Merge branch 'master' into production

Conflicts: app/views/content_viewer/_article_toolbar.html.erb

Merge branch 'master' into production
Conflicts: app/views/content_viewer/_article_toolbar.html.erb
Victor Costa
2 parents f36214f4 82270a3f
Showing 28 changed files with 265 additions and 64 deletions Show diff stats
app/controllers/my_profile/cms_controller.rb
app/controllers/public/content_viewer_controller.rb
app/controllers/public_controller.rb
app/helpers/tinymce_helper.rb
app/mailers/task_mailer.rb
app/models/article.rb
app/models/environment.rb
app/views/cms/_forum.html.erb
app/views/content_viewer/_article_toolbar.html.erb
db/migrate/20150319114233_change_default_content_privacy.rb
db/schema.rb
db/seeds.rb
features/article_versioning.feature
features/edit_article.feature
features/secret_community.feature
lib/tasks/enable_plugins.rake
plugins/foo/db/seeds.rb
public/designs/icons/tango/style.css
public/javascripts/application.js
test/functional/contact_controller_test.rb
@@ -136,6 +136,7 @@ class CmsController &lt; MyProfileController
     klass = @type.constantize
     article_data = environment.enabled?('articles_dont_accept_comments_by_default') ? { :accept_comments => false } : {}
     article_data.merge!(params[:article]) if params[:article]
+    article_data.merge!(:profile => profile) if profile
     @article = klass.new(article_data)
  
     parent = check_parent(params[:parent_id])
@@ -213,7 +214,7 @@ class CmsController &lt; MyProfileController
       if @errors.any?
         render :action => 'upload_files', :parent_id => @parent_id
       else
-        session[:notice] = _('File(s) successfully uploaded') 
+        session[:notice] = _('File(s) successfully uploaded')
         if @back_to
           redirect_to @back_to
         elsif @parent
@@ -17,7 +17,7 @@ class ContentViewerController &lt; ApplicationController
     @version = params[:version].to_i
  
     if path.blank?
-      @page = profile.home_page 
+      @page = profile.home_page
       return if redirected_to_profile_index
     else
       @page = profile.articles.find_by_path(path)
@@ -125,21 +125,23 @@ class ContentViewerController &lt; ApplicationController
   helper_method :pass_without_comment_captcha?
  
   def allow_access_to_page(path)
-    allowed = true
     if @page.nil? # page not found, give error
       render_not_found(path)
-      allowed = false
-    elsif !@page.display_to?(user)
-      if !profile.public?
+      return false
+    end
+
+    unless @page.display_to?(user)
+      if !profile.visible? || profile.secret? || (user && user.follows?(profile))
+        render_access_denied
+      else #!profile.public?
         private_profile_partial_parameters
         render :template => 'profile/_private_profile', :status => 403, :formats => [:html]
-        allowed = false
-      else #if !profile.visible?
-        render_access_denied
-        allowed = false
       end
+
+      return false
     end
-    allowed
+
+    return true
   end
  
   def user_is_a_bot?
@@ -184,7 +186,7 @@ class ContentViewerController &lt; ApplicationController
     if @page.forum? && @page.has_terms_of_use && terms_accepted == "true"
       @page.add_agreed_user(user)
     end
-  end 
+  end
  
   def is_a_forum_topic? (page)
     return (!@page.parent.nil? && @page.parent.forum?)
@@ -3,7 +3,7 @@ class PublicController &lt; ApplicationController
  
   def allow_access_to_page
     unless profile.display_info_to?(user)
-      if profile.visible?
+      if profile.visible? && !profile.secret
         private_profile
       else
         invisible_profile
@@ -20,7 +20,7 @@ module TinymceHelper
       :image_advtab => true,
       :language => tinymce_language
  
-    options[:toolbar1] = "insertfile undo redo | copy paste | bold italic underline | styleselect fontsizeselect | forecolor backcolor | alignleft aligncenter alignright alignjustify | bullist numlist outdent indent | link image"
+    options[:toolbar1] = "fullscreen | insertfile undo redo | copy paste | bold italic underline | styleselect fontsizeselect | forecolor backcolor | alignleft aligncenter alignright alignjustify | bullist numlist outdent indent | link image"
     if options[:mode] == 'simple'
       options[:menubar] = false
     else
@@ -5,7 +5,7 @@ class TaskMailer &lt; ActionMailer::Base
     @target = task.target.name
     @environment = task.environment.name
     @url = generate_environment_url(task, :controller => 'home')
-    url_for_tasks_list = task.target.kind_of?(Environment) ? '' : url_for(task.target.tasks_url)
+    url_for_tasks_list = task.target.kind_of?(Environment) ? '' : url_for(task.target.tasks_url.merge(:script_name => Noosfero.root('/')))
     @tasks_url = url_for_tasks_list
  
     mail(
@@ -56,7 +56,7 @@ class TaskMailer &lt; ActionMailer::Base
   end
  
   def generate_environment_url(task, url = {})
-    url_for(Noosfero.url_options.merge(:host => task.environment.default_hostname).merge(url))
+    url_for(Noosfero.url_options.merge(:host => task.environment.default_hostname).merge(url).merge(:script_name => Noosfero.root('/')))
   end
  
 end
@@ -25,6 +25,16 @@ class Article &lt; ActiveRecord::Base
     :display => %w[full]
   }
  
+  def initialize(*params)
+    super
+
+    if !params.blank? && params.first.has_key?(:profile)
+      profile = params.first[:profile]
+      self.published = false unless profile.public?
+    end
+
+  end
+
   def self.default_search_display
     'full'
   end
@@ -501,11 +511,11 @@ class Article &lt; ActiveRecord::Base
     return [] if user.nil? || (profile && !profile.public? && !user.follows?(profile))
     where(
       [
-       "published = ? OR last_changed_by_id = ? OR profile_id = ? OR ? 
-        OR  (show_to_followers = ? AND ?)", true, user.id, user.id, 
+       "published = ? OR last_changed_by_id = ? OR profile_id = ? OR ?
+        OR  (show_to_followers = ? AND ? AND profile_id = ?)", true, user.id, user.id,
         profile.nil? ?  false : user.has_permission?(:view_private_content, profile),
-        true, user.follows?(profile)
-      ] 
+        true, user.follows?(profile), (profile.nil? ? nil : profile.id)
+      ]
     )
   }
  
@@ -519,7 +529,7 @@ class Article &lt; ActiveRecord::Base
  
   def display_to?(user = nil)
     if published?
-      profile.display_info_to?(user)
+      (profile.secret? || !profile.visible?) ? profile.display_info_to?(user) : true
     else
       if !user
         false
@@ -339,6 +339,16 @@ class Environment &lt; ActiveRecord::Base
     self.save!
   end
  
+  def enable_all_plugins
+    Noosfero::Plugin.available_plugin_names.each do |plugin|
+      plugin_name = plugin.to_s + "Plugin"
+      unless self.enabled_plugins.include?(plugin_name)
+        self.enabled_plugins += [plugin_name]
+      end
+    end
+    self.save!
+  end
+
   # Disables a feature identified by its name
   def disable(feature, must_save=true)
     self.settings["#{feature}_enabled".to_sym] = false
@@ -2,6 +2,8 @@
  
 <h1><%= _('My Forum') %></h1>
  
+<%= required_fields_message %>
+
 <%= render :file => 'shared/tiny_mce' %>
  
 <%= required f.text_field(:name, :size => '64', :maxlength => 150, :onchange => "updateUrlField(this, 'article_slug')") %>
 <div<%= user && " class='logged-in'" %>>
   <div id="article-actions">
+
     <%= fullscreen_buttons('#article') %>
+
     <% if @page.allow_edit?(user) && !remove_content_button(:edit, @page) %>
       <% content = content_tag('span', label_for_edit_article(@page)) %>
       <% url = profile.admin_url.merge({ :controller => 'cms', :action => 'edit', :id => @page.id }) %>
       <%= expirable_button @page, :edit, content, url %>
     <% end %>
-    
+
     <% if @page != profile.home_page && !@page.has_posts?  && @page.allow_delete?(user) && !remove_content_button(:delete, @page)%>
       <% content = content_tag( 'span', _('Delete') ) %>
       <% url = profile.admin_url.merge({ :controller => 'cms', :action => 'destroy', :id => @page.id}) %>
@@ -50,6 +52,7 @@
     <% end %>
  
     <%= report_abuse(profile, :link, @page) %>
+
   </div>
   <div id="article-header">
     <% if @page.blog? and !@page.image.nil? %>
@@ -0,0 +1,19 @@
+class ChangeDefaultContentPrivacy < ActiveRecord::Migration
+  def up
+    update_sql('UPDATE articles SET published = (1>2), show_to_followers = (1=1)
+      FROM profiles WHERE articles.profile_id = profiles.id AND
+      NOT profiles.public_profile AND articles.published = (1=1)')
+
+    Block.select('blocks.*').joins("INNER JOIN boxes ON blocks.box_id = boxes.id
+      INNER JOIN profiles ON boxes.owner_id = profiles.id AND boxes.owner_type = 'Profile'").
+      where("NOT profiles.public_profile AND blocks.type != 'MainBlock'").find_each do |block|
+      block.display_user = 'followers'
+      block.save
+    end
+    change_column :articles, :show_to_followers, :boolean, :default => true
+  end
+
+  def down
+    say "this migration can't be reverted"
+  end
+end
@@ -11,7 +11,7 @@
 #
 # It's strongly recommended to check this file into your version control system.
  
-ActiveRecord::Schema.define(:version => 20150408231524) do
+ActiveRecord::Schema.define(:version => 20150423144533) do
  
   create_table "abuse_reports", :force => true do |t|
     t.integer  "reporter_id"
@@ -150,7 +150,7 @@ ActiveRecord::Schema.define(:version =&gt; 20150408231524) do
     t.integer  "spam_comments_count",  :default => 0
     t.integer  "author_id"
     t.integer  "created_by_id"
-    t.boolean  "show_to_followers",    :default => false
+    t.boolean  "show_to_followers",    :default => true
   end
  
   add_index "articles", ["comments_count"], :name => "index_articles_on_comments_count"
@@ -0,0 +1,14 @@
+# This file should contain all the record creation needed to seed the database with its default values.
+# The data can then be loaded with the rake db:seed (or created alongside the db with db:setup).
+#
+# Examples:
+#
+#   cities = City.create([{ name: 'Chicago' }, { name: 'Copenhagen' }])
+#   Mayor.create(name: 'Emanuel', city: cities.first)
+
+ENV['RAILS_ENV'] ||= 'development'
+
+# This is for plugins that wants to use seeds.rb
+# Check for example on the Foo plugin
+plugin_seed_dirs = Dir.glob(Rails.root.join('{baseplugins,config/plugins}', '*', 'db', 'seeds.rb'))
+plugin_seed_dirs.each { |path| load path }
@@ -80,8 +80,8 @@ Feature: article versioning
  
   Scenario: deny access to specific version when disabled, private and not logged
     Given the article "Edited Article" is updated with
-      | display_versions | published |
-      | false            | false     |
+      | display_versions | published | show_to_followers |
+      | false            | false     | false             |
     And I am not logged in
     And I go to /joaosilva/edited-article?version=1
     Then I should see "Access denied"
@@ -41,6 +41,7 @@ Feature: edit article
     When I follow "Folder"
     And I fill in "Title" with "My Folder"
     And I choose "article_published_false"
+    And I uncheck "article_show_to_followers"
     And I press "Save"
     And I log off
     And I go to /freesoftware/my-folder
@@ -87,6 +88,7 @@ Feature: edit article
     When I follow "Folder"
     And I fill in "Title" with "My Folder"
     And I choose "article_published_false"
+    And I uncheck "article_show_to_followers"
     Then I should see "Fill in the search field to add the exception users to see this content"
  
   @selenium
@@ -33,7 +33,7 @@ Feature: Use a secret community
   Scenario: Non members shouldn't see secret communit's content
     Given I am logged in as "maria"
     And I go to mycommunity's homepage
-    And I should see "Access denied"
+    And I should see "Oops ... you cannot go ahead here"
     And I follow "Communities"
     Then I should not see "My Community"
  
@@ -0,0 +1,9 @@
+namespace :noosfero do
+  namespace :plugins do
+    task :enable_all => :environment do
+      Environment.all.each do |env|
+        puts "Plugins Activated on #{env.name}" if env.enable_all_plugins
+      end
+    end
+  end
+end
@@ -0,0 +1,9 @@
+# This file should contain all the record creation needed to seed the database with its default values.
+# The data can then be loaded with the rake db:seed (or created alongside the db with db:setup).
+#
+# Examples:
+#
+#   cities = City.create([{ name: 'Chicago' }, { name: 'Copenhagen' }])
+#   Mayor.create(name: 'Emanuel', city: cities.first)
+
+FooPlugin::Bar.create()
@@ -115,6 +115,7 @@
 .icon-set-admin-role          { background-image: url(mod/16x16/apps/user.png) }
 .icon-reset-admin-role        { background-image: url(../../../images/icons-app/person-icon.png) }
 .icon-clock                   { background-image: url(Tango/16x16/actions/appointment.png) }
+.icon-fullscreen              { background-image: url(Tango/16x16/actions/view-fullscreen.png) }
  
 /******************LARGE ICONS********************/
 .image-gallery-item .folder  { background-image: url(mod/96x96/places/folder.png) }
@@ -1217,3 +1217,35 @@ function add_new_file_fields() {
 }
  
 window.isHidden = function isHidden() { return (typeof(document.hidden) != 'undefined') ? document.hidden : !document.hasFocus() };
+
+function $_GET(id){
+    var a = new RegExp(id+"=([^&#=]*)");
+    return decodeURIComponent(a.exec(window.location.search)[1]);
+}
+
+var fullwidth=false;
+function toggle_fullwidth(itemId){
+  if(fullwidth){
+    jQuery(itemId).removeClass("fullwidth");
+    jQuery("#fullscreen-btn").show()
+    jQuery("#exit-fullscreen-btn").hide()
+    fullwidth = false;
+  }
+  else{
+    jQuery(itemId).addClass("fullwidth");
+    jQuery("#exit-fullscreen-btn").show()
+    jQuery("#fullscreen-btn").hide()
+    fullwidth = true;
+  }
+  jQuery(window).trigger("toggleFullwidth", fullwidth);
+}
+
+function fullscreenPageLoad(itemId){
+  jQuery(document).ready(function(){
+
+    if ($_GET('fullscreen') == 1){
+      toggle_fullwidth(itemId);
+    }
+  });
+}
+
@@ -131,7 +131,7 @@ class ContactControllerTest &lt; ActionController::TestCase
     post :new, :profile => community.identifier
  
     assert_response :forbidden
-    assert_template :private_profile
+    assert_template "profile/_private_profile"
   end
  
   should 'not show send e-mail page to non members of invisible community' do
@@ -257,22 +257,22 @@ class ContentViewerControllerTest &lt; ActionController::TestCase
   end
  
   should 'not give access to private articles if logged off' do
-    profile = Profile.create!(:name => 'test profile', :identifier => 'test_profile')
+    profile = Community.create!(:name => 'test profile', :identifier => 'test_profile')
     intranet = Folder.create!(:name => 'my_intranet', :profile => profile, :published => false)
  
     get :view_page, :profile => 'test_profile', :page => [ 'my-intranet' ]
  
-    assert_template 'access_denied'
+    assert_template "profile/_private_profile"
   end
  
   should 'not give access to private articles if logged in but not member' do
     login_as('testinguser')
-    profile = Profile.create!(:name => 'test profile', :identifier => 'test_profile')
+    profile = Community.create!(:name => 'test profile', :identifier => 'test_profile')
     intranet = Folder.create!(:name => 'my_intranet', :profile => profile, :published => false)
  
     get :view_page, :profile => 'test_profile', :page => [ 'my-intranet' ]
  
-    assert_template 'access_denied'
+    assert_template "profile/_private_profile"
   end
  
   should 'not give access to private articles if logged in and only member' do
@@ -1428,7 +1428,7 @@ class ContentViewerControllerTest &lt; ActionController::TestCase
  
     article = TinyMceArticle.create(:name => 'Article to be shared with images',
                                     :body => 'This article should be shared with all social networks',
-                                    :profile => @profile,
+                                    :profile => community,
                                     :published => false,
                                     :show_to_followers => true)
     article.parent = blog
@@ -60,7 +60,7 @@ class EventsControllerTest &lt; ActionController::TestCase
     post :events, :profile => community.identifier
  
     assert_response :forbidden
-    assert_template :private_profile
+    assert_template "profile/_private_profile"
   end
  
   should 'not show events page to non members of invisible community' do
@@ -85,7 +85,7 @@ class HttpCachingTest &lt; ActionController::IntegrationTest
  
   test 'private community content should not return cache headers' do
     community = create_private_community('the-community')
-    create(Article, profile_id: community.id, name: 'Test page')
+    create(Article, profile_id: community.id, name: 'Test page', published: false)
  
     get "/the-community/test-page"
     assert_response 403
@@ -139,4 +139,3 @@ class HttpCachingTest &lt; ActionController::IntegrationTest
   end
  
 end
-
@@ -1002,6 +1002,13 @@ class ApplicationHelperTest &lt; ActionView::TestCase
     assert_equal file, from_theme_include('atheme', 'afile')[:file] # exists? = true
   end
  
+  should 'enable fullscreen buttons' do
+    html = fullscreen_buttons("#article")
+    assert html.include?("<script>fullscreenPageLoad('#article')</script>")
+    assert html.include?("class=\"button with-text icon-fullscreen\"")
+    assert html.include?("onClick=\"toggle_fullwidth('#article')\"")
+  end
+
   protected
   include NoosferoTestHelper
  
@@ -484,7 +484,7 @@ class ArticleTest &lt; ActiveSupport::TestCase
  
   should 'say that member user can not see private article' do
     profile = fast_create(Profile, :name => 'test profile', :identifier => 'test_profile')
-    article = fast_create(Article, :name => 'test article', :profile_id => profile.id, :published => false)
+    article = fast_create(Article, :name => 'test article', :profile_id => profile.id, :published => false, :show_to_followers => false)
     person = create_user('test_user').person
     profile.affiliate(person, Profile::Roles.member(profile.environment.id))
  
@@ -509,15 +509,15 @@ class ArticleTest &lt; ActiveSupport::TestCase
     assert article.display_to?(person)
   end
  
-  should 'not show article to non member if article public but profile private' do
+  should 'show article to non member if article public but profile private' do
     profile = fast_create(Profile, :name => 'test profile', :identifier => 'test_profile', :public_profile => false)
     article = fast_create(Article, :name => 'test article', :profile_id => profile.id, :published => true)
     person1 = create_user('test_user1').person
     profile.affiliate(person1, Profile::Roles.member(profile.environment.id))
     person2 = create_user('test_user2').person
  
-    assert !article.display_to?(nil)
-    assert !article.display_to?(person2)
+    assert article.display_to?(nil)
+    assert article.display_to?(person2)
     assert article.display_to?(person1)
   end
  
@@ -543,7 +543,7 @@ class ArticleTest &lt; ActiveSupport::TestCase
  
   should 'not allow friends of private person see the article' do
     person = create_user('test_user').person
-    article = create(Article, :name => 'test article', :profile => person, :published => false)
+    article = create(Article, :name => 'test article', :profile => person, :published => false, :show_to_followers => false)
     friend = create_user('test_friend').person
     person.add_friend(friend)
     person.save!
@@ -1686,7 +1686,7 @@ class ArticleTest &lt; ActiveSupport::TestCase
     a.allow_members_to_edit = true
     assert !a.allow_edit?(nil)
   end
- 
+
   should 'allow author to edit topic' do
     community = fast_create(Community)
     admin = fast_create(Person)
@@ -1905,7 +1905,7 @@ class ArticleTest &lt; ActiveSupport::TestCase
   end
  
   should 'display_filter display only public articles if there is no user' do
-    p = fast_create(Person) 
+    p = fast_create(Person)
     Article.delete_all
     a = fast_create(Article, :published => true, :profile_id => p.id)
     fast_create(Article, :published => false, :profile_id => p.id)
@@ -1915,7 +1915,7 @@ class ArticleTest &lt; ActiveSupport::TestCase
  
   should 'display_filter display public articles for users' do
     user = create_user('someuser').person
-    p = fast_create(Person) 
+    p = fast_create(Person)
     user.stubs(:has_permission?).with(:view_private_content, p).returns(false)
     Article.delete_all
     a = fast_create(Article, :published => true, :profile_id => p.id)
@@ -1926,7 +1926,7 @@ class ArticleTest &lt; ActiveSupport::TestCase
  
   should 'display_filter display private article last changed by user' do
     user = create_user('someuser').person
-    p = fast_create(Person) 
+    p = fast_create(Person)
     user.stubs(:has_permission?).with(:view_private_content, p).returns(false)
     Article.delete_all
     a = fast_create(Article, :published => false, :last_changed_by_id => user.id, :profile_id => p.id)
@@ -1938,7 +1938,7 @@ class ArticleTest &lt; ActiveSupport::TestCase
   should 'display_filter display user private article of his own profile' do
     user = create_user('someuser').person
     user.stubs(:has_permission?).with(:view_private_content, user).returns(false)
-    p = fast_create(Person) 
+    p = fast_create(Person)
     Article.delete_all
     a = fast_create(Article, :published => false, :profile_id => user.id)
     fast_create(Article, :published => false, :profile_id => p.id)
@@ -1948,7 +1948,7 @@ class ArticleTest &lt; ActiveSupport::TestCase
  
   should 'display_filter show profile private content if the user has view_private_content permission' do
     user = create_user('someuser').person
-    p = fast_create(Person) 
+    p = fast_create(Person)
     Article.delete_all
     user.stubs(:has_permission?).with(:view_private_content, p).returns(false)
     a = fast_create(Article, :published => false, :profile_id => p.id)
@@ -1965,8 +1965,8 @@ class ArticleTest &lt; ActiveSupport::TestCase
     user.stubs(:has_permission?).with(:view_private_content, p).returns(false)
     Article.delete_all
     a = fast_create(Article, :published => false, :show_to_followers => true, :profile_id => p.id)
-    fast_create(Article, :published => false, :profile_id => p.id)
-    fast_create(Article, :published => false, :profile_id => p.id)
+    fast_create(Article, :published => false, :show_to_followers => false, :profile_id => p.id)
+    fast_create(Article, :published => false, :show_to_followers => false, :profile_id => p.id)
     assert_equal [a], Article.display_filter(user, p)
   end
  
@@ -1977,8 +1977,8 @@ class ArticleTest &lt; ActiveSupport::TestCase
     user.stubs(:has_permission?).with(:view_private_content, p).returns(false)
     Article.delete_all
     a = fast_create(Article, :published => false, :show_to_followers => true, :profile_id => p.id)
-    fast_create(Article, :published => false, :profile_id => p.id)
-    fast_create(Article, :published => false, :profile_id => p.id)
+    fast_create(Article, :published => false, :show_to_followers => false, :profile_id => p.id)
+    fast_create(Article, :published => false, :show_to_followers => false, :profile_id => p.id)
     assert_equal [a], Article.display_filter(user, p)
   end
  
@@ -2040,6 +2040,17 @@ class ArticleTest &lt; ActiveSupport::TestCase
     assert_equal [], Article.display_filter(user, nil)
   end
  
+  should 'display_filter show person public content to non friends passing nil as profile parameter' do
+    user = create_user('someuser').person
+    p = fast_create(Person)
+    assert !p.is_a_friend?(user)
+    assert !user.is_admin?
+    Article.delete_all
+    a1 = fast_create(Article, :profile_id => p.id)
+    a2 = fast_create(Article)
+    assert_equivalent [a1,a2], Article.display_filter(user, nil)
+  end
+
   should 'display_filter do not show community private content to non members passing nil as profile parameter' do
     user = create_user('someuser').person
     p = fast_create(Community)
@@ -2049,6 +2060,16 @@ class ArticleTest &lt; ActiveSupport::TestCase
     assert_equal [], Article.display_filter(user, nil)
   end
  
+  should 'display_filter show community public content to non members passing nil as profile parameter' do
+    user = create_user('someuser').person
+    p = fast_create(Community)
+    assert !user.is_member_of?(p)
+    Article.delete_all
+    a1 = fast_create(Article, :profile_id => p.id)
+    a2 = fast_create(Article)
+    assert_equivalent [a1,a2], Article.display_filter(user, nil)
+  end
+
   should 'display_filter show community public content of private community for user members' do
     user = create_user('someuser').person
     p = fast_create(Community, :public_profile => false)
@@ -2057,8 +2078,8 @@ class ArticleTest &lt; ActiveSupport::TestCase
     user.stubs(:has_permission?).with(:view_private_content, p).returns(false)
     Article.delete_all
     a = fast_create(Article, :published => true, :profile_id => p.id)
-    fast_create(Article, :published => false, :profile_id => p.id)
-    fast_create(Article, :published => false, :profile_id => p.id)
+    fast_create(Article, :published => false, :show_to_followers => false, :profile_id => p.id)
+    fast_create(Article, :published => false, :show_to_followers => false, :profile_id => p.id)
     assert_equal [a], Article.display_filter(user, p)
   end
  
@@ -2088,7 +2109,7 @@ class ArticleTest &lt; ActiveSupport::TestCase
     a1 = fast_create(Article, :published => true, :profile_id => user.id)
     a2 = fast_create(Article, :published => true, :profile_id => p.id)
     fast_create(Article, :published => false, :profile_id => p.id)
-    assert_equivalent [a1,a2], Article.display_filter(user, nil)
+    assert_equivalent [a1,a2], Article.display_filter(nil, user)
   end
  
   should 'display_filter show person public content of private person profile for user friends' do
@@ -2099,8 +2120,8 @@ class ArticleTest &lt; ActiveSupport::TestCase
     user.stubs(:has_permission?).with(:view_private_content, p).returns(false)
     Article.delete_all
     a = fast_create(Article, :published => true, :profile_id => p.id)
-    fast_create(Article, :published => false, :profile_id => p.id)
-    fast_create(Article, :published => false, :profile_id => p.id)
+    fast_create(Article, :published => false, :show_to_followers => false, :profile_id => p.id)
+    fast_create(Article, :published => false, :show_to_followers => false, :profile_id => p.id)
     assert_equal [a], Article.display_filter(user, p)
   end
  
@@ -2130,7 +2151,7 @@ class ArticleTest &lt; ActiveSupport::TestCase
     a1 = fast_create(Article, :published => true, :profile_id => user.id)
     a2 = fast_create(Article, :published => true, :profile_id => p.id)
     fast_create(Article, :published => false, :profile_id => p.id)
-    assert_equivalent [a1,a2], Article.display_filter(user, nil)
+    assert_equivalent [a1,a2], Article.display_filter(nil, user)
   end
  
   should 'update hit attribute of article array' do
@@ -524,7 +524,7 @@ class EnvironmentTest &lt; ActiveSupport::TestCase
     p1= fast_create(Person, :is_template => true, :environment_id => e.id)
     p2 = fast_create(Person, :environment_id => e.id)
     p3 = fast_create(Person, :is_template => true, :environment_id => e.id)
-    assert_equivalent [p1,p3], e.person_templates    
+    assert_equivalent [p1,p3], e.person_templates
   end
  
   should 'person_templates return an empty array if there is no templates of person' do
@@ -532,7 +532,7 @@ class EnvironmentTest &lt; ActiveSupport::TestCase
  
     fast_create(Person, :environment_id => e.id)
     fast_create(Person, :environment_id => e.id)
-    assert_equivalent [], e.person_templates    
+    assert_equivalent [], e.person_templates
   end
  
   should 'person_default_template return the template defined as default' do
@@ -585,7 +585,7 @@ class EnvironmentTest &lt; ActiveSupport::TestCase
     c1= fast_create(Community, :is_template => true, :environment_id => e.id)
     c2 = fast_create(Community, :environment_id => e.id)
     c3 = fast_create(Community, :is_template => true, :environment_id => e.id)
-    assert_equivalent [c1,c3], e.community_templates    
+    assert_equivalent [c1,c3], e.community_templates
   end
  
   should 'community_templates return an empty array if there is no templates of community' do
@@ -646,7 +646,7 @@ class EnvironmentTest &lt; ActiveSupport::TestCase
     e1= fast_create(Enterprise, :is_template => true, :environment_id => env.id)
     e2 = fast_create(Enterprise, :environment_id => env.id)
     e3 = fast_create(Enterprise, :is_template => true, :environment_id => env.id)
-    assert_equivalent [e1,e3], env.enterprise_templates    
+    assert_equivalent [e1,e3], env.enterprise_templates
   end
  
   should 'enterprise_templates return an empty array if there is no templates of enterprise' do
@@ -654,7 +654,7 @@ class EnvironmentTest &lt; ActiveSupport::TestCase
  
     fast_create(Enterprise, :environment_id => env.id)
     fast_create(Enterprise, :environment_id => env.id)
-    assert_equivalent [], env.enterprise_templates    
+    assert_equivalent [], env.enterprise_templates
   end
  
   should 'enterprise_default_template return the template defined as default' do
@@ -1428,6 +1428,36 @@ class EnvironmentTest &lt; ActiveSupport::TestCase
     assert !environment.plugin_enabled?(Plugin)
   end
  
+  should 'activate on database all available plugins' do
+    plugins_enable = ["Statistics", "Foo", "PeopleBlock"]
+    Noosfero::Plugins.stubs(:available_plugin_names).returns(plugins_enable)
+    env1 = Environment.create(:name => "Test")
+    env2 = Environment.create(:name => "Test 2")
+
+    env1.enable_all_plugins
+    env2.enable_all_plugins
+
+    plugins = ["PeopleBlockPlugin", "StatisticsPlugin", "FooPlugin"]
+    plugins.each do |plugin|
+      assert env1.enabled_plugins.include?(plugin)
+      assert env2.enabled_plugins.include?(plugin)
+    end
+  end
+
+  should 'dont activate plugins that are not available' do
+    env1 = Environment.create(:name => "Test")
+    env2 = Environment.create(:name => "Test 2")
+
+    env1.enable_all_plugins
+    env2.enable_all_plugins
+
+    plugins = ["SomePlugin", "OtherPlugin", "ThirdPlugin"]
+    plugins.each do |plugin|
+      assert_equal false, env1.enabled_plugins.include?(plugin)
+      assert_equal false, env2.enabled_plugins.include?(plugin)
+    end
+  end
+
   should 'have production costs' do
     assert_respond_to Environment.default, :production_costs
   end
@@ -68,7 +68,7 @@ class FolderHelperTest &lt; ActionView::TestCase
     profile.public_profile = false
     profile.save!
     profile2 = create_user('Folder Viwer').person
-    folder = fast_create(Folder, :profile_id => profile.id)
+    folder = fast_create(Folder, :profile_id => profile.id, :published => false)
     article = fast_create(Article, {:parent_id => folder.id, :profile_id => profile.id})
  
     result = available_articles(folder.children, profile2)
@@ -119,7 +119,7 @@ class TaskMailerTest &lt; ActiveSupport::TestCase
     assert_match(/#{task.target_notification_description}/, mail.subject)
  
     assert_equal "Hello friend name, my name invite you, please follow this link: http://example.com/account/signup?invitation_code=123456", mail.body.to_s
-    
+
     mail.deliver
     assert !ActionMailer::Base.deliveries.empty?
   end
@@ -135,6 +135,36 @@ class TaskMailerTest &lt; ActiveSupport::TestCase
     assert_equal 'My name <email@example.com>', TaskMailer.generate_from(task)
   end
  
+  should 'return the email with the subdirectory defined' do
+    Noosfero.stubs(:root).returns('/subdir')
+
+    task = InviteFriend.new
+    task.expects(:code).returns('123456')
+
+    task.stubs(:message).returns('Hello <friend>, <user> invite you, please follow this link: <url>')
+    task.expects(:friend_email).returns('friend@exemple.com')
+    task.expects(:friend_name).returns('friend name').at_least_once
+
+    requestor = mock()
+    requestor.stubs(:name).returns('my name')
+    requestor.stubs(:public_profile_url).returns('requestor_path')
+
+    environment = mock()
+    environment.expects(:noreply_email).returns('sender@example.com')
+    environment.expects(:default_hostname).returns('example.com')
+    environment.expects(:name).returns('example').at_least_once
+
+    task.expects(:requestor).returns(requestor).at_least_once
+    task.expects(:person).returns(requestor).at_least_once
+    requestor.expects(:environment).returns(environment).at_least_once
+    task.expects(:environment).returns(environment).at_least_once
+
+    mail = TaskMailer.invitation_notification(task)
+
+    url_to_compare = "/subdir/account/signup"
+
+    assert_match(/#{url_to_compare}/, mail.body.to_s)
+  end
  
   private
     def read_fixture(action)
...	...	@@ -136,6 +136,7 @@ class CmsController < MyProfileController
136	136	klass = @type.constantize
137	137	article_data = environment.enabled?('articles_dont_accept_comments_by_default') ? { :accept_comments => false } : {}
138	138	article_data.merge!(params[:article]) if params[:article]
	139	+ article_data.merge!(:profile => profile) if profile
139	140	@article = klass.new(article_data)
140	141
141	142	parent = check_parent(params[:parent_id])
...	...	@@ -213,7 +214,7 @@ class CmsController < MyProfileController
213	214	if @errors.any?
214	215	render :action => 'upload_files', :parent_id => @parent_id
215	216	else
216		- session[:notice] = _('File(s) successfully uploaded')
	217	+ session[:notice] = _('File(s) successfully uploaded')
217	218	if @back_to
218	219	redirect_to @back_to
219	220	elsif @parent
...	...
...	...	@@ -17,7 +17,7 @@ class ContentViewerController < ApplicationController
17	17	@version = params[:version].to_i
18	18
19	19	if path.blank?
20		- @page = profile.home_page
	20	+ @page = profile.home_page
21	21	return if redirected_to_profile_index
22	22	else
23	23	@page = profile.articles.find_by_path(path)
...	...	@@ -125,21 +125,23 @@ class ContentViewerController < ApplicationController
125	125	helper_method :pass_without_comment_captcha?
126	126
127	127	def allow_access_to_page(path)
128		- allowed = true
129	128	if @page.nil? # page not found, give error
130	129	render_not_found(path)
131		- allowed = false
132		- elsif !@page.display_to?(user)
133		- if !profile.public?
	130	+ return false
	131	+ end
	132	+
	133	+ unless @page.display_to?(user)
	134	+ if !profile.visible? \|\| profile.secret? \|\| (user && user.follows?(profile))
	135	+ render_access_denied
	136	+ else #!profile.public?
134	137	private_profile_partial_parameters
135	138	render :template => 'profile/_private_profile', :status => 403, :formats => [:html]
136		- allowed = false
137		- else #if !profile.visible?
138		- render_access_denied
139		- allowed = false
140	139	end
	140	+
	141	+ return false
141	142	end
142		- allowed
	143	+
	144	+ return true
143	145	end
144	146
145	147	def user_is_a_bot?
...	...	@@ -184,7 +186,7 @@ class ContentViewerController < ApplicationController
184	186	if @page.forum? && @page.has_terms_of_use && terms_accepted == "true"
185	187	@page.add_agreed_user(user)
186	188	end
187		- end
	189	+ end
188	190
189	191	def is_a_forum_topic? (page)
190	192	return (!@page.parent.nil? && @page.parent.forum?)
...	...
...	...	@@ -3,7 +3,7 @@ class PublicController < ApplicationController
3	3
4	4	def allow_access_to_page
5	5	unless profile.display_info_to?(user)
6		- if profile.visible?
	6	+ if profile.visible? && !profile.secret
7	7	private_profile
8	8	else
9	9	invisible_profile
...	...
...	...	@@ -20,7 +20,7 @@ module TinymceHelper
20	20	:image_advtab => true,
21	21	:language => tinymce_language
22	22
23		- options[:toolbar1] = "insertfile undo redo \| copy paste \| bold italic underline \| styleselect fontsizeselect \| forecolor backcolor \| alignleft aligncenter alignright alignjustify \| bullist numlist outdent indent \| link image"
	23	+ options[:toolbar1] = "fullscreen \| insertfile undo redo \| copy paste \| bold italic underline \| styleselect fontsizeselect \| forecolor backcolor \| alignleft aligncenter alignright alignjustify \| bullist numlist outdent indent \| link image"
24	24	if options[:mode] == 'simple'
25	25	options[:menubar] = false
26	26	else
...	...
...	...	@@ -5,7 +5,7 @@ class TaskMailer < ActionMailer::Base
5	5	@target = task.target.name
6	6	@environment = task.environment.name
7	7	@url = generate_environment_url(task, :controller => 'home')
8		- url_for_tasks_list = task.target.kind_of?(Environment) ? '' : url_for(task.target.tasks_url)
	8	+ url_for_tasks_list = task.target.kind_of?(Environment) ? '' : url_for(task.target.tasks_url.merge(:script_name => Noosfero.root('/')))
9	9	@tasks_url = url_for_tasks_list
10	10
11	11	mail(
...	...	@@ -56,7 +56,7 @@ class TaskMailer < ActionMailer::Base
56	56	end
57	57
58	58	def generate_environment_url(task, url = {})
59		- url_for(Noosfero.url_options.merge(:host => task.environment.default_hostname).merge(url))
	59	+ url_for(Noosfero.url_options.merge(:host => task.environment.default_hostname).merge(url).merge(:script_name => Noosfero.root('/')))
60	60	end
61	61
62	62	end
...	...
...	...	@@ -25,6 +25,16 @@ class Article < ActiveRecord::Base
25	25	:display => %w[full]
26	26	}
27	27
	28	+ def initialize(*params)
	29	+ super
	30	+
	31	+ if !params.blank? && params.first.has_key?(:profile)
	32	+ profile = params.first[:profile]
	33	+ self.published = false unless profile.public?
	34	+ end
	35	+
	36	+ end
	37	+
28	38	def self.default_search_display
29	39	'full'
30	40	end
...	...	@@ -501,11 +511,11 @@ class Article < ActiveRecord::Base
501	511	return [] if user.nil? \|\| (profile && !profile.public? && !user.follows?(profile))
502	512	where(
503	513	[
504		- "published = ? OR last_changed_by_id = ? OR profile_id = ? OR ?
505		- OR (show_to_followers = ? AND ?)", true, user.id, user.id,
	514	+ "published = ? OR last_changed_by_id = ? OR profile_id = ? OR ?
	515	+ OR (show_to_followers = ? AND ? AND profile_id = ?)", true, user.id, user.id,
506	516	profile.nil? ? false : user.has_permission?(:view_private_content, profile),
507		- true, user.follows?(profile)
508		- ]
	517	+ true, user.follows?(profile), (profile.nil? ? nil : profile.id)
	518	+ ]
509	519	)
510	520	}
511	521
...	...	@@ -519,7 +529,7 @@ class Article < ActiveRecord::Base
519	529
520	530	def display_to?(user = nil)
521	531	if published?
522		- profile.display_info_to?(user)
	532	+ (profile.secret? \|\| !profile.visible?) ? profile.display_info_to?(user) : true
523	533	else
524	534	if !user
525	535	false
...	...
...	...	@@ -339,6 +339,16 @@ class Environment < ActiveRecord::Base
339	339	self.save!
340	340	end
341	341
	342	+ def enable_all_plugins
	343	+ Noosfero::Plugin.available_plugin_names.each do \|plugin\|
	344	+ plugin_name = plugin.to_s + "Plugin"
	345	+ unless self.enabled_plugins.include?(plugin_name)
	346	+ self.enabled_plugins += [plugin_name]
	347	+ end
	348	+ end
	349	+ self.save!
	350	+ end
	351	+
342	352	# Disables a feature identified by its name
343	353	def disable(feature, must_save=true)
344	354	self.settings["#{feature}_enabled".to_sym] = false
...	...
...	...	@@ -2,6 +2,8 @@
2	2
3	3	<h1><%= _('My Forum') %></h1>
4	4
	5	+<%= required_fields_message %>
	6	+
5	7	<%= render :file => 'shared/tiny_mce' %>
6	8
7	9	<%= required f.text_field(:name, :size => '64', :maxlength => 150, :onchange => "updateUrlField(this, 'article_slug')") %>
...	...
1	1	<div<%= user && " class='logged-in'" %>>
2	2	<div id="article-actions">
	3	+
3	4	<%= fullscreen_buttons('#article') %>
	5	+
4	6	<% if @page.allow_edit?(user) && !remove_content_button(:edit, @page) %>
5	7	<% content = content_tag('span', label_for_edit_article(@page)) %>
6	8	<% url = profile.admin_url.merge({ :controller => 'cms', :action => 'edit', :id => @page.id }) %>
7	9	<%= expirable_button @page, :edit, content, url %>
8	10	<% end %>
9		-
	11	+
10	12	<% if @page != profile.home_page && !@page.has_posts? && @page.allow_delete?(user) && !remove_content_button(:delete, @page)%>
11	13	<% content = content_tag( 'span', _('Delete') ) %>
12	14	<% url = profile.admin_url.merge({ :controller => 'cms', :action => 'destroy', :id => @page.id}) %>
...	...	@@ -50,6 +52,7 @@
50	52	<% end %>
51	53
52	54	<%= report_abuse(profile, :link, @page) %>
	55	+
53	56	</div>
54	57	<div id="article-header">
55	58	<% if @page.blog? and !@page.image.nil? %>
...	...
...	...	@@ -0,0 +1,19 @@
	1	+class ChangeDefaultContentPrivacy < ActiveRecord::Migration
	2	+ def up
	3	+ update_sql('UPDATE articles SET published = (1>2), show_to_followers = (1=1)
	4	+ FROM profiles WHERE articles.profile_id = profiles.id AND
	5	+ NOT profiles.public_profile AND articles.published = (1=1)')
	6	+
	7	+ Block.select('blocks.*').joins("INNER JOIN boxes ON blocks.box_id = boxes.id
	8	+ INNER JOIN profiles ON boxes.owner_id = profiles.id AND boxes.owner_type = 'Profile'").
	9	+ where("NOT profiles.public_profile AND blocks.type != 'MainBlock'").find_each do \|block\|
	10	+ block.display_user = 'followers'
	11	+ block.save
	12	+ end
	13	+ change_column :articles, :show_to_followers, :boolean, :default => true
	14	+ end
	15	+
	16	+ def down
	17	+ say "this migration can't be reverted"
	18	+ end
	19	+end
...	...