Merge branch 'master' into staging

Rodrigo Souto
2 parents 1fe6b276 4b00dad4
Showing 136 changed files with 1279 additions and 399 deletions Show diff stats
.travis.yml
RELEASING.md
app/controllers/box_organizer_controller.rb
app/controllers/my_profile/cms_controller.rb
app/controllers/my_profile/profile_members_controller.rb
app/controllers/public/account_controller.rb
app/controllers/public/content_viewer_controller.rb
app/controllers/public/profile_controller.rb
app/helpers/application_helper.rb
app/helpers/article_helper.rb
app/helpers/block_helper.rb
app/helpers/boxes_helper.rb
app/helpers/forms_helper.rb
app/mailers/mailing.rb
app/mailers/organization_mailing.rb
app/models/article.rb
app/models/block.rb
app/models/comment.rb
app/models/disabled_enterprise_message_block.rb
app/models/environment.rb
@@ -37,7 +37,7 @@ before_install:
 cache: bundler
 before_script:
-  - mkdir -p tmp/{pids,cache} log
+  - mkdir -p tmp/{pids,cache} log cache
   - script/noosfero-plugins disableall
   #- bundle exec rake makemo &>/dev/null
 # database
@@ -3,37 +3,30 @@ Noosfero release tasks
 This file documents release-related activities.
-Working with translations
--------------------------
-
-* Update translation files: `rake updatepo`. Then `git commit` them.
-* Send the PO files to the translators.
-* Get the PO files back from translators, put in `po/` under the correct language name (e.,g. `po/pt_BR/`) and `git commit`.
-* test translations: `rake makemo` and browse the application on the web.
-
 Releasing noosfero
 ------------------
-Considering you are on a Debian GNU/Linux or Debian-based system
+Considering you are on a Debian GNU/Linux or Debian-based system, the following
+packages are required during the release process:
-    # apt-get install devscripts debhelper
+```
+# apt install git devscripts debhelper
+```
 To prepare a release of noosfero, you must follow the steps below:
-* Finish all requirements and bugs assigned to the to-be-released version
+* Disable the automatic pushing of translation updates in weblate.
 * Make sure all tests pass
-* Write release notes at the version's wiki topic
 * Generate packages with `rake noosfero:release[(stable|test)]`. This task will:
   * Update the version in lib/noosfero.rb and debian/changelog.
   * Create the tarbal and the deb pkg under pkg/ directory.
   * Create a git tag and push it.
-  * Upload the pkg to the configured repository (if configured) on ~/.dput.cf.
+  * Upload the packages to the configured repository (if configured) on ~/.dput.cf.
 * Test that the tarball and deb package are ok
-* Go to the version's wiki topic and edit it to reflect the new reality
-* Edit the topic WebPreferences and update DEBIAN_REPOSITORY_TOPICS setting
-* Attach the generated packages to that topic. Before attaching calculate the sha1 of the package (with sha1sum and paste the SHA1 hash as comment in the attachment form)
-* Download the attached and verify the MD5 hash
 * Update an eventual demonstration version that you run.
-* Write an announcement e-mail to the relevant mailing lists pointing to the release notes, and maybe to the demonstration version.
+* Write an announcement e-mail to the relevant mailing lists pointing to the
+  release notes, and maybe to the demonstration version.
+* Re-enable the automatic pushing of trasnlatio updates in weblate.
-If you had any problem during these steps, you can do `rake clobber_package` to completely delete the generated packages and start the process again.
+If you had any problem during these steps, you can do `rake clobber_package` to
+completely delete the generated packages and start the process again.
@@ -83,12 +83,9 @@ class BoxOrganizerController &lt; ApplicationController
   def save
     @block = boxes_holder.blocks.find(params[:id])
-    if @block.kind_of?(RawHTMLBlock) && !user.is_admin?(environment)
-      render_access_denied
-    else
-      @block.update(params[:block])
-      redirect_to :action => 'index'
-    end
+    return render_access_denied unless @block.editable?(user)
+    @block.update(params[:block])
+    redirect_to :action => 'index'
   end
   def boxes_editor?
@@ -32,7 +32,8 @@ class CmsController &lt; MyProfileController
   end
   protect_if :only => [:new, :upload_files] do |c, user, profile|
-    parent = profile.articles.find_by_id(c.params[:parent_id])
+    parent_id = c.params[:article].present? ? c.params[:article][:parent_id] : c.params[:parent_id]
+    parent = profile.articles.find_by_id(parent_id)
     user && user.can_post_content?(profile, parent)
   end
@@ -2,8 +2,27 @@ class ProfileMembersController &lt; MyProfileController
   protect 'manage_memberships', :profile
   def index
-    @members = profile.members_by_name
-    @member_role = environment.roles.find_by_name('member')
+    @filters = params[:filters] || {:roles => []}
+    all_roles = Profile::Roles.organization_member_roles(environment.id) | Profile::Roles.organization_custom_roles(environment.id, profile.id)
+    @filters[:roles] = all_roles unless @filters[:roles].present?
+    @data = {}
+    field = 'name'
+    field = 'email' if @filters[:name] =~ /\@/
+
+    @data[:members] = profile.members_by(field,@filters[:name]).by_role(@filters[:roles])
+    session[:members_filtered] = @data[:members].map{|m|m.id} if request.post?
+    @data[:roles] = all_roles
+
+  end
+
+  def send_mail
+    session[:members_filtered] = params[:members_filtered].select{|value| value!="0"}
+    if session[:members_filtered].present?
+      redirect_to :controller => :profile, :action => :send_mail
+    else
+      session[:notice] = _("Select at least one member.")
+      redirect_to :action => :index
+    end
   end
   def update_roles
@@ -156,4 +175,13 @@ class ProfileMembersController &lt; MyProfileController
     end
   end
+  def search_members
+    field = 'name'
+    field = 'email' if params[:filter_name] =~ /\@/
+
+    result = profile.members_like field, params[:filter_name]
+    result = result.select{|member| member.can_view_field?(current_person, "email") } if field=="email"
+    render :json => result.map { |member| {:label => "#{member.name}#{member.can_view_field?(current_person, "email") ? " <#{member.email}>" : ""}", :value => member.name }}
+  end
+
 end
@@ -198,7 +198,7 @@ class AccountController &lt; ApplicationController
     if request.post?
       begin
         unless verify_recaptcha
-          @change_password.errors.add(:base, _('Please type the words correctly'))
+          @change_password.errors.add(:base, _('Please type the captcha text correctly'))
           return false
         end
@@ -68,11 +68,7 @@ class ContentViewerController &lt; ApplicationController
     process_comments(params)
     if request.xhr? and params[:comment_order]
-      if @comment_order == 'newest'
-        @comments = @comments.reverse
-      end
-
-      return render :partial => 'comment/comment', :collection => @comments
+      return render :partial => 'comment/comments_with_pagination'
     end
     if params[:slideshow]
@@ -209,8 +205,6 @@ class ContentViewerController &lt; ApplicationController
   def rendered_file_download(view = nil)
     if @page.download? view
-      headers['Content-Type'] = @page.mime_type
-      headers.merge! @page.download_headers
       data = @page.data
       # TODO test the condition
@@ -218,7 +212,12 @@ class ContentViewerController &lt; ApplicationController
         raise "No data for file"
       end
-      render :text => data, :layout => false
+      if @page.published && @page.uploaded_file?
+        redirect_to @page.public_filename
+      else
+        send_data data, @page.download_headers
+      end
+
       return true
     end
@@ -244,8 +243,12 @@ class ContentViewerController &lt; ApplicationController
   def get_posts(year = nil, month = nil)
     if year && month
-      filter_date = DateTime.parse("#{year}-#{month}-01")
-      return @page.posts.by_range(filter_date..filter_date.at_end_of_month)
+      begin
+        filter_date = DateTime.parse("#{year}-#{month}-01")
+        return @page.posts.by_range(filter_date..filter_date.at_end_of_month)
+      rescue ArgumentError
+        return @page.posts
+      end
     else
       return @page.posts
     end
@@ -276,8 +279,12 @@ class ContentViewerController &lt; ApplicationController
     @comments = @page.comments.without_spam
     @comments = @plugins.filter(:unavailable_comments, @comments)
     @comments_count = @comments.count
-    @comments = @comments.without_reply.paginate(:per_page => per_page, :page => params[:comment_page] )
     @comment_order = params[:comment_order].nil? ? 'oldest' : params[:comment_order]
+    @comments = @comments.without_reply
+    if @comment_order == 'newest'
+      @comments = @comments.reverse
+    end
+    @comments = @comments.paginate(:per_page => per_page, :page => params[:comment_page] )
   end
   private
@@ -155,6 +155,18 @@ class ProfileController &lt; PublicController
     end
   end
+  def follow_article
+    article = profile.environment.articles.find params[:article_id]
+    article.person_followers << user
+    redirect_to article.url
+  end
+
+  def unfollow_article
+    article = profile.environment.articles.find params[:article_id]
+    article.person_followers.delete(user)
+    redirect_to article.url
+  end
+
   def unblock
     if current_user.person.is_admin?(profile.environment)
       profile.unblock
@@ -362,6 +374,7 @@ class ProfileController &lt; PublicController
   def send_mail
     @mailing = profile.mailings.build(params[:mailing])
     @email_templates = profile.email_templates.find_all_by_template_type(:organization_members)
+    @mailing.data = session[:members_filtered] ? {:members_filtered => session[:members_filtered]} : {}
     if request.post?
       @mailing.locale = locale
       @mailing.person = user
@@ -150,14 +150,8 @@ module ApplicationHelper
     link_to text, profile_path(:profile => profile) , options
   end
-  def link_to_homepage(text, profile = nil, options = {})
-    p = if profile
-          Profile[profile]
-        else
-          user
-        end
-
-    link_to text, p.url, options
+  def link_to_homepage(text, profile, options = {})
+    link_to text, profile.url, options
   end
   def link_if_permitted(link, permission = nil, target = nil)
@@ -556,14 +550,25 @@ module ApplicationHelper
         trigger_class = 'enterprise-trigger'
       end
     end
-    extra_info = extra_info.nil? ? '' : content_tag( 'span', extra_info, :class => 'extra_info' )
+
+    extra_info_tag = ''
+    img_class = 'profile-image'
+
+    if extra_info.is_a? Hash
+      extra_info_tag = content_tag( 'span', extra_info[:value], :class => 'extra_info '+extra_info[:class])
+      img_class +=' '+extra_info[:class]
+    else
+      extra_info_tag = content_tag( 'span', extra_info, :class => 'extra_info' )
+    end
+
     links = links_for_balloon(profile)
     content_tag('div', content_tag(tag,
-                                   (environment.enabled?(:show_balloon_with_profile_links_when_clicked) ? popover_menu(_('Profile links'),profile.short_name,links,{:class => trigger_class, :url => url}) : "") +
+                                   (environment.enabled?(:show_balloon_with_profile_links_when_clicked) ?
+                                   popover_menu(_('Profile links'),profile.short_name,links,{:class => trigger_class, :url => url}) : "") +
     link_to(
-      content_tag( 'span', profile_image( profile, size ), :class => 'profile-image' ) +
+      content_tag( 'span', profile_image( profile, size ), :class => img_class ) +
       content_tag( 'span', h(name), :class => ( profile.class == Person ? 'fn' : 'org' ) ) +
-      extra_info + profile_sex_icon( profile ),
+      extra_info_tag + profile_sex_icon( profile ),
       profile.url,
       :class => 'profile_link url',
       :help => _('Click on this icon to go to the <b>%s</b>\'s home page') % profile.name,
@@ -711,7 +716,7 @@ module ApplicationHelper
   class NoosferoFormBuilder < ActionView::Helpers::FormBuilder
     extend ActionView::Helpers::TagHelper
-    def self.output_field(text, field_html, field_id = nil, options = {})
+    def self.output_field(text, field_html, field_id = nil)
       # try to guess an id if none given
       if field_id.nil?
         field_html =~ /id=['"]([^'"]*)['"]/
@@ -1040,10 +1045,11 @@ module ApplicationHelper
   end
   def search_contents_menu
+    host = environment.default_hostname
     links = [
-      {s_('contents|More recent') => {:href => url_for({:controller => 'search', :action => 'contents', :filter => 'more_recent'})}},
-      {s_('contents|More viewed') => {:href => url_for({:controller => 'search', :action => 'contents', :filter => 'more_popular'})}},
-      {s_('contents|Most commented') => {:href => url_for({:controller => 'search', :action => 'contents', :filter => 'more_comments'})}}
+      {s_('contents|More recent') => {href: url_for({host: host, controller: 'search', action: 'contents', filter: 'more_recent'})}},
+      {s_('contents|More viewed') => {href: url_for({host: host, controller: 'search', action: 'contents', filter: 'more_popular'})}},
+      {s_('contents|Most commented') => {href: url_for({host: host, controller: 'search', action: 'contents', filter: 'more_comments'})}}
     ]
     if logged_in?
       links.push(_('New content') => modal_options({:href => url_for({:controller => 'cms', :action => 'new', :profile => current_user.login, :cms => true})}))
@@ -1055,10 +1061,11 @@ module ApplicationHelper
   alias :browse_contents_menu :search_contents_menu
   def search_people_menu
+    host = environment.default_hostname
      links = [
-       {s_('people|More recent') => {:href => url_for({:controller => 'search', :action => 'people', :filter => 'more_recent'})}},
-       {s_('people|More active') => {:href => url_for({:controller => 'search', :action => 'people', :filter => 'more_active'})}},
-       {s_('people|More popular') => {:href => url_for({:controller => 'search', :action => 'people', :filter => 'more_popular'})}}
+       {s_('people|More recent') => {href: url_for({host: host, controller: 'search', action: 'people', filter: 'more_recent'})}},
+       {s_('people|More active') => {href: url_for({host: host, controller: 'search', action: 'people', filter: 'more_active'})}},
+       {s_('people|More popular') => {href: url_for({host: host, controller: 'search', action: 'people', filter: 'more_popular'})}}
      ]
      if logged_in?
        links.push(_('My friends') => {:href => url_for({:profile => current_user.login, :controller => 'friends'})})
@@ -1071,10 +1078,11 @@ module ApplicationHelper
   alias :browse_people_menu :search_people_menu
   def search_communities_menu
+    host = environment.default_hostname
      links = [
-       {s_('communities|More recent') => {:href => url_for({:controller => 'search', :action => 'communities', :filter => 'more_recent'})}},
-       {s_('communities|More active') => {:href => url_for({:controller => 'search', :action => 'communities', :filter => 'more_active'})}},
-       {s_('communities|More popular') => {:href => url_for({:controller => 'search', :action => 'communities', :filter => 'more_popular'})}}
+       {s_('communities|More recent') => {href: url_for({host: host, controller: 'search', action: 'communities', filter: 'more_recent'})}},
+       {s_('communities|More active') => {href: url_for({host: host, controller: 'search', action: 'communities', filter: 'more_active'})}},
+       {s_('communities|More popular') => {href: url_for({host: host, controller: 'search', action: 'communities', filter: 'more_popular'})}}
      ]
      if logged_in?
        links.push(_('My communities') => {:href => url_for({:profile => current_user.login, :controller => 'memberships'})})
@@ -169,4 +169,30 @@ module ArticleHelper
     _('Edit')
   end
+  def follow_button_text(article)
+    if article.event?
+      _('Attend')
+    else
+      _('Follow')
+    end
+  end
+
+  def unfollow_button_text(article)
+    if article.event?
+      _('Unattend')
+    else
+      _('Unfollow')
+    end
+  end
+
+  def following_button(page, user)
+    if !user.blank? and user != page.author
+      if page.is_followed_by? user
+        button :cancel, unfollow_button_text(page), {:controller => 'profile', :action => 'unfollow_article', :article_id => page.id}
+      else
+        button :add, follow_button_text(page), {:controller => 'profile', :action => 'follow_article', :article_id => page.id}
+      end
+    end
+  end
+
 end
@@ -14,6 +14,7 @@ module BlockHelper
       </td>
       <td>#{text_field_tag 'block[images][][address]', image[:address], :class => 'highlight-address', :size => 20}</td>
       <td>#{text_field_tag 'block[images][][position]', image[:position], :class => 'highlight-position', :size => 1}</td>
+      <td>#{check_box_tag 'block[images][][new_window]', '1', image[:new_window], :class => 'highlight-new_window', :size => 1}</td>
     </tr><tr class=\"image-title\" data-row-number='#{row_number}'>
       <td colspan=\"3\"><label>#{
         content_tag('span', _('Title')) +
@@ -250,7 +250,7 @@ module BoxesHelper
       end
     end
-    if editable?(block)
+    if editable?(block, user)
       buttons << modal_icon_button(:edit, _('Edit'), { :action => 'edit', :id => block.id })
     end
@@ -296,7 +296,7 @@ module BoxesHelper
     return block.movable? || user.is_admin?
   end
-  def editable?(block)
-    return block.editable? || user.is_admin?
+  def editable?(block, user=nil)
+    return block.editable?(user) || user.is_admin?
   end
 end
@@ -7,9 +7,10 @@ module FormsHelper
   def labelled_check_box( human_name, name, value = "1", checked = false, options = {} )
     options[:id] ||= 'checkbox-' + FormsHelper.next_id_number
-    hidden_field_tag(name, '0') +
-      check_box_tag( name, value, checked, options ) +
-      content_tag( 'label', human_name, :for => options[:id] )
+    html = options[:add_hidden] == false ? "" : hidden_field_tag(name, '0')
+
+    html += check_box_tag( name, value, checked, options ) +
+         content_tag( 'label', human_name, :for => options[:id] )
   end
   def labelled_text_field( human_name, name, value=nil, options={} )
@@ -2,7 +2,10 @@ require_dependency &#39;mailing_job&#39;
 class Mailing < ActiveRecord::Base
-  attr_accessible :subject, :body
+  acts_as_having_settings :field => :data
+
+  attr_accessible :subject, :body, :data
+
   validates_presence_of :source_id, :subject, :body
   belongs_to :source, :foreign_key => :source_id, :polymorphic => true
   belongs_to :person
@@ -5,9 +5,17 @@ class OrganizationMailing &lt; Mailing
   end
   def recipients(offset=0, limit=100)
-    source.members.order(:id).offset(offset).limit(limit)
-      .joins("LEFT OUTER JOIN mailing_sents m ON (m.mailing_id = #{id} AND m.person_id = profiles.id)")
+    result = source.members.order(:id).offset(offset).limit(limit)
+
+    if data.present? and data.is_a?(Hash) and data[:members_filtered]
+      result = result.where('profiles.id IN (?)', data[:members_filtered])
+    end
+
+    if result.blank?
+      result = result.joins("LEFT OUTER JOIN mailing_sents m ON (m.mailing_id = #{id} AND m.person_id = profiles.id)")
       .where("m.person_id" => nil)
+    end
+    result
   end
   def each_recipient
@@ -8,8 +8,9 @@ class Article &lt; ActiveRecord::Base
                   :accept_comments, :feed, :published, :source, :source_name,
                   :highlighted, :notify_comments, :display_hits, :slug,
                   :external_feed_builder, :display_versions, :external_link,
-                  :author, :published_at, :person_followers, :show_to_followers, 
-                  :image_builder, :display_preview, :archived
+                  :image_builder, :show_to_followers,
+                  :author, :display_preview, :published_at, :person_followers,
+                  :archived
   acts_as_having_image
@@ -83,6 +84,10 @@ class Article &lt; ActiveRecord::Base
   has_many :comments, :class_name => 'Comment', :foreign_key => 'source_id', :dependent => :destroy, :order => 'created_at asc'
+  has_many :article_followers, :dependent => :destroy
+  has_many :person_followers, :class_name => 'Person', :through => :article_followers, :source => :person
+  has_many :person_followers_emails, :class_name => 'User', :through => :person_followers, :source => :user, :select => :email
+
   has_many :article_categorizations, -> { where 'articles_categories.virtual = ?', false }
   has_many :categories, :through => :article_categorizations
@@ -95,7 +100,6 @@ class Article &lt; ActiveRecord::Base
   settings_items :author_name, :type => :string, :default => ""
   settings_items :allow_members_to_edit, :type => :boolean, :default => false
   settings_items :moderate_comments, :type => :boolean, :default => false
-  settings_items :followers, :type => Array, :default => []
   has_and_belongs_to_many :article_privacy_exceptions, :class_name => 'Person', :join_table => 'article_privacy_exceptions'
   belongs_to :reference_article, :class_name => "Article", :foreign_key => 'reference_article_id'
@@ -173,7 +177,6 @@ class Article &lt; ActiveRecord::Base
     end
   end
-
   def is_trackable?
     self.published? && self.notifiable? && self.advertise? && self.profile.public_profile
   end
@@ -374,6 +377,10 @@ class Article &lt; ActiveRecord::Base
     self.parent and self.parent.forum?
   end
+  def person_followers_email_list
+    person_followers_emails.map{|p|p.email}
+  end
+
   def info_from_last_update
     last_comment = comments.last
     if last_comment
@@ -383,6 +390,10 @@ class Article &lt; ActiveRecord::Base
     end
   end
+  def full_path
+    profile.hostname.blank? ? "/#{profile.identifier}/#{path}" : "/#{path}"
+  end
+
   def url
     @url ||= self.profile.url.merge(:page => path.split('/'))
   end
@@ -408,13 +419,19 @@ class Article &lt; ActiveRecord::Base
   end
   def download? view = nil
-    (self.uploaded_file? and not self.image?) or
-      (self.image? and view.blank?) or
-      (not self.uploaded_file? and self.mime_type != 'text/html')
+    false
+  end
+
+  def is_followed_by?(user)
+    self.person_followers.include? user
+  end
+
+  def download_disposition
+    'inline'
   end
   def download_headers
-    {}
+    { :filename => filename, :type => mime_type, :disposition => download_disposition}
   end
   def alternate_languages
@@ -195,8 +195,8 @@ class Block &lt; ActiveRecord::Base
     nil
   end
-  # Is this block editable? (Default to <tt>false</tt>)
-  def editable?
+  # Is this block editable? (Default to <tt>true</tt>)
+  def editable?(user=nil)
     self.edit_modes == "all"
   end
@@ -6,13 +6,14 @@ class Comment &lt; ActiveRecord::Base
     :body => {:label => _('Content'), :weight => 2},
   }
-  attr_accessible :body, :author, :name, :email, :title, :reply_of_id, :source
+  attr_accessible :body, :author, :name, :email, :title, :reply_of_id, :source, :follow_article
   validates_presence_of :body
   belongs_to :source, :counter_cache => true, :polymorphic => true
   alias :article :source
   alias :article= :source=
+  attr_accessor :follow_article
   belongs_to :author, :class_name => 'Person', :foreign_key => 'author_id'
   has_many :children, :class_name => 'Comment', :foreign_key => 'reply_of_id', :dependent => :destroy
@@ -102,10 +103,9 @@ class Comment &lt; ActiveRecord::Base
   after_create :new_follower
   def new_follower
-    if source.kind_of?(Article)
-      article.followers += [author_email]
-      article.followers -= article.profile.notification_emails
-      article.followers.uniq!
+    if source.kind_of?(Article) and !author.nil? and @follow_article
+      article.person_followers += [author]
+      article.person_followers.uniq!
       article.save
     end
   end
@@ -147,7 +147,7 @@ class Comment &lt; ActiveRecord::Base
       if !notification_emails.empty?
         CommentNotifier.notification(self).deliver
       end
-      emails = article.followers - [author_email]
+      emails = article.person_followers_email_list - [author_email]
       if !emails.empty?
         CommentNotifier.mail_to_followers(self, emails).deliver
       end
@@ -19,7 +19,7 @@ class DisabledEnterpriseMessageBlock &lt; Block
     end
   end
-  def editable?
+  def editable?(user=nil)
     false
   end
@@ -56,6 +56,7 @@ class Environment &lt; ActiveRecord::Base
     'manage_environment_trusted_sites' => N_('Manage environment trusted sites'),
     'edit_appearance'      => N_('Edit appearance'),
     'manage_email_templates' => N_('Manage Email Templates'),
+    'edit_raw_html_block'      => N_('Edit Raw HTML block'),
   }
   module Roles
@@ -15,6 +15,8 @@ class HighlightsBlock &lt; Block
       if !Noosfero.root.nil? and !i[:address].start_with?(Noosfero.root + '/')
         i[:address] = Noosfero.root + i[:address]
       end
+      i[:new_window] = i[:new_window] == '1' ? true : false
+
       begin
         file = UploadedFile.find(i[:image_id])
         i[:image_src] = file.public_filename
 # A person is the profile of an user holding all relationships with the rest of the system
 class Person < Profile
-  attr_accessible :organization, :contact_information, :sex, :birth_date, :cell_phone,
-    :comercial_phone, :jabber_id, :personal_website, :nationality, :address_reference,
-    :district, :schooling, :schooling_status, :formation, :custom_formation, :area_of_study,
-    :custom_area_of_study, :professional_activity, :organization_website, :following_articles
+  attr_accessible :organization, :contact_information, :sex, :birth_date, :cell_phone, :comercial_phone, :jabber_id, :personal_website, :nationality, :address_reference, :district, :schooling, :schooling_status, :formation, :custom_formation, :area_of_study, :custom_area_of_study, :professional_activity, :organization_website, :following_articles
   SEARCH_FILTERS = {
     :order => %w[more_recent more_popular more_active],
@@ -19,26 +16,29 @@ class Person &lt; Profile
   acts_as_trackable :after_add => Proc.new {|p,t| notify_activity(t)}
   acts_as_accessor
-  scope :members_of, -> resources {
+  scope :members_of, lambda { |resources, field = ''|
     resources = Array(resources)
+    joins = [:role_assignments]
+    joins << :user if User.attribute_names.include? field
+
     conditions = resources.map {|resource| "role_assignments.resource_type = '#{resource.class.base_class.name}' AND role_assignments.resource_id = #{resource.id || -1}"}.join(' OR ')
-    select('DISTINCT profiles.*').joins(:role_assignments).where([conditions])
+    distinct.select('profiles.*').joins(joins).where([conditions])
   }
   scope :not_members_of, -> resources {
     resources = Array(resources)
     conditions = resources.map {|resource| "role_assignments.resource_type = '#{resource.class.base_class.name}' AND role_assignments.resource_id = #{resource.id || -1}"}.join(' OR ')
-    select('DISTINCT profiles.*').where('"profiles"."id" NOT IN (SELECT DISTINCT profiles.id FROM "profiles" INNER JOIN "role_assignments" ON "role_assignments"."accessor_id" = "profiles"."id" AND "role_assignments"."accessor_type" = (Profile) WHERE "profiles"."type" IN (Person) AND (%s))' % conditions)
+    distinct.select('profiles.*').where('"profiles"."id" NOT IN (SELECT DISTINCT profiles.id FROM "profiles" INNER JOIN "role_assignments" ON "role_assignments"."accessor_id" = "profiles"."id" AND "role_assignments"."accessor_type" = (Profile) WHERE "profiles"."type" IN (Person) AND (%s))' % conditions)
   }
   scope :by_role, -> roles {
     roles = Array(roles)
-    select('DISTINCT profiles.*').joins(:role_assignments).where('role_assignments.role_id IN (?)', roles)
+    distinct.select('profiles.*').joins(:role_assignments).where('role_assignments.role_id IN (?)', roles)
   }
   scope :not_friends_of, -> resources {
     resources = Array(resources)
-    select('DISTINCT profiles.*').where('"profiles"."id" NOT IN (SELECT DISTINCT profiles.id FROM "profiles" INNER JOIN "friendships" ON "friendships"."person_id" = "profiles"."id" WHERE "friendships"."friend_id" IN (%s))' % resources.map(&:id))
+    distinct.select('profiles.*').where('"profiles"."id" NOT IN (SELECT DISTINCT profiles.id FROM "profiles" INNER JOIN "friendships" ON "friendships"."person_id" = "profiles"."id" WHERE "friendships"."friend_id" IN (%s))' % resources.map(&:id))
   }
   scope :visible_for_person, lambda { |person|
@@ -51,8 +51,7 @@ class Person &lt; Profile
       ['( roles.key = ? AND role_assignments.accessor_type = ? AND role_assignments.accessor_id = ? ) OR (
         ( ( friendships.person_id = ? ) OR (profiles.public_profile = ?)) AND (profiles.visible = ?) )', 'environment_administrator', Profile.name, person.id, person.id,  true, true]
     ).uniq
-  }
-
+    }
   def has_permission_with_admin?(permission, resource)
     return true if resource.blank? || resource.admins.include?(self)
@@ -90,7 +89,8 @@ class Person &lt; Profile
   has_many :article_followers, :dependent => :destroy
   has_many :following_articles, :class_name => 'Article', :through => :article_followers, :source => :article
   has_many :comments, :foreign_key => :author_id
-
+  has_many :article_followers, :dependent => :destroy
+  has_many :following_articles, :class_name => 'Article', :through => :article_followers, :source => :article
   has_many :friendships, :dependent => :destroy
   has_many :friends, :class_name => 'Person', :through => :friendships
@@ -123,10 +123,10 @@ class Person &lt; Profile
   scope :more_popular, -> { order 'friends_count DESC' }
   scope :abusers, -> {
-    joins(:abuse_complaints).where('tasks.status = 3').select('DISTINCT profiles.*')
+    joins(:abuse_complaints).where('tasks.status = 3').distinct.select('profiles.*')
   }
   scope :non_abusers, -> {
-    select("DISTINCT profiles.*").
+    distinct.select("profiles.*").
     joins("LEFT JOIN tasks ON profiles.id = tasks.requestor_id AND tasks.type='AbuseComplaint'").
     where("tasks.status != 3 OR tasks.id is NULL")
   }
@@ -135,6 +135,11 @@ class Person &lt; Profile
   scope :activated, -> { joins(:user).where('users.activation_code IS NULL AND users.activated_at IS NOT NULL') }
   scope :deactivated, -> { joins(:user).where('NOT (users.activation_code IS NULL AND users.activated_at IS NOT NULL)') }
+  scope :with_role, -> role_id {
+    distinct.joins(:role_assignments).
+    where("role_assignments.role_id = #{role_id}")
+  }
+
   after_destroy do |person|
     Friendship.where(friend_id: person.id).each{ |friendship| friendship.destroy }
   end
@@ -78,6 +78,9 @@ class Profile &lt; ActiveRecord::Base
     def self.organization_member_roles(env_id)
       all_roles(env_id).select{ |r| r.key.match(/^profile_/) unless r.key.blank? || !r.profile_id.nil?}
     end
+    def self.organization_custom_roles(env_id, profile_id)
+      all_roles(env_id).where('profile_id = ?', profile_id)
+    end
     def self.all_roles(env_id)
       Role.where(environment_id: env_id)
     end
@@ -119,7 +122,7 @@ class Profile &lt; ActiveRecord::Base
   include Noosfero::Plugin::HotSpot
   scope :memberships_of, -> person {
-    select('DISTINCT profiles.*').
+    distinct.select('profiles.*').
     joins(:role_assignments).
     where('role_assignments.accessor_type = ? AND role_assignments.accessor_id = ?', person.class.base_class.name, person.id)
   }
@@ -185,15 +188,23 @@ class Profile &lt; ActiveRecord::Base
   include TimeScopes
-  def members
+  def members(by_field = '')
     scopes = plugins.dispatch_scopes(:organization_members, self)
-    scopes << Person.members_of(self)
+    scopes << Person.members_of(self,by_field)
     return scopes.first if scopes.size == 1
     ScopeTool.union *scopes
   end
-  def members_by_name
-    members.order('profiles.name')
+  def members_by(field,value = nil)
+    if value and !value.blank?
+      members_like(field,value).order('profiles.name')
+    else
+      members.order('profiles.name')
+    end
+  end
+
+  def members_like(field,value)
+    members(field).where("LOWER(#{field}) LIKE ?", "%#{value.downcase}%") if value
   end
   class << self
@@ -781,13 +792,13 @@ private :generate_url, :url_options
   end
   # Adds a person as member of this Profile.
-  def add_member(person)
+  def add_member(person, attributes={})
     if self.has_members?
       if self.closed? && members.count > 0
         AddMember.create!(:person => person, :organization => self) unless self.already_request_membership?(person)
       else
-        self.affiliate(person, Profile::Roles.admin(environment.id)) if members.count == 0
-        self.affiliate(person, Profile::Roles.member(environment.id))
+        self.affiliate(person, Profile::Roles.admin(environment.id), attributes) if members.count == 0
+        self.affiliate(person, Profile::Roles.member(environment.id), attributes)
       end
       person.tasks.pending.of("InviteMember").select { |t| t.data[:community_id] == self.id }.each { |invite| invite.cancel }
       remove_from_suggestion_list person
@@ -1164,6 +1175,10 @@ private :generate_url, :url_options
     end
   end
+  def can_view_field? current_person, field
+    display_private_info_to?(current_person) || (public_fields.include?(field) && public?)
+  end
+
   validates_inclusion_of :redirection_after_login, :in => Environment.login_redirection_options.keys, :allow_nil => true
   def preferred_login_redirection
     redirection_after_login.blank? ? environment.redirection_after_login : redirection_after_login
@@ -19,4 +19,9 @@ class RawHTMLBlock &lt; Block
   def has_macro?
     true
   end
+
+  def editable?(user)
+    user.has_permission?('edit_raw_html_block', environment)
+  end
+
 end
@@ -65,6 +65,10 @@ class RssFeed &lt; Article
     'text/xml'
   end
+  def download?(view = nil)
+    true
+  end
+
   include Rails.application.routes.url_helpers
   def fetch_articles
     if parent && parent.has_posts?
@@ -2,6 +2,9 @@
 #
 # Limitation: only file metadata are versioned. Only the latest version
 # of the file itself is kept. (FIXME?)
+
+require 'sdbm'
+
 class UploadedFile < Article
   attr_accessible :uploaded_data, :title
@@ -10,6 +13,19 @@ class UploadedFile &lt; Article
     _('File')
   end
+  DBM_PRIVATE_FILE = 'cache/private_files'
+  after_save do |uploaded_file|
+    if uploaded_file.published_changed?
+      dbm = SDBM.open(DBM_PRIVATE_FILE)
+      if uploaded_file.published
+        dbm.delete(uploaded_file.public_filename)
+      else
+        dbm.store(uploaded_file.public_filename, uploaded_file.full_path)
+      end
+      dbm.close
+    end
+  end
+
   track_actions :upload_image, :after_create, :keep_params => ["view_url", "thumbnail_path", "parent.url", "parent.name"], :if => Proc.new { |a| a.published? && a.image? && !a.parent.nil? && a.parent.gallery? }, :custom_target => :parent
   def title
@@ -106,10 +122,13 @@ class UploadedFile &lt; Article
     self.name ||= self.filename
   end
-  def download_headers
-    {
-      'Content-Disposition' => "attachment; filename=\"#{self.filename}\"",
-    }
+  def download_disposition
+    case content_type
+    when 'application/pdf'
+      'inline'
+    else
+      'attachment'
+    end
   end
   def data
@@ -5,7 +5,7 @@
 <%= form_tag({:action => 'forgot_password'}, :method => 'post', :id => 'forgot-password-form') do %>
   <%= labelled_form_field fields_label, text_field_tag(:value) %>
-  <h3><%= _('Please type the two words below') %></h3>
+  <h3><%= _('Please type the captcha text below') %></h3>
   <%= recaptcha_tags(:display => { :theme => 'clean' }, :ajax => true) %>
   <div>
@@ -11,7 +11,7 @@
 </p>
 <p>
-<%= link_to_homepage(_('My home page.')) %>
+<%= link_to_homepage(_('My home page.'), user) %>
 <%= _('See your homepage.') %>
 </p>
@@ -3,7 +3,7 @@
   <div class='highlights-border'>
     <div class='highlights-container'>
       <% block.featured_images.each do |img| %>
-        <a href="<%= img[:address] %>" title="<%= img[:title] %>" class="highlights-image-link">
+        <a href="<%= img[:address] %>" <%= 'target="_blank"' if img[:new_window] %> title="<%= img[:title] %>" class="highlights-image-link">
           <%= image_tag [Noosfero.root, img[:image_src]].join, alt: img[:title] %>
           <p class="highlights-label"><%= img[:title] %></p>
         </a>
@@ -3,7 +3,7 @@
 <strong><%= _('Highlights') %></strong>
 <table class="noborder"><tbody id="highlights-data-table">
-  <tr><th><%= _('Image') %></th><th><%= _('Address') %></th><th><%= _('Position') %></th></tr>
+  <tr><th><%= _('Image') %></th><th><%= _('Address') %></th><th><%= _('Position') %></th><th><%= _('New Window') %></th></tr>
   <% @block.images.each_with_index do |image, index| %>
     <%= highlights_block_config_image_fields @block, image, index %>
   <% end %>
 <p>
 <em>
-  <%= _('Drag images to add them to the text.') %>
-  <%= _('Click on file names to add links to the text.') %>
+  <%= _('Drag images to add them to the text or click on file names to add links to the text.') %>
 </em>
 </p>
@@ -17,8 +17,8 @@
                 :parent_id, profile, default_folder, {}, {},
                 "type='Folder' or type='Gallery'"
           ) %>
+          <%= button(:newfolder, _('New folder'), '#', :id => 'new-folder-button') %>
         </div>
-        <%= button(:newfolder, _('New folder'), '#', :id => 'new-folder-button') %>
         <p><%= file_field_tag('file', :multiple => true) %></p>
       <% end %>
     </div>
@@ -31,7 +31,7 @@
   <div id='published-media' class='text-editor-sidebar-box' data-url='<%= url_for({:controller => 'cms', :action => 'published_media_items', :profile => profile.identifier}) %>'>
     <%= select_profile_folder(nil, :parent_id, profile, 'recent-media', {}, {},
         "type='Folder' or type='Gallery'", {:root_label => _('Recent media')}) %>
-    <%= labelled_form_field _('Search'), text_field_tag('q') %>
+    <%= labelled_form_field _('Search among your uploaded files'), text_field_tag('q', '', placeholder: _('Write words about the file you are looking for')) %>
     <%= render :partial => 'drag_and_drop_note' %>
     <div class='items'>
       <%= render :partial => 'published_media_items' %>
@@ -77,6 +77,10 @@ function check_captcha(button, confirm_action) {
   <%= labelled_form_field(_('Title'), f.text_field(:title)) %>
   <%= required labelled_form_field(_('Enter your comment'), f.text_area(:body, :rows => 5)) %>
+  <% if logged_in? %>
+    <%= labelled_form_field check_box(:comment, :follow_article, {}, true, false) + _('Follow this article'), '' %>
+  <% end%>
+
   <%= hidden_field_tag(:confirm, 'false') %>
   <%= hidden_field_tag(:view, params[:view])%>
   <%= f.hidden_field(:reply_of_id) %>
@@ -0,0 +1,4 @@
+<% if @comments.present? %>
+  <%= render :partial => 'comment/comment', :collection => @comments %>
+  <%= pagination_links @comments, :param_name => 'comment_page', :params => { :comment_order => @comment_order } %>
+<% end %>
@@ -57,6 +57,8 @@
       <%= button plugin_button[:icon], plugin_button[:title], plugin_button[:url], plugin_button[:html_options] %>
     <% end %>
+    <%= following_button @page, user %>
+
     <%= report_abuse(profile, :link, @page) %>
   </div>
@@ -10,6 +10,24 @@
     <%= (" - %s") % link_to_comments(@page)%>
   </span>
 <% end %>
+
+<span class="followers-count">
+|
+<% if @page.event? %>
+  <% if @page.person_followers.size > 0 %>
+    <%= _("%s will attend this event.") % [ pluralize(@page.person_followers.size, _("person"))]%>
+  <% else %>
+    <%= _("No one attending this event yet.") %>
+  <% end %>
+<% else %>
+  <% if @page.person_followers.size > 0 %>
+    <%= _("%s following this article.") % [ pluralize(@page.person_followers.size, _("person"))]%>
+  <% else %>
+    <%= _("No one following this article yet.") %>
+  <% end %>
+<% end %>
+</span>
+
 </span>
 <% if @page.display_hits? || @page.license.present? %>
@@ -81,7 +81,7 @@
     <ul class="article-comments-list">
       <% if @comments.present? %>
         <%= render :partial => 'comment/comment', :collection => @comments %>
-        <%= pagination_links @comments, :param_name => 'comment_page' %>
+        <%= pagination_links @comments, :param_name => 'comment_page', :params => { :comment_order => @comment_order } %>
       <% end %>
     </ul>
@@ -2,4 +2,4 @@
   <%= generic.abstract %>
 </div>
-<%= button(:download, _('Download'), [Noosfero.root, generic.public_filename].join, class:'download-link', option:'primary', size:'lg') %>
+<%= button(:download, _('Download'), generic.url, class:'download-link', option:'primary', size:'lg', :target => "_blank") %>
@@ -9,7 +9,8 @@
 </div>
 <ul class="profile-list-<%= role %>" >
   <% users.each do |u| %>
-    <%= profile_image_link(u, :thumb) %>
+    <% extra_info = u.member_since_date(profile) == Date.today ? {:value =>_('New'), :class => 'new-profile'}:'' %>
+    <%= profile_image_link(u, :thumb, 'li', extra_info) %>
   <% end %>
 </ul>
@@ -19,7 +19,6 @@
                      :id => "members-tab",
                      :content => div_members
                      } %>
-
     <% div_admins = content_tag :div, :class => "profile-admins" do
       render :partial => 'profile_members_list',
                             :locals => {
@@ -10,6 +10,9 @@
   </div>
 <% end %>
+  <% to = @mailing.data[:members_filtered].present? ? @mailing.recipients.map{|r| r.name}.join(', ') : _('All members')%>
+  <%= labelled_form_field(_('To:'), text_area(:data, 'members_filtered', :value => to, :rows => 4, :disabled => 'disabled', :class => 'send-mail-recipients'))  %>
+
 <%= form_for :mailing, :url => {:action => 'send_mail'}, :html => {:id => 'mailing-form'} do |f| %>
   <%= labelled_form_field(_('Subject:'), f.text_field(:subject)) %>
@@ -5,7 +5,7 @@
     <%= button :person, _('Invite people to join'), :controller => 'invite', :action => 'invite_friends' %>
   <% end %>
   <% if profile.community? and user.has_permission?(:send_mail_to_members, profile) %>
-    <%= button :send, _('Send e-mail to members'), :controller => 'profile', :action => 'send_mail' %>
+    <%= submit_button(:send, _('Send e-mail to members')) %>
   <% end %>
   <% @plugins.dispatch(:manage_members_extra_buttons).each do |plugin_button| %>
     <%= button plugin_button[:icon], plugin_button[:title], plugin_button[:url] %>
@@ -0,0 +1,18 @@
+<%= form_tag '#', :method => 'post' do %>
+
+    <%= field_set_tag _('Filter'), :class => 'filter_fields' do %>
+        <p>
+          <%= labelled_text_field(_('Name or Email')+': ', "filters[name]", @filters[:name], {:id => 'filter-name-autocomplete',:size => 30}) %>
+        </p>
+
+        <p><%= _('Roles:') %> </p>
+        <% @data[:roles].each do |r| %>
+          <%= labelled_check_box(r.name, 'filters[roles][]', r.id, @filters[:roles].include?(r.id.to_s), :add_hidden => false) %><br/>
+        <% end %>
+        <p>
+          <%= submit_button(:search, _('Search')) %>
+        </p>
+    <% end %>
+<% end %>
+
+<%= javascript_include_tag params[:controller] %>
 \ No newline at end of file
-<% collection = @collection == :profile_admins ? profile.admins : profile.members_by_name %>
+<% members = @data ? @data[:members] : profile.members_by('name') %>
+<% collection = @collection == :profile_admins ? profile.admins : members %>
 <% title = @title ? @title : _('Current members') %>
 <% remove_action = @remove_action ? @remove_action : {:action => 'unassociate'} %>
+<%= javascript_include_tag params[:controller] %>
 <h3><%= title %></h3>
 <table>
+  <col width="1">
   <tr>
+    <th><%= check_box_tag 'checkbox-all', 1, false, :onClick => "toggle(this)"  %></th>
     <th><%= _('Member') %></th>
     <th><%= _('Actions') %></th>
   </tr>
+
   <% collection.each do |m| %>
     <tr title="<%= m.name %>">
+      <td><%= labelled_check_box('', 'members_filtered[]', m.id.to_s, false, :id => 'checkbox-'+m.identifier) %></td>
       <td><%= link_to_profile m.short_name, m.identifier, :title => m.name %> </td>
       <td>
         <div class="members-buttons-cell">
@@ -27,3 +33,8 @@
     </tr>
   <% end %>
 </table>
+<% if collection.empty? %>
+  <p>
+    <em><%= _('No members found to: %s') % profile.name %></em>
+  </p>
+<% end %>
 <h1><%= h profile.short_name(50) %></h1>
-<%= render :partial => 'index_buttons' %>
+<%= render :partial => 'members_filter' %>
-<div id="members-list">
-  <%= render :partial => 'members_list' %>
-</div>
+<%= form_tag 'profile_members/send_mail', :method => 'post' do %>
+  <div id="members-list">
+    <%= render :partial => 'members_list' %>
+  </div>
-<%= render :partial => 'index_buttons' %>
+  <%= render :partial => 'index_buttons' %>
+
+<% end %>
@@ -5,7 +5,7 @@
 <ul>
   <% for validator in @region.validators %>
     <li>
-    <%= link_to_homepage validator.name, validator.identifier %>
+    <%= link_to_homepage validator.name, validator %>
     <%= link_to _('Remove validation rights'), { :action => 'remove', :id => @region.id, :validator_id => validator }, :method => 'post' %>
     </li>
   <% end %>
@@ -5,7 +5,7 @@
         @order == 'more_recent' ? enterprise.send(@order + '_label') + show_date(enterprise.created_at) : enterprise.send(@order + '_label') %>
     </div>
     <div class="search-enterprise-item-column-right">
-      <%= link_to_homepage(enterprise.name, enterprise.identifier, :class => "search-result-title") %>
+      <%= link_to_homepage enterprise.name, enterprise, class: "search-result-title" %>
       <div class="search-enterprise-description">
         <% if enterprise.description %>
           <% body_stripped = strip_tags(enterprise.description) %>
@@ -44,7 +44,7 @@
   <div class="search-product-item-second-column">
     <%= link_to_product product, :class => 'search-result-title' %>
     <div class="search-product-supplier">
-      <span class="search-field-label"><%= _('Supplier') %>  </span><%= link_to_homepage(product.enterprise.name, product.enterprise.identifier) %>
+      <span class="search-field-label"><%= _('Supplier') %>  </span><%= link_to_homepage product.enterprise.name, product.enterprise %>
     </div>
     <div class="search-product-description">
       <% if product.description %>
@@ -26,7 +26,7 @@
     <% end %>
   <% elsif image.is_a? Gallery %>
     <div class="search-gallery-items">
-      <% r = image.children.order(:updated_at).where('type = ?', 'UploadedFile').last(3) %>
+      <% r = image.children.latest.images.limit(3) %>
       <% if r.length > 0 %>
         <% r.each_index do |i| img = r[i] %>
           <%= link_to '', img.view_url, :class => "search-image-pic pic-num#{i+1}",
@@ -47,6 +47,8 @@
     <% else %>
       <div class="search-no-image"><span><%= _('No image') %></span></div>
     <% end %>
+  <% elsif image.first_image.present? %>
+    <img src="<%= image.first_image %>" class="automatic-abstract-thumb search-image-pic">
   <% else %>
     <div class="search-content-type-icon icon-content-<%=image.class.to_s.underscore.dasherize%>"></div>
   <% end %>
 <%= _('Hi, %{recipient}!') % { :recipient => @recipient } %>
-<%= word_wrap(_('Welcome to %{environment}! To activate your account, follow the link: %{activation_url}') % { :environment => @environment.name, :activation_url => @url + url_for(:controller => :account, :action => :activate, :activation_code => @activation_code, :redirection => @redirection, :join => @join) }) %>
+<%= word_wrap(_('Welcome to %{environment}! To activate your account, follow the link: %{activation_url}') % { :environment => @environment.name, :activation_url => url_for(:controller => :account, :action => :activate, :activation_code => @activation_code, :redirection => @redirection, :join => @join) }) %>
 <%= _("Greetings,") %>
 --
 <%= _('%s team.') % @environment.name %>
-<%= url_for @url %>
+<%= @url %>
@@ -0,0 +1,17 @@
+class AddEditRawHtmlBlockToAdminRole < ActiveRecord::Migration
+  def self.up
+    Environment.all.map(&:id).each do |id|
+      role = Environment::Roles.admin(id)
+      role.permissions << 'edit_raw_html_block'
+      role.save!
+    end
+  end
+
+  def self.down
+    Environment.all.map(&:id).each do |id|
+      role = Environment::Roles.admin(id)
+      role.permissions -= ['edit_raw_html_block']
+      role.save!
+    end
+  end
+end
@@ -0,0 +1,13 @@
+class CreateArticleFollowers < ActiveRecord::Migration
+  def self.up
+    execute("CREATE TABLE article_followers AS (SELECT profiles.id AS person_id, t.id AS article_id, clock_timestamp() AS since FROM (SELECT articles.id, regexp_split_to_table(replace(replace(substring(articles.setting FROM ':followers:[^:]*'), ':followers:', ''), '- ', ''), '\n') AS follower FROM articles) t INNER JOIN users ON users.email = follower INNER JOIN profiles ON users.id = profiles.user_id WHERE follower != '');")
+    add_timestamps :article_followers
+    add_index :article_followers, :person_id
+    add_index :article_followers, :article_id
+    add_index :article_followers, [:person_id, :article_id], :unique => true
+  end
+
+  def self.down
+    drop_table :article_followers
+  end
+end
@@ -0,0 +1,10 @@
+class AddFollowersCountToArticle < ActiveRecord::Migration
+  def self.up
+    add_column :articles, :followers_count, :integer, :default => 0
+    execute "update articles set followers_count = (select count(*) from article_followers where article_followers.article_id = articles.id)"
+  end
+
+  def self.down
+    remove_column :articles, :followers_count
+  end
+end
@@ -0,0 +1,5 @@
+class AddTimestampsToRoleAssignments < ActiveRecord::Migration
+  def change
+    add_timestamps :role_assignments
+  end
+end
@@ -0,0 +1,5 @@
+class AddDataToMailing < ActiveRecord::Migration
+  def change
+    add_column :mailings, :data, :text
+  end
+end
@@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
-ActiveRecord::Schema.define(version: 20151221105330) do
+ActiveRecord::Schema.define(version: 20160224132937) do
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
@@ -88,9 +88,9 @@ ActiveRecord::Schema.define(version: 20151221105330) do
     t.integer "profile_id"
   end
-  create_table "article_followers", force: :cascade do |t|
-    t.integer  "person_id",  null: false
-    t.integer  "article_id", null: false
+  create_table "article_followers", id: false, force: :cascade do |t|
+    t.integer  "person_id"
+    t.integer  "article_id"
     t.datetime "since"
     t.datetime "created_at"
     t.datetime "updated_at"
@@ -699,6 +699,7 @@ ActiveRecord::Schema.define(version: 20151221105330) do
     t.string   "locale"
     t.datetime "created_at"
     t.datetime "updated_at"
+    t.text     "data"
   end
   create_table "mark_comment_as_read_plugin", force: :cascade do |t|
@@ -1071,12 +1072,14 @@ ActiveRecord::Schema.define(version: 20151221105330) do
   end
   create_table "role_assignments", force: :cascade do |t|
-    t.integer "accessor_id",   null: false
-    t.string  "accessor_type"
-    t.integer "resource_id"
-    t.string  "resource_type"
-    t.integer "role_id",       null: false
-    t.boolean "is_global"
+    t.integer  "accessor_id",   null: false
+    t.string   "accessor_type"
+    t.integer  "resource_id"
+    t.string   "resource_type"
+    t.integer  "role_id",       null: false
+    t.boolean  "is_global"
+    t.datetime "created_at"
+    t.datetime "updated_at"
   end
   create_table "roles", force: :cascade do |t|
@@ -8,6 +8,19 @@ DocumentRoot &quot;/usr/share/noosfero/public&quot;
 RewriteEngine On
+# If your XMPP XMPP/BOSH isn't in localhost, change the config below to correct
+# point to address
+RewriteRule /http-bind http://localhost:5280/http-bind [P,QSA,L]
+<Proxy http://localhost:5280/http-bind>
+  Order Allow,Deny
+  Allow from All
+</Proxy>
+
+# Pass access to private files to backend
+RewriteMap private_files "dbm=sdbm:/usr/share/noosfero/cache/private_files"
+RewriteCond ${private_files:$1|NOT_FOUND} !NOT_FOUND
+RewriteRule ^(/articles/.*) ${private_files:$1} [P,QSA,L]
+
 # Rewrite index to check for static index.html
 RewriteRule ^/$ /index.html [QSA]
+noosfero (1.4) jessie-test; urgency=medium
+
+  * Noosfero 1.4
+
+ -- Antonio Terceiro <terceiro@colivre.coop.br>  Thu, 18 Feb 2016 16:20:23 -0200
+
 noosfero (1.4~rc3) jessie-test; urgency=medium
   * Noosfero 1.4 RC3
@@ -5,8 +5,6 @@ set -e
 # dbconfig-common uses "pgsql", but we want "postgresql"
 sed -i -e 's/adapter: pgsql/adapter: postgresql/' /etc/noosfero/database.yml
-/etc/init.d/noosfero setup
-
 cd /usr/share/noosfero && su noosfero -c "rake db:schema:load RAILS_ENV=production"
 cd /usr/share/noosfero && su noosfero -c "rake db:migrate RAILS_ENV=production SCHEMA=/dev/null"
 cd /usr/share/noosfero && su noosfero -c "rake db:data:minimal RAILS_ENV=production"
@@ -2,7 +2,5 @@
 set -e
-/etc/init.d/noosfero setup
-
 cd /usr/share/noosfero && su noosfero -c "rake db:migrate RAILS_ENV=production SCHEMA=/dev/null"
 var/tmp/noosfero                                    usr/share/noosfero/tmp
 var/log/noosfero                                    usr/share/noosfero/log
+var/cache/noosfero                                  usr/share/noosfero/cache
 etc/noosfero/database.yml                           usr/share/noosfero/config/database.yml
 etc/noosfero/unicorn.rb                             usr/share/noosfero/config/unicorn.rb
 etc/noosfero/plugins                                usr/share/noosfero/config/plugins
@@ -68,10 +68,17 @@ if [ ! -z &quot;$RET&quot; ]; then
   export NOOSFERO_DOMAIN="$RET"
 fi
+/etc/init.d/noosfero setup
+
 # dbconfig-common magic
 . /usr/share/dbconfig-common/dpkg/postinst
 dbc_go noosfero $@
+if [ ! -f /usr/share/noosfero/cache/private_files.pag ] && [ $1 = "configure" ] && [ -n  $2 ]; then
+  echo "Creating private files dbm map..."
+  cd /usr/share/noosfero && su noosfero -c "rake cache:private_files RAILS_ENV=production"
+fi
+
 # stop debconf to avoid the problem with infinite hanging, cfe
 # http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=295477
 db_stop
@@ -17,13 +17,13 @@ if test -x /usr/share/noosfero/script/apacheconf; then
   if ! test -e "$apache_site"; then
     echo "Generating apache virtual host ..."
     cd /usr/share/noosfero && su noosfero -c "RAILS_ENV=production ./script/apacheconf virtualhosts" > "$apache_site"
-  else
-    pattern="Include \/etc\/noosfero\/apache\/virtualhost.conf"
-    include="Include \/usr\/share\/noosfero\/util\/chat\/apache\/xmpp.conf"
-    if ! cat $apache_site | grep "^ *$include" > /dev/null ; then
-      echo "Updating apache virtual host ..."
-      sed -i "s/.*$pattern.*/  $include\n&/" $apache_site
-    fi
+  fi
+
+  # remove old way to include chat config
+  pattern="Include \/usr\/share\/noosfero\/util\/chat\/apache\/xmpp.conf"
+  if cat $apache_site | grep "^ *$pattern" > /dev/null ; then
+    echo "Removing obsolete chat configuration ..."
+    sed -i "/.*$pattern.*/d" $apache_site
   fi
   echo 'Noosfero Apache configuration updated.'
@@ -86,6 +86,13 @@ do_setup() {
     chmod 750 /var/tmp/noosfero
   fi
+  # Noosfero cache directory
+  if [ ! -d /var/cache/noosfero ]; then
+    mkdir /var/cache/noosfero
+    chown $NOOSFERO_USER:root /var/cache/noosfero
+    chmod 755 /var/cache/noosfero
+  fi
+
   # symlink the directories into Noosfero directory
   if [ ! -e $NOOSFERO_DIR/tmp ]; then
     ln -s /var/tmp/noosfero $NOOSFERO_DIR/tmp
@@ -96,6 +103,9 @@ do_setup() {
   if [ ! -e $NOOSFERO_DIR/log ]; then
     ln -s /var/log/noosfero $NOOSFERO_DIR/log
   fi
+  if [ ! -e $NOOSFERO_DIR/cache ]; then
+    ln -s /var/cache/noosfero $NOOSFERO_DIR/cache
+  fi
 }
 do_start() {
@@ -45,7 +45,7 @@ Feature: manage categories
     And I should see "Steak"
     When I follow "Hide"
     Then I should not see "Vegetarian"
-    And "Steak" should not be visible within "div"
+    And I should not see "Steak"
   @selenium
   Scenario: the show link is available just for categories with category tree
@@ -44,6 +44,7 @@ Feature: categories_block
     And I follow "Edit" within ".block-outer .categories-block"
     And I check "Product"
     And I press "Save"
+    And I go to /
     Then I should see "Food"
     And I should see "Book"
     And "Vegetarian" should not be visible within "span#category-name"
@@ -62,6 +63,7 @@ Feature: categories_block
     And I follow "Edit" within ".block-outer .categories-block"
     And I check "Product"
     And I press "Save"
+    And I go to /
     Then I should see "Book"
     And "Literature" should not be visible within "span#category-name"
     When I follow "block_2_category_2"
@@ -96,4 +96,4 @@ Feature: comment
   Scenario: hide post a comment button when clicked
     Given I am on /booking/article-to-comment
     And I follow "Post a comment"
-    Then "Post a comment" should not be visible within "#article"
+    Then "Post comment" should not be visible within "#article"
@@ -27,5 +27,7 @@ Feature: manage categories
     Then I should not see "Beans"
     And I should not see "Potatoes"
     When I follow "Show"
+    And I wait 0.5 seconds for Services show animation to finish
+    And I follow "Show"
     Then I should see "Beans"
     And I should see "Potatoes"
@@ -15,7 +15,7 @@ Background:
   Scenario: deactive user
     Given I follow "Deactivate user" within "tr[title='Joao Silva']"
     When I confirm the browser dialog
-    Then the "tr[title='Joao Silva'] td.actions a.icon-activate-user" button should be enabled
+    Then the field "tr[title='Joao Silva'] td.actions a.icon-activate-user" should be enabled
   @selenium
   Scenario: activate user
@@ -23,7 +23,7 @@ Background:
     And I confirm the browser dialog
     And I follow "Activate user" within "tr[title='Paulo Santos']"
     When I confirm the browser dialog
-    Then the "tr[title='Paulo Santos'] td.actions a.icon-deactivate-user" button should be enabled
+    Then the field "tr[title='Paulo Santos'] td.actions a.icon-deactivate-user" should be enabled
   @selenium
   Scenario: remove user
@@ -36,7 +36,7 @@ Background:
   Scenario: admin user
     Given I follow "Set admin role" within "tr[title='Joao Silva']"
     When I confirm the browser dialog
-    Then the "tr[title='Joao Silva'] td.actions a.icon-reset-admin-role" button should be enabled
+    Then the field "tr[title='Joao Silva'] td.actions a.icon-reset-admin-role" should be enabled
   @selenium
   Scenario: unadmin user
@@ -44,4 +44,4 @@ Background:
     And I confirm the browser dialog
     And I follow "Reset admin role" within "tr[title='Paulo Santos']"
     When I confirm the browser dialog
-    Then the "tr[title='Paulo Santos'] td.actions a.icon-set-admin-role" button should be enabled
+    Then the field "tr[title='Paulo Santos'] td.actions a.icon-set-admin-role" should be enabled
@@ -17,6 +17,7 @@ Feature: Use a secret community
     And I check "Secret"
     And I press "Save"
     And I follow "Logout"
+    And I go to /account/login
   @selenium
   Scenario: Hide privacity options when secret is checked
@@ -31,7 +31,8 @@ Feature: send emails to organization members
   Scenario: Send e-mail to members
     Given I am logged in as "joaosilva"
     And I go to Sample Community's members management
-    And I follow "Send e-mail to members"
+    And I check "checkbox-manoel"
+    And I press "Send e-mail to members"
     And I fill in "Subject" with "Hello, member!"
     And I fill in "Body" with "We have some news"
     When I press "Send"
@@ -40,7 +41,8 @@ Feature: send emails to organization members
   Scenario: Not send e-mail to members if subject is blank
     Given I am logged in as "joaosilva"
     And I go to Sample Community's members management
-    And I follow "Send e-mail to members"
+    And I check "checkbox-manoel"
+    And I press "Send e-mail to members"
     And I fill in "Body" with "We have some news"
     When I press "Send"
     Then I should be on /profile/sample-community/send_mail
@@ -48,7 +50,8 @@ Feature: send emails to organization members
   Scenario: Not send e-mail to members if body is blank
     Given I am logged in as "joaosilva"
     And I go to Sample Community's members management
-    And I follow "Send e-mail to members"
+    And I check "checkbox-manoel"
+    And I press "Send e-mail to members"
     And I fill in "Subject" with "Hello, user!"
     When I press "Send"
     Then I should be on /profile/sample-community/send_mail
@@ -56,7 +59,8 @@ Feature: send emails to organization members
   Scenario: Cancel creation of mailing
     Given I am logged in as "joaosilva"
     And I go to Sample Community's members management
-    And I follow "Send e-mail to members"
+    And I check "checkbox-manoel"
+    And I press "Send e-mail to members"
     When I follow "Cancel e-mail"
     Then I should be on Sample Community's members management
 Then /^"([^"]*)" should not be visible within "([^"]*)"$/ do |text, selector|
-  if page.has_content?(text)
-    page.should have_no_css(selector, :text => text, :visible => false)
-  end
+  page.should have_no_css selector, text: text, visible: false
 end
 Then /^"([^"]*)" should be visible within "([^"]*)"$/ do |text, selector|
-  if page.has_content?(text)
-    page.should have_css(selector, :text => text, :visible => false)
-  end
+  page.should have_css selector, text: text, visible: false
 end
 Then /^I should see "([^"]*)" link$/ do |text|
@@ -22,14 +18,14 @@ When /^I should see &quot;([^\&quot;]+)&quot; linking to &quot;([^\&quot;]+)&quot;$/ do |text, href|
   page.should have_xpath("//a[@href='#{href}']")
 end
-Then /^the "([^"]*)" button should be disabled$/ do |selector|
-  field = find(selector)
-  field['disabled'].should be_truthy
-end
+Then /^the field "([^"]*)" should be (enabled|disabled)$/ do |selector, status|
+  field = page.find(:css, selector)
-Then /^the "([^"]*)" button should be enabled$/ do |selector|
-  field = find(selector)
-  field['disabled'].should_not be_truthy
+  if status == 'enabled'
+    field.disabled?.should_not be_truthy
+  else
+    field.disabled?.should be_truthy
+  end
 end
 When /^I reload and wait for the page$/ do
@@ -7,7 +7,7 @@
 require 'uri'
 require 'cgi'
-require File.expand_path(File.join(File.dirname(__FILE__), "..", "support", "paths"))
+require_relative '../support/paths'
 module WithinHelpers
   def with_scope(locator)
@@ -39,37 +39,15 @@ end
 When /^(?:|I )follow "([^"]*)"(?: within "([^"]*)")?$/ do |link, selector|
   with_scope(selector) do
-    begin
-      click_link(link, :match => :prefer_exact)
-    rescue Selenium::WebDriver::Error::UnknownError => selenium_error
-      if selenium_error.message.start_with? 'Element is not clickable at point'
-        link = find_link(link)
-        href = link[:href]
-        onclick = link[:onClick]
-
-        warn "#{selenium_error.message}\n\n"\
-             "Trying to overcome this by:\n"
-
-        onclick_return = true
-
-        unless onclick.nil?
-          warn "\t* Running onClick JS:\n"\
-               "\t\t'#{onclick}'\n"
-          onclick_return = page.execute_script onclick
-        end
-
-        if onclick_return
-          warn "\t* Redirecting you to the link's href:\n"\
-               "\t\t'#{href}'\n"
-
-          visit href
-        end
-
-        warn "\nGood luck and be careful that this may produce hidden links to work on tests!\n"
-      else
-        raise selenium_error
-      end
+    link   = find :link_or_button, link, match: :prefer_exact
+    # If the link has child elements, then $(link).click() has no effect,
+    # so find the first child and click on it.
+    if Capybara.default_driver == :selenium
+      target = link.all('*').first || link
+    else
+      target = link
     end
+    target.click
   end
 end
@@ -21,3 +21,8 @@ Before do |scenario|
     puts "Can't find debugger or pry to debug"
   end
 end
+
+Then /^I open pry$/ do
+  require'pry';binding.pry
+end
+
@@ -65,5 +65,13 @@ Before do
   fixtures_folder = Rails.root.join('test', 'fixtures')
   fixtures = ['environments', 'roles']
   ActiveRecord::Fixtures.create_fixtures(fixtures_folder, fixtures)
+
+  # The same browser session is used across tests, so expire caching
+  # can create changes from scenario to another.
+  e=Environment.default
+  e.home_cache_in_minutes    = 0
+  e.general_cache_in_minutes = 0
+  e.profile_cache_in_minutes = 0
+  e.save
 end
@@ -22,6 +22,7 @@ public/thumbnails
 public/user_themes
 public/designs/themes/default
 public/designs/icons/default
+cache
 public/assets
 .sass-cache
@@ -52,8 +52,8 @@ class FilePresenter
     nil
   end
-  def download?(view=nil)
-    false
+  def download? view = nil
+    view.blank?
   end
   def short_description
@@ -165,6 +165,37 @@ module Noosfero
             end
           end
+          desc "Returns the total followers for the article" do
+            detail 'Get the followers of a specific article by id'
+            failure [[403, 'Forbidden']]
+            named 'ArticleFollowers'
+          end
+          get ':id/followers' do
+            article = find_article(environment.articles, params[:id])
+            total = article.person_followers.count
+            {:total_followers => total}
+          end
+
+          desc "Add a follower for the article" do
+            detail 'Add the current user identified by private token, like a follower of a article'
+            params Noosfero::API::Entities::UserLogin.documentation
+            failure [[401, 'Unauthorized']]
+            named 'ArticleFollow'
+          end
+          post ':id/follow' do
+            authenticate!
+            article = find_article(environment.articles, params[:id])
+            if article.article_followers.exists?(:person_id => current_person.id)
+              {:success => false, :already_follow => true}
+            else
+              article_follower = ArticleFollower.new
+              article_follower.article = article
+              article_follower.person = current_person
+              article_follower.save!
+              {:success => true}
+            end
+          end
+
           desc 'Return the children of a article identified by id' do
             detail 'Get all children articles of a specific article'
             params Noosfero::API::Entities::Article.documentation
 module Noosfero
   PROJECT = 'noosfero'
-  VERSION = '1.4~rc3'
+  VERSION = '1.4'
 end
 root = File.expand_path(File.dirname(__FILE__) + '/../..')
@@ -2,10 +2,10 @@ require_dependency &#39;models/vote&#39;
 class Vote
-  validates_uniqueness_of :voteable_id, :scope => [:voteable_type, :voter_type, :voter_id], :if => :allow_duplicated_vote?
+  validates_uniqueness_of :voteable_id, :scope => [:voteable_type, :voter_type, :voter_id], :unless => :allow_duplicate?
-  def allow_duplicated_vote?
-    voter.present?
+  def allow_duplicate?
+    voter.blank?
   end
   validate :verify_target_archived
@@ -0,0 +1,14 @@
+namespace :cache do
+  task :private_files => :environment do
+    require 'sdbm'
+
+    hash = {}
+    UploadedFile.where(:published => false).find_each do |uploaded_file|
+      hash[uploaded_file.public_filename] = uploaded_file.full_path
+    end
+
+    dbm = SDBM.open(UploadedFile::DBM_PRIVATE_FILE)
+    dbm.update(hash)
+    dbm.close
+  end
+end
 require_dependency 'profile'
-Profile.descendants.each do |subclass|
-  subclass.class_eval do
+class Profile
-    has_many :oauth_auths, foreign_key: :profile_id, class_name: 'OauthClientPlugin::Auth', dependent: :destroy
-    has_many :oauth_providers, through: :oauth_auths, source: :provider
+  has_many :oauth_auths, foreign_key: :profile_id, class_name: 'OauthClientPlugin::Auth', dependent: :destroy
+  has_many :oauth_providers, through: :oauth_auths, source: :provider
-  end
 end
@@ -33,4 +33,4 @@ Feature: rate_community
     Given I am on mycommunity's homepage
     When I follow "Rate this Community"
     Then I should see "Joao Silva" within ".star-profile-name"
-    And I should see Joao Silva's profile image
 \ No newline at end of file
+    And I should see Joao Silva's profile image
@@ -0,0 +1,23 @@
+Feature: vote_once_disable_cooldown
+  As a admin
+  I want to disable the cooldown time when vote once is enabled
+  Making it clearly that there is no cooldown when vote once is enabled
+
+  Background:
+    Given plugin "OrganizationRatings" is enabled on environment
+    And I am logged in as admin
+    And I go to /admin/plugins
+    And I check "Organization Ratings"
+    And I press "Save changes"
+
+  @selenium
+  Scenario: disable or enable the cooldown field when vote on is checked or unchecked
+    Given I follow "Administration"
+    And I follow "Plugins"
+    And I follow "Configuration"
+    And the field "#organization_ratings_config_cooldown" should be enabled
+    And I check "Vote once"
+    And the field "#organization_ratings_config_cooldown" should be disabled
+    And I uncheck "Vote once"
+    Then the field "#organization_ratings_config_cooldown" should be enabled
+
@@ -73,8 +73,8 @@ class OrganizationRatingsPlugin &lt; Noosfero::Plugin
   def js_files
     %w(
-      public/rate.js
-      public/organization_rating_management.js
+      rate.js
+      organization_rating_management.js
     )
   end
@@ -9,8 +9,8 @@
     cacheDom: function() {
-      this.$vote_once_checkbox = $("#environment_organization_ratings_vote_once");
-      this.$hours_timer_input = $("#environment_organization_ratings_cooldown");
+      this.$vote_once_checkbox = $("#organization_ratings_config_vote_once");
+      this.$hours_timer_input = $("#organization_ratings_config_cooldown");
     },
@@ -21,10 +21,22 @@
     verifyHoursTimerDisable: function() {
       if (this.$vote_once_checkbox.is(":checked")) {
-        this.$hours_timer_input.attr("disabled", "disabled");
+        //this.$hours_timer_input.attr("disabled", "disabled");
+        this.disableVoteOnce();
       } else {
-        this.$hours_timer_input.removeAttr("disabled");
+        //this.$hours_timer_input.removeAttr("disabled");
+        this.enableVoteOnce();
       }
+    },
+
+
+    enableVoteOnce: function() {
+      this.$hours_timer_input.removeAttr("disabled");
+    },
+
+
+    disableVoteOnce: function() {
+      this.$hours_timer_input.attr("disabled", "disabled");
     }
   }
@@ -14,11 +14,11 @@
 }
 .star-negative {
-  background-image: url('public/images/star-negative.png');
+  background-image: url('images/star-negative.png');
 }
 .star-positive {
-  background-image: url('public/images/star-positive.png');
+  background-image: url('images/star-positive.png');
 }
 .small-star-negative, .small-star-positive {
@@ -31,11 +31,11 @@
 }
 .small-star-negative {
-  background-image: url('public/images/small-star-negative.png');
+  background-image: url('images/small-star-negative.png');
 }
 .small-star-positive {
-  background-image: url('public/images/small-star-positive.png');
+  background-image: url('images/small-star-positive.png');
 }
 .medium-star-negative, .medium-star-positive {
@@ -48,11 +48,11 @@
 }
 .medium-star-positive {
-  background-image: url('public/images/star-positive-medium.png');
+  background-image: url('images/star-positive-medium.png');
 }
 .medium-star-negative {
-  background-image: url('public/images/star-negative-medium.png');
+  background-image: url('images/star-negative-medium.png');
 }
 .star-hide {
@@ -1,10 +0,0 @@
-require_dependency 'person'
-
-class Person
-
-  scope :with_role, -> role_id {
-    joins(:role_assignments).
-    where("role_assignments.role_id = #{role_id}")
-  }
-
-end
@@ -280,6 +280,21 @@ class MembersBlockTest &lt; ActionView::TestCase
     assert_includes block.roles, Profile::Roles.moderator(owner.environment.id)
   end
+  should 'count number of profiles by role' do
+    owner = fast_create(Community)
+    profile1 = fast_create(Person, {:public_profile => true})
+    profile2 = fast_create(Person, {:public_profile => true})
+
+    owner.add_member profile2
+    owner.add_moderator profile1
+
+    block = MembersBlock.new
+    block.visible_role = Profile::Roles.moderator(owner.environment.id).key
+    block.expects(:owner).returns(owner).at_least_once
+
+    assert_equivalent [profile1], block.profile_list
+  end
+
   protected
   include NoosferoTestHelper
@@ -25,7 +25,8 @@ class PgSearchPluginTest &lt; ActiveSupport::TestCase
     profile1 = fast_create(Profile, :identifier => 'profile1', :name => 'debugger')
     profile2 = fast_create(Profile, :identifier => 'profile2', :name => 'profile admin debugger')
     profile3 = fast_create(Profile, :identifier => 'profile3', :name => 'admin debugger')
-    assert_equal [profile2, profile3, profile1], search(Profile, 'profile admin deb')
+    profile4 = fast_create(Profile, :identifier => 'profile4', :name => 'simple user')
+    assert_equal [profile2, profile3, profile1, profile4], search(Profile, 'profile admin deb')
   end
   should 'locate profile escaping special characters' do
-class Person
+require_dependency 'person'
+class Person
   settings_items :site_tour_plugin_actions, :type => Array, :default => []
-
 end
@@ -15,6 +15,7 @@ class AccountControllerTest &lt; ActionController::TestCase
     t.date     "dtanas"
   end
   ActiveRecord::Base.establish_connection(:test)
+  StoaPlugin::UspUser.reset_column_information
   def setup
     @controller = AccountController.new
@@ -10,7 +10,7 @@
           <%= profile_image_link organization, :big, 'div' %>
         </div>
         <div class="related-organizations-item-column-right">
-          <%= link_to_homepage(organization.name, organization.identifier, :class => "search-result-title") %>
+          <%= link_to_homepage(organization.name, organization, :class => "search-result-title") %>
           <div class="related-organizations-description">
             <% if organization.description %>
               <% body_stripped = strip_tags(organization.description) %>
@@ -33,10 +33,14 @@ class VideoPlugin &lt; Noosfero::Plugin
   end
   def article_extra_toolbar_buttons(content)
-    if content.kind_of?(VideoPlugin::VideoGallery)
-      url = url_for(:action => 'new', :type=>'VideoPlugin::Video', :controller=>'cms', :parent_id => content.id)
-      {:title => _('New Video'), :url => url, :icon => 'button with-text icon-new'}
-    end
+    return [] if !content.kind_of?(VideoPlugin::VideoGallery)
+    {
+      :id=>"new-video-btn",
+      :class=>"button with-text icon-new",
+      :url=> {:action => 'new', :type=>'VideoPlugin::Video', :controller=>'cms', :parent_id => content.id},
+      :title=>_("New Video"),
+      :icon => :new
+    }
   end
 end
@@ -11,4 +11,4 @@
   <em><%= _('(empty video gallery)') %></em>
 <% else %>
   <%= list_videos(:contents=>video_gallery.children) %>
-<% end %>
 \ No newline at end of file
+<% end %>
@@ -48,3 +48,9 @@
   width: 80px;
 }
+.action-profile-send_mail .send-mail-recipients {
+  color: #888888;
+  padding: 10px;
+  width: 475px;
+  line-height: 15px;
+}
@@ -10,10 +10,9 @@ function send_order(order, url) {
   });
 }
-
 jQuery(document).ready(function(){
   jQuery("#comment_order").change(function(){
-    var url = jQuery("#page_url").val();
+    var url = window.location.href;
     send_order(this.value, url);
   });
-});
 \ No newline at end of file
+});
@@ -0,0 +1,25 @@
+(function($) {
+
+  //Autocomplete to list members
+  $('#filter-name-autocomplete').autocomplete({
+   minLength:2,
+   source:function(request,response){
+      $.ajax({
+        url:document.location.pathname+'/search_members',
+        dataType:'json',
+        data:{
+          filter_name:request.term
+        },
+        success:response
+      });
+   }
+  });
+})(jQuery);
+
+
+function toggle(source) {
+  checkboxes = document.getElementsByName('members_filtered[]');
+  for(var i=0, n=checkboxes.length;i<n;i++) {
+    checkboxes[i].checked = source.checked;
+  }
+}
@@ -207,3 +207,23 @@
   height: auto;
   font-size: 12px;
 }
+.action-profile-members .profile_link{
+	position: relative;
+}
+.action-profile-members .profile_link span.new-profile:last-child{
+	position: absolute;
+	top: 3px;
+	right: 2px;
+	text-transform: uppercase;
+	color: #FFF;
+	font-size: 9px;
+	background: #66CC33;
+	padding: 2px;
+	display: block;
+	width: 35px;
+	font-weight: 700;
+}
+.action-profile-members .profile_link .fn{
+	font-style: normal;
+	color: #000;
+}
@@ -17,7 +17,6 @@ when &#39;virtualhosts&#39;
       puts "  #{server_directive} #{domain.name}"
       server_directive = 'ServerAlias'
     end
-    puts "  Include /usr/share/noosfero/util/chat/apache/xmpp.conf"
     puts "  Include /etc/noosfero/apache/virtualhost.conf"
     puts "</VirtualHost>"
   end
@@ -23,7 +23,7 @@ start() {
   trap stop INT TERM EXIT
   whenever --write-crontab --set 'environment=development'
   mkdir -p log
-  touch log/development.log
+  touch log/development.log log/development_api.log
   if [ -z "$RAILS_RELATIVE_URL_ROOT" ]; then
     unicorn_rails --config-file lib/noosfero/unicorn.rb --daemonize $@
   else
@@ -32,7 +32,7 @@ start() {
       --config-file lib/noosfero/unicorn.rb \
       --daemonize
   fi
-  tail -n 0 -f log/development.log || true
+  tail -n 0 -f log/development.log log/development_api.log || true
 }
 start $@
@@ -130,6 +130,7 @@ fi
 # create needed directory
 mkdir -p tmp/pids
 mkdir -p tmp/cache
+mkdir cache
 # use default gitignore rules
 if [ ! -f .gitignore ]; then
@@ -103,3 +103,4 @@ environment_administrator:
    - manage_environment_templates
    - manage_environment_licenses
    - manage_email_templates
+   - edit_raw_html_block
@@ -1647,6 +1647,50 @@ class CmsControllerTest &lt; ActionController::TestCase
     assert_tag :tag => 'input', :attributes => {:name => 'article[accept_comments]', :value => 1, :type => 'checkbox'}
   end
+  should 'logged in user NOT be able to create topic on forum when topic creation is set to Me' do
+    u = create_user('linux')
+    login_as :linux
+    profile.articles << f = Forum.new(:name => 'Forum for test',
+                                      :topic_creation => 'self',
+                                      :body => 'Forum Body')
+
+    post :new, :profile => profile.identifier, :type => 'TinyMceArticle',
+               :article => {:name => 'New Topic by linux', :body => 'Article Body',
+                            :parent_id => f.id}
+
+    assert_template :access_denied
+    assert_not_equal 'New Topic by linux', Article.last.name
+  end
+
+  should 'logged in user NOT be able to create topic on forum when topic creation is set to Friends/Members' do
+    u = create_user('linux')
+    login_as :linux
+    profile.articles << f = Forum.new(:name => 'Forum for test',
+                                      :topic_creation => 'related',
+                                      :body => 'Forum Body')
+
+    post :new, :profile => profile.identifier, :type => 'TinyMceArticle',
+               :article => {:name => 'New Topic by linux', :body => 'Article Body',
+                            :parent_id => f.id}
+
+    assert_template :access_denied
+    assert_not_equal 'New Topic by linux', Article.last.name
+  end
+
+  should 'logged in user be able to create topic on forum when topic creation is set to Logged in users' do
+    u = create_user('linux')
+    login_as :linux
+    profile.articles << f = Forum.new(:name => 'Forum for test',
+                                      :topic_creation => 'users',
+                                      :body => 'Forum Body')
+
+    post :new, :profile => profile.identifier, :type => 'TinyMceArticle',
+               :article => {:name => 'New Topic by linux', :body => 'Article Body',
+                            :parent_id => f.id}
+
+    assert_equal 'New Topic by linux', Article.last.name
+  end
+
   should 'display accept comments option when editing forum post with a different label' do
     profile.articles << f = Forum.new(:name => 'Forum for test')
     profile.articles << a = TinyMceArticle.new(:name => 'Forum post for test', :parent => f)
@@ -387,10 +387,26 @@ class CommentControllerTest &lt; ActionController::TestCase
     Article.record_timestamps = true
     login_as @profile.identifier
-    xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => { :title => 'crap!', :body => 'I think that this article is crap' }, :confirm => 'true'
+    xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => {:title => 'crap!', :body => 'I think that this article is crap' }, :confirm => 'true'
     assert_not_equal yesterday, page.reload.updated_at
   end
+  should 'follow article when commenting' do
+    page = create(Article, :profile => profile, :name => 'myarticle', :body => 'the body of the text')
+    login_as @profile.identifier
+
+    xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => {:title => 'crap!', :body => 'I think that this article is crap', :follow_article => true}, :confirm => 'true'
+    assert_includes page.person_followers, @profile
+  end
+
+  should 'not follow article when commenting' do
+    page = create(Article, :profile => profile, :name => 'myarticle', :body => 'the body of the text')
+    login_as @profile.identifier
+
+    xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => {:title => 'crap!', :body => 'I think that this article is crap', :follow_article => false }, :confirm => 'true'
+    assert_not_includes page.person_followers, @profile
+  end
+
   should 'be able to mark comments as spam' do
     login_as profile.identifier
     article = fast_create(Article, :profile_id => profile.id)
@@ -51,27 +51,26 @@ class ContentViewerControllerTest &lt; ActionController::TestCase
     assert_response :missing
   end
-  should 'produce a download-link when article is a uploaded file' do
+  should 'produce a download-link when view page is true' do
     profile = create_user('someone').person
     html = UploadedFile.create! :uploaded_data => fixture_file_upload('/files/500.html', 'text/html'), :profile => profile
     html.save!
-    get :view_page, :profile => 'someone', :page => [ '500.html' ]
+    get :view_page, :profile => 'someone', :page => [ '500.html' ], :view => true
     assert_response :success
-    assert_match /#{html.public_filename}/, @response.body
+    assert_select "a[href=#{html.full_path}]"
   end
-  should 'download file when article is image' do
+  should 'download file when view page is blank' do
     profile = create_user('someone').person
     image = UploadedFile.create! :uploaded_data => fixture_file_upload('/files/rails.png', 'image/png'), :profile => profile
     image.save!
     get :view_page, :profile => 'someone', :page => [ 'rails.png' ]
-    assert_response :success
-    assert_not_nil assigns(:page).data
-    assert_match /image\/png/, @response.headers['Content-Type']
+    assert_response :redirect
+    assert_redirected_to image.public_filename
   end
   should 'display image on a page when article is image and has a view param' do
@@ -342,6 +341,27 @@ class ContentViewerControllerTest &lt; ActionController::TestCase
     assert_tag :content => /list my comment/
   end
+  should 'order comments according to comments ordering option' do
+    article = fast_create(Article, :profile_id => profile.id)
+    for n in 1..24
+      article.comments.create!(:author => profile, :title => "some title #{n}", :body => "some body #{n}")
+    end
+
+    get 'view_page', :profile => profile.identifier, :page => article.path.split('/')
+
+    for i in 1..12
+      assert_tag :tag => 'div', :attributes => { :class => 'comment-details' }, :descendant => { :tag => 'h4', :content => "some title #{i}" }
+      assert_no_tag :tag => 'div', :attributes => { :class => 'comment-details' }, :descendant => { :tag => 'h4', :content => "some title #{i + 12}" }
+    end
+
+    xhr :get, :view_page, :profile => profile.identifier, :page => article.path.split('/'), :comment_page => 1, :comment_order => 'newest'
+
+    for i in 1..12
+      assert_no_tag :tag => 'div', :attributes => { :class => 'comment-details' }, :descendant => { :tag => 'h4', :content => "some title #{i}" }
+      assert_tag :tag => 'div', :attributes => { :class => 'comment-details' }, :descendant => { :tag => 'h4', :content => "some title #{i + 12}" }
+    end
+  end
+
   should 'redirect to new article path under an old path' do
     p = create_user('test_user').person
     a = p.articles.create(:name => 'old-name')
@@ -1291,18 +1311,6 @@ class ContentViewerControllerTest &lt; ActionController::TestCase
     assert_tag :tag => 'div', :attributes => { :id => 'article-actions' }, :descendant => { :tag => 'a', :attributes => { :title => 'This button is expired.', :class => 'button with-text icon-edit disabled' } }
   end
-  should 'remove email from article followers when unfollow' do
-    profile = create_user('testuser').person
-    follower_email = 'john@doe.br'
-    article = profile.articles.create(:name => 'test')
-    article.followers = [follower_email]
-    article.save
-
-    assert_includes Article.find(article.id).followers, follower_email
-    post :view_page, :profile => profile.identifier, :page => [article.name], :unfollow => 'commit', :email => follower_email
-    assert_not_includes Article.find(article.id).followers, follower_email
-  end
-
   should 'not display comments marked as spam' do
     article = fast_create(Article, :profile_id => profile.id)
     ham = fast_create(Comment, :source_id => article.id, :source_type => 'Article', :title => 'some content')
@@ -1377,7 +1385,7 @@ class ContentViewerControllerTest &lt; ActionController::TestCase
     assert_equal 15, article.comments.count
     get 'view_page', :profile => profile.identifier, :page => article.path.split('/')
-    assert_tag :tag => 'a', :attributes => { :href => "/#{profile.identifier}/#{article.path}?comment_page=2", :rel => 'next' }
+    assert_tag :tag => 'a', :attributes => { :href => "/#{profile.identifier}/#{article.path}?comment_order=oldest&amp;comment_page=2", :rel => 'next' }
   end
   should 'not escape acceptable HTML in list of blog posts' do
@@ -18,6 +18,19 @@ class ProfileControllerTest &lt; ActionController::TestCase
     assert assigns(:friends)
   end
+  should 'remove person from article followers when unfollow' do
+    profile = create_user('testuser').person
+    follower = create_user('follower').person
+    article = profile.articles.create(:name => 'test')
+    article.person_followers = [follower]
+    article.save
+    login_as('follower')
+    article.reload
+    assert_includes Article.find(article.id).person_followers, follower
+    post :unfollow_article, :article_id => article.id
+    assert_not_includes Article.find(article.id).person_followers, follower
+  end
+
   should 'point to manage friends in user is seeing his own friends' do
     login_as('testuser')
     get :friends
@@ -1338,6 +1351,24 @@ class ProfileControllerTest &lt; ActionController::TestCase
     assert_equivalent [scrap,activity], assigns(:activities).map(&:activity)
   end
+  should "follow an article" do
+    article = TinyMceArticle.create!(:profile => profile, :name => 'An article about free software')
+    login_as(@profile.identifier)
+    post :follow_article, :profile => profile.identifier, :article_id => article.id
+    assert_includes article.person_followers, @profile
+  end
+
+  should "unfollow an article" do
+    article = TinyMceArticle.create!(:profile => profile, :name => 'An article about free software')
+    article.person_followers << @profile
+    article.save!
+    assert_includes article.person_followers, @profile
+
+    login_as(@profile.identifier)
+    post :unfollow_article, :profile => profile.identifier, :article_id => article.id
+    assert_not_includes article.person_followers, @profile
+  end
+
   should "be logged in to leave comment on an activity" do
     article = TinyMceArticle.create!(:profile => profile, :name => 'An article about free software')
     activity = ActionTracker::Record.last
@@ -1434,11 +1465,41 @@ class ProfileControllerTest &lt; ActionController::TestCase
     create_user_with_permission('profile_moderator_user', 'send_mail_to_members', community)
     login_as('profile_moderator_user')
     @controller.stubs(:locale).returns('pt')
+
     assert_difference 'Delayed::Job.count', 1 do
       post :send_mail, :profile => community.identifier, :mailing => {:subject => 'Hello', :body => 'We have some news'}
     end
   end
+  should 'send to members_filtered if available' do
+    community = fast_create(Community)
+    create_user_with_permission('profile_moderator_user', 'send_mail_to_members', community)
+    person = create_user('Any').person
+    community.add_member(person)
+    community.save!
+    login_as('profile_moderator_user')
+
+    post :send_mail, :profile => community.identifier, :mailing => {:subject => 'Hello', :body => 'We have some news'}
+    assert_equivalent community.members, OrganizationMailing.last.recipients
+
+    @request.session[:members_filtered] = [person.id]
+    post :send_mail, :profile => community.identifier, :mailing => {:subject => 'RUN!!', :body => 'Run to the hills!!'}
+    assert_equal [person], OrganizationMailing.last.recipients
+  end
+
+  should 'send email to all members if there is no valid member in members_filtered' do
+    community = fast_create(Community)
+    create_user_with_permission('profile_moderator_user', 'send_mail_to_members', community)
+    person = create_user('Any').person
+    community.add_member(person)
+    community.save!
+    login_as('profile_moderator_user')
+
+    @request.session[:members_filtered] = [Profile.last.id+1]
+    post :send_mail, :profile => community.identifier, :mailing => {:subject => 'RUN!!', :body => 'Run to the hills!!'}
+    assert_empty OrganizationMailing.last.recipients
+  end
+
   should 'save mailing' do
     community = fast_create(Community)
     create_user_with_permission('profile_moderator_user', 'send_mail_to_members', community)
@@ -311,6 +311,12 @@ class ProfileDesignControllerTest &lt; ActionController::TestCase
     assert_equal 999, @b1.article_id
   end
+  should 'not be able to save a non editable block' do
+    Block.any_instance.expects(:editable?).returns(false)
+    post :save, :profile => 'designtestuser', :id => @b1.id, :block => { }
+    assert_response :forbidden
+  end
+
   should 'be able to edit ProductsBlock' do
     block = ProductsBlock.new
@@ -31,6 +31,31 @@ class ProfileMembersControllerTest &lt; ActionController::TestCase
     assert_template 'index'
   end
+  should 'access index and filter members by name and roles' do
+
+    ent = fast_create(Enterprise, :identifier => 'test_enterprise', :name => 'test enterprise')
+    roles = {
+     :admin => Profile::Roles.admin(Environment.default),
+     :member => Profile::Roles.member(Environment.default)
+    }
+
+    member = create_user('test_member', :email => 'testmember@test.com.br').person
+    member.add_role(roles[:member], ent)
+
+    admin = create_user('test_admin').person
+    admin.add_role roles[:admin], ent
+
+    user = create_user_with_permission('test_user', 'manage_memberships', ent)
+    login_as :test_user
+
+    post :index, :profile => 'test_enterprise' , :filters => {:name => 'testmember@test.com.br', :roles => [roles[:member].id]}
+
+    assert_response :success
+    assert_template 'index'
+
+    assert_includes assigns(:data)[:members], member
+  end
+
   should 'show form to change role' do
     ent = fast_create(Enterprise, :identifier => 'test_enterprise', :name => 'test enterprise')
     role = Profile::Roles.member(Environment.default)
@@ -171,7 +196,7 @@ class ProfileMembersControllerTest &lt; ActionController::TestCase
     login_as :test_user
     get :index, :profile => community.identifier
-    assert_tag :tag => 'a', :attributes => {:href => /send_mail/}
+    assert_tag :tag => 'input', :attributes => {:value => 'Send e-mail to members'}
   end
   should 'not display send email to members if doesn\'t have the permission' do
@@ -13,17 +13,15 @@ class EnableDisableFeaturesTest &lt; ActionDispatch::IntegrationTest
     assert_tag :tag => 'input', :attributes => { :name => 'environment[enabled_features][]', :value => 'feature2' }
     assert_tag :tag => 'input', :attributes => { :name => 'environment[enabled_features][]', :value => 'feature3' }
-    post '/admin/features/update'
-    assert_response :redirect
+    post_via_redirect '/admin/features/update'
+    assert_response :success
-    follow_redirect!
     assert_response :success
     assert_equal '/admin/features', path
-    post '/admin/features/update', :environments => { :enabled_features => [ 'feature1' ], :organization_approval_method => 'region' }
-    assert_response :redirect
+    post_via_redirect '/admin/features/update', :environments => { :enabled_features => [ 'feature1' ], :organization_approval_method => 'region' }
+    assert_response :success
-    follow_redirect!
     assert_equal '/admin/features', path
   end
@@ -61,10 +61,9 @@ class EnterpriseRegistrationTest &lt; ActionDispatch::IntegrationTest
     assert_response :success
     assert_tag :form, :attributes => { :action => "/myprofile/myorg/enterprise_validation/approve/#{code}" }
-    post "/myprofile/myorg/enterprise_validation/approve/#{code}"
-    assert_response :redirect
+    post_via_redirect "/myprofile/myorg/enterprise_validation/approve/#{code}"
+    assert_response :success
-    follow_redirect!
     assert_equal "/myprofile/myorg/enterprise_validation/view_processed/#{code}", path
     assert_tag :span, :attributes =>  { :class => 'validation_approved' }
   end
@@ -24,11 +24,10 @@ class ManageDocumentsTest &lt; ActionDispatch::IntegrationTest
     assert_tag :tag => 'form', :attributes => { :action => '/myprofile/myuser/cms/new', :method => /post/i }
     assert_difference 'Article.count' do
-      post '/myprofile/myuser/cms/new', :type => 'TinyMceArticle', :article => { :name => 'my article', :body => 'this is the body of ther article'}
+      post_via_redirect '/myprofile/myuser/cms/new', :type => 'TinyMceArticle', :article => { :name => 'my article', :body => 'this is the body of ther article'}
     end
-    assert_response :redirect
-    follow_redirect!
+    assert_response :success
     a = Article.find_by_path('my-article')
     assert_equal "/myuser/#{a.slug}", path
   end
@@ -55,14 +54,13 @@ class ManageDocumentsTest &lt; ActionDispatch::IntegrationTest
     assert_tag :tag => 'form', :attributes => { :action => "/myprofile/myuser/cms/edit/#{article.id}", :method => /post/i }
     assert_no_difference 'Article.count' do
-      post "/myprofile/myuser/cms/edit/#{article.id}", :article => { :name => 'my article', :body => 'this is the body of the article'}
+      post_via_redirect "/myprofile/myuser/cms/edit/#{article.id}", :article => { :name => 'my article', :body => 'this is the body of the article'}
     end
     article.reload
     assert_equal 'this is the body of the article', article.body
-    assert_response :redirect
-    follow_redirect!
+    assert_response :success
     a = Article.find_by_path('my-article')
     assert_equal "/myuser/#{a.slug}", path
   end
@@ -84,10 +82,9 @@ class ManageDocumentsTest &lt; ActionDispatch::IntegrationTest
     assert_response :success
     assert_tag tag: 'a', attributes: { href: "/myprofile/myuser/cms/destroy/#{article.id}", 'data-confirm' => /Are you sure/ }
-    post "/myprofile/myuser/cms/destroy/#{article.id}"
+    post_via_redirect "/myprofile/myuser/cms/destroy/#{article.id}"
-    assert_response :redirect
-    follow_redirect!
+    assert_response :success
     assert_equal "/myuser", path
     # the article was actually deleted
@@ -24,11 +24,10 @@ class ManageFriendshipsTest &lt; ActionDispatch::IntegrationTest
     get "/myprofile/#{@person.identifier}/friends/remove/#{@friend.id}"
     assert_response :success
-    post "/myprofile/#{@person.identifier}/friends/remove/#{@friend.id}",
+    post_via_redirect "/myprofile/#{@person.identifier}/friends/remove/#{@friend.id}",
       :confirmation => '1'
-    assert_response :redirect
+    assert_response :success
-    follow_redirect!
     assert assigns(:friends).empty?
     refute @person.is_a_friend?(@friend)
@@ -14,9 +14,8 @@ class ActionDispatch::IntegrationTest
   def login(username, password)
     ActionDispatch::Integration::Session.any_instance.stubs(:https?).returns(true)
-    post '/account/login', :user => { :login => username, :password => password }
-    assert_response :redirect
-    follow_redirect!
+    post_via_redirect '/account/login', :user => { :login => username, :password => password }
+    assert_response :success
     assert_not_equal '/account/login', path
   end
@@ -0,0 +1,34 @@
+
+require_relative "../test_helper"
+
+class AccessControlTest < ActiveSupport::TestCase
+
+  include ActsAsAccessor
+
+  should 'raise exception if parameter is not a profile' do
+    assert_raises(TypeError) { member_relation_of(nil) }
+  end
+
+  should 'Verify relation among member and community' do
+    person = fast_create(Person)
+    community = fast_create(Community)
+    assert_difference 'person.member_relation_of(community).count', 2 do
+      community.add_member(person)
+    end
+  end
+
+  should 'Member does not belong to community' do
+    person = fast_create(Person)
+    community = fast_create(Community)
+    assert_nil person.member_since_date(community)
+  end
+
+  should 'Verify if enter date of member in community is available' do
+    person = fast_create(Person)
+    community = fast_create(Community)
+    community.add_member(person)
+
+    assert_instance_of Date, person.member_since_date(community)
+  end
+
+end
@@ -89,7 +89,8 @@ class ActionTrackerNotificationTest &lt; ActiveSupport::TestCase
   end
   should "have comments through article action_tracker" do
-    person = create_user.person
+    user = User.current = create_user
+    person = user.person
     article = create(TextileArticle, :profile_id => person.id)
     process_delayed_job_queue
     notification = ActionTrackerNotification.last
@@ -39,6 +39,41 @@ class ArticlesTest &lt; ActiveSupport::TestCase
     assert_equal 403, last_response.status
   end
+  should 'follow a article identified by id' do
+    article = fast_create(Article, :profile_id => @person.id, :name => "Some thing")
+    post "/api/v1/articles/#{article.id}/follow?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+
+    assert_not_equal 401, last_response.status
+    assert_equal true, json['success']
+  end
+
+  should 'return the followers count of an article' do
+    article = fast_create(Article, :profile_id => @person.id, :name => "Some thing")
+    article.person_followers << @person
+
+    get "/api/v1/articles/#{article.id}?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+
+    assert_equal 200, last_response.status
+    assert_equal 1, json['article']['followers_count']
+  end
+
+  should 'return the followers of a article identified by id' do
+    article = fast_create(Article, :profile_id => @person.id, :name => "Some thing")
+
+    article_follower = ArticleFollower.new
+    article_follower.article = article
+    article_follower.person = @person
+    article_follower.save!
+
+    get "/api/v1/articles/#{article.id}/followers?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+
+    assert_equal 200, last_response.status
+    assert_equal 1, json['total_followers']
+  end
+
   should 'list article children' do
     article = create(Article, :profile_id => user.person.id, :name => "Parent")
     child1 = create(Article, :parent_id => article.id, :profile_id => user.person.id, :name => "Some Child")
@@ -1043,6 +1043,31 @@ class ApplicationHelperTest &lt; ActionView::TestCase
     assert_equal c.top_url, top_url
   end
+  should "Extra info with hash" do
+    @plugins = mock
+    @plugins.stubs(:dispatch_first).returns(false)
+    env = Environment.default
+    stubs(:environment).returns(env)
+    stubs(:profile).returns(profile)
+    profile = fast_create(Person, :environment_id => env.id)
+    info = {:value =>_('New'), :class => 'new-profile'}
+    html = profile_image_link(profile, size=:portrait, tag='li', extra_info = info)
+    assert_tag_in_string html, :tag => 'span', :attributes => { :class => 'profile-image new-profile' }
+    assert_tag_in_string html, :tag => 'span', :attributes => { :class => 'extra_info new-profile' }, :content => 'New'
+  end
+
+  should "Extra info without hash" do
+    @plugins = mock
+    @plugins.stubs(:dispatch_first).returns(false)
+    env = Environment.default
+    stubs(:environment).returns(env)
+    stubs(:profile).returns(profile)
+    profile = fast_create(Person, :environment_id => env.id)
+    info = 'new'
+    html = profile_image_link(profile, size=:portrait, tag='li', extra_info = info)
+    assert_tag_in_string html, :tag => 'span', :attributes => { :class => 'extra_info' }, :content => 'new'
+  end
+
   protected
   include NoosferoTestHelper
@@ -140,6 +140,8 @@ class ArticleBlockTest &lt; ActiveSupport::TestCase
     block.article = file
     block.save!
+    UploadedFile.any_instance.stubs(:url).returns('myhost.mydomain/path/to/file')
+
     assert_tag_in_string instance_eval(&block.content), :tag => 'a', :content => _('Download')
   end
@@ -7,7 +7,8 @@ class ArticleTest &lt; ActiveSupport::TestCase
   def setup
     ActiveSupport::TestCase::setup
-    @profile = create_user('testing').person
+    user = User.current = create_user 'testing'
+    @profile = user.person
   end
   attr_reader :profile
@@ -21,6 +22,21 @@ class ArticleTest &lt; ActiveSupport::TestCase
     refute a.errors[:profile_id.to_s].present?
   end
+  should 'keep unique users in list of followers' do
+    person1 = create_user('article_owner').person
+    person2 = create_user('article_follower').person
+
+    article = fast_create(Article, :profile_id => person1.id)
+
+    article.person_followers=[person2]
+    article.save
+    article.reload
+    article.person_followers=[person2]
+    article.save
+
+    assert_equal 1, article.reload.person_followers.size
+  end
+
   should 'require value for name' do
     a = Article.new
     a.valid?
@@ -468,14 +484,12 @@ class ArticleTest &lt; ActiveSupport::TestCase
   end
   should 'say that logged off user cannot see private article' do
-    profile = fast_create(Profile, :name => 'test profile', :identifier => 'test_profile')
     article = fast_create(Article, :name => 'test article', :profile_id => profile.id, :published => false)
     refute article.display_to?(nil)
   end
   should 'say that not member of profile cannot see private article' do
-    profile = fast_create(Profile, :name => 'test profile', :identifier => 'test_profile')
     article = fast_create(Article, :name => 'test article', :profile_id => profile.id, :published => false)
     person = create_user('test_user').person
@@ -483,7 +497,6 @@ class ArticleTest &lt; ActiveSupport::TestCase
   end
   should 'say that member user can not see private article' do
-    profile = fast_create(Profile, :name => 'test profile', :identifier => 'test_profile')
     article = fast_create(Article, :name => 'test article', :profile_id => profile.id, :published => false, :show_to_followers => false)
     person = create_user('test_user').person
     profile.affiliate(person, Profile::Roles.member(profile.environment.id))
@@ -492,25 +505,23 @@ class ArticleTest &lt; ActiveSupport::TestCase
   end
   should 'say that profile admin can see private article' do
-    profile = fast_create(Profile, :name => 'test profile', :identifier => 'test_profile')
+    org = fast_create(Profile, :name => 'test profile', :identifier => 'test_profile')
     article = fast_create(Article, :name => 'test article', :profile_id => profile.id, :published => false)
-    person = create_user('test_user').person
-    profile.affiliate(person, Profile::Roles.admin(profile.environment.id))
+    org.affiliate(profile, Profile::Roles.admin(org.environment.id))
-    assert article.display_to?(person)
+    assert article.display_to?(profile)
   end
   should 'say that profile moderator can see private article' do
-    profile = fast_create(Profile, :name => 'test profile', :identifier => 'test_profile')
-    article = fast_create(Article, :name => 'test article', :profile_id => profile.id, :published => false)
-    person = create_user('test_user').person
-    profile.affiliate(person, Profile::Roles.moderator(profile.environment.id))
+    org = fast_create(Profile, :name => 'test profile', :identifier => 'test_profile')
+    article = fast_create(Article, :name => 'test article', :profile_id => org.id, :published => false)
+    org.affiliate(profile, Profile::Roles.moderator(org.environment.id))
-    assert article.display_to?(person)
+    assert article.display_to?(profile)
   end
   should 'show article to non member if article public but profile private' do
-    profile = fast_create(Profile, :name => 'test profile', :identifier => 'test_profile', :public_profile => false)
+    profile.update public_profile: false
     article = fast_create(Article, :name => 'test article', :profile_id => profile.id, :published => true)
     person1 = create_user('test_user1').person
     profile.affiliate(person1, Profile::Roles.member(profile.environment.id))
@@ -522,7 +533,6 @@ class ArticleTest &lt; ActiveSupport::TestCase
   end
   should 'make new article private if created inside a private folder' do
-    profile = fast_create(Profile, :name => 'test profile', :identifier => 'test_profile')
     folder = fast_create(Folder, :name => 'my_intranet', :profile_id => profile.id, :published => false)
     article = fast_create(Article, :name => 'my private article', :profile_id => profile.id, :parent_id => folder.id)
@@ -530,7 +540,6 @@ class ArticleTest &lt; ActiveSupport::TestCase
   end
   should 'save as private' do
-    profile = fast_create(Profile, :name => 'test profile', :identifier => 'test_profile')
     folder = fast_create(Folder, :name => 'my_intranet', :profile_id => profile.id, :published => false)
     article = fast_create(Article, :name => 'my private article')
     article.profile = profile
@@ -1012,13 +1021,13 @@ class ArticleTest &lt; ActiveSupport::TestCase
   should 'not notify activity by default on create' do
     ActionTracker::Record.delete_all
-    create Article, :name => 'test', :profile_id => fast_create(Profile).id, :published => true
+    create Article, :name => 'test', :profile_id => profile.id, :published => true
     assert_equal 0, ActionTracker::Record.count
   end
   should 'not notify activity by default on update' do
     ActionTracker::Record.delete_all
-    a = create Article, :name => 'bar', :profile_id => fast_create(Profile).id, :published => true
+    a = create Article, :name => 'bar', :profile_id => profile.id, :published => true
     a.name = 'foo'
     a.save!
     assert_equal 0, ActionTracker::Record.count
@@ -1026,13 +1035,13 @@ class ArticleTest &lt; ActiveSupport::TestCase
   should 'not notify activity by default on destroy' do
     ActionTracker::Record.delete_all
-    a = create Article, :name => 'bar', :profile_id => fast_create(Profile).id, :published => true
+    a = create Article, :name => 'bar', :profile_id => profile.id, :published => true
     a.destroy
     assert_equal 0, ActionTracker::Record.count
   end
   should 'create activity' do
-    a = create TextileArticle, :name => 'bar', :profile_id => fast_create(Profile).id, :published => true
+    a = create TextileArticle, :name => 'bar', :profile_id => profile.id, :published => true
     a.activity.destroy
     assert_nil a.activity
@@ -1212,10 +1221,9 @@ class ArticleTest &lt; ActiveSupport::TestCase
   end
   should 'get article galleries' do
-    p = fast_create(Profile)
-    a = fast_create(Article, :profile_id => p.id)
-    g = fast_create(Gallery, :profile_id => p.id)
-    assert_equal [g], p.articles.galleries
+    a = fast_create(Article, :profile_id => profile.id)
+    g = fast_create(Gallery, :profile_id => profile.id)
+    assert_equal [g], profile.articles.galleries
   end
   should 'has many translations' do
@@ -1236,7 +1244,7 @@ class ArticleTest &lt; ActiveSupport::TestCase
   end
   should 'validate inclusion of language' do
-    a = build(Article, :profile_id => fast_create(Profile).id)
+    a = build(Article, :profile_id => profile.id)
     a.language = '12'
     a.valid?
     assert a.errors[:language.to_s].present?
@@ -1268,7 +1276,7 @@ class ArticleTest &lt; ActiveSupport::TestCase
   end
   should 'list possible translations' do
-    native_article = fast_create(Article, :language => 'pt', :profile_id => fast_create(Profile).id             )
+    native_article = fast_create(Article, :language => 'pt', :profile_id => profile.id             )
     article_translation = fast_create(Article, :language => 'en', :translation_of_id => native_article.id)
     possible_translations = native_article.possible_translations
     refute possible_translations.include?('en')
@@ -1278,7 +1286,7 @@ class ArticleTest &lt; ActiveSupport::TestCase
   should 'verify if translation is already in use' do
     native_article = fast_create(Article, :language => 'pt')
     article_translation = fast_create(Article, :language => 'en', :translation_of_id => native_article.id)
-    a = build(Article, :profile => fast_create(Profile))
+    a = build(Article, :profile => profile)
     a.language = 'en'
     a.translation_of = native_article
     a.valid?
@@ -1290,7 +1298,7 @@ class ArticleTest &lt; ActiveSupport::TestCase
   should 'verify if native translation is already in use' do
     native_article = fast_create(Article, :language => 'pt')
-    a = build(Article, :profile => fast_create(Profile))
+    a = build(Article, :profile => profile)
     a.language = 'pt'
     a.translation_of = native_article
     a.valid?
@@ -1302,7 +1310,7 @@ class ArticleTest &lt; ActiveSupport::TestCase
   should 'translation have a language' do
     native_article = fast_create(Article, :language => 'pt')
-    a = build(Article, :profile_id => fast_create(Profile).id)
+    a = build(Article, :profile_id => profile.id)
     a.translation_of = native_article
     a.valid?
     assert a.errors[:language.to_s].present?
@@ -1312,8 +1320,8 @@ class ArticleTest &lt; ActiveSupport::TestCase
   end
   should 'native translation have a language' do
-    native_article = fast_create(Article, :profile_id => fast_create(Profile).id             )
-    a = build(Article, :profile_id => fast_create(Profile).id)
+    native_article = fast_create(Article, :profile_id => profile.id             )
+    a = build(Article, :profile_id => profile.id)
     a.language = 'en'
     a.translation_of = native_article
     a.valid?
@@ -1378,22 +1386,22 @@ class ArticleTest &lt; ActiveSupport::TestCase
   end
   should 'get only non translated articles' do
-    p = fast_create(Profile)
-    native = fast_create(Article, :language => 'pt', :profile_id => p.id)
-    translation = fast_create(Article, :language => 'en', :translation_of_id => native.id, :profile_id => p.id)
-    assert_equal [native], p.articles.native_translations
+    profile.articles.delete_all
+    native = fast_create(Article, :language => 'pt', :profile_id => profile.id)
+    translation = fast_create(Article, :language => 'en', :translation_of_id => native.id, :profile_id => profile.id)
+    assert_equal [native], profile.articles.native_translations
   end
   should 'not list own language as a possible translation if language has changed' do
-    a = build(Article, :language => 'pt', :profile_id => fast_create(Profile).id)
+    a = build(Article, :language => 'pt', :profile_id => profile.id)
     refute a.possible_translations.include?('pt')
-    a = fast_create(Article, :language => 'pt', :profile_id => fast_create(Profile).id             )
+    a = fast_create(Article, :language => 'pt', :profile_id => profile.id             )
     a.language = 'en'
     refute a.possible_translations.include?('en')
   end
   should 'list own language as a possible translation if language has not changed' do
-    a = fast_create(Article, :language => 'pt', :profile_id => fast_create(Profile).id)
+    a = fast_create(Article, :language => 'pt', :profile_id => profile.id)
     assert a.possible_translations.include?('pt')
   end
@@ -1435,7 +1443,6 @@ class ArticleTest &lt; ActiveSupport::TestCase
   should 'return only folders' do
     not_folders = [RssFeed, TinyMceArticle, Event, TextileArticle]
     folders = [Folder, Blog, Gallery, Forum]
-    profile = fast_create(Profile)
     not_folders.each do |klass|
       item = fast_create(klass)
@@ -1451,7 +1458,6 @@ class ArticleTest &lt; ActiveSupport::TestCase
   should 'return no folders' do
     not_folders = [RssFeed, TinyMceArticle, Event, TextileArticle]
     folders = [Folder, Blog, Gallery, Forum]
-    profile = fast_create(Profile)
     not_folders.each do |klass|
       item = fast_create(klass)
@@ -1611,18 +1617,16 @@ class ArticleTest &lt; ActiveSupport::TestCase
   end
   should 'delegate region info to profile' do
-    profile = fast_create(Profile)
-    Profile.any_instance.expects(:region)
-    Profile.any_instance.expects(:region_id)
+    Person.any_instance.expects(:region)
+    Person.any_instance.expects(:region_id)
     article = fast_create(Article, :profile_id => profile.id)
     article.region
     article.region_id
   end
   should 'delegate environment info to profile' do
-    profile = fast_create(Profile)
-    Profile.any_instance.expects(:environment)
-    Profile.any_instance.expects(:environment_id)
+    Person.any_instance.expects(:environment)
+    Person.any_instance.expects(:environment_id)
     article = fast_create(Article, :profile_id => profile.id)
     article.environment
     article.environment_id
@@ -1711,7 +1715,7 @@ class ArticleTest &lt; ActiveSupport::TestCase
   should 'has a empty list of followers by default' do
     a = Article.new
-    assert_equal [], a.followers
+    assert_equal [], a.person_followers
   end
   should 'get first image from lead' do
@@ -2229,6 +2233,14 @@ class ArticleTest &lt; ActiveSupport::TestCase
     end
   end
+  should 'be able to vote in an article without a user' do
+    article = create(Article, :name => 'Test', :profile => profile, :last_changed_by => nil)
+    assert_difference 'article.votes_for', 2 do
+      Vote.create!(:voteable => article, :vote => 1)
+      Vote.create!(:voteable => article, :vote => 1)
+    end
+  end
+
   should 'have can_display_media_panel with default false' do
     a = Article.new
     assert !a.can_display_media_panel?
@@ -2278,4 +2290,15 @@ class ArticleTest &lt; ActiveSupport::TestCase
     assert_match 'Parent folder is archived', err.message
   end
+  should 'return full_path' do
+    p1 = fast_create(Profile)
+    p2 = fast_create(Profile)
+    p2.domains << Domain.create!(:name => 'p2.domain')
+    a1 = fast_create(Article, :profile_id => p1.id)
+    a2 = fast_create(Article, :profile_id => p2.id)
+
+    assert_equal "/#{p1.identifier}/#{a1.path}", a1.full_path
+    assert_equal "/#{a2.path}", a2.full_path
+  end
+
 end
@@ -101,11 +101,9 @@ class BlogHelperTest &lt; ActionView::TestCase
   should 'display link to file if post is an uploaded_file' do
     file = create(UploadedFile, :uploaded_data => fixture_file_upload('/files/test.txt', 'text/plain'), :profile => profile, :published => true, :parent => blog)
-
     result = display_post(file)
-    assert_tag_in_string result, :tag => 'a',
-                                 :attributes => { :href => file.public_filename },
-                                 :content => _('Download')
+
+    assert_tag_in_string result, :tag => 'a', :content => _('Download')
   end
   should 'display image if post is an image' do
@@ -187,6 +187,7 @@ class BoxesHelperTest &lt; ActionView::TestCase
     block = Block.create!(:box => box)
     block.stubs(:embedable?).returns(true)
     stubs(:url_for).returns('')
+    @controller.stubs(:user).returns(box.owner)
     assert_tag_in_string block_edit_buttons(block), :tag => 'a', :attributes => {:class => 'button icon-button icon-embed '}
   end
@@ -195,6 +196,7 @@ class BoxesHelperTest &lt; ActionView::TestCase
     block = Block.create!(:box => box)
     block.stubs(:embedable?).returns(false)
     stubs(:url_for).returns('')
+    @controller.stubs(:user).returns(box.owner)
     assert_no_tag_in_string block_edit_buttons(block), :tag => 'a', :attributes => {:class => 'button icon-button icon-embed '}
   end
@@ -60,7 +60,7 @@ class CommentNotifierTest &lt; ActiveSupport::TestCase
   should "deliver mail to followers" do
     author = create_user('follower_author').person
     follower = create_user('follower').person
-    @article.followers += [follower.email]
+    @article.person_followers += [follower]
     @article.save!
     create_comment_and_notify(:source => @article, :author => author, :title => 'comment title', :body => 'comment body')
     assert_includes ActionMailer::Base.deliveries.map(&:bcc).flatten, follower.email
@@ -339,34 +339,27 @@ class CommentTest &lt; ActiveSupport::TestCase
     assert c.rejected?
   end
-  should 'subscribe user as follower of an article on new comment' do
+  should 'not subscribe user as follower of an article automatically on new comment' do
     owner = create_user('owner_of_article').person
     person = create_user('follower').person
     article = fast_create(Article, :profile_id => owner.id)
-    assert_not_includes article.followers, person.email
+    assert_not_includes article.person_followers, person
     create(Comment, :source => article, :author => person, :title => 'new comment', :body => 'new comment')
-    assert_includes article.reload.followers, person.email
+    assert_not_includes article.reload.person_followers, person
   end
-  should 'subscribe guest user as follower of an article on new comment' do
+  should 'not subscribe guest user as follower of an article on new comment' do
     article = fast_create(Article, :profile_id => create_user('article_owner').person.id)
-    assert_not_includes article.followers, 'follower@example.com'
+    old_num_followers = article.reload.person_followers.size
     create(Comment, :source => article, :name => 'follower', :email => 'follower@example.com', :title => 'new comment', :body => 'new comment')
-    assert_includes article.reload.followers, 'follower@example.com'
-  end
-
-  should 'keep unique emails in list of followers' do
-    article = fast_create(Article, :profile_id => create_user('article_owner').person.id)
-    create(Comment, :source => article, :name => 'follower one', :email => 'follower@example.com', :title => 'new comment', :body => 'new comment')
-    create(Comment, :source => article, :name => 'follower two', :email => 'follower@example.com', :title => 'another comment', :body => 'new comment')
-    assert_equal 1, article.reload.followers.select{|v| v == 'follower@example.com'}.count
+    assert_equal old_num_followers, article.reload.person_followers.size
   end
   should 'not subscribe owner as follower of an article on new comment' do
     owner = create_user('owner_of_article').person
     article = fast_create(Article, :profile_id => owner.id)
     create(Comment, :source => article, :author => owner, :title => 'new comment', :body => 'new comment')
-    assert_not_includes article.reload.followers, owner.email
+    assert_not_includes article.reload.person_followers, owner
   end
   should 'not subscribe admins as follower of an article on new comment' do
@@ -377,8 +370,13 @@ class CommentTest &lt; ActiveSupport::TestCase
     article = fast_create(Article, :profile_id => owner.id)
     create(Comment, :source => article, :author => follower, :title => 'new comment', :body => 'new comment')
     create(Comment, :source => article, :author => admin, :title => 'new comment', :body => 'new comment')
-    assert_not_includes article.reload.followers, admin.email
-    assert_includes article.followers, follower.email
+
+    article.person_followers += [follower]
+    article.save!
+    article.reload
+
+    assert_not_includes article.reload.person_followers, admin
+    assert_includes article.reload.person_followers, follower
   end
   should 'update article activity when add a comment' do
@@ -54,7 +54,19 @@ class HighlightsBlockTest &lt; ActiveSupport::TestCase
   should 'remove images with blank fields' do
     h = HighlightsBlock.new(:images => [{:image_id => 1, :address => '/address', :position => 1, :title => 'address'}, {:image_id => '', :address => '', :position => '', :title => ''}])
     h.save!
-    assert_equal [{:image_id => 1, :address => '/address', :position => 1, :title => 'address', :image_src => nil}], h.images
+    assert_equal [{:image_id => 1, :address => '/address', :position => 1, :title => 'address', :new_window => false, :image_src => nil}], h.images
+  end
+
+  should 'replace 1 and 0 by true and false in new_window attribute' do
+    image1 = {:image_id => 1, :address => '/address-1', :position => 1, :title => 'address-1', :new_window => '0'}
+    image2 = {:image_id => 2, :address => '/address-2', :position => 2, :title => 'address-2', :new_window => '1'}
+    h = HighlightsBlock.new(:images => [image1, image2])
+    h.save!
+    image1[:new_window] = false
+    image1[:image_src] = nil
+    image2[:new_window] = true
+    image2[:image_src] = nil
+    assert_equivalent [image1, image2], h.images
   end
   should 'be able to update display setting' do
@@ -84,7 +96,7 @@ class HighlightsBlockTest &lt; ActiveSupport::TestCase
     block.save!
     block.reload
     assert_equal 2, block.images.count
-    assert_equal [{:image_id => 1, :address => '/address', :position => 1, :title => 'address', :image_src => 'address'}], block.featured_images
+    assert_equal [{:image_id => 1, :address => '/address', :position => 1, :title => 'address', :new_window => false, :image_src => 'address'}], block.featured_images
   end
   should 'list images in order' do
@@ -21,6 +21,7 @@ class NoosferoTest &lt; ActiveSupport::TestCase
   should 'support setting default locale' do
     Noosfero.default_locale = 'pt_BR'
     assert_equal 'pt_BR', Noosfero.default_locale
+    Noosfero.default_locale = nil
   end
   should 'identifier format' do
@@ -98,6 +98,11 @@ class OrganizationMailingTest &lt; ActiveSupport::TestCase
     assert_equal [Person['user_one'], Person['user_two']], mailing.recipients
   end
+  should 'return recipients previously filtered' do
+    mailing = create(OrganizationMailing, :source => community, :subject => 'Hello', :body => 'We have some news', :person => person, :data => {:members_filtered => [Person['user_one'].id,Person['user_two'].id]})
+    assert_equivalent [Person['user_one'], Person['user_two']], mailing.recipients
+  end
+
   should 'return recipients according to limit' do
     mailing = create(OrganizationMailing, :source => community, :subject => 'Hello', :body => 'We have some news', :person => person)
     assert_equal [Person['user_one']], mailing.recipients(0, 1)
@@ -49,7 +49,8 @@ class PersonNotifierTest &lt; ActiveSupport::TestCase
   should 'display author name in delivered mail' do
     @community.add_member(@member)
     User.current = @admin.user
-    Comment.create!(:author => @admin, :title => 'test comment', :body => 'body!', :source => @article)
+    comment = Comment.create!(:author => @admin, :title => 'test comment', :body => 'body!', :source => @article)
+    comment.save!
     process_delayed_job_queue
     notify
     sent = ActionMailer::Base.deliveries.last
@@ -1845,4 +1845,100 @@ class PersonTest &lt; ActiveSupport::TestCase
     assert_equivalent [c1,c3], p1.comments
   end
+  should 'get people of one community by moderator role' do
+    community = fast_create(Community)
+    p1 = fast_create(Person)
+    p2 = fast_create(Person)
+
+    community.add_member p1
+    community.add_moderator p2
+
+    assert_equivalent [p2], Person.with_role(Profile::Roles.moderator(community.environment.id).id)
+  end
+
+  should 'get people of one community by admin role' do
+    community = fast_create(Community)
+    p1 = fast_create(Person)
+    p2 = fast_create(Person)
+
+    community.add_admin p1
+    community.add_member p2
+
+    assert_equivalent [p1], Person.with_role(Profile::Roles.admin(community.environment.id).id)
+  end
+
+  should 'get people with admin role of any community' do
+    c1 = fast_create(Community)
+    p1 = fast_create(Person)
+    p2 = fast_create(Person)
+    c1.add_admin p1
+    c1.add_member p2
+
+    c2 = fast_create(Community)
+    p3 = fast_create(Person)
+    p4 = fast_create(Person)
+
+    c2.add_admin p4
+    c2.add_member p3
+
+    assert_equivalent [p1, p4], Person.with_role(Profile::Roles.admin(c1.environment.id).id)
+  end
+
+  should 'get distinct people with moderator role of any community' do
+    c1 = fast_create(Community)
+    p1 = fast_create(Person)
+    p2 = fast_create(Person)
+    c1.add_member p1
+    c1.add_moderator p2
+
+    c2 = fast_create(Community)
+    p3 = fast_create(Person)
+    p4 = fast_create(Person)
+
+    c2.add_member p4
+    c2.add_moderator p3
+    c2.add_moderator p2
+
+    assert_equivalent [p2, p3], Person.with_role(Profile::Roles.moderator(c1.environment.id).id)
+  end
+
+  should 'count members of a community collected by moderator' do
+    c1 = fast_create(Community)
+    p1 = fast_create(Person)
+    p2 = fast_create(Person)
+    p3 = fast_create(Person)
+    c1.add_member p1
+    c1.add_moderator p2
+    c1.add_member p3
+
+    assert_equal 1, c1.members.with_role(Profile::Roles.moderator(c1.environment.id).id).count
+  end
+
+  should 'count people of any community collected by moderator' do
+    c1 = fast_create(Community)
+    p1 = fast_create(Person)
+    p2 = fast_create(Person)
+    c1.add_member p1
+    c1.add_moderator p2
+
+    c2 = fast_create(Community)
+    p3 = fast_create(Person)
+    p4 = fast_create(Person)
+
+    c2.add_member p4
+    c2.add_moderator p3
+    c2.add_moderator p2
+
+    assert_equal 2, Person.with_role(Profile::Roles.moderator(c1.environment.id).id).count
+  end
+
+  should 'check if a person is added like a member of a community today' do
+    person = create_user('person').person
+    community = fast_create(Community)
+
+    community.add_member person
+
+    assert !person.member_relation_of(community).empty?, "Person '#{person.identifier}' is not a member of Community '#{community.identifier}'"
+    assert person.member_since_date(community) == Date.today,"Person '#{person.identifier}' is not added like a member of Community '#{community.identifier}' today"
+  end
 end
@@ -1816,6 +1816,21 @@ class ProfileTest &lt; ActiveSupport::TestCase
     assert_equal [person], community.members
   end
+  should 'return a list members by email of a community' do
+    someone = create_user('Someone', email:'someone@test.com.br')
+    someperson = create_user('Someperson',email:'someperson@test.com.br')
+
+    community = fast_create(Community)
+    community.add_member(someone.person)
+    community.add_member(someperson.person)
+
+    result = community.members_like 'email', '@test.com.br'
+
+    assert_includes result, someone.person
+    assert_includes result, someperson.person
+
+  end
+
   should 'count unique members of a community' do
     person = fast_create(Person)
     community = fast_create(Community)
@@ -22,4 +22,20 @@ class RawHTMLBlockTest &lt; ActiveSupport::TestCase
     assert_match(/HTML$/, block.content)
   end
+  should 'not be editable for users without permission' do
+    environment = Environment.default
+    box = Box.new(:owner => environment)
+    block = RawHTMLBlock.new(:html => "HTML", :box => box)
+    user = create_user('testuser').person
+    assert !block.editable?(user)
+  end
+
+  should 'be editable for users with permission' do
+    environment = Environment.default
+    box = Box.new(:owner => environment)
+    block = RawHTMLBlock.new(:html => "HTML", :box => box)
+    user = create_user_with_permission('testuser', 'edit_raw_html_block', environment)
+    assert block.editable?(user)
+  end
+
 end
@@ -357,4 +357,25 @@ class UploadedFileTest &lt; ActiveSupport::TestCase
     assert_instance_of Fixnum, UploadedFile.max_size
   end
+  should 'add file to dbm if it becomes private' do
+    require 'sdbm'
+    public_file = create(UploadedFile, :uploaded_data => fixture_file_upload('/files/test.txt', 'text/plain'), :profile => profile, :published => true)
+    private_file = create(UploadedFile, :uploaded_data => fixture_file_upload('/files/rails.png', 'image/png'), :profile => profile, :published => false)
+
+    dbm = SDBM.open(UploadedFile::DBM_PRIVATE_FILE)
+    assert !dbm.has_key?(public_file.public_filename)
+    assert dbm.has_key?(private_file.public_filename)
+    dbm.close
+
+    public_file.published = false
+    public_file.save!
+    private_file.published = true
+    private_file.save!
+
+    dbm = SDBM.open(UploadedFile::DBM_PRIVATE_FILE)
+    assert dbm.has_key?(public_file.public_filename)
+    assert !dbm.has_key?(private_file.public_filename)
+    dbm.close
+  end
+
 end
@@ -1,11 +0,0 @@
-# If your XMPP XMPP/BOSH isn't in localhost, change the config below to correct
-# point to address
-
-  RewriteEngine On
-  RewriteRule /http-bind http://localhost:5280/http-bind [P,QSA,L]
-  <Proxy http://localhost:5280/http-bind>
-    Order Allow,Deny
-    Allow from All
-  </Proxy>
-
-# vim: ft=apache
@@ -19,9 +19,9 @@ module ActsAsAccessible
     nil
   end
-  def affiliate(accessor, roles)
+  def affiliate(accessor, roles, attributes = {})
     roles = Array(roles)
-    roles.map {|role| accessor.add_role(role, self)}.any?
+    roles.map {|role| accessor.add_role(role, self, attributes)}.any?
   end
   def disaffiliate(accessor, roles)
@@ -21,9 +21,9 @@ module ActsAsAccessor
     (actual_roles - roles).each {|r| remove_role(r, resource)}
   end
-  def add_role(role, resource)
-    attributes = role_attributes(role, resource)
-    if RoleAssignment.where(attributes).empty?
+  def add_role(role, resource, attributes = {})
+    attributes = role_attributes(role, resource).merge attributes
+    if RoleAssignment.find(:all, :conditions => attributes).empty?
       ra = RoleAssignment.new(attributes)
       role_assignments << ra
       resource.role_assignments << ra
@@ -44,6 +44,19 @@ module ActsAsAccessor
     RoleAssignment.where(role_attributes nil, res)
   end
+  def member_relation_of(profile)
+    raise TypeError, "Expected instance of 'Profile' class, but '#{profile.class.name}' was founded" unless profile.is_a? Profile
+
+    role_assignments.where(resource_id: profile.id)
+  end
+
+  def member_since_date(profile)
+    result = member_relation_of(profile).to_a
+    unless result.empty?
+      result.last.created_at ? result.last.created_at.to_date : Date.yesterday
+    end
+  end
+
   protected
   def role_attributes(role, resource)
     attributes = {:accessor_id => self.id, :accessor_type => self.class.base_class.name}
 class RoleAssignment < ActiveRecord::Base
-  attr_accessible :accessor_id, :accessor_type, :role_id, :resource_id, :resource_type
+  attr_accessible :accessor_id, :accessor_type, :role_id, :resource_id, :resource_type, :created_at
   belongs_to :role
   belongs_to :accessor, :polymorphic => true
	@@ -37,7 +37,7 @@ before_install:		@@ -37,7 +37,7 @@ before_install:
37	cache: bundler	37	cache: bundler
38		38
39	before_script:	39	before_script:
40	- - mkdir -p tmp/{pids,cache} log	40	+ - mkdir -p tmp/{pids,cache} log cache
41	- script/noosfero-plugins disableall	41	- script/noosfero-plugins disableall
42	#- bundle exec rake makemo &>/dev/null	42	#- bundle exec rake makemo &>/dev/null
43	# database	43	# database
	@@ -32,7 +32,8 @@ class CmsController < MyProfileController		@@ -32,7 +32,8 @@ class CmsController < MyProfileController
32	end	32	end
33		33
34	protect_if :only => [:new, :upload_files] do \|c, user, profile\|	34	protect_if :only => [:new, :upload_files] do \|c, user, profile\|
35	- parent = profile.articles.find_by_id(c.params[:parent_id])	35	+ parent_id = c.params[:article].present? ? c.params[:article][:parent_id] : c.params[:parent_id]
		36	+ parent = profile.articles.find_by_id(parent_id)
36	user && user.can_post_content?(profile, parent)	37	user && user.can_post_content?(profile, parent)
37	end	38	end
38		39
	@@ -2,8 +2,27 @@ class ProfileMembersController < MyProfileController		@@ -2,8 +2,27 @@ class ProfileMembersController < MyProfileController
2	protect 'manage_memberships', :profile	2	protect 'manage_memberships', :profile
3		3
4	def index	4	def index
5	- @members = profile.members_by_name
6	- @member_role = environment.roles.find_by_name('member')	5	+ @filters = params[:filters] \|\| {:roles => []}
		6	+ all_roles = Profile::Roles.organization_member_roles(environment.id) \| Profile::Roles.organization_custom_roles(environment.id, profile.id)
		7	+ @filters[:roles] = all_roles unless @filters[:roles].present?
		8	+ @data = {}
		9	+ field = 'name'
		10	+ field = 'email' if @filters[:name] =~ /\@/
		11	+
		12	+ @data[:members] = profile.members_by(field,@filters[:name]).by_role(@filters[:roles])
		13	+ session[:members_filtered] = @data[:members].map{\|m\|m.id} if request.post?
		14	+ @data[:roles] = all_roles
		15	+
		16	+ end
		17	+
		18	+ def send_mail
		19	+ session[:members_filtered] = params[:members_filtered].select{\|value\| value!="0"}
		20	+ if session[:members_filtered].present?
		21	+ redirect_to :controller => :profile, :action => :send_mail
		22	+ else
		23	+ session[:notice] = _("Select at least one member.")
		24	+ redirect_to :action => :index
		25	+ end
7	end	26	end
8		27
9	def update_roles	28	def update_roles
	@@ -156,4 +175,13 @@ class ProfileMembersController < MyProfileController		@@ -156,4 +175,13 @@ class ProfileMembersController < MyProfileController
156	end	175	end
157	end	176	end
158		177
		178	+ def search_members
		179	+ field = 'name'
		180	+ field = 'email' if params[:filter_name] =~ /\@/
		181	+
		182	+ result = profile.members_like field, params[:filter_name]
		183	+ result = result.select{\|member\| member.can_view_field?(current_person, "email") } if field=="email"
		184	+ render :json => result.map { \|member\| {:label => "#{member.name}#{member.can_view_field?(current_person, "email") ? " <#{member.email}>" : ""}", :value => member.name }}
		185	+ end
		186	+
159	end	187	end
	@@ -198,7 +198,7 @@ class AccountController < ApplicationController		@@ -198,7 +198,7 @@ class AccountController < ApplicationController
198	if request.post?	198	if request.post?
199	begin	199	begin
200	unless verify_recaptcha	200	unless verify_recaptcha
201	- @change_password.errors.add(:base, _('Please type the words correctly'))	201	+ @change_password.errors.add(:base, _('Please type the captcha text correctly'))
202	return false	202	return false
203	end	203	end
204		204
	@@ -155,6 +155,18 @@ class ProfileController < PublicController		@@ -155,6 +155,18 @@ class ProfileController < PublicController
155	end	155	end
156	end	156	end
157		157
		158	+ def follow_article
		159	+ article = profile.environment.articles.find params[:article_id]
		160	+ article.person_followers << user
		161	+ redirect_to article.url
		162	+ end
		163	+
		164	+ def unfollow_article
		165	+ article = profile.environment.articles.find params[:article_id]
		166	+ article.person_followers.delete(user)
		167	+ redirect_to article.url
		168	+ end
		169	+
158	def unblock	170	def unblock
159	if current_user.person.is_admin?(profile.environment)	171	if current_user.person.is_admin?(profile.environment)
160	profile.unblock	172	profile.unblock
	@@ -362,6 +374,7 @@ class ProfileController < PublicController		@@ -362,6 +374,7 @@ class ProfileController < PublicController
362	def send_mail	374	def send_mail
363	@mailing = profile.mailings.build(params[:mailing])	375	@mailing = profile.mailings.build(params[:mailing])
364	@email_templates = profile.email_templates.find_all_by_template_type(:organization_members)	376	@email_templates = profile.email_templates.find_all_by_template_type(:organization_members)
		377	+ @mailing.data = session[:members_filtered] ? {:members_filtered => session[:members_filtered]} : {}
365	if request.post?	378	if request.post?
366	@mailing.locale = locale	379	@mailing.locale = locale
367	@mailing.person = user	380	@mailing.person = user
	@@ -169,4 +169,30 @@ module ArticleHelper		@@ -169,4 +169,30 @@ module ArticleHelper
169	_('Edit')	169	_('Edit')
170	end	170	end
171		171
		172	+ def follow_button_text(article)
		173	+ if article.event?
		174	+ _('Attend')
		175	+ else
		176	+ _('Follow')
		177	+ end
		178	+ end
		179	+
		180	+ def unfollow_button_text(article)
		181	+ if article.event?
		182	+ _('Unattend')
		183	+ else
		184	+ _('Unfollow')
		185	+ end
		186	+ end
		187	+
		188	+ def following_button(page, user)
		189	+ if !user.blank? and user != page.author
		190	+ if page.is_followed_by? user
		191	+ button :cancel, unfollow_button_text(page), {:controller => 'profile', :action => 'unfollow_article', :article_id => page.id}
		192	+ else
		193	+ button :add, follow_button_text(page), {:controller => 'profile', :action => 'follow_article', :article_id => page.id}
		194	+ end
		195	+ end
		196	+ end
		197	+
172	end	198	end
	@@ -5,9 +5,17 @@ class OrganizationMailing < Mailing		@@ -5,9 +5,17 @@ class OrganizationMailing < Mailing
5	end	5	end
6		6
7	def recipients(offset=0, limit=100)	7	def recipients(offset=0, limit=100)
8	- source.members.order(:id).offset(offset).limit(limit)
9	- .joins("LEFT OUTER JOIN mailing_sents m ON (m.mailing_id = #{id} AND m.person_id = profiles.id)")	8	+ result = source.members.order(:id).offset(offset).limit(limit)
		9	+
		10	+ if data.present? and data.is_a?(Hash) and data[:members_filtered]
		11	+ result = result.where('profiles.id IN (?)', data[:members_filtered])
		12	+ end
		13	+
		14	+ if result.blank?
		15	+ result = result.joins("LEFT OUTER JOIN mailing_sents m ON (m.mailing_id = #{id} AND m.person_id = profiles.id)")
10	.where("m.person_id" => nil)	16	.where("m.person_id" => nil)
		17	+ end
		18	+ result
11	end	19	end
12		20
13	def each_recipient	21	def each_recipient
	@@ -19,7 +19,7 @@ class DisabledEnterpriseMessageBlock < Block		@@ -19,7 +19,7 @@ class DisabledEnterpriseMessageBlock < Block
19	end	19	end
20	end	20	end
21		21
22	- def editable?	22	+ def editable?(user=nil)
23	false	23	false
24	end	24	end
25		25
	@@ -56,6 +56,7 @@ class Environment < ActiveRecord::Base		@@ -56,6 +56,7 @@ class Environment < ActiveRecord::Base
56	'manage_environment_trusted_sites' => N_('Manage environment trusted sites'),	56	'manage_environment_trusted_sites' => N_('Manage environment trusted sites'),
57	'edit_appearance' => N_('Edit appearance'),	57	'edit_appearance' => N_('Edit appearance'),
58	'manage_email_templates' => N_('Manage Email Templates'),	58	'manage_email_templates' => N_('Manage Email Templates'),
		59	+ 'edit_raw_html_block' => N_('Edit Raw HTML block'),
59	}	60	}
60		61
61	module Roles	62	module Roles
	@@ -19,4 +19,9 @@ class RawHTMLBlock < Block		@@ -19,4 +19,9 @@ class RawHTMLBlock < Block
19	def has_macro?	19	def has_macro?
20	true	20	true
21	end	21	end
		22	+
		23	+ def editable?(user)
		24	+ user.has_permission?('edit_raw_html_block', environment)
		25	+ end
		26	+
22	end	27	end