Merge branch 'staging' into security-search

Francisco Júnior
2 parents 15a4ca5f 3a392608
Showing 1968 changed files with 192212 additions and 85052 deletions Show diff stats
.gitlab-ci.yml
.gitmodules
.travis.yml
AUTHORS.md
Gemfile
Gemfile.lock
INSTALL.chat.md
INSTALL.https.md
INSTALL.md
Rakefile
app/controllers/admin/admin_panel_controller.rb
app/controllers/admin/environment_design_controller.rb
app/controllers/admin/environment_email_templates_controller.rb
app/controllers/admin/features_controller.rb
app/controllers/admin/organizations_controller.rb
app/controllers/admin/role_controller.rb
app/controllers/application_controller.rb
app/controllers/box_organizer_controller.rb
app/controllers/email_templates_controller.rb
app/controllers/my_profile/cms_controller.rb
@@ -0,0 +1,26 @@
+before_script:
+  - mkdir -p tmp/pids log
+  - bundle check || bundle install
+# workaround for plugins with Gemfile
+  - perl -pi -e 's/--local //' script/noosfero-plugins
+  - script/noosfero-plugins disableall
+  - bundle exec rake makemo &>/dev/null
+# database
+  - cp config/database.yml.gitlab-ci config/database.yml
+  - createdb gitlab_ci_test || true
+  - bundle exec rake db:schema:load &>/dev/null
+  - bundle exec rake db:migrate &>/dev/null
+
+units:
+  script: bundle exec rake test:units
+functionals:
+  script: bundle exec rake test:functionals
+integration:
+  script: bundle exec rake test:integration
+cucumber:
+  script: bundle exec rake cucumber
+selenium:
+  script: bundle exec rake selenium
+plugins:
+  script: bundle exec rake test:noosfero_plugins
+
@@ -0,0 +1,39 @@
+[submodule "plugins/pairwise"]
+	path = plugins/pairwise
+	url = https://gitlab.com/noosfero-plugins/pairwise.git
+[submodule "plugins/proposals_discussion"]
+	path = plugins/proposals_discussion
+	url = https://gitlab.com/noosfero-plugins/proposals_discussion.git
+[submodule "plugins/site_tour"]
+	path = plugins/site_tour
+	url = https://gitlab.com/noosfero-plugins/site_tour.git
+[submodule "plugins/gamification"]
+	path = plugins/gamification
+	url = https://gitlab.com/noosfero-plugins/gamification.git
+[submodule "plugins/comment_paragraph"]
+	path = plugins/comment_paragraph
+	url = https://gitlab.com/noosfero-plugins/comment-paragraph.git
+[submodule "plugins/notification"]
+	path = plugins/notification
+	url = https://gitlab.com/noosfero-plugins/notification.git
+[submodule "plugins/email_article"]
+	path = plugins/email_article
+	url = https://gitlab.com/noosfero-plugins/email_article.git
+[submodule "public/proposal-app"]
+	path = public/proposal-app
+	url = https://gitlab.com/participa/proposal-app.git
+[submodule "plugins/gravatar_provider"]
+	path = plugins/gravatar_provider
+	url = https://gitlab.com/noosfero-plugins/gravatar-provider.git
+[submodule "plugins/juventude"]
+	path = plugins/juventude
+	url = https://gitlab.com/noosfero-plugins/juventude.git
+[submodule "plugins/dialoga"]
+	path = plugins/dialoga
+	url = https://gitlab.com/participa/dialoga-plugin.git
+[submodule "rest-clients/confjuvapp"]
+	path = rest-clients/confjuvapp
+	url = https://gitlab.com/participa/confjuvapp.git
+[submodule "rest-clients/proposal-app"]
+	path = rest-clients/proposal-app
+	url = https://gitlab.com/participa/proposal-app.git
@@ -0,0 +1,53 @@
+language: ruby
+rvm:
+# for 2.2 support we need to upgrade the pg gem
+  - 2.1.6
+
+sudo: false
+addons:
+  apt:
+    packages:
+      - po4a
+      - iso-codes
+      - tango-icon-theme
+      - pidgin-data
+      # for gem extensions
+      - libmagickwand-dev
+      - libpq-dev
+      - libreadline-dev
+      - libsqlite3-dev
+      - libxslt1-dev
+
+before_install:
+  - gem env
+
+# workaround for https://github.com/travis-ci/travis-ci/issues/4536
+before_install:
+  - export GEM_HOME=$PWD/vendor/bundle/ruby/2.1.0
+  - gem install bundler
+cache: bundler
+
+before_script:
+  - mkdir -p tmp/pids log
+# workaround for plugins with Gemfile
+  - perl -pi -e 's/cat .+ > \$gemfile/echo "source \\"https:\/\/rubygems.org\\"" > \$gemfile && cat \$source\/Gemfile >> \$gemfile/' script/noosfero-plugins
+  - perl -pi -e 's/--local --quiet/install --jobs=3 --retry=3/' script/noosfero-plugins
+  - script/noosfero-plugins disableall
+  - bundle exec rake makemo &>/dev/null
+# database
+  - cp config/database.yml.travis config/database.yml
+  - psql -c 'create database myapp_test;' -U postgres
+  - bundle exec rake db:schema:load &>/dev/null
+  - bundle exec rake db:migrate &>/dev/null
+
+env:
+  - TASK=test:units
+  - TASK=test:functionals
+  - TASK=test:integration
+  - TASK=cucumber
+  - TASK=selenium
+  - TASK=test:noosfero_plugins
+
+script:
+  - bundle exec rake $TASK
+
+This list is automatically generated at release time. Please do not change it.
+
 If you are not listed here, but should be, please write to the noosfero mailing
 list: http://listas.softwarelivre.org/cgi-bin/mailman/listinfo/noosfero-dev
 (this list requires subscription to post, but since you are an author of
@@ -8,256 +10,120 @@ Developers
 Ábner Silva de Oliveira <abner.oliveira@serpro.gov.br>
 Alan Freihof Tygel <alantygel@gmail.com>
-alcampelo <alcampelo@alcampelo.(none)>
 Alessandro Palmeira <alessandro.palmeira@gmail.com>
-Alessandro Palmeira + Caio C. Salgado <alessandro.palmeira@gmail.com>
-Alessandro Palmeira + Caio Salgado <alessandro.palmeira@gmail.com>
-Alessandro Palmeira + Caio Salgado <caio.csalgado@gmail.com>
-Alessandro Palmeira + Caio Salgado + Diego Araújo + João M. M. da Silva <diegoamc90@gmail.com>
-Alessandro Palmeira + Carlos Morais <alessandro.palmeira@gmail.com>
-Alessandro Palmeira + Daniel Alves <alessandro.palmeira@gmail.com>
-Alessandro Palmeira + Daniel Alves + Diego Araújo <diegoamc90@gmail.com>
-Alessandro Palmeira + Daniel Alves + Diego Araújo + Guilherme Rojas <danpaulalves@gmail.com>
-Alessandro Palmeira + Diego Araujo <alessandro.palmeira@gmail.com>
-Alessandro Palmeira + Diego Araújo <alessandro.palmeira@gmail.com>
-Alessandro Palmeira + Diego Araujo + Daniela Feitosa <alessandro.palmeira@gmail.com>
-Alessandro Palmeira + Diego Araujo <diegoamc90@gmail.com>
-Alessandro Palmeira + Diego Araújo <diegoamc90@gmail.com>
-Alessandro Palmeira + Diego Araujo + Eduardo Morais <alessandro.palmeira@gmail.com>
-Alessandro Palmeira + Diego Araújo + João M. M. da Silva <alessandro.palmeira@gmail.com>
-Alessandro Palmeira + Diego Araújo + João M. M. da Silva <diegoamc90@gmail.com>
-Alessandro Palmeira + Diego Araujo + João M. M. da Silva + Paulo Meirelles <alessandro.palmeira@gmail.com>
-Alessandro Palmeira + Diego Araújo + Pedro Leal <diegoamc90@gmail.com>
-Alessandro Palmeira + Diego Araújo + Pedro Leal + João M. M. da Silva <diegoamc90@gmail.com>
-Alessandro Palmeira + Diego Araujo + Rafael Manzo <alessandro.palmeira@gmail.com>
-Alessandro Palmeira + Eduardo Morais <alessandro.palmeira@gmail.com>
-Alessandro Palmeira + Guilherme Rojas <alessandro.palmeira@gmail.com>
-Alessandro Palmeira + Jefferson Fernandes <alessandro.palmeira@gmail.com>
-Alessandro Palmeira + João M. M. da Silva <alessandro.palmeira@gmail.com>
-Alessandro Palmeira + Joao M. M. da Silva + Diego Araujo <alessandro.palmeira@gmail.com>
-Alessandro Palmeira + João M. M. da Silva + Renan Teruo <alessandro.palmeira@gmail.com>
-Alessandro Palmeira + João M. M. Silva <alessandro.palmeira@gmail.com>
-Alessandro Palmeira + Paulo Meirelles <alessandro.palmeira@gmail.com>
-Alessandro Palmeira + Paulo Meirelles + João M. M. da Silva <alessandro.palmeira@gmail.com>
-Alessandro Palmeira + Rafael Manzo <alessandro.palmeira@gmail.com>
-analosnak <analosnak@gmail.com>
+Alex Campelo <campelo.al1@gmail.com>
+Álvaro Fernando <alvarofernandoms@gmail.com>
 Ana Losnak <analosnak@gmail.com>
-Andre Bernardes <andrebsguedes@gmail.com>
-Antonio Terceiro + Carlos Morais <terceiro@colivre.coop.br>
-Antonio Terceiro + Paulo Meirelles <terceiro@colivre.coop.br>
+Ana Paula Vargas <anapaulavnoronha@gmail.com>
+Andre Bedran <bedran.fleck@gmail.com>
+André Guedes <andrebsguedes@gmail.com>
+Andrey Aleksanyants <aaleksanyants@yahoo.com>
 Antonio Terceiro <terceiro@colivre.coop.br>
 Arthur Del Esposte <arthurmde@gmail.com>
-Arthur Del Esposte <arthurmde@yahoo.com.br>
+Athos Ribeiro <athoscribeiro@gmail.com>
 Aurelio A. Heckert <aurelio@colivre.coop.br>
-Braulio Bhavamitra <brauliobo@gmail.com>
-Bráulio Bhavamitra <brauliobo@gmail.com>
 Braulio Bhavamitra <braulio@eita.org.br>
-Caio <caio.csalgado@gmail.com>
-Caio + Diego + Pedro + João <caio.csalgado@gmail.com>
+Brenddon Gontijo <brenddongontijo@msn.com>
 Caio Formiga <caio.formiga@gmail.com>
-Caio, Pedro <caio.csalgado@gmail.com>
-Caio Salgado + Alessandro Palmeira <caio.csalgado@gmail.com>
 Caio Salgado <caio.csalgado@gmail.com>
-Caio Salgado + Carlos Morais + Diego Araújo + Pedro Leal <diegoamc90@gmail.com>
-Caio Salgado + Diego Araujo <caio.csalgado@gmail.com>
-Caio Salgado + Diego Araújo <caio.csalgado@gmail.com>
-Caio Salgado + Diego Araújo <diegoamc90@gmail.com>
-Caio Salgado + Diego Araújo + Jefferson Fernandes <caio.csalgado@gmail.com>
-Caio Salgado + Diego Araújo + João M. M. da Silva <caio.csalgado@gmail.com>
-Caio Salgado + Diego Araújo + Pedro Leal <caio.csalgado@gmail.com>
-Caio Salgado + Diego Araújo + Pedro Leal <diegoamc90@gmail.com>
-Caio Salgado + Diego Araújo + Rafael Manzo <diegoamc90@gmail.com>
-Caio Salgado + Jefferson Fernandes <caio.csalgado@gmail.com>
-Caio Salgado + Jefferson Fernandes <jeffs.fernandes@gmail.com>
-Caio Salgado + Rafael Manzo <caio.csalgado@gmail.com>
-Caio Salgado + Renan Teruo <caio.csalgado@gmail.com>
-Caio Salgado + Renan Teruo <caio.salgado@gmail.com>
-Caio Salgado + Renan Teruo + Jefferson Fernandes <jeffs.fernandes@gmail.com>
-Caio Salgado + Renan Teruo <renanteruoc@gmail.com>
 Caio SBA <caio@colivre.coop.br>
 Caio Tiago Oliveira <caiotiago@colivre.coop.br>
 Carlos Andre de Souza <carlos.andre.souza@msn.com>
 Carlos Morais <carlos88morais@gmail.com>
-Carlos Morais + Diego Araújo <diegoamc90@gmail.com>
-Carlos Morais + Eduardo Morais <carlos88morais@gmail.com>
-Carlos Morais + Paulo Meirelles <carlos88morais@gmail.com>
-Carlos Morais + Pedro Leal <carlos88morais@gmail.com>
-Daniel Alves + Diego Araújo <danpaulalves@gmail.com>
-Daniel Alves + Diego Araújo <diegoamc90@gmail.com>
-Daniel Alves + Diego Araújo + Guilherme Rojas <danpaulalves@gmail.com>
-Daniel Alves + Diego Araújo + Guilherme Rojas <diegoamc90@gmail.com>
-Daniel Alves + Diego Araújo + Guilherme Rojas <guilhermehrojas@gmail.com>
-Daniel Alves + Guilherme Rojas <danpaulalves@gmail.com>
-Daniel Alves + Rafael Manzo <rr.manzo@gmail.com>
+Christophe DANIEL <papaeng@gmail.com>
+Daniela Feitosa <alessandro.palmeira@gmail.com>
+Daniel Alves <danpaulalves@gmail.com>
 Daniela Soares Feitosa <danielafeitosa@colivre.coop.br>
 Daniel Bucher <daniel.bucher88@gmail.com>
 Daniel Cunha <daniel@colivre.coop.br>
+Daniel Tygel <dtygel@eita.org.br>
 David Carlos <ddavidcarlos1392@gmail.com>
-diegoamc <diegoamc90@gmail.com>
-Diego Araújo + Alessandro Palmeira <diegoamc90@gmail.com>
-Diego Araújo + Alessandro Palmeira + João M. M. da Silva <diegoamc90@gmail.com>
-Diego Araújo + Alessandro Palmeira + Rafael Manzo <rr.manzo@gmail.com>
-Diego Araujo + Caio Salgado <diegoamc90@gmail.com>
-Diego Araújo + Daniel Alves + Rafael Manzo <rr.manzo@gmail.com>
-Diego Araújo <diegoamc90@gmail.com>
-Diego Araújo + Eduardo Morais + Paulo Meirelles <diegoamc90@gmail.com>
-Diego Araújo + Guilherme Rojas <diegoamc90@gmail.com>
-Diego Araújo + Jefferson Fernandes <diegoamc90@gmail.com>
-Diego Araujo + Jefferson Fernandes <jeffs.fernandes@gmail.com>
-Diego Araújo + João Machini <diegoamc90@gmail.com>
-Diego Araújo + João Machini <digoamc90@gmail.com>
-Diego Araújo + João M. M. da Silva + Alessandro Palmeira <jaodsilv@linux.ime.usp.br>
-Diego Araújo + João M. M. da Silva <diegoamc90@gmail.com>
-Diego Araújo + João M. M. da Silva + João Machini <diegoamc90@gmail.com>
-Diego Araújo + João M. M. da Silva + Pedro Leal <diegoamc90@gmail.com>
-Diego Araújo + Paulo Meirelles <diegoamc90@gmail.com>
-Diego Araújo + Pedro Leal <diegoamc90@gmail.com>
-Diego Araujo + Rafael Manzo <diegoamc90@gmail.com>
-Diego Araújo + Rafael Manzo <diegoamc90@gmail.com>
-Diego Araújo + Renan Teruo + Alessandro Palmeira <diegoamc90@gmail.com>
-Diego Araújo + Renan Teruo <diegoamc90@gmail.com>
-Diego Araujo + Rodrigo Souto + Rafael Manzo <rr.manzo@gmail.com>
-Diego + Jefferson <diegoamc90@gmail.com>
-Diego Martinez <diegoamc90@gmail.com>
-Diego + Renan <renanteruoc@gmail.com>
-DylanGuedes <djmgguedes@gmail.com>
-Eduardo Passos <eduardo@risa.localdomain.localhost>
+Diego Araujo <diegoamc90@gmail.com>
+Dylan Guedes <djmgguedes@gmail.com>
+Eduardo Morais
 Eduardo Passos <eduardosteps@gmail.com>
 Eduardo Tourinho Edington <eduardo.edington@serpro.gov.br>
-Evandro Jr <evandrojr@gmail.com>
-Evandro Junior <evandrojr@gmail.com>
+Eduardo Vital <vitaldu@gmail.com>
+Evandro Magalhaes Leite Junior <evandro.leite@serpro.gov.br>
 Fabio Teixeira <fabio1079@gmail.com>
 FAMMA TV NOTICIAS MEDIOS DE CO <revistafammatvmusic.oficial@gmail.com>
 Fernanda Lopes <nanda.listas+psl@gmail.com>
-Francisco Marcelo A. Lima Júnior <francisco.lima-junior@serpro.gov.br>
-Francisco Marcelo de Araujo Lima Junior <79350259591@serpro-1457614.(none)>
+Filipe Ribeiro <firibeiro77@live.com>
 Francisco Marcelo de Araújo Lima Júnior <francisco.lima-junior@serpro.gov.br>
-Francisco Marcelo de Araújo Lima Júnior <maljunior@gmail.com>
 Gabriela Navarro <navarro1703@gmail.com>
 Gonzalo Exequiel Pedone <hipersayan.x@gmail.com>
 Grazieno Pellegrino <grazieno@gmail.com>
-Gust <darksshades@hotmail.com>
+Guilherme C. Muniz <guilherme.cmuniz@gmail.com>
+Guilherme Rojas <guilhermehrojas@gmail.com>
+Gustavo Jaruga <darksshades@gmail.com>
 Hebert Douglas <hebertdougl@gmail.com>
 Hugo Melo <hugo@riseup.net>
+Iolane Andrade <andrade.icaa@gmail.com>
 Isaac Canan <isaac@intelletto.com.br>
 Italo Valcy <italo@dcc.ufba.br>
-Jefferson Fernandes + Diego Araujo + Rafael Manzo <jeffs.fernandes@gmail.com>
-Jefferson Fernandes + Joao M. M. da Silva <jeffs.fernandes@gmail.com>
-Jefferson Fernandes + Joao M. M. Silva <jeffs.fernandes@gmail.com>
-João da Silva + Eduardo Morais + Rafael Manzo <rr.manzo@gmail.com>
-João da Silva <jaodsilv@linux.ime.usp.br>
-João Marco Maciel da Silva + Rafael Manzo + Renan Teruo <jaodsilv@linux.ime.usp.br>
-João M. M. da Silva + Alessandro Palmeira + Diego Araújo + Caio Salgado <jaodsilv@linux.ime.usp.br>
-João M. M. da Silva + Alessandro Palmeira + Diego Araújo <jaodsilv@linux.ime.usp.br>
-Joao M. M. da Silva + Alessandro Palmeira <jaodsilv@linux.ime.usp.br>
-João M. M. da Silva + Alessandro Palmeira <jaodsilv@linux.ime.usp.br>
-João M. M. da Silva + Alessandro Palmeira + João Machini <jaodsilv@linux.ime.usp.br>
-João M. M. da Silva + Caio Salgado + Alessandro Palmeira <jaodsilv@linux.ime.usp.br>
-João M. M. da Silva + Caio Salgado <jaodsilv@linux.ime.usp.br>
-João M. M. da Silva + Carlos Morais <jaodsilv@linux.ime.usp.br>
-João M. M. da Silva + Diego Araújo <diegoamc90@gmail.com>
-João M. M. da Silva + Diego Araújo <jaodsilv@linux.ime.usp.br>
-João M. M. da Silva + Diego Araújo + Pedro Leal <jaodsilv@linux.ime.usp.br>
+Jefferson Fernandes <jeffs.fernandes@gmail.com>
+Jérôme Jutteau <j.jutteau@gmail.com>
+João Machini
 João M. M. da Silva <jaodsilv@linux.ime.usp.br>
-Joao M. M. da Silva + Jefferson Fernandes <jaodsilv@linux.ime.usp.br>
-João M. M. da Silva + Jefferson Fernandes <jaodsilv@linux.ime.usp.br>
-João M. M. da Silva + João M. Miranda <jaodsilv@linux.ime.usp.br>
-João M. M. da Silva + Paulo Meirelles <jaodsilv@linux.ime.usp.br>
-João M. M. da Silva + Pedro Leal <jaodsilv@linux.ime.usp.br>
-João M. M. da Silva + Rafael Manzo + Diego Araújo <jaodsilv@linux.ime.usp.br>
-João M. M. da Silva + Rafael Manzo <jaodsilv@linux.ime.usp.br>
-João M. M. da Silva + Renan Teruo <jaodsilv@linux.ime.usp.br>
-João M. M. Silva + Caio Salgado <jaodsilv@linux.ime.usp.br>
-João M. M. Silva + Diego Araújo <jaodsilv@linux.ime.usp.br>
-Joao M. M. Silva + Jefferson Fernandes <jaodsilv@linux.ime.usp.br>
-João M. M. Silva + Paulo Meirelles <jaodsilv@linux.ime.usp.br>
-João M. M. Silva + Rafael Manzo <jaodsilv@linux.ime.usp.br>
-João M. M. Silva + Renan Teruo <jaodsilv@linux.ime.usp.br>
 Joenio Costa <joenio@colivre.coop.br>
 Josef Spillner <josef.spillner@tu-dresden.de>
 Jose Pedro <1jpsneto@gmail.com>
-Junior Silva <junior@bajor.localhost.localdomain>
-Junior Silva <junior@sedeantigo.colivre.coop.br>
 Junior Silva <juniorsilva1001@gmail.com>
-Junior Silva <juniorsilva7@juniorsilva-Aspire-5750Z.(none)>
-Junior Silva <juniorsilva@colivre.coop.br>
-juniorsilva <juniorsilva@QonoS.localhost.localdomain>
 Keilla Menezes <keilla@colivre.coop.br>
 Larissa Reis <larissa@colivre.coop.br>
-Larissa Reis <reiss.larissa@gmail.com>
 Leandro Alves <leandrosustenido@gmail.com>
-Leandro Nunes dos Santos <81665687568@serpro-1541727.Home>
-Leandro Nunes dos Santos <81665687568@serpro-1541727.(none)>
-Leandro Nunes dos Santos <leandronunes@gmail.com>
 Leandro Nunes dos Santos <leandro.santos@serpro.gov.br>
+Leandro Veloso <leandrovelosorodrigues@gmail.com>
 LinguÁgil 2010 <linguagil.bahia@gmail.com>
+Lucas Couto <loc.unb@gmail.com>
 Lucas Kanashiro <kanashiro.duarte@gmail.com>
-Lucas Melo <lucas@colivre.coop.br>
 Lucas Melo <lucaspradomelo@gmail.com>
-Luciano <lucianopcbr@gmail.com>
 Luciano Prestes Cavalcanti <lucianopcbr@gmail.com>
 Luis David Aguilar Carlos <ludwig9003@gmail.com>
 Luiz Fernando de Freitas Matos <luiz@luizff.matos@gmail.com>
-Marcos <marcos.rpj2@gmail.com>
+Luiz Matos <luizff.matos@gmail.com>
 Marcos Ramos <ms.ramos@outlook.com>
+Marcos Ronaldo <marcos.rpj2@gmail.com>
+Mariel Zasso <noosfero-br@listas.softwarelivre.org>
 Martín Olivera <molivera@solar.org.ar>
+Matheus Faria <matheus.sousa.faria@gmail.com>
 Maurilio Atila <cabelotaina@gmail.com>
 M for Momo <mo@rtnp.org>
 Michal Čihař <michal@cihar.com>
+Michel Felipe <mfelipeof@gmail.com>
 Moises Machado <moises@colivre.coop.br>
 Naíla Alves <naila@colivre.coop.br>
 Nanda Lopes <nanda.listas+psl@gmail.com>
 Niemand Jedermann <predatorix@web.de>
 Parley Martins <parleypachecomartins@gmail.com>
-Paulo Meirelles + Alessandro Palmeira + João M. M. da Silva <paulo@softwarelivre.org>
-Paulo Meirelles + Alessandro Palmeira <paulo@softwarelivre.org>
-Paulo Meirelles + Carlos Morais <paulo@softwarelivre.org>
-Paulo Meirelles + Diego Araújo <paulo@softwarelivre.org>
-Paulo Meirelles + João M. M. da Silva <paulo@softwarelivre.org>
 Paulo Meirelles <paulo@softwarelivre.org>
-Paulo Meirelles + Rafael Manzo <paulo@softwarelivre.org>
+Pedro de Lyra <pedrodelyra@gmail.com>
+Pedro Leal
+Rafael de Souza Queiroz <querafael@live.com>
 Rafael Gomes <rafaelgomes@techfree.com.br>
-Rafael Manzo + Alessandro Palmeira <rr.manzo@gmail.com>
-Rafael Manzo + Daniel Alves <danpaulalves@gmail.com>
-Rafael Manzo + Diego Araújo <rr.manzo@gmail.com>
-Rafael Manzo + João M. M. Silva <rr.manzo@gmail.com>
-Rafael Manzo + Paulo Meirelles <rr.manzo@gmail.com>
 Rafael Martins <rmmartins@gmail.com>
-Rafael Reggiani Manzo + Caio Salgado + Jefferson Fernandes <rr.manzo@gmail.com>
-Rafael Reggiani Manzo + Diego Araujo <diegoamc90@gmail.com>
-Rafael Reggiani Manzo + Diego Araujo <rr.manzo@gmail.com>
-Rafael Reggiani Manzo + Diego Araújo <rr.manzo@gmail.com>
-Rafael Reggiani Manzo + João M. M. da Silva <rr.manzo@gmail.com>
 Rafael Reggiani Manzo <rr.manzo@gmail.com>
 Raphaël Rousseau <raph@r4f.org>
 Raquel Lira <raquel.lira@gmail.com>
 Raquel <rcordioli@gmail.com>
-Renan Teruo + Caio Salgado <renanteruoc@gmail.com>
-Renan Teruoc + Diego Araujo <renanteruoc@gmail.com>
-Renan Teruo + Diego Araujo <renanteruoc@gmail.com>
-Renan Teruo + Diego Araújo <renanteruoc@gmail.com>
-Renan Teruo + Paulo Meirelles <renanteruoc@gmail.com>
-Renan Teruo + Rafael Manzo <renanteruoc@gmail.com>
-Rodrigo Souto + Ana Losnak + Daniel Bucher + Caio Almeida + Leandro Nunes + Daniela Feitosa + Mariel Zasso <noosfero-br@listas.softwarelivre.org>
+Renan Costa <renan2727@hotmail.com>
+Renan Teruo <renanteruoc@gmail.com>
+Rodrigo Medeiros <rodrigo.mss01@gmail.com>
 Rodrigo Souto <rodrigo@colivre.coop.br>
 Ronny Kursawe <kursawe.ronny@googlemail.com>
-root <root@debian.sdr.serpro>
 Samuel R. C. Vale <srcvale@holoscopio.com>
-Tallys Martins <tallysmartins@gmail.com>
 Tallys Martins <tallysmartins@yahoo.com.br>
-tallys <tallys@tallys>
-tallys <tallys@tallys.(none)>
+Thiago Casotti <thiago.casotti@uol.com.br>
+Thiago Kairala <thiagor.kairala@gmail.com>
+Thiago Ribeiro <thiagitosouza@hotmail.com>
 Thiago Zoroastro <thiago.zoroastro@bol.com.br>
 Tuux <tuxa@galaxie.eu.org>
+TWS <tablettws@gmail.com>
 Valessio Brito <contato@valessiobrito.com.br>
-Valessio Brito <contato@valessiobrito.info>
-Valessio Brito <valessio@gmail.com>
-vfcosta <vfcosta@gmail.com>
-Victor Carvalho <victorhugodf.ac@gmail.com>
 Victor Costa <vfcosta@gmail.com>
 Victor Hugo Alves de Carvalho <victorhugodf.ac@gmail.com>
 Vinicius Cubas Brand <viniciuscb@gmail.com>
-Visita <visita@debian.(none)>
+Wilton Rodrigues <braynwilton@gmail.com>
 Yann Lugrin <yann.lugrin@liquid-concept.ch>
 Ideas, specifications and incentive
 source "https://rubygems.org"
-gem 'rails',                    '~> 3.2.21'
+gem 'rails',                    '~> 3.2.22'
 gem 'minitest',                 '~> 3.2.0'
 gem 'fast_gettext',             '~> 0.6.8'
 gem 'acts-as-taggable-on',      '~> 3.4.2'
@@ -11,27 +11,46 @@ gem &#39;will_paginate&#39;,            &#39;~&gt; 3.0.3&#39;
 gem 'ruby-feedparser',          '~> 0.7'
 gem 'daemons',                  '~> 1.1.5'
 gem 'thin',                     '~> 1.3.1'
-gem 'nokogiri',                 '~> 1.5.5'
+gem 'nokogiri',                 '~> 1.6.0'
 gem 'rake', :require => false
 gem 'rest-client',              '~> 1.6.7'
 gem 'exception_notification',   '~> 4.0.1'
 gem 'gettext',                  '~> 2.2.1', :require => false
 gem 'locale',                   '~> 2.0.5'
 gem 'whenever', :require => false
-gem 'eita-jrails', '>= 0.9.5', :require => 'jrails'
+gem 'eita-jrails', '~> 0.9.5', require: 'jrails'
-group :assets do
-  gem 'uglifier', '>= 1.0.3'
-  gem 'sass-rails'
-end
+# API dependencies
+gem 'grape',                    '~> 0.12'
+gem 'grape-entity'
+#FIXME Get the Grape Loggin from master yo solve this issue https://github.com/intridea/grape/issues/1059
+#We have to remove this commit referenve code when update the next release of grape_logging. Actualy we are using (1.1.2)
+gem 'grape_logging', :git => 'https://github.com/aceunreal/grape_logging.git', :ref => 'f1755ae'
+gem 'rack-cors'
+gem 'rack-contrib'
+gem 'liquid',                    '~> 3.0.3'
+#gem 'grape-swagger-rails'
+gem 'rubyzip'
+
+gem 'execjs'
+gem 'therubyracer'
+
+# FIXME list here all actual dependencies (i.e. the ones in debian/control),
+# with their GEM names (not the Debian package names)
+
+gem 'api-pagination',           '~> 4.1.1'
+
+# asset pipeline
+gem 'uglifier', '>= 1.0.3'
+gem 'sass-rails'
 group :production do
   gem 'dalli', '~> 2.7.0'
 end
 group :test do
-  gem 'rspec',                  '~> 2.10.0'
-  gem 'rspec-rails',            '~> 2.10.1'
+  gem 'rspec',                  '~> 2.14.0'
+  gem 'rspec-rails',            '~> 2.14.1'
   gem 'mocha',                  '~> 1.1.0', :require => false
 end
@@ -0,0 +1,281 @@
+GIT
+  remote: https://github.com/aceunreal/grape_logging.git
+  revision: f1755ae4e1d897a65b20218d40681f59a9630f1b
+  ref: f1755ae
+  specs:
+    grape_logging (1.1.2)
+      grape
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    RedCloth (4.2.9)
+    actionmailer (3.2.22)
+      actionpack (= 3.2.22)
+      mail (~> 2.5.4)
+    actionpack (3.2.22)
+      activemodel (= 3.2.22)
+      activesupport (= 3.2.22)
+      builder (~> 3.0.0)
+      erubis (~> 2.7.0)
+      journey (~> 1.0.4)
+      rack (~> 1.4.5)
+      rack-cache (~> 1.2)
+      rack-test (~> 0.6.1)
+      sprockets (~> 2.2.1)
+    activemodel (3.2.22)
+      activesupport (= 3.2.22)
+      builder (~> 3.0.0)
+    activerecord (3.2.22)
+      activemodel (= 3.2.22)
+      activesupport (= 3.2.22)
+      arel (~> 3.0.2)
+      tzinfo (~> 0.3.29)
+    activeresource (3.2.22)
+      activemodel (= 3.2.22)
+      activesupport (= 3.2.22)
+    activesupport (3.2.22)
+      i18n (~> 0.6, >= 0.6.4)
+      multi_json (~> 1.0)
+    acts-as-taggable-on (3.4.4)
+      activerecord (>= 3.2, < 5)
+    api-pagination (4.1.1)
+    arel (3.0.3)
+    axiom-types (0.1.1)
+      descendants_tracker (~> 0.0.4)
+      ice_nine (~> 0.11.0)
+      thread_safe (~> 0.3, >= 0.3.1)
+    builder (3.0.4)
+    capybara (2.1.0)
+      mime-types (>= 1.16)
+      nokogiri (>= 1.3.3)
+      rack (>= 1.0.0)
+      rack-test (>= 0.5.4)
+      xpath (~> 2.0)
+    childprocess (0.5.6)
+      ffi (~> 1.0, >= 1.0.11)
+    chronic (0.10.2)
+    coercible (1.0.0)
+      descendants_tracker (~> 0.0.1)
+    cucumber (1.0.6)
+      builder (>= 2.1.2)
+      diff-lcs (>= 1.1.2)
+      gherkin (~> 2.4.18)
+      json (>= 1.4.6)
+      term-ansicolor (>= 1.0.6)
+    cucumber-rails (1.0.6)
+      capybara (>= 1.1.1)
+      cucumber (>= 1.0.6)
+      nokogiri (>= 1.5.0)
+    daemons (1.1.9)
+    dalli (2.7.4)
+    database_cleaner (1.2.0)
+    descendants_tracker (0.0.4)
+      thread_safe (~> 0.3, >= 0.3.1)
+    diff-lcs (1.2.5)
+    eita-jrails (0.9.5)
+      actionpack (~> 3.2, >= 3.1.0)
+      activesupport (~> 3.2, >= 3.0.0)
+    equalizer (0.0.11)
+    erubis (2.7.0)
+    eventmachine (1.0.7)
+    exception_notification (4.0.1)
+      actionmailer (>= 3.0.4)
+      activesupport (>= 3.0.4)
+    execjs (2.5.2)
+    fast_gettext (0.6.12)
+    ffi (1.9.10)
+    gettext (2.2.1)
+      locale
+    gherkin (2.4.21)
+      json (>= 1.4.6)
+    git-version-bump (0.15.1)
+    grape (0.12.0)
+      activesupport
+      builder
+      hashie (>= 2.1.0)
+      multi_json (>= 1.3.2)
+      multi_xml (>= 0.5.2)
+      rack (>= 1.3.0)
+      rack-accept
+      rack-mount
+      virtus (>= 1.0.0)
+    grape-entity (0.4.5)
+      activesupport
+      multi_json (>= 1.3.2)
+    hashie (2.1.2)
+    hike (1.2.3)
+    i18n (0.7.0)
+    ice_nine (0.11.1)
+    journey (1.0.4)
+    json (1.8.3)
+    libv8 (3.16.14.11)
+    liquid (3.0.6)
+    locale (2.0.9)
+    magic (0.2.9)
+      ffi (>= 0.6.3)
+    mail (2.5.4)
+      mime-types (~> 1.16)
+      treetop (~> 1.4.8)
+    metaclass (0.0.4)
+    mime-types (1.25.1)
+    mini_portile (0.6.2)
+    minitest (3.2.0)
+    mocha (1.1.0)
+      metaclass (~> 0.0.1)
+    multi_json (1.11.2)
+    multi_xml (0.5.5)
+    nokogiri (1.6.6.2)
+      mini_portile (~> 0.6.0)
+    pg (0.13.2)
+    polyglot (0.3.5)
+    rack (1.4.7)
+    rack-accept (0.4.5)
+      rack (>= 0.4)
+    rack-cache (1.2)
+      rack (>= 0.4)
+    rack-contrib (1.3.0)
+      git-version-bump (~> 0.15)
+      rack (~> 1.4)
+    rack-cors (0.4.0)
+    rack-mount (0.8.3)
+      rack (>= 1.0.0)
+    rack-ssl (1.3.4)
+      rack
+    rack-test (0.6.3)
+      rack (>= 1.0)
+    rails (3.2.22)
+      actionmailer (= 3.2.22)
+      actionpack (= 3.2.22)
+      activerecord (= 3.2.22)
+      activeresource (= 3.2.22)
+      activesupport (= 3.2.22)
+      bundler (~> 1.0)
+      railties (= 3.2.22)
+    rails_autolink (1.1.6)
+      rails (> 3.1)
+    railties (3.2.22)
+      actionpack (= 3.2.22)
+      activesupport (= 3.2.22)
+      rack-ssl (~> 1.3.2)
+      rake (>= 0.8.7)
+      rdoc (~> 3.4)
+      thor (>= 0.14.6, < 2.0)
+    rake (10.4.2)
+    rdoc (3.12.2)
+      json (~> 1.4)
+    ref (2.0.0)
+    rest-client (1.6.9)
+      mime-types (~> 1.16)
+    rmagick (2.13.4)
+    rspec (2.14.1)
+      rspec-core (~> 2.14.0)
+      rspec-expectations (~> 2.14.0)
+      rspec-mocks (~> 2.14.0)
+    rspec-core (2.14.8)
+    rspec-expectations (2.14.5)
+      diff-lcs (>= 1.1.3, < 2.0)
+    rspec-mocks (2.14.6)
+    rspec-rails (2.14.2)
+      actionpack (>= 3.0)
+      activemodel (>= 3.0)
+      activesupport (>= 3.0)
+      railties (>= 3.0)
+      rspec-core (~> 2.14.0)
+      rspec-expectations (~> 2.14.0)
+      rspec-mocks (~> 2.14.0)
+    ruby-feedparser (0.9.3)
+      magic
+    rubyzip (1.1.7)
+    sass (3.4.15)
+    sass-rails (3.2.6)
+      railties (~> 3.2.0)
+      sass (>= 3.1.10)
+      tilt (~> 1.3)
+    selenium-webdriver (2.39.0)
+      childprocess (>= 0.2.5)
+      multi_json (~> 1.0)
+      rubyzip (~> 1.0)
+      websocket (~> 1.0.4)
+    sprockets (2.2.3)
+      hike (~> 1.2)
+      multi_json (~> 1.0)
+      rack (~> 1.0)
+      tilt (~> 1.1, != 1.3.0)
+    term-ansicolor (1.3.2)
+      tins (~> 1.0)
+    therubyracer (0.12.2)
+      libv8 (~> 3.16.14.0)
+      ref
+    thin (1.3.1)
+      daemons (>= 1.0.9)
+      eventmachine (>= 0.12.6)
+      rack (>= 1.0.0)
+    thor (0.19.1)
+    thread_safe (0.3.5)
+    tilt (1.4.1)
+    tins (1.5.4)
+    treetop (1.4.15)
+      polyglot
+      polyglot (>= 0.3.1)
+    tzinfo (0.3.44)
+    uglifier (2.7.1)
+      execjs (>= 0.3.0)
+      json (>= 1.8.0)
+    virtus (1.0.5)
+      axiom-types (~> 0.1)
+      coercible (~> 1.0)
+      descendants_tracker (~> 0.0, >= 0.0.3)
+      equalizer (~> 0.0, >= 0.0.9)
+    websocket (1.0.7)
+    whenever (0.9.4)
+      chronic (>= 0.6.3)
+    will_paginate (3.0.7)
+    xpath (2.0.0)
+      nokogiri (~> 1.3)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  RedCloth (~> 4.2.9)
+  acts-as-taggable-on (~> 3.4.2)
+  api-pagination (~> 4.1.1)
+  capybara (~> 2.1.0)
+  cucumber (~> 1.0.6)
+  cucumber-rails (~> 1.0.6)
+  daemons (~> 1.1.5)
+  dalli (~> 2.7.0)
+  database_cleaner (~> 1.2.0)
+  eita-jrails (~> 0.9.5)
+  exception_notification (~> 4.0.1)
+  execjs
+  fast_gettext (~> 0.6.8)
+  gettext (~> 2.2.1)
+  grape (~> 0.12)
+  grape-entity
+  grape_logging!
+  liquid (~> 3.0.3)
+  locale (~> 2.0.5)
+  minitest (~> 3.2.0)
+  mocha (~> 1.1.0)
+  nokogiri (~> 1.6.0)
+  pg (~> 0.13.2)
+  rack-contrib
+  rack-cors
+  rails (~> 3.2.22)
+  rails_autolink (~> 1.1.5)
+  rake
+  rest-client (~> 1.6.7)
+  rmagick (~> 2.13.1)
+  rspec (~> 2.14.0)
+  rspec-rails (~> 2.14.1)
+  ruby-feedparser (~> 0.7)
+  rubyzip
+  sass-rails
+  selenium-webdriver (~> 2.39.0)
+  therubyracer
+  thin (~> 1.3.1)
+  uglifier (>= 1.0.3)
+  whenever
+  will_paginate (~> 3.0.3)
-XMPP/Chat Setup
-===============
+Automatic XMPP/Chat Setup
+=========================
+
+Since Noosfero 1.2, the XMPP/Chat can be installed via `noosfero-chat` Debian
+package. So you don't need to follow the manual instructions here if you
+already have it installed on your system.
+
+But if you are going to install the `noosfero-chat` package on a system that
+already has `noosfero` older 1.2 installed then you need to check if apache's
+configuration file `/etc/apache2/sites-available/noosfero` has this line below:
+
+     Include /usr/share/noosfero/util/chat/apache/xmpp.conf
+
+Manual XMPP/Chat Setup
+======================
 The samples of config file to configure a XMPP/BOSH server with ejabberd,
 postgresql and apache2 can be found at util/chat directory.
@@ -8,7 +21,7 @@ This setup supposes that you are using Noosfero installed via Debian package
 in a production environment.
 Steps
-=====
+-----
 This is a step-by-step guide to get a XMPP service working, in a Debian system.
@@ -144,15 +157,8 @@ You should see a page with a message like that:
 ## 9. Test chat session
-Open Noosfero console and execute:
-
->> environment = Environment.default
->> user = Person['guest']
->> password = user.user.crypted_password
->> login = user.jid
->> RubyBOSH.initialize_session(login, password, "http://#{environment.default_hostname}/http-bind", :wait => 30, :hold => 1, :window => 5
-
-If you have luck, should see something like that:
+Run `./script/noosfero-test-chat-session`. If you have luck, should see
+something like that:
 Ruby-BOSH - SEND
 <body window="5" rid="60265" xmlns="http://jabber.org/protocol/httpbind" xmlns:xmpp="urn:xmpp:xbosh" to="vagrant-debian-squeeze.vagrantup.com" wait="30" xmpp:version="1.0" hold="1"/>
@@ -11,8 +11,8 @@ as below:
     # mkdir /etc/noosfero/ssl
     # cd /etc/noosfero/ssl
-	  # openssl genrsa 1024 > noosfero.key
-    # openssl req -new -x509 -nodes -sha1 -days $[10*365] -key noosfero.key > noosfero.cert
+    # openssl genrsa 2048 > noosfero.key
+    # openssl req -new -x509 -sha256 -nodes -days $[10*365] -key noosfero.key > noosfero.cert
     # cat noosfero.key noosfero.cert > noosfero.pem
 ## Web server configuration
@@ -74,7 +74,7 @@ downloading from git
 Here we are cloning the noosfero repository from git. Note: you will need to install git before.
-    $ git clone git://gitorious.org/noosfero/noosfero.git current
+    $ git clone https://gitlab.com/noosfero/noosfero.git current
     $ cd current
     $ git checkout -b stable origin/stable
@@ -15,4 +15,21 @@ Noosfero::Application.load_tasks
   Dir.glob(pattern).sort
 end.flatten.each do |taskfile|
   load taskfile
+end 
+
+# plugins' tasks
+plugins_tasks = Dir.glob("config/plugins/*/{tasks,lib/tasks,rails/tasks}/**/*.rake").sort +
+  Dir.glob("config/plugins/*/vendor/plugins/*/{tasks,lib/tasks,rails/tasks}/**/*.rake").sort
+plugins_tasks.each{ |ext| load ext }
+
+
+desc "Print out grape routes"
+task :grape_routes => :environment do
+  #require 'api/api.rb'
+  Noosfero::API::API.routes.each do |route|
+    puts route
+    method = route.route_method
+    path = route.route_path
+    puts "     #{method} #{path}"
+  end
 end
@@ -71,22 +71,4 @@ class AdminPanelController &lt; AdminController
       end
     end
   end
-
-  def manage_organizations_status
-    scope = environment.organizations
-    @filter = params[:filter] || 'any'
-    @title = "Organization profiles"
-    @title = @title+" - "+@filter if @filter != 'any'
-
-    if @filter == 'enabled'
-      scope = scope.visible
-    elsif @filter == 'disabled'
-      scope = scope.disabled
-    end
-
-    scope = scope.order('name ASC')
-
-    @q = params[:q]
-    @collection = find_by_contents(:organizations, environment, scope, @q, {:per_page => 10, :page => params[:npage]})[:results]
-  end
 end
 class EnvironmentDesignController < BoxOrganizerController
-  
+
   protect 'edit_environment_design', :environment
+  def filtered_available_blocks(blocks=nil)
+    filtered_available_blocks = []
+    blocks.each { |block| filtered_available_blocks << block unless @environment.disabled_blocks.include?(block.name) }
+    filtered_available_blocks
+  end
+
   def available_blocks
     @available_blocks ||= [ ArticleBlock, LoginBlock, RecentDocumentsBlock, EnterprisesBlock, CommunitiesBlock, SellersSearchBlock, LinkListBlock, FeedReaderBlock, SlideshowBlock, HighlightsBlock, FeaturedProductsBlock, CategoriesBlock, RawHTMLBlock, TagsBlock ]
     @available_blocks += plugins.dispatch(:extra_blocks, :type => Environment)
   end
+  def index
+    available_blocks
+  end
+
 end
@@ -0,0 +1,15 @@
+class EnvironmentEmailTemplatesController < EmailTemplatesController
+
+  protect 'manage_email_templates', :environment
+
+  protected
+
+  def owner
+    environment
+  end
+
+  before_filter :only => :index do
+    @back_to = url_for(:controller => :admin_panel)
+  end
+
+end
 class FeaturesController < AdminController
+
   protect 'edit_environment_features', :environment
-  
+
   def index
     @features = Environment.available_features.sort_by{|k,v|v}
   end
+  def manage_blocks
+    @blocks = [ ArticleBlock,
+                TagsBlock,
+                RecentDocumentsBlock,
+                ProfileInfoBlock,
+                LinkListBlock,
+                MyNetworkBlock,
+                FeedReaderBlock,
+                ProfileImageBlock,
+                LocationBlock,
+                SlideshowBlock,
+                ProfileSearchBlock,
+                HighlightsBlock,
+                FriendsBlock,
+                FavoriteEnterprisesBlock,
+                CommunitiesBlock,
+                EnterprisesBlock,
+                MembersBlock,
+                DisabledEnterpriseMessageBlock,
+                ProductCategoriesBlock,
+                FeaturedProductsBlock,
+                FansBlock,
+                ProductsBlock ]
+
+    @blocks += plugins.dispatch(:extra_blocks)
+    @blocks.sort_by! { |block| block.name }
+  end
+
   post_only :update
   def update
     if @environment.update_attributes(params[:environment])
@@ -15,6 +44,17 @@ class FeaturesController &lt; AdminController
     end
   end
+  post_only :update_blocks
+  def update_blocks
+    params[:environment].delete(:available_blocks)
+    if @environment.update_attributes(params[:environment])
+      session[:notice] = _('Blocks updated successfully.')
+      redirect_to :action => 'manage_blocks'
+    else
+      render :action => 'manage_blocks'
+    end
+  end
+
   def manage_fields
     @person_fields = Person.fields
     @enterprise_fields = Enterprise.fields
@@ -0,0 +1,66 @@
+class OrganizationsController < AdminController
+
+  protect 'manage_environment_organizations', :environment
+
+  def index
+    @filter = params[:filter] || 'any'
+    @title = _('Organization profiles')
+    @type = params[:type] || "any"
+    @types_filter = [[_('All'), 'any'], [_('Community'), 'Community'], [_('Enterprise'), 'Enterprise']]
+    @types_filter = @types_filter | @plugins.dispatch(:organization_types_filter_options)
+
+    scope = @plugins.dispatch_first(:filter_manage_organization_scope, @type)
+    if scope.blank?
+      scope = environment.organizations
+      scope = scope.where(:type => @type) if @type != 'any'
+    end
+
+    if @filter == 'enabled'
+      scope = scope.visible
+    elsif @filter == 'disabled'
+      scope = scope.disabled
+    end
+
+    scope = scope.order('name ASC')
+
+    @q = params[:q]
+    @collection = find_by_contents(:organizations, environment, scope, @q, {:per_page => per_page, :page => params[:npage]})[:results]
+  end
+
+  def activate
+    organization = environment.organizations.find(params[:id])
+    if organization.enable
+      render :text => (_('%s enabled') % organization.name).to_json
+    else
+      render :text => (_('%s could not be enabled') % organization.name).to_json
+    end
+  end
+
+  def deactivate
+    organization = environment.organizations.find(params[:id])
+    if organization.disable
+      render :text => (_('%s disabled') % organization.name).to_json
+    else
+      render :text => (_('%s could not be disable') % organization.name).to_json
+    end
+  end
+
+  def destroy
+    if request.post?
+      organization = environment.organizations.find(params[:id])
+      if organization && organization.destroy
+        render :text => (_('%s removed') % organization.name).to_json
+      else
+        render :text => (_('%s could not be removed') % organization.name).to_json
+      end
+    else
+      render :nothing => true
+    end
+  end
+
+  private
+
+  def per_page
+    10
+  end
+end
@@ -2,7 +2,7 @@ class RoleController &lt; AdminController
   protect 'manage_environment_roles', :environment
   def index
-    @roles = environment.roles.find(:all)
+    @roles = environment.roles.find(:all, :conditions => {:profile_id => nil})
   end
   def new
@@ -7,8 +7,17 @@ class ApplicationController &lt; ActionController::Base
   before_filter :detect_stuff_by_domain
   before_filter :init_noosfero_plugins
   before_filter :allow_cross_domain_access
+
+  before_filter :login_from_cookie
   before_filter :login_required, :if => :private_environment?
+
   before_filter :verify_members_whitelist, :if => [:private_environment?, :user]
+  before_filter :log_user
+
+  def log_user
+    Rails.logger.info "Logged in: #{user.identifier}" if user
+  end
+  before_filter :redirect_to_current_user
   def verify_members_whitelist
     render_access_denied unless user.is_admin? || environment.in_whitelist?(user)
@@ -71,8 +80,8 @@ class ApplicationController &lt; ActionController::Base
     FastGettext.available_locales = environment.available_locales
     FastGettext.default_locale = environment.default_locale
     FastGettext.locale = (params[:lang] || session[:lang] || environment.default_locale || request.env['HTTP_ACCEPT_LANGUAGE'] || 'en')
-    I18n.locale = FastGettext.locale
-    I18n.default_locale = FastGettext.default_locale
+    I18n.locale = FastGettext.locale.to_s.gsub '_', '-'
+    I18n.default_locale = FastGettext.default_locale.to_s.gsub '_', '-'
     if params[:lang]
       session[:lang] = params[:lang]
     end
@@ -192,4 +201,15 @@ class ApplicationController &lt; ActionController::Base
   def private_environment?
     @environment.enabled?(:restrict_to_members)
   end
+
+  def redirect_to_current_user
+    if params[:profile] == '~'
+      if logged_in?
+        redirect_to params.merge(:profile => user.identifier)
+      else
+        render_not_found
+      end
+    end
+  end
+
 end
@@ -3,12 +3,11 @@ class BoxOrganizerController &lt; ApplicationController
   before_filter :login_required
   def index
+    @available_blocks = available_blocks.uniq.sort_by(&:pretty_name)
   end
   def move_block
-    @block = boxes_holder.blocks.find(params[:id].gsub(/^block-/, ''))
-
-    @source_box = @block.box
+    @block = params[:id] ? boxes_holder.blocks.find(params[:id].gsub(/^block-/, '')) : nil
     target_position = nil
@@ -20,9 +19,12 @@ class BoxOrganizerController &lt; ApplicationController
     else
       (params[:target] =~ /end-of-box-([0-9]+)/)
-      @target_box = boxes_holder.boxes.find($1)
+      @target_box = boxes_holder.boxes.find_by_id($1)
     end
+    @block = new_block(params[:type], @target_box) if @block.nil?
+    @source_box = @block.box
+
     if (@source_box != @target_box)
       @block.remove_from_list
       @block.box = @target_box
@@ -58,23 +60,6 @@ class BoxOrganizerController &lt; ApplicationController
     redirect_to :action => 'index'
   end
-  def add_block
-    type = params[:type]
-    if ! type.blank?
-      if available_blocks.map(&:name).include?(type)
-        boxes_holder.boxes.find(params[:box_id]).blocks << type.constantize.new
-        redirect_to :action => 'index'
-      else
-        raise ArgumentError.new("Type %s is not allowed. Go away." % type)
-      end
-    else
-      @center_block_types = (Box.acceptable_center_blocks & available_blocks) + plugins.dispatch(:extra_blocks, :type => boxes_holder.class, :position => 1)
-      @side_block_types = (Box.acceptable_side_blocks & available_blocks) + plugins.dispatch(:extra_blocks, :type => boxes_holder.class, :position => [2,3])
-      @boxes = boxes_holder.boxes.with_position
-      render :action => 'add_block', :layout => false
-    end
-  end
-
   def edit
     @block = boxes_holder.blocks.find(params[:id])
     render :action => 'edit', :layout => false
@@ -98,8 +83,12 @@ class BoxOrganizerController &lt; ApplicationController
   def save
     @block = boxes_holder.blocks.find(params[:id])
-    @block.update_attributes(params[:block])
-    redirect_to :action => 'index'
+    if @block.kind_of?(RawHTMLBlock) && !user.is_admin?(environment)
+      render_access_denied
+    else
+      @block.update_attributes(params[:block])
+      redirect_to :action => 'index'
+    end
   end
   def boxes_editor?
@@ -121,6 +110,27 @@ class BoxOrganizerController &lt; ApplicationController
     redirect_to :action => 'index'
   end
+  def show_block_type_info
+    type = params[:type]
+    if type.blank? || !available_blocks.map(&:name).include?(type)
+      raise ArgumentError.new("Type %s is not allowed. Go away." % type)
+    end
+    @block = type.constantize.new
+    @block.box = Box.new(:owner => boxes_holder)
+    render :action => 'show_block_type_info', :layout => false
+  end
+
   protected :boxes_editor?
+  protected
+
+  def new_block(type, box)
+    if !available_blocks.map(&:name).include?(type)
+      raise ArgumentError.new("Type %s is not allowed. Go away." % type)
+    end
+    block = type.constantize.new
+    box.blocks << block
+    block
+  end
+
 end
@@ -0,0 +1,62 @@
+class EmailTemplatesController < ApplicationController
+
+  def index
+    @email_templates = owner.email_templates
+  end
+
+  def show
+    @email_template = owner.email_templates.find(params[:id])
+
+    respond_to do |format|
+      format.html # show.html.erb
+      format.json { render json: @email_template }
+    end
+  end
+
+  def show_parsed
+    @email_template = owner.email_templates.find(params[:id])
+    template_params = {:profile => owner, :environment => environment}
+    render json: {:parsed_body => @email_template.parsed_body(template_params), :parsed_subject => @email_template.parsed_subject(template_params)}
+  end
+
+  def new
+    @email_template = owner.email_templates.build(:owner => owner)
+  end
+
+  def edit
+    @email_template = owner.email_templates.find(params[:id])
+  end
+
+  def create
+    @email_template = owner.email_templates.build(params[:email_template])
+    @email_template.owner = owner
+
+    if @email_template.save
+      session[:notice] = _('Email template was successfully created.')
+      redirect_to url_for(:action => :index)
+    else
+      render action: "new"
+    end
+  end
+
+  def update
+    @email_template = owner.email_templates.find(params[:id])
+
+    if @email_template.update_attributes(params[:email_template])
+      session[:notice] = _('Email template was successfully updated.')
+      redirect_to url_for(:action => :index)
+    else
+      render action: "edit"
+    end
+  end
+
+  def destroy
+    @email_template = owner.email_templates.find(params[:id])
+    @email_template.destroy
+
+    respond_to do |format|
+      format.html { redirect_to url_for(:action => :index)}
+      format.json { head :no_content }
+    end
+  end
+end
@@ -6,7 +6,7 @@ class CmsController &lt; MyProfileController
   def search_tags
     arg = params[:term].downcase
-    result = ActsAsTaggableOn::Tag.find(:all, :conditions => ['LOWER(name) LIKE ?', "%#{arg}%"])
+    result = ActsAsTaggableOn::Tag.where('name ILIKE ?', "%#{arg}%").limit(10)
     render :text => prepare_to_token_input_by_label(result).to_json, :content_type => 'application/json'
   end
@@ -27,20 +27,13 @@ class CmsController &lt; MyProfileController
   helper_method :file_types
-  protect_if :only => :upload_files do |c, user, profile|
-    article_id = c.params[:parent_id]
-    (!article_id.blank? && profile.articles.find(article_id).allow_create?(user)) ||
-    (user && (user.has_permission?('post_content', profile) || user.has_permission?('publish_content', profile)))
-  end
-
-  protect_if :except => [:suggest_an_article, :set_home_page, :edit, :destroy, :publish, :publish_on_portal_community, :publish_on_communities, :search_communities_to_publish, :upload_files, :new] do |c, user, profile|
+  protect_if :except => [:suggest_an_article, :set_home_page, :edit, :destroy, :publish, :upload_files, :new] do |c, user, profile|
     user && (user.has_permission?('post_content', profile) || user.has_permission?('publish_content', profile))
   end
-  protect_if :only => :new do |c, user, profile|
-    article = profile.articles.find_by_id(c.params[:parent_id])
-    (!article.nil? && (article.allow_create?(user) || article.parent.allow_create?(user))) ||
-    (user && (user.has_permission?('post_content', profile) || user.has_permission?('publish_content', profile)))
+  protect_if :only => [:new, :upload_files] do |c, user, profile|
+    parent = profile.articles.find_by_id(c.params[:parent_id])
+    user && user.can_post_content?(profile, parent)
   end
   protect_if :only => :destroy do |c, user, profile|
@@ -101,6 +94,11 @@ class CmsController &lt; MyProfileController
     record_coming
     if request.post?
       @article.image = nil if params[:remove_image] == 'true'
+      if @article.image.present? && params[:article][:image_builder] &&
+        params[:article][:image_builder][:label]
+        @article.image.label = params[:article][:image_builder][:label]
+        @article.image.save!
+      end
       @article.last_changed_by = user
       if @article.update_attributes(params[:article])
         if !continue
@@ -112,6 +110,11 @@ class CmsController &lt; MyProfileController
         end
       end
     end
+
+    unless @article.kind_of?(RssFeed)
+      @escaped_body = CGI::escapeHTML(@article.body || '')
+      @escaped_abstract = CGI::escapeHTML(@article.abstract || '')
+    end
   end
   def new
@@ -143,7 +146,14 @@ class CmsController &lt; MyProfileController
     klass = @type.constantize
     article_data = environment.enabled?('articles_dont_accept_comments_by_default') ? { :accept_comments => false } : {}
     article_data.merge!(params[:article]) if params[:article]
-    @article = klass.new(article_data)
+    article_data.merge!(:profile => profile) if profile
+
+    @article = if params[:clone]
+      current_article = profile.articles.find(params[:id])
+      current_article.copy_without_save
+    else
+      klass.new(article_data)
+    end
     parent = check_parent(params[:parent_id])
     if parent
@@ -220,7 +230,7 @@ class CmsController &lt; MyProfileController
       if @errors.any?
         render :action => 'upload_files', :parent_id => @parent_id
       else
-        session[:notice] = _('File(s) successfully uploaded') 
+        session[:notice] = _('File(s) successfully uploaded')
         if @back_to
           redirect_to @back_to
         elsif @parent
@@ -357,7 +367,8 @@ class CmsController &lt; MyProfileController
       @task.ip_address = request.remote_ip
       @task.user_agent = request.user_agent
       @task.referrer = request.referrer
-      if verify_recaptcha(:model => @task, :message => _('Please type the words correctly')) && @task.save
+      @task.requestor = current_person if logged_in?
+      if (logged_in? || verify_recaptcha(:model => @task, :message => _('Please type the words correctly'))) && @task.save
         session[:notice] = _('Thanks for your suggestion. The community administrators were notified.')
         redirect_to @back_to
       end
@@ -453,7 +464,8 @@ class CmsController &lt; MyProfileController
   end
   def refuse_blocks
-    if ['TinyMceArticle', 'TextileArticle', 'Event', 'EnterpriseHomepage'].include?(@type)
+    article_types = ['TinyMceArticle', 'TextileArticle', 'Event', 'EnterpriseHomepage'] + @plugins.dispatch(:content_types).map {|type| type.name}
+    if article_types.include?(@type)
       @no_design_blocks = true
     end
   end
 class EnterpriseValidationController < MyProfileController
   protect 'validate_enterprise', :profile
-  
+
   def index
     @pending_validations = profile.pending_validations
   end
@@ -27,7 +27,7 @@ class EnterpriseValidationController &lt; MyProfileController
   post_only :reject
   def reject
     @pending = profile.find_pending_validation(params[:id])
-    if @pending 
+    if @pending
       @pending.reject_explanation = params[:reject_explanation]
       begin
         @pending.reject
 class FavoriteEnterprisesController < MyProfileController
-  
-#  protect 'manage_favorite_enteprises', :profile
+
+#  protect 'manage_favorite_enterprises', :profile
   requires_profile_class Person
-  
+
   def index
     @favorite_enterprises = profile.favorite_enterprises
   end
@@ -12,7 +12,7 @@ class FavoriteEnterprisesController &lt; MyProfileController
     @favorite_enterprise = Enterprise.find(params[:id])
     if request.post? && params[:confirmation]
       profile.favorite_enterprises << @favorite_enterprise
-      redirect_to :action => 'index' 
+      redirect_to :action => 'index'
     end
   end
 class FriendsController < MyProfileController
-  
+
   protect 'manage_friends', :profile
-  
+
   def index
-    @suggestions = profile.profile_suggestions.of_person.enabled.includes(:suggestion).limit(per_page)
+    @suggestions = profile.suggested_profiles.of_person.enabled.includes(:suggestion).limit(per_page)
     if is_cache_expired?(profile.manage_friends_cache_key(params))
       @friends = profile.friends.paginate(:per_page => per_page, :page => params[:npage])
     end
@@ -18,7 +18,7 @@ class FriendsController &lt; MyProfileController
   end
   def suggest
-    @suggestions = profile.profile_suggestions.of_person.enabled.includes(:suggestion).limit(per_page)
+    @suggestions = profile.suggested_profiles.of_person.enabled.includes(:suggestion).limit(per_page)
   end
   def remove_suggestion
@@ -26,13 +26,13 @@ class FriendsController &lt; MyProfileController
     redirect_to :action => 'suggest' unless @person
     if @person && request.post?
       profile.remove_suggestion(@person)
-      @suggestions = profile.profile_suggestions.of_person.enabled.includes(:suggestion).limit(per_page)
+      @suggestions = profile.suggested_profiles.of_person.enabled.includes(:suggestion).limit(per_page)
       render :partial => 'shared/profile_suggestions_list', :locals => { :suggestions => @suggestions, :collection => :friends_suggestions, :per_page => params[:per_page] || per_page }
     end
   end
   def connections
-    @suggestion = profile.profile_suggestions.of_person.enabled.find_by_suggestion_id(params[:id])
+    @suggestion = profile.suggested_profiles.of_person.enabled.find_by_suggestion_id(params[:id])
     if @suggestion
       @tags = @suggestion.tag_connections
       @profiles = @suggestion.profile_connections
@@ -35,7 +35,7 @@ class ManageProductsController &lt; ApplicationController
   end
   def categories_for_selection
-    @category = Category.find(params[:category_id]) if params[:category_id]
+    @category = environment.categories.find_by_id params[:category_id]
     @object_name = params[:object_name]
     if @category
       @categories = @category.children
@@ -95,6 +95,20 @@ class ManageProductsController &lt; ApplicationController
     end
   end
+  def show_category_tree
+    @category = environment.categories.find params[:category_id]
+    render :partial => 'selected_category_tree'
+  end
+
+  def search_categories
+    @term = params[:term].downcase
+    conditions = ['LOWER(name) LIKE ? OR LOWER(name) LIKE ?', "#{@term}%", "% #{@term}%"]
+    @categories = ProductCategory.all :conditions => conditions, :limit => 10
+    render :json => (@categories.map do |category|
+      {:label => category.name, :value => category.id}
+    end)
+  end
+
   def add_input
     @product = @profile.products.find(params[:id])
     @input = @product.inputs.build
@@ -192,7 +206,8 @@ class ManageProductsController &lt; ApplicationController
   end
   def certifiers_for_selection
-    @qualifier = Qualifier.exists?(params[:id]) ? Qualifier.find(params[:id]) : nil
+    # updated to use hash as argument to exists? to avoid sql injection vunerabillity (http://brakemanscanner.org/docs/warning_types/sql_injection/)
+    @qualifier = Qualifier.exists?(:id => params[:id]) ? Qualifier.find(params[:id]) : nil
     render :update do |page|
       page.replace_html params[:certifier_area], :partial => 'certifiers_for_selection'
     end
@@ -16,6 +16,7 @@ class MapsController &lt; MyProfileController
         Profile.transaction do
           if profile.update_attributes!(params[:profile_data])
+            BlockSweeper.expire_blocks profile.blocks.select{ |b| b.class == LocationBlock }
             session[:notice] = _('Address was updated successfully!')
             redirect_to :action => 'edit_location'
           end
@@ -40,7 +40,7 @@ class MembershipsController &lt; MyProfileController
   end
   def suggest
-    @suggestions = profile.profile_suggestions.of_community.enabled.includes(:suggestion).limit(per_page)
+    @suggestions = profile.suggested_profiles.of_community.enabled.includes(:suggestion).limit(per_page)
   end
   def remove_suggestion
@@ -49,13 +49,13 @@ class MembershipsController &lt; MyProfileController
     redirect_to :action => 'suggest' unless @community
     if @community && request.post?
       profile.remove_suggestion(@community)
-      @suggestions = profile.profile_suggestions.of_community.enabled.includes(:suggestion).limit(custom_per_page)
+      @suggestions = profile.suggested_profiles.of_community.enabled.includes(:suggestion).limit(custom_per_page)
       render :partial => 'shared/profile_suggestions_list', :locals => { :suggestions => @suggestions, :collection => :communities_suggestions, :per_page => custom_per_page}
     end
   end
   def connections
-    @suggestion = profile.profile_suggestions.of_community.enabled.find_by_suggestion_id(params[:id])
+    @suggestion = profile.suggested_profiles.of_community.enabled.find_by_suggestion_id(params[:id])
     if @suggestion
       @tags = @suggestion.tag_connections
       @profiles = @suggestion.profile_connections
@@ -4,11 +4,20 @@ class ProfileDesignController &lt; BoxOrganizerController
   protect 'edit_profile_design', :profile
-  before_filter :protect_fixed_block, :only => [:save, :move_block]
+  before_filter :protect_uneditable_block, :only => [:save]
+  before_filter :protect_fixed_block, :only => [:move_block]
+
+  def protect_uneditable_block
+    block = boxes_holder.blocks.find(params[:id].gsub(/^block-/, ''))
+    if !current_person.is_admin? && !block.editable?
+      render_access_denied
+    end
+  end
   def protect_fixed_block
+    return if params[:id].blank?
     block = boxes_holder.blocks.find(params[:id].gsub(/^block-/, ''))
-    if block.fixed && !current_person.is_admin?
+    if block.present? && !current_person.is_admin? && !block.movable?
       render_access_denied
     end
   end
@@ -5,6 +5,7 @@ class ProfileEditorController &lt; MyProfileController
   before_filter :access_welcome_page, :only => [:welcome_page]
   before_filter :back_to
+  before_filter :forbid_destroy_profile, :only => [:destroy_profile]
   helper_method :has_welcome_page
   def index
@@ -18,7 +19,10 @@ class ProfileEditorController &lt; MyProfileController
     @profile_data = profile
     @possible_domains = profile.possible_domains
     if request.post?
-      params[:profile_data][:fields_privacy] ||= {} if profile.person? && params[:profile_data].is_a?(Hash)
+      if profile.person? && params[:profile_data].is_a?(Hash)
+        params[:profile_data][:fields_privacy] ||= {}
+        params[:profile_data][:custom_fields] ||= {}
+      end
       Profile.transaction do
         Image.transaction do
           begin
@@ -109,7 +113,7 @@ class ProfileEditorController &lt; MyProfileController
       profile = environment.profiles.find(params[:id])
       if profile.disable
         profile.save
-        session[:notice] = _("The profile '#{profile.name}' was deactivated.")
+        session[:notice] = _("The profile '%s' was deactivated.") % profile.name
       else
         session[:notice] = _('Could not deactivate profile.')
       end
@@ -123,7 +127,7 @@ class ProfileEditorController &lt; MyProfileController
       profile = environment.profiles.find(params[:id])
       if profile.enable
-        session[:notice] = _("The profile '#{profile.name}' was activated.")
+        session[:notice] = _("The profile '%s' was activated.") % profile.name
       else
         session[:notice] = _('Could not activate the profile.')
       end
@@ -155,4 +159,10 @@ class ProfileEditorController &lt; MyProfileController
     end
   end
+  def forbid_destroy_profile
+    if environment.enabled?('forbid_destroy_profile') && !current_person.is_admin?(environment)
+      session[:notice] = _('You can not destroy the profile.')
+      redirect_to_previous_location
+    end
+  end
 end
@@ -0,0 +1,16 @@
+class ProfileEmailTemplatesController < EmailTemplatesController
+
+  needs_profile
+  protect 'manage_email_templates', :profile
+
+  protected
+
+  def owner
+    profile
+  end
+
+  before_filter :only => :index do
+    @back_to = url_for(:controller => :profile_editor)
+  end
+
+end
@@ -58,6 +58,7 @@ class ProfileMembersController &lt; MyProfileController
   def change_role
     @roles = Profile::Roles.organization_member_roles(environment.id)
+    @custom_roles = profile.custom_roles
     begin
       @member = profile.members.find(params[:id])
     rescue ActiveRecord::RecordNotFound
@@ -0,0 +1,116 @@
+class ProfileRolesController < MyProfileController
+
+  protect 'manage_custom_roles', :profile
+
+  def index
+    @roles = profile.custom_roles
+  end
+
+  def new
+    @role = Role.new
+  end
+
+  def create
+    @role = Role.new({:name => params[:role][:name], :permissions => params[:role][:permissions], :environment => environment }, :without_protection => true)
+    if @role.save
+      profile.custom_roles << @role
+      redirect_to :action => 'show', :id => @role
+    else
+      session[:notice] = _('Failed to create role')
+      render :action => 'new'
+    end
+  end
+
+  def show
+    @role = environment.roles.find(params[:id])
+  end
+
+  def edit
+    @role = environment.roles.find(params[:id])
+  end
+
+  def assign_role_by_members
+    return redirect_to "/" if params[:q].nil? or !request.xhr?
+    arg = params[:q].downcase
+    result = find_by_contents(:people, environment, profile.members, params[:q])[:results]
+    render :text => prepare_to_token_input(result).to_json
+  end
+
+  def destroy
+    @role = environment.roles.find(params[:id])
+    @members = profile.members_by_role(@role)
+    @roles_list = all_roles(environment, profile)
+    @roles_list.delete(@role)
+  end
+
+  def remove
+    @role = environment.roles.find(params[:id])
+    @members = profile.members_by_role(@role)
+    member_roles = params[:roles] ? environment.roles.find(params[:roles].select{|r|!r.to_i.zero?}) : []
+    append_roles(@members, member_roles, profile)
+    if @role.destroy
+      session[:notice] = _('Role successfuly removed!')
+    else
+      session[:notice] = _('Failed to remove role!')
+    end
+    redirect_to :action => 'index'
+  end
+
+  def update
+    @role = environment.roles.find(params[:id])
+    if @role.update_attributes(params[:role])
+      redirect_to :action => 'show', :id => @role
+    else
+      session[:notice] = _('Failed to edit role')
+      render :action => 'edit'
+    end
+  end
+
+  def assign
+    @role = environment.roles.find(params[:id])
+    @roles_list = all_roles(environment, profile)
+    @roles_list.delete(@role)
+  end
+
+  def define
+    @role = environment.roles.find(params[:id])
+    selected_role = params[:selected_role] ? environment.roles.find(params[:selected_role].to_i) : nil
+    if params[:assign_role_by].eql? "members"
+      members_list = params[:person_id].split(',').collect {|id| environment.profiles.find(id.to_i)}
+      members_list.collect{|person| person.add_role(@role, profile)}
+    elsif params[:assign_role_by].eql? "roles"
+      members = profile.members_by_role(selected_role)
+      replace_role(members, selected_role, @role, profile)
+    else
+      session[:notice] = _("Error")
+    end
+    redirect_to :action => 'index'
+  end
+
+  protected
+
+  def append_roles(members, roles, profile)
+    members.each do |person|
+      all_roles = person.find_roles(profile).map(&:role) + roles
+      person.define_roles(all_roles, profile)
+    end
+  end
+
+  def all_roles(environment, profile)
+    Profile::Roles.organization_member_roles(environment.id) + profile.custom_roles
+  end
+
+  def replace_roles(members, roles, profile)
+    members.each do |person|
+      person.define_roles(roles, profile)
+    end
+  end
+
+  def replace_role(members, role, new_role, profile)
+    members.each do |person|
+      person.remove_role(role, profile)
+      person.add_role(new_role, profile)
+    end
+  end
+
+end
 class TasksController < MyProfileController
-  protect 'perform_task', :profile
-  
+  protect [:perform_task, :view_tasks], :profile, :only => [:index, :save_tags, :search_tags]
+  protect :perform_task, :profile, :only => [:processed, :change_responsible, :close, :new, :list_requested, :ticket_details, :search_tags]
+
   def index
-    @filter = params[:filter_type].blank? ? nil : params[:filter_type]
+    @rejection_email_templates = profile.email_templates.find_all_by_template_type(:task_rejection)
+    @acceptance_email_templates = profile.email_templates.find_all_by_template_type(:task_acceptance)
+
+    @filter_type = params[:filter_type].presence
+    @filter_text = params[:filter_text].presence
+    @filter_responsible = params[:filter_responsible]
+    @filter_tags = params[:filter_tags]
+
     @task_types = Task.pending_types_for(profile)
-    @tasks = Task.to(profile).without_spam.pending.of(@filter).order_by('created_at', 'asc').paginate(:per_page => Task.per_page, :page => params[:page])
+    @task_tags = [OpenStruct.new(:name => _('All'), :id => nil) ] + Task.all_tags
+
+    @tasks = Task.pending_all(profile, @filter_type, @filter_text).order_by('created_at', 'asc')
+    @tasks = @tasks.where(:responsible_id => @filter_responsible.to_i != -1 ? @filter_responsible : nil) if @filter_responsible.present?
+    @tasks = @tasks.tagged_with(@filter_tags, any: true) if @filter_tags.present?
+    @tasks = @tasks.paginate(:per_page => Task.per_page, :page => params[:page])
+
     @failed = params ? params[:failed] : {}
+
+    @responsible_candidates = profile.members.by_role(profile.roles.reject {|r| !r.has_permission?('perform_task') && !r.has_permission?('view_tasks')}) if profile.organization?
+
+    @view_only = !current_person.has_permission?(:perform_task, profile)
   end
   def processed
-    @tasks = Task.to(profile).without_spam.closed.sort_by(&:created_at)
+    @tasks = Task.to(profile).without_spam.closed.order('tasks.created_at DESC')
+    @filter = params[:filter] || {}
+    @tasks = filter_tasks(@filter, @tasks)
+    @tasks = @tasks.paginate(:per_page => Task.per_page, :page => params[:page])
+    @task_types = Task.closed_types_for(profile)
+  end
+
+  def change_responsible
+    task = profile.tasks.find(params[:task_id])
+
+    if task.responsible.present? && task.responsible.id != params[:old_responsible_id].to_i
+      return render :json => {:notice => _('Task already assigned!'), :success => false, :current_responsible => task.responsible.id}
+    end
+
+    responsible = profile.members.find(params[:responsible_id]) if params[:responsible_id].present?
+    task.responsible = responsible
+    task.save!
+    render :json => {:notice => _('Task responsible successfully updated!'), :success => true, :new_responsible => {:id => responsible.present? ? responsible.id : nil}}
   end
   VALID_DECISIONS = [ 'finish', 'cancel', 'skip' ]
   def close
     failed = {}
+    save = false
     if params[:tasks]
       params[:tasks].each do |id, value|
         decision = value[:decision]
-        if request.post? && VALID_DECISIONS.include?(decision) && id && decision != 'skip'
+
+        if value[:task].is_a?(Hash) && value[:task][:tag_list]
+
           task = profile.find_in_all_tasks(id)
-          begin
-            task.update_attributes(value[:task])
-            task.send(decision)
-          rescue Exception => ex
-            message = "#{task.title} (#{task.requestor ? task.requestor.name : task.author_name})"
-            failed[ex.message] ? failed[ex.message] << message : failed[ex.message] = [message]
+          task.tag_list = value[:task][:tag_list]
+          value[:task].delete('tag_list')
+
+          save = true
+        end
+
+        if request.post?
+          if VALID_DECISIONS.include?(decision) && id && decision != 'skip'
+            task ||= profile.find_in_all_tasks(id)
+            begin
+              task.update_attributes(value[:task])
+              task.send(decision, current_person)
+            rescue Exception => ex
+              message = "#{task.title} (#{task.requestor ? task.requestor.name : task.author_name})"
+              failed[ex.message] ? failed[ex.message] << message : failed[ex.message] = [message]
+            end
+          elsif save
+            task.save!
           end
         end
       end
     end
     url = { :action => 'index' }
+
     if failed.blank?
       session[:notice] = _("All decisions were applied successfully.")
     else
@@ -65,4 +116,79 @@ class TasksController &lt; MyProfileController
     @ticket = Ticket.find(:first, :conditions => ['(requestor_id = ? or target_id = ?) and id = ?', profile.id, profile.id, params[:id]])
   end
+  def search_tasks
+    filter_type = params[:filter_type].presence
+    filter_text = params[:filter_text].presence
+    result = Task.pending_all(profile,filter_type, filter_text)
+
+    render :json => result.map { |task| {:label => task.data[:name], :value => task.data[:name]} }
+  end
+
+  def save_tags
+    if request.post? && params[:tag_list]
+      result = {
+        success: false,
+        message: _('Error to save tags. Please, contact the system admin')
+      }
+
+      ActsAsTaggableOn.remove_unused_tags = true
+
+      task = profile.tasks.find_by_id(params[:task_id])
+      
+      if task && task.update_attributes(:tag_list => params[:tag_list])
+        result[:success] = true
+      end
+    end
+
+    render json: result
+  end
+
+  # FIXME make this test
+  # Should not search for article tasks
+  # Should not search for other profile tags
+  # Should search only task tags
+  # Should check the permissions
+
+  def search_tags
+
+    arg = params[:term].downcase
+
+    result = ActsAsTaggableOn::Tag.find(:all, :conditions => ['LOWER(name) LIKE ?', "%#{arg}%"])
+
+    render :text => prepare_to_token_input_by_label(result).to_json, :content_type => 'application/json'
+  end
+
+  protected
+
+  def filter_by_closed_date(filter, tasks)
+    filter[:closed_from] = Date.parse(filter[:closed_from]) unless filter[:closed_from].blank?
+    filter[:closed_until] = Date.parse(filter[:closed_until]) unless filter[:closed_until].blank?
+
+    tasks = tasks.where('tasks.end_date >= ?', filter[:closed_from].beginning_of_day) unless filter[:closed_from].blank?
+    tasks = tasks.where('tasks.end_date <= ?', filter[:closed_until].end_of_day) unless filter[:closed_until].blank?
+    tasks
+  end
+
+  def filter_by_creation_date(filter, tasks)
+    filter[:created_from] = Date.parse(filter[:created_from]) unless filter[:created_from].blank?
+    filter[:created_until] = Date.parse(filter[:created_until]) unless filter[:created_until].blank?
+
+    tasks = tasks.where('tasks.created_at >= ?', filter[:created_from].beginning_of_day) unless filter[:created_from].blank?
+    tasks = tasks.where('tasks.created_at <= ?', filter[:created_until].end_of_day) unless filter[:created_until].blank?
+    tasks
+  end
+
+  def filter_tasks(filter, tasks)
+    tasks = tasks.includes(:requestor, :closed_by)
+    tasks = tasks.of(filter[:type].presence)
+    tasks = tasks.where(:status => filter[:status]) unless filter[:status].blank?
+    tasks = filter_by_creation_date(filter, tasks)
+    tasks = filter_by_closed_date(filter, tasks)
+
+    tasks = tasks.like('profiles.name', filter[:requestor]) unless filter[:requestor].blank?
+    tasks = tasks.like('closed_bies_tasks.name', filter[:closed_by]) unless filter[:closed_by].blank?
+    tasks = tasks.like('tasks.data', filter[:text]) unless filter[:text].blank?
+    tasks
+  end
+
 end
@@ -16,7 +16,7 @@ class AccountController &lt; ApplicationController
   def activate
     @user = User.find_by_activation_code(params[:activation_code]) if params[:activation_code]
     if @user
-      unless @user.environment.enabled?('admin_must_approve_new_users') 
+      unless @user.environment.enabled?('admin_must_approve_new_users')
         if @user.activate
           @message = _("Your account has been activated, now you can log in!")
           check_redirection
@@ -30,7 +30,7 @@ class AccountController &lt; ApplicationController
           @user.activation_code = nil
           @user.save!
           redirect_to :controller => :home
-        end      
+        end
       end
     else
       session[:notice] = _("It looks like you're trying to activate an account. Perhaps have already activated this account?")
@@ -50,10 +50,12 @@ class AccountController &lt; ApplicationController
     if logged_in?
       check_join_in_community(self.current_user)
+
       if params[:remember_me] == "1"
         self.current_user.remember_me
-        cookies[:auth_token] = { :value => self.current_user.remember_token , :expires => self.current_user.remember_token_expires_at }
+        cookies[:auth_token] = {value: self.current_user.remember_token, expires: self.current_user.remember_token_expires_at}
       end
+
       if redirect?
         go_to_initial_page
         session[:notice] = _("Logged in successfully")
@@ -77,6 +79,13 @@ class AccountController &lt; ApplicationController
     render :text => { :ok=>true, :key=>key }.to_json
   end
+  def custom_fields_for_template
+    custom_fields ||= environment.people.templates.find(params[:template_id]).custom_fields.map { |k,v|
+      { :name => k, :title => v[:title] } if v['signup']
+    }.compact
+    render :text => {:ok => true, :custom_fields => custom_fields}.to_json
+  end
+
   # action to register an user to the application
   def signup
     if @plugins.dispatch(:allow_user_registration).include?(false)
@@ -92,6 +101,7 @@ class AccountController &lt; ApplicationController
     @invitation_code = params[:invitation_code]
     begin
       @user = User.new(params[:user])
+      @user.session = session
       @user.terms_of_use = environment.terms_of_use
       @user.environment = environment
       @terms_of_use = environment.terms_of_use
@@ -358,11 +368,11 @@ class AccountController &lt; ApplicationController
   end
   def get_signup_start_time
-    Rails.cache.read params[:signup_time_key]
+    Rails.cache.read params[:signup_time_key] if params[:signup_time_key].present?
   end
   def clear_signup_start_time
-    Rails.cache.delete params[:signup_time_key] if params[:signup_time_key]
+    Rails.cache.delete params[:signup_time_key] if params[:signup_time_key].present?
   end
   def may_be_a_bot
@@ -435,7 +445,7 @@ class AccountController &lt; ApplicationController
   end
   def go_to_signup_initial_page
-    check_redirection_options(user, user.environment.redirection_after_signup, user.url)
+    check_redirection_options user, user.environment.redirection_after_signup, user.url, signup: true
   end
   def redirect_if_logged_in
@@ -455,8 +465,11 @@ class AccountController &lt; ApplicationController
   protected
-  def check_redirection_options(user, condition, default)
-    case condition
+  def check_redirection_options user, condition, default, options={}
+    if options[:signup] and target = session.delete(:after_signup_redirect_to)
+      redirect_to target
+    else
+      case condition
       when 'keep_on_same_page'
         redirect_back_or_default(user.admin_url)
       when 'site_homepage'
@@ -469,8 +482,11 @@ class AccountController &lt; ApplicationController
         redirect_to user.admin_url
       when 'welcome_page'
         redirect_to :controller => :home, :action => :welcome, :template_id => (user.template && user.template.id)
-    else
-      redirect_back_or_default(default)
+      when 'custom_url'
+        if (url = user.custom_url_redirection).present? then redirect_to url else redirect_back_or_default default end
+      else
+        redirect_back_or_default(default)
+      end
     end
   end
@@ -0,0 +1,19 @@
+class ApiController < PublicController
+
+  no_design_blocks
+
+  helper_method :endpoints
+
+  def index
+  end
+
+  def playground
+  end
+
+  private
+
+  def endpoints
+    Noosfero::API::API.endpoints(environment)
+  end
+
+end
@@ -2,6 +2,7 @@ class ChatController &lt; PublicController
   before_filter :login_required
   before_filter :check_environment_feature
+  before_filter :can_send_message, :only => :register_message
   def start_session
     login = user.jid
@@ -54,6 +55,16 @@ class ChatController &lt; PublicController
     end
   end
+  def avatars
+    profiles = environment.profiles.where(:identifier => params[:profiles])
+    avatar_map = profiles.inject({}) do |result, profile|
+      result[profile.identifier] = profile_icon(profile, :minor)
+      result
+    end
+
+    render_json avatar_map
+  end
+
   def update_presence_status
     if request.xhr?
       current_user.update_attributes({:chat_status_at => DateTime.now}.merge(params[:status] || {}))
@@ -62,11 +73,17 @@ class ChatController &lt; PublicController
   end
   def save_message
-    to = environment.profiles.find_by_identifier(params[:to])
-    body = params[:body]
-
-    ChatMessage.create!(:to => to, :from => user, :body => body)
-    render :text => 'ok'
+    if request.post?
+      to = environment.profiles.where(:identifier => params[:to]).first
+      body = params[:body]
+
+      begin
+        ChatMessage.create!(:to => to, :from => user, :body => body)
+        return render_json({:status => 0})
+      rescue Exception => exception
+        return render_json({:status => 3, :message => exception.to_s, :backtrace => exception.backtrace})
+      end
+    end
   end
   def recent_messages
@@ -90,8 +107,9 @@ class ChatController &lt; PublicController
   end
   def recent_conversations
-    conversations_order = ActiveRecord::Base.connection.execute("select profiles.identifier from profiles inner join (select distinct r.id as id, MAX(r.created_at) as created_at from (select from_id, to_id, created_at, (case when from_id=#{user.id} then to_id else from_id end) as id from chat_messages where from_id=#{user.id} or to_id=#{user.id}) as r group by id order by created_at desc, id) as t on profiles.id=t.id order by t.created_at desc").entries.map {|e| e['identifier']}
-    render :json => {:order => conversations_order.reverse, :domain => environment.default_hostname.gsub('.','-')}.to_json
+    profiles = Profile.find_by_sql("select profiles.* from profiles inner join (select distinct r.id as id, MAX(r.created_at) as created_at from (select from_id, to_id, created_at, (case when from_id=#{user.id} then to_id else from_id end) as id from chat_messages where from_id=#{user.id} or to_id=#{user.id}) as r group by id order by created_at desc, id) as t on profiles.id=t.id order by t.created_at desc")
+    jids = profiles.map(&:jid).reverse
+    render :json => jids.to_json
   end
   #TODO Ideally this is done through roster table on ejabberd.
@@ -108,4 +126,14 @@ class ChatController &lt; PublicController
     end
   end
+  def can_send_message
+    return render_json({:status => 1, :message => 'Missing parameters!'}) if params[:from].nil? || params[:to].nil? || params[:message].nil?
+    return render_json({:status => 2, :message => 'You can not send message as another user!'}) if params[:from] != user.jid
+    # TODO Maybe register the jid in a table someday to avoid this below
+    return render_json({:status => 3, :messsage => 'You can not send messages to strangers!'}) if user.friends.where(:identifier => params[:to].split('@').first).blank?
+  end
+
+  def render_json(result)
+    render :text => result.to_json
+  end
 end
@@ -6,8 +6,9 @@ class ContactController &lt; PublicController
   def new
     @contact = build_contact
     if request.post? && params[:confirm] == 'true'
-      @contact.city = (!params[:city].blank? && City.exists?(params[:city])) ? City.find(params[:city]).name : nil
-      @contact.state = (!params[:state].blank? && State.exists?(params[:state])) ? State.find(params[:state]).name : nil
+      # updated to use hash as argument to exists? to avoid sql injection vunerabillity (http://brakemanscanner.org/docs/warning_types/sql_injection/)
+      @contact.city = (!params[:city].blank? && City.exists?(:id => params[:city])) ? City.find(params[:city]).name : nil
+      @contact.state = (!params[:state].blank? && State.exists?(:id => params[:state])) ? State.find(params[:state]).name : nil
       if @contact.deliver
         session[:notice] = _('Contact successfully sent')
         redirect_to :action => 'new'
@@ -15,9 +15,10 @@ class ContentViewerController &lt; ApplicationController
     path = get_path(params[:page], params[:format])
     @version = params[:version].to_i
+    @npage = params[:npage] || '1'
     if path.blank?
-      @page = profile.home_page 
+      @page = profile.home_page
       return if redirected_to_profile_index
     else
       @page = profile.articles.find_by_path(path)
@@ -74,7 +75,7 @@ class ContentViewerController &lt; ApplicationController
       render :action => 'slideshow', :layout => 'slideshow'
       return
     end
-    render :view_page, :formats => [:html]
+    render @page.view_page, :formats => [:html]
   end
   def versions_diff
@@ -125,21 +126,23 @@ class ContentViewerController &lt; ApplicationController
   helper_method :pass_without_comment_captcha?
   def allow_access_to_page(path)
-    allowed = true
     if @page.nil? # page not found, give error
       render_not_found(path)
-      allowed = false
-    elsif !@page.display_to?(user)
-      if !profile.public?
+      return false
+    end
+
+    unless @page.display_to?(user)
+      if !profile.visible? || profile.secret? || (user && user.follows?(profile)) || user.blank?
+        render_access_denied
+      else #!profile.public?
         private_profile_partial_parameters
         render :template => 'profile/_private_profile', :status => 403, :formats => [:html]
-        allowed = false
-      else #if !profile.visible?
-        render_access_denied
-        allowed = false
       end
+
+      return false
     end
-    allowed
+
+    return true
   end
   def user_is_a_bot?
@@ -184,7 +187,7 @@ class ContentViewerController &lt; ApplicationController
     if @page.forum? && @page.has_terms_of_use && terms_accepted == "true"
       @page.add_agreed_user(user)
     end
-  end 
+  end
   def is_a_forum_topic? (page)
     return (!@page.parent.nil? && @page.parent.forum?)
@@ -12,6 +12,7 @@ class HomeController &lt; PublicController
         @area_news = environment.portal_folders
       end
     end
+    render :file => 'home/index', :formats => [:html]
   end
   def terms
@@ -62,20 +62,36 @@ class InviteController &lt; PublicController
     redirect_to :action => 'invite_friends'
   end
+  #Invite or add member without create a task
+  #if logged user is admin of environment
   def invite_registered_friend
+
+    if !params['q'].present? || !request.post?
+
+      redirect_to :action => 'invite_friends'
+      session[:notice] = _('Please enter a valid profile.')
+
+      return
+    end
+
     contacts_to_invite = params['q'].split(',')
-    if !contacts_to_invite.empty? && request.post?
+
+    if user.is_admin? && profile.community?
+
+      Delayed::Job.enqueue AddMembersJob.new contacts_to_invite, profile.id, locale
+
+      session[:notice] = _('This friends was added!')
+    else
       Delayed::Job.enqueue InvitationJob.new(user.id, contacts_to_invite, '', profile.id, nil, locale)
       session[:notice] = _('Your invitations are being sent.')
-      if profile.person?
-        redirect_to :controller => 'profile', :action => 'friends'
-      else
-        redirect_to :controller => 'profile', :action => 'members'
-      end
+    end
+
+    if profile.person?
+      redirect_to :controller => 'profile', :action => 'friends'
     else
-      redirect_to :action => 'invite_friends'
-      session[:notice] = _('Please enter a valid profile.')
+      redirect_to :controller => 'profile', :action => 'members'
     end
+
   end
   def search
@@ -6,6 +6,7 @@ class ProfileController &lt; PublicController
   before_filter :login_required, :only => [:add, :join, :leave, :unblock, :leave_scrap, :remove_scrap, :remove_activity, :view_more_activities, :view_more_network_activities, :report_abuse, :register_report, :leave_comment_on_activity, :send_mail]
   helper TagsHelper
+  helper ActionTrackerHelper
   protect 'send_mail_to_members', :profile, :only => [:send_mail]
@@ -201,7 +202,10 @@ class ProfileController &lt; PublicController
   def more_comments
     profile_filter = @profile.person? ? {:user_id => @profile} : {:target_id => @profile}
-    activity = ActionTracker::Record.find(:first, :conditions => {:id => params[:activity]}.merge(profile_filter))
+    activity = ActionTracker::Record.where(:id => params[:activity])
+    activity = activity.where(profile_filter) if !logged_in? || !current_person.follows?(@profile)
+    activity = activity.first
+
     comments_count = activity.comments.count
     comment_page = (params[:comment_page] || 1).to_i
     comments_per_page = 5
@@ -353,6 +357,7 @@ class ProfileController &lt; PublicController
   def send_mail
     @mailing = profile.mailings.build(params[:mailing])
+    @email_templates = profile.email_templates.find_all_by_template_type(:organization_members)
     if request.post?
       @mailing.locale = locale
       @mailing.person = user
@@ -95,10 +95,10 @@ class SearchController &lt; PublicController
   def events
     if params[:year].blank? && params[:year].blank? && params[:day].blank?
-      @date = Date.today
+      @date = DateTime.now
     else
-      year = (params[:year] ? params[:year].to_i : Date.today.year)
-      month = (params[:month] ? params[:month].to_i : Date.today.month)
+      year = (params[:year] ? params[:year].to_i : DateTime.now.year)
+      month = (params[:month] ? params[:month].to_i : DateTime.now.month)
       day = (params[:day] ? params[:day].to_i : 1)
       @date = build_date(year, month, day)
     end
@@ -109,9 +109,7 @@ class SearchController &lt; PublicController
       @events = @category ?
         environment.events.by_day(@date).in_category(Category.find(@category_id)).paginate(:per_page => per_page, :page => params[:page]) :
         environment.events.by_day(@date).paginate(:per_page => per_page, :page => params[:page])
-    end
-
-    if params[:year] || params[:month]
+    elsif params[:year] || params[:month]
       @events = @category ?
         environment.events.by_month(@date).in_category(Category.find(@category_id)).paginate(:per_page => per_page, :page => params[:page]) :
         environment.events.by_month(@date).paginate(:per_page => per_page, :page => params[:page])
@@ -3,7 +3,7 @@ class PublicController &lt; ApplicationController
   def allow_access_to_page
     unless profile.display_info_to?(user)
-      if profile.visible?
+      if profile.visible? && !profile.secret
         private_profile
       else
         invisible_profile
@@ -0,0 +1,94 @@
+module ActionTrackerHelper
+
+  def create_article_description ta
+    _('published an article: %{title}') % { title: link_to(truncate(ta.get_name), ta.get_url) }
+  end
+
+  def new_friendship_description ta
+    n_('has made 1 new friend:<br />%{name}', 'has made %{num} new friends:<br />%{name}', ta.get_friend_name.size) % {
+      num: ta.get_friend_name.size,
+      name: ta.collect_group_with_index(:friend_name) do |n,i|
+        link_to image_tag(ta.get_friend_profile_custom_icon[i] || default_or_themed_icon("/images/icons-app/person-icon.png")),
+                ta.get_friend_url[i], title: n
+      end.join
+    }
+  end
+
+  def join_community_description ta
+    n_('has joined 1 community:<br />%{name}', 'has joined %{num} communities:<br />%{name}', ta.get_resource_name.size) % {
+      num: ta.get_resource_name.size,
+      name: ta.collect_group_with_index(:resource_name) do |n,i|
+        link_to image_tag(ta.get_resource_profile_custom_icon[i] || default_or_themed_icon("/images/icons-app/community-icon.png")),
+                ta.get_resource_url[i], title: n
+      end.join
+    }
+  end
+
+  def add_member_in_community_description ta
+    _('has joined the community.')
+  end
+
+  def upload_image_description ta
+    total = ta.get_view_url.size
+    (n_('uploaded 1 image', 'uploaded %d images', total) % total) +
+      tag(:br) +
+      ta.collect_group_with_index(:thumbnail_path) do |t,i|
+        if total == 1
+          link_to image_tag(t), ta.get_view_url[i], class: 'upimg'
+        else
+          pos = total-i;
+          morethen2 = pos>2 ? 'morethen2' : ''
+          morethen5 = pos>5 ? 'morethen5' : ''
+          t = t.gsub(/(.*)(display)(.*)/, '\\1thumb\\3')
+
+          link_to '&nbsp;'.html_safe, ta.get_view_url[i],
+            style: "background-image:url(#{t})",
+            class: "upimg pos#{pos} #{morethen2} #{morethen5}"
+        end
+      end.reverse.join +
+      if total <= 5 then ''.html_safe else content_tag :span, '&hellip;'.html_safe,
+        class: 'more', onclick: "this.parentNode.className+=' show-all'" end +
+      tag(:br, style: 'clear: both')
+  end
+
+  def reply_scrap_description ta
+    _('sent a message to %{receiver}: <br /> "%{message}"') % {
+      receiver: link_to(ta.get_receiver_name, ta.get_receiver_url),
+      message: auto_link_urls(ta.get_content)
+    }
+  end
+
+  alias :leave_scrap_description :reply_scrap_description
+  alias :reply_scrap_on_self_description :reply_scrap_description
+
+  def leave_scrap_to_self_description ta
+    _('wrote: <br /> "%{text}"') % {
+      text: auto_link_urls(ta.get_content)
+    }
+  end
+
+  def create_product_description
+    _('created the product %{title}') % {
+      title: link_to(truncate(ta.get_name), ta.get_url),
+    }
+  end
+
+  def update_product_description
+    _('updated the product %{title}') % {
+      title: link_to(truncate(ta.get_name), ta.get_url),
+    }
+  end
+
+  def remove_product_description
+    _('removed the product %{title}') % {
+      title: truncate(ta.get_name),
+    }
+  end
+
+  def favorite_enterprise_description ta
+    _('favorited enterprise %{title}') % {
+      title: link_to(truncate(ta.get_enterprise_name), ta.get_enterprise_url),
+    }
+  end
+
+end
@@ -44,6 +44,8 @@ module ApplicationHelper
   include PluginsHelper
+  include TaskHelper
+
   def locale
     (@page && !@page.language.blank?) ? @page.language : FastGettext.locale
   end
@@ -707,6 +709,24 @@ module ApplicationHelper
     javascript_include_tag script if script
   end
+  def template_path
+    if profile.nil?
+      "/designs/templates/#{environment.layout_template}"
+    else
+      "/designs/templates/#{profile.layout_template}"
+    end
+  end
+
+  def template_javascript_src
+    script = File.join template_path, '/javascripts/template.js'
+    script if File.exists? File.join(Rails.root, 'public', script)
+  end
+
+  def templete_javascript_ng
+    script = template_javascript_src
+    javascript_include_tag script if script
+  end
+
   def file_field_or_thumbnail(label, image, i)
     display_form_field label, (
       render :partial => (image && image.valid? ? 'shared/show_thumbnail' : 'shared/change_image'),
@@ -853,7 +873,7 @@ module ApplicationHelper
       field_html += capture(&block)
     end
-    if controller.action_name == 'signup' || controller.action_name == 'new_community' || (controller.controller_name == "enterprise_registration" && controller.action_name == 'index')
+    if controller.action_name == 'signup' || controller.action_name == 'new_community' || (controller.controller_name == "enterprise_registration" && controller.action_name == 'index') || (controller.controller_name == 'home' && controller.action_name == 'index' && user.nil?)
       if profile.signup_fields.include?(name)
         result = field_html
       end
@@ -913,6 +933,19 @@ module ApplicationHelper
     article_helper.cms_label_for_edit
   end
+  def label_for_clone_article(article)
+    translated_types = {
+      Folder => _('Folder'),
+      Blog => _('Blog'),
+      Event => _('Event'),
+      Forum => _('Forum')
+    }
+
+    translated_type = translated_types[article.class] || _('Article')
+
+    _('Clone %s') % translated_type
+  end
+
   def add_rss_feed_to_head(title, url)
     content_for :feeds do
       tag(:link, :rel => 'alternate', :type => 'application/rss+xml', :title => title, :href => url_for(url))
@@ -1151,10 +1184,10 @@ module ApplicationHelper
     pending_tasks_count = ''
     count = user ? Task.to(user).pending.count : -1
     if count > 0
-      pending_tasks_count = link_to(count.to_s, user.tasks_url, :id => 'pending-tasks-count', :title => _("Manage your pending tasks"))
+      pending_tasks_count = link_to("<i class=\"icon-menu-tasks\"></i><span class=\"task-count\">#{count}</span>", user.tasks_url, :id => 'pending-tasks-count', :title => _("Manage your pending tasks"))
     end
-    (_("<span class='welcome'>Welcome,</span> %s") % link_to("<i style='background-image:url(#{user.profile_custom_icon(gravatar_default)})'></i><strong>#{user.identifier}</strong>", user.public_profile_url, :id => "homepage-link", :title => _('Go to your homepage'))) +
+    (_("<span class='welcome'>Welcome,</span> %s") % link_to("<i style='background-image:url(#{user.profile_custom_icon(gravatar_default)})'></i><strong>#{user.identifier}</strong>", user.url, :id => "homepage-link", :title => _('Go to your homepage'))) +
     render_environment_features(:usermenu) +
     admin_link +
     manage_enterprises +
@@ -1173,7 +1206,8 @@ module ApplicationHelper
   end
   def expandable_text_area(object_name, method, text_area_id, options = {})
-    text_area(object_name, method, { :id => text_area_id, :onkeyup => "grow_text_area('#{text_area_id}')" }.merge(options))
+    options[:class] = (options[:class] || '') +  ' autogrow'
+    text_area(object_name, method, { :id => text_area_id }.merge(options))
   end
   def pluralize_without_count(count, singular, plural = nil)
@@ -1184,35 +1218,6 @@ module ApplicationHelper
     list.sort.inject(Hash.new(0)){|h,i| h[i] += 1; h }.collect{ |x, n| [n, connector, x].join(" ") }.sort
   end
-  #FIXME Use time_ago_in_words instead of this method if you're using Rails 2.2+
-  def time_ago_as_sentence(from_time, include_seconds = false)
-    to_time = Time.now
-    from_time = Time.parse(from_time.to_s)
-    from_time = from_time.to_time if from_time.respond_to?(:to_time)
-    to_time = to_time.to_time if to_time.respond_to?(:to_time)
-    distance_in_minutes = (((to_time - from_time).abs)/60).round
-    distance_in_seconds = ((to_time - from_time).abs).round
-    case distance_in_minutes
-      when 0..1
-        return (distance_in_minutes == 0) ? _('less than a minute') : _('1 minute') unless include_seconds
-        case distance_in_seconds
-          when 0..4   then _('less than 5 seconds')
-          when 5..9   then _('less than 10 seconds')
-          when 10..19 then _('less than 20 seconds')
-          when 20..39 then _('half a minute')
-          when 40..59 then _('less than a minute')
-          else             _('1 minute')
-        end
-
-      when 2..44           then _('%{distance} minutes ago') % { :distance => distance_in_minutes }
-      when 45..89          then _('about 1 hour ago')
-      when 90..1439        then _('about %{distance} hours ago') % { :distance => (distance_in_minutes.to_f / 60.0).round }
-      when 1440..2879      then _('1 day ago')
-      when 2880..10079     then _('%{distance} days ago') % { :distance => (distance_in_minutes / 1440).round }
-      else                      show_time(from_time)
-    end
-  end
-
   def comment_balloon(options = {}, &block)
     wrapper = content_tag(:div, capture(&block), :class => 'comment-balloon-content')
     (1..8).to_a.reverse.each { |i| wrapper = content_tag(:div, wrapper, :class => "comment-wrapper-#{i}") }
@@ -1231,7 +1236,7 @@ module ApplicationHelper
   def task_information(task)
     values = {}
-    values.merge!({:requestor => link_to(task.requestor.name, task.requestor.public_profile_url)}) if task.requestor
+    values.merge!({:requestor => link_to(task.requestor.name, task.requestor.url)}) if task.requestor
     values.merge!({:subject => content_tag('span', task.subject, :class=>'task_target')}) if task.subject
     values.merge!({:linked_subject => link_to(content_tag('span', task.linked_subject[:text], :class => 'task_target'), task.linked_subject[:url])}) if task.linked_subject
     values.merge!(task.information[:variables]) if task.information[:variables]
@@ -1336,18 +1341,29 @@ module ApplicationHelper
   def template_options(kind, field_name)
     templates = environment.send(kind).templates
     return '' if templates.count == 0
-    return hidden_field_tag("#{field_name}[template_id]", templates.first.id) if templates.count == 1
-
-    radios = templates.map do |template|
-      content_tag('li', labelled_radio_button(link_to(template.name, template.url, :target => '_blank'), "#{field_name}[template_id]", template.id, environment.is_default_template?(template)))
-    end.join("\n")
-
-    content_tag('div', content_tag('label', _('Profile organization'), :for => 'template-options', :class => 'formlabel') +
-      content_tag('p', _('Your profile will be created according to the selected template. Click on the options to view them.'), :style => 'margin: 5px 15px;padding: 0px 10px;') +
-      content_tag('ul', radios, :style => 'list-style: none; padding-left: 20px; margin-top: 0.5em;'),
-      :id => 'template-options',
-      :style => 'margin-top: 1em'
-    )
+    if templates.count == 1
+      if templates.first.custom_fields == {}
+        return hidden_field_tag("#{field_name}[template_id]", templates.first.id)
+      else
+        custom_fields = ""
+        templates.first.custom_fields.each { |field, value|
+          custom_fields += content_tag('div', content_tag('label', value[:title].capitalize, :class => 'formlabel') +
+                             content_tag('div', text_field_tag( "profile_data[custom_fields][#{field}][title]", ''), :class => 'formfield type-text'), :class => "formfieldline" ) if value[:signup] == 'on'
+        }
+        content_tag('div', custom_fields)
+      end
+    else
+      radios = templates.map do |template|
+        content_tag('li', labelled_radio_button(link_to(template.name, template.url, :target => '_blank'), "#{field_name}[template_id]", template.id, environment.is_default_template?(template), :onchange => 'show_fields_for_template(this);'))
+      end.join("\n")
+
+      content_tag('div', content_tag('label', _('Profile organization'), :for => 'template-options', :class => 'formlabel') +
+        content_tag('p', _('Your profile will be created according to the selected template. Click on the options to view them.'), :style => 'margin: 5px 15px;padding: 0px 10px;') +
+        content_tag('ul', radios, :style => 'list-style: none; padding-left: 20px; margin-top: 0.5em;'),
+        :id => 'template-options',
+        :style => 'margin-top: 1em'
+      )
+    end
   end
   def expirable_content_reference(content, action, text, url, options = {})
@@ -1480,4 +1496,26 @@ module ApplicationHelper
     text_field(object_name, method, options.merge(:class => 'colorpicker_field'))
   end
+  def fullscreen_buttons(itemId)
+    content="
+      <script>fullscreenPageLoad('#{itemId}')</script>
+    "
+    content+=content_tag('a', content_tag('span',_("Full screen")),
+    { :id=>"fullscreen-btn",
+      :onClick=>"toggle_fullwidth('#{itemId}')",
+      :class=>"button with-text icon-fullscreen",
+      :href=>"#",
+      :title=>_("Go to full screen mode")
+    })
+
+    content+=content_tag('a', content_tag('span',_("Exit full screen")),
+    { :style=>"display: none;",
+      :id=>"exit-fullscreen-btn",
+      :onClick=>"toggle_fullwidth('#{itemId}')",
+      :class=>"button with-text icon-fullscreen",
+      :href=>"#",
+      :title=>_("Exit full screen mode")
+    })
+  end
+
 end
@@ -12,6 +12,7 @@ module ArticleHelper
     @article = article
     visibility_options(@article, tokenized_children) +
+    topic_creation(@article) +
     content_tag('h4', _('Options')) +
     content_tag('div',
       (article.profile.has_members? ?
@@ -55,14 +56,7 @@ module ArticleHelper
         'div',
         check_box(:article, :display_versions) +
         content_tag('label', _('I want this article to display a link to older versions'), :for => 'article_display_versions')
-      ) : '') +
-
-      (article.forum? && article.profile.community? ?
-      content_tag(
-        'div',
-        check_box(:article, :allows_members_to_create_topics) +
-        content_tag('label', _('Allow members to create topics'), :for => 'article_allows_members_to_create_topics')
-        ) : '')
+      ) : '')
     )
   end
@@ -81,6 +75,22 @@ module ArticleHelper
     )
   end
+  def topic_creation(article)
+    return '' unless article.forum?
+
+    general_options = Forum::TopicCreation.general_options(article)
+    slider_options = {:id => 'topic-creation-slider'}
+    slider_options = general_options.keys.inject(slider_options) do |result, option|
+      result.merge!({'data-'+option => general_options[option]})
+    end
+
+    content_tag('h4', _('Topic creation')) +
+    content_tag( 'small', _('Who will be able to create new topics on this forum?')) +
+    content_tag('div', '', slider_options) +
+    hidden_field_tag('article[topic_creation]', article.topic_creation) +
+    javascript_include_tag('topic-creation-config')
+  end
+
   def privacity_exceptions(article, tokenized_children)
     content_tag('div',
       content_tag('div',
@@ -22,7 +22,9 @@ module BlogHelper
       :param_name => 'npage',
       :previous_label => _('&laquo; Newer posts'),
       :next_label => _('Older posts &raquo;'),
-      :params => {:action=>"view_page", :page=>articles.first.parent.path.split('/'), :controller=>"content_viewer"}
+      :params => {:action=>"view_page",
+                  :page=>articles.first.parent.path.split('/'),
+                  :controller=>"content_viewer"}
     }) if articles.present? && conf[:paginate]
     content = []
     artic_len = articles.length
@@ -44,7 +46,7 @@ module BlogHelper
   end
   def display_post(article, format = 'full')
-    no_comments = (format == 'full') ? false : true
+    no_comments = (format == 'full' || format == 'compact' ) ? false : true
     title = article_title(article, :no_comments => no_comments)
     method = "display_#{format.split('+')[0]}_format"
     html = send(method, FilePresenter.for(article)).html_safe
@@ -55,8 +57,12 @@ module BlogHelper
       else
         '<div class="post-pic" style="background-image:url('+img+')"></div>'
       end
-    end.to_s +
-    title + html
+    end.to_s + title + html
+  end
+
+  def display_compact_format(article)
+    render :file => 'content_viewer/_display_compact_format',
+           :locals => { :article => article, :format => "compact" }
   end
   def display_full_format(article)
 module BoxOrganizerHelper
+  def display_icon(block)
+    image_path = nil
+    plugin = @plugins.fetch_first_plugin(:has_block?, block)
+
+    theme = Theme.new(environment.theme) # remove this
+    if File.exists?(File.join(theme.filesystem_path, 'images', block.icon_path))
+      image_path = File.join(theme.public_path, 'images', block.icon_path)
+    elsif plugin && File.exists?(File.join(Rails.root, 'public', plugin.public_path, 'images', block.icon_path))
+      image_path = File.join('/', plugin.public_path, 'images', block.icon_path)
+    elsif File.exists?(File.join(Rails.root, 'public', 'images', block.icon_path))
+      image_path = File.join('images', block.icon_path)
+    else
+      image_path = File.join('images', block.default_icon_path)
+    end
+
+    image_tag(image_path, height: '48', width: '48', class: 'block-type-icon', alt: '' )
+  end
+
+  def display_previews(block)
+    images_path = nil
+    plugin = @plugins.fetch_first_plugin(:has_block?, block)
+
+    theme = Theme.new(environment.theme) # remove this
+
+    images_path = Dir.glob(File.join(theme.filesystem_path, 'images', block.preview_path, '*'))
+    images_path = images_path.map{|path| path.gsub(theme.filesystem_path, theme.public_path) } unless images_path.empty?
+
+    images_path = Dir.glob(File.join(Rails.root, 'public', plugin.public_path, 'images', block.preview_path, '*')) if plugin && images_path.empty?
+    images_path = images_path.map{|path| path.gsub(File.join(Rails.root, 'public'), '') } unless images_path.empty?
+
+    images_path = Dir.glob(File.join(Rails.root, 'public', 'images', block.preview_path, '*')) if images_path.empty?
+    images_path = images_path.map{|path| path.gsub(File.join(Rails.root, 'public'), '') } unless images_path.empty?
+
+    images_path = 1.upto(3).map{File.join('images', block.default_preview_path)} if images_path.empty?
+
+    content_tag(:ul,
+      images_path.map do |preview|
+	content_tag(:li, image_tag(preview, height: '240', alt: ''))
+      end.join("\n")
+    )
+  end
+
   def icon_selector(icon = 'no-ico')
     render :partial => 'icon_selector', :locals => { :icon => icon }
   end
@@ -10,4 +52,4 @@ module BoxOrganizerHelper
     end
   end
-end
 \ No newline at end of file
+end
@@ -122,7 +122,7 @@ module BoxesHelper
   end
   def wrap_main_content(content)
-    (1..8).to_a.reverse.inject(content) { |acc,n| content_tag('div', acc, :id => 'main-content-wrapper-' + n.to_s) }
+    content_tag('div', content, :class => 'main-content')
   end
   def extract_block_content(content)
@@ -190,8 +190,9 @@ module BoxesHelper
       else
         "before-block-#{block.id}"
       end
-    if block.nil? or modifiable?(block)
-      content_tag('div', '&nbsp;', :id => id, :class => 'block-target' ) + drop_receiving_element(id, :url => { :action => 'move_block', :target => id }, :accept => box.acceptable_blocks, :hoverclass => 'block-target-hover')
+    if block.nil? || movable?(block)
+      url = url_for(:action => 'move_block', :target => id)
+      content_tag('div', _('Drop Here'), :id => id, :class => 'block-target' ) + drop_receiving_element(id, :accept => box.acceptable_blocks, :hoverclass => 'block-target-hover', :activeClass => 'block-target-active', :tolerance => 'pointer', :onDrop => "function(ev, ui) { dropBlock('#{url}', '#{_('loading...')}', ev, ui);}")
     else
       ""
     end
@@ -199,14 +200,32 @@ module BoxesHelper
   # makes the given block draggable so it can be moved away.
   def block_handle(block)
-    modifiable?(block) ? draggable_element("block-#{block.id}", :revert => true) : ""
+    return "" unless movable?(block)
+    icon = "<div><div>#{display_icon(block.class)}</div><span>#{_(block.class.pretty_name)}</span></div>"
+    block_draggable("block-#{block.id}",
+                    :helper => "function() {return cloneDraggableBlock($(this), '#{icon}')}")
+  end
+
+  def block_draggable(element_id, options={})
+    draggable_options = {
+      :revert => "'invalid'",
+      :appendTo => "'#block-store-draggables'",
+      :helper => '"clone"',
+      :revertDuration => 200,
+      :scroll => false,
+      :start => "startDragBlock",
+      :stop => "stopDragBlock",
+      :cursor => "'move'",
+      :cursorAt => '{ left: 0, top:0, right:0, bottom:0 }',
+    }.merge(options)
+    draggable_element(element_id, draggable_options)
   end
   def block_edit_buttons(block)
     buttons = []
     nowhere = 'javascript: return false;'
-    if modifiable?(block)
+    if movable?(block)
       if block.first?
         buttons << icon_button('up-disabled', _("Can't move up anymore."), nowhere)
       else
@@ -229,15 +248,15 @@ module BoxesHelper
           buttons << icon_button('left', _('Move to the opposite side'), { :action => 'move_block', :target => 'end-of-box-' + holder.boxes[1].id.to_s, :id => block.id }, :method => 'post' )
         end
       end
+    end
-      if block.editable?
-        buttons << modal_icon_button(:edit, _('Edit'), { :action => 'edit', :id => block.id })
-      end
+    if editable?(block)
+      buttons << modal_icon_button(:edit, _('Edit'), { :action => 'edit', :id => block.id })
+    end
-      if !block.main?
-        buttons << icon_button(:delete, _('Remove block'), { :action => 'remove', :id => block.id }, { :method => 'post', :confirm => _('Are you sure you want to remove this block?')})
-        buttons << icon_button(:clone, _('Clone'), { :action => 'clone_block', :id => block.id }, { :method => 'post' })
-      end
+    if movable?(block) && !block.main?
+      buttons << icon_button(:delete, _('Remove block'), { :action => 'remove', :id => block.id }, { :method => 'post', :confirm => _('Are you sure you want to remove this block?')})
+      buttons << icon_button(:clone, _('Clone'), { :action => 'clone_block', :id => block.id }, { :method => 'post' })
     end
     if block.respond_to?(:help)
@@ -273,7 +292,11 @@ module BoxesHelper
     classes
   end
-  def modifiable?(block)
-    return !block.fixed || environment.admins.include?(user)
+  def movable?(block)
+    return block.movable? || user.is_admin?
+  end
+
+  def editable?(block)
+    return block.editable? || user.is_admin?
   end
 end
@@ -9,12 +9,12 @@ module ChatHelper
     avatar = profile_image(user, :portrait, :class => 'avatar')
     content_tag('span',
       link_to(avatar + content_tag('span', user.name) + ui_icon('ui-icon-triangle-1-s'),
-        '#',
+        '',
         :onclick => 'toggleMenu(this); return false',
         :class => icon_class + ' simplemenu-trigger'
       ) +
       content_tag('ul',
-        links.map{|link| content_tag('li', link_to(link[1], '#', :class => link[0], :id => link[2], 'data-jid' => user.jid), :class => 'simplemenu-item') }.join("\n"),
+        links.map{|link| content_tag('li', link_to(link[1], '', :class => link[0], :id => link[2], 'data-jid' => user.jid), :class => 'simplemenu-item') }.join("\n"),
         :style => 'display: none; z-index: 100',
         :class => 'simplemenu-submenu'
       ),
 module CommentHelper
+  include DatesHelper
   def article_title(article, args = {})
     title = article.title
@@ -15,7 +16,7 @@ module CommentHelper
         content_tag('span', show_date(article.published_at), :class => 'date') +
         content_tag('span', [_(", by %s") % link_to(article.author_name, article.author_url)], :class => 'author') +
         content_tag('span', comments, :class => 'comments'),
-        :class => 'created-at'
+        :class => 'publishing-info'
       )
     end
     title
@@ -2,6 +2,7 @@ module ContentViewerHelper
   include BlogHelper
   include ForumHelper
+  include DatesHelper
   def display_number_of_comments(n)
     base_str = "<span class='comment-count hide'>#{n}</span>"
@@ -24,16 +25,35 @@ module ContentViewerHelper
       unless args[:no_comments] || !article.accept_comments
         comments = (" - %s") % link_to_comments(article)
       end
+      date_format = show_with_right_format_date article
       title << content_tag('span',
-        content_tag('span', show_date(article.published_at), :class => 'date') +
+        date_format +
         content_tag('span', _(", by %s") % (article.author ? link_to(article.author_name, article.author_url) : article.author_name), :class => 'author') +
         content_tag('span', comments, :class => 'comments'),
-        :class => 'created-at'
+        :class => 'publishing-info'
       )
     end
     title
   end
+  def show_with_right_format_date article
+    date_format = article.environment.date_format
+    use_numbers = false
+    year = true
+    left_time = false
+    if date_format ==  'numbers_with_year'
+      use_numbers = true
+    elsif date_format == 'numbers'
+      use_numbers = true
+      year = false
+    elsif date_format == 'month_name'
+      year = false
+    elsif date_format == 'past_time'
+      left_time = true
+    end
+    content_tag('span', show_time(article.published_at, use_numbers , year, left_time), :class => 'date')
+  end
+
   def link_to_comments(article, args = {})
     return '' unless article.accept_comments?
     reference_to_article number_of_comments(article), article, 'comments_list'
@@ -2,6 +2,7 @@ require &#39;noosfero/i18n&#39;
 module DatesHelper
+  include ActionView::Helpers::DateHelper
   def months
     I18n.t('date.month_names')
   end
@@ -15,10 +16,12 @@ module DatesHelper
   end
   # formats a date for displaying.
-  def show_date(date, use_numbers = false, year=true)
+  def show_date(date, use_numbers = false, year = true, left_time = false)
     if date && use_numbers
       date_format = year ? _('%{month}/%{day}/%{year}') : _('%{month}/%{day}')
       date_format % { :day => date.day, :month => date.month, :year => date.year }
+    elsif date && left_time
+      date_format = time_ago_in_words(date)
     elsif date
       date_format = year ? _('%{month_name} %{day}, %{year}') : _('%{month_name} %{day}')
       date_format % { :day => date.day, :month_name => month_name(date.month), :year => date.year }
@@ -40,9 +43,14 @@ module DatesHelper
   end
   # formats a datetime for displaying.
-  def show_time(time)
-    if time
-      _('%{day} %{month} %{year}, %{hour}:%{minutes}') % { :year => time.year, :month => month_name(time.month), :day => time.day, :hour => time.hour, :minutes => time.strftime("%M") }
+  def show_time(time, use_numbers = false, year = true, left_time = false)
+    if time && use_numbers
+      _('%{month}/%{day}/%{year}, %{hour}:%{minutes}') % { :year => (year ? time.year : ''), :month => time.month, :day => time.day, :hour => time.hour, :minutes => time.strftime("%M") }
+    elsif time && left_time
+      date_format = time_ago_in_words(time)
+    elsif time
+      date_format = year ? _('%{month_name} %{day}, %{year} %{hour}:%{minutes}') : _('%{month_name} %{day} %{hour}:%{minutes}')
+      date_format % { :day => time.day, :month_name => month_name(time.month), :year => time.year, :hour => time.hour, :minutes => time.strftime("%M") }
     else
       ''
     end
@@ -50,7 +58,7 @@ module DatesHelper
   def show_period(date1, date2 = nil, use_numbers = false)
     if (date1 == date2) || (date2.nil?)
-      show_date(date1, use_numbers)
+      show_time(date1, use_numbers)
     else
       if date1.year == date2.year
         if date1.month == date2.month
@@ -69,8 +77,8 @@ module DatesHelper
         end
       else
         _('from %{date1} to %{date2}') % {
-          :date1 => show_date(date1, use_numbers),
-          :date2 => show_date(date2, use_numbers)
+          :date1 => show_time(date1, use_numbers),
+          :date2 => show_time(date2, use_numbers)
         }
       end
     end
@@ -103,18 +111,18 @@ module DatesHelper
   def build_date(year, month, day = 1)
     if year.blank? and month.blank? and day.blank?
-      Date.today
+      DateTime.now
     else
       if year.blank?
-        year = Date.today.year
+        year = DateTime.now.year
       end
       if month.blank?
-        month = Date.today.month
+        month = DateTime.now.month
       end
       if day.blank?
         day = 1
       end
-      Date.new(year.to_i, month.to_i, day.to_i)
+      DateTime.new(year.to_i, month.to_i, day.to_i)
     end
   end
@@ -0,0 +1,12 @@
+module EmailTemplateHelper
+
+  def mail_with_template(params={})
+    if params[:email_template].present?
+      params[:body] = params[:email_template].parsed_body(params[:template_params])
+      params[:subject] = params[:email_template].parsed_subject(params[:template_params])
+      params[:content_type] = "text/html"
+    end
+    mail(params.except(:email_template))
+  end
+
+end
 module EventsHelper
+  include DatesHelper
   def list_events(date, events)
     title = _('Events for %s') % show_date_month(date)
     content_tag('h2', title) +
@@ -15,7 +16,7 @@ module EventsHelper
     content_tag( 'tr',
       content_tag('td',
-        content_tag('div', show_date(article.start_date) + ( article.end_date.nil? ?  '' : (_(" to ") + show_date(article.end_date))),:class => 'event-date' ) +
+        content_tag('div', show_time(article.start_date) + ( article.end_date.nil? ?  '' : (_(" to ") + show_time(article.end_date))),:class => 'event-date' ) +
         content_tag('div',link_to(article.name,article.url),:class => 'event-title') +
         content_tag('div',(article.address.nil? or article.address == '')  ? '' : (_('Place: ') + article.address),:class => 'event-place')
       )
@@ -29,7 +30,7 @@ module EventsHelper
         # the day itself
         date,
         # is there any events in this date?
-        events.any? {|event| event.date_range.include?(date)},
+        events.any? {|event| event.date_range.cover?(date)},
         # is this date in the current month?
         true
       ]
-require 'short_filename'
-
 module FolderHelper
-  include ShortFilename
   include ArticleHelper
   def list_contents(configure={})
@@ -10,8 +7,8 @@ module FolderHelper
     configure[:list_type] ||= :folder
     if !configure[:contents].blank?
       configure[:contents] = configure[:contents].paginate(
-        :order => "updated_at DESC",
-        :per_page => 10,
+        :order => "name ASC",
+        :per_page => 30,
         :page => params[:npage]
       )
@@ -25,49 +22,32 @@ module FolderHelper
     articles.select {|article| article.display_to?(user)}
   end
-  def display_content_in_listing(configure={})
-    recursive = configure[:recursive] || false
-    list_type = configure[:list_type] || :folder
-    level = configure[:level] || 0
-    content = FilePresenter.for configure[:content]
+  def display_content_icon(content_item)
+    content = FilePresenter.for content_item
     content_link = if content.image?
-         link_to('&nbsp;' * (level * 4) +
-           image_tag(icon_for_article(content)) + short_filename(content.name),
+         link_to(
+           image_tag(icon_for_article(content, :bigicon)),
            content.url.merge(:view => true)
          )
        else
-         link_to('&nbsp;' * (level * 4) +
-           short_filename(content.name),
-           content.url.merge(:view => true), :class => icon_for_article(content)
+         link_to('',
+          content.url.merge(:view => true),
+          :class => icon_for_article(content, :bigicon)
          )
        end
-    result = content_tag(
-      'tr',
-      content_tag('td', content_link ) +
-      content_tag('td', show_date(content.updated_at), :class => 'last-update'),
-      :class => "#{list_type}-item"
-    )
-    if recursive
-      result + content.children.map {|item|
-        display_content_in_listing :content=>item, :recursive=>recursive,
-                                   :list_type=>list_type, :level=>level+1
-      }.join("\n")
-    else
-      result
-    end
   end
-  def icon_for_article(article)
+  def icon_for_article(article, size = 'icon')
     article = FilePresenter.for article
-    icon = article.respond_to?(:icon_name) ?
-             article.icon_name :
-             article.class.icon_name(article)
-    if (icon =~ /\//)
-      icon
+    if article.respond_to?(:sized_icon)
+      article.sized_icon(size)
     else
-      klasses = 'icon ' + [icon].flatten.map{|name| 'icon-'+name}.join(' ')
+      icon = article.respond_to?(:icon_name) ?
+              article.icon_name :
+              article.class.icon_name(article)
+      klasses = "#{size} " + [icon].flatten.map{|name| "#{size}-"+name}.join(' ')
       if article.kind_of?(UploadedFile) || article.kind_of?(FilePresenter)
-        klasses += ' icon-upload-file'
+        klasses += " #{size}-upload-file"
       end
       klasses
     end
@@ -151,7 +151,7 @@ module FormsHelper
     datepicker_options[:close_text] ||= _('Done')
     datepicker_options[:constrain_input] ||= true
     datepicker_options[:current_text] ||= _('Today')
-    datepicker_options[:date_format] ||= 'mm/dd/yy'
+    datepicker_options[:date_format] ||= 'yy/mm/dd'
     datepicker_options[:day_names] ||= [_('Sunday'), _('Monday'), _('Tuesday'), _('Wednesday'), _('Thursday'), _('Friday'), _('Saturday')]
     datepicker_options[:day_names_min] ||= [_('Su'), _('Mo'), _('Tu'), _('We'), _('Th'), _('Fr'), _('Sa')]
     datepicker_options[:day_names_short] ||= [_('Sun'), _('Mon'), _('Tue'), _('Wed'), _('Thu'), _('Fri'), _('Sat')]
@@ -236,7 +236,7 @@ module FormsHelper
         weekHeader: #{datepicker_options[:week_header].to_json},
         yearRange: #{datepicker_options[:year_range].to_json},
         yearSuffix: #{datepicker_options[:year_suffix].to_json}
-      })
+      }).datepicker('setDate', new Date('#{value}'))
     </script>
     ".html_safe
     result
 module ForumHelper
+  include ActionView::Helpers::DateHelper
   def cms_label_for_new_children
     _('New discussion topic')
@@ -42,9 +43,9 @@ module ForumHelper
   def last_topic_update(article)
     info = article.info_from_last_update
     if info[:author_url]
-      time_ago_as_sentence(info[:date]) + ' ' + _('by') + ' ' + link_to(info[:author_name], info[:author_url])
+      time_ago_in_words(info[:date]) + ' ' + _('by') + ' ' + link_to(info[:author_name], info[:author_url])
     else
-      time_ago_as_sentence(info[:date]) + ' ' + _('by') + ' ' + info[:author_name]
+      time_ago_in_words(info[:date]) + ' ' + _('by') + ' ' + info[:author_name]
     end
   end
@@ -28,7 +28,7 @@ module LayoutHelper
   end
   def noosfero_javascript
-    plugins_javascripts = @plugins.flat_map{ |plugin| plugin.js_files.map{ |js| plugin.class.public_path(js, true) } }.flatten
+    plugins_javascripts = @plugins.flat_map{ |plugin| Array.wrap(plugin.js_files).map{ |js| plugin.class.public_path(js, true) } }.flatten
     output = ''
     output += render 'layouts/javascript'
@@ -38,6 +38,8 @@ module LayoutHelper
     output += theme_javascript_ng.to_s
     output += javascript_tag 'render_all_jquery_ui_widgets()'
+    output += templete_javascript_ng.to_s
+
     output
   end
@@ -70,24 +72,13 @@ module LayoutHelper
   end
   def template_stylesheet_path
-    if profile.nil?
-      "/designs/templates/#{environment.layout_template}/stylesheets/style.css"
-    else
-      "/designs/templates/#{profile.layout_template}/stylesheets/style.css"
-    end
+    File.join template_path, "/stylesheets/style.css"
   end
   def icon_theme_stylesheet_path
-    icon_themes = []
     theme_icon_themes = theme_option(:icon_theme) || []
-    for icon_theme in theme_icon_themes do
-      theme_path = "designs/icons/#{icon_theme}/style.css"
-      if File.exists?(Rails.root.join('public', theme_path))
-        icon_themes << theme_path
-      end
-    end
-    icon_themes
+    theme_icon_themes.map{ |it| "designs/icons/#{it}/style.css" }
   end
   def jquery_ui_theme_stylesheet_path
@@ -75,9 +75,12 @@ module ManageProductsHelper
   end
   def categories_container(categories_selection_html, hierarchy_html = '')
-    hidden_field_tag('selected_category_id') +
-    content_tag('div', hierarchy_html, :id => 'hierarchy_navigation') +
-    content_tag('div', categories_selection_html, :id => 'categories_container_wrapper')
+    content_tag 'div',
+      render('categories_autocomplete') +
+      hidden_field_tag('selected_category_id') +
+      content_tag('div', hierarchy_html, :id => 'hierarchy_navigation') +
+      content_tag('div', categories_selection_html, :id => 'categories_container_wrapper'),
+    :id => 'categories-container'
   end
   def select_for_categories(categories, level = 0)
@@ -141,8 +141,9 @@ module ProfileEditorHelper
     )
   end
-  def control_panel_button(title, icon, url)
-    link_to title, url, :class => 'control-panel-%s' % icon
+  def control_panel_button(title, icon, url, html_options = {})
+    html_options ||= {}
+    link_to title, url, html_options.merge(:class => 'control-panel-%s' % icon)
   end
   def unchangeable_privacy_field(profile)
@@ -190,4 +190,22 @@ module ProfileHelper
     end
   end
+  def display_custom_field(title, profile, field, force = false)
+    unless force || profile.may_display_field_to?(field, user)
+      return
+    end
+    value = profile.custom_fields[field][:value]
+    !value.blank? ? content_tag('tr', content_tag('td', title) + content_tag('td', value)) : ''
+  end
+
+  def display_custom_fields(profile)
+    fields = []
+    profile.custom_fields.each { |custom_field_key,custom_field_data|
+      if !profile.fields_privacy.blank? && profile.fields_privacy.include?(custom_field_key)
+        fields << display_custom_field(custom_field_data[:title], profile, custom_field_key) if profile.fields_privacy[custom_field_key] == 'public'
+      end
+    }
+    fields.size >= 1 ? content_tag('tr', content_tag('th', _('Custom Fields'), { :colspan => 2 })) + fields.join.html_safe : ''
+  end
+
 end
@@ -106,6 +106,10 @@ module SearchHelper
     end
   end
+  def city_with_state_for_profile(p)
+    city_with_state(p.region) || [p.city, p.state].compact.reject(&:blank?).join(', ')
+  end
+
   def display_selector(asset, display, float = 'right')
     display = nil if display.blank?
     display ||= asset_class(asset).default_search_display
@@ -0,0 +1,23 @@
+module TaskHelper
+
+  def task_email_template(description, email_templates, task, include_blank=true)
+    return '' unless email_templates.present?
+
+    content_tag(
+      :div,
+      labelled_form_field(description, select_tag("tasks[#{task.id}][task][email_template_id]", options_from_collection_for_select(email_templates, :id, :name), :include_blank => include_blank, 'data-url' => url_for(:controller => 'profile_email_templates', :action => 'show_parsed', :profile => profile.identifier))),
+      :class => 'template-selection'
+    )
+  end
+
+  def task_action action
+    base_url = { action: action }
+    url_for(base_url.merge(filter_params))
+  end
+
+  def filter_params
+    filter_fields = ['filter_type', 'filter_text', 'filter_responsible', 'filter_tags']
+    params.select {|filter| filter if filter_fields.include? filter }
+  end
+
+end
@@ -17,9 +17,10 @@ module TinymceHelper
         searchreplace wordcount visualblocks visualchars code fullscreen
         insertdatetime media nonbreaking save table contextmenu directionality
         emoticons template paste textcolor colorpicker textpattern],
+      :image_advtab => true,
       :language => tinymce_language
-    options[:toolbar1] = "insertfile undo redo | copy paste | bold italic underline | styleselect fontsizeselect | forecolor backcolor | alignleft aligncenter alignright alignjustify | bullist numlist outdent indent | link image"
+    options[:toolbar1] = "fullscreen | insertfile undo redo | copy paste | bold italic underline | styleselect fontsizeselect | forecolor backcolor | alignleft aligncenter alignright alignjustify | bullist numlist outdent indent | link image"
     if options[:mode] == 'simple'
       options[:menubar] = false
     else
@@ -14,7 +14,7 @@ module UsersHelper
     select_field = select_tag(:filter, options, :onchange => onchange)
     content_tag('div',
       content_tag('strong', _('Filter')) + ': ' + select_field,
-      :class => "environment-users-customize-search"
+      :class => "environment-profiles-customize-search"
     )
   end
 class ScrapNotifier < ActionMailer::Base
   def notification(scrap)
     sender, receiver = scrap.sender, scrap.receiver
+    # for tests
+    return unless receiver.email
+
     @recipient = receiver.name
     @sender = sender.name
     @sender_link = sender.url
 class TaskMailer < ActionMailer::Base
+  include EmailTemplateHelper
+
   def target_notification(task, message)
     @message = extract_message(message)
     @target = task.target.name
     @environment = task.environment.name
     @url = generate_environment_url(task, :controller => 'home')
-    url_for_tasks_list = task.target.kind_of?(Environment) ? '' : url_for(task.target.tasks_url)
+    url_for_tasks_list = task.target.kind_of?(Environment) ? '' : url_for(task.target.tasks_url.merge(:script_name => Noosfero.root('/')))
     @tasks_url = url_for_tasks_list
     mail(
@@ -34,10 +36,12 @@ class TaskMailer &lt; ActionMailer::Base
     @environment = task.requestor.environment.name
     @url = url_for(:host => task.requestor.environment.default_hostname, :controller => 'home')
-    mail(
+    mail_with_template(
       to: task.requestor.notification_emails,
       from: self.class.generate_from(task),
-      subject: '[%s] %s' % [task.requestor.environment.name, task.target_notification_description]
+      subject: '[%s] %s' % [task.requestor.environment.name, task.target_notification_description],
+      email_template: task.email_template,
+      template_params: {:environment => task.requestor.environment, :task => task, :message => @message, :url => @url, :requestor => task.requestor}
     )
   end
@@ -56,7 +60,7 @@ class TaskMailer &lt; ActionMailer::Base
   end
   def generate_environment_url(task, url = {})
-    url_for(Noosfero.url_options.merge(:host => task.environment.default_hostname).merge(url))
+    url_for(Noosfero.url_options.merge(:host => task.environment.default_hostname).merge(url).merge(:script_name => Noosfero.root('/')))
   end
 end
 class UserMailer < ActionMailer::Base
+
+  include EmailTemplateHelper
+
   def activation_email_notify(user)
     user_email = "#{user.login}@#{user.email_domain}"
     @name = user.name
@@ -22,10 +25,12 @@ class UserMailer &lt; ActionMailer::Base
     @redirection = (true if user.return_to)
     @join = (user.community_to_join if user.community_to_join)
-    mail(
+    mail_with_template(
       from: "#{user.environment.name} <#{user.environment.contact_email}>",
       to: user.email,
       subject: _("[%s] Activate your account") % [user.environment.name],
+      template_params: {:environment => user.environment, :activation_code => @activation_code, :redirection => @redirection, :join => @join},
+      email_template: user.environment.email_templates.find_by_template_type(:user_activation),
     )
   end
@@ -40,10 +40,6 @@ class AbuseComplaint &lt; Task
     true
   end
-  def reject_details
-    true
-  end
-
   def icon
     {:type => :profile_image, :profile => reported, :url => reported.url}
   end
@@ -14,6 +14,9 @@ class AddFriend &lt; Task
   alias :friend :target
   alias :friend= :target=
+	validates :requestor, :kind_of => { :kind => Person }
+	validates :target, :kind_of => { :kind => Person }
+
   after_create do |task|
     TaskMailer.invitation_notification(task).deliver unless task.friend
     remove_from_suggestion_list(task)
@@ -54,7 +57,7 @@ class AddFriend &lt; Task
   end
   def remove_from_suggestion_list(task)
-    suggestion = task.requestor.profile_suggestions.find_by_suggestion_id task.target.id
+    suggestion = task.requestor.suggested_profiles.find_by_suggestion_id task.target.id
     suggestion.disable if suggestion
   end
 end
@@ -2,6 +2,9 @@ class AddMember &lt; Task
   validates_presence_of :requestor_id, :target_id
+  validates :requestor, kind_of: {kind: Person}
+  validates :target, kind_of: {kind: Organization}
+
   alias :person :requestor
   alias :person= :requestor=
@@ -26,7 +29,8 @@ class AddMember &lt; Task
   end
   def information
-    {:message => _('%{requestor} wants to be a member of this community.')}
+    {:message => _("%{requestor} wants to be a member of '%{organization}'."),
+     variables: {requestor: requestor.name, organization: organization.name}}
   end
   def accept_details
@@ -42,7 +46,7 @@ class AddMember &lt; Task
   end
   def target_notification_description
-    _('%{requestor} wants to be a member of this community.') % {:requestor => requestor.name}
+    _("%{requestor} wants to be a member of '%{organization}'.") % {:requestor => requestor.name, :organization => organization.name}
   end
   def target_notification_message
 class ApproveArticle < Task
   validates_presence_of :requestor_id, :target_id
+  validates :requestor, kind_of: {kind: Person}
+  validate :allowed_requestor
+
+  def allowed_requestor
+    if target
+      if target.person? && requestor != target
+        self.errors.add(:requestor, _('You can not post articles to other users.'))
+      end
+      if target.organization? && !target.members.include?(requestor) && target.environment.portal_community != target
+        self.errors.add(:requestor, _('Only members can post articles on communities.'))
+      end
+    end
+  end
+
   def article_title
     article ? article.title : _('(The original text was removed)')
   end
-  
+
   def article
     Article.find_by_id data[:article_id]
   end
@@ -82,10 +96,6 @@ class ApproveArticle &lt; Task
     true
   end
-  def reject_details
-    true
-  end
-
   def default_decision
     if article
       'skip'
@@ -128,4 +138,9 @@ class ApproveArticle &lt; Task
     message
   end
+  def request_is_member_of_target
+    unless requestor.is_member_of?(target)
+      errors.add(:approve_article, N_('Requestor must be a member of target.'))
+    end
+  end
 end
@@ -60,10 +60,6 @@ class ApproveComment &lt; Task
     true
   end
-  def reject_details
-    true
-  end
-
   def default_decision
     if article
       'skip'
-
 class Article < ActiveRecord::Base
   attr_accessible :name, :body, :abstract, :profile, :tag_list, :parent,
                   :allow_members_to_edit, :translation_of_id, :language,
                   :license_id, :parent_id, :display_posts_in_current_language,
                   :category_ids, :posts_per_page, :moderate_comments,
-                  :accept_comments, :feed, :published, :source,
+                  :accept_comments, :feed, :published, :source, :source_name,
                   :highlighted, :notify_comments, :display_hits, :slug,
                   :external_feed_builder, :display_versions, :external_link,
-                  :image_builder, :show_to_followers
+                  :author, :published_at, :person_followers, :show_to_followers, :image_builder
   acts_as_having_image
@@ -25,6 +24,16 @@ class Article &lt; ActiveRecord::Base
     :display => %w[full]
   }
+  def initialize(*params)
+    super
+
+    if !params.blank? && params.first.has_key?(:profile) && !params.first[:profile].blank?
+      profile = params.first[:profile]
+      self.published = false unless profile.public?
+    end
+
+  end
+
   def self.default_search_display
     'full'
   end
@@ -61,6 +70,10 @@ class Article &lt; ActiveRecord::Base
   belongs_to :last_changed_by, :class_name => 'Person', :foreign_key => 'last_changed_by_id'
   belongs_to :created_by, :class_name => 'Person', :foreign_key => 'created_by_id'
+  #Article followers relation
+  has_many :article_followers, :dependent => :destroy
+  has_many :person_followers, :class_name => 'Person', :through => :article_followers, :source => :person
+
   has_many :comments, :class_name => 'Comment', :foreign_key => 'source_id', :dependent => :destroy, :order => 'created_at asc'
   has_many :article_categorizations, :conditions => [ 'articles_categories.virtual = ?', false ]
@@ -86,6 +99,8 @@ class Article &lt; ActiveRecord::Base
   belongs_to :translation_of, :class_name => 'Article', :foreign_key => :translation_of_id
   before_destroy :rotate_translations
+  acts_as_voteable
+
   before_create do |article|
     article.published_at ||= Time.now
     if article.reference_article && !article.parent
@@ -117,9 +132,11 @@ class Article &lt; ActiveRecord::Base
     {:include => 'categories_including_virtual', :conditions => { 'categories.id' => category.id }}
   }
+  include TimeScopes
+
   scope :by_range, lambda { |range| {
     :conditions => [
-      'published_at BETWEEN :start_date AND :end_date', { :start_date => range.first, :end_date => range.last }
+      'articles.published_at BETWEEN :start_date AND :end_date', { :start_date => range.first, :end_date => range.last }
     ]
   }}
@@ -248,7 +265,7 @@ class Article &lt; ActiveRecord::Base
   }
   scope :public,
-    :conditions => [ "advertise = ? AND published = ? AND profiles.visible = ? AND profiles.public_profile = ?", true, true, true, true ], :joins => [:profile]
+    :conditions => [ "articles.advertise = ? AND articles.published = ? AND profiles.visible = ? AND profiles.public_profile = ?", true, true, true, true ], :joins => [:profile]
   scope :more_recent,
     :conditions => [ "advertise = ? AND published = ? AND profiles.visible = ? AND profiles.public_profile = ? AND
@@ -491,11 +508,11 @@ class Article &lt; ActiveRecord::Base
     return [] if user.nil? || (profile && !profile.public? && !user.follows?(profile))
     where(
       [
-       "published = ? OR last_changed_by_id = ? OR profile_id = ? OR ? 
-        OR  (show_to_followers = ? AND ?)", true, user.id, user.id, 
+       "published = ? OR last_changed_by_id = ? OR profile_id = ? OR ?
+        OR  (show_to_followers = ? AND ? AND profile_id IN (?))", true, user.id, user.id,
         profile.nil? ?  false : user.has_permission?(:view_private_content, profile),
-        true, user.follows?(profile)
-      ] 
+        true, (profile.nil? ? true : user.follows?(profile)),  ( profile.nil? ? (user.friends.select('profiles.id')) : [profile.id])
+      ]
     )
   }
@@ -509,7 +526,7 @@ class Article &lt; ActiveRecord::Base
   def display_to?(user = nil)
     if published?
-      profile.display_info_to?(user)
+      (profile.secret? || !profile.visible?) ? profile.display_info_to?(user) : true
     else
       if !user
         false
@@ -567,25 +584,24 @@ class Article &lt; ActiveRecord::Base
     profile.visible? && profile.public? && published?
   end
-
-  def copy(options = {})
+  def copy_without_save(options = {})
     attrs = attributes.reject! { |key, value| ATTRIBUTES_NOT_COPIED.include?(key.to_sym) }
     attrs.merge!(options)
     object = self.class.new
     attrs.each do |key, value|
       object.send(key.to_s+'=', value)
     end
+    object
+  end
+
+  def copy(options = {})
+    object = copy_without_save(options)
     object.save
     object
   end
   def copy!(options = {})
-    attrs = attributes.reject! { |key, value| ATTRIBUTES_NOT_COPIED.include?(key.to_sym) }
-    attrs.merge!(options)
-    object = self.class.new
-    attrs.each do |key, value|
-      object.send(key.to_s+'=', value)
-    end
+    object = copy_without_save(options)
     object.save!
     object
   end
@@ -615,6 +631,11 @@ class Article &lt; ActiveRecord::Base
     self.hits += 1
   end
+  def self.hit(articles)
+    Article.where(:id => articles.map(&:id)).update_all('hits = hits + 1')
+    articles.each { |a| a.hits += 1 }
+  end
+
   def can_display_hits?
     true
   end
@@ -623,6 +644,14 @@ class Article &lt; ActiveRecord::Base
     can_display_hits? && display_hits
   end
+  def display_media_panel?
+    can_display_media_panel? && environment.enabled?('media_panel')
+  end
+
+  def can_display_media_panel?
+    false
+  end
+
   def image?
     false
   end
@@ -692,6 +721,11 @@ class Article &lt; ActiveRecord::Base
     person ? person.id : nil
   end
+  #FIXME make this test
+  def author_custom_image(size = :icon)
+    author ? author.profile_custom_image(size) : nil
+  end
+
   def version_license(version_number = nil)
     return license if version_number.nil?
     profile.environment.licenses.find_by_id(get_version(version_number).license_id)
@@ -713,8 +747,9 @@ class Article &lt; ActiveRecord::Base
     paragraphs.empty? ? '' : paragraphs.first.to_html
   end
-  def lead
-    abstract.blank? ? first_paragraph.html_safe : abstract.html_safe
+  def lead(length = nil)
+    content = abstract.blank? ? first_paragraph.html_safe : abstract.html_safe
+    length.present? ? content.truncate(length) : content
   end
   def short_lead
@@ -781,6 +816,14 @@ class Article &lt; ActiveRecord::Base
     true
   end
+  def view_page
+    "content_viewer/view_page"
+  end
+
+  def to_liquid
+    HashWithIndifferentAccess.new :name => name, :abstract => abstract, :body => body, :id => id, :parent_id => parent_id, :author => author
+  end
+
   private
   def sanitize_tag_list
@@ -3,7 +3,15 @@ class ArticleBlock &lt; Block
   attr_accessible :article_id
   def self.description
-    _('Display one of your contents')
+    _('Display one of your contents.')
+  end
+
+  def self.short_description
+    _('Show one article')
+  end
+
+  def self.pretty_name
+    _('Article')
   end
   def help
@@ -0,0 +1,5 @@
+class ArticleFollower < ActiveRecord::Base
+  attr_accessible :article_id, :person_id, :since
+  belongs_to :article
+  belongs_to :person
+end
 class Block < ActiveRecord::Base
-  attr_accessible :title, :display, :limit, :box_id, :posts_per_page, :visualization_format, :language, :display_user, :box, :fixed
+  attr_accessible :title, :display, :limit, :box_id, :posts_per_page,
+                  :visualization_format, :language, :display_user,
+                  :box, :edit_modes, :move_modes, :mirror
   # to be able to generate HTML
   include ActionView::Helpers::UrlHelper
@@ -13,17 +15,29 @@ class Block &lt; ActiveRecord::Base
   acts_as_list :scope => :box
   belongs_to :box
+  belongs_to :mirror_block, :class_name => "Block"
+  has_many :observers, :class_name => "Block", :foreign_key => "mirror_block_id"
   acts_as_having_settings
   scope :enabled, :conditions => { :enabled => true }
+  after_save do |block|
+    if block.owner.kind_of?(Profile) && block.owner.is_template? && block.mirror?
+      block.observers.each do |observer|
+        observer.copy_from(block)
+        observer.title = block.title
+        observer.save
+      end
+    end
+  end
+
   def embedable?
     false
   end
   def get_limit
-    [0,limit].max
+    [0,limit.to_i].max
   end
   def embed_code
@@ -110,8 +124,13 @@ class Block &lt; ActiveRecord::Base
   # * <tt>'all'</tt>: the block is always displayed
   settings_items :language, :type => :string, :default => 'all'
-  # The block can be configured to be fixed. Only can be edited by environment admins
-  settings_items :fixed, :type => :boolean, :default => false
+  # The block can be configured to define the edition modes options. Only can be edited by environment admins
+  # It can assume the following values:
+  #
+  # * <tt>'all'</tt>: the block owner has all edit options for this block
+  # * <tt>'none'</tt>: the block owner can't do anything with the block
+  settings_items :edit_modes, :type => :string, :default => 'all'
+  settings_items :move_modes, :type => :string, :default => 'all'
   # returns the description of the block, used when the user sees a list of
   # blocks to choose one to include in the design.
@@ -122,6 +141,36 @@ class Block &lt; ActiveRecord::Base
     '(dummy)'
   end
+  def self.short_description
+    self.pretty_name
+  end
+
+  def self.icon
+    "/images/icon_block.png"
+  end
+
+  def self.icon_path
+    basename = self.name.split('::').last.underscore
+    File.join('blocks', basename, 'icon.png')
+  end
+
+  def self.pretty_name
+    self.name.split('::').last.gsub('Block','')
+  end
+
+  def self.default_icon_path
+    'icon_block.png'
+  end
+
+  def self.preview_path
+    base_name = self.name.split('::').last.underscore
+    File.join('blocks', base_name,'previews')
+  end
+
+  def self.default_preview_path
+    "block_preview.png"
+  end
+
   # Returns the content to be used for this block.
   #
   # This method can return several types of objects:
@@ -148,7 +197,11 @@ class Block &lt; ActiveRecord::Base
   # Is this block editable? (Default to <tt>false</tt>)
   def editable?
-    true
+    self.edit_modes == "all"
+  end
+
+  def movable?
+    self.move_modes == "all"
   end
   # must always return false, except on MainBlock clas.
@@ -228,6 +281,21 @@ class Block &lt; ActiveRecord::Base
     }
   end
+  def edit_block_options
+    @edit_options ||= {
+      'all'            => _('Can be modified'),
+      'none'           => _('Cannot be modified')
+    }
+  end
+
+  def move_block_options
+    @move_options ||= {
+      'all'            => _('Can be moved'),
+      'none'           => _('Cannot be moved')
+    }
+  end
+
+
   def duplicate
     duplicated_block = self.dup
     duplicated_block.display = 'never'
@@ -243,6 +311,10 @@ class Block &lt; ActiveRecord::Base
     self.position = block.position
   end
+  def add_observer(block)
+    self.observers << block
+  end
+
   private
   def home_page_path
@@ -76,9 +76,12 @@ class Blog &lt; Folder
   end
   settings_items :visualization_format, :type => :string, :default => 'full'
-  validates_inclusion_of :visualization_format, :in => [ 'full', 'short', 'short+pic' ], :if => :visualization_format
+  validates_inclusion_of :visualization_format,
+                         :in => [ 'full', 'short', 'short+pic', 'compact'],
+                         :if => :visualization_format
-  settings_items :display_posts_in_current_language, :type => :boolean, :default => false
+  settings_items :display_posts_in_current_language,
+                 :type => :boolean, :default => false
   alias :display_posts_in_current_language? :display_posts_in_current_language
@@ -18,6 +18,8 @@ class ChangePassword &lt; Task
   validates_presence_of :requestor
+  validates :requestor, kind_of: {kind: Person}
+
   ###################################################
   # validations for updating a ChangePassword task 
@@ -26,6 +28,13 @@ class ChangePassword &lt; Task
   validates_presence_of :password_confirmation, :on => :update, :if => lambda { |change| change.status != Task::Status::CANCELLED }
   validates_confirmation_of :password, :if => lambda { |change| change.status != Task::Status::CANCELLED }
+  before_save :set_email_template
+
+  def set_email_template
+    template = environment.email_templates.find_by_template_type(:user_change_password)
+    data[:email_template_id] = template.id unless template.nil?
+  end
+
   def environment
     requestor.environment unless requestor.nil?
   end
@@ -4,4 +4,5 @@ class ChatMessage &lt; ActiveRecord::Base
   belongs_to :to, :class_name => 'Profile'
   belongs_to :from, :class_name => 'Profile'
+  validates_presence_of :from, :to
 end
@@ -20,6 +20,8 @@ class Comment &lt; ActiveRecord::Base
   scope :without_reply, :conditions => ['reply_of_id IS NULL']
+  include TimeScopes
+
   # unauthenticated authors:
   validates_presence_of :name, :if => (lambda { |record| !record.email.blank? })
   validates_presence_of :email, :if => (lambda { |record| !record.name.blank? })
@@ -32,11 +34,13 @@ class Comment &lt; ActiveRecord::Base
       rec.errors.add(:name, _('{fn} can only be informed for unauthenticated authors').fix_i18n)
     end
   end
-
+  
   acts_as_having_settings
   xss_terminate :only => [ :body, :title, :name ], :on => 'validation'
+  acts_as_voteable
+
   def comment_root
     (reply_of && reply_of.comment_root) || self
   end
@@ -65,6 +69,11 @@ class Comment &lt; ActiveRecord::Base
     author ? author.url : nil
   end
+  #FIXME make this test
+  def author_custom_image(size = :icon)
+    author ? author.profile_custom_image(size) : nil
+  end
+
   def url
     article.view_url.merge(:anchor => anchor)
   end
@@ -3,9 +3,17 @@ class CommunitiesBlock &lt; ProfileListBlock
   attr_accessible :accessor_id, :accessor_type, :role_id, :resource_id, :resource_type
   def self.description
+    _("<p>Display all of your communities.</p><p>You could choose the amount of communities will be displayed and you could priorize that profiles with images.</p> <p>The view all button is always present in the block.</p>")
+  end
+
+  def self.short_description
     _('Communities')
   end
+  def self.pretty_name
+    _('Communities Block')
+  end
+
   def default_title
     n_('{#} community', '{#} communities', profile_count)
   end
@@ -86,8 +86,8 @@ class Community &lt; Organization
     {:title => _('Community Info and settings'), :icon => 'edit-profile-group'}
   end
-  def activities
-    Scrap.find_by_sql("SELECT id, updated_at, '#{Scrap.to_s}' AS klass FROM #{Scrap.table_name} WHERE scraps.receiver_id = #{self.id} AND scraps.scrap_id IS NULL UNION SELECT id, updated_at, '#{ActionTracker::Record.to_s}' AS klass FROM #{ActionTracker::Record.table_name} WHERE action_tracker.target_id = #{self.id} and action_tracker.verb != 'join_community' and action_tracker.verb != 'leave_scrap' UNION SELECT at.id, at.updated_at, '#{ActionTracker::Record.to_s}' AS klass FROM #{ActionTracker::Record.table_name} at INNER JOIN articles a ON at.target_id = a.id WHERE a.profile_id = #{self.id} AND at.target_type = 'Article' ORDER BY updated_at DESC")
+  def exclude_verbs_on_activities
+    %w[join_community leave_scrap]
   end
 end
@@ -3,6 +3,9 @@ class CreateCommunity &lt; Task
   validates_presence_of :requestor_id, :target_id
   validates_presence_of :name
+  validates :requestor, kind_of: {kind: Person}
+  validates :target, kind_of: {kind: Environment}
+
   alias :environment :target
   alias :environment= :target=
@@ -56,10 +59,6 @@ class CreateCommunity &lt; Task
     end
   end
-  def reject_details
-    true
-  end
-
   # tells if this request was rejected
   def rejected?
     self.status == Task::Status::CANCELLED
@@ -27,6 +27,8 @@ class CreateEnterprise &lt; Task
   # checks for actual attributes
   validates_presence_of :requestor_id, :target_id
+  validates :requestor, kind_of: {kind: Person}
+
   # checks for admins required attributes
   DATA_FIELDS.each do |attribute|
     validates_presence_of attribute, :if => lambda { |obj| obj.environment.required_enterprise_fields.include?(attribute) }
@@ -164,10 +166,6 @@ class CreateEnterprise &lt; Task
     {:message => _('%{requestor} wants to create enterprise %{subject}.')}
   end
-  def reject_details
-    true
-  end
-
   def task_created_message
     _('Your request for registering enterprise "%{enterprise}" at %{environment} was just received. It will be reviewed by the validator organization of your choice, according to its methods and criteria.
 class EmailActivation < Task
   validates_presence_of :requestor_id, :target_id
+
+  validates :requestor, kind_of: {kind: Person}
+  validates :target, kind_of: {kind: Environment}
+
   validate :already_requested, :on => :create
   alias :environment :target
   alias :person :requestor
   def already_requested
-    if !self.requestor.nil? && self.requestor.user.email_activation_pending?
+    if !self.requestor.nil? && self.requestor.person? && self.requestor.user.email_activation_pending?
       self.errors.add(:base, _('You have already requested activation of your mailbox.'))
     end
   end
@@ -0,0 +1,50 @@
+class EmailTemplate < ActiveRecord::Base
+
+  belongs_to :owner, :polymorphic => true
+
+  attr_accessible :template_type, :subject, :body, :owner, :name
+
+  validates_presence_of :name
+
+  validates :name, uniqueness: { scope: [:owner_type, :owner_id] }
+
+  validates :template_type, uniqueness: { scope: [:owner_type, :owner_id] }, if: :unique_by_type?
+
+  def parsed_body(params)
+    @parsed_body ||= parse(body, params)
+  end
+
+  def parsed_subject(params)
+    @parsed_subject ||= parse(subject, params)
+  end
+
+  def self.available_types
+    {
+      :task_rejection => {:description => _('Task Rejection'), :owner_type => Profile},
+      :task_acceptance => {:description => _('Task Acceptance'), :owner_type => Profile},
+      :organization_members => {:description => _('Organization Members'), :owner_type => Profile},
+      :user_activation => {:description => _('User Activation'), :unique => true, :owner_type => Environment},
+      :user_change_password => {:description => _('Change User Password'), :unique => true, :owner_type => Environment}
+    }
+  end
+
+  def available_types
+    HashWithIndifferentAccess.new EmailTemplate.available_types.select {|k, v| owner.kind_of?(v[:owner_type])}
+  end
+
+  def type_description
+    available_types.fetch(template_type, {})[:description]
+  end
+
+  def unique_by_type?
+    available_types.fetch(template_type, {})[:unique]
+  end
+
+  protected
+
+  def parse(source, params)
+    template = Liquid::Template.parse(source)
+    template.render(HashWithIndifferentAccess.new(params))
+  end
+
+end
@@ -15,12 +15,15 @@ class Enterprise &lt; Organization
   N_('Enterprise')
-  has_many :products, :foreign_key => :profile_id, :dependent => :destroy, :order => 'name ASC'
+  acts_as_trackable after_add: proc{ |p, t| notify_activity t }
+
+  has_many :products, :foreign_key => :profile_id, :dependent => :destroy
+  has_many :product_categories, :through => :products
   has_many :inputs, :through => :products
   has_many :production_costs, :as => :owner
   has_many :favorite_enterprise_people
-  has_many :fans, through: :favorite_enterprise_people, source: :person
+  has_many :fans, source: :person, through: :favorite_enterprise_people
   def product_categories
     ProductCategory.by_enterprise(self)
@@ -194,10 +197,6 @@ class Enterprise &lt; Organization
     true
   end
-  def activities
-    Scrap.find_by_sql("SELECT id, updated_at, 'Scrap' AS klass FROM scraps WHERE scraps.receiver_id = #{self.id} AND scraps.scrap_id IS NULL UNION SELECT id, updated_at, 'ActionTracker::Record' AS klass FROM action_tracker WHERE action_tracker.target_id = #{self.id} UNION SELECT action_tracker.id, action_tracker.updated_at, 'ActionTracker::Record' AS klass FROM action_tracker INNER JOIN articles ON action_tracker.target_id = articles.id WHERE articles.profile_id = #{self.id} AND action_tracker.target_type = 'Article' ORDER BY updated_at DESC")
-  end
-
   def catalog_url
     { :profile => identifier, :controller => 'catalog'}
   end
@@ -206,4 +205,9 @@ class Enterprise &lt; Organization
     ''
   end
+  def followed_by? person
+    super or self.fans.where(id: person.id).count > 0
+  end
+
+
 end
@@ -8,6 +8,8 @@ class EnterpriseActivation &lt; Task
   validates_presence_of :enterprise
+  validates :target, kind_of: {kind: Enterprise}
+
   def perform
     self.enterprise.enable self.requestor
   end
@@ -35,4 +35,8 @@ class EnterpriseHomepage &lt; Article
     false
   end
+  def can_display_media_panel?
+    true
+  end
+
 end
@@ -3,7 +3,17 @@
 # domains.
 class Environment < ActiveRecord::Base
-  attr_accessible :name, :is_default, :signup_welcome_text_subject, :signup_welcome_text_body, :terms_of_use, :message_for_disabled_enterprise, :news_amount_by_folder, :default_language, :languages, :description, :organization_approval_method, :enabled_plugins, :enabled_features, :redirection_after_login, :redirection_after_signup, :contact_email, :theme, :reports_lower_bound, :noreply_email, :signup_welcome_screen_body, :members_whitelist_enabled, :members_whitelist, :highlighted_news_amount, :portal_news_amount
+  attr_accessible :name, :is_default, :signup_welcome_text_subject,
+                  :signup_welcome_text_body, :terms_of_use,
+                  :message_for_disabled_enterprise, :news_amount_by_folder,
+                  :default_language, :languages, :description,
+                  :organization_approval_method, :enabled_plugins,
+                  :enabled_features, :redirection_after_login,
+                  :redirection_after_signup, :contact_email, :theme,
+                  :reports_lower_bound, :noreply_email,
+                  :signup_welcome_screen_body, :members_whitelist_enabled,
+                  :members_whitelist, :highlighted_news_amount,
+                  :portal_news_amount, :date_format
   has_many :users
@@ -11,14 +21,23 @@ class Environment &lt; ActiveRecord::Base
   has_many :tasks, :dependent => :destroy, :as => 'target'
   has_many :search_terms, :as => :context
+  has_many :email_templates, :foreign_key => :owner_id
   IDENTIFY_SCRIPTS = /(php[0-9s]?|[sp]htm[l]?|pl|py|cgi|rb)/
+  validates_inclusion_of :date_format,
+                         :in => [ 'numbers_with_year', 'numbers',
+                                  'month_name_with_year', 'month_name',
+                                  'past_time'],
+                         :if => :date_format
+
   def self.verify_filename(filename)
     filename += '.txt' if File.extname(filename) =~ IDENTIFY_SCRIPTS
     filename
   end
+  NUMBER_OF_BOXES = 4
+
   PERMISSIONS['Environment'] = {
     'view_environment_admin_panel' => N_('View environment admin panel'),
     'edit_environment_features' => N_('Edit environment features'),
@@ -27,10 +46,12 @@ class Environment &lt; ActiveRecord::Base
     'manage_environment_roles' => N_('Manage environment roles'),
     'manage_environment_validators' => N_('Manage environment validators'),
     'manage_environment_users' => N_('Manage environment users'),
+    'manage_environment_organizations' => N_('Manage environment organizations'),
     'manage_environment_templates' => N_('Manage environment templates'),
     'manage_environment_licenses' => N_('Manage environment licenses'),
     'manage_environment_trusted_sites' => N_('Manage environment trusted sites'),
     'edit_appearance'      => N_('Edit appearance'),
+    'manage_email_templates' => N_('Manage Email Templates'),
   }
   module Roles
@@ -72,7 +93,8 @@ class Environment &lt; ActiveRecord::Base
         'edit_profile_design',
         'manage_products',
         'manage_friends',
-        'perform_task'
+        'perform_task',
+        'view_tasks'
       ]
     )
   end
@@ -108,6 +130,7 @@ class Environment &lt; ActiveRecord::Base
       'disable_select_city_for_contact' => _('Disable state/city select for contact form'),
       'disable_contact_person' => _('Disable contact for people'),
       'disable_contact_community' => _('Disable contact for groups/communities'),
+      'forbid_destroy_profile' => _('Forbid users of removing profiles'),
       'products_for_enterprises' => _('Enable products for enterprises'),
       'enterprise_registration' => _('Enterprise registration'),
@@ -147,7 +170,8 @@ class Environment &lt; ActiveRecord::Base
       'site_homepage' => _('Redirects the user to the environment homepage.'),
       'user_profile_page' => _('Redirects the user to his profile page.'),
       'user_homepage' => _('Redirects the user to his homepage.'),
-      'user_control_panel' => _('Redirects the user to his control panel.')
+      'user_control_panel' => _('Redirects the user to his control panel.'),
+      'custom_url' => _('Specify the URL to redirect to:'),
     }
   end
   validates_inclusion_of :redirection_after_login, :in => Environment.login_redirection_options.keys, :allow_nil => true
@@ -172,7 +196,7 @@ class Environment &lt; ActiveRecord::Base
   acts_as_having_boxes
   after_create do |env|
-    3.times do
+    NUMBER_OF_BOXES.times do
       env.boxes << Box.new
     end
@@ -228,6 +252,9 @@ class Environment &lt; ActiveRecord::Base
   # store the Environment settings as YAML-serialized Hash.
   acts_as_having_settings :field => :settings
+  # introduce and explain to users something about the signup
+  settings_items :signup_intro, :type => String
+
   # the environment's terms of use: every user must accept them before registering.
   settings_items :terms_of_use, :type => String
@@ -262,7 +289,20 @@ class Environment &lt; ActiveRecord::Base
   settings_items :activation_blocked_text, :type => String
   settings_items :message_for_disabled_enterprise, :type => String,
                  :default => _('This enterprise needs to be enabled.')
-  settings_items :location, :type => String
+
+  settings_items :contact_phone, type: String
+  settings_items :address, type: String
+  settings_items :city, type: String
+  settings_items :state, type: String
+  settings_items :country_name, type: String
+  settings_items :lat, type: Float
+  settings_items :lng, type: Float
+  settings_items :postal_code, type: String
+  settings_items :location, type: String
+
+  alias_method :zip_code=, :postal_code
+  alias_method :zip_code, :postal_code
+
   settings_items :layout_template, :type => String, :default => 'default'
   settings_items :homepage, :type => String
   settings_items :description, :type => String, :default => '<div style="text-align: center"><a href="http://noosfero.org/"><img src="/images/noosfero-network.png" alt="Noosfero"/></a></div>'
@@ -306,6 +346,9 @@ class Environment &lt; ActiveRecord::Base
   settings_items :signup_welcome_screen_body, :type => String
+  #Captcha settings
+  settings_items :api_captcha_settings, :type => ActiveSupport::HashWithIndifferentAccess, :default => {}
+
   def has_custom_welcome_screen?
     settings[:signup_welcome_screen_body].present?
   end
@@ -337,6 +380,16 @@ class Environment &lt; ActiveRecord::Base
     self.save!
   end
+  def enable_all_plugins
+    Noosfero::Plugin.available_plugin_names.each do |plugin|
+      plugin_name = plugin.to_s + "Plugin"
+      unless self.enabled_plugins.include?(plugin_name)
+        self.enabled_plugins += [plugin_name]
+      end
+    end
+    self.save!
+  end
+
   # Disables a feature identified by its name
   def disable(feature, must_save=true)
     self.settings["#{feature}_enabled".to_sym] = false
@@ -439,7 +492,8 @@ class Environment &lt; ActiveRecord::Base
   end
   def custom_person_fields
-    self.settings[:custom_person_fields].nil? ? {} : self.settings[:custom_person_fields]
+    self.settings[:custom_person_fields] = {} if self.settings[:custom_person_fields].nil?
+    self.settings[:custom_person_fields]
   end
   def custom_person_fields=(values)
@@ -737,8 +791,8 @@ class Environment &lt; ActiveRecord::Base
   end
   def is_default_template?(template)
-    is_default = template == community_default_template 
-    is_default = is_default || template == person_default_template 
+    is_default = template == community_default_template
+    is_default = is_default || template == person_default_template
     is_default = is_default || template == enterprise_default_template
     is_default
   end
@@ -952,6 +1006,10 @@ class Environment &lt; ActiveRecord::Base
     self.licenses.any?
   end
+  def to_liquid
+    HashWithIndifferentAccess.new :name => name
+  end
+
   private
   def default_language_available
@@ -3,13 +3,14 @@ require &#39;builder&#39;
 class Event < Article
-  attr_accessible :start_date, :end_date, :link, :address
+  attr_accessible :start_date, :end_date, :link, :address, :presenter
   def self.type_name
     _('Event')
   end
   settings_items :address, :type => :string
+  settings_items :presenter, :type => :string
   def link=(value)
     self.setting[:link] = maybe_add_http(value)
@@ -23,7 +24,7 @@ class Event &lt; Article
   def initialize(*args)
     super(*args)
-    self.start_date ||= Date.today
+    self.start_date ||= DateTime.now
   end
   validates_presence_of :title, :start_date
@@ -35,7 +36,7 @@ class Event &lt; Article
   end
   scope :by_day, lambda { |date|
-    { :conditions => ['start_date = :date AND end_date IS NULL OR (start_date <= :date AND end_date >= :date)', {:date => date}],
+    { :conditions => [' start_date >= :start_date AND start_date <= :end_date AND end_date IS NULL OR (start_date <= :end_date  AND end_date >= :start_date)', {:start_date => date.beginning_of_day, :end_date => date.end_of_day}],
       :order => 'start_date ASC'
     }
   }
@@ -80,7 +81,7 @@ class Event &lt; Article
   def self.date_range(year, month)
     if year.nil? || month.nil?
-      today = Date.today
+      today = DateTime.now
       year = today.year
       month = today.month
     else
@@ -88,7 +89,7 @@ class Event &lt; Article
       month = month.to_i
     end
-    first_day = Date.new(year, month, 1)
+    first_day = DateTime.new(year, month, 1)
     last_day = first_day + 1.month - 1.day
     first_day..last_day
@@ -98,51 +99,23 @@ class Event &lt; Article
     start_date..(end_date||start_date)
   end
-  # FIXME this shouldn't be needed
-  include ActionView::Helpers::TagHelper
-  include ActionView::Helpers::UrlHelper
-  include DatesHelper
+  def first_paragraph
+    paragraphs = Nokogiri::HTML.fragment(self.body).css('p')
+    paragraphs.empty? ? '' : paragraphs.first.to_html
+  end
   def to_html(options = {})
+    event = self
+    format = options[:format]
-    result = ''
-    html = ::Builder::XmlMarkup.new(:target => result)
-
-    html.div(:class => 'event-info' ) {
-      html.ul(:class => 'event-data' ) {
-        html.li(:class => 'event-dates' ) {
-          html.span _('When:')
-          html.text! show_period(start_date, end_date)
-        } if start_date.present? || end_date.present?
-        html.li {
-          html.span _('URL:')
-          html.a(self.link || "", 'href' => self.link || "")
-        } if self.link.present?
-        html.li {
-          html.span _('Address:')
-          html.text! self.address || ""
-        } if self.address.present?
-      }
-
-      # TODO: some good soul, please clean this ugly hack:
-      if self.body
-        html.div('_____XXXX_DESCRIPTION_GOES_HERE_XXXX_____', :class => 'event-description')
-      end
-    }
-
-    if self.body
-      if options[:format] == 'short'
-        result.sub!('_____XXXX_DESCRIPTION_GOES_HERE_XXXX_____', display_short_format(self))
-      else
-        result.sub!('_____XXXX_DESCRIPTION_GOES_HERE_XXXX_____', self.body)
-      end
+    proc do
+      render :file => 'content_viewer/event_page', :locals => { :event => event,
+        :format => format }
     end
-
-    result
   end
   def duration
-    ((self.end_date || self.start_date) - self.start_date).to_i
+    (((self.end_date || self.start_date) - self.start_date).to_i/60/60/24)
   end
   alias_method :article_lead, :lead
@@ -162,6 +135,10 @@ class Event &lt; Article
     true
   end
+  def can_display_media_panel?
+    true
+  end
+
   include Noosfero::TranslatableContent
   include MaybeAddHttp
 class FavoriteEnterprisePerson < ActiveRecord::Base
-  self.table_name = :favorite_enteprises_people
+  attr_accessible :person, :enterprise
+
+  track_actions :favorite_enterprise, :after_create, keep_params: [:enterprise_name, :enterprise_url], if: proc{ |f| f.is_trackable? }
   belongs_to :enterprise
   belongs_to :person
+  protected
+
+  def is_trackable?
+    self.enterprise.public?
+  end
+
+  def enterprise_name
+    self.enterprise.short_name(nil)
+  end
+  def enterprise_url
+    self.enterprise.url
+  end
+
 end
@@ -20,6 +20,10 @@ class FeaturedProductsBlock &lt; Block
     _('Featured Products')
   end
+  def self.pretty_name
+    _('Featured Products')
+  end
+
   def products
     Product.find(self.product_ids) || []
   end
@@ -40,6 +40,10 @@ class FeedReaderBlock &lt; Block
     _('Feed reader')
   end
+  def self.pretty_name
+    _('Feed Reader')
+  end
+
   def help
     _('This block can be used to list the latest new from any site you want. You just need to inform the address of a RSS feed.')
   end
@@ -3,11 +3,11 @@ class Forum &lt; Folder
   acts_as_having_posts :order => 'updated_at DESC'
   include PostsLimit
-  attr_accessible :has_terms_of_use, :terms_of_use, :allows_members_to_create_topics
+  attr_accessible :has_terms_of_use, :terms_of_use, :topic_creation
   settings_items :terms_of_use, :type => :string, :default => ""
   settings_items :has_terms_of_use, :type => :boolean, :default => false
-  settings_items :allows_members_to_create_topics, :type => :boolean, :default => false
+  settings_items :topic_creation, :type => :string, :default => 'self'
   has_and_belongs_to_many :users_with_agreement, :class_name => 'Person', :join_table => 'terms_forum_people'
   before_save do |forum|
@@ -33,6 +33,23 @@ class Forum &lt; Folder
     _('An internet forum, also called message board, where discussions can be held.')
   end
+  module TopicCreation
+    BASE = ActiveSupport::OrderedHash.new
+    BASE['users'] = _('Logged users')
+
+    PERSON = ActiveSupport::OrderedHash.new
+    PERSON['self'] = _('Me')
+    PERSON['related'] = _('Friends')
+
+    GROUP = ActiveSupport::OrderedHash.new
+    GROUP['self'] = _('Administrators')
+    GROUP['related'] = _('Members')
+
+    def self.general_options(forum)
+      forum.profile.person? ? PERSON.merge(BASE) : GROUP.merge(BASE)
+    end
+  end
+
   include ActionView::Helpers::TagHelper
   def to_html(options = {})
     proc do
@@ -69,11 +86,17 @@ class Forum &lt; Folder
     self.users_with_agreement.exists? user
   end
-  def can_create_topic?(user, profile)
-    return profile.community? && profile.members.include?(user) && self.allows_members_to_create_topics
+  def can_create_topic?(user)
+    return true if user == profile || profile.admins.include?(user) || profile.environment.admins.include?(user)
+    case topic_creation
+    when 'related'
+      profile.person? ? profile.friends.include?(user) : profile.members.include?(user)
+    when 'users'
+      user.present?
+    end
   end
   def allow_create?(user)
-    super || can_create_topic?(user, profile)
+    super || can_create_topic?(user)
   end
 end
@@ -12,6 +12,7 @@ class HighlightsBlock &lt; Block
     block.images.each do |i|
       i[:image_id] = i[:image_id].to_i
       i[:position] = i[:position].to_i
+      i[:address] = Noosfero.root + i[:address]  unless Noosfero.root.nil?
       begin
         file = UploadedFile.find(i[:image_id])
         i[:image_src] = file.public_filename
@@ -22,12 +23,20 @@ class HighlightsBlock &lt; Block
   end
   def self.description
-    _('Highlights')
+    _('Creates image slideshow')
   end
   def featured_images
-    block_images = images.select{|i| !i[:image_src].nil? }.sort { |x, y| x[:position] <=> y[:position] }
-    shuffle ? block_images.shuffle : block_images
+    images = get_images
+    shuffle ? images.shuffle : images
+  end
+
+  def get_images
+    images.select do |i|
+      !i[:image_src].nil?
+    end.sort do |x, y|
+      x[:position] <=> y[:position]
+    end
   end
   def content(args={})
@@ -23,7 +23,7 @@ class Image &lt; ActiveRecord::Base
   postgresql_attachment_fu
-  attr_accessible :uploaded_data
+  attr_accessible :uploaded_data, :label
   def current_data
     File.file?(full_filename) ? File.read(full_filename) : nil
@@ -6,6 +6,8 @@ class Invitation &lt; Task
   validates_presence_of :target_id, :if => Proc.new{|invite| invite.friend_email.blank?}
+  validates :requestor, kind_of: {kind: Person}
+
   validates_presence_of :friend_email, :if => Proc.new{|invite| invite.target_id.blank?}
   validates_format_of :friend_email, :with => Noosfero::Constants::EMAIL_FORMAT, :if => Proc.new{|invite| invite.target_id.blank?}
@@ -34,7 +36,7 @@ class Invitation &lt; Task
   end
   def not_invite_yourself
-    email = friend ? friend.user.email : friend_email
+    email = friend && friend.person? ? friend.user.email : friend_email
     if person && email && person.user.email == email
       self.errors.add(:base, _("You can't invite youself"))
     end
@@ -136,7 +138,11 @@ class Invitation &lt; Task
   end
   def environment
-    self.requestor.environment
+    if self.requestor
+      self.requestor.environment
+    else
+      nil
+    end
   end
 end
@@ -55,6 +55,10 @@ class LinkListBlock &lt; Block
     _('This block can be used to create a menu of links. You can add, remove and update the links as you wish.')
   end
+  def self.pretty_name
+    _('Link list')
+  end
+
   def content(args={})
     block_title(title) +
     content_tag('ul',
@@ -0,0 +1,26 @@		@@ -0,0 +1,26 @@
	1	+before_script:
	2	+ - mkdir -p tmp/pids log
	3	+ - bundle check \|\| bundle install
	4	+# workaround for plugins with Gemfile
	5	+ - perl -pi -e 's/--local //' script/noosfero-plugins
	6	+ - script/noosfero-plugins disableall
	7	+ - bundle exec rake makemo &>/dev/null
	8	+# database
	9	+ - cp config/database.yml.gitlab-ci config/database.yml
	10	+ - createdb gitlab_ci_test \|\| true
	11	+ - bundle exec rake db:schema:load &>/dev/null
	12	+ - bundle exec rake db:migrate &>/dev/null
	13	+
	14	+units:
	15	+ script: bundle exec rake test:units
	16	+functionals:
	17	+ script: bundle exec rake test:functionals
	18	+integration:
	19	+ script: bundle exec rake test:integration
	20	+cucumber:
	21	+ script: bundle exec rake cucumber
	22	+selenium:
	23	+ script: bundle exec rake selenium
	24	+plugins:
	25	+ script: bundle exec rake test:noosfero_plugins
	26	+
@@ -0,0 +1,39 @@		@@ -0,0 +1,39 @@
	1	+[submodule "plugins/pairwise"]
	2	+ path = plugins/pairwise
	3	+ url = https://gitlab.com/noosfero-plugins/pairwise.git
	4	+[submodule "plugins/proposals_discussion"]
	5	+ path = plugins/proposals_discussion
	6	+ url = https://gitlab.com/noosfero-plugins/proposals_discussion.git
	7	+[submodule "plugins/site_tour"]
	8	+ path = plugins/site_tour
	9	+ url = https://gitlab.com/noosfero-plugins/site_tour.git
	10	+[submodule "plugins/gamification"]
	11	+ path = plugins/gamification
	12	+ url = https://gitlab.com/noosfero-plugins/gamification.git
	13	+[submodule "plugins/comment_paragraph"]
	14	+ path = plugins/comment_paragraph
	15	+ url = https://gitlab.com/noosfero-plugins/comment-paragraph.git
	16	+[submodule "plugins/notification"]
	17	+ path = plugins/notification
	18	+ url = https://gitlab.com/noosfero-plugins/notification.git
	19	+[submodule "plugins/email_article"]
	20	+ path = plugins/email_article
	21	+ url = https://gitlab.com/noosfero-plugins/email_article.git
	22	+[submodule "public/proposal-app"]
	23	+ path = public/proposal-app
	24	+ url = https://gitlab.com/participa/proposal-app.git
	25	+[submodule "plugins/gravatar_provider"]
	26	+ path = plugins/gravatar_provider
	27	+ url = https://gitlab.com/noosfero-plugins/gravatar-provider.git
	28	+[submodule "plugins/juventude"]
	29	+ path = plugins/juventude
	30	+ url = https://gitlab.com/noosfero-plugins/juventude.git
	31	+[submodule "plugins/dialoga"]
	32	+ path = plugins/dialoga
	33	+ url = https://gitlab.com/participa/dialoga-plugin.git
	34	+[submodule "rest-clients/confjuvapp"]
	35	+ path = rest-clients/confjuvapp
	36	+ url = https://gitlab.com/participa/confjuvapp.git
	37	+[submodule "rest-clients/proposal-app"]
	38	+ path = rest-clients/proposal-app
	39	+ url = https://gitlab.com/participa/proposal-app.git
@@ -0,0 +1,53 @@		@@ -0,0 +1,53 @@
	1	+language: ruby
	2	+rvm:
	3	+# for 2.2 support we need to upgrade the pg gem
	4	+ - 2.1.6
	5	+
	6	+sudo: false
	7	+addons:
	8	+ apt:
	9	+ packages:
	10	+ - po4a
	11	+ - iso-codes
	12	+ - tango-icon-theme
	13	+ - pidgin-data
	14	+ # for gem extensions
	15	+ - libmagickwand-dev
	16	+ - libpq-dev
	17	+ - libreadline-dev
	18	+ - libsqlite3-dev
	19	+ - libxslt1-dev
	20	+
	21	+before_install:
	22	+ - gem env
	23	+
	24	+# workaround for https://github.com/travis-ci/travis-ci/issues/4536
	25	+before_install:
	26	+ - export GEM_HOME=$PWD/vendor/bundle/ruby/2.1.0
	27	+ - gem install bundler
	28	+cache: bundler
	29	+
	30	+before_script:
	31	+ - mkdir -p tmp/pids log
	32	+# workaround for plugins with Gemfile
	33	+ - perl -pi -e 's/cat .+ > \$gemfile/echo "source \\"https:\/\/rubygems.org\\"" > \$gemfile && cat \$source\/Gemfile >> \$gemfile/' script/noosfero-plugins
	34	+ - perl -pi -e 's/--local --quiet/install --jobs=3 --retry=3/' script/noosfero-plugins
	35	+ - script/noosfero-plugins disableall
	36	+ - bundle exec rake makemo &>/dev/null
	37	+# database
	38	+ - cp config/database.yml.travis config/database.yml
	39	+ - psql -c 'create database myapp_test;' -U postgres
	40	+ - bundle exec rake db:schema:load &>/dev/null
	41	+ - bundle exec rake db:migrate &>/dev/null
	42	+
	43	+env:
	44	+ - TASK=test:units
	45	+ - TASK=test:functionals
	46	+ - TASK=test:integration
	47	+ - TASK=cucumber
	48	+ - TASK=selenium
	49	+ - TASK=test:noosfero_plugins
	50	+
	51	+script:
	52	+ - bundle exec rake $TASK
	53	+
@@ -0,0 +1,281 @@		@@ -0,0 +1,281 @@
	1	+GIT
	2	+ remote: https://github.com/aceunreal/grape_logging.git
	3	+ revision: f1755ae4e1d897a65b20218d40681f59a9630f1b
	4	+ ref: f1755ae
	5	+ specs:
	6	+ grape_logging (1.1.2)
	7	+ grape
	8	+
	9	+GEM
	10	+ remote: https://rubygems.org/
	11	+ specs:
	12	+ RedCloth (4.2.9)
	13	+ actionmailer (3.2.22)
	14	+ actionpack (= 3.2.22)
	15	+ mail (~> 2.5.4)
	16	+ actionpack (3.2.22)
	17	+ activemodel (= 3.2.22)
	18	+ activesupport (= 3.2.22)
	19	+ builder (~> 3.0.0)
	20	+ erubis (~> 2.7.0)
	21	+ journey (~> 1.0.4)
	22	+ rack (~> 1.4.5)
	23	+ rack-cache (~> 1.2)
	24	+ rack-test (~> 0.6.1)
	25	+ sprockets (~> 2.2.1)
	26	+ activemodel (3.2.22)
	27	+ activesupport (= 3.2.22)
	28	+ builder (~> 3.0.0)
	29	+ activerecord (3.2.22)
	30	+ activemodel (= 3.2.22)
	31	+ activesupport (= 3.2.22)
	32	+ arel (~> 3.0.2)
	33	+ tzinfo (~> 0.3.29)
	34	+ activeresource (3.2.22)
	35	+ activemodel (= 3.2.22)
	36	+ activesupport (= 3.2.22)
	37	+ activesupport (3.2.22)
	38	+ i18n (~> 0.6, >= 0.6.4)
	39	+ multi_json (~> 1.0)
	40	+ acts-as-taggable-on (3.4.4)
	41	+ activerecord (>= 3.2, < 5)
	42	+ api-pagination (4.1.1)
	43	+ arel (3.0.3)
	44	+ axiom-types (0.1.1)
	45	+ descendants_tracker (~> 0.0.4)
	46	+ ice_nine (~> 0.11.0)
	47	+ thread_safe (~> 0.3, >= 0.3.1)
	48	+ builder (3.0.4)
	49	+ capybara (2.1.0)
	50	+ mime-types (>= 1.16)
	51	+ nokogiri (>= 1.3.3)
	52	+ rack (>= 1.0.0)
	53	+ rack-test (>= 0.5.4)
	54	+ xpath (~> 2.0)
	55	+ childprocess (0.5.6)
	56	+ ffi (~> 1.0, >= 1.0.11)
	57	+ chronic (0.10.2)
	58	+ coercible (1.0.0)
	59	+ descendants_tracker (~> 0.0.1)
	60	+ cucumber (1.0.6)
	61	+ builder (>= 2.1.2)
	62	+ diff-lcs (>= 1.1.2)
	63	+ gherkin (~> 2.4.18)
	64	+ json (>= 1.4.6)
	65	+ term-ansicolor (>= 1.0.6)
	66	+ cucumber-rails (1.0.6)
	67	+ capybara (>= 1.1.1)
	68	+ cucumber (>= 1.0.6)
	69	+ nokogiri (>= 1.5.0)
	70	+ daemons (1.1.9)
	71	+ dalli (2.7.4)
	72	+ database_cleaner (1.2.0)
	73	+ descendants_tracker (0.0.4)
	74	+ thread_safe (~> 0.3, >= 0.3.1)
	75	+ diff-lcs (1.2.5)
	76	+ eita-jrails (0.9.5)
	77	+ actionpack (~> 3.2, >= 3.1.0)
	78	+ activesupport (~> 3.2, >= 3.0.0)
	79	+ equalizer (0.0.11)
	80	+ erubis (2.7.0)
	81	+ eventmachine (1.0.7)
	82	+ exception_notification (4.0.1)
	83	+ actionmailer (>= 3.0.4)
	84	+ activesupport (>= 3.0.4)
	85	+ execjs (2.5.2)
	86	+ fast_gettext (0.6.12)
	87	+ ffi (1.9.10)
	88	+ gettext (2.2.1)
	89	+ locale
	90	+ gherkin (2.4.21)
	91	+ json (>= 1.4.6)
	92	+ git-version-bump (0.15.1)
	93	+ grape (0.12.0)
	94	+ activesupport
	95	+ builder
	96	+ hashie (>= 2.1.0)
	97	+ multi_json (>= 1.3.2)
	98	+ multi_xml (>= 0.5.2)
	99	+ rack (>= 1.3.0)
	100	+ rack-accept
	101	+ rack-mount
	102	+ virtus (>= 1.0.0)
	103	+ grape-entity (0.4.5)
	104	+ activesupport
	105	+ multi_json (>= 1.3.2)
	106	+ hashie (2.1.2)
	107	+ hike (1.2.3)
	108	+ i18n (0.7.0)
	109	+ ice_nine (0.11.1)
	110	+ journey (1.0.4)
	111	+ json (1.8.3)
	112	+ libv8 (3.16.14.11)
	113	+ liquid (3.0.6)
	114	+ locale (2.0.9)
	115	+ magic (0.2.9)
	116	+ ffi (>= 0.6.3)
	117	+ mail (2.5.4)
	118	+ mime-types (~> 1.16)
	119	+ treetop (~> 1.4.8)
	120	+ metaclass (0.0.4)
	121	+ mime-types (1.25.1)
	122	+ mini_portile (0.6.2)
	123	+ minitest (3.2.0)
	124	+ mocha (1.1.0)
	125	+ metaclass (~> 0.0.1)
	126	+ multi_json (1.11.2)
	127	+ multi_xml (0.5.5)
	128	+ nokogiri (1.6.6.2)
	129	+ mini_portile (~> 0.6.0)
	130	+ pg (0.13.2)
	131	+ polyglot (0.3.5)
	132	+ rack (1.4.7)
	133	+ rack-accept (0.4.5)
	134	+ rack (>= 0.4)
	135	+ rack-cache (1.2)
	136	+ rack (>= 0.4)
	137	+ rack-contrib (1.3.0)
	138	+ git-version-bump (~> 0.15)
	139	+ rack (~> 1.4)
	140	+ rack-cors (0.4.0)
	141	+ rack-mount (0.8.3)
	142	+ rack (>= 1.0.0)
	143	+ rack-ssl (1.3.4)
	144	+ rack
	145	+ rack-test (0.6.3)
	146	+ rack (>= 1.0)
	147	+ rails (3.2.22)
	148	+ actionmailer (= 3.2.22)
	149	+ actionpack (= 3.2.22)
	150	+ activerecord (= 3.2.22)
	151	+ activeresource (= 3.2.22)
	152	+ activesupport (= 3.2.22)
	153	+ bundler (~> 1.0)
	154	+ railties (= 3.2.22)
	155	+ rails_autolink (1.1.6)
	156	+ rails (> 3.1)
	157	+ railties (3.2.22)
	158	+ actionpack (= 3.2.22)
	159	+ activesupport (= 3.2.22)
	160	+ rack-ssl (~> 1.3.2)
	161	+ rake (>= 0.8.7)
	162	+ rdoc (~> 3.4)
	163	+ thor (>= 0.14.6, < 2.0)
	164	+ rake (10.4.2)
	165	+ rdoc (3.12.2)
	166	+ json (~> 1.4)
	167	+ ref (2.0.0)
	168	+ rest-client (1.6.9)
	169	+ mime-types (~> 1.16)
	170	+ rmagick (2.13.4)
	171	+ rspec (2.14.1)
	172	+ rspec-core (~> 2.14.0)
	173	+ rspec-expectations (~> 2.14.0)
	174	+ rspec-mocks (~> 2.14.0)
	175	+ rspec-core (2.14.8)
	176	+ rspec-expectations (2.14.5)
	177	+ diff-lcs (>= 1.1.3, < 2.0)
	178	+ rspec-mocks (2.14.6)
	179	+ rspec-rails (2.14.2)
	180	+ actionpack (>= 3.0)
	181	+ activemodel (>= 3.0)
	182	+ activesupport (>= 3.0)
	183	+ railties (>= 3.0)
	184	+ rspec-core (~> 2.14.0)
	185	+ rspec-expectations (~> 2.14.0)
	186	+ rspec-mocks (~> 2.14.0)
	187	+ ruby-feedparser (0.9.3)
	188	+ magic
	189	+ rubyzip (1.1.7)
	190	+ sass (3.4.15)
	191	+ sass-rails (3.2.6)
	192	+ railties (~> 3.2.0)
	193	+ sass (>= 3.1.10)
	194	+ tilt (~> 1.3)
	195	+ selenium-webdriver (2.39.0)
	196	+ childprocess (>= 0.2.5)
	197	+ multi_json (~> 1.0)
	198	+ rubyzip (~> 1.0)
	199	+ websocket (~> 1.0.4)
	200	+ sprockets (2.2.3)
	201	+ hike (~> 1.2)
	202	+ multi_json (~> 1.0)
	203	+ rack (~> 1.0)
	204	+ tilt (~> 1.1, != 1.3.0)
	205	+ term-ansicolor (1.3.2)
	206	+ tins (~> 1.0)
	207	+ therubyracer (0.12.2)
	208	+ libv8 (~> 3.16.14.0)
	209	+ ref
	210	+ thin (1.3.1)
	211	+ daemons (>= 1.0.9)
	212	+ eventmachine (>= 0.12.6)
	213	+ rack (>= 1.0.0)
	214	+ thor (0.19.1)
	215	+ thread_safe (0.3.5)
	216	+ tilt (1.4.1)
	217	+ tins (1.5.4)
	218	+ treetop (1.4.15)
	219	+ polyglot
	220	+ polyglot (>= 0.3.1)
	221	+ tzinfo (0.3.44)
	222	+ uglifier (2.7.1)
	223	+ execjs (>= 0.3.0)
	224	+ json (>= 1.8.0)
	225	+ virtus (1.0.5)
	226	+ axiom-types (~> 0.1)
	227	+ coercible (~> 1.0)
	228	+ descendants_tracker (~> 0.0, >= 0.0.3)
	229	+ equalizer (~> 0.0, >= 0.0.9)
	230	+ websocket (1.0.7)
	231	+ whenever (0.9.4)
	232	+ chronic (>= 0.6.3)
	233	+ will_paginate (3.0.7)
	234	+ xpath (2.0.0)
	235	+ nokogiri (~> 1.3)
	236	+
	237	+PLATFORMS
	238	+ ruby
	239	+
	240	+DEPENDENCIES
	241	+ RedCloth (~> 4.2.9)
	242	+ acts-as-taggable-on (~> 3.4.2)
	243	+ api-pagination (~> 4.1.1)
	244	+ capybara (~> 2.1.0)
	245	+ cucumber (~> 1.0.6)
	246	+ cucumber-rails (~> 1.0.6)
	247	+ daemons (~> 1.1.5)
	248	+ dalli (~> 2.7.0)
	249	+ database_cleaner (~> 1.2.0)
	250	+ eita-jrails (~> 0.9.5)
	251	+ exception_notification (~> 4.0.1)
	252	+ execjs
	253	+ fast_gettext (~> 0.6.8)
	254	+ gettext (~> 2.2.1)
	255	+ grape (~> 0.12)
	256	+ grape-entity
	257	+ grape_logging!
	258	+ liquid (~> 3.0.3)
	259	+ locale (~> 2.0.5)
	260	+ minitest (~> 3.2.0)
	261	+ mocha (~> 1.1.0)
	262	+ nokogiri (~> 1.6.0)
	263	+ pg (~> 0.13.2)
	264	+ rack-contrib
	265	+ rack-cors
	266	+ rails (~> 3.2.22)
	267	+ rails_autolink (~> 1.1.5)
	268	+ rake
	269	+ rest-client (~> 1.6.7)
	270	+ rmagick (~> 2.13.1)
	271	+ rspec (~> 2.14.0)
	272	+ rspec-rails (~> 2.14.1)
	273	+ ruby-feedparser (~> 0.7)
	274	+ rubyzip
	275	+ sass-rails
	276	+ selenium-webdriver (~> 2.39.0)
	277	+ therubyracer
	278	+ thin (~> 1.3.1)
	279	+ uglifier (>= 1.0.3)
	280	+ whenever
	281	+ will_paginate (~> 3.0.3)
	@@ -74,7 +74,7 @@ downloading from git		@@ -74,7 +74,7 @@ downloading from git
74		74
75	Here we are cloning the noosfero repository from git. Note: you will need to install git before.	75	Here we are cloning the noosfero repository from git. Note: you will need to install git before.
76		76
77	- $ git clone git://gitorious.org/noosfero/noosfero.git current	77	+ $ git clone https://gitlab.com/noosfero/noosfero.git current
78	$ cd current	78	$ cd current
79	$ git checkout -b stable origin/stable	79	$ git checkout -b stable origin/stable
80		80
	@@ -15,4 +15,21 @@ Noosfero::Application.load_tasks		@@ -15,4 +15,21 @@ Noosfero::Application.load_tasks
15	Dir.glob(pattern).sort	15	Dir.glob(pattern).sort
16	end.flatten.each do \|taskfile\|	16	end.flatten.each do \|taskfile\|
17	load taskfile	17	load taskfile
		18	+end
		19	+
		20	+# plugins' tasks
		21	+plugins_tasks = Dir.glob("config/plugins//{tasks,lib/tasks,rails/tasks}//.rake").sort +
		22	+ Dir.glob("config/plugins//vendor/plugins//{tasks,lib/tasks,rails/tasks}/*/.rake").sort
		23	+plugins_tasks.each{ \|ext\| load ext }
		24	+
		25	+
		26	+desc "Print out grape routes"
		27	+task :grape_routes => :environment do
		28	+ #require 'api/api.rb'
		29	+ Noosfero::API::API.routes.each do \|route\|
		30	+ puts route
		31	+ method = route.route_method
		32	+ path = route.route_path
		33	+ puts " #{method} #{path}"
		34	+ end
18	end	35	end
	@@ -71,22 +71,4 @@ class AdminPanelController < AdminController		@@ -71,22 +71,4 @@ class AdminPanelController < AdminController
71	end	71	end
72	end	72	end
73	end	73	end
74	-
75	- def manage_organizations_status
76	- scope = environment.organizations
77	- @filter = params[:filter] \|\| 'any'
78	- @title = "Organization profiles"
79	- @title = @title+" - "+@filter if @filter != 'any'
80	-
81	- if @filter == 'enabled'
82	- scope = scope.visible
83	- elsif @filter == 'disabled'
84	- scope = scope.disabled
85	- end
86	-
87	- scope = scope.order('name ASC')
88	-
89	- @q = params[:q]
90	- @collection = find_by_contents(:organizations, environment, scope, @q, {:per_page => 10, :page => params[:npage]})[:results]
91	- end
92	end	74	end
@@ -0,0 +1,15 @@		@@ -0,0 +1,15 @@
	1	+class EnvironmentEmailTemplatesController < EmailTemplatesController
	2	+
	3	+ protect 'manage_email_templates', :environment
	4	+
	5	+ protected
	6	+
	7	+ def owner
	8	+ environment
	9	+ end
	10	+
	11	+ before_filter :only => :index do
	12	+ @back_to = url_for(:controller => :admin_panel)
	13	+ end
	14	+
	15	+end
1	class FeaturesController < AdminController	1	class FeaturesController < AdminController
		2	+
2	protect 'edit_environment_features', :environment	3	protect 'edit_environment_features', :environment
3	-	4	+
4	def index	5	def index
5	@features = Environment.available_features.sort_by{\|k,v\|v}	6	@features = Environment.available_features.sort_by{\|k,v\|v}
6	end	7	end
7		8
		9	+ def manage_blocks
		10	+ @blocks = [ ArticleBlock,
		11	+ TagsBlock,
		12	+ RecentDocumentsBlock,
		13	+ ProfileInfoBlock,
		14	+ LinkListBlock,
		15	+ MyNetworkBlock,
		16	+ FeedReaderBlock,
		17	+ ProfileImageBlock,
		18	+ LocationBlock,
		19	+ SlideshowBlock,
		20	+ ProfileSearchBlock,
		21	+ HighlightsBlock,
		22	+ FriendsBlock,
		23	+ FavoriteEnterprisesBlock,
		24	+ CommunitiesBlock,
		25	+ EnterprisesBlock,
		26	+ MembersBlock,
		27	+ DisabledEnterpriseMessageBlock,
		28	+ ProductCategoriesBlock,
		29	+ FeaturedProductsBlock,
		30	+ FansBlock,
		31	+ ProductsBlock ]
		32	+
		33	+ @blocks += plugins.dispatch(:extra_blocks)
		34	+ @blocks.sort_by! { \|block\| block.name }
		35	+ end
		36	+
8	post_only :update	37	post_only :update
9	def update	38	def update
10	if @environment.update_attributes(params[:environment])	39	if @environment.update_attributes(params[:environment])
	@@ -15,6 +44,17 @@ class FeaturesController < AdminController		@@ -15,6 +44,17 @@ class FeaturesController < AdminController
15	end	44	end
16	end	45	end
17		46
		47	+ post_only :update_blocks
		48	+ def update_blocks
		49	+ params[:environment].delete(:available_blocks)
		50	+ if @environment.update_attributes(params[:environment])
		51	+ session[:notice] = _('Blocks updated successfully.')
		52	+ redirect_to :action => 'manage_blocks'
		53	+ else
		54	+ render :action => 'manage_blocks'
		55	+ end
		56	+ end
		57	+
18	def manage_fields	58	def manage_fields
19	@person_fields = Person.fields	59	@person_fields = Person.fields
20	@enterprise_fields = Enterprise.fields	60	@enterprise_fields = Enterprise.fields
@@ -0,0 +1,66 @@		@@ -0,0 +1,66 @@
	1	+class OrganizationsController < AdminController
	2	+
	3	+ protect 'manage_environment_organizations', :environment
	4	+
	5	+ def index
	6	+ @filter = params[:filter] \|\| 'any'
	7	+ @title = _('Organization profiles')
	8	+ @type = params[:type] \|\| "any"
	9	+ @types_filter = [[_('All'), 'any'], [_('Community'), 'Community'], [_('Enterprise'), 'Enterprise']]
	10	+ @types_filter = @types_filter \| @plugins.dispatch(:organization_types_filter_options)
	11	+
	12	+ scope = @plugins.dispatch_first(:filter_manage_organization_scope, @type)
	13	+ if scope.blank?
	14	+ scope = environment.organizations
	15	+ scope = scope.where(:type => @type) if @type != 'any'
	16	+ end
	17	+
	18	+ if @filter == 'enabled'
	19	+ scope = scope.visible
	20	+ elsif @filter == 'disabled'
	21	+ scope = scope.disabled
	22	+ end
	23	+
	24	+ scope = scope.order('name ASC')
	25	+
	26	+ @q = params[:q]
	27	+ @collection = find_by_contents(:organizations, environment, scope, @q, {:per_page => per_page, :page => params[:npage]})[:results]
	28	+ end
	29	+
	30	+ def activate
	31	+ organization = environment.organizations.find(params[:id])
	32	+ if organization.enable
	33	+ render :text => (_('%s enabled') % organization.name).to_json
	34	+ else
	35	+ render :text => (_('%s could not be enabled') % organization.name).to_json
	36	+ end
	37	+ end
	38	+
	39	+ def deactivate
	40	+ organization = environment.organizations.find(params[:id])
	41	+ if organization.disable
	42	+ render :text => (_('%s disabled') % organization.name).to_json
	43	+ else
	44	+ render :text => (_('%s could not be disable') % organization.name).to_json
	45	+ end
	46	+ end
	47	+
	48	+ def destroy
	49	+ if request.post?
	50	+ organization = environment.organizations.find(params[:id])
	51	+ if organization && organization.destroy
	52	+ render :text => (_('%s removed') % organization.name).to_json
	53	+ else
	54	+ render :text => (_('%s could not be removed') % organization.name).to_json
	55	+ end
	56	+ else
	57	+ render :nothing => true
	58	+ end
	59	+ end
	60	+
	61	+ private
	62	+
	63	+ def per_page
	64	+ 10
	65	+ end
	66	+end