Merge branch 'master' of gitlab.com:noosfero/noosfero

Rodrigo Souto
2 parents b2cc9def 32f88e65
Showing 39 changed files with 503 additions and 215 deletions Show diff stats
INSTALL.chat.md
INSTALL.https.md
INSTALL.varnish.md
app/controllers/my_profile/cms_controller.rb
app/controllers/my_profile/friends_controller.rb
app/controllers/my_profile/memberships_controller.rb
app/controllers/public/content_viewer_controller.rb
app/helpers/application_helper.rb
app/models/article.rb
app/models/friendship.rb
app/models/person_notifier.rb
app/models/slideshow_block.rb
app/views/cms/view.html.erb
app/views/content_viewer/view_page.html.erb
app/views/memberships/index.html.erb
db/migrate/20140724134601_fix_yaml_encoding.rb
etc/pound.cfg
features/manage_users.feature
features/support/selenium.rb
lib/noosfero/plugin/routes.rb
-XMPP/Chat Client Setup
-======================
+XMPP/Chat Setup
+===============
  
-To configure XMPP/BOSH in Noosfero you need:
+The samples of config file to configure a XMPP/BOSH server with ejabberd,
+postgresql and apache2 can be found at util/chat directory.
  
-* REST Client - http://github.com/archiloque/rest-client
-* SystemTimer - http://ph7spot.com/musings/system-timer
-* Pidgin data files - http://www.pidgin.im/
+This setup supposes that you are using Noosfero installed via Debian package
+in a production environment.
  
-If you use Debian 6.0 (squeeze):
-
-    # apt-get install librestclient-ruby pidgin-data ruby1.8-dev
-    # gem install SystemTimer
-
-The samples of config file to configure a XMPP/BOSH server with ejabberd, postgresql and apache2 can be found at util/chat directory.
-
-XMPP/Chat Server Setup
-======================
+Steps
+=====
  
 This is a step-by-step guide to get a XMPP service working, in a Debian system.
  
 ## 1. Install the required packages
  
-    # apt-get install ejabberd odbc-postgresql
+    # apt-get install ejabberd odbc-postgresql librestclient-ruby pidgin-data ruby1.8-dev
+    # gem install SystemTimer
  
 ## 2. Ejabberd configuration
  
-All the following changes must be done in config file: `/etc/ejabberd/ejabberd.cfg`
-
-### 2.1. Set the default admin user
-
-    { acl, admin, { user, "john", "www.example.com" } }.
-    { acl, admin, { user, "bart", "www.example.com" } }.
-
-### 2.2. Set the default host
-
-    { hosts, [ "www.example.com" ] }.
-
-### 2.3. Http-Bind activation
-
-    { 5280, ejabberd_http, [
-          http_bind,
-          web_admin
-       ]
-    }
-
-    (...)
-
-    { modules, [
-       {mod_http_bind, []},
-       ...
-    ] }.
-
-Ejabberd creates semi-anonymous rooms by default, but Noosfero's Jabber client needs non-anonymous room, then we need to change default params of creation rooms in ejabberd to create non-anonymous rooms.
-
-In non-anonymous rooms the jabber service sends the new occupant's full JID to all occupants in the room [[1]].
+    # cp /usr/share/noosfero/util/chat/ejabberd.cfg /etc/ejabberd/
  
-Add option "`{default_room_options, [{anonymous, false}]}`" to `/etc/ejabberd/ejabberd.cfg` in mod_muc session. See below:
+Edit the /etc/ejabberd/ejabberd.cfg file and set your domain on the first 2 lines.
  
-    { mod_muc, [
-       %%{host, "conference.@HOST@"},
-       {access, muc},
-       {access_create, muc},
-       {access_persistent, muc},
-       {access_admin, muc_admin},
-       {max_users, 500},
-       {default_room_options, [{anonymous, false}]}
-    ]},
-
-[1]: http://xmpp.org/extensions/xep-0045.html#enter-nonanon
-
-
-### 2.4. Authentication method
-
-To use Postgresql through ODBC, the following modifications must be done:
-
- * Disable the default method:
-   `{auth_method, internal}.`
-
- * Enable autheticantion through ODBC:
-   `{auth_method, odbc}.`
+## 3. Configuring Postgresql
  
- * Set database server name
-   `{odbc_server, "DSN=PostgreSQLEjabberdNoosfero"}.`
+Give permission to noosfero user create new roles, login as
+postgres user and execute:
  
+    $ psql
+    postgres=# GRANT CREATE ON DATABASE noosfero TO noosfero;
  
-### 2.5. Increase the shaper traffic limit
+Change the postgresql authentication method to md5 instead of ident,
+add the following line to the file /etc/postgresql/8.4/main/pg_hba.conf:
  
-    { shaper, normal, { maxrate, 10000000 } }.
+   # Noosfero user
+   local   noosfero    noosfero                          md5
  
+(add this line before the following line)
  
-### 2.6. Disable unused modules
+   # "local" is for Unix domain socket connections only
+   local   all         all                               ident
  
-Unused modules can be disabled, for example:
+Restart postgresql server:
  
- * s2s
- * web_admin
- * mod_pubsub
- * mod_irc
- * mod_offline
- * mod_admin_extra
- * mod_register
+    # service postgresql restart
  
+Login as noosfero user, and execute:
  
-### 2.7. Enable ODBC modules
+    $ psql -U noosfero -W noosfero < /usr/share/noosfero/util/chat/postgresql/ejabberd.sql
  
- * mod_privacy -> mod_privacy_odbc
- * mod_private -> mod_private_odbc
- * mod_roster  -> mod_roster_odbc
+(see database password in the /etc/noosfero/database.yml file)
  
-## 3. Configuring Postgresql
+This will create a new schema inside the noosfero database, called `ejabberd`.
  
-Login as noosfero user, and execute:
+Note that there should be at least one domain with `is_default = true` in
+`domains` table, otherwise people won't be able to see their friends online.
  
-    $ psql noosfero < /path/to/noosfero/util/chat/postgresql/ejabberd.sql
+## 4. ODBC configuration
  
-Where `noosfero` may need to be replace by the name of the database used for Noosfero.
+Create the following files:
  
-This will create a new schema inside the noosfero database, called `ejabberd`.
+    # cp /usr/share/noosfero/util/chat/odbc.ini /etc/
+    # cp /usr/share/noosfero/util/chat/odbcinst.ini /etc/
  
-Note `noosfero` user should have permission to create Postgresql schemas. Also, there should be at least one domain with `is_default = true` in `domains` table, otherwise people won't be able to see their friends online.
+Edit the odbc.ini file and set the password for the database user, see
+the file /etc/noosfero/database.yml to get the password.
  
-## 4. ODBC configuration
+Adjust premissions:
  
-The following files must be created:
-
-`/etc/odbc.ini`:
-
-    [PostgreSQLEjabberdNoosfero]
-    Description      = PostgreSQL Noosfero ejabberd database
-    Driver           = PostgreSQL Unicode
-    Trace            = No
-    TraceFile        = /tmp/psqlodbc.log
-    Database         = noosfero
-    Servername       = localhost
-    UserName         = <DBUSER>
-    Password         = <DBPASS>
-    Port             =
-    ReadOnly         = No
-    RowVersioning    = No
-    ShowSystemTables = No
-    ShowOidColumn    = No
-    FakeOidIndex     = No
-    ConnSettings     = SET search_path TO ejabberd
-
-`/etc/odbcinst.ini`:
-
-    [PostgreSQL Unicode]
-    Description = PostgreSQL ODBC driver (Unicode version)
-    Driver      = /usr/lib/odbc/psqlodbcw.so
-    Setup       = /usr/lib/odbc/libodbcpsqlS.so
-    Debug       = 0
-    CommLog     = 1
-    UsageCount  = 3
+    # chmod 640 /etc/odbc.ini
+    # chown ejabberd /etc/odbc.ini
  
 ## 4.1 testing all:
  
@@ -159,7 +78,6 @@ The following files must be created:
  
 If the configuration was done right, the message "Connected!" will be displayed.
  
-
 ## 5. Enabling kernel polling and SMP in `/etc/default/ejabberd`
  
     POLL=true
@@ -205,32 +123,45 @@ Note: module proxy_http must be enabled:
  
     # a2enmod proxy_http
  
-## 8. DNS configuration
+Restart services:
  
-For this point, we assume you are using BIND as your DNS server. You need to add the following entries to the DNS zone file corresponding to the domain of your noosfero site:
+    # service ejabberd restart
+    # service noosfero restart
+    # service apache2 restart
  
-    _xmpp-client._tcp   SRV   5 100 5222 master
-    conference   CNAME master
-    _xmpp-client._tcp.conference   SRV   5 100 5222 master
+## 8. Test Apache Configuration
  
-If you are running a DNS server other than BIND, you will have to figure out how to create equivalente rules for your zone file. Patches to this documentation are welcome.
+Open in your browser the address:
  
-## 9. Testing this Setup
+    http://<yout domain>/http-bind
  
-Adjust shell limits to proceed with some benchmarks and load tests: 
+You should see a page with a message like that:
  
-    # ulimit −s 256
-    # ulimit −n 8192
-    # echo 10 > /proc/sys/net/ipv4/tcp_syn_retries
+   ejabberd mod_http_bind
+   An implementation of XMPP over BOSH (XEP-0206)
+   This web page is only informative. To use HTTP-Bind you need a Jabber/XMPP
+   client that supports it.
  
-To measure the bandwidth between server and client:
+## 9. Test chat session
  
- * at server side:
-   `# iperf −s`
+Open Noosfero console and execute:
  
- * at client side:
-   `# iperf −c server_ip`
+>> environment = Environment.default
+>> user = Person['guest']
+>> password = user.user.crypted_password
+>> login = user.jid
+>> RubyBOSH.initialize_session(login, password, "http://#{environment.default_hostname}/http-bind", :wait => 30, :hold => 1, :window => 5
  
-For heavy load tests, clone and use this software:
+If you have luck, should see something like that:
  
-    $ git clone http://git.holoscopio.com/git/metal/tester.git
+Ruby-BOSH - SEND
+<body window="5" rid="60265" xmlns="http://jabber.org/protocol/httpbind" xmlns:xmpp="urn:xmpp:xbosh" to="vagrant-debian-squeeze.vagrantup.com" wait="30" xmpp:version="1.0" hold="1"/>
+Ruby-BOSH - SEND
+<body rid="60266" xmlns="http://jabber.org/protocol/httpbind" sid="24cdfc43646a2af1059a7060b677c2e11b26f34f" xmlns:xmpp="urn:xmpp:xbosh" xmpp:version="1.0"><auth mechanism="PLAIN" xmlns="urn:ietf:params:xml:ns:xmpp-sasl">Z3Vlc3RAdmFncmFudC1kZWJpYW4tc3F1ZWV6ZS52YWdyYW50dXAuY29tAGd1ZXN0ADEzZTFhYWVlYjRhYjZlMTA0MmRkNWI1YWY0MzM4MjA1OGJiOWZmNzk=</auth></body>
+Ruby-BOSH - SEND
+<body xmpp:restart="true" rid="60267" xmlns="http://jabber.org/protocol/httpbind" sid="24cdfc43646a2af1059a7060b677c2e11b26f34f" xmlns:xmpp="urn:xmpp:xbosh" xmpp:version="1.0"/>
+Ruby-BOSH - SEND
+<body rid="60268" xmlns="http://jabber.org/protocol/httpbind" sid="24cdfc43646a2af1059a7060b677c2e11b26f34f" xmlns:xmpp="urn:xmpp:xbosh" xmpp:version="1.0"><iq type="set" xmlns="jabber:client" id="bind_29330"><bind xmlns="urn:ietf:params:xml:ns:xmpp-bind"><resource>bosh_9631</resource></bind></iq></body>
+Ruby-BOSH - SEND
+<body rid="60269" xmlns="http://jabber.org/protocol/httpbind" sid="24cdfc43646a2af1059a7060b677c2e11b26f34f" xmlns:xmpp="urn:xmpp:xbosh" xmpp:version="1.0"><iq type="set" xmlns="jabber:client" id="sess_21557"><session xmlns="urn:ietf:params:xml:ns:xmpp-session"/></iq></body>
+=> ["guest@vagrant-debian-squeeze.vagrantup.com", "24cdfc43646a2af1059a7060b677c2e11b26f34f", 60270]
@@ -0,0 +1,115 @@
+Setup Noosfero to use HTTPS
+===========================
+
+This document assumes that you have a fully and clean Noosfero
+installation as explained at the `INSTALL.md` file.
+
+SSL certificate
++++++++++++++++
+
+You should get a valid SSL certificate, but if you want to test
+your setup before, you could generate a self-signed certificate
+as below:
+
+    # mkdir /etc/noosfero/ssl
+    # cd /etc/noosfero/ssl
+	  # openssl genrsa 1024 > noosfero.key
+    # openssl req -new -x509 -nodes -sha1 -days $[10*365] -key noosfero.key > noosfero.cert
+    # cat noosfero.key noosfero.cert > noosfero.pem
+
+There are two ways of using SSL with Noosfero: 1) If you are not using
+Varnish; and 2) If you are using Varnish.
+
+1) If you are are not using Varnish
++++++++++++++++++++++++++++++++++++
+
+Simply do a redirect in apache to force all connections with SSL:
+
+  <VirtualHost *:8080>
+    ServerName test.stoa.usp.br
+   
+    Redirect / https://example.com/
+  </VirtualHost>
+
+And set a vhost to receive then:
+
+  <VirtualHost *:443>
+    ServerName example.com
+   
+    SSLEngine On
+    SSLCertificateFile    /etc/ssl/certs/cert.pem
+    SSLCertificateKeyFile /etc/ssl/private/cert.key
+   
+    Include /etc/noosfero/apache/virtualhost.conf
+  </VirtualHost>
+
+Be aware that if you had configured varnish, the requests won't reach
+it with this configuration.
+
+2) If you are using Varnish
++++++++++++++++++++++++++++
+
+Varnish isn't able to communicate with the SSL protocol, so we will
+need some one who do this and Pound[1] can do the job. In order to
+install it in Debian based systems:
+
+  $ sudo apt-get install pound
+
+Set Varnish to listen in other port than 80:
+
+/etc/defaults/varnish
+---------------------
+
+  DAEMON_OPTS="-a localhost:6081 \
+               -T localhost:6082 \ 
+               -f /etc/varnish/default.vcl \ 
+               -S /etc/varnish/secret \ 
+               -s file,/var/lib/varnish/$INSTANCE/varnish_storage.bin,1G"
+
+Configure Pound:
+
+    # cp /usr/share/noosfero/etc/pound.cfg /etc/pound/
+
+Edit /etc/pound.cfg and set the IP and domain of your server.
+
+Configure Pound to start at system initialization:
+
+/etc/default/pound
+------------------
+
+  startup=1
+
+Set Apache to only listen to localhost:
+
+/etc/apache2/ports.conf
+-----------------------
+
+  Listen 127.0.0.1:8080
+
+Restart the services:
+
+  $ sudo service apache2 restart
+  $ sudo service varnish restart
+
+Start pound:
+
+  $ sudo service pound start
+
+[1] http://www.apsis.ch/pound
+
+Noosfero XMPP chat
+++++++++++++++++++
+
+If you want to use chat over HTTPS, then you should add the domain
+and IP of your server in the /etc/hosts file, example:
+
+/etc/hosts
+----------
+
+  192.168.1.86	mydomain.example.com
+
+Also, it's recomended that you remove lines above from the file
+`/etc/apache2/sites-enabled/noosfero`:
+
+    RewriteEngine On
+    Include /usr/share/noosfero/util/chat/apache/xmpp.conf
@@ -24,10 +24,6 @@ Install the RPAF apache module (or skip this step if not using apache):
  
 3b) Edit `/etc/apache2/sites-enabled/*`, and change `<VirtualHost *:80>` to `<VirtualHost *:8080>`
  
-3c) Restart apache
-
-    # invoke-rc.d apache2 restart
-
 4) Varnish configuration
  
 4a) Edit `/etc/default/varnish`
@@ -44,10 +40,6 @@ On manual installations, change `/etc/noosfero/*` to `{Rails.root}/etc/noosfero/
  
 **NOTE**: it is very important that the `*.vcl` files are included in that order, i.e. *first* include `varnish-noosfero.vcl`, and *after* `noosfero-accept-language.cvl`.
  
-4c) Restart Varnish
-
-    # invoke-rc.d varnish restart
-
 5) Enable varnish logging:
  
 5a) Edit `/etc/default/varnishncsa` and uncomment the line that contains:
@@ -56,8 +48,10 @@ On manual installations, change `/etc/noosfero/*` to `{Rails.root}/etc/noosfero/
  
 The varnish log will be written to `/var/log/varnish/varnishncsa.log` in an apache-compatible format. You should change your statistics generation software (e.g. awstats) to use that instead of apache logs.
  
-5b) Restart Varnish Logging service
+Thanks to Cosimo Streppone for varnish-accept-language. See http://github.com/cosimo/varnish-accept-language for more information.
  
-    # invoke-rc.d varnishncsa restart
+6) Restart services
  
-Thanks to Cosimo Streppone for varnish-accept-language. See http://github.com/cosimo/varnish-accept-language for more information.
+    # service apache2 restart
+    # service varnish restart
+    # service varnishncsa restart
@@ -248,12 +248,15 @@ class CmsController &lt; MyProfileController
     end.compact unless params[:marked_groups].nil?
     if request.post?
       @failed = {}
+      if @marked_groups.empty?
+        return session[:notice] = _("Select some group to publish your article")
+      end
       @marked_groups.each do |item|
         task = ApproveArticle.create!(:article => @article, :name => item[:name], :target => item[:group], :requestor => profile)
         begin
           task.finish unless item[:group].moderated_articles?
         rescue Exception => ex
-           @failed[ex.message] ? @failed[ex.message] << item[:group].name : @failed[ex.message] = [item[:group].name]
+          @failed[ex.message] ? @failed[ex.message] << item[:group].name : @failed[ex.message] = [item[:group].name]
         end
       end
       if @failed.blank?
@@ -11,7 +11,7 @@ class FriendsController &lt; MyProfileController
   def remove
     @friend = profile.friends.find(params[:id])
     if request.post? && params[:confirmation]
-      profile.remove_friend(@friend)
+      Friendship.remove_friendship(profile, @friend)
       redirect_to :action => 'index'
     end
   end
@@ -7,9 +7,9 @@ class MembershipsController &lt; MyProfileController
       ra = profile.role_assignments.find_by_role_id(role.id)
       ra.present? && ra.resource_type == 'Profile'
     end
-    @filter = params[:filter_type].blank? ? nil : params[:filter_type]
+    @filter = params[:filter_type].to_i
     begin
-      @memberships = @filter.nil? ? profile.memberships : profile.memberships_by_role(environment.roles.find(@filter))
+      @memberships = @filter.zero? ? profile.memberships : profile.memberships_by_role(environment.roles.find(@filter))
     rescue ActiveRecord::RecordNotFound
       @memberships = []
     end
@@ -31,8 +31,8 @@ class ContentViewerController &lt; ApplicationController
  
     if request.post? && @page.forum?
       process_forum_terms_of_use(user, params[:terms_accepted])
-    elsif is_a_forum_topic?(@page)
-      redirect_to @page.parent.url unless @page.parent.agrees_with_terms?(user)
+    elsif is_a_forum_topic?(@page) && !@page.parent.agrees_with_terms?(user)
+      redirect_to @page.parent.url
       return
     end
  
@@ -671,7 +671,7 @@ module ApplicationHelper
  
   def theme_javascript_ng
     script = File.join(theme_path, 'theme.js')
-    if File.join(Rails.root, 'public', script)
+    if File.exists?(File.join(Rails.root, 'public', script))
       javascript_include_tag script
     else
       nil
@@ -2,7 +2,7 @@ require &#39;hpricot&#39;
  
 class Article < ActiveRecord::Base
  
-  attr_accessible :name, :body, :abstract, :profile, :tag_list, :parent, :allow_members_to_edit, :translation_of_id, :language, :license_id, :parent_id, :display_posts_in_current_language, :category_ids, :posts_per_page, :moderate_comments, :accept_comments, :feed, :published, :source, :highlighted, :notify_comments, :display_hits, :slug, :external_feed_builder, :display_versions, :external_link
+  attr_accessible :name, :body, :abstract, :profile, :tag_list, :parent, :allow_members_to_edit, :translation_of_id, :language, :license_id, :parent_id, :display_posts_in_current_language, :category_ids, :posts_per_page, :moderate_comments, :accept_comments, :feed, :published, :source, :highlighted, :notify_comments, :display_hits, :slug, :external_feed_builder, :display_versions, :external_link, :image_builder
  
   acts_as_having_image
  
@@ -15,4 +15,9 @@ class Friendship &lt; ActiveRecord::Base
     Friendship.update_cache_counter(:friends_count, friendship.person, -1)
     Friendship.update_cache_counter(:friends_count, friendship.friend, -1)
   end
+
+  def self.remove_friendship(person1, person2)
+    person1.remove_friend(person2)
+    person2.remove_friend(person1)
+  end
 end
@@ -82,7 +82,7 @@ class PersonNotifier
       @url = @profile.environment.top_url
       mail(
         content_type: "text/html",
-        from: "#{@profile.environment.name} <#{@profile.environment.contact_email}>",
+        from: "#{@profile.environment.name} <#{@profile.environment.noreply_email}>",
         to: @profile.email,
         subject: _("[%s] Network Activity") % [@profile.environment.name]
       )
@@ -6,6 +6,8 @@ class SlideshowBlock &lt; Block
   settings_items :navigation, :type => 'boolean', :default => false
   settings_items :image_size, :type => 'string', :default => 'thumb'
  
+  attr_accessible :gallery_id, :image_size, :interval, :shuffle, :navigation
+
   def self.description
     _('Slideshow')
   end
@@ -25,7 +25,9 @@
   <div id='article-full-path'>
     <strong><%= _('Current folder: ') %></strong>
     <%= link_to profile.identifier, :action => 'index' %>
-    <%= @article.hierarchy.map {|item| " / " + ((item == @article) ? item.name : link_to(item.slug, :id => item.id)) } %>
+    <% @article.hierarchy.each do |item| %>
+      <%= " / " + ((item == @article) ? item.name.html_safe : link_to(item.slug, :id => item.id).html_safe) %>
+    <% end %>
   </div>
 <% end %>
  
@@ -80,8 +80,8 @@
     </h3>
   <% end %>
  
-  <% if @page.accept_comments? && @comments.present? && @comments.count > 1 %>
-    <%= link_to(_('Post a comment'), '#', :class => 'display-comment-form', :id => 'top-post-comment-button', :onclick => "jQuery('#page-comment-form .display-comment-form').first().click();") %>
+  <% if @comments.present? && @comments.count > 1 %>
+    <%= link_to(_('Post a comment'), '#', :class => 'display-comment-form', :id => 'top-post-comment-button', :onclick => "jQuery('#page-comment-form .display-comment-form').first().click();") if @page.accept_comments? %>
  
     <%= hidden_field_tag("page_url", url_for(:controller=>'content_viewer', :action=>'view_page', :profile=>profile.identifier, :page => @page.explode_path)) %>
     <%= javascript_include_tag "comment_order.js" %>
@@ -90,12 +90,14 @@
         <%= select_tag 'comment_order', options_for_select({_('Oldest first')=>'oldest', _('Newest first')=>'newest'}, @comment_order) %>
       <% end %>
     </div>
+  <% end %>
  
-    <ul class="article-comments-list">
+  <ul class="article-comments-list">
+    <% if @comments.present? %>
       <%= render :partial => 'comment/comment', :collection => @comments %>
       <%= pagination_links @comments, :param_name => 'comment_page' %>
-    </ul>
-  <% end %>
+    <% end %>
+  </ul>
  
   <% if @page.accept_comments? %>
     <div id='page-comment-form' class='page-comment-form'><%= render :partial => 'comment/comment_form', :locals =>{:url => {:controller => :comment, :action => :create}, :display_link => true, :cancel_triggers_hide => true}%></div>
@@ -8,11 +8,12 @@
   <%= button :back, _('Go back'), :controller => 'profile_editor' %>
 <% end %>
  
-<% type_collection = [[nil, _('All')]] %>
+<% type_collection = [[0, _('All')]] %>
 <% type_collection += @roles.sort_by {|role| role.id}.map{|r| ["#{r.id}", r.name]} %>
  
+<%= javascript_include_tag "memberships_filter.js" %>
 <p>
-  <%= labelled_select(_('Filter')+': ', :filter_type, :first, :last, @filter,  type_collection, :onchange => 'document.location.href = "?filter_type="+this.value')%>
+  <%= labelled_select(_('Filter')+': ', :filter_type, :first, :last, @filter,  type_collection, :id => 'memberships_filter')%>
 </p>
  
 <% if @memberships.empty? %>
@@ -0,0 +1,30 @@
+class FixYamlEncoding < ActiveRecord::Migration
+  def self.up
+    fix_encoding(Block, 'settings')
+    fix_encoding(Product, 'data')
+    fix_encoding(Environment, 'settings')
+    fix_encoding(Profile, 'data')
+    fix_encoding(ActionTracker::Record, 'params')
+    fix_encoding(Article, 'setting')
+  end
+
+  def self.down
+    puts "Warning: cannot restore original encoding"
+  end
+
+  private
+
+  def self.fix_encoding(model, param)
+    result = model.find(:all, :conditions => "#{param} LIKE '%!binary%'")
+    puts "Fixing #{result.count} rows of #{model} (#{param})"
+    result.each {|r| r.update_column(param, deep_fix(r.send(param)).to_yaml)}
+  end
+
+  def self.deep_fix(hash)
+    hash.each do |value|
+      value.force_encoding('UTF-8') if value.is_a?(String) && !value.frozen? && value.encoding == Encoding::ASCII_8BIT
+      deep_fix(value) if value.respond_to?(:each)
+    end
+  end
+
+end
@@ -0,0 +1,44 @@
+LogLevel 1
+Alive    10
+Client   120
+TimeOut  300
+Control  "/var/run/pound/poundctl.socket"
+
+ListenHTTP
+  Address  192.168.1.86
+  Port     80
+  xHTTP    1
+  # uncomment code above if you are using chat
+  #Service
+  #  URL      "/http-bind.*"
+  #  Backend
+  #    Address  127.0.0.1
+  #    Port     5280
+  #  End
+  #End
+  Service
+    Redirect "https://mydomain.example.com"
+  End
+End
+
+ListenHTTPS
+  Address    192.168.1.86
+  Port       443
+  Cert       "/etc/noosfero/ssl/noosfero.pem"
+  Ciphers    "ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM"
+  xHTTP      1
+  # uncomment code above if you are using chat
+  #Service
+  #  URL      "/http-bind.*"
+  #  Backend
+  #    Address  127.0.0.1
+  #    Port     5280
+  #  End
+  #End
+  Service
+    BackEnd
+      Address  127.0.0.1
+      Port     6081
+    End
+  End
+End
@@ -15,7 +15,7 @@ Background:
   Scenario: deactive user
     When I follow "Deactivate user" within "tr[title='Joao Silva']"
     And I confirm the "Do you want to deactivate this user?" dialog
-    Then I should see "Activate user" within "tr[title='Joao Silva']"
+    Then the "tr[title='Joao Silva'] td.actions a.icon-activate-user" button should be enabled
  
   @selenium
   Scenario: activate user
@@ -23,7 +23,7 @@ Background:
     Given I confirm the "Do you want to deactivate this user?" dialog
     When I follow "Activate user" within "tr[title='Paulo Santos']"
     And I confirm the "Do you want to activate this user?" dialog
-    Then I should see "Deactivate user" within "tr[title='Paulo Santos']"
+    Then the "tr[title='Paulo Santos'] td.actions a.icon-deactivate-user" button should be enabled
  
   @selenium
   Scenario: remove user
@@ -36,7 +36,7 @@ Background:
   Scenario: admin user
     When I follow "Set admin role" within "tr[title='Joao Silva']"
     And I confirm the "Do you want to set this user as administrator?" dialog
-    Then I should see "Reset admin role" within "tr[title='Joao Silva']"
+    Then the "tr[title='Joao Silva'] td.actions a.icon-reset-admin-role" button should be enabled
  
   @selenium
   Scenario: unadmin user
@@ -44,4 +44,4 @@ Background:
     And I confirm the "Do you want to set this user as administrator?" dialog
     When I follow "Reset admin role" within "tr[title='Paulo Santos']"
     And I confirm the "Do you want to reset this user as administrator?" dialog
-    Then I should see "Set admin role" within "tr[title='Paulo Santos']"
+    Then the "tr[title='Paulo Santos'] td.actions a.icon-set-admin-role" button should be enabled
@@ -10,7 +10,7 @@ end
  
 # FIXME: 'DELETE FROM ...' is being ran 3x - see cucumber.log
 DatabaseCleaner.clean_with :truncation
-DatabaseCleaner.strategy = :truncation
+DatabaseCleaner.strategy = :truncation, {:pre_count => true, :reset_ids => false}
  
 Before do
   DatabaseCleaner.start
@@ -24,7 +24,7 @@ Dir.glob(Rails.root.join(plugins_root, &#39;*&#39;, &#39;controllers&#39;)) do |controllers_dir|
   end
  
   match 'plugin/' + plugin_name + '(/:action(/:id))', :controller => plugin_name + '_plugin'
-  match 'profile/:profile/plugin/' + plugin_name + '(/:action(/:id))', :controller => plugin_name + '_plugin_profile'
-  match 'myprofile/:profile/plugin/' + plugin_name + '(/:action(/:id))', :controller => plugin_name + '_plugin_myprofile'
+  match 'profile/:profile/plugin/' + plugin_name + '(/:action(/:id))', :controller => plugin_name + '_plugin_profile', :profile => /#{Noosfero.identifier_format}/
+  match 'myprofile/:profile/plugin/' + plugin_name + '(/:action(/:id))', :controller => plugin_name + '_plugin_myprofile', :profile => /#{Noosfero.identifier_format}/
   match 'admin/plugin/' + plugin_name + '(/:action(/:id))', :controller => plugin_name + '_plugin_admin'
 end
 @all_plugins = Dir.glob('plugins/*').map { |f| File.basename(f) } - ['template']
+@all_plugins.sort!
 @all_tasks = [:units, :functionals, :integration, :cucumber, :selenium]
  
 def enabled_plugins
@@ -110,7 +111,7 @@ def run_cucumber(profile, files)
   sh 'xvfb-run', 'ruby', '-S', 'cucumber', '--profile', profile.to_s, '--format', ENV['CUCUMBER_FORMAT'] || 'progress' , *files
 end
  
-def custom_run(name, files, run=:individually)
+def custom_run(name, files, run=:all)
   case run
   when :all
     run_test name, files
@@ -122,7 +123,7 @@ def custom_run(name, files, run=:individually)
   end
 end
  
-def run_tests(name, plugins, run=:individually)
+def run_tests(name, plugins, run=:all)
   plugins = Array(plugins)
   glob =  "plugins/{#{plugins.join(',')}}/test/#{task2folder(name)}/**/*.#{task2ext(name)}"
   files = Dir.glob(glob)
@@ -169,7 +170,7 @@ def test_sequence(plugins, tasks)
   fail 'There are broken tests to be fixed!' if fail_flag
 end
  
-def plugin_test_task(plugin, task, run=:individually)
+def plugin_test_task(plugin, task, run=:all)
   desc "Run #{task} tests for #{plugin_name(plugin)}"
   task task do
     test_sequence(plugin, task)
@@ -120,7 +120,7 @@ class DisplayContentBlock &lt; Block
     nodes_conditions = nodes.blank? ? '' : " AND articles.id IN(:nodes) "
     nodes_conditions += ' OR articles.parent_id IN(:nodes) ' if !nodes.blank? && display_folder_children
  
-    docs = owner.articles.find(:all, :conditions => ["articles.type IN(:types) #{nodes.blank? ? '' : nodes_conditions}", {:nodes => self.nodes, :types => self.types}], :include => :profile)
+    docs = owner.articles.find(:all, :conditions => ["articles.type IN(:types) #{nodes.blank? ? '' : nodes_conditions}", {:nodes => self.nodes, :types => self.types}], :include => [:profile, :image, :tags])
     proc do
       block.block_title(block.title) +
         content_tag('ul', docs.map {|item|
@@ -4,7 +4,7 @@ class PeopleBlockPluginProfileController &lt; ProfileController
  
   def members
     if is_cache_expired?(profile.members_cache_key(params))
-      if(params[:role_key])
+      unless params[:role_key].blank?
         role = Role.find_by_key_and_environment_id(params[:role_key], profile.environment)
         @members = profile.members.with_role(role.id).includes(relations_to_include).paginate(:per_page => members_per_page, :page => params[:npage])
         @members_title = role.name
@@ -34,7 +34,7 @@ class PeopleBlockPluginProfileControllerTest &lt; ActionController::TestCase
   attr_accessor :profile, :block, :admin, :member, :moderator
  
   should 'list members without role_key' do
-    get :members, :profile => profile.identifier
+    get :members, :profile => profile.identifier, :role_key => ""
     assert_response :success
     assert_template 'members'
     assert_equivalent [@admin, @member, @moderator], assigns(:members)
@@ -18,6 +18,8 @@ class RelevantContentPlugin::RelevantContentBlock &lt; Block
   settings_items :show_most_disliked,   :type => :boolean, :default => 0
   settings_items :show_most_voted,      :type => :boolean, :default => 1
  
+  attr_accessible :limit, :show_most_voted, :show_most_disliked, :show_most_liked, :show_most_commented, :show_most_read
+
   include ActionView::Helpers
   include Rails.application.routes.url_helpers
  
@@ -99,7 +99,7 @@ jQuery(function($) {
      },
  
      render_body_message: function(body) {
-        body = body.replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;').replace(/\r?\n/g, '<br>');
+        body = body.replace(/\r?\n/g, '<br>');
         body = $().emoticon(body);
         body = linkify(body, {
            callback: function(text, href) {
@@ -320,7 +320,7 @@ jQuery(function($) {
         var jid_id = Jabber.jid_to_id(jid);
         var name = Jabber.name_of(jid_id);
         create_conversation_tab(name, jid_id);
-        Jabber.show_message(jid, name, message.body, 'other', Strophe.getNodeFromJid(jid));
+        Jabber.show_message(jid, name, escape_html(message.body), 'other', Strophe.getNodeFromJid(jid));
         $.sound.play('/sounds/receive.wav');
         return true;
      },
@@ -336,7 +336,7 @@ jQuery(function($) {
         // is a message from another user, not mine
         else if ($own_name != name) {
            var jid = Jabber.rooms[Jabber.jid_to_id(message.from)][name];
-           Jabber.show_message(message.from, name, message.body, name, Strophe.getNodeFromJid(jid));
+           Jabber.show_message(message.from, name, escape_html(message.body), name, Strophe.getNodeFromJid(jid));
            $.sound.play('/sounds/receive.wav');
         }
         return true;
@@ -432,7 +432,7 @@ jQuery(function($) {
             .c('body').t(body).up()
             .c('active', {xmlns: Strophe.NS.CHAT_STATES});
         Jabber.connection.send(message);
-        Jabber.show_message(jid, $own_name, body, 'self', Strophe.getNodeFromJid(Jabber.connection.jid));
+        Jabber.show_message(jid, $own_name, escape_html(body), 'self', Strophe.getNodeFromJid(Jabber.connection.jid));
      },
  
      is_a_room: function(jid_id) {
@@ -632,6 +632,13 @@ jQuery(function($) {
       }
    }
  
+   function escape_html(body) {
+      return body
+        .replace(/&/g, '&amp;')
+        .replace(/</g, '&lt;')
+        .replace(/>/g, '&gt;');
+   }
+
 });
  
 function checkTime(i) {
@@ -0,0 +1,6 @@
+jQuery(document).ready(function($){
+  $("#memberships_filter").change(function(){
+    var filter = $(this).find("option:selected").val();
+    redirect_to('?filter_type=' + filter);
+  });
+});
@@ -1791,6 +1791,14 @@ class CmsControllerTest &lt; ActionController::TestCase
     assert_equal other_person, a.created_by
   end
  
+  should 'continue on the same page, when no group is selected' do
+    c = Community.create!(:name => 'test comm', :identifier => 'test_comm')
+    c.affiliate(profile, Profile::Roles.all_roles(c.environment.id))
+    article = profile.articles.create!(:name => 'something intresting', :body => 'ruby on rails')
+    post :publish, :profile => profile.identifier, :id => article.id, :marked_groups => {c.id.to_s => {}}
+    assert_template 'cms/publish'
+  end
+
   protected
  
   # FIXME this is to avoid adding an extra dependency for a proper JSON parser.
@@ -36,12 +36,12 @@ class FriendsControllerTest &lt; ActionController::TestCase
  
   should 'actually remove friend' do
     profile.add_friend(friend)
+    friend.add_friend(profile)
  
-    assert_difference 'Friendship.count', -1 do
+    assert_difference 'Friendship.count', -2 do
       post :remove, :id => friend.id, :confirmation => '1'
       assert_redirected_to :action => 'index'
     end
-    assert_equal friend, Profile.find(friend.id)
   end
  
   should 'display find people button' do
@@ -0,0 +1,37 @@
+require "#{File.dirname(__FILE__)}/../test_helper"
+
+class ManageFriendshipsTest < ActionController::IntegrationTest
+
+  def setup
+    FriendsController.any_instance.stubs(:get_layout).returns('application')
+    ProfileController.any_instance.stubs(:get_layout).returns('application')
+
+    Friendship.delete_all
+    Person.delete_all
+    @person = create_user("albert", :password => 'test',
+      :password_confirmation => 'test').person
+    @person.user.activate
+
+    @friend = fast_create(Person, :identifier => "isaac")
+
+    login(@person.identifier, 'test')
+  end
+
+  should 'remove friendships' do
+    @person.add_friend(@friend)
+    @friend.add_friend(@person)
+
+    get "/myprofile/#{@person.identifier}/friends/remove/#{@friend.id}"
+    assert_response :success
+
+    post "/myprofile/#{@person.identifier}/friends/remove/#{@friend.id}",
+      :confirmation => '1'
+    assert_response :redirect
+
+    follow_redirect!
+
+    assert assigns(:friends).empty?
+    assert !@person.is_a_friend?(@friend)
+    assert !@friend.is_a_friend?(@person)
+  end
+end
@@ -277,16 +277,4 @@ class ActionController::IntegrationTest
  
 end
  
-def with_constants(constants, &block)
-  old_constants = Hash.new
-  constants.each do |constant, val|
-    old_constants[constant] = Object.const_get(constant)
-    silence_stderr{ Object.const_set(constant, val) }
-  end
-  block.call
-  old_constants.each do |constant, val|
-    silence_stderr{ Object.const_set(constant, val) }
-  end
-end
-
 Profile
@@ -472,13 +472,13 @@ class ApplicationHelperTest &lt; ActionView::TestCase
     profile = mock
     profile.stubs(:theme).returns('some-theme')
     stubs(:profile).returns(profile)
-    with_constants :NOOSFERO_CONF => {'gravatar' => 'crazyvatar'} do
-      assert_equal gravatar_default, 'crazyvatar'
-    end
+
+    NOOSFERO_CONF.stubs(:[]).with('gravatar').returns('crazyvatar')
+    assert_equal gravatar_default, 'crazyvatar'
+
     stubs(:theme_option).returns('gravatar' => 'nicevatar')
-    with_constants :NOOSFERO_CONF => {'gravatar' => 'crazyvatar'} do
-      assert_equal gravatar_default, 'nicevatar'
-    end
+    NOOSFERO_CONF.stubs(:[]).with('gravatar').returns('nicevatar')
+    assert_equal gravatar_default, 'nicevatar'
   end
  
   should 'use theme passed via param when in development mode' do
@@ -142,7 +142,7 @@ class ExternalFeedTest &lt; ActiveSupport::TestCase
   should 'save hour when feed was fetched' do
     external_feed = create(:external_feed)
  
-    now = Time.parse('2009-01-23 09:35')
+    now = Time.zone.parse('2009-01-23 09:35')
     Time.stubs(:now).returns(now)
  
     external_feed.finish_fetch
@@ -58,4 +58,18 @@ class FriendshipTest &lt; ActiveSupport::TestCase
     assert_equal ['a'], ta.get_friend_name
   end
  
+  should 'remove friendships when a friend removal occurs' do
+    p1 = create_user('testuser1').person
+    p2 = create_user('testuser2').person
+    p1.add_friend(p2, 'friends')
+    p2.add_friend(p1, 'friends')
+
+    assert_difference 'Friendship.count', -2 do
+      Friendship.remove_friendship(p1, p2)
+    end
+
+    assert_not_includes p1.friends(true), p2
+    assert_not_includes p2.friends(true), p1
+  end
+
 end
@@ -3,13 +3,12 @@ require File.dirname(__FILE__) + &#39;/../test_helper&#39;
 class GoogleMapsTest < ActiveSupport::TestCase
  
   should 'provide initial_zoom setting' do
-    with_constants :NOOSFERO_CONF => {'googlemaps_initial_zoom' => 2} do
-      assert_equal 2, GoogleMaps.initial_zoom
-    end
+    NOOSFERO_CONF.stubs(:[]).with('googlemaps_initial_zoom').returns(2)
+    assert_equal 2, GoogleMaps.initial_zoom
   end
  
   should 'use 4 as default initial_zoom' do
-    GoogleMaps.stubs(:config).returns({})
+    NOOSFERO_CONF.stubs(:[]).with('googlemaps_initial_zoom').returns(nil)
     assert_equal 4, GoogleMaps.initial_zoom
   end
  
@@ -3,22 +3,22 @@ require File.dirname(__FILE__) + &#39;/../test_helper&#39;
 class MailConfTest < ActiveSupport::TestCase
  
   should 'enable if told to' do
-    NOOSFERO_CONF['mail_enabled'] = true
+    NOOSFERO_CONF.stubs(:[]).with('mail_enabled').returns(true)
     assert_equal true, MailConf.enabled?
   end
  
   should 'disable if told to' do
-    NOOSFERO_CONF['mail_enabled'] = false
+    NOOSFERO_CONF.stubs(:[]).with('mail_enabled').returns(false)
     assert_equal false, MailConf.enabled?
   end
  
   should 'disable by default' do
-    NOOSFERO_CONF['mail_enabled'] = nil
+    NOOSFERO_CONF.stubs(:[]).with('mail_enabled').returns(nil)
     assert_equal false, MailConf.enabled?
   end
  
   should 'provide webmail url preference' do
-    NOOSFERO_CONF['webmail_url'] = 'http://some.url/webmail/%s/%s'
+    NOOSFERO_CONF.stubs(:[]).with('webmail_url').returns('http://some.url/webmail/%s/%s')
     assert_equal 'http://some.url/webmail/login/example.com', MailConf.webmail_url('login', 'example.com')
   end
  
@@ -0,0 +1,74 @@
+%%%
+%%%     Noosfero ejabberd configuration file
+%%%     This config must be in UTF-8 encoding
+%%%
+
+{acl, admin, {user, "admin", "mydomain.example.com"}}.
+{hosts, ["mydomain.example.com"]}.
+
+{loglevel, 4}.
+{listen,
+ [
+  {5222, ejabberd_c2s, [
+			{access, c2s},
+			{shaper, c2s_shaper},
+			{max_stanza_size, 65536},
+			starttls, {certfile, "/etc/ejabberd/ejabberd.pem"}
+		       ]},
+  {5280, ejabberd_http, [
+			 http_bind,
+			 http_poll
+			]}
+ ]}.
+{max_fsm_queue, 1000}.
+{auth_method, odbc}.
+{odbc_server, "DSN=PostgreSQLEjabberdNoosfero"}.
+{shaper, normal, {maxrate, 10000000}}.
+{shaper, fast, {maxrate, 50000}}.
+{acl, local, {user_regexp, ""}}.
+{access, max_user_sessions, [{10, all}]}.
+{access, local, [{allow, local}]}.
+{access, c2s, [{deny, blocked},
+	       {allow, all}]}.
+{access, c2s_shaper, [{none, admin},
+		      {normal, all}]}.
+{access, announce, [{allow, admin}]}.
+{access, configure, [{allow, admin}]}.
+{access, muc_admin, [{allow, admin}]}.
+{access, muc, [{allow, all}]}.
+{access, pubsub_createnode, [{allow, all}]}.
+{language, "pt"}.
+{modules,
+ [
+  {mod_adhoc,    []},
+  {mod_announce, [{access, announce}]}, % requires mod_adhoc
+  {mod_caps,     []},
+  {mod_configure,[]}, % requires mod_adhoc
+  {mod_disco,    []},
+  {mod_last,     []},
+  {mod_muc,      [
+		  {access, muc},
+		  {access_create, muc},
+		  {access_persistent, muc},
+		  {access_admin, muc_admin},
+		  {max_users, 500},
+		  {default_room_options, [{anonymous, false}]}
+		 ]},
+  {mod_privacy_odbc,  []},
+  {mod_private_odbc,  []},
+  {mod_proxy65,  [
+		  {access, local},
+		  {shaper, c2s_shaper}
+		 ]},
+  {mod_roster_odbc,   []},
+  {mod_stats,    []},
+  {mod_time,     []},
+  {mod_vcard,    []},
+  {mod_http_bind,    []},
+  {mod_version,  []}
+ ]}.
+
+%%% Local Variables:
+%%% mode: erlang
+%%% End:
+%%% vim: set filetype=erlang tabstop=8:
@@ -0,0 +1,16 @@
+[PostgreSQLEjabberdNoosfero]
+Description      = PostgreSQL Noosfero ejabberd database
+Driver           = PostgreSQL Unicode
+Trace            = No
+TraceFile        = /tmp/psqlodbc.log
+Database         = noosfero
+Servername       = localhost
+UserName         = noosfero
+Password         = <copy the password present in the database.yml file>
+Port             =
+ReadOnly         = No
+RowVersioning    = No
+ShowSystemTables = No
+ShowOidColumn    = No
+FakeOidIndex     = No
+ConnSettings     = SET search_path TO ejabberd
@@ -0,0 +1,7 @@
+[PostgreSQL Unicode]
+Description = PostgreSQL ODBC driver (Unicode version)
+Driver      = /usr/lib/odbc/psqlodbcw.so
+Setup       = /usr/lib/odbc/libodbcpsqlS.so
+Debug       = 0
+CommLog     = 1
+UsageCount  = 3
1		-XMPP/Chat Client Setup
2		-======================
	1	+XMPP/Chat Setup
	2	+===============
3	3
4		-To configure XMPP/BOSH in Noosfero you need:
	4	+The samples of config file to configure a XMPP/BOSH server with ejabberd,
	5	+postgresql and apache2 can be found at util/chat directory.
5	6
6		-* REST Client - http://github.com/archiloque/rest-client
7		-* SystemTimer - http://ph7spot.com/musings/system-timer
8		-* Pidgin data files - http://www.pidgin.im/
	7	+This setup supposes that you are using Noosfero installed via Debian package
	8	+in a production environment.
9	9
10		-If you use Debian 6.0 (squeeze):
11		-
12		- # apt-get install librestclient-ruby pidgin-data ruby1.8-dev
13		- # gem install SystemTimer
14		-
15		-The samples of config file to configure a XMPP/BOSH server with ejabberd, postgresql and apache2 can be found at util/chat directory.
16		-
17		-XMPP/Chat Server Setup
18		-======================
	10	+Steps
	11	+=====
19	12
20	13	This is a step-by-step guide to get a XMPP service working, in a Debian system.
21	14
22	15	## 1. Install the required packages
23	16
24		- # apt-get install ejabberd odbc-postgresql
	17	+ # apt-get install ejabberd odbc-postgresql librestclient-ruby pidgin-data ruby1.8-dev
	18	+ # gem install SystemTimer
25	19
26	20	## 2. Ejabberd configuration
27	21
28		-All the following changes must be done in config file: `/etc/ejabberd/ejabberd.cfg`
29		-
30		-### 2.1. Set the default admin user
31		-
32		- { acl, admin, { user, "john", "www.example.com" } }.
33		- { acl, admin, { user, "bart", "www.example.com" } }.
34		-
35		-### 2.2. Set the default host
36		-
37		- { hosts, [ "www.example.com" ] }.
38		-
39		-### 2.3. Http-Bind activation
40		-
41		- { 5280, ejabberd_http, [
42		- http_bind,
43		- web_admin
44		- ]
45		- }
46		-
47		- (...)
48		-
49		- { modules, [
50		- {mod_http_bind, []},
51		- ...
52		- ] }.
53		-
54		-Ejabberd creates semi-anonymous rooms by default, but Noosfero's Jabber client needs non-anonymous room, then we need to change default params of creation rooms in ejabberd to create non-anonymous rooms.
55		-
56		-In non-anonymous rooms the jabber service sends the new occupant's full JID to all occupants in the room [[1]].
	22	+ # cp /usr/share/noosfero/util/chat/ejabberd.cfg /etc/ejabberd/
57	23
58		-Add option "`{default_room_options, [{anonymous, false}]}`" to `/etc/ejabberd/ejabberd.cfg` in mod_muc session. See below:
	24	+Edit the /etc/ejabberd/ejabberd.cfg file and set your domain on the first 2 lines.
59	25
60		- { mod_muc, [
61		- %%{host, "conference.@HOST@"},
62		- {access, muc},
63		- {access_create, muc},
64		- {access_persistent, muc},
65		- {access_admin, muc_admin},
66		- {max_users, 500},
67		- {default_room_options, [{anonymous, false}]}
68		- ]},
69		-
70		-[1]: http://xmpp.org/extensions/xep-0045.html#enter-nonanon
71		-
72		-
73		-### 2.4. Authentication method
74		-
75		-To use Postgresql through ODBC, the following modifications must be done:
76		-
77		- * Disable the default method:
78		- `{auth_method, internal}.`
79		-
80		- * Enable autheticantion through ODBC:
81		- `{auth_method, odbc}.`
	26	+## 3. Configuring Postgresql
82	27
83		- * Set database server name
84		- `{odbc_server, "DSN=PostgreSQLEjabberdNoosfero"}.`
	28	+Give permission to noosfero user create new roles, login as
	29	+postgres user and execute:
85	30
	31	+ $ psql
	32	+ postgres=# GRANT CREATE ON DATABASE noosfero TO noosfero;
86	33
87		-### 2.5. Increase the shaper traffic limit
	34	+Change the postgresql authentication method to md5 instead of ident,
	35	+add the following line to the file /etc/postgresql/8.4/main/pg_hba.conf:
88	36
89		- { shaper, normal, { maxrate, 10000000 } }.
	37	+ # Noosfero user
	38	+ local noosfero noosfero md5
90	39
	40	+(add this line before the following line)
91	41
92		-### 2.6. Disable unused modules
	42	+ # "local" is for Unix domain socket connections only
	43	+ local all all ident
93	44
94		-Unused modules can be disabled, for example:
	45	+Restart postgresql server:
95	46
96		- * s2s
97		- * web_admin
98		- * mod_pubsub
99		- * mod_irc
100		- * mod_offline
101		- * mod_admin_extra
102		- * mod_register
	47	+ # service postgresql restart
103	48
	49	+Login as noosfero user, and execute:
104	50
105		-### 2.7. Enable ODBC modules
	51	+ $ psql -U noosfero -W noosfero < /usr/share/noosfero/util/chat/postgresql/ejabberd.sql
106	52
107		- * mod_privacy -> mod_privacy_odbc
108		- * mod_private -> mod_private_odbc
109		- * mod_roster -> mod_roster_odbc
	53	+(see database password in the /etc/noosfero/database.yml file)
110	54
111		-## 3. Configuring Postgresql
	55	+This will create a new schema inside the noosfero database, called `ejabberd`.
112	56
113		-Login as noosfero user, and execute:
	57	+Note that there should be at least one domain with `is_default = true` in
	58	+`domains` table, otherwise people won't be able to see their friends online.
114	59
115		- $ psql noosfero < /path/to/noosfero/util/chat/postgresql/ejabberd.sql
	60	+## 4. ODBC configuration
116	61
117		-Where `noosfero` may need to be replace by the name of the database used for Noosfero.
	62	+Create the following files:
118	63
119		-This will create a new schema inside the noosfero database, called `ejabberd`.
	64	+ # cp /usr/share/noosfero/util/chat/odbc.ini /etc/
	65	+ # cp /usr/share/noosfero/util/chat/odbcinst.ini /etc/
120	66
121		-Note `noosfero` user should have permission to create Postgresql schemas. Also, there should be at least one domain with `is_default = true` in `domains` table, otherwise people won't be able to see their friends online.
	67	+Edit the odbc.ini file and set the password for the database user, see
	68	+the file /etc/noosfero/database.yml to get the password.
122	69
123		-## 4. ODBC configuration
	70	+Adjust premissions:
124	71
125		-The following files must be created:
126		-
127		-`/etc/odbc.ini`:
128		-
129		- [PostgreSQLEjabberdNoosfero]
130		- Description = PostgreSQL Noosfero ejabberd database
131		- Driver = PostgreSQL Unicode
132		- Trace = No
133		- TraceFile = /tmp/psqlodbc.log
134		- Database = noosfero
135		- Servername = localhost
136		- UserName = <DBUSER>
137		- Password = <DBPASS>
138		- Port =
139		- ReadOnly = No
140		- RowVersioning = No
141		- ShowSystemTables = No
142		- ShowOidColumn = No
143		- FakeOidIndex = No
144		- ConnSettings = SET search_path TO ejabberd
145		-
146		-`/etc/odbcinst.ini`:
147		-
148		- [PostgreSQL Unicode]
149		- Description = PostgreSQL ODBC driver (Unicode version)
150		- Driver = /usr/lib/odbc/psqlodbcw.so
151		- Setup = /usr/lib/odbc/libodbcpsqlS.so
152		- Debug = 0
153		- CommLog = 1
154		- UsageCount = 3
	72	+ # chmod 640 /etc/odbc.ini
	73	+ # chown ejabberd /etc/odbc.ini
155	74
156	75	## 4.1 testing all:
157	76
...	...	@@ -159,7 +78,6 @@ The following files must be created:
159	78
160	79	If the configuration was done right, the message "Connected!" will be displayed.
161	80
162		-
163	81	## 5. Enabling kernel polling and SMP in `/etc/default/ejabberd`
164	82
165	83	POLL=true
...	...	@@ -205,32 +123,45 @@ Note: module proxy_http must be enabled:
205	123
206	124	# a2enmod proxy_http
207	125
208		-## 8. DNS configuration
	126	+Restart services:
209	127
210		-For this point, we assume you are using BIND as your DNS server. You need to add the following entries to the DNS zone file corresponding to the domain of your noosfero site:
	128	+ # service ejabberd restart
	129	+ # service noosfero restart
	130	+ # service apache2 restart
211	131
212		- _xmpp-client._tcp SRV 5 100 5222 master
213		- conference CNAME master
214		- _xmpp-client._tcp.conference SRV 5 100 5222 master
	132	+## 8. Test Apache Configuration
215	133
216		-If you are running a DNS server other than BIND, you will have to figure out how to create equivalente rules for your zone file. Patches to this documentation are welcome.
	134	+Open in your browser the address:
217	135
218		-## 9. Testing this Setup
	136	+ http://<yout domain>/http-bind
219	137
220		-Adjust shell limits to proceed with some benchmarks and load tests:
	138	+You should see a page with a message like that:
221	139
222		- # ulimit −s 256
223		- # ulimit −n 8192
224		- # echo 10 > /proc/sys/net/ipv4/tcp_syn_retries
	140	+ ejabberd mod_http_bind
	141	+ An implementation of XMPP over BOSH (XEP-0206)
	142	+ This web page is only informative. To use HTTP-Bind you need a Jabber/XMPP
	143	+ client that supports it.
225	144
226		-To measure the bandwidth between server and client:
	145	+## 9. Test chat session
227	146
228		- * at server side:
229		- `# iperf −s`
	147	+Open Noosfero console and execute:
230	148
231		- * at client side:
232		- `# iperf −c server_ip`
	149	+>> environment = Environment.default
	150	+>> user = Person['guest']
	151	+>> password = user.user.crypted_password
	152	+>> login = user.jid
	153	+>> RubyBOSH.initialize_session(login, password, "http://#{environment.default_hostname}/http-bind", :wait => 30, :hold => 1, :window => 5
233	154
234		-For heavy load tests, clone and use this software:
	155	+If you have luck, should see something like that:
235	156
236		- $ git clone http://git.holoscopio.com/git/metal/tester.git
	157	+Ruby-BOSH - SEND
	158	+<body window="5" rid="60265" xmlns="http://jabber.org/protocol/httpbind" xmlns:xmpp="urn:xmpp:xbosh" to="vagrant-debian-squeeze.vagrantup.com" wait="30" xmpp:version="1.0" hold="1"/>
	159	+Ruby-BOSH - SEND
	160	+<body rid="60266" xmlns="http://jabber.org/protocol/httpbind" sid="24cdfc43646a2af1059a7060b677c2e11b26f34f" xmlns:xmpp="urn:xmpp:xbosh" xmpp:version="1.0"><auth mechanism="PLAIN" xmlns="urn:ietf:params:xml:ns:xmpp-sasl">Z3Vlc3RAdmFncmFudC1kZWJpYW4tc3F1ZWV6ZS52YWdyYW50dXAuY29tAGd1ZXN0ADEzZTFhYWVlYjRhYjZlMTA0MmRkNWI1YWY0MzM4MjA1OGJiOWZmNzk=</auth></body>
	161	+Ruby-BOSH - SEND
	162	+<body xmpp:restart="true" rid="60267" xmlns="http://jabber.org/protocol/httpbind" sid="24cdfc43646a2af1059a7060b677c2e11b26f34f" xmlns:xmpp="urn:xmpp:xbosh" xmpp:version="1.0"/>
	163	+Ruby-BOSH - SEND
	164	+<body rid="60268" xmlns="http://jabber.org/protocol/httpbind" sid="24cdfc43646a2af1059a7060b677c2e11b26f34f" xmlns:xmpp="urn:xmpp:xbosh" xmpp:version="1.0"><iq type="set" xmlns="jabber:client" id="bind_29330"><bind xmlns="urn:ietf:params:xml:ns:xmpp-bind"><resource>bosh_9631</resource></bind></iq></body>
	165	+Ruby-BOSH - SEND
	166	+<body rid="60269" xmlns="http://jabber.org/protocol/httpbind" sid="24cdfc43646a2af1059a7060b677c2e11b26f34f" xmlns:xmpp="urn:xmpp:xbosh" xmpp:version="1.0"><iq type="set" xmlns="jabber:client" id="sess_21557"><session xmlns="urn:ietf:params:xml:ns:xmpp-session"/></iq></body>
	167	+=> ["guest@vagrant-debian-squeeze.vagrantup.com", "24cdfc43646a2af1059a7060b677c2e11b26f34f", 60270]
...	...
...	...	@@ -0,0 +1,115 @@
	1	+Setup Noosfero to use HTTPS
	2	+===========================
	3	+
	4	+This document assumes that you have a fully and clean Noosfero
	5	+installation as explained at the `INSTALL.md` file.
	6	+
	7	+SSL certificate
	8	++++++++++++++++
	9	+
	10	+You should get a valid SSL certificate, but if you want to test
	11	+your setup before, you could generate a self-signed certificate
	12	+as below:
	13	+
	14	+ # mkdir /etc/noosfero/ssl
	15	+ # cd /etc/noosfero/ssl
	16	+ # openssl genrsa 1024 > noosfero.key
	17	+ # openssl req -new -x509 -nodes -sha1 -days $[10*365] -key noosfero.key > noosfero.cert
	18	+ # cat noosfero.key noosfero.cert > noosfero.pem
	19	+
	20	+There are two ways of using SSL with Noosfero: 1) If you are not using
	21	+Varnish; and 2) If you are using Varnish.
	22	+
	23	+1) If you are are not using Varnish
	24	++++++++++++++++++++++++++++++++++++
	25	+
	26	+Simply do a redirect in apache to force all connections with SSL:
	27	+
	28	+ <VirtualHost *:8080>
	29	+ ServerName test.stoa.usp.br
	30	+
	31	+ Redirect / https://example.com/
	32	+ </VirtualHost>
	33	+
	34	+And set a vhost to receive then:
	35	+
	36	+ <VirtualHost *:443>
	37	+ ServerName example.com
	38	+
	39	+ SSLEngine On
	40	+ SSLCertificateFile /etc/ssl/certs/cert.pem
	41	+ SSLCertificateKeyFile /etc/ssl/private/cert.key
	42	+
	43	+ Include /etc/noosfero/apache/virtualhost.conf
	44	+ </VirtualHost>
	45	+
	46	+Be aware that if you had configured varnish, the requests won't reach
	47	+it with this configuration.
	48	+
	49	+2) If you are using Varnish
	50	++++++++++++++++++++++++++++
	51	+
	52	+Varnish isn't able to communicate with the SSL protocol, so we will
	53	+need some one who do this and Pound[1] can do the job. In order to
	54	+install it in Debian based systems:
	55	+
	56	+ $ sudo apt-get install pound
	57	+
	58	+Set Varnish to listen in other port than 80:
	59	+
	60	+/etc/defaults/varnish
	61	+---------------------
	62	+
	63	+ DAEMON_OPTS="-a localhost:6081 \
	64	+ -T localhost:6082 \
	65	+ -f /etc/varnish/default.vcl \
	66	+ -S /etc/varnish/secret \
	67	+ -s file,/var/lib/varnish/$INSTANCE/varnish_storage.bin,1G"
	68	+
	69	+Configure Pound:
	70	+
	71	+ # cp /usr/share/noosfero/etc/pound.cfg /etc/pound/
	72	+
	73	+Edit /etc/pound.cfg and set the IP and domain of your server.
	74	+
	75	+Configure Pound to start at system initialization:
	76	+
	77	+/etc/default/pound
	78	+------------------
	79	+
	80	+ startup=1
	81	+
	82	+Set Apache to only listen to localhost:
	83	+
	84	+/etc/apache2/ports.conf
	85	+-----------------------
	86	+
	87	+ Listen 127.0.0.1:8080
	88	+
	89	+Restart the services:
	90	+
	91	+ $ sudo service apache2 restart
	92	+ $ sudo service varnish restart
	93	+
	94	+Start pound:
	95	+
	96	+ $ sudo service pound start
	97	+
	98	+[1] http://www.apsis.ch/pound
	99	+
	100	+Noosfero XMPP chat
	101	+++++++++++++++++++
	102	+
	103	+If you want to use chat over HTTPS, then you should add the domain
	104	+and IP of your server in the /etc/hosts file, example:
	105	+
	106	+/etc/hosts
	107	+----------
	108	+
	109	+ 192.168.1.86 mydomain.example.com
	110	+
	111	+Also, it's recomended that you remove lines above from the file
	112	+`/etc/apache2/sites-enabled/noosfero`:
	113	+
	114	+ RewriteEngine On
	115	+ Include /usr/share/noosfero/util/chat/apache/xmpp.conf
...	...
...	...	@@ -24,10 +24,6 @@ Install the RPAF apache module (or skip this step if not using apache):
24	24
25	25	3b) Edit `/etc/apache2/sites-enabled/`, and change `<VirtualHost :80>` to `<VirtualHost *:8080>`
26	26
27		-3c) Restart apache
28		-
29		- # invoke-rc.d apache2 restart
30		-
31	27	4) Varnish configuration
32	28
33	29	4a) Edit `/etc/default/varnish`
...	...	@@ -44,10 +40,6 @@ On manual installations, change `/etc/noosfero/*` to `{Rails.root}/etc/noosfero/
44	40
45	41	NOTE: it is very important that the `.vcl` files are included in that order, i.e. first* include `varnish-noosfero.vcl`, and after `noosfero-accept-language.cvl`.
46	42
47		-4c) Restart Varnish
48		-
49		- # invoke-rc.d varnish restart
50		-
51	43	5) Enable varnish logging:
52	44
53	45	5a) Edit `/etc/default/varnishncsa` and uncomment the line that contains:
...	...	@@ -56,8 +48,10 @@ On manual installations, change `/etc/noosfero/*` to `{Rails.root}/etc/noosfero/
56	48
57	49	The varnish log will be written to `/var/log/varnish/varnishncsa.log` in an apache-compatible format. You should change your statistics generation software (e.g. awstats) to use that instead of apache logs.
58	50
59		-5b) Restart Varnish Logging service
	51	+Thanks to Cosimo Streppone for varnish-accept-language. See http://github.com/cosimo/varnish-accept-language for more information.
60	52
61		- # invoke-rc.d varnishncsa restart
	53	+6) Restart services
62	54
63		-Thanks to Cosimo Streppone for varnish-accept-language. See http://github.com/cosimo/varnish-accept-language for more information.
	55	+ # service apache2 restart
	56	+ # service varnish restart
	57	+ # service varnishncsa restart
...	...
...	...	@@ -248,12 +248,15 @@ class CmsController < MyProfileController
248	248	end.compact unless params[:marked_groups].nil?
249	249	if request.post?
250	250	@failed = {}
	251	+ if @marked_groups.empty?
	252	+ return session[:notice] = _("Select some group to publish your article")
	253	+ end
251	254	@marked_groups.each do \|item\|
252	255	task = ApproveArticle.create!(:article => @article, :name => item[:name], :target => item[:group], :requestor => profile)
253	256	begin
254	257	task.finish unless item[:group].moderated_articles?
255	258	rescue Exception => ex
256		- @failed[ex.message] ? @failed[ex.message] << item[:group].name : @failed[ex.message] = [item[:group].name]
	259	+ @failed[ex.message] ? @failed[ex.message] << item[:group].name : @failed[ex.message] = [item[:group].name]
257	260	end
258	261	end
259	262	if @failed.blank?
...	...
...	...	@@ -11,7 +11,7 @@ class FriendsController < MyProfileController
11	11	def remove
12	12	@friend = profile.friends.find(params[:id])
13	13	if request.post? && params[:confirmation]
14		- profile.remove_friend(@friend)
	14	+ Friendship.remove_friendship(profile, @friend)
15	15	redirect_to :action => 'index'
16	16	end
17	17	end
...	...
...	...	@@ -7,9 +7,9 @@ class MembershipsController < MyProfileController
7	7	ra = profile.role_assignments.find_by_role_id(role.id)
8	8	ra.present? && ra.resource_type == 'Profile'
9	9	end
10		- @filter = params[:filter_type].blank? ? nil : params[:filter_type]
	10	+ @filter = params[:filter_type].to_i
11	11	begin
12		- @memberships = @filter.nil? ? profile.memberships : profile.memberships_by_role(environment.roles.find(@filter))
	12	+ @memberships = @filter.zero? ? profile.memberships : profile.memberships_by_role(environment.roles.find(@filter))
13	13	rescue ActiveRecord::RecordNotFound
14	14	@memberships = []
15	15	end
...	...
...	...	@@ -31,8 +31,8 @@ class ContentViewerController < ApplicationController
31	31
32	32	if request.post? && @page.forum?
33	33	process_forum_terms_of_use(user, params[:terms_accepted])
34		- elsif is_a_forum_topic?(@page)
35		- redirect_to @page.parent.url unless @page.parent.agrees_with_terms?(user)
	34	+ elsif is_a_forum_topic?(@page) && !@page.parent.agrees_with_terms?(user)
	35	+ redirect_to @page.parent.url
36	36	return
37	37	end
38	38
...	...
...	...	@@ -671,7 +671,7 @@ module ApplicationHelper
671	671
672	672	def theme_javascript_ng
673	673	script = File.join(theme_path, 'theme.js')
674		- if File.join(Rails.root, 'public', script)
	674	+ if File.exists?(File.join(Rails.root, 'public', script))
675	675	javascript_include_tag script
676	676	else
677	677	nil
...	...
...	...	@@ -2,7 +2,7 @@ require 'hpricot'
2	2
3	3	class Article < ActiveRecord::Base
4	4
5		- attr_accessible :name, :body, :abstract, :profile, :tag_list, :parent, :allow_members_to_edit, :translation_of_id, :language, :license_id, :parent_id, :display_posts_in_current_language, :category_ids, :posts_per_page, :moderate_comments, :accept_comments, :feed, :published, :source, :highlighted, :notify_comments, :display_hits, :slug, :external_feed_builder, :display_versions, :external_link
	5	+ attr_accessible :name, :body, :abstract, :profile, :tag_list, :parent, :allow_members_to_edit, :translation_of_id, :language, :license_id, :parent_id, :display_posts_in_current_language, :category_ids, :posts_per_page, :moderate_comments, :accept_comments, :feed, :published, :source, :highlighted, :notify_comments, :display_hits, :slug, :external_feed_builder, :display_versions, :external_link, :image_builder
6	6
7	7	acts_as_having_image
8	8
...	...
...	...	@@ -15,4 +15,9 @@ class Friendship < ActiveRecord::Base
15	15	Friendship.update_cache_counter(:friends_count, friendship.person, -1)
16	16	Friendship.update_cache_counter(:friends_count, friendship.friend, -1)
17	17	end
	18	+
	19	+ def self.remove_friendship(person1, person2)
	20	+ person1.remove_friend(person2)
	21	+ person2.remove_friend(person1)
	22	+ end
18	23	end
...	...