Merge branch 'production' of gitlab.com:participa/noosfero into production

Ábner Silva de Oliveira
2 parents 3a45d3f4 973b71d6
Showing 195 changed files with 79917 additions and 75163 deletions Show diff stats
.gitlab-ci.yml
.gitmodules
.travis.yml
AUTHORS.md
Gemfile
app/controllers/application_controller.rb
app/controllers/my_profile/cms_controller.rb
app/controllers/my_profile/tasks_controller.rb
app/controllers/public/account_controller.rb
app/controllers/public/api_controller.rb
app/helpers/application_helper.rb
app/helpers/comment_helper.rb
app/helpers/content_viewer_helper.rb
app/helpers/events_helper.rb
app/helpers/task_helper.rb
app/models/add_friend.rb
app/models/add_member.rb
app/models/approve_article.rb
app/models/article.rb
app/models/change_password.rb
@@ -0,0 +1,24 @@
+before_script:
+  - mkdir -p tmp/pids log
+  - bundle check || bundle install
+  - script/noosfero-plugins disableall
+  - bundle exec rake makemo &>/dev/null
+# database
+  - cp config/database.yml.gitlab-ci config/database.yml
+  - createdb gitlab_ci_test || true
+  - bundle exec rake db:schema:load &>/dev/null
+  - bundle exec rake db:migrate &>/dev/null
+
+units:
+  script: bundle exec rake test:units
+functionals:
+  script: bundle exec rake test:functionals
+integration:
+  script: bundle exec rake test:integration
+cucumber:
+  script: bundle exec rake cucumber
+selenium:
+  script: bundle exec rake selenium
+plugins:
+  script: bundle exec rake test:noosfero_plugins
+
@@ -28,3 +28,9 @@
 [submodule "public/proposal-app"]
 	path = public/proposal-app
 	url = https://gitlab.com/participa/proposal-app.git
+[submodule "plugins/gravatar-provider"]
+	path = plugins/gravatar-provider
+	url = https://gitlab.com/noosfero-plugins/gravatar-provider.git
+[submodule "plugins/juventude"]
+	path = plugins/juventude
+	url = https://gitlab.com/noosfero-plugins/juventude.git
@@ -0,0 +1,50 @@
+language: ruby
+rvm:
+# for 2.2 support we need to upgrade the pg gem
+  - 2.1.6
+cache: bundler
+
+sudo: false
+addons:
+  apt:
+    packages:
+      - po4a
+      - iso-codes
+      - tango-icon-theme
+      - pidgin-data
+      # for gem extensions
+      - libmagickwand-dev
+      - libpq-dev
+      - libreadline-dev
+      - libsqlite3-dev
+      - libxslt1-dev
+
+before_install:
+# FIXME: workaround while https://github.com/travis-ci/travis-ci/issues/4210 is open
+  - rm config/initializers/default_icon_theme.rb
+# selenium support
+  - export DISPLAY=:99.0
+  - sh -e /etc/init.d/xvfb start
+
+before_script:
+  - mkdir -p tmp/pids log
+  - bundle check || bundle install
+  - script/noosfero-plugins disableall
+  - bundle exec rake makemo &>/dev/null
+# database
+  - cp config/database.yml.travis config/database.yml
+  - psql -c 'create database myapp_test;' -U postgres
+  - bundle exec rake db:schema:load &>/dev/null
+  - bundle exec rake db:migrate &>/dev/null
+
+env:
+  - TASK=test:units
+  - TASK=test:functionals
+  - TASK=test:integration
+  - TASK=cucumber
+  - TASK=selenium
+  - TASK=test:noosfero_plugins
+
+script:
+  - bundle exec rake $TASK
+
@@ -6,131 +6,136 @@ noosfero, that&#39;s not a problem).
 Developers
 ==========
-Ábner Silva de Oliveira <abner.oliveira@serpro.gov.br>
 Alan Freihof Tygel <alantygel@gmail.com>
-alcampelo <alcampelo@alcampelo.(none)>
-Alessandro Palmeira <alessandro.palmeira@gmail.com>
 Alessandro Palmeira + Caio C. Salgado <alessandro.palmeira@gmail.com>
+Alessandro Palmeira + Caio Salgado + Diego Araújo + João M. M. da Silva <diegoamc90@gmail.com>
 Alessandro Palmeira + Caio Salgado <alessandro.palmeira@gmail.com>
 Alessandro Palmeira + Caio Salgado <caio.csalgado@gmail.com>
-Alessandro Palmeira + Caio Salgado + Diego Araújo + João M. M. da Silva <diegoamc90@gmail.com>
 Alessandro Palmeira + Carlos Morais <alessandro.palmeira@gmail.com>
-Alessandro Palmeira + Daniel Alves <alessandro.palmeira@gmail.com>
-Alessandro Palmeira + Daniel Alves + Diego Araújo <diegoamc90@gmail.com>
 Alessandro Palmeira + Daniel Alves + Diego Araújo + Guilherme Rojas <danpaulalves@gmail.com>
-Alessandro Palmeira + Diego Araujo <alessandro.palmeira@gmail.com>
-Alessandro Palmeira + Diego Araújo <alessandro.palmeira@gmail.com>
+Alessandro Palmeira + Daniel Alves + Diego Araújo <diegoamc90@gmail.com>
+Alessandro Palmeira + Daniel Alves <alessandro.palmeira@gmail.com>
 Alessandro Palmeira + Diego Araujo + Daniela Feitosa <alessandro.palmeira@gmail.com>
-Alessandro Palmeira + Diego Araujo <diegoamc90@gmail.com>
-Alessandro Palmeira + Diego Araújo <diegoamc90@gmail.com>
 Alessandro Palmeira + Diego Araujo + Eduardo Morais <alessandro.palmeira@gmail.com>
+Alessandro Palmeira + Diego Araujo + João M. M. da Silva + Paulo Meirelles <alessandro.palmeira@gmail.com>
+Alessandro Palmeira + Diego Araujo + Rafael Manzo <alessandro.palmeira@gmail.com>
+Alessandro Palmeira + Diego Araujo <alessandro.palmeira@gmail.com>
+Alessandro Palmeira + Diego Araujo <diegoamc90@gmail.com>
 Alessandro Palmeira + Diego Araújo + João M. M. da Silva <alessandro.palmeira@gmail.com>
 Alessandro Palmeira + Diego Araújo + João M. M. da Silva <diegoamc90@gmail.com>
-Alessandro Palmeira + Diego Araujo + João M. M. da Silva + Paulo Meirelles <alessandro.palmeira@gmail.com>
-Alessandro Palmeira + Diego Araújo + Pedro Leal <diegoamc90@gmail.com>
 Alessandro Palmeira + Diego Araújo + Pedro Leal + João M. M. da Silva <diegoamc90@gmail.com>
-Alessandro Palmeira + Diego Araujo + Rafael Manzo <alessandro.palmeira@gmail.com>
+Alessandro Palmeira + Diego Araújo + Pedro Leal <diegoamc90@gmail.com>
+Alessandro Palmeira + Diego Araújo <alessandro.palmeira@gmail.com>
+Alessandro Palmeira + Diego Araújo <diegoamc90@gmail.com>
 Alessandro Palmeira + Eduardo Morais <alessandro.palmeira@gmail.com>
 Alessandro Palmeira + Guilherme Rojas <alessandro.palmeira@gmail.com>
 Alessandro Palmeira + Jefferson Fernandes <alessandro.palmeira@gmail.com>
-Alessandro Palmeira + João M. M. da Silva <alessandro.palmeira@gmail.com>
 Alessandro Palmeira + Joao M. M. da Silva + Diego Araujo <alessandro.palmeira@gmail.com>
-Alessandro Palmeira + João M. M. da Silva + Renan Teruo <alessandro.palmeira@gmail.com>
 Alessandro Palmeira + João M. M. Silva <alessandro.palmeira@gmail.com>
-Alessandro Palmeira + Paulo Meirelles <alessandro.palmeira@gmail.com>
+Alessandro Palmeira + João M. M. da Silva + Renan Teruo <alessandro.palmeira@gmail.com>
+Alessandro Palmeira + João M. M. da Silva <alessandro.palmeira@gmail.com>
 Alessandro Palmeira + Paulo Meirelles + João M. M. da Silva <alessandro.palmeira@gmail.com>
+Alessandro Palmeira + Paulo Meirelles <alessandro.palmeira@gmail.com>
 Alessandro Palmeira + Rafael Manzo <alessandro.palmeira@gmail.com>
-analosnak <analosnak@gmail.com>
+Alessandro Palmeira <alessandro.palmeira@gmail.com>
 Ana Losnak <analosnak@gmail.com>
 Andre Bernardes <andrebsguedes@gmail.com>
+André Bernardes <andrebsguedes@gmail.com>
+André Guedes <andrebsguedes@fedora.local>
+André Guedes <andrebsguedes@gmail.com>
 Antonio Terceiro + Carlos Morais <terceiro@colivre.coop.br>
 Antonio Terceiro + Paulo Meirelles <terceiro@colivre.coop.br>
 Antonio Terceiro <terceiro@colivre.coop.br>
 Arthur Del Esposte <arthurmde@gmail.com>
 Arthur Del Esposte <arthurmde@yahoo.com.br>
+Athos Ribeiro <athoscribeiro@gmail.com>
 Aurelio A. Heckert <aurelio@colivre.coop.br>
+Braulio Bhavamitra <braulio@eita.org.br>
 Braulio Bhavamitra <brauliobo@gmail.com>
 Bráulio Bhavamitra <brauliobo@gmail.com>
-Braulio Bhavamitra <braulio@eita.org.br>
-Caio <caio.csalgado@gmail.com>
 Caio + Diego + Pedro + João <caio.csalgado@gmail.com>
+Caio <caio.csalgado@gmail.com>
 Caio Formiga <caio.formiga@gmail.com>
-Caio, Pedro <caio.csalgado@gmail.com>
+Caio SBA <caio@colivre.coop.br>
 Caio Salgado + Alessandro Palmeira <caio.csalgado@gmail.com>
-Caio Salgado <caio.csalgado@gmail.com>
 Caio Salgado + Carlos Morais + Diego Araújo + Pedro Leal <diegoamc90@gmail.com>
 Caio Salgado + Diego Araujo <caio.csalgado@gmail.com>
-Caio Salgado + Diego Araújo <caio.csalgado@gmail.com>
-Caio Salgado + Diego Araújo <diegoamc90@gmail.com>
 Caio Salgado + Diego Araújo + Jefferson Fernandes <caio.csalgado@gmail.com>
 Caio Salgado + Diego Araújo + João M. M. da Silva <caio.csalgado@gmail.com>
 Caio Salgado + Diego Araújo + Pedro Leal <caio.csalgado@gmail.com>
 Caio Salgado + Diego Araújo + Pedro Leal <diegoamc90@gmail.com>
 Caio Salgado + Diego Araújo + Rafael Manzo <diegoamc90@gmail.com>
+Caio Salgado + Diego Araújo <caio.csalgado@gmail.com>
+Caio Salgado + Diego Araújo <diegoamc90@gmail.com>
 Caio Salgado + Jefferson Fernandes <caio.csalgado@gmail.com>
 Caio Salgado + Jefferson Fernandes <jeffs.fernandes@gmail.com>
 Caio Salgado + Rafael Manzo <caio.csalgado@gmail.com>
+Caio Salgado + Renan Teruo + Jefferson Fernandes <jeffs.fernandes@gmail.com>
 Caio Salgado + Renan Teruo <caio.csalgado@gmail.com>
 Caio Salgado + Renan Teruo <caio.salgado@gmail.com>
-Caio Salgado + Renan Teruo + Jefferson Fernandes <jeffs.fernandes@gmail.com>
 Caio Salgado + Renan Teruo <renanteruoc@gmail.com>
-Caio SBA <caio@colivre.coop.br>
+Caio Salgado <caio.csalgado@gmail.com>
 Caio Tiago Oliveira <caiotiago@colivre.coop.br>
+Caio, Pedro <caio.csalgado@gmail.com>
 Carlos Andre de Souza <carlos.andre.souza@msn.com>
-Carlos Morais <carlos88morais@gmail.com>
 Carlos Morais + Diego Araújo <diegoamc90@gmail.com>
 Carlos Morais + Eduardo Morais <carlos88morais@gmail.com>
 Carlos Morais + Paulo Meirelles <carlos88morais@gmail.com>
 Carlos Morais + Pedro Leal <carlos88morais@gmail.com>
+Carlos Morais <carlos88morais@gmail.com>
+Christophe DANIEL <papaeng@gmail.com>
 Daniel Alves + Diego Araújo <danpaulalves@gmail.com>
 Daniel Alves + Diego Araújo <diegoamc90@gmail.com>
 Daniel Alves + Diego Araújo + Guilherme Rojas <danpaulalves@gmail.com>
 Daniel Alves + Diego Araújo + Guilherme Rojas <diegoamc90@gmail.com>
 Daniel Alves + Diego Araújo + Guilherme Rojas <guilhermehrojas@gmail.com>
+Daniel Alves + Diego Araújo <danpaulalves@gmail.com>
+Daniel Alves + Diego Araújo <diegoamc90@gmail.com>
 Daniel Alves + Guilherme Rojas <danpaulalves@gmail.com>
 Daniel Alves + Rafael Manzo <rr.manzo@gmail.com>
-Daniela Soares Feitosa <danielafeitosa@colivre.coop.br>
 Daniel Bucher <daniel.bucher88@gmail.com>
 Daniel Cunha <daniel@colivre.coop.br>
-daniel <dtygel@eita.org.br>
+Daniela Soares Feitosa <danielafeitosa@colivre.coop.br>
 David Carlos <ddavidcarlos1392@gmail.com>
-diegoamc <diegoamc90@gmail.com>
-Diego Araújo + Alessandro Palmeira <diegoamc90@gmail.com>
+Diego + Jefferson <diegoamc90@gmail.com>
+Diego + Renan <renanteruoc@gmail.com>
+Diego Araujo + Caio Salgado <diegoamc90@gmail.com>
+Diego Araujo + Jefferson Fernandes <jeffs.fernandes@gmail.com>
+Diego Araujo + Rafael Manzo <diegoamc90@gmail.com>
+Diego Araujo + Rodrigo Souto + Rafael Manzo <rr.manzo@gmail.com>
 Diego Araújo + Alessandro Palmeira + João M. M. da Silva <diegoamc90@gmail.com>
 Diego Araújo + Alessandro Palmeira + Rafael Manzo <rr.manzo@gmail.com>
-Diego Araujo + Caio Salgado <diegoamc90@gmail.com>
+Diego Araújo + Alessandro Palmeira <diegoamc90@gmail.com>
 Diego Araújo + Daniel Alves + Rafael Manzo <rr.manzo@gmail.com>
-Diego Araújo <diegoamc90@gmail.com>
 Diego Araújo + Eduardo Morais + Paulo Meirelles <diegoamc90@gmail.com>
 Diego Araújo + Guilherme Rojas <diegoamc90@gmail.com>
 Diego Araújo + Jefferson Fernandes <diegoamc90@gmail.com>
-Diego Araujo + Jefferson Fernandes <jeffs.fernandes@gmail.com>
-Diego Araújo + João Machini <diegoamc90@gmail.com>
-Diego Araújo + João Machini <digoamc90@gmail.com>
 Diego Araújo + João M. M. da Silva + Alessandro Palmeira <jaodsilv@linux.ime.usp.br>
-Diego Araújo + João M. M. da Silva <diegoamc90@gmail.com>
 Diego Araújo + João M. M. da Silva + João Machini <diegoamc90@gmail.com>
 Diego Araújo + João M. M. da Silva + Pedro Leal <diegoamc90@gmail.com>
+Diego Araújo + João M. M. da Silva <diegoamc90@gmail.com>
+Diego Araújo + João Machini <diegoamc90@gmail.com>
+Diego Araújo + João Machini <digoamc90@gmail.com>
 Diego Araújo + Paulo Meirelles <diegoamc90@gmail.com>
 Diego Araújo + Pedro Leal <diegoamc90@gmail.com>
-Diego Araujo + Rafael Manzo <diegoamc90@gmail.com>
 Diego Araújo + Rafael Manzo <diegoamc90@gmail.com>
 Diego Araújo + Renan Teruo + Alessandro Palmeira <diegoamc90@gmail.com>
 Diego Araújo + Renan Teruo <diegoamc90@gmail.com>
-Diego Araujo + Rodrigo Souto + Rafael Manzo <rr.manzo@gmail.com>
-Diego + Jefferson <diegoamc90@gmail.com>
+Diego Araújo <diegoamc90@gmail.com>
 Diego Martinez <diegoamc90@gmail.com>
-Diego + Renan <renanteruoc@gmail.com>
-dtygel <dtygel@gmail.com>
 DylanGuedes <djmgguedes@gmail.com>
 Eduardo Passos <eduardo@risa.localdomain.localhost>
 Eduardo Passos <eduardosteps@gmail.com>
 Eduardo Tourinho Edington <eduardo.edington@serpro.gov.br>
+Eduardo Vital <vitaldu@gmail.com>
 Evandro Jr <evandrojr@gmail.com>
 Evandro Junior <evandrojr@gmail.com>
+Evandro Magalhaes Leite Junior <evandro.leite@serpro.gov.br>
 Fabio Teixeira <fabio1079@gmail.com>
 FAMMA TV NOTICIAS MEDIOS DE CO <revistafammatvmusic.oficial@gmail.com>
+Fabio Teixeira <fabio1079@gmail.com>
 Fernanda Lopes <nanda.listas+psl@gmail.com>
+Filipe Ribeiro <firibeiro77@live.com>
 Francisco Marcelo A. Lima Júnior <francisco.lima-junior@serpro.gov.br>
 Francisco Marcelo de Araujo Lima Junior <79350259591@serpro-1457614.(none)>
 Francisco Marcelo de Araújo Lima Júnior <francisco.lima-junior@serpro.gov.br>
@@ -144,25 +149,29 @@ Hugo Melo &lt;hugo@riseup.net&gt;
 Isaac Canan <isaac@intelletto.com.br>
 Italo Valcy <italo@dcc.ufba.br>
 Jefferson Fernandes + Diego Araujo + Rafael Manzo <jeffs.fernandes@gmail.com>
-Jefferson Fernandes + Joao M. M. da Silva <jeffs.fernandes@gmail.com>
 Jefferson Fernandes + Joao M. M. Silva <jeffs.fernandes@gmail.com>
-Jérôme Jutteau <j.jutteau@gmail.com>
-João da Silva + Eduardo Morais + Rafael Manzo <rr.manzo@gmail.com>
-João da Silva <jaodsilv@linux.ime.usp.br>
-João Marco Maciel da Silva + Rafael Manzo + Renan Teruo <jaodsilv@linux.ime.usp.br>
+Jefferson Fernandes + Joao M. M. da Silva <jeffs.fernandes@gmail.com>
+Joao M. M. Silva + Jefferson Fernandes <jaodsilv@linux.ime.usp.br>
+Joao M. M. da Silva + Alessandro Palmeira <jaodsilv@linux.ime.usp.br>
+Joao M. M. da Silva + Jefferson Fernandes <jaodsilv@linux.ime.usp.br>
+Joenio Costa <joenio@colivre.coop.br>
+Jose Pedro <1jpsneto@gmail.com>
+Josef Spillner <josef.spillner@tu-dresden.de>
+João M. M. Silva + Caio Salgado <jaodsilv@linux.ime.usp.br>
+João M. M. Silva + Diego Araújo <jaodsilv@linux.ime.usp.br>
+João M. M. Silva + Paulo Meirelles <jaodsilv@linux.ime.usp.br>
+João M. M. Silva + Rafael Manzo <jaodsilv@linux.ime.usp.br>
+João M. M. Silva + Renan Teruo <jaodsilv@linux.ime.usp.br>
 João M. M. da Silva + Alessandro Palmeira + Diego Araújo + Caio Salgado <jaodsilv@linux.ime.usp.br>
 João M. M. da Silva + Alessandro Palmeira + Diego Araújo <jaodsilv@linux.ime.usp.br>
-Joao M. M. da Silva + Alessandro Palmeira <jaodsilv@linux.ime.usp.br>
-João M. M. da Silva + Alessandro Palmeira <jaodsilv@linux.ime.usp.br>
 João M. M. da Silva + Alessandro Palmeira + João Machini <jaodsilv@linux.ime.usp.br>
+João M. M. da Silva + Alessandro Palmeira <jaodsilv@linux.ime.usp.br>
 João M. M. da Silva + Caio Salgado + Alessandro Palmeira <jaodsilv@linux.ime.usp.br>
 João M. M. da Silva + Caio Salgado <jaodsilv@linux.ime.usp.br>
 João M. M. da Silva + Carlos Morais <jaodsilv@linux.ime.usp.br>
+João M. M. da Silva + Diego Araújo + Pedro Leal <jaodsilv@linux.ime.usp.br>
 João M. M. da Silva + Diego Araújo <diegoamc90@gmail.com>
 João M. M. da Silva + Diego Araújo <jaodsilv@linux.ime.usp.br>
-João M. M. da Silva + Diego Araújo + Pedro Leal <jaodsilv@linux.ime.usp.br>
-João M. M. da Silva <jaodsilv@linux.ime.usp.br>
-Joao M. M. da Silva + Jefferson Fernandes <jaodsilv@linux.ime.usp.br>
 João M. M. da Silva + Jefferson Fernandes <jaodsilv@linux.ime.usp.br>
 João M. M. da Silva + João M. Miranda <jaodsilv@linux.ime.usp.br>
 João M. M. da Silva + Paulo Meirelles <jaodsilv@linux.ime.usp.br>
@@ -170,46 +179,44 @@ João M. M. da Silva + Pedro Leal &lt;jaodsilv@linux.ime.usp.br&gt;
 João M. M. da Silva + Rafael Manzo + Diego Araújo <jaodsilv@linux.ime.usp.br>
 João M. M. da Silva + Rafael Manzo <jaodsilv@linux.ime.usp.br>
 João M. M. da Silva + Renan Teruo <jaodsilv@linux.ime.usp.br>
-João M. M. Silva + Caio Salgado <jaodsilv@linux.ime.usp.br>
-João M. M. Silva + Diego Araújo <jaodsilv@linux.ime.usp.br>
-Joao M. M. Silva + Jefferson Fernandes <jaodsilv@linux.ime.usp.br>
-João M. M. Silva + Paulo Meirelles <jaodsilv@linux.ime.usp.br>
-João M. M. Silva + Rafael Manzo <jaodsilv@linux.ime.usp.br>
-João M. M. Silva + Renan Teruo <jaodsilv@linux.ime.usp.br>
-Joenio Costa <joenio@colivre.coop.br>
-Josef Spillner <josef.spillner@tu-dresden.de>
-Jose Pedro <1jpsneto@gmail.com>
+João M. M. da Silva <jaodsilv@linux.ime.usp.br>
+João Marco Maciel da Silva + Rafael Manzo + Renan Teruo <jaodsilv@linux.ime.usp.br>
+João da Silva + Eduardo Morais + Rafael Manzo <rr.manzo@gmail.com>
+João da Silva <jaodsilv@linux.ime.usp.br>
 Junior Silva <junior@bajor.localhost.localdomain>
 Junior Silva <junior@sedeantigo.colivre.coop.br>
 Junior Silva <juniorsilva1001@gmail.com>
 Junior Silva <juniorsilva7@juniorsilva-Aspire-5750Z.(none)>
 Junior Silva <juniorsilva@colivre.coop.br>
-juniorsilva <juniorsilva@QonoS.localhost.localdomain>
+Jérôme Jutteau <j.jutteau@gmail.com>
 Keilla Menezes <keilla@colivre.coop.br>
 Larissa Reis <larissa@colivre.coop.br>
 Larissa Reis <reiss.larissa@gmail.com>
 Leandro Alves <leandrosustenido@gmail.com>
-Leandro Nunes dos Santos <81665687568@serpro-1541727.Home>
 Leandro Nunes dos Santos <81665687568@serpro-1541727.(none)>
-Leandro Nunes dos Santos <leandronunes@gmail.com>
+Leandro Nunes dos Santos <81665687568@serpro-1541727.Home>
 Leandro Nunes dos Santos <leandro.santos@serpro.gov.br>
+Leandro Nunes dos Santos <leandronunes@gmail.com>
 LinguÁgil 2010 <linguagil.bahia@gmail.com>
 Lucas Kanashiro <kanashiro.duarte@gmail.com>
 Lucas Melo <lucas@colivre.coop.br>
 Lucas Melo <lucaspradomelo@gmail.com>
 Luciano <lucianopcbr@gmail.com>
+Luciano Prestes Cavacanti <lucianopcbr@gmail.com>
 Luciano Prestes Cavalcanti <lucianopcbr@gmail.com>
 Luis David Aguilar Carlos <ludwig9003@gmail.com>
 Luiz Fernando de Freitas Matos <luiz@luizff.matos@gmail.com>
+M for Momo <mo@rtnp.org>
+Marcelo Júnior <maljunior@gmail.com>
 Marcos <marcos.rpj2@gmail.com>
 Marcos Ramos <ms.ramos@outlook.com>
 Martín Olivera <molivera@solar.org.ar>
 Maurilio Atila <cabelotaina@gmail.com>
-M for Momo <mo@rtnp.org>
 Michal Čihař <michal@cihar.com>
+Michel Felipe <mfelipeof@gmail.com>
 Moises Machado <moises@colivre.coop.br>
-Naíla Alves <naila@colivre.coop.br>
 Nanda Lopes <nanda.listas+psl@gmail.com>
+Naíla Alves <naila@colivre.coop.br>
 Niemand Jedermann <predatorix@web.de>
 Parley Martins <parleypachecomartins@gmail.com>
 Paulo Meirelles + Alessandro Palmeira + João M. M. da Silva <paulo@softwarelivre.org>
@@ -217,8 +224,8 @@ Paulo Meirelles + Alessandro Palmeira &lt;paulo@softwarelivre.org&gt;
 Paulo Meirelles + Carlos Morais <paulo@softwarelivre.org>
 Paulo Meirelles + Diego Araújo <paulo@softwarelivre.org>
 Paulo Meirelles + João M. M. da Silva <paulo@softwarelivre.org>
-Paulo Meirelles <paulo@softwarelivre.org>
 Paulo Meirelles + Rafael Manzo <paulo@softwarelivre.org>
+Paulo Meirelles <paulo@softwarelivre.org>
 Rafael Gomes <rafaelgomes@techfree.com.br>
 Rafael Manzo + Alessandro Palmeira <rr.manzo@gmail.com>
 Rafael Manzo + Daniel Alves <danpaulalves@gmail.com>
@@ -233,37 +240,46 @@ Rafael Reggiani Manzo + Diego Araújo &lt;rr.manzo@gmail.com&gt;
 Rafael Reggiani Manzo + João M. M. da Silva <rr.manzo@gmail.com>
 Rafael Reggiani Manzo <rr.manzo@gmail.com>
 Raphaël Rousseau <raph@r4f.org>
-Raquel Lira <raquel.lira@gmail.com>
 Raquel <rcordioli@gmail.com>
+Raquel Lira <raquel.lira@gmail.com>
 Renan Teruo + Caio Salgado <renanteruoc@gmail.com>
-Renan Teruoc + Diego Araujo <renanteruoc@gmail.com>
 Renan Teruo + Diego Araujo <renanteruoc@gmail.com>
 Renan Teruo + Diego Araújo <renanteruoc@gmail.com>
 Renan Teruo + Paulo Meirelles <renanteruoc@gmail.com>
 Renan Teruo + Rafael Manzo <renanteruoc@gmail.com>
+Renan Teruoc + Diego Araujo <renanteruoc@gmail.com>
 Rodrigo Souto + Ana Losnak + Daniel Bucher + Caio Almeida + Leandro Nunes + Daniela Feitosa + Mariel Zasso <noosfero-br@listas.softwarelivre.org>
 Rodrigo Souto <rodrigo@colivre.coop.br>
 Ronny Kursawe <kursawe.ronny@googlemail.com>
-root <root@debian.sdr.serpro>
 Samuel R. C. Vale <srcvale@holoscopio.com>
+TWS <tablettws@gmail.com>
 Tallys Martins <tallysmartins@gmail.com>
 Tallys Martins <tallysmartins@yahoo.com.br>
-tallys <tallys@tallys>
-tallys <tallys@tallys.(none)>
 Thiago Casotti <thiago.casotti@uol.com.br>
+Thiago Ribeiro <thiagitosouza@hotmail.com>
 Thiago Zoroastro <thiago.zoroastro@bol.com.br>
 Tuux <tuxa@galaxie.eu.org>
-TWS <tablettws@gmail.com>
 Valessio Brito <contato@valessiobrito.com.br>
 Valessio Brito <contato@valessiobrito.info>
 Valessio Brito <valessio@gmail.com>
-vfcosta <vfcosta@gmail.com>
 Victor Carvalho <victorhugodf.ac@gmail.com>
 Victor Costa <vfcosta@gmail.com>
 Victor Hugo Alves de Carvalho <victorhugodf.ac@gmail.com>
 Vinicius Cubas Brand <viniciuscb@gmail.com>
 Visita <visita@debian.(none)>
 Yann Lugrin <yann.lugrin@liquid-concept.ch>
+alcampelo <alcampelo@alcampelo.(none)>
+analosnak <analosnak@gmail.com>
+daniel <dtygel@eita.org.br>
+diegoamc <diegoamc90@gmail.com>
+dtygel <dtygel@gmail.com>
+juniorsilva <juniorsilva@QonoS.localhost.localdomain>
+root <root@17edebf1ae91>
+root <root@debian.sdr.serpro>
+tallys <tallys@tallys.(none)>
+tallys <tallys@tallys>
+vfcosta <vfcosta@gmail.com>
+Ábner Silva de Oliveira <abner.oliveira@serpro.gov.br>
 Ideas, specifications and incentive
 ===================================
 source "https://rubygems.org"
-gem 'rails',                    '~> 3.2.21'
+gem 'rails',                    '~> 3.2.22'
 gem 'minitest',                 '~> 3.2.0'
 gem 'fast_gettext',             '~> 0.6.8'
 gem 'acts-as-taggable-on',      '~> 3.4.2'
@@ -18,7 +18,7 @@ gem &#39;exception_notification&#39;,   &#39;~&gt; 4.0.1&#39;
 gem 'gettext',                  '~> 2.2.1', :require => false
 gem 'locale',                   '~> 2.0.5'
 gem 'whenever', :require => false
-gem 'eita-jrails', '>= 0.9.5', :require => 'jrails'
+gem 'eita-jrails', '~> 0.9.5', require: 'jrails'
 gem 'grape',                    '~> 0.11.0'
 gem 'grape-entity'
 gem 'grape-swagger'
@@ -27,6 +27,13 @@ gem &#39;api-pagination&#39;,           &#39;~&gt; 4.1.1&#39;
 gem 'rack-cors'
 gem 'rack-contrib'
 gem 'liquid',                    '~> 3.0.3'
+#gem 'grape-swagger-rails'
+
+# FIXME list here all actual dependencies (i.e. the ones in debian/control),
+# with their GEM names (not the Debian package names)
+
+# FIXME list here all actual dependencies (i.e. the ones in debian/control),
+# with their GEM names (not the Debian package names)
 # asset pipeline
 gem 'uglifier', '>= 1.0.3'
@@ -77,8 +77,8 @@ class ApplicationController &lt; ActionController::Base
     FastGettext.available_locales = environment.available_locales
     FastGettext.default_locale = environment.default_locale
     FastGettext.locale = (params[:lang] || session[:lang] || environment.default_locale || request.env['HTTP_ACCEPT_LANGUAGE'] || 'en')
-    I18n.locale = FastGettext.locale
-    I18n.default_locale = FastGettext.default_locale
+    I18n.locale = FastGettext.locale.to_s.gsub '_', '-'
+    I18n.default_locale = FastGettext.default_locale.to_s.gsub '_', '-'
     if params[:lang]
       session[:lang] = params[:lang]
     end
@@ -6,7 +6,7 @@ class CmsController &lt; MyProfileController
   def search_tags
     arg = params[:term].downcase
-    result = ActsAsTaggableOn::Tag.find(:all, :conditions => ['LOWER(name) LIKE ?', "%#{arg}%"])
+    result = ActsAsTaggableOn::Tag.where('name ILIKE ?', "%#{arg}%").limit(10)
     render :text => prepare_to_token_input_by_label(result).to_json, :content_type => 'application/json'
   end
@@ -94,6 +94,11 @@ class CmsController &lt; MyProfileController
     record_coming
     if request.post?
       @article.image = nil if params[:remove_image] == 'true'
+      if @article.image.present? && params[:article][:image_builder] &&
+        params[:article][:image_builder][:label]
+        @article.image.label = params[:article][:image_builder][:label]
+        @article.image.save!
+      end
       @article.last_changed_by = user
       if @article.update_attributes(params[:article])
         if !continue
 class TasksController < MyProfileController
   protect [:perform_task, :view_tasks], :profile, :only => [:index, :save_tags, :search_tags]
-  protect :perform_task, :profile, :except => [:index, :save_tags, :search_tags]
+  protect :perform_task, :profile, :only => [:processed, :change_responsible, :close, :new, :list_requested, :ticket_details, :search_tags]
   def index
-    @email_templates = profile.email_templates.find_all_by_template_type(:task_rejection)
+    @rejection_email_templates = profile.email_templates.find_all_by_template_type(:task_rejection)
+    @acceptance_email_templates = profile.email_templates.find_all_by_template_type(:task_acceptance)
     @filter_type = params[:filter_type].presence
     @filter_text = params[:filter_text].presence
@@ -21,13 +22,17 @@ class TasksController &lt; MyProfileController
     @failed = params ? params[:failed] : {}
-    @responsible_candidates = profile.members.by_role(profile.roles.reject {|r| !r.has_permission?('perform_task')}) if profile.organization?
+    @responsible_candidates = profile.members.by_role(profile.roles.reject {|r| !r.has_permission?('perform_task') && !r.has_permission?('view_tasks')}) if profile.organization?
     @view_only = !current_person.has_permission?(:perform_task, profile)
   end
   def processed
-    @tasks = Task.to(profile).without_spam.closed.sort_by(&:created_at)
+    @tasks = Task.to(profile).without_spam.closed.includes(:requestor, :closed_by).order('tasks.created_at DESC')
+    @filter = params[:filter] || {}
+    @tasks = filter_tasks(@filter, @tasks)
+    @tasks = @tasks.paginate(:per_page => Task.per_page, :page => params[:page])
+    @task_types = Task.closed_types_for(profile)
   end
   def change_responsible
@@ -111,9 +116,9 @@ class TasksController &lt; MyProfileController
   end
   def search_tasks
-
-    params[:filter_type] = params[:filter_type].blank? ? nil : params[:filter_type]
-    result = Task.pending_all(profile,params)
+    filter_type = params[:filter_type].presence
+    filter_text = params[:filter_text].presence
+    result = Task.pending_all(profile,filter_type, filter_text)
     render :json => result.map { |task| {:label => task.data[:name], :value => task.data[:name]} }
   end
@@ -151,7 +156,29 @@ class TasksController &lt; MyProfileController
     result = ActsAsTaggableOn::Tag.find(:all, :conditions => ['LOWER(name) LIKE ?', "%#{arg}%"])
     render :text => prepare_to_token_input_by_label(result).to_json, :content_type => 'application/json'
+  end
+
+  protected
+
+  def filter_tasks(filter, tasks)
+    filter[:created_from] = Date.parse(filter[:created_from]) unless filter[:created_from].blank?
+    filter[:created_until] = Date.parse(filter[:created_until]) unless filter[:created_until].blank?
+    filter[:closed_from] = Date.parse(filter[:closed_from]) unless filter[:closed_from].blank?
+    filter[:closed_until] = Date.parse(filter[:closed_until]) unless filter[:closed_until].blank?
+
+    tasks = tasks.of(filter[:type].presence)
+    tasks = tasks.where(:status => filter[:status]) unless filter[:status].blank?
+
+    tasks = tasks.where('tasks.created_at >= ?', filter[:created_from].beginning_of_day) unless filter[:created_from].blank?
+    tasks = tasks.where('tasks.created_at <= ?', filter[:created_until].end_of_day) unless filter[:created_until].blank?
+
+    tasks = tasks.where('tasks.end_date >= ?', filter[:closed_from].beginning_of_day) unless filter[:closed_from].blank?
+    tasks = tasks.where('tasks.end_date <= ?', filter[:closed_until].end_of_day) unless filter[:closed_until].blank?
+    tasks = tasks.like('profiles.name', filter[:requestor]) unless filter[:requestor].blank?
+    tasks = tasks.like('closed_bies_tasks.name', filter[:closed_by]) unless filter[:closed_by].blank?
+    tasks = tasks.like('tasks.data', filter[:text]) unless filter[:text].blank?
+    tasks
   end
 end
@@ -98,11 +98,8 @@ class AccountController &lt; ApplicationController
     @block_bot = !!session[:may_be_a_bot]
     @invitation_code = params[:invitation_code]
     begin
-      @user = User.new(params[:user])
-      @user.terms_of_use = environment.terms_of_use
-      @user.environment = environment
+      @user = User.build(params[:user], params[:profile_data], environment)
       @terms_of_use = environment.terms_of_use
-      @user.person_data = params[:profile_data]
       @user.return_to = session[:return_to]
       @person = Person.new(params[:profile_data])
       @person.environment = @user.environment
@@ -0,0 +1,19 @@
+class ApiController < PublicController
+
+  no_design_blocks
+
+  helper_method :endpoints
+
+  def index
+  end
+
+  def playground
+  end
+
+  private
+
+  def endpoints
+    Noosfero::API::API.endpoints(environment)
+  end
+
+end
@@ -44,6 +44,8 @@ module ApplicationHelper
   include PluginsHelper
+  include TaskHelper
+
   def locale
     (@page && !@page.language.blank?) ? @page.language : FastGettext.locale
   end
@@ -606,24 +608,14 @@ module ApplicationHelper
         trigger_class = 'enterprise-trigger'
       end
     end
-
-    extra_info_tag = ''
-    img_class = 'profile-image'
-
-    if extra_info.is_a? Hash
-      extra_info_tag = content_tag( 'span', extra_info[:value], :class => 'extra_info '+extra_info[:class])
-      img_class +=' '+extra_info[:class]
-    else
-      extra_info_tag = content_tag( 'span', extra_info, :class => 'extra_info' )
-    end
-    #extra_info = extra_info.nil? ? '' : content_tag( 'span', extra_info, :class => 'extra_info' )
+    extra_info = extra_info.nil? ? '' : content_tag( 'span', extra_info, :class => 'extra_info' )
     links = links_for_balloon(profile)
     content_tag('div', content_tag(tag,
                                    (environment.enabled?(:show_balloon_with_profile_links_when_clicked) ? popover_menu(_('Profile links'),profile.short_name,links,{:class => trigger_class, :url => url}) : "") +
     link_to(
-      content_tag( 'span', profile_image( profile, size ), :class => img_class ) +
+      content_tag( 'span', profile_image( profile, size ), :class => 'profile-image' ) +
       content_tag( 'span', h(name), :class => ( profile.class == Person ? 'fn' : 'org' ) ) +
-      extra_info_tag + profile_sex_icon( profile ) + profile_cat_icons( profile ),
+      extra_info + profile_sex_icon( profile ) + profile_cat_icons( profile ),
       profile.url,
       :class => 'profile_link url',
       :help => _('Click on this icon to go to the <b>%s</b>\'s home page') % profile.name,
@@ -1195,7 +1187,7 @@ module ApplicationHelper
       pending_tasks_count = link_to("<i class=\"icon-menu-tasks\"></i><span class=\"task-count\">#{count}</span>", user.tasks_url, :id => 'pending-tasks-count', :title => _("Manage your pending tasks"))
     end
-    (_("<span class='welcome'>Welcome,</span> %s") % link_to("<i style='background-image:url(#{user.profile_custom_icon(gravatar_default)})'></i><strong>#{user.identifier}</strong>", user.public_profile_url, :id => "homepage-link", :title => _('Go to your homepage'))) +
+    (_("<span class='welcome'>Welcome,</span> %s") % link_to("<i style='background-image:url(#{user.profile_custom_icon(gravatar_default)})'></i><strong>#{user.identifier}</strong>", user.url, :id => "homepage-link", :title => _('Go to your homepage'))) +
     render_environment_features(:usermenu) +
     admin_link +
     manage_enterprises +
@@ -1244,7 +1236,7 @@ module ApplicationHelper
   def task_information(task)
     values = {}
-    values.merge!({:requestor => link_to(task.requestor.name, task.requestor.public_profile_url)}) if task.requestor
+    values.merge!({:requestor => link_to(task.requestor.name, task.requestor.url)}) if task.requestor
     values.merge!({:subject => content_tag('span', task.subject, :class=>'task_target')}) if task.subject
     values.merge!({:linked_subject => link_to(content_tag('span', task.linked_subject[:text], :class => 'task_target'), task.linked_subject[:url])}) if task.linked_subject
     values.merge!(task.information[:variables]) if task.information[:variables]
@@ -16,7 +16,7 @@ module CommentHelper
         content_tag('span', show_date(article.published_at), :class => 'date') +
         content_tag('span', [_(", by %s") % link_to(article.author_name, article.author_url)], :class => 'author') +
         content_tag('span', comments, :class => 'comments'),
-        :class => 'created-at'
+        :class => 'publishing-info'
       )
     end
     title
@@ -30,7 +30,7 @@ module ContentViewerHelper
         date_format +
         content_tag('span', _(", by %s") % (article.author ? link_to(article.author_name, article.author_url) : article.author_name), :class => 'author') +
         content_tag('span', comments, :class => 'comments'),
-        :class => 'created-at'
+        :class => 'publishing-info'
       )
     end
     title
@@ -30,7 +30,7 @@ module EventsHelper
         # the day itself
         date,
         # is there any events in this date?
-        events.any? {|event| event.date_range.include?(date)},
+        events.any? {|event| event.date_range.cover?(date)},
         # is this date in the current month?
         true
       ]
@@ -0,0 +1,13 @@
+module TaskHelper
+
+  def task_email_template(description, email_templates, task, include_blank=true)
+    return '' unless email_templates.present?
+
+    content_tag(
+      :div,
+      labelled_form_field(description, select_tag("tasks[#{task.id}][task][email_template_id]", options_from_collection_for_select(email_templates, :id, :name), :include_blank => include_blank, 'data-url' => url_for(:controller => 'email_templates', :action => 'show_parsed', :profile => profile.identifier))),
+      :class => 'template-selection'
+    )
+  end
+
+end
@@ -14,6 +14,9 @@ class AddFriend &lt; Task
   alias :friend :target
   alias :friend= :target=
+	validates :requestor, :kind_of => { :kind => Person }
+	validates :target, :kind_of => { :kind => Person }
+
   after_create do |task|
     TaskMailer.invitation_notification(task).deliver unless task.friend
     remove_from_suggestion_list(task)
@@ -2,6 +2,9 @@ class AddMember &lt; Task
   validates_presence_of :requestor_id, :target_id
+  validates :requestor, kind_of: {kind: Person}
+  validates :target, kind_of: {kind: Organization}
+
   alias :person :requestor
   alias :person= :requestor=
 class ApproveArticle < Task
   validates_presence_of :requestor_id, :target_id
+  validates :requestor, kind_of: {kind: Person}
+  validate :allowed_requestor
+
+  def allowed_requestor
+    if target
+      if target.person? && requestor != target
+        self.errors.add(:requestor, _('You can not post articles to other users.'))
+      end
+      if target.organization? && !target.members.include?(requestor) && target.environment.portal_community != target
+        self.errors.add(:requestor, _('Only members can post articles on communities.'))
+      end
+    end
+  end
+
   def article_title
     article ? article.title : _('(The original text was removed)')
   end
-  
+
   def article
     Article.find_by_id data[:article_id]
   end
@@ -124,4 +138,9 @@ class ApproveArticle &lt; Task
     message
   end
+  def request_is_member_of_target
+    unless requestor.is_member_of?(target)
+      errors.add(:approve_article, N_('Requestor must be a member of target.'))
+    end
+  end
 end
@@ -133,19 +133,11 @@ class Article &lt; ActiveRecord::Base
     {:include => 'categories_including_virtual', :conditions => { 'categories.id' => category.id }}
   }
-  #FIXME make this test
-  scope :newer_than, lambda { |reference_id|
-    {:conditions => ["articles.id > #{reference_id}"]}
-  }
-
-  #FIXME make this test
-  scope :older_than, lambda { |reference_id|
-    {:conditions => ["articles.id < #{reference_id}"]}
-  }
+  include TimeScopes
   scope :by_range, lambda { |range| {
     :conditions => [
-      'published_at BETWEEN :start_date AND :end_date', { :start_date => range.first, :end_date => range.last }
+      'articles.published_at BETWEEN :start_date AND :end_date', { :start_date => range.first, :end_date => range.last }
     ]
   }}
@@ -748,8 +740,9 @@ class Article &lt; ActiveRecord::Base
     paragraphs.empty? ? '' : paragraphs.first.to_html
   end
-  def lead
-    abstract.blank? ? first_paragraph.html_safe : abstract.html_safe
+  def lead(length = nil)
+    content = abstract.blank? ? first_paragraph.html_safe : abstract.html_safe
+    length.present? ? content.truncate(length) : content
   end
   def short_lead
@@ -820,6 +813,10 @@ class Article &lt; ActiveRecord::Base
     "content_viewer/view_page"
   end
+  def to_liquid
+    HashWithIndifferentAccess.new :name => name, :abstract => abstract, :body => body, :id => id, :parent_id => parent_id, :author => author
+  end
+
   private
   def sanitize_tag_list
@@ -18,6 +18,8 @@ class ChangePassword &lt; Task
   validates_presence_of :requestor
+  validates :requestor, kind_of: {kind: Person}
+
   ###################################################
   # validations for updating a ChangePassword task 
@@ -20,16 +20,7 @@ class Comment &lt; ActiveRecord::Base
   scope :without_reply, :conditions => ['reply_of_id IS NULL']
-  #FIXME make this test
-  scope :newer_than, lambda { |reference_id|
-    {:conditions => ["comments.id > #{reference_id}"]}
-  }
-
-  #FIXME make this test
-  scope :older_than, lambda { |reference_id|
-    {:conditions => ["comments.id < #{reference_id}"]}
-  }
-
+  include TimeScopes
   # unauthenticated authors:
   validates_presence_of :name, :if => (lambda { |record| !record.email.blank? })
@@ -3,6 +3,9 @@ class CreateCommunity &lt; Task
   validates_presence_of :requestor_id, :target_id
   validates_presence_of :name
+  validates :requestor, kind_of: {kind: Person}
+  validates :target, kind_of: {kind: Environment}
+
   alias :environment :target
   alias :environment= :target=
@@ -27,6 +27,8 @@ class CreateEnterprise &lt; Task
   # checks for actual attributes
   validates_presence_of :requestor_id, :target_id
+  validates :requestor, kind_of: {kind: Person}
+
   # checks for admins required attributes
   DATA_FIELDS.each do |attribute|
     validates_presence_of attribute, :if => lambda { |obj| obj.environment.required_enterprise_fields.include?(attribute) }
 class EmailActivation < Task
   validates_presence_of :requestor_id, :target_id
+
+  validates :requestor, kind_of: {kind: Person}
+  validates :target, kind_of: {kind: Environment}
+
   validate :already_requested, :on => :create
   alias :environment :target
   alias :person :requestor
   def already_requested
-    if !self.requestor.nil? && self.requestor.user.email_activation_pending?
+    if !self.requestor.nil? && self.requestor.person? && self.requestor.user.email_activation_pending?
       self.errors.add(:base, _('You have already requested activation of your mailbox.'))
     end
   end
@@ -17,6 +17,7 @@ class EmailTemplate &lt; ActiveRecord::Base
   def available_types
     HashWithIndifferentAccess.new ({
       :task_rejection => {:description => _('Task Rejection')},
+      :task_acceptance => {:description => _('Task Acceptance')},
       :organization_members => {:description => _('Organization Members')}
     })
   end
@@ -8,6 +8,8 @@ class EnterpriseActivation &lt; Task
   validates_presence_of :enterprise
+  validates :target, kind_of: {kind: Enterprise}
+
   def perform
     self.enterprise.enable self.requestor
   end
@@ -326,6 +326,9 @@ class Environment &lt; ActiveRecord::Base
   settings_items :signup_welcome_screen_body, :type => String
+  #Captcha settings
+  settings_items :api_captcha_settings, :type => ActiveSupport::HashWithIndifferentAccess, :default => {}
+
   def has_custom_welcome_screen?
     settings[:signup_welcome_screen_body].present?
   end
@@ -99,47 +99,19 @@ class Event &lt; Article
     start_date..(end_date||start_date)
   end
-  # FIXME this shouldn't be needed
-  include ActionView::Helpers::TagHelper
-  include ActionView::Helpers::UrlHelper
-  include DatesHelper
+  def first_paragraph
+    paragraphs = Nokogiri::HTML.fragment(self.body).css('p')
+    paragraphs.empty? ? '' : paragraphs.first.to_html
+  end
   def to_html(options = {})
+    event = self
+    format = options[:format]
-    result = ''
-    html = ::Builder::XmlMarkup.new(:target => result)
-
-    html.div(:class => 'event-info' ) {
-      html.ul(:class => 'event-data' ) {
-        html.li(:class => 'event-dates' ) {
-          html.span _('When:')
-          html.text! show_period(start_date, end_date)
-        } if start_date.present? || end_date.present?
-        html.li {
-          html.span _('URL:')
-          html.a(self.link || "", 'href' => self.link || "")
-        } if self.link.present?
-        html.li {
-          html.span _('Address:')
-          html.text! self.address || ""
-        } if self.address.present?
-      }
-
-      # TODO: some good soul, please clean this ugly hack:
-      if self.body
-        html.div('_____XXXX_DESCRIPTION_GOES_HERE_XXXX_____', :class => 'event-description')
-      end
-    }
-
-    if self.body
-      if options[:format] == 'short'
-        result.sub!('_____XXXX_DESCRIPTION_GOES_HERE_XXXX_____', display_short_format(self))
-      else
-        result.sub!('_____XXXX_DESCRIPTION_GOES_HERE_XXXX_____', self.body)
-      end
+    proc do
+      render :file => 'content_viewer/event_page', :locals => { :event => event,
+        :format => format }
     end
-
-    result
   end
   def duration
@@ -23,7 +23,7 @@ class Image &lt; ActiveRecord::Base
   postgresql_attachment_fu
-  attr_accessible :uploaded_data
+  attr_accessible :uploaded_data, :label
   def current_data
     File.file?(full_filename) ? File.read(full_filename) : nil
@@ -6,6 +6,8 @@ class Invitation &lt; Task
   validates_presence_of :target_id, :if => Proc.new{|invite| invite.friend_email.blank?}
+  validates :requestor, kind_of: {kind: Person}
+
   validates_presence_of :friend_email, :if => Proc.new{|invite| invite.target_id.blank?}
   validates_format_of :friend_email, :with => Noosfero::Constants::EMAIL_FORMAT, :if => Proc.new{|invite| invite.target_id.blank?}
@@ -34,7 +36,7 @@ class Invitation &lt; Task
   end
   def not_invite_yourself
-    email = friend ? friend.user.email : friend_email
+    email = friend && friend.person? ? friend.user.email : friend_email
     if person && email && person.user.email == email
       self.errors.add(:base, _("You can't invite youself"))
     end
@@ -136,7 +138,11 @@ class Invitation &lt; Task
   end
   def environment
-    self.requestor.environment
+    if self.requestor
+      self.requestor.environment
+    else
+      nil
+    end
   end
 end
@@ -7,6 +7,8 @@ class ModerateUserRegistration &lt; Task
   after_create :schedule_spam_checking
+  validates :target, kind_of: {kind: Environment}
+
   alias :environment :target
   alias :environment= :target=
@@ -8,13 +8,30 @@ class Organization &lt; Profile
     :display => %w[compact]
   }
-  scope :visible_for_person, lambda { |person|
-    joins('LEFT JOIN "role_assignments" ON "role_assignments"."resource_id" = "profiles"."id" AND "role_assignments"."resource_type" = \'Profile\'')
+  # An Organization is considered visible to a given person if one of the
+# following conditions are met:
+#   1) The user is an environment administrator.
+#   2) The user is an administrator of the organization.
+#   3) The user is a member of the organization and the organization is
+#   visible.
+#   4) The user is not a member of the organization but the organization is
+#   visible, public and enabled.
+  def self.visible_for_person(person)
+    joins('LEFT JOIN "role_assignments" ON ("role_assignments"."resource_id" = "profiles"."id"
+          AND "role_assignments"."resource_type" = \'Profile\') OR (
+          "role_assignments"."resource_id" = "profiles"."environment_id" AND
+          "role_assignments"."resource_type" = \'Environment\' )')
+    .joins('LEFT JOIN "roles" ON "role_assignments"."role_id" = "roles"."id"')
     .where(
-      ['( ( role_assignments.accessor_type = ? AND role_assignments.accessor_id = ? ) OR 
-          (profiles.public_profile = ?)) AND (profiles.visible = ?)', Profile.name, person.id,  true, true]
+      ['( (roles.key = ? OR roles.key = ?) AND role_assignments.accessor_type = ? AND role_assignments.accessor_id = ? )
+        OR
+        ( ( ( role_assignments.accessor_type = ? AND role_assignments.accessor_id = ? ) OR
+            ( profiles.public_profile = ? AND profiles.enabled = ? ) ) AND
+          ( profiles.visible = ? ) )',
+      'profile_admin', 'environment_administrator', Profile.name, person.id,
+      Profile.name, person.id,  true, true, true]
     ).uniq
-  }
+  end
   settings_items :closed, :type => :boolean, :default => false
   def closed?
@@ -154,6 +171,12 @@ class Organization &lt; Profile
     ]
   end
+  def short_name chars = 40
+    s = self.display_name
+    s = super(chars) if s.blank?
+    s
+  end
+
   def notification_emails
     emails = [contact_email].select(&:present?) + admins.map(&:email)
     if emails.empty?
 # A person is the profile of an user holding all relationships with the rest of the system
 class Person < Profile
-  attr_accessible :organization, :contact_information, :sex, :birth_date, :cell_phone, 
-    :comercial_phone, :jabber_id, :personal_website, :nationality, :address_reference, 
-    :district, :schooling, :schooling_status, :formation, :custom_formation, :area_of_study, 
+  attr_accessible :organization, :contact_information, :sex, :birth_date, :cell_phone,
+    :comercial_phone, :jabber_id, :personal_website, :nationality, :address_reference,
+    :district, :schooling, :schooling_status, :formation, :custom_formation, :area_of_study,
     :custom_area_of_study, :professional_activity, :organization_website, :following_articiles
   SEARCH_FILTERS = {
@@ -45,13 +45,17 @@ roles] }
   }
   scope :visible_for_person, lambda { |person|
-    joins('LEFT JOIN "friendships" ON "friendships"."friend_id" = "profiles"."id"')
-    .where(
-      ['( ( friendships.person_id = ? ) OR (profiles.public_profile = ?)) AND (profiles.visible = ?)', person.id,  true, true]
-    ).uniq
+   joins('LEFT JOIN "role_assignments" ON
+         "role_assignments"."resource_id" = "profiles"."environment_id" AND
+         "role_assignments"."resource_type" = \'Environment\'')
+   .joins('LEFT JOIN "roles" ON "role_assignments"."role_id" = "roles"."id"')
+   .joins('LEFT JOIN "friendships" ON "friendships"."friend_id" = "profiles"."id"')
+   .where(
+     ['( roles.key = ? AND role_assignments.accessor_type = ? AND role_assignments.accessor_id = ? ) OR (
+       ( ( friendships.person_id = ? ) OR (profiles.public_profile = ?)) AND (profiles.visible = ?) )', 'environment_administrator', Profile.name, person.id, person.id,  true, true]
+   ).uniq
   }
-
   def has_permission_with_admin?(permission, resource)
     return true if resource.blank? || resource.admins.include?(self)
     return true if resource.kind_of?(Profile) && resource.environment.admins.include?(self)
@@ -51,6 +51,25 @@ class Product &lt; ActiveRecord::Base
     {:joins => :product_category, :conditions => ['categories.path LIKE ?', "%#{category.slug}%"]} if category
   }
+  scope :visible_for_person, lambda { |person|
+    joins('INNER JOIN "profiles" enterprises ON enterprises."id" = "products"."profile_id"')
+    .joins('LEFT JOIN "role_assignments" ON ("role_assignments"."resource_id" = enterprises."id"
+          AND "role_assignments"."resource_type" = \'Profile\') OR (
+          "role_assignments"."resource_id" = enterprises."environment_id" AND
+          "role_assignments"."resource_type" = \'Environment\' )')
+    .joins('LEFT JOIN "roles" ON "role_assignments"."role_id" = "roles"."id"')
+    .where(
+      ['( (roles.key = ? OR roles.key = ?) AND role_assignments.accessor_type = \'Profile\' AND role_assignments.accessor_id = ? )
+        OR
+        ( ( ( role_assignments.accessor_type = \'Profile\' AND
+              role_assignments.accessor_id = ? ) OR
+            ( enterprises.public_profile = ? AND enterprises.enabled = ? ) ) AND
+          ( enterprises.visible = ? ) )',
+      'profile_admin', 'environment_administrator', person.id, person.id,
+      true, true, true]
+    ).uniq
+  }
+
   after_update :save_image
   def lat
@@ -3,7 +3,7 @@
 # which by default is the one returned by Environment:default.
 class Profile < ActiveRecord::Base
-  attr_accessible :name, :identifier, :public_profile, :nickname, :custom_footer, :custom_header, :address, :zip_code, :contact_phone, :image_builder, :description, :closed, :template_id, :environment, :lat, :lng, :is_template, :fields_privacy, :preferred_domain_id, :category_ids, :country, :city, :state, :national_region_code, :email, :contact_email, :redirect_l10n, :notification_time, :redirection_after_login, :email_suggestions, :allow_members_to_invite, :invite_friends_only, :secret, :custom_fields
+  attr_accessible :name, :identifier, :public_profile, :nickname, :custom_footer, :custom_header, :address, :zip_code, :contact_phone, :image_builder, :description, :closed, :template_id, :environment, :lat, :lng, :is_template, :fields_privacy, :preferred_domain_id, :category_ids, :country, :city, :state, :national_region_code, :email, :contact_email, :redirect_l10n, :notification_time, :redirection_after_login, :email_suggestions, :allow_members_to_invite, :invite_friends_only, :secret, :custom_fields, :administrator_mail_notification
   # use for internationalizable human type names in search facets
   # reimplement on subclasses
@@ -129,15 +129,49 @@ class Profile &lt; ActiveRecord::Base
   }
   scope :no_templates, {:conditions => {:is_template => false}}
-  #FIXME make this test
-  scope :newer_than, lambda { |reference_id|
-    {:conditions => ["profiles.id > #{reference_id}"]}
-  }
+  # Returns a scoped object to select profiles in a given location or in a radius
+  # distance from the given location center.
+  # The parameter can be the `request.params` with the keys:
+  # * `country`: Country code string.
+  # * `state`: Second-level administrative country subdivisions.
+  # * `city`: City full name for center definition, or as set by users.
+  # * `lat`: The latitude to define the center of georef search.
+  # * `lng`: The longitude to define the center of georef search.
+  # * `distance`: Define the search radius in kilometers.
+  # NOTE: This method may return an exception object, to inform filter error.
+  # When chaining scopes, is hardly recommended you to add this as the last one,
+  # if you can't be sure about the provided parameters.
+  def self.by_location(params)
+    params = params.with_indifferent_access
+    if params[:distance].blank?
+      where_code = []
+      [ :city, :state, :country ].each do |place|
+        unless params[place].blank?
+          # ... So we must to find on this named location
+          # TODO: convert location attrs to a table collumn
+          where_code << "(profiles.data like '%#{place}: #{params[place]}%')"
+        end
+      end
+      self.where where_code.join(' AND ')
+    else # Filter in a georef circle
+      unless params[:lat].blank? && params[:lng].blank?
+        lat, lng = [ params[:lat].to_f, params[:lng].to_f ]
+      end
+      if !lat
+        location = [ params[:city], params[:state], params[:country] ].compact.join(', ')
+        if location.blank?
+          return Exception.new (
+            _('You must to provide `lat` and `lng`, or `city` and `country` to define the center of the search circle, defined by `distance`.')
+          )
+        end
+        lat, lng = Noosfero::GeoRef.location_to_georef location
+      end
+      dist = params[:distance].to_f
+      self.where "#{Noosfero::GeoRef.sql_dist lat, lng} <= #{dist}"
+    end
+  end
-  #FIXME make this test
-  scope :older_than, lambda { |reference_id|
-    {:conditions => ["profiles.id < #{reference_id}"]}
-  }
+  include TimeScopes
   def members
     scopes = plugins.dispatch_scopes(:organization_members, self)
@@ -170,9 +204,9 @@ class Profile &lt; ActiveRecord::Base
     Profile.column_names.map{|n| [Profile.table_name, n].join('.')}.join(',')
   end
-  scope :visible, :conditions => { :visible => true }
+  scope :visible, :conditions => { :visible => true, :secret => false }
   scope :disabled, :conditions => { :visible => false }
-  scope :public, :conditions => { :visible => true, :public_profile => true }
+  scope :public, :conditions => { :visible => true, :public_profile => true, :secret => false }
   scope :enabled, :conditions => { :enabled => true }
   # Subclasses must override this method
@@ -219,6 +253,7 @@ class Profile &lt; ActiveRecord::Base
   settings_items :description
   settings_items :fields_privacy, :type => :hash, :default => {}
   settings_items :email_suggestions, :type => :boolean, :default => false
+  settings_items :administrator_mail_notification, :type => :boolean, :default => true
   validates_length_of :description, :maximum => 550, :allow_nil => true
@@ -658,15 +693,15 @@ private :generate_url, :url_options
   after_create :insert_default_article_set
   def insert_default_article_set
     if template
-      copy_articles_from template
+      self.save! if copy_articles_from template
     else
       default_set_of_articles.each do |article|
         article.profile = self
         article.advertise = false
         article.save!
       end
+      self.save!
     end
-    self.save!
   end
   # Override this method in subclasses of Profile to create a default article
@@ -687,10 +722,12 @@ private :generate_url, :url_options
   end
   def copy_articles_from other
+    return false if other.top_level_articles.empty?
     other.top_level_articles.each do |a|
       copy_article_tree a
     end
     self.articles.reload
+    true
   end
   def copy_article_tree(article, parent=nil)
@@ -735,6 +772,29 @@ private :generate_url, :url_options
     end
   end
+  # Adds many people to profile by id's
+  def add_members_by_id(people_ids)
+
+    unless people_ids.nil? && people_ids.empty?
+
+      people = Person.where(id: people_ids)
+      people.each do |person|
+
+        add_member(person) unless person.is_member_of?(self)
+      end
+    end
+  end
+
+  # Adds many people to profile by email's
+  def add_members_by_email(people_emails)
+
+    people = User.where(email: people_emails)
+    people.each do |user|
+
+      add_member(user.person) unless user.person.is_member_of?(self)
+    end
+  end
+
   def remove_member(person)
     self.disaffiliate(person, Profile::Roles.all_roles(environment.id))
   end
@@ -11,6 +11,12 @@ class Qualifier &lt; ActiveRecord::Base
   has_many :qualifier_certifiers, :dependent => :destroy
   has_many :certifiers, :through => :qualifier_certifiers
+  def used_certs
+    Certifier.joins('INNER JOIN product_qualifiers' +
+                    ' ON certifiers.id = product_qualifiers.certifier_id')
+             .where(product_qualifiers: {qualifier_id: self.id})
+  end
+
   has_many :product_qualifiers, :dependent => :destroy
   has_many :products, :through => :product_qualifiers, :source => :product
@@ -41,6 +41,7 @@ class SuggestArticle &lt; Task
       return type if type < Article
     end
     TinyMceArticle
+    (article[:type] || 'TinyMceArticle').constantize
   end
   def perform
@@ -91,4 +92,5 @@ class SuggestArticle &lt; Task
   def after_ham!
     self.delay.marked_as_ham
   end
+
 end
@@ -70,14 +70,28 @@ class Task &lt; ActiveRecord::Base
       begin
         target_msg = task.target_notification_message
         if target_msg && task.target && !task.target.notification_emails.empty?
-          TaskMailer.target_notification(task, target_msg).deliver
+          if target_profile_accepts_notification?(task)
+            TaskMailer.target_notification(task, target_msg).deliver
+          end
         end
-      rescue NotImplementedError => ex
+      rescue Exception => ex
         Rails.logger.info ex.to_s
       end
     end
   end
+  def target_profile_accepts_notification?(task)
+    if target_is_profile?(task)
+      return task.target.administrator_mail_notification
+    else
+      true
+    end
+  end
+
+  def target_is_profile?(task)
+    task.target.kind_of? Profile
+  end
+
   # this method finished the task. It calls #perform, which must be overriden
   # by subclasses. At the end a message (as returned by #finish_message) is
   # sent to the requestor with #notify_requestor.
@@ -119,6 +133,51 @@ class Task &lt; ActiveRecord::Base
     end
   end
+  class KindOfValidator < ActiveModel::EachValidator
+    def validate_each(record, attribute, value)
+      environment = record.environment || Environment.default
+      klass = options[:kind]
+      group = klass.to_s.downcase.pluralize
+      id = attribute.to_s + "_id"
+      if environment.respond_to?(group)
+        attrb = value || environment.send(group).find_by_id(record.send(id))
+      else
+        attrb = value || klass.find_by_id(record.send(id))
+      end
+      if attrb.respond_to?(klass.to_s.downcase + "?")
+        unless attrb.send(klass.to_s.downcase + "?")
+          record.errors[attribute] << (options[:message] || "should be "+ klass.to_s.downcase)
+        end
+      else
+        unless attrb.class == klass
+          record.errors[attribute] << (options[:message] || "should be "+ klass.to_s.downcase)
+        end
+      end
+    end
+  end
+
+  def requestor_is_of_kind(klass, message = nil)
+    error_message = message ||= _('Task requestor must be '+klass.to_s.downcase)
+    group = klass.to_s.downcase.pluralize
+    if environment.respond_to?(group) and requestor_id
+      requestor = requestor ||= environment.send(klass.to_s.downcase.pluralize).find_by_id(requestor_id)
+    end
+    unless requestor.class == klass
+      errors.add(error_message)
+    end
+  end
+
+  def target_is_of_kind(klass, message = nil)
+    error_message = message ||= _('Task target must be '+klass.to_s.downcase)
+    group = klass.to_s.downcase.pluralize
+    if environment.respond_to?(group) and target_id
+      target = target ||= environment.send(klass.to_s.downcase.pluralize).find_by_id(target_id)
+    end
+    unless target.class == klass
+      errors.add(error_message)
+    end
+  end
+
   def close(status, closed_by)
     self.status = status
     self.end_date = Time.now
@@ -256,7 +315,7 @@ class Task &lt; ActiveRecord::Base
   scope :canceled, :conditions => { :status =>  Task::Status::CANCELLED }
   scope :closed, :conditions => { :status =>  [Task::Status::CANCELLED, Task::Status::FINISHED] }
   scope :opened, :conditions => { :status =>  [Task::Status::ACTIVE, Task::Status::HIDDEN] }
-  scope :of, lambda { |type| conditions = type ? "type LIKE '#{type}'" : "1=1"; {:conditions =>  [conditions]} }
+  scope :of, lambda { |type| conditions = type ? "tasks.type LIKE '#{type}'" : "1=1"; {:conditions =>  [conditions]} }
   scope :order_by, lambda { |attribute, ord| {:order => "#{attribute} #{ord}"} }
   scope :like, lambda { |field, value| where("LOWER(#{field}) LIKE ?", "%#{value.downcase}%") if value}
   scope :pending_all, lambda { |profile, filter_type, filter_text|
@@ -278,6 +337,10 @@ class Task &lt; ActiveRecord::Base
     Task.to(profile).pending.select('distinct type').map { |t| [t.class.name, t.title] }
   end
+  def self.closed_types_for(profile)
+    Task.to(profile).closed.select('distinct type').map { |t| [t.class.name, t.title] }
+  end
+
   def opened?
     status == Task::Status::ACTIVE || status == Task::Status::HIDDEN
   end
@@ -34,6 +34,14 @@ class User &lt; ActiveRecord::Base
     alias_method_chain :human_attribute_name, :customization
   end
+  def self.build(user_data, person_data, environment)
+    user = User.new(user_data)
+    user.terms_of_use = environment.terms_of_use
+    user.environment = environment
+    user.person_data = person_data
+    user
+  end
+
   before_create do |user|
     if user.environment.nil?
       user.environment = Environment.default
@@ -68,7 +76,8 @@ class User &lt; ActiveRecord::Base
   attr_writer :person_data
   def person_data
-    @person_data || {}
+    @person_data = {} if @person_data.nil?
+    @person_data
   end
   def email_domain
@@ -93,18 +102,20 @@ class User &lt; ActiveRecord::Base
   # Virtual attribute for the unencrypted password
   attr_accessor :password, :name
-  validates_presence_of     :login, :email
-  validates_format_of       :login, :with => Profile::IDENTIFIER_FORMAT, :if => (lambda {|user| !user.login.blank?})
+  validates_presence_of     :login
+  validates_presence_of     :email
+  validates_format_of       :login, :message => _('incorrect format'), :with => Profile::IDENTIFIER_FORMAT, :if => (lambda {|user| !user.login.blank?})
   validates_presence_of     :password,                   :if => :password_required?
   validates_presence_of     :password_confirmation,      :if => :password_required?
-  validates_length_of       :password, :within => 4..40, :if => :password_required?
+  validates_length_of       :password, :message => _('length must be within 4 to 40 characters'), :within => 4..40, :if => :password_required?
   validates_confirmation_of :password,                   :if => :password_required?
-  validates_length_of       :login,    :within => 2..40, :if => (lambda {|user| !user.login.blank?})
-  validates_length_of       :email,    :within => 3..100, :if => (lambda {|user| !user.email.blank?})
-  validates_uniqueness_of   :login, :email, :case_sensitive => false, :scope => :environment_id
+  validates_length_of       :login, :message => _('length must be within 2 to 40 characters'), :within => 2..40, :if => (lambda {|user| !user.login.blank?})
+  validates_length_of       :email, :message => _('length must be within 3 to 100 characters'),:within => 3..100, :if => (lambda {|user| !user.email.blank?})
+  validates_uniqueness_of   :login, :case_sensitive => false, :scope => :environment_id
+  validates_uniqueness_of   :email, :case_sensitive => false, :scope => :environment_id
   before_save :encrypt_password
   before_save :normalize_email, if: proc{ |u| u.email.present? }
-  validates_format_of :email, :with => Noosfero::Constants::EMAIL_FORMAT, :if => (lambda {|user| !user.email.blank?})
+  validates_format_of :email, :message => _('incorrect format'), :with => Noosfero::Constants::EMAIL_FORMAT, :if => (lambda {|user| !user.email.blank?})
   validates_inclusion_of :terms_accepted, :in => [ '1' ], :if => lambda { |u| ! u.terms_of_use.blank? }, :message => N_('{fn} must be checked in order to signup.').fix_i18n
@@ -120,16 +131,15 @@ class User &lt; ActiveRecord::Base
     self.update_attribute :last_login_at, Time.now
   end
-  #FIXME make this test
   def generate_private_token!
     self.private_token = SecureRandom.hex
     self.private_token_generated_at = DateTime.now
     save(:validate => false)
   end
-  #FIXME make this test
+  TOKEN_VALIDITY = 2.weeks
   def private_token_expired?
-    self.generate_private_token! if self.private_token.nil? || (self.private_token_generated_at + 2.weeks < DateTime.now)
+    self.private_token.nil? || (self.private_token_generated_at + TOKEN_VALIDITY < DateTime.now)
   end
   # Activates the user in the database.
@@ -333,6 +343,8 @@ class User &lt; ActiveRecord::Base
     {
       'login' => self.login,
+      'name' => self.person.name,
+      'email' => self.email,
       'avatar' => self.person.profile_custom_icon(gravatar_default),
       'is_admin' => self.person.is_admin?,
       'since_month' => self.person.created_at.month,
@@ -354,19 +366,6 @@ class User &lt; ActiveRecord::Base
     @is_password_required = false
   end
-  #FIXME make this test
-  def generate_private_token!
-    self.private_token = SecureRandom.hex
-    self.private_token_generated_at = DateTime.now
-    save(:validate => false)
-  end
-
-  #FIXME make this test
-  def private_token_expired?
-    self.generate_private_token! if self.private_token.nil? || (self.private_token_generated_at + 2.weeks < DateTime.now)
-  end
-
-
   protected
     def normalize_email
@@ -0,0 +1,20 @@
+<h1>EndPoints</h1>
+
+<div style="float: right">
+<%= s_('api-playground|Try the %s') % link_to('API Playground', '/api/playground') %>
+</div>
+
+<%= endpoints.map do |endpoint|
+  app = endpoint.options[:app].to_s
+  unless app.blank?
+    content_tag(:h2, app.split('::').last.to_s, title: app) +
+    (content_tag :ul do
+      endpoint.routes.map do |route|
+        content_tag :li do
+          content_tag(:strong, route.route_method) + ' ' +
+          route.route_path.gsub(':version', content_tag(:b, route.route_version))
+        end
+      end.join "\n"
+    end)
+  end
+end.join "\n" %>
@@ -0,0 +1,36 @@
+<h1>API Playground</h1>
+
+<script>
+var endpoints = <%=
+endpoints.map do |endpoint|
+  app = endpoint.options[:app].to_s
+  unless app.blank?
+    endpoint.routes.map do |route|
+      {
+        method: route.route_method,
+        path: route.route_path.gsub(':version', route.route_version).split('(').first
+      }
+    end
+  end
+end.flatten.compact.sort{|a,b|
+  a[:path]=='/api/v1/login' ? -1 :
+  b[:path]=='/api/v1/login' ?  1 :
+  a[:path] <=> b[:path]
+}.to_json %>;
+</script>
+
+<form id="api-form">
+  <label id="endpoint">Endpoint:
+    <select name="endpoint" onchange="playground.selEndpoint()"></select>
+  </label>
+  <label id="api-token">Token:
+    <%= tag :input, size: 32, placeholder: _('Use the login endpoint') %>
+  </label>
+</form>
+<div id="playground-ctrl">
+  <button onclick="playground.addFormParam()"><%=_('Add parameter')%></button>
+  <button onclick="playground.run()" style="font-weight:bold">&nbsp; <%=_('Run')%> &nbsp;</button>
+</div>
+<pre id="api-response" class="empty"></pre>
+
+<script src="/javascripts/api-playground.js"></script>
@@ -0,0 +1,20 @@
+<% if @page.belongs_to_blog? || @page.belongs_to_forum?%>
+  <h1 class="title">
+    <% if no_link %>
+      <%= h(@page.title) %>
+    <% else %>
+      <%= link_to(@page.name, @page.url) %>
+    <% end %>
+  </h1>
+  <%= render :partial => "publishing_info" %>
+  <% unless @page.abstract.blank? %>
+    <div class="preview">
+      <%= @page.lead %>
+    </div>
+  <% end %>
+<% else %>
+  <h1 class="title">
+    <%= h(@page.title) %>
+  </h1>
+  <%= render :partial => "publishing_info" %>
+<% end %>
@@ -64,7 +64,7 @@
     <% end %>
     <%= link_to(image_tag('/images/icons-mime/rss-feed.png'), @page.feed.url, :class => 'blog-feed-link') if @page.has_posts? && @page.feed %>
     <%= @plugins.dispatch(:article_header_extra_contents, @page).collect { |content| instance_exec(&content) }.join("") %>
-    <%= article_title(@page, :no_link => true) %>
+    <%= render :partial => 'article_title', :locals => {:no_link => true} %>
     <%= article_translations(@page) %>
   </div>
 </div>
@@ -16,6 +16,6 @@
     </div>
   <% end %>
   <div class = <%= className %> >
-      <%= article.abstract.truncate(400) %>
+      <%= article.lead(400) %>
   </div>
 </div>
@@ -0,0 +1,29 @@
+<span class="publishing-info">
+  <span class="date">
+    <%= show_date(@page.published_at) %>
+  </span>
+  <span class="author">
+    <%= _(", by %s") % (@page.author ? link_to(@page.author_name, @page.author_url) : @page.author_name) %>
+  </span>
+<% unless @no_comments %>
+  <span class="comments">
+    <%= (" - %s") % link_to_comments(@page)%>
+  </span>
+<% end %>
+</span>
+
+<% if @page.display_hits? || @page.license.present? %>
+  <div id='article-sub-header'>
+    <% if @page.display_hits? %>
+      <div id="article-hits">
+        <%= n_('Viewed one time', 'Viewed %{num} times', @page.hits) % { :num => @page.hits } %>
+      </div>
+    <% end %>
+
+    <% if @page.license.present? %>
+      <div id="article-license">
+        <%= _('Licensed under %s') % (@page.license.url.present? ? link_to(@page.license.name, @page.license.url, :target => '_blank') : @page.license.name) %>
+      </div>
+    <% end %>
+  </div>
+<% end %>
@@ -0,0 +1,41 @@
+<div class="event-card">
+  <div class="event-image">
+    <% if event.image %>
+      <%= image_tag(event.image.public_filename(:big)) %>
+    <% end %>
+  </div>
+  <div class="about-event">
+    <% if event.start_date.present? || event.end_date.present? %>
+      <span class="event-date">
+        <%= show_period(event.start_date, event.end_date) %>
+      </span>
+    <% end %>
+    <% if event.link.present? %>
+      <span class="event-link">
+        <%= link_to event.link, event.link %>
+      </span>
+    <% end %>
+    <% if event.address.present? %>
+      <span class="event-address">
+        <span>
+          <%= event.address %>
+        </span>
+      </span>
+    <% end %>
+  </div>
+</div>
+
+<div class="event-body">
+  <% if format == 'short' %>
+    <%= display_short_format event, :comments_link => false, :read_more_link => false %>
+  <% else %>
+    <% unless event.abstract.blank? %>
+      <div class="event-lead">
+        <%= event.article_lead %>
+      </div>
+    <% end %>
+    <div class="event-content">
+      <%= event.body %>
+    </div>
+  <% end %>
+</div>
@@ -24,22 +24,6 @@
   <%= render :partial => 'article_toolbar' %>
 </div>
-<% if @page.display_hits? || @page.license.present? %>
-  <div id='article-sub-header'>
-    <% if @page.display_hits? %>
-      <div id="article-hits">
-        <%= n_('Viewed one time', 'Viewed %{num} times', @page.hits) % { :num => @page.hits } %>
-      </div>
-    <% end %>
-
-    <% if @page.license.present? %>
-      <div id="article-license">
-        <%= _('Licensed under %s') % (@page.license.url.present? ? link_to(@page.license.name, @page.license.url, :target => '_blank') : @page.license.name) %>
-      </div>
-    <% end %>
-  </div>
-<% end %>
-
 <% if NOOSFERO_CONF['addthis_enabled'] %>
   <%= render :partial => 'addthis' %>
 <% end %>
@@ -47,6 +31,12 @@
 <% cache(@page.cache_key(params, user, language)) do %>
   <div class="<%="article-body article-body-" + @page.css_class_name %>">
     <% options = @page.image? ? {:gallery_view => true} : {} %>
+    <% if @page.image.present? && !@page.event? %>
+      <div class="article-body-img">
+        <%= image_tag(@page.image.public_filename) %>
+        <p><%= @page.image.label%></p>
+      </div>
+    <% end %>
     <%= article_to_html(@page, options) %>
     <br style="clear:both" />
   </div> <!-- end class="article-body" -->
-<h1>Editing Email Template</h1>
+<h1><%= _('Editing Email Template') %></h1>
 <%= render 'form' %>
-<h1>New Email Template</h1>
+<h1><%= _('New Email Template') %></h1>
 <%= render 'form' %>
@@ -27,6 +27,7 @@
     <script type="text/javascript">
       DEFAULT_LOADING_MESSAGE = <%="'#{ _('loading...') }'" %>;
+      noosfero.profile = <%= (@profile.identifier if @profile).to_json %>
     </script>
   </head>
 <%= text_field_tag 'product_category_id', '', :placeholder => _('type a category for the product') %>
 <%= javascript_include_tag '/javascripts/product_categories.js' %>
-<% javascript_tag do %>
+<%= javascript_tag do %>
   product_categories.autocomplete.search_url = <%= url_for(:controller => :manage_products, :action => :search_categories).to_json %>
   product_categories.autocomplete.select_url = <%= url_for(:controller => :manage_products, :action => :show_category_tree).to_json %>
   product_categories.autocomplete.load('#product_category_id')
 <h2><%= _('Moderation options') %></h2>
 <% if profile.community? %>
   <div style='margin-bottom: 1em'>
+    <h4><%= _('Email Configuration:')%></h4>
+  </div>
+  <div style='margin-bottom: 0.5em'>
+    <%= check_box(:profile_data, :administrator_mail_notification, :style => 'float: left') %>
+    <div style='margin-left: 30px'>
+      <%= _('Send administrator Email for every task (Default: yes)') %>
+    </div>
+  </div>
+
+  <div style='margin-bottom: 1em'>
     <h4><%= _('Invitation moderation:')%></h4>
   </div>
   <div style='margin-bottom: 0.5em'>
-  <%= i.file_field( :uploaded_data, { :onchange => 'updateImg(this.value)' } ) %>
-  <%= button_to_function(:cancel,_('Cancel'),"jQuery('#change-image-link').show(); jQuery('#change-image').html('')", :id => 'cancel-change-image-link', :style => 'display: none')%>
+<%= i.file_field( :uploaded_data, { :onchange => 'updateImg(this.value)' } ) %>
+<%= labelled_form_field(_("Image Label:"), i.text_field(:label)) %>
+<%= button_to_function(:cancel,_('Cancel'),"jQuery('#change-image-link').show(); jQuery('#change-image').html('')", :id => 'cancel-change-image-link', :style => 'display: none')%>
 <div id='not-found'>
-    <h1><%= _('Nonexistent content: %s') % (content_tag('tt', @path)) %></h1>
+    <h1><%= _('There is no such page: %s') % (content_tag('tt', @path)) %></h1>
     <p>
     <%= _('.You may have clicked an expired link or mistyped the address.') %>
-    <%= _('.This page does not exist. Would you like to: Create a new conteúdoou Locate existing content.') %>
+    <%= _('.This page does not exist. Would you like to: Create a new content or locate existing content.') %>
     <!-- <%= _('If you clicked a link that was in another site, or was given to you by someone else, it would be nice if you tell them that their link is not valid anymore.') %>  -->
     </p>
+<%= task_email_template(_('Select an acceptance email template:'), @acceptance_email_templates, task) %>
+
 <%= render :file => 'shared/tiny_mce' %>
 <%= labelled_form_field(_('Create a link'), f.check_box(:create_link)) %>
@@ -14,6 +14,5 @@
   <%= labelled_form_field(_('Highlight this article'), a.check_box(:highlighted)) %>
   <%= a.hidden_field(:type) %>
-
   <%= render :partial => 'shared/lead_and_body', :locals => {:tiny_mce => true, :f => a, :lead_id => task.id} %>
 <% end %>
-<% if @email_templates.present? %>
-  <div class="template-selection">
-    <%= labelled_form_field(_('Select a rejection email template:'), select_tag("tasks[#{task.id}][task][email_template_id]", options_from_collection_for_select(@email_templates, :id, :name), :include_blank => true, 'data-url' => url_for(:controller => 'email_templates', :action => 'show_parsed'))) %>
-  </div>
-<% end %>
+<%= task_email_template(_('Select a rejection email template:'), @rejection_email_templates, task) %>
 <%= labelled_form_field(_('Rejection explanation'), f.text_area(:reject_explanation, :rows => 5)) %>
+<%= stylesheet_link_tag 'tasks' %>
+
+<div class="task-processed">
 <h1><%= _("%s's processed tasks") % profile.name %></h1>
+<div class="task-processed-filter">
+<%
+  type_collection = [[nil, _('All')]] + @task_types
+%>
+  <%= form_tag '#', :method => 'get' do %>
+    <%= field_set_tag _('Filter'), :class => 'filter_fields' do %>
+      <div>
+        <%= labelled_select(_('Type of task')+': ', 'filter[type]', :first, :last, @filter[:type],  type_collection, {:id => 'filter-type'}) %>
+        <%= labelled_select(_('Status:'), 'filter[status]', :last, :first, @filter[:status], [[_('Any'), nil], [_(Task::Status.names[Task::Status::CANCELLED]), 2], [_(Task::Status.names[Task::Status::FINISHED]), 3] ]) %>
+      </div>
+
+      <div>
+        <%= labelled_text_field(_('Text Filter:'), 'filter[text]', @filter[:text]) %>
+      </div>
+
+      <div>
+        <%= labelled_text_field(_('Requestor:'), 'filter[requestor]', @filter[:requestor]) %>
+        <%= labelled_text_field(_('Closed by:'), 'filter[closed_by]', @filter[:closed_by]) %>
+      </div>
+
+      <%= labelled_form_field(_('Creation date'), date_range_field('filter[created_from]', 'filter[created_until]', @filter[:created_from], @filter[:created_until], '%Y-%m-%d', { :change_month => true, :change_year => true, :date_format => 'yy-mm-dd' }, { :size => 14, :from_id => 'filter_created_from', :to_id => 'filter_created_until' })) %>
+      <%= labelled_form_field(_('Processed date'), date_range_field('filter[closed_from]', 'filter[closed_until]', @filter[:closed_from], @filter[:closed_until], '%Y-%m-%d', { :change_month => true, :change_year => true, :date_format => 'yy-mm-dd' }, { :size => 14, :from_id => 'filter_closed_from', :to_id => 'filter_closed_until' })) %>
+
+      <div class="actions">
+        <%= submit_button(:search, _('Search')) %>
+      </div>
+    <% end %>
+  <% end %>
+</div>
+
 <p>
 <% if @tasks.empty? %>
   <em><%= _('No processed tasks.') %></em>
 <% else %>
-  <ul>
+  <ul class="task-list">
     <% @tasks.each do |item| %>
-      <li>
-        <strong><%= task_information(item) %></strong> <br/>
-        <small>
-          <%= _('Created:')   +' '+ show_date(item.created_at) %>
+      <li class="task status-<%= item.status%>">
+        <div class="title">
+          <%= task_information(item) %>
+        </div>
+        <div class="status">
+          <%= _(Task::Status.names[item.status]) %>
+        </div>
+        <div class="dates">
+          <span class="created">
+            <span class="label"><%= _('Created:') %></span>
+            <span class="value"><%= show_date(item.created_at) %></span>
+          </span>
           &nbsp; &#151; &nbsp;
-          <%= _('Processed:') +' '+ show_date(item.end_date) %>
-        </small>
+          <span class="processed">
+            <span class="label"><%= _('Processed:') %></span>
+            <span class="value"><%= show_date(item.end_date) %></span>
+          </span>
+        </div>
+        <% if item.closed_by.present? %>
+          <div class="closed-by">
+            <span class="label"><%= _('Closed by:') %></span>
+            <span class="value"><%= link_to(item.closed_by.name, item.closed_by.url) %></span>
+          </div>
+        <% end %>
       </li>
     <% end %>
   </ul>
+  <%= pagination_links(@tasks)%>
 <% end %>
 </p>
 <% button_bar do %>
   <%= button(:back, _('Back'), :action => 'index') %>
 <% end %>
+
+</div>
@@ -6,6 +6,13 @@ require ::File.expand_path(&#39;../config/environment&#39;,  __FILE__)
 #use Rails::Rack::Static
 #run ActionController::Dispatcher.new
+use Rack::Cors do
+  allow do
+    origins '*'
+    resource '/api/*', :headers => :any, :methods => [:get, :post]
+  end
+end
+
 rails_app = Rack::Builder.new do
   run Noosfero::Application
 end
@@ -135,12 +135,5 @@ module Noosfero
     Noosfero::Plugin.setup(config)
-    config.middleware.use Rack::Cors do
-      allow do
-        origins '*'
-        resource 'api/*', :headers => :any, :methods => [:get, :post]
-      end
-    end
-
   end
 end
@@ -0,0 +1,6 @@
+test: &TEST
+  adapter: postgresql
+  database: gitlab_ci_test
+  username: gitlab_ci_runner
+development:
+  <<: *TEST
@@ -0,0 +1,5 @@
+# From http://about.travis-ci.org/docs/user/database-setup/
+test:
+  adapter: postgresql
+  database: myapp_test
+  username: postgres
@@ -0,0 +1,13 @@
+# inherit from production
+require_relative 'production'
+
+Noosfero::Application.configure do
+
+  # expose errors
+  config.consider_all_requests_local = true
+
+  # ease debug
+  config.assets.compress = false
+
+end
+
@@ -0,0 +1 @@
+Rails.application.eager_load!
@@ -3,7 +3,7 @@
 # contributors:
 #  - Alexander Dreher - http://github.com/alexdreher - Rails 3 update
-de:
+de: &de
   date:
     formats:
       default: "%d.%m.%Y"
@@ -221,3 +221,6 @@ de:
       full_messages:
         format: "%{attribute} %{message}"
+
+de-DE:
+  <<: *de
@@ -2,7 +2,7 @@
 #
 # Use this as the base for the locale file of your language.
-"en-US":
+"en-US": &en-US
   date:
     formats:
       default: "%Y-%m-%d"
@@ -220,4 +220,7 @@
       template:
         <<: *errors_template
       full_messages:
-        format: "%{attribute} %{message}"
 \ No newline at end of file
+        format: "%{attribute} %{message}"
+
+en:
+  <<: *en-US
@@ -0,0 +1 @@
+en-US.yml
 \ No newline at end of file
@@ -4,7 +4,7 @@
 #  - Tsutomu Kuroda - http://github.com/kuroda (t-kuroda@oiax.jp)
 # Corrected by Eloy Serra Labán: http://goo.gl/i9Kts, /nQ928, /XfKaX
-"es":
+es: &es
   date:
     formats:
       default: "%d/%m/%Y"
@@ -223,3 +223,6 @@
       full_messages:
         format: "%{attribute} %{message}"
+
+es_ES:
+  <<: *es
@@ -0,0 +1 @@
+fr.yml
 \ No newline at end of file
@@ -5,7 +5,7 @@
 #  - Bruno Michel - http://github.com/nono
 #  - Tsutomu Kuroda - http://github.com/kuroda (t-kuroda@oiax.jp)
-fr:
+fr: &fr
   date:
     formats:
       default: "%d/%m/%Y"
@@ -222,3 +222,7 @@ fr:
         <<: *errors_template
       full_messages:
         format: "%{attribute} %{message}"
+
+fr-FR:
+  <<: *fr
+
@@ -176,4 +176,4 @@
       template:
         <<: *errors_template
       full_messages:
-        format: "%{attribute} %{message}"
 \ No newline at end of file
+        format: "%{attribute} %{message}"
@@ -0,0 +1 @@
+hy.yml
 \ No newline at end of file
@@ -3,7 +3,7 @@
 # FIXME: This is a copy of en-US.yml. Armenian translators, please translate
 # this into Armenian.
-"hy":
+hy: &hy
   date:
     formats:
       default: "%Y-%m-%d"
@@ -222,3 +222,6 @@
         <<: *errors_template
       full_messages:
         format: "%{attribute} %{message}"
+
+hy-AM:
+  <<: *hy
@@ -5,7 +5,7 @@
 # - Simone Carletti (weppos@weppos.net)
 # - Davide Guerri (d.guerri@caspur.it)
-it:
+it: &it
   number:
     format:
       delimiter: ","
@@ -234,3 +234,6 @@ it:
       full_messages:
         format: "%{attribute} %{message}"
+
+it_IT:
+  <<: *it
 # encoding: UTF-8
 # pt-BR translations for Ruby on Rails
-"pt-BR":
+
+"pt-BR": &pt-BR
   # formatos de data e hora
   date:
     formats:
@@ -231,3 +232,6 @@
       full_messages:
         format: "%{attribute} %{message}"
+
+pt:
+  <<: *pt-BR
@@ -1,233 +0,0 @@
-# encoding: UTF-8
-# pt-BR translations for Ruby on Rails
-"pt":
-  # formatos de data e hora
-  date:
-    formats:
-      default: "%d/%m/%Y"
-      short: "%d de %B"
-      long: "%d de %B de %Y"
-
-    day_names:
-      - Domingo
-      - Segunda
-      - Terça
-      - Quarta
-      - Quinta
-      - Sexta
-      - Sábado
-    abbr_day_names:
-      - Dom
-      - Seg
-      - Ter
-      - Qua
-      - Qui
-      - Sex
-      - Sáb
-
-    month_names:
-      - ~
-      - Janeiro
-      - Fevereiro
-      - Março
-      - Abril
-      - Maio
-      - Junho
-      - Julho
-      - Agosto
-      - Setembro
-      - Outubro
-      - Novembro
-      - Dezembro
-    abbr_month_names:
-      - ~
-      - Jan
-      - Fev
-      - Mar
-      - Abr
-      - Mai
-      - Jun
-      - Jul
-      - Ago
-      - Set
-      - Out
-      - Nov
-      - Dez
-    order:
-      - :day
-      - :month
-      - :year
-
-  time:
-    formats:
-      default: "%A, %d de %B de %Y, %H:%M h"
-      short: "%d/%m, %H:%M h"
-      long: "%A, %d de %B de %Y, %H:%M h"
-    am: ''
-    pm: ''
-
-  # Usado no Array.to_sentence
-  support:
-    array:
-      words_connector: ", "
-      two_words_connector: " e "
-      last_word_connector: " e "
-
-    select:
-      prompt: "Por favor selecione"
-
-  number:
-    format:
-      separator: ','
-      delimiter: '.'
-      precision: 3
-      significant: false
-      strip_insignificant_zeros: false
-
-    currency:
-      format:
-        format: '%u %n'
-        unit: 'R$'
-        separator: ','
-        delimiter: '.'
-        precision: 2
-        significant: false
-        strip_insignificant_zeros: false
-
-    percentage:
-      format:
-        delimiter: '.'
-
-    precision:
-      format:
-        delimiter: '.'
-
-    human:
-      format:
-        delimiter: '.'
-        precision: 2
-        significant: true
-        strip_insignificant_zeros: true
-      storage_units:
-        format: "%n %u"
-        units:
-          byte:
-            one: "Byte"
-            other: "Bytes"
-          kb: "KB"
-          mb: "MB"
-          gb: "GB"
-          tb: "TB"
-      # number_to_human()
-      # new in rails 3: please add to other locales
-      decimal_units:
-        format: "%n %u"
-        units:
-          unit: ""
-          thousand: "mil"
-          million:
-            one: milhão
-            other: milhões
-          billion:
-            one: bilhão
-            other: bilhões
-          trillion:
-            one: trilhão
-            other: trilhões
-          quadrillion:
-            one: quatrilhão
-            other: quatrilhões
-
-  # distancia do tempo em palavras
-  datetime:
-    distance_in_words:
-      half_a_minute: 'meio minuto'
-      less_than_x_seconds:
-        one: 'menos de 1 segundo'
-        other: 'menos de %{count} segundos'
-      x_seconds:
-        one: '1 segundo'
-        other: '%{count} segundos'
-      less_than_x_minutes:
-        one: 'menos de um minuto'
-        other: 'menos de %{count} minutos'
-      x_minutes:
-        one: '1 minuto'
-        other: '%{count} minutos'
-      about_x_hours:
-        one: 'aproximadamente 1 hora'
-        other: 'aproximadamente %{count} horas'
-      x_days:
-        one: '1 dia'
-        other: '%{count} dias'
-      about_x_months:
-        one: 'aproximadamente 1 mês'
-        other: 'aproximadamente %{count} meses'
-      x_months:
-        one: '1 mês'
-        other: '%{count} meses'
-      about_x_years:
-        one: 'aproximadamente 1 ano'
-        other: 'aproximadamente %{count} anos'
-      over_x_years:
-        one: 'mais de 1 ano'
-        other: 'mais de %{count} anos'
-      almost_x_years:
-        one: 'quase 1 ano'
-        other: 'quase %{count} anos'
-    prompts:
-      year:   "Ano"
-      month:  "Mês"
-      day:    "Dia"
-      hour:   "Hora"
-      minute: "Minuto"
-      second: "Segundo"
-
-  helpers:
-    select:
-      prompt: "Por favor selecione"
-
-    submit:
-      create: 'Criar %{model}'
-      update: 'Atualizar %{model}'
-      submit: 'Salvar %{model}'
-
-  errors:
-    format: "%{attribute} %{message}"
-    messages: &errors_messages
-      inclusion: "não está incluído na lista"
-      exclusion: "não está disponível"
-      invalid: "não é válido"
-      confirmation: "não está de acordo com a confirmação"
-      accepted: "deve ser aceito"
-      empty: "não pode ficar vazio"
-      blank: "não pode ficar em branco"
-      too_long: "é muito longo (máximo: %{count} caracteres)"
-      too_short: "é muito curto (mínimo: %{count} caracteres)"
-      wrong_length: "não possui o tamanho esperado (%{count} caracteres)"
-      not_a_number: "não é um número"
-      not_an_integer: "não é um número inteiro"
-      greater_than: "deve ser maior que %{count}"
-      greater_than_or_equal_to: "deve ser maior ou igual a %{count}"
-      equal_to: "deve ser igual a %{count}"
-      less_than: "deve ser menor que %{count}"
-      less_than_or_equal_to: "deve ser menor ou igual a %{count}"
-      odd: "deve ser ímpar"
-      even: "deve ser par"
-      taken: "já está em uso"
-      record_invalid: "A validação falhou: %{errors}"
-    template: &errors_template
-      header:
-        one: "Não foi possível gravar %{model}: 1 erro"
-        other: "Não foi possível gravar %{model}: %{count} erros."
-      body: "Por favor, verifique o(s) seguinte(s) campo(s):"
-
-  activerecord:
-    errors:
-      messages:
-        <<: *errors_messages
-      template:
-        <<: *errors_template
-
-      full_messages:
-        format: "%{attribute} %{message}"
@@ -0,0 +1 @@
+pt-BR.yml
 \ No newline at end of file
@@ -10,7 +10,7 @@
 # (http://github.com/yaroslav/russian). Следующие данные -- выдержка их него, чтобы
 # была возможность минимальной локализации приложения на русский язык.
-ru:
+ru: &ru
   date:
     formats:
       default: "%d.%m.%Y"
@@ -300,3 +300,7 @@ ru:
       words_connector: ", "
       two_words_connector: " и "
       last_word_connector: " и "
+
+ru_RU:
+  <<: *ru
+
@@ -13,12 +13,39 @@ development:
   exclude_profile_identifier_pattern: index(\..*)?|home(\..*)?
   api_recaptcha_site_key:      '6LdsWAcTAAAAAChTUUD6yu9fCDhdIZzNd7F53zf-'
   api_recaptcha_private_key:   '6LdsWAcTAAAAAB6maB_HalVyCc4asDAxPxloIMvY'
-  api_recaptcha_verify_uri:    'https://www.google.com/recaptcha/api/siteverify'  
+  api_recaptcha_verify_uri:    'https://www.google.com/recaptcha/api/siteverify'
+
+#Google Recaptcha setup
+  api_captcha_enabled: true
+#noosfero.com
+  api_recaptcha_site_key:       '6LdsWAcTAAAAAChTUUD6yu9fCDhdIZzNd7F53zf-'
+#noosfero.com
+  api_recaptcha_private_key:    '6LdsWAcTAAAAAB6maB_HalVyCc4asDAxPxloIMvY'
+  api_recaptcha_v1_verify_uri:  'https://www.google.com/recaptcha/api/verify'
+  api_recaptcha_v2_verify_uri:  'https://www.google.com/recaptcha/api/siteverify'
+# version 1 or 2
+  api_captcha_version: 1
 test:
+#Google Recaptcha setup
+  api_captcha_enabled: false
+#noosfero.com
+  api_recaptcha_site_key:       '6LdsWAcTAAAAAChTUUD6yu9fCDhdIZzNd7F53zf-'
+#noosfero.com
+  api_recaptcha_private_key:    '6LdsWAcTAAAAAB6maB_HalVyCc4asDAxPxloIMvY'
+  api_recaptcha_v1_verify_uri:  'https://www.google.com/recaptcha/api/verify'
+  api_recaptcha_v2_verify_uri:  'https://www.google.com/recaptcha/api/siteverify'
+# version 1 or 2
+  api_captcha_version: 1
 production:
-  api_recaptcha_site_key:      '6LcLPAcTAAAAAKsd0bxY_TArhD_A7OL19SRCW7_i'
-  api_recaptcha_private_key:   '6LcLPAcTAAAAAE36SN1M2w1I7Hn8upwXYZ_YQZ5-'
-  api_recaptcha_verify_uri:    'https://www.google.com/recaptcha/api/siteverify'
-  
 \ No newline at end of file
+#Google Recaptcha setup
+  api_captcha_enabled: true
+#dialoga
+  api_recaptcha_site_key:       '6LcLPAcTAAAAAKsd0bxY_TArhD_A7OL19SRCW7_i'
+#dialoga
+  api_recaptcha_private_key:    '6LcLPAcTAAAAAE36SN1M2w1I7Hn8upwXYZ_YQZ5-'
+  api_recaptcha_v1_verify_uri:  'https://www.google.com/recaptcha/api/verify'
+  api_recaptcha_v2_verify_uri:  'https://www.google.com/recaptcha/api/siteverify'
+  # version 1 or 2
+  api_captcha_version: 1
@@ -22,6 +22,7 @@ Noosfero::Application.routes.draw do
   root :to => 'home#index', :constraints => EnvironmentDomainConstraint.new
   match 'site(/:action)', :controller => 'home'
+  match 'api(/:action)', :controller => 'api'
   match 'images(/*stuff)' => 'not_found#nothing'
   match 'stylesheets(/*stuff)' => 'not_found#nothing'
@@ -1,11 +0,0 @@
-class AddPrivateTokenInfoToUsers < ActiveRecord::Migration
-  def self.up
-    add_column :users, :private_token, :string
-    add_column :users, :private_token_generated_at, :datetime
-  end
-
-  def self.down
-    remove_column :users, :private_token
-    remove_column :users, :private_token_generated_at
-  end
-end
@@ -0,0 +1,11 @@
+class AddPrivateTokenInfoToUsers < ActiveRecord::Migration
+  def self.up
+    add_column :users, :private_token, :string
+    add_column :users, :private_token_generated_at, :datetime
+  end
+
+  def self.down
+    remove_column :users, :private_token
+    remove_column :users, :private_token_generated_at
+  end
+end
@@ -0,0 +1,8 @@
+class AddLabelToImage < ActiveRecord::Migration
+  def up
+    add_column :images, :label, :string, :default => ""
+  end
+  def down
+    remove_column :images, :label
+  end
+end
@@ -0,0 +1,10 @@
+class ChangeTaskEndDateFromDateToDateTime < ActiveRecord::Migration
+
+  def up
+      change_column :tasks, :end_date, :datetime
+  end
+
+  def down
+    change_column :tasks, :end_date, :date
+  end
+end
@@ -11,7 +11,7 @@
 #
 # It's strongly recommended to check this file into your version control system.
-ActiveRecord::Schema.define(:version => 20150602142030) do
+ActiveRecord::Schema.define(:version => 20150603182105) do
   create_table "abuse_reports", :force => true do |t|
     t.integer  "reporter_id"
@@ -377,6 +377,7 @@ ActiveRecord::Schema.define(:version =&gt; 20150602142030) do
     t.integer "width"
     t.integer "height"
     t.boolean "thumbnails_processed", :default => false
+    t.string  "label",                :default => ""
   end
   add_index "images", ["parent_id"], :name => "index_images_on_parent_id"
-noosfero (1.2~1) UNRELEASED; urgency=medium
-
-  [ Antonio Terceiro ]
-  * Temporary version in heavy development
+noosfero (1.2~rc1) wheezy; urgency=medium
   [ Joenio Costa ]
   * Build noosfero-chat package
- -- Joenio Costa <joenio@colivre.coop.br>  Mon, 18 May 2015 14:32:21 -0300
+  [ Antonio Terceiro ]
+  * Noosfero 1.2 RC1
+
+ -- Antonio Terceiro <terceiro@colivre.coop.br>  Mon, 13 Jul 2015 15:44:17 -0300
 noosfero (1.1) wheezy; urgency=low
@@ -160,6 +160,7 @@ Feature: events
     When I am on /search/events
     Then I should see "Colivre.net's Events"
+
   @selenium
   Scenario: published events should be listed in the agenda too
     Given the following community
@@ -4,7 +4,12 @@ class AddMembersJob &lt; Struct.new(:people_ids, :profile_id, :locale)
     Noosfero.with_locale(locale) do
       profile = Profile.find(profile_id)
-      profile.add_members people_ids
+
+      if people_ids.first =~ /\@/
+        profile.add_members_by_email people_ids
+      else
+        profile.add_members_by_id people_ids
+      end
     end
   end
 require 'grape'
 #require 'rack/contrib'
-
 Dir["#{Rails.root}/lib/noosfero/api/*.rb"].each {|file| require file unless file =~ /api\.rb/}
+
 module Noosfero
   module API
     class API < Grape::API
@@ -9,32 +9,33 @@ module Noosfero
       logger = Logger.new(File.join(Rails.root, 'log', "#{ENV['RAILS_ENV'] || 'production'}_api.log"))
       logger.formatter = GrapeLogging::Formatters::Default.new
-      use RequestLogger, { logger: logger }
+      use GrapeLogging::Middleware::RequestLogger, { logger: logger }
-      rescue_from :all do |e|
-        logger.error e
-      end
+      #rescue_from :all do |e|
+      #  logger.error e
+      #end
       @@NOOSFERO_CONF = nil
-      
       def self.NOOSFERO_CONF
-        if @@NOOSFERO_CONF 
+        if @@NOOSFERO_CONF
           @@NOOSFERO_CONF
         else
           file = Rails.root.join('config', 'noosfero.yml')
           @@NOOSFERO_CONF = File.exists?(file) ? YAML.load_file(file)[Rails.env] || {} : {}
-        end    
+        end
       end
+      before { set_locale  }
       before { setup_multitenancy }
       before { detect_stuff_by_domain }
+      before { filter_disabled_plugins_endpoints }
       after { set_session_cookie }
       version 'v1'
       prefix "api"
       format :json
       content_type :txt, "text/plain"
-      
+
       helpers APIHelpers
       mount V1::Articles
@@ -45,6 +46,9 @@ module Noosfero
       mount V1::Enterprises
       mount V1::Categories
       mount V1::Tasks
+      mount V1::Tags
+      mount V1::Environments
+
       mount Session
       # hook point which allow plugins to add Grape::API extensions to API::API
@@ -57,6 +61,26 @@ module Noosfero
           end
         end
       end
+
+      def self.endpoint_unavailable?(endpoint, environment)
+        api_class = endpoint.options[:app] || endpoint.options[:for]
+        if api_class.present?
+          klass = api_class.name.deconstantize.constantize
+          return klass < Noosfero::Plugin && !environment.plugin_enabled?(klass)
+        end
+      end
+
+      class << self
+        def endpoints_with_plugins(environment = nil)
+          if environment.present?
+            cloned_endpoints = endpoints_without_plugins.dup
+            cloned_endpoints.delete_if { |endpoint| endpoint_unavailable?(endpoint, environment) }
+          else
+            endpoints_without_plugins
+          end
+        end
+        alias_method_chain :endpoints, :plugins
+      end
     end
   end
 end
 module Noosfero
   module API
     module Entities
-  
+
       Entity.format_with :timestamp do |date|
         date.strftime('%Y/%m/%d %H:%M:%S') if date
       end
-  
+
       class Image < Entity
         root 'images', 'image'
         expose  :url do |image, options|
           image.public_filename
         end
-  
+
         expose  :icon_url do |image, options|
           image.public_filename(:icon)
         end
-  
+
         expose  :minor_url do |image, options|
           image.public_filename(:minor)
         end
-  
+
         expose  :portrait_url do |image, options|
           image.public_filename(:portrait)
         end
-  
+
         expose  :thumb_url do |image, options|
           image.public_filename(:thumb)
         end
       end
-  
+
       class Profile < Entity
         expose :identifier, :name, :id
         expose :created_at, :format_with => :timestamp
         expose :image, :using => Image
       end
-  
+
+      class UserBasic < Entity
+        expose :id
+        expose :login
+      end
+
       class Person < Profile
         root 'people', 'person'
+        expose :user, :using => UserBasic
       end
+
       class Enterprise < Profile
         root 'enterprises', 'enterprise'
       end
+
       class Community < Profile
         root 'communities', 'community'
         expose :description
       end
-  
-      class Category < Entity
+
+      class CategoryBase < Entity
         root 'categories', 'category'
         expose :name, :id, :slug
+      end
+
+      class Category < CategoryBase
+        root 'categories', 'category'
+        expose :full_name do |category, options|
+          category.full_name
+        end
+        expose :parent, :using => CategoryBase, if: { parent: true }
+        expose :children, :using => CategoryBase, if: { children: true }
         expose :image, :using => Image
       end
-  
+
       class ArticleBase < Entity
         root 'articles', 'article'
         expose :id
@@ -72,12 +89,15 @@ module Noosfero
         expose :hits
         expose :start_date
         expose :end_date
+        expose :tag_list
       end
       class Article < ArticleBase
         root 'articles', 'article'
         expose :parent, :using => ArticleBase
-        expose :children, :using => ArticleBase
+        expose :children, using: ArticleBase do |article, options|
+          article.children.limit(Noosfero::API::V1::Articles::MAX_PER_PAGE)
+        end
       end
       class Comment < Entity
@@ -86,8 +106,8 @@ module Noosfero
         expose :created_at, :format_with => :timestamp
         expose :author, :using => Profile
       end
-  
-  
+
+
       class User < Entity
         root 'users', 'user'
         expose :id
@@ -96,14 +116,14 @@ module Noosfero
         expose :permissions do |user, options|
           output = {}
           user.person.role_assignments.map do |role_assigment|
-            if role_assigment.resource.respond_to?(:identifier)
-              output[role_assigment.resource.identifier] = role_assigment.role.permissions 
+            if role_assigment.resource.respond_to?(:identifier) && !role_assigment.role.nil?
+              output[role_assigment.resource.identifier] = role_assigment.role.permissions
             end
           end
           output
         end
       end
-  
+
       class UserLogin < User
         expose :private_token
       end
@@ -114,6 +134,16 @@ module Noosfero
         expose :type
       end
+      class Environment < Entity
+        expose :name
+      end
+
+      class Tag < Entity
+        root 'tags', 'tag'
+        expose :name
+      end
+
+
     end
   end
 end
 class Noosfero::API::Entity < Grape::Entity
+  def initialize(object, options = {})
+    object = nil if object.is_a? Exception
+    super object, options
+  end
+
+  def self.represent(objects, options = {})
+    if options[:has_exception]
+      data = super objects, options.merge(is_inner_data: true)
+      if objects.is_a? Exception
+        data.merge ok: false, error: {
+          type: objects.class.name,
+          message: objects.message
+        }
+      else
+        data = data.serializable_hash if data.is_a? Noosfero::API::Entity
+        data.merge ok: true, error: { type: 'Success', message: '' }
+      end
+    else
+      super objects, options
+    end
+  end
+
   def self.fields_condition(fields)
     lambda do |object, options|
       return true if options[:fields].blank?
-module Noosfero
-  module API
-    module APIHelpers
+  module Noosfero;
+
+    module API
+      module APIHelpers
       PRIVATE_TOKEN_PARAM = :private_token
-      ALLOWED_PARAMETERS = [:parent_id, :from, :until, :content_type]
+      DEFAULT_ALLOWED_PARAMETERS = [:parent_id, :from, :until, :content_type]
+
+      include SanitizeParams
+      def set_locale
+        I18n.locale = (params[:lang] || request.env['HTTP_ACCEPT_LANGUAGE'] || 'en')
+      end
+      
       def current_user
         private_token = (params[PRIVATE_TOKEN_PARAM] || headers['Private-Token']).to_s
         @current_user ||= User.find_by_private_token(private_token)
@@ -45,14 +52,85 @@ module Noosfero
         end
       end
+      ARTICLE_TYPES = ['Article'] + Article.descendants.map{|a| a.to_s}
+      TASK_TYPES = ['Task'] + Task.descendants.map{|a| a.to_s}
+
       def find_article(articles, id)
         article = articles.find(id)
         article.display_to?(current_user.person) ? article : forbidden!
       end
-      def find_task(tasks, id)
-        task = tasks.find(id)
-        task.display_to?(current_user.person) ? task : forbidden!
+      def post_article(asset, params)
+        return forbidden! unless current_person.can_post_content?(asset)
+
+        klass_type= params[:content_type].nil? ? 'TinyMceArticle' : params[:content_type]
+        return forbidden! unless ARTICLE_TYPES.include?(klass_type)
+
+        article = klass_type.constantize.new(params[:article])
+        article.last_changed_by = current_person
+        article.created_by= current_person
+        article.profile = asset
+
+        if !article.save
+          render_api_errors!(article.errors.full_messages)
+        end
+        present article, :with => Entities::Article, :fields => params[:fields]
+      end
+
+      def present_article(asset)
+        article = find_article(asset.articles, params[:id])
+        present article, :with => Entities::Article, :fields => params[:fields]
+      end
+
+      def present_articles(asset)
+        articles = find_articles(asset)
+        articles = paginate articles
+        present articles, :with => Entities::Article, :fields => params[:fields]
+      end
+
+      def find_articles(asset)
+        articles = select_filtered_collection_of(asset, 'articles', params)
+        if current_person.present?
+          articles = articles.display_filter(current_person, nil)
+        else
+          articles = articles.published
+        end
+        if params[:categories_ids]
+          articles = articles.joins(:categories).where('category_id in (?)', params[:categories_ids])
+        end
+        articles
+      end
+
+      def find_task(asset, id)
+        task = asset.tasks.find(id)
+        current_person.has_permission?(task.permission, asset) ? task : forbidden!
+      end
+
+      def post_task(asset, params)
+        klass_type= params[:content_type].nil? ? 'Task' : params[:content_type]
+        return forbidden! unless TASK_TYPES.include?(klass_type)
+
+        task = klass_type.constantize.new(params[:task])
+        task.requestor_id = current_person.id
+        task.target_id = asset.id
+        task.target_type = 'Profile'
+
+        if !task.save
+          render_api_errors!(task.errors.full_messages)
+        end
+        present task, :with => Entities::Task, :fields => params[:fields]
+      end
+
+      def present_task(asset)
+        task = find_task(asset, params[:id])
+        present task, :with => Entities::Task, :fields => params[:fields]
+      end
+
+      def present_tasks(asset)
+        tasks = select_filtered_collection_of(asset, 'tasks', params)
+        tasks = tasks.select {|t| current_person.has_permission?(t.permission, asset)}
+        return forbidden! if tasks.empty? && !current_person.has_permission?(:perform_task, asset)
+        present tasks, :with => Entities::Task, :fields => params[:fields]
       end
       def make_conditions_with_parameter(params = {})
@@ -73,19 +151,22 @@ module Noosfero
         params[:order] || "created_at DESC"
       end
-      def select_filtered_collection_of(object, method, params)
-        conditions = make_conditions_with_parameter(params)
-        order = make_order_with_parameters(params)
-
+      def by_reference(scope, params)
         if params[:reference_id]
-          objects = object.send(method).send("#{params.key?(:oldest) ? 'older_than' : 'newer_than'}", params[:reference_id]).where(conditions).limit(limit).order(order)
+          created_at = scope.find(params[:reference_id]).created_at
+          scope.send("#{params.key?(:oldest) ? 'older_than' : 'younger_than'}", created_at)
         else
-          objects = object.send(method).where(conditions).limit(limit).order(order)
+          scope
         end
+      end
-        if params[:categories_ids]
-          objects = objects.joins(:categories).where('category_id in (?)', params[:categories_ids])
-        end
+      def select_filtered_collection_of(object, method, params)
+        conditions = make_conditions_with_parameter(params)
+        order = make_order_with_parameters(params)
+
+        objects = object.send(method)
+        objects = by_reference(objects, params)
+        objects = objects.where(conditions).limit(limit).order(order)
         objects
       end
@@ -115,9 +196,9 @@ module Noosfero
       def verify_recaptcha_v2(remote_ip, g_recaptcha_response, private_key, api_recaptcha_verify_uri)
         verify_hash = {
-            "secret"    => private_key,
-            "remoteip"  => remote_ip,
-            "response"  => g_recaptcha_response
+          "secret"    => private_key,
+          "remoteip"  => remote_ip,
+          "response"  => g_recaptcha_response
         }
         uri = URI(api_recaptcha_verify_uri)
         https = Net::HTTP.new(uri.host, uri.port)
@@ -131,6 +212,10 @@ module Noosfero
       #              error helpers             #
       ##########################################
+      def not_found!
+        render_api_error!('404 Not found', 404)
+      end
+
       def forbidden!
         render_api_error!('403 Forbidden', 403)
       end
@@ -188,12 +273,16 @@ module Noosfero
         end
       end
+      def filter_disabled_plugins_endpoints
+        not_found! if Noosfero::API::API.endpoint_unavailable?(self, @environment)
+      end
+
       private
       def parser_params(params)
         parsed_params = {}
         params.map do |k,v|
-          parsed_params[k.to_sym] = v if ALLOWED_PARAMETERS.include?(k.to_sym)
+          parsed_params[k.to_sym] = v if DEFAULT_ALLOWED_PARAMETERS.include?(k.to_sym)
         end
         parsed_params
       end
@@ -212,10 +301,106 @@ module Noosfero
       def period(from_date, until_date)
         begin_period = from_date.nil? ? Time.at(0).to_datetime : from_date
         end_period = until_date.nil? ? DateTime.now : until_date
-
         begin_period..end_period
       end
+      ##########################################
+      #              captcha_helpers           #
+      ##########################################
+
+      def test_captcha(remote_ip, params, environment)
+        d = environment.api_captcha_settings
+        return true unless d[:enabled] == true
+
+        if d[:provider] == 'google'
+          raise ArgumentError, "Environment api_captcha_settings private_key not defined" if d[:private_key].nil?
+          raise ArgumentError, "Environment api_captcha_settings version not defined" unless d[:version] == 1 || d[:version] == 2
+          if d[:version]  == 1
+            d[:verify_uri] ||= 'https://www.google.com/recaptcha/api/verify'
+            return verify_recaptcha_v1(remote_ip, d[:private_key], d[:verify_uri], params[:recaptcha_challenge_field], params[:recaptcha_response_field])
+          end
+          if d[:version] == 2
+            d[:verify_uri] ||= 'https://www.google.com/recaptcha/api/siteverify'
+            return verify_recaptcha_v2(remote_ip, d[:private_key], d[:verify_uri], params[:g_recaptcha_response])
+          end
+        end
+        if d[:provider] == 'serpro'
+          raise ArgumentError, "Environment api_captcha_settings verify_uri not defined" if d[:verify_uri].nil?
+          return verify_serpro_captcha(d[:serpro_client_id], params[:txtToken_captcha_serpro_gov_br], params[:captcha_text], d[:verify_uri])
+        end
+        raise ArgumentError, "Environment api_captcha_settings provider not defined"
+      end
+
+      def verify_recaptcha_v1(remote_ip, private_key, api_recaptcha_verify_uri, recaptcha_challenge_field, recaptcha_response_field)
+        if recaptcha_challenge_field == nil || recaptcha_response_field == nil
+          return _('Missing captcha data')
+        end
+
+        verify_hash = {
+            "privatekey"  => private_key,
+            "remoteip"    => remote_ip,
+            "challenge"   => recaptcha_challenge_field,
+            "response"    => recaptcha_response_field
+        }
+        uri = URI(api_recaptcha_verify_uri)
+        https = Net::HTTP.new(uri.host, uri.port)
+        https.use_ssl = true
+        request = Net::HTTP::Post.new(uri.path)
+        request.set_form_data(verify_hash)
+        begin
+          body = https.request(request).body
+        rescue Exception => e
+          logger.error e
+          return _("Google recaptcha error: #{e.message}")
+        end
+        body = JSON.parse(body)
+        body == "true\nsuccess" ? true : body
+      end
+
+      def verify_recaptcha_v2(remote_ip, private_key, api_recaptcha_verify_uri, g_recaptcha_response)
+        if g_recaptcha_response == nil
+          return _('Missing captcha data')
+        end
+
+        verify_hash = {
+            "secret"    => private_key,
+            "remoteip"  => remote_ip,
+            "response"  => g_recaptcha_response
+        }
+        uri = URI(api_recaptcha_verify_uri)
+        https = Net::HTTP.new(uri.host, uri.port)
+        https.use_ssl = true
+        request = Net::HTTP::Post.new(uri.path)
+        request.set_form_data(verify_hash)
+        begin
+          body = https.request(request).body
+        rescue Exception => e
+          logger.error e
+          return _("Google recaptcha error: #{e.message}")
+        end
+        captcha_result = JSON.parse(body)
+        captcha_result["success"] ? true : captcha_result
+      end
+
+      def verify_serpro_captcha(client_id, token, captcha_text, verify_uri)
+        return _('Missing Serpro Captcha token') if token == nil
+        return _('Captcha text has not been filled') if captcha_text == nil
+        uri = URI(verify_uri)
+        http = Net::HTTP.new(uri.host, uri.port)
+        request = Net::HTTP::Post.new(uri.path)
+        verify_string = "#{client_id}&#{token}&#{captcha_text}"
+        request.body = verify_string
+        begin
+          body = http.request(request).body
+        rescue Exception => e
+          logger.error e
+          return _("Serpro captcha error: #{e.message}")
+        end
+        return _("Wrong captcha text, please try again") if body == 0
+        return _("Token not found") if body == 2
+        body == '1' ? true : body
+      end
+
     end
   end
 end
@@ -29,26 +29,24 @@ module Noosfero
       #   password (required)               - Password
       #   login                             - login
       # Example Request:
-      #   POST /register?email=some@mail.com&password=pas&login=some
+      #   POST /register?email=some@mail.com&password=pas&password_confirmation=pas&login=some
       params do
         requires :email, type: String, desc: _("Email")
         requires :login, type: String, desc: _("Login")
         requires :password, type: String, desc: _("Password")
+        requires :password_confirmation, type: String, desc: _("Password confirmation")
       end
       post "/register" do
-        unique_attributes! User, [:email, :login]
-        attrs = attributes_for_keys [:email, :login, :password]
-        attrs[:password_confirmation] = attrs[:password]
+        attrs = attributes_for_keys [:email, :login, :password, :password_confirmation] + environment.signup_person_fields
+        remote_ip = (request.respond_to?(:remote_ip) && request.remote_ip) || (env && env['REMOTE_ADDR'])
-        #Commented for stress tests
-        
-        # remote_ip = (request.respond_to?(:remote_ip) && request.remote_ip) || (env && env['REMOTE_ADDR'])
-        # private_key = API.NOOSFERO_CONF['api_recaptcha_private_key']
-        # api_recaptcha_verify_uri = API.NOOSFERO_CONF['api_recaptcha_verify_uri']
-        # captcha_result = verify_recaptcha_v2(remote_ip, params['g-recaptcha-response'], private_key, api_recaptcha_verify_uri)
-        user = User.new(attrs)  
-#        if captcha_result["success"] and user.save 
-        if user.save 
+        unless test_captcha(remote_ip, params, environment) == true
+          render_api_error!(_('Please solve the test in order to register.'), 401)
+          return
+        end
+
+        user = User.new(attrs)
+        if  user.save
           user.activate
           user.generate_private_token!
           present user, :with => Entities::UserLogin
@@ -2,12 +2,15 @@ module Noosfero
   module API
     module V1
       class Articles < Grape::API
-        before { authenticate! }
-  
+
         ARTICLE_TYPES = Article.descendants.map{|a| a.to_s}
-  
+
+        MAX_PER_PAGE = 50
+
         resource :articles do
-  
+
+          paginate per_page: MAX_PER_PAGE, max_per_page: MAX_PER_PAGE
+
           # Collect articles
           #
           # Parameters:
@@ -17,18 +20,44 @@ module Noosfero
           #
           # Example Request:
           #  GET host/api/v1/articles?from=2013-04-04-14:41:43&until=2015-04-04-14:41:43&limit=10&private_token=e96fff37c2238fdab074d1dcea8e6317
+
           get do
-            articles = select_filtered_collection_of(environment, 'articles', params)
-            articles = articles.display_filter(current_person, nil)
-            present articles, :with => Entities::Article, :fields => params[:fields]
+            present_articles(environment)
           end
-  
+
           desc "Return the article id"
           get ':id' do
+            present_article(environment)
+          end
+
+          post ':id/report_abuse' do
             article = find_article(environment.articles, params[:id])
-            present article, :with => Entities::Article, :fields => params[:fields]
+            profile = article.profile
+            begin
+              abuse_report = AbuseReport.new(:reason => params[:report_abuse])
+              if !params[:content_type].blank?
+                article = params[:content_type].constantize.find(params[:content_id])
+                abuse_report.content = article_reported_version(article)
+              end
+
+              current_person.register_report(abuse_report, profile)
+
+              if !params[:content_type].blank?
+                abuse_report = AbuseReport.find_by_reporter_id_and_abuse_complaint_id(current_person.id, profile.opened_abuse_complaint.id)
+                Delayed::Job.enqueue DownloadReportedImagesJob.new(abuse_report, article)
+              end
+
+              {
+                :success => true,
+                :message => _('Your abuse report was registered. The administrators are reviewing your report.'),
+              }
+            rescue Exception => exception
+              #logger.error(exception.to_s)
+              render_api_error!(_('Your report couldn\'t be saved due to some problem. Please contact the administrator.'), 400)
+            end
+
           end
-          
+
           desc "Returns the total followers for the article"
           get ':id/followers' do
             article = find_article(environment.articles, params[:id])
@@ -37,16 +66,22 @@ module Noosfero
           end
           desc "Add a follower for the article"
-          get ':id/follow' do
+          post ':id/follow' do
+            authenticate!
             article = find_article(environment.articles, params[:id])
-            article_follower = ArticleFollower.new
-            article_follower.article = article
-            article_follower.person = current_person
-            article_follower.save!            
+            if article.article_followers.exists?(:person_id => current_person.id)
+              {:success => false, :already_follow => true}
+            else
+              article_follower = ArticleFollower.new
+              article_follower.article = article
+              article_follower.person = current_person
+              article_follower.save!
+              {:success => true}
+            end
           end
-          
           post ':id/vote' do
+            authenticate!
             value = (params[:value] || 1).to_i
             # FIXME verify allowed values
             render_api_error!('Vote value not allowed', 400) unless [-1, 1].include?(value)
@@ -63,7 +98,7 @@ module Noosfero
             articles = select_filtered_collection_of(article, 'children', params)
             articles = articles.display_filter(current_person, nil)
-            
+
             #TODO make tests for this situation
             if votes_order
               articles = articles.joins('left join votes on articles.id=votes.voteable_id').group('articles.id').reorder('sum(coalesce(votes.vote, 0)) DESC')
@@ -72,13 +107,14 @@ module Noosfero
             Article.hit(articles)
             present articles, :with => Entities::Article, :fields => params[:fields]
           end
-  
+
           get ':id/children/:child_id' do
             article = find_article(environment.articles, params[:id])
             present find_article(article.children, params[:child_id]), :with => Entities::Article, :fields => params[:fields]
           end
           post ':id/children/suggest' do
+            authenticate!
             parent_article = environment.articles.find(params[:id])
             suggest_article = SuggestArticle.new
@@ -96,12 +132,12 @@ module Noosfero
           # Example Request:
           #  POST api/v1/articles/:id/children?private_token=234298743290432&article[name]=title&article[body]=body
           post ':id/children' do
-
+            authenticate!
             parent_article = environment.articles.find(params[:id])
             return forbidden! unless parent_article.allow_create?(current_person)
             klass_type= params[:content_type].nil? ? 'TinyMceArticle' : params[:content_type]
-            #FIXME see how to check the article types 
+            #FIXME see how to check the article types
             #return forbidden! unless ARTICLE_TYPES.include?(klass_type)
             article = klass_type.constantize.new(params[:article])
@@ -119,129 +155,31 @@ module Noosfero
         end
-# Request example:
-# /api/v1/communities/64/articles?from=2013-04-04-14:41:43&until=2015-06-11-14:41:43&limit=10&categories_ids[]=7&categories_ids[]=8&private_token=a97b6a5cae2c4c54e4ae18dde1829a49
-
-        resource :communities do
-          segment '/:community_id' do
-            resource :articles do
-              get do
-                community = environment.communities.find(params[:community_id])
-                articles = select_filtered_collection_of(community, 'articles', params)
-                articles = articles.display_filter(current_person, community)
-                present articles, :with => Entities::Article, :fields => params[:fields]
-              end
-  
-              get ':id' do
-                community = environment.communities.find(params[:community_id])
-                article = find_article(community.articles, params[:id])
-                present article, :with => Entities::Article, :fields => params[:fields]
-              end
-  
-              # Example Request:
-              #  POST api/v1/communites/:community_id/articles?private_token=234298743290432&article[name]=title&article[body]=body
-              post do
-                community = environment.communities.find(params[:community_id])
-                return forbidden! unless current_person.can_post_content?(community)
-  
-                klass_type= params[:content_type].nil? ? 'TinyMceArticle' : params[:content_type]
-                return forbidden! unless ARTICLE_TYPES.include?(klass_type)
-  
-                article = klass_type.constantize.new(params[:article])
-                article.last_changed_by = current_person
-                article.created_by= current_person
-                article.profile = community
-  
-                if !article.save
-                  render_api_errors!(article.errors.full_messages)
+        kinds = %w[community person enterprise]
+        kinds.each do |kind|
+          resource kind.pluralize.to_sym do
+            segment "/:#{kind}_id" do
+              resource :articles do
+                get do
+                  profile = environment.send(kind.pluralize).find(params["#{kind}_id"])
+                  present_articles(profile)
                 end
-                present article, :with => Entities::Article, :fields => params[:fields]
-              end
-  
-            end
-          end
-  
-        end
-  
-        resource :people do
-          segment '/:person_id' do
-            resource :articles do
-              get do
-                person = environment.people.find(params[:person_id])
-                articles = select_filtered_collection_of(person, 'articles', params)
-                articles = articles.display_filter(current_person, person)
-                present articles, :with => Entities::Article, :fields => params[:fields]
-              end
-  
-              get ':id' do
-                person = environment.people.find(params[:person_id])
-                article = find_article(person.articles, params[:id])
-                present article, :with => Entities::Article, :fields => params[:fields]
-              end
-  
-              post do
-                person = environment.people.find(params[:person_id])
-                return forbidden! unless current_person.can_post_content?(person)
-  
-                klass_type= params[:content_type].nil? ? 'TinyMceArticle' : params[:content_type]
-                return forbidden! unless ARTICLE_TYPES.include?(klass_type)
-  
-                article = klass_type.constantize.new(params[:article])
-                article.last_changed_by = current_person
-                article.created_by= current_person
-                article.profile = person
-  
-                if !article.save
-                  render_api_errors!(article.errors.full_messages)
+
+                get ':id' do
+                  profile = environment.send(kind.pluralize).find(params["#{kind}_id"])
+                  present_article(profile)
                 end
-                present article, :with => Entities::Article, :fields => params[:fields]
-              end
-  
-            end
-          end
-  
-        end
-  
-        resource :enterprises do
-          segment '/:enterprise_id' do
-            resource :articles do
-              get do
-                enterprise = environment.enterprises.find(params[:enterprise_id])
-                articles = select_filtered_collection_of(enterprise, 'articles', params)
-                articles = articles.display_filter(current_person, enterprise)
-                present articles, :with => Entities::Article, :fields => params[:fields]
-              end
-  
-              get ':id' do
-                enterprise = environment.enterprises.find(params[:enterprise_id])
-                article = find_article(enterprise.articles, params[:id])
-                present article, :with => Entities::Article, :fields => params[:fields]
-              end
-  
-              post do
-                enterprise = environment.enterprises.find(params[:enterprise_id])
-                return forbidden! unless current_person.can_post_content?(enterprise)
-  
-                klass_type= params[:content_type].nil? ? 'TinyMceArticle' : params[:content_type]
-                return forbidden! unless ARTICLE_TYPES.include?(klass_type)
-  
-                article = klass_type.constantize.new(params[:article])
-                article.last_changed_by = current_person
-                article.created_by= current_person
-                article.profile = enterprise
-  
-                if !article.save
-                  render_api_errors!(article.errors.full_messages)
+
+                # Example Request:
+                #  POST api/v1/{people,communities,enterprises}/:asset_id/articles?private_token=234298743290432&article[name]=title&article[body]=body
+                post do
+                  profile = environment.send(kind.pluralize).find(params["#{kind}_id"])
+                  post_article(profile, params)
                 end
-                present article, :with => Entities::Article, :fields => params[:fields]
               end
-  
             end
           end
-  
         end
-  
-  
       end
     end
   end
@@ -3,22 +3,25 @@ module Noosfero
     module V1
       class Categories < Grape::API
         before { authenticate! }
-     
+
         resource :categories do
-  
+
           get do
             type = params[:category_type]
-            categories = type.nil? ?  environment.categories : environment.categories.find(:all, :conditions => {:type => type})
-            present categories, :with => Entities::Category
+            include_parent = params[:include_parent] == 'true'
+            include_children = params[:include_children] == 'true'
+
+            categories = type.nil? ?  environment.categories : environment.categories.where(:type => type)
+            present categories, :with => Entities::Category, parent: include_parent, children: include_children
           end
-    
-          desc "Return the category by id" 
+
+          desc "Return the category by id"
           get ':id' do
-            present environment.categories.find(params[:id]), :with => Entities::Category
+            present environment.categories.find(params[:id]), :with => Entities::Category, parent: true, children: true
           end
-  
+
         end
-     
+
       end
     end
   end
@@ -3,7 +3,7 @@ module Noosfero
     module V1
       class Comments < Grape::API
         before { authenticate! }
-  
+
         resource :articles do
           # Collect comments from articles
           #
@@ -15,32 +15,26 @@ module Noosfero
           # Example Request:
           #  GET /articles/12/comments?oldest&limit=10&reference_id=23
           get ":id/comments" do
-  
-            conditions = make_conditions_with_parameter(params)
             article = find_article(environment.articles, params[:id])
-  
-            if params[:reference_id]
-              comments = article.comments.send("#{params.key?(:oldest) ? 'older_than' : 'newer_than'}", params[:reference_id]).reorder("created_at DESC").find(:all, :conditions => conditions, :limit => limit)
-            else
-              comments = article.comments.reorder("created_at DESC").find(:all, :conditions => conditions, :limit => limit)
-            end
+            comments = select_filtered_collection_of(article, :comments, params)
+
             present comments, :with => Entities::Comment
-  
           end
-  
+
           get ":id/comments/:comment_id" do
             article = find_article(environment.articles, params[:id])
             present article.comments.find(params[:comment_id]), :with => Entities::Comment
           end
-  
+
           # Example Request:
-          #  POST api/v1/articles/12/comments?private_toke=234298743290432&body=new comment
+          #  POST api/v1/articles/12/comments?private_token=2298743290432&body=new comment&title=New
           post ":id/comments" do
             article = find_article(environment.articles, params[:id])
-            present article.comments.create(:author => current_person, :body => params[:body]), :with => Entities::Comment
+            options = params.select { |key,v| !['id','private_token'].include?(key) }.merge(:author => current_person)
+            present article.comments.create(options), :with => Entities::Comment
           end
         end
-  
+
       end
     end
   end
@@ -3,9 +3,9 @@ module Noosfero
     module V1
       class Communities < Grape::API
         before { authenticate! }
-     
+
         resource :communities do
-  
+
           # Collect comments from articles
           #
           # Parameters:
@@ -19,10 +19,11 @@ module Noosfero
           get do
             communities = select_filtered_collection_of(environment, 'communities', params)
             communities = communities.visible_for_person(current_person)
+            communities = communities.by_location(params) # Must be the last. May return Exception obj.
             present communities, :with => Entities::Community
           end
-  
-  
+
+
           # Example Request:
           #  POST api/v1/communties?private_token=234298743290432&community[name]=some_name
           post do
@@ -32,40 +33,40 @@ module Noosfero
             rescue
               community = Community.new(params[:community])
             end
-  
+
             if !community.save
               render_api_errors!(community.errors.full_messages)
             end
-  
+
             present community, :with => Entities::Community
           end
-  
+
           get ':id' do
-            community = environment.communities.visible.find_by_id(params[:id])
+            community = environment.communities.visible_for_person(current_person).find_by_id(params[:id])
             present community, :with => Entities::Community
           end
-  
+
         end
-  
+
         resource :people do
-  
+
           segment '/:person_id' do
-  
+
             resource :communities do
-  
+
               get do
                 person = environment.people.find(params[:person_id])
                 communities = select_filtered_collection_of(person, 'communities', params)
                 communities = communities.visible
                 present communities, :with => Entities::Community
               end
-  
+
             end
-  
+
           end
-  
+
         end
-  
+
       end
     end
   end
@@ -3,15 +3,16 @@ module Noosfero
     module V1
       class Enterprises < Grape::API
         before { authenticate! }
-  
+
         resource :enterprises do
-  
-          # Collect comments from articles
+
+          # Collect enterprises from environment
           #
           # Parameters:
           #   from             - date where the search will begin. If nothing is passed the default date will be the date of the first article created
           #   oldest           - Collect the oldest comments from reference_id comment. If nothing is passed the newest comments are collected
           #   limit            - amount of comments returned. The default value is 20
+          #   georef params    - read `Profile.by_location` for more information.
           #
           # Example Request:
           #  GET /enterprises?from=2013-04-04-14:41:43&until=2014-04-04-14:41:43&limit=10
@@ -19,37 +20,38 @@ module Noosfero
           get do
             enterprises = select_filtered_collection_of(environment, 'enterprises', params)
             enterprises = enterprises.visible_for_person(current_person)
+            enterprises = enterprises.by_location(params) # Must be the last. May return Exception obj.
             present enterprises, :with => Entities::Enterprise
           end
-  
+
           desc "Return one enterprise by id"
           get ':id' do
-            enterprise = environment.enterprises.visible.find_by_id(params[:id])
+            enterprise = environment.enterprises.visible_for_person(current_person).find_by_id(params[:id])
             present enterprise, :with => Entities::Enterprise
           end
-  
+
         end
-  
+
         resource :people do
-  
+
           segment '/:person_id' do
-  
+
             resource :enterprises do
-  
+
               get do
                 person = environment.people.find(params[:person_id])
                 enterprises = select_filtered_collection_of(person, 'enterprises', params)
-                enterprises = enterprises.visible
+                enterprises = enterprises.visible.by_location(params)
                 present enterprises, :with => Entities::Enterprise
               end
-  
+
             end
-  
+
           end
-  
+
         end
-  
-  
+
+
       end
     end
   end
@@ -0,0 +1,18 @@
+module Noosfero
+  module API
+    module V1
+      class Environments < Grape::API
+  
+        resource :environment do
+  
+          desc "Return the person information"
+          get '/signup_person_fields' do
+            present environment.signup_person_fields
+          end
+  
+        end
+  
+      end
+    end
+  end
+end
@@ -3,10 +3,22 @@ module Noosfero
     module V1
       class People < Grape::API
         before { authenticate! }
-  
+
+        desc 'API Root'
+
         resource :people do
-  
-          # Collect comments from articles
+
+          # -- A note about privacy --
+          # We wold find people by location, but we must test if the related
+          # fields are public. We can't do it now, with SQL, while the location
+          # data and the fields_privacy are a serialized settings.
+          # We must build a new table for profile data, where we can set meta-data
+          # like:
+          # | id | profile_id | key  | value    | privacy_level | source    |
+          # |  1 |         99 | city | Salvador | friends       | user      |
+          # |  2 |         99 | lng  |  -38.521 | me only       | automatic |
+
+          # Collect people from environment
           #
           # Parameters:
           #   from             - date where the search will begin. If nothing is passed the default date will be the date of the first article created
@@ -16,26 +28,68 @@ module Noosfero
           # Example Request:
           #  GET /people?from=2013-04-04-14:41:43&until=2014-04-04-14:41:43&limit=10
           #  GET /people?reference_id=10&limit=10&oldest
+
+          desc "Find environment's people"
           get do
             people = select_filtered_collection_of(environment, 'people', params)
             people = people.visible_for_person(current_person)
             present people, :with => Entities::Person
           end
-  
+
+          desc "Return the logged user information"
+          get "/me" do
+            present current_person, :with => Entities::Person
+          end
+
           desc "Return the person information"
           get ':id' do
-            person = environment.people.visible.find_by_id(params[:id])
+            person = environment.people.visible_for_person(current_person).find_by_id(params[:id])
+            return not_found! if person.blank?
             present person, :with => Entities::Person
           end
-  
+
+          # Example Request:
+          #  POST api/v1/people?person[login]=some_login&person[password]=some_password&person[name]=Jack
+          desc "Create person"
+          post do
+            user_data = {}
+            user_data[:login] = params[:person].delete(:login) || params[:person][:identifier]
+            user_data[:email] = params[:person].delete(:email)
+            user_data[:password] = params[:person].delete(:password)
+            user_data[:password_confirmation] = params[:person].delete(:password_confirmation)
+            user = User.build(user_data, params[:person], environment)
+            begin
+              user.signup!
+            rescue ActiveRecord::RecordInvalid
+              render_api_errors!(user.errors.full_messages)
+            end
+
+            present user.person, :with => Entities::Person
+          end
+
           desc "Return the person friends"
           get ':id/friends' do
-            friends = current_person.friends.visible
+            person = environment.people.visible_for_person(current_person).find_by_id(params[:id])
+            return not_found! if person.blank?
+            friends = person.friends.visible
             present friends, :with => Entities::Person
           end
-  
+
+          desc "Return the person permissions on other profiles"
+          get ":id/permissions" do
+            person = environment.people.find(params[:id])
+            return not_found! if person.blank?
+            return forbidden! unless current_person == person || environment.admins.include?(current_person)
+
+            output = {}
+            person.role_assignments.map do |role_assigment|
+              if role_assigment.resource.respond_to?(:identifier)
+                output[role_assigment.resource.identifier] = role_assigment.role.permissions
+              end
+            end
+            present output
+          end
         end
-  
       end
     end
   end
@@ -0,0 +1,24 @@		@@ -0,0 +1,24 @@
	1	+before_script:
	2	+ - mkdir -p tmp/pids log
	3	+ - bundle check \|\| bundle install
	4	+ - script/noosfero-plugins disableall
	5	+ - bundle exec rake makemo &>/dev/null
	6	+# database
	7	+ - cp config/database.yml.gitlab-ci config/database.yml
	8	+ - createdb gitlab_ci_test \|\| true
	9	+ - bundle exec rake db:schema:load &>/dev/null
	10	+ - bundle exec rake db:migrate &>/dev/null
	11	+
	12	+units:
	13	+ script: bundle exec rake test:units
	14	+functionals:
	15	+ script: bundle exec rake test:functionals
	16	+integration:
	17	+ script: bundle exec rake test:integration
	18	+cucumber:
	19	+ script: bundle exec rake cucumber
	20	+selenium:
	21	+ script: bundle exec rake selenium
	22	+plugins:
	23	+ script: bundle exec rake test:noosfero_plugins
	24	+
	@@ -28,3 +28,9 @@		@@ -28,3 +28,9 @@
28	[submodule "public/proposal-app"]	28	[submodule "public/proposal-app"]
29	path = public/proposal-app	29	path = public/proposal-app
30	url = https://gitlab.com/participa/proposal-app.git	30	url = https://gitlab.com/participa/proposal-app.git
		31	+[submodule "plugins/gravatar-provider"]
		32	+ path = plugins/gravatar-provider
		33	+ url = https://gitlab.com/noosfero-plugins/gravatar-provider.git
		34	+[submodule "plugins/juventude"]
		35	+ path = plugins/juventude
		36	+ url = https://gitlab.com/noosfero-plugins/juventude.git
@@ -0,0 +1,50 @@		@@ -0,0 +1,50 @@
	1	+language: ruby
	2	+rvm:
	3	+# for 2.2 support we need to upgrade the pg gem
	4	+ - 2.1.6
	5	+cache: bundler
	6	+
	7	+sudo: false
	8	+addons:
	9	+ apt:
	10	+ packages:
	11	+ - po4a
	12	+ - iso-codes
	13	+ - tango-icon-theme
	14	+ - pidgin-data
	15	+ # for gem extensions
	16	+ - libmagickwand-dev
	17	+ - libpq-dev
	18	+ - libreadline-dev
	19	+ - libsqlite3-dev
	20	+ - libxslt1-dev
	21	+
	22	+before_install:
	23	+# FIXME: workaround while https://github.com/travis-ci/travis-ci/issues/4210 is open
	24	+ - rm config/initializers/default_icon_theme.rb
	25	+# selenium support
	26	+ - export DISPLAY=:99.0
	27	+ - sh -e /etc/init.d/xvfb start
	28	+
	29	+before_script:
	30	+ - mkdir -p tmp/pids log
	31	+ - bundle check \|\| bundle install
	32	+ - script/noosfero-plugins disableall
	33	+ - bundle exec rake makemo &>/dev/null
	34	+# database
	35	+ - cp config/database.yml.travis config/database.yml
	36	+ - psql -c 'create database myapp_test;' -U postgres
	37	+ - bundle exec rake db:schema:load &>/dev/null
	38	+ - bundle exec rake db:migrate &>/dev/null
	39	+
	40	+env:
	41	+ - TASK=test:units
	42	+ - TASK=test:functionals
	43	+ - TASK=test:integration
	44	+ - TASK=cucumber
	45	+ - TASK=selenium
	46	+ - TASK=test:noosfero_plugins
	47	+
	48	+script:
	49	+ - bundle exec rake $TASK
	50	+
@@ -0,0 +1,19 @@		@@ -0,0 +1,19 @@
	1	+class ApiController < PublicController
	2	+
	3	+ no_design_blocks
	4	+
	5	+ helper_method :endpoints
	6	+
	7	+ def index
	8	+ end
	9	+
	10	+ def playground
	11	+ end
	12	+
	13	+ private
	14	+
	15	+ def endpoints
	16	+ Noosfero::API::API.endpoints(environment)
	17	+ end
	18	+
	19	+end
	@@ -16,7 +16,7 @@ module CommentHelper		@@ -16,7 +16,7 @@ module CommentHelper
16	content_tag('span', show_date(article.published_at), :class => 'date') +	16	content_tag('span', show_date(article.published_at), :class => 'date') +
17	content_tag('span', [_(", by %s") % link_to(article.author_name, article.author_url)], :class => 'author') +	17	content_tag('span', [_(", by %s") % link_to(article.author_name, article.author_url)], :class => 'author') +
18	content_tag('span', comments, :class => 'comments'),	18	content_tag('span', comments, :class => 'comments'),
19	- :class => 'created-at'	19	+ :class => 'publishing-info'
20	)	20	)
21	end	21	end
22	title	22	title
	@@ -30,7 +30,7 @@ module ContentViewerHelper		@@ -30,7 +30,7 @@ module ContentViewerHelper
30	date_format +	30	date_format +
31	content_tag('span', _(", by %s") % (article.author ? link_to(article.author_name, article.author_url) : article.author_name), :class => 'author') +	31	content_tag('span', _(", by %s") % (article.author ? link_to(article.author_name, article.author_url) : article.author_name), :class => 'author') +
32	content_tag('span', comments, :class => 'comments'),	32	content_tag('span', comments, :class => 'comments'),
33	- :class => 'created-at'	33	+ :class => 'publishing-info'
34	)	34	)
35	end	35	end
36	title	36	title
	@@ -30,7 +30,7 @@ module EventsHelper		@@ -30,7 +30,7 @@ module EventsHelper
30	# the day itself	30	# the day itself
31	date,	31	date,
32	# is there any events in this date?	32	# is there any events in this date?
33	- events.any? {\|event\| event.date_range.include?(date)},	33	+ events.any? {\|event\| event.date_range.cover?(date)},
34	# is this date in the current month?	34	# is this date in the current month?
35	true	35	true
36	]	36	]
@@ -0,0 +1,13 @@		@@ -0,0 +1,13 @@
	1	+module TaskHelper
	2	+
	3	+ def task_email_template(description, email_templates, task, include_blank=true)
	4	+ return '' unless email_templates.present?
	5	+
	6	+ content_tag(
	7	+ :div,
	8	+ labelled_form_field(description, select_tag("tasks[#{task.id}][task][email_template_id]", options_from_collection_for_select(email_templates, :id, :name), :include_blank => include_blank, 'data-url' => url_for(:controller => 'email_templates', :action => 'show_parsed', :profile => profile.identifier))),
	9	+ :class => 'template-selection'
	10	+ )
	11	+ end
	12	+
	13	+end
	@@ -2,6 +2,9 @@ class AddMember < Task		@@ -2,6 +2,9 @@ class AddMember < Task
2		2
3	validates_presence_of :requestor_id, :target_id	3	validates_presence_of :requestor_id, :target_id
4		4
		5	+ validates :requestor, kind_of: {kind: Person}
		6	+ validates :target, kind_of: {kind: Organization}
		7	+
5	alias :person :requestor	8	alias :person :requestor
6	alias :person= :requestor=	9	alias :person= :requestor=
7		10
1	class ApproveArticle < Task	1	class ApproveArticle < Task
2	validates_presence_of :requestor_id, :target_id	2	validates_presence_of :requestor_id, :target_id
3		3
		4	+ validates :requestor, kind_of: {kind: Person}
		5	+ validate :allowed_requestor
		6	+
		7	+ def allowed_requestor
		8	+ if target
		9	+ if target.person? && requestor != target
		10	+ self.errors.add(:requestor, _('You can not post articles to other users.'))
		11	+ end
		12	+ if target.organization? && !target.members.include?(requestor) && target.environment.portal_community != target
		13	+ self.errors.add(:requestor, _('Only members can post articles on communities.'))
		14	+ end
		15	+ end
		16	+ end
		17	+
4	def article_title	18	def article_title
5	article ? article.title : _('(The original text was removed)')	19	article ? article.title : _('(The original text was removed)')
6	end	20	end
7	-	21	+
8	def article	22	def article
9	Article.find_by_id data[:article_id]	23	Article.find_by_id data[:article_id]
10	end	24	end
	@@ -124,4 +138,9 @@ class ApproveArticle < Task		@@ -124,4 +138,9 @@ class ApproveArticle < Task
124	message	138	message
125	end	139	end
126		140
		141	+ def request_is_member_of_target
		142	+ unless requestor.is_member_of?(target)
		143	+ errors.add(:approve_article, N_('Requestor must be a member of target.'))
		144	+ end
		145	+ end
127	end	146	end