categories) %>
 <%= render :file => 'shared/tiny_mce', :locals => {:mode => 'simple'} %>
 <%= remote_form_for(@product,
                    :loading => "small_loading('product-description-form')",
-                   :before => ("tinyMCE.triggerSave()" unless Rails.env == 'test'),
                    :update => 'product-description',
                    :url => {:controller => 'manage_products', :action => 'edit', :id => @product, :field => 'description'},
                    :html => {:id => 'product-description-form', :method => 'post'}) do |f| %>
@@ -47,7 +47,7 @@
     <%= button_to_function(
       :add,
       _('Add new qualifier'),
-      "new_qualifier_row('#product-qualifiers-list', '#{escape_javascript(select_qualifiers(@product))}', '#{escape_javascript(remove_qualifier_button)}')"
+      "new_qualifier_row('#product-qualifiers-list', '#{escape_javascript(CGI::escape_html(select_qualifiers(@product)))}', '#{escape_javascript(CGI::escape_html(remove_qualifier_button))}')"
     ) %>
     <%= hidden_field_tag "product[qualifiers_list][nil]" %>
   <% end %>
@@ -13,7 +13,7 @@
       <%= render :partial => 'manage_products/display_image' %>
     </div>
     <div id='product-extra-content'>
-      <% extra_content = @plugins.dispatch(:product_info_extras, @product).collect { |content| instance_eval(&content) } %>
+      <% extra_content = @plugins.dispatch(:product_info_extras, @product).collect { |content| instance_exec(&content) } %>
       <%= extra_content.join("\n") %>
     </div>
     <div id='product-info'>
 <% unless @action %>
   <% cache_timeout(profile.cache_key + '-profile-general-info', 4.hours) do %>
-    <tr>
-      <th colspan='2'>
-        <%= _('Content') %>
-      </th>
-    </tr>
-
-    <% profile.blogs.each do |blog| %>
-      <tr>
-        <td><%= blog.name + ':' %></td>
-        <td>
-          <%= link_to(n_('One post', '%{num} posts', blog.posts.published.count) % { :num => blog.posts.published.count }, blog.url) %>
-        </td>
-      </tr>
-    <% end %>
-    <% profile.image_galleries.each do |gallery| %>
-      <tr>
-        <td><%= gallery.name + ':' %></td>
-        <td>
-          <%= link_to(n_('One picture', '%{num} pictures', gallery.images.published.count) % { :num => gallery.images.published.count }, gallery.url) %>
-        </td>
-      </tr>
-    <% end %>
-
-    <tr>
-      <td><%= _('Events:') %></td>
-      <td>
-        <%= link_to profile.events.published.count, :controller => 'events', :action => 'events' %>
-      </td>
-    </tr>
-    <tr>
-      <td>
-        <%= _('Tags:') %>
-      </td>
-      <td>
-        <%= tag_cloud @tags, :id, { :action => 'tags' }, :max_size => 18, :min_size => 10%>
-      </td>
-    </tr>
+    <%= display_content %>
  
     <% if !environment.enabled?('disable_categories') && !profile.interests.empty? %>
-      <tr>
-        <th colspan='2'><%= _('Interests') %></th>
-      </tr>
-      <% profile.interests.each do |item| %>
-        <tr>
-          <td></td>
-          <td><%= link_to item.name, :controller => 'search', :action => 'category_index', :category_path => item.explode_path %></td>
-        </tr>
-      <% end %>
+      <%= display_interests %>
     <% end %>
+
+    <%= display_general %>
   <% end %>
 <% end %>
 <table>
-  <tr>
-    <th colspan='2'><%= _('Basic information')%></th>
-  </tr>
-
-  <tr>
-    <td class='field-name'><%= _('Members') %></td>
-    <td>
-      <%= link_to profile.members_count, :controller => 'profile', :action => 'members' %>
-    </td>
-  </tr>
-
-  <%= display_field(_('Type:'), profile, :privacy_setting, true) %>
-
-  <%= display_field(_('Location:'), profile, :location, true) %>
-
-  <tr>
-    <td class='field-name'><%= _('Profile created at:')  %></td>
-    <td><%= show_date(profile.created_at) %></td>
-  </tr>
-
-  <% if profile.kind_of?(Enterprise) && profile.environment.enabled?('products_for_enterprises') %>
-    <tr>
-      <td></td>
-      <td>
-        <%= link_to _('Products/Services'), :controller => 'catalog', :action => 'index' %>
-      </td>
-    </tr>
-  <% end %>
-
-  <tr>
-    <td class='field-name'><%= _('Administrators:') %></td>
-    <td>
-      <%= profile.admins.map { |admin| link_to(admin.short_name, admin.url)}.join(', ') %>
-    </td>
-  </tr>
-
+  <%= display_basic_information %>
+  <%= display_contact %>
+  <%= display_economic %>
   <%= render :partial => 'common' %>
 </table>
 <table>
-  <tr>
-    <th colspan='2'><%= _('Basic information')%></th>
-  </tr>
-  <%= display_field(_('Sex:'), profile, :sex) { |gender| { 'male' => _('Male'), 'female' => _('Female') }[gender] } %>
-  <%= display_field(_('Date of birth:'), profile, :birth_date) { |date| show_date(date)  }%>
-  <%= display_field _('Location:'), profile, :location %>
-
-  <%= display_field(_('Type:'), profile, :privacy_setting, true) %>
-
-  <tr>
-    <td class='field-name'><%= _('Profile created at:')  %></td>
-    <td><%= show_date(profile.created_at) %></td>
-  </tr>
-
-  <%= display_contact profile %>
+  <%= display_basic_information %>
+  <%= display_contact %>
+  <%= display_location %>
  
   <% cache_timeout(profile.relationships_cache_key, 4.hours) do %>
-    <%= display_work_info profile %>
-
-  <%= display_custom_fields(profile) %>
-
-    <tr>
-      <th colspan='2'><%= _('Network')%></th>
-    </tr>
-    <tr>
-      <td><%= _('Friends') + ':' %></td>
-      <td><%= link_to  profile.friends.count, { :controller => 'profile', :action => 'friends' } %></td>
-    </tr>
-    <tr>
-      <td><%= _('Communities') + ':' %></td>
-      <td><%= link_to profile.communities.count, :controller => "profile", :action => 'communities' %></td>
-    </tr>
-    <% if environment.disabled?('disable_asset_enterprises') %>
-      <tr id="person-profile-network-enterprises">
-        <td><%= _('Enterprises') + ':' %></td>
-        <td><%= link_to profile.enterprises.count, :controller => "profile", :action => 'enterprises' %></td>
-      </tr>
-    <% end %>
+    <%= display_work %>
+    <%= display_study %>
+    <%= display_network %>
+    <%= display_custom_fields(profile) %>
  
     <%= render :partial => 'common' %>
-
   <% end %>
 </table>
+
@@ -10,8 +10,8 @@
                                  :rows => 1,
                                  :class => 'submit-with-keypress',
                                  :title => _('Leave your comment'),
-                                 :onfocus => ('if(this.value==this.title){this.value="";this.style.color="#000"};this.style.backgroundImage="url(' + profile_icon(current_person, :icon, false) + ')"' if logged_in?),
-                                 :onblur => ('if(this.value==""){this.value=this.title;this.style.color="#ccc"};this.style.backgroundImage="none"' if logged_in?),
+                                 :onfocus => ("if(this.value==this.title){this.value='';this.style.color='#000'};this.style.backgroundImage='url(" + profile_icon(current_person, :icon, false) + ")'" if logged_in?),
+                                 :onblur => ("if(this.value==''){this.value=this.title;this.style.color='#ccc'};this.style.backgroundImage='none'" if logged_in?),
                                  :value => _('Leave your comment'),
                                  :style => 'color: #ccc' %>
         <%= hidden_field_tag :source_id, activity.id, :id => "activity_id_#{activity.id}" %>
@@ -9,8 +9,8 @@
                                  :rows => 1,
                                  :class => 'submit-with-keypress',
                                  :title => _('Leave your comment'),
-                                 :onfocus => ('if(this.value==this.title){this.value="";this.style.color="#000"};this.style.backgroundImage="url(' + profile_icon(current_person, :icon, false) + ')"' if logged_in?),
-                                 :onblur => ('if(this.value==""){this.value=this.title;this.style.color="#ccc"};this.style.backgroundImage="none"' if logged_in?),
+                                 :onfocus => ("if(this.value==this.title){this.value='';this.style.color='#000'};this.style.backgroundImage='url(" + profile_icon(current_person, :icon, false) + ")'" if logged_in?),
+                                 :onblur => ("if(this.value==''){this.value=this.title;this.style.color='#ccc'};this.style.backgroundImage='none'" if logged_in?),
                                  :value => _('Leave your comment') %>
         <%= hidden_field_tag 'scrap[scrap_id]', scrap.id %>
         <%= hidden_field_tag 'receiver_id', scrap.sender.id %>
@@ -25,6 +25,11 @@
 <%= optional_field(@person, 'address', labelled_form_field(_('Address (street and number)'), text_field(:profile_data, :address, :rel => _('Address')))) %>
 <%= optional_field(@person, 'address_reference', labelled_form_field(_('Address reference'), text_field(:profile_data, :address_reference, :rel => _('Address reference')))) %>
 <%= optional_field(@person, 'district', labelled_form_field(_('District'), text_field(:profile_data, :district, :rel => _('District')))) %>
+<%= optional_field(@person, 'image', labelled_form_field(_('Image'), file_field(:file, :image, :rel => _('Image')))) %>
+
+<% @plugins.dispatch(:extra_optional_fields).each do |field| %>
+  <%= optional_field(@person, field[:name], labelled_form_field(field[:label], text_field(field[:object_name], field[:method], :rel => field[:label], :value => field[:value]))) %>
+<% end %>
  
 <% optional_field(@person, 'schooling') do %>
   <div class="formfieldline">
 <h1><%= _('Profile settings for %s') % profile.name %></h1>
  
+<%= javascript_include_tag 'deactivate_profile' %>
 <%= error_messages_for :profile_data %>
  
 <%= labelled_form_for :profile_data, :html => { :id => 'profile-data', :multipart => true } do |f| %>
@@ -67,6 +68,15 @@
   <% if user && user.has_permission?('destroy_profile', profile) %>
     <% button_bar(:id => 'delete-profile') do %>
       <%= button(:remove, _('Delete profile'), {:action => :destroy_profile}) %>
+
+      <% if environment.admins.include?(current_person) %>
+
+        <% if profile.visible? %>
+          <%= button(:remove, _('Deactivate profile'), {:action => :deactivate_profile, :id=>profile.id}, :id=>'deactivate_profile_button', :data => {:confirm=>_("Are you sure you want to deactivate this profile?")}) %>
+        <% else %>
+          <%= button(:add, _('Activate profile'), {:action => :activate_profile, :id=>profile.id}, :data => {:confirm=>_("Are you sure you want to deactivate this profile?")}) %>
+        <% end %>
+      <% end %>
     <% end %>
   <% end %>
 -<% end %>
+<% end %>
 \ No newline at end of file
@@ -6,10 +6,14 @@
  
   <%= required f.text_field(:name) %>
  
-  <p><%= _('Permissions:') %><p>
-  <% permissions.keys.each do |p| %>
-    <%= check_box_tag("role[permissions][]", p, role.has_permission?(p), { :id => p }) %>
-    <%= content_tag(:label, permission_name(p), { :for => p }) %><br/>
+  <% permissions.each do |key| %>
+  <div class="permissions <%= key.downcase %>">
+    <h4><%= _('%s Permissions:' % key) %></h4>
+    <% ActiveRecord::Base::PERMISSIONS[key].keys.each do |p| %>
+      <%= check_box_tag("role[permissions][]", p, role.has_permission?(p), { :id => p }) %>
+      <%= content_tag(:label, permission_name(p), { :for => p }) %><br/>
+    <% end %>
+  </div>
   <% end %>
  
   <% button_bar do %>
 <h2> <%= _("Editing #{@role.name}") %> </h2>
  
-<%= render :partial => 'form', :locals => { :mode => :edit, :role => @role, :permissions => ActiveRecord::Base::PERMISSIONS[@role.kind] } %>
+<%= render :partial => 'form', :locals => { :mode => :edit, :role => @role, :permissions => role_available_permissions(@role) } %>
 <h2> <%= _("Create a new role") %> </h2>
  
-<%= render :partial => 'form', :locals => { :mode => :create, :role => @role, :permissions => ActiveRecord::Base::PERMISSIONS[@role.kind] } %>
+<%= render :partial => 'form', :locals => { :mode => :create, :role => @role, :permissions => role_available_permissions(@role) } %>
@@ -14,7 +14,7 @@
  
         <% display = display_filter(name, params[:display]) %>
  
-        <div class="search-results-innerbox search-results-type-<%= name.to_s.singularize %> <%= 'common-profile-list-block' if [:enterprises, :people, :communities].include?(name) %>">
+        <div class="search-results-innerbox search-results-type-<%= name.to_s.singularize %> <%= 'common-profile-list-block' if SearchHelper::COMMON_PROFILE_LIST_BLOCK.include?(name) %>">
           <ul>
             <% search[:results].each do |hit| %>
               <% partial = partial_for_class(hit.class, display) %>
@@ -1,10 +0,0 @@
-<ul>
-  <li><%= (content_tag('strong', _('Title') + ': ') + article.title)  if article.title %> </li>
-  <li><%= (content_tag('strong', _('Type') + ': ') + article.class.short_description) %> </li>
-  <li>
-  <%= (content_tag('strong', _('Original content') + ': ') + link_to(article.name, article.url)) %> <br />
-    <%= content_tag('small', _('This link might be unavailable if the content is removed')) %>
-  </li>
-</ul>
-
-<%= article_to_html(article) %>
@@ -1,10 +0,0 @@
-<ul>
-  <li><%= (content_tag('strong', _('Title') + ': ') + comment.title)  if comment.title %> </li>
-  <li><%= content_tag('strong', _('Type') + ': ') + _('Comment') %> </li>
-  <li>
-    <%= (content_tag('strong', _('Original content') + ': ') + link_to(comment.title || url_for(comment.url), comment.url)) %> <br />
-    <%= content_tag('small', _('This link might be unavailable if the content is removed')) %>
-  </li>
-</ul>
-
-<p><%= article_to_html(comment) %></p>
@@ -1 +0,0 @@
-<%= _('Reported folder') + ': ' + link_to(article.name, article.url) %>
@@ -0,0 +1,10 @@
+<ul>
+  <li><%= (content_tag('strong', _('Title') + ': ') + article.title)  if article.title %> </li>
+  <li><%= (content_tag('strong', _('Type') + ': ') + article.class.short_description) %> </li>
+  <li>
+  <%= (content_tag('strong', _('Original content') + ': ') + link_to(article.name, article.url)) %> <br />
+    <%= content_tag('small', _('This link might be unavailable if the content is removed')) %>
+  </li>
+</ul>
+
+<%= article_to_html(article) %>
@@ -0,0 +1,10 @@
+<ul>
+  <li><%= (content_tag('strong', _('Title') + ': ') + comment.title)  if comment.title %> </li>
+  <li><%= content_tag('strong', _('Type') + ': ') + _('Comment') %> </li>
+  <li>
+    <%= (content_tag('strong', _('Original content') + ': ') + link_to(comment.title || url_for(comment.url), comment.url)) %> <br />
+    <%= content_tag('small', _('This link might be unavailable if the content is removed')) %>
+  </li>
+</ul>
+
+<p><%= article_to_html(comment) %></p>
@@ -0,0 +1 @@
+<%= _('Reported folder') + ': ' + link_to(article.name, article.url) %>
1	1	--ignore-dir=log
2	2	--ignore-dir=tmp
3	3	--ignore-dir=pkg
	4	+--ignore-dir=public/javascripts/cache
	5	+--ignore-dir=public/stylesheets/cache
...	...
...	...	@@ -40,7 +40,9 @@ Alessandro Palmeira + João M. M. Silva <alessandro.palmeira@gmail.com>
40	40	Alessandro Palmeira + Paulo Meirelles <alessandro.palmeira@gmail.com>
41	41	Alessandro Palmeira + Paulo Meirelles + João M. M. da Silva <alessandro.palmeira@gmail.com>
42	42	Alessandro Palmeira + Rafael Manzo <alessandro.palmeira@gmail.com>
	43	+analosnak <analosnak@gmail.com>
43	44	Ana Losnak <analosnak@gmail.com>
	45	+Andre Bernardes <andrebsguedes@gmail.com>
44	46	Antonio Terceiro + Carlos Morais <terceiro@colivre.coop.br>
45	47	Antonio Terceiro + Paulo Meirelles <terceiro@colivre.coop.br>
46	48	Antonio Terceiro <terceiro@colivre.coop.br>
...	...	@@ -80,7 +82,6 @@ Carlos Morais + Diego Araújo <diegoamc90@gmail.com>
80	82	Carlos Morais + Eduardo Morais <carlos88morais@gmail.com>
81	83	Carlos Morais + Paulo Meirelles <carlos88morais@gmail.com>
82	84	Carlos Morais + Pedro Leal <carlos88morais@gmail.com>
83		-Daniela Feitosa <dani@dohko.(none)>
84	85	Daniel Alves + Diego Araújo <danpaulalves@gmail.com>
85	86	Daniel Alves + Diego Araújo <diegoamc90@gmail.com>
86	87	Daniel Alves + Diego Araújo + Guilherme Rojas <danpaulalves@gmail.com>
...	...	@@ -118,7 +119,6 @@ Diego Araújo + Renan Teruo <diegoamc90@gmail.com>
118	119	Diego Araujo + Rodrigo Souto + Rafael Manzo <rr.manzo@gmail.com>
119	120	Diego + Jefferson <diegoamc90@gmail.com>
120	121	Diego Martinez <diegoamc90@gmail.com>
121		-Diego Martinez <diego@diego-K55A.(none)>
122	122	Diego + Renan <renanteruoc@gmail.com>
123	123	Eduardo Tourinho Edington <eduardo.edington@serpro.gov.br>
124	124	Evandro Jr <evandrojr@gmail.com>
...	...	@@ -132,6 +132,7 @@ Francisco Marcelo de Araújo Lima Júnior <maljunior@gmail.com>
132	132	Gabriela Navarro <navarro1703@gmail.com>
133	133	Grazieno Pellegrino <grazieno@gmail.com>
134	134	Gust <darksshades@hotmail.com>
	135	+Hebert Douglas <hebertdougl@gmail.com>
135	136	Hugo Melo <hugo@riseup.net>
136	137	Isaac Canan <isaac@intelletto.com.br>
137	138	Italo Valcy <italo@dcc.ufba.br>
...	...	@@ -193,9 +194,11 @@ Luis David Aguilar Carlos <ludwig9003@gmail.com>
193	194	Luiz Fernando de Freitas Matos <luiz@luizff.matos@gmail.com>
194	195	Marcos Ramos <ms.ramos@outlook.com>
195	196	Martín Olivera <molivera@solar.org.ar>
	197	+Michal Čihař <michal@cihar.com>
196	198	Moises Machado <moises@colivre.coop.br>
197	199	Naíla Alves <naila@colivre.coop.br>
198	200	Nanda Lopes <nanda.listas+psl@gmail.com>
	201	+Parley Martins <parleypachecomartins@gmail.com>
199	202	Paulo Meirelles + Alessandro Palmeira + João M. M. da Silva <paulo@softwarelivre.org>
200	203	Paulo Meirelles + Alessandro Palmeira <paulo@softwarelivre.org>
201	204	Paulo Meirelles + Carlos Morais <paulo@softwarelivre.org>
...	...	@@ -218,6 +221,7 @@ Rafael Reggiani Manzo + João M. M. da Silva <rr.manzo@gmail.com>
218	221	Rafael Reggiani Manzo <rr.manzo@gmail.com>
219	222	Raphaël Rousseau <raph@r4f.org>
220	223	Raquel Lira <raquel.lira@gmail.com>
	224	+Raquel <rcordioli@gmail.com>
221	225	Renan Teruo + Caio Salgado <renanteruoc@gmail.com>
222	226	Renan Teruoc + Diego Araujo <renanteruoc@gmail.com>
223	227	Renan Teruo + Diego Araujo <renanteruoc@gmail.com>
...	...	@@ -225,11 +229,13 @@ Renan Teruo + Diego Araújo <renanteruoc@gmail.com>
225	229	Renan Teruo + Paulo Meirelles <renanteruoc@gmail.com>
226	230	Renan Teruo + Rafael Manzo <renanteruoc@gmail.com>
227	231	Rodrigo Souto + Ana Losnak + Daniel Bucher + Caio Almeida + Leandro Nunes + Daniela Feitosa + Mariel Zasso <noosfero-br@listas.softwarelivre.org>
228		-Rodrigo Souto <diguliu@gmail.com>
229	232	Rodrigo Souto <rodrigo@colivre.coop.br>
230	233	Ronny Kursawe <kursawe.ronny@googlemail.com>
231	234	root <root@debian.sdr.serpro>
232	235	Samuel R. C. Vale <srcvale@holoscopio.com>
	236	+Tallys Martins <tallysmartins@gmail.com>
	237	+tallys <tallys@tallys.(none)>
	238	+Thiago Zoroastro <thiago.zoroastro@bol.com.br>
233	239	Valessio Brito <contato@valessiobrito.com.br>
234	240	Valessio Brito <contato@valessiobrito.info>
235	241	Valessio Brito <valessio@gmail.com>
...	...
...	...	@@ -0,0 +1,124 @@
	1	+# Noosfero Development Policy
	2	+
	3	+## Developer Roles
	4	+
	5	+* Developers are everyone that is contributing code to Noosfero.
	6	+* Committers are the people with direct commit access to the Noosfero source
	7	+ code. They are responsible for reviewing contributions from other developers
	8	+ and integrating them in the Noosfero code base. They are the members of the
	9	+ [Noosfero group on Gitlab](https://gitlab.com/groups/noosfero/members).
	10	+* Release managers are the people that are managing the release of a new
	11	+ Noosfero version and/or the maintainance work of an existing Noosfero stable
	12	+ branch. See MAINTAINANCE.md for details on the maintaince policy.
	13	+
	14	+## Development process
	15	+
	16	+* Every new feature or non-trivial bugfix should be reviewed by at least one
	17	+ committer. This must be the case even if the original author is a committer.
	18	+
	19	+ * In the case the original author is a committer, he/she should feel free to
	20	+ commit directly if after 1 week nobody has provided any kind of feedback.
	21	+
	22	+ * Developers who are not committers should feel free to ping committers if
	23	+ they do not get feedback on their contributions after 1 week.
	24	+
	25	+ * On GitLab, one can just add a comment to the merge request; one can also
	26	+ @-mention specific committers or other developers who have expertise on
	27	+ the area of the contribution.
	28	+
	29	+ * Committers should follow the activity of the project, and try to help
	30	+ reviewing contributions from others as much as possible.
	31	+
	32	+ * On GitLab one can get emails for all activity on a project by setting the
	33	+ [notification settings](https://gitlab.com/profile/notifications) to
	34	+ "watch".
	35	+
	36	+ * Anyone can help by reviewing contributions. Committers are the only ones
	37	+ who can give the final approval to a contribution, but everyone is welcome
	38	+ to help with code review, testing, etc.
	39	+
	40	+ * See note above about setting up notification on GitLab.
	41	+
	42	+* Committers should feel free to push trivial (or urgent) changes directly.
	43	+ There are no strict rule on what makes a change trivial or urgent; committers
	44	+ are expected to exercise good judgement on a case by case basis.
	45	+
	46	+ * Usually changes to the database are not trivial.
	47	+
	48	+* In the case of unsolvable conflict between commiters regarding any change to
	49	+ the code, the current release manager(s) will have the final say in the
	50	+ matter.
	51	+
	52	+* Release managers are responsible for stablishing a release schedule, and
	53	+ about deciding when and what to release.
	54	+
	55	+ * Release managers should announce release schedules to the project mailing
	56	+ lists in advance.
	57	+
	58	+ * The release schedule may include a period of feature freeze, during which
	59	+ no new features or any other changes that are not pre-approved by the
	60	+ release manager must be committed to the repository.
	61	+
	62	+ * Committers must respect the release schedule and feature freezes.
	63	+
	64	+## Maintainance process
	65	+
	66	+### Not all feature releases will be maintained as a stable release
	67	+
	68	+We will be choosing specific release series to be maintained as stable
	69	+releases.
	70	+
	71	+This means that a given release is not guaranteed to be maintained as a stable
	72	+release, but does not mean it won't be. Any committer (or anyone, really) can
	73	+decide to maintain a given release as stable and seek help from others to do
	74	+so.
	75	+
	76	+### No merges from stable branches to master
	77	+
	78	+All changes must be submitted against the master branch first, and when
	79	+applicable, backported to the desired stable releases. Exceptions to this rules
	80	+are bug fixes that only apply to a given stable branch and not to master.
	81	+
	82	+In the past we had non-trivial changes accepted into stable releases while
	83	+master was way ahead (e.g. during the rails3 migration period), that made the
	84	+merge back into master very painful. By eliminating the need to do these
	85	+merges, we save time for the people responsible for the release, and eliminate
	86	+the possibility of human errors or oversights causing changes to be accepted
	87	+into stable that will be a problem to merge back into master.
	88	+
	89	+By getting all fixes in master first, we improve the chances that a future
	90	+release will not present regressions against bugs that should already be fixed,
	91	+but the fixes got lost in a big, complicated merge (and those won't exist
	92	+anymore, at least not from stable branches to master).
	93	+
	94	+After a fix gets into master, backporting changes into a stable release branch
	95	+is the responsibility of whoever is maintaing that branch, and those interested
	96	+in it. The stable branch release manager(s) are entitled the final say on any
	97	+matters related to that branch.
	98	+
	99	+## Apendix A: how to become a committer
	100	+
	101	+Every developer that wants to be a committer should create [an issue on
	102	+Gitlab](https://gitlab.com/noosfero/noosfero/issues) requesting to be added as
	103	+a committer. This request must include information about the requestor's
	104	+previous contributions to the project.
	105	+
	106	+If 2 or more commiters consider second the request, the requestor is accepted
	107	+as new commiter and added to the Noosfero group.
	108	+
	109	+The existing committers are free to choose whatever criteria they want to
	110	+second the request, but they must be sure that the new committer is a
	111	+responsible developer and knows what she/he is doing. They must be aware that
	112	+seconding these requests means seconding the actions of the new committer: if
	113	+the new committer screw up, her/his seconds screwed up.
	114	+
	115	+## Apendix B: how to become a release manager
	116	+
	117	+A new release manager for the development version of Noosfero (i.e. the one
	118	+that includes new features, a.k.a. the master branch) is apointed by the
	119	+current release manager, and must be a committer first.
	120	+
	121	+Release managers for stable branches are self-appointed, i.e. whoever takes the
	122	+work takes the role. In case of a conflict (e.g. 2+ different people want to do
	123	+the work but can't agree on working together), the development release manager
	124	+decides.
...	...
1	1	source "https://rubygems.org"
2		-gem 'rails'
3		-gem 'fast_gettext'
4		-gem 'acts-as-taggable-on'
5		-gem 'prototype-rails'
6		-gem 'prototype_legacy_helper', '0.0.0', :path => 'vendor/prototype_legacy_helper'
7		-gem 'rails_autolink'
8		-gem 'pg'
9		-gem 'rmagick'
10		-gem 'RedCloth'
11		-gem 'will_paginate'
12		-gem 'ruby-feedparser'
13		-gem 'daemons'
14		-gem 'thin'
15		-gem 'hpricot'
16		-gem 'nokogiri'
	2	+gem 'rails', '~> 3.2.19'
	3	+gem 'fast_gettext', '~> 0.6.8'
	4	+gem 'acts-as-taggable-on', '~> 3.0.2'
	5	+gem 'prototype-rails', '~> 3.2.1'
	6	+gem 'prototype_legacy_helper', '0.0.0', :path => 'vendor/prototype_legacy_helper'
	7	+gem 'rails_autolink', '~> 1.1.5'
	8	+gem 'pg', '~> 0.13.2'
	9	+gem 'rmagick', '~> 2.13.1'
	10	+gem 'RedCloth', '~> 4.2.9'
	11	+gem 'will_paginate', '~> 3.0.3'
	12	+gem 'ruby-feedparser', '~> 0.7'
	13	+gem 'daemons', '~> 1.1.5'
	14	+gem 'thin', '~> 1.3.1'
	15	+gem 'hpricot', '~> 0.8.6'
	16	+gem 'nokogiri', '~> 1.5.5'
17	17	gem 'rake', :require => false
18		-gem 'rest-client'
19		-gem 'exception_notification'
	18	+gem 'rest-client', '~> 1.6.7'
	19	+gem 'exception_notification', '~> 4.0.1'
	20	+gem 'gettext', '~> 2.2.1', :require => false, :group => :development
	21	+gem 'locale', '~> 2.0.5'
20	22
21	23	# FIXME list here all actual dependencies (i.e. the ones in debian/control),
22	24	# with their GEM names (not the Debian package names)
23	25
24	26	group :production do
25		- gem 'dalli'
	27	+ gem 'dalli', '~> 2.7.0'
26	28	end
27	29
28	30	group :test do
29		- gem 'rspec'
30		- gem 'rspec-rails'
31		- gem 'mocha', :require => false
	31	+ gem 'rspec', '~> 2.10.0'
	32	+ gem 'rspec-rails', '~> 2.10.1'
	33	+ gem 'mocha', '~> 1.1.0', :require => false
32	34	end
33	35
34	36	group :cucumber do
35		- gem 'cucumber-rails', :require => false
36		- gem 'capybara'
37		- gem 'cucumber'
38		- gem 'database_cleaner'
39		- gem 'selenium-webdriver'
	37	+ gem 'cucumber-rails', '~> 1.0.6', :require => false
	38	+ gem 'capybara', '~> 2.1.0'
	39	+ gem 'cucumber', '~> 1.0.6'
	40	+ gem 'database_cleaner', '~> 1.2.0'
	41	+ gem 'selenium-webdriver', '~> 2.39.0'
40	42	end
41	43
42		-# include plugin gemfiles
43		-Dir.glob(File.join('config', 'plugins', '*')).each do \|plugin\|
44		- plugin_gemfile = File.join(plugin, 'Gemfile')
45		- eval File.read(plugin_gemfile) if File.exists?(plugin_gemfile)
	44	+# include gemfiles from enabled plugins
	45	+# plugins in baseplugins/ are not included on purpose. They should not have any
	46	+# dependencies.
	47	+Dir.glob('config/plugins/*/Gemfile').each do \|gemfile\|
	48	+ eval File.read(gemfile)
46	49	end
...	...
...	...	@@ -1,191 +0,0 @@
1		-PATH
2		- remote: vendor/prototype_legacy_helper
3		- specs:
4		- prototype_legacy_helper (0.0.0)
5		-
6		-GEM
7		- remote: https://rubygems.org/
8		- specs:
9		- RedCloth (4.2.9)
10		- actionmailer (3.2.6)
11		- actionpack (= 3.2.6)
12		- mail (~> 2.4.4)
13		- actionpack (3.2.6)
14		- activemodel (= 3.2.6)
15		- activesupport (= 3.2.6)
16		- builder (~> 3.0.0)
17		- erubis (~> 2.7.0)
18		- journey (~> 1.0.1)
19		- rack (~> 1.4.0)
20		- rack-cache (~> 1.2)
21		- rack-test (~> 0.6.1)
22		- sprockets (~> 2.1.3)
23		- activemodel (3.2.6)
24		- activesupport (= 3.2.6)
25		- builder (~> 3.0.0)
26		- activerecord (3.2.6)
27		- activemodel (= 3.2.6)
28		- activesupport (= 3.2.6)
29		- arel (~> 3.0.2)
30		- tzinfo (~> 0.3.29)
31		- activeresource (3.2.6)
32		- activemodel (= 3.2.6)
33		- activesupport (= 3.2.6)
34		- activesupport (3.2.6)
35		- i18n (~> 0.6)
36		- multi_json (~> 1.0)
37		- acts-as-taggable-on (3.0.2)
38		- rails (>= 3, < 5)
39		- arel (3.0.2)
40		- builder (3.0.0)
41		- capybara (2.1.0)
42		- mime-types (>= 1.16)
43		- nokogiri (>= 1.3.3)
44		- rack (>= 1.0.0)
45		- rack-test (>= 0.5.4)
46		- xpath (~> 2.0)
47		- childprocess (0.3.3)
48		- ffi (~> 1.0.6)
49		- cucumber (1.0.6)
50		- builder (>= 2.1.2)
51		- diff-lcs (>= 1.1.2)
52		- gherkin (~> 2.4.18)
53		- json (>= 1.4.6)
54		- term-ansicolor (>= 1.0.6)
55		- cucumber-rails (1.0.6)
56		- capybara (>= 1.1.1)
57		- cucumber (>= 1.0.6)
58		- nokogiri (>= 1.5.0)
59		- daemons (1.1.5)
60		- dalli (2.7.0)
61		- database_cleaner (1.2.0)
62		- diff-lcs (1.1.3)
63		- erubis (2.7.0)
64		- eventmachine (0.12.10)
65		- exception_notification (4.0.1)
66		- actionmailer (>= 3.0.4)
67		- activesupport (>= 3.0.4)
68		- fast_gettext (0.6.8)
69		- ffi (1.0.11)
70		- gherkin (2.4.21)
71		- json (>= 1.4.6)
72		- hike (1.2.1)
73		- hpricot (0.8.6)
74		- i18n (0.6.0)
75		- journey (1.0.3)
76		- json (1.7.3)
77		- mail (2.4.4)
78		- i18n (>= 0.4.0)
79		- mime-types (~> 1.16)
80		- treetop (~> 1.4.8)
81		- metaclass (0.0.1)
82		- mime-types (1.19)
83		- mocha (0.11.3)
84		- metaclass (~> 0.0.1)
85		- multi_json (1.3.6)
86		- nokogiri (1.5.5)
87		- pg (0.13.2)
88		- polyglot (0.3.3)
89		- prototype-rails (3.2.1)
90		- rails (~> 3.2)
91		- rack (1.4.1)
92		- rack-cache (1.2)
93		- rack (>= 0.4)
94		- rack-ssl (1.3.2)
95		- rack
96		- rack-test (0.6.1)
97		- rack (>= 1.0)
98		- rails (3.2.6)
99		- actionmailer (= 3.2.6)
100		- actionpack (= 3.2.6)
101		- activerecord (= 3.2.6)
102		- activeresource (= 3.2.6)
103		- activesupport (= 3.2.6)
104		- bundler (~> 1.0)
105		- railties (= 3.2.6)
106		- rails_autolink (1.1.5)
107		- rails (> 3.1)
108		- railties (3.2.6)
109		- actionpack (= 3.2.6)
110		- activesupport (= 3.2.6)
111		- rack-ssl (~> 1.3.2)
112		- rake (>= 0.8.7)
113		- rdoc (~> 3.4)
114		- thor (>= 0.14.6, < 2.0)
115		- rake (0.9.2.2)
116		- rdoc (3.9.4)
117		- rest-client (1.6.7)
118		- mime-types (>= 1.16)
119		- rmagick (2.13.1)
120		- rspec (2.10.0)
121		- rspec-core (~> 2.10.0)
122		- rspec-expectations (~> 2.10.0)
123		- rspec-mocks (~> 2.10.0)
124		- rspec-core (2.10.1)
125		- rspec-expectations (2.10.0)
126		- diff-lcs (~> 1.1.3)
127		- rspec-mocks (2.10.1)
128		- rspec-rails (2.10.1)
129		- actionpack (>= 3.0)
130		- activesupport (>= 3.0)
131		- railties (>= 3.0)
132		- rspec (~> 2.10.0)
133		- ruby-feedparser (0.7)
134		- rubyzip (1.1.2)
135		- selenium-webdriver (2.39.0)
136		- childprocess (>= 0.2.5)
137		- multi_json (~> 1.0)
138		- rubyzip (~> 1.0)
139		- websocket (~> 1.0.4)
140		- sprockets (2.1.3)
141		- hike (~> 1.2)
142		- multi_json (~> 1.0)
143		- rack (~> 1.0)
144		- tilt (~> 1.1, != 1.3.0)
145		- term-ansicolor (1.0.7)
146		- thin (1.3.1)
147		- daemons (>= 1.0.9)
148		- eventmachine (>= 0.12.6)
149		- rack (>= 1.0.0)
150		- thor (0.15.3)
151		- tilt (1.3.3)
152		- treetop (1.4.10)
153		- polyglot
154		- polyglot (>= 0.3.1)
155		- tzinfo (0.3.33)
156		- websocket (1.0.7)
157		- will_paginate (3.0.3)
158		- xpath (2.0.0)
159		- nokogiri (~> 1.3)
160		-
161		-PLATFORMS
162		- ruby
163		-
164		-DEPENDENCIES
165		- RedCloth
166		- acts-as-taggable-on
167		- capybara
168		- cucumber
169		- cucumber-rails
170		- daemons
171		- dalli
172		- database_cleaner
173		- exception_notification
174		- fast_gettext
175		- hpricot
176		- mocha
177		- nokogiri
178		- pg
179		- prototype-rails
180		- prototype_legacy_helper (= 0.0.0)!
181		- rails
182		- rails_autolink
183		- rake
184		- rest-client
185		- rmagick
186		- rspec
187		- rspec-rails
188		- ruby-feedparser
189		- selenium-webdriver
190		- thin
191		- will_paginate
1		-Setup Noosfero to use HTTPS
2		-===========================
	1	+# Setup Noosfero to use HTTPS
3	2
4	3	This document assumes that you have a fully and clean Noosfero
5	4	installation as explained at the `INSTALL.md` file.
6	5
7		-SSL certificate
8		-+++++++++++++++
	6	+## Creating a self-signed SSL certificate
9	7
10	8	You should get a valid SSL certificate, but if you want to test
11	9	your setup before, you could generate a self-signed certificate
...	...	@@ -17,99 +15,106 @@ as below:
17	15	# openssl req -new -x509 -nodes -sha1 -days $[10*365] -key noosfero.key > noosfero.cert
18	16	# cat noosfero.key noosfero.cert > noosfero.pem
19	17
	18	+## Web server configuration
	19	+
20	20	There are two ways of using SSL with Noosfero: 1) If you are not using
21	21	Varnish; and 2) If you are using Varnish.
22	22
23		-1) If you are are not using Varnish
24		-+++++++++++++++++++++++++++++++++++
	23	+### 1) If you are are not using Varnish
25	24
26	25	Simply do a redirect in apache to force all connections with SSL:
27	26
28		- <VirtualHost *:8080>
29		- ServerName test.stoa.usp.br
30		-
31		- Redirect / https://example.com/
32		- </VirtualHost>
	27	+```
	28	+<VirtualHost *:8080>
	29	+ ServerName test.stoa.usp.br
	30	+ Redirect / https://example.com/
	31	+</VirtualHost>
	32	+```
33	33
34	34	And set a vhost to receive then:
35	35
36		- <VirtualHost *:443>
37		- ServerName example.com
38		-
39		- SSLEngine On
40		- SSLCertificateFile /etc/ssl/certs/cert.pem
41		- SSLCertificateKeyFile /etc/ssl/private/cert.key
42		-
43		- Include /etc/noosfero/apache/virtualhost.conf
44		- </VirtualHost>
	36	+```
	37	+<VirtualHost *:443>
	38	+ ServerName example.com
	39	+ SSLEngine On
	40	+ SSLCertificateFile /etc/ssl/certs/cert.pem
	41	+ SSLCertificateKeyFile /etc/ssl/private/cert.key
	42	+ Include /etc/noosfero/apache/virtualhost.conf
	43	+</VirtualHost>
	44	+```
45	45
46	46	Be aware that if you had configured varnish, the requests won't reach
47	47	it with this configuration.
48	48
49		-2) If you are using Varnish
50		-+++++++++++++++++++++++++++
51		-
52		-Varnish isn't able to communicate with the SSL protocol, so we will
53		-need some one who do this and Pound[1] can do the job. In order to
54		-install it in Debian based systems:
	49	+### 2) If you are using Varnish
55	50
56		- $ sudo apt-get install pound
	51	+Varnish isn't able to communicate with the SSL protocol, so we will need some
	52	+one else who do this and [Pound](http://www.apsis.ch/pound) can do the job. In
	53	+order to install it in Debian based systems:
57	54
58		-Set Varnish to listen in other port than 80:
	55	+```
	56	+$ sudo apt-get install pound
	57	+```
59	58
60		-/etc/defaults/varnish
61		----------------------
	59	+Set Varnish to listen in other port than 80 in `/etc/defaults/varnish`:
62	60
63		- DAEMON_OPTS="-a localhost:6081 \
64		- -T localhost:6082 \
65		- -f /etc/varnish/default.vcl \
66		- -S /etc/varnish/secret \
67		- -s file,/var/lib/varnish/$INSTANCE/varnish_storage.bin,1G"
	61	+```
	62	+DAEMON_OPTS="-a localhost:6081 \
	63	+ -T localhost:6082 \
	64	+ -f /etc/varnish/default.vcl \
	65	+ -S /etc/varnish/secret \
	66	+ -s file,/var/lib/varnish/$INSTANCE/varnish_storage.bin,1G"
	67	+```
68	68
69	69	Configure Pound:
70	70
71		- # cp /usr/share/noosfero/etc/pound.cfg /etc/pound/
72		-
73		-Edit /etc/pound.cfg and set the IP and domain of your server.
	71	+```
	72	+# cp /usr/share/noosfero/etc/pound.cfg /etc/pound/
	73	+```
74	74
75		-Configure Pound to start at system initialization:
	75	+Edit `/etc/pound.cfg` and set the IP and domain of your server.
76	76
77		-/etc/default/pound
	77	+Configure Pound to start at system initialization. At `/etc/default/pound`:
78	78	------------------
79	79
80		- startup=1
	80	+```
	81	+startup=1
	82	+```
81	83
82		-Set Apache to only listen to localhost:
	84	+Set Apache to only listen to localhost, at `/etc/apache2/ports.conf`:
83	85
84		-/etc/apache2/ports.conf
85		------------------------
86		-
87		- Listen 127.0.0.1:8080
	86	+```
	87	+Listen 127.0.0.1:8080
	88	+```
88	89
89	90	Restart the services:
90	91
91		- $ sudo service apache2 restart
92		- $ sudo service varnish restart
	92	+```
	93	+$ sudo service apache2 restart
	94	+$ sudo service varnish restart
	95	+```
93	96
94	97	Start pound:
95	98
96		- $ sudo service pound start
97		-
98		-[1] http://www.apsis.ch/pound
	99	+```
	100	+$ sudo service pound start
	101	+```
99	102
100		-Noosfero XMPP chat
101		-++++++++++++++++++
	103	+## Noosfero XMPP chat
102	104
103	105	If you want to use chat over HTTPS, then you should add the domain
104		-and IP of your server in the /etc/hosts file, example:
	106	+and IP of your server in the /etc/hosts file, example
105	107
106		-/etc/hosts
107		-----------
	108	+`/etc/hosts:`
108	109
109		- 192.168.1.86 mydomain.example.com
	110	+```
	111	+192.168.1.86 mydomain.example.com
	112	+```
110	113
111		-Also, it's recomended that you remove lines above from the file
	114	+Also, it's recomended that you remove the lines below from the file
112	115	`/etc/apache2/sites-enabled/noosfero`:
113	116
114		- RewriteEngine On
115		- Include /usr/share/noosfero/util/chat/apache/xmpp.conf
	117	+```
	118	+RewriteEngine On
	119	+Include /usr/share/noosfero/util/chat/apache/xmpp.conf
	120	+```
...	...
...	...	@@ -0,0 +1,29 @@
	1	+Using custom locales
	2	+====================
	3	+
	4	+Personalized translations go into the `config/custom_locales/` directory.
	5	+Custom locales can be identified by the rails environment, schema name in a
	6	+multitenancy setup or domain name until the first dot (e.g env1.coop.br for the
	7	+example below).
	8	+
	9	+Currently, the only filename prefix for the localization file which is
	10	+processed is "environment". For instance, a POT file would be called
	11	+"environment.pot".
	12	+
	13	+The structure of an environment named env1 with custom translations for both
	14	+Portuguese and Spanish and an environment named env2 with custom Russian
	15	+translation would be:
	16	+
	17	+ config/
	18	+ custom_locales/
	19	+ env1/
	20	+ environment.pot
	21	+ pt/
	22	+ environment.po
	23	+ es/
	24	+ environment.po
	25	+ env2/
	26	+ environment.pot
	27	+ ru/
	28	+ environment.po
	29	+
...	...
...	...	@@ -186,8 +186,8 @@ Apache instalation
186	186
187	187	# apt-get install apache2
188	188
189		-Apache configuration
190		---------------------
	189	+Configuration - noosfero at /
	190	+-----------------------------
191	191
192	192	First you have to enable the following some apache modules:
193	193
...	...	@@ -257,6 +257,62 @@ Now restart your apache server (as root):
257	257
258	258	# invoke-rc.d apache2 restart
259	259
	260	+Configuration - noosfero at a /subdirectory
	261	+-------------------------------------------
	262	+
	263	+This section describes how to configure noosfero at a subdirectory, what is
	264	+specially useful when you want Noosfero to share a domain name with other
	265	+applications. For example you can host noosfero at yourdomain.com/social, a
	266	+webmail application at yourdomain.com/webmail, and have a static HTML website
	267	+at yourdomain.com/.
	268	+
	269	+NOTE: Some plugins might not work well with this setting. Before deploying
	270	+this setting, make sure you test that everything you need works properly with
	271	+it.
	272	+
	273	+The configuration is similar to the main configuration instructions, except for
	274	+the following points. In the description below, replace '/subdirectory' with
	275	+the actual subdirectory you want.
	276	+
	277	+1) add a `prefix: /subdirectory` line to your thin configuration file (thin.yml).
	278	+
	279	+1.1) remember to restart the noosfero application server whenever you make
	280	+changes to that configuration file.
	281	+
	282	+ # service noosfero restart
	283	+
	284	+2) add a line saying `export RAILS_RELATIVE_URL_ROOT=/subdirectory` to
	285	+/etc/default/noosfero (you can create it with just this line if it does not
	286	+exist already).
	287	+
	288	+3) You should add the following apache configuration to an existing virtual
	289	+host (plus the `<Proxy balancer://noosfero>` section as displayed above):
	290	+
	291	+```
	292	+Alias /subdirectory /path/to/noosfero/public
	293	+<Directory "/path/to/noosfero/public">
	294	+ Options FollowSymLinks
	295	+ AllowOverride None
	296	+ Order Allow,Deny
	297	+ Allow from all
	298	+
	299	+ Include /path/to/noosfero/etc/noosfero/apache/cache.conf
	300	+
	301	+ RewriteEngine On
	302	+ RewriteBase /subdirectory
	303	+ # Rewrite index to check for static index.html
	304	+ RewriteRule ^$ index.html [QSA]
	305	+ # Rewrite to check for Rails cached page
	306	+ RewriteRule ^([^.]+)$ $1.html [QSA]
	307	+ RewriteCond %{REQUEST_FILENAME} !-f
	308	+ RewriteRule ^(.*)$ http://localhost:3000%{REQUEST_URI} [P,QSA,L]
	309	+</Directory>
	310	+```
	311	+
	312	+3.1) remember to reload the apache server whenever any apache configuration
	313	+file changes.
	314	+
	315	+ # sudo service apache2 reload
260	316
261	317	Enabling exception notifications
262	318	================================
...	...
...	...	@@ -6,3 +6,13 @@
6	6	require File.expand_path('../config/application', __FILE__)
7	7
8	8	Noosfero::Application.load_tasks
	9	+
	10	+[
	11	+ "baseplugins//{tasks,lib/tasks,rails/tasks}//.rake",
	12	+ "config/plugins//{tasks,lib/tasks,rails/tasks}//.rake",
	13	+ "config/plugins//vendor/plugins//{tasks,lib/tasks,rails/tasks}/*/.rake",
	14	+].map do \|pattern\|
	15	+ Dir.glob(pattern).sort
	16	+end.flatten.each do \|taskfile\|
	17	+ load taskfile
	18	+end
...	...
...	...	@@ -3,7 +3,7 @@
3	3
4	4	VAGRANTFILE_API_VERSION = "2"
5	5	Vagrant.configure(VAGRANTFILE_API_VERSION) do \|config\|
6		- config.vm.box = "debian-wheezy"
	6	+ config.vm.box = ENV.fetch('VAGRANT_BOX', "debian-wheezy")
7	7	config.vm.network :forwarded_port, host: 3000, guest: 3000
8	8	config.vm.provision :shell do \|shell\|
9	9	shell.inline = 'su vagrant -c /vagrant/script/vagrant'
...	...