Merge remote-tracking branch 'origin/staging' into login-captcha

Conflicts: lib/noosfero/api/v1/articles.rb

Merge remote-tracking branch 'origin/staging' into login-captcha
Conflicts: lib/noosfero/api/v1/articles.rb
Carlos Purificação
2 parents 4f7106d9 d8741207
Showing 1851 changed files with 325492 additions and 98930 deletions Show diff stats
.gitlab-ci.yml
.gitmodules
.travis.yml
AUTHORS.md
Gemfile
Gemfile.lock
app/controllers/application_controller.rb
app/controllers/my_profile/cms_controller.rb
app/controllers/my_profile/profile_editor_controller.rb
app/controllers/public/account_controller.rb
app/controllers/public/content_viewer_controller.rb
app/controllers/public/profile_controller.rb
app/controllers/public/search_controller.rb
app/controllers/themes_controller.rb
app/helpers/action_tracker_helper.rb
app/helpers/application_helper.rb
app/helpers/article_helper.rb
app/helpers/blog_helper.rb
app/helpers/box_organizer_helper.rb
app/helpers/boxes_helper.rb
 before_script:
-  - mkdir -p tmp/pids log
+  - mkdir -p tmp/{pids,cache} log
   - bundle check || bundle install
 # workaround for plugins with Gemfile
   - perl -pi -e 's/--local //' script/noosfero-plugins
 [submodule "plugins/pairwise"]
 	path = plugins/pairwise
-	url = https://gitlab.com/noosfero-plugins/pairwise.git
+	url = https://softwarepublico.gov.br/gitlab/noosfero-plugins/pairwise.git
 [submodule "plugins/proposals_discussion"]
 	path = plugins/proposals_discussion
-	url = https://gitlab.com/noosfero-plugins/proposals_discussion.git
+	url = https://softwarepublico.gov.br/gitlab/noosfero-plugins/proposals_discussion.git
 [submodule "plugins/gamification"]
 	path = plugins/gamification
-	url = https://gitlab.com/noosfero-plugins/gamification.git
-[submodule "plugins/comment_paragraph"]
-	path = plugins/comment_paragraph
-	url = https://gitlab.com/noosfero-plugins/comment-paragraph.git
+	url = https://softwarepublico.gov.br/gitlab/noosfero-plugins/gamification.git
 [submodule "plugins/notification"]
 	path = plugins/notification
-	url = https://gitlab.com/noosfero-plugins/notification.git
+	url = https://softwarepublico.gov.br/gitlab/noosfero-plugins/notification.git
 [submodule "plugins/email_article"]
 	path = plugins/email_article
-	url = https://gitlab.com/noosfero-plugins/email_article.git
+	url = https://softwarepublico.gov.br/gitlab/noosfero-plugins/email_article.git
 [submodule "public/proposal-app"]
 	path = public/proposal-app
 	url = https://gitlab.com/participa/proposal-app.git
 [submodule "plugins/gravatar_provider"]
 	path = plugins/gravatar_provider
-	url = https://gitlab.com/noosfero-plugins/gravatar-provider.git
+	url = https://softwarepublico.gov.br/gitlab/noosfero-plugins/gravatar-provider.git
 [submodule "plugins/juventude"]
 	path = plugins/juventude
-	url = https://gitlab.com/noosfero-plugins/juventude.git
+	url = https://softwarepublico.gov.br/gitlab/noosfero-plugins/juventude.git
 [submodule "plugins/dialoga"]
 	path = plugins/dialoga
-	url = https://gitlab.com/participa/dialoga-plugin.git
+	url = https://softwarepublico.gov.br/gitlab/noosfero-plugins/dialoga-plugin.git
 [submodule "rest-clients/confjuvapp"]
 	path = rest-clients/confjuvapp
-	url = https://gitlab.com/participa/confjuvapp.git
+	url = https://softwarepublico.gov.br/gitlab/noosfero-apps/confjuvapp.git
 [submodule "rest-clients/proposal-app"]
 	path = rest-clients/proposal-app
-	url = https://gitlab.com/participa/proposal-app.git
+	url = https://softwarepublico.gov.br/gitlab/noosfero-apps/proposal-app.git
+[submodule "plugins/serpro_captcha"]
+	path = plugins/serpro_captcha
+	url = https://softwarepublico.gov.br/gitlab/noosfero-plugins/serpro_captcha.git
+notifications:
+  irc:
+    channels:
+      - "chat.freenode.net#noosfero"
+      - "chat.freenode.net#noosfero-br"
+    template:
+      - "%{repository_slug} %{branch} %{commit} %{commit_subject} - %{result} %{build_url}"
+
 language: ruby
 rvm:
 # for 2.2 support we need to upgrade the pg gem
@@ -28,10 +36,7 @@ before_install:
 cache: bundler
  
 before_script:
-  - mkdir -p tmp/pids log
-# workaround for plugins with Gemfile
-  - perl -pi -e 's/cat .+ > \$gemfile/echo "source \\"https:\/\/rubygems.org\\"" > \$gemfile && cat \$source\/Gemfile >> \$gemfile/' script/noosfero-plugins
-  - perl -pi -e 's/--local --quiet/install --jobs=3 --retry=3/' script/noosfero-plugins
+  - mkdir -p tmp/{pids,cache} log
   - script/noosfero-plugins disableall
   - bundle exec rake makemo &>/dev/null
 # database
@@ -46,7 +51,7 @@ env:
   - TASK=test:integration
   - TASK=cucumber
   - TASK=selenium
-  - TASK=test:noosfero_plugins
+  - TASK=test:noosfero_plugins BUNDLE_OPTS=install
  
 script:
   - bundle exec rake $TASK
@@ -11,6 +11,7 @@ Developers
 Ábner Silva de Oliveira <abner.oliveira@serpro.gov.br>
 Alan Freihof Tygel <alantygel@gmail.com>
 Alessandro Palmeira <alessandro.palmeira@gmail.com>
+Alexandre Torres <alexandrekry@gmail.com>
 Alex Campelo <campelo.al1@gmail.com>
 Álvaro Fernando <alvarofernandoms@gmail.com>
 Ana Losnak <analosnak@gmail.com>
@@ -63,6 +64,7 @@ Isaac Canan &lt;isaac@intelletto.com.br&gt;
 Italo Valcy <italo@dcc.ufba.br>
 Jefferson Fernandes <jeffs.fernandes@gmail.com>
 Jérôme Jutteau <j.jutteau@gmail.com>
+Jéssica Cristina <jessica.cris1127@gmail.com>
 João Machini
 João M. M. da Silva <jaodsilv@linux.ime.usp.br>
 Joenio Costa <joenio@colivre.coop.br>
@@ -82,23 +84,27 @@ Luciano Prestes Cavalcanti &lt;lucianopcbr@gmail.com&gt;
 Luis David Aguilar Carlos <ludwig9003@gmail.com>
 Luiz Fernando de Freitas Matos <luiz@luizff.matos@gmail.com>
 Luiz Matos <luizff.matos@gmail.com>
+Marcelo Júnior <maljunior@gmail.com>
 Marcos Ramos <ms.ramos@outlook.com>
 Marcos Ronaldo <marcos.rpj2@gmail.com>
 Mariel Zasso <noosfero-br@listas.softwarelivre.org>
 Martín Olivera <molivera@solar.org.ar>
 Matheus Faria <matheus.sousa.faria@gmail.com>
 Maurilio Atila <cabelotaina@gmail.com>
+Melissa Wen <melissa@colivre.coop.br>
 M for Momo <mo@rtnp.org>
 Michal Čihař <michal@cihar.com>
-Michel Felipe <mfelipeof@gmail.com>
+Michel Felipe de Oliveira Ferreira <michel.ferreira@serpro.gov.br>
 Moises Machado <moises@colivre.coop.br>
 Naíla Alves <naila@colivre.coop.br>
 Nanda Lopes <nanda.listas+psl@gmail.com>
 Niemand Jedermann <predatorix@web.de>
+Omar Junior <omarroinuj@gmail.com>
 Parley Martins <parleypachecomartins@gmail.com>
 Paulo Meirelles <paulo@softwarelivre.org>
 Pedro de Lyra <pedrodelyra@gmail.com>
 Pedro Leal
+Phillip Rohmberger <rohmberger@hotmail.de>
 Rafael de Souza Queiroz <querafael@live.com>
 Rafael Gomes <rafaelgomes@techfree.com.br>
 Rafael Martins <rmmartins@gmail.com>
@@ -110,8 +116,10 @@ Renan Costa &lt;renan2727@hotmail.com&gt;
 Renan Teruo <renanteruoc@gmail.com>
 Rodrigo Medeiros <rodrigo.mss01@gmail.com>
 Rodrigo Souto <rodrigo@colivre.coop.br>
+Ronnie Simon <ronniesimonf@gmail.com>
 Ronny Kursawe <kursawe.ronny@googlemail.com>
 Samuel R. C. Vale <srcvale@holoscopio.com>
+Simião Carvalho <simiaosimis@gmail.com>
 Tallys Martins <tallysmartins@yahoo.com.br>
 Thiago Casotti <thiago.casotti@uol.com.br>
 Thiago Kairala <thiagor.kairala@gmail.com>
@@ -122,7 +130,9 @@ TWS &lt;tablettws@gmail.com&gt;
 Valessio Brito <contato@valessiobrito.com.br>
 Victor Costa <vfcosta@gmail.com>
 Victor Hugo Alves de Carvalho <victorhugodf.ac@gmail.com>
+Victor Navarro <victor.matias.navarro@gmail.com>
 Vinicius Cubas Brand <viniciuscb@gmail.com>
+Vitor Barbosa <vitornga15@gmail.com>
 Wilton Rodrigues <braynwilton@gmail.com>
 Yann Lugrin <yann.lugrin@liquid-concept.ch>
  
@@ -10,8 +10,10 @@ gem &#39;RedCloth&#39;,                 &#39;~&gt; 4.2.9&#39;
 gem 'will_paginate',            '~> 3.0.3'
 gem 'ruby-feedparser',          '~> 0.7'
 gem 'daemons',                  '~> 1.1.5'
-gem 'thin',                     '~> 1.3.1'
+#gem 'thin',                     '~> 1.3.1'
 gem 'nokogiri',                 '~> 1.6.0'
+gem 'unicorn',                  '~> 4.8'
+#gem 'nokogiri',                 '~> 1.5.5'
 gem 'rake', :require => false
 gem 'rest-client',              '~> 1.6.7'
 gem 'exception_notification',   '~> 4.0.1'
@@ -30,6 +32,7 @@ gem &#39;kramdown&#39;
 #FIXME Get the Grape Loggin from master yo solve this issue https://github.com/intridea/grape/issues/1059
 #We have to remove this commit referenve code when update the next release of grape_logging. Actualy we are using (1.1.2)
 gem 'grape_logging', :git => 'https://github.com/aceunreal/grape_logging.git', :ref => 'f1755ae'
+#gem 'grape_logging'
 gem 'rack-cors'
 gem 'rack-contrib'
 gem 'liquid',                    '~> 3.0.3'
@@ -47,6 +50,7 @@ gem &#39;api-pagination&#39;,           &#39;~&gt; 4.1.1&#39;
 # asset pipeline
 gem 'uglifier', '>= 1.0.3'
 gem 'sass-rails'
+gem 'sass', '~> 3.1.19'
  
 group :production do
   gem 'dalli', '~> 2.7.0'
@@ -63,7 +67,7 @@ group :cucumber do
   gem 'capybara',               '~> 2.1.0'
   gem 'cucumber',               '~> 1.0.6'
   gem 'database_cleaner',       '~> 1.2.0'
-  gem 'selenium-webdriver',     '~> 2.39.0'
+  gem 'selenium-webdriver',     '~> 2.47.0'
 end
  
 # Requires custom dependencies
@@ -73,16 +73,15 @@ GEM
     descendants_tracker (0.0.4)
       thread_safe (~> 0.3, >= 0.3.1)
     diff-lcs (1.2.5)
-    eita-jrails (0.9.5)
-      actionpack (~> 3.2, >= 3.1.0)
-      activesupport (~> 3.2, >= 3.0.0)
+    eita-jrails (0.9.8)
+      actionpack (>= 3.1.0)
+      activesupport (>= 3.0.0)
     equalizer (0.0.11)
     erubis (2.7.0)
-    eventmachine (1.0.7)
     exception_notification (4.0.1)
       actionmailer (>= 3.0.4)
       activesupport (>= 3.0.4)
-    execjs (2.5.2)
+    execjs (2.6.0)
     fast_gettext (0.6.12)
     ffi (1.9.10)
     gettext (2.2.1)
@@ -90,7 +89,7 @@ GEM
     gherkin (2.4.21)
       json (>= 1.4.6)
     git-version-bump (0.15.1)
-    grape (0.12.0)
+    grape (0.13.0)
       activesupport
       builder
       hashie (>= 2.1.0)
@@ -100,19 +99,20 @@ GEM
       rack-accept
       rack-mount
       virtus (>= 1.0.0)
-    grape-entity (0.4.5)
+    grape-entity (0.4.8)
       activesupport
       multi_json (>= 1.3.2)
     grape-swagger (0.10.2)
       grape (>= 0.8.0)
       grape-entity
-    hashie (2.1.2)
+    hashie (3.4.2)
     hike (1.2.3)
     i18n (0.7.0)
     ice_nine (0.11.1)
     journey (1.0.4)
     json (1.8.3)
-    kramdown (1.8.0)
+    kgio (2.10.0)
+    kramdown (1.9.0)
     libv8 (3.16.14.11)
     liquid (3.0.6)
     locale (2.0.9)
@@ -136,9 +136,9 @@ GEM
     rack (1.4.7)
     rack-accept (0.4.5)
       rack (>= 0.4)
-    rack-cache (1.2)
+    rack-cache (1.5.0)
       rack (>= 0.4)
-    rack-contrib (1.3.0)
+    rack-contrib (1.4.0)
       git-version-bump (~> 0.15)
       rack (~> 1.4)
     rack-cors (0.4.0)
@@ -165,6 +165,7 @@ GEM
       rake (>= 0.8.7)
       rdoc (~> 3.4)
       thor (>= 0.14.6, < 2.0)
+    raindrops (0.15.0)
     rake (10.4.2)
     rdoc (3.12.2)
       json (~> 1.4)
@@ -191,16 +192,16 @@ GEM
     ruby-feedparser (0.9.3)
       magic
     rubyzip (1.1.7)
-    sass (3.4.15)
+    sass (3.1.21)
     sass-rails (3.2.6)
       railties (~> 3.2.0)
       sass (>= 3.1.10)
       tilt (~> 1.3)
-    selenium-webdriver (2.39.0)
-      childprocess (>= 0.2.5)
+    selenium-webdriver (2.47.1)
+      childprocess (~> 0.5)
       multi_json (~> 1.0)
       rubyzip (~> 1.0)
-      websocket (~> 1.0.4)
+      websocket (~> 1.0)
     sprockets (2.2.3)
       hike (~> 1.2)
       multi_json (~> 1.0)
@@ -212,27 +213,27 @@ GEM
     therubyracer (0.12.2)
       libv8 (~> 3.16.14.0)
       ref
-    thin (1.3.1)
-      daemons (>= 1.0.9)
-      eventmachine (>= 0.12.6)
-      rack (>= 1.0.0)
     thor (0.19.1)
     thread_safe (0.3.5)
     tilt (1.4.1)
-    tins (1.5.4)
+    tins (1.6.0)
     treetop (1.4.15)
       polyglot
       polyglot (>= 0.3.1)
-    tzinfo (0.3.44)
-    uglifier (2.7.1)
+    tzinfo (0.3.45)
+    uglifier (2.7.2)
       execjs (>= 0.3.0)
       json (>= 1.8.0)
+    unicorn (4.9.0)
+      kgio (~> 2.6)
+      rack
+      raindrops (~> 0.7)
     virtus (1.0.5)
       axiom-types (~> 0.1)
       coercible (~> 1.0)
       descendants_tracker (~> 0.0, >= 0.0.3)
       equalizer (~> 0.0, >= 0.0.9)
-    websocket (1.0.7)
+    websocket (1.2.2)
     whenever (0.9.4)
       chronic (>= 0.6.3)
     will_paginate (3.0.7)
@@ -279,11 +280,12 @@ DEPENDENCIES
   rspec-rails (~> 2.14.1)
   ruby-feedparser (~> 0.7)
   rubyzip
+  sass (~> 3.1.19)
   sass-rails
-  selenium-webdriver (~> 2.39.0)
+  selenium-webdriver (~> 2.47.0)
   swagger-ui_rails
   therubyracer
-  thin (~> 1.3.1)
   uglifier (>= 1.0.3)
+  unicorn (~> 4.8)
   whenever
   will_paginate (~> 3.0.3)
@@ -9,7 +9,7 @@ class ApplicationController &lt; ActionController::Base
   before_filter :allow_cross_domain_access
  
   before_filter :login_from_cookie
-  before_filter :login_required, :if => :private_environment?
+  before_filter :require_login_for_environment, :if => :private_environment?
  
   before_filter :verify_members_whitelist, :if => [:private_environment?, :user]
   before_filter :log_user
@@ -19,6 +19,10 @@ class ApplicationController &lt; ActionController::Base
   end
   before_filter :redirect_to_current_user
  
+  def require_login_for_environment
+    login_required
+  end
+
   def verify_members_whitelist
     render_access_denied unless user.is_admin? || environment.in_whitelist?(user)
   end
@@ -27,7 +27,7 @@ class CmsController &lt; MyProfileController
  
   helper_method :file_types
  
-  protect_if :except => [:suggest_an_article, :set_home_page, :edit, :destroy, :publish, :upload_files, :new] do |c, user, profile|
+  protect_if :except => [:suggest_an_article, :set_home_page, :edit, :destroy, :publish, :publish_on_portal_community, :publish_on_communities, :search_communities_to_publish, :upload_files, :new] do |c, user, profile|
     user && (user.has_permission?('post_content', profile) || user.has_permission?('publish_content', profile))
   end
  
@@ -93,7 +93,6 @@ class CmsController &lt; MyProfileController
     refuse_blocks
     record_coming
     if request.post?
-      @article.image = nil if params[:remove_image] == 'true'
       if @article.image.present? && params[:article][:image_builder] &&
         params[:article][:image_builder][:label]
         @article.image.label = params[:article][:image_builder][:label]
@@ -289,7 +288,7 @@ class CmsController &lt; MyProfileController
          task.cancel
       end
       if @failed.blank?
-        session[:notice] = _("Your publish request was sent successfully")
+        session[:notice] = _("You published this content successfully")
         if @back_to
           redirect_to @back_to
         else
@@ -6,10 +6,13 @@ class ProfileEditorController &lt; MyProfileController
   before_filter :access_welcome_page, :only => [:welcome_page]
   before_filter :back_to
   before_filter :forbid_destroy_profile, :only => [:destroy_profile]
+  before_filter :check_user_can_edit_header_footer, :only => [:header_footer]
   helper_method :has_welcome_page
  
   def index
     @pending_tasks = Task.to(profile).pending.without_spam.select{|i| user.has_permission?(i.permission, profile)}
+    @show_appearance_option = user.is_admin?(environment) || environment.enabled?('enable_appearance')
+    @show_header_footer_option = user.is_admin?(environment) || (!profile.enterprise? && !environment.enabled?('disable_header_and_footer'))
   end
  
   helper :profile
@@ -136,6 +139,13 @@ class ProfileEditorController &lt; MyProfileController
     redirect_to_previous_location
   end
  
+  def reset_private_token
+    profile = environment.profiles.find(params[:id])
+    profile.user.generate_private_token!
+
+    redirect_to_previous_location
+  end
+
   protected
  
   def redirect_to_previous_location
@@ -165,4 +175,9 @@ class ProfileEditorController &lt; MyProfileController
       redirect_to_previous_location
     end
   end
+
+  def check_user_can_edit_header_footer
+    user_can_not_edit_header_footer = !user.is_admin?(environment) && environment.enabled?('disable_header_and_footer')
+    redirect_to back_to if user_can_not_edit_header_footer
+  end
 end
@@ -2,7 +2,7 @@ class AccountController &lt; ApplicationController
  
   no_design_blocks
  
-  before_filter :login_required, :only => [:activation_question, :accept_terms, :activate_enterprise, :change_password]
+  before_filter :login_required, :require_login_for_environment, :only => [:activation_question, :accept_terms, :activate_enterprise, :change_password]
   before_filter :redirect_if_logged_in, :only => [:login, :signup]
   before_filter :protect_from_bots, :only => :signup
  
@@ -104,10 +104,8 @@ class AccountController &lt; ApplicationController
     @block_bot = !!session[:may_be_a_bot]
     @invitation_code = params[:invitation_code]
     begin
-      @user = User.new(params[:user])
+      @user = User.build(params[:user], params[:profile_data], environment)
       @user.session = session
-      @user.terms_of_use = environment.terms_of_use
-      @user.environment = environment
       @terms_of_use = environment.terms_of_use
       @user.person_data = params[:profile_data]
       @user.return_to = session[:return_to]
@@ -12,6 +12,7 @@ class ContentViewerController &lt; ApplicationController
   before_filter :sanitize_params
  
   def view_page
+
     path = get_path(params[:page], params[:format])
  
     @version = params[:version].to_i
@@ -42,7 +43,10 @@ class ContentViewerController &lt; ApplicationController
     end
  
     # At this point the page will be showed
-    @page.hit unless user_is_a_bot?
+
+    unless user_is_a_bot? || already_visited?(@page)
+      Noosfero::Scheduler::Defer.later{ @page.hit }
+    end
  
     @page = FilePresenter.for @page
  
@@ -276,4 +280,18 @@ class ContentViewerController &lt; ApplicationController
     @comment_order = params[:comment_order].nil? ? 'oldest' : params[:comment_order]
   end
  
+  private
+
+  def already_visited?(element)
+    user_id = if user.nil? then -1 else current_user.id end
+    user_id = "#{user_id}_#{element.id}_#{element.class}"
+
+    if cookies.signed[:visited] == user_id
+      return true
+    else
+      cookies.permanent.signed[:visited] = user_id
+      return false
+    end
+  end
+
 end
@@ -66,7 +66,10 @@ class ProfileController &lt; PublicController
  
   def members
     if is_cache_expired?(profile.members_cache_key(params))
-      @members = profile.members_by_name.includes(relations_to_include).paginate(:per_page => members_per_page, :page => params[:npage], :total_entries => profile.members.count)
+      sort = (params[:sort] == 'desc') ? params[:sort] : 'asc'
+      @profile_admins = profile.admins.includes(relations_to_include).order("name #{sort}").paginate(:per_page => members_per_page, :page => params[:npage])
+      @profile_members = profile.members.includes(relations_to_include).order("name #{sort}").paginate(:per_page => members_per_page, :page => params[:npage])
+      @profile_members_url = url_for(:controller => 'profile', :action => 'members')
     end
   end
  
@@ -180,22 +180,24 @@ class SearchController &lt; PublicController
     end
   end
  
-  AVAILABLE_SEARCHES = ActiveSupport::OrderedHash[
-    :articles, _('Contents'),
-    :people, _('People'),
-    :communities, _('Communities'),
-    :enterprises, _('Enterprises'),
-    :products, _('Products and Services'),
-    :events, _('Events'),
-  ]
+  def available_searches
+    @available_searches ||= ActiveSupport::OrderedHash[
+      :articles, _('Contents'),
+      :people, _('People'),
+      :communities, _('Communities'),
+      :enterprises, _('Enterprises'),
+      :products, _('Products and Services'),
+      :events, _('Events'),
+    ]
+  end
  
   def load_search_assets
-    if AVAILABLE_SEARCHES.keys.include?(params[:action].to_sym) && environment.enabled?("disable_asset_#{params[:action]}")
+    if available_searches.keys.include?(params[:action].to_sym) && environment.enabled?("disable_asset_#{params[:action]}")
       render_not_found
       return
     end
  
-    @enabled_searches = AVAILABLE_SEARCHES.select {|key, name| environment.disabled?("disable_asset_#{key}") }
+    @enabled_searches = available_searches.select {|key, name| environment.disabled?("disable_asset_#{key}") }
     @searching = {}
     @titles = {}
     @enabled_searches.each do |key, name|
@@ -207,7 +209,7 @@ class SearchController &lt; PublicController
  
   def load_order
     @order = 'more_recent'
-    if AVAILABLE_SEARCHES.keys.include?(@asset.to_sym)
+    if available_searches.keys.include?(@asset.to_sym)
       available_orders = asset_class(@asset)::SEARCH_FILTERS[:order]
       @order = params[:order] if available_orders.include?(params[:order])
     end
 class ThemesController < ApplicationController
  
   before_filter :login_required
+  before_filter :check_user_can_edit_appearance, :only => [:index]
  
   no_design_blocks
  
@@ -39,4 +40,11 @@ class ThemesController &lt; ApplicationController
     redirect_to :action => 'index'
   end
  
+  private
+
+  def check_user_can_edit_appearance
+    user_can_edit_appearance = user.is_admin?(environment) || environment.enabled?('enable_appearance')
+    redirect_to request.referer || "/" unless user_can_edit_appearance
+  end
+
 end
@@ -67,19 +67,19 @@ module ActionTrackerHelper
     }
   end
  
-  def create_product_description
+  def create_product_description ta
     _('created the product %{title}') % {
       title: link_to(truncate(ta.get_name), ta.get_url),
     }
   end
  
-  def update_product_description
+  def update_product_description ta
     _('updated the product %{title}') % {
       title: link_to(truncate(ta.get_name), ta.get_url),
     }
   end
  
-  def remove_product_description
+  def remove_product_description ta
     _('removed the product %{title}') % {
       title: truncate(ta.get_name),
     }
@@ -727,10 +727,10 @@ module ApplicationHelper
     javascript_include_tag script if script
   end
  
-  def file_field_or_thumbnail(label, image, i)
+  def file_field_or_thumbnail(label, image, i, removable = true)
     display_form_field label, (
       render :partial => (image && image.valid? ? 'shared/show_thumbnail' : 'shared/change_image'),
-      :locals => { :i => i, :image => image }
+      :locals => { :i => i, :image => image, :removable => removable }
       )
   end
  
@@ -1133,7 +1133,7 @@ module ApplicationHelper
   alias :browse_communities_menu :search_communities_menu
  
   def pagination_links(collection, options={})
-    options = {:previous_label => '&laquo; ' + _('Previous'), :next_label => _('Next') + ' &raquo;'}.merge(options)
+    options = {:previous_label => content_tag(:span, '&laquo; ', :class => 'previous-arrow') + _('Previous'), :next_label => _('Next') + content_tag(:span, ' &raquo;', :class => 'next-arrow'), :inner_window => 1, :outer_window => 0 }.merge(options)
     will_paginate(collection, options)
   end
  
@@ -1319,7 +1319,12 @@ module ApplicationHelper
       options[:class] = (options[:class] || '') + ' disabled'
       content_tag('a', '&nbsp;'+content_tag('span', content), options)
     else
-      link_to content, url, options
+      if options[:modal]
+        options.delete(:modal)
+        modal_link_to content, url, options
+      else
+        link_to content, url, options
+      end
     end
   end
  
@@ -15,6 +15,13 @@ module ArticleHelper
     topic_creation(@article) +
     content_tag('h4', _('Options')) +
     content_tag('div',
+      content_tag('div',
+        check_box(:article, :archived) +
+          content_tag('span', '&nbsp;', :class => 'access-archived-icon') +
+          content_tag('label', _('Read Only'), :for => 'article_archived_true') +
+          content_tag('span', _('Archive to avoid create comments, votes, actions in children articles...'), :class => 'access-note'),
+          :class => 'access-item'
+      ) +
       (article.profile.has_members? ?
       content_tag(
         'div',
@@ -23,13 +30,11 @@ module ArticleHelper
       ) :
       '') +
  
-      (article.parent && article.parent.forum? && controller.action_name == 'new' ?
-      hidden_field_tag('article[accept_comments]', 1) :
       content_tag(
         'div',
         check_box(:article, :accept_comments) +
         content_tag('label', (article.parent && article.parent.forum? ? _('This topic is opened for replies') : _('I want to receive comments about this article')), :for => 'article_accept_comments')
-      )) +
+      ) +
  
       content_tag(
         'div',
@@ -65,13 +70,20 @@ module ArticleHelper
     content_tag('div',
       content_tag('div',
         radio_button(:article, :published, true) +
-          content_tag('label', _('Public (visible to other people)'), :for => 'article_published_true')
+          content_tag('span', '&nbsp;', :class => 'access-public-icon') +
+          content_tag('label', _('Public'), :for => 'article_published_true') +
+          content_tag('span', _('Visible to other people'), :class => 'access-note'),
+          :class => 'access-item'
            ) +
       content_tag('div',
         radio_button(:article, :published, false) +
-          content_tag('label', _('Private'), :for => 'article_published_false', :id => "label_private")
+          content_tag('span', '&nbsp;', :class => 'access-private-icon') +
+          content_tag('label', _('Private'), :for => 'article_published_false', :id => "label_private") +
+          content_tag('span', _('Limit visibility of this article'), :class => 'access-note'),
+          :class => 'access-item'
       ) +
-      privacity_exceptions(article, tokenized_children)
+      privacity_exceptions(article, tokenized_children),
+      :class => 'access-itens'
     )
   end
  
@@ -24,10 +24,8 @@ module BlogHelper
   end
  
   def list_posts(articles, conf = { format: 'full', paginate: true })
-    pagination = will_paginate(articles, {
+    pagination = pagination_links(articles, {
       :param_name => 'npage',
-      :previous_label => _('&laquo; Newer posts'),
-      :next_label => _('Older posts &raquo;'),
       :params => {:action=>"view_page",
                   :page=>articles.first.parent.path.split('/'),
                   :controller=>"content_viewer"}
@@ -5,14 +5,14 @@ module BoxOrganizerHelper
     plugin = @plugins.fetch_first_plugin(:has_block?, block)
  
     theme = Theme.new(environment.theme) # remove this
-    if File.exists?(File.join(theme.filesystem_path, 'images', block.icon_path))
-      image_path = File.join(theme.public_path, 'images', block.icon_path)
-    elsif plugin && File.exists?(File.join(Rails.root, 'public', plugin.public_path, 'images', block.icon_path))
-      image_path = File.join('/', plugin.public_path, 'images', block.icon_path)
-    elsif File.exists?(File.join(Rails.root, 'public', 'images', block.icon_path))
-      image_path = File.join('images', block.icon_path)
+    if File.exists?(File.join(theme.filesystem_path, block.icon_path))
+      image_path = File.join(theme.public_path, block.icon_path)
+    elsif plugin && File.exists?(File.join(Rails.root, 'public', plugin.public_path, block.icon_path))
+      image_path = File.join('/', plugin.public_path, block.icon_path)
+    elsif File.exists?(File.join(Rails.root, 'public', block.icon_path))
+      image_path = block.icon_path
     else
-      image_path = File.join('images', block.default_icon_path)
+      image_path = block.default_icon_path
     end
  
     image_tag(image_path, height: '48', width: '48', class: 'block-type-icon', alt: '' )
@@ -33,7 +33,7 @@ module BoxOrganizerHelper
     images_path = Dir.glob(File.join(Rails.root, 'public', 'images', block.preview_path, '*')) if images_path.empty?
     images_path = images_path.map{|path| path.gsub(File.join(Rails.root, 'public'), '') } unless images_path.empty?
  
-    images_path = 1.upto(3).map{File.join('images', block.default_preview_path)} if images_path.empty?
+    images_path = 1.upto(3).map{block.default_preview_path} if images_path.empty?
  
     content_tag(:ul,
       images_path.map do |preview|
@@ -190,7 +190,7 @@ module BoxesHelper
       else
         "before-block-#{block.id}"
       end
-    if block.nil? || movable?(block)
+    if block.nil? or movable?(block)
       url = url_for(:action => 'move_block', :target => id)
       content_tag('div', _('Drop Here'), :id => id, :class => 'block-target' ) + drop_receiving_element(id, :accept => box.acceptable_blocks, :hoverclass => 'block-target-hover', :activeClass => 'block-target-active', :tolerance => 'pointer', :onDrop => "function(ev, ui) { dropBlock('#{url}', '#{_('loading...')}', ev, ui);}")
     else
@@ -9,11 +9,6 @@ module CmsHelper
     mime_type.gsub('/', '_').gsub('-', '')
   end
  
-  def pagination_links(collection, options={})
-    options = {:previous_label => '&laquo; ', :next_label => ' &raquo;', :page_links => false}.merge(options)
-    will_paginate(collection, options)
-  end
-
   attr_reader :environment
  
   def options_for_article(article, tokenized_children=nil)
@@ -35,7 +30,7 @@ module CmsHelper
   end
  
   def display_spread_button(article)
-    expirable_button article, :spread, _('Spread this'), {:action => 'publish', :id => article.id}, {:class => 'colorbox'}
+    expirable_button article, :spread, _('Spread this'), {:action => 'publish', :id => article.id}, {:modal => true}
   end
  
   def display_delete_button(article)
@@ -61,7 +61,15 @@ module FolderHelper
     @article = article
  
     visibility_options(article,tokenized_children) +
+    content_tag('h4', _('Options')) +
     content_tag('div',
+      content_tag('div',
+        check_box(:article, :archived) +
+          content_tag('span', '&nbsp;', :class => 'access-archived-icon') +
+          content_tag('label', _('Read Only'), :for => 'article_archived_true') +
+          content_tag('span', _('Archive to avoid votes and create new children articles'), :class => 'access-note'),
+          :class => 'access-item'
+      ) +
       hidden_field_tag('article[accept_comments]', 0)
     )
   end
@@ -184,6 +184,7 @@ module FormsHelper
     datepicker_options[:year_suffix] ||= ''
  
     element_id = html_options[:id] || 'datepicker-date'
+    value_js_formatted = value.present? ? value.strftime('%Y-%m-%d %H:%S') : nil
     value = value.strftime(format) if value.present?
     method = datepicker_options[:time] ? 'datetimepicker' : 'datepicker'
     result = text_field_tag(name, value, html_options)
@@ -236,7 +237,7 @@ module FormsHelper
         weekHeader: #{datepicker_options[:week_header].to_json},
         yearRange: #{datepicker_options[:year_range].to_json},
         yearSuffix: #{datepicker_options[:year_suffix].to_json}
-      }).datepicker('setDate', new Date('#{value}'))
+      }).datepicker('setDate', new Date('#{value_js_formatted}'))
     </script>
     ".html_safe
     result
@@ -10,10 +10,8 @@ module ForumHelper
   end
  
   def list_forum_posts(articles)
-    pagination = will_paginate(articles, {
-      :param_name => 'npage',
-      :previous_label => _('&laquo; Newer posts'),
-      :next_label => _('Older posts &raquo;')
+    pagination = pagination_links(articles, {
+      :param_name => 'npage'
     })
     content = [content_tag('tr',
                            content_tag('th', _('Discussion topic')) +
@@ -4,7 +4,15 @@ module LanguageHelper
   end
  
   def tinymce_language
-    language.downcase.split('_').first
+    lang = language.downcase.split('_').first
+    case lang
+    when 'pt'
+      'pt_BR'
+    when 'fr'
+      'fr_FR'
+    else
+      lang
+    end
   end
  
   def html_language
@@ -5,24 +5,21 @@ module SearchHelper
   BLOCKS_SEARCH_LIMIT = 24
   MULTIPLE_SEARCH_LIMIT = 8
  
-  FILTERS_TRANSLATIONS = {
-    :order => _('Order'),
-    :display => _('Display')
-  }
-
-  FILTERS_OPTIONS_TRANSLATION = {
-    :order => {
-      'more_popular' => _('More popular'),
-      'more_active' => _('More active'),
-      'more_recent' => _('More recent'),
-      'more_comments' => _('More comments')
-    },
-    :display => {
-      'map' => _('Map'),
-      'full' => _('Full'),
-      'compact' => _('Compact')
+  def filters_options_translation
+    @filters_options_translation ||= {
+      :order => {
+        'more_popular' => _('More popular'),
+        'more_active' => _('More active'),
+        'more_recent' => _('More recent'),
+        'more_comments' => _('More comments')
+      },
+      :display => {
+        'map' => _('Map'),
+        'full' => _('Full'),
+        'compact' => _('Compact')
+      }
     }
-  }
+  end
  
   COMMON_PROFILE_LIST_BLOCK = [
     :enterprises,
@@ -100,7 +97,7 @@ module SearchHelper
     if options.size <= 1
       return
     else
-      options = options.map {|option| [FILTERS_OPTIONS_TRANSLATION[name][option], option]}
+      options = options.map {|option| [filters_options_translation[name][option], option]}
       options = options_for_select(options, :selected => (params[name] || default))
       select_tag(name, options)
     end
@@ -3,7 +3,7 @@ module TinymceHelper
  
   def tinymce_js
     output = ''
-    output += javascript_include_tag 'tinymce/js/tinymce/tinymce.min.js'
+    output += javascript_include_tag 'tinymce/js/tinymce/tinymce.js'
     output += javascript_include_tag 'tinymce/js/tinymce/jquery.tinymce.min.js'
     output += javascript_include_tag 'tinymce.js'
     output += include_macro_js_files.to_s
-require 'mailing_job'
+require_dependency 'mailing_job'
  
 class Mailing < ActiveRecord::Base
  
@@ -40,10 +40,8 @@ class Mailing &lt; ActiveRecord::Base
       begin
         Mailing::Sender.notification(self, recipient.email).deliver
         self.mailing_sents.create(:person => recipient)
-      rescue Exception
-        # FIXME should not discard errors silently. An idea is to collect all
-        # errors and generate a task (notification) for the +source+
-        # (environment/organization) listing these errors.
+      rescue Exception => ex
+        Rails.logger.error("#{ex.class.to_s} - #{ex.to_s} at #{__FILE__}:#{__LINE__}")
       end
     end
   end
@@ -14,8 +14,8 @@ class AddFriend &lt; Task
   alias :friend :target
   alias :friend= :target=
  
-	validates :requestor, :kind_of => { :kind => Person }
-	validates :target, :kind_of => { :kind => Person }
+  validates :requestor, :kind_of => { :kind => Person }
+  validates :target, :kind_of => { :kind => Person }
  
   after_create do |task|
     TaskMailer.invitation_notification(task).deliver unless task.friend
@@ -29,8 +29,10 @@ class AddMember &lt; Task
   end
  
   def information
-    {:message => _("%{requestor} wants to be a member of '%{organization}'."),
-     variables: {requestor: requestor.name, organization: organization.name}}
+    requestor_email = " (#{requestor.email})" if requestor.may_display_field_to?("email")
+
+    {:message => _("%{requestor}%{requestor_email} wants to be a member of '%{organization}'."),
+     variables: {requestor: requestor.name, requestor_email: requestor_email, organization: organization.name}}
   end
  
   def accept_details
@@ -46,7 +48,9 @@ class AddMember &lt; Task
   end
  
   def target_notification_description
-    _("%{requestor} wants to be a member of '%{organization}'.") % {:requestor => requestor.name, :organization => organization.name}
+    requestor_email = " (#{requestor.email})" if requestor.may_display_field_to?("email")
+
+    _("%{requestor}%{requestor_email} wants to be a member of '%{organization}'.") % {:requestor => requestor.name, :requestor_email => requestor_email, :organization => organization.name}
   end
  
   def target_notification_message
@@ -138,9 +138,4 @@ class ApproveArticle &lt; Task
     message
   end
  
-  def request_is_member_of_target
-    unless requestor.is_member_of?(target)
-      errors.add(:approve_article, N_('Requestor must be a member of target.'))
-    end
-  end
 end
+
 class Article < ActiveRecord::Base
  
   attr_accessible :name, :body, :abstract, :profile, :tag_list, :parent,
@@ -8,7 +9,7 @@ class Article &lt; ActiveRecord::Base
                   :highlighted, :notify_comments, :display_hits, :slug,
                   :external_feed_builder, :display_versions, :external_link,
                   :author, :published_at, :person_followers, :show_to_followers, 
-                  :image_builder, :display_preview
+                  :image_builder, :display_preview, :archived
  
   acts_as_having_image
  
@@ -28,9 +29,14 @@ class Article &lt; ActiveRecord::Base
   def initialize(*params)
     super
  
-    if !params.blank? && params.first.has_key?(:profile) && !params.first[:profile].blank?
-      profile = params.first[:profile]
-      self.published = false unless profile.public?
+    if !params.blank?
+      if params.first.has_key?(:profile) && !params.first[:profile].blank?
+        profile = params.first[:profile]
+        self.published = false unless profile.public_profile
+      end
+
+      self.published = params.first["published"] if params.first.has_key?("published")
+      self.published = params.first[:published] if params.first.has_key?(:published)
     end
  
   end
@@ -152,6 +158,8 @@ class Article &lt; ActiveRecord::Base
   validate :no_self_reference
   validate :no_cyclical_reference, :if => 'parent_id.present?'
  
+  validate :parent_archived?
+
   def no_self_reference
     errors.add(:parent_id, _('self-reference is not allowed.')) if id && parent_id == id
   end
@@ -482,6 +490,10 @@ class Article &lt; ActiveRecord::Base
     end
   end
  
+  def archived?
+    (self.parent && self.parent.archived) || self.archived
+  end
+
   def self.folder_types
     ['Folder', 'Blog', 'Forum', 'Gallery']
   end
@@ -628,13 +640,21 @@ class Article &lt; ActiveRecord::Base
   end
  
   def hit
-    self.class.connection.execute('update articles set hits = hits + 1 where id = %d' % self.id.to_i)
-    self.hits += 1
+    if !archived?
+      self.class.connection.execute('update articles set hits = hits + 1 where id = %d' % self.id.to_i)
+      self.hits += 1
+    end
   end
  
   def self.hit(articles)
-    Article.where(:id => articles.map(&:id)).update_all('hits = hits + 1')
-    articles.each { |a| a.hits += 1 }
+    ids = []
+    articles.each do |article|
+      if !article.archived?
+        ids << article.id
+        article.hits += 1
+      end
+    end
+    Article.where(:id => ids).update_all('hits = hits + 1') if !ids.empty?
   end
  
   def can_display_hits?
@@ -812,7 +832,7 @@ class Article &lt; ActiveRecord::Base
   end
  
   def first_image
-    img = ( image.present? && { 'src' => image.public_filename } ) ||
+    img = ( image.present? && { 'src' => File.join([Noosfero.root, image.public_filename].join) } ) ||
           Nokogiri::HTML.fragment(self.lead.to_s).css('img[src]').first ||
           Nokogiri::HTML.fragment(self.body.to_s).search('img').first
     img.nil? ? '' : img['src']
@@ -848,4 +868,10 @@ class Article &lt; ActiveRecord::Base
     sanitizer.sanitize(text)
   end
  
+  def parent_archived?
+     if self.parent_id_changed? && self.parent && self.parent.archived?
+       errors.add(:parent_folder, N_('is archived!!'))
+     end
+  end
+
 end
@@ -151,7 +151,7 @@ class Block &lt; ActiveRecord::Base
  
   def self.icon_path
     basename = self.name.split('::').last.underscore
-    File.join('blocks', basename, 'icon.png')
+    File.join('images', 'blocks', basename, 'icon.png')
   end
  
   def self.pretty_name
@@ -159,7 +159,7 @@ class Block &lt; ActiveRecord::Base
   end
  
   def self.default_icon_path
-    'icon_block.png'
+    '/images/icon_block.png'
   end
  
   def self.preview_path
@@ -168,7 +168,7 @@ class Block &lt; ActiveRecord::Base
   end
  
   def self.default_preview_path
-    "block_preview.png"
+    "/images/block_preview.png"
   end
  
   # Returns the content to be used for this block.
@@ -34,7 +34,9 @@ class Comment &lt; ActiveRecord::Base
       rec.errors.add(:name, _('{fn} can only be informed for unauthenticated authors').fix_i18n)
     end
   end
-  
+
+  validate :article_archived?
+
   acts_as_having_settings
  
   xss_terminate :only => [ :body, :title, :name ], :on => 'validation'
@@ -210,4 +212,14 @@ class Comment &lt; ActiveRecord::Base
     user.present? && user == author
   end
  
+  def archived?
+    self.article.archived? if self.article.present? && self.article.respond_to?(:archived?)
+  end
+
+  protected
+
+  def article_archived?
+    errors.add(:article, N_('associated with this comment is achived!')) if archived?
+  end
+
 end
 class Community < Organization
  
-  attr_accessible :accessor_id, :accessor_type, :role_id, :resource_id, :resource_type, :address_reference, :district, :tag_list, :language
+  attr_accessible :accessor_id, :accessor_type, :role_id, :resource_id, :resource_type
+  attr_accessible :address_reference, :district, :tag_list, :language, :description
   after_destroy :check_invite_member_for_destroy
  
   def self.type_name
@@ -9,11 +9,15 @@ class CreateCommunity &lt; Task
   alias :environment :target
   alias :environment= :target=
  
+  attr_accessible :environment, :requestor, :target
+  attr_accessible :reject_explanation, :template_id
+
   acts_as_having_image
  
-  DATA_FIELDS = Community.fields + ['name', 'closed']
+  DATA_FIELDS = Community.fields + ['name', 'closed', 'description']
   DATA_FIELDS.each do |field|
     settings_items field.to_sym
+    attr_accessible field.to_sym
   end
  
   def validate
@@ -160,7 +160,9 @@ class Environment &lt; ActiveRecord::Base
       'allow_change_of_redirection_after_login' => _('Allow users to set the page to redirect after login'),
       'display_my_communities_on_user_menu' => _('Display on menu the list of communities the user can manage'),
       'display_my_enterprises_on_user_menu' => _('Display on menu the list of enterprises the user can manage'),
-      'restrict_to_members' => _('Show content only to members')
+      'restrict_to_members' => _('Show content only to members'),
+
+      'enable_appearance' => _('Enable appearance editing by users'),
     }
   end
  
@@ -443,6 +445,7 @@ class Environment &lt; ActiveRecord::Base
     show_balloon_with_profile_links_when_clicked
     show_zoom_button_on_article_images
     use_portal_community
+    enable_appearance
   )
  
   before_create :enable_default_features
@@ -119,7 +119,7 @@ class Event &lt; Article
   end
  
   alias_method :article_lead, :lead
-  def lead
+  def lead(length = nil)
     self.class.action_view.render 'content_viewer/event_lead', event: self
   end
  
@@ -16,7 +16,7 @@ class FavoriteEnterprisesBlock &lt; ProfileListBlock
     owner = self.owner
     return '' unless owner.kind_of?(Person)
     proc do
-      link_to _('View all'), :profile => owner.identifier, :controller => 'profile', :action => 'favorite_enterprises'
+      link_to _('enterprises|View all'), {:profile => owner.identifier, :controller => 'profile', :action => 'favorite_enterprises'}, :class => 'view-all'
     end
   end
  
@@ -65,4 +65,8 @@ class Folder &lt; Article
     !self.has_posts? || self.gallery?
   end
  
+  def archived?
+    self.archived
+  end
+
 end
@@ -12,7 +12,9 @@ class HighlightsBlock &lt; Block
     block.images.each do |i|
       i[:image_id] = i[:image_id].to_i
       i[:position] = i[:position].to_i
-      i[:address] = Noosfero.root + i[:address]  unless Noosfero.root.nil?
+      if !Noosfero.root.nil? and !i[:address].start_with?(Noosfero.root + '/')
+        i[:address] = Noosfero.root + i[:address]
+      end
       begin
         file = UploadedFile.find(i[:image_id])
         i[:image_src] = file.public_filename
@@ -23,7 +23,8 @@ class Image &lt; ActiveRecord::Base
  
   postgresql_attachment_fu
  
-  attr_accessible :uploaded_data, :label
+  attr_accessible :uploaded_data, :label, :remove_image
+  attr_accessor :remove_image
  
   def current_data
     File.file?(full_filename) ? File.read(full_filename) : nil
@@ -90,6 +90,7 @@ class Person &lt; Profile
   #Article followers relation
   has_many :article_followers, :dependent => :destroy
   has_many :following_articles, :class_name => 'Article', :through => :article_followers, :source => :article
+  has_many :comments, :foreign_key => :author_id
  
   has_many :friendships, :dependent => :destroy
   has_many :friends, :class_name => 'Person', :through => :friendships
@@ -1019,7 +1019,8 @@ private :generate_url, :url_options
  
   def members_cache_key(params = {})
     page = params[:npage] || '1'
-    cache_key + '-members-page-' + page
+    sort = (params[:sort] ==  'desc') ? params[:sort] : 'asc'
+    cache_key + '-members-page-' + page + '-' + sort
   end
  
   def more_recent_label
@@ -16,6 +16,7 @@ class ProfileActivity &lt; ActiveRecord::Base
  
   def self.update_activity activity
     profile_activity = ProfileActivity.where(activity_id: activity.id, activity_type: activity.class.base_class.name).first
+    return unless profile_activity
     profile_activity.send :copy_timestamps
     profile_activity.save!
     profile_activity
@@ -14,7 +14,7 @@ class RssFeed &lt; Article
  
   # store setting in body
   serialize :body, Hash
-  
+
   def body
     self[:body] ||= {}
   end
@@ -89,6 +89,14 @@ class RssFeed &lt; Article
     )
   end
  
+  def published?
+    if self.parent
+      self.parent.published?
+    else
+      self.published
+    end
+  end
+
   def self.short_description
     _('RSS Feed')
   end
@@ -156,28 +156,6 @@ class Task &lt; ActiveRecord::Base
     end
   end
  
-  def requestor_is_of_kind(klass, message = nil)
-    error_message = message ||= _('Task requestor must be '+klass.to_s.downcase)
-    group = klass.to_s.downcase.pluralize
-    if environment.respond_to?(group) and requestor_id
-      requestor = requestor ||= environment.send(klass.to_s.downcase.pluralize).find_by_id(requestor_id)
-    end
-    unless requestor.class == klass
-      errors.add(error_message)
-    end
-  end
-
-  def target_is_of_kind(klass, message = nil)
-    error_message = message ||= _('Task target must be '+klass.to_s.downcase)
-    group = klass.to_s.downcase.pluralize
-    if environment.respond_to?(group) and target_id
-      target = target ||= environment.send(klass.to_s.downcase.pluralize).find_by_id(target_id)
-    end
-    unless target.class == klass
-      errors.add(error_message)
-    end
-  end
-
   def close(status, closed_by)
     self.status = status
     self.end_date = Time.now
@@ -12,7 +12,7 @@ class TextileArticle &lt; TextArticle
     convert_to_html(body)
   end
  
-  def lead
+  def lead(length = nil)
     if abstract.blank?
       super
     else
@@ -18,7 +18,6 @@ class Theme
       Rails.root.join('public', relative_themes_dir)
     end
  
-    #FIXME make this test
     def relative_themes_dir
       File.join('designs', 'themes')
     end
@@ -99,12 +98,10 @@ class Theme
     config['public'] = value
   end
  
-  #FIXME make this test
   def public_path
     File.join('/', self.class.relative_themes_dir, self.id)
   end
  
-  #FIXME make this test
   def filesystem_path
     File.join(self.class.system_themes_dir, self.id)
   end
@@ -127,6 +127,7 @@ class User &lt; ActiveRecord::Base
   validates_uniqueness_of   :email, :case_sensitive => false, :scope => :environment_id
   before_save :encrypt_password
   before_save :normalize_email, if: proc{ |u| u.email.present? }
+  before_save :generate_private_token_if_not_exist
   validates_format_of :email, :with => Noosfero::Constants::EMAIL_FORMAT, :if => (lambda {|user| !user.email.blank?})
  
   validates_inclusion_of :terms_accepted, :in => [ '1' ], :if => lambda { |u| ! u.terms_of_use.blank? }, :message => N_('{fn} must be checked in order to signup.').fix_i18n
@@ -142,19 +143,34 @@ class User &lt; ActiveRecord::Base
  
     u = self.has_login?(login, login, environment.id)
     u = u.first if u.is_a?(ActiveRecord::Relation)
-    u && u.authenticated?(password) ? u : nil
+
+    if u && u.authenticated?(password)
+      u.generate_private_token_if_not_exist
+      return u
+    end
+    return nil
   end
  
   def register_login
     self.update_attribute :last_login_at, Time.now
   end
  
-  def generate_private_token!
+  def generate_private_token
     self.private_token = SecureRandom.hex
     self.private_token_generated_at = DateTime.now
+  end
+
+  def generate_private_token!
+    self.generate_private_token
     save(:validate => false)
   end
  
+  def generate_private_token_if_not_exist
+    unless self.private_token
+      self.generate_private_token
+    end
+  end
+
   TOKEN_VALIDITY = 2.weeks
   def private_token_expired?
     self.private_token.nil? || (self.private_token_generated_at + TOKEN_VALIDITY < DateTime.now)
@@ -407,6 +423,12 @@ class User &lt; ActiveRecord::Base
     @is_password_required = false
   end
  
+  def resend_activation_code
+    return if self.activated?
+    update_attribute(:activation_code, make_activation_code)
+    self.deliver_activation_code
+  end
+
   protected
  
     def normalize_email
 <h1>EndPoints</h1>
  
 <div style="float: right">
-<%= s_('api-playground|Try the %s') % link_to('API Playground', '/api/playground') %>
+  <%= s_('api-playground|Try the %s') % link_to('API Playground', {:controller => 'api', :action => 'playground'}) %>
 </div>
  
 <%= endpoints.map do |endpoint|
 <h1>API Playground</h1>
  
 <script>
+<% prefix = Noosfero::API::API.prefix %>
+var prefix = <%= prefix.to_json %>;
 var endpoints = <%=
 endpoints.map do |endpoint|
   app = endpoint.options[:app].to_s
@@ -13,8 +15,8 @@ endpoints.map do |endpoint|
     end
   end
 end.flatten.compact.sort{|a,b|
-  a[:path]=='/api/v1/login' ? -1 :
-  b[:path]=='/api/v1/login' ?  1 :
+  a[:path]=="#{prefix}/v1/login" ? -1 :
+  b[:path]=="#{prefix}/v1/login" ?  1 :
   a[:path] <=> b[:path]
 }.to_json %>;
 </script>
@@ -33,4 +35,4 @@ end.flatten.compact.sort{|a,b|
 </div>
 <pre id="api-response" class="empty"></pre>
  
-<script src="/javascripts/api-playground.js"></script>
+<%= javascript_include_tag 'api-playground' %>
@@ -4,7 +4,7 @@
     <div class='highlights-container'>
       <% block.featured_images.each do |img| %>
         <a href="<%= img[:address] %>" title="<%= img[:title] %>" class="highlights-image-link">
-          <%= content_tag :img, nil, :src => img[:image_src], :alt => img[:title] %>
+          <%= image_tag [Noosfero.root, img[:image_src]].join, alt: img[:title] %>
           <p class="highlights-label"><%= img[:title] %></p>
         </a>
       <% end %>
@@ -0,0 +1,8 @@
+<% if !article.errors.any? %>
+  <div class="text-warning">
+    <p>
+      <i class="icon"></i>
+      <%= _("Archived article! It's read-only") %>
+    </p>
+  </div>
+<% end %>
@@ -55,14 +55,12 @@
  
 <%= labelled_form_field(_('Description:'), text_area(:article, :body, :rows => 10, :class => 'mceEditor')) %>
  
-<%= f.fields_for :image_builder, @article.image do |i| %>
-  <%= file_field_or_thumbnail(_('Cover image:'), @article.image, i)%>
-  <%= _("Max size: %s (.jpg, .gif, .png)")% Image.max_size.to_humanreadable %>
-<% end %>
-
-<% unless @article.image.nil? %>
-  <%= labelled_check_box(_('Remove cover image'),'remove_image',true,false)%>
-<% end %>
+<div id="blog-image-builder">
+  <%= f.fields_for :image_builder, @article.image do |i| %>
+    <%= file_field_or_thumbnail(_('Cover image:'), @article.image, i)%>
+    <%= _("Max size: %s (.jpg, .gif, .png)")% Image.max_size.to_humanreadable %>
+  <% end %>
+</div>
  
 <%= labelled_form_field(_('How to display posts:'), f.select(:visualization_format, [
   [ _('Full post'), 'full'],
@@ -10,7 +10,7 @@
  
 <%= render :partial => 'general_fields' %>
  
-<%= labelled_form_field(_('Description:'), text_area(:article, :body, :cols => 64, :rows => 10)) %>
+<%= labelled_form_field(_('Description:'), text_area(:article, :body, :class => 'mceEditor', :cols => 64, :rows => 10)) %>
  
 <%= labelled_form_field(_('Posts per page:'), f.select(:posts_per_page, Forum.posts_per_page_options)) %>
  
@@ -4,7 +4,7 @@
     <div class='section-title'>
       <h3><%= header %></h3>
       <% if @recent_files[key].total_pages > 1 %>
-        <%= link_to(_('View all'), {:controller => 'cms', :action => 'view_all_media', :profile => profile.identifier, :key => key}, :class => 'view-all colorbox', 'data-key' => key) %>
+        <%= modal_link_to(_('View all'), {:controller => 'cms', :action => 'view_all_media', :profile => profile.identifier, :key => key}, { :class => 'view-all', 'data-key' => key }) %>
       <% end %>
     </div>
     <%= render :partial => "cms/media_panel/list_published_media_items", :locals => { key: key, show_pagination_links: false } %>
@@ -13,6 +13,7 @@
     <%= time_ago_in_words article.updated_at %>
   </td>
     <td class="article-controls">
+      <%= @plugins.dispatch(:extra_content_actions, article).collect { |content| instance_exec(&content) }.join("") %>
       <%= expirable_button article, :edit, _('Edit'), {:action => 'edit', :id => article.id} if !remove_content_button(:edit, article) %>
       <%= button_without_text :eyes, _('Public view'), article.view_url %>
       <%= display_spread_button(article) unless remove_content_button(:spread, article) %>
 <%= error_messages_for 'article' %>
  
+<% if @article.archived? %>
+  <%= render :partial => 'archived_warning', :locals => {:article => @article} %>
+<% end %>
 <div class='<%= (@article.display_media_panel? ? 'with_media_panel' : 'no_media_panel') %>'>
 <%= labelled_form_for 'article', :html => { :multipart => true, :class => @type } do |f| %>
  
@@ -9,6 +12,7 @@
  
   <%= hidden_field_tag('success_back_to', @success_back_to) %>
  
+
   <%= render :partial => partial_for_class(@article.class), :locals => { :f => f } %>
  
   <% if environment.is_portal_community?(profile) %>
 <div class="item image" data-item="span" title="<%= @file.name %>">
   <span>
-    <img src="<%= @file.public_filename(:uploaded) %>"/>
+    <%= image_tag(@file.public_filename(:uploaded)) %>
   </span>
   <div class="controls image-controls">
     <a class="button icon-add add-to-text" href="#"><span><%= _('Add to the text') %></span></a>
@@ -18,7 +18,7 @@
  
     <% if @page.allow_spread?(user) && !remove_content_button(:spread, @page) %>
       <% url = profile.admin_url.merge({ :controller => 'cms', :action => 'publish', :id => @page.id }) %>
-      <%= expirable_button @page, :spread, content_tag( 'span', _('Spread this') ), url, {:class => 'colorbox'} if url %>
+      <%= expirable_button @page, :spread, content_tag( 'span', _('Spread this') ), url, {:modal => true} if url %>
     <% end %>
  
     <% if !@page.gallery? && (@page.allow_create?(user) || (@page.parent && @page.parent.allow_create?(user))) %>
@@ -29,7 +29,9 @@
         <%= expirable_button @page, :locale, content, url %>
       <% end %>
  
-      <%= modal_button(:new, label_for_new_article(@page), profile.admin_url.merge(:controller => 'cms', :action => 'new', :parent_id => (@page.folder? ? @page : @page.parent))) unless remove_content_button(:new, @page) %>
+      <% if !@page.archived? %>
+        <%= modal_button(:new, label_for_new_article(@page), profile.admin_url.merge(:controller => 'cms', :action => 'new', :parent_id => (@page.folder? ? @page : @page.parent))) unless remove_content_button(:new, @page) %>
+      <% end %>
  
       <% content = content_tag('span', label_for_clone_article(@page)) %>
       <% url = profile.admin_url.merge({ :controller => 'cms', :action => 'new', :id => @page.id, :clone => true,  :parent_id => (@page.folder? ? @page : @page.parent), :type => @page.class}) %>
@@ -64,6 +66,9 @@
     <% end %>
     <%= button_without_text(:feed, _('RSS feed'), @page.feed.url, :class => 'blog-feed-link') if @page.has_posts? && @page.feed %>
     <%= @plugins.dispatch(:article_header_extra_contents, @page).collect { |content| instance_exec(&content) }.join("") %>
+    <% if @page.archived? %>
+      <%= render :partial => 'cms/archived_warning', :locals => {:article => @page} %>
+    <% end %>
     <%= render :partial => 'article_title', :locals => {:no_link => true} %>
     <%= article_translations(@page) %>
   </div>
@@ -16,7 +16,7 @@
   <div id='article-sub-header'>
     <% if @page.display_hits? %>
       <div id="article-hits">
-        <%= n_('Viewed one time', 'Viewed %{num} times', @page.hits) % { :num => @page.hits } %>
+        <%= n_('Viewed one time %{desc}', 'Viewed %{num} times %{desc}', @page.hits) % { :num => @page.hits, :desc => @page.archived? ? '<b>'+_('(Not countable anymore)')+'</b>' : '' } %>
       </div>
     <% end %>
  
@@ -31,7 +31,7 @@
 <% cache(@page.cache_key(params, user, language)) do %>
   <div class="<%="article-body article-body-" + @page.css_class_name %>">
     <% options = @page.image? ? {:gallery_view => true} : {} %>
-    <% if @page.image.present? && !@page.event? %>
+    <% if @page.image.present? && !@page.event? && !@page.blog? %>
       <div class="article-body-img">
         <%= image_tag(@page.image.public_filename) %>
         <p><%= @page.image.label%></p>
@@ -85,7 +85,7 @@
       <% end %>
     </ul>
  
-    <% if @page.accept_comments? %>
+    <% if !@page.archived? || @page.accept_comments? %>
       <div id='page-comment-form' class='page-comment-form'><%= render :partial => 'comment/comment_form', :locals =>{:url => {:controller => :comment, :action => :create}, :display_link => true, :cancel_triggers_hide => true}%></div>
     <% end %>
   </div><!-- end class="comments" -->
@@ -3,7 +3,7 @@
   <head>
     <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
   </head>
-  <body>
+  <body style="margin: 0">
     <%= word_wrap(@message) %>
     <p>
       --<br/>
@@ -3,7 +3,7 @@
 </div>
 <div class='profile-activity-description'>
   <p class='profile-activity-text'><%= link_to activity.user.short_name(nil), activity.user.url %> <%= describe activity %></p>
-  <p class='profile-activity-time'><%= time_ago_as_sentence activity.created_at %></p>
+  <p class='profile-activity-time'><%= time_ago_in_words activity.created_at %></p>
  
   <div class='profile-wall-actions'>
     <%= link_to_function(_('Remove'), 'remove_item_wall(this, \'%s\', \'%s\', \'%s\'); return false ;' % [".profile-activity-item", url_for(:profile => params[:profile], :action => :remove_activity, :activity_id => activity.id, :view => params[:view]), _('Are you sure you want to remove this activity and all its replies?')]) if logged_in? && current_person == @profile %>
@@ -5,7 +5,7 @@
   <p class='profile-activity-text'>
     <%= link_to activity.user.short_name(nil), activity.user.url %> <%= describe activity %>
   </p>
-  <p class='profile-activity-time'><%= time_ago_as_sentence activity.created_at %></p>
+  <p class='profile-activity-time'><%= time_ago_in_words activity.created_at %></p>
  
   <div class='profile-wall-actions'>
     <%= link_to_function(_('Remove'), 'remove_item_wall(this, \'%s\', \'%s\', \'%s\'); return false ;' % [".profile-activity-item", url_for(:profile => params[:profile], :action => :remove_activity, :activity_id => activity.id, :view => params[:view]), _('Are you sure you want to remove this activity and all its replies?')]) if logged_in? && current_person == @profile %>
@@ -0,0 +1,16 @@
+<div id="profile-members-sort-options">
+  <%= label_tag("sort-#{role}", _("Sort by:")) %>
+  <%= select_tag("sort-#{role}",
+    options_for_select([
+      [_("Name A-Z"), 'asc'],
+      [_("Name Z-A"), 'desc'],
+    ], :selected => params[:sort])
+  ) %>
+</div>
+<ul class="profile-list-<%= role %>" >
+  <% users.each do |u| %>
+    <%= profile_image_link(u) %>
+  <% end %>
+</ul>
+
+<%= pagination_links users, :param_name => 'npage' %>
@@ -2,7 +2,7 @@
 </div>
 <div class='profile-activity-description'>
   <p class='profile-activity-text'><%= link_to activity.user.short_name(nil), activity.user.url %> <%= describe activity %></p>
-  <p class='profile-activity-time'><%= time_ago_as_sentence activity.created_at %></p>
+  <p class='profile-activity-time'><%= time_ago_in_words activity.created_at %></p>
  
   <div class='profile-wall-actions'>
     <%= link_to_function(_('Remove'), 'remove_item_wall(this, \'%s\', \'%s\', \'%s\'); return false ;' % [".profile-activity-item", url_for(:profile => params[:profile], :action => :remove_activity, :activity_id => activity.id, :view => params[:view]), _('Are you sure you want to remove this activity and all its replies?')]) if logged_in? && current_person == @profile %>
@@ -3,7 +3,7 @@
 </div>
 <div class='profile-activity-description'>
   <p class='profile-activity-text'><%= link_to activity.user.short_name(nil), activity.user.url %> <%= describe activity %></p>
-  <p class='profile-activity-time'><%= time_ago_as_sentence activity.created_at %></p>
+  <p class='profile-activity-time'><%= time_ago_in_words activity.created_at %></p>
  
   <div class='profile-wall-actions'>
     <%= link_to_function(_('Remove'), 'remove_item_wall(this, \'%s\', \'%s\', \'%s\'); return false ;' % [".profile-activity-item", url_for(:profile => params[:profile], :action => :remove_activity, :activity_id => activity.id, :view => params[:view]), _('Are you sure you want to remove this activity and all its replies?')]) if logged_in? && current_person == @profile %>
 <div class="common-profile-list-block">
  
-<h1><%= _("%s's members") % profile.name %></h1>
+<h1><%= _("Members (%d)") % @profile_members.total_entries %></h1>
+<h2 class="community-name"><%= profile.name %></h2>
  
 <% cache_timeout(profile.members_cache_key(params), 4.hours) do %>
-  <ul class='profile-list'>
-    <!--
-     @todo Highlight visual for invited members
-         of a community
-    -->
-    <% @members.each do |member| %>
-      <%= profile_image_link(member) %>
-    <% end %>
-  </ul>
+  <div class="profile-members-tabs-container">
+    <% tabs = [] %>
+
+    <% div_members = content_tag :div, :class => "profile-members" do
+      render :partial => 'profile_members_list',
+                            :locals => {
+                            :users => @profile_members,
+                            :role => "members"
+                            }
+    end %>
+
+    <% tabs << {:title =>  _("%d Members") % @profile_members.total_entries,
+                     :id => "members-tab",
+                     :content => div_members
+                     } %>
  
-  <div id='pagination-profiles'>
-    <%= pagination_links @members, :param_name => 'npage' %>
-  </div>
+    <% div_admins = content_tag :div, :class => "profile-admins" do
+      render :partial => 'profile_members_list',
+                            :locals => {
+                            :users => @profile_admins,
+                            :role => "admins"
+                            }
+    end %>
+
+    <% tabs << {:title => _("%d Administrators") % @profile_admins.total_entries,
+                            :id => "admins-tab",
+                            :content => div_admins
+                            } %>
+
+    <%= render_tabs(tabs) %>
+  </div><!-- end of class="profile-members-tabs-container" -->
 <% end %>
  
 <% button_bar do %>
@@ -30,4 +49,7 @@
   <% end %>
 <% end %>
  
-</div><!-- fim class="common-profile-list-block" -->
+<%= hidden_field_tag "profile_url", @profile_members_url %>
+</div><!-- end of class="common-profile-list-block" -->
+
+<%= javascript_include_tag "members_page.js" %>
@@ -18,6 +18,14 @@
  
   <%= @plugins.dispatch(:profile_info_extra_contents).collect { |content| instance_exec(&content) }.join("") %>
  
+  <div class="formfieldline">
+    <%= label_tag("private_token", _("Private Token")) %>
+    <div class="formfield type-text">
+      <%= text_field_tag("a", @profile.user.private_token, :size => 30) %>
+    </div>
+  </div>
+  <%= link_to("Reset token", {:controller => :profile_editor, :action => :reset_private_token, :id => @profile.id}, :class => "button with-text") %>
+
   <%= render :partial => 'person_form', :locals => {:f => f} %>
  
   <%= render :partial => 'person_form_custom_fields', :locals => {:f => f} %>
@@ -22,13 +22,13 @@
  
   <%= control_panel_button(_('Edit sideboxes'), 'blocks', :controller => 'profile_design', :action => 'index') %>
  
-  <%= control_panel_button(_('Edit Appearance'), 'design-editor', :controller => 'profile_themes', :action => 'index') %>
+  <%= control_panel_button(_('Edit Appearance'), 'design-editor', :controller => 'profile_themes', :action => 'index') if @show_appearance_option %>
  
-  <%= control_panel_button(_('Edit Header and Footer'), 'header-and-footer', :controller => 'profile_editor', :action => 'header_footer') if user.is_admin?(environment) || (!profile.enterprise? && !environment.enabled?('disable_header_and_footer'))  %>
+  <%= control_panel_button(_('Edit Header and Footer'), 'header-and-footer', :controller => 'profile_editor', :action => 'header_footer') if @show_header_footer_option %>
  
   <%= control_panel_button(_('Manage Content'), 'cms', :controller => 'cms') %>
  
-  <%= control_panel_button(_('Manage Roles'), 'roles', :controller => 'profile_roles') %>
+  <%= control_panel_button(_('Manage Roles'), 'roles', :controller => 'profile_roles') if profile.organization? %>
  
   <% unless profile.enterprise? %>
     <%= case profile.blogs.count
@@ -2,7 +2,7 @@
  
 <div class="search-article-author-changes">
   <% if article.last_changed_by and article.last_changed_by != article.profile %>
-    <span><%= _('by %{name} at %{date}') % {:name => link_to(article.last_changed_by.name, article.last_changed_by.url),
+    <span><%= _('Updated by %{name} at %{date}') % {:name => link_to(article.last_changed_by.name, article.last_changed_by.url),
       :date => show_date(article.updated_at) } %></span>
   <% else %>
     <span><%= _('Last update: %s.') % show_date(article.updated_at) %></span>
 <%= i.file_field( :uploaded_data, { :onchange => 'updateImg(this.value)' } ) %>
 <%= labelled_form_field(_("Image Label:"), i.text_field(:label)) %>
-<%= button_to_function(:cancel,_('Cancel'),"jQuery('#change-image-link').show(); jQuery('#change-image').html('')", :id => 'cancel-change-image-link', :style => 'display: none')%>
+<%= button_to_function(:cancel,_('Cancel'),"jQuery('#change-image-link').show(); jQuery('#change-image').hide()", :id => 'cancel-change-image-link', :style => 'display: none')%>
-  <%= image_tag(image.public_filename(:thumb)) %>
+<%= image_tag(image.public_filename(:thumb)) %>
  
-  <br/>
+<br/>
  
-  <%= button_to_function(:photos, _('Change image'), 'display_change_image()', :id => 'change-image-link' ) %>
+<%= button_to_function(:photos, _('Change image'), 'display_change_image()', :id => 'change-image-link' ) %>
  
-  <script>
-    function display_change_image() {
-      var content = "<%= j(render :partial => 'shared/change_image', :locals => { :i => i, :image => image }) %>";
-      jQuery('#change-image').html(content);
-      jQuery('#change-image-link').hide();
-      jQuery('#cancel-change-image-link').show();
-    }
-  </script>
+<script>
+  function display_change_image() {
+    jQuery('#change-image').show();
+    jQuery('#change-image-link').hide();
+    jQuery('#cancel-change-image-link').show();
+  }
+</script>
  
-  <div id='change-image'> </div> <br/>
+<br/>
+<div id='change-image' style='display:none'>
+  <%= render :partial => 'shared/change_image', :locals => { :i => i, :image => image } %>
+</div>
+<br/>
+
+<% if image.present? && removable %>
+  <div id='image-builder-remove-checkbox'>
+    <%= labelled_form_field(_('Remove image'), i.check_box(:remove_image, {}, true, false))%>
+  </div>
+<% end %>
-    <%= javascript_include_tag 'strophejs-1.1.3/strophe.min', 'jquery.emoticon', '../designs/icons/pidgin/emoticons.js', 'ba-linkify', 'jquery.ba-hashchange', 'jquery.sound', 'chat', 'perfect-scrollbar.min.js', 'perfect-scrollbar.with-mousewheel.min.js', 'jquery.timeago.js', :cache => 'cache/chat' %>
-    <%= stylesheet_link_tag 'perfect-scrollbar.min.css' %>
+    <%= javascript_include_tag 'strophejs-1.1.3/strophe.min', 'jquery.emoticon', '../designs/icons/pidgin/emoticons.js', 'ba-linkify', 'jquery.ba-hashchange', 'jquery.sound', 'chat', 'vendor/perfect-scrollbar.min.js', 'vendor/perfect-scrollbar.with-mousewheel.min.js', 'jquery.timeago.js', :cache => 'cache/chat' %>
+    <%= stylesheet_link_tag 'vendor/perfect-scrollbar.min.css' %>
  
     <% extend ChatHelper %>
  
@@ -11,11 +11,13 @@
   </colgroup>
   <tr>
     <th><%= _('Member') %></th>
+    <th><%= _('Email') %></th>
     <th><%= _('Actions') %></th>
   </tr>
   <% @collection.each do |p| %>
     <tr title="<%= p.name %>">
       <td><%= link_to_profile p.short_name, p.identifier, :title => p.name %> </td>
+      <td><%= link_to_profile p.email, p.identifier, :title => p.email %> </td>
       <td class='actions'>
         <div class="members-buttons-cell">
           <% if p.is_admin? %>
@@ -2,10 +2,6 @@
  
 require ::File.expand_path('../config/environment',  __FILE__)
  
-#use Rails::Rack::LogTailer
-#use Rails::Rack::Static
-#run ActionController::Dispatcher.new
-
 use Rack::Cors do
   allow do
     origins '*'
@@ -14,7 +10,13 @@ use Rack::Cors do
 end
  
 rails_app = Rack::Builder.new do
-  run Noosfero::Application
+  if ENV['RAILS_RELATIVE_URL_ROOT']
+    map ENV['RAILS_RELATIVE_URL_ROOT'] do
+      run Noosfero::Application
+    end
+  else
+    run Noosfero::Application
+  end
 end
  
 run Rack::Cascade.new([
@@ -0,0 +1,16 @@
+# Noosfero development environment
+#
+# VERSION 0.0.1
+
+FROM debian:wheezy
+MAINTAINER Noosfero Development Team <noosfero-dev@listas.softwarelivre.org>
+
+LABEL Description="This dockerfile builds a noosfero development environment."
+WORKDIR /src/noosfero
+
+RUN apt-get update && apt-get install -y sudo git
+RUN git clone --depth 1 https://gitlab.com/noosfero/noosfero.git .
+
+RUN sh script/quick-start --skip-translations
+
+EXPOSE 3000
@@ -28,11 +28,10 @@ Noosfero::Application.configure do
   # with SQLite, MySQL, and PostgreSQL)
   config.active_record.auto_explain_threshold_in_seconds = 0.5
  
-  # Do not compress assets
   config.assets.compress = false
-
-  # Expands the lines which load the assets
-  config.assets.debug = true
+  config.assets.digest = false
+  # we have a lot of assets
+  config.assets.debug = false
  
   config.consider_all_requests_local = true
  
@@ -44,7 +44,7 @@ Noosfero::Application.configure do
   # config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new)
  
   # Use a different cache store in production
-  config.cache_store = :dalli_store, "localhost"
+  config.cache_store = :dalli_store, "127.0.0.1:11211"
  
   # Enable serving of images, stylesheets, and javascripts from an asset server
   # config.action_controller.asset_host                  = "http://assets.example.com"
@@ -1 +0,0 @@
-#Rails.application.eager_load! if ActiveRecord::Base.connection.table_exists? 'categories'
 require File.join(Rails.root,'app/models/session')
  
 ActionDispatch::Reloader.to_prepare do
+  require_relative '../../app/models/session'
   ActiveRecord::SessionStore.session_class = Session
 end
  
@@ -28,3 +28,15 @@ end
 every 30.days do
   runner "ProfileSuggestion.generate_all_profile_suggestions"
 end
+
+# Loads "schedule.rb" files from plugins
+#
+# Allows Noosfero's plugins schedule jobs using `whenever` Ruby gem the same
+# way we do here, just create the file "config/schedule.rb" into the plugin
+# root directory and write jobs using the same syntax used here (see example in
+# the `newsletter` plugin)
+
+Dir.glob("config/plugins/*/config/schedule.rb").each do |filename|
+  filecontent = IO.read(filename)
+  instance_eval(Whenever::NumericSeconds.process_string(filecontent), filename)
+end
@@ -1,13 +0,0 @@
----
-pid: tmp/pids/thin.pid
-address: 127.0.0.1
-user: noosfero
-timeout: 30
-port: 50000
-log: log/thin.log
-max_conns: 1024
-servers: 1
-max_persistent_conns: 512
-environment: production
-daemonize: true
-chdir: /usr/share/noosfero
@@ -0,0 +1,5 @@
+listen "127.0.0.1:3000"
+
+worker_processes 1
+
+# vim: ft=ruby
@@ -0,0 +1,9 @@
+class AddArchivedToArticles < ActiveRecord::Migration
+  def up
+    add_column :articles, :archived, :boolean, :default => false
+  end
+
+  def down
+    remove_column :articles, :archived
+  end
+end
@@ -11,7 +11,7 @@
 #
 # It's strongly recommended to check this file into your version control system.
  
-ActiveRecord::Schema.define(:version => 20150812133432) do
+ActiveRecord::Schema.define(:version => 20150918005035) do
  
   create_table "abuse_reports", :force => true do |t|
     t.integer  "reporter_id"
@@ -110,6 +110,7 @@ ActiveRecord::Schema.define(:version =&gt; 20150812133432) do
     t.integer  "spam_comments_count",  :default => 0
     t.integer  "author_id"
     t.integer  "created_by_id"
+    t.integer  "followers_count"
   end
  
   add_index "article_versions", ["article_id"], :name => "index_article_versions_on_article_id"
@@ -165,6 +166,7 @@ ActiveRecord::Schema.define(:version =&gt; 20150812133432) do
     t.boolean  "show_to_followers",    :default => true
     t.integer  "sash_id"
     t.integer  "level",                :default => 0
+    t.integer  "followers_count",      :default => 0
   end
  
   add_index "articles", ["comments_count"], :name => "index_articles_on_comments_count"
@@ -422,6 +424,7 @@ ActiveRecord::Schema.define(:version =&gt; 20150812133432) do
     t.string   "owner_type"
     t.datetime "created_at",    :null => false
     t.datetime "updated_at",    :null => false
+    t.string   "title"
   end
  
   create_table "images", :force => true do |t|
@@ -694,6 +697,20 @@ ActiveRecord::Schema.define(:version =&gt; 20150812133432) do
   add_index "proposals_discussion_plugin_proposal_evaluations", ["evaluator_id"], :name => "index_proposals_discussion_plugin_proposal_evaluator_id"
   add_index "proposals_discussion_plugin_proposal_evaluations", ["proposal_task_id"], :name => "index_proposals_discussion_plugin_proposal_task_id"
  
+  create_table "proposals_discussion_plugin_ranking_items", :force => true do |t|
+    t.integer  "position"
+    t.string   "abstract"
+    t.integer  "votes_for"
+    t.integer  "votes_against"
+    t.integer  "hits"
+    t.decimal  "effective_support"
+    t.integer  "proposal_id"
+    t.datetime "created_at",        :null => false
+    t.datetime "updated_at",        :null => false
+  end
+
+  add_index "proposals_discussion_plugin_ranking_items", ["proposal_id"], :name => "index_proposals_discussion_plugin_ranking_proposal_id"
+
   create_table "proposals_discussion_plugin_task_categories", :id => false, :force => true do |t|
     t.integer "task_id"
     t.integer "category_id"
@@ -1,8 +0,0 @@
-<Proxy balancer://noosfero>
-  Include /etc/noosfero/apache/cluster.conf
-  Order Allow,Deny
-  Allow from All
-</Proxy>
-
-# vim: ft=apache
-
@@ -15,7 +15,11 @@ RewriteRule ^/$ /index.html [QSA]
 RewriteRule ^([^.]+)$ $1.html [QSA]
  
 RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
-RewriteRule ^.*$ balancer://noosfero%{REQUEST_URI} [P,QSA,L]
+RewriteRule ^.*$ http://127.0.0.1:50000%{REQUEST_URI} [P,QSA,L]
+<Proxy http://127.0.0.1:50000>
+  Order Allow,Deny
+  Allow from All
+</Proxy>
  
 ErrorDocument 503 /503.html
  
+noosfero (1.3) wheezy-test; urgency=low
+
+  * Noosfero 1.3 final release
+
+ -- Antonio Terceiro <terceiro@colivre.coop.br>  Fri, 06 Nov 2015 09:19:34 -0300
+
+noosfero (1.3~rc3) wheezy-test; urgency=low
+
+  * Noosfero 1.3 RC3
+
+ -- Antonio Terceiro <terceiro@colivre.coop.br>  Wed, 04 Nov 2015 12:44:22 -0300
+
+noosfero (1.3~rc2) wheezy-test; urgency=low
+
+  * Noosfero 1.3 RC2
+
+ -- Antonio Terceiro <terceiro@softwarelivre.org>  Fri, 30 Oct 2015 15:57:14 -0300
+
+noosfero (1.3~rc1) wheezy-test; urgency=medium
+
+  * Noosfero 1.3 RC1
+
+ -- Antonio Terceiro <terceiro@colivre.coop.br>  Fri, 09 Oct 2015 10:24:13 -0300
+
 noosfero (1.2) wheezy; urgency=low
  
   * Noosfero 1.2
@@ -49,12 +49,17 @@ Depends: adduser,
          ruby-feedparser,
          ruby-feedparser (>= 0.7-3~),
          ruby-gettext,
+         ruby-grape,
+         ruby-grape-entity,
+         ruby-grape-logging,
          ruby-memcache-client,
          ruby-minitest,
          ruby-nokogiri,
          ruby-pg,
          ruby-progressbar,
          ruby-rack (>= 1.4.5-2~),
+         ruby-rack-contrib,
+         ruby-rack-cors,
          ruby-rails-autolink,
          ruby-redcloth,
          ruby-rest-client,
@@ -65,7 +70,7 @@ Depends: adduser,
          ruby-whenever,
          ruby-will-paginate (>= 2.3.12-1~),
          tango-icon-theme,
-         thin,
+         unicorn (>= 4.8),
          ${misc:Depends}
 Recommends: postgresql, postgresql-client
 Description: free web-based platform for social networks
-debian/apache2/conf.d/noosfero-cluster.conf     etc/apache2/conf.d
 debian/apache2/virtualhost.conf                 etc/noosfero/apache
 debian/update-noosfero-apache                   usr/sbin
@@ -19,7 +19,7 @@ debian/noosfero-check-dbconfig    usr/sbin
 debian/noosfero-console           usr/sbin
 debian/noosfero-runner            usr/sbin
 debian/noosfero.yml               etc/noosfero
-debian/thin.yml                   etc/noosfero
+debian/unicorn.rb                 etc/noosfero
 doc                               usr/share/noosfero
 doc/noosfero                      usr/share/noosfero/doc
 etc/init.d/noosfero               etc/init.d
 var/tmp/noosfero                                    usr/share/noosfero/tmp
 var/log/noosfero                                    usr/share/noosfero/log
 etc/noosfero/database.yml                           usr/share/noosfero/config/database.yml
-etc/noosfero/thin.yml                               usr/share/noosfero/config/thin.yml
+etc/noosfero/unicorn.rb                             usr/share/noosfero/config/unicorn.rb
 etc/noosfero/plugins                                usr/share/noosfero/config/plugins
 etc/noosfero/noosfero.yml                           usr/share/noosfero/config/noosfero.yml
 etc/noosfero/local.rb                               usr/share/noosfero/config/local.rb
@@ -10,23 +10,23 @@ makedir() {
 }
  
  
-# migrate mongrel configuration to thin
-mongrel_config=/etc/noosfero/mongrel_cluster.yml
+# migrate thin configuration to unicorn
+unicorn_config=/etc/noosfero/unicorn.rb
 thin_config=/etc/noosfero/thin.yml
-mongrel_orig_sha1=602c642c03f79349969c08330112a6f29d4c32aa
-if [ -r $mongrel_config ]; then
-  mongrel_sha1=$(sha1sum $mongrel_config | awk '{print $1}')
-  if [ "$mongrel_sha1" != "$mongrel_orig_sha1" ]; then
-    port=$(awk '{ if ($1 == "port:") { print($2) } }' $mongrel_config)
-    servers=$(awk '{ if ($1 == "servers:") { print($2) } }' $mongrel_config)
+thin_orig_sha1=47cee6728a7896a13f4d66544086ab88b02e89a7
+if [ -r $thin_config ]; then
+  thin_sha1=$(sha1sum $thin_config | awk '{print $1}')
+  if [ "$thin_sha1" != "$thin_orig_sha1" ]; then
+    port=$(awk '{ if ($1 == "port:") { print($2) } }' $thin_config)
+    servers=$(awk '{ if ($1 == "servers:") { print($2) } }' $thin_config)
     if test -n "$port"  && test "$port" -ne 50000  || test -n "$servers" && test "$servers" -ne 1 ; then
-      # mongrel configuration was changed; update thin configuration
+      # thin configuration was changed; update unicorn configuration
       # accordingly
-      sed -i -e "s/port: .*/port: $port/" $thin_config
-      sed -i -e "s/servers: .*/servers: $servers/" $thin_config
+      sed -i -e "s/listen.*/listen '127.0.0.1:$port'/" $unicorn_config
+      sed -i -e "s/worker_processes.*/worker_processes $servers/" $unicorn_config
     fi
   fi
-  mv $mongrel_config $mongrel_config.bak
+  mv $thin_config $thin_config.bak
 fi
  
 # create user noosfero in a portable way, while creating the log directory.
@@ -1,13 +0,0 @@
---- 
-pid: tmp/pids/thin.pid
-address: 127.0.0.1
-user: noosfero
-timeout: 0
-port: 50000
-log: log/thin.log
-max_conns: 1024
-servers: 1
-max_persistent_conns: 512
-environment: production
-daemonize: true
-chdir: /usr/share/noosfero
@@ -0,0 +1,3 @@
+listen "127.0.0.1:50000"
+
+worker_processes `nproc`.to_i
@@ -2,20 +2,9 @@
  
 set -e
  
-# automatically update configuration, but if package noosfero is also installed
+# automatically update configuration, but only if package noosfero is also
+# installed
 if test -x /usr/share/noosfero/script/apacheconf; then
-  datadir="/etc/noosfero/apache"
-  mongrel_file="$datadir/mongrel.conf"
-  cluster_file="$datadir/cluster.conf"
-  if test -e "$cluster_file"; then
-    echo "Overwriting $cluster_file ..."
-  fi
-  /usr/share/noosfero/script/apacheconf thin > "$cluster_file"
-  if test -e "$mongrel_file"; then
-    echo "Moving existing $mongrel_file away ..."
-    mv "$mongrel_file" "$mongrel_file".bak
-    (cd $datadir && ln -sf cluster.conf mongrel.conf)
-  fi
  
   apache_site='/etc/apache2/sites-available/noosfero'
   if ! test -e "$apache_site"; then
@@ -1,32 +0,0 @@
-./script/noosfero-plugins disableall
-./script/noosfero-plugins enable breadcrumbs
-./script/noosfero-plugins enable comment_paragraph
-./script/noosfero-plugins enable container_block
-./script/noosfero-plugins enable dspace
-./script/noosfero-plugins enable oauth_client
-./script/noosfero-plugins enable piwik
-./script/noosfero-plugins enable relevant_content
-./script/noosfero-plugins enable sub_organizations
-./script/noosfero-plugins enable ckeditor_content
-./script/noosfero-plugins enable community_block
-./script/noosfero-plugins enable context_content
-./script/noosfero-plugins enable email_article
-./script/noosfero-plugins enable oauth_provider
-./script/noosfero-plugins enable proposals_discussion
-./script/noosfero-plugins enable require_auth_to_comment
-./script/noosfero-plugins enable video
-./script/noosfero-plugins enable comment_classification
-./script/noosfero-plugins enable community_hub
-./script/noosfero-plugins enable custom_forms
-./script/noosfero-plugins enable import_data
-./script/noosfero-plugins enable pairwise
-./script/noosfero-plugins enable site_tour
-./script/noosfero-plugins enable vote
-./script/noosfero-plugins enable comment_group
-./script/noosfero-plugins enable community_track
-./script/noosfero-plugins enable display_content
-./script/noosfero-plugins enable mark_comment_as_read
-./script/noosfero-plugins enable pg_search
-./script/noosfero-plugins enable recent_content
-./script/noosfero-plugins enable statistics
-./script/noosfero-plugins enable work_assignment
1	1	before_script:
2		- - mkdir -p tmp/pids log
	2	+ - mkdir -p tmp/{pids,cache} log
3	3	- bundle check \|\| bundle install
4	4	# workaround for plugins with Gemfile
5	5	- perl -pi -e 's/--local //' script/noosfero-plugins
...	...
1	1	[submodule "plugins/pairwise"]
2	2	path = plugins/pairwise
3		- url = https://gitlab.com/noosfero-plugins/pairwise.git
	3	+ url = https://softwarepublico.gov.br/gitlab/noosfero-plugins/pairwise.git
4	4	[submodule "plugins/proposals_discussion"]
5	5	path = plugins/proposals_discussion
6		- url = https://gitlab.com/noosfero-plugins/proposals_discussion.git
	6	+ url = https://softwarepublico.gov.br/gitlab/noosfero-plugins/proposals_discussion.git
7	7	[submodule "plugins/gamification"]
8	8	path = plugins/gamification
9		- url = https://gitlab.com/noosfero-plugins/gamification.git
10		-[submodule "plugins/comment_paragraph"]
11		- path = plugins/comment_paragraph
12		- url = https://gitlab.com/noosfero-plugins/comment-paragraph.git
	9	+ url = https://softwarepublico.gov.br/gitlab/noosfero-plugins/gamification.git
13	10	[submodule "plugins/notification"]
14	11	path = plugins/notification
15		- url = https://gitlab.com/noosfero-plugins/notification.git
	12	+ url = https://softwarepublico.gov.br/gitlab/noosfero-plugins/notification.git
16	13	[submodule "plugins/email_article"]
17	14	path = plugins/email_article
18		- url = https://gitlab.com/noosfero-plugins/email_article.git
	15	+ url = https://softwarepublico.gov.br/gitlab/noosfero-plugins/email_article.git
19	16	[submodule "public/proposal-app"]
20	17	path = public/proposal-app
21	18	url = https://gitlab.com/participa/proposal-app.git
22	19	[submodule "plugins/gravatar_provider"]
23	20	path = plugins/gravatar_provider
24		- url = https://gitlab.com/noosfero-plugins/gravatar-provider.git
	21	+ url = https://softwarepublico.gov.br/gitlab/noosfero-plugins/gravatar-provider.git
25	22	[submodule "plugins/juventude"]
26	23	path = plugins/juventude
27		- url = https://gitlab.com/noosfero-plugins/juventude.git
	24	+ url = https://softwarepublico.gov.br/gitlab/noosfero-plugins/juventude.git
28	25	[submodule "plugins/dialoga"]
29	26	path = plugins/dialoga
30		- url = https://gitlab.com/participa/dialoga-plugin.git
	27	+ url = https://softwarepublico.gov.br/gitlab/noosfero-plugins/dialoga-plugin.git
31	28	[submodule "rest-clients/confjuvapp"]
32	29	path = rest-clients/confjuvapp
33		- url = https://gitlab.com/participa/confjuvapp.git
	30	+ url = https://softwarepublico.gov.br/gitlab/noosfero-apps/confjuvapp.git
34	31	[submodule "rest-clients/proposal-app"]
35	32	path = rest-clients/proposal-app
36		- url = https://gitlab.com/participa/proposal-app.git
	33	+ url = https://softwarepublico.gov.br/gitlab/noosfero-apps/proposal-app.git
	34	+[submodule "plugins/serpro_captcha"]
	35	+ path = plugins/serpro_captcha
	36	+ url = https://softwarepublico.gov.br/gitlab/noosfero-plugins/serpro_captcha.git
...	...
	1	+notifications:
	2	+ irc:
	3	+ channels:
	4	+ - "chat.freenode.net#noosfero"
	5	+ - "chat.freenode.net#noosfero-br"
	6	+ template:
	7	+ - "%{repository_slug} %{branch} %{commit} %{commit_subject} - %{result} %{build_url}"
	8	+
1	9	language: ruby
2	10	rvm:
3	11	# for 2.2 support we need to upgrade the pg gem
...	...	@@ -28,10 +36,7 @@ before_install:
28	36	cache: bundler
29	37
30	38	before_script:
31		- - mkdir -p tmp/pids log
32		-# workaround for plugins with Gemfile
33		- - perl -pi -e 's/cat .+ > \$gemfile/echo "source \\"https:\/\/rubygems.org\\"" > \$gemfile && cat \$source\/Gemfile >> \$gemfile/' script/noosfero-plugins
34		- - perl -pi -e 's/--local --quiet/install --jobs=3 --retry=3/' script/noosfero-plugins
	39	+ - mkdir -p tmp/{pids,cache} log
35	40	- script/noosfero-plugins disableall
36	41	- bundle exec rake makemo &>/dev/null
37	42	# database
...	...	@@ -46,7 +51,7 @@ env:
46	51	- TASK=test:integration
47	52	- TASK=cucumber
48	53	- TASK=selenium
49		- - TASK=test:noosfero_plugins
	54	+ - TASK=test:noosfero_plugins BUNDLE_OPTS=install
50	55
51	56	script:
52	57	- bundle exec rake $TASK
...	...
...	...	@@ -11,6 +11,7 @@ Developers
11	11	Ábner Silva de Oliveira <abner.oliveira@serpro.gov.br>
12	12	Alan Freihof Tygel <alantygel@gmail.com>
13	13	Alessandro Palmeira <alessandro.palmeira@gmail.com>
	14	+Alexandre Torres <alexandrekry@gmail.com>
14	15	Alex Campelo <campelo.al1@gmail.com>
15	16	Álvaro Fernando <alvarofernandoms@gmail.com>
16	17	Ana Losnak <analosnak@gmail.com>
...	...	@@ -63,6 +64,7 @@ Isaac Canan <isaac@intelletto.com.br>
63	64	Italo Valcy <italo@dcc.ufba.br>
64	65	Jefferson Fernandes <jeffs.fernandes@gmail.com>
65	66	Jérôme Jutteau <j.jutteau@gmail.com>
	67	+Jéssica Cristina <jessica.cris1127@gmail.com>
66	68	João Machini
67	69	João M. M. da Silva <jaodsilv@linux.ime.usp.br>
68	70	Joenio Costa <joenio@colivre.coop.br>
...	...	@@ -82,23 +84,27 @@ Luciano Prestes Cavalcanti <lucianopcbr@gmail.com>
82	84	Luis David Aguilar Carlos <ludwig9003@gmail.com>
83	85	Luiz Fernando de Freitas Matos <luiz@luizff.matos@gmail.com>
84	86	Luiz Matos <luizff.matos@gmail.com>
	87	+Marcelo Júnior <maljunior@gmail.com>
85	88	Marcos Ramos <ms.ramos@outlook.com>
86	89	Marcos Ronaldo <marcos.rpj2@gmail.com>
87	90	Mariel Zasso <noosfero-br@listas.softwarelivre.org>
88	91	Martín Olivera <molivera@solar.org.ar>
89	92	Matheus Faria <matheus.sousa.faria@gmail.com>
90	93	Maurilio Atila <cabelotaina@gmail.com>
	94	+Melissa Wen <melissa@colivre.coop.br>
91	95	M for Momo <mo@rtnp.org>
92	96	Michal Čihař <michal@cihar.com>
93		-Michel Felipe <mfelipeof@gmail.com>
	97	+Michel Felipe de Oliveira Ferreira <michel.ferreira@serpro.gov.br>
94	98	Moises Machado <moises@colivre.coop.br>
95	99	Naíla Alves <naila@colivre.coop.br>
96	100	Nanda Lopes <nanda.listas+psl@gmail.com>
97	101	Niemand Jedermann <predatorix@web.de>
	102	+Omar Junior <omarroinuj@gmail.com>
98	103	Parley Martins <parleypachecomartins@gmail.com>
99	104	Paulo Meirelles <paulo@softwarelivre.org>
100	105	Pedro de Lyra <pedrodelyra@gmail.com>
101	106	Pedro Leal
	107	+Phillip Rohmberger <rohmberger@hotmail.de>
102	108	Rafael de Souza Queiroz <querafael@live.com>
103	109	Rafael Gomes <rafaelgomes@techfree.com.br>
104	110	Rafael Martins <rmmartins@gmail.com>
...	...	@@ -110,8 +116,10 @@ Renan Costa <renan2727@hotmail.com>
110	116	Renan Teruo <renanteruoc@gmail.com>
111	117	Rodrigo Medeiros <rodrigo.mss01@gmail.com>
112	118	Rodrigo Souto <rodrigo@colivre.coop.br>
	119	+Ronnie Simon <ronniesimonf@gmail.com>
113	120	Ronny Kursawe <kursawe.ronny@googlemail.com>
114	121	Samuel R. C. Vale <srcvale@holoscopio.com>
	122	+Simião Carvalho <simiaosimis@gmail.com>
115	123	Tallys Martins <tallysmartins@yahoo.com.br>
116	124	Thiago Casotti <thiago.casotti@uol.com.br>
117	125	Thiago Kairala <thiagor.kairala@gmail.com>
...	...	@@ -122,7 +130,9 @@ TWS <tablettws@gmail.com>
122	130	Valessio Brito <contato@valessiobrito.com.br>
123	131	Victor Costa <vfcosta@gmail.com>
124	132	Victor Hugo Alves de Carvalho <victorhugodf.ac@gmail.com>
	133	+Victor Navarro <victor.matias.navarro@gmail.com>
125	134	Vinicius Cubas Brand <viniciuscb@gmail.com>
	135	+Vitor Barbosa <vitornga15@gmail.com>
126	136	Wilton Rodrigues <braynwilton@gmail.com>
127	137	Yann Lugrin <yann.lugrin@liquid-concept.ch>
128	138
...	...
...	...	@@ -10,8 +10,10 @@ gem 'RedCloth', '~> 4.2.9'
10	10	gem 'will_paginate', '~> 3.0.3'
11	11	gem 'ruby-feedparser', '~> 0.7'
12	12	gem 'daemons', '~> 1.1.5'
13		-gem 'thin', '~> 1.3.1'
	13	+#gem 'thin', '~> 1.3.1'
14	14	gem 'nokogiri', '~> 1.6.0'
	15	+gem 'unicorn', '~> 4.8'
	16	+#gem 'nokogiri', '~> 1.5.5'
15	17	gem 'rake', :require => false
16	18	gem 'rest-client', '~> 1.6.7'
17	19	gem 'exception_notification', '~> 4.0.1'
...	...	@@ -30,6 +32,7 @@ gem 'kramdown'
30	32	#FIXME Get the Grape Loggin from master yo solve this issue https://github.com/intridea/grape/issues/1059
31	33	#We have to remove this commit referenve code when update the next release of grape_logging. Actualy we are using (1.1.2)
32	34	gem 'grape_logging', :git => 'https://github.com/aceunreal/grape_logging.git', :ref => 'f1755ae'
	35	+#gem 'grape_logging'
33	36	gem 'rack-cors'
34	37	gem 'rack-contrib'
35	38	gem 'liquid', '~> 3.0.3'
...	...	@@ -47,6 +50,7 @@ gem 'api-pagination', '~> 4.1.1'
47	50	# asset pipeline
48	51	gem 'uglifier', '>= 1.0.3'
49	52	gem 'sass-rails'
	53	+gem 'sass', '~> 3.1.19'
50	54
51	55	group :production do
52	56	gem 'dalli', '~> 2.7.0'
...	...	@@ -63,7 +67,7 @@ group :cucumber do
63	67	gem 'capybara', '~> 2.1.0'
64	68	gem 'cucumber', '~> 1.0.6'
65	69	gem 'database_cleaner', '~> 1.2.0'
66		- gem 'selenium-webdriver', '~> 2.39.0'
	70	+ gem 'selenium-webdriver', '~> 2.47.0'
67	71	end
68	72
69	73	# Requires custom dependencies
...	...
...	...	@@ -73,16 +73,15 @@ GEM
73	73	descendants_tracker (0.0.4)
74	74	thread_safe (~> 0.3, >= 0.3.1)
75	75	diff-lcs (1.2.5)
76		- eita-jrails (0.9.5)
77		- actionpack (~> 3.2, >= 3.1.0)
78		- activesupport (~> 3.2, >= 3.0.0)
	76	+ eita-jrails (0.9.8)
	77	+ actionpack (>= 3.1.0)
	78	+ activesupport (>= 3.0.0)
79	79	equalizer (0.0.11)
80	80	erubis (2.7.0)
81		- eventmachine (1.0.7)
82	81	exception_notification (4.0.1)
83	82	actionmailer (>= 3.0.4)
84	83	activesupport (>= 3.0.4)
85		- execjs (2.5.2)
	84	+ execjs (2.6.0)
86	85	fast_gettext (0.6.12)
87	86	ffi (1.9.10)
88	87	gettext (2.2.1)
...	...	@@ -90,7 +89,7 @@ GEM
90	89	gherkin (2.4.21)
91	90	json (>= 1.4.6)
92	91	git-version-bump (0.15.1)
93		- grape (0.12.0)
	92	+ grape (0.13.0)
94	93	activesupport
95	94	builder
96	95	hashie (>= 2.1.0)
...	...	@@ -100,19 +99,20 @@ GEM
100	99	rack-accept
101	100	rack-mount
102	101	virtus (>= 1.0.0)
103		- grape-entity (0.4.5)
	102	+ grape-entity (0.4.8)
104	103	activesupport
105	104	multi_json (>= 1.3.2)
106	105	grape-swagger (0.10.2)
107	106	grape (>= 0.8.0)
108	107	grape-entity
109		- hashie (2.1.2)
	108	+ hashie (3.4.2)
110	109	hike (1.2.3)
111	110	i18n (0.7.0)
112	111	ice_nine (0.11.1)
113	112	journey (1.0.4)
114	113	json (1.8.3)
115		- kramdown (1.8.0)
	114	+ kgio (2.10.0)
	115	+ kramdown (1.9.0)
116	116	libv8 (3.16.14.11)
117	117	liquid (3.0.6)
118	118	locale (2.0.9)
...	...	@@ -136,9 +136,9 @@ GEM
136	136	rack (1.4.7)
137	137	rack-accept (0.4.5)
138	138	rack (>= 0.4)
139		- rack-cache (1.2)
	139	+ rack-cache (1.5.0)
140	140	rack (>= 0.4)
141		- rack-contrib (1.3.0)
	141	+ rack-contrib (1.4.0)
142	142	git-version-bump (~> 0.15)
143	143	rack (~> 1.4)
144	144	rack-cors (0.4.0)
...	...	@@ -165,6 +165,7 @@ GEM
165	165	rake (>= 0.8.7)
166	166	rdoc (~> 3.4)
167	167	thor (>= 0.14.6, < 2.0)
	168	+ raindrops (0.15.0)
168	169	rake (10.4.2)
169	170	rdoc (3.12.2)
170	171	json (~> 1.4)
...	...	@@ -191,16 +192,16 @@ GEM
191	192	ruby-feedparser (0.9.3)
192	193	magic
193	194	rubyzip (1.1.7)
194		- sass (3.4.15)
	195	+ sass (3.1.21)
195	196	sass-rails (3.2.6)
196	197	railties (~> 3.2.0)
197	198	sass (>= 3.1.10)
198	199	tilt (~> 1.3)
199		- selenium-webdriver (2.39.0)
200		- childprocess (>= 0.2.5)
	200	+ selenium-webdriver (2.47.1)
	201	+ childprocess (~> 0.5)
201	202	multi_json (~> 1.0)
202	203	rubyzip (~> 1.0)
203		- websocket (~> 1.0.4)
	204	+ websocket (~> 1.0)
204	205	sprockets (2.2.3)
205	206	hike (~> 1.2)
206	207	multi_json (~> 1.0)
...	...	@@ -212,27 +213,27 @@ GEM
212	213	therubyracer (0.12.2)
213	214	libv8 (~> 3.16.14.0)
214	215	ref
215		- thin (1.3.1)
216		- daemons (>= 1.0.9)
217		- eventmachine (>= 0.12.6)
218		- rack (>= 1.0.0)
219	216	thor (0.19.1)
220	217	thread_safe (0.3.5)
221	218	tilt (1.4.1)
222		- tins (1.5.4)
	219	+ tins (1.6.0)
223	220	treetop (1.4.15)
224	221	polyglot
225	222	polyglot (>= 0.3.1)
226		- tzinfo (0.3.44)
227		- uglifier (2.7.1)
	223	+ tzinfo (0.3.45)
	224	+ uglifier (2.7.2)
228	225	execjs (>= 0.3.0)
229	226	json (>= 1.8.0)
	227	+ unicorn (4.9.0)
	228	+ kgio (~> 2.6)
	229	+ rack
	230	+ raindrops (~> 0.7)
230	231	virtus (1.0.5)
231	232	axiom-types (~> 0.1)
232	233	coercible (~> 1.0)
233	234	descendants_tracker (~> 0.0, >= 0.0.3)
234	235	equalizer (~> 0.0, >= 0.0.9)
235		- websocket (1.0.7)
	236	+ websocket (1.2.2)
236	237	whenever (0.9.4)
237	238	chronic (>= 0.6.3)
238	239	will_paginate (3.0.7)
...	...	@@ -279,11 +280,12 @@ DEPENDENCIES
279	280	rspec-rails (~> 2.14.1)
280	281	ruby-feedparser (~> 0.7)
281	282	rubyzip
	283	+ sass (~> 3.1.19)
282	284	sass-rails
283		- selenium-webdriver (~> 2.39.0)
	285	+ selenium-webdriver (~> 2.47.0)
284	286	swagger-ui_rails
285	287	therubyracer
286		- thin (~> 1.3.1)
287	288	uglifier (>= 1.0.3)
	289	+ unicorn (~> 4.8)
288	290	whenever
289	291	will_paginate (~> 3.0.3)
...	...
...	...	@@ -9,7 +9,7 @@ class ApplicationController < ActionController::Base
9	9	before_filter :allow_cross_domain_access
10	10
11	11	before_filter :login_from_cookie
12		- before_filter :login_required, :if => :private_environment?
	12	+ before_filter :require_login_for_environment, :if => :private_environment?
13	13
14	14	before_filter :verify_members_whitelist, :if => [:private_environment?, :user]
15	15	before_filter :log_user
...	...	@@ -19,6 +19,10 @@ class ApplicationController < ActionController::Base
19	19	end
20	20	before_filter :redirect_to_current_user
21	21
	22	+ def require_login_for_environment
	23	+ login_required
	24	+ end
	25	+
22	26	def verify_members_whitelist
23	27	render_access_denied unless user.is_admin? \|\| environment.in_whitelist?(user)
24	28	end
...	...
...	...	@@ -27,7 +27,7 @@ class CmsController < MyProfileController
27	27
28	28	helper_method :file_types
29	29
30		- protect_if :except => [:suggest_an_article, :set_home_page, :edit, :destroy, :publish, :upload_files, :new] do \|c, user, profile\|
	30	+ protect_if :except => [:suggest_an_article, :set_home_page, :edit, :destroy, :publish, :publish_on_portal_community, :publish_on_communities, :search_communities_to_publish, :upload_files, :new] do \|c, user, profile\|
31	31	user && (user.has_permission?('post_content', profile) \|\| user.has_permission?('publish_content', profile))
32	32	end
33	33
...	...	@@ -93,7 +93,6 @@ class CmsController < MyProfileController
93	93	refuse_blocks
94	94	record_coming
95	95	if request.post?
96		- @article.image = nil if params[:remove_image] == 'true'
97	96	if @article.image.present? && params[:article][:image_builder] &&
98	97	params[:article][:image_builder][:label]
99	98	@article.image.label = params[:article][:image_builder][:label]
...	...	@@ -289,7 +288,7 @@ class CmsController < MyProfileController
289	288	task.cancel
290	289	end
291	290	if @failed.blank?
292		- session[:notice] = _("Your publish request was sent successfully")
	291	+ session[:notice] = _("You published this content successfully")
293	292	if @back_to
294	293	redirect_to @back_to
295	294	else
...	...
...	...	@@ -6,10 +6,13 @@ class ProfileEditorController < MyProfileController
6	6	before_filter :access_welcome_page, :only => [:welcome_page]
7	7	before_filter :back_to
8	8	before_filter :forbid_destroy_profile, :only => [:destroy_profile]
	9	+ before_filter :check_user_can_edit_header_footer, :only => [:header_footer]
9	10	helper_method :has_welcome_page
10	11
11	12	def index
12	13	@pending_tasks = Task.to(profile).pending.without_spam.select{\|i\| user.has_permission?(i.permission, profile)}
	14	+ @show_appearance_option = user.is_admin?(environment) \|\| environment.enabled?('enable_appearance')
	15	+ @show_header_footer_option = user.is_admin?(environment) \|\| (!profile.enterprise? && !environment.enabled?('disable_header_and_footer'))
13	16	end
14	17
15	18	helper :profile
...	...	@@ -136,6 +139,13 @@ class ProfileEditorController < MyProfileController
136	139	redirect_to_previous_location
137	140	end
138	141
	142	+ def reset_private_token
	143	+ profile = environment.profiles.find(params[:id])
	144	+ profile.user.generate_private_token!
	145	+
	146	+ redirect_to_previous_location
	147	+ end
	148	+
139	149	protected
140	150
141	151	def redirect_to_previous_location
...	...	@@ -165,4 +175,9 @@ class ProfileEditorController < MyProfileController
165	175	redirect_to_previous_location
166	176	end
167	177	end
	178	+
	179	+ def check_user_can_edit_header_footer
	180	+ user_can_not_edit_header_footer = !user.is_admin?(environment) && environment.enabled?('disable_header_and_footer')
	181	+ redirect_to back_to if user_can_not_edit_header_footer
	182	+ end
168	183	end
...	...
...	...	@@ -2,7 +2,7 @@ class AccountController < ApplicationController
2	2
3	3	no_design_blocks
4	4
5		- before_filter :login_required, :only => [:activation_question, :accept_terms, :activate_enterprise, :change_password]
	5	+ before_filter :login_required, :require_login_for_environment, :only => [:activation_question, :accept_terms, :activate_enterprise, :change_password]
6	6	before_filter :redirect_if_logged_in, :only => [:login, :signup]
7	7	before_filter :protect_from_bots, :only => :signup
8	8
...	...	@@ -104,10 +104,8 @@ class AccountController < ApplicationController
104	104	@block_bot = !!session[:may_be_a_bot]
105	105	@invitation_code = params[:invitation_code]
106	106	begin
107		- @user = User.new(params[:user])
	107	+ @user = User.build(params[:user], params[:profile_data], environment)
108	108	@user.session = session
109		- @user.terms_of_use = environment.terms_of_use
110		- @user.environment = environment
111	109	@terms_of_use = environment.terms_of_use
112	110	@user.person_data = params[:profile_data]
113	111	@user.return_to = session[:return_to]
...	...