Merge branch 'master' into staging

Leandro Santos
2 parents e502c6c0 4615d072
Showing 84 changed files with 524 additions and 190 deletions Show diff stats
app/api/helpers.rb
app/controllers/admin/categories_controller.rb
app/controllers/box_organizer_controller.rb
app/controllers/public/account_controller.rb
app/controllers/public/profile_controller.rb
app/helpers/application_helper.rb
app/mailers/contact.rb
app/mailers/environment_mailing.rb
app/mailers/mailing.rb
app/mailers/organization_mailing.rb
app/mailers/pending_task_notifier.rb
app/mailers/scrap_notifier.rb
app/mailers/task_mailer.rb
app/mailers/user_mailer.rb
app/models/abuse_complaint.rb
app/models/add_member.rb
app/models/community.rb
app/models/organization.rb
app/views/account/activation_question.html.erb
app/views/admin_panel/_signup_welcome_text.html.erb
@@ -331,12 +331,12 @@ module Api
     end
     def cant_be_saved_request!(attribute)
-      message = _("(Invalid request) %s can't be saved") % attribute
+      message = _("(Invalid request) %s can't be saved").html_safe % attribute
       render_api_error!(message, 400)
     end
     def bad_request!(attribute)
-      message = _("(Invalid request) %s not given") % attribute
+      message = _("(Invalid request) %s not given").html_safe % attribute
       render_api_error!(message, 400)
     end
@@ -44,7 +44,7 @@ class CategoriesController &lt; AdminController
       if request.post?
         @category.update!(params[:category])
         @saved = true
-        session[:notice] = _("Category %s saved." % @category.name)
+        session[:notice] = _("Category %s saved." % @category.name).html_safe
         redirect_to :action => 'index'
       end
     rescue Exception => e
@@ -109,7 +109,7 @@ class BoxOrganizerController &lt; ApplicationController
   def show_block_type_info
     type = params[:type]
     if type.blank? || !available_blocks.map(&:name).include?(type)
-      raise ArgumentError.new("Type %s is not allowed. Go away." % type)
+      raise ArgumentError.new("Type %s is not allowed. Go away.".html_safe % type)
     end
     @block = type.constantize.new
     @block.box = Box.new(:owner => boxes_holder)
@@ -122,7 +122,7 @@ class BoxOrganizerController &lt; ApplicationController
   def new_block(type, box)
     if !available_blocks.map(&:name).include?(type)
-      raise ArgumentError.new("Type %s is not allowed. Go away." % type)
+      raise ArgumentError.new("Type %s is not allowed. Go away.".html_safe % type)
     end
     block = type.constantize.new
     box.blocks << block
@@ -213,7 +213,7 @@ class AccountController &lt; ApplicationController
         if params[:value].blank?
           @change_password.errors[:base] << _('Can not recover user password with blank value.')
         else
-          @change_password.errors[:base] << _('Could not find any user with %s equal to "%s".') % [fields_label, params[:value]]
+          @change_password.errors[:base] << _('Could not find any user with %s equal to "%s".').html_safe % [fields_label, params[:value]]
         end
       rescue ActiveRecord::RecordInvalid
         @change_password.errors[:base] << _('Could not perform password recovery for the user.')
@@ -42,8 +42,8 @@ class ProfileController &lt; PublicController
     feed_writer = FeedWriter.new
     data = feed_writer.write(
       tagged,
-      :title => _("%s's contents tagged with \"%s\"") % [profile.name, @tag],
-      :description => _("%s's contents tagged with \"%s\"") % [profile.name, @tag],
+      :title => _("%s's contents tagged with \"%s\"").html_safe % [profile.name, @tag],
+      :description => _("%s's contents tagged with \"%s\"").html_safe % [profile.name, @tag],
       :link => url_for(profile.url)
     )
     render :text => data, :content_type => "text/xml"
@@ -88,7 +88,7 @@ class ProfileController &lt; PublicController
   def join_modal
       profile.add_member(user)
-      session[:notice] = _('%s administrator still needs to accept you as member.') % profile.name
+      session[:notice] = _('%s administrator still needs to accept you as member.').html_safe % profile.name
       redirect_to :action => :index
   end
@@ -98,12 +98,12 @@ class ProfileController &lt; PublicController
       profile.add_member(user)
       if !profile.members.include?(user)
-        render :text => {:message => _('%s administrator still needs to accept you as member.') % profile.name}.to_json
+        render :text => {:message => _('%s administrator still needs to accept you as member.').html_safe % profile.name}.to_json
       else
-        render :text => {:message => _('You just became a member of %s.') % profile.name}.to_json
+        render :text => {:message => _('You just became a member of %s.').html_safe % profile.name}.to_json
       end
     else
-      render :text => {:message => _('You are already a member of %s.') % profile.name}.to_json
+      render :text => {:message => _('You are already a member of %s.').html_safe % profile.name}.to_json
     end
   end
@@ -125,7 +125,7 @@ class ProfileController &lt; PublicController
         render :text => current_person.leave(profile, params[:reload])
       end
     else
-      render :text => {:message => _('You are not a member of %s.') % profile.name}.to_json
+      render :text => {:message => _('You are not a member of %s.').html_safe % profile.name}.to_json
     end
   end
@@ -145,9 +145,9 @@ class ProfileController &lt; PublicController
     # FIXME this shouldn't be in Person model?
     if !user.memberships.include?(profile)
       AddFriend.create!(:person => user, :friend => profile)
-      render :text => _('%s still needs to accept being your friend.') % profile.name
+      render :text => _('%s still needs to accept being your friend.').html_safe % profile.name
     else
-      render :text => _('You are already a friend of %s.') % profile.name
+      render :text => _('You are already a friend of %s.').html_safe % profile.name
     end
   end
@@ -178,7 +178,7 @@ class ProfileController &lt; PublicController
   def unblock
     if current_user.person.is_admin?(profile.environment)
       profile.unblock
-      session[:notice] = _("You have unblocked %s successfully. ") % profile.name
+      session[:notice] = _("You have unblocked %s successfully. ").html_safe % profile.name
       redirect_to :controller => 'profile', :action => 'index'
     else
       message = _('You are not allowed to unblock enterprises in this environment.')
@@ -882,7 +882,7 @@ module ApplicationHelper
         link_to_all = link_to(content_tag('strong', _('See all')), :controller => 'memberships', :profile => user.identifier)
       end
       link = list.map do |element|
-        link_to(content_tag('strong', _('<span>Manage</span> %s') % element.short_name(25)), element.admin_url, :class => "icon-menu-"+element.class.identification.underscore, :title => _('Manage %s') % element.short_name)
+        link_to(content_tag('strong', _('<span>Manage</span> %s').html_safe % element.short_name(25)), element.admin_url, :class => "icon-menu-"+element.class.identification.underscore, :title => _('Manage %s').html_safe % element.short_name)
       end
       if link_to_all
         link << link_to_all
@@ -923,7 +923,7 @@ module ApplicationHelper
     logout_link = link_to(logout_icon.html_safe, { :controller => 'account', :action => 'logout'} , :id => "logout", :title => _("Leave the system"))
     join_result = safe_join(
       [welcome_span.html_safe, render_environment_features(:usermenu).html_safe, admin_link.html_safe,
-        manage_enterprises.html_safe, manage_communities.html_safe, ctrl_panel_link.html_safe,
+        manage_enterprises, manage_communities, ctrl_panel_link.html_safe,
         pending_tasks_count.html_safe, logout_link.html_safe], "")
     join_result
   end
@@ -47,8 +47,8 @@ class Contact
         content_type: 'text/html',
         to: contact.dest.notification_emails,
         reply_to: contact.email,
-        subject: "[#{contact.dest.short_name(30)}] " + contact.subject,
-        from: "#{contact.name} <#{contact.dest.environment.noreply_email}>"
+        subject: "[#{contact.dest.short_name(30)}] #{contact.subject}".html_safe,
+        from: "#{contact.name} <#{contact.dest.environment.noreply_email}>".html_safe
       }
       if contact.sender
@@ -30,7 +30,7 @@ class EnvironmentMailing &lt; Mailing
   end
   def signature_message
-    _('Sent by %s.') % source.name
+    _('Sent by %s.').html_safe % source.name
   end
   def url
@@ -23,11 +23,11 @@ class Mailing &lt; ApplicationRecord
   end
   def generate_from
-    "#{source.name} <#{if source.is_a? Environment then source.noreply_email else source.contact_email end}>"
+    "#{source.name} <#{if source.is_a? Environment then source.noreply_email else source.contact_email end}>".html_safe
   end
   def generate_subject
-    '[%s] %s' % [source.name, subject]
+    '[%s] %s'.html_safe % [source.name, subject]
   end
   def signature_message
@@ -30,7 +30,7 @@ class OrganizationMailing &lt; Mailing
   end
   def signature_message
-    _('Sent by community %s.') % source.name
+    _('Sent by community %s.').html_safe % source.name
   end
   include Rails.application.routes.url_helpers
@@ -12,8 +12,8 @@ class PendingTaskNotifier &lt; ApplicationMailer
     mail(
       to: person.email,
-      from: "#{person.environment.name} <#{person.environment.noreply_email}>",
-      subject: _("[%s] Pending tasks") % person.environment.name
+      from: "#{person.environment.name} <#{person.environment.noreply_email}>".html_safe,
+      subject: _("[%s] Pending tasks").html_safe % person.environment.name
     )
   end
@@ -14,8 +14,8 @@ class ScrapNotifier &lt; ApplicationMailer
     @url = sender.environment.top_url
     mail(
       to: receiver.email,
-      from: "#{sender.environment.name} <#{sender.environment.noreply_email}>",
-      subject: _("[%s] You received a scrap!") % [sender.environment.name]
+      from: "#{sender.environment.name} <#{sender.environment.noreply_email}>".html_safe,
+      subject: _("[%s] You received a scrap!").html_safe % [sender.environment.name]
     )
   end
 end
@@ -14,7 +14,7 @@ class TaskMailer &lt; ApplicationMailer
     mail(
       to: task.target.notification_emails.compact,
       from: self.class.generate_from(task),
-      subject: "[%s] %s" % [task.environment.name, task.target_notification_description]
+      subject: "[%s] %s".html_safe % [task.environment.name, task.target_notification_description]
     )
   end
@@ -27,7 +27,7 @@ class TaskMailer &lt; ApplicationMailer
     mail(
       to: task.friend_email,
       from: self.class.generate_from(task),
-      subject: '[%s] %s' % [ task.requestor.environment.name, task.target_notification_description ]
+      subject: '[%s] %s'.html_safe % [ task.requestor.environment.name, task.target_notification_description ]
     )
   end
@@ -43,7 +43,7 @@ class TaskMailer &lt; ApplicationMailer
     mail_with_template(
       to: task.requestor.notification_emails,
       from: self.class.generate_from(task),
-      subject: '[%s] %s' % [task.requestor.environment.name, task.target_notification_description],
+      subject: '[%s] %s'.html_safe % [task.requestor.environment.name, task.target_notification_description],
       email_template: task.email_template,
       template_params: {:environment => task.requestor.environment, :task => task, :message => @message, :url => @url, :requestor => task.requestor}
     )
@@ -13,8 +13,8 @@ class UserMailer &lt; ApplicationMailer
     mail(
       to: user_email,
-      from: "#{user.environment.name} <#{user.environment.contact_email}>",
-      subject: _("[%{environment}] Welcome to %{environment} mail!") % { :environment => user.environment.name }
+      from: "#{user.environment.name} <#{user.environment.contact_email}>".html_safe,
+      subject: _("[%{environment}] Welcome to %{environment} mail!").html_safe % { :environment => user.environment.name }
     )
   end
@@ -30,7 +30,7 @@ class UserMailer &lt; ApplicationMailer
     mail_with_template(
       from: "#{user.environment.name} <#{user.environment.contact_email}>",
       to: user.email,
-      subject: _("[%s] Activate your account") % [user.environment.name],
+      subject: _("[%s] Activate your account").html_safe % [user.environment.name],
       template_params: {:environment => user.environment, :activation_code => @activation_code, :redirection => @redirection, :join => @join, :person => user.person, :url => @url},
       email_template: user.environment.email_templates.find_by_template_type(:user_activation),
     )
@@ -44,8 +44,8 @@ class UserMailer &lt; ApplicationMailer
     mail(
       content_type: 'text/html',
       to: user.email,
-      from: "#{user.environment.name} <#{user.environment.contact_email}>",
-      subject: email_subject.blank? ? _("Welcome to environment %s") % [user.environment.name] : email_subject,
+      from: "#{user.environment.name} <#{user.environment.contact_email}>".html_safe,
+      subject: email_subject.blank? ? _("Welcome to environment %s").html_safe % [user.environment.name] : email_subject,
       body: @body
     )
   end
@@ -63,8 +63,8 @@ class UserMailer &lt; ApplicationMailer
     mail(
       content_type: 'text/html',
       to: user.email,
-      from: "#{user.environment.name} <#{user.environment.contact_email}>",
-      subject: _("[%s] What about grow up your network?") % user.environment.name
+      from: "#{user.environment.name} <#{user.environment.contact_email}>".html_safe,
+      subject: _("[%s] What about grow up your network?").html_safe % user.environment.name
     )
   end
@@ -25,7 +25,7 @@ class AbuseComplaint &lt; Task
   end
   def title
-    abuse_reports.count > 1 ? (_('Abuse complaint (%s)') % abuse_reports.count) :_('Abuse complaint')
+    abuse_reports.count > 1 ? (_('Abuse complaint (%s)').html_safe % abuse_reports.count) :_('Abuse complaint')
   end
   def linked_subject
@@ -53,15 +53,15 @@ class AbuseComplaint &lt; Task
   end
   def task_activated_message
-    _('Your profile was reported by the users of %s due to inappropriate behavior. The administrators of the environment are now reviewing the report. To solve this misunderstanding, please contact the administrators.') % environment.name
+    _('Your profile was reported by the users of %s due to inappropriate behavior. The administrators of the environment are now reviewing the report. To solve this misunderstanding, please contact the administrators.').html_safe % environment.name
   end
   def task_finished_message
-    _('Your profile was disabled by the administrators of %s due to inappropriate behavior. To solve this misunderstanding please contact them.') % environment.name
+    _('Your profile was disabled by the administrators of %s due to inappropriate behavior. To solve this misunderstanding please contact them.').html_safe % environment.name
   end
   def target_notification_description
-    _('%s was reported due to inappropriate behavior.') % reported.name
+    _('%s was reported due to inappropriate behavior.').html_safe % reported.name
   end
   def target_notification_message
@@ -56,7 +56,7 @@ class AddMember &lt; Task
   def target_notification_description
     requestor_email = " (#{requestor.email})" if requestor.may_display_field_to?("email")
-    _("%{requestor}%{requestor_email} wants to be a member of '%{organization}'.") % {:requestor => requestor.name, :requestor_email => requestor_email, :organization => organization.name}
+    _("%{requestor}%{requestor_email} wants to be a member of '%{organization}'.").html_safe % {:requestor => requestor.name, :requestor_email => requestor_email, :organization => organization.name}
   end
   def target_notification_message
@@ -2,7 +2,7 @@ class Community &lt; Organization
   attr_accessible :accessor_id, :accessor_type, :role_id, :resource_id, :resource_type
   attr_accessible :address_reference, :district, :tag_list, :language, :description
-  attr_accessible :requires_email
+
   after_destroy :check_invite_member_for_destroy
   def self.type_name
@@ -13,9 +13,6 @@ class Community &lt; Organization
   N_('Language')
   settings_items :language
-  settings_items :requires_email, :type => :boolean
-
-  alias_method :requires_email?, :requires_email
   extend SetProfileRegionFromCityState::ClassMethods
   set_profile_region_from_city_state
@@ -2,6 +2,10 @@
 class Organization < Profile
   attr_accessible :moderated_articles, :foundation_year, :contact_person, :acronym, :legal_form, :economic_activity, :management_information, :cnpj, :display_name, :enable_contact_us
+  attr_accessible :requires_email
+
+  settings_items :requires_email, type: :boolean
+  alias_method :requires_email?, :requires_email
   SEARCH_FILTERS = {
     :order => %w[more_recent more_popular more_active],
@@ -3,7 +3,7 @@
     var answer = parseInt(form.answer.value);
     var val = form.answer.value;
     if (!answer || (val.length != 4) || val > <%= Time.now.year %> || val < 1900) {
-      alert(<%= (_('The year must be between %d and %d') % [1900, Time.now.year]).inspect %>);
+      alert(<%= (_('The year must be between %d and %d').html_safe % [1900, Time.now.year]).inspect %>);
       return false;
     } else {
       return true;
@@ -28,9 +28,9 @@
   <p>  <strong><%= _('Pay atention! You have only one chance!') %></strong> </p>
-  <p><%= _("This is a question to know if you really are part of this enterprise. Pay atention because you have only one chance to answer right and activate your enterprise. If you answer wrong you will not be able to activate the enterprise automaticaly and must get in touch with the admins of %s by email or phone.") % environment.name %> </p>
+  <p><%= _("This is a question to know if you really are part of this enterprise. Pay atention because you have only one chance to answer right and activate your enterprise. If you answer wrong you will not be able to activate the enterprise automaticaly and must get in touch with the admins of %s by email or phone.").html_safe % environment.name %> </p>
-  <%= ApplicationHelper::NoosferoFormBuilder::output_field(@question == :foundation_year ? (_("What year your enterprise was founded? It must have 4 digits, eg 1990. %s") % environment.tip_message_enterprise_activation_question) : _('What is the CNPJ of your enterprise?'), text_field_tag(:answer, nil, :id => 'enterprise-activation-answer')) %>
+  <%= ApplicationHelper::NoosferoFormBuilder::output_field(@question == :foundation_year ? (_("What year your enterprise was founded? It must have 4 digits, eg 1990. %s").html_safe % environment.tip_message_enterprise_activation_question) : _('What is the CNPJ of your enterprise?'), text_field_tag(:answer, nil, :id => 'enterprise-activation-answer')) %>
     <%= hidden_field_tag :enterprise_code, params[:enterprise_code] %>
 <div class='description'>
   <%= _('This text will be sent to new users if the feature "Send welcome e-mail to new users" is enabled on environment.') %><br/><br/>
-  <%= _('Including %s on body, it will be replaced by the real name of the e-mail recipient.') % content_tag('code', '{user_name}') %>
+  <%= _('Including %s on body, it will be replaced by the real name of the e-mail recipient.').html_safe % content_tag('code', '{user_name}') %>
 </div>
 <%= labelled_form_field(_('Subject'), text_field(:environment, :signup_welcome_text_subject, :style => 'width:100%')) %>
@@ -58,7 +58,7 @@
 <div id="blog-image-builder">
   <%= f.fields_for :image_builder, @article.image do |i| %>
     <%= file_field_or_thumbnail(_('Cover image:'), @article.image, i)%>
-    <%= _("Max size: %s (.jpg, .gif, .png)")% Image.max_size.to_humanreadable %>
+    <%= _("Max size: %s (.jpg, .gif, .png)").html_safe % Image.max_size.to_humanreadable %>
   <% end %>
 </div>
-<h2><%= _('Processed validation request for %s ') % @processed.name %> (<%= status(@processed) %>)</h2>
+<h2><%= _('Processed validation request for %s ').html_safe % @processed.name %> (<%= status(@processed) %>)</h2>
 <%= link_to _('Back'), :action => 'index' %>
-<h1><%= _('Adding %s as a favorite enterprise') % @favorite_enterprise.name %></h1>
+<h1><%= _('Adding %s as a favorite enterprise').html_safe % @favorite_enterprise.name %></h1>
 <p>
-<%= _('Are you sure you want to add %s as your favorite enterprise?') % @favorite_enterprise.name %>
+<%= _('Are you sure you want to add %s as your favorite enterprise?').html_safe % @favorite_enterprise.name %>
 </p>
 <%= form_tag do %>
   <%= hidden_field_tag(:confirmation, 1) %>
-  <%= submit_button(:ok, _("Yes, I am sure"), :title => _("I want to add %s as a favorite enterprise") % @favorite_enterprise.name) %>
+  <%= submit_button(:ok, _("Yes, I am sure"), :title => _("I want to add %s as a favorite enterprise").html_safe % @favorite_enterprise.name) %>
   <%= button(:cancel, _("No, I don't want"), :action => 'index') %>
 <% end %>
 <div id="remove_friend">
-<h1><%= _('Removing friend: %s') % @friend.name %></h1>
+<h1><%= _('Removing friend: %s').html_safe % @friend.name %></h1>
 <%= profile_image @friend, :thumb, :class => 'friend_picture' %>
 <p>
-<%= _('Are you sure you want to remove %s from your friends list?') % @friend.name %>
+<%= _('Are you sure you want to remove %s from your friends list?').html_safe % @friend.name %>
 </p>
 <p>
 <em>
-<%= _('Note that %s will still have you as a friend, unless he/she also wants to remove you from his/her friend list.') % @friend.name %>
+<%= _('Note that %s will still have you as a friend, unless he/she also wants to remove you from his/her friend list.').html_safe % @friend.name %>
 </em>
 </p>
 <% default_message = defined?(default_message) ? default_message : false %>
 <div id='thanks-for-signing'>
-  <h1><%= _("Welcome to %s!") % environment.name %></h1>
+  <h1><%= _("Welcome to %s!").html_safe % environment.name %></h1>
   <% if environment.has_custom_welcome_screen? && !default_message %>
     <%= environment.settings[:signup_welcome_screen_body].html_safe %>
   <% else %>
@@ -10,21 +10,21 @@
         <p><%= _("Firstly, some tips for getting started:") %></p>
         <h4><%= _("Confirm your account!") %></h4>
         <p><%= _("You should receive a welcome email from us shortly. Please take a second to follow the link within to confirm your account.") %></p>
-        <p><%= _("You won't appear as %s until your account is confirmed.") % link_to(_('user'), {:controller => :search, :action => :people, :filter => 'more_recent'}, :target => '_blank') %></p>
+        <p><%= _("You won't appear as %s until your account is confirmed.").html_safe % link_to(_('user'), {:controller => :search, :action => :people, :filter => 'more_recent'}, :target => '_blank') %></p>
       <% else %>
         <h4><%= _("Wait for admin approvement!") %></h4>
         <p><%= _("The administrators will evaluate your signup request for approvement.") %></p>
-        <p><%= _("You won't appear as %s until your account is approved.") % link_to(_('user'), {:controller => :search, :action => :people, :filter => 'more_recent'}, :target => '_blank') %></p>
+        <p><%= _("You won't appear as %s until your account is approved.").html_safe % link_to(_('user'), {:controller => :search, :action => :people, :filter => 'more_recent'}, :target => '_blank') %></p>
       <% end %>
       <h4><%= _("What to do next?") %></h4>
-      <p><%= _("Access your %s and see your face on the network!") %
+      <p><%= _("Access your %s and see your face on the network!").html_safe %
         (user.present? ? link_to(_('Profile'), {:controller => 'profile', :profile => user.identifier}, :target => '_blank') : 'Profile') %>
-      <%= _("You can also explore your %s to customize your profile. Here are some %s on what you can do there.") %
+      <%= _("You can also explore your %s to customize your profile. Here are some %s on what you can do there.").html_safe %
         [user.present? ? link_to(_('Control Panel'), {:controller => 'profile_editor', :profile => user.identifier}, :target => '_blank') : 'Control Panel',
           link_to(_('tips'), {:controller => 'doc', :action => 'topic', :section => 'user', :topic => 'editing-person-info'}, :target => '_blank')] %></p>
-      <p><%= _("%s your Gmail, Yahoo and Hotmail contacts!") % link_to(_('Invite and find'), {:controller => 'doc', :action => 'topic', :section => 'user', :topic => 'invite-contacts'}, :target => '_blank') %></p>
-      <p><%= _("Learn the guidelines. Read the %s for more details on how to use this social network!") % link_to(_('Documentation'), {:controller => 'doc'}, :target => '_blank') %></p>
+      <p><%= _("%s your Gmail, Yahoo and Hotmail contacts!").html_safe % link_to(_('Invite and find'), {:controller => 'doc', :action => 'topic', :section => 'user', :topic => 'invite-contacts'}, :target => '_blank') %></p>
+      <p><%= _("Learn the guidelines. Read the %s for more details on how to use this social network!").html_safe % link_to(_('Documentation'), {:controller => 'doc'}, :target => '_blank') %></p>
       <p><%= _("Start exploring and have fun!") %></p>
   <% end %>
-  <%= render :partial => 'shared/template_welcome_page', :locals => {:template => @person_template, :header => _("What can I do as a %s?")} %>
+  <%= render :partial => 'shared/template_welcome_page', :locals => {:template => @person_template, :header => _("What can I do as a %s?").html_safe} %>
 </div>
 <% if activity.comments_count > 2 %>
   <div style="font-size: 10px;">
     <% if activity.params['url'].blank?  %>
-      <%= _("%s comments") % activity.comments_count %>
+      <%= _("%s comments").html_safe % activity.comments_count %>
     <% else %>
-      <%= link_to(_("View all %s comments") % activity.comments_count, activity.params['url']) %>
+      <%= link_to(_("View all %s comments").html_safe % activity.comments_count, activity.params['url']) %>
     <% end %>
   </div>
 <% else %>
@@ -13,5 +13,5 @@
     <%= button(:add, content_tag('span', _('Add friend')), profile.add_url, :class => 'add-friend', :title => _("Add friend"), :style => 'position: relative;') %>
   <% end %>
   <%= button :back, _('Go back'), :back %>
-  <%= button :home, _("Go to %s home page") % environment.name, :controller => 'home' %>
+  <%= button :home, _("Go to %s home page").html_safe % environment.name, :controller => 'home' %>
 <% end %>
@@ -5,7 +5,7 @@
 <% if activity.comments_count > 0 %>
 <div id="profile-wall-activities-comments-more-<%= activity.id %>" class="profile-wall-activities-comments" >
   <div class='view-all-comments icon-chat'>
-     <%= link_to(n_('View comment', "View all %s comments", activity.comments_count) % activity.comments_count, :profile => profile.identifier, :controller => 'profile', :action => 'more_comments', :activity => activity, :comment_page => (1)) %>
+     <%= link_to(n_('View comment', "View all %s comments".html_safe, activity.comments_count) % activity.comments_count, :profile => profile.identifier, :controller => 'profile', :action => 'more_comments', :activity => activity, :comment_page => (1)) %>
   </div>
 </div>
 <% end %>
@@ -23,7 +23,7 @@
   <% if scrap.replies.count > 0 %>
     <div id="profile-wall-activities-comments-more-<%= activity.id %>" class="profile-wall-activities-comments">
       <div class='view-all-comments icon-chat'>
-        <%= link_to(n_('View comment', "View all %s comments", scrap.replies.count) % scrap.replies.count, :profile => profile.identifier, :controller => 'profile', :action => 'more_replies', :activity => activity, :comment_page => (1)) %>
+        <%= link_to(n_('View comment', "View all %s comments".html_safe, scrap.replies.count) % scrap.replies.count, :profile => profile.identifier, :controller => 'profile', :action => 'more_replies', :activity => activity, :comment_page => (1)) %>
       </div>
     </div>
   <% end %>
-<h1><%= _('Profile settings for %s') % profile.name %></h1>
+<h1><%= _('Profile settings for %s').html_safe % profile.name %></h1>
 <%= error_messages_for :profile_data %>
@@ -18,7 +18,7 @@
   </div>
   <div id="profile_change_picture">
     <%= f.fields_for :image_builder, @profile.image do |i| %>
-      <%= file_field_or_thumbnail(_('Image:'), @profile.image, i) %><%= _("Max size: %s (.jpg, .gif, .png)")% Image.max_size.to_humanreadable %>
+      <%= file_field_or_thumbnail(_('Image:'), @profile.image, i) %><%= _("Max size: %s (.jpg, .gif, .png)").html_safe % Image.max_size.to_humanreadable %>
     <% end %>
   </div>
 <div id='search-content'>
   <div class='total'>
-    <%= n_('Total of 1 result', 'Total of %s results', @searches[@asset][:results].total_entries) % @searches[@asset][:results].total_entries.inspect %>
+    <%= n_('Total of 1 result', 'Total of %s results'.html_safe, @searches[@asset][:results].total_entries) % @searches[@asset][:results].total_entries.inspect %>
   </div>
 <%= display_results(@searches, @asset) %>
-<%= render :partial => 'search_form', :locals => { :hint => _("Type words about the %s you're looking for") % _(@asset.to_s.singularize) } %>
+<%= render :partial => 'search_form', :locals => { :hint => _("Type words about the %s you're looking for").html_safe % _(@asset.to_s.singularize) } %>
 <%= render :partial => 'search_content' %>
 <div style="clear: both"></div>
 <%= profile_image suggestion, :thumb, :class => 'suggestion_picture' %>
 <p>
-<%= _('Are you sure you want to remove %s from your suggestions list?') % suggestion.name %>
+<%= _('Are you sure you want to remove %s from your suggestions list?').html_safe % suggestion.name %>
 </p>
 <%= form_tag do %>
-  <%= submit_button(:ok, _("Yes, I want to remove %s") % suggestion.name) %>
+  <%= submit_button(:ok, _("Yes, I want to remove %s").html_safe % suggestion.name) %>
   <%= button(:cancel, _("No"), :action => 'suggest') %>
 <% end %>
-<h2><%= _('Ticket: %s') % @ticket.name %></h2>
+<h2><%= _('Ticket: %s').html_safe % @ticket.name %></h2>
 <p><small>
-  <%= _('Created at %s by %s') % [@ticket.created_at.to_date, link_to(@ticket.requestor.name, @ticket.requestor.url)] %><br/>
-  <%= _('Owner: %s') %  link_to(@ticket.target.name, @ticket.target.url) %>
+  <%= _('Created at %s by %s').html_safe % [@ticket.created_at.to_date, link_to(@ticket.requestor.name, @ticket.requestor.url)] %><br/>
+  <%= _('Owner: %s').html_safe %  link_to(@ticket.target.name, @ticket.target.url) %>
 </small></p>
-<p><%= _('Status: %s') % gettext(Task::Status.names[@ticket.status]) %></p>
+<p><%= _('Status: %s').html_safe % gettext(Task::Status.names[@ticket.status]) %></p>
 <div>
-  <p><%= _('Description: %s') % @ticket.description %></p>
+  <p><%= _('Description: %s').html_safe % @ticket.description %></p>
 </div>
 <% if @ticket.closing_statment %>
-  <p><%= _('Closing statement: %s') % @ticket.closing_statment %></p>
+  <p><%= _('Closing statement: %s').html_safe % @ticket.closing_statment %></p>
 <% end %>
 <%= button_bar do %>
@@ -10,7 +10,7 @@
 <% list_of_templates.each do |title, templates, kind|%>
   <div class='template-kind'>
     <h2><%= title %></h2>
-    <%= button :add, _('New...'), {:action => "create_#{kind}_template"}, :title => _("Create a new template for %s") % title.downcase %>
+    <%= button :add, _('New...'), {:action => "create_#{kind}_template"}, :title => _("Create a new template for %s").html_safe % title.downcase %>
     <table class='actions'>
       <tr>
         <th><%= _('Template') %></th>
@@ -20,11 +20,11 @@
         <tr>
           <td>
             <%#= image_tag "icons-app/#{kind}-icon.png" %>
-            <%= link_to(template.name, {:controller => 'profile_editor', :profile => template.identifier}, :title => _('Edit template "%s"') % template.name ) %>
+            <%= link_to(template.name, {:controller => 'profile_editor', :profile => template.identifier}, :title => _('Edit template "%s"').html_safe % template.name ) %>
             <% if environment.is_default_template?(template) %>
               <%= _('is the default template') %>
             <% else %>
-              <%= link_to(_('Set as default'), {:action => "set_#{kind}_as_default", :template_id => template.id}, :title => _('Set %s template as default') % template.name ) %>
+              <%= link_to(_('Set as default'), {:action => "set_#{kind}_as_default", :template_id => template.id}, :title => _('Set %s template as default').html_safe % template.name ) %>
             <% end %>
           </td>
           <td>
-<%= _('Hello %s,') % @name  %>
+<%= _('Hello %s,').html_safe % @name  %>
-<%= _('Your email %s was just activated.') % [@email] %>
+<%= _('Your email %s was just activated.').html_safe % [@email] %>
 <%= _('You can access your e-mail from anywhere, using the following address:') %>
 <%= @webmail %>
@@ -8,5 +8,5 @@
 <%= _('Greetings,') %>
 --
-<%= _('%s team.') % @environment.name %>
+<%= _('%s team.').html_safe % @environment.name %>
 <%= @url %>
@@ -0,0 +1,2 @@
+gem 'browser', '~> 2.2.0'
+
@@ -7,12 +7,39 @@ class AnalyticsPlugin::StatsController &lt; MyProfileController
   def index
   end
+  def edit
+    return render_access_denied unless user.has_permission? 'edit_profile', profile
+
+    params[:analytics_settings][:enabled] = params[:analytics_settings][:enabled] == 'true'
+    params[:analytics_settings][:anonymous] = params[:analytics_settings][:anonymous] == 'true'
+    @settings = profile.analytics_settings params[:analytics_settings] || {}
+    @settings.save!
+    render nothing: true
+  end
+
+  def view
+    params[:profile_ids] ||= [profile.id]
+    ids = params[:profile_ids].map(&:to_i)
+    user.adminships # FIXME just to cache #adminship_ids
+    ids = ids.select{ |id| id.in? user.adminship_ids } unless @user_is_admin
+
+    @profiles = environment.profiles.find ids
+    @user = environment.people.find params[:user_id]
+    @visits = AnalyticsPlugin::Visit.eager_load(:users_page_views).
+      where(profile_id: ids, analytics_plugin_page_views: {user_id: @user.id})
+
+    render partial: 'table', locals: {visits: @visits}
+
+  end
+
   protected
-  def default_url_options
-    # avoid rails' use_relative_controller!
-    {use_route: '/'}
+  # inherit routes from core skipping use_relative_controller!
+  def url_for options
+    options[:controller] = "/#{options[:controller]}" if options.is_a? Hash and options[:controller] and not options[:controller].to_s.starts_with? '/'
+    super options
   end
+  helper_method :url_for
   def skip_page_view
     @analytics_skip_page_view = true
@@ -7,7 +7,10 @@ class AnalyticsPlugin::TimeOnPageController &lt; ProfileController
     Noosfero::Scheduler::Defer.later do
       page_view = profile.page_views.where(request_id: params[:id]).first
       page_view.request = request
-      page_view.page_load!
+      AnalyticsPlugin::PageView.transaction do
+        page_view.page_load! Time.at(params[:time].to_i)
+        page_view.update_column :title, params[:title] if params[:title].present?
+      end
     end
     render nothing: true
@@ -0,0 +1,40 @@
+class AddTitleAndIsBotToAnalyticsPluginPageView < ActiveRecord::Migration
+
+  def up
+    add_column :analytics_plugin_page_views, :title, :text
+    add_column :analytics_plugin_page_views, :is_bot, :boolean
+
+    # missing indexes for performance
+    add_index :analytics_plugin_page_views, :type
+    add_index :analytics_plugin_page_views, :visit_id
+    add_index :analytics_plugin_page_views, :request_started_at
+    add_index :analytics_plugin_page_views, :page_loaded_at
+    add_index :analytics_plugin_page_views, :is_bot
+
+    AnalyticsPlugin::PageView.transaction do
+      AnalyticsPlugin::PageView.find_each do |page_view|
+        page_view.send :fill_is_bot
+        page_view.update_column :is_bot, page_view.is_bot
+      end
+    end
+
+    change_table :analytics_plugin_visits do |t|
+      t.timestamps
+    end
+    AnalyticsPlugin::Visit.transaction do
+      AnalyticsPlugin::Visit.find_each do |visit|
+        visit.created_at = visit.page_views.first.request_started_at
+        visit.updated_at = visit.page_views.last.request_started_at
+        visit.save!
+      end
+    end
+
+    # never used
+    remove_column :analytics_plugin_page_views, :track_id
+  end
+
+  def down
+    say "this migration can't be reverted"
+  end
+
+end
@@ -13,4 +13,15 @@ module AnalyticsPlugin
     I18n.t'analytics_plugin.lib.plugin.description'
   end
+  def self.clear_non_users
+    ActiveRecord::Base.transaction do
+      AnalyticsPlugin::PageView.bots.delete_all
+      AnalyticsPlugin::PageView.not_page_loaded.delete_all
+      # delete_all does not work here
+      AnalyticsPlugin::Visit.without_page_views.destroy_all
+    end
+  end
+
 end
+
+Browser::Bot.detect_empty_ua!
@@ -3,6 +3,7 @@ class AnalyticsPlugin::Base &lt; Noosfero::Plugin
   def body_ending
     return unless profile and profile.analytics_enabled?
+    return if @analytics_skip_page_view
     lambda do
       render 'analytics_plugin/body_ending'
     end
@@ -12,6 +13,7 @@ class AnalyticsPlugin::Base &lt; Noosfero::Plugin
     ['analytics'].map{ |j| "javascripts/#{j}" }
   end
+  # FIXME: not reloading on development, need server restart
   def application_controller_filters
     [{
       type: 'around_filter', options: {}, block: -> &block do
@@ -23,15 +25,12 @@ class AnalyticsPlugin::Base &lt; Noosfero::Plugin
         return unless profile and profile.analytics_enabled?
         Noosfero::Scheduler::Defer.later 'analytics: register page view' do
-          page_view = profile.page_views.build request: request, profile_id: profile,
+          page_view = profile.page_views.build request: request, profile_id: profile.id,
             request_started_at: request_started_at, request_finished_at: request_finished_at
-
           unless profile.analytics_anonymous?
-            session_id = session.id
             page_view.user = user
-            page_view.session_id = session_id
+            page_view.session_id = session.id
           end
-
           page_view.save!
         end
       end,
@@ -39,6 +38,7 @@ class AnalyticsPlugin::Base &lt; Noosfero::Plugin
   end
   def control_panel_buttons
+    return unless user.is_admin? environment
     {
       title: I18n.t('analytics_plugin.lib.plugin.panel_button'),
       icon: 'analytics-access',
 require_dependency 'profile'
-require_dependency 'community'
-([Profile] + Profile.descendants).each do |subclass|
-subclass.class_eval do
+class Profile
-  has_many :visits, foreign_key: :profile_id, class_name: 'AnalyticsPlugin::Visit'
-  has_many :page_views, foreign_key: :profile_id, class_name: 'AnalyticsPlugin::PageView'
+  has_many :users_visits, -> { latest.with_users_page_views }, foreign_key: :profile_id, class_name: 'AnalyticsPlugin::Visit'
-end
-end
+  has_many :visits, -> { latest.eager_load :page_views }, foreign_key: :profile_id, class_name: 'AnalyticsPlugin::Visit'
+  has_many :page_views, foreign_key: :profile_id, class_name: 'AnalyticsPlugin::PageView'
-class Profile
+  has_many :user_visits, -> { latest.eager_load :page_views }, foreign_key: :user_id, class_name: 'AnalyticsPlugin::PageView'
+  has_many :user_page_views, foreign_key: :user_id, class_name: 'AnalyticsPlugin::PageView'
   def analytics_settings attrs = {}
     @analytics_settings ||= Noosfero::Plugin::Settings.new self, ::AnalyticsPlugin, attrs
@@ -9,10 +9,14 @@ en: &amp;en
     views:
       stats:
+        enable: "Enable tracking on the profile '%{profile}'"
+        anonymous: "Don't associate users' login"
+        config_save: "Configuration saved"
         user: 'User'
         initial_time: 'Time'
+        ip: 'IP'
         pages: 'Pages'
-en-US:
+en_US:
   <<: *en
@@ -9,9 +9,14 @@ pt: &amp;pt
     views:
       stats:
+        enable: "Ativar rastreio no perfil '%{profile}'"
+        anonymous: "Não associar login de usuários"
+        config_save: "Configuração salva"
         user: 'Usuário'
         initial_time: 'Horário'
+        ip: 'IP'
         pages: 'Páginas'
-pt-BR:
+pt_BR:
   <<: *pt
+
@@ -10,22 +10,34 @@ class AnalyticsPlugin::PageView &lt; ApplicationRecord
   acts_as_having_settings field: :options
-  belongs_to :visit, class_name: 'AnalyticsPlugin::Visit'
-  belongs_to :referer_page_view, class_name: 'AnalyticsPlugin::PageView'
+  belongs_to :profile, validate: true
+  belongs_to :visit, class_name: 'AnalyticsPlugin::Visit', touch: true, validate: true
-  belongs_to :user, class_name: 'Person'
-  belongs_to :session, primary_key: :session_id, foreign_key: :session_id, class_name: 'Session'
-  belongs_to :profile
+  belongs_to :referer_page_view, class_name: 'AnalyticsPlugin::PageView', validate: false
-  validates_presence_of :visit
-  validates_presence_of :request, on: :create
-  validates_presence_of :url
+  belongs_to :user, class_name: 'Person', validate: false
+  belongs_to :session, primary_key: :session_id, foreign_key: :session_id, class_name: 'Session', validate: false
+
+  validates :request, presence: true, on: :create
+  validates :url, presence: true
   before_validation :extract_request_data, on: :create
   before_validation :fill_referer_page_view, on: :create
   before_validation :fill_visit, on: :create
+  before_validation :fill_is_bot, on: :create
+
+  after_update :destroy_empty_visit
+  after_destroy :destroy_empty_visit
+
+  scope :in_sequence, -> { order 'analytics_plugin_page_views.request_started_at ASC' }
+
+  scope :page_loaded, -> { where 'analytics_plugin_page_views.page_loaded_at IS NOT NULL' }
+  scope :not_page_loaded, -> { where 'analytics_plugin_page_views.page_loaded_at IS NULL' }
-  scope :latest, -> { order 'request_started_at DESC' }
+  scope :no_bots, -> { where.not is_bot: true }
+  scope :bots, -> { where is_bot: true }
+
+  scope :loaded_users, -> { in_sequence.page_loaded.no_bots }
   def request_duration
     self.request_finished_at - self.request_started_at
@@ -43,8 +55,8 @@ class AnalyticsPlugin::PageView &lt; ApplicationRecord
     Time.now < self.user_last_time_seen + AnalyticsPlugin::TimeOnPageUpdateInterval
   end
-  def page_load!
-    self.page_loaded_at = Time.now
+  def page_load! time
+    self.page_loaded_at = time
     self.update_column :page_loaded_at, self.page_loaded_at
   end
@@ -56,6 +68,16 @@ class AnalyticsPlugin::PageView &lt; ApplicationRecord
     self.update_column :time_on_page, self.time_on_page
   end
+  def find_referer_page_view
+    return if self.referer_url.blank?
+    AnalyticsPlugin::PageView.order('request_started_at DESC').
+      where(url: self.referer_url, session_id: self.session_id, user_id: self.user_id, profile_id: self.profile_id).first
+  end
+
+  def browser
+    @browser ||= Browser.new self.user_agent
+  end
+
   protected
   def extract_request_data
@@ -64,16 +86,29 @@ class AnalyticsPlugin::PageView &lt; ApplicationRecord
     self.user_agent = self.request.headers['User-Agent']
     self.request_id = self.request.env['action_dispatch.request_id']
     self.remote_ip = self.request.remote_ip
+    true
   end
   def fill_referer_page_view
-    self.referer_page_view = AnalyticsPlugin::PageView.order('request_started_at DESC').
-      where(url: self.referer_url, session_id: self.session_id, user_id: self.user_id, profile_id: self.profile_id).first if self.referer_url.present?
+    self.referer_page_view = self.find_referer_page_view
+    true
   end
   def fill_visit
     self.visit = self.referer_page_view.visit if self.referer_page_view and self.referer_page_view.user_on_page?
     self.visit ||= AnalyticsPlugin::Visit.new profile: profile
+    true
+  end
+
+  def fill_is_bot
+    self.is_bot = self.browser.bot?
+    true
+  end
+
+  def destroy_empty_visit
+    return unless self.visit_id_changed?
+    old_visit = AnalyticsPlugin::Visit.find self.visit_id_was
+    old_visit.destroy if old_visit.page_views.empty?
   end
 end
@@ -5,10 +5,16 @@ class AnalyticsPlugin::Visit &lt; ApplicationRecord
   belongs_to :profile
   has_many :page_views, class_name: 'AnalyticsPlugin::PageView', dependent: :destroy
+  has_many :users_page_views, -> { loaded_users }, class_name: 'AnalyticsPlugin::PageView', dependent: :destroy
-  default_scope -> { joins(:page_views).includes :page_views }
+  scope :latest, -> { order 'updated_at DESC' }
-  scope :latest, -> { order 'analytics_plugin_page_views.request_started_at DESC' }
+  scope :with_users_page_views, -> {
+    eager_load(:users_page_views).where.not analytics_plugin_page_views: {visit_id: nil}
+  }
+  scope :without_page_views, -> {
+    eager_load(:page_views).where analytics_plugin_page_views: {visit_id: nil}
+  }
   def first_page_view
     self.page_views.first
 analytics = {
+
+  t: function (key, options) {
+    return I18n.t(key, $.extend(options, {scope: 'analytics_plugin'}))
+  },
+
   requestId: '',
   timeOnPage: {
@@ -27,7 +32,7 @@ analytics = {
   pageLoad: function() {
     $.ajax(analytics.timeOnPage.baseUrl+'/page_load', {
-      type: 'POST', data: {id: analytics.requestId},
+      type: 'POST', data: {id: analytics.requestId, title: document.title, time: Math.floor(Date.now()/1000)},
       success: function(data) {
       },
     });
@@ -0,0 +1,33 @@
+analytics-settings
+  .checkbox
+    label name='enabled'
+      input type='checkbox' name='enabled' value='1' checked='{settings.enabled}' onchange='{toggleEnabled}'
+      |{anl.t('views.stats.enable', {profile: noosfero.profile})}
+
+  .checkbox if='{settings.enabled}'
+    label name='anonymous'
+      input type='checkbox' name='anonymous' value='1' checked='{settings.anonymous}' onchange='{toggleAnonymous}'
+      |{anl.t('views.stats.anonymous')}
+
+  javascript:
+    this.anl = window.analytics
+    this.settings = opts.settings
+    this.updateUrl = Routes.analytics_plugin_stats_path({profile: noosfero.profile, action: 'edit'})
+
+    toggleEnabled (e) {
+      this.settings.enabled = !this.settings.enabled
+      this.update()
+      this.save(e)
+    }
+    toggleAnonymous (e) {
+      this.settings.anonymous = !this.settings.anonymous
+      this.save(e)
+    }
+
+    save (e) {
+      var self = this
+      $.post(this.updateUrl, {analytics_settings: this.settings}, function() {
+        display_notice(self.anl.t('views.stats.config_save'))
+      })
+    }
+
@@ -37,7 +37,7 @@ class ContentViewerControllerTest &lt; ActionController::TestCase
     @request.env['HTTP_REFERER'] = first_url
     get :view_page, profile: @community.identifier, page: @community.articles.last.path.split('/')
     assert_equal 2, @community.page_views.count
-    assert_equal 2, @community.visits.count
+    assert_equal 1, @community.visits.count
     second_page_view = @community.page_views.order(:id).last
     assert_equal first_page_view, second_page_view.referer_page_view
@@ -48,7 +48,7 @@ class ContentViewerControllerTest &lt; ActionController::TestCase
     future = Time.now + 2*AnalyticsPlugin::TimeOnPageUpdateInterval
     Time.stubs(:now).returns(future)
     get :view_page, profile: @community.identifier, page: @community.articles.last.path.split('/')
-    assert_equal 3, @community.visits.count
+    assert_equal 2, @community.visits.count
   end
 end
-table#analytics-stats.table data-toggle='table' data-striped='true' data-sortable='true' data-icons-prefix='fa'
-  thead
-    - unless profile.analytics_anonymous?
+.table-responsive
+  table#analytics-stats.table data-toggle='table' data-striped='true' data-sortable='true' data-icons-prefix='fa'
+    thead
       th= t'analytics_plugin.views.stats.user'
-    th= t'analytics_plugin.views.stats.initial_time'
-    th= t'analytics_plugin.views.stats.pages'
+      th= t'analytics_plugin.views.stats.initial_time'
+      th= t'analytics_plugin.views.stats.ip'
+      th= t'analytics_plugin.views.stats.pages'
-  tbody
-    - profile.visits.each do |visit|
-      tr
-        td= link_to visit.user.name, visit.user.url
-        td
-          div data-toggle="tooltip" data-title='#{l visit.initial_time}'
-            = time_ago_in_words(visit.initial_time)
-            |&nbsp
-            = _'ago'
-        td
-          - visit.page_views.each do |page_view|
-            = link_to page_view.url, page_view.url
-            |&nbsp;
-            = "(#{distance_of_time_in_words page_view.time_on_page})"
-            |&nbsp;->&nbsp;
+    tbody
+      - visits.each do |visit|
+        tr data-visit-id='#{visit.id}'
+          td= link_to visit.user.name, visit.user.url if visit.user
+          td
+            div data-toggle="tooltip" data-title='#{l visit.initial_time}'
+              = time_ago_in_words visit.initial_time
+              |&nbsp
+              = _'ago'
+          td= visit.users_page_views.first.remote_ip
+          td
+            ol
+              - visit.users_page_views.each do |page_view|
+                li
+                  = link_to (if page_view.title.present? then page_view.title else page_view.url end), page_view.url, target: '_blank'
+                  |&nbsp;
+                  = "(#{distance_of_time_in_words page_view.time_on_page})"
 javascript:
   $('#analytics-stats').bootstrapTable({
     striped: true,
-    columns: [
-      {sortable: true},
-      {sortable: true},
-      {sortable: true},
-    ],
   })
   $(document).ready(function() {
-- content_for :head
-  = javascript_include_tag 'https://cdnjs.cloudflare.com/ajax/libs/bootstrap-table/1.8.1/bootstrap-table-all.min.js'
-  = stylesheet_link_tag 'https://cdnjs.cloudflare.com/ajax/libs/bootstrap-table/1.8.1/bootstrap-table.css'
+= render 'shared/bootstrap_table'
+
+= button :back, _('Back to control panel'), controller: 'profile_editor'
+
+= js_translations_include plugin: :analytics
+= javascript_include_tag 'plugins/analytics/javascripts/views/settings'
+analytics-settings data-opts="#{CGI.escapeHTML({settings: {enabled: profile.analytics_settings.enabled, anonymous: profile.analytics_settings.anonymous}}.to_json)}" data-riot=''
+/ needs html_safe to work
+/= riot_component :analytics_settings, settings: {enabled: profile.analytics_settings.enabled, anonymous: profile.analytics_settings.anonymous}
+
+= render 'table', visits: profile.users_visits.limit(50)
-= render 'table'
@@ -71,7 +71,7 @@ module CustomFormsPlugin::Helper
   def display_custom_field(field, submission, form)
     sanitized_name = ActionView::Base.white_list_sanitizer.sanitize field.name
     answer = submission.answers.select{|answer| answer.field == field}.first
-    field_tag = send("display_#{type_for_options(field.class)}",field, answer, form)
+    field_tag = send("display_#{type_for_options(field.class)}",field, answer, form).html_safe
     if field.mandatory? && submission.id.nil?
       required(labelled_form_field(sanitized_name, field_tag))
     else
@@ -12,7 +12,7 @@
   <%= f.hidden_field(:position) %>
   <%= f.hidden_field :_destroy, :class => 'destroy-field' %>
-  <%= button_to_function :delete, _('Remove field'), "customFormsPlugin.removeFieldBox(this, #{CGI::escapeHTML(_('Are you sure you want to remove this field?').to_json)})" %>
+  <%= button_to_function :delete, _('Remove field'), "customFormsPlugin.removeFieldBox(this, #{_('Are you sure you want to remove this field?').to_json})" %>
   <%= yield %>
 </div>
 </fieldset>
@@ -51,8 +51,8 @@
 </ul>
 <div class="addition-buttons">
-  <%= button(:add, _('Add a new text field'), '#', :onclick => "customFormsPlugin.addFields(this, 'fields', #{CGI::escapeHTML(html_for_field(f, :fields, CustomFormsPlugin::TextField).to_json)}); return false")%>
-  <%= button(:add, _('Add a new select field'), '#', :onclick => "customFormsPlugin.addFields(this, 'fields', #{CGI::escapeHTML(html_for_field(f, :fields, CustomFormsPlugin::SelectField).to_json)}); return false")%>
+  <%= button(:add, _('Add a new text field'), '#', :onclick => "customFormsPlugin.addFields(this, 'fields', #{html_for_field(f, :fields, CustomFormsPlugin::TextField).to_json}); return false")%>
+  <%= button(:add, _('Add a new select field'), '#', :onclick => "customFormsPlugin.addFields(this, 'fields', #{html_for_field(f, :fields, CustomFormsPlugin::SelectField).to_json}); return false")%>
 </div>
 <%= button_bar do %>
@@ -7,6 +7,6 @@
   <td>
     <%= f.hidden_field :_destroy, :class => 'destroy-field' %>
-    <%= button_to_function_without_text :remove, _('Remove alternative'), "customFormsPlugin.removeAlternative(this, #{CGI::escapeHTML(_('Are you sure you want to remove this alternative?').to_json)})", :class => 'remove-field', :title => _('Remove alternative') %>
+    <%= button_to_function_without_text :remove, _('Remove alternative'), "customFormsPlugin.removeAlternative(this, #{_('Are you sure you want to remove this alternative?').to_json})", :class => 'remove-field', :title => _('Remove alternative') %>
   </td>
 </tr>
@@ -22,7 +22,7 @@
     <tfoot>
     <tr class="addition-buttons">
       <td colspan="3">
-      <%= button(:add, _('Add a new alternative'), '#', :onclick => "customFormsPlugin.addFields(this, 'alternatives', #{CGI::escapeHTML(html_for_field(f, :alternatives, CustomFormsPlugin::Alternative).to_json)}); return false") %>
+      <%= button(:add, _('Add a new alternative'), '#', :onclick => "customFormsPlugin.addFields(this, 'alternatives', #{html_for_field(f, :alternatives, CustomFormsPlugin::Alternative).to_json}); return false") %>
       </td>
     </tr>
     </tfoot>
 <div id="custom-forms-plugin_submission">
 <h1><%= @form.name %></h1>
-<p><%= @form.description %></p>
+<p><%= (@form.description || "").html_safe %></p>
 <% if @submission.id.nil? %>
   <% if @form.expired? %>
 <% self.extend(CustomFormsPlugin::Helper) %>
 <% @form.fields.each do |field| %>
-  <%= display_custom_field(field, @submission, f.object_name) %>
+  <%= display_custom_field(field, @submission, f.object_name).html_safe %>
 <% end %>
 gem 'omniauth', '~> 1.2.2'
 gem 'omniauth-facebook', '~> 2.0.0'
+gem 'omniauth-twitter', '~> 1.0.1'
 gem "omniauth-google-oauth2", '~> 0.2.6'
 gem "omniauth-oauth2", '~> 1.3.1'
+gem "omniauth-github", '~> 1.1.2'
@@ -33,6 +33,20 @@ Facebook
 [Create Facebook application](https://developers.facebook.com/docs/facebook-login/v2.1)
+Github
+--------
+
+[Create Github application](https://github.com/settings/developers)
+
+Twitter
+--------
+
+- Specially on twitter you need to request user's email address, see more
+in https://dev.twitter.com/rest/reference/get/account/verify_credentials
+
+[Create Twitter application](https://apps.twitter.com/)
+
+
 Callback
 ========
@@ -0,0 +1,20 @@
+Feature: Create Twitter provider
+  As a environment admin
+  I want to be able to create a new twitter provider
+  So that users can login wth different strategies
+
+Background:
+    Given "OauthProvider" plugin is enabled
+    And I am logged in as admin
+    And I go to /admin/plugins
+    And I check "Oauth Client Plugin"
+    And I press "Save changes"
+
+Scenario: Create a twitter provider
+    Given I go to /admin/plugin/oauth_client/new
+    And I fill in "oauth_client_plugin_provider_name" with "myid"
+    And I fill in "oauth_client_plugin_provider[name]" with "google"
+    And I fill in "oauth_client_plugin_provider_client_secret" with "mysecret"
+    And I check "oauth_client_plugin_provider[enabled]"
+    And I select "twitter" from "oauth_client_plugin_provider_strategy"
+    Then I should see "To use this provider you need to request the user email in your app"
@@ -31,13 +31,20 @@ class OauthClientPlugin &lt; Noosfero::Plugin
   PROVIDERS = {
     :facebook => {
-      :name => 'Facebook'
+      :name => 'Facebook',
+      :info_fields => 'name,email'
     },
     :google_oauth2 => {
       :name => 'Google'
     },
     :noosfero_oauth2 => {
       :name => 'Noosfero'
+    },
+    :github => {
+      :name => 'Github'
+    },
+    :twitter => {
+      :name => 'Twitter'
     }
   }
@@ -62,8 +69,9 @@ class OauthClientPlugin &lt; Noosfero::Plugin
         provider_id = request.params['id']
         provider_id ||= request.session['omniauth.params']['id'] if request.session['omniauth.params']
         provider = environment.oauth_providers.find(provider_id)
+        strategy.options.merge! consumer_key: provider.client_id, consumer_secret: provider.client_secret
         strategy.options.merge! client_id: provider.client_id, client_secret: provider.client_secret
-        strategy.options.merge! provider.options.symbolize_keys
+        strategy.options.merge! options
         request.session[:provider_id] = provider_id
       }
@@ -98,4 +106,8 @@ class OauthClientPlugin &lt; Noosfero::Plugin
     }
   end
+  def js_files
+  ["script.js"]
+  end
+
 end
@@ -0,0 +1,21 @@
+$(document).ready(function(){
+	select_box_event();
+});
+
+var toggle_info_message = function(){
+  var selected_option = $("#oauth_client_plugin_provider_strategy option:selected");
+  if (selected_option.length){
+    if (selected_option.val() === "twitter"){
+      $(".remember-enable-email").removeClass("hidden");
+    } else {
+      $(".remember-enable-email").addClass("hidden");
+    }
+  }
+};
+
+var select_box_event = function(){
+	var select_box = $("#oauth_client_plugin_provider_strategy");
+	select_box.on("change",function(){
+		toggle_info_message();
+	});
+};
@@ -16,3 +16,7 @@
 .oauth-login .provider .developer {
   display: none;
 }
+
+.remember-enable-email.hidden {
+  display: none;
+}
@@ -15,6 +15,10 @@
     <%= labelled_form_field _('Strategy'), f.select(:strategy, OauthClientPlugin::PROVIDERS) %>
   </div>
+  <div class="remember-enable-email hidden">
+    <span class="error"><%=_('To use this provider you need to request the user email in your app')%></span>
+  </div>
+
   <div class="client-id">
     <%= labelled_form_field _('Client Id'), f.text_field(:client_id) %>
   </div>
@@ -10,9 +10,9 @@ Background:
 Scenario: add tags to person
   Given I am on joao's control panel
   And I follow "Edit Profile"
-  When I fill in "profile_data_interest_list" with "linux,debian"
+  When I fill in "profile_data_tag_list" with "linux,debian"
   And I press "Save"
   And I go to joao's control panel
   And I follow "Edit Profile"
-  Then the "profile_data_interest_list" field should contain "linux"
-  And the "profile_data_interest_list" field should contain "debian"
+  Then the "profile_data_tag_list" field should contain "linux"
+  And the "profile_data_tag_list" field should contain "debian"
 require_dependency 'person'
 class Person
-  attr_accessible :interest_list
+  attr_accessible :tag_list
-  acts_as_taggable_on :interests
+  acts_as_taggable_on :tags
   N_('Fields of interest')
 end
@@ -19,4 +19,18 @@ class PersonTagsPlugin &lt; Noosfero::Plugin
   def self.api_mount_points
     [PersonTagsPlugin::API]
   end
+
+  def self.extra_blocks
+    {
+      PersonTagsPlugin::InterestsBlock => { type: Person }
+    }
+  end
+
+  def self.has_admin_url?
+    false
+  end
+
+  def stylesheet?
+    true
+  end
 end
@@ -3,7 +3,7 @@ class PersonTagsPlugin::API &lt; Grape::API
     get ':id/tags' do
       person = environment.people.visible.find_by(id: params[:id])
       return not_found! if person.blank?
-      present person.interest_list
+      present person.tag_list
     end
   end
 end
@@ -0,0 +1,29 @@
+class PersonTagsPlugin::InterestsBlock < Block
+  def view_title
+    self.default_title 
+  end
+
+  def tags
+    owner.tag_list
+  end
+
+  def extra_option
+    {}
+  end
+
+  def self.description
+    _('Fields of Interest')
+  end
+
+  def help
+    _('Things that this person is interested in')
+  end
+
+  def default_title
+    _('Fields of Interest')
+  end
+
+  def self.expire_on
+    { profile: [:profile] }
+  end
+end
@@ -0,0 +1,13 @@
+.person-tags-block ul {
+  padding: 0;
+  margin: 0;
+}
+
+.person-tags-block li {
+  float: left;
+  list-style: none;
+  padding: 5px;
+  color: #fff;
+  background: #000;
+  margin: 5px;
+}
@@ -10,7 +10,7 @@ class APITest &lt;  ActiveSupport::TestCase
   should 'return tags for a person' do
     person = create_user('person').person
-    person.interest_list.add('linux')
+    person.tag_list.add('linux')
     person.save!
     person.reload
     get "/api/v1/people/#{person.id}/tags?#{params.to_query}"
@@ -7,10 +7,10 @@ class PersonTagsPluginTest &lt; ActiveSupport::TestCase
     @environment.enable_plugin(PersonTagsPlugin)
   end
-  should 'have interests' do
+  should 'have tags' do
     person = create_user('person').person
-    assert_equal [], person.interests
-    person.interest_list.add('linux')
-    assert_equal ['linux'], person.interest_list
+    assert_equal [], person.tags
+    person.tag_list.add('linux')
+    assert_equal ['linux'], person.tag_list
   end
 end
@@ -0,0 +1,14 @@
+<%= block_title(block.view_title, block.subtitle) %>
+
+<div class="person-tags-block">
+  <% unless block.tags.size == 0 %>
+    <ul>
+      <% block.tags.each do |tag| %>
+        <li><%= tag %></li>
+      <% end %>
+    </ul>
+  <% else %>
+    <div class="person-tags-block-none"><%= c_('None') %></div>
+  <% end %>
+  <br style="clear:both" />
+</div>
@@ -0,0 +1 @@
+box_organizer
 \ No newline at end of file
 <h2><%= _('Select your fields of interest') %></h2>
-<%= text_field_tag('profile_data[interest_list]', context.profile.interest_list.join(','), size: 64) %>
+<%= text_field_tag('profile_data[tag_list]', context.profile.tag_list.join(','), size: 64) %>
 <br />
 <%= content_tag( 'small', _('Separate tags with commas') ) %>
 <script>
-  jQuery('#profile_data_interest_list').inputosaurus();
+  jQuery('#profile_data_tag_list').inputosaurus();
 </script>
@@ -0,0 +1 @@
+box_organizer
 \ No newline at end of file
@@ -10,7 +10,7 @@ li.dropdown
   ul class='dropdown-menu' role='menu'
     li
-      = link_to user.public_profile_url, id: "homepage-link", title: _('Go to your homepage')
+      = link_to user.url, id: 'homepage-link', title: _('Go to your homepage')
         span class='icon-person' = _('Profile')
     li.divider
@@ -50,13 +50,13 @@ class WorkAssignmentPlugin::EmailContact
       mail(options)
     end
-    def build_mail_message(email_contact, uploaded_files)
+    def self.build_mail_message(email_contact, uploaded_files)
       message = ""
       if uploaded_files && uploaded_files.first && uploaded_files.first.parent && uploaded_files.first.parent.parent
         article = uploaded_files.first.parent.parent
         message = article.default_email + "<br>"
         uploaded_files.each do |file|
-          url = url_for(file.url)
+          url = Rails.application.routes.url_helpers.url_for(file.url)
           message += "<br><a href='#{url}'>#{url}</a>"
         end
       end
@@ -16,7 +16,7 @@ module WorkAssignmentPlugin::Helper
   end
   def display_author_folder(author_folder, user)
-    return if author_folder.children.empty?
+    return if author_folder.children(true).empty?
     content_tag('tr',
       content_tag('td', link_to_last_submission(author_folder, user)) +
       content_tag('td', time_format(author_folder.children.last.created_at)) +
@@ -35,6 +35,14 @@ class ContentViewerControllerTest &lt; ActionController::TestCase
     assert_response :success
   end
+  should 'display users submissions' do
+    folder = work_assignment.find_or_create_author_folder(@person)
+    submission = UploadedFile.create!(:uploaded_data => fixture_file_upload('/files/rails.png', 'image/png'), :profile => organization, :parent => folder)
+    get :view_page, :profile => @organization.identifier, :page => work_assignment.path
+    assert_response :success
+    assert_match /rails.png/, @response.body
+  end
+
   should "display 'Upload files' when create children of image gallery" do
     login_as(profile.identifier)
     f = Gallery.create!(:name => 'gallery', :profile => profile)
@@ -13,8 +13,8 @@ msgid &quot;&quot;
 msgstr ""
 "Project-Id-Version: 1.3~rc2-8-g01ea9f7\n"
 "POT-Creation-Date: 2015-11-04 12:36-0300\n"
-"PO-Revision-Date: 2016-03-14 15:58+0000\n"
-"Last-Translator: Eduardo Vital <vitaldu@gmail.com>\n"
+"PO-Revision-Date: 2016-06-20 20:14+0000\n"
+"Last-Translator: Gabriel Silva <gabriel93.silva@gmail.com>\n"
 "Language-Team: Portuguese "
 "<https://hosted.weblate.org/projects/noosfero/noosfero/pt/>\n"
 "Language: pt\n"
@@ -22,7 +22,7 @@ msgstr &quot;&quot;
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
 "Plural-Forms: nplurals=2; plural=n != 1;\n"
-"X-Generator: Weblate 2.5\n"
+"X-Generator: Weblate 2.7-dev\n"
 #: app/models/approve_comment.rb:17
 msgid "Anonymous"
@@ -4141,7 +4141,7 @@ msgstr &quot;%s não pôde ser desabilitado&quot;
 #: app/controllers/admin/organizations_controller.rb:52
 msgid "%s removed"
-msgstr "% foi removido"
+msgstr "%s foi removido"
 #: app/controllers/admin/organizations_controller.rb:54
 msgid "%s could not be removed"
@@ -43,10 +43,12 @@ class NoosferoTest &lt; ActiveSupport::TestCase
   end
   should 'change locale temporarily' do
-    Noosfero.with_locale('pt') do
-      assert_equal 'pt', FastGettext.locale
+    current_locale = FastGettext.locale
+    another_locale = current_locale == 'pt' ? 'en' : 'pt'
+    Noosfero.with_locale(another_locale) do
+      assert_equal another_locale, FastGettext.locale
     end
-    assert_equal 'en', FastGettext.locale
+    assert_equal current_locale, FastGettext.locale
   end
   should "use default hostname of default environment as hostname of Noosfero instance" do
	@@ -331,12 +331,12 @@ module Api		@@ -331,12 +331,12 @@ module Api
331	end	331	end
332		332
333	def cant_be_saved_request!(attribute)	333	def cant_be_saved_request!(attribute)
334	- message = _("(Invalid request) %s can't be saved") % attribute	334	+ message = _("(Invalid request) %s can't be saved").html_safe % attribute
335	render_api_error!(message, 400)	335	render_api_error!(message, 400)
336	end	336	end
337		337
338	def bad_request!(attribute)	338	def bad_request!(attribute)
339	- message = _("(Invalid request) %s not given") % attribute	339	+ message = _("(Invalid request) %s not given").html_safe % attribute
340	render_api_error!(message, 400)	340	render_api_error!(message, 400)
341	end	341	end
342		342
	@@ -44,7 +44,7 @@ class CategoriesController < AdminController		@@ -44,7 +44,7 @@ class CategoriesController < AdminController
44	if request.post?	44	if request.post?
45	@category.update!(params[:category])	45	@category.update!(params[:category])
46	@saved = true	46	@saved = true
47	- session[:notice] = _("Category %s saved." % @category.name)	47	+ session[:notice] = _("Category %s saved." % @category.name).html_safe
48	redirect_to :action => 'index'	48	redirect_to :action => 'index'
49	end	49	end
50	rescue Exception => e	50	rescue Exception => e
	@@ -109,7 +109,7 @@ class BoxOrganizerController < ApplicationController		@@ -109,7 +109,7 @@ class BoxOrganizerController < ApplicationController
109	def show_block_type_info	109	def show_block_type_info
110	type = params[:type]	110	type = params[:type]
111	if type.blank? \|\| !available_blocks.map(&:name).include?(type)	111	if type.blank? \|\| !available_blocks.map(&:name).include?(type)
112	- raise ArgumentError.new("Type %s is not allowed. Go away." % type)	112	+ raise ArgumentError.new("Type %s is not allowed. Go away.".html_safe % type)
113	end	113	end
114	@block = type.constantize.new	114	@block = type.constantize.new
115	@block.box = Box.new(:owner => boxes_holder)	115	@block.box = Box.new(:owner => boxes_holder)
	@@ -122,7 +122,7 @@ class BoxOrganizerController < ApplicationController		@@ -122,7 +122,7 @@ class BoxOrganizerController < ApplicationController
122		122
123	def new_block(type, box)	123	def new_block(type, box)
124	if !available_blocks.map(&:name).include?(type)	124	if !available_blocks.map(&:name).include?(type)
125	- raise ArgumentError.new("Type %s is not allowed. Go away." % type)	125	+ raise ArgumentError.new("Type %s is not allowed. Go away.".html_safe % type)
126	end	126	end
127	block = type.constantize.new	127	block = type.constantize.new
128	box.blocks << block	128	box.blocks << block
	@@ -213,7 +213,7 @@ class AccountController < ApplicationController		@@ -213,7 +213,7 @@ class AccountController < ApplicationController
213	if params[:value].blank?	213	if params[:value].blank?
214	@change_password.errors[:base] << _('Can not recover user password with blank value.')	214	@change_password.errors[:base] << _('Can not recover user password with blank value.')
215	else	215	else
216	- @change_password.errors[:base] << _('Could not find any user with %s equal to "%s".') % [fields_label, params[:value]]	216	+ @change_password.errors[:base] << _('Could not find any user with %s equal to "%s".').html_safe % [fields_label, params[:value]]
217	end	217	end
218	rescue ActiveRecord::RecordInvalid	218	rescue ActiveRecord::RecordInvalid
219	@change_password.errors[:base] << _('Could not perform password recovery for the user.')	219	@change_password.errors[:base] << _('Could not perform password recovery for the user.')
	@@ -882,7 +882,7 @@ module ApplicationHelper		@@ -882,7 +882,7 @@ module ApplicationHelper
882	link_to_all = link_to(content_tag('strong', _('See all')), :controller => 'memberships', :profile => user.identifier)	882	link_to_all = link_to(content_tag('strong', _('See all')), :controller => 'memberships', :profile => user.identifier)
883	end	883	end
884	link = list.map do \|element\|	884	link = list.map do \|element\|
885	- link_to(content_tag('strong', _('<span>Manage</span> %s') % element.short_name(25)), element.admin_url, :class => "icon-menu-"+element.class.identification.underscore, :title => _('Manage %s') % element.short_name)	885	+ link_to(content_tag('strong', _('<span>Manage</span> %s').html_safe % element.short_name(25)), element.admin_url, :class => "icon-menu-"+element.class.identification.underscore, :title => _('Manage %s').html_safe % element.short_name)
886	end	886	end
887	if link_to_all	887	if link_to_all
888	link << link_to_all	888	link << link_to_all
	@@ -923,7 +923,7 @@ module ApplicationHelper		@@ -923,7 +923,7 @@ module ApplicationHelper
923	logout_link = link_to(logout_icon.html_safe, { :controller => 'account', :action => 'logout'} , :id => "logout", :title => _("Leave the system"))	923	logout_link = link_to(logout_icon.html_safe, { :controller => 'account', :action => 'logout'} , :id => "logout", :title => _("Leave the system"))
924	join_result = safe_join(	924	join_result = safe_join(
925	[welcome_span.html_safe, render_environment_features(:usermenu).html_safe, admin_link.html_safe,	925	[welcome_span.html_safe, render_environment_features(:usermenu).html_safe, admin_link.html_safe,
926	- manage_enterprises.html_safe, manage_communities.html_safe, ctrl_panel_link.html_safe,	926	+ manage_enterprises, manage_communities, ctrl_panel_link.html_safe,
927	pending_tasks_count.html_safe, logout_link.html_safe], "")	927	pending_tasks_count.html_safe, logout_link.html_safe], "")
928	join_result	928	join_result
929	end	929	end
	@@ -30,7 +30,7 @@ class EnvironmentMailing < Mailing		@@ -30,7 +30,7 @@ class EnvironmentMailing < Mailing
30	end	30	end
31		31
32	def signature_message	32	def signature_message
33	- _('Sent by %s.') % source.name	33	+ _('Sent by %s.').html_safe % source.name
34	end	34	end
35		35
36	def url	36	def url
	@@ -23,11 +23,11 @@ class Mailing < ApplicationRecord		@@ -23,11 +23,11 @@ class Mailing < ApplicationRecord
23	end	23	end
24		24
25	def generate_from	25	def generate_from
26	- "#{source.name} <#{if source.is_a? Environment then source.noreply_email else source.contact_email end}>"	26	+ "#{source.name} <#{if source.is_a? Environment then source.noreply_email else source.contact_email end}>".html_safe
27	end	27	end
28		28
29	def generate_subject	29	def generate_subject
30	- '[%s] %s' % [source.name, subject]	30	+ '[%s] %s'.html_safe % [source.name, subject]
31	end	31	end
32		32
33	def signature_message	33	def signature_message
	@@ -30,7 +30,7 @@ class OrganizationMailing < Mailing		@@ -30,7 +30,7 @@ class OrganizationMailing < Mailing
30	end	30	end
31		31
32	def signature_message	32	def signature_message
33	- _('Sent by community %s.') % source.name	33	+ _('Sent by community %s.').html_safe % source.name
34	end	34	end
35		35
36	include Rails.application.routes.url_helpers	36	include Rails.application.routes.url_helpers
	@@ -14,7 +14,7 @@ class TaskMailer < ApplicationMailer		@@ -14,7 +14,7 @@ class TaskMailer < ApplicationMailer
14	mail(	14	mail(
15	to: task.target.notification_emails.compact,	15	to: task.target.notification_emails.compact,
16	from: self.class.generate_from(task),	16	from: self.class.generate_from(task),
17	- subject: "[%s] %s" % [task.environment.name, task.target_notification_description]	17	+ subject: "[%s] %s".html_safe % [task.environment.name, task.target_notification_description]
18	)	18	)
19	end	19	end
20		20
	@@ -27,7 +27,7 @@ class TaskMailer < ApplicationMailer		@@ -27,7 +27,7 @@ class TaskMailer < ApplicationMailer
27	mail(	27	mail(
28	to: task.friend_email,	28	to: task.friend_email,
29	from: self.class.generate_from(task),	29	from: self.class.generate_from(task),
30	- subject: '[%s] %s' % [ task.requestor.environment.name, task.target_notification_description ]	30	+ subject: '[%s] %s'.html_safe % [ task.requestor.environment.name, task.target_notification_description ]
31	)	31	)
32	end	32	end
33		33
	@@ -43,7 +43,7 @@ class TaskMailer < ApplicationMailer		@@ -43,7 +43,7 @@ class TaskMailer < ApplicationMailer
43	mail_with_template(	43	mail_with_template(
44	to: task.requestor.notification_emails,	44	to: task.requestor.notification_emails,
45	from: self.class.generate_from(task),	45	from: self.class.generate_from(task),
46	- subject: '[%s] %s' % [task.requestor.environment.name, task.target_notification_description],	46	+ subject: '[%s] %s'.html_safe % [task.requestor.environment.name, task.target_notification_description],
47	email_template: task.email_template,	47	email_template: task.email_template,
48	template_params: {:environment => task.requestor.environment, :task => task, :message => @message, :url => @url, :requestor => task.requestor}	48	template_params: {:environment => task.requestor.environment, :task => task, :message => @message, :url => @url, :requestor => task.requestor}
49	)	49	)
	@@ -25,7 +25,7 @@ class AbuseComplaint < Task		@@ -25,7 +25,7 @@ class AbuseComplaint < Task
25	end	25	end
26		26
27	def title	27	def title
28	- abuse_reports.count > 1 ? (_('Abuse complaint (%s)') % abuse_reports.count) :_('Abuse complaint')	28	+ abuse_reports.count > 1 ? (_('Abuse complaint (%s)').html_safe % abuse_reports.count) :_('Abuse complaint')
29	end	29	end
30		30
31	def linked_subject	31	def linked_subject
	@@ -53,15 +53,15 @@ class AbuseComplaint < Task		@@ -53,15 +53,15 @@ class AbuseComplaint < Task
53	end	53	end
54		54
55	def task_activated_message	55	def task_activated_message
56	- _('Your profile was reported by the users of %s due to inappropriate behavior. The administrators of the environment are now reviewing the report. To solve this misunderstanding, please contact the administrators.') % environment.name	56	+ _('Your profile was reported by the users of %s due to inappropriate behavior. The administrators of the environment are now reviewing the report. To solve this misunderstanding, please contact the administrators.').html_safe % environment.name
57	end	57	end
58		58
59	def task_finished_message	59	def task_finished_message
60	- _('Your profile was disabled by the administrators of %s due to inappropriate behavior. To solve this misunderstanding please contact them.') % environment.name	60	+ _('Your profile was disabled by the administrators of %s due to inappropriate behavior. To solve this misunderstanding please contact them.').html_safe % environment.name
61	end	61	end
62		62
63	def target_notification_description	63	def target_notification_description
64	- _('%s was reported due to inappropriate behavior.') % reported.name	64	+ _('%s was reported due to inappropriate behavior.').html_safe % reported.name
65	end	65	end
66		66
67	def target_notification_message	67	def target_notification_message