Merge branch 'master' of gitlab.com:noosfero/noosfero

Rodrigo Souto
2 parents d442dac2 ec0f8b0e
Showing 174 changed files with 2162 additions and 2196 deletions Show diff stats
Gemfile
INSTALL.md
INSTALL.multitenancy.md
app/controllers/application_controller.rb
app/helpers/application_helper.rb
app/helpers/boxes_helper.rb
app/helpers/colorbox_helper.rb
app/helpers/comment_helper.rb
app/helpers/layout_helper.rb
app/helpers/lightbox_helper.rb
app/helpers/modal_helper.rb
app/helpers/thickbox_helper.rb
app/models/article.rb
app/models/enterprise.rb
app/models/environment.rb
app/models/external_feed.rb
app/models/favorite_enterprise_person.rb
app/models/forum.rb
app/models/input.rb
app/models/person_notifier.rb
@@ -11,7 +11,6 @@ gem &#39;will_paginate&#39;,            &#39;~&gt; 3.0.3&#39;
 gem 'ruby-feedparser',          '~> 0.7'
 gem 'daemons',                  '~> 1.1.5'
 gem 'thin',                     '~> 1.3.1'
-gem 'hpricot',                  '~> 0.8.6'
 gem 'nokogiri',                 '~> 1.5.5'
 gem 'rake', :require => false
 gem 'rest-client',              '~> 1.6.7'
@@ -41,9 +40,12 @@ group :cucumber do
   gem 'selenium-webdriver',     '~> 2.39.0'
 end
  
+# Requires custom dependencies
+eval(File.read('config/Gemfile'), binding) rescue nil
+
 # include gemfiles from enabled plugins
 # plugins in baseplugins/ are not included on purpose. They should not have any
 # dependencies.
 Dir.glob('config/plugins/*/Gemfile').each do |gemfile|
   eval File.read(gemfile)
 -end
+end
 \ No newline at end of file
@@ -21,7 +21,7 @@ Noosfero is written in Ruby with the &quot;[Rails framework](http://www.rubyonrails.o
 You need to install some packages Noosfero depends on. On Debian GNU/Linux or Debian-based systems, all of these packages are available through the Debian archive. You can install them with the following command:
  
     # apt-get install ruby rake po4a libgettext-ruby-util libgettext-ruby1.8 \
-      libsqlite3-ruby rcov librmagick-ruby libredcloth-ruby libhpricot-ruby \
+      libsqlite3-ruby rcov librmagick-ruby libredcloth-ruby \
       libwill-paginate-ruby iso-codes libfeedparser-ruby libdaemons-ruby thin \
       tango-icon-theme
  
@@ -40,7 +40,6 @@ On other systems, they may or may not be available through your regular package 
 * Daemons - http://daemons.rubyforge.org
 * Thin: http://code.macournoyer.com/thin
 * tango-icon-theme: http://tango.freedesktop.org/Tango_Icon_Library
-* Hpricot: http://hpricot.com
  
 If you manage to install Noosfero successfully on other systems than Debian,
 please feel free to contact the Noosfero development mailing with the
@@ -26,7 +26,7 @@ The file config/database.yml must follow a structure in order to achieve multite
  
 Each "hosted" environment must have an entry like this:
  
-    env1_production:
+    env1_production: &DEFAULT
       adapter: postgresql
       encoding: unicode
       database: noosfero
@@ -61,7 +61,7 @@ The &quot;hosted&quot; environments define, besides the `schema_search_path`, a list of do
 You must also tell the application which is the default environment.
  
     production:
-      env1_production
+      <<: *DEFAULT
  
 On the example above there are only three hosted environments, but it can be more than three. The schemas `env2` and `env3` must already exist in the same database of the hosting environment. As postgres user, you can create them typing:
  
@@ -28,6 +28,7 @@ class ApplicationController &lt; ActionController::Base
       unless environment.access_control_allow_methods.blank?
         response.headers["Access-Control-Allow-Methods"] = environment.access_control_allow_methods
       end
+      response.headers["Access-Control-Allow-Credentials"] = 'true'
     elsif environment.restrict_to_access_control_origins
       render_access_denied _('Origin not in allowed.')
     end
@@ -8,11 +8,7 @@ module ApplicationHelper
  
   include PermissionNameHelper
  
-  include LightboxHelper
-
-  include ThickboxHelper
-
-  include ColorboxHelper
+  include ModalHelper
  
   include BoxesHelper
  
@@ -651,8 +647,8 @@ module ApplicationHelper
       ' onfocus="if(this.value==\''+s+'\'){this.value=\'\'} this.form.className=\'focus-in\'"'+
       ' onblur="if(/^\s*$/.test(this.value)){this.value=\''+s+'\'} this.form.className=\'focus-out\'">'+
       '</form>'
-    else #opt == 'lightbox_link' is default
-      lightbox_link_to '<span class="icon-menu-search"></span>'+ _('Search'), {
+    else
+      modal_link_to '<span class="icon-menu-search"></span>'+ _('Search'), {
                        :controller => 'search',
                        :action => 'popup',
                        :category_path => (@category ? @category.explode_path : nil)},
@@ -1050,7 +1046,7 @@ module ApplicationHelper
       {s_('contents|Most commented') => {:href => url_for({:controller => 'search', :action => 'contents', :filter => 'more_comments'})}}
     ]
     if logged_in?
-      links.push(_('New content') => colorbox_options({:href => url_for({:controller => 'cms', :action => 'new', :profile => current_user.login, :cms => true})}))
+      links.push(_('New content') => modal_options({:href => url_for({:controller => 'cms', :action => 'new', :profile => current_user.login, :cms => true})}))
     end
  
     link_to(content_tag(:span, _('Contents'), :class => 'icon-menu-articles'), {:controller => "search", :action => 'contents', :category_path => nil}, :id => 'submenu-contents') +
@@ -1398,16 +1394,16 @@ module ApplicationHelper
   end
  
   def convert_macro(html, source)
-    doc = Hpricot(html)
+    doc = Nokogiri::HTML.fragment html
     #TODO This way is more efficient but do not support macro inside of
     #     macro. You must parse them from the inside-out in order to enable
     #     that.
-    doc.search('.macro').each do |macro|
+    doc.css('.macro').each do |macro|
       macro_name = macro['data-macro']
       result = @plugins.parse_macro(macro_name, macro, source)
       macro.inner_html = result.kind_of?(Proc) ? self.instance_exec(&result) : result
     end
-    doc.html
+    doc.to_html
   end
  
   def default_folder_for_image_upload(profile)
@@ -231,7 +231,7 @@ module BoxesHelper
       end
  
       if block.editable?
-        buttons << colorbox_icon_button(:edit, _('Edit'), { :action => 'edit', :id => block.id })
+        buttons << modal_icon_button(:edit, _('Edit'), { :action => 'edit', :id => block.id })
       end
  
       if !block.main?
@@ -241,7 +241,7 @@ module BoxesHelper
     end
  
     if block.respond_to?(:help)
-      buttons << thickbox_inline_popup_icon(:help, _('Help on this block'), {}, "help-on-box-#{block.id}") << content_tag('div', content_tag('h2', _('Help')) + content_tag('div', block.help, :style => 'margin-bottom: 1em;') + thickbox_close_button(_('Close')), :style => 'display: none;', :id => "help-on-box-#{block.id}")
+      buttons << modal_inline_icon(:help, _('Help on this block'), {}, "#help-on-box-#{block.id}") << content_tag('div', content_tag('h2', _('Help')) + content_tag('div', block.help, :style => 'margin-bottom: 1em;') + modal_close_button(_('Close')), :style => 'display: none;', :id => "help-on-box-#{block.id}")
     end
  
     if block.embedable?
@@ -1,25 +0,0 @@
-module ColorboxHelper
-
-  def colorbox_close_button(text, options = {})
-    button(:close, text, '#', colorbox_options(options, :close))
-  end
-
-  def colorbox_button(type, label, url, options = {})
-    button(type, label, url, colorbox_options(options))
-  end
-
-  def colorbox_icon_button(type, label, url, options = {})
-    icon_button(type, label, url, colorbox_options(options))
-  end
-
-  # options must be an HTML options hash as passed to link_to etc.
-  #
-  # returns a new hash with colorbox class added. Keeps existing classes.
-  def colorbox_options(options, type=nil)
-    the_class = 'colorbox'
-    the_class += "-#{type.to_s}" unless type.nil?
-    the_class << " #{options[:class]}" if options.has_key?(:class)
-    options.merge(:class => the_class)
-  end
-
-end
@@ -65,7 +65,7 @@ module CommentHelper
  
   def link_for_edit(comment)
     if comment.can_be_updated_by?(user)
-      {:link => expirable_comment_link(comment, :edit, _('Edit'), url_for(:profile => profile.identifier, :controller => :comment, :action => :edit, :id => comment.id),:class => 'colorbox')}
+      {:link => expirable_comment_link(comment, :edit, _('Edit'), url_for(:profile => profile.identifier, :controller => :comment, :action => :edit, :id => comment.id),:class => 'modal')}
     end
   end
  
@@ -45,8 +45,6 @@ module LayoutHelper
     standard_stylesheets = [
       'application',
       'search',
-      'thickbox',
-      'lightbox',
       'colorbox',
       'selectordie',
       'inputosaurus',
@@ -1,36 +0,0 @@
-module LightboxHelper
-
-  def lightbox_link_to(text, url, options = {})
-    link_to(text, url, lightbox_options(options))
-  end
-
-  def lightbox_close_button(text, options = {})
-    button(:close, text, '#', lightbox_options(options, 'lbAction').merge(:rel => 'deactivate'))
-  end
-
-  def lightbox_button(type, label, url, options = {})
-    button(type, label, url, lightbox_options(options))
-  end
-
-  def lightbox_icon_button(type, label, url, options = {})
-    icon_button(type, label, url, lightbox_options(options))
-  end
-
-  # options must be an HTML options hash as passed to link_to etc.
-  #
-  # returns a new hash with lightbox class added. Keeps existing classes. 
-  def lightbox_options(options, lightbox_type = 'lbOn')
-    the_class = lightbox_type
-    the_class << " #{options[:class]}" if options.has_key?(:class)
-    options.merge(:class => the_class)
-  end
-
-  def lightbox?
-    request.xhr?
-  end
-
-  def lightbox_remote_button(type, label, url, options = {})
-    button(type, label, url, lightbox_options(options, 'remote-lbOn'))
-  end
-
-end
@@ -0,0 +1,46 @@
+module ModalHelper
+
+  def modal_inline_link_to title, url, selector, options = {}
+    link_to title, url, modal_options(options.merge(:inline => selector))
+  end
+
+  def modal_inline_icon type, title, url, selector, options = {}
+    icon_button type, title, url, modal_options(options.merge(:inline => selector))
+  end
+
+  def modal_link_to title, url, options = {}
+    link_to title, url, modal_options(options)
+  end
+
+  def modal_close_link text, options = {}
+    link_to text, '#', modal_options(options, :close)
+  end
+
+  def modal_close_button(text, options = {})
+    button :close, text, '#', modal_options(options, :close).merge(:rel => 'deactivate')
+  end
+
+  def modal_button(type, label, url, options = {})
+    button type, label, url, modal_options(options)
+  end
+
+  def modal_icon_button(type, label, url, options = {})
+    icon_button type, label, url, modal_options(options)
+  end
+
+  # options must be an HTML options hash as passed to link_to etc.
+  #
+  # returns a new hash with modal class added. Keeps existing classes.
+  def modal_options(options, type=nil)
+    inline_selector = options.delete :inline
+    options[:onclick] = "return noosfero.modal.inline('#{inline_selector}')" if inline_selector
+
+    classes = if inline_selector then '' else 'modal-toggle' end
+    classes += " modal-#{type.to_s}" if type.present?
+    classes << " #{options[:class]}" if options.has_key? :class
+    options.merge!(:class => classes)
+
+    options
+  end
+
+end
@@ -1,11 +0,0 @@
-module ThickboxHelper
-  def thickbox_inline_popup_link(title, url, id, options = {})
-    link_to(title, url_for(url) + "#TB_inline?height=300&width=500&inlineId=#{id}&modal=true", {:class => 'thickbox'}.merge(options))
-  end
-  def thickbox_inline_popup_icon(type, title, url, id, options = {})
-    icon_button(type, title, url_for(url) + "#TB_inline?height=300&width=500&inlineId=#{id}&modal=true", {:class => "thickbox"}.merge(options))
-  end
-  def thickbox_close_button(title)
-    button_to_function(:close, title, 'tb_remove();')
-  end
-end
-require 'hpricot'
  
 class Article < ActiveRecord::Base
  
@@ -707,7 +706,7 @@ class Article &lt; ActiveRecord::Base
   end
  
   def first_paragraph
-    paragraphs = Hpricot(to_html).search('p')
+    paragraphs = Nokogiri::HTML.fragment(to_html).css('p')
     paragraphs.empty? ? '' : paragraphs.first.to_html
   end
  
@@ -729,8 +728,8 @@ class Article &lt; ActiveRecord::Base
  
   def body_images_paths
     require 'uri'
-    Hpricot(self.body.to_s).search('img[@src]').collect do |i|
-      (self.profile && self.profile.environment) ? URI.join(self.profile.environment.top_url, URI.escape(i.attributes['src'])).to_s : i.attributes['src']
+    Nokogiri::HTML.fragment(self.body.to_s).css('img[src]').collect do |i|
+      (self.profile && self.profile.environment) ? URI.join(self.profile.environment.top_url, URI.escape(i['src'])).to_s : i['src']
     end
   end
  
@@ -767,8 +766,8 @@ class Article &lt; ActiveRecord::Base
   end
  
   def first_image
-    img = Hpricot(self.lead.to_s).search('img[@src]').first || Hpricot(self.body.to_s).search('img').first
-    img.nil? ? '' : img.attributes['src']
+    img = Nokogiri::HTML.fragment(self.lead.to_s).css('img[src]').first || Nokogiri::HTML.fragment(self.body.to_s).search('img').first
+    img.nil? ? '' : img['src']
   end
  
   delegate :lat, :lng, :region, :region_id, :environment, :environment_id, :to => :profile, :allow_nil => true
@@ -19,7 +19,8 @@ class Enterprise &lt; Organization
   has_many :inputs, :through => :products
   has_many :production_costs, :as => :owner
  
-  has_and_belongs_to_many :fans, :class_name => 'Person', :join_table => 'favorite_enteprises_people'
+  has_many :favorite_enterprise_people
+  has_many :fans, through: :favorite_enterprise_people, source: :person
  
   def product_categories
     ProductCategory.by_enterprise(self)
@@ -273,6 +273,7 @@ class Environment &lt; ActiveRecord::Base
   settings_items :help_message_to_add_enterprise, :type => String, :default => ''
   settings_items :tip_message_enterprise_activation_question, :type => String, :default => ''
  
+  settings_items :currency_iso_unit, :type => String, :default => 'USD'
   settings_items :currency_unit, :type => String, :default => '$'
   settings_items :currency_separator, :type => String, :default => '.'
   settings_items :currency_delimiter, :type => String, :default => ','
@@ -14,9 +14,9 @@ class ExternalFeed &lt; ActiveRecord::Base
  
   def add_item(title, link, date, content)
     return if content.blank?
-    doc = Hpricot(content)
-    doc.search('*').each do |p|
-      if p.instance_of? Hpricot::Elem
+    doc = Nokogiri::HTML.fragment content
+    doc.css('*').each do |p|
+      if p.instance_of? Nokogiri::XML::Element
         p.remove_attribute 'style'
         p.remove_attribute 'class'
       end
@@ -26,10 +26,10 @@ class ExternalFeed &lt; ActiveRecord::Base
     article = TinyMceArticle.new
     article.name = title
     article.profile = blog.profile
-    article.body = content 
-    article.published_at = date 
-    article.source = link 
-    article.profile = blog.profile 
+    article.body = content
+    article.published_at = date
+    article.source = link
+    article.profile = blog.profile
     article.parent = blog
     article.author_name = self.feed_title
     unless blog.children.exists?(:slug => article.slug)
@@ -0,0 +1,8 @@
+class FavoriteEnterprisePerson < ActiveRecord::Base
+
+  self.table_name = :favorite_enteprises_people
+
+  belongs_to :enterprise
+  belongs_to :person
+
+end
@@ -54,7 +54,7 @@ class Forum &lt; Folder
  
   def first_paragraph
     return '' if body.blank?
-    paragraphs = Hpricot(body).search('p')
+    paragraphs = Nokogiri::HTML.fragment(body).css('p')
     paragraphs.empty? ? '' : paragraphs.first.to_html
   end
  
 class Input < ActiveRecord::Base
  
-  attr_accessible :product, :product_category, :product_category_id, :amount_used, :unit_id, :price_per_unit, :relevant_to_price
+  attr_accessible :product, :product_id, :product_category, :product_category_id,
+    :amount_used, :unit_id, :price_per_unit, :relevant_to_price, :is_from_solidarity_economy
  
   belongs_to :product
   belongs_to :product_category
@@ -22,12 +22,17 @@ class PersonNotifier
     schedule_next_notification_mail
   end
  
+  def notify_from
+    @person.last_notification || DateTime.now - @person.notification_time.hours
+  end
+
   def notify
     if @person.notification_time && @person.notification_time > 0
-      from = @person.last_notification || DateTime.now - @person.notification_time.hours
-      notifications = @person.tracked_notifications.find(:all, :conditions => ["created_at > ?", from])
+      notifications = @person.tracked_notifications.find(:all, :conditions => ["created_at > ?", notify_from])
+      tasks = Task.to(@person).without_spam.pending.where("created_at > ?", notify_from).order_by('created_at', 'asc')
+
       Noosfero.with_locale @person.environment.default_language do
-        Mailer::content_summary(@person, notifications).deliver unless notifications.empty?
+        Mailer::content_summary(@person, notifications, tasks).deliver unless notifications.empty? && tasks.empty?
       end
       @person.settings[:last_notification] = DateTime.now
       @person.save!
@@ -59,8 +64,12 @@ class PersonNotifier
     end
  
     def failure(job)
-      person = Person.find(person_id)
-      person.notifier.dispatch_notification_mail
+      begin
+        person = Person.find(person_id)
+        person.notifier.dispatch_notification_mail
+      rescue
+        Rails.logger.error "PersonNotifier::NotifyJob: Cannot recover from failure"
+      end
     end
  
   end
@@ -73,18 +82,24 @@ class PersonNotifier
       {:theme => nil}
     end
  
-    def content_summary(person, notifications)
+    def content_summary(person, notifications, tasks)
+      if person.environment
+        ActionMailer::Base.asset_host = person.environment.top_url
+        ActionMailer::Base.default_url_options[:host] = person.environment.default_hostname
+      end
+
       @current_theme = 'default'
       @profile = person
       @recipient = @profile.nickname || @profile.name
       @notifications = notifications
+      @tasks = tasks
       @environment = @profile.environment.name
       @url = @profile.environment.top_url
       mail(
         content_type: "text/html",
         from: "#{@profile.environment.name} <#{@profile.environment.noreply_email}>",
         to: @profile.email,
-        subject: _("[%s] Network Activity") % [@profile.environment.name]
+        subject: _("[%s] Notifications") % [@profile.environment.name]
       )
     end
   end
@@ -10,7 +10,8 @@ class Product &lt; ActiveRecord::Base
     :display => %w[full map]
   }
  
-  attr_accessible :name, :product_category, :highlighted, :price, :enterprise, :image_builder, :description, :available, :qualifiers, :unit_id, :discount, :inputs, :qualifiers_list
+  attr_accessible :name, :product_category, :profile, :profile_id, :enterprise,
+    :highlighted, :price, :image_builder, :description, :available, :qualifiers, :unit_id, :discount, :inputs, :qualifiers_list
  
   def self.default_search_display
     'full'
 require 'noosfero/translatable_content'
  
-# a base class for all text article types.  
+# a base class for all text article types.
 class TextArticle < Article
  
   xss_terminate :only => [ :name ], :on => 'validation'
@@ -26,10 +26,10 @@ class TextArticle &lt; Article
   before_save :set_relative_path
  
   def set_relative_path
-    parsed = Hpricot(self.body.to_s)
-    parsed.search('img[@src]').map { |i| change_element_path(i, 'src') }
-    parsed.search('a[@href]').map { |i| change_element_path(i, 'href') }
-    self.body = parsed.to_s
+    parsed = Nokogiri::HTML.fragment(self.body.to_s)
+    parsed.css('img[src]').each { |i| change_element_path(i, 'src') }
+    parsed.css('a[href]').each { |i| change_element_path(i, 'href') }
+    self.body = parsed.to_html
   end
  
   def change_element_path(el, attribute)
@@ -54,7 +54,7 @@ class User &lt; ActiveRecord::Base
  
       user.person = p
     end
-    if user.environment.enabled?('skip_new_user_email_confirmation') 
+    if user.environment.enabled?('skip_new_user_email_confirmation')
       if user.environment.enabled?('admin_must_approve_new_users')
         create_moderate_task
       else
@@ -102,6 +102,7 @@ class User &lt; ActiveRecord::Base
   validates_length_of       :email,    :within => 3..100, :if => (lambda {|user| !user.email.blank?})
   validates_uniqueness_of   :login, :email, :case_sensitive => false, :scope => :environment_id
   before_save :encrypt_password
+  before_save :normalize_email, if: proc{ |u| u.email.present? }
   validates_format_of :email, :with => Noosfero::Constants::EMAIL_FORMAT, :if => (lambda {|user| !user.email.blank?})
  
   validates_inclusion_of :terms_accepted, :in => [ '1' ], :if => lambda { |u| ! u.terms_of_use.blank? }, :message => N_('{fn} must be checked in order to signup.').fix_i18n
@@ -114,6 +115,10 @@ class User &lt; ActiveRecord::Base
     u && u.authenticated?(password) ? u : nil
   end
  
+  def register_login
+    self.update_attribute :last_login_at, Time.now
+  end
+
   # Activates the user in the database.
   def activate
     return false unless self.person
@@ -332,6 +337,11 @@ class User &lt; ActiveRecord::Base
   end
  
   protected
+
+    def normalize_email
+      self.email = self.email.squish.downcase
+    end
+
     # before filter
     def encrypt_password
       return if password.blank?
@@ -359,6 +369,6 @@ class User &lt; ActiveRecord::Base
  
     def delay_activation_check
       return if person.is_template?
-      Delayed::Job.enqueue(UserActivationJob.new(self.id), {:priority => 0, :run_at => 72.hours.from_now})
+      Delayed::Job.enqueue(UserActivationJob.new(self.id), {:priority => 0, :run_at => (NOOSFERO_CONF['hours_until_user_activation_check'] || 72).hours.from_now})
     end
 end
 <%= labelled_form_for :user,
    :url => { :controller => 'account', :action => (params[:enterprise_code] ? 'activate_enterprise' : 'login') }  do |f| %>
  
-<%= f.text_field :login,
-                 :id => ( lightbox? ? 'lightbox_' : '' ) + 'user_login',
-                 :onchange => 'this.value = convToValidLogin( this.value )' %>
+<%= f.text_field :login, :id => 'user_login', :onchange => 'this.value = convToValidLogin( this.value )' %>
  
-<%= f.password_field :password,
-                     :id => ( lightbox? ? 'lightbox_' : '' ) + 'user_password' %>
+<%= f.password_field :password, :id => 'user_password' %>
  
 <% if params[:enterprise_code] %>
   <%= hidden_field_tag :enterprise_code, params[:enterprise_code] %>
@@ -16,7 +13,7 @@
  
 <% button_bar do %>
   <%= submit_button( 'login', _('Log in') )%>
-  <%= lightbox_close_button(_('Cancel')) if lightbox? %>
+  <%= modal_close_button _('Cancel') if request.xhr? %>
 <% end %>
  
 <% end %>
@@ -16,7 +16,7 @@
 <input type="hidden" id="signup_time_key" name="signup_time_key" />
 <script type="text/javascript">
   jQuery.ajax({
-    type: "POST",
+    type: "GET",
     url: "<%= url_for :controller=>'account', :action=>'signup_time' %>",
     dataType: 'json',
     success: function(data) {
 <h1><%= _('Identify yourself') %></h1>
  
 <p>
-<%= lightbox_link_to _('Login.'), { :controller => 'account', :action => 'login_popup' } %>
+<%= modal_link_to _('Login.'), { :controller => 'account', :action => 'login_popup' } %>
  
 <%= _('You need to login to be able to use all the features in this environment.') %>
 </p>
@@ -3,7 +3,7 @@
 <h2><%= _('Login') %></h2>
  
 <% @user ||= User.new %>
-<% is_thickbox ||= false %>
+<% is_popin ||= false %>
  
 <%= @message %>
  
@@ -17,8 +17,8 @@
  
      <% button_bar do %>
        <%= submit_button( 'login', _('Log in') )%>
-       <% if is_thickbox %>
-         <%= thickbox_close_button(_('Cancel')) %>
+       <% if is_popin %>
+         <%= modal_close_button(_('Cancel')) %>
        <% end %>
      <% end %>
  
@@ -2,6 +2,6 @@
 <p>
 <% button_bar do %>
   <%= button :ok, _('Yes'), { :controller => 'account', :action => 'logout' } %>
-  <%= lightbox_close_button _('No, I want to stay.') %>
+  <%= modal_close_button _('No, I want to stay.') %>
 <% end %>
 </p>
@@ -42,7 +42,7 @@
  
     <% button_bar do %>
       <%= submit_button(:add, _("Add")) %>
-      <%= colorbox_close_button(_('Close')) %>
+      <%= modal_close_button(_('Close')) %>
     <% end %>
  
   <% end %>
@@ -27,7 +27,7 @@
  
     <% button_bar do %>
       <%= submit_button(:save, _('Save')) %>
-      <%= colorbox_close_button(_('Cancel')) %>
+      <%= modal_close_button(_('Cancel')) %>
     <% end %>
  
   <% end %>
 <h1><%= _('Editing sideboxes')%></h1>
  
 <% button_bar :class=>'design-menu' do %>
-  <%= colorbox_button('add', _('Add a block'), { :action => 'add_block' }) %>
+  <%= modal_button('add', _('Add a block'), { :action => 'add_block' }) %>
   <%= button(:back, _('Back to control panel'), :controller => (profile.nil? ? 'admin_panel': 'profile_editor')) %>
 <% end %>
@@ -28,7 +28,7 @@
   <% end %>
  
   <div style='float: right'>
-    <%= lightbox_button :help, _('Why categorize?'), :action => 'why_categorize' %>
+    <%= modal_button :help, _('Why categorize?'), :action => 'why_categorize' %>
   </div>
  
   <%= select_categories(:article, _('Categorize your article')) %>
@@ -15,6 +15,6 @@
 </ul>
 <br style="clear:both" />
  
-<%= colorbox_close_button(_('Cancel')) %>
+<%= modal_close_button(_('Cancel')) %>
  
 </div>
@@ -17,7 +17,7 @@
 <% button_bar(:style => 'margin-bottom: 1em;') do %>
   <% parent_id = ((@article && @article.allow_children?) ? @article : nil) %>
  
-  <%= colorbox_button('new', _('New content'), :action => 'new', :parent_id => parent_id, :cms => true) %>
+  <%= modal_button('new', _('New content'), :action => 'new', :parent_id => parent_id, :cms => true) %>
   <%= button(:back, _('Back to control panel'), :controller => 'profile_editor', :action => "index") %>
 <% end %>
  
@@ -5,5 +5,5 @@
 </p>
  
 <% button_bar do %>
-  <%= lightbox_close_button _('Close') %>
+  <%= modal_close_button _('Close') %>
 <% end %>
@@ -10,7 +10,7 @@
     <%= recaptcha_tags(:display => { :theme => 'clean' }, :ajax => true) %>
     <% button_bar do %>
       <%= button_to_function :add, _('Confirm'), "return false", :id => "confirm-captcha" %>
-      <%= button_to_function :cancel, _('Cancel'), "jQuery.colorbox.close()" %>
+      <%= button_to_function :cancel, _('Cancel'), "noosfero.modal.close()" %>
     <% end %>
   </div>
  
@@ -31,10 +31,10 @@ function check_captcha(button, confirm_action) {
   return true;
   <% else %>
   jQuery('#recaptcha-container').show();
-  jQuery.colorbox({ html: jQuery('#recaptcha-container').html(), maxWidth : '600px', maxHeight : '300px' });
+  noosfero.modal.inline('#recaptcha-container', {maxWidth :'600px', maxHeight : '300px' });
   jQuery('#confirm-captcha').unbind('click');
   jQuery('#confirm-captcha').bind('click', function() {
-    jQuery.colorbox.close();
+    noosfero.modal.close();
     button.form.recaptcha_response_field.value = jQuery('#recaptcha_response_field').val();
     button.form.recaptcha_challenge_field.value = jQuery('#recaptcha_challenge_field').val();
     button.form.confirm.value = 'true';
@@ -88,7 +88,7 @@ function check_captcha(button, confirm_action) {
     <% if !edition_mode %>
       <%= button :cancel, _('Cancel'), '', :id => 'cancel-comment' %>
     <% else %>
-      <%= button :cancel, _('Cancel'), '#', :onclick => "jQuery.colorbox.close();" %>
+      <%= button :cancel, _('Cancel'), '#', :onclick => "noosfero.modal.close();" %>
     <% end %>
   <% end %>
 <% end %>
@@ -28,14 +28,14 @@
         <%= expirable_button @page, :locale, content, url %>
       <% end %>
  
-      <%= colorbox_button(:new, label_for_new_article(@page), profile.admin_url.merge(:controller => 'cms', :action => 'new', :parent_id => (@page.folder? ? @page : (@page.parent.nil? ? nil : @page.parent)))) unless remove_content_button(:new, @page) %>
+      <%= modal_button(:new, label_for_new_article(@page), profile.admin_url.merge(:controller => 'cms', :action => 'new', :parent_id => (@page.folder? ? @page : (@page.parent.nil? ? nil : @page.parent)))) unless remove_content_button(:new, @page) %>
     <% end %>
  
     <% if @page.accept_uploads? && @page.allow_create?(user) %>
       <%= button('upload-file', _('Upload files'), profile.admin_url.merge(:controller => 'cms', :action => 'upload_files', :parent_id => (@page.folder? ? @page : @page.parent))) unless remove_content_button(:upload, @page)%>
     <% end %>
  
-    <% if !@page.allow_create?(user) && profile.community? && (@page.blog? || @page.parent && @page.parent.blog?) && !remove_content_button(:suggest, @page) %>
+    <% if !@page.allow_create?(user) && profile.organization? && (@page.blog? || @page.parent && @page.parent.blog?) && !remove_content_button(:suggest, @page) %>
       <% content = content_tag( 'span', _('Suggest an article') ) %>
       <% url = profile.admin_url.merge({ :controller => 'cms', :action => 'suggest_an_article'}) %>
       <% options = {:id => 'suggest-article-link'} %>
@@ -7,10 +7,10 @@ function submit_comment_form(button) {
   return true;
   <% else %>
   jQuery('#recaptcha-container').show();
-  jQuery.colorbox({ inline : true, href : '#recaptcha-container', maxWidth : '600px', maxHeight : '300px' });
+  noosfero.modal.inline('#recaptcha-container', {maxWidth :'600px', maxHeight : '300px' });
   jQuery('#confirm-captcha').unbind('click');
   jQuery('#confirm-captcha').bind('click', function() {
-    jQuery.colorbox.close();
+    noosfero.modal.close();
     button.form.recaptcha_response_field.value = jQuery('#recaptcha_response_field').val();
     button.form.recaptcha_challenge_field.value = jQuery('#recaptcha_challenge_field').val();
     button.form.confirm.value = 'true';
@@ -38,7 +38,7 @@ function submit_comment_form(button) {
     <%= recaptcha_tags(:display => { :theme => 'clean' }, :ajax => true) %>
     <% button_bar do %>
       <%= button_to_function :add, _('Confirm'), "return false", :id => "confirm-captcha" %>
-      <%= button_to_function :cancel, _('Cancel'), "jQuery.colorbox.close()" %>
+      <%= button_to_function :cancel, _('Cancel'), "noosfero.modal.close()" %>
     <% end %>
   </div>
  
 <%= javascript_include_tag 'jquery-2.1.1.min', 'jquery-migrate-1.2.1', 'jrails', 'rails.js',
-'jquery.cycle.all.min.js', 'thickbox.js', 'lightbox', 'colorbox',
-'jquery-ui-1.10.4/js/jquery-ui-1.10.4.min', 'jquery.scrollTo', 'jquery.form.js', 'jquery-validation/jquery.validate',
-'jquery.cookie', 'jquery.ba-bbq.min.js', 'reflection', 'jquery.tokeninput', 'jquery.typewatch', 'jquery.textchange',
-'add-and-join', 'report-abuse', 'catalog', 'manage-products', 'autogrow', 'select-or-die/_src/selectordie',
-'jquery-timepicker-addon/dist/jquery-ui-timepicker-addon', 'application.js', 'inputosaurus.js', :cache => 'cache/application' %>
+  'jquery.cycle.all.min.js', 'jquery.colorbox-min.js',
+  'jquery-ui-1.10.4/js/jquery-ui-1.10.4.min', 'jquery.scrollTo', 'jquery.form.js', 'jquery-validation/jquery.validate',
+  'jquery.cookie', 'jquery.ba-bbq.min.js', 'reflection', 'jquery.tokeninput', 'jquery.typewatch', 'jquery.textchange',
+  'jquery-timepicker-addon/dist/jquery-ui-timepicker-addon', 'inputosaurus.js', 'select-or-die/_src/selectordie',
+  # noosfero libraries
+  'application.js', 'modal.js',
+  'add-and-join', 'report-abuse', 'catalog', 'manage-products', 'autogrow',
+  :cache => 'cache/application' %>
  
 <% language = FastGettext.locale %>
 <% %w{messages methods}.each do |type| %>
@@ -7,11 +7,11 @@
     </span>
   <% else %>
     <span class='not-logged-in'>
-      <%= _("<span class='login'>%s</span>") % thickbox_inline_popup_link('<i class="icon-menu-login"></i><strong>' + _('Login') + '</strong>', login_url, 'inlineLoginBox', :id => 'link_login') %>
+      <%= _("<span class='login'>%s</span>") % modal_inline_link_to('<i class="icon-menu-login"></i><strong>' + _('Login') + '</strong>', login_url, '#inlineLoginBox', :id => 'link_login') %>
       <%= @plugins.dispatch(:alternative_authentication_link).collect { |content| instance_exec(&content) }.join("") %>
  
     <div id='inlineLoginBox' style='display: none;'>
-      <%= render :file => 'account/login', :locals => { :is_thickbox => true } %>
+      <%= render :file => 'account/login', :locals => { :is_popin => true } %>
     </div>
  
     <% unless @plugins.dispatch(:allow_user_registration).include?(false) %>
@@ -18,7 +18,7 @@
     <%= yield :head %>
     <%=
       @plugins.dispatch(:head_ending).map do |content|
-        if content.respond_to?(:call) then instance_exec(&content).html_safe else content.html_safe end
+        if content.respond_to?(:call) then instance_exec(&content).to_s.html_safe else content.to_s.html_safe end
       end.join("\n")
     %>
  
@@ -32,7 +32,7 @@
  
     <%=
       @plugins.dispatch(:body_beginning).map do |content|
-        if content.respond_to?(:call) then instance_exec(&content).html_safe else content.html_safe end
+        if content.respond_to?(:call) then instance_exec(&content).to_s.html_safe else content.to_s.html_safe end
       end.join("\n")
     %>
  
@@ -19,7 +19,7 @@
         <span style="font-size: 12px;"><%= comment.title %></span><br/>
       <% end %>
       <span style="font-size: 10px;"><%= txt2html comment.body %></span><br/>
-      <span style="font-size: 8px; color: #444444"><%= time_ago_as_sentence(comment.created_at) %></span>
+      <span style="font-size: 8px; color: #929292"><%= time_ago_as_sentence(comment.created_at) %></span>
   <br style="clear: both;" />
  
   <% unless comment.replies.blank? %>
-<table>
 <tr>
-  <td>
+  <td style="width: 11%">
     <%= link_to(profile_image(activity.user, :minor), activity.user.url) %>
   </td>
   <td>
-    <p style="width:550px">
+    <p>
     <span style="font-size: 14px;"><%= link_to activity.user.short_name(20), activity.user.url %></span>
     <span style="font-size: 14px;"><%= _("has published on community %s") % link_to(activity.target.profile.short_name(20), activity.target.profile.url, :style => "color: #333; font-weight: bold; text-decoration: none;") if activity.target.profile.is_a?(Community) %></span>
-    <span style="font-size: 10px; color: #444444; float:right;"><%= time_ago_as_sentence(activity.created_at) %></span>
+    <span style="font-size: 10px; color: #929292; float:right;"><%= time_ago_as_sentence(activity.created_at) %></span>
     </p>
     <p>
     <span style="font-size: 14px;"><%= link_to(activity.params['name'], activity.params['url'], :style => "color: #333; font-weight: bold; text-decoration: none;") %></span>
@@ -24,4 +23,3 @@
     <%= render :partial => 'profile_comments', :locals => { :activity => activity } %>
   </td>
 </tr>
-</table>
-<table>
 <tr>
-  <td>
+  <td style="width: 11%">
     <%= link_to(profile_image(activity.user, :minor), activity.user.url) %>
   </td>
   <td>
-    <p style="width:550px">
+    <p>
       <span style="font-size: 14px;"><%= link_to activity.user.name, activity.user.url %> <%= describe activity %></span>
-      <span style="font-size: 10px; color: #444444; float: right;"><%= time_ago_as_sentence(activity.created_at) %></span>
+      <span style="font-size: 10px; color: #929292; float: right;"><%= time_ago_as_sentence(activity.created_at) %></span>
     </p>
   </td>
 </tr>
@@ -16,4 +15,3 @@
     <%= render :partial => 'profile_comments', :locals => { :activity => activity } %>
   </td>
 </tr>
-</table>
@@ -0,0 +1,20 @@
+<div style="border-bottom:1px solid #e2e2e2;padding:15px 0;width:600px">
+  <table style="width:100%;">
+    <tr>
+      <td style="width: 11%">
+        <%= profile_image(task.requestor, :minor) %>
+      </td>
+      <td>
+        <div>
+          <strong><%= link_to task.title, url_for(:controller => 'tasks', :profile => @profile.identifier, :action => 'index', :only_path => false) %></strong>
+        </div>
+        <div style="font-size: 14px">
+          <span style="font-size: 14px">
+            <%= task_information(task) %>
+          </span>
+          <span style="font-size: 10px; color: #929292; float: right;"><%= time_ago_as_sentence(task.created_at) %></span>
+        </div>
+      </td>
+    </tr>
+  </table>
+</div>
-<table>
   <tr>
-    <td>
+    <td style="width: 11%">
       <%= link_to(profile_image(activity.user, :minor), activity.user.url) %>
     </td>
     <td>
-      <p style="width:550px">
+      <p>
         <span style="font-size: 14px;"><%= link_to activity.user.name, activity.user.url %> <%= describe activity %></span>
-        <span style="font-size: 10px; color: #444444; float:right;"><%= time_ago_as_sentence(activity.created_at) %></span>
+        <span style="font-size: 10px; color: #929292; float:right;"><%= time_ago_as_sentence(activity.created_at) %></span>
       </p>
   </td>
 </tr>
-</table>
 <div title='<%= activity.target.class.short_description %>' class='profile-activity-icon icon-new icon-newgallery'></div>
 <br/>
-<h3><%= _("%s's network activity") % @profile.name %></h3>
-<br/>
-<div>
-<% @notifications.each do |activity| %>
-  <div style="border-left:none;border-right:none;border-top:1px solid #ccc;border-bottom:none;padding:10px;width:600px">
-    <%= render :partial => activity.verb, :locals => { :activity => activity } rescue "cannot render notification for #{activity.verb}" %>
-  </div>
-<% end %>
-</div>
+<div style="background-color: #EEEEEE">
+  <table style="width: 100%;"><tbody><tr><td align="center">
+  <div style="display: table; background-color: white; margin: 26px 0;">
+    <div style="padding: 25px 20px 20px 20px;text-align: left;">
+      <%= link_to @url, :style => "text-decoration: none;" do %>
+        <span style="font-weight:bold;font-size: 28px;margin: 0;color: white;background-color: #AAAAAA;padding: 5px;"><%= @environment %></span>
+      <% end %>
+      <span style="font-weight:bold;color: #333;font-size:19px;margin-left: 8px;"><%= _("%s's Notifications") % @profile.name %></h3>
+    </div>
+    <div style="margin: 0 20px 20px 20px;border-top:1px solid #e2e2e2;">
+      <% if @tasks.present? %>
+        <div style="border-top: 1px solid #e2e2e2;">
+          <div style="border-bottom: 1px solid #CBCBCB;padding-top: 15px;font-weight: bold;text-align: right;color: #7c7c7c;float: right;min-width: 140px;">
+            <%= _('Tasks') %>
+          </div>
+          <%= render :partial => 'task', :collection => @tasks %>
+        </div>
+      <% end %>
+
+      <% if @notifications.present? %>
+        <div style="border-top: 1px solid #e2e2e2;">
+          <div style="border-bottom: 1px solid #CBCBCB;padding-top: 15px;font-weight: bold;text-align: right;color: #7c7c7c;float: right;min-width: 140px;">
+            <%= _('Network Activity') %>
+          </div>
+          <% @notifications.each do |activity| %>
+              <div style="border-bottom:1px solid #e2e2e2;padding:15px 0;width:600px">
+              <table style="width:100%;">
+                <%= render :partial => activity.verb, :locals => { :activity => activity } rescue "cannot render notification for #{activity.verb}" %>
+              </table>
+            </div>
+          <% end %>
+        </div>
+      <% end %>
  
-<div style="color:#444444;font-size:11px;">
-<p><%= _("Greetings,") %></p>
-<br/>
-<p>--</p>
-<p><%= _('%s team.') % @environment %></p>
-<p><%= url_for @url %></p>
+      <div style="color:#444444;font-size:11px;margin-bottom: 20px;">
+        <p style="margin:0"><%= _("Greetings,") %></p>
+        <p style="margin:0"><%= _('%s team.') % @environment %></p>
+        <p style="margin:0"><%= link_to @url, url_for(@url) %></p>
+      </div>
+    </div>
+  </td></tr></tbody></table>
 </div>
-<br/>
@@ -9,7 +9,7 @@
   <%= hidden_field_tag(:confirmation, 1) %>
   <%= submit_button(:ok, _("Yes, I want to join.") % profile.name) %>
   <% if logged_in? && request.xhr? %>
-    <%= lightbox_close_button(_("No, I don't want")) %>
+    <%= modal_close_button _("No, I don't want") %>
   <% else %>
     <%= button(:cancel, _("No, I don't want."), profile.url) %>
   <% end %>
@@ -9,7 +9,7 @@
   <%= hidden_field_tag(:back_to, @back_to) %>
   <%= submit_button(:ok, _("Yes, I want to leave.") % profile.name) %>
   <% if logged_in? && request.xhr? %>
-    <%= lightbox_close_button(_("No, I don't want")) %>
+    <%= modal_close_button _("No, I don't want") %>
   <% else %>
     <%= button(:cancel, _("No, I don't want."), profile.url) %>
   <% end %>
@@ -9,7 +9,7 @@
   <% end %>
  
   <%= submit_button(:send, _('Report profile'), :style => 'float: left; cursor: pointer;', :id => 'report-abuse-submit-button', :onclick => "jQuery('#form-submit-loading').show()") %>
-  <%= button(:cancel, _('Cancel'), {}, :style => 'float: left; padding-top: 0px; padding-bottom: 0px;', :onclick => 'jQuery.colorbox.close(); return false;')%>
+  <%= button(:cancel, _('Cancel'), {}, :style => 'float: left; padding-top: 0px; padding-bottom: 0px;', :onclick => 'noosfero.modal.close(); return false;')%>
   <div id="form-submit-loading" class="small-loading" style="width: 16px; height: 16px; margin-top: 3px; float: left; display: none;"></div>
 <% end %>
  
@@ -30,7 +30,7 @@
       success: function(data, status, ajax){
         if ( !data.ok ) display_notice(data.error.message);
         else {
-          $.colorbox.close();
+          noosfero.modal.close();
           display_notice(data.message);
           window.location.reload();
         }
@@ -5,7 +5,7 @@
  
   <% button_bar do %>
     <%= submit_button(:add, _('Add')) %>
-    <%= lightbox_close_button(_('Cancel')) %>
+    <%= modal_close_button _('Cancel') %>
   <% end %>
  
 <% end %>
@@ -16,7 +16,7 @@
     <% end %>
   </ul>
   <% button_bar do %>
-    <%= lightbox_button(:add, _('New CSS'), :action => 'add_css', :id => @theme.id) %>
+    <%= modal_button :add, _('New CSS'), :action => 'add_css', :id => @theme.id %>
   <% end %>
 </div>
  
@@ -25,10 +25,10 @@
   <ul>
     <% for image in @image_files %>
       <li><%= image_tag("/user_themes/#{@theme.id}/images/#{image}") %></li>
-    <% end %> 
+    <% end %>
   </ul>
   <% button_bar do %>
-    <%= lightbox_button(:add, _('Add image'), :action => 'add_image', :id =>  @theme.id) %>
+    <%= modal_button :add, _('Add image'), :action => 'add_image', :id =>  @theme.id %>
   <% end %>
 </div>
  
@@ -42,7 +42,7 @@
  
 <% button_bar do %>
   <% if environment.enabled?('user_themes')  %>
-    <%= lightbox_button(:add, _('New theme ...'), :action => 'new') %>
+    <%= modal_button :add, _('New theme ...'), :action => 'new' %>
   <% end %>
   <%= button(:back, _('Back'), :controller => 'profile_editor', :action => 'index') %>
 <% end %>
@@ -20,7 +20,7 @@
         </li>
  
         <li>
-        <%= lightbox_link_to('<span class="icon-new"></span>' + _('New article'), '/myprofile/{login}/cms/new') %>
+        <%= modal_link_to '<span class="icon-new"></span>' + _('New article'), '/myprofile/{login}/cms/new' %>
         </li>
  
         <li id='manage-enterprises-link-template' style='display: none'><a href='/myprofile/{identifier}'><span class="icon-menu-enterprise"></span><%= _('Manage %s') % '{name}' %></a></li>
@@ -58,9 +58,9 @@
       <% if theme_option( :menu_login ) == 'full_form' %>
         <%= render :file => 'account/login_block' %>
       <% else %>
-        <%= thickbox_inline_popup_link('<span class="icon-menu-login"></span>'+ _('Login'), login_url, 'inlineLoginBox', :id => 'link_login') %>
+        <%= modal_inline_link_to('<span class="icon-menu-login"></span>'+ _('Login'), login_url, '#inlineLoginBox', :id => 'link_login') %>
         <div id='inlineLoginBox' style='display: none;'>
-          <%= render :file => 'account/login', :locals => { :is_thickbox => true } %>
+          <%= render :file => 'account/login', :locals => { :is_popin => true } %>
         </div>
       <% end %>
     <% end %>
 # Refer to INSTALL.multitenancy for more information on Multitenancy support
-env1_production:
+env1_production: &DEFAULT
   adapter: postgresql
   encoding: unicode
   database: noosfero
@@ -30,4 +30,4 @@ env3_production:
     - env3.net
  
 production:
-  env1_production
+  <<: *DEFAULT
@@ -9,6 +9,7 @@ development:
   googlemaps_initial_zoom: 4
   exception_recipients: [admin@example.com]
   max_upload_size: 5MB
+  hours_until_user_activation_check: 72
  
 test:
  
@@ -25,6 +25,6 @@ every 1.day do
   runner "SearchTerm.calculate_scores"
 end
  
-every 90.days do
+every 30.days do
   runner "ProfileSuggestion.generate_all_profile_suggestions"
 end
@@ -0,0 +1,9 @@
+class AddLastLoginAtToUser < ActiveRecord::Migration
+  def self.up
+    add_column :users, :last_login_at, :datetime
+  end
+
+  def self.down
+    remove_column :users, :last_login_at
+  end
+end
@@ -0,0 +1,11 @@
+class NormalizeUsersEmail < ActiveRecord::Migration
+  def up
+    User.find_each do |u|
+      u.update_column :email, u.send(:normalize_email)
+    end
+  end
+
+  def down
+    say "this migration can't be reverted"
+  end
+end
@@ -733,6 +733,7 @@ ActiveRecord::Schema.define(:version =&gt; 20150122165042) do
     t.string   "activation_code",           :limit => 40
     t.datetime "activated_at"
     t.string   "return_to"
+    t.datetime "last_login_at"
   end
  
   create_table "validation_infos", :force => true do |t|
@@ -48,7 +48,6 @@ Depends: adduser,
          ruby-feedparser,
          ruby-feedparser (>= 0.7-3~),
          ruby-gettext,
-         ruby-hpricot,
          ruby-memcache-client,
          ruby-minitest,
          ruby-nokogiri,
@@ -5,22 +5,23 @@ module AuthenticatedSystem
     def logged_in?
       current_user != nil
     end
-    
+
     # Accesses the current user from the session.
     def current_user
       @current_user ||= (session[:user] && User.find_by_id(session[:user])) || nil
     end
-    
+
     # Store the given user in the session.
     def current_user=(new_user)
       if new_user.nil?
         session.delete(:user)
       else
         session[:user] = new_user.id
+        new_user.register_login
       end
       @current_user = new_user
     end
-    
+
     # Check if the user is authorized.
     #
     # Override this method in your controllers if you want to restrict access
@@ -62,7 +63,7 @@ module AuthenticatedSystem
         access_denied
       end
     end
-    
+
     # Redirect as appropriate when an access request fails.
     #
     # The default action is to redirect to the login screen.
@@ -88,15 +89,15 @@ module AuthenticatedSystem
         end
       end
       false
-    end  
-    
+    end
+
     # Store the URI of the current request in the session.
     #
     # We can return to this location by calling #redirect_back_or_default.
     def store_location(location = request.url)
       session[:return_to] = location
     end
-    
+
     # Redirect to the URI stored by the most recent store_location call or
     # to the passed default.
     def redirect_back_or_default(default)
@@ -106,7 +107,7 @@ module AuthenticatedSystem
         redirect_to(default)
       end
     end
-    
+
     # Inclusion hook to make #current_user and #logged_in?
     # available as ActionView helper methods.
     def self.included(base)
@@ -132,6 +133,6 @@ module AuthenticatedSystem
     def get_auth_data
       auth_key  = @@http_auth_headers.detect { |h| request.env.has_key?(h) }
       auth_data = request.env[auth_key].to_s.split unless auth_key.blank?
-      return auth_data && auth_data[0] == 'Basic' ? Base64.decode64(auth_data[1]).split(':')[0..1] : [nil, nil] 
+      return auth_data && auth_data[0] == 'Basic' ? Base64.decode64(auth_data[1]).split(':')[0..1] : [nil, nil]
     end
 end
@@ -24,11 +24,17 @@ class Noosfero::Plugin
  
     def initialize!
       return if !should_load
-      available_plugins.each do |plugin_dir|
+
+      klasses = available_plugins.map do |plugin_dir|
         plugin_name = File.basename(plugin_dir)
-        plugin = load_plugin(plugin_name)
-        load_plugin_extensions(plugin_dir)
-        load_plugin_filters(plugin)
+        load_plugin plugin_name
+      end
+      available_plugins.each do |plugin_dir|
+        load_plugin_extensions plugin_dir
+      end
+      # filters must be loaded after all extensions
+      klasses.each do |plugin|
+        load_plugin_filters plugin
       end
     end
  
@@ -88,7 +94,7 @@ class Noosfero::Plugin
     # This is a generic method that initialize any possible filter defined by a
     # plugin to a specific controller
     def load_plugin_filters(plugin)
-      Rails.configuration.to_prepare do
+      ActionDispatch::Reloader.to_prepare do
         filters = plugin.new.send 'application_controller_filters' rescue []
         Noosfero::Plugin.add_controller_filters ApplicationController, plugin, filters
  
@@ -116,7 +122,7 @@ class Noosfero::Plugin
     end
  
     def load_plugin_extensions(dir)
-      Rails.configuration.to_prepare do
+      ActionDispatch::Reloader.to_prepare do
         Dir[File.join(dir, 'lib', 'ext', '*.rb')].each {|file| require_dependency file }
       end
     end
@@ -35,7 +35,7 @@ class Noosfero::Plugin::Macro
   def attributes(macro)
     macro.attributes.to_hash.
       select {|key, value| key[0..10] == 'data-macro-'}.
-      inject({}){|result, a| result.merge({a[0][11..-1] => a[1]})}.
+      inject({}){|result, a| result.merge({a[0][11..-1] => a[1].to_s})}.
       with_indifferent_access
   end
  
 plugins_root = Rails.env.test? ? 'plugins' : '{baseplugins,config/plugins}'
+prefixes_by_folder = {public: 'plugin',
+                      profile: 'profile/:profile/plugin',
+                      myprofile: 'myprofile/:profile/plugin',
+                      admin: 'admin/plugin'}
  
 Dir.glob(Rails.root.join(plugins_root, '*', 'controllers')) do |controllers_dir|
-  prefixes_by_folder = {'public' => 'plugin',
-                        'profile' => 'profile/:profile/plugin',
-                        'myprofile' => 'myprofile/:profile/plugin',
-                        'admin' => 'admin/plugin'}
+  plugin_name = File.basename(File.dirname(controllers_dir))
  
   controllers_by_folder = prefixes_by_folder.keys.inject({}) do |hash, folder|
-    hash.merge!({folder => Dir.glob(File.join(controllers_dir, folder, '*')).map {|full_names| File.basename(full_names).gsub(/_controller.rb$/,'')}})
+    path = "#{controllers_dir}/#{folder}/"
+    hash[folder] = Dir.glob("#{path}{*.rb,#{plugin_name}_plugin/*.rb}").map do |filename|
+      filename.gsub(path, '').gsub(/_controller.rb$/, '')
+    end
+    hash
   end
  
-  plugin_name = File.basename(File.dirname(controllers_dir))
-
   controllers_by_folder.each do |folder, controllers|
     controllers.each do |controller|
       controller_name = controller.gsub("#{plugin_name}_plugin_",'')
-Rails.configuration.to_prepare do
+ActionDispatch::Reloader.to_prepare do
   Spammable.module_eval do
     def marked_as_spam
       plugins.dispatch(:marked_as_spam, self)
 namespace :multitenancy do
  
-  task :create do
+  task :create => :environment do
     db_envs = ActiveRecord::Base.configurations.keys.select{ |k| k.match(/_development$|_production$|_test$/) }
     cd Rails.root.join('config', 'environments'), :verbose => true
-    file_envs = Dir.glob "{*_development.rb,*_prodution.rb,*_test.rb}"
+    file_envs = Dir.glob "{*_development.rb,*_production.rb,*_test.rb}"
     (db_envs.map{ |e| e + '.rb' } - file_envs).each { |env| ln_s env.split('_').last, env }
   end
  
-  task :remove do
+  task :remove => :environment do
     db_envs = ActiveRecord::Base.configurations.keys.select{ |k| k.match(/_development$|_production$|_test$/) }
     cd Rails.root.join('config', 'environments'), :verbose => true
-    file_envs = Dir.glob "{*_development.rb,*_prodution.rb,*_test.rb}"
+    file_envs = Dir.glob "{*_development.rb,*_production.rb,*_test.rb}"
     (file_envs - db_envs.map{ |e| e + '.rb' }).each { |env| safe_unlink env }
   end
  
@@ -106,7 +106,7 @@ def run_test(name, files)
   files = Array(files)
   plugin = filename2plugin(files.first)
   if name == :cucumber || name == :selenium
-    run_cucumber task2_profile(name, plugin), files
+    run_cucumber task2profile(name, plugin), files
   else
     run_testrb files
   end
@@ -134,7 +134,11 @@ end
  
 def run_tests(name, plugins, run=:all)
   plugins = Array(plugins)
-  glob =  "plugins/{#{plugins.join(',')}}/test/#{task2folder(name)}/**/*.#{task2ext(name)}"
+  if name == :cucumber || name == :selenium
+    glob =  "plugins/{#{plugins.join(',')}}/#{task2folder(name)}/**/*.#{task2ext(name)}"
+  else
+    glob =  "plugins/{#{plugins.join(',')}}/test/#{task2folder(name)}/**/*.#{task2ext(name)}"
+  end
   files = Dir.glob(glob)
   if files.empty?
     puts "I: no tests to run #{name}"
@@ -1 +0,0 @@
-Subproject commit bd879003043b4a93b78cbd4a582b6e0650900bcb
 Given /^CommentClassificationPlugin is enabled$/ do
-  step %{I am logged in as admin}
-  step %{I am on the environment control panel}
-  step %{I follow "Plugins"}
-  step %{I check "Comment Classification"}
-  step %{I press "Save changes"}
+  steps %Q{
+    Given I am logged in as admin
+    Given I am on the environment control panel
+    Given I follow "Plugins"
+    Given I check "Comment Classification"
+    Given I press "Save changes"
+  }
+
   Environment.default.enabled_plugins.should include("CommentClassificationPlugin")
 end
  
 require_dependency 'comment'
-require 'comment_classification_plugin.rb'
-require 'comment_classification_plugin/label.rb'
  
 class Comment
  
@@ -9,7 +9,7 @@ class Article
   def not_empty_group_comments_removed
     if body && body_changed?
       groups_with_comments = Comment.find(:all, :select => 'distinct group_id', :conditions => {:source_id => self.id}).map(&:group_id).compact
-      groups = Hpricot(body.to_s).search('.macro').collect{|element| element['data-macro-group_id'].to_i}
+      groups = Nokogiri::HTML.fragment(body.to_s).css('.macro').collect{|element| element['data-macro-group_id'].to_i}
       errors[:base] << (N_('Not empty group comment cannot be removed')) unless (groups_with_comments-groups).empty?
     end
   end
@@ -59,7 +59,7 @@ class CommunityTrackPlugin::Track &lt; Folder
  
   def first_paragraph
     return '' if body.blank?
-    paragraphs = Hpricot(body).search('p')
+    paragraphs = Nokogiri::HTML.fragment(body).css('p')
     paragraphs.empty? ? '' : paragraphs.first.to_html
   end
  
@@ -25,7 +25,7 @@
 .edit-information {
   display: none;
 }
-#colorbox .edit-information {
+.modal .edit-information {
   display: block;
 }
  
@@ -26,7 +26,7 @@
   <%= labelled_radio_button 'Multiple Select', "fields[#{counter}][kind]", 'multiple_select', field.multiple && field.list %><br />
  
   <% button_bar do %>
-    <%= button :ok, c_('Ok'), '#', :class => 'colorbox-ok-button', :div_id => elem_id %>
+    <%= button :ok, _('Ok'), '#', :div_id => elem_id %>
   <% end %>
 </div>
  
@@ -0,0 +1,3 @@
+gem 'omniauth', '~> 1.2.2'
+gem 'omniauth-facebook', '~> 2.0.0'
+gem "omniauth-google-oauth2", '~> 0.2.6'
@@ -0,0 +1,72 @@
+README - Oauth Client Plugin
+================================
+
+OauthClient is a plugin which allow users to login/signup to noosfero with some oauth providers (for now, google, facebook and noosfero itself).
+
+Install
+=======
+
+Enable Plugin
+-------------
+
+cd <your_noosfero_dir>
+./script/noosfero-plugins enable oauth_client
+
+Active Plugin
+-------------
+
+As a Noosfero administrator user, go to administrator panel:
+
+- Click on "Enable/disable plugins" option
+- Click on "Oauth Client Plugin" check-box
+
+Provider Settings
+=================
+
+Goggle
+------
+
+[Create Google+ application](https://developers.google.com/+/web/signin/javascript-flow)
+
+Facebook
+--------
+
+[Create Facebook application](https://developers.facebook.com/docs/facebook-login/v2.1)
+
+Varnish Settings
+================
+If varnish has been used in your stack, you've to bypass the cache for signup page and prevent cookies to be removed when calling the oauth_client plugin callback. E.g.:
+
+```
+if (req.url !~ "^/account/*" && req.url !~ "^/plugin/oauth_provider/*" && req.url !~ "^/plugin/oauth_client/*" && req.http.cookie !~ "_noosfero_.*") {
+  unset req.http.cookie;
+  return(lookup);
+}
+```
+
+Using Oauth Provider Plugin
+===========================
+The oauth_provider plugin may be used as a provider in the same noosfero installation that hosts your oauth_client plugin (this is usefull in a multi environment setup).
+
+However, you've to use a distinct set of thin processes to handle the authorization requests (to avoid deadlock).
+
+Apache settings example:
+```
+RewriteRule ^/oauth_provider/oauth/(authorize|token).*$ balancer://noosfero-oauth-provider%{REQUEST_URI} [P,QSA,L]
+```
+
+
+Development
+===========
+
+Running OauthClient tests
+--------------------
+
+$ rake test:noosfero_plugins:oauth_client
+
+License
+=======
+
+Copyright (c) The Author developers.
+
+See Noosfero license.
@@ -0,0 +1,27 @@
+class OauthClientPluginAdminController < AdminController
+
+  def index
+  end
+
+  def new
+    @provider = environment.oauth_providers.new
+    render :file => 'oauth_client_plugin_admin/edit'
+  end
+
+  def remove
+    environment.oauth_providers.find(params[:id]).destroy
+    redirect_to :action => 'index'
+  end
+
+  def edit
+    @provider = params[:id] ? environment.oauth_providers.find(params[:id]) : environment.oauth_providers.new
+    if request.post?
+      if @provider.update_attributes(params['oauth_client_plugin_provider'])
+        session[:notice] = _('Saved!')
+      else
+        session[:notice] = _('Error!')
+      end
+    end
+  end
+
+end
@@ -0,0 +1,46 @@
+class OauthClientPluginPublicController < PublicController
+
+  skip_before_filter :login_required
+
+  def callback
+    auth = request.env["omniauth.auth"]
+    user = environment.users.find_by_email(auth.info.email)
+    user ? login(user) : signup(auth)
+  end
+
+  def failure
+    session[:notice] = _('Failed to login')
+    redirect_to root_url
+  end
+
+  def destroy
+    session[:user] = nil
+    redirect_to root_url
+  end
+
+  protected
+
+  def login(user)
+    provider = OauthClientPlugin::Provider.find(session[:provider_id])
+    user_provider = user.oauth_user_providers.find_by_provider_id(provider.id)
+    unless user_provider
+      user_provider = user.oauth_user_providers.create(:user => user, :provider => provider, :enabled => true)
+    end
+    if user_provider.enabled? && provider.enabled?
+      session[:user] = user.id
+    else
+      session[:notice] = _("Can't login with #{provider.name}")
+    end
+
+    redirect_to :controller => :account, :action => :login
+  end
+
+  def signup(auth)
+    login = auth.info.email.split('@').first
+    session[:oauth_data] = auth
+    name = auth.info.name
+    name ||= auth.extra && auth.extra.raw_info ? auth.extra.raw_info.name : ''
+    redirect_to :controller => :account, :action => :signup, :user => {:login => login, :email => auth.info.email}, :profile_data => {:name => name}
+  end
+
+end
@@ -0,0 +1,19 @@
+class CreateOauthClientPluginProvider < ActiveRecord::Migration
+
+  def self.up
+    create_table :oauth_client_plugin_providers do |t|
+      t.integer :environment_id
+      t.string :strategy
+      t.string :name
+      t.text :options
+      t.boolean :enabled
+      t.integer :image_id
+
+      t.timestamps
+    end
+  end
+
+  def self.down
+    drop_table :oauth_client_plugin_providers
+  end
+end
@@ -0,0 +1,14 @@
+class CreateOauthClientUserProviders < ActiveRecord::Migration
+  def self.up
+    create_table :oauth_client_plugin_user_providers do |t|
+      t.references :user
+      t.references :provider
+      t.boolean :enabled
+      t.timestamps
+    end
+  end
+
+  def self.down
+    drop_table :oauth_client_plugin_user_providers
+  end
+end
@@ -0,0 +1,7 @@
+require_dependency 'environment'
+
+class Environment
+
+  has_many :oauth_providers, :class_name => 'OauthClientPlugin::Provider'
+
+end
@@ -0,0 +1,31 @@
+require_dependency 'user'
+
+class User
+
+  has_many :oauth_user_providers, :class_name => 'OauthClientPlugin::UserProvider'
+  has_many :oauth_providers, :through => :oauth_user_providers, :source => :provider
+
+  def password_required_with_oauth?
+    password_required_without_oauth? && oauth_providers.empty?
+  end
+
+  alias_method_chain :password_required?, :oauth
+
+  after_create :activate_oauth_user
+
+  def activate_oauth_user
+    unless oauth_providers.empty?
+      activate
+      oauth_providers.each do |provider|
+        OauthClientPlugin::UserProvider.create!(:user => self, :provider => provider, :enabled => true)
+      end
+    end
+  end
+
+  def make_activation_code_with_oauth
+    oauth_providers.blank? ? make_activation_code_without_oauth : nil
+  end
+
+  alias_method_chain :make_activation_code, :oauth
+
+end
@@ -0,0 +1,95 @@
+require 'omniauth/strategies/noosfero_oauth2'
+
+class OauthClientPlugin < Noosfero::Plugin
+
+  def self.plugin_name
+    "Oauth Client Plugin"
+  end
+
+  def self.plugin_description
+    _("Login with Oauth.")
+  end
+
+  def login_extra_contents
+    plugin = self
+    proc do
+      render :partial => 'auth/oauth_login', :locals => {:providers => environment.oauth_providers.enabled}
+    end
+  end
+
+  def signup_extra_contents
+    plugin = self
+
+    proc do
+      if plugin.context.session[:oauth_data].present?
+        render :partial => 'account/oauth_signup'
+      else
+        ''
+      end
+    end
+  end
+
+  PROVIDERS = {
+    :facebook => {
+      :name => 'Facebook'
+    },
+    :google_oauth2 => {
+      :name => 'Google'
+    },
+    :noosfero_oauth2 => {
+      :name => 'Noosfero'
+    }
+  }
+
+  def stylesheet?
+    true
+  end
+
+  OmniAuth.config.on_failure = OauthClientPluginPublicController.action(:failure)
+
+  Rails.application.config.middleware.use OmniAuth::Builder do
+    PROVIDERS.each do |provider, options|
+      setup = lambda { |env|
+        request = Rack::Request.new(env)
+        strategy = env['omniauth.strategy']
+
+        Noosfero::MultiTenancy.setup!(request.host)
+        domain = Domain.find_by_name(request.host)
+        environment = domain.environment rescue Environment.default
+
+        provider_id = request.params['id']
+        provider_id ||= request.session['omniauth.params']['id'] if request.session['omniauth.params']
+        provider = environment.oauth_providers.find(provider_id)
+        strategy.options.merge!(provider.options.symbolize_keys)
+
+        request.session[:provider_id] = provider_id
+      }
+
+      provider provider, :setup => setup,
+        :path_prefix => '/plugin/oauth_client',
+        :callback_path => "/plugin/oauth_client/public/callback/#{provider}",
+        :client_options => { :connection_opts => { :proxy => ENV["OAUTH_HTTP_PROXY"] } }
+    end
+
+    unless Rails.env.production?
+      provider :developer, :path_prefix => "/plugin/oauth_client", :callback_path => "/plugin/oauth_client/public/callback/developer"
+    end
+  end
+
+  def account_controller_filters
+    {
+      :type => 'before_filter', :method_name => 'signup',
+      :block => proc {
+        auth = session[:oauth_data]
+
+        if auth.present? && params[:user].present?
+          params[:user][:oauth_providers] = [OauthClientPlugin::Provider.find(session[:provider_id])]
+          if request.post? && auth.info.email != params[:user][:email]
+            raise "Wrong email for oauth signup"
+          end
+        end
+      }
+    }
+  end
+
+end
@@ -0,0 +1,20 @@
+class OauthClientPlugin::Provider < Noosfero::Plugin::ActiveRecord
+
+  belongs_to :environment
+
+  validates_presence_of :name, :strategy
+
+  acts_as_having_image
+  acts_as_having_settings :field => :options
+
+  settings_items :client_id, :type => :string
+  settings_items :client_secret, :type => :string
+  settings_items :client_options, :type => Hash
+
+  attr_accessible :name, :environment, :strategy, :client_id, :client_secret, :enabled, :client_options, :image_builder
+
+  scope :enabled, :conditions => {:enabled => true}
+
+  acts_as_having_image
+
+end
@@ -0,0 +1,10 @@
+class OauthClientPlugin::UserProvider < Noosfero::Plugin::ActiveRecord
+
+   belongs_to :user, :class_name => 'User'
+   belongs_to :provider, :class_name => 'OauthClientPlugin::Provider'
+
+   set_table_name :oauth_client_plugin_user_providers
+
+   attr_accessible :user, :provider, :enabled
+
+end
@@ -0,0 +1,26 @@
+require 'omniauth/strategies/oauth2'
+
+module OmniAuth
+  module Strategies
+    class NoosferoOauth2 < OmniAuth::Strategies::OAuth2
+      option :name, :noosfero_oauth2
+      option :client_options, {
+        :authorize_url => '/oauth_provider/oauth/authorize',
+        :token_url     => '/oauth_provider/oauth/token'
+      }
+
+      uid { raw_info["id"] }
+
+      info do
+        {
+          :email => raw_info["email"]
+        }
+      end
+
+      def raw_info
+        #FIXME access the noosfero api (coming soon)
+        @raw_info ||= access_token.get('/plugin/oauth_provider/public/me').parsed
+      end
+    end
+  end
+end
@@ -0,0 +1,18 @@
+.oauth-login .provider a {
+  min-width: 20px;
+  min-height: 20px;
+  background-size: 20px;
+  display: inline-block;
+  text-decoration: none;
+  background-repeat: no-repeat;
+  line-height: 20px;
+}
+.oauth-login .provider a img {
+  max-width: 40px;
+}
+.oauth-login .provider a:hover {
+  opacity: 0.7;
+}
+.oauth-login .provider .developer {
+  display: none;
+}
@@ -0,0 +1,80 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class OauthClientPluginPublicControllerTest < ActionController::TestCase
+
+  def setup
+    @auth = mock
+    @auth.stubs(:info).returns(mock)
+    request.env["omniauth.auth"] = @auth
+    @environment = Environment.default
+    @provider = OauthClientPlugin::Provider.create!(:name => 'provider', :strategy => 'provider', :enabled => true)
+  end
+  attr_reader :auth, :environment, :provider
+
+  should 'redirect to signup when user is not found' do
+    auth.info.stubs(:email).returns("xyz123@noosfero.org")
+    auth.info.stubs(:name).returns('xyz123')
+    session[:provider_id] = provider.id
+
+    get :callback
+    assert_match /.*\/account\/signup/, @response.redirect_url
+  end
+
+  should 'redirect to login when user is found' do
+    user = fast_create(User, :environment_id => environment.id)
+    auth.info.stubs(:email).returns(user.email)
+    auth.info.stubs(:name).returns(user.name)
+    session[:provider_id] = provider.id
+
+    get :callback
+    assert_redirected_to :controller => :account, :action => :login
+    assert_equal user.id, session[:user]
+  end
+
+  should 'do not login when the provider is disabled' do
+    user = fast_create(User, :environment_id => environment.id)
+    auth.info.stubs(:email).returns(user.email)
+    auth.info.stubs(:name).returns(user.name)
+    session[:provider_id] = provider.id
+    provider.update_attribute(:enabled, false)
+
+    get :callback
+    assert_redirected_to :controller => :account, :action => :login
+    assert_equal nil, session[:user]
+  end
+
+  should 'do not login when the provider is disabled for a user' do
+    user = fast_create(User, :environment_id => environment.id)
+    auth.info.stubs(:email).returns(user.email)
+    auth.info.stubs(:name).returns(user.name)
+    session[:provider_id] = provider.id
+    user.oauth_user_providers.create(:user => user, :provider => provider, :enabled => false)
+
+    get :callback
+    assert_redirected_to :controller => :account, :action => :login
+    assert_equal nil, session[:user]
+  end
+
+  should 'save provider when an user login with it' do
+    user = fast_create(User, :environment_id => environment.id)
+    auth.info.stubs(:email).returns(user.email)
+    auth.info.stubs(:name).returns(user.name)
+    session[:provider_id] = provider.id
+
+    get :callback
+    assert_equal [provider], user.oauth_providers
+  end
+
+  should 'do not duplicate relations between an user and a provider when the same provider was used again in a login' do
+    user = fast_create(User, :environment_id => environment.id)
+    auth.info.stubs(:email).returns(user.email)
+    auth.info.stubs(:name).returns(user.name)
+    session[:provider_id] = provider.id
+
+    get :callback
+    assert_no_difference 'user.oauth_user_providers.count' do
+      3.times { get :callback }
+    end
+  end
+
+end
@@ -0,0 +1 @@
+require File.dirname(__FILE__) + '/../../../test/test_helper'
@@ -0,0 +1,10 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class UserTest < ActiveSupport::TestCase
+
+  should 'be able to add oauth providers in a environment' do
+    env = fast_create(Environment)
+    env.oauth_providers << OauthClientPlugin::Provider.new(:name => 'test', :strategy => 'test')
+  end
+
+end
@@ -0,0 +1,86 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class OauthClientPluginTest < ActiveSupport::TestCase
+
+  def setup
+    @plugin = OauthClientPlugin.new(self)
+    @params = {}
+    @plugin.stubs(:context).returns(self)
+    @environment = Environment.default
+    @session = {}
+    @request = mock
+    @provider = OauthClientPlugin::Provider.create!(:name => 'name', :strategy => 'strategy')
+  end
+
+  attr_reader :params, :plugin, :environment, :session, :request, :provider
+
+  should 'has extra contents for login' do
+    assert plugin.login_extra_contents
+  end
+
+  should 'has no signup extra contents if no provider was enabled' do
+    assert_equal '', instance_eval(&plugin.signup_extra_contents)
+  end
+
+  should 'has signup extra contents if oauth_data exists in session' do
+    session[:oauth_data] = {:oauth => 'test'}
+    expects(:render).with(:partial => 'account/oauth_signup').once
+    instance_eval(&plugin.signup_extra_contents)
+  end
+
+  should 'define before filter for account controller' do
+    assert plugin.account_controller_filters
+  end
+
+  should 'raise error if oauth email was changed' do
+    request.expects(:post?).returns(true)
+
+    oauth_data = mock
+    info = mock
+    oauth_data.stubs(:info).returns(info)
+    oauth_data.stubs(:uid).returns('uid')
+    oauth_data.stubs(:provider).returns('provider')
+    info.stubs(:email).returns('test@example.com')
+    session[:oauth_data] = oauth_data
+    session[:provider_id] = provider.id
+
+    params[:user] = {:email => 'test2@example.com'}
+    assert_raises RuntimeError do
+      instance_eval(&plugin.account_controller_filters[:block])
+    end
+  end
+
+  should 'do not raise error if oauth email was not changed' do
+    request.expects(:post?).returns(true)
+
+    oauth_data = mock
+    info = mock
+    oauth_data.stubs(:info).returns(info)
+    oauth_data.stubs(:uid).returns('uid')
+    oauth_data.stubs(:provider).returns('provider')
+    info.stubs(:email).returns('test@example.com')
+    session[:oauth_data] = oauth_data
+    session[:provider_id] = provider.id
+
+    params[:user] = {:email => 'test@example.com'}
+    instance_eval(&plugin.account_controller_filters[:block])
+  end
+
+  should 'do not raise error if oauth session is not set' do
+    instance_eval(&plugin.account_controller_filters[:block])
+  end
+
+  should 'do not raise error if it is not a post' do
+    request.expects(:post?).returns(false)
+    params[:user] = {:email => 'test2@example.com'}
+
+    oauth_data = mock
+    oauth_data.stubs(:uid).returns('uid')
+    oauth_data.stubs(:provider).returns('provider')
+    session[:provider_id] = provider.id
+
+    session[:oauth_data] = oauth_data
+    instance_eval(&plugin.account_controller_filters[:block])
+  end
+
+end
@@ -0,0 +1,40 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class UserTest < ActiveSupport::TestCase
+
+  def setup
+    @provider = OauthClientPlugin::Provider.create!(:name => 'name', :strategy => 'strategy')
+  end
+  attr_reader :provider
+
+  should 'password is not required if there is a oauth provider' do
+    User.create!(:email => 'testoauth@example.com', :login => 'testoauth', :oauth_providers => [provider])
+  end
+
+  should 'password is required if there is a oauth provider' do
+    user = User.new(:email => 'testoauth@example.com', :login => 'testoauth')
+    user.save
+    assert user.errors[:password].present?
+  end
+
+  should 'activate user when created with oauth' do
+    user = User.create!(:email => 'testoauth@example.com', :login => 'testoauth', :oauth_providers => [provider])
+    assert user.activated?
+  end
+
+  should 'not activate user when created without oauth' do
+    user = fast_create(User)
+    assert !user.activated?
+  end
+
+  should 'not make activation code when created with oauth' do
+    user = User.create!(:email => 'testoauth@example.com', :login => 'testoauth', :oauth_providers => [provider])
+    assert !user.activation_code
+  end
+
+  should 'make activation code when created without oauth' do
+    user = User.create!(:email => 'testoauth@example.com', :login => 'testoauth', :password => 'test', :password_confirmation => 'test')
+    assert user.activation_code
+  end
+
+end
@@ -0,0 +1,11 @@
+<%= hidden_field_tag 'return_to', '/' %>
+
+<style>
+  #signup-password, #signup-password-confirmation, #signup-email {
+    display: none;
+  }
+</style>
+
+<div id='signup-email-readonly'>
+  <%= labelled_form_field(_('Email'), text_field(:user, :email, :class => "disabled", :readonly => true)) %>
+</div>
@@ -0,0 +1,16 @@
+<div class="oauth-login">
+  <% unless providers.empty? %>
+    <%= _('Login with:') %>
+  <% end %>
+  <% providers.each do |provider| %>
+    <span class="provider">
+      <%= link_to provider.image ? image_tag(provider.image.public_filename) : provider.name, "/plugin/oauth_client/#{provider.strategy}?id=#{provider.id}", :class => provider.strategy, :title => provider.name %>
+    </span>
+  <% end %>
+
+  <span class="provider">
+    <% unless Rails.env.production? %>
+      <%= link_to _('Developer Login'), "/plugin/oauth_client/developer", :class => 'developer' %>
+    <% end %>
+  </span>
+</div>
@@ -0,0 +1,5 @@
+<%= f.fields_for :client_options, OpenStruct.new(provider.options[:client_options]) do |c| %>
+  <div class="client-url">
+    <%= labelled_form_field _('Client Url'), c.text_field(:site) %>
+  </div>
+<% end %>
@@ -0,0 +1,39 @@
+<h1><%= _('Oauth Client Settings') %></h1>
+<h3><%= _('Edit Provider') %></h3>
+
+<%= form_for @provider, :url => {:action => 'edit'}, :method => 'post' do |f| %>
+
+  <div class="enabled">
+    <%= labelled_form_field f.check_box(:enabled) + _('Enabled'), '' %>
+  </div>
+
+  <div class="name">
+    <%= labelled_form_field _('Name'), f.text_field(:name) %>
+  </div>
+
+  <div class="strategy">
+    <%= labelled_form_field _('Strategy'), f.select(:strategy, OauthClientPlugin::PROVIDERS) %>
+  </div>
+
+  <div class="client-id">
+    <%= labelled_form_field _('Client Id'), f.text_field(:client_id) %>
+  </div>
+
+  <div class="client-secret">
+    <%= labelled_form_field _('Client Secret'), f.text_field(:client_secret) %>
+  </div>
+
+  <% if File.exists?(File.join(File.dirname(__FILE__), "_#{@provider.strategy}.html.erb")) %>
+    <%= render :partial => "#{@provider.strategy}", :locals => {:f => f, :provider => @provider} %>
+  <% end %>
+
+  <div class="image-icon">
+    <%= f.fields_for :image_builder, @provider.image do |i| %>
+      <%= file_field_or_thumbnail(_('Image:'), @provider.image, i) %><%= _("Max size: %s (.jpg, .gif, .png)")% Image.max_size.to_humanreadable %>
+    <% end %>
+  </div>
+
+  <% button_bar do %>
+    <%= submit_button(:save, _('Save'), :cancel => {:action => 'index'}) %>
+  <% end %>
+<% end %>
@@ -0,0 +1,24 @@
+<h1><%= _('Oauth Client Settings') %></h1>
+<h3><%= _('Providers') %></h3>
+<%= button :add, _('New'), {:action => 'new'} %>
+<table>
+  <tr>
+    <th><%= _('Name') %></th>
+    <th><%= _('Strategy') %></th>
+    <th><%= _('Actions') %></th>
+  </tr>
+
+  <% environment.oauth_providers.each do |provider| %>
+    <tr>
+      <td><%= provider.name %></td>
+      <td><%= provider.strategy %></td>
+      <td>
+        <%= link_to _('Edit'), {:action => 'edit', :id => provider.id} %>
+        <%= link_to _('Remove'), {:action => 'remove', :id => provider.id} %>
+      </td>
+    </tr>
+  <% end %>
+</table>
+<div class="actions">
+  <%= button(:back, _('Go back'), {:controller => 'plugins', :action => 'index'}) %>
+</div>
@@ -0,0 +1 @@
+gem 'doorkeeper', '~> 1.4.0'
@@ -0,0 +1,47 @@
+README - Oauth Provider Plugin
+================================
+
+OauthProvider is a plugin which allow noosfero to be used as an oauth provider 
+
+Install
+=======
+
+Enable Plugin
+-------------
+
+cd <your_noosfero_dir>
+./script/noosfero-plugins enable oauth_provider
+
+Active Plugin
+-------------
+
+As a Noosfero administrator user, go to administrator panel:
+
+- Click on "Enable/disable plugins" option
+- Click on "Oauth Provider Plugin" check-box
+
+Varnish Settings
+================
+If varnish has been used in your stack, you've to prevent cookies to be removed when calling authorization actions for  oauth_provider. E.g.:
+
+```
+if (req.url !~ "^/plugin/oauth_provider/*" && req.http.cookie !~ "_noosfero_.*") {
+  unset req.http.cookie;
+  return(lookup);
+}
+```
+
+Development
+===========
+
+Running OauthProvider tests
+--------------------
+
+$ rake test:noosfero_plugins:oauth_provider
+
+License
+=======
+
+Copyright (c) The Author developers.
+
+See Noosfero license.
...	...	@@ -11,7 +11,6 @@ gem 'will_paginate', '~> 3.0.3'
11	11	gem 'ruby-feedparser', '~> 0.7'
12	12	gem 'daemons', '~> 1.1.5'
13	13	gem 'thin', '~> 1.3.1'
14		-gem 'hpricot', '~> 0.8.6'
15	14	gem 'nokogiri', '~> 1.5.5'
16	15	gem 'rake', :require => false
17	16	gem 'rest-client', '~> 1.6.7'
...	...	@@ -41,9 +40,12 @@ group :cucumber do
41	40	gem 'selenium-webdriver', '~> 2.39.0'
42	41	end
43	42
	43	+# Requires custom dependencies
	44	+eval(File.read('config/Gemfile'), binding) rescue nil
	45	+
44	46	# include gemfiles from enabled plugins
45	47	# plugins in baseplugins/ are not included on purpose. They should not have any
46	48	# dependencies.
47	49	Dir.glob('config/plugins/*/Gemfile').each do \|gemfile\|
48	50	eval File.read(gemfile)
49	51	-end
	52	+end
50	53	\ No newline at end of file
...	...
...	...	@@ -21,7 +21,7 @@ Noosfero is written in Ruby with the "[Rails framework](http://www.rubyonrails.o
21	21	You need to install some packages Noosfero depends on. On Debian GNU/Linux or Debian-based systems, all of these packages are available through the Debian archive. You can install them with the following command:
22	22
23	23	# apt-get install ruby rake po4a libgettext-ruby-util libgettext-ruby1.8 \
24		- libsqlite3-ruby rcov librmagick-ruby libredcloth-ruby libhpricot-ruby \
	24	+ libsqlite3-ruby rcov librmagick-ruby libredcloth-ruby \
25	25	libwill-paginate-ruby iso-codes libfeedparser-ruby libdaemons-ruby thin \
26	26	tango-icon-theme
27	27
...	...	@@ -40,7 +40,6 @@ On other systems, they may or may not be available through your regular package
40	40	* Daemons - http://daemons.rubyforge.org
41	41	* Thin: http://code.macournoyer.com/thin
42	42	* tango-icon-theme: http://tango.freedesktop.org/Tango_Icon_Library
43		-* Hpricot: http://hpricot.com
44	43
45	44	If you manage to install Noosfero successfully on other systems than Debian,
46	45	please feel free to contact the Noosfero development mailing with the
...	...
...	...	@@ -26,7 +26,7 @@ The file config/database.yml must follow a structure in order to achieve multite
26	26
27	27	Each "hosted" environment must have an entry like this:
28	28
29		- env1_production:
	29	+ env1_production: &DEFAULT
30	30	adapter: postgresql
31	31	encoding: unicode
32	32	database: noosfero
...	...	@@ -61,7 +61,7 @@ The "hosted" environments define, besides the `schema_search_path`, a list of do
61	61	You must also tell the application which is the default environment.
62	62
63	63	production:
64		- env1_production
	64	+ <<: *DEFAULT
65	65
66	66	On the example above there are only three hosted environments, but it can be more than three. The schemas `env2` and `env3` must already exist in the same database of the hosting environment. As postgres user, you can create them typing:
67	67
...	...
...	...	@@ -28,6 +28,7 @@ class ApplicationController < ActionController::Base
28	28	unless environment.access_control_allow_methods.blank?
29	29	response.headers["Access-Control-Allow-Methods"] = environment.access_control_allow_methods
30	30	end
	31	+ response.headers["Access-Control-Allow-Credentials"] = 'true'
31	32	elsif environment.restrict_to_access_control_origins
32	33	render_access_denied _('Origin not in allowed.')
33	34	end
...	...
...	...	@@ -8,11 +8,7 @@ module ApplicationHelper
8	8
9	9	include PermissionNameHelper
10	10
11		- include LightboxHelper
12		-
13		- include ThickboxHelper
14		-
15		- include ColorboxHelper
	11	+ include ModalHelper
16	12
17	13	include BoxesHelper
18	14
...	...	@@ -651,8 +647,8 @@ module ApplicationHelper
651	647	' onfocus="if(this.value==\''+s+'\'){this.value=\'\'} this.form.className=\'focus-in\'"'+
652	648	' onblur="if(/^\s*$/.test(this.value)){this.value=\''+s+'\'} this.form.className=\'focus-out\'">'+
653	649	'</form>'
654		- else #opt == 'lightbox_link' is default
655		- lightbox_link_to '<span class="icon-menu-search"></span>'+ _('Search'), {
	650	+ else
	651	+ modal_link_to '<span class="icon-menu-search"></span>'+ _('Search'), {
656	652	:controller => 'search',
657	653	:action => 'popup',
658	654	:category_path => (@category ? @category.explode_path : nil)},
...	...	@@ -1050,7 +1046,7 @@ module ApplicationHelper
1050	1046	{s_('contents\|Most commented') => {:href => url_for({:controller => 'search', :action => 'contents', :filter => 'more_comments'})}}
1051	1047	]
1052	1048	if logged_in?
1053		- links.push(_('New content') => colorbox_options({:href => url_for({:controller => 'cms', :action => 'new', :profile => current_user.login, :cms => true})}))
	1049	+ links.push(_('New content') => modal_options({:href => url_for({:controller => 'cms', :action => 'new', :profile => current_user.login, :cms => true})}))
1054	1050	end
1055	1051
1056	1052	link_to(content_tag(:span, _('Contents'), :class => 'icon-menu-articles'), {:controller => "search", :action => 'contents', :category_path => nil}, :id => 'submenu-contents') +
...	...	@@ -1398,16 +1394,16 @@ module ApplicationHelper
1398	1394	end
1399	1395
1400	1396	def convert_macro(html, source)
1401		- doc = Hpricot(html)
	1397	+ doc = Nokogiri::HTML.fragment html
1402	1398	#TODO This way is more efficient but do not support macro inside of
1403	1399	# macro. You must parse them from the inside-out in order to enable
1404	1400	# that.
1405		- doc.search('.macro').each do \|macro\|
	1401	+ doc.css('.macro').each do \|macro\|
1406	1402	macro_name = macro['data-macro']
1407	1403	result = @plugins.parse_macro(macro_name, macro, source)
1408	1404	macro.inner_html = result.kind_of?(Proc) ? self.instance_exec(&result) : result
1409	1405	end
1410		- doc.html
	1406	+ doc.to_html
1411	1407	end
1412	1408
1413	1409	def default_folder_for_image_upload(profile)
...	...
...	...	@@ -231,7 +231,7 @@ module BoxesHelper
231	231	end
232	232
233	233	if block.editable?
234		- buttons << colorbox_icon_button(:edit, _('Edit'), { :action => 'edit', :id => block.id })
	234	+ buttons << modal_icon_button(:edit, _('Edit'), { :action => 'edit', :id => block.id })
235	235	end
236	236
237	237	if !block.main?
...	...	@@ -241,7 +241,7 @@ module BoxesHelper
241	241	end
242	242
243	243	if block.respond_to?(:help)
244		- buttons << thickbox_inline_popup_icon(:help, _('Help on this block'), {}, "help-on-box-#{block.id}") << content_tag('div', content_tag('h2', _('Help')) + content_tag('div', block.help, :style => 'margin-bottom: 1em;') + thickbox_close_button(_('Close')), :style => 'display: none;', :id => "help-on-box-#{block.id}")
	244	+ buttons << modal_inline_icon(:help, _('Help on this block'), {}, "#help-on-box-#{block.id}") << content_tag('div', content_tag('h2', _('Help')) + content_tag('div', block.help, :style => 'margin-bottom: 1em;') + modal_close_button(_('Close')), :style => 'display: none;', :id => "help-on-box-#{block.id}")
245	245	end
246	246
247	247	if block.embedable?
...	...
...	...	@@ -1,25 +0,0 @@
1		-module ColorboxHelper
2		-
3		- def colorbox_close_button(text, options = {})
4		- button(:close, text, '#', colorbox_options(options, :close))
5		- end
6		-
7		- def colorbox_button(type, label, url, options = {})
8		- button(type, label, url, colorbox_options(options))
9		- end
10		-
11		- def colorbox_icon_button(type, label, url, options = {})
12		- icon_button(type, label, url, colorbox_options(options))
13		- end
14		-
15		- # options must be an HTML options hash as passed to link_to etc.
16		- #
17		- # returns a new hash with colorbox class added. Keeps existing classes.
18		- def colorbox_options(options, type=nil)
19		- the_class = 'colorbox'
20		- the_class += "-#{type.to_s}" unless type.nil?
21		- the_class << " #{options[:class]}" if options.has_key?(:class)
22		- options.merge(:class => the_class)
23		- end
24		-
25		-end
...	...	@@ -65,7 +65,7 @@ module CommentHelper
65	65
66	66	def link_for_edit(comment)
67	67	if comment.can_be_updated_by?(user)
68		- {:link => expirable_comment_link(comment, :edit, _('Edit'), url_for(:profile => profile.identifier, :controller => :comment, :action => :edit, :id => comment.id),:class => 'colorbox')}
	68	+ {:link => expirable_comment_link(comment, :edit, _('Edit'), url_for(:profile => profile.identifier, :controller => :comment, :action => :edit, :id => comment.id),:class => 'modal')}
69	69	end
70	70	end
71	71
...	...
...	...	@@ -45,8 +45,6 @@ module LayoutHelper
45	45	standard_stylesheets = [
46	46	'application',
47	47	'search',
48		- 'thickbox',
49		- 'lightbox',
50	48	'colorbox',
51	49	'selectordie',
52	50	'inputosaurus',
...	...
...	...	@@ -1,36 +0,0 @@
1		-module LightboxHelper
2		-
3		- def lightbox_link_to(text, url, options = {})
4		- link_to(text, url, lightbox_options(options))
5		- end
6		-
7		- def lightbox_close_button(text, options = {})
8		- button(:close, text, '#', lightbox_options(options, 'lbAction').merge(:rel => 'deactivate'))
9		- end
10		-
11		- def lightbox_button(type, label, url, options = {})
12		- button(type, label, url, lightbox_options(options))
13		- end
14		-
15		- def lightbox_icon_button(type, label, url, options = {})
16		- icon_button(type, label, url, lightbox_options(options))
17		- end
18		-
19		- # options must be an HTML options hash as passed to link_to etc.
20		- #
21		- # returns a new hash with lightbox class added. Keeps existing classes.
22		- def lightbox_options(options, lightbox_type = 'lbOn')
23		- the_class = lightbox_type
24		- the_class << " #{options[:class]}" if options.has_key?(:class)
25		- options.merge(:class => the_class)
26		- end
27		-
28		- def lightbox?
29		- request.xhr?
30		- end
31		-
32		- def lightbox_remote_button(type, label, url, options = {})
33		- button(type, label, url, lightbox_options(options, 'remote-lbOn'))
34		- end
35		-
36		-end