Merge branch 'master' into staging

Leandro Santos
2 parents e502c6c0 4615d072
Showing 84 changed files with 524 additions and 190 deletions Show diff stats
app/api/helpers.rb
app/controllers/admin/categories_controller.rb
app/controllers/box_organizer_controller.rb
app/controllers/public/account_controller.rb
app/controllers/public/profile_controller.rb
app/helpers/application_helper.rb
app/mailers/contact.rb
app/mailers/environment_mailing.rb
app/mailers/mailing.rb
app/mailers/organization_mailing.rb
app/mailers/pending_task_notifier.rb
app/mailers/scrap_notifier.rb
app/mailers/task_mailer.rb
app/mailers/user_mailer.rb
app/models/abuse_complaint.rb
app/models/add_member.rb
app/models/community.rb
app/models/organization.rb
app/views/account/activation_question.html.erb
app/views/admin_panel/_signup_welcome_text.html.erb
@@ -331,12 +331,12 @@ module Api
     end
  
     def cant_be_saved_request!(attribute)
-      message = _("(Invalid request) %s can't be saved") % attribute
+      message = _("(Invalid request) %s can't be saved").html_safe % attribute
       render_api_error!(message, 400)
     end
  
     def bad_request!(attribute)
-      message = _("(Invalid request) %s not given") % attribute
+      message = _("(Invalid request) %s not given").html_safe % attribute
       render_api_error!(message, 400)
     end
  
@@ -44,7 +44,7 @@ class CategoriesController &lt; AdminController
       if request.post?
         @category.update!(params[:category])
         @saved = true
-        session[:notice] = _("Category %s saved." % @category.name)
+        session[:notice] = _("Category %s saved." % @category.name).html_safe
         redirect_to :action => 'index'
       end
     rescue Exception => e
@@ -109,7 +109,7 @@ class BoxOrganizerController &lt; ApplicationController
   def show_block_type_info
     type = params[:type]
     if type.blank? || !available_blocks.map(&:name).include?(type)
-      raise ArgumentError.new("Type %s is not allowed. Go away." % type)
+      raise ArgumentError.new("Type %s is not allowed. Go away.".html_safe % type)
     end
     @block = type.constantize.new
     @block.box = Box.new(:owner => boxes_holder)
@@ -122,7 +122,7 @@ class BoxOrganizerController &lt; ApplicationController
  
   def new_block(type, box)
     if !available_blocks.map(&:name).include?(type)
-      raise ArgumentError.new("Type %s is not allowed. Go away." % type)
+      raise ArgumentError.new("Type %s is not allowed. Go away.".html_safe % type)
     end
     block = type.constantize.new
     box.blocks << block
@@ -213,7 +213,7 @@ class AccountController &lt; ApplicationController
         if params[:value].blank?
           @change_password.errors[:base] << _('Can not recover user password with blank value.')
         else
-          @change_password.errors[:base] << _('Could not find any user with %s equal to "%s".') % [fields_label, params[:value]]
+          @change_password.errors[:base] << _('Could not find any user with %s equal to "%s".').html_safe % [fields_label, params[:value]]
         end
       rescue ActiveRecord::RecordInvalid
         @change_password.errors[:base] << _('Could not perform password recovery for the user.')
@@ -42,8 +42,8 @@ class ProfileController &lt; PublicController
     feed_writer = FeedWriter.new
     data = feed_writer.write(
       tagged,
-      :title => _("%s's contents tagged with \"%s\"") % [profile.name, @tag],
-      :description => _("%s's contents tagged with \"%s\"") % [profile.name, @tag],
+      :title => _("%s's contents tagged with \"%s\"").html_safe % [profile.name, @tag],
+      :description => _("%s's contents tagged with \"%s\"").html_safe % [profile.name, @tag],
       :link => url_for(profile.url)
     )
     render :text => data, :content_type => "text/xml"
@@ -88,7 +88,7 @@ class ProfileController &lt; PublicController
  
   def join_modal
       profile.add_member(user)
-      session[:notice] = _('%s administrator still needs to accept you as member.') % profile.name
+      session[:notice] = _('%s administrator still needs to accept you as member.').html_safe % profile.name
       redirect_to :action => :index
   end
  
@@ -98,12 +98,12 @@ class ProfileController &lt; PublicController
  
       profile.add_member(user)
       if !profile.members.include?(user)
-        render :text => {:message => _('%s administrator still needs to accept you as member.') % profile.name}.to_json
+        render :text => {:message => _('%s administrator still needs to accept you as member.').html_safe % profile.name}.to_json
       else
-        render :text => {:message => _('You just became a member of %s.') % profile.name}.to_json
+        render :text => {:message => _('You just became a member of %s.').html_safe % profile.name}.to_json
       end
     else
-      render :text => {:message => _('You are already a member of %s.') % profile.name}.to_json
+      render :text => {:message => _('You are already a member of %s.').html_safe % profile.name}.to_json
     end
   end
  
@@ -125,7 +125,7 @@ class ProfileController &lt; PublicController
         render :text => current_person.leave(profile, params[:reload])
       end
     else
-      render :text => {:message => _('You are not a member of %s.') % profile.name}.to_json
+      render :text => {:message => _('You are not a member of %s.').html_safe % profile.name}.to_json
     end
   end
  
@@ -145,9 +145,9 @@ class ProfileController &lt; PublicController
     # FIXME this shouldn't be in Person model?
     if !user.memberships.include?(profile)
       AddFriend.create!(:person => user, :friend => profile)
-      render :text => _('%s still needs to accept being your friend.') % profile.name
+      render :text => _('%s still needs to accept being your friend.').html_safe % profile.name
     else
-      render :text => _('You are already a friend of %s.') % profile.name
+      render :text => _('You are already a friend of %s.').html_safe % profile.name
     end
   end
  
@@ -178,7 +178,7 @@ class ProfileController &lt; PublicController
   def unblock
     if current_user.person.is_admin?(profile.environment)
       profile.unblock
-      session[:notice] = _("You have unblocked %s successfully. ") % profile.name
+      session[:notice] = _("You have unblocked %s successfully. ").html_safe % profile.name
       redirect_to :controller => 'profile', :action => 'index'
     else
       message = _('You are not allowed to unblock enterprises in this environment.')
@@ -882,7 +882,7 @@ module ApplicationHelper
         link_to_all = link_to(content_tag('strong', _('See all')), :controller => 'memberships', :profile => user.identifier)
       end
       link = list.map do |element|
-        link_to(content_tag('strong', _('<span>Manage</span> %s') % element.short_name(25)), element.admin_url, :class => "icon-menu-"+element.class.identification.underscore, :title => _('Manage %s') % element.short_name)
+        link_to(content_tag('strong', _('<span>Manage</span> %s').html_safe % element.short_name(25)), element.admin_url, :class => "icon-menu-"+element.class.identification.underscore, :title => _('Manage %s').html_safe % element.short_name)
       end
       if link_to_all
         link << link_to_all
@@ -923,7 +923,7 @@ module ApplicationHelper
     logout_link = link_to(logout_icon.html_safe, { :controller => 'account', :action => 'logout'} , :id => "logout", :title => _("Leave the system"))
     join_result = safe_join(
       [welcome_span.html_safe, render_environment_features(:usermenu).html_safe, admin_link.html_safe,
-        manage_enterprises.html_safe, manage_communities.html_safe, ctrl_panel_link.html_safe,
+        manage_enterprises, manage_communities, ctrl_panel_link.html_safe,
         pending_tasks_count.html_safe, logout_link.html_safe], "")
     join_result
   end
@@ -47,8 +47,8 @@ class Contact
         content_type: 'text/html',
         to: contact.dest.notification_emails,
         reply_to: contact.email,
-        subject: "[#{contact.dest.short_name(30)}] " + contact.subject,
-        from: "#{contact.name} <#{contact.dest.environment.noreply_email}>"
+        subject: "[#{contact.dest.short_name(30)}] #{contact.subject}".html_safe,
+        from: "#{contact.name} <#{contact.dest.environment.noreply_email}>".html_safe
       }
  
       if contact.sender
@@ -30,7 +30,7 @@ class EnvironmentMailing &lt; Mailing
   end
  
   def signature_message
-    _('Sent by %s.') % source.name
+    _('Sent by %s.').html_safe % source.name
   end
  
   def url
@@ -23,11 +23,11 @@ class Mailing &lt; ApplicationRecord
   end
  
   def generate_from
-    "#{source.name} <#{if source.is_a? Environment then source.noreply_email else source.contact_email end}>"
+    "#{source.name} <#{if source.is_a? Environment then source.noreply_email else source.contact_email end}>".html_safe
   end
  
   def generate_subject
-    '[%s] %s' % [source.name, subject]
+    '[%s] %s'.html_safe % [source.name, subject]
   end
  
   def signature_message
@@ -30,7 +30,7 @@ class OrganizationMailing &lt; Mailing
   end
  
   def signature_message
-    _('Sent by community %s.') % source.name
+    _('Sent by community %s.').html_safe % source.name
   end
  
   include Rails.application.routes.url_helpers
@@ -12,8 +12,8 @@ class PendingTaskNotifier &lt; ApplicationMailer
  
     mail(
       to: person.email,
-      from: "#{person.environment.name} <#{person.environment.noreply_email}>",
-      subject: _("[%s] Pending tasks") % person.environment.name
+      from: "#{person.environment.name} <#{person.environment.noreply_email}>".html_safe,
+      subject: _("[%s] Pending tasks").html_safe % person.environment.name
     )
   end
  
@@ -14,8 +14,8 @@ class ScrapNotifier &lt; ApplicationMailer
     @url = sender.environment.top_url
     mail(
       to: receiver.email,
-      from: "#{sender.environment.name} <#{sender.environment.noreply_email}>",
-      subject: _("[%s] You received a scrap!") % [sender.environment.name]
+      from: "#{sender.environment.name} <#{sender.environment.noreply_email}>".html_safe,
+      subject: _("[%s] You received a scrap!").html_safe % [sender.environment.name]
     )
   end
 end
@@ -14,7 +14,7 @@ class TaskMailer &lt; ApplicationMailer
     mail(
       to: task.target.notification_emails.compact,
       from: self.class.generate_from(task),
-      subject: "[%s] %s" % [task.environment.name, task.target_notification_description]
+      subject: "[%s] %s".html_safe % [task.environment.name, task.target_notification_description]
     )
   end
  
@@ -27,7 +27,7 @@ class TaskMailer &lt; ApplicationMailer
     mail(
       to: task.friend_email,
       from: self.class.generate_from(task),
-      subject: '[%s] %s' % [ task.requestor.environment.name, task.target_notification_description ]
+      subject: '[%s] %s'.html_safe % [ task.requestor.environment.name, task.target_notification_description ]
     )
   end
  
@@ -43,7 +43,7 @@ class TaskMailer &lt; ApplicationMailer
     mail_with_template(
       to: task.requestor.notification_emails,
       from: self.class.generate_from(task),
-      subject: '[%s] %s' % [task.requestor.environment.name, task.target_notification_description],
+      subject: '[%s] %s'.html_safe % [task.requestor.environment.name, task.target_notification_description],
       email_template: task.email_template,
       template_params: {:environment => task.requestor.environment, :task => task, :message => @message, :url => @url, :requestor => task.requestor}
     )
@@ -13,8 +13,8 @@ class UserMailer &lt; ApplicationMailer
  
     mail(
       to: user_email,
-      from: "#{user.environment.name} <#{user.environment.contact_email}>",
-      subject: _("[%{environment}] Welcome to %{environment} mail!") % { :environment => user.environment.name }
+      from: "#{user.environment.name} <#{user.environment.contact_email}>".html_safe,
+      subject: _("[%{environment}] Welcome to %{environment} mail!").html_safe % { :environment => user.environment.name }
     )
   end
  
@@ -30,7 +30,7 @@ class UserMailer &lt; ApplicationMailer
     mail_with_template(
       from: "#{user.environment.name} <#{user.environment.contact_email}>",
       to: user.email,
-      subject: _("[%s] Activate your account") % [user.environment.name],
+      subject: _("[%s] Activate your account").html_safe % [user.environment.name],
       template_params: {:environment => user.environment, :activation_code => @activation_code, :redirection => @redirection, :join => @join, :person => user.person, :url => @url},
       email_template: user.environment.email_templates.find_by_template_type(:user_activation),
     )
@@ -44,8 +44,8 @@ class UserMailer &lt; ApplicationMailer
     mail(
       content_type: 'text/html',
       to: user.email,
-      from: "#{user.environment.name} <#{user.environment.contact_email}>",
-      subject: email_subject.blank? ? _("Welcome to environment %s") % [user.environment.name] : email_subject,
+      from: "#{user.environment.name} <#{user.environment.contact_email}>".html_safe,
+      subject: email_subject.blank? ? _("Welcome to environment %s").html_safe % [user.environment.name] : email_subject,
       body: @body
     )
   end
@@ -63,8 +63,8 @@ class UserMailer &lt; ApplicationMailer
     mail(
       content_type: 'text/html',
       to: user.email,
-      from: "#{user.environment.name} <#{user.environment.contact_email}>",
-      subject: _("[%s] What about grow up your network?") % user.environment.name
+      from: "#{user.environment.name} <#{user.environment.contact_email}>".html_safe,
+      subject: _("[%s] What about grow up your network?").html_safe % user.environment.name
     )
   end
  
@@ -25,7 +25,7 @@ class AbuseComplaint &lt; Task
   end
  
   def title
-    abuse_reports.count > 1 ? (_('Abuse complaint (%s)') % abuse_reports.count) :_('Abuse complaint')
+    abuse_reports.count > 1 ? (_('Abuse complaint (%s)').html_safe % abuse_reports.count) :_('Abuse complaint')
   end
  
   def linked_subject
@@ -53,15 +53,15 @@ class AbuseComplaint &lt; Task
   end
  
   def task_activated_message
-    _('Your profile was reported by the users of %s due to inappropriate behavior. The administrators of the environment are now reviewing the report. To solve this misunderstanding, please contact the administrators.') % environment.name
+    _('Your profile was reported by the users of %s due to inappropriate behavior. The administrators of the environment are now reviewing the report. To solve this misunderstanding, please contact the administrators.').html_safe % environment.name
   end
  
   def task_finished_message
-    _('Your profile was disabled by the administrators of %s due to inappropriate behavior. To solve this misunderstanding please contact them.') % environment.name
+    _('Your profile was disabled by the administrators of %s due to inappropriate behavior. To solve this misunderstanding please contact them.').html_safe % environment.name
   end
  
   def target_notification_description
-    _('%s was reported due to inappropriate behavior.') % reported.name
+    _('%s was reported due to inappropriate behavior.').html_safe % reported.name
   end
  
   def target_notification_message
@@ -56,7 +56,7 @@ class AddMember &lt; Task
   def target_notification_description
     requestor_email = " (#{requestor.email})" if requestor.may_display_field_to?("email")
  
-    _("%{requestor}%{requestor_email} wants to be a member of '%{organization}'.") % {:requestor => requestor.name, :requestor_email => requestor_email, :organization => organization.name}
+    _("%{requestor}%{requestor_email} wants to be a member of '%{organization}'.").html_safe % {:requestor => requestor.name, :requestor_email => requestor_email, :organization => organization.name}
   end
  
   def target_notification_message
@@ -2,7 +2,7 @@ class Community &lt; Organization
  
   attr_accessible :accessor_id, :accessor_type, :role_id, :resource_id, :resource_type
   attr_accessible :address_reference, :district, :tag_list, :language, :description
-  attr_accessible :requires_email
+
   after_destroy :check_invite_member_for_destroy
  
   def self.type_name
@@ -13,9 +13,6 @@ class Community &lt; Organization
   N_('Language')
  
   settings_items :language
-  settings_items :requires_email, :type => :boolean
-
-  alias_method :requires_email?, :requires_email
  
   extend SetProfileRegionFromCityState::ClassMethods
   set_profile_region_from_city_state
@@ -2,6 +2,10 @@
 class Organization < Profile
  
   attr_accessible :moderated_articles, :foundation_year, :contact_person, :acronym, :legal_form, :economic_activity, :management_information, :cnpj, :display_name, :enable_contact_us
+  attr_accessible :requires_email
+
+  settings_items :requires_email, type: :boolean
+  alias_method :requires_email?, :requires_email
  
   SEARCH_FILTERS = {
     :order => %w[more_recent more_popular more_active],
@@ -3,7 +3,7 @@
     var answer = parseInt(form.answer.value);
     var val = form.answer.value;
     if (!answer || (val.length != 4) || val > <%= Time.now.year %> || val < 1900) {
-      alert(<%= (_('The year must be between %d and %d') % [1900, Time.now.year]).inspect %>);
+      alert(<%= (_('The year must be between %d and %d').html_safe % [1900, Time.now.year]).inspect %>);
       return false;
     } else {
       return true;
@@ -28,9 +28,9 @@
  
   <p>  <strong><%= _('Pay atention! You have only one chance!') %></strong> </p>
  
-  <p><%= _("This is a question to know if you really are part of this enterprise. Pay atention because you have only one chance to answer right and activate your enterprise. If you answer wrong you will not be able to activate the enterprise automaticaly and must get in touch with the admins of %s by email or phone.") % environment.name %> </p>
+  <p><%= _("This is a question to know if you really are part of this enterprise. Pay atention because you have only one chance to answer right and activate your enterprise. If you answer wrong you will not be able to activate the enterprise automaticaly and must get in touch with the admins of %s by email or phone.").html_safe % environment.name %> </p>
  
-  <%= ApplicationHelper::NoosferoFormBuilder::output_field(@question == :foundation_year ? (_("What year your enterprise was founded? It must have 4 digits, eg 1990. %s") % environment.tip_message_enterprise_activation_question) : _('What is the CNPJ of your enterprise?'), text_field_tag(:answer, nil, :id => 'enterprise-activation-answer')) %>
+  <%= ApplicationHelper::NoosferoFormBuilder::output_field(@question == :foundation_year ? (_("What year your enterprise was founded? It must have 4 digits, eg 1990. %s").html_safe % environment.tip_message_enterprise_activation_question) : _('What is the CNPJ of your enterprise?'), text_field_tag(:answer, nil, :id => 'enterprise-activation-answer')) %>
  
     <%= hidden_field_tag :enterprise_code, params[:enterprise_code] %>
  
 <div class='description'>
   <%= _('This text will be sent to new users if the feature "Send welcome e-mail to new users" is enabled on environment.') %><br/><br/>
-  <%= _('Including %s on body, it will be replaced by the real name of the e-mail recipient.') % content_tag('code', '{user_name}') %>
+  <%= _('Including %s on body, it will be replaced by the real name of the e-mail recipient.').html_safe % content_tag('code', '{user_name}') %>
 </div>
  
 <%= labelled_form_field(_('Subject'), text_field(:environment, :signup_welcome_text_subject, :style => 'width:100%')) %>
@@ -58,7 +58,7 @@
 <div id="blog-image-builder">
   <%= f.fields_for :image_builder, @article.image do |i| %>
     <%= file_field_or_thumbnail(_('Cover image:'), @article.image, i)%>
-    <%= _("Max size: %s (.jpg, .gif, .png)")% Image.max_size.to_humanreadable %>
+    <%= _("Max size: %s (.jpg, .gif, .png)").html_safe % Image.max_size.to_humanreadable %>
   <% end %>
 </div>
  
-<h2><%= _('Processed validation request for %s ') % @processed.name %> (<%= status(@processed) %>)</h2>
+<h2><%= _('Processed validation request for %s ').html_safe % @processed.name %> (<%= status(@processed) %>)</h2>
  
 <%= link_to _('Back'), :action => 'index' %>
  
-<h1><%= _('Adding %s as a favorite enterprise') % @favorite_enterprise.name %></h1>
+<h1><%= _('Adding %s as a favorite enterprise').html_safe % @favorite_enterprise.name %></h1>
  
 <p>
-<%= _('Are you sure you want to add %s as your favorite enterprise?') % @favorite_enterprise.name %>
+<%= _('Are you sure you want to add %s as your favorite enterprise?').html_safe % @favorite_enterprise.name %>
 </p>
  
 <%= form_tag do %>
   <%= hidden_field_tag(:confirmation, 1) %>
  
-  <%= submit_button(:ok, _("Yes, I am sure"), :title => _("I want to add %s as a favorite enterprise") % @favorite_enterprise.name) %>
+  <%= submit_button(:ok, _("Yes, I am sure"), :title => _("I want to add %s as a favorite enterprise").html_safe % @favorite_enterprise.name) %>
   <%= button(:cancel, _("No, I don't want"), :action => 'index') %>
 <% end %>
 <div id="remove_friend">
  
-<h1><%= _('Removing friend: %s') % @friend.name %></h1>
+<h1><%= _('Removing friend: %s').html_safe % @friend.name %></h1>
  
 <%= profile_image @friend, :thumb, :class => 'friend_picture' %>
  
 <p>
-<%= _('Are you sure you want to remove %s from your friends list?') % @friend.name %>
+<%= _('Are you sure you want to remove %s from your friends list?').html_safe % @friend.name %>
 </p>
  
 <p>
 <em>
-<%= _('Note that %s will still have you as a friend, unless he/she also wants to remove you from his/her friend list.') % @friend.name %>
+<%= _('Note that %s will still have you as a friend, unless he/she also wants to remove you from his/her friend list.').html_safe % @friend.name %>
 </em>
 </p>
  
 <% default_message = defined?(default_message) ? default_message : false %>
  
 <div id='thanks-for-signing'>
-  <h1><%= _("Welcome to %s!") % environment.name %></h1>
+  <h1><%= _("Welcome to %s!").html_safe % environment.name %></h1>
   <% if environment.has_custom_welcome_screen? && !default_message %>
     <%= environment.settings[:signup_welcome_screen_body].html_safe %>
   <% else %>
@@ -10,21 +10,21 @@
         <p><%= _("Firstly, some tips for getting started:") %></p>
         <h4><%= _("Confirm your account!") %></h4>
         <p><%= _("You should receive a welcome email from us shortly. Please take a second to follow the link within to confirm your account.") %></p>
-        <p><%= _("You won't appear as %s until your account is confirmed.") % link_to(_('user'), {:controller => :search, :action => :people, :filter => 'more_recent'}, :target => '_blank') %></p>
+        <p><%= _("You won't appear as %s until your account is confirmed.").html_safe % link_to(_('user'), {:controller => :search, :action => :people, :filter => 'more_recent'}, :target => '_blank') %></p>
       <% else %>
         <h4><%= _("Wait for admin approvement!") %></h4>
         <p><%= _("The administrators will evaluate your signup request for approvement.") %></p>
-        <p><%= _("You won't appear as %s until your account is approved.") % link_to(_('user'), {:controller => :search, :action => :people, :filter => 'more_recent'}, :target => '_blank') %></p>
+        <p><%= _("You won't appear as %s until your account is approved.").html_safe % link_to(_('user'), {:controller => :search, :action => :people, :filter => 'more_recent'}, :target => '_blank') %></p>
       <% end %>
       <h4><%= _("What to do next?") %></h4>
-      <p><%= _("Access your %s and see your face on the network!") %
+      <p><%= _("Access your %s and see your face on the network!").html_safe %
         (user.present? ? link_to(_('Profile'), {:controller => 'profile', :profile => user.identifier}, :target => '_blank') : 'Profile') %>
-      <%= _("You can also explore your %s to customize your profile. Here are some %s on what you can do there.") %
+      <%= _("You can also explore your %s to customize your profile. Here are some %s on what you can do there.").html_safe %
         [user.present? ? link_to(_('Control Panel'), {:controller => 'profile_editor', :profile => user.identifier}, :target => '_blank') : 'Control Panel',
           link_to(_('tips'), {:controller => 'doc', :action => 'topic', :section => 'user', :topic => 'editing-person-info'}, :target => '_blank')] %></p>
-      <p><%= _("%s your Gmail, Yahoo and Hotmail contacts!") % link_to(_('Invite and find'), {:controller => 'doc', :action => 'topic', :section => 'user', :topic => 'invite-contacts'}, :target => '_blank') %></p>
-      <p><%= _("Learn the guidelines. Read the %s for more details on how to use this social network!") % link_to(_('Documentation'), {:controller => 'doc'}, :target => '_blank') %></p>
+      <p><%= _("%s your Gmail, Yahoo and Hotmail contacts!").html_safe % link_to(_('Invite and find'), {:controller => 'doc', :action => 'topic', :section => 'user', :topic => 'invite-contacts'}, :target => '_blank') %></p>
+      <p><%= _("Learn the guidelines. Read the %s for more details on how to use this social network!").html_safe % link_to(_('Documentation'), {:controller => 'doc'}, :target => '_blank') %></p>
       <p><%= _("Start exploring and have fun!") %></p>
   <% end %>
-  <%= render :partial => 'shared/template_welcome_page', :locals => {:template => @person_template, :header => _("What can I do as a %s?")} %>
+  <%= render :partial => 'shared/template_welcome_page', :locals => {:template => @person_template, :header => _("What can I do as a %s?").html_safe} %>
 </div>
 <% if activity.comments_count > 2 %>
   <div style="font-size: 10px;">
     <% if activity.params['url'].blank?  %>
-      <%= _("%s comments") % activity.comments_count %>
+      <%= _("%s comments").html_safe % activity.comments_count %>
     <% else %>
-      <%= link_to(_("View all %s comments") % activity.comments_count, activity.params['url']) %>
+      <%= link_to(_("View all %s comments").html_safe % activity.comments_count, activity.params['url']) %>
     <% end %>
   </div>
 <% else %>
@@ -13,5 +13,5 @@
     <%= button(:add, content_tag('span', _('Add friend')), profile.add_url, :class => 'add-friend', :title => _("Add friend"), :style => 'position: relative;') %>
   <% end %>
   <%= button :back, _('Go back'), :back %>
-  <%= button :home, _("Go to %s home page") % environment.name, :controller => 'home' %>
+  <%= button :home, _("Go to %s home page").html_safe % environment.name, :controller => 'home' %>
 <% end %>
@@ -5,7 +5,7 @@
 <% if activity.comments_count > 0 %>
 <div id="profile-wall-activities-comments-more-<%= activity.id %>" class="profile-wall-activities-comments" >
   <div class='view-all-comments icon-chat'>
-     <%= link_to(n_('View comment', "View all %s comments", activity.comments_count) % activity.comments_count, :profile => profile.identifier, :controller => 'profile', :action => 'more_comments', :activity => activity, :comment_page => (1)) %>
+     <%= link_to(n_('View comment', "View all %s comments".html_safe, activity.comments_count) % activity.comments_count, :profile => profile.identifier, :controller => 'profile', :action => 'more_comments', :activity => activity, :comment_page => (1)) %>
   </div>
 </div>
 <% end %>
@@ -23,7 +23,7 @@
   <% if scrap.replies.count > 0 %>
     <div id="profile-wall-activities-comments-more-<%= activity.id %>" class="profile-wall-activities-comments">
       <div class='view-all-comments icon-chat'>
-        <%= link_to(n_('View comment', "View all %s comments", scrap.replies.count) % scrap.replies.count, :profile => profile.identifier, :controller => 'profile', :action => 'more_replies', :activity => activity, :comment_page => (1)) %>
+        <%= link_to(n_('View comment', "View all %s comments".html_safe, scrap.replies.count) % scrap.replies.count, :profile => profile.identifier, :controller => 'profile', :action => 'more_replies', :activity => activity, :comment_page => (1)) %>
       </div>
     </div>
   <% end %>
-<h1><%= _('Profile settings for %s') % profile.name %></h1>
+<h1><%= _('Profile settings for %s').html_safe % profile.name %></h1>
  
 <%= error_messages_for :profile_data %>
  
@@ -18,7 +18,7 @@
   </div>
   <div id="profile_change_picture">
     <%= f.fields_for :image_builder, @profile.image do |i| %>
-      <%= file_field_or_thumbnail(_('Image:'), @profile.image, i) %><%= _("Max size: %s (.jpg, .gif, .png)")% Image.max_size.to_humanreadable %>
+      <%= file_field_or_thumbnail(_('Image:'), @profile.image, i) %><%= _("Max size: %s (.jpg, .gif, .png)").html_safe % Image.max_size.to_humanreadable %>
     <% end %>
   </div>
  
 <div id='search-content'>
   <div class='total'>
-    <%= n_('Total of 1 result', 'Total of %s results', @searches[@asset][:results].total_entries) % @searches[@asset][:results].total_entries.inspect %>
+    <%= n_('Total of 1 result', 'Total of %s results'.html_safe, @searches[@asset][:results].total_entries) % @searches[@asset][:results].total_entries.inspect %>
   </div>
  
 <%= display_results(@searches, @asset) %>
-<%= render :partial => 'search_form', :locals => { :hint => _("Type words about the %s you're looking for") % _(@asset.to_s.singularize) } %>
+<%= render :partial => 'search_form', :locals => { :hint => _("Type words about the %s you're looking for").html_safe % _(@asset.to_s.singularize) } %>
 <%= render :partial => 'search_content' %>
  
 <div style="clear: both"></div>
 <%= profile_image suggestion, :thumb, :class => 'suggestion_picture' %>
  
 <p>
-<%= _('Are you sure you want to remove %s from your suggestions list?') % suggestion.name %>
+<%= _('Are you sure you want to remove %s from your suggestions list?').html_safe % suggestion.name %>
 </p>
  
 <%= form_tag do %>
-  <%= submit_button(:ok, _("Yes, I want to remove %s") % suggestion.name) %>
+  <%= submit_button(:ok, _("Yes, I want to remove %s").html_safe % suggestion.name) %>
   <%= button(:cancel, _("No"), :action => 'suggest') %>
 <% end %>
-<h2><%= _('Ticket: %s') % @ticket.name %></h2>
+<h2><%= _('Ticket: %s').html_safe % @ticket.name %></h2>
 <p><small>
-  <%= _('Created at %s by %s') % [@ticket.created_at.to_date, link_to(@ticket.requestor.name, @ticket.requestor.url)] %><br/>
-  <%= _('Owner: %s') %  link_to(@ticket.target.name, @ticket.target.url) %>
+  <%= _('Created at %s by %s').html_safe % [@ticket.created_at.to_date, link_to(@ticket.requestor.name, @ticket.requestor.url)] %><br/>
+  <%= _('Owner: %s').html_safe %  link_to(@ticket.target.name, @ticket.target.url) %>
 </small></p>
  
-<p><%= _('Status: %s') % gettext(Task::Status.names[@ticket.status]) %></p>
+<p><%= _('Status: %s').html_safe % gettext(Task::Status.names[@ticket.status]) %></p>
  
 <div>
-  <p><%= _('Description: %s') % @ticket.description %></p>
+  <p><%= _('Description: %s').html_safe % @ticket.description %></p>
 </div>
  
 <% if @ticket.closing_statment %>
-  <p><%= _('Closing statement: %s') % @ticket.closing_statment %></p>
+  <p><%= _('Closing statement: %s').html_safe % @ticket.closing_statment %></p>
 <% end %>
  
 <%= button_bar do %>
@@ -10,7 +10,7 @@
 <% list_of_templates.each do |title, templates, kind|%>
   <div class='template-kind'>
     <h2><%= title %></h2>
-    <%= button :add, _('New...'), {:action => "create_#{kind}_template"}, :title => _("Create a new template for %s") % title.downcase %>
+    <%= button :add, _('New...'), {:action => "create_#{kind}_template"}, :title => _("Create a new template for %s").html_safe % title.downcase %>
     <table class='actions'>
       <tr>
         <th><%= _('Template') %></th>
@@ -20,11 +20,11 @@
         <tr>
           <td>
             <%#= image_tag "icons-app/#{kind}-icon.png" %>
-            <%= link_to(template.name, {:controller => 'profile_editor', :profile => template.identifier}, :title => _('Edit template "%s"') % template.name ) %>
+            <%= link_to(template.name, {:controller => 'profile_editor', :profile => template.identifier}, :title => _('Edit template "%s"').html_safe % template.name ) %>
             <% if environment.is_default_template?(template) %>
               <%= _('is the default template') %>
             <% else %>
-              <%= link_to(_('Set as default'), {:action => "set_#{kind}_as_default", :template_id => template.id}, :title => _('Set %s template as default') % template.name ) %>
+              <%= link_to(_('Set as default'), {:action => "set_#{kind}_as_default", :template_id => template.id}, :title => _('Set %s template as default').html_safe % template.name ) %>
             <% end %>
           </td>
           <td>
-<%= _('Hello %s,') % @name  %>
+<%= _('Hello %s,').html_safe % @name  %>
  
-<%= _('Your email %s was just activated.') % [@email] %>
+<%= _('Your email %s was just activated.').html_safe % [@email] %>
  
 <%= _('You can access your e-mail from anywhere, using the following address:') %>
 <%= @webmail %>
@@ -8,5 +8,5 @@
 <%= _('Greetings,') %>
  
 --
-<%= _('%s team.') % @environment.name %>
+<%= _('%s team.').html_safe % @environment.name %>
 <%= @url %>
@@ -0,0 +1,2 @@
+gem 'browser', '~> 2.2.0'
+
@@ -7,12 +7,39 @@ class AnalyticsPlugin::StatsController &lt; MyProfileController
   def index
   end
  
+  def edit
+    return render_access_denied unless user.has_permission? 'edit_profile', profile
+
+    params[:analytics_settings][:enabled] = params[:analytics_settings][:enabled] == 'true'
+    params[:analytics_settings][:anonymous] = params[:analytics_settings][:anonymous] == 'true'
+    @settings = profile.analytics_settings params[:analytics_settings] || {}
+    @settings.save!
+    render nothing: true
+  end
+
+  def view
+    params[:profile_ids] ||= [profile.id]
+    ids = params[:profile_ids].map(&:to_i)
+    user.adminships # FIXME just to cache #adminship_ids
+    ids = ids.select{ |id| id.in? user.adminship_ids } unless @user_is_admin
+
+    @profiles = environment.profiles.find ids
+    @user = environment.people.find params[:user_id]
+    @visits = AnalyticsPlugin::Visit.eager_load(:users_page_views).
+      where(profile_id: ids, analytics_plugin_page_views: {user_id: @user.id})
+
+    render partial: 'table', locals: {visits: @visits}
+
+  end
+
   protected
  
-  def default_url_options
-    # avoid rails' use_relative_controller!
-    {use_route: '/'}
+  # inherit routes from core skipping use_relative_controller!
+  def url_for options
+    options[:controller] = "/#{options[:controller]}" if options.is_a? Hash and options[:controller] and not options[:controller].to_s.starts_with? '/'
+    super options
   end
+  helper_method :url_for
  
   def skip_page_view
     @analytics_skip_page_view = true
@@ -7,7 +7,10 @@ class AnalyticsPlugin::TimeOnPageController &lt; ProfileController
     Noosfero::Scheduler::Defer.later do
       page_view = profile.page_views.where(request_id: params[:id]).first
       page_view.request = request
-      page_view.page_load!
+      AnalyticsPlugin::PageView.transaction do
+        page_view.page_load! Time.at(params[:time].to_i)
+        page_view.update_column :title, params[:title] if params[:title].present?
+      end
     end
  
     render nothing: true
@@ -0,0 +1,40 @@
+class AddTitleAndIsBotToAnalyticsPluginPageView < ActiveRecord::Migration
+
+  def up
+    add_column :analytics_plugin_page_views, :title, :text
+    add_column :analytics_plugin_page_views, :is_bot, :boolean
+
+    # missing indexes for performance
+    add_index :analytics_plugin_page_views, :type
+    add_index :analytics_plugin_page_views, :visit_id
+    add_index :analytics_plugin_page_views, :request_started_at
+    add_index :analytics_plugin_page_views, :page_loaded_at
+    add_index :analytics_plugin_page_views, :is_bot
+
+    AnalyticsPlugin::PageView.transaction do
+      AnalyticsPlugin::PageView.find_each do |page_view|
+        page_view.send :fill_is_bot
+        page_view.update_column :is_bot, page_view.is_bot
+      end
+    end
+
+    change_table :analytics_plugin_visits do |t|
+      t.timestamps
+    end
+    AnalyticsPlugin::Visit.transaction do
+      AnalyticsPlugin::Visit.find_each do |visit|
+        visit.created_at = visit.page_views.first.request_started_at
+        visit.updated_at = visit.page_views.last.request_started_at
+        visit.save!
+      end
+    end
+
+    # never used
+    remove_column :analytics_plugin_page_views, :track_id
+  end
+
+  def down
+    say "this migration can't be reverted"
+  end
+
+end
@@ -13,4 +13,15 @@ module AnalyticsPlugin
     I18n.t'analytics_plugin.lib.plugin.description'
   end
  
+  def self.clear_non_users
+    ActiveRecord::Base.transaction do
+      AnalyticsPlugin::PageView.bots.delete_all
+      AnalyticsPlugin::PageView.not_page_loaded.delete_all
+      # delete_all does not work here
+      AnalyticsPlugin::Visit.without_page_views.destroy_all
+    end
+  end
+
 end
+
+Browser::Bot.detect_empty_ua!
@@ -3,6 +3,7 @@ class AnalyticsPlugin::Base &lt; Noosfero::Plugin
  
   def body_ending
     return unless profile and profile.analytics_enabled?
+    return if @analytics_skip_page_view
     lambda do
       render 'analytics_plugin/body_ending'
     end
@@ -12,6 +13,7 @@ class AnalyticsPlugin::Base &lt; Noosfero::Plugin
     ['analytics'].map{ |j| "javascripts/#{j}" }
   end
  
+  # FIXME: not reloading on development, need server restart
   def application_controller_filters
     [{
       type: 'around_filter', options: {}, block: -> &block do
@@ -23,15 +25,12 @@ class AnalyticsPlugin::Base &lt; Noosfero::Plugin
         return unless profile and profile.analytics_enabled?
  
         Noosfero::Scheduler::Defer.later 'analytics: register page view' do
-          page_view = profile.page_views.build request: request, profile_id: profile,
+          page_view = profile.page_views.build request: request, profile_id: profile.id,
             request_started_at: request_started_at, request_finished_at: request_finished_at
-
           unless profile.analytics_anonymous?
-            session_id = session.id
             page_view.user = user
-            page_view.session_id = session_id
+            page_view.session_id = session.id
           end
-
           page_view.save!
         end
       end,
@@ -39,6 +38,7 @@ class AnalyticsPlugin::Base &lt; Noosfero::Plugin
   end
  
   def control_panel_buttons
+    return unless user.is_admin? environment
     {
       title: I18n.t('analytics_plugin.lib.plugin.panel_button'),
       icon: 'analytics-access',
 require_dependency 'profile'
-require_dependency 'community'
  
-([Profile] + Profile.descendants).each do |subclass|
-subclass.class_eval do
+class Profile
  
-  has_many :visits, foreign_key: :profile_id, class_name: 'AnalyticsPlugin::Visit'
-  has_many :page_views, foreign_key: :profile_id, class_name: 'AnalyticsPlugin::PageView'
+  has_many :users_visits, -> { latest.with_users_page_views }, foreign_key: :profile_id, class_name: 'AnalyticsPlugin::Visit'
  
-end
-end
+  has_many :visits, -> { latest.eager_load :page_views }, foreign_key: :profile_id, class_name: 'AnalyticsPlugin::Visit'
+  has_many :page_views, foreign_key: :profile_id, class_name: 'AnalyticsPlugin::PageView'
  
-class Profile
+  has_many :user_visits, -> { latest.eager_load :page_views }, foreign_key: :user_id, class_name: 'AnalyticsPlugin::PageView'
+  has_many :user_page_views, foreign_key: :user_id, class_name: 'AnalyticsPlugin::PageView'
  
   def analytics_settings attrs = {}
     @analytics_settings ||= Noosfero::Plugin::Settings.new self, ::AnalyticsPlugin, attrs
@@ -9,10 +9,14 @@ en: &amp;en
  
     views:
       stats:
+        enable: "Enable tracking on the profile '%{profile}'"
+        anonymous: "Don't associate users' login"
+        config_save: "Configuration saved"
         user: 'User'
         initial_time: 'Time'
+        ip: 'IP'
         pages: 'Pages'
  
-en-US:
+en_US:
   <<: *en
  
@@ -9,9 +9,14 @@ pt: &amp;pt
  
     views:
       stats:
+        enable: "Ativar rastreio no perfil '%{profile}'"
+        anonymous: "Não associar login de usuários"
+        config_save: "Configuração salva"
         user: 'Usuário'
         initial_time: 'Horário'
+        ip: 'IP'
         pages: 'Páginas'
  
-pt-BR:
+pt_BR:
   <<: *pt
+
@@ -10,22 +10,34 @@ class AnalyticsPlugin::PageView &lt; ApplicationRecord
  
   acts_as_having_settings field: :options
  
-  belongs_to :visit, class_name: 'AnalyticsPlugin::Visit'
-  belongs_to :referer_page_view, class_name: 'AnalyticsPlugin::PageView'
+  belongs_to :profile, validate: true
+  belongs_to :visit, class_name: 'AnalyticsPlugin::Visit', touch: true, validate: true
  
-  belongs_to :user, class_name: 'Person'
-  belongs_to :session, primary_key: :session_id, foreign_key: :session_id, class_name: 'Session'
-  belongs_to :profile
+  belongs_to :referer_page_view, class_name: 'AnalyticsPlugin::PageView', validate: false
  
-  validates_presence_of :visit
-  validates_presence_of :request, on: :create
-  validates_presence_of :url
+  belongs_to :user, class_name: 'Person', validate: false
+  belongs_to :session, primary_key: :session_id, foreign_key: :session_id, class_name: 'Session', validate: false
+
+  validates :request, presence: true, on: :create
+  validates :url, presence: true
  
   before_validation :extract_request_data, on: :create
   before_validation :fill_referer_page_view, on: :create
   before_validation :fill_visit, on: :create
+  before_validation :fill_is_bot, on: :create
+
+  after_update :destroy_empty_visit
+  after_destroy :destroy_empty_visit
+
+  scope :in_sequence, -> { order 'analytics_plugin_page_views.request_started_at ASC' }
+
+  scope :page_loaded, -> { where 'analytics_plugin_page_views.page_loaded_at IS NOT NULL' }
+  scope :not_page_loaded, -> { where 'analytics_plugin_page_views.page_loaded_at IS NULL' }
  
-  scope :latest, -> { order 'request_started_at DESC' }
+  scope :no_bots, -> { where.not is_bot: true }
+  scope :bots, -> { where is_bot: true }
+
+  scope :loaded_users, -> { in_sequence.page_loaded.no_bots }
  
   def request_duration
     self.request_finished_at - self.request_started_at
@@ -43,8 +55,8 @@ class AnalyticsPlugin::PageView &lt; ApplicationRecord
     Time.now < self.user_last_time_seen + AnalyticsPlugin::TimeOnPageUpdateInterval
   end
  
-  def page_load!
-    self.page_loaded_at = Time.now
+  def page_load! time
+    self.page_loaded_at = time
     self.update_column :page_loaded_at, self.page_loaded_at
   end
  
@@ -56,6 +68,16 @@ class AnalyticsPlugin::PageView &lt; ApplicationRecord
     self.update_column :time_on_page, self.time_on_page
   end
  
+  def find_referer_page_view
+    return if self.referer_url.blank?
+    AnalyticsPlugin::PageView.order('request_started_at DESC').
+      where(url: self.referer_url, session_id: self.session_id, user_id: self.user_id, profile_id: self.profile_id).first
+  end
+
+  def browser
+    @browser ||= Browser.new self.user_agent
+  end
+
   protected
  
   def extract_request_data
@@ -64,16 +86,29 @@ class AnalyticsPlugin::PageView &lt; ApplicationRecord
     self.user_agent = self.request.headers['User-Agent']
     self.request_id = self.request.env['action_dispatch.request_id']
     self.remote_ip = self.request.remote_ip
+    true
   end
  
   def fill_referer_page_view
-    self.referer_page_view = AnalyticsPlugin::PageView.order('request_started_at DESC').
-      where(url: self.referer_url, session_id: self.session_id, user_id: self.user_id, profile_id: self.profile_id).first if self.referer_url.present?
+    self.referer_page_view = self.find_referer_page_view
+    true
   end
  
   def fill_visit
     self.visit = self.referer_page_view.visit if self.referer_page_view and self.referer_page_view.user_on_page?
     self.visit ||= AnalyticsPlugin::Visit.new profile: profile
+    true
+  end
+
+  def fill_is_bot
+    self.is_bot = self.browser.bot?
+    true
+  end
+
+  def destroy_empty_visit
+    return unless self.visit_id_changed?
+    old_visit = AnalyticsPlugin::Visit.find self.visit_id_was
+    old_visit.destroy if old_visit.page_views.empty?
   end
  
 end
@@ -5,10 +5,16 @@ class AnalyticsPlugin::Visit &lt; ApplicationRecord
  
   belongs_to :profile
   has_many :page_views, class_name: 'AnalyticsPlugin::PageView', dependent: :destroy
+  has_many :users_page_views, -> { loaded_users }, class_name: 'AnalyticsPlugin::PageView', dependent: :destroy
  
-  default_scope -> { joins(:page_views).includes :page_views }
+  scope :latest, -> { order 'updated_at DESC' }
  
-  scope :latest, -> { order 'analytics_plugin_page_views.request_started_at DESC' }
+  scope :with_users_page_views, -> {
+    eager_load(:users_page_views).where.not analytics_plugin_page_views: {visit_id: nil}
+  }
+  scope :without_page_views, -> {
+    eager_load(:page_views).where analytics_plugin_page_views: {visit_id: nil}
+  }
  
   def first_page_view
     self.page_views.first
 analytics = {
+
+  t: function (key, options) {
+    return I18n.t(key, $.extend(options, {scope: 'analytics_plugin'}))
+  },
+
   requestId: '',
  
   timeOnPage: {
@@ -27,7 +32,7 @@ analytics = {
  
   pageLoad: function() {
     $.ajax(analytics.timeOnPage.baseUrl+'/page_load', {
-      type: 'POST', data: {id: analytics.requestId},
+      type: 'POST', data: {id: analytics.requestId, title: document.title, time: Math.floor(Date.now()/1000)},
       success: function(data) {
       },
     });
@@ -0,0 +1,33 @@
+analytics-settings
+  .checkbox
+    label name='enabled'
+      input type='checkbox' name='enabled' value='1' checked='{settings.enabled}' onchange='{toggleEnabled}'
+      |{anl.t('views.stats.enable', {profile: noosfero.profile})}
+
+  .checkbox if='{settings.enabled}'
+    label name='anonymous'
+      input type='checkbox' name='anonymous' value='1' checked='{settings.anonymous}' onchange='{toggleAnonymous}'
+      |{anl.t('views.stats.anonymous')}
+
+  javascript:
+    this.anl = window.analytics
+    this.settings = opts.settings
+    this.updateUrl = Routes.analytics_plugin_stats_path({profile: noosfero.profile, action: 'edit'})
+
+    toggleEnabled (e) {
+      this.settings.enabled = !this.settings.enabled
+      this.update()
+      this.save(e)
+    }
+    toggleAnonymous (e) {
+      this.settings.anonymous = !this.settings.anonymous
+      this.save(e)
+    }
+
+    save (e) {
+      var self = this
+      $.post(this.updateUrl, {analytics_settings: this.settings}, function() {
+        display_notice(self.anl.t('views.stats.config_save'))
+      })
+    }
+
@@ -37,7 +37,7 @@ class ContentViewerControllerTest &lt; ActionController::TestCase
     @request.env['HTTP_REFERER'] = first_url
     get :view_page, profile: @community.identifier, page: @community.articles.last.path.split('/')
     assert_equal 2, @community.page_views.count
-    assert_equal 2, @community.visits.count
+    assert_equal 1, @community.visits.count
  
     second_page_view = @community.page_views.order(:id).last
     assert_equal first_page_view, second_page_view.referer_page_view
@@ -48,7 +48,7 @@ class ContentViewerControllerTest &lt; ActionController::TestCase
     future = Time.now + 2*AnalyticsPlugin::TimeOnPageUpdateInterval
     Time.stubs(:now).returns(future)
     get :view_page, profile: @community.identifier, page: @community.articles.last.path.split('/')
-    assert_equal 3, @community.visits.count
+    assert_equal 2, @community.visits.count
   end
  
 end
  
-table#analytics-stats.table data-toggle='table' data-striped='true' data-sortable='true' data-icons-prefix='fa'
-  thead
-    - unless profile.analytics_anonymous?
+.table-responsive
+  table#analytics-stats.table data-toggle='table' data-striped='true' data-sortable='true' data-icons-prefix='fa'
+    thead
       th= t'analytics_plugin.views.stats.user'
-    th= t'analytics_plugin.views.stats.initial_time'
-    th= t'analytics_plugin.views.stats.pages'
+      th= t'analytics_plugin.views.stats.initial_time'
+      th= t'analytics_plugin.views.stats.ip'
+      th= t'analytics_plugin.views.stats.pages'
  
-  tbody
-    - profile.visits.each do |visit|
-      tr
-        td= link_to visit.user.name, visit.user.url
-        td
-          div data-toggle="tooltip" data-title='#{l visit.initial_time}'
-            = time_ago_in_words(visit.initial_time)
-            |&nbsp
-            = _'ago'
-        td
-          - visit.page_views.each do |page_view|
-            = link_to page_view.url, page_view.url
-            |&nbsp;
-            = "(#{distance_of_time_in_words page_view.time_on_page})"
-            |&nbsp;->&nbsp;
+    tbody
+      - visits.each do |visit|
+        tr data-visit-id='#{visit.id}'
+          td= link_to visit.user.name, visit.user.url if visit.user
+          td
+            div data-toggle="tooltip" data-title='#{l visit.initial_time}'
+              = time_ago_in_words visit.initial_time
+              |&nbsp
+              = _'ago'
+          td= visit.users_page_views.first.remote_ip
+          td
+            ol
+              - visit.users_page_views.each do |page_view|
+                li
+                  = link_to (if page_view.title.present? then page_view.title else page_view.url end), page_view.url, target: '_blank'
+                  |&nbsp;
+                  = "(#{distance_of_time_in_words page_view.time_on_page})"
  
 javascript:
   $('#analytics-stats').bootstrapTable({
     striped: true,
-    columns: [
-      {sortable: true},
-      {sortable: true},
-      {sortable: true},
-    ],
   })
  
   $(document).ready(function() {
-- content_for :head
-  = javascript_include_tag 'https://cdnjs.cloudflare.com/ajax/libs/bootstrap-table/1.8.1/bootstrap-table-all.min.js'
-  = stylesheet_link_tag 'https://cdnjs.cloudflare.com/ajax/libs/bootstrap-table/1.8.1/bootstrap-table.css'
+= render 'shared/bootstrap_table'
+
+= button :back, _('Back to control panel'), controller: 'profile_editor'
+
+= js_translations_include plugin: :analytics
+= javascript_include_tag 'plugins/analytics/javascripts/views/settings'
+analytics-settings data-opts="#{CGI.escapeHTML({settings: {enabled: profile.analytics_settings.enabled, anonymous: profile.analytics_settings.anonymous}}.to_json)}" data-riot=''
+/ needs html_safe to work
+/= riot_component :analytics_settings, settings: {enabled: profile.analytics_settings.enabled, anonymous: profile.analytics_settings.anonymous}
+
+= render 'table', visits: profile.users_visits.limit(50)
  
-= render 'table'
@@ -71,7 +71,7 @@ module CustomFormsPlugin::Helper
   def display_custom_field(field, submission, form)
     sanitized_name = ActionView::Base.white_list_sanitizer.sanitize field.name
     answer = submission.answers.select{|answer| answer.field == field}.first
-    field_tag = send("display_#{type_for_options(field.class)}",field, answer, form)
+    field_tag = send("display_#{type_for_options(field.class)}",field, answer, form).html_safe
     if field.mandatory? && submission.id.nil?
       required(labelled_form_field(sanitized_name, field_tag))
     else
@@ -12,7 +12,7 @@
   <%= f.hidden_field(:position) %>
  
   <%= f.hidden_field :_destroy, :class => 'destroy-field' %>
-  <%= button_to_function :delete, _('Remove field'), "customFormsPlugin.removeFieldBox(this, #{CGI::escapeHTML(_('Are you sure you want to remove this field?').to_json)})" %>
+  <%= button_to_function :delete, _('Remove field'), "customFormsPlugin.removeFieldBox(this, #{_('Are you sure you want to remove this field?').to_json})" %>
   <%= yield %>
 </div>
 </fieldset>
@@ -51,8 +51,8 @@
 </ul>
  
 <div class="addition-buttons">
-  <%= button(:add, _('Add a new text field'), '#', :onclick => "customFormsPlugin.addFields(this, 'fields', #{CGI::escapeHTML(html_for_field(f, :fields, CustomFormsPlugin::TextField).to_json)}); return false")%>
-  <%= button(:add, _('Add a new select field'), '#', :onclick => "customFormsPlugin.addFields(this, 'fields', #{CGI::escapeHTML(html_for_field(f, :fields, CustomFormsPlugin::SelectField).to_json)}); return false")%>
+  <%= button(:add, _('Add a new text field'), '#', :onclick => "customFormsPlugin.addFields(this, 'fields', #{html_for_field(f, :fields, CustomFormsPlugin::TextField).to_json}); return false")%>
+  <%= button(:add, _('Add a new select field'), '#', :onclick => "customFormsPlugin.addFields(this, 'fields', #{html_for_field(f, :fields, CustomFormsPlugin::SelectField).to_json}); return false")%>
 </div>
  
 <%= button_bar do %>
@@ -7,6 +7,6 @@
  
   <td>
     <%= f.hidden_field :_destroy, :class => 'destroy-field' %>
-    <%= button_to_function_without_text :remove, _('Remove alternative'), "customFormsPlugin.removeAlternative(this, #{CGI::escapeHTML(_('Are you sure you want to remove this alternative?').to_json)})", :class => 'remove-field', :title => _('Remove alternative') %>
+    <%= button_to_function_without_text :remove, _('Remove alternative'), "customFormsPlugin.removeAlternative(this, #{_('Are you sure you want to remove this alternative?').to_json})", :class => 'remove-field', :title => _('Remove alternative') %>
   </td>
 </tr>
@@ -22,7 +22,7 @@
     <tfoot>
     <tr class="addition-buttons">
       <td colspan="3">
-      <%= button(:add, _('Add a new alternative'), '#', :onclick => "customFormsPlugin.addFields(this, 'alternatives', #{CGI::escapeHTML(html_for_field(f, :alternatives, CustomFormsPlugin::Alternative).to_json)}); return false") %>
+      <%= button(:add, _('Add a new alternative'), '#', :onclick => "customFormsPlugin.addFields(this, 'alternatives', #{html_for_field(f, :alternatives, CustomFormsPlugin::Alternative).to_json}); return false") %>
       </td>
     </tr>
     </tfoot>
 <div id="custom-forms-plugin_submission">
  
 <h1><%= @form.name %></h1>
-<p><%= @form.description %></p>
+<p><%= (@form.description || "").html_safe %></p>
  
 <% if @submission.id.nil? %>
   <% if @form.expired? %>
 <% self.extend(CustomFormsPlugin::Helper) %>
  
 <% @form.fields.each do |field| %>
-  <%= display_custom_field(field, @submission, f.object_name) %>
+  <%= display_custom_field(field, @submission, f.object_name).html_safe %>
 <% end %>
 gem 'omniauth', '~> 1.2.2'
 gem 'omniauth-facebook', '~> 2.0.0'
+gem 'omniauth-twitter', '~> 1.0.1'
 gem "omniauth-google-oauth2", '~> 0.2.6'
 gem "omniauth-oauth2", '~> 1.3.1'
+gem "omniauth-github", '~> 1.1.2'
@@ -33,6 +33,20 @@ Facebook
  
 [Create Facebook application](https://developers.facebook.com/docs/facebook-login/v2.1)
  
+Github
+--------
+
+[Create Github application](https://github.com/settings/developers)
+
+Twitter
+--------
+
+- Specially on twitter you need to request user's email address, see more
+in https://dev.twitter.com/rest/reference/get/account/verify_credentials
+
+[Create Twitter application](https://apps.twitter.com/)
+
+
 Callback
 ========
  
@@ -0,0 +1,20 @@
+Feature: Create Twitter provider
+  As a environment admin
+  I want to be able to create a new twitter provider
+  So that users can login wth different strategies
+
+Background:
+    Given "OauthProvider" plugin is enabled
+    And I am logged in as admin
+    And I go to /admin/plugins
+    And I check "Oauth Client Plugin"
+    And I press "Save changes"
+
+Scenario: Create a twitter provider
+    Given I go to /admin/plugin/oauth_client/new
+    And I fill in "oauth_client_plugin_provider_name" with "myid"
+    And I fill in "oauth_client_plugin_provider[name]" with "google"
+    And I fill in "oauth_client_plugin_provider_client_secret" with "mysecret"
+    And I check "oauth_client_plugin_provider[enabled]"
+    And I select "twitter" from "oauth_client_plugin_provider_strategy"
+    Then I should see "To use this provider you need to request the user email in your app"
@@ -31,13 +31,20 @@ class OauthClientPlugin &lt; Noosfero::Plugin
  
   PROVIDERS = {
     :facebook => {
-      :name => 'Facebook'
+      :name => 'Facebook',
+      :info_fields => 'name,email'
     },
     :google_oauth2 => {
       :name => 'Google'
     },
     :noosfero_oauth2 => {
       :name => 'Noosfero'
+    },
+    :github => {
+      :name => 'Github'
+    },
+    :twitter => {
+      :name => 'Twitter'
     }
   }
  
@@ -62,8 +69,9 @@ class OauthClientPlugin &lt; Noosfero::Plugin
         provider_id = request.params['id']
         provider_id ||= request.session['omniauth.params']['id'] if request.session['omniauth.params']
         provider = environment.oauth_providers.find(provider_id)
+        strategy.options.merge! consumer_key: provider.client_id, consumer_secret: provider.client_secret
         strategy.options.merge! client_id: provider.client_id, client_secret: provider.client_secret
-        strategy.options.merge! provider.options.symbolize_keys
+        strategy.options.merge! options
  
         request.session[:provider_id] = provider_id
       }
@@ -98,4 +106,8 @@ class OauthClientPlugin &lt; Noosfero::Plugin
     }
   end
  
+  def js_files
+  ["script.js"]
+  end
+
 end
@@ -0,0 +1,21 @@
+$(document).ready(function(){
+	select_box_event();
+});
+
+var toggle_info_message = function(){
+  var selected_option = $("#oauth_client_plugin_provider_strategy option:selected");
+  if (selected_option.length){
+    if (selected_option.val() === "twitter"){
+      $(".remember-enable-email").removeClass("hidden");
+    } else {
+      $(".remember-enable-email").addClass("hidden");
+    }
+  }
+};
+
+var select_box_event = function(){
+	var select_box = $("#oauth_client_plugin_provider_strategy");
+	select_box.on("change",function(){
+		toggle_info_message();
+	});
+};
@@ -16,3 +16,7 @@
 .oauth-login .provider .developer {
   display: none;
 }
+
+.remember-enable-email.hidden {
+  display: none;
+}
@@ -15,6 +15,10 @@
     <%= labelled_form_field _('Strategy'), f.select(:strategy, OauthClientPlugin::PROVIDERS) %>
   </div>
  
+  <div class="remember-enable-email hidden">
+    <span class="error"><%=_('To use this provider you need to request the user email in your app')%></span>
+  </div>
+
   <div class="client-id">
     <%= labelled_form_field _('Client Id'), f.text_field(:client_id) %>
   </div>
@@ -10,9 +10,9 @@ Background:
 Scenario: add tags to person
   Given I am on joao's control panel
   And I follow "Edit Profile"
-  When I fill in "profile_data_interest_list" with "linux,debian"
+  When I fill in "profile_data_tag_list" with "linux,debian"
   And I press "Save"
   And I go to joao's control panel
   And I follow "Edit Profile"
-  Then the "profile_data_interest_list" field should contain "linux"
-  And the "profile_data_interest_list" field should contain "debian"
+  Then the "profile_data_tag_list" field should contain "linux"
+  And the "profile_data_tag_list" field should contain "debian"
 require_dependency 'person'
  
 class Person
-  attr_accessible :interest_list
+  attr_accessible :tag_list
  
-  acts_as_taggable_on :interests
+  acts_as_taggable_on :tags
   N_('Fields of interest')
 end
@@ -19,4 +19,18 @@ class PersonTagsPlugin &lt; Noosfero::Plugin
   def self.api_mount_points
     [PersonTagsPlugin::API]
   end
+
+  def self.extra_blocks
+    {
+      PersonTagsPlugin::InterestsBlock => { type: Person }
+    }
+  end
+
+  def self.has_admin_url?
+    false
+  end
+
+  def stylesheet?
+    true
+  end
 end
@@ -3,7 +3,7 @@ class PersonTagsPlugin::API &lt; Grape::API
     get ':id/tags' do
       person = environment.people.visible.find_by(id: params[:id])
       return not_found! if person.blank?
-      present person.interest_list
+      present person.tag_list
     end
   end
 end
@@ -0,0 +1,29 @@
+class PersonTagsPlugin::InterestsBlock < Block
+  def view_title
+    self.default_title 
+  end
+
+  def tags
+    owner.tag_list
+  end
+
+  def extra_option
+    {}
+  end
+
+  def self.description
+    _('Fields of Interest')
+  end
+
+  def help
+    _('Things that this person is interested in')
+  end
+
+  def default_title
+    _('Fields of Interest')
+  end
+
+  def self.expire_on
+    { profile: [:profile] }
+  end
+end
@@ -0,0 +1,13 @@
+.person-tags-block ul {
+  padding: 0;
+  margin: 0;
+}
+
+.person-tags-block li {
+  float: left;
+  list-style: none;
+  padding: 5px;
+  color: #fff;
+  background: #000;
+  margin: 5px;
+}
@@ -10,7 +10,7 @@ class APITest &lt;  ActiveSupport::TestCase
  
   should 'return tags for a person' do
     person = create_user('person').person
-    person.interest_list.add('linux')
+    person.tag_list.add('linux')
     person.save!
     person.reload
     get "/api/v1/people/#{person.id}/tags?#{params.to_query}"
@@ -7,10 +7,10 @@ class PersonTagsPluginTest &lt; ActiveSupport::TestCase
     @environment.enable_plugin(PersonTagsPlugin)
   end
  
-  should 'have interests' do
+  should 'have tags' do
     person = create_user('person').person
-    assert_equal [], person.interests
-    person.interest_list.add('linux')
-    assert_equal ['linux'], person.interest_list
+    assert_equal [], person.tags
+    person.tag_list.add('linux')
+    assert_equal ['linux'], person.tag_list
   end
 end
@@ -0,0 +1,14 @@
+<%= block_title(block.view_title, block.subtitle) %>
+
+<div class="person-tags-block">
+  <% unless block.tags.size == 0 %>
+    <ul>
+      <% block.tags.each do |tag| %>
+        <li><%= tag %></li>
+      <% end %>
+    </ul>
+  <% else %>
+    <div class="person-tags-block-none"><%= c_('None') %></div>
+  <% end %>
+  <br style="clear:both" />
+</div>
@@ -0,0 +1 @@
+box_organizer
 \ No newline at end of file
 <h2><%= _('Select your fields of interest') %></h2>
-<%= text_field_tag('profile_data[interest_list]', context.profile.interest_list.join(','), size: 64) %>
+<%= text_field_tag('profile_data[tag_list]', context.profile.tag_list.join(','), size: 64) %>
 <br />
 <%= content_tag( 'small', _('Separate tags with commas') ) %>
  
 <script>
-  jQuery('#profile_data_interest_list').inputosaurus();
+  jQuery('#profile_data_tag_list').inputosaurus();
 </script>
@@ -0,0 +1 @@
+box_organizer
 \ No newline at end of file
@@ -10,7 +10,7 @@ li.dropdown
  
   ul class='dropdown-menu' role='menu'
     li
-      = link_to user.public_profile_url, id: "homepage-link", title: _('Go to your homepage')
+      = link_to user.url, id: 'homepage-link', title: _('Go to your homepage')
         span class='icon-person' = _('Profile')
     li.divider
  
@@ -50,13 +50,13 @@ class WorkAssignmentPlugin::EmailContact
       mail(options)
     end
  
-    def build_mail_message(email_contact, uploaded_files)
+    def self.build_mail_message(email_contact, uploaded_files)
       message = ""
       if uploaded_files && uploaded_files.first && uploaded_files.first.parent && uploaded_files.first.parent.parent
         article = uploaded_files.first.parent.parent
         message = article.default_email + "<br>"
         uploaded_files.each do |file|
-          url = url_for(file.url)
+          url = Rails.application.routes.url_helpers.url_for(file.url)
           message += "<br><a href='#{url}'>#{url}</a>"
         end
       end
@@ -16,7 +16,7 @@ module WorkAssignmentPlugin::Helper
   end
  
   def display_author_folder(author_folder, user)
-    return if author_folder.children.empty?
+    return if author_folder.children(true).empty?
     content_tag('tr',
       content_tag('td', link_to_last_submission(author_folder, user)) +
       content_tag('td', time_format(author_folder.children.last.created_at)) +
@@ -35,6 +35,14 @@ class ContentViewerControllerTest &lt; ActionController::TestCase
     assert_response :success
   end
  
+  should 'display users submissions' do
+    folder = work_assignment.find_or_create_author_folder(@person)
+    submission = UploadedFile.create!(:uploaded_data => fixture_file_upload('/files/rails.png', 'image/png'), :profile => organization, :parent => folder)
+    get :view_page, :profile => @organization.identifier, :page => work_assignment.path
+    assert_response :success
+    assert_match /rails.png/, @response.body
+  end
+
   should "display 'Upload files' when create children of image gallery" do
     login_as(profile.identifier)
     f = Gallery.create!(:name => 'gallery', :profile => profile)
@@ -13,8 +13,8 @@ msgid &quot;&quot;
 msgstr ""
 "Project-Id-Version: 1.3~rc2-8-g01ea9f7\n"
 "POT-Creation-Date: 2015-11-04 12:36-0300\n"
-"PO-Revision-Date: 2016-03-14 15:58+0000\n"
-"Last-Translator: Eduardo Vital <vitaldu@gmail.com>\n"
+"PO-Revision-Date: 2016-06-20 20:14+0000\n"
+"Last-Translator: Gabriel Silva <gabriel93.silva@gmail.com>\n"
 "Language-Team: Portuguese "
 "<https://hosted.weblate.org/projects/noosfero/noosfero/pt/>\n"
 "Language: pt\n"
@@ -22,7 +22,7 @@ msgstr &quot;&quot;
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
 "Plural-Forms: nplurals=2; plural=n != 1;\n"
-"X-Generator: Weblate 2.5\n"
+"X-Generator: Weblate 2.7-dev\n"
  
 #: app/models/approve_comment.rb:17
 msgid "Anonymous"
@@ -4141,7 +4141,7 @@ msgstr &quot;%s não pôde ser desabilitado&quot;
  
 #: app/controllers/admin/organizations_controller.rb:52
 msgid "%s removed"
-msgstr "% foi removido"
+msgstr "%s foi removido"
  
 #: app/controllers/admin/organizations_controller.rb:54
 msgid "%s could not be removed"
@@ -43,10 +43,12 @@ class NoosferoTest &lt; ActiveSupport::TestCase
   end
  
   should 'change locale temporarily' do
-    Noosfero.with_locale('pt') do
-      assert_equal 'pt', FastGettext.locale
+    current_locale = FastGettext.locale
+    another_locale = current_locale == 'pt' ? 'en' : 'pt'
+    Noosfero.with_locale(another_locale) do
+      assert_equal another_locale, FastGettext.locale
     end
-    assert_equal 'en', FastGettext.locale
+    assert_equal current_locale, FastGettext.locale
   end
  
   should "use default hostname of default environment as hostname of Noosfero instance" do
...	...	@@ -331,12 +331,12 @@ module Api
331	331	end
332	332
333	333	def cant_be_saved_request!(attribute)
334		- message = _("(Invalid request) %s can't be saved") % attribute
	334	+ message = _("(Invalid request) %s can't be saved").html_safe % attribute
335	335	render_api_error!(message, 400)
336	336	end
337	337
338	338	def bad_request!(attribute)
339		- message = _("(Invalid request) %s not given") % attribute
	339	+ message = _("(Invalid request) %s not given").html_safe % attribute
340	340	render_api_error!(message, 400)
341	341	end
342	342
...	...
...	...	@@ -44,7 +44,7 @@ class CategoriesController < AdminController
44	44	if request.post?
45	45	@category.update!(params[:category])
46	46	@saved = true
47		- session[:notice] = _("Category %s saved." % @category.name)
	47	+ session[:notice] = _("Category %s saved." % @category.name).html_safe
48	48	redirect_to :action => 'index'
49	49	end
50	50	rescue Exception => e
...	...
...	...	@@ -109,7 +109,7 @@ class BoxOrganizerController < ApplicationController
109	109	def show_block_type_info
110	110	type = params[:type]
111	111	if type.blank? \|\| !available_blocks.map(&:name).include?(type)
112		- raise ArgumentError.new("Type %s is not allowed. Go away." % type)
	112	+ raise ArgumentError.new("Type %s is not allowed. Go away.".html_safe % type)
113	113	end
114	114	@block = type.constantize.new
115	115	@block.box = Box.new(:owner => boxes_holder)
...	...	@@ -122,7 +122,7 @@ class BoxOrganizerController < ApplicationController
122	122
123	123	def new_block(type, box)
124	124	if !available_blocks.map(&:name).include?(type)
125		- raise ArgumentError.new("Type %s is not allowed. Go away." % type)
	125	+ raise ArgumentError.new("Type %s is not allowed. Go away.".html_safe % type)
126	126	end
127	127	block = type.constantize.new
128	128	box.blocks << block
...	...
...	...	@@ -213,7 +213,7 @@ class AccountController < ApplicationController
213	213	if params[:value].blank?
214	214	@change_password.errors[:base] << _('Can not recover user password with blank value.')
215	215	else
216		- @change_password.errors[:base] << _('Could not find any user with %s equal to "%s".') % [fields_label, params[:value]]
	216	+ @change_password.errors[:base] << _('Could not find any user with %s equal to "%s".').html_safe % [fields_label, params[:value]]
217	217	end
218	218	rescue ActiveRecord::RecordInvalid
219	219	@change_password.errors[:base] << _('Could not perform password recovery for the user.')
...	...
...	...	@@ -42,8 +42,8 @@ class ProfileController < PublicController
42	42	feed_writer = FeedWriter.new
43	43	data = feed_writer.write(
44	44	tagged,
45		- :title => _("%s's contents tagged with \"%s\"") % [profile.name, @tag],
46		- :description => _("%s's contents tagged with \"%s\"") % [profile.name, @tag],
	45	+ :title => _("%s's contents tagged with \"%s\"").html_safe % [profile.name, @tag],
	46	+ :description => _("%s's contents tagged with \"%s\"").html_safe % [profile.name, @tag],
47	47	:link => url_for(profile.url)
48	48	)
49	49	render :text => data, :content_type => "text/xml"
...	...	@@ -88,7 +88,7 @@ class ProfileController < PublicController
88	88
89	89	def join_modal
90	90	profile.add_member(user)
91		- session[:notice] = _('%s administrator still needs to accept you as member.') % profile.name
	91	+ session[:notice] = _('%s administrator still needs to accept you as member.').html_safe % profile.name
92	92	redirect_to :action => :index
93	93	end
94	94
...	...	@@ -98,12 +98,12 @@ class ProfileController < PublicController
98	98
99	99	profile.add_member(user)
100	100	if !profile.members.include?(user)
101		- render :text => {:message => _('%s administrator still needs to accept you as member.') % profile.name}.to_json
	101	+ render :text => {:message => _('%s administrator still needs to accept you as member.').html_safe % profile.name}.to_json
102	102	else
103		- render :text => {:message => _('You just became a member of %s.') % profile.name}.to_json
	103	+ render :text => {:message => _('You just became a member of %s.').html_safe % profile.name}.to_json
104	104	end
105	105	else
106		- render :text => {:message => _('You are already a member of %s.') % profile.name}.to_json
	106	+ render :text => {:message => _('You are already a member of %s.').html_safe % profile.name}.to_json
107	107	end
108	108	end
109	109
...	...	@@ -125,7 +125,7 @@ class ProfileController < PublicController
125	125	render :text => current_person.leave(profile, params[:reload])
126	126	end
127	127	else
128		- render :text => {:message => _('You are not a member of %s.') % profile.name}.to_json
	128	+ render :text => {:message => _('You are not a member of %s.').html_safe % profile.name}.to_json
129	129	end
130	130	end
131	131
...	...	@@ -145,9 +145,9 @@ class ProfileController < PublicController
145	145	# FIXME this shouldn't be in Person model?
146	146	if !user.memberships.include?(profile)
147	147	AddFriend.create!(:person => user, :friend => profile)
148		- render :text => _('%s still needs to accept being your friend.') % profile.name
	148	+ render :text => _('%s still needs to accept being your friend.').html_safe % profile.name
149	149	else
150		- render :text => _('You are already a friend of %s.') % profile.name
	150	+ render :text => _('You are already a friend of %s.').html_safe % profile.name
151	151	end
152	152	end
153	153
...	...	@@ -178,7 +178,7 @@ class ProfileController < PublicController
178	178	def unblock
179	179	if current_user.person.is_admin?(profile.environment)
180	180	profile.unblock
181		- session[:notice] = _("You have unblocked %s successfully. ") % profile.name
	181	+ session[:notice] = _("You have unblocked %s successfully. ").html_safe % profile.name
182	182	redirect_to :controller => 'profile', :action => 'index'
183	183	else
184	184	message = _('You are not allowed to unblock enterprises in this environment.')
...	...
...	...	@@ -882,7 +882,7 @@ module ApplicationHelper
882	882	link_to_all = link_to(content_tag('strong', _('See all')), :controller => 'memberships', :profile => user.identifier)
883	883	end
884	884	link = list.map do \|element\|
885		- link_to(content_tag('strong', _('<span>Manage</span> %s') % element.short_name(25)), element.admin_url, :class => "icon-menu-"+element.class.identification.underscore, :title => _('Manage %s') % element.short_name)
	885	+ link_to(content_tag('strong', _('<span>Manage</span> %s').html_safe % element.short_name(25)), element.admin_url, :class => "icon-menu-"+element.class.identification.underscore, :title => _('Manage %s').html_safe % element.short_name)
886	886	end
887	887	if link_to_all
888	888	link << link_to_all
...	...	@@ -923,7 +923,7 @@ module ApplicationHelper
923	923	logout_link = link_to(logout_icon.html_safe, { :controller => 'account', :action => 'logout'} , :id => "logout", :title => _("Leave the system"))
924	924	join_result = safe_join(
925	925	[welcome_span.html_safe, render_environment_features(:usermenu).html_safe, admin_link.html_safe,
926		- manage_enterprises.html_safe, manage_communities.html_safe, ctrl_panel_link.html_safe,
	926	+ manage_enterprises, manage_communities, ctrl_panel_link.html_safe,
927	927	pending_tasks_count.html_safe, logout_link.html_safe], "")
928	928	join_result
929	929	end
...	...
...	...	@@ -47,8 +47,8 @@ class Contact
47	47	content_type: 'text/html',
48	48	to: contact.dest.notification_emails,
49	49	reply_to: contact.email,
50		- subject: "[#{contact.dest.short_name(30)}] " + contact.subject,
51		- from: "#{contact.name} <#{contact.dest.environment.noreply_email}>"
	50	+ subject: "[#{contact.dest.short_name(30)}] #{contact.subject}".html_safe,
	51	+ from: "#{contact.name} <#{contact.dest.environment.noreply_email}>".html_safe
52	52	}
53	53
54	54	if contact.sender
...	...
...	...	@@ -30,7 +30,7 @@ class EnvironmentMailing < Mailing
30	30	end
31	31
32	32	def signature_message
33		- _('Sent by %s.') % source.name
	33	+ _('Sent by %s.').html_safe % source.name
34	34	end
35	35
36	36	def url
...	...
...	...	@@ -23,11 +23,11 @@ class Mailing < ApplicationRecord
23	23	end
24	24
25	25	def generate_from
26		- "#{source.name} <#{if source.is_a? Environment then source.noreply_email else source.contact_email end}>"
	26	+ "#{source.name} <#{if source.is_a? Environment then source.noreply_email else source.contact_email end}>".html_safe
27	27	end
28	28
29	29	def generate_subject
30		- '[%s] %s' % [source.name, subject]
	30	+ '[%s] %s'.html_safe % [source.name, subject]
31	31	end
32	32
33	33	def signature_message
...	...
...	...	@@ -30,7 +30,7 @@ class OrganizationMailing < Mailing
30	30	end
31	31
32	32	def signature_message
33		- _('Sent by community %s.') % source.name
	33	+ _('Sent by community %s.').html_safe % source.name
34	34	end
35	35
36	36	include Rails.application.routes.url_helpers
...	...