merging with master

Leandro Santos
2 parents 40ab912d 6e1949cf
Showing 82 changed files with 1582 additions and 137 deletions Show diff stats
AUTHORS.md
Gemfile
app/controllers/admin/role_controller.rb
app/controllers/application_controller.rb
app/controllers/my_profile/profile_design_controller.rb
app/controllers/my_profile/profile_members_controller.rb
app/controllers/my_profile/profile_roles_controller.rb
app/helpers/application_helper.rb
app/helpers/boxes_helper.rb
app/helpers/layout_helper.rb
app/models/block.rb
app/models/environment.rb
app/models/organization.rb
app/models/profile.rb
app/views/blocks/profile_info_actions/_join_leave_community.html.erb
app/views/box_organizer/edit.html.erb
app/views/profile_editor/index.html.erb
app/views/profile_members/change_role.html.erb
app/views/profile_roles/_form.html.erb
app/views/profile_roles/assign.html.erb
@@ -92,6 +92,7 @@ Daniel Alves + Rafael Manzo &lt;rr.manzo@gmail.com&gt;
 Daniela Soares Feitosa <danielafeitosa@colivre.coop.br>
 Daniel Bucher <daniel.bucher88@gmail.com>
 Daniel Cunha <daniel@colivre.coop.br>
+daniel <dtygel@eita.org.br>
 David Carlos <ddavidcarlos1392@gmail.com>
 diegoamc <diegoamc90@gmail.com>
 Diego Araújo + Alessandro Palmeira <diegoamc90@gmail.com>
@@ -120,6 +121,7 @@ Diego Araujo + Rodrigo Souto + Rafael Manzo &lt;rr.manzo@gmail.com&gt;
 Diego + Jefferson <diegoamc90@gmail.com>
 Diego Martinez <diegoamc90@gmail.com>
 Diego + Renan <renanteruoc@gmail.com>
+dtygel <dtygel@gmail.com>
 DylanGuedes <djmgguedes@gmail.com>
 Eduardo Passos <eduardo@risa.localdomain.localhost>
 Eduardo Passos <eduardosteps@gmail.com>
@@ -144,6 +146,7 @@ Italo Valcy &lt;italo@dcc.ufba.br&gt;
 Jefferson Fernandes + Diego Araujo + Rafael Manzo <jeffs.fernandes@gmail.com>
 Jefferson Fernandes + Joao M. M. da Silva <jeffs.fernandes@gmail.com>
 Jefferson Fernandes + Joao M. M. Silva <jeffs.fernandes@gmail.com>
+Jérôme Jutteau <j.jutteau@gmail.com>
 João da Silva + Eduardo Morais + Rafael Manzo <rr.manzo@gmail.com>
 João da Silva <jaodsilv@linux.ime.usp.br>
 João Marco Maciel da Silva + Rafael Manzo + Renan Teruo <jaodsilv@linux.ime.usp.br>
@@ -247,8 +250,10 @@ Tallys Martins &lt;tallysmartins@gmail.com&gt;
 Tallys Martins <tallysmartins@yahoo.com.br>
 tallys <tallys@tallys>
 tallys <tallys@tallys.(none)>
+Thiago Casotti <thiago.casotti@uol.com.br>
 Thiago Zoroastro <thiago.zoroastro@bol.com.br>
 Tuux <tuxa@galaxie.eu.org>
+TWS <tablettws@gmail.com>
 Valessio Brito <contato@valessiobrito.com.br>
 Valessio Brito <contato@valessiobrito.info>
 Valessio Brito <valessio@gmail.com>
@@ -27,23 +27,17 @@ gem &#39;api-pagination&#39;,           &#39;~&gt; 4.1.1&#39;
 gem 'rack-cors'
 gem 'rack-contrib'
-#gem 'grape-swagger-rails'
-
-# FIXME list here all actual dependencies (i.e. the ones in debian/control),
-# with their GEM names (not the Debian package names)
-
+# asset pipeline
+gem 'uglifier', '>= 1.0.3'
 gem 'sass-rails'
-group :assets do
-  gem 'uglifier', '>= 1.0.3'
-end
 group :production do
   gem 'dalli', '~> 2.7.0'
 end
 group :test do
-  gem 'rspec',                  '~> 2.10.0'
-  gem 'rspec-rails',            '~> 2.10.1'
+  gem 'rspec',                  '~> 2.14.0'
+  gem 'rspec-rails',            '~> 2.14.1'
   gem 'mocha',                  '~> 1.1.0', :require => false
 end
@@ -2,7 +2,7 @@ class RoleController &lt; AdminController
   protect 'manage_environment_roles', :environment
   def index
-    @roles = environment.roles.find(:all)
+    @roles = environment.roles.find(:all, :conditions => {:profile_id => nil})
   end
   def new
@@ -14,6 +14,7 @@ class ApplicationController &lt; ActionController::Base
   def log_user
     Rails.logger.info "Logged in: #{user.identifier}" if user
   end
+  before_filter :redirect_to_current_user
   def verify_members_whitelist
     render_access_denied unless user.is_admin? || environment.in_whitelist?(user)
@@ -197,4 +198,15 @@ class ApplicationController &lt; ActionController::Base
   def private_environment?
     @environment.enabled?(:restrict_to_members)
   end
+
+  def redirect_to_current_user
+    if params[:profile] == '~'
+      if logged_in?
+        redirect_to params.merge(:profile => user.identifier)
+      else
+        render_not_found
+      end
+    end
+  end
+
 end
@@ -4,12 +4,20 @@ class ProfileDesignController &lt; BoxOrganizerController
   protect 'edit_profile_design', :profile
-  before_filter :protect_fixed_block, :only => [:save, :move_block]
+  before_filter :protect_uneditable_block, :only => [:save]
+  before_filter :protect_fixed_block, :only => [:move_block]
+
+  def protect_uneditable_block
+    block = boxes_holder.blocks.find(params[:id].gsub(/^block-/, ''))
+    if !current_person.is_admin? && !block.editable?
+      render_access_denied
+    end
+  end
   def protect_fixed_block
     return if params[:id].blank?
     block = boxes_holder.blocks.find(params[:id].gsub(/^block-/, ''))
-    if block.present? && block.fixed && !current_person.is_admin?
+    if block.present? && !current_person.is_admin? && !block.movable?
       render_access_denied
     end
   end
@@ -58,6 +58,7 @@ class ProfileMembersController &lt; MyProfileController
   def change_role
     @roles = Profile::Roles.organization_member_roles(environment.id)
+    @custom_roles = profile.custom_roles
     begin
       @member = profile.members.find(params[:id])
     rescue ActiveRecord::RecordNotFound
@@ -0,0 +1,116 @@
+class ProfileRolesController < MyProfileController
+
+  protect 'manage_custom_roles', :profile
+
+  def index
+    @roles = profile.custom_roles
+  end
+
+  def new
+    @role = Role.new
+  end
+
+  def create
+    @role = Role.new({:name => params[:role][:name], :permissions => params[:role][:permissions], :environment => environment }, :without_protection => true)
+    if @role.save
+      profile.custom_roles << @role
+      redirect_to :action => 'show', :id => @role
+    else
+      session[:notice] = _('Failed to create role')
+      render :action => 'new'
+    end
+  end
+
+  def show
+    @role = environment.roles.find(params[:id])
+  end
+
+  def edit
+    @role = environment.roles.find(params[:id])
+  end
+
+  def assign_role_by_members
+    return redirect_to "/" if params[:q].nil? or !request.xhr?
+    arg = params[:q].downcase
+    result = find_by_contents(:people, environment, profile.members, params[:q])[:results]
+    render :text => prepare_to_token_input(result).to_json
+  end
+
+  def destroy
+    @role = environment.roles.find(params[:id])
+    @members = profile.members_by_role(@role)
+    @roles_list = all_roles(environment, profile)
+    @roles_list.delete(@role)
+  end
+
+  def remove
+    @role = environment.roles.find(params[:id])
+    @members = profile.members_by_role(@role)
+    member_roles = params[:roles] ? environment.roles.find(params[:roles].select{|r|!r.to_i.zero?}) : []
+    append_roles(@members, member_roles, profile)
+    if @role.destroy
+      session[:notice] = _('Role successfuly removed!')
+    else
+      session[:notice] = _('Failed to remove role!')
+    end
+    redirect_to :action => 'index'
+  end
+
+  def update
+    @role = environment.roles.find(params[:id])
+    if @role.update_attributes(params[:role])
+      redirect_to :action => 'show', :id => @role
+    else
+      session[:notice] = _('Failed to edit role')
+      render :action => 'edit'
+    end
+  end
+
+  def assign
+    @role = environment.roles.find(params[:id])
+    @roles_list = all_roles(environment, profile)
+    @roles_list.delete(@role)
+  end
+
+  def define
+    @role = environment.roles.find(params[:id])
+    selected_role = params[:selected_role] ? environment.roles.find(params[:selected_role].to_i) : nil
+    if params[:assign_role_by].eql? "members"
+      members_list = params[:person_id].split(',').collect {|id| environment.profiles.find(id.to_i)}
+      members_list.collect{|person| person.add_role(@role, profile)}
+    elsif params[:assign_role_by].eql? "roles"
+      members = profile.members_by_role(selected_role)
+      replace_role(members, selected_role, @role, profile)
+    else
+      session[:notice] = _("Error")
+    end
+    redirect_to :action => 'index'
+  end
+
+  protected
+
+  def append_roles(members, roles, profile)
+    members.each do |person|
+      all_roles = person.find_roles(profile).map(&:role) + roles
+      person.define_roles(all_roles, profile)
+    end
+  end
+
+  def all_roles(environment, profile)
+    Profile::Roles.organization_member_roles(environment.id) + profile.custom_roles
+  end
+
+  def replace_roles(members, roles, profile)
+    members.each do |person|
+      person.define_roles(roles, profile)
+    end
+  end
+
+  def replace_role(members, role, new_role, profile)
+    members.each do |person|
+      person.remove_role(role, profile)
+      person.add_role(new_role, profile)
+    end
+  end
+
+end
@@ -717,6 +717,24 @@ module ApplicationHelper
     javascript_include_tag script if script
   end
+  def template_path
+    if profile.nil?
+      "/designs/templates/#{environment.layout_template}"
+    else
+      "/designs/templates/#{profile.layout_template}"
+    end
+  end
+
+  def template_javascript_src
+    script = File.join template_path, '/javascripts/template.js'
+    script if File.exists? File.join(Rails.root, 'public', script)
+  end
+
+  def templete_javascript_ng
+    script = template_javascript_src
+    javascript_include_tag script if script
+  end
+
   def file_field_or_thumbnail(label, image, i)
     display_form_field label, (
       render :partial => (image && image.valid? ? 'shared/show_thumbnail' : 'shared/change_image'),
@@ -190,7 +190,7 @@ module BoxesHelper
       else
         "before-block-#{block.id}"
       end
-    if block.nil? or modifiable?(block)
+    if block.nil? || movable?(block)
       url = url_for(:action => 'move_block', :target => id)
       content_tag('div', _('Drop Here'), :id => id, :class => 'block-target' ) + drop_receiving_element(id, :accept => box.acceptable_blocks, :hoverclass => 'block-target-hover', :activeClass => 'block-target-active', :tolerance => 'pointer', :onDrop => "function(ev, ui) { dropBlock('#{url}', '#{_('loading...')}', ev, ui);}")
     else
@@ -200,7 +200,7 @@ module BoxesHelper
   # makes the given block draggable so it can be moved away.
   def block_handle(block)
-    return "" unless modifiable?(block)
+    return "" unless movable?(block)
     icon = "<div><div>#{display_icon(block.class)}</div><span>#{_(block.class.pretty_name)}</span></div>"
     block_draggable("block-#{block.id}",
                     :helper => "function() {return cloneDraggableBlock($(this), '#{icon}')}")
@@ -225,7 +225,7 @@ module BoxesHelper
     buttons = []
     nowhere = 'javascript: return false;'
-    if modifiable?(block)
+    if movable?(block)
       if block.first?
         buttons << icon_button('up-disabled', _("Can't move up anymore."), nowhere)
       else
@@ -248,15 +248,15 @@ module BoxesHelper
           buttons << icon_button('left', _('Move to the opposite side'), { :action => 'move_block', :target => 'end-of-box-' + holder.boxes[1].id.to_s, :id => block.id }, :method => 'post' )
         end
       end
+    end
-      if block.editable?
-        buttons << modal_icon_button(:edit, _('Edit'), { :action => 'edit', :id => block.id })
-      end
+    if editable?(block)
+      buttons << modal_icon_button(:edit, _('Edit'), { :action => 'edit', :id => block.id })
+    end
-      if !block.main?
-        buttons << icon_button(:delete, _('Remove block'), { :action => 'remove', :id => block.id }, { :method => 'post', :confirm => _('Are you sure you want to remove this block?')})
-        buttons << icon_button(:clone, _('Clone'), { :action => 'clone_block', :id => block.id }, { :method => 'post' })
-      end
+    if movable?(block) && !block.main?
+      buttons << icon_button(:delete, _('Remove block'), { :action => 'remove', :id => block.id }, { :method => 'post', :confirm => _('Are you sure you want to remove this block?')})
+      buttons << icon_button(:clone, _('Clone'), { :action => 'clone_block', :id => block.id }, { :method => 'post' })
     end
     if block.respond_to?(:help)
@@ -292,7 +292,11 @@ module BoxesHelper
     classes
   end
-  def modifiable?(block)
-    return !block.fixed || environment.admins.include?(user)
+  def movable?(block)
+    return block.movable? || user.is_admin?
+  end
+
+  def editable?(block)
+    return block.editable? || user.is_admin?
   end
 end
@@ -38,6 +38,8 @@ module LayoutHelper
     output += theme_javascript_ng.to_s
     output += javascript_tag 'render_all_jquery_ui_widgets()'
+    output += templete_javascript_ng.to_s
+
     output
   end
@@ -70,11 +72,7 @@ module LayoutHelper
   end
   def template_stylesheet_path
-    if profile.nil?
-      "/designs/templates/#{environment.layout_template}/stylesheets/style.css"
-    else
-      "/designs/templates/#{profile.layout_template}/stylesheets/style.css"
-    end
+    File.join template_path, "/stylesheets/style.css"
   end
 class Block < ActiveRecord::Base
-  attr_accessible :title, :display, :limit, :box_id, :posts_per_page, :visualization_format, :language, :display_user, :box, :fixed
+  attr_accessible :title, :display, :limit, :box_id, :posts_per_page,
+                  :visualization_format, :language, :display_user,
+                  :box, :edit_modes, :move_modes
   # to be able to generate HTML
   include ActionView::Helpers::UrlHelper
@@ -110,8 +112,13 @@ class Block &lt; ActiveRecord::Base
   # * <tt>'all'</tt>: the block is always displayed
   settings_items :language, :type => :string, :default => 'all'
-  # The block can be configured to be fixed. Only can be edited by environment admins
-  settings_items :fixed, :type => :boolean, :default => false
+  # The block can be configured to define the edition modes options. Only can be edited by environment admins
+  # It can assume the following values:
+  #
+  # * <tt>'all'</tt>: the block owner has all edit options for this block
+  # * <tt>'none'</tt>: the block owner can't do anything with the block
+  settings_items :edit_modes, :type => :string, :default => 'all'
+  settings_items :move_modes, :type => :string, :default => 'all'
   # returns the description of the block, used when the user sees a list of
   # blocks to choose one to include in the design.
@@ -178,7 +185,11 @@ class Block &lt; ActiveRecord::Base
   # Is this block editable? (Default to <tt>false</tt>)
   def editable?
-    true
+    self.edit_modes == "all"
+  end
+
+  def movable?
+    self.move_modes == "all"
   end
   # must always return false, except on MainBlock clas.
@@ -258,6 +269,21 @@ class Block &lt; ActiveRecord::Base
     }
   end
+  def edit_block_options
+    @edit_options ||= {
+      'all'            => _('Can be modified'),
+      'none'           => _('Cannot be modified')
+    }
+  end
+
+  def move_block_options
+    @move_options ||= {
+      'all'            => _('Can be moved'),
+      'none'           => _('Cannot be moved')
+    }
+  end
+
+
   def duplicate
     duplicated_block = self.dup
     duplicated_block.display = 'never'
@@ -19,6 +19,8 @@ class Environment &lt; ActiveRecord::Base
     filename
   end
+  NUMBER_OF_BOXES = 4
+
   PERMISSIONS['Environment'] = {
     'view_environment_admin_panel' => N_('View environment admin panel'),
     'edit_environment_features' => N_('Edit environment features'),
@@ -172,7 +174,7 @@ class Environment &lt; ActiveRecord::Base
   acts_as_having_boxes
   after_create do |env|
-    3.times do
+    NUMBER_OF_BOXES.times do
       env.boxes << Box.new
     end
@@ -737,8 +739,8 @@ class Environment &lt; ActiveRecord::Base
   end
   def is_default_template?(template)
-    is_default = template == community_default_template 
-    is_default = is_default || template == person_default_template 
+    is_default = template == community_default_template
+    is_default = is_default || template == person_default_template
     is_default = is_default || template == enterprise_default_template
     is_default
   end
@@ -36,6 +36,8 @@ class Organization &lt; Profile
   has_many :mailings, :class_name => 'OrganizationMailing', :foreign_key => :source_id, :as => 'source'
+  has_many :custom_roles, :class_name => 'Role', :foreign_key => :profile_id
+
   scope :more_popular, :order => 'members_count DESC'
   validate :presence_of_required_fieds, :unless => :is_template
@@ -50,6 +50,8 @@ class Profile &lt; ActiveRecord::Base
     self.template.custom_fields[field][:title]
   end
+  NUMBER_OF_BOXES = 4
+
   def self.default_search_display
     'compact'
   end
@@ -71,7 +73,7 @@ class Profile &lt; ActiveRecord::Base
       find_role('editor', env_id)
     end
     def self.organization_member_roles(env_id)
-      all_roles(env_id).select{ |r| r.key.match(/^profile_/) unless r.key.blank? }
+      all_roles(env_id).select{ |r| r.key.match(/^profile_/) unless r.key.blank? || !r.profile_id.nil?}
     end
     def self.all_roles(env_id)
       Role.all :conditions => { :environment_id => env_id }
@@ -103,6 +105,7 @@ class Profile &lt; ActiveRecord::Base
     'publish_content'      => N_('Publish content'),
     'invite_members'       => N_('Invite members'),
     'send_mail_to_members' => N_('Send e-Mail to members'),
+    'manage_custom_roles'  => N_('Manage custom roles'),
   }
   acts_as_accessible
@@ -399,7 +402,7 @@ class Profile &lt; ActiveRecord::Base
     if template
       apply_template(template, :copy_articles => false)
     else
-      3.times do
+      NUMBER_OF_BOXES.times do
         self.boxes << Box.new
       end
@@ -442,6 +445,7 @@ class Profile &lt; ActiveRecord::Base
   alias_method_chain :template, :default
   def apply_template(template, options = {:copy_articles => true})
+    self.template = template
     copy_blocks_from(template)
     copy_articles_from(template) if options[:copy_articles]
     self.apply_type_specific_template(template)
-<div class='join-leave-button'>
+<div class='join-leave-button require-login-popup'>
   <% if logged_in? %>
     <% if profile.members.include?(user) %>
       <%= button(:delete, content_tag('span', _('Leave community')), profile.leave_url,
@@ -5,12 +5,6 @@
     <%= labelled_form_field(_('Custom title for this block: '), text_field(:block, :title, :maxlength => 20)) %>
-    <% if environment.admins.include?(user) %>
-      <div class="fixed_block">
-        <%= labelled_check_box(_("Fixed"), "block[fixed]", value = "1", checked = @block.fixed) %>
-      </div>
-    <% end %>
-
     <%= render :partial => partial_for_class(@block.class) %>
     <div class="display">
@@ -25,6 +19,15 @@
     <%= labelled_form_field(_('Show for:'), select(:block, :language, [ [ _('all languages'), 'all']] + environment.locales.map {|key, value| [value, key]} )) %>
+    <% if user.is_admin? %>
+      <div class="edit-modes">
+        <%= labelled_form_field _('Edit options:'), select_tag('block[edit_modes]', options_from_collection_for_select(@block.edit_block_options, :first, :last, @block.edit_modes)) %>
+      </div>
+      <div class="move-modes">
+        <%= labelled_form_field _('Move options:'), select_tag('block[move_modes]', options_from_collection_for_select(@block.move_block_options, :first, :last, @block.move_modes)) %>
+      </div>
+    <% end %>
+
     <% button_bar do %>
       <%= submit_button(:save, _('Save')) %>
       <%= modal_close_button(_('Cancel')) %>
@@ -28,6 +28,8 @@
   <%= control_panel_button(_('Manage Content'), 'cms', :controller => 'cms') %>
+  <%= control_panel_button(_('Manage Roles'), 'roles', :controller => 'profile_roles') %>
+
   <% unless profile.enterprise? %>
     <%= case profile.blogs.count
       when 0
 <h3> <%= _('Changing role of %s') % @member.name %> </h3>
 <%= labelled_form_for :member, :url => {:action => 'update_roles'} do |f| %>
-  
-  <%= _('Roles:') %> <br>
+
+  <h4><%= _('Roles:') %></h4>
   <% @roles.each do |r| %>
     <%= labelled_check_box(r.name, 'roles[]', r.id, @associations.map(&:role).include?(r) ) %><br/>
     <ul class="role-permissions">
@@ -11,6 +11,17 @@
       <% end %>
     </ul>
   <% end %>
+  <% unless @custom_roles.empty? %>
+    <h4><%= _('Custom Roles:') %></h4>
+    <% @custom_roles.each do |r| %>
+    <%= labelled_check_box(r.name, 'roles[]', r.id, @associations.map(&:role).include?(r) ) %><br/>
+    <ul class="role-permissions">
+      <% r.permissions.each do |p| %>
+      <li> <%= permission_name(p) %> </li>
+      <% end %>
+    </ul>
+    <% end %>
+  <% end %>
   <%= hidden_field_tag 'person', @member.id %>
   <% button_bar do %>
@@ -0,0 +1,22 @@
+<%= error_messages_for :role %>
+
+<%= labelled_form_for :role, :url => (mode == :edit) ? {:action => 'update', :id => role} : {:action => 'create'} do |f| %>
+
+  <%= required_fields_message %>
+
+  <%= required f.text_field(:name) %>
+
+  <% permissions.each do |key| %>
+  <div class="permissions <%= key.downcase %>">
+    <h4><%= _('%s Permissions:' % key) %></h4>
+    <% ActiveRecord::Base::PERMISSIONS[key].keys.each do |p| %>
+      <%= check_box_tag("role[permissions][]", p, role.has_permission?(p), { :id => p }) %>
+      <%= content_tag(:label, permission_name(p), { :for => p }) %><br/>
+    <% end %>
+  </div>
+  <% end %>
+
+  <% button_bar do %>
+    <%= submit_button('save', (mode == :edit) ? _('Save changes') : _('Create role'), :cancel => {:action => 'index'} ) %>
+  <% end %>
+<% end %>
@@ -0,0 +1,35 @@
+<%= javascript_include_tag('assign_role.js') %>
+
+<h1> <%= _("Assign #{@role.name}") %> </h1>
+
+
+<%= labelled_form_for :role, :url => { :action => 'define', :id => @role.id } do |f| %>
+
+  <h2>
+    <%= _("Assign role by:") %>
+  </h2>
+  <p>
+    <%= labelled_radio_button _("Members"), :assign_role_by, "members", true, :id => "assign_role_by_members", :class => "assign_role_by" %>
+    &nbsp;
+    <%= labelled_radio_button _("Roles"), :assign_role_by, "roles", false, :id => "assign_role_by_roles", :class => "assign_role_by" %>
+  </p>
+  <div class="assign_by_members">
+    <%=token_input_field_tag(:person_id, 'search-profile-members', {:action => 'assign_role_by_members'},
+    {:focus => false, :hint_text => _('Select members to assign the role')}) %>
+
+    <% button_bar do %>
+      <%= submit_button(:forward, _("Confirm")) %>
+    <% end %>
+  </div>
+  <div class="assign_by_roles" style="display: none;">
+    <h6>
+      <%= _("Replace role: ") %>
+    </h6>
+    <% @roles_list.each do |role| %>
+      <%= labelled_radio_button role.name , :selected_role, role.id , false, :class => "selected_role" %> <br>
+    <% end %>
+    <% button_bar do %>
+      <%= submit_button('save',_('Confirm'), :cancel => {:action => 'index'} ) %>
+    <% end %>
+  </div>
+<% end %>
@@ -0,0 +1,23 @@
+<h1> <%= _("Deleting #{@role.name}") %> </h1>
+
+<% if @members.nil? || @members.empty? %>
+  <p><%= _('This role is not being currently used.')%></p>
+  <p><%= _('Are you sure you want to delete this role?') %></p>
+
+  <% button_bar do %>
+    <%= button(:remove, _('Yes, I am sure'), {:action => 'remove', :id => @role.id}, :method => :post) %>
+    <%= button(:cancel, _('No, I gave up'), {:action => 'index'}) %>
+  <% end %>
+<% else %>
+  <p><%= _('There are members currently using this role.')%></p>
+  <p><%= _('To which role do you want to change them?') %></p>
+  <%= labelled_form_for :role, :url => { :action => 'remove', :id => @role.id } do |f| %>
+    <% @roles_list.each do |role| %>
+      <%= check_box_tag("roles[]", role.id, false ,{:id => role.key}) %>
+      <%= content_tag(:label, role.name, { :for => role.key }) %><br/>
+    <% end %>
+    <% button_bar do %>
+    <%= submit_button('save',_('Delete role'), :cancel => {:action => 'index'} ) %>
+    <% end %>
+  <% end %>
+<% end %>
@@ -0,0 +1,3 @@
+<h1> <%= _("Editing #{@role.name}") %> </h1>
+
+<%= render :partial => 'form', :locals => { :mode => :edit, :role => @role, :permissions => [@role.kind] } %>
@@ -0,0 +1,27 @@
+<h1><%= _('Manage user roles') %></h1>
+
+<table>
+  <tr>
+    <th><%= _('Role') %></th>
+    <th><%= _('Actions') %></th>
+  </tr>
+  <% @roles.each do |role| %>
+    <tr>
+      <td>
+        <%= link_to role.name, :action => 'show', :id => role %>
+      </td>
+      <td>
+        <div style="text-align: center;">
+          <%= button_without_text :edit, _('Edit'), :action => 'edit', :id => role %>
+          <%= button_without_text :delete, _('Delete'), :action => 'destroy', :id => role %>
+          <%= button_without_text 'vertical-toggle', _('Assign'), :action => 'assign', :id => role %>
+        </div>
+      </td>
+    </tr>
+  <% end %>
+</table>
+
+<% button_bar do %>
+  <%= button :add, _('Create a new role'), :action => 'new' %>
+  <%= button :back, _('Back to control panel'), :controller => 'profile_editor' %>
+<% end %>
@@ -0,0 +1,3 @@
+<h1> <%= _("Create a new role") %> </h1>
+
+<%= render :partial => 'form', :locals => { :mode => :create, :role => @role, :permissions => ['Profile'] } %>
@@ -0,0 +1,13 @@
+<h1> <%= _(@role.name)  %></h1>
+
+<h3> <%= _('Permissions') %> </h3>
+<ul>
+  <% @role.permissions.each do |p| %>
+    <li> <%= permission_name(p) %> </li> 
+  <% end %>
+</ul>
+
+<% button_bar do %>
+  <%= button :edit, _('Edit'), :action => 'edit', :id => @role %>
+  <%= button :back, _('Back to roles management'), :action => 'index' %>
+<% end %>
 <%= content = _("Roles:")+"<br />"
-roles = Profile::Roles.organization_member_roles(task.target.environment.id)
+roles = Profile::Roles.organization_member_roles(task.target.environment.id) + profile.custom_roles
 roles.each do |role|
   content += labelled_check_box(role.name, "tasks[#{task.id}][task][roles][]", role.id, false)+"<br />"
 end
 content_tag('p', content, :class => 'member-classify-suggestion')
 %>
-
@@ -35,4 +35,8 @@ Noosfero::Application.configure do
   config.assets.debug = true
   config.consider_all_requests_local = true
+
+  # send emails to /tmp/mails
+  config.action_mailer.delivery_method = :file
+
 end
@@ -56,37 +56,37 @@ Noosfero::Application.routes.draw do
   match 'search(/:action(/*category_path))', :controller => 'search'
   # events
-  match 'profile/:profile/events_by_day', :controller => 'events', :action => 'events_by_day', :profile => /#{Noosfero.identifier_format}/
-  match 'profile/:profile/events_by_month', :controller => 'events', :action => 'events_by_month', :profile => /#{Noosfero.identifier_format}/
-  match 'profile/:profile/events/:year/:month/:day', :controller => 'events', :action => 'events', :year => /\d*/, :month => /\d*/, :day => /\d*/, :profile => /#{Noosfero.identifier_format}/
-  match 'profile/:profile/events/:year/:month', :controller => 'events', :action => 'events', :year => /\d*/, :month => /\d*/, :profile => /#{Noosfero.identifier_format}/
-  match 'profile/:profile/events', :controller => 'events', :action => 'events', :profile => /#{Noosfero.identifier_format}/
+  match 'profile/:profile/events_by_day', :controller => 'events', :action => 'events_by_day', :profile => /#{Noosfero.identifier_format_in_url}/
+  match 'profile/:profile/events_by_month', :controller => 'events', :action => 'events_by_month', :profile => /#{Noosfero.identifier_format_in_url}/
+  match 'profile/:profile/events/:year/:month/:day', :controller => 'events', :action => 'events', :year => /\d*/, :month => /\d*/, :day => /\d*/, :profile => /#{Noosfero.identifier_format_in_url}/
+  match 'profile/:profile/events/:year/:month', :controller => 'events', :action => 'events', :year => /\d*/, :month => /\d*/, :profile => /#{Noosfero.identifier_format_in_url}/
+  match 'profile/:profile/events', :controller => 'events', :action => 'events', :profile => /#{Noosfero.identifier_format_in_url}/
   # catalog
-  match 'catalog/:profile', :controller => 'catalog', :action => 'index', :profile => /#{Noosfero.identifier_format}/, :as => :catalog
+  match 'catalog/:profile', :controller => 'catalog', :action => 'index', :profile => /#{Noosfero.identifier_format_in_url}/, :as => :catalog
   # invite
-  match 'profile/:profile/invite/friends', :controller => 'invite', :action => 'invite_friends', :profile => /#{Noosfero.identifier_format}/
-  match 'profile/:profile/invite/:action', :controller => 'invite', :profile => /#{Noosfero.identifier_format}/
+  match 'profile/:profile/invite/friends', :controller => 'invite', :action => 'invite_friends', :profile => /#{Noosfero.identifier_format_in_url}/
+  match 'profile/:profile/invite/:action', :controller => 'invite', :profile => /#{Noosfero.identifier_format_in_url}/
   # feeds per tag
-  match 'profile/:profile/tags/:id/feed', :controller => 'profile', :action =>'tag_feed', :id => /.+/, :profile => /#{Noosfero.identifier_format}/, :as => :tag_feed
+  match 'profile/:profile/tags/:id/feed', :controller => 'profile', :action =>'tag_feed', :id => /.+/, :profile => /#{Noosfero.identifier_format_in_url}/, :as => :tag_feed
   # profile tags
-  match 'profile/:profile/tags/:id', :controller => 'profile', :action => 'content_tagged', :id => /.+/, :profile => /#{Noosfero.identifier_format}/
-  match 'profile/:profile/tags(/:id)', :controller => 'profile', :action => 'tags', :profile => /#{Noosfero.identifier_format}/
+  match 'profile/:profile/tags/:id', :controller => 'profile', :action => 'content_tagged', :id => /.+/, :profile => /#{Noosfero.identifier_format_in_url}/
+  match 'profile/:profile/tags(/:id)', :controller => 'profile', :action => 'tags', :profile => /#{Noosfero.identifier_format_in_url}/
   # profile search
-  match 'profile/:profile/search', :controller => 'profile_search', :action => 'index', :profile => /#{Noosfero.identifier_format}/
+  match 'profile/:profile/search', :controller => 'profile_search', :action => 'index', :profile => /#{Noosfero.identifier_format_in_url}/
   # comments
-  match 'profile/:profile/comment/:action/:id', :controller => 'comment', :profile => /#{Noosfero.identifier_format}/
+  match 'profile/:profile/comment/:action/:id', :controller => 'comment', :profile => /#{Noosfero.identifier_format_in_url}/
   # public profile information
-  match 'profile/:profile(/:action(/:id))', :controller => 'profile', :action => 'index', :id => /[^\/]*/, :profile => /#{Noosfero.identifier_format}/, :as => :profile
+  match 'profile/:profile(/:action(/:id))', :controller => 'profile', :action => 'index', :id => /[^\/]*/, :profile => /#{Noosfero.identifier_format_in_url}/, :as => :profile
   # contact
-  match 'contact/:profile/:action(/:id)', :controller => 'contact', :action => 'index', :id => /.*/, :profile => /#{Noosfero.identifier_format}/
+  match 'contact/:profile/:action(/:id)', :controller => 'contact', :action => 'index', :id => /.*/, :profile => /#{Noosfero.identifier_format_in_url}/
   # map balloon
   match 'map_balloon/:action/:id', :controller => 'map_balloon', :id => /.*/
@@ -98,8 +98,8 @@ Noosfero::Application.routes.draw do
   ## Controllers that are profile-specific (for profile admins )
   ######################################################
   # profile customization - "My profile"
-  match 'myprofile/:profile', :controller => 'profile_editor', :action => 'index', :profile => /#{Noosfero.identifier_format}/
-  match 'myprofile/:profile/:controller(/:action(/:id))', :controller => Noosfero.pattern_for_controllers_in_directory('my_profile'), :profile => /#{Noosfero.identifier_format}/, :as => :myprofile
+  match 'myprofile/:profile', :controller => 'profile_editor', :action => 'index', :profile => /#{Noosfero.identifier_format_in_url}/
+  match 'myprofile/:profile/:controller(/:action(/:id))', :controller => Noosfero.pattern_for_controllers_in_directory('my_profile'), :profile => /#{Noosfero.identifier_format_in_url}/, :as => :myprofile
   ######################################################
@@ -127,14 +127,14 @@ Noosfero::Application.routes.draw do
   # cache stuff - hack
   match 'public/:action/:id', :controller => 'public'
-  match ':profile/*page/versions', :controller => 'content_viewer', :action => 'article_versions', :profile => /#{Noosfero.identifier_format}/, :constraints => EnvironmentDomainConstraint.new
+  match ':profile/*page/versions', :controller => 'content_viewer', :action => 'article_versions', :profile => /#{Noosfero.identifier_format_in_url}/, :constraints => EnvironmentDomainConstraint.new
   match '*page/versions', :controller => 'content_viewer', :action => 'article_versions'
-  match ':profile/*page/versions_diff', :controller => 'content_viewer', :action => 'versions_diff', :profile => /#{Noosfero.identifier_format}/, :constraints => EnvironmentDomainConstraint.new
+  match ':profile/*page/versions_diff', :controller => 'content_viewer', :action => 'versions_diff', :profile => /#{Noosfero.identifier_format_in_url}/, :constraints => EnvironmentDomainConstraint.new
   match '*page/versions_diff', :controller => 'content_viewer', :action => 'versions_diff'
   # match requests for profiles that don't have a custom domain
-  match ':profile(/*page)', :controller => 'content_viewer', :action => 'view_page', :profile => /#{Noosfero.identifier_format}/, :constraints => EnvironmentDomainConstraint.new
+  match ':profile(/*page)', :controller => 'content_viewer', :action => 'view_page', :profile => /#{Noosfero.identifier_format_in_url}/, :constraints => EnvironmentDomainConstraint.new
   # match requests for content in domains hosted for profiles
   match '/(*page)', :controller => 'content_viewer', :action => 'view_page'
@@ -0,0 +1,8 @@
+class AddReferenceToRole < ActiveRecord::Migration
+  def self.up
+    add_column :roles, :profile_id, :integer
+  end
+  def self.down
+    remove_column :roles , :profile_id
+  end
+end
@@ -0,0 +1,18 @@
+class AddCustomRolesPermissionToAdminRoles < ActiveRecord::Migration
+  def self.up
+    environment_admin = Role.find_by_key("environment_administrator")
+    profile_admin = Role.find_by_key("profile_admin")
+    environment_admin.permissions.append("manage_custom_roles")
+    profile_admin.permissions.append("manage_custom_roles")
+    environment_admin.save!
+    profile_admin.save!
+  end
+  def self.down
+    environment_admin = Role.find_by_key("environment_administrator")
+    profile_admin = Role.find_by_key("profile_admin")
+    environment_admin.permissions.delete("manage_custom_roles")
+    profile_admin.permissions.delete("manage_custom_roles")
+    environment_admin.save!
+    profile_admin.save!
+  end
+end
@@ -0,0 +1,15 @@
+class AddNewBoxToEveryEnvironmentAndProfile < ActiveRecord::Migration
+    def up
+      Environment.find_each do |env|
+        env.boxes << Box.new if env.boxes.count < 4
+      end
+
+      Profile.find_each do |profile|
+        profile.boxes << Box.new if profile.boxes.count < 4
+      end
+    end
+
+    def down
+      say "this migration can't be reverted"
+    end
+end
@@ -593,6 +593,7 @@ ActiveRecord::Schema.define(:version =&gt; 20150408231524) do
     t.boolean "system",         :default => false
     t.text    "permissions"
     t.integer "environment_id"
+    t.integer "profile_id"
   end
   create_table "scraps", :force => true do |t|
+noosfero (1.2~0) UNRELEASED; urgency=medium
+
+  * Temporary version in heavy development
+
+ -- Antonio Terceiro <terceiro@debian.org>  Fri, 08 May 2015 16:08:18 -0300
+
+noosfero (1.1) wheezy; urgency=low
+
+  * Noosfero 1.1 final release
+
+ -- Antonio Terceiro <terceiro@colivre.coop.br>  Mon, 04 May 2015 18:47:35 -0300
+
 noosfero (1.1~rc4) wheezy; urgency=medium
   * Fourth release candidate for Noosfero 1.1
@@ -14,8 +14,8 @@ Build-Depends: cucumber,
                ruby-database-cleaner,
                ruby-gettext,
                ruby-mocha,
-               ruby-rspec,
-               ruby-rspec-rails,
+               ruby-rspec (>= 2.14),
+               ruby-rspec-rails (>= 2.14),
                ruby-selenium-webdriver,
                ruby-sqlite3,
                ruby-tidy,
@@ -59,7 +59,9 @@ Depends: adduser,
          ruby-redcloth,
          ruby-rest-client,
          ruby-rmagick,
+         ruby-sass-rails,
          ruby-tzinfo (>= 1.1.0-2~),
+         ruby-uglifier,
          ruby-whenever,
          ruby-will-paginate (>= 2.3.12-1~),
          tango-icon-theme,
@@ -0,0 +1,20 @@
+Feature: Change appearance
+  As a user
+  I want to change the appearance of my profile page
+
+  Background:
+    Given the following users
+      | login     | name       |
+      | joaosilva | Joao Silva |
+
+  Scenario: Change appearance from default(3 boxes) to Left Top and Right(4 boxes)
+    Given I am logged in as "joaosilva"
+    And I go to joaosilva's control panel
+    And I follow "Edit sideboxes"
+    And I should not see an element ".box-4"
+    And I go to joaosilva's control panel
+    And I follow "Edit Appearance"
+    And I follow "Left Top and Right"
+    And I go to joaosilva's control panel
+    And I follow "Edit sideboxes"
+    And I should see an element ".box-4"
@@ -94,8 +94,8 @@ Given /^the following blocks$/ do |table|
       owner.boxes<< Box.new
       owner.boxes.first.blocks << MainBlock.new
     end
-    box_id = owner.boxes.last.id
-    klass.constantize.create!(item.merge(:box_id => box_id))
+    box = owner.boxes.where(:position => 3).first
+    klass.constantize.create!(item.merge(:box => box))
   end
 end
@@ -60,7 +60,11 @@ module AuthenticatedSystem
       if logged_in? && authorized?
         true
       else
-        access_denied
+        if params[:require_login_popup]
+          render :json => { :require_login_popup => true }
+        else
+          access_denied
+        end
       end
     end
@@ -57,6 +57,12 @@ module Noosfero
     '(?!index)[a-z0-9][a-z0-9~.]*([_\-][a-z0-9~.]+)*'
   end
+  # All valid identifiers, plus ~ meaning "the current user". See
+  # ApplicationController#redirect_to_current_user
+  def self.identifier_format_in_url
+    "(#{identifier_format}|~)"
+  end
+
   def self.default_hostname
     Environment.table_exists? && Environment.default ? Environment.default.default_hostname : 'localhost'
   end
 module Noosfero
   PROJECT = 'noosfero'
-  VERSION = '1.1~rc4'
+  VERSION = '1.2~0'
 end
 root = File.expand_path(File.dirname(__FILE__) + '/../..')
-desc "Creates a backup of the user files stored in public/"
-task :backup do
-  dirs = Dir.glob('public/images/[0-9][0-9][0-9][0-9]') + ['public/articles', 'public/thumbnails', 'public/user_themes'].select { |d| File.exists?(d) }
-  tarball = 'backups/files-' + Time.now.strftime('%Y-%m-%d-%R') + '.tar'
+task :load_backup_config do
+  $config = YAML.load_file('config/database.yml')
+end
+
+task :check_backup_support => :load_backup_config do
+  if $config['production']['adapter'] != 'postgresql'
+    fail("Only PostgreSQL is supported for backups at the moment")
+  end
+end
+
+backup_dirs = [
+  'public/image_uploads',
+  'public/articles',
+  'public/thumbnails',
+  'public/user_themes',
+]
+
+desc "Creates a backup of the database and uploaded files"
+task :backup => :check_backup_support do
+  dirs = backup_dirs.select { |d| File.exists?(d) }
+
+  backup_name = Time.now.strftime('%Y-%m-%d-%R')
+  backup_file = File.join('tmp/backup', backup_name) + '.tar.gz'
+  mkdir_p 'tmp/backup'
+  dump = File.join('tmp/backup', backup_name) + '.sql'
+
+  database = $config['production']['database']
+  host = $config['production']['host']
+  sh "pg_dump -h #{host} #{database} > #{dump}"
+
+  sh 'tar', 'chaf', backup_file, dump, *dirs
+  rm_f dump
+
+  puts "****************************************************"
+  puts "Backup in #{backup_file} !"
+  puts
+  puts "To restore, use:"
+  puts "$ rake restore BACKUP=#{backup_file}"
+  puts "****************************************************"
+end
+
+def invalid_backup!(message, items=[])
+  puts "E: #{message}"
+  items.each do |i|
+    puts "E: - #{i}"
+  end
+  puts "E: Is this a backup archive created by Noosfero with \`rake backup\`?"
+  exit 1
+end
+
+desc "Restores a backup created previousy with \`rake backup\`"
+task :restore => :check_backup_support do
+  backup = ENV["BACKUP"]
+  unless backup
+    puts "usage: rake restore BACKUP=/path/to/backup"
+    exit 1
+  end
+
+  files = `tar taf #{backup}`.split
+
+  # validate files in the backup
+  invalid_files = []
+  files.each do |f|
+    if f !~ /tmp\/backup\// && (backup_dirs.none? { |d| f =~ /^#{d}\// })
+      invalid_files << f
+    end
+  end
+  if invalid_files.size > 0
+    invalid_backup!("Invalid files found in the backup archive", invalid_files)
+  end
+
+  # find database dump in the archive
+  dumps = files.select do |f|
+    File.dirname(f) == 'tmp/backup' && f =~ /\.sql$/
+  end
+  if dumps.size == 0
+    invalid_backup!("Could not find a database dump in the archive.")
+  elsif dumps.size > 1
+    invalid_backup!("Multiple database dumps found in the archive:", dumps)
+  end
+  dump = dumps.first
+
+  database = $config['production']['database']
+  username = $config['production']['username']
+  host = $config['production']['host']
+
+  puts "WARNING: backups should be restored to an empty database, otherwise"
+  puts "data from the backup may not be loaded properly."
+  puts
+  puts 'You can remove the existing database and create a new one with:'
+  puts
+  puts "$ sudo -u postgres dropdb -h #{host} #{database}"
+  puts "$ sudo -u postgres createdb -h #{host} #{database} --owner #{username}"
+  puts
+  print "Are you sure you want to continue (y/N)? "
+  response = $stdin.gets.strip
+  unless ['y', 'yes'].include?(response.downcase)
+    puts "*** ABORTED."
+    exit 1
+  end
+
+  sh 'tar', 'xaf', backup
+  sh "rails dbconsole production < #{dump}"
+  rm_f dump
-  mkdir_p(File.dirname(tarball))
-  sh('tar', 'cf', tarball, *dirs)
+  puts "****************************************************"
+  puts "Backup restored!"
+  puts "****************************************************"
 end
@@ -12,9 +12,8 @@ namespace :noosfero do
       end
     end
     task :unlink_plugins_textiles do
-      root = Pathname.new(File.dirname(__FILE__) + '/../..').expand_path
-      rm_f Dir.glob(root.join('doc/noosfero/plugins/*.textile')) -
-        [root.join('doc/noosfero/plugins/index.textile')]
+      rm_f Dir.glob('doc/noosfero/plugins/*.textile') -
+        ['doc/noosfero/plugins/index.textile']
     end
     input = Dir.glob('doc/noosfero/**/*.textile') + plugins_textiles.map{|i| "doc/noosfero/plugins/#{File.basename(i)}"}
     topics_xhtml = input.map { |item| item.sub('.textile', '.en.xhtml') }.uniq
@@ -4,7 +4,7 @@ targets = []
 templates.each do |template|
   target = template.gsub(/.erb$/, '')
   targets << target
-  file target => [:makemo, template] do
+  file target => [:makemo, template, :environment] do
     require 'erb'
     erb = ERB.new(File.read(template))
     File.open(target, 'w') do |file|
@@ -18,7 +18,8 @@ class LdapPlugin &lt; Noosfero::Plugin
     # - login received by ldap
     # - params from current context
     # returns = updated person_data hash
-    def ldap_plugin_set_profile_data(attrs, login, params)
+    def ldap_plugin_set_profile_data(attrs, params)
+      [attrs, params]
     end
     # -> Custom ldap plugin hotspot to update user object
@@ -55,19 +56,22 @@ class LdapPlugin &lt; Noosfero::Plugin
       if attrs
         user.login = login
-        user.email = attrs[:mail]
+        user.email = get_email(attrs, login)
         user.name =  attrs[:fullname]
         user.password = password
         user.password_confirmation = password
-        person_data = plugins.dispatch(:ldap_plugin_set_profile_data, attrs, login, context.params)
-        user.person_data = person_data.blank? ? context.params[:profile_data] : person_data
+        user.person_data = plugins.pipeline(:ldap_plugin_set_profile_data, attrs, context.params).last[:profile_data]
         user.activated_at = Time.now.utc
         user.activation_code = nil
         ldap = LdapAuthentication.new(context.environment.ldap_plugin_attributes)
         begin
-          user = nil unless user.save!
-          plugins.dispatch(:ldap_plugin_update_user, user, attrs)
+          if user.save
+            user.activate
+            plugins.dispatch(:ldap_plugin_update_user, user, attrs)
+          else
+            user = nil
+          end
         rescue
           #User not saved
         end
@@ -90,6 +94,16 @@ class LdapPlugin &lt; Noosfero::Plugin
     user
   end
+  def get_email(attrs, login)
+    return attrs[:mail] unless attrs[:mail].blank?
+
+    if attrs[:fullname]
+      return attrs[:fullname].to_slug + "@ldap.user"
+    else
+      return login.to_slug + "@ldap.user"
+    end
+  end
+
   def login_extra_contents
     proc do
       @person = Person.new(:environment => @environment)
-Subproject commit c733dd106a1adf55a4674e82ea809237fa42252b
+Subproject commit b18d03a73f4db349adc25d730c5afcedb57cecb1
-Subproject commit 1bd718a5f8a5268ca580dded82a6c5fc5b8480dd
+Subproject commit 32e6b1fef12caf0eb674f516a39ac88ea418bd82
@@ -0,0 +1,14 @@
+class RequireAuthToCommentPluginAdminController < AdminController
+
+  def index
+    settings = params[:settings]
+    settings ||= {}
+    @settings = Noosfero::Plugin::Settings.new(environment, RequireAuthToCommentPlugin, settings)
+    if request.post?
+      @settings.save!
+      session[:notice] = 'Settings succefully saved.'
+      redirect_to :action => 'index'
+    end
+  end
+
+end
@@ -21,11 +21,20 @@ class RequireAuthToCommentPlugin &lt; Noosfero::Plugin
   end
   def stylesheet?
-    true
+    !display_login_popup?
+  end
+
+  def display_login_popup?
+    settings = Noosfero::Plugin::Settings.new(context.environment, self.class)
+    settings.require_type == 'display_login_popup'
+  end
+
+  def self.require_type_default_setting
+    'hide_button'
   end
   def js_files
-    ['hide_comment_form.js', 'jquery.livequery.min.js']
+    ['hide_comment_form.js', 'jquery.livequery.min.js'] + (display_login_popup? ? ['comment_require_login.js'] : [])
   end
   def body_beginning
@@ -0,0 +1,8 @@
+(function($) {
+  $(window).bind('userDataLoaded', function(event, data) {
+    if (!data.login && $('meta[name="profile.allow_unauthenticated_comments"]').length <= 0) {
+      $('.display-comment-form').unbind();
+      $('.display-comment-form').addClass('require-login-popup');
+    }
+  });
+})(jQuery);
@@ -5,9 +5,10 @@ class RequireAuthToCommentPluginTest &lt; ActiveSupport::TestCase
   def setup
     @plugin = RequireAuthToCommentPlugin.new
     @comment = Comment.new
+    @environment = fast_create(Environment)
   end
-  attr_reader :plugin, :comment
+  attr_reader :plugin, :comment, :environment
   should 'reject comments for unauthenticated users' do
     plugin.context = logged_in(false)
@@ -29,6 +30,35 @@ class RequireAuthToCommentPluginTest &lt; ActiveSupport::TestCase
     assert !comment.rejected?
   end
+  should 'the default require type setting be hide_button' do
+    assert_equal 'hide_button', plugin.class.require_type_default_setting
+  end
+
+  should 'display_login_popup? be false by default' do
+    context = mock();
+    context.expects(:environment).returns(environment)
+    plugin.expects(:context).returns(context)
+    assert !plugin.display_login_popup?
+  end
+
+  should 'display_login_popup? be true if require_type is defined as display_login_popup' do
+    context = mock();
+    context.expects(:environment).returns(environment)
+    environment[:settings] = {:require_auth_to_comment_plugin => {:require_type => "display_login_popup"}}
+    plugin.expects(:context).returns(context)
+    assert plugin.display_login_popup?
+  end
+
+  should 'not display stylesheet if login popup is active' do
+    plugin.expects(:display_login_popup?).returns(true)
+    assert !plugin.stylesheet?
+  end
+
+  should 'display stylesheet if login popup is inactive' do
+    plugin.expects(:display_login_popup?).returns(false)
+    assert plugin.stylesheet?
+  end
+
   protected
   def logged_in(boolean)
@@ -0,0 +1,20 @@
+<h1><%= _('Require auth to comment Settings')%></h1>
+
+<%= form_for(:settings) do |f| %>
+
+  <div class="require-type">
+    <strong>
+      <div class="hide-button">
+        <%= radio_button(:settings, :require_type, 'hide_button') %> <%= _('Hide button') %>
+      </div>
+      <div class="display-login-popup">
+        <%= radio_button(:settings, :require_type, 'display_login_popup') %> <%= _('Display login popup') %>
+      </div>
+    </strong>
+  </div>
+
+  <% button_bar do %>
+    <%= submit_button(:save, _('Save'), :cancel => {:controller => 'plugins', :action => 'index'}) %>
+  <% end %>
+
+<% end %>
@@ -0,0 +1,6 @@
+class AddTimestampToRelation < ActiveRecord::Migration
+  def change
+    add_column :sub_organizations_plugin_relations, :created_at, :datetime
+    add_column :sub_organizations_plugin_relations, :updated_at, :datetime
+  end
+end
 class SubOrganizationsPlugin::Relation < Noosfero::Plugin::ActiveRecord
-  record_timestamps = false
-
   belongs_to :parent, :polymorphic => true
   belongs_to :child, :polymorphic => true
 .vote-actions {
-  position: absolute;
   top: 40px;
   right: 0px;
 }
@@ -5,7 +5,7 @@ reload_url = url_for(:controller =&gt; &#39;vote_plugin_profile&#39;, :profile =&gt; profile.i
 <span id="vote_<%= model %>_<%= target.id %>_<%= vote %>" data-reload_url=<%= reload_url %> class="vote-action action <%= action %>-action">
-  <%= link_to_remote content_tag(:span, count, :class=>'like-action-counter') + content_tag(:span, '', :class=>"action-icon #{action}"), :url => url, :html => {:class => "#{active ? 'like-action-active':''} #{user ? '':'disabled'}"} %>
+  <%= link_to content_tag(:span, count, :class=>'like-action-counter') + content_tag(:span, '', :class=>"action-icon #{action}"), url, :class => "#{active ? 'like-action-active':''} #{user ? '':'disabled'} require-login-popup" %>
   <% if !voters.blank? %>
     <span class="vote-detail">
@@ -0,0 +1,4 @@
+name: "Top and Side Bars"
+title: "1 max colum at left, 1 min colum at right, 1 top line"
+description: "A template with 1 colum in left, 1 colum in right and 1 line in top"
+number_of_boxes: 4
@@ -0,0 +1,6 @@
+$(document).ready(function() {
+  var box_4_height = $(".box-4").height();
+
+  // Make box-2(the most left one) stay align with box-4
+  $(".box-2").css("margin-top", "-"+box_4_height+"px");
+});
@@ -0,0 +1,42 @@
+#boxes {
+  display: table;
+  width: 100%;
+}
+
+.box-1 {
+  width: 58%;
+  float: left;
+  margin: 1% 1% 0% 1%;
+}
+
+
+.box-2 {
+  position: relative;
+  float: left;
+  width: 20%;
+}
+
+.box-3 {
+  position: relative;
+  float: right;
+  width: 20%;
+  margin-top: 1%;
+}
+
+.box-4 {
+  float: left;
+  width: 79%;
+  margin-left: 21%;
+}
+
+#profile-activity ul,
+#profile-network ul,
+#profile-wall ul {
+  width: 460px;
+}
+#profile-activity ul.comment-replies,
+#profile-network ul.comment-replies,
+#profile-wall ul.comment-replies {
+  width: auto;
+}
+
@@ -0,0 +1,434 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!-- Created with Inkscape (http://www.inkscape.org/) -->
+
+<svg
+   xmlns:dc="http://purl.org/dc/elements/1.1/"
+   xmlns:cc="http://creativecommons.org/ns#"
+   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+   xmlns:svg="http://www.w3.org/2000/svg"
+   xmlns="http://www.w3.org/2000/svg"
+   xmlns:xlink="http://www.w3.org/1999/xlink"
+   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+   width="64px"
+   height="64px"
+   id="svg2383"
+   sodipodi:version="0.32"
+   inkscape:version="0.48.3.1 r9886"
+   sodipodi:docname="thumbnail.svg"
+   inkscape:output_extension="org.inkscape.output.svg.inkscape"
+   inkscape:export-filename="thumbnail.png"
+   inkscape:export-xdpi="90"
+   inkscape:export-ydpi="90"
+   version="1.1">
+  <defs
+     id="defs2385">
+    <linearGradient
+       id="linearGradient3263">
+      <stop
+         id="stop3265"
+         offset="0"
+         style="stop-color:#204a87;stop-opacity:1" />
+      <stop
+         id="stop3267"
+         offset="1"
+         style="stop-color:#729fcf;stop-opacity:1" />
+    </linearGradient>
+    <linearGradient
+       id="linearGradient3257"
+       inkscape:collect="always">
+      <stop
+         id="stop3259"
+         offset="0"
+         style="stop-color:#204a87;stop-opacity:1" />
+      <stop
+         id="stop3261"
+         offset="1"
+         style="stop-color:#729fcf;stop-opacity:1" />
+    </linearGradient>
+    <linearGradient
+       inkscape:collect="always"
+       id="linearGradient3245">
+      <stop
+         style="stop-color:#204a87;stop-opacity:1"
+         offset="0"
+         id="stop3247" />
+      <stop
+         style="stop-color:#729fcf;stop-opacity:1"
+         offset="1"
+         id="stop3249" />
+    </linearGradient>
+    <inkscape:perspective
+       sodipodi:type="inkscape:persp3d"
+       inkscape:vp_x="0 : 32 : 1"
+       inkscape:vp_y="0 : 1000 : 0"
+       inkscape:vp_z="64 : 32 : 1"
+       inkscape:persp3d-origin="32 : 21.333333 : 1"
+       id="perspective2391" />
+    <filter
+       inkscape:collect="always"
+       id="filter3241">
+      <feGaussianBlur
+         inkscape:collect="always"
+         stdDeviation="0.9075"
+         id="feGaussianBlur3243" />
+    </filter>
+    <linearGradient
+       inkscape:collect="always"
+       xlink:href="#linearGradient3245"
+       id="linearGradient3251"
+       x1="11.5"
+       y1="60.5"
+       x2="3.5"
+       y2="3.5"
+       gradientUnits="userSpaceOnUse"
+       gradientTransform="translate(2,0)" />
+    <linearGradient
+       inkscape:collect="always"
+       xlink:href="#linearGradient3263"
+       id="linearGradient3253"
+       x1="49.5"
+       y1="60.5"
+       x2="23.5"
+       y2="3.5"
+       gradientUnits="userSpaceOnUse"
+       gradientTransform="translate(2,0)" />
+    <linearGradient
+       inkscape:collect="always"
+       xlink:href="#linearGradient3257"
+       id="linearGradient3255"
+       x1="60.5"
+       y1="60.5"
+       x2="51.5"
+       y2="3.5"
+       gradientUnits="userSpaceOnUse" />
+    <filter
+       color-interpolation-filters="sRGB"
+       inkscape:collect="always"
+       id="filter3241-2">
+      <feGaussianBlur
+         inkscape:collect="always"
+         stdDeviation="0.9075"
+         id="feGaussianBlur3243-4" />
+    </filter>
+    <linearGradient
+       inkscape:collect="always"
+       xlink:href="#linearGradient3245-1"
+       id="linearGradient3251-0"
+       x1="11.5"
+       y1="60.5"
+       x2="3.5"
+       y2="3.5"
+       gradientUnits="userSpaceOnUse"
+       gradientTransform="translate(249.71429,298.93361)" />
+    <linearGradient
+       inkscape:collect="always"
+       id="linearGradient3245-1">
+      <stop
+         style="stop-color:#204a87;stop-opacity:1"
+         offset="0"
+         id="stop3247-6" />
+      <stop
+         style="stop-color:#729fcf;stop-opacity:1"
+         offset="1"
+         id="stop3249-5" />
+    </linearGradient>
+    <filter
+       color-interpolation-filters="sRGB"
+       inkscape:collect="always"
+       id="filter3241-4-8">
+      <feGaussianBlur
+         inkscape:collect="always"
+         stdDeviation="0.9075"
+         id="feGaussianBlur3243-0-7" />
+    </filter>
+    <linearGradient
+       inkscape:collect="always"
+       xlink:href="#linearGradient3263-5-8"
+       id="linearGradient5185"
+       gradientUnits="userSpaceOnUse"
+       gradientTransform="matrix(1.4160224,0,0,0.76166072,243.22589,313.33388)"
+       x1="42.5"
+       y1="60.5"
+       x2="19.5"
+       y2="3.5" />
+    <linearGradient
+       id="linearGradient3263-5-8">
+      <stop
+         id="stop3265-4-3"
+         offset="0"
+         style="stop-color:#204a87;stop-opacity:1" />
+      <stop
+         id="stop3267-2-4"
+         offset="1"
+         style="stop-color:#729fcf;stop-opacity:1" />
+    </linearGradient>
+    <filter
+       color-interpolation-filters="sRGB"
+       inkscape:collect="always"
+       id="filter3241-0">
+      <feGaussianBlur
+         inkscape:collect="always"
+         stdDeviation="0.9075"
+         id="feGaussianBlur3243-3" />
+    </filter>
+    <linearGradient
+       inkscape:collect="always"
+       xlink:href="#linearGradient3245-7"
+       id="linearGradient5168"
+       gradientUnits="userSpaceOnUse"
+       gradientTransform="matrix(1.0025263,0,0,0.76423683,344.68831,300.13218)"
+       x1="11.5"
+       y1="60.5"
+       x2="3.5"
+       y2="3.5" />
+    <linearGradient
+       inkscape:collect="always"
+       id="linearGradient3245-7">
+      <stop
+         style="stop-color:#204a87;stop-opacity:1"
+         offset="0"
+         id="stop3247-0" />
+      <stop
+         style="stop-color:#729fcf;stop-opacity:1"
+         offset="1"
+         id="stop3249-7" />
+    </linearGradient>
+    <linearGradient
+       inkscape:collect="always"
+       xlink:href="#linearGradient3245-70"
+       id="linearGradient3251-55"
+       x1="11.5"
+       y1="60.5"
+       x2="3.5"
+       y2="3.5"
+       gradientUnits="userSpaceOnUse"
+       gradientTransform="matrix(1.0025263,0,0,0.76423683,344.68831,300.13218)" />
+    <linearGradient
+       inkscape:collect="always"
+       id="linearGradient3245-70">
+      <stop
+         style="stop-color:#204a87;stop-opacity:1"
+         offset="0"
+         id="stop3247-2" />
+      <stop
+         style="stop-color:#729fcf;stop-opacity:1"
+         offset="1"
+         id="stop3249-87" />
+    </linearGradient>
+    <linearGradient
+       inkscape:collect="always"
+       xlink:href="#linearGradient3245-1"
+       id="linearGradient5832"
+       gradientUnits="userSpaceOnUse"
+       gradientTransform="translate(249.71429,298.93361)"
+       x1="11.5"
+       y1="60.5"
+       x2="3.5"
+       y2="3.5" />
+    <linearGradient
+       inkscape:collect="always"
+       xlink:href="#linearGradient3263-5-8"
+       id="linearGradient5834"
+       gradientUnits="userSpaceOnUse"
+       gradientTransform="matrix(1.4160224,0,0,0.76166072,243.22589,313.33388)"
+       x1="42.5"
+       y1="60.5"
+       x2="19.5"
+       y2="3.5" />
+    <linearGradient
+       inkscape:collect="always"
+       xlink:href="#linearGradient3245-7"
+       id="linearGradient5836"
+       gradientUnits="userSpaceOnUse"
+       gradientTransform="matrix(1.0025263,0,0,0.76423683,344.68831,300.13218)"
+       x1="11.5"
+       y1="60.5"
+       x2="3.5"
+       y2="3.5" />
+    <linearGradient
+       inkscape:collect="always"
+       xlink:href="#linearGradient3245-70"
+       id="linearGradient5838"
+       gradientUnits="userSpaceOnUse"
+       gradientTransform="matrix(1.0025263,0,0,0.76423683,344.68831,300.13218)"
+       x1="11.5"
+       y1="60.5"
+       x2="3.5"
+       y2="3.5" />
+  </defs>
+  <sodipodi:namedview
+     id="base"
+     pagecolor="#ffffff"
+     bordercolor="#666666"
+     borderopacity="1.0"
+     inkscape:pageopacity="0.0"
+     inkscape:pageshadow="2"
+     inkscape:zoom="2.5351563"
+     inkscape:cx="-16.066434"
+     inkscape:cy="0.12147739"
+     inkscape:current-layer="layer1"
+     showgrid="true"
+     inkscape:document-units="px"
+     inkscape:grid-bbox="true"
+     inkscape:window-width="1364"
+     inkscape:window-height="678"
+     inkscape:window-x="0"
+     inkscape:window-y="27"
+     objecttolerance="10"
+     gridtolerance="10"
+     guidetolerance="10"
+     inkscape:window-maximized="0">
+    <inkscape:grid
+       type="xygrid"
+       id="grid2382"
+       visible="true"
+       enabled="true"
+       originx="0.5px"
+       originy="0.5px"
+       empcolor="#0000ff"
+       empopacity="0.1254902"
+       dotted="true" />
+  </sodipodi:namedview>
+  <metadata
+     id="metadata2388">
+    <rdf:RDF>
+      <cc:Work
+         rdf:about="">
+        <dc:format>image/svg+xml</dc:format>
+        <dc:type
+           rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
+      </cc:Work>
+    </rdf:RDF>
+  </metadata>
+  <g
+     id="layer1"
+     inkscape:label="Layer 1"
+     inkscape:groupmode="layer">
+    <g
+       transform="translate(-247.62879,-298.93361)"
+       id="g5187">
+      <g
+         id="g4846">
+        <g
+           id="g3190-2"
+           style="opacity:0.4;filter:url(#filter3241-2)"
+           transform="translate(250.71429,299.93361)">
+          <rect
+             y="1.5"
+             x="1.5"
+             height="59"
+             width="11"
+             id="rect3184-1"
+             style="fill:#000000;fill-opacity:1;fill-rule:nonzero;stroke:#000000;stroke-width:1;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:0;marker:none;visibility:visible;display:inline;overflow:visible;enable-background:accumulate"
+             ry="2"
+             rx="2" />
+        </g>
+        <rect
+           y="300.43362"
+           x="251.21428"
+           height="59"
+           width="11"
+           id="rect2395-8"
+           style="fill:url(#linearGradient5832);fill-opacity:1;fill-rule:nonzero;stroke:#204a87;stroke-width:1;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:0;marker:none;visibility:visible;display:inline;overflow:visible;enable-background:accumulate"
+           ry="2"
+           rx="2" />
+        <rect
+           ry="1"
+           style="opacity:0.6;fill:none;stroke:#ffffff;stroke-width:1;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:0;marker:none;visibility:visible;display:inline;overflow:visible;enable-background:accumulate"
+           id="rect3158-7"
+           width="9"
+           height="57"
+           x="252.21428"
+           y="301.43362"
+           rx="1" />
+      </g>
+      <g
+         transform="matrix(0.69260722,0,0,1,81.51265,0)"
+         id="g5180">
+        <rect
+           rx="2"
+           ry="2"
+           style="opacity:0.4;fill:#000000;fill-opacity:1;fill-rule:nonzero;stroke:#000000;stroke-width:1;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:0;marker:none;visibility:visible;display:inline;overflow:visible;filter:url(#filter3241-4-8);enable-background:accumulate"
+           id="rect3188-8"
+           width="31"
+           height="59"
+           x="16.5"
+           y="2.5"
+           transform="matrix(1.4160224,0,0,0.76166071,243.80989,314.09132)" />
+        <rect
+           y="314.47638"
+           x="265.17426"
+           height="44.937984"
+           width="43.896694"
+           id="rect3156-3"
+           style="fill:url(#linearGradient5834);fill-opacity:1;fill-rule:nonzero;stroke:#204a87;stroke-width:1.03852236;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:0;marker:none;visibility:visible;display:inline;overflow:visible;enable-background:accumulate"
+           ry="1.5233214" />
+        <rect
+           y="315.23804"
+           x="266.59027"
+           height="43.414661"
+           width="41.064651"
+           id="rect3162-1"
+           style="opacity:0.6;fill:none;stroke:#ffffff;stroke-width:1.03852236;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:0;marker:none;visibility:visible;display:inline;overflow:visible;enable-background:accumulate"
+           ry="0.7616607"
+           inkscape:export-xdpi="90"
+           inkscape:export-ydpi="90" />
+      </g>
+      <g
+         transform="matrix(0.9761091,0,0,1,6.3333026,0)"
+         id="g5108">
+        <rect
+           rx="2"
+           ry="2"
+           style="opacity:0.4;fill:#000000;fill-opacity:1;fill-rule:nonzero;stroke:#000000;stroke-width:1;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:0;marker:none;visibility:visible;display:inline;overflow:visible;filter:url(#filter3241-0);enable-background:accumulate"
+           id="rect3184-5"
+           width="11"
+           height="59"
+           x="2.5"
+           y="2.5"
+           transform="matrix(0,1.0025263,-0.76423683,0,312.09322,298.92289)" />
+        <g
+           transform="matrix(0,1,-1,0,611.46116,-45.820829)"
+           id="g4877-9">
+          <rect
+             ry="1.5284736"
+             style="fill:url(#linearGradient5836);fill-opacity:1;fill-rule:nonzero;stroke:#204a87;stroke-width:0.87531;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:0;marker:none;visibility:visible;display:inline;overflow:visible;enable-background:accumulate"
+             id="rect2395-95"
+             width="11.02779"
+             height="45.089973"
+             x="346.19211"
+             y="301.27853" />
+          <rect
+             y="302.04276"
+             x="347.19461"
+             height="43.561501"
+             width="9.0227375"
+             id="rect3158-2"
+             style="opacity:0.6;fill:none;stroke:#ffffff;stroke-width:0.87531;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:0;marker:none;visibility:visible;display:inline;overflow:visible;enable-background:accumulate"
+             ry="0.76423681" />
+        </g>
+      </g>
+      <g
+         id="g4877-8"
+         transform="translate(-47.956003,13.002947)">
+        <rect
+           y="301.27853"
+           x="346.19211"
+           height="45.089973"
+           width="11.02779"
+           id="rect2395-1"
+           style="fill:url(#linearGradient5838);fill-opacity:1;fill-rule:nonzero;stroke:#204a87;stroke-width:0.87531;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:0;marker:none;visibility:visible;display:inline;overflow:visible;enable-background:accumulate"
+           ry="1.5284736" />
+        <rect
+           ry="0.76423681"
+           style="opacity:0.6;fill:none;stroke:#ffffff;stroke-width:0.87531;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;stroke-dashoffset:0;marker:none;visibility:visible;display:inline;overflow:visible;enable-background:accumulate"
+           id="rect3158-71"
+           width="9.0227375"
+           height="43.561501"
+           x="347.19461"
+           y="302.04276" />
+      </g>
+    </g>
+  </g>
+</svg>
@@ -20,7 +20,7 @@
 .box-3 {
   position: relative;
-  display: table-footer-group;
+  display: table-header-group;
   width: 100%;
 }
@@ -0,0 +1,83 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!-- Created with Inkscape (http://www.inkscape.org/) -->
+
+<svg
+   xmlns:dc="http://purl.org/dc/elements/1.1/"
+   xmlns:cc="http://creativecommons.org/ns#"
+   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+   xmlns:svg="http://www.w3.org/2000/svg"
+   xmlns="http://www.w3.org/2000/svg"
+   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+   width="64"
+   height="64"
+   id="svg2"
+   sodipodi:version="0.32"
+   inkscape:version="0.48.3.1 r9886"
+   version="1.0"
+   sodipodi:docname="4.svg"
+   inkscape:output_extension="org.inkscape.output.svg.inkscape"
+   inkscape:export-filename="/home/noosfero/sites/noosfero/public/images/blocks/4.png"
+   inkscape:export-xdpi="87.968124"
+   inkscape:export-ydpi="87.968124">
+  <defs
+     id="defs4" />
+  <sodipodi:namedview
+     id="base"
+     pagecolor="#ffffff"
+     bordercolor="#666666"
+     borderopacity="1.0"
+     inkscape:pageopacity="0.0"
+     inkscape:pageshadow="2"
+     inkscape:zoom="5.921875"
+     inkscape:cx="32"
+     inkscape:cy="32"
+     inkscape:document-units="px"
+     inkscape:current-layer="layer1"
+     width="64px"
+     height="64px"
+     inkscape:window-width="1366"
+     inkscape:window-height="681"
+     inkscape:window-x="0"
+     inkscape:window-y="27"
+     showgrid="false"
+     inkscape:window-maximized="1" />
+  <metadata
+     id="metadata7">
+    <rdf:RDF>
+      <cc:Work
+         rdf:about="">
+        <dc:format>image/svg+xml</dc:format>
+        <dc:type
+           rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
+        <dc:title></dc:title>
+      </cc:Work>
+    </rdf:RDF>
+  </metadata>
+  <g
+     inkscape:label="Camada 1"
+     inkscape:groupmode="layer"
+     id="layer1">
+    <path
+       sodipodi:type="arc"
+       style="fill:#000000;fill-opacity:0;stroke:#000000;stroke-width:4.5;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:0.19607843"
+       id="path2162"
+       sodipodi:cx="24.12665"
+       sodipodi:cy="24.063324"
+       sodipodi:rx="21.593668"
+       sodipodi:ry="21.277044"
+       d="M 45.720318 24.063324 A 21.593668 21.277044 0 1 1  2.5329819,24.063324 A 21.593668 21.277044 0 1 1  45.720318 24.063324 z"
+       transform="translate(7.8733501,7.936676)" />
+    <text
+       xml:space="preserve"
+       style="font-size:42.00993729px;font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;text-align:start;line-height:125%;writing-mode:lr-tb;text-anchor:start;fill:#000000;fill-opacity:0.19607843;stroke:none;font-family:FreeSans"
+       x="16.267668"
+       y="47.399117"
+       id="text3134"
+       sodipodi:linespacing="125%"><tspan
+         sodipodi:role="line"
+         id="tspan3136"
+         x="16.267668"
+         y="47.399117">4</tspan></text>
+  </g>
+</svg>
@@ -31,6 +31,7 @@
 *= require select-or-die/_src/selectordie.js
 *= require block-store.js
 *= require jquery.typewatch.js
+*= require require_login.js
 */
 // scope for noosfero stuff
@@ -0,0 +1,19 @@
+(function($){
+  'use strict';
+
+  function toggle_assignment_method() {
+    if (this.value != "roles") {
+      $('.assign_by_roles').hide();
+      $('.assign_by_members').show();
+    } else {
+      $('.assign_by_members').hide();
+      $('.assign_by_roles').show();
+    }
+  }
+
+  $(document).ready(function() {
+    $('.assign_by_roles').hide();
+    // Event triggers
+    $('.assign_role_by').click(toggle_assignment_method);
+  });
+})(jQuery);
@@ -0,0 +1,25 @@
+(function($) {
+  $(window).bind('userDataLoaded', function(event, data) {
+    $(".require-login-popup").live('click', function(){
+      clicked = $(this);
+      url = clicked.attr("href");
+      if(url!=undefined && url!='' && url!='#') {
+        if(!data.login) {
+          url = $.param.querystring(url, "require_login_popup=true");
+        }
+        loading_for_button(this);
+        $.post(url, function(data){
+          if(data.require_login_popup) {
+            $('#link_login').click(); //TODO see a better way to show login popup
+          }
+        }).complete(function() {
+          clicked.css("cursor","");
+          $(".small-loading").remove();
+        });
+      } else {
+        $('#link_login').click();
+      }
+      return false;
+    });
+  });
+})(jQuery);
@@ -1817,6 +1817,18 @@ a.button.disabled, input.disabled {
   background-repeat: no-repeat;
   background-position: top right;
 }
+#box-organizer div.box-1 {
+  background-image: url(../images/blocks/1.png);
+}
+#box-organizer div.box-2 {
+  background-image: url(../images/blocks/2.png);
+}
+#box-organizer div.box-3 {
+  background-image: url(../images/blocks/3.png);
+}
+#box-organizer div.box-4 {
+  background-image: url(../images/blocks/4.png);
+}
 #box-organizer .block {
   cursor: move;
 }
@@ -4675,6 +4687,12 @@ h1#agenda-title {
 .controller-profile_editor a.control-panel-welcome-page {
   background-image: url(../images/control-panel/welcome-page.png)
 }
+.controller-profile_editor a.control-panel-roles {
+  background-image: url(../images/control-panel/role-management.png)
+}
+.controller-profile_editor .msie6 a.control-panel-roles {
+  background-image: url(../images/control-panel/role-management.gif)
+}
 /* ==> public/stylesheets/controller_profile_members.css <== */
 .controller-profile_members .no-boxes {
   margin: 30px
-binary_packages='deb http://download.noosfero.org/debian/wheezy-1.1 ./'
+binary_packages='deb http://download.noosfero.org/debian/wheezy-1.2 ./'
 source_packages=$(echo "$binary_packages" | sed -e 's/^deb/deb-src/')
@@ -53,6 +53,13 @@ FPQAoNmiMgP6zGF9rgOEWMEiFEryayrz
 EOF
 fi
+if grep -qrl wheezy /etc/apt/sources.list* && ! grep -qrl wheezy-backports /etc/apt/sources.list*; then
+  sudo tee /etc/apt/sources.list.d/backports.list <<EOF
+deb http://httpredir.debian.org/debian wheezy-backports main
+EOF
+fi
+
+
 if test -f tmp/debian/Release.gpg; then
   echo "deb file://$(pwd)/tmp/debian/ ./" | sudo tee /etc/apt/sources.list.d/local.list
   sudo apt-key add tmp/debian/signing-key.asc
@@ -65,6 +72,9 @@ run sudo apt-get -qy dist-upgrade
 run sudo apt-get -y install dctrl-tools
+# *sigh* need ruby-rspec from backports
+run sudo apt-get -y install -t wheezy-backports ruby-rspec
+
 # needed to run noosfero
 packages=$(grep-dctrl -n -s Build-Depends,Depends,Recommends -S -X noosfero debian/control | sed -e '/^\s*#/d; s/([^)]*)//g; s/,\s*/\n/g' | grep -v 'memcached\|debconf\|dbconfig-common\|misc:Depends\|adduser\|mail-transport-agent')
 run sudo apt-get -y install $packages
@@ -578,4 +578,22 @@ class ApplicationControllerTest &lt; ActionController::TestCase
     assert_response :success
   end
+  should "redirect to 404 if profile is '~' and user is not logged in" do
+    get :index, :profile => '~'
+    assert_response :missing
+  end
+
+  should "redirect to action when profile is '~' " do
+    login_as('ze')
+    get :index, :profile => '~'
+    assert_response 302
+  end
+
+  should "substitute '~' by current user and redirect properly " do
+    login_as('ze')
+    profile = Profile.where(:identifier => 'ze').first
+    get :index, :profile => '~'
+    assert_redirected_to :controller => 'test', :action => 'index', :profile => profile.identifier
+  end
+
 end
@@ -175,7 +175,7 @@ class ContentViewerControllerTest &lt; ActionController::TestCase
     admin = fast_create(Person)
     community.add_member(admin)
-    folder = fast_create(Folder, :profile_id => community.id, :published => false)
+    folder = fast_create(Folder, :profile_id => community.id, :published => false, :show_to_followers => false)
     community.add_member(profile)
     login_as(profile.identifier)
@@ -278,7 +278,7 @@ class ContentViewerControllerTest &lt; ActionController::TestCase
   should 'not give access to private articles if logged in and only member' do
     person = create_user('test_user').person
     profile = Profile.create!(:name => 'test profile', :identifier => 'test_profile')
-    intranet = Folder.create!(:name => 'my_intranet', :profile => profile, :published => false)
+    intranet = Folder.create!(:name => 'my_intranet', :profile => profile, :published => false, :show_to_followers => false)
     profile.affiliate(person, Profile::Roles.member(profile.environment.id))
     login_as('test_user')
@@ -681,9 +681,9 @@ class ProfileDesignControllerTest &lt; ActionController::TestCase
     end
   end
-  test 'should forbid POST to save for fixed blocks' do
+  test 'should forbid POST to save for uneditable blocks' do
     block = profile.blocks.last
-    block.fixed = true
+    block.edit_modes = "none"
     block.save!
     post :save, id: block.id, profile: profile.identifier
@@ -692,7 +692,7 @@ class ProfileDesignControllerTest &lt; ActionController::TestCase
   test 'should forbid POST to move_block for fixed blocks' do
     block = profile.blocks.last
-    block.fixed = true
+    block.move_modes = "none"
     block.save!
     post :move_block, id: block.id, profile: profile.identifier, target: "end-of-box-#{@box3.id}"
@@ -0,0 +1,106 @@
+require_relative "../test_helper"
+require 'profile_roles_controller'
+
+class ProfileRolesControllerTest < ActionController::TestCase
+
+  def setup
+    @controller = ProfileRolesController.new
+    @request    = ActionController::TestRequest.new
+    @response   = ActionController::TestResponse.new
+    @role = Role.find(:first)
+  end
+
+  should 'create a custom role' do
+    community = fast_create(Community)
+    admin = create_user_with_permission('admin_user', 'manage_custom_roles', community)
+    login_as :admin_user
+    post :create, :profile => community.identifier, :role => {:name => "some_role", :permissions => ["edit_profile"] }
+    role = Role.where(:name => 'some_role').first
+
+    assert_not_nil role
+    assert_equal community.id, role.profile_id
+  end
+
+  should 'not create a custom role without permission' do
+    community = fast_create(Community)
+    moderator = create_user_with_permission('profile_admin', 'edit_profile', community)
+    login_as :profile_admin
+    post :create, :profile => community.identifier, :role => {:name => "new_admin", :permissions => ["edit_profile"] }
+
+    assert_response 403
+    assert_template 'access_denied'
+
+    role = Role.where(:name => 'new_admin')
+
+    assert_empty role
+  end
+
+
+  should 'delete a custom role not used' do
+    community = fast_create(Community)
+    admin = create_user_with_permission('admin_user', 'manage_custom_roles', community)
+    login_as :admin_user
+    role = Role.create!({:name => 'delete_article', :key => 'profile_delete_article', :profile_id => community.id, :environment => Environment.default}, :without_protection => true)
+    post :remove , :profile => community.identifier, :id => role.id
+
+    assert_response :redirect
+    assert_redirected_to :action => 'index'
+
+    assert_not_includes Role.all, role
+  end
+
+  should 'delete a custom role being used' do
+    community = fast_create(Community)
+    admin = create_user_with_permission('admin_user', 'manage_custom_roles', community)
+    login_as :admin_user
+    role = Role.create!({:name => 'delete_article', :key => 'profile_delete_article', :profile_id => community.id, :environment => Environment.default}, :without_protection => true)
+    admin.add_role(role, community)
+    moderator_role = Role.find_by_name("moderator")
+
+    assert_not_includes community.members_by_role(moderator_role), admin
+
+    post :remove , :profile => community.identifier, :id => role.id, :roles => [moderator_role.id]
+
+    assert_response :redirect
+    assert_redirected_to :action => 'index'
+
+    assert_not_includes Role.all, role
+    assert_includes community.members_by_role(moderator_role), admin
+  end
+
+  should 'assign a custom role to single user' do
+    community = fast_create(Community)
+    admin = create_user_with_permission('admin_user', 'manage_custom_roles', community)
+    login_as :admin_user
+    role = Role.create!({:name => 'delete_article', :key => 'profile_delete_article', :profile_id => community.id, :environment => Environment.default}, :without_protection => true)
+
+    assert_not_includes community.members_by_role(role), admin
+
+    post :define, :profile => community.identifier, :id => role.id, :assign_role_by => "members", :person_id => admin.id
+
+    assert_includes community.members_by_role(role), admin
+  end
+
+  should  'replace a role with a custom role' do
+    community = fast_create(Community)
+    admin = create_user_with_permission('admin_user', 'manage_custom_roles', community)
+    moderator = create_user_with_permission('profile_admin', 'edit_profile', community)
+    login_as :admin_user
+    role = Role.create!({:name => 'delete_article', :key => 'profile_delete_article', :profile_id => community.id, :environment => Environment.default}, :without_protection => true)
+    moderator_role = Role.find_by_name("moderator")
+    admin.add_role(moderator_role, community)
+
+    assert_not_includes community.members_by_role(role), admin
+
+    assert_not_includes community.members_by_role(role), moderator
+    assert_not_includes community.members_by_role(moderator_role), moderator
+
+    post :define, :profile => community.identifier, :id => role.id, :assign_role_by => "roles", :selected_role => moderator_role.id
+
+    assert_not_includes community.members_by_role(moderator_role), admin
+    assert_includes community.members_by_role(role), admin
+
+    assert_not_includes community.members_by_role(role), moderator
+    assert_not_includes community.members_by_role(moderator_role), moderator
+  end
+end
@@ -272,4 +272,8 @@ class RoutingTest &lt; ActionController::IntegrationTest
     assert_routing('/embed/block/12345', :controller => 'embed', :action => 'block', :id => '12345')
   end
+  should 'accept ~ as placeholder for current user' do
+    assert_routing('/profile/~', :controller => 'profile', :profile => '~', :action => 'index')
+  end
+
 end
@@ -39,6 +39,24 @@ class BlockTest &lt; ActiveSupport::TestCase
     assert Block.new.editable?
   end
+  should 'be editable if edit modes is all' do
+    block = Block.new
+    block.edit_modes = 'all'
+
+    assert block.editable?
+  end
+
+  should 'be movable by default' do
+    assert Block.new.movable?
+  end
+
+  should 'be movable if move modes is all' do
+    block = Block.new
+    block.move_modes = 'all'
+
+    assert block.movable?
+  end
+
   should 'have default titles' do
     b = Block.new
     b.expects(:default_title).returns('my title')
@@ -123,24 +123,24 @@ class BoxesHelperTest &lt; ActionView::TestCase
     display_box_content(box, '')
   end
-  should 'not show move options on block when block is fixed' do
+  should 'not show move options on block when block has no permission to edit' do
     p = create_user_with_blocks
     b = p.blocks.select{|bk| !bk.kind_of?(MainBlock) }[0]
-    b.fixed = true
+    b.move_modes = "none"
     b.save!
     stubs(:environment).returns(p.environment)
     stubs(:user).returns(p)
-    assert_equal false, modifiable?(b)
+    assert_equal false, movable?(b)
   end
-  should 'show move options on block when block is fixed and user is admin' do
+  should 'show move options on block when block has no permission to edit and user is admin' do
     p = create_user_with_blocks
     b = p.blocks.select{|bk| !bk.kind_of?(MainBlock) }[0]
-    b.fixed = true
+    b.edit_modes = "none"
     b.save!
     p.environment.add_admin(p)
@@ -148,7 +148,7 @@ class BoxesHelperTest &lt; ActionView::TestCase
     stubs(:environment).returns(p.environment)
     stubs(:user).returns(p)
-    assert_equal true, modifiable?(b)
+    assert_equal true, movable?(b)
   end
   should 'consider boxes_limit without custom_design' do
@@ -198,4 +198,16 @@ class BoxesHelperTest &lt; ActionView::TestCase
     assert_no_tag_in_string block_edit_buttons(block), :tag => 'a', :attributes => {:class => 'button icon-button icon-embed '}
   end
+  should 'only show edit option on block' do
+    p = create_user_with_blocks
+
+    b = p.blocks.select{|bk| !bk.kind_of?(MainBlock) }[0]
+    b.edit_modes = "only_edit"
+    b.save!
+
+    stubs(:environment).returns(p.environment)
+    stubs(:user).returns(p)
+
+    assert_equal false, b.editable?
+  end
 end
@@ -188,7 +188,7 @@ class EnterpriseTest &lt; ActiveSupport::TestCase
     inactive_template.save!
     active_template = create(Enterprise, :name => 'enteprise template', :identifier => 'enterprise_template')
-    assert_equal 3, active_template.boxes.size
+    assert_equal 4, active_template.boxes.size
     e = Environment.default
     e.inactive_enterprise_template = inactive_template
@@ -400,7 +400,7 @@ class EnterpriseTest &lt; ActiveSupport::TestCase
     e.save!
     ent = create(Enterprise, :name => 'test enteprise', :identifier => 'test_ent')
-    assert_equal 3, ent.boxes.size
+    assert_equal 4, ent.boxes.size
   end
   should 'collect the highlighted products with image' do
@@ -901,6 +901,8 @@ class ProfileTest &lt; ActiveSupport::TestCase
   should 'copy set of articles from a template' do
     template = create_user('test_template').person
+    template.is_template = true
+    template.save
     template.articles.destroy_all
     a1 = fast_create(Article, :profile_id => template.id, :name => 'some xyz article')
     a2 = fast_create(Article, :profile_id => template.id, :name => 'some child article', :parent_id => a1.id)
@@ -934,6 +936,8 @@ class ProfileTest &lt; ActiveSupport::TestCase
   should 'copy homepage from template' do
     template = create_user('test_template').person
+    template.is_template = true
+    template.save
     template.articles.destroy_all
     a1 = fast_create(Article, :profile_id => template.id, :name => 'some xyz article')
     template.home_page = a1
@@ -949,6 +953,8 @@ class ProfileTest &lt; ActiveSupport::TestCase
   should 'not advertise the articles copied from templates' do
     template = create_user('test_template').person
+    template.is_template = true
+    template.save
     template.articles.destroy_all
     a = fast_create(Article, :profile_id => template.id, :name => 'some xyz article')
@@ -962,7 +968,7 @@ class ProfileTest &lt; ActiveSupport::TestCase
   end
   should 'copy set of boxes from profile template' do
-    template = fast_create(Profile)
+    template = fast_create(Profile, :is_template => true)
     template.boxes.destroy_all
     template.boxes << Box.new
     template.boxes[0].blocks << Block.new
@@ -977,7 +983,7 @@ class ProfileTest &lt; ActiveSupport::TestCase
   end
   should 'copy layout template when applying template' do
-    template = fast_create(Profile)
+    template = fast_create(Profile, :is_template => true)
     template.layout_template = 'leftbar'
     template.save!
@@ -989,7 +995,7 @@ class ProfileTest &lt; ActiveSupport::TestCase
   end
   should 'copy blocks when applying template' do
-    template = fast_create(Profile)
+    template = fast_create(Profile, :is_template => true)
     template.boxes.destroy_all
     template.boxes << Box.new
     template.boxes[0].blocks << Block.new
@@ -1004,7 +1010,7 @@ class ProfileTest &lt; ActiveSupport::TestCase
   end
   should 'copy articles when applying template' do
-    template = fast_create(Profile)
+    template = fast_create(Profile, :is_template => true)
     template.articles.create(:name => 'template article')
     template.save!
@@ -1016,7 +1022,7 @@ class ProfileTest &lt; ActiveSupport::TestCase
   end
   should 'rename existing articles when applying template' do
-    template = fast_create(Profile)
+    template = fast_create(Profile, :is_template => true)
     template.boxes.destroy_all
     template.boxes << Box.new
     template.boxes[0].blocks << Block.new
@@ -1033,7 +1039,7 @@ class ProfileTest &lt; ActiveSupport::TestCase
   end
   should 'copy header when applying template' do
-    template = fast_create(Profile)
+    template = fast_create(Profile, :is_template => true)
     template[:custom_header] = '{name}'
     template.save!
@@ -1047,7 +1053,7 @@ class ProfileTest &lt; ActiveSupport::TestCase
   end
   should 'copy footer when applying template' do
-    template = create(Profile, :address => 'Template address', :custom_footer => '{address}')
+    template = create(Profile, :address => 'Template address', :custom_footer => '{address}', :is_template => true)
     p = create(Profile, :address => 'Profile address')
     p.apply_template(template)
@@ -1058,7 +1064,7 @@ class ProfileTest &lt; ActiveSupport::TestCase
   end
   should 'ignore failing validation when applying template' do
-    template = create(Profile, :layout_template => 'leftbar', :custom_footer => 'my custom footer', :custom_header => 'my custom header')
+    template = create(Profile, :layout_template => 'leftbar', :custom_footer => 'my custom footer', :custom_header => 'my custom header', :is_template => true)
     p = create(Profile)
     def p.validate
@@ -1074,7 +1080,7 @@ class ProfileTest &lt; ActiveSupport::TestCase
   end
   should 'copy homepage when applying template' do
-    template = fast_create(Profile)
+    template = fast_create(Profile, :is_template => true)
     a1 = fast_create(Article, :profile_id => template.id, :name => 'some xyz article')
     template.home_page = a1
     template.save!
@@ -1161,7 +1167,7 @@ class ProfileTest &lt; ActiveSupport::TestCase
   end
   should 'copy public/private setting from template' do
-    template = fast_create(Profile, :public_profile => false)
+    template = fast_create(Profile, :public_profile => false, :is_template => true)
     p = fast_create(Profile)
     p.apply_template(template)
     assert_equal false, p.public_profile
@@ -554,6 +554,7 @@ class UserTest &lt; ActiveSupport::TestCase
   should 'delay activation check with custom time' do
     NOOSFERO_CONF.stubs(:[]).with('hours_until_user_activation_check').returns(240)
+    NOOSFERO_CONF.stubs(:[]).with('exclude_profile_identifier_pattern')
     user = new_user
     job = Delayed::Job.last
     assert_match /UserActivationJob/, job.handler
@@ -13,9 +13,11 @@ else
   local_debs = Dir.glob('*.deb')
   debs.each do |f|
     fn = File.basename(f)
-    if local_debs.include?(fn)
-      local_debs.delete(fn)
-    else
+
+    local_debs.delete(fn)
+
+    if File.stat(f) != File.stat(fn)
+      FileUtils::Verbose.rm_f(fn)
       FileUtils::Verbose.ln f, '.'
     end
   end
@@ -61,19 +61,35 @@ deb http://download.noosfero.org/debian/wheezy-test ./
 deb-src http://download.noosfero.org/debian/wheezy-test ./
 EOF
+sed -e 's/wheezy/&-backports/' \
+  /etc/apt/sources.list > /etc/apt/sources.list.d/backports.list
+
 export DEBIAN_FRONTEND=noninteractive
+# local debs
+if [ -n "$(find /vagrant -name '*.deb')" ]; then
+  apt-get install -qy apt-utils bzip2
+  (
+    rm -rf /opt/noosfero
+    mkdir /opt/noosfero
+    cp /vagrant/*.deb /opt/noosfero
+    cd /opt/noosfero
+    apt-ftparchive packages . > Packages
+    cat Packages | gzip - > Packages.gz
+    cat Packages | bzip2 - > Packages.bz2
+    apt-ftparchive release . > Release
+    echo 'deb [trusted=yes] file:///opt/noosfero ./' > /etc/apt/sources.list.d/local.list
+  )
+else
+  rm -f /etc/apt/sources.list.d/local.list
+fi
+
 apt-get update
 apt-get dist-upgrade -qy
-apt-get install -qy postgresql ruby1.8
+apt-get install -qy postgresql
-if dpkg --unpack /vagrant/noosfero_*.deb /vagrant/noosfero-apache_*.deb; then
-  apt-cache policy noosfero
-  apt-get install -qyf
-else
-  apt-cache policy noosfero
-  apt-get install -qy noosfero noosfero-apache
-fi
+apt-cache policy noosfero
+apt-get install -qy noosfero noosfero-apache
 a2dissite 000-default
 service apache2 reload
@@ -4,6 +4,7 @@ class Role &lt; ActiveRecord::Base
   has_many :role_assignments, :dependent => :destroy
   belongs_to :environment
+  belongs_to :organization
   serialize :permissions, Array
   validates_presence_of :name
   validates_uniqueness_of :name, :scope => :environment_id
	@@ -2,7 +2,7 @@ class RoleController < AdminController		@@ -2,7 +2,7 @@ class RoleController < AdminController
2	protect 'manage_environment_roles', :environment	2	protect 'manage_environment_roles', :environment
3		3
4	def index	4	def index
5	- @roles = environment.roles.find(:all)	5	+ @roles = environment.roles.find(:all, :conditions => {:profile_id => nil})
6	end	6	end
7		7
8	def new	8	def new
	@@ -14,6 +14,7 @@ class ApplicationController < ActionController::Base		@@ -14,6 +14,7 @@ class ApplicationController < ActionController::Base
14	def log_user	14	def log_user
15	Rails.logger.info "Logged in: #{user.identifier}" if user	15	Rails.logger.info "Logged in: #{user.identifier}" if user
16	end	16	end
		17	+ before_filter :redirect_to_current_user
17		18
18	def verify_members_whitelist	19	def verify_members_whitelist
19	render_access_denied unless user.is_admin? \|\| environment.in_whitelist?(user)	20	render_access_denied unless user.is_admin? \|\| environment.in_whitelist?(user)
	@@ -197,4 +198,15 @@ class ApplicationController < ActionController::Base		@@ -197,4 +198,15 @@ class ApplicationController < ActionController::Base
197	def private_environment?	198	def private_environment?
198	@environment.enabled?(:restrict_to_members)	199	@environment.enabled?(:restrict_to_members)
199	end	200	end
		201	+
		202	+ def redirect_to_current_user
		203	+ if params[:profile] == '~'
		204	+ if logged_in?
		205	+ redirect_to params.merge(:profile => user.identifier)
		206	+ else
		207	+ render_not_found
		208	+ end
		209	+ end
		210	+ end
		211	+
200	end	212	end
	@@ -58,6 +58,7 @@ class ProfileMembersController < MyProfileController		@@ -58,6 +58,7 @@ class ProfileMembersController < MyProfileController
58		58
59	def change_role	59	def change_role
60	@roles = Profile::Roles.organization_member_roles(environment.id)	60	@roles = Profile::Roles.organization_member_roles(environment.id)
		61	+ @custom_roles = profile.custom_roles
61	begin	62	begin
62	@member = profile.members.find(params[:id])	63	@member = profile.members.find(params[:id])
63	rescue ActiveRecord::RecordNotFound	64	rescue ActiveRecord::RecordNotFound
@@ -0,0 +1,116 @@		@@ -0,0 +1,116 @@
	1	+class ProfileRolesController < MyProfileController
	2	+
	3	+ protect 'manage_custom_roles', :profile
	4	+
	5	+ def index
	6	+ @roles = profile.custom_roles
	7	+ end
	8	+
	9	+ def new
	10	+ @role = Role.new
	11	+ end
	12	+
	13	+ def create
	14	+ @role = Role.new({:name => params[:role][:name], :permissions => params[:role][:permissions], :environment => environment }, :without_protection => true)
	15	+ if @role.save
	16	+ profile.custom_roles << @role
	17	+ redirect_to :action => 'show', :id => @role
	18	+ else
	19	+ session[:notice] = _('Failed to create role')
	20	+ render :action => 'new'
	21	+ end
	22	+ end
	23	+
	24	+ def show
	25	+ @role = environment.roles.find(params[:id])
	26	+ end
	27	+
	28	+ def edit
	29	+ @role = environment.roles.find(params[:id])
	30	+ end
	31	+
	32	+ def assign_role_by_members
	33	+ return redirect_to "/" if params[:q].nil? or !request.xhr?
	34	+ arg = params[:q].downcase
	35	+ result = find_by_contents(:people, environment, profile.members, params[:q])[:results]
	36	+ render :text => prepare_to_token_input(result).to_json
	37	+ end
	38	+
	39	+ def destroy
	40	+ @role = environment.roles.find(params[:id])
	41	+ @members = profile.members_by_role(@role)
	42	+ @roles_list = all_roles(environment, profile)
	43	+ @roles_list.delete(@role)
	44	+ end
	45	+
	46	+ def remove
	47	+ @role = environment.roles.find(params[:id])
	48	+ @members = profile.members_by_role(@role)
	49	+ member_roles = params[:roles] ? environment.roles.find(params[:roles].select{\|r\|!r.to_i.zero?}) : []
	50	+ append_roles(@members, member_roles, profile)
	51	+ if @role.destroy
	52	+ session[:notice] = _('Role successfuly removed!')
	53	+ else
	54	+ session[:notice] = _('Failed to remove role!')
	55	+ end
	56	+ redirect_to :action => 'index'
	57	+ end
	58	+
	59	+ def update
	60	+ @role = environment.roles.find(params[:id])
	61	+ if @role.update_attributes(params[:role])
	62	+ redirect_to :action => 'show', :id => @role
	63	+ else
	64	+ session[:notice] = _('Failed to edit role')
	65	+ render :action => 'edit'
	66	+ end
	67	+ end
	68	+
	69	+ def assign
	70	+ @role = environment.roles.find(params[:id])
	71	+ @roles_list = all_roles(environment, profile)
	72	+ @roles_list.delete(@role)
	73	+ end
	74	+
	75	+ def define
	76	+ @role = environment.roles.find(params[:id])
	77	+ selected_role = params[:selected_role] ? environment.roles.find(params[:selected_role].to_i) : nil
	78	+ if params[:assign_role_by].eql? "members"
	79	+ members_list = params[:person_id].split(',').collect {\|id\| environment.profiles.find(id.to_i)}
	80	+ members_list.collect{\|person\| person.add_role(@role, profile)}
	81	+ elsif params[:assign_role_by].eql? "roles"
	82	+ members = profile.members_by_role(selected_role)
	83	+ replace_role(members, selected_role, @role, profile)
	84	+ else
	85	+ session[:notice] = _("Error")
	86	+ end
	87	+ redirect_to :action => 'index'
	88	+ end
	89	+
	90	+ protected
	91	+
	92	+ def append_roles(members, roles, profile)
	93	+ members.each do \|person\|
	94	+ all_roles = person.find_roles(profile).map(&:role) + roles
	95	+ person.define_roles(all_roles, profile)
	96	+ end
	97	+ end
	98	+
	99	+ def all_roles(environment, profile)
	100	+ Profile::Roles.organization_member_roles(environment.id) + profile.custom_roles
	101	+ end
	102	+
	103	+ def replace_roles(members, roles, profile)
	104	+ members.each do \|person\|
	105	+ person.define_roles(roles, profile)
	106	+ end
	107	+ end
	108	+
	109	+ def replace_role(members, role, new_role, profile)
	110	+ members.each do \|person\|
	111	+ person.remove_role(role, profile)
	112	+ person.add_role(new_role, profile)
	113	+ end
	114	+ end
	115	+
	116	+end
	@@ -717,6 +717,24 @@ module ApplicationHelper		@@ -717,6 +717,24 @@ module ApplicationHelper
717	javascript_include_tag script if script	717	javascript_include_tag script if script
718	end	718	end
719		719
		720	+ def template_path
		721	+ if profile.nil?
		722	+ "/designs/templates/#{environment.layout_template}"
		723	+ else
		724	+ "/designs/templates/#{profile.layout_template}"
		725	+ end
		726	+ end
		727	+
		728	+ def template_javascript_src
		729	+ script = File.join template_path, '/javascripts/template.js'
		730	+ script if File.exists? File.join(Rails.root, 'public', script)
		731	+ end
		732	+
		733	+ def templete_javascript_ng
		734	+ script = template_javascript_src
		735	+ javascript_include_tag script if script
		736	+ end
		737	+
720	def file_field_or_thumbnail(label, image, i)	738	def file_field_or_thumbnail(label, image, i)
721	display_form_field label, (	739	display_form_field label, (
722	render :partial => (image && image.valid? ? 'shared/show_thumbnail' : 'shared/change_image'),	740	render :partial => (image && image.valid? ? 'shared/show_thumbnail' : 'shared/change_image'),
1	class Block < ActiveRecord::Base	1	class Block < ActiveRecord::Base
2		2
3	- attr_accessible :title, :display, :limit, :box_id, :posts_per_page, :visualization_format, :language, :display_user, :box, :fixed	3	+ attr_accessible :title, :display, :limit, :box_id, :posts_per_page,
		4	+ :visualization_format, :language, :display_user,
		5	+ :box, :edit_modes, :move_modes
4		6
5	# to be able to generate HTML	7	# to be able to generate HTML
6	include ActionView::Helpers::UrlHelper	8	include ActionView::Helpers::UrlHelper
	@@ -110,8 +112,13 @@ class Block < ActiveRecord::Base		@@ -110,8 +112,13 @@ class Block < ActiveRecord::Base
110	# * <tt>'all'</tt>: the block is always displayed	112	# * <tt>'all'</tt>: the block is always displayed
111	settings_items :language, :type => :string, :default => 'all'	113	settings_items :language, :type => :string, :default => 'all'
112		114
113	- # The block can be configured to be fixed. Only can be edited by environment admins
114	- settings_items :fixed, :type => :boolean, :default => false	115	+ # The block can be configured to define the edition modes options. Only can be edited by environment admins
		116	+ # It can assume the following values:
		117	+ #
		118	+ # * <tt>'all'</tt>: the block owner has all edit options for this block
		119	+ # * <tt>'none'</tt>: the block owner can't do anything with the block
		120	+ settings_items :edit_modes, :type => :string, :default => 'all'
		121	+ settings_items :move_modes, :type => :string, :default => 'all'
115		122
116	# returns the description of the block, used when the user sees a list of	123	# returns the description of the block, used when the user sees a list of
117	# blocks to choose one to include in the design.	124	# blocks to choose one to include in the design.
	@@ -178,7 +185,11 @@ class Block < ActiveRecord::Base		@@ -178,7 +185,11 @@ class Block < ActiveRecord::Base
178		185
179	# Is this block editable? (Default to <tt>false</tt>)	186	# Is this block editable? (Default to <tt>false</tt>)
180	def editable?	187	def editable?
181	- true	188	+ self.edit_modes == "all"
		189	+ end
		190	+
		191	+ def movable?
		192	+ self.move_modes == "all"
182	end	193	end
183		194
184	# must always return false, except on MainBlock clas.	195	# must always return false, except on MainBlock clas.
	@@ -258,6 +269,21 @@ class Block < ActiveRecord::Base		@@ -258,6 +269,21 @@ class Block < ActiveRecord::Base
258	}	269	}
259	end	270	end
260		271
		272	+ def edit_block_options
		273	+ @edit_options \|\|= {
		274	+ 'all' => _('Can be modified'),
		275	+ 'none' => _('Cannot be modified')
		276	+ }
		277	+ end
		278	+
		279	+ def move_block_options
		280	+ @move_options \|\|= {
		281	+ 'all' => _('Can be moved'),
		282	+ 'none' => _('Cannot be moved')
		283	+ }
		284	+ end
		285	+
		286	+
261	def duplicate	287	def duplicate
262	duplicated_block = self.dup	288	duplicated_block = self.dup
263	duplicated_block.display = 'never'	289	duplicated_block.display = 'never'
	@@ -36,6 +36,8 @@ class Organization < Profile		@@ -36,6 +36,8 @@ class Organization < Profile
36		36
37	has_many :mailings, :class_name => 'OrganizationMailing', :foreign_key => :source_id, :as => 'source'	37	has_many :mailings, :class_name => 'OrganizationMailing', :foreign_key => :source_id, :as => 'source'
38		38
		39	+ has_many :custom_roles, :class_name => 'Role', :foreign_key => :profile_id
		40	+
39	scope :more_popular, :order => 'members_count DESC'	41	scope :more_popular, :order => 'members_count DESC'
40		42
41	validate :presence_of_required_fieds, :unless => :is_template	43	validate :presence_of_required_fieds, :unless => :is_template
1	-<div class='join-leave-button'>	1	+<div class='join-leave-button require-login-popup'>
2	<% if logged_in? %>	2	<% if logged_in? %>
3	<% if profile.members.include?(user) %>	3	<% if profile.members.include?(user) %>
4	<%= button(:delete, content_tag('span', _('Leave community')), profile.leave_url,	4	<%= button(:delete, content_tag('span', _('Leave community')), profile.leave_url,
	@@ -28,6 +28,8 @@		@@ -28,6 +28,8 @@
28		28
29	<%= control_panel_button(_('Manage Content'), 'cms', :controller => 'cms') %>	29	<%= control_panel_button(_('Manage Content'), 'cms', :controller => 'cms') %>
30		30
		31	+ <%= control_panel_button(_('Manage Roles'), 'roles', :controller => 'profile_roles') %>
		32	+
31	<% unless profile.enterprise? %>	33	<% unless profile.enterprise? %>
32	<%= case profile.blogs.count	34	<%= case profile.blogs.count
33	when 0	35	when 0
@@ -0,0 +1,22 @@		@@ -0,0 +1,22 @@
	1	+<%= error_messages_for :role %>
	2	+
	3	+<%= labelled_form_for :role, :url => (mode == :edit) ? {:action => 'update', :id => role} : {:action => 'create'} do \|f\| %>
	4	+
	5	+ <%= required_fields_message %>
	6	+
	7	+ <%= required f.text_field(:name) %>
	8	+
	9	+ <% permissions.each do \|key\| %>
	10	+ <div class="permissions <%= key.downcase %>">
	11	+ <h4><%= _('%s Permissions:' % key) %></h4>
	12	+ <% ActiveRecord::Base::PERMISSIONS[key].keys.each do \|p\| %>
	13	+ <%= check_box_tag("role[permissions][]", p, role.has_permission?(p), { :id => p }) %>
	14	+ <%= content_tag(:label, permission_name(p), { :for => p }) %><br/>
	15	+ <% end %>
	16	+ </div>
	17	+ <% end %>
	18	+
	19	+ <% button_bar do %>
	20	+ <%= submit_button('save', (mode == :edit) ? _('Save changes') : _('Create role'), :cancel => {:action => 'index'} ) %>
	21	+ <% end %>
	22	+<% end %>