diff --git a/app/controllers/admin/admin_panel_controller.rb b/app/controllers/admin/admin_panel_controller.rb
index 0698de6..94e0160 100644
--- a/app/controllers/admin/admin_panel_controller.rb
+++ b/app/controllers/admin/admin_panel_controller.rb
@@ -1,7 +1,5 @@
 class AdminPanelController < AdminController
 
-  before_filter :login_required
-  
   protect 'view_environment_admin_panel', :environment
 
   def boxes_holder
diff --git a/app/controllers/admin/plugins_controller.rb b/app/controllers/admin/plugins_controller.rb
index d68a053..d75a701 100644
--- a/app/controllers/admin/plugins_controller.rb
+++ b/app/controllers/admin/plugins_controller.rb
@@ -1,4 +1,5 @@
 class PluginsController < AdminController
+  protect 'edit_environment_features', :environment
 
   def index
     @active_plugins = Noosfero::Plugin.all.map {|plugin_name| plugin_name.constantize }.compact
diff --git a/app/controllers/admin_controller.rb b/app/controllers/admin_controller.rb
index 809c220..c16f94a 100644
--- a/app/controllers/admin_controller.rb
+++ b/app/controllers/admin_controller.rb
@@ -1,3 +1,4 @@
 class AdminController < ApplicationController
   require_ssl
+  before_filter :login_required
 end
diff --git a/features/send_email_to_environment_members.feature b/features/send_email_to_environment_members.feature
index a3a108b..0140ff3 100644
--- a/features/send_email_to_environment_members.feature
+++ b/features/send_email_to_environment_members.feature
@@ -5,7 +5,7 @@ Feature: send emails to environment members users
   Scenario: Cant access if not logged in
     Given I am not logged in
     When I go to /admin/users/send_mail
-    Then I should see "Access denied"
+    Then I should be on login page
 
   Scenario: Cant access as normal user
     Given the following user
diff --git a/public/javascripts/application.js b/public/javascripts/application.js
index 438eb39..b447f0d 100644
--- a/public/javascripts/application.js
+++ b/public/javascripts/application.js
@@ -677,3 +677,18 @@ function original_image_dimensions(src) {
   img.src = src;
   return { 'width' : img.width, 'height' : img.height };
 }
+
+jQuery(function() {
+  jQuery("#ajax-form").before("<div id='ajax-form-loading-area' style='display:block;width:16px;height:16px;'></div>");
+  jQuery("#ajax-form").before("<div id='ajax-form-message-area'></div>");
+  jQuery("#ajax-form").ajaxForm({
+    beforeSubmit: function(a,f,o) {
+      jQuery('#ajax-form-message-area').html('');
+      o.loading = small_loading('ajax-form-loading-area');
+    },
+    success: function() {
+      loading_done('ajax-form-loading-area');
+    },
+    target: "#ajax-form-message-area"
+  })
+});
diff --git a/test/functional/admin_controller_test.rb b/test/functional/admin_controller_test.rb
index 0b9c562..d2508d7 100644
--- a/test/functional/admin_controller_test.rb
+++ b/test/functional/admin_controller_test.rb
@@ -25,6 +25,7 @@ class AdminControllerTest < Test::Unit::TestCase
   end
 
   should 'detect ssl' do
+    login_as 'ze'
     @request.expects(:ssl?).returns(true).at_least_once
     get :index
     assert_response :success
diff --git a/test/functional/cms_controller_test.rb b/test/functional/cms_controller_test.rb
index 5c23a39..e3e4750 100644
--- a/test/functional/cms_controller_test.rb
+++ b/test/functional/cms_controller_test.rb
@@ -16,6 +16,7 @@ class CmsControllerTest < Test::Unit::TestCase
 
     @profile = create_user_with_permission('testinguser', 'post_content')
     login_as :testinguser
+    @controller.stubs(:user).returns(@profile)
   end
 
   attr_reader :profile
@@ -614,7 +615,7 @@ class CmsControllerTest < Test::Unit::TestCase
   end
 
   should 'not make enterprise homepage available to person' do
-    @controller.stubs(:profile).returns(create_user('test_user').person)
+    @controller.stubs(:profile).returns(profile)
     assert_not_includes @controller.available_article_types, EnterpriseHomepage
   end
 
@@ -1278,6 +1279,7 @@ class CmsControllerTest < Test::Unit::TestCase
     c = Community.create!(:name => 'test_comm', :identifier => 'test_comm')
     u = create_user_with_permission('test_user', 'publish_content', c)
     login_as :test_user
+    @controller.stubs(:user).returns(u)
 
     get :new, :profile => c.identifier, :type => 'TinyMceArticle'
     assert_response :success
@@ -1311,6 +1313,7 @@ class CmsControllerTest < Test::Unit::TestCase
     u = create_user_with_permission('test_user', 'publish_content', c)
     a = c.articles.create!(:name => 'test_article', :last_changed_by => u)
     login_as :test_user
+    @controller.stubs(:user).returns(u)
 
     get :edit, :profile => c.identifier, :id => a.id
 
diff --git a/test/functional/users_controller_test.rb b/test/functional/users_controller_test.rb
index 1680e18..d2764c8 100644
--- a/test/functional/users_controller_test.rb
+++ b/test/functional/users_controller_test.rb
@@ -15,6 +15,8 @@ class UsersControllerTest < Test::Unit::TestCase
   end
 
   should 'not access without right permission' do
+    create_user('guest')
+    login_as 'guest'
     get :index
     assert_response 403 # forbidden
   end
--
libgit2 0.21.2