Merge branch 'staging' of softwarepublico.gov.br:noosferogov/noosfero into staging

Leandro Santos
2 parents a635532c d0f2adc5
Showing 21 changed files with 337 additions and 11 deletions Show diff stats
app/models/block.rb
app/models/raw_html_block.rb
app/models/recent_documents_block.rb
app/views/blocks/raw_html.html.erb
lib/noosfero/api/api.rb
lib/noosfero/api/entities.rb
lib/noosfero/api/helpers.rb
lib/noosfero/api/v1/articles.rb
lib/noosfero/api/v1/blocks.rb
lib/noosfero/api/v1/people.rb
plugins/ldap/lib/ldap_plugin.rb
plugins/recent_content/lib/recent_content_block.rb
plugins/recent_content/test/unit/recent_content_block_test.rb
test/api/blocks_test.rb
test/api/boxes_test.rb
test/api/helpers_test.rb
test/api/people_test.rb
test/api/test_helper.rb
test/unit/block_test.rb
test/unit/raw_html_block_test.rb
@@ -76,6 +76,17 @@ class Block &lt; ApplicationRecord
     true
   end
+  def visible_to_user?(user)
+    visible = self.display_to_user?(user)
+    if self.owner.kind_of?(Profile)
+      visible &= self.owner.display_info_to?(user)
+      visible &= (self.visible? || user && user.has_permission?(:edit_profile_design, self.owner))
+    elsif self.owner.kind_of?(Environment)
+      visible &= (self.visible? || user && user.has_permission?(:edit_environment_design, self.owner))
+    end
+    visible
+  end
+
   def display_to_user?(user)
     display_user == 'all' || (user.nil? && display_user == 'not_logged') || (user && display_user == 'logged') || (user && display_user == 'followers' && user.follows?(owner))
   end
@@ -314,6 +325,14 @@ class Block &lt; ApplicationRecord
     self.observers << block
   end
+  def api_content
+    nil
+  end
+
+  def display_api_content_by_default?
+    false
+  end
+
   private
   def home_page_path
@@ -20,4 +20,12 @@ class RawHTMLBlock &lt; Block
     user.has_permission?('edit_raw_html_block', environment)
   end
+  def api_content
+    { html: html }
+  end
+
+  def display_api_content_by_default?
+    true
+  end
+
 end
@@ -29,4 +29,12 @@ class RecentDocumentsBlock &lt; Block
   def self.expire_on
       { :profile => [:article], :environment => [:article] }
   end
+
+  def api_content
+    Noosfero::API::Entities::ArticleBase.represent(docs).as_json
+  end
+
+  def display_api_content_by_default?
+    false
+  end
 end
 <%= block_title(block.title, block.subtitle) %>
-<%= block.html.html_safe %>
+<%= (block.html || '').html_safe %>
@@ -55,6 +55,7 @@ module Noosfero
       mount V1::Search
       mount V1::Contacts
       mount V1::Boxes
+      mount V1::Blocks
       mount V1::Profiles
       mount V1::Activities
@@ -88,6 +88,7 @@ module Noosfero
         root 'blocks', 'block'
         expose :id, :type, :settings, :position, :enabled
         expose :mirror, :mirror_block_id, :title
+        expose :api_content, if: lambda { |object, options| options[:display_api_content] || object.display_api_content_by_default? }
       end
       class Box < Entity
 require 'grape'
+require 'base64'
+require 'tempfile'
 require_relative '../../find_by_contents'
-  module Noosfero;
-    module API
-      module APIHelpers
+module Noosfero;
+  module API
+    module APIHelpers
       PRIVATE_TOKEN_PARAM = :private_token
       DEFAULT_ALLOWED_PARAMETERS = [:parent_id, :from, :until, :content_type, :author_id, :identifier, :archived]
@@ -255,7 +257,7 @@ require_relative &#39;../../find_by_contents&#39;
         else
           created_at = scope.find(reference_id).created_at
           scope.send("#{params.key?(:oldest) ? 'older_than' : 'younger_than'}", created_at)
-         end
+        end
       end
       def by_categories(scope, params)
@@ -412,6 +414,30 @@ require_relative &#39;../../find_by_contents&#39;
         not_found! if Noosfero::API::API.endpoint_unavailable?(self, @environment)
       end
+      def asset_with_image params
+        if params.has_key? :image_builder
+          asset_api_params = params
+          asset_api_params[:image_builder] = base64_to_uploadedfile(asset_api_params[:image_builder])
+          return asset_api_params
+        end
+          params
+      end
+
+      def base64_to_uploadedfile(base64_image)
+        tempfile = base64_to_tempfile base64_image
+        converted_image = base64_image
+        converted_image[:tempfile] = tempfile
+        return {uploaded_data: ActionDispatch::Http::UploadedFile.new(converted_image)}
+      end
+
+      def base64_to_tempfile base64_image
+        base64_img_str = base64_image[:tempfile]
+        decoded_base64_str = Base64.decode64(base64_img_str)
+        tempfile = Tempfile.new(base64_image[:filename])
+        tempfile.write(decoded_base64_str.encode("ascii-8bit").force_encoding("utf-8"))
+        tempfile.rewind
+        tempfile
+      end
       private
       def parser_params(params)
@@ -56,7 +56,7 @@ module Noosfero
           post ':id' do
             article = environment.articles.find(params[:id])
             return forbidden! unless article.allow_edit?(current_person)
-            article.update_attributes!(params[:article])
+            article.update_attributes!(asset_with_image(params[:article]))
             present_partial article, :with => Entities::Article
           end
@@ -0,0 +1,17 @@
+module Noosfero
+  module API
+    module V1
+
+      class Blocks < Grape::API
+        resource :blocks do
+          get ':id' do
+            block = Block.find(params["id"])
+            return forbidden! unless block.visible_to_user?(current_person)
+            present block, :with => Entities::Block, display_api_content: true
+          end
+        end
+      end
+
+    end
+  end
+end
@@ -55,11 +55,10 @@ module Noosfero
           post ':id' do
             authenticate!
             return forbidden! if current_person.id.to_s != params[:id]
-            current_person.update_attributes!(params[:person])
+            current_person.update_attributes!(asset_with_image(params[:person]))
             present current_person, :with => Entities::Person, :current_person => current_person
           end
-
-          # Example Request:
+          
           #  POST api/v1/people?person[login]=some_login&person[password]=some_password&person[name]=Jack
           #  for each custom field for person, add &person[field_name]=field_value to the request
           desc "Create person"
@@ -76,7 +75,7 @@ module Noosfero
               params[:person][:custom_values][key]=params[:person].delete(key) if Person.custom_fields(environment).any?{|cf| cf.name==key}
             end
-            user = User.build(user_data, params[:person], environment)
+            user = User.build(user_data, asset_with_image(params[:person]), environment)
             begin
               user.signup!
@@ -53,7 +53,7 @@ class LdapPlugin &lt; Noosfero::Plugin
     return nil if attrs.nil?
     user_login = get_login(attrs, ldap.attr_login, login)
-    user = User.find_or_initialize_by_login(user_login)
+    user = User.find_or_initialize_by(login: user_login)
     return nil if !user.new_record? && !user.activated?
     user.login = user_login
@@ -48,4 +48,12 @@ class RecentContentBlock &lt; Block
     attr == self.presentation_mode
   end
+  def api_content
+    children = self.articles_of_folder(self.root, self.total_items)
+    Noosfero::API::Entities::ArticleBase.represent(children).as_json
+  end
+
+  def display_api_content_by_default?
+    false
+  end
 end
@@ -142,4 +142,18 @@ class RecentContentBlockViewTest &lt; ActionView::TestCase
     assert_match /Block Title/, content
   end
+
+  should 'return articles in api_content' do
+    profile = create_user('testuser').person
+
+    root = fast_create(Blog, name: 'test-blog', profile_id: profile.id)
+    article = fast_create(TextArticle, parent_id: root.id, profile_id: profile.id)
+
+    block = RecentContentBlock.new
+    block.stubs(:holder).returns(profile)
+    block.selected_folder = root.id
+    block.presentation_mode = ''
+    assert_equal [article.id], block.api_content['articles'].map {|a| a[:id]}
+  end
+
 end
@@ -0,0 +1,97 @@
+require_relative 'test_helper'
+
+class BlocksTest < ActiveSupport::TestCase
+
+  def setup
+    create_and_activate_user
+    login_api
+    @environment = Environment.default
+    @profile = fast_create(Profile)
+  end
+
+  attr_accessor :environment, :profile
+
+  should 'get an environment block' do
+    box = fast_create(Box, :owner_id => environment.id, :owner_type => Environment.name)
+    block = fast_create(Block, box_id: box.id)
+    get "/api/v1/blocks/#{block.id}?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+    assert_equal block.id, json["block"]["id"]
+  end
+
+  should 'get a profile block' do
+    box = fast_create(Box, :owner_id => profile.id, :owner_type => Profile.name)
+    block = fast_create(Block, box_id: box.id)
+    get "/api/v1/blocks/#{block.id}?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+    assert_equal block.id, json["block"]["id"]
+  end
+
+  should 'get a profile block for a not logged in user' do
+    logout_api
+    box = fast_create(Box, :owner_id => profile.id, :owner_type => Profile.name)
+    block = fast_create(Block, box_id: box.id)
+    get "/api/v1/blocks/#{block.id}?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+    assert_equal block.id, json["block"]["id"]
+  end
+
+  should 'not get a profile block for a not logged in user' do
+    logout_api
+    profile = fast_create(Profile, public_profile: false)
+    box = fast_create(Box, :owner_id => profile.id, :owner_type => Profile.name)
+    block = fast_create(Block, box_id: box.id)
+    get "/api/v1/blocks/#{block.id}?#{params.to_query}"
+    assert_equal 403, last_response.status
+  end
+
+  should 'not get a profile block for an user without permission' do
+    profile = fast_create(Profile, public_profile: false)
+    box = fast_create(Box, :owner_id => profile.id, :owner_type => Profile.name)
+    block = fast_create(Block, box_id: box.id)
+    get "/api/v1/blocks/#{block.id}?#{params.to_query}"
+    assert_equal 403, last_response.status
+  end
+
+  should 'get a block for an user with permission in a private profile' do
+    profile = fast_create(Profile, public_profile: false)
+    profile.add_admin(person)
+    box = fast_create(Box, :owner_id => profile.id, :owner_type => Profile.name)
+    block = fast_create(Block, box_id: box.id)
+    get "/api/v1/blocks/#{block.id}?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+    assert_equal block.id, json["block"]["id"]
+  end
+
+  should 'display api content by default' do
+    box = fast_create(Box, :owner_id => environment.id, :owner_type => Environment.name)
+    block = fast_create(Block, box_id: box.id)
+    get "/api/v1/blocks/#{block.id}?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+    assert json["block"].key?('api_content')
+  end
+
+  should 'display api content of a specific block' do
+    class SomeBlock < Block
+      def api_content
+        {some_content: { name: 'test'} }
+      end
+    end
+    box = fast_create(Box, :owner_id => environment.id, :owner_type => Environment.name)
+    block = fast_create(SomeBlock, box_id: box.id)
+    get "/api/v1/blocks/#{block.id}?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+    assert_equal "test", json["block"]["api_content"]["some_content"]["name"]
+  end
+
+  should 'display api content of raw html block' do
+    box = fast_create(Box, :owner_id => environment.id, :owner_type => Environment.name)
+    block = fast_create(RawHTMLBlock, box_id: box.id)
+    block.html = '<div>test</div>'
+    block.save!
+    get "/api/v1/blocks/#{block.id}?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+    assert_equal "<div>test</div>", json["block"]["api_content"]["html"]
+  end
+
+end
@@ -38,4 +38,13 @@ class BoxesTest &lt; ActiveSupport::TestCase
     assert_equal box.id, json["boxes"].first["id"]
   end
+  should 'not display block api_content by default' do
+    Environment.delete_all
+    environment = fast_create(Environment, :is_default => true)
+    box = fast_create(Box, :owner_id => environment.id, :owner_type => 'Environment')
+    block = fast_create(Block, box_id: box.id)
+    get "/api/v1/environments/default/boxes?#{params.to_query}"
+    json = JSON.parse(last_response.body)
+    assert !json["boxes"].first["blocks"].first.key?('api_content')
+  end
 end
 require_relative 'test_helper'
+require "base64"
 require 'noosfero/api/helpers'
 class APIHelpersTest < ActiveSupport::TestCase
@@ -264,6 +265,23 @@ class APIHelpersTest &lt; ActiveSupport::TestCase
  end
 ###### END Captcha tests ######
+  should 'create a :uploaded_data hash, expected by image_builder ' do
+    base64_image = create_base64_image
+    uploadedfile = base64_to_uploadedfile base64_image
+    assert uploadedfile.has_key? :uploaded_data
+    assert_equal uploadedfile[:uploaded_data].original_filename, base64_image[:filename]
+    assert_equal uploadedfile[:uploaded_data].content_type, base64_image[:type]
+    assert uploadedfile[:uploaded_data].tempfile
+  end
+
+  should 'return a params copy with a UploadedFile object' do
+    base64_image = create_base64_image
+    params = {}
+    params.merge!({image_builder: base64_image})
+    asset_params = asset_with_image params
+    assert !asset_params[:image_builder][:uploaded_data].nil?
+    assert asset_params[:image_builder][:uploaded_data].is_a? ActionDispatch::Http::UploadedFile
+  end
   protected
@@ -388,4 +388,14 @@ class PeopleTest &lt; ActiveSupport::TestCase
     end
   end
+  should 'update person image' do
+    login_api
+    base64_image = create_base64_image
+    params.merge!({person: {image_builder: base64_image}})
+    assert_nil person.image
+    post "/api/v1/people/#{person.id}?#{params.to_query}"
+    person.reload
+    assert_not_nil person.image
+    assert_equal person.image.filename, base64_image[:filename]
+  end
 end
@@ -69,8 +69,24 @@ class ActiveSupport::TestCase
     @params[:private_token] = @private_token
   end
+  def logout_api
+    @params.delete(:private_token)
+  end
+
   attr_accessor :private_token, :user, :person, :params, :environment
+  def create_base64_image
+    image_path = File.absolute_path(Rails.root + 'public/images/noosfero-network.png')
+    image_name = File.basename(image_path)
+    image_type = "image/#{File.extname(image_name).delete "."}"
+    encoded_base64_img = Base64.encode64(File.open(image_path) {|io| io.read })
+    base64_image = {}
+    base64_image[:tempfile] = encoded_base64_img
+    base64_image[:filename] = image_name
+    base64_image[:type] = image_type
+    base64_image
+  end
+
   private
   def json_response_ids(kind)
@@ -398,4 +398,64 @@ class BlockTest &lt; ActiveSupport::TestCase
     assert block.get_limit.is_a?(Fixnum)
   end
+  should 'return true at visible_to_user? when block is visible' do
+    block = Block.new
+    person = create_user('person_one').person
+    assert block.visible_to_user?(person)
+  end
+
+  should 'return false at visible_to_user? when block is not visible and user is nil' do
+    block = Block.new
+    person = create_user('person_one').person
+    block.stubs(:owner).returns(person)
+    block.expects(:visible?).returns(false)
+    assert !block.visible_to_user?(nil)
+  end
+
+  should 'return false at visible_to_user? when block is not visible and user does not has permission' do
+    block = Block.new
+    person = create_user('person_one').person
+    community = fast_create(Community)
+    block.stubs(:owner).returns(community)
+    block.expects(:visible?).returns(false)
+    assert !block.visible_to_user?(person)
+  end
+
+  should 'return true at visible_to_user? when block is not visible and user has permission' do
+    block = Block.new
+    person = create_user('person_one').person
+    community = fast_create(Community)
+    give_permission(person, 'edit_profile_design', community)
+    block.stubs(:owner).returns(community)
+    block.expects(:visible?).returns(false)
+    assert block.visible_to_user?(person)
+  end
+
+  should 'return false at visible_to_user? when block is not visible and user does not has permission in environment' do
+    block = Block.new
+    environment = Environment.default
+    person = create_user('person_one').person
+    block.stubs(:owner).returns(environment)
+    block.expects(:visible?).returns(false)
+    assert !block.visible_to_user?(person)
+  end
+
+  should 'return true at visible_to_user? when block is not visible and user has permission in environment' do
+    block = Block.new
+    environment = Environment.default
+    person = create_user('person_one').person
+    give_permission(person, 'edit_environment_design', environment)
+    block.stubs(:owner).returns(environment)
+    block.expects(:visible?).returns(false)
+    assert block.visible_to_user?(person)
+  end
+
+  should 'return false at visible_to_user? when block is not visible to user' do
+    block = Block.new
+    person = create_user('person_one').person
+    block.stubs(:owner).returns(person)
+    block.expects(:visible?).returns(true)
+    block.expects(:display_to_user?).returns(false)
+    assert !block.visible_to_user?(nil)
+  end
 end
@@ -40,4 +40,11 @@ class RawHTMLBlockTest &lt; ActiveSupport::TestCase
     assert block.editable?(user)
   end
+  should 'not raise if there is no html defined' do
+    block = RawHTMLBlock.new(:html => nil)
+    assert_nothing_raised do
+      render_block_content(block)
+    end
+  end
+
 end
@@ -128,4 +128,12 @@ class RecentDocumentsBlockViewTest &lt; ActionView::TestCase
     box.expects(:owner).returns(Environment.new).at_least_once
     assert_equal '', render_block_footer(block)
   end
+
+  should 'return articles in api_content' do
+    profile = fast_create(Profile)
+    article = fast_create(TextArticle, profile_id: profile.id)
+    block = RecentDocumentsBlock.new
+    block.stubs(:owner).returns(profile)
+    assert_equal [article.id], block.api_content['articles'].map {|a| a[:id]}
+  end
 end
	@@ -76,6 +76,17 @@ class Block < ApplicationRecord		@@ -76,6 +76,17 @@ class Block < ApplicationRecord
76	true	76	true
77	end	77	end
78		78
		79	+ def visible_to_user?(user)
		80	+ visible = self.display_to_user?(user)
		81	+ if self.owner.kind_of?(Profile)
		82	+ visible &= self.owner.display_info_to?(user)
		83	+ visible &= (self.visible? \|\| user && user.has_permission?(:edit_profile_design, self.owner))
		84	+ elsif self.owner.kind_of?(Environment)
		85	+ visible &= (self.visible? \|\| user && user.has_permission?(:edit_environment_design, self.owner))
		86	+ end
		87	+ visible
		88	+ end
		89	+
79	def display_to_user?(user)	90	def display_to_user?(user)
80	display_user == 'all' \|\| (user.nil? && display_user == 'not_logged') \|\| (user && display_user == 'logged') \|\| (user && display_user == 'followers' && user.follows?(owner))	91	display_user == 'all' \|\| (user.nil? && display_user == 'not_logged') \|\| (user && display_user == 'logged') \|\| (user && display_user == 'followers' && user.follows?(owner))
81	end	92	end
	@@ -314,6 +325,14 @@ class Block < ApplicationRecord		@@ -314,6 +325,14 @@ class Block < ApplicationRecord
314	self.observers << block	325	self.observers << block
315	end	326	end
316		327
		328	+ def api_content
		329	+ nil
		330	+ end
		331	+
		332	+ def display_api_content_by_default?
		333	+ false
		334	+ end
		335	+
317	private	336	private
318		337
319	def home_page_path	338	def home_page_path
	@@ -20,4 +20,12 @@ class RawHTMLBlock < Block		@@ -20,4 +20,12 @@ class RawHTMLBlock < Block
20	user.has_permission?('edit_raw_html_block', environment)	20	user.has_permission?('edit_raw_html_block', environment)
21	end	21	end
22		22
		23	+ def api_content
		24	+ { html: html }
		25	+ end
		26	+
		27	+ def display_api_content_by_default?
		28	+ true
		29	+ end
		30	+
23	end	31	end
	@@ -29,4 +29,12 @@ class RecentDocumentsBlock < Block		@@ -29,4 +29,12 @@ class RecentDocumentsBlock < Block
29	def self.expire_on	29	def self.expire_on
30	{ :profile => [:article], :environment => [:article] }	30	{ :profile => [:article], :environment => [:article] }
31	end	31	end
		32	+
		33	+ def api_content
		34	+ Noosfero::API::Entities::ArticleBase.represent(docs).as_json
		35	+ end
		36	+
		37	+ def display_api_content_by_default?
		38	+ false
		39	+ end
32	end	40	end
1	<%= block_title(block.title, block.subtitle) %>	1	<%= block_title(block.title, block.subtitle) %>
2		2
3	-<%= block.html.html_safe %>	3	+<%= (block.html \|\| '').html_safe %>
	@@ -55,6 +55,7 @@ module Noosfero		@@ -55,6 +55,7 @@ module Noosfero
55	mount V1::Search	55	mount V1::Search
56	mount V1::Contacts	56	mount V1::Contacts
57	mount V1::Boxes	57	mount V1::Boxes
		58	+ mount V1::Blocks
58	mount V1::Profiles	59	mount V1::Profiles
59	mount V1::Activities	60	mount V1::Activities
60		61
	@@ -88,6 +88,7 @@ module Noosfero		@@ -88,6 +88,7 @@ module Noosfero
88	root 'blocks', 'block'	88	root 'blocks', 'block'
89	expose :id, :type, :settings, :position, :enabled	89	expose :id, :type, :settings, :position, :enabled
90	expose :mirror, :mirror_block_id, :title	90	expose :mirror, :mirror_block_id, :title
		91	+ expose :api_content, if: lambda { \|object, options\| options[:display_api_content] \|\| object.display_api_content_by_default? }
91	end	92	end
92		93
93	class Box < Entity	94	class Box < Entity
1	require 'grape'	1	require 'grape'
		2	+require 'base64'
		3	+require 'tempfile'
2	require_relative '../../find_by_contents'	4	require_relative '../../find_by_contents'
3		5
4	- module Noosfero;
5	- module API
6	- module APIHelpers	6	+module Noosfero;
		7	+ module API
		8	+ module APIHelpers
7	PRIVATE_TOKEN_PARAM = :private_token	9	PRIVATE_TOKEN_PARAM = :private_token
8	DEFAULT_ALLOWED_PARAMETERS = [:parent_id, :from, :until, :content_type, :author_id, :identifier, :archived]	10	DEFAULT_ALLOWED_PARAMETERS = [:parent_id, :from, :until, :content_type, :author_id, :identifier, :archived]
9		11
	@@ -255,7 +257,7 @@ require_relative '../../find_by_contents'		@@ -255,7 +257,7 @@ require_relative '../../find_by_contents'
255	else	257	else
256	created_at = scope.find(reference_id).created_at	258	created_at = scope.find(reference_id).created_at
257	scope.send("#{params.key?(:oldest) ? 'older_than' : 'younger_than'}", created_at)	259	scope.send("#{params.key?(:oldest) ? 'older_than' : 'younger_than'}", created_at)
258	- end	260	+ end
259	end	261	end
260		262
261	def by_categories(scope, params)	263	def by_categories(scope, params)
	@@ -412,6 +414,30 @@ require_relative '../../find_by_contents'		@@ -412,6 +414,30 @@ require_relative '../../find_by_contents'
412	not_found! if Noosfero::API::API.endpoint_unavailable?(self, @environment)	414	not_found! if Noosfero::API::API.endpoint_unavailable?(self, @environment)
413	end	415	end
414		416
		417	+ def asset_with_image params
		418	+ if params.has_key? :image_builder
		419	+ asset_api_params = params
		420	+ asset_api_params[:image_builder] = base64_to_uploadedfile(asset_api_params[:image_builder])
		421	+ return asset_api_params
		422	+ end
		423	+ params
		424	+ end
		425	+
		426	+ def base64_to_uploadedfile(base64_image)
		427	+ tempfile = base64_to_tempfile base64_image
		428	+ converted_image = base64_image
		429	+ converted_image[:tempfile] = tempfile
		430	+ return {uploaded_data: ActionDispatch::Http::UploadedFile.new(converted_image)}
		431	+ end
		432	+
		433	+ def base64_to_tempfile base64_image
		434	+ base64_img_str = base64_image[:tempfile]
		435	+ decoded_base64_str = Base64.decode64(base64_img_str)
		436	+ tempfile = Tempfile.new(base64_image[:filename])
		437	+ tempfile.write(decoded_base64_str.encode("ascii-8bit").force_encoding("utf-8"))
		438	+ tempfile.rewind
		439	+ tempfile
		440	+ end
415	private	441	private
416		442
417	def parser_params(params)	443	def parser_params(params)
	@@ -56,7 +56,7 @@ module Noosfero		@@ -56,7 +56,7 @@ module Noosfero
56	post ':id' do	56	post ':id' do
57	article = environment.articles.find(params[:id])	57	article = environment.articles.find(params[:id])
58	return forbidden! unless article.allow_edit?(current_person)	58	return forbidden! unless article.allow_edit?(current_person)
59	- article.update_attributes!(params[:article])	59	+ article.update_attributes!(asset_with_image(params[:article]))
60	present_partial article, :with => Entities::Article	60	present_partial article, :with => Entities::Article
61	end	61	end
62		62
@@ -0,0 +1,17 @@		@@ -0,0 +1,17 @@
	1	+module Noosfero
	2	+ module API
	3	+ module V1
	4	+
	5	+ class Blocks < Grape::API
	6	+ resource :blocks do
	7	+ get ':id' do
	8	+ block = Block.find(params["id"])
	9	+ return forbidden! unless block.visible_to_user?(current_person)
	10	+ present block, :with => Entities::Block, display_api_content: true
	11	+ end
	12	+ end
	13	+ end
	14	+
	15	+ end
	16	+ end
	17	+end
	@@ -53,7 +53,7 @@ class LdapPlugin < Noosfero::Plugin		@@ -53,7 +53,7 @@ class LdapPlugin < Noosfero::Plugin
53	return nil if attrs.nil?	53	return nil if attrs.nil?
54		54
55	user_login = get_login(attrs, ldap.attr_login, login)	55	user_login = get_login(attrs, ldap.attr_login, login)
56	- user = User.find_or_initialize_by_login(user_login)	56	+ user = User.find_or_initialize_by(login: user_login)
57	return nil if !user.new_record? && !user.activated?	57	return nil if !user.new_record? && !user.activated?
58		58
59	user.login = user_login	59	user.login = user_login