Merge branch 'merge-requests/282'

Rodrigo Souto
2 parents 38d06635 590e13de
Showing 37 changed files with 1993 additions and 681 deletions Show diff stats
app/controllers/public/comment_controller.rb
app/controllers/public/content_viewer_controller.rb
app/helpers/application_helper.rb
app/helpers/article_helper.rb
app/helpers/comment_helper.rb
app/helpers/content_viewer_helper.rb
app/models/approve_comment.rb
app/models/article.rb
app/models/comment.rb
app/models/task.rb
app/views/comment/_comment.rhtml
app/views/comment/_comment_form.rhtml
app/views/comment/edit.rhtml
app/views/content_viewer/_comment.rhtml
app/views/content_viewer/_comment_form.rhtml
app/views/content_viewer/edit_comment.html.erb
app/views/content_viewer/view_page.rhtml
app/views/layouts/application-ng.rhtml
app/views/spam/index.rhtml
app/views/tasks/_approve_comment_accept_details.rhtml
@@ -0,0 +1,164 @@
+class CommentController < ApplicationController
+
+  needs_profile
+
+  before_filter :can_update?, :only => [:edit, :update]
+
+  def create
+    begin
+      @page = profile.articles.find(params[:id])
+    rescue
+      @page = nil
+    end
+
+    # page not found, give error
+    if @page.nil?
+      respond_to do |format|
+        format.js do
+           render :json => { :msg => _('Page not found.')}
+         end
+       end
+      return
+    end
+
+    unless @page.accept_comments?
+      respond_to do |format|
+        format.js do
+           render :json => { :msg => _('Comment not allowed in this article')}
+         end
+       end
+      return
+    end
+
+    @comment = Comment.new(params[:comment])
+    @comment.author = user if logged_in?
+    @comment.article = @page
+    @comment.ip_address = request.remote_ip
+    @comment.user_agent = request.user_agent
+    @comment.referrer = request.referrer
+    @plugins.dispatch(:filter_comment, @comment)
+
+    if @comment.rejected?
+      respond_to do |format|
+        format.js do
+           render :json => { :msg => _('Comment was rejected')}
+         end
+       end
+      return
+    end
+
+    if !@comment.valid? || (not pass_without_comment_captcha? and not verify_recaptcha(:model => @comment, :message => _('Please type the words correctly')))
+      respond_to do |format|
+        format.js do
+          render :json => {
+             :render_target => 'form',
+             :html => render_to_string(:partial => 'comment_form', :object => @comment, :locals => {:comment => @comment, :display_link => true, :show_form => true})
+          }
+        end
+      end
+      return
+    end
+
+    if @comment.need_moderation?
+      @comment.created_at = Time.now
+      ApproveComment.create!(:requestor => @comment.author, :target => profile, :comment_attributes => @comment.attributes.to_json)
+
+      respond_to do |format|
+        format.js do
+          render :json => { :render_target => nil, :msg => _('Your comment is waiting for approval.') }
+        end
+      end
+      return
+    end
+
+    @comment.save
+
+    respond_to do |format|
+      format.js do
+        comment_to_render = @comment.comment_root
+        render :json => { 
+            :render_target => comment_to_render.anchor,
+            :html => render_to_string(:partial => 'comment', :locals => {:comment => comment_to_render, :display_link => true}),
+            :msg => _('Comment successfully created.')
+         }
+      end
+    end
+  end
+
+  def destroy
+    comment = profile.comments_received.find(params[:id])
+
+    if comment && comment.can_be_destroyed_by?(user) && comment.destroy
+      render :text => {'ok' => true}.to_json, :content_type => 'application/json'
+    else
+      session[:notice] = _("The comment was not removed.")
+      render :text => {'ok' => false}.to_json, :content_type => 'application/json'
+    end
+  end
+
+  def mark_as_spam
+    comment = profile.comments_received.find(params[:id])
+    if comment.can_be_marked_as_spam_by?(user)
+      comment.spam!
+      render :text => {'ok' => true}.to_json, :content_type => 'application/json'
+    else
+      session[:notice] = _("You couldn't mark this comment as spam.")
+      render :text => {'ok' => false}.to_json, :content_type => 'application/json'
+    end
+  end
+
+  def edit
+    render :partial => "comment_form", :locals => {:comment => @comment, :display_link => params[:reply_of_id].present?, :edition_mode => true, :show_form => true}
+  end
+
+  def update
+    if @comment.update_attributes(params[:comment])
+      respond_to do |format|
+        format.js do
+          comment_to_render = @comment.comment_root
+          render :json => {
+            :ok => true,
+            :render_target => comment_to_render.anchor,
+            :html => render_to_string(:partial => 'comment', :locals => {:comment => comment_to_render})
+          }
+        end
+      end
+    else
+     respond_to do |format|
+       format.js do
+         render :json => {
+           :ok => false,
+           :render_target => 'form',
+           :html => render_to_string(:partial => 'comment_form', :object => @comment, :locals => {:comment => @comment, :display_link => false, :edition_mode => true, :show_form => true})
+         }
+       end
+     end
+   end
+  end
+
+  def check_actions
+    comment = profile.comments_received.find(params[:id])
+    ids = @plugins.dispatch(:check_comment_actions, comment).collect do |action|
+      action.kind_of?(Proc) ? self.instance_eval(&action) : action
+    end.flatten.compact
+    render :json => {:ids => ids}
+  end
+
+  protected
+
+  def pass_without_comment_captcha?
+    logged_in? && !environment.enabled?('captcha_for_logged_users')
+  end
+  helper_method :pass_without_comment_captcha?
+
+  def can_update?
+    begin
+      @comment = profile.comments_received.find(params[:id])
+      raise ActiveRecord::RecordNotFound unless @comment.can_be_updated_by?(user) # Not reveal that the comment exists
+    rescue ActiveRecord::RecordNotFound
+      render_not_found
+      return
+    end
+  end
+
+end
@@ -2,8 +2,6 @@ class ContentViewerController &lt; ApplicationController
  
   needs_profile
  
-  before_filter :comment_author, :only => :edit_comment
-
   helper ProfileHelper
   helper TagsHelper
  
@@ -70,24 +68,8 @@ class ContentViewerController &lt; ApplicationController
  
     @form_div = params[:form]
  
-    if params[:comment] && params[:confirm] == 'true'
-      @comment = Comment.new(params[:comment])
-      if request.post? && @page.accept_comments?
-        add_comment
-      end
-    else
-      @comment = Comment.new
-    end
-
-    if request.post?
-      if params[:remove_comment]
-        remove_comment
-        return
-      elsif params[:mark_comment_as_spam]
-        mark_comment_as_spam
-        return
-      end
-    end
+    #FIXME see a better way to do this. It's not need to pass this variable anymore
+    @comment = Comment.new
  
     if @page.has_posts?
       posts = if params[:year] and params[:month]
@@ -125,81 +107,8 @@ class ContentViewerController &lt; ApplicationController
     end
   end
  
-  def edit_comment
-    path = params[:page].join('/')
-    @page = profile.articles.find_by_path(path)
-    @form_div = 'opened'
-    @comment = @page.comments.find_by_id(params[:id])
-    if @comment
-      if request.post?
-        begin
-          @comment.update_attributes(params[:comment])
-          session[:notice] = _('Comment succesfully updated')
-          redirect_to :action => 'view_page', :profile => profile.identifier, :page => @comment.article.explode_path
-        rescue
-          session[:notice] = _('Comment could not be updated')
-        end
-      end
-    else
-      redirect_to @page.view_url
-      session[:notice] = _('Could not find the comment in the article')
-    end
-  end
-
   protected
  
-  def add_comment
-    @comment.author = user if logged_in?
-    @comment.article = @page
-    @comment.ip_address = request.remote_ip
-    @comment.user_agent = request.user_agent
-    @comment.referrer = request.referrer
-    plugins_filter_comment(@comment)
-    return if @comment.rejected?
-    if (pass_without_comment_captcha? || verify_recaptcha(:model => @comment, :message => _('Please type the words correctly'))) && @comment.save
-      @page.touch
-      @comment = nil # clear the comment form
-      redirect_to :action => 'view_page', :profile => params[:profile], :page => @page.explode_path, :view => params[:view]
-    else
-      @form_div = 'opened' if params[:comment][:reply_of_id].blank?
-    end
-  end
-
-  def plugins_filter_comment(comment)
-    @plugins.each do |plugin|
-      plugin.filter_comment(comment)
-    end
-  end
-
-  def pass_without_comment_captcha?
-    logged_in? && !environment.enabled?('captcha_for_logged_users')
-  end
-  helper_method :pass_without_comment_captcha?
-
-  def remove_comment
-    @comment = @page.comments.find(params[:remove_comment])
-    if (user == @comment.author || user == @page.profile || user.has_permission?(:moderate_comments, @page.profile))
-      @comment.destroy
-    end
-    finish_comment_handling
-  end
-
-  def mark_comment_as_spam
-    @comment = @page.comments.find(params[:mark_comment_as_spam])
-    if logged_in? && (user == @page.profile || user.has_permission?(:moderate_comments, @page.profile))
-      @comment.spam!
-    end
-    finish_comment_handling
-  end
-
-  def finish_comment_handling
-    if request.xhr?
-      render :text => {'ok' => true}.to_json, :content_type => 'application/json'
-    else
-      redirect_to :action => 'view_page', :profile => params[:profile], :page => @page.explode_path, :view => params[:view]
-    end
-  end
-
   def per_page
     12
   end
@@ -223,13 +132,9 @@ class ContentViewerController &lt; ApplicationController
     end
   end
  
-  def comment_author
-    comment = Comment.find_by_id(params[:id])
-    if comment
-      render_access_denied if comment.author.blank? || comment.author != user
-    else
-      render_not_found
-    end
+  def pass_without_comment_captcha?
+    logged_in? && !environment.enabled?('captcha_for_logged_users')
   end
+  helper_method :pass_without_comment_captcha?
  
 end
@@ -30,6 +30,8 @@ module ApplicationHelper
  
   include AccountHelper
  
+  include CommentHelper
+
   include BlogHelper
  
   include ContentViewerHelper
@@ -1385,12 +1387,12 @@ module ApplicationHelper
   end
  
   def expirable_button(content, action, text, url, options = {})
-    options[:class] = "button with-text icon-#{action.to_s}"
+    options[:class] = ["button with-text icon-#{action.to_s}", options[:class]].compact.join(' ')
     expirable_content_reference content, action, text, url, options
   end
  
   def expirable_comment_link(content, action, text, url, options = {})
-    options[:class] = "comment-footer comment-footer-link comment-footer-hide"
+    options[:class] = ["comment-footer comment-footer-link comment-footer-hide", options[:class]].compact.join(' ')
     expirable_content_reference content, action, text, url, options
   end
  
@@ -35,7 +35,13 @@ module ArticleHelper
         'div',
         check_box(:article, :notify_comments) +
         content_tag('label', _('I want to receive a notification of each comment written by e-mail'), :for => 'article_notify_comments') +
-        observe_field(:article_accept_comments, :function => "$('article_notify_comments').disabled = ! $('article_accept_comments').checked") 
+        observe_field(:article_accept_comments, :function => "$('article_notify_comments').disabled = ! $('article_accept_comments').checked;$('article_moderate_comments').disabled = ! $('article_accept_comments').checked") 
+      ) +
+
+      content_tag(
+        'div',
+        check_box(:article, :moderate_comments) +
+        content_tag('label', _('I want to approve comments on this article'), :for => 'article_moderate_comments')
       ) +
  
       (article.can_display_hits? ?
@@ -0,0 +1,70 @@
+module CommentHelper
+
+  def article_title(article, args = {})
+    title = article.title
+    title = article.display_title if article.kind_of?(UploadedFile) && article.image?
+    title = content_tag('h1', h(title), :class => 'title')
+    if article.belongs_to_blog?
+      unless args[:no_link]
+        title = content_tag('h1', link_to(article.name, article.url), :class => 'title')
+      end
+      comments = ''
+      unless args[:no_comments] || !article.accept_comments
+        comments = (" - %s") % link_to_comments(article)
+      end
+      title << content_tag('span',
+        content_tag('span', show_date(article.published_at), :class => 'date') +
+        content_tag('span', [_(", by %s") % link_to(article.author_name, article.author_url)], :class => 'author') +
+        content_tag('span', comments, :class => 'comments'),
+        :class => 'created-at'
+      )
+    end
+    title
+  end
+
+  def comment_actions(comment)
+    url = url_for(:profile => profile.identifier, :controller => :comment, :action => :check_actions, :id => comment.id)
+    links = links_for_comment_actions(comment)
+    content_tag(:li, link_to(content_tag(:span, _('Contents menu')), '#', :onclick => "toggleSubmenu(this,'',#{links.to_json}); return false", :class => 'menu-submenu-trigger comment-trigger', :url => url), :class=> 'vcard') unless links.empty?
+  end
+
+  private
+
+  def links_for_comment_actions(comment)
+    actions = [link_for_report_abuse(comment), link_for_spam(comment), link_for_edit(comment), link_for_remove(comment)]
+    @plugins.dispatch(:comment_actions, comment).collect do |action|
+      actions << (action.kind_of?(Proc) ? self.instance_eval(&action) : action)
+    end
+    actions.flatten.compact
+  end
+
+  def link_for_report_abuse(comment)
+    if comment.author
+      report_abuse_link = report_abuse(comment.author, :comment_link, comment)
+      {:link => report_abuse_link} if report_abuse_link
+    end
+  end
+
+  def link_for_spam(comment)
+    if comment.can_be_marked_as_spam_by?(user)
+      if comment.spam?
+        {:link => link_to_function(_('Mark as NOT SPAM'), 'remove_comment(this, %s); return false;' % url_for(:profile => profile.identifier, :mark_comment_as_ham => comment.id).to_json, :class => 'comment-footer comment-footer-link comment-footer-hide')}
+      else
+        {:link => link_to_function(_('Mark as SPAM'), 'remove_comment(this, %s, %s); return false;' % [url_for(:profile => profile.identifier, :controller => 'comment', :action => :mark_as_spam, :id => comment.id).to_json, _('Are you sure you want to mark this comment as SPAM?').to_json], :class => 'comment-footer comment-footer-link comment-footer-hide')}
+      end
+    end
+  end
+
+  def link_for_edit(comment)
+    if comment.can_be_updated_by?(user)
+      {:link => expirable_comment_link(comment, :edit, _('Edit'), url_for(:profile => profile.identifier, :controller => :comment, :action => :edit, :id => comment.id),:class => 'colorbox')}
+    end
+  end
+
+  def link_for_remove(comment)
+    if comment.can_be_destroyed_by?(user)
+      {:link => link_to_function(_('Remove'), 'remove_comment(this, %s, %s); return false ;' % [url_for(:profile => profile.identifier, :controller => 'comment', :action => :destroy, :id => comment.id).to_json, _('Are you sure you want to remove this comment and all its replies?').to_json], :class => 'comment-footer comment-footer-link comment-footer-hide remove-children')}
+    end
+  end
+
+end
@@ -5,11 +5,9 @@ module ContentViewerHelper
  
   def number_of_comments(article)
     n = article.comments.without_spam.count
-    if n == 0
-     _('No comments yet')
-    else
-     n_('One comment', '<span class="comment-count">%{comments}</span> comments', n) % { :comments => n }
-    end
+    base_str = "<span class='comment-count hide'>#{n}</span>"
+    amount_str = n == 0 ? _('no comments yet') : (n == 1 ? _('One comment') : _('%s comments') % n)
+    base_str + "<span class='comment-count-write-out'>#{amount_str}</span>"
   end
  
   def article_title(article, args = {})
@@ -0,0 +1,104 @@
+class ApproveComment < Task
+  validates_presence_of :target_id
+
+  settings_items :comment_attributes, :closing_statment
+
+  validates_presence_of :comment_attributes
+
+  def comment
+    @comment ||= Comment.new(JSON.parse(self.comment_attributes)) unless self.comment_attributes.nil?
+  end
+
+  def requestor_name
+    requestor ? requestor.name : (comment.name || _('Anonymous'))
+  end
+
+  def article
+    Article.find_by_id comment.source_id unless self.comment.nil?
+  end
+
+  def article_name
+    article ? article.name : _("Article removed.")
+  end
+
+  def perform
+    comment.save!
+  end
+
+  def title
+    _("New comment to article")
+  end
+
+  def icon
+    result = {:type => :defined_image, :src => '/images/icons-app/article-minor.png'}
+    result.merge!({:url => article.url}) if article
+    result
+  end
+
+  def linked_subject
+    {:text => article_name, :url => article.url} if article
+  end
+
+  def information
+    if article
+      if requestor
+        {:message => _('%{requestor} commented on the the article: %{linked_subject}.')}
+      else
+        { :message => _('%{requestor} commented on the the article: %{linked_subject}.'),
+          :variables => {:requestor => requestor_name} }
+      end
+    else
+      {:message => _("The article was removed.")}
+    end
+  end
+
+  def accept_details
+    true
+  end
+
+  def reject_details
+    true
+  end
+
+  def default_decision
+    if article
+      'skip'
+    else
+      'reject'
+    end
+  end
+
+  def accept_disabled?
+    article.blank?
+  end
+
+  def target_notification_description
+    if article
+      _('%{requestor} wants to comment the article: %{article}.') % {:requestor => requestor_name, :article => article.name}
+    else
+      _('%{requestor} wanted to comment the article but it was removed.') % {:requestor => requestor_name}
+    end
+  end
+
+  def target_notification_message
+    target_notification_description + "\n\n" +
+    _('You need to login on %{system} in order to approve or reject this comment.') % { :system => target.environment.name }
+  end
+
+  def task_finished_message
+    if !closing_statment.blank?
+      _("Your comment to the article \"%{article}\" was approved. Here is the comment left by the admin who approved your comment:\n\n%{comment} ") % {:article => article_name, :comment => closing_statment}
+    else
+      _('Your request for comment the article "%{article}" was approved.') % {:article => article_name}
+    end
+  end
+
+  def task_cancelled_message
+    message = _('Your request for commenting the article "%{article}" was rejected.') % {:article => article_name}
+    if !reject_explanation.blank?
+      message += " " + _("Here is the reject explanation left by the administrator who rejected your comment: \n\n%{reject_explanation}") % {:reject_explanation => reject_explanation}
+    end
+    message
+  end
+
+end
@@ -65,6 +65,7 @@ class Article &lt; ActiveRecord::Base
   settings_items :display_hits, :type => :boolean, :default => true
   settings_items :author_name, :type => :string, :default => ""
   settings_items :allow_members_to_edit, :type => :boolean, :default => false
+  settings_items :moderate_comments, :type => :boolean, :default => false
   settings_items :followers, :type => Array, :default => []
  
   belongs_to :reference_article, :class_name => "Article", :foreign_key => 'reference_article_id'
@@ -327,6 +328,14 @@ class Article &lt; ActiveRecord::Base
     @view_url ||= image? ? url.merge(:view => true) : url
   end
  
+  def comment_url_structure(comment, action = :edit)
+    if comment.new_record?
+      profile.url.merge(:page => path.split("/"), :controller => :comment, :action => :create)
+    else
+      profile.url.merge(:page => path.split("/"), :controller => :comment, :action => action || :edit, :id => comment.id)
+    end
+  end
+
   def allow_children?
     true
   end
@@ -489,6 +498,14 @@ class Article &lt; ActiveRecord::Base
     allow_post_content?(user) || user && allow_members_to_edit && user.is_member_of?(profile)
   end
  
+  def moderate_comments?
+    moderate_comments == true
+  end
+
+  def comments_updated
+    solr_save
+  end
+
   def accept_category?(cat)
     !cat.is_a?(ProductCategory)
   end
@@ -34,7 +34,9 @@ class Comment &lt; ActiveRecord::Base
  
   xss_terminate :only => [ :body, :title, :name ], :on => 'validation'
  
-  delegate :environment, :to => :source
+  def comment_root
+    (reply_of && reply_of.comment_root) || self
+  end
  
   def action_tracker_target
     self.article.profile
@@ -248,4 +250,22 @@ class Comment &lt; ActiveRecord::Base
     plugins.dispatch(:comment_marked_as_ham, self)
   end
  
+  def need_moderation?
+    article.moderate_comments? && (author.nil? || article.author != author)
+  end
+
+  def can_be_destroyed_by?(user)
+    return if user.nil?
+    user == author || user == profile || user.has_permission?(:moderate_comments, profile)
+  end
+
+  def can_be_marked_as_spam_by?(user)
+    return if user.nil?
+    user == profile || user.has_permission?(:moderate_comments, profile)
+  end
+
+  def can_be_updated_by?(user)
+    user.present? && user == author
+  end
+
 end
@@ -74,7 +74,7 @@ class Task &lt; ActiveRecord::Base
   end
  
   def self.all_types
-    %w[Invitation EnterpriseActivation AddMember Ticket SuggestArticle  AddFriend CreateCommunity AbuseComplaint ApproveArticle CreateEnterprise ChangePassword EmailActivation InviteFriend InviteMember]
+    %w[Invitation EnterpriseActivation AddMember Ticket SuggestArticle  AddFriend CreateCommunity AbuseComplaint ApproveComment ApproveArticle CreateEnterprise ChangePassword EmailActivation InviteFriend InviteMember]
   end
  
   # this method finished the task. It calls #perform, which must be overriden
@@ -0,0 +1,84 @@
+<li id="<%= comment.anchor %>" class="article-comment">
+  <div class="article-comment-inner">
+
+  <div class="comment-content comment-logged-<%= comment.author ? 'in' : 'out' %> <%= 'comment-from-owner' if ( comment.author && (profile == comment.author) ) %>">
+
+  <% if comment.author %>
+    <%= link_to image_tag(profile_icon(comment.author, :minor)) +
+                content_tag('span', comment.author_name, :class => 'comment-info'),
+        comment.author.url,
+        :class => 'comment-picture',
+        :title => comment.author_name
+    %>
+  <% else %>
+    <% url_image, status_class = comment.author_id ?
+       [comment.removed_user_image, 'icon-user-removed'] :
+       [str_gravatar_url_for( comment.email, :size => 50, :d=>404 ), 'icon-user-unknown'] %>
+
+    <%= link_to(
+          image_tag(url_image, :onerror=>'gravatarCommentFailback(this)',
+                   'data-gravatar'=>str_gravatar_url_for(comment.email, :size=>50)) +
+          content_tag('span', comment.author_name, :class => 'comment-info') +
+          content_tag('span', comment.message,
+                             :class => 'comment-user-status ' + status_class),
+        gravatar_profile_url(comment.email),
+        :target => '_blank',
+        :class => 'comment-picture',
+        :title => '%s %s' % [comment.author_name, comment.message]
+    )%>
+  <% end %>
+
+  <% comment_balloon do %>
+
+    <div class="comment-details">
+      <div class="comment-header">
+        <ul>
+          <div class="comment-actions">
+            <%= comment_actions(comment) %>
+          </div>
+        </ul>
+      <% unless comment.spam? %>
+        <%= link_to_function '',
+          "var f = add_comment_reply_form(this, %s); f.find('comment_title, textarea').val(''); return false" % comment.id,
+          :class => 'comment-footer comment-footer-link comment-footer-hide comment-actions-reply button',
+          :id => 'comment-reply-to-' + comment.id.to_s
+        %>
+      <% end %>
+      </div>
+
+      <div class="comment-created-at">
+        <%= show_time(comment.created_at) %>
+      </div>
+      <h4><%= comment.title.blank? && '&nbsp;' || comment.title %></h4>
+      <div class="comment-text">
+        <p/>
+        <%= txt2html comment.body %>
+      </div>
+    </div>
+
+    <div class="comment_reply post_comment_box closed" id="comment_reply_to_<%= comment.id %>">
+      <% if @comment && @comment.errors.any? && @comment.reply_of_id.to_i == comment.id %>
+        <%= error_messages_for :comment %>
+        <script type="text/javascript">
+          jQuery(function() {
+            document.location.href = '#<%= comment.anchor %>';
+            add_comment_reply_form('#comment-reply-to-<%= comment.id %>', <%= comment.id %>);
+          });
+        </script>
+      <% end %>
+    </div>
+
+  <% end %>
+
+  </div>
+
+  <% unless comment.replies.blank? || comment.spam? %>
+  <ul class="comment-replies">
+    <% comment.replies.each do |reply| %>
+      <%= render :partial => 'comment/comment', :locals => { :comment => reply } %>
+    <% end %>
+  </ul>
+  <% end %>
+
+  </div>
+</li>
@@ -0,0 +1,96 @@
+<% edition_mode = (defined? edition_mode) ? edition_mode : false %>
+<div class="<%= edition_mode ? '' : 'page-comment-form' %>">
+
+<% focus_on = logged_in? ? 'title' : 'name' %>
+
+
+<% if !edition_mode && !pass_without_comment_captcha? %>
+  <div id="recaptcha-container" style="display: none">
+    <h3><%= _('Please type the two words below') %></h3>
+    <%= recaptcha_tags(:display => { :theme => 'clean' }, :ajax => true) %>
+    <% button_bar do %>
+      <%= button_to_function :add, _('Confirm'), "return false", :id => "confirm-captcha" %>
+      <%= button_to_function :cancel, _('Cancel'), "jQuery.colorbox.close()" %>
+    <% end %>
+  </div>
+
+  <script type="text/javascript">
+    jQuery(document).bind('cbox_cleanup', function() {
+      jQuery('#recaptcha-container').hide();
+    });
+  </script>
+<% end %>
+
+<script type="text/javascript">
+function check_captcha(button, confirm_action) {
+  <% if edition_mode %>
+  return true;
+  <% elsif pass_without_comment_captcha? %>
+  button.form.confirm.value = 'true';
+  button.disabled = true;
+  return true;
+  <% else %>
+  jQuery('#recaptcha-container').show();
+  jQuery.colorbox({ inline : true, href : '#recaptcha-container', maxWidth : '600px', maxHeight : '300px' });
+  jQuery('#confirm-captcha').unbind('click');
+  jQuery('#confirm-captcha').bind('click', function() {
+    jQuery.colorbox.close();
+    button.form.recaptcha_response_field.value = jQuery('#recaptcha_response_field').val();
+    button.form.recaptcha_challenge_field.value = jQuery('#recaptcha_challenge_field').val();
+    button.form.confirm.value = 'true';
+    button.disabled = false;
+    confirm_action(button);
+  });
+  return false;
+  <% end %>
+}
+</script>
+
+<% if @comment && @comment.errors.any? %>
+  <%= error_messages_for :comment %>
+<% end %>
+
+<div class="post_comment_box <%= ((defined? show_form) && show_form) ? 'opened' : 'closed' %>">
+
+  <%= link_to(_('Post a comment'), '#', :class => 'display-comment-form') if display_link && @comment.reply_of_id.blank? %>
+<% remote_form_for(:comment, comment, :url => {:profile => profile.identifier, :controller => 'comment', :action => (edition_mode ? 'update' : 'create'), :id => (edition_mode ?  comment.id : @page.id)}, :html => { :class => 'comment_form' } ) do |f| %>
+
+  <%= required_fields_message %>
+
+  <% unless logged_in? %>
+
+    <%= required labelled_form_field(_('Name'), f.text_field(:name)) %>
+    <%= required labelled_form_field(_('e-mail'), f.text_field(:email)) %>
+    <p>
+    <%= _('If you are a registered user, you can login and be automatically recognized.') %>
+    </p>
+
+  <% end %>
+
+  <% if !edition_mode && !pass_without_comment_captcha? %>
+    <%= hidden_field_tag(:recaptcha_response_field, nil, :id => nil) %>
+    <%= hidden_field_tag(:recaptcha_challenge_field, nil, :id => nil) %>
+  <% end %>
+
+  <%= labelled_form_field(_('Title'), f.text_field(:title)) %>
+  <%= required labelled_form_field(_('Enter your comment'), f.text_area(:body, :rows => 5)) %>
+
+  <%= hidden_field_tag(:confirm, 'false') %>
+  <%= hidden_field_tag(:view, params[:view])%>
+  <%= f.hidden_field(:reply_of_id) %>
+
+  <% button_bar do %>
+    <%= submit_button('add', _('Post comment'), :onclick => "if(check_captcha(this)) { save_comment(this) } else { check_captcha(this, save_comment)};return false;") %>
+    <% if !edition_mode %>
+      <%= button :cancel, _('Cancel'), '', :id => 'cancel-comment' %>
+    <% else %>
+      <%= button :cancel, _('Cancel'), '#', :onclick => "jQuery.colorbox.close();" %>
+    <% end %>
+  <% end %>
+<% end %>
+
+
+</div><!-- end class="post_comment_box" -->
+</div><!-- end class="page-comment-form" -->
+
+<%= javascript_include_tag 'comment_form'%>
@@ -1,99 +0,0 @@
-<li id="<%= comment.anchor %>" class="article-comment">
-  <div class="article-comment-inner">
-
-  <div class="comment-content comment-logged-<%= comment.author ? 'in' : 'out' %> <%= 'comment-from-owner' if ( comment.author && (profile == comment.author) ) %>">
-
-  <% if comment.author %>
-    <%= link_to image_tag(profile_icon(comment.author, :minor)) +
-                content_tag('span', comment.author_name, :class => 'comment-info'),
-        comment.author.url,
-        :class => 'comment-picture',
-        :title => comment.author_name
-    %>
-  <% else %>
-    <% url_image, status_class = comment.author_id ?
-       [comment.removed_user_image, 'icon-user-removed'] :
-       [str_gravatar_url_for( comment.email, :size => 50, :d=>404 ), 'icon-user-unknown'] %>
-
-    <%= link_to(
-          image_tag(url_image, :onerror=>'gravatarCommentFailback(this)',
-                   'data-gravatar'=>str_gravatar_url_for(comment.email, :size=>50)) +
-          content_tag('span', comment.author_name, :class => 'comment-info') +
-          content_tag('span', comment.message,
-                             :class => 'comment-user-status ' + status_class),
-        gravatar_profile_url(comment.email),
-        :target => '_blank',
-        :class => 'comment-picture',
-        :title => '%s %s' % [comment.author_name, comment.message]
-    )%>
-  <% end %>
-
-  <% comment_balloon do %>
-
-    <div class="comment-details">
-      <div class="comment-created-at">
-        <%= show_time(comment.created_at) %>
-      </div>
-      <h4><%= comment.title.blank? && '&nbsp;' || comment.title %></h4>
-      <div class="comment-text">
-        <p/>
-        <%= txt2html comment.body %>
-      </div>
-    </div>
-
-    <div class="comment_reply post_comment_box closed">
-      <% if @comment && @comment.errors.any? && @comment.reply_of_id.to_i == comment.id %>
-        <%= error_messages_for :comment %>
-        <script type="text/javascript">
-          jQuery(function() {
-            document.location.href = '#<%= comment.anchor %>';
-            add_comment_reply_form('#comment-reply-to-<%= comment.id %>', <%= comment.id %>);
-          });
-        </script>
-      <% end %>
-      <%= report_abuse(comment.author, :comment_link, comment) if comment.author %>
-
-      <% if comment.spam? %>
-        &nbsp;
-        <%= link_to_function(_('Mark as NOT SPAM'), 'remove_comment(this, %s); return false;' % url_for(:mark_comment_as_ham => comment.id).to_json, :class => 'comment-footer comment-footer-link comment-footer-hide')  %>
-      <% else %>
-        <% if (logged_in? && (user == profile || user.has_permission?(:moderate_comments, profile))) %>
-          &nbsp;
-          <%= link_to_function(_('Mark as SPAM'), 'remove_comment(this, %s, %s); return false;' % [url_for(:mark_comment_as_spam => comment.id).to_json, _('Are you sure you want to mark this comment as SPAM?').to_json], :class => 'comment-footer comment-footer-link comment-footer-hide')  %>
-        <% end %>
-      <% end %>
-
-      <% if comment.author && comment.author == user %>
-        &nbsp;
-        <%= expirable_comment_link comment, :edit, _('Edit'), {:action => 'edit_comment', :id => comment.id, :profile => profile.identifier} %>
-      <% end %>
-
-      <% if logged_in? && (user == profile || user == comment.author || user.has_permission?(:moderate_comments, profile)) %>
-        &nbsp;
-        <%= link_to_function(_('Remove'), 'remove_comment(this, %s, %s); return false ;' % [url_for(:profile => params[:profile], :remove_comment => comment.id, :view => params[:view]).to_json, _('Are you sure you want to remove this comment and all its replies?').to_json], :class => 'comment-footer comment-footer-link comment-footer-hide remove-children') %>
-      <% end %>
-
-      <% unless comment.spam? %>
-        &nbsp;
-        <%= link_to_function _('Reply'),
-          "var f = add_comment_reply_form(this, %s); f.find('comment_title, textarea').val(''); return false" % comment.id,
-          :class => 'comment-footer comment-footer-link comment-footer-hide',
-          :id => 'comment-reply-to-' + comment.id.to_s
-        %>
-      <% end %>
-    </div>
-
-  <% end %>
-
-  </div>
-
-  <% unless comment.replies.blank? || comment.spam? %>
-  <ul class="comment-replies">
-    <% comment.replies.each do |reply| %>
-      <%= render :partial => 'comment', :locals => { :comment => reply } %>
-    <% end %>
-  </ul>
-  <% end %>
-
-  </div>
-</li>
@@ -1,88 +0,0 @@
-<script type="text/javascript">
-function submit_comment_form(button) {
-  <% if pass_without_comment_captcha? %>
-  button.form.confirm.value = 'true';
-  button.disabled = true;
-  button.form.submit();
-  return true;
-  <% else %>
-  jQuery('#recaptcha-container').show();
-  jQuery.colorbox({ inline : true, href : '#recaptcha-container', maxWidth : '600px', maxHeight : '300px' });
-  jQuery('#confirm-captcha').unbind('click');
-  jQuery('#confirm-captcha').bind('click', function() {
-    jQuery.colorbox.close();
-    button.form.recaptcha_response_field.value = jQuery('#recaptcha_response_field').val();
-    button.form.recaptcha_challenge_field.value = jQuery('#recaptcha_challenge_field').val();
-    button.form.confirm.value = 'true';
-    button.disabled = true;
-    button.form.submit();
-  });
-  <% end %>
-}
-</script>
-
-<% if @comment && @comment.errors.any? && @comment.reply_of_id.blank? %>
-  <%= error_messages_for :comment %>
-  <script type="text/javascript">jQuery(function() { document.location.href = '#page-comment-form'; });</script>
-<% end %>
-
-<% @form_div ||= 'closed' %>
-
-<div class="post_comment_box <%= @form_div %>">
-
-  <%= link_to(_('Post a comment'), '#', :class => 'display-comment-form') if display_link %>
-
-<% unless pass_without_comment_captcha? %>
-  <div id="recaptcha-container" style="display: none">
-    <h3><%= _('Please type the two words below') %></h3>
-    <%= recaptcha_tags(:display => { :theme => 'clean' }, :ajax => true) %>
-    <% button_bar do %>
-      <%= button_to_function :add, _('Confirm'), "return false", :id => "confirm-captcha" %>
-      <%= button_to_function :cancel, _('Cancel'), "jQuery.colorbox.close()" %>
-    <% end %>
-  </div>
-
-  <script type="text/javascript">
-    jQuery(document).bind('cbox_cleanup', function() {
-      jQuery('#recaptcha-container').hide();
-    });
-  </script>
-<% end %>
-
-<% form_tag( url, { :class => 'comment_form' } ) do %>
-  <%= required_fields_message %>
-
-  <% unless logged_in? %>
-
-    <%= required labelled_form_field(_('Name'), text_field(:comment, :name)) %>
-    <%= required labelled_form_field(_('e-mail'), text_field(:comment, :email)) %>
-    <p>
-    <%= _('If you are a registered user, you can login and be automatically recognized.') %>
-    </p>
-
-  <% end %>
-
-  <% unless pass_without_comment_captcha? %>
-    <%= hidden_field_tag(:recaptcha_response_field, nil, :id => nil) %>
-    <%= hidden_field_tag(:recaptcha_challenge_field, nil, :id => nil) %>
-  <% end %>
-
-  <%= labelled_form_field(_('Title'), text_field(:comment, :title)) %>
-  <%= required labelled_form_field(_('Enter your comment'), text_area(:comment, :body, :rows => 5)) %>
-
-  <%= hidden_field_tag(:confirm, 'false') %>
-  <%= hidden_field_tag(:view, params[:view])%>
-
-  <% button_bar do %>
-    <%= submit_button('add', _('Post comment'), :onclick => "submit_comment_form(this); return false") %>
-    <% if cancel_triggers_hide %>
-      <%= button :cancel, _('Cancel'), '', :id => 'cancel-comment' %>
-    <% else %>
-      <%= button('cancel', _('Cancel'), {:action => 'view_page', :profile => profile.identifier, :page => @comment.article.explode_path})%>
-    <% end %>
-  <% end %>
-<% end %>
-
-</div><!-- end class="post_comment_box" -->
-
-<%= javascript_include_tag 'comment_form'%>
@@ -1,3 +0,0 @@
-<h1><%= _('Edit comment') %></h1>
-
-<%= render :partial => 'comment_form', :locals => {:url => {:action => 'edit_comment', :profile => profile.identifier}, :display_link => false, :cancel_triggers_hide => false} %>
@@ -8,6 +8,12 @@
  
 <%= render :partial => 'confirm_unfollow' %>
  
+<script type="text/javascript">
+    window.ONE_COMMENT = "<%= _('One comment') %>";
+    window.COMMENT_PLURAL = "<%= _('comments') %>";
+    window.NO_COMMENT_YET = "<%= _('No comments yet') %>";
+</script>
+
 <div id="article-toolbar"></div>
  
 <script type="text/javascript">
@@ -89,15 +95,15 @@
   <% end %>
  
   <% if @page.accept_comments? && @comments_count > 1 %>
-    <%= link_to(_('Post a comment'), '#', :class => 'display-comment-form', :id => 'top-post-comment-button') %>
+    <%= link_to(_('Post a comment'), '#', :class => 'display-comment-form', :id => 'top-post-comment-button', :onclick => "jQuery('#page-comment-form .display-comment-form').first().click();") %>
   <% end %>
  
   <ul class="article-comments-list">
-    <%= render :partial => 'comment', :collection => @comments %>
+    <%= render :partial => 'comment/comment', :collection => @comments %>
   </ul>
  
   <% if @page.accept_comments? %>
-    <div id="page-comment-form"><%= render :partial => 'comment_form', :locals => {:url => url_for(@page.view_url.merge({:only_path => true})), :display_link => true, :cancel_triggers_hide => true}%></div>
+    <div id='page-comment-form' class='page-comment-form'><%= render :partial => 'comment/comment_form', :locals =>{:comment => Comment.new, :url => {:controller => :comment, :action => :create}, :display_link => true, :cancel_triggers_hide => true}%></div>
   <% end %>
 </div><!-- end class="comments" -->
  
@@ -17,6 +17,10 @@
         content.respond_to?(:call) ? content.call : content
       end.join("\n")
     %>
+
+    <script type='text/javascript'>
+      DEFAULT_LOADING_MESSAGE = <%="'#{ _('loading...') }'" %>;
+    </script>
   </head>
   <body class="<%= body_classes %>">
     <a href="#content" id="link-go-content"><span><%= _("Go to the content") %></span></a>
@@ -8,7 +8,7 @@
 <div id='article'>
   <div class="comments" id="comments_list">
     <ul class="article-comments-list">
-      <%= render :partial => 'content_viewer/comment', :collection => @spam %>
+      <%= render :partial => 'comment/comment', :collection => @spam %>
     </ul>
   </div>
 </div>
@@ -0,0 +1,7 @@
+<p>
+  <b><%= _('Title: ') %></b>
+  <%= task.comment.title %>
+</p>
+<p>
+  <%= task.comment.body %>
+</p>
@@ -76,6 +76,9 @@ ActionController::Routing::Routes.draw do |map|
   # profile search
   map.profile_search 'profile/:profile/search', :controller => 'profile_search', :action => 'index', :profile => /#{Noosfero.identifier_format}/
  
+  # comments
+  map.comment 'profile/:profile/comment/:action/:id', :controller => 'comment', :profile => /#{Noosfero.identifier_format}/
+
   # public profile information
   map.profile 'profile/:profile/:action/:id', :controller => 'profile', :action => 'index', :id => /[^\/]*/, :profile => /#{Noosfero.identifier_format}/
  
@@ -122,7 +125,6 @@ ActionController::Routing::Routes.draw do |map|
   # cache stuff - hack
   map.cache 'public/:action/:id', :controller => 'public'
  
-  map.connect ':profile/edit_comment/:id/*page', :controller => 'content_viewer', :action => 'edit_comment', :profile => /#{Noosfero.identifier_format}/
  
   # match requests for profiles that don't have a custom domain
   map.homepage ':profile/*page', :controller => 'content_viewer', :action => 'view_page', :profile => /#{Noosfero.identifier_format}/, :conditions => { :if => lambda { |env| !Domain.hosting_profile_at(env[:host]) } }
@@ -320,6 +320,30 @@ class Noosfero::Plugin
   def comment_marked_as_ham(comment)
   end
  
+  # Adds extra actions for comments
+  # returns = list of hashes or lambda block that creates a list of hashes
+  # example:
+  #
+  #   def comment_actions(comment)
+  #     [{:link => link_to_function(...)}]
+  #   end
+  #
+  def comment_actions(comment)
+    nil
+  end
+
+  # This method is called when the user click on comment actions menu.
+  # returns = list or lambda block that return ids of enabled menu items for comments
+  # example:
+  #
+  #   def check_comment_actions(comment)
+  #     ['#action1', '#action2']
+  #   end
+  #
+  def check_comment_actions(comment)
+    []
+  end
+
   # -> Adds fields to the signup form
   # returns = lambda block that creates html code
   def signup_extra_contents
@@ -27,7 +27,7 @@ class RequireAuthToCommentPlugin &lt; Noosfero::Plugin
   end
  
   def js_files
-    ['hide_comment_form.js']
+    ['hide_comment_form.js', 'jquery.livequery.min.js']
   end
  
   def body_beginning
 (function($) {
   $(window).bind('userDataLoaded', function(event, data) {
-    if (data.login || $('meta[name="profile.allow_unauthenticated_comments"]').length > 0) {
-      $('.post-comment-button').show();
-      $('#page-comment-form').show();
-      $('.comment-footer').show();
+    if (data.login || $('meta[name=profile.allow_unauthenticated_comments]').length > 0) {
+      $('.post-comment-button').livequery(function() {
+        $(this).show();
+      });
+      $('.page-comment-form').livequery(function() {
+        $(this).show();
+      });
+      $('.comment-footer').livequery(function() {
+        $(this).show();      
+      });
     }
   });
 })(jQuery);
@@ -0,0 +1,9 @@
+/* Copyright (c) 2010 Brandon Aaron (http://brandonaaron.net)
+ * Dual licensed under the MIT (MIT_LICENSE.txt)
+ * and GPL Version 2 (GPL_LICENSE.txt) licenses.
+ *
+ * Version: 1.1.1
+ * Requires jQuery 1.3+
+ * Docs: http://docs.jquery.com/Plugins/livequery
+ */
+(function(a){a.extend(a.fn,{livequery:function(e,d,c){var b=this,f;if(a.isFunction(e)){c=d,d=e,e=undefined}a.each(a.livequery.queries,function(g,h){if(b.selector==h.selector&&b.context==h.context&&e==h.type&&(!d||d.$lqguid==h.fn.$lqguid)&&(!c||c.$lqguid==h.fn2.$lqguid)){return(f=h)&&false}});f=f||new a.livequery(this.selector,this.context,e,d,c);f.stopped=false;f.run();return this},expire:function(e,d,c){var b=this;if(a.isFunction(e)){c=d,d=e,e=undefined}a.each(a.livequery.queries,function(f,g){if(b.selector==g.selector&&b.context==g.context&&(!e||e==g.type)&&(!d||d.$lqguid==g.fn.$lqguid)&&(!c||c.$lqguid==g.fn2.$lqguid)&&!this.stopped){a.livequery.stop(g.id)}});return this}});a.livequery=function(b,d,f,e,c){this.selector=b;this.context=d;this.type=f;this.fn=e;this.fn2=c;this.elements=[];this.stopped=false;this.id=a.livequery.queries.push(this)-1;e.$lqguid=e.$lqguid||a.livequery.guid++;if(c){c.$lqguid=c.$lqguid||a.livequery.guid++}return this};a.livequery.prototype={stop:function(){var b=this;if(this.type){this.elements.unbind(this.type,this.fn)}else{if(this.fn2){this.elements.each(function(c,d){b.fn2.apply(d)})}}this.elements=[];this.stopped=true},run:function(){if(this.stopped){return}var d=this;var e=this.elements,c=a(this.selector,this.context),b=c.not(e);this.elements=c;if(this.type){b.bind(this.type,this.fn);if(e.length>0){a.each(e,function(f,g){if(a.inArray(g,c)<0){a.event.remove(g,d.type,d.fn)}})}}else{b.each(function(){d.fn.apply(this)});if(this.fn2&&e.length>0){a.each(e,function(f,g){if(a.inArray(g,c)<0){d.fn2.apply(g)}})}}}};a.extend(a.livequery,{guid:0,queries:[],queue:[],running:false,timeout:null,checkQueue:function(){if(a.livequery.running&&a.livequery.queue.length){var b=a.livequery.queue.length;while(b--){a.livequery.queries[a.livequery.queue.shift()].run()}}},pause:function(){a.livequery.running=false},play:function(){a.livequery.running=true;a.livequery.run()},registerPlugin:function(){a.each(arguments,function(c,d){if(!a.fn[d]){return}var b=a.fn[d];a.fn[d]=function(){var e=b.apply(this,arguments);a.livequery.run();return e}})},run:function(b){if(b!=undefined){if(a.inArray(b,a.livequery.queue)<0){a.livequery.queue.push(b)}}else{a.each(a.livequery.queries,function(c){if(a.inArray(c,a.livequery.queue)<0){a.livequery.queue.push(c)}})}if(a.livequery.timeout){clearTimeout(a.livequery.timeout)}a.livequery.timeout=setTimeout(a.livequery.checkQueue,20)},stop:function(b){if(b!=undefined){a.livequery.queries[b].stop()}else{a.each(a.livequery.queries,function(c){a.livequery.queries[c].stop()})}}});a.livequery.registerPlugin("append","prepend","after","before","wrap","attr","removeAttr","addClass","removeClass","toggleClass","empty","remove","html");a(function(){a.livequery.play()})})(jQuery);
 \ No newline at end of file
-.post-comment-button, #page-comment-form, .comment-footer {
+.post-comment-button, .page-comment-form, .comment-footer {
   display: none;
 }
@@ -1016,7 +1016,7 @@ hr.pre-posts, hr.sep-posts {
  
 .post_comment_box.opened {
   border: none;
-  background: #FFF;
+  background: transparent;
 }
  
  
@@ -100,4 +100,24 @@ jQuery(function($) {
         clicked.parent().find(".send-an-email").fadeOut();
     })
   })
+
+  $(".comment-trigger").live('click', function(){
+    clicked = $(this);
+    url = clicked.attr("url");
+    $.get(url, function(data){
+      ids = [];
+      if(data && data.ids) {
+        for(var i=0; i<data.ids.length; i++) {
+          clicked.parent().find(data.ids[i]).fadeIn();
+          ids.push(data.ids[i]);
+        }
+      }
+      clicked.parent().find('.comment-action-extra').each(function() {
+        if($.inArray('#'+$(this).attr('id'), ids))
+          $(this).fadeOut();
+      });
+    })
+    return false;
+  })
+
 });
@@ -79,6 +79,27 @@ function updateUrlField(name_field, id) {
    }
 }
  
+
+
+jQuery.fn.centerInForm = function () {
+  var $ = jQuery;
+  var form = $(this).parent('form');
+  this.css("position", "absolute");
+  this.css("top", (form.height() - this.height())/ 2 + form.scrollTop() + "px");
+  this.css("left", (form.width() - this.width()) / 2 + form.scrollLeft() + "px");
+  this.css("width", form.width() + "px");
+  this.css("height", form.height() + "px");
+  return this;
+}
+
+jQuery.fn.center = function () {
+  var $ = jQuery;
+  this.css("position", "absolute");
+  this.css("top", ($(window).height() - this.height())/ 2 + $(window).scrollTop() + "px");
+  this.css("left", ($(window).width() - this.width()) / 2 + $(window).scrollLeft() + "px");
+  return this;
+}
+
 function show_warning(field, message) {
    new Effect.Highlight(field, {duration:3});
    $(message).show();
@@ -146,8 +167,9 @@ function loading_done(element_id) {
    jQuery(element_id).removeClass('small-loading-dark');
 }
 function open_loading(message) {
-   jQuery('body').append("<div id='overlay_loading' class='ui-widget-overlay' style='display: none'/><div id='overlay_loading_modal' style='display: none'><p>"+message+"</p><img src='/images/loading-dark.gif'/></div>");
+   jQuery('body').prepend("<div id='overlay_loading' class='ui-widget-overlay' style='display: none'/><div id='overlay_loading_modal' style='display: none'><p>"+message+"</p><img src='/images/loading-dark.gif'/></div>");
    jQuery('#overlay_loading').show();
+   jQuery('#overlay_loading_modal').center();
    jQuery('#overlay_loading_modal').fadeIn('slow');
 }
 function close_loading() {
@@ -292,11 +314,17 @@ function toggleSubmenu(trigger, title, link_list) {
   content.append('<h4>' + title + '</h4>');
   jQuery.each(link_list, function(index, link_hash) {
     for (label in link_hash) {
-      options = "";
-      jQuery.each(link_hash[label], function(option, value){
-        options += option +'="'+ value + '" ';
-      })
-      list.append('<li><a '+ options +'>' + label + '</a></li>');
+      if(link_hash[label]!=null) {
+        if(label=='link' && jQuery.type(link_hash[label])=="string") {
+          list.append('<li>' + link_hash[label] + '</li>');
+        } else {
+          options = "";
+          jQuery.each(link_hash[label], function(option, value){
+            options += option +'="'+ value + '" ';
+          })
+          list.append('<li><a '+ options +'>' + label + '</a></li>');
+        }
+      }
     }
   });
   content.append(list);
@@ -320,9 +348,9 @@ function hideAllSubmenus() {
 // Hide visible ballons when clicked outside them
 jQuery(document).ready(function() {
   jQuery('body').live('click', function() { hideAllSubmenus(); });
-  jQuery('.menu-submenu-trigger').click(function(e) { e.stopPropagation(); });
-  jQuery('.simplemenu-trigger').click(function(e) { e.stopPropagation(); });
-  jQuery('#chat-online-users').click(function(e) { e.stopPropagation(); });
+  jQuery('.menu-submenu-trigger').live('click', function(e) { e.stopPropagation(); });
+  jQuery('.simplemenu-trigger').live('click', function(e) { e.stopPropagation(); });
+  jQuery('#chat-online-users').live('click', function(e) { e.stopPropagation(); });
 });
  
 function input_javascript_ordering_stuff() {
@@ -688,22 +716,51 @@ jQuery(function($) {
 });
  
 function add_comment_reply_form(button, comment_id) {
-  var container = jQuery(button).parents('.comment_reply');
+  //var container = jQuery(button).parents('.comment_reply');
+  var container = jQuery('#comment_reply_to_'+comment_id);
   var f = container.find('.comment_form');
   if (f.length == 0) {
-    f = jQuery('#page-comment-form .comment_form').clone();
-    f.find('.fieldWithErrors').map(function() { jQuery(this).replaceWith(jQuery(this).contents()); });
-    f.prepend('<input type="hidden" name="comment[reply_of_id]" value="' + comment_id + '" />');
-    container.append(f);
+    comments_div = jQuery(button).parents('.comments');
+    f = comments_div.find('.comment_form').first().clone();
+    f.find('.errorExplanation').remove();
+    f.append('<input type="hidden" name="comment[reply_of_id]" value="' + comment_id + '" />');
+    container.append('<div class="page-comment-form"></div>');
+    container.find('.page-comment-form').append(f);
   }
   if (container.hasClass('closed')) {
     container.removeClass('closed');
     container.addClass('opened');
     container.find('.comment_form input[type=text]:visible:first').focus();
   }
+  jQuery('.display-comment-form').hide();
   return f;
 }
  
+function update_comment_count(element, new_count) {
+  var $ = jQuery;
+  var content = '';
+  var parent_element = element.parent();
+
+  write_out = parent_element.find('.comment-count-write-out');
+
+  element.html(new_count);
+
+  if(new_count == 0) {
+    content = NO_COMMENT_YET;
+    parent_element.addClass("no-comments-yet");
+  } else if(new_count == 1) {
+    parent_element.removeClass("no-comments-yet");
+    content = ONE_COMMENT;
+  } else {
+    content = new_count + ' ' + COMMENT_PLURAL;
+  }
+
+  if(write_out){
+    write_out.html(content);
+  }
+
+}
+
 function remove_comment(button, url, msg) {
   var $ = jQuery;
   var $button = $(button);
@@ -716,17 +773,27 @@ function remove_comment(button, url, msg) {
     if (data.ok) {
       var $comment = $button.closest('.article-comment');
       var $replies = $comment.find('.comment-replies .article-comment');
-      $comment.slideUp();
+
+      var $comments_div = $button.closest('.comments');
+
       var comments_removed = 1;
-      if ($button.hasClass('remove-children')) {
-        comments_removed = 1 + $replies.size();
-      } else {
-        $replies.appendTo('.article-comments-list');
-      }
-      $('.comment-count').each(function() {
-        var count = parseInt($(this).html());
-        $(this).html(count - comments_removed);
+      $comment.slideUp(400, function() {
+        if ($button.hasClass('remove-children')) {
+          comments_removed = 1 + $replies.size();
+        } else {
+          $replies.appendTo('.article-comments-list');
+        }
+
+        $comments_div.find('.comment-count').add('#article-header .comment-count').each(function() {
+          var count = parseInt($(this).html());
+          update_comment_count($(this), count - comments_removed);
+        });
+        $(this).remove();
       });
+
+    }else{
+      $button.removeClass('comment-button-loading');
+      return;
     }
   });
 }
+jQuery('.display-comment-form').unbind();
 jQuery('.display-comment-form').click(function(){
-  toggleBox('.post_comment_box');
+  var $button = jQuery(this);
+  toggleBox($button.parents('.post_comment_box'));
   jQuery('.display-comment-form').hide();
-  jQuery('form.comment_form input').first().focus();
+  $button.closest('.page-comment-form').find('input').first().focus();
   return false;
 });
  
-jQuery('#cancel-comment').click(function(){
-  toggleBox('.post_comment_box');
-  jQuery('.display-comment-form').show();
-  return false
-})
+jQuery('#cancel-comment').die();
+jQuery('#cancel-comment').live("click", function(){
+  var $button = jQuery(this);
+  toggleBox($button.parents('.post_comment_box'));
+  show_display_comment_button();
+  var page_comment_form = $button.parents('.page-comment-form');
+  page_comment_form.find('.errorExplanation').remove();
+  return false;
+});
  
-function toggleBox(div_selector){
-  div = jQuery(div_selector);
+function toggleBox(div){
   if(div.hasClass('opened')) {
     div.removeClass('opened');
     div.addClass('closed');
@@ -21,3 +26,67 @@ function toggleBox(div_selector){
     div.addClass('opened');
   }
 }
+
+function save_comment(button) {
+  var $ = jQuery;
+  open_loading(DEFAULT_LOADING_MESSAGE);
+  var $button = $(button);
+  var form = $button.parents("form");
+  var post_comment_box = $button.parents('.post_comment_box');
+  var comment_div = $button.parents('.comments');
+  var page_comment_form = $button.parents('.page-comment-form');
+  $button.addClass('comment-button-loading');
+  $.post(form.attr("action"), form.serialize(), function(data) {
+
+    if(data.render_target == null) {
+      //Comment for approval
+      form.find("input[type='text']").add('textarea').each(function() {
+        this.value = '';
+      });
+      page_comment_form.find('.errorExplanation').remove();
+    } else if(data.render_target == 'form') {
+      //Comment with errors
+      $.scrollTo(page_comment_form);
+      page_comment_form.html(data.html);
+      $('.display-comment-form').hide();
+    } else if($('#' + data.render_target).size() > 0) {
+      //Comment of reply
+      $('#'+ data.render_target).replaceWith(data.html);
+      $('#' + data.render_target).effect("highlight", {}, 3000);
+      $.colorbox.close();
+    } else {
+      //New comment of article
+      comment_div.find('.article-comments-list').append(data.html);
+
+      form.find("input[type='text']").add('textarea').each(function() {
+        this.value = '';
+      });
+
+      page_comment_form.find('.errorExplanation').remove();
+      $.colorbox.close();
+    }
+
+    comment_div.find('.comment-count').add('#article-header .comment-count').each(function() {
+      var count = parseInt($(this).html());
+      update_comment_count($(this), count + 1);
+    });
+
+    if(jQuery('#recaptcha_response_field').val()){
+      Recaptcha.reload();
+    }
+
+    if(data.msg != null) {
+       display_notice(data.msg);
+    }
+    close_loading();
+    toggleBox($button.closest('.post_comment_box'));
+    show_display_comment_button();
+    $button.removeClass('comment-button-loading');
+    $button.enable();
+  }, 'json');
+}
+
+function show_display_comment_button() {
+  if(jQuery('.post_comment_box.opened').length==0)
+    jQuery('.display-comment-form').show();
+}
@@ -528,11 +528,15 @@ code input {
   background: transparent url(../images/loading-small-dark.gif) no-repeat 10% center;
 }
 #overlay_loading {
-  z-index: 100;
-  cursor: progress;
+  z-index: 10000;
+  top: 0;
+  left: 0;
+  position: fixed;
+  width: 100%;
+  height: 100%;
 }
 #overlay_loading_modal {
-  z-index: 101;
+  z-index: 10001;
   width: 160px;
   height: 120px;
   border: 1px solid #000;
@@ -998,6 +1002,9 @@ code input {
  
 .comments {
 }
+span.comment-count.hide{
+  display: none;
+}
 #content .no-comments-yet {
   text-align: center;
   font-size: 80%;
@@ -1018,7 +1025,7 @@ code input {
   margin-bottom: 10px;
   padding: 4px;
 }
-#article .article-comment h4 {
+#article .article-comment .comment-details h4 {
   font-size: 13px;
   margin: 0px;
   display: inline;
@@ -1291,6 +1298,10 @@ a.comment-picture {
   -webkit-border-radius: 4px;
   border-radius: 4px;
 }
+.post_comment_box.opened h4 {
+  border: none;
+  cursor: default;
+}
 .post_comment_box.opened {
   border: 1px solid #888;
   background: #eee;
@@ -1341,6 +1352,11 @@ a.comment-picture {
 .post_comment_box.comment_reply #comment_title {
   width: 100%;
 }
+
+#page-comment-form-template {
+  display:none;
+}
+
 #page-comment-form .post_comment_box {
   text-align: left;
   padding-left: 0;
@@ -1656,13 +1672,15 @@ a.button.disabled, input.disabled {
  * Block options editor floating window *
  ****************************************/
  
+/* FIXME This changes broke colorboxes all over the place.
+ * Therefore I'm canceling them until they are properly treateda. */
 #cboxLoadedContent {
   background: #FFF;
-  box-shadow: 0 0 15px #888 inset;
-  border-radius: 5px;
-  border: 1px solid #777;
-  border-left: none;
-  border-right: none;
+/*  box-shadow: 0 0 15px #888 inset;
+    border-radius: 5px;
+    border: 1px solid #777;
+    border-left: none;
+    border-right: none; */
 }
  
 .block-config-options {
@@ -1786,13 +1804,32 @@ a.button.disabled, input.disabled {
 #content .profile-list-block ul {
   width: 200px;
 }
-#content .common-profile-list-block li {
-  margin: 0px;
+#content .comment-header .comment-actions-reply {
+  float: right;
+  background-image: url(/designs/icons/tango/Tango/16x16/actions/go-jump.png);
+  height: 12px;
+}
+#content .comment-header ul {
+  float: right;
+  margin: 1px 0px 14px 0px;
+}
+#content .comment-actions .menu-submenu-header, #content .comment-actions .menu-submenu-footer, #content .comment-actions .menu-submenu h4 {
+  display: none;
+}
+#content .comment-actions .menu-submenu ul {
+  border: 1px solid #888a85;
+  background-color: #efefef;
+  padding-right: 2px;
+  height: auto;
+  display: block;
+}
+#content .common-profile-list-block li, #content .comment-actions li {
+  margin: 0px !important;
   padding: 0px;
   list-style: none;
   position: relative;
 }
-.common-profile-list-block .vcard a {
+.common-profile-list-block .vcard a, .comment-actions .vcard a {
   display: block;
   height: 112px;
   max-height: 112px;
@@ -1803,7 +1840,7 @@ a.button.disabled, input.disabled {
   text-align: center;
   overflow: hidden;
   font-size: 11px;
-  text-decoration: none;
+  text-decoration: none !important;
   color: #000;
   position: relative;
   cursor: pointer; /* work arround bug for MSIE */
@@ -4559,11 +4596,17 @@ h1#agenda-title {
 }
 /* Profile balloon */
  
-.common-profile-list-block .vcard {
+.common-profile-list-block .vcard, .comment-actions .vcard {
   position: relative !important;
   float: left;
 }
-.common-profile-list-block .vcard .menu-submenu-trigger, .menu-submenu-trigger {
+#content .comment-actions .vcard {
+  padding-right: 20px;
+}
+#content .comment-actions .vcard .menu-submenu-trigger {
+  display: block;
+}
+.common-profile-list-block .vcard .menu-submenu-trigger, .menu-submenu-trigger, .comment-actions .vcard .menu-submenu-trigger {
   display: none;
   width: 16px;
   height: 16px;
@@ -4577,7 +4620,7 @@ h1#agenda-title {
   -moz-border-radius: 5px;
   -webkit-border-radius: 5px;
 }
-.common-profile-list-block .vcard .menu-submenu-trigger:hover, .menu-submenu-trigger:hover {
+.common-profile-list-block .vcard .menu-submenu-trigger:hover, .menu-submenu-trigger:hover, .comment-actions .vcard .menu-submenu-trigger:hover {
   background: #fff url(/images/top-arrow.png) center center no-repeat;
   border: 1px solid #ccc;
 }
@@ -4596,6 +4639,10 @@ h1#agenda-title {
   padding: 0;
   text-align: left;
 }
+.comment-details .menu-submenu {
+  bottom: 0px;
+  right: -134px;
+}
 .box-2 .menu-submenu, .box-3 .menu-submenu {
   bottom: 78px;
   right: -44px;
@@ -4630,7 +4677,7 @@ h1#agenda-title {
 .msie7 #search-results .menu-submenu-trigger {
   width: 20px !important;
 }
-.common-profile-list-block .vcard .menu-submenu a {
+.common-profile-list-block .vcard .menu-submenu a, .comment-actions .vcard .menu-submenu a {
   float: none;
   display: block;
   height: auto;
@@ -0,0 +1,562 @@
+require File.dirname(__FILE__) + '/../test_helper'
+require 'comment_controller'
+
+# Re-raise errors caught by the controller.
+class CommentController; def rescue_action(e) raise e end; end
+
+class CommentControllerTest < ActionController::TestCase
+
+  def setup
+    @controller = CommentController.new
+    @request    = ActionController::TestRequest.new
+    @response   = ActionController::TestResponse.new
+
+    @profile = create_user('testinguser').person
+    @environment = @profile.environment
+  end
+  attr_reader :profile, :environment
+
+  should "not be able to remove other people's comments if not moderator or admin" do
+    create_user('normaluser')
+    profile = create_user('testuser').person
+    article = profile.articles.build(:name => 'test')
+    article.save!
+
+    commenter = create_user('otheruser').person
+    comment = fast_create(Comment, :source_id => article, :title => 'a comment', :body => 'lalala')
+
+    login_as 'normaluser' # normaluser cannot remove other people's comments
+    assert_no_difference Comment, :count do
+      post :destroy, :profile => profile.identifier, :id => comment.id
+    end
+  end
+
+  should "not be able to remove other people's comments if not moderator or admin and return json if is an ajax request" do
+    create_user('normaluser')
+    profile = create_user('testuser').person
+    article = profile.articles.build(:name => 'test')
+    article.save!
+
+    commenter = create_user('otheruser').person
+    comment = fast_create(Comment, :source_id => article, :author_id => commenter, :title => 'a comment', :body => 'lalala')
+
+    login_as 'normaluser' # normaluser cannot remove other people's comments
+    assert_no_difference Comment, :count do
+      xhr :post, :destroy, :profile => profile.identifier, :id => comment.id
+      assert_response :success
+    end
+    assert_match /\{\"ok\":false\}/, @response.body
+  end
+
+  should 'be able to remove comments on their articles' do
+    profile = create_user('testuser').person
+    article = profile.articles.build(:name => 'test')
+    article.save!
+
+    commenter = create_user('otheruser').person
+    comment = fast_create(Comment, :source_id => article, :author_id => commenter, :title => 'a comment', :body => 'lalala')
+
+    login_as 'testuser' # testuser must be able to remove comments in his articles
+    assert_difference Comment, :count, -1 do
+      xhr :post, :destroy, :profile => profile.identifier, :id => comment.id
+      assert_response :success
+    end
+    assert_match /\{\"ok\":true\}/, @response.body
+  end
+
+  should 'be able to remove comments of their images' do
+    profile = create_user('testuser').person
+
+    image = UploadedFile.create!(:profile => profile, :uploaded_data => fixture_file_upload('/files/rails.png', 'image/png'))
+    image.save!
+
+    commenter = create_user('otheruser').person
+    comment = fast_create(Comment, :source_id => image, :author_id => commenter, :title => 'a comment', :body => 'lalala')
+
+    login_as 'testuser' # testuser must be able to remove comments in his articles
+    assert_difference Comment, :count, -1 do
+      xhr :post, :destroy, :profile => profile.identifier, :id => comment.id
+      assert_response :success
+    end
+  end
+
+  should 'be able to remove comments if is moderator' do
+    commenter = create_user('commenter_user').person
+    community = Community.create!(:name => 'Community test', :identifier => 'community-test')
+    article = community.articles.create!(:name => 'test', :profile => community)
+    comment = fast_create(Comment, :source_id => article, :author_id => commenter, :title => 'a comment', :body => 'lalala')
+    community.add_moderator(profile)
+    login_as profile.identifier
+    assert_difference Comment, :count, -1 do
+      xhr :post, :destroy, :profile => community.identifier, :id => comment.id
+      assert_response :success
+    end
+    assert_match /\{\"ok\":true\}/, @response.body
+  end
+
+  should 'be able to remove comment' do
+    profile = create_user('testuser').person
+    article = profile.articles.build(:name => 'test')
+    article.save!
+    comment = fast_create(Comment, :source_id => article, :author_id => profile, :title => 'a comment', :body => 'lalala')
+
+    login_as 'testuser'
+    assert_difference Comment, :count, -1 do
+      xhr :post, :destroy, :profile => profile.identifier, :id => comment.id
+      assert_response :success
+    end
+  end
+
+  should 'display not found page if a user should try to make a cross comment' do
+    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
+
+    other_person = create_user('otheruser').person
+    other_page = other_person.articles.create!(:name => 'myarticle', :body => 'the body of the text')
+
+    assert_no_difference Comment, :count do
+      xhr :post, :create, :profile => profile.identifier, :id => other_page.id, :comment => { :title => 'crap!', :body => 'I think that this article is crap' }
+    end
+     assert_match /not found/, @response.body
+  end
+
+  should 'not be able to post comment if article do not accept it' do
+    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text', :accept_comments => false)
+
+    assert_no_difference Comment, :count do
+      xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => { :title => 'crap!', :body => 'I think that this article is crap' }
+    end
+     assert_match /Comment not allowed in this article/, @response.body
+  end
+
+  should "the author's comment be the logged user" do
+    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
+
+    login_as profile.identifier
+
+    xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => { :title => 'crap!', :body => 'I think that this article is crap' }
+    assert_equal profile, assigns(:comment).author
+  end
+
+  should "the articles's comment be the article passed as parameter" do
+    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
+
+    login_as profile.identifier
+
+    xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => { :title => 'crap!', :body => 'I think that this article is crap' }
+    assert_equal page, assigns(:comment).article
+  end
+
+  should 'show comment form opened on error' do
+    login_as profile.identifier
+    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
+    xhr :post, :create, :profile => @profile.identifier, :id => page.id, :comment => { :title => '', :body => '' }, :confirm => 'true'
+    response = JSON.parse @response.body
+    assert_match /<div class=\"post_comment_box opened\"/, response["html"]
+  end
+
+  should 'show validation error when body comment is missing' do
+    login_as @profile.identifier
+    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
+    xhr :post, :create, :profile => @profile.identifier, :id => page.id, :comment => { :title => '', :body => '' }, :confirm => 'true'
+    response = JSON.parse @response.body
+    assert_match /errorExplanation/, response["html"]
+  end
+
+  should 'not save a comment if a plugin rejects it' do
+    class TestFilterPlugin < Noosfero::Plugin
+      def filter_comment(c)
+        c.reject!
+      end
+    end
+    Noosfero::Plugin::Manager.any_instance.stubs(:enabled_plugins).returns([TestFilterPlugin.new])
+    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
+    assert_no_difference Comment, :count do
+      xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => { :title => 'title', :body => 'body', :name => "Spammer", :email => 'damn@spammer.com' }, :confirm => 'true'
+    end
+  end
+
+  should 'display a message if a plugin reject the comment' do
+    class TestFilterPlugin < Noosfero::Plugin
+      def filter_comment(c)
+        c.reject!
+      end
+    end
+    Noosfero::Plugin::Manager.any_instance.stubs(:enabled_plugins).returns([TestFilterPlugin.new])
+    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
+    assert_no_difference Comment, :count do
+      xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => { :title => 'title', :body => 'body', :name => "Spammer", :email => 'damn@spammer.com' }, :confirm => 'true'
+    end
+
+    assert_match /rejected/, @response.body
+  end
+
+  should 'store IP address, user agent and referrer for comments' do
+    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
+    @request.stubs(:remote_ip).returns('33.44.55.66')
+    @request.stubs(:referrer).returns('http://example.com')
+    @request.stubs(:user_agent).returns('MyBrowser')
+    xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => { :title => 'title', :body => 'body', :name => "Spammer", :email => 'damn@spammer.com' }, :confirm => 'true'
+    comment = Comment.last
+    assert_equal '33.44.55.66', comment.ip_address
+    assert_equal 'MyBrowser', comment.user_agent
+    assert_equal 'http://example.com', comment.referrer
+  end
+
+  should 'invalid comment display the comment form open' do
+    article = profile.articles.build(:name => 'test')
+    article.save!
+    login_as('testinguser')
+
+    assert_no_difference Comment, :count do
+      xhr :post, :create, :profile => profile.identifier, :id =>article.id, :comment => {:body => ""}, :confirm => 'true'
+    end
+    assert_match /post_comment_box opened/, @response.body
+  end
+
+  should 'invalid captcha display the comment form open' do
+    article = profile.articles.build(:name => 'test')
+    article.save!
+    login_as('testinguser')
+    @controller.stubs(:verify_recaptcha).returns(false)
+
+    environment.enable('captcha_for_logged_users')
+    environment.save!
+
+    xhr :post, :create, :profile => profile.identifier, :id =>article.id, :comment => {:body => "Some comment...", :author => profile}, :confirm => 'true'
+    assert_match /post_comment_box opened/, @response.body
+  end
+
+  should 'ask for captcha if environment defines even with logged user' do
+    article = profile.articles.build(:name => 'test')
+    article.save!
+    login_as('testinguser')
+    @controller.stubs(:verify_recaptcha).returns(false)
+
+    assert_difference Comment, :count, 1 do
+      xhr :post, :create, :profile => profile.identifier, :id => article.id, :comment => {:body => "Some comment...", :author => profile}, :confirm => 'true'
+    end
+
+    environment.enable('captcha_for_logged_users')
+    environment.save!
+
+    assert_no_difference Comment, :count do
+      xhr :post, :create, :profile => profile.identifier, :id =>article.id, :comment => {:body => "Some comment...", :author => profile}, :confirm => 'true'
+    end
+    assert_not_nil assigns(:comment)
+  end
+
+  should 'ask for captcha if user not logged' do
+    article = profile.articles.build(:name => 'test')
+    article.save!
+
+    @controller.stubs(:verify_recaptcha).returns(false)
+    assert_no_difference Comment, :count do
+      xhr :post, :create, :profile => profile.identifier, :id => article.id, :comment => {:body => "Some comment...", :author => profile}, :confirm => 'true'
+    end
+
+    @controller.stubs(:verify_recaptcha).returns(true)
+    assert_difference Comment, :count, 1 do
+      xhr :post, :create, :profile => profile.identifier, :id => article.id, :comment => {:body => "Some comment...", :author => profile}, :confirm => 'true'
+    end
+  end
+
+  should 'create ApproveComment task when adding a comment in a moderated article' do
+    login_as @profile.identifier
+    community = Community.create!(:name => 'testcomm')
+    page = community.articles.create!(:name => 'myarticle', :moderate_comments => true)
+
+    commenter = create_user('otheruser').person
+    assert_difference ApproveComment, :count, 1 do
+      xhr :post, :create, :profile => community.identifier, :id => page.id, :comment => {:body => 'Some comment...', :author => commenter}, :confirm => 'true'
+    end
+  end
+
+  should 'not create ApproveComment task when the comment author is the same of article author' do
+    login_as @profile.identifier
+    community = Community.create!(:name => 'testcomm')
+    page = community.articles.create!(:name => 'myarticle', :moderate_comments => true, :last_changed_by => @profile)
+    community.add_moderator(@profile)
+
+    assert_no_difference ApproveComment, :count do
+      xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => {:body => 'Some comment...'}, :confirm => 'true'
+    end
+  end
+
+  should 'create ApproveComment task with the comment author as requestor' do
+    community = Community.create!(:name => 'testcomm')
+    page = community.articles.create!(:name => 'myarticle', :moderate_comments => true)
+
+    commenter = create_user('otheruser').person
+    assert_difference ApproveComment, :count, 1 do
+      xhr :post, :create, :profile => community.identifier, :id => page.id, :comment => {:body => 'Some comment...', :author => commenter}, :confirm => 'true'
+    end
+    task = Task.last
+    assert_equal commenter, task.requestor
+
+  end
+
+  should "create ApproveComment task with the articles's owner profile as the target" do
+    login_as @profile.identifier
+    community = Community.create!(:name => 'testcomm')
+    page = community.articles.create!(:name => 'myarticle', :moderate_comments => true)
+
+    commenter = create_user('otheruser').person
+    assert_difference ApproveComment, :count, 1 do
+      xhr :post, :create, :profile => community.identifier, :id => page.id, :comment => {:body => 'Some comment...', :author => commenter}, :confirm => 'true'
+    end
+    task = Task.last
+    assert_equal community, task.target
+  end
+
+  should "create ApproveComment task with the comment created_at attribute defined to now" do
+    login_as @profile.identifier
+    community = Community.create!(:name => 'testcomm')
+    page = community.articles.create!(:name => 'myarticle', :moderate_comments => true)
+
+    now = Time.now
+    Time.stubs(:now).returns(now)
+    xhr :post, :create, :profile => community.identifier, :id => page.id, :comment => {:body => 'Some comment...'}, :confirm => 'true'
+    task = Task.last
+    assert_equal now.to_s, task.comment.created_at.to_s
+  end
+
+  should "render_target be nil in article with moderation" do
+    page = profile.articles.create!(:name => 'myarticle', :moderate_comments => true)
+
+    xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => {:body => 'Some comment...', :name => 'some name', :email => 'some@test.com.br'}, :confirm => 'true'
+    assert_nil ActiveSupport::JSON.decode(@response.body)['render_target']
+  end
+
+  should "display message 'waitting for approval' of comments in article with moderation" do
+    page = profile.articles.create!(:name => 'myarticle', :moderate_comments => true)
+
+    xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => {:body => 'Some comment...', :name => 'some name', :email => 'some@test.com.br'}, :confirm => 'true'
+    assert_match /waiting for approval/, @response.body
+  end
+
+  should "render_target be the comment anchor if everithing is fine" do
+    login_as profile.identifier
+    page = profile.articles.create!(:name => 'myarticle')
+
+    xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => {:body => 'Some comment...'}, :confirm => 'true'
+    assert_match /#{Comment.last.id}/, ActiveSupport::JSON.decode(@response.body)['render_target']
+  end
+
+  should "display message 'successfully created' if the comment was saved with success" do
+    login_as profile.identifier
+    page = profile.articles.create!(:name => 'myarticle')
+
+    xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => {:body => 'Some comment...'}, :confirm => 'true'
+    assert_match /successfully created/, @response.body
+  end
+
+  should "render partial comment if everithing is fine" do
+    login_as profile.identifier
+    page = profile.articles.create!(:name => 'myarticle')
+
+    xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => {:body => 'Some comment...'}, :confirm => 'true'
+    assert_match /id="#{Comment.last.anchor}" class="article-comment"/, ActiveSupport::JSON.decode(@response.body)['html']
+  end
+
+  should "render the root comment when a reply is made" do
+    login_as profile.identifier
+    page = profile.articles.create!(:name => 'myarticle')
+ 
+    comment = fast_create(Comment, :body => 'some content', :source_id => page.id, :source_type => 'Article')
+
+    xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => {:body => 'Some comment...', :reply_of_id => comment.id}, :confirm => 'true'
+    assert_match /id="#{comment.anchor}" class="article-comment"/, ActiveSupport::JSON.decode(@response.body)['html']
+  end
+
+  should 'filter html content from body' do
+    login_as @profile.identifier
+    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
+
+    xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => { :title => 'html comment', :body => "this is a <strong id='html_test_comment'>html comment</strong>"}
+
+    assert Comment.last.body.match(/this is a html comment/)
+    assert_no_tag :tag => 'strong', :attributes => { :id => 'html_test_comment' }
+  end
+
+  should 'filter html content from title' do
+    login_as @profile.identifier
+    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
+    xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => { :title => "html <strong id='html_test_comment'>comment</strong>", :body => "this is a comment"}
+    assert Comment.last.title.match(/html comment/)
+    assert_no_tag :tag => 'strong', :attributes => { :id => 'html_test_comment' }
+  end
+
+  should 'touch article after adding a comment' do
+    yesterday = Time.now.yesterday
+    Article.record_timestamps = false
+    page = profile.articles.create(:name => 'myarticle', :body => 'the body of the text', :created_at => yesterday, :updated_at => yesterday)
+    Article.record_timestamps = true
+
+    login_as('ze')
+    xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => { :title => 'crap!', :body => 'I think that this article is crap' }, :confirm => 'true'
+    assert_not_equal yesterday, page.reload.updated_at
+  end
+
+  should 'be able to mark comments as spam' do
+    login_as profile.identifier
+    article = fast_create(Article, :profile_id => profile.id)
+    spam = fast_create(Comment, :name => 'foo', :email => 'foo@example.com', :source_id => article.id, :source_type => 'Article')
+
+    xhr :post, :mark_as_spam, :profile => profile.identifier, :id => spam.id
+
+    spam.reload
+    assert spam.spam?
+  end
+
+  should "not be able to mark as spam other people's comments if not moderator or admin" do
+    create_user('normaluser')
+    profile = create_user('testuser').person
+    article = profile.articles.build(:name => 'test')
+    article.save!
+
+    commenter = create_user('otheruser').person
+    comment = fast_create(Comment, :source_id => article, :title => 'a comment', :body => 'lalala')
+
+    login_as 'normaluser' # normaluser cannot remove other people's comments
+    xhr :post, :mark_as_spam, :profile => profile.identifier, :id => comment.id
+    comment.reload
+    assert !comment.spam?
+  end
+
+  should "not be able to mark as spam other people's comments if not moderator or admin and return json if is an ajax request" do
+    create_user('normaluser')
+    profile = create_user('testuser').person
+    article = profile.articles.build(:name => 'test')
+    article.save!
+
+    commenter = create_user('otheruser').person
+    comment = fast_create(Comment, :source_id => article, :author_id => commenter, :title => 'a comment', :body => 'lalala')
+
+    login_as 'normaluser' # normaluser cannot remove other people's comments
+
+    xhr :post, :mark_as_spam, :profile => profile.identifier, :id => comment.id
+    assert_response :success
+    comment.reload
+    assert !comment.spam?
+    assert_match /\{\"ok\":false\}/, @response.body
+  end
+
+  should 'be able to mark as spam  comments on their articles' do
+    profile = create_user('testuser').person
+    article = profile.articles.build(:name => 'test')
+    article.save!
+
+    commenter = create_user('otheruser').person
+    comment = fast_create(Comment, :source_id => article, :author_id => commenter, :title => 'a comment', :body => 'lalala')
+
+    login_as 'testuser' # testuser must be able to remove comments in his articles
+
+    xhr :post, :mark_as_spam, :profile => profile.identifier, :id => comment.id
+    assert_response :success
+    comment.reload
+    assert comment.spam?
+
+    assert_match /\{\"ok\":true\}/, @response.body
+  end
+
+  should 'be able to mark comments as spam if is moderator' do
+    commenter = create_user('commenter_user').person
+    community = Community.create!(:name => 'Community test', :identifier => 'community-test')
+    article = community.articles.create!(:name => 'test', :profile => community)
+    comment = fast_create(Comment, :source_id => article, :author_id => commenter, :title => 'a comment', :body => 'lalala')
+    community.add_moderator(profile)
+    login_as profile.identifier
+
+    xhr :post, :mark_as_spam, :profile => community.identifier, :id => comment.id
+    assert_response :success
+    comment.reload
+    assert comment.spam?
+    assert_match /\{\"ok\":true\}/, @response.body
+  end
+
+  should 'edit comment from a page' do
+    login_as profile.identifier
+    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
+    comment = fast_create(Comment, :body => 'Original comment', :source_id => page.id, :source_type => 'Article', :author_id => profile.id)
+
+    get :edit, :id => comment.id, :profile => profile.identifier, :comment => { :body => 'Comment edited' }
+    assert_tag :tag => 'textarea', :attributes => {:id => 'comment_body'}, :content => 'Original comment'
+  end
+
+   should 'not crash on edit comment if comment does not exist' do
+    login_as profile.identifier
+    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
+
+    get :edit, :id => 1000, :profile => profile.identifier, :comment => { :body => 'Comment edited' }
+    assert_response 404
+  end
+
+  should 'not be able to edit comment not logged' do
+    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
+    comment = fast_create(Comment, :body => 'Original comment', :source_id => page.id, :source_type => 'Article')
+
+    get :edit, :id => comment.id, :profile => profile.identifier, :comment => { :body => 'Comment edited' }
+    assert_response 404
+  end
+
+  should 'not be able to edit comment if does not have the permission to' do
+    user = create_user('any_guy').person
+    login_as user.identifier
+    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
+    comment = fast_create(Comment, :body => 'Original comment', :source_id => page.id, :source_type => 'Article')
+
+    get :edit, :id => comment.id, :profile => profile.identifier, :comment => { :body => 'Comment edited' }
+    assert_response 404
+  end
+
+  should 'be able to update a comment' do
+    login_as profile.identifier
+    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text', :accept_comments => false)
+    comment = fast_create(Comment, :body => 'Original comment', :source_id => page.id, :source_type => 'Article', :author_id => profile)
+
+    xhr :post, :update, :id => comment.id, :profile => profile.identifier, :comment => { :body => 'Comment edited' }
+    assert JSON.parse(@response.body)["ok"], "attribute ok expected to be true"
+    assert_equal 'Comment edited', Comment.find(comment.id).body
+  end
+
+  should 'not crash on update comment if comment does not exist' do
+    login_as profile.identifier
+    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
+
+    xhr :post, :update, :id => 1000, :profile => profile.identifier, :comment => { :body => 'Comment edited' }
+    assert_response 404
+  end
+
+  should 'not be able to update comment not logged' do
+    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
+    comment = fast_create(Comment, :body => 'Original comment', :source_id => page.id, :source_type => 'Article')
+
+    xhr :post, :update, :id => comment.id, :profile => profile.identifier, :comment => { :body => 'Comment edited' }
+    assert_response 404
+  end
+
+  should 'not be able to update comment if does not have the permission to' do
+    user = create_user('any_guy').person
+    login_as user.identifier
+    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
+    comment = fast_create(Comment, :body => 'Original comment', :source_id => page.id, :source_type => 'Article')
+
+    xhr :post, :update, :id => comment.id, :profile => profile.identifier, :comment => { :body => 'Comment edited' }
+    assert_response 404
+  end
+
+  should 'returns ids of menu items that has to be displayed' do
+    class TestActionPlugin < Noosfero::Plugin
+      def check_comment_actions(c)
+        ['action1', 'action2']
+      end
+    end
+    Noosfero::Plugin::Manager.any_instance.stubs(:enabled_plugins).returns([TestActionPlugin.new])
+    login_as profile.identifier
+    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
+    comment = fast_create(Comment, :body => 'Original comment', :source_id => page.id, :source_type => 'Article')
+    xhr :post, :check_actions, :profile => profile.identifier, :id => comment.id
+    assert_match /\{\"ids\":\[\"action1\",\"action2\"\]\}/, @response.body
+  end
+
+end
@@ -83,149 +83,6 @@ class ContentViewerControllerTest &lt; ActionController::TestCase
     assert_equal feed.data, @response.body
   end
  
-  should 'display remove comment button' do
-    profile = create_user('testuser').person
-    article = profile.articles.build(:name => 'test')
-    article.save!
-    comment = article.comments.build(:author => profile, :title => 'a comment', :body => 'lalala')
-    comment.save!
-
-    login_as 'testuser'
-    get :view_page, :profile => 'testuser', :page => [ 'test' ]
-    assert_tag :tag => 'a', :attributes => { :onclick => %r(/testuser/test\?remove_comment=#{comment.id}.quot) }
-  end
-
-  should 'display remove comment button with param view when image' do
-    profile = create_user('testuser').person
-
-    image = UploadedFile.create!(:profile => profile, :uploaded_data => fixture_file_upload('/files/rails.png', 'image/png'))
-    image.save!
-
-    comment = image.comments.build(:author => profile, :title => 'a comment', :body => 'lalala')
-    comment.save!
-
-    login_as 'testuser'
-    get :view_page, :profile => 'testuser', :page => [ image.filename ], :view => true
-    assert_tag :tag => 'a', :attributes => { :onclick => %r(/testuser/#{image.filename}\?remove_comment=#{comment.id}.*amp;view=true.quot) }
-end
-
-
-  should 'not add unneeded params for remove comment button' do
-    profile = create_user('testuser').person
-    article = profile.articles.build(:name => 'test')
-    article.save!
-    comment = article.comments.build(:author => profile, :title => 'a comment', :body => 'lalala')
-    comment.save!
-
-    login_as 'testuser'
-    get :view_page, :profile => 'testuser', :page => [ 'test' ], :random_param => 'bli'
-    assert_tag :tag => 'a', :attributes => { :onclick => %r(/testuser/test\?remove_comment=#{comment.id.to_s}.quot) }
-  end
-
-  should 'be able to remove comment' do
-    profile = create_user('testuser').person
-    article = profile.articles.build(:name => 'test')
-    article.save!
-    comment = article.comments.build(:author => profile, :title => 'a comment', :body => 'lalala')
-    comment.save!
-
-    login_as 'testuser'
-    assert_difference Comment, :count, -1 do
-      post :view_page, :profile => profile.identifier, :page => [ 'test' ], :remove_comment => comment.id
-      assert_redirected_to :controller => 'content_viewer', :profile => 'testuser', :action => 'view_page', :page => [ 'test' ]
-    end
-  end
-
-  should "not be able to remove other people's comments if not moderator or admin" do
-    create_user('normaluser')
-    profile = create_user('testuser').person
-    article = profile.articles.build(:name => 'test')
-    article.save!
-
-    commenter = create_user('otheruser').person
-    comment = article.comments.build(:author => commenter, :title => 'a comment', :body => 'lalala')
-    comment.save!
-
-    login_as 'normaluser' # normaluser cannot remove other people's comments
-    assert_no_difference Comment, :count do
-      post :view_page, :profile => profile.identifier, :page => [ 'test' ], :remove_comment => comment.id
-      assert_response :redirect
-    end
-  end
-
-  should 'be able to remove comments on their articles' do
-    profile = create_user('testuser').person
-    article = profile.articles.build(:name => 'test')
-    article.save!
-
-    commenter = create_user('otheruser').person
-    comment = article.comments.build(:author => commenter, :title => 'a comment', :body => 'lalala')
-    comment.save!
-
-    login_as 'testuser' # testuser must be able to remove comments in his articles
-    assert_difference Comment, :count, -1 do
-      post :view_page, :profile => profile.identifier, :page => [ 'test' ], :remove_comment => comment.id
-      assert_response :redirect
-    end
-  end
-
-  should 'be able to remove comments of their images' do
-    profile = create_user('testuser').person
-
-    image = UploadedFile.create!(:profile => profile, :uploaded_data => fixture_file_upload('/files/rails.png', 'image/png'))
-    image.save!
-
-    commenter = create_user('otheruser').person
-    comment = image.comments.build(:author => commenter, :title => 'a comment', :body => 'lalala')
-    comment.save!
-
-    login_as 'testuser' # testuser must be able to remove comments in his articles
-    assert_difference Comment, :count, -1 do
-      post :view_page, :profile => profile.identifier, :page => [ image.filename ], :remove_comment => comment.id, :view => true
-
-      assert_response :redirect
-      assert_redirected_to :controller => 'content_viewer', :action => 'view_page', :profile => profile.identifier, :page => image.explode_path, :view => true
-    end
-  end
-
-  should 'be able to remove comments if is moderator' do
-    commenter = create_user('commenter_user').person
-    community = Community.create!(:name => 'Community test', :identifier => 'community-test')
-    article = community.articles.create!(:name => 'test')
-    comment = article.comments.create!(:author => commenter, :title => 'a comment', :body => 'lalala')
-    community.add_moderator(profile)
-    login_as profile.identifier
-    assert_difference Comment, :count, -1 do
-      post :view_page, :profile => community.identifier, :page => [ 'test' ], :remove_comment => comment.id
-      assert_response :redirect
-    end
-  end
-
-  should 'filter html content from body' do
-    login_as @profile.identifier
-    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
-    post :view_page, :profile => @profile.identifier, :page => [ 'myarticle' ],
-      :comment => { :title => 'html comment', :body => "this is a <strong id='html_test_comment'>html comment</strong>" }
-    assert_no_tag :tag => 'strong', :attributes => { :id => 'html_test_comment' }
-  end
-
-  should 'filter html content from title' do
-    login_as @profile.identifier
-    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
-    post :view_page, :profile => @profile.identifier, :page => [ 'myarticle' ],
-      :comment => { :title => "html <strong id='html_test_comment'>comment</strong>", :body => "this is a comment" }
-    assert_no_tag :tag => 'strong', :attributes => { :id => 'html_test_comment' }
-  end
-
-  should "point to article's url in comment form" do
-    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
-    Article.any_instance.stubs(:url).returns({:host => 'www.mysite.com', :controller => 'content_viewer', :action => 'view_page', :profile => 'person', :page => ['article']})
-
-    get :view_page, :profile => profile.identifier, :page => [ 'myarticle' ]
-
-    assert_tag :tag => 'form', :attributes => { :class => /^comment_form/, :action => '/person/article' }
-  end
-
   should "display current article's tags" do
     page = profile.articles.create!(:name => 'myarticle', :body => 'test article', :tag_list => 'tag1, tag2')
  
@@ -429,14 +286,6 @@ end
     assert_template 'view_page'
   end
  
-  should 'not be able to post comment if article do not accept it' do
-    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text', :accept_comments => false)
-
-    assert_no_difference Comment, :count do
-      post :view_page, :profile => profile.identifier, :page => [ 'myarticle' ], :comment => { :title => 'crap!', :body => 'I think that this article is crap', :name => 'Anonymous coward', :email => 'coward@anonymous.com' }
-    end
-  end
-
   should 'list comments if article has them, even if new comments are not allowed' do
     page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text', :accept_comments => false)
     page.comments.create!(:author => profile, :title => 'list my comment', :body => 'foo bar baz')
@@ -719,15 +568,6 @@ end
     assert_tag :tag => 'a', :content => 'Upload files', :attributes => {:href => /parent_id=#{folder.id}/}
   end
  
-  should 'post comment in a image' do
-    login_as(profile.identifier)
-    image = UploadedFile.create!(:profile => profile, :uploaded_data => fixture_file_upload('/files/rails.png', 'image/png'))
-    comment_count = image.comments.count
-    post :view_page, :profile => profile.identifier, :page => image.explode_path, :view => true
-    assert_equal comment_count, image.reload.comments.count
-    assert_template 'view_page'
-  end
-
   should 'render slideshow template' do
     f = Folder.create!(:name => 'gallery', :profile => profile)
     get :view_page, :profile => profile.identifier, :page => f.explode_path, :slideshow => true
@@ -869,17 +709,6 @@ end
     assert_tag :tag => 'a', :content => 'New article'
   end
  
-  should 'touch article after adding a comment' do
-    yesterday = Time.now.yesterday
-    Article.record_timestamps = false
-    page = profile.articles.create(:name => 'myarticle', :body => 'the body of the text', :created_at => yesterday, :updated_at => yesterday)
-    Article.record_timestamps = true
-
-    login_as('ze')
-    post :view_page, :profile => profile.identifier, :page => [ 'myarticle' ], :comment => { :title => 'crap!', :body => 'I think that this article is crap' }
-    assert_not_equal yesterday, assigns(:page).updated_at
-  end
-
   should 'display message if user was removed' do
     article = profile.articles.create(:name => 'comment test')
     to_be_removed = create_user('removed_user').person
@@ -891,13 +720,6 @@ end
     assert_tag :tag => 'span', :content => '(removed user)', :attributes => {:class => 'comment-user-status icon-user-removed'}
   end
  
-  should 'show comment form opened on error' do
-    login_as @profile.identifier
-    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
-    post :view_page, :profile => @profile.identifier, :page => [ 'myarticle' ], :comment => { :title => '', :body => '' }, :confirm => 'true'
-    assert_tag :tag => 'div', :attributes => { :class => 'post_comment_box opened' }
-  end
-
   should 'show only first paragraph of blog posts if visualization_format is short' do
     login_as(profile.identifier)
  
@@ -1188,22 +1010,14 @@ end
     assert_equal [es_article], assigns(:posts)
   end
  
-  should 'be redirect after posting a comment' do
-    login_as @profile.identifier
-    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
-    post :view_page, :profile => @profile.identifier, :page => [ 'myarticle' ], :comment => { :title => 'title', :body => 'body' }, :confirm => 'true'
-    assert_redirected_to :controller => 'content_viewer', :action => 'view_page', :profile => @profile.identifier, :page => page.explode_path
-  end
-
   should 'display reply to comment button if authenticated' do
     profile = create_user('testuser').person
     article = profile.articles.build(:name => 'test')
     article.save!
-    comment = article.comments.build(:author => profile, :title => 'a comment', :body => 'lalala')
-    comment.save!
+    comment = Comment.create!(:author => profile, :title => 'a comment', :body => 'lalala', :article => article)
     login_as 'testuser'
     get :view_page, :profile => 'testuser', :page => [ 'test' ]
-    assert_tag :tag => 'a', :attributes => { :class => /comment-footer-link/ }, :content => 'Reply'
+    assert_tag :tag => 'a', :attributes => { :class => /comment-actions-reply/ }
   end
  
   should 'display reply to comment button if not authenticated' do
@@ -1213,7 +1027,7 @@ end
     comment = article.comments.build(:author => profile, :title => 'a comment', :body => 'lalala')
     comment.save!
     get :view_page, :profile => 'testuser', :page => [ 'test' ]
-    assert_tag :tag => 'a', :attributes => { :class => /comment-footer-link/ }, :content => 'Reply'
+    assert_tag :tag => 'a', :attributes => { :class => /comment-actions-reply/ }
   end
  
   should 'display replies if comment has replies' do
@@ -1238,34 +1052,6 @@ end
     assert_no_tag :tag => 'ul', :attributes => { :class => 'comment-replies' }
   end
  
-  should 'show reply error' do
-    profile = create_user('testuser').person
-    article = profile.articles.build(:name => 'test')
-    article.save!
-    comment = article.comments.build(:author => profile, :title => 'root', :body => 'root')
-    comment.save!
-    login_as 'testuser'
-    post :view_page, :profile => profile.identifier, :page => ['test'], :comment => { :title => '', :body => '', :reply_of_id => comment.id }, :confirm => 'true'
-    assert_tag :tag => 'div', :attributes => { :class => /comment_reply/ }, :descendant => {:tag => 'div', :attributes => {:class => 'errorExplanation'} }
-    assert_no_tag :tag => 'div', :attributes => { :id => 'page-comment-form' }, :descendant => {:tag => 'div', :attributes => {:class => 'errorExplanation'} }
-    assert_tag :tag => 'div', :attributes => { :id => 'page-comment-form' }, :descendant => { :tag => 'div', :attributes => { :class => /post_comment_box closed/ } }
-  end
-
-  should 'show comment error' do
-    profile = create_user('testuser').person
-    article = profile.articles.build(:name => 'test')
-    article.save!
-    comment1 = article.comments.build(:author => profile, :title => 'root', :body => 'root')
-    comment1.save!
-    comment2 = article.comments.build(:author => profile, :title => 'root', :body => 'root', :reply_of_id => comment1.id)
-    comment2.save!
-    login_as 'testuser'
-    post :view_page, :profile => profile.identifier, :page => ['test'], :comment => { :title => '', :body => '' }, :confirm => 'true'
-    assert_no_tag :tag => 'div', :attributes => { :class => /comment_reply/ }, :descendant => {:tag => 'div', :attributes => {:class => 'errorExplanation'} }
-    assert_tag :tag => 'div', :attributes => { :id => 'page-comment-form' }, :descendant => {:tag => 'div', :attributes => {:class => 'errorExplanation'} }
-    assert_tag :tag => 'div', :attributes => { :id => 'page-comment-form' }, :descendant => { :tag => 'div', :attributes => { :class => /post_comment_box opened/ } }
-  end
-
   should 'add an zero width space every 4 caracters of comment urls' do
     url = 'www.an.url.to.be.splited.com'
     a = fast_create(TextileArticle, :profile_id => @profile.id, :path => 'textile', :language => 'en')
@@ -1346,60 +1132,6 @@ end
     assert_no_tag :tag => 'body', :attributes => { :class => /profile-homepage/ }
   end
  
-  should 'ask for captcha if user not logged' do
-    article = profile.articles.build(:name => 'test')
-    article.save!
-
-    @controller.stubs(:verify_recaptcha).returns(false)
-    post :view_page, :profile => profile.identifier, :page => ['test'], :comment => {:body => "Some comment...", :author => profile}, :confirm => 'true'
-    assert_not_nil assigns(:comment)
-
-    @controller.stubs(:verify_recaptcha).returns(true)
-    post :view_page, :profile => profile.identifier, :page => ['test'], :comment => {:body => "Some comment...", :author => profile}, :confirm => 'true'
-    assert_nil assigns(:comment)
-  end
-
-  should 'ask for captcha if environment defines even with logged user' do
-    article = profile.articles.build(:name => 'test')
-    article.save!
-    login_as('testinguser')
-    @controller.stubs(:verify_recaptcha).returns(false)
-
-    post :view_page, :profile => profile.identifier, :page => ['test'], :comment => {:body => "Some comment...", :author => profile}, :confirm => 'true'
-    assert_nil assigns(:comment)
-
-    environment.enable('captcha_for_logged_users')
-    environment.save!
-
-    post :view_page, :profile => profile.identifier, :page => ['test'], :comment => {:body => "Some comment...", :author => profile}, :confirm => 'true'
-    assert_not_nil assigns(:comment)
-  end
-
-  should 'store IP address, user agent and referrer for comments' do
-    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
-    @request.stubs(:remote_ip).returns('33.44.55.66')
-    @request.stubs(:referrer).returns('http://example.com')
-    @request.stubs(:user_agent).returns('MyBrowser')
-    post :view_page, :profile => profile.identifier, :page => [ 'myarticle' ], :comment => { :title => 'title', :body => 'body', :name => "Spammer", :email => 'damn@spammer.com' }, :confirm => 'true'
-    comment = Comment.last
-    assert_equal '33.44.55.66', comment.ip_address
-    assert_equal 'MyBrowser', comment.user_agent
-    assert_equal 'http://example.com', comment.referrer
-  end
-
-  should 'not save a comment if a plugin rejects it' do
-    class TestFilterPlugin < Noosfero::Plugin
-      def filter_comment(c)
-        c.reject!
-      end
-    end
-    Noosfero::Plugin::Manager.any_instance.stubs(:enabled_plugins).returns([TestFilterPlugin.new])
-    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
-    assert_no_difference Comment, :count do
-      post :view_page, :profile => profile.identifier, :page => [ 'myarticle' ], :comment => { :title => 'title', :body => 'body', :name => "Spammer", :email => 'damn@spammer.com' }, :confirm => 'true'
-    end
-  end
-
   should 'not display article actions button if any plugins says so' do
     class Plugin1 < Noosfero::Plugin
       def content_remove_edit(content); true; end
@@ -1453,53 +1185,4 @@ end
     assert_equal 1, assigns(:comments_count)
   end
  
-  should 'be able to mark comments as spam' do
-    login_as profile.identifier
-    article = fast_create(Article, :profile_id => profile.id)
-    spam = fast_create(Comment, :name => 'foo', :email => 'foo@example.com', :source_id => article.id, :source_type => 'Article')
-
-    post 'view_page', :profile => profile.identifier, :page => article.path.split('/'), :mark_comment_as_spam => spam.id
-
-    spam.reload
-    assert spam.spam?
-  end
-
-  should 'be able to edit a comment' do
-    login_as profile.identifier
-    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text', :accept_comments => false)
-    comment = fast_create(Comment, :body => 'Original comment', :author_id => profile.id, :source_id => page.id, :source_type => 'Article')
-
-    post :edit_comment, :id => comment.id, :profile => profile.identifier, :page => [ 'myarticle' ], :comment => { :body => 'Comment edited' }
-    assert_equal 'Comment edited', Comment.find(comment.id).body
-  end
-
-  should 'edit comment from a page' do
-    login_as profile.identifier
-    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
-    comment = fast_create(Comment, :body => 'Original comment', :author_id => profile.id, :source_id => page.id, :source_type => 'Article')
-
-    get :edit_comment, :id => comment.id, :profile => profile.identifier, :page => [ 'myarticle' ], :comment => { :body => 'Comment edited' }
-    assert_tag :tag => 'h1', :content => 'Edit comment'
-  end
-
-  should 'not edit comment from other page' do
-    login_as profile.identifier
-    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
-    comment = fast_create(Comment, :body => 'Original comment', :author_id => profile.id, :source_id => page.id, :source_type => 'Article')
-
-    other_page = profile.articles.create!(:name => 'my other article', :body => 'the body of the text')
-    comment_on_other_page = fast_create(Comment, :body => 'Comment on other article', :author_id => profile.id, :source_id => other_page.id, :source_type => 'Article')
-
-    get :edit_comment, :id => comment_on_other_page.id, :profile => profile.identifier, :page => [ 'myarticle' ], :comment => { :body => 'Comment edited' }
-    assert_redirected_to page.url
-  end
-
-  should 'not crash on edit comment if comment does not exist' do
-    login_as profile.identifier
-    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
-
-    get :edit_comment, :id => 1000, :profile => profile.identifier, :page => [ 'myarticle' ], :comment => { :body => 'Comment edited' }
-    assert_response 404
-  end
-
 end
@@ -0,0 +1,217 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class ApproveCommentTest < ActiveSupport::TestCase
+
+  def setup
+    ActionMailer::Base.delivery_method = :test
+    ActionMailer::Base.perform_deliveries = true
+    ActionMailer::Base.deliveries = []
+    @profile = create_user('test_user', :email => "someone@anyhost.com").person
+    @article = fast_create(TextileArticle, :profile_id => @profile.id, :name => 'test name', :abstract => 'Lead of article', :body => 'This is my article')
+    @community = create(Community, :contact_email => "someone@anyhost.com")
+    @comment = @article.comments.build(:title => 'any comment', :body => "any text", :author => create_user('someperson').person)
+  end
+
+  attr_reader :profile, :article, :community
+
+  should 'be a task' do
+    ok { ApproveComment.new.kind_of?(Task) }
+  end
+
+  should 'comment method deserialize comment attributes' do
+    a = ApproveComment.new(:comment_attributes => @comment.attributes.to_json)
+    assert_equal @comment.attributes, a.comment.attributes
+  end
+
+  should 'article method returns comment article' do
+    @comment.article = @article
+    a = ApproveComment.new(:comment_attributes => @comment.attributes.to_json)
+    assert_equal @article, @comment.article
+  end
+
+  should 'article method returns nil if comment.article if nil' do
+    @comment.article = nil
+    a = ApproveComment.new(:comment_attributes => @comment.attributes.to_json)
+    assert_nil @comment.article
+  end
+
+  should 'not raise in comment action if comment_attributes if nil' do
+    a = ApproveComment.new(:comment_attributes => nil)
+    assert_nothing_raised do
+      a.comment
+    end
+  end
+
+  should 'have article_name reference comment article' do
+    approve_comment = ApproveComment.create!(:target => @community, :comment_attributes => @comment.attributes.to_json, :requestor => @profile)
+
+    assert_equal @article.name, approve_comment.article_name
+  end
+
+  should 'article_name be article removed if there is no article associated to comment' do
+    @comment.article = nil
+    approve_comment = ApproveComment.new(:comment_attributes => @comment.attributes.to_json)
+
+    assert_equal "Article removed.", approve_comment.article_name
+  end
+
+  should 'have linked_subject reference comment article' do
+    approve_comment = ApproveComment.new(:comment_attributes => @comment.attributes.to_json)
+
+    expected =  {:text => @article.name, :url => @article.url}
+    assert_equal expected, approve_comment.linked_subject
+  end
+
+  should 'have linked_subject ne nil if there is no article associated to comment' do
+    @comment.article = nil
+    approve_comment = ApproveComment.new(:comment_attributes => @comment.attributes.to_json)
+
+    assert_nil approve_comment.linked_subject
+  end
+
+  should 'create comment when finishing task' do
+    approve_comment = ApproveComment.create!(:target => @community, :comment_attributes => @comment.attributes.to_json, :requestor => @profile)
+    assert_difference @article.comments, :count, 1 do
+      approve_comment.finish
+    end
+  end
+
+  should 'create comment with the created_at atribute passed as parameter when finishing task' do
+    now = Time.now - 10
+    @comment.created_at = now
+    approve_comment = ApproveComment.create!(:target => @community, :comment_attributes => @comment.attributes.to_json, :requestor => @profile)
+    assert_difference @article.comments, :count, 1 do
+      approve_comment.finish
+    end
+    comment = Comment.last
+    assert_equal now.to_s, comment.created_at.to_s
+  end
+
+  should 'require target (profile which the article is going to be commented)' do
+    task = ApproveComment.new
+    task.valid?
+
+    ok('must not validate with empty target') { task.errors.invalid?(:target_id) }
+
+    task.target = Person.new
+    task.valid?
+    ok('must validate when target is given') { task.errors.invalid?(:target_id)}
+  end
+
+  should 'send e-mails' do
+    TaskMailer.expects(:deliver_target_notification).at_least_once
+
+    task = ApproveComment.create!(:target => @community, :comment_attributes => @comment.attributes.to_json, :requestor => @profile)
+
+  end
+
+   should 'override target notification message method from Task' do
+    task = ApproveComment.new(:target => @community, :comment_attributes => @comment.attributes.to_json, :requestor => @profile)
+    assert_nothing_raised NotImplementedError do
+      task.target_notification_message
+    end
+  end
+
+  should 'deliver target notification message' do
+    task = ApproveComment.new(:target => @community, :comment_attributes => @comment.attributes.to_json, :requestor => @profile)
+
+    email = TaskMailer.deliver_target_notification(task, task.target_notification_message)
+    assert_match(/\[#{task.environment.name}\] #{task.requestor.name} wants to comment the article: #{task.article_name}/, email.subject)
+  end
+
+  should 'alert when reference article is removed' do
+    a = ApproveComment.create!(:target => @community, :comment_attributes => @comment.attributes.to_json, :requestor => @profile)
+
+    @article.destroy
+    a.reload
+    assert_equal "The article was removed.", a.information[:message]
+  end
+
+  should 'display anonymous name if the requestor is nil' do
+    a = ApproveComment.create!(:target => @community, :comment_attributes => @comment.attributes.to_json, :requestor => nil)
+
+    assert_match /nonymous/, a.information[:message]
+  end
+
+  should 'accept_details be true' do
+    a = ApproveComment.new
+    assert a.accept_details
+  end
+
+  should 'reject_details be true' do
+    a = ApproveComment.new
+    assert a.reject_details
+  end
+
+  should 'default decision be skip if there is an article associated to task' do
+    a = ApproveComment.new(:comment_attributes => @comment.attributes.to_json)
+    assert 'skip', a.default_decision
+  end
+
+  should 'default decision be reject if there is no article associated to task' do
+    a = ApproveComment.new()
+    assert 'reject', a.default_decision
+  end
+
+  should 'accept_disabled be true if there is no article associated to task' do
+    a = ApproveComment.new
+    assert a.accept_disabled?
+  end
+
+  should 'accept_disabled be false if there is an article associated to task' do
+    a = ApproveComment.new(:comment_attributes => @comment.attributes.to_json)
+    assert !a.accept_disabled?
+  end
+
+  should 'have target notification description' do
+    task = ApproveComment.create!(:target => @community, :comment_attributes => @comment.attributes.to_json, :requestor => @profile)
+
+    assert_match(/#{task.requestor.name} wants to comment the article: #{article.name}/, task.target_notification_description)
+  end
+
+  should 'have an target notification description for comments on removed articles' do
+    task = ApproveComment.create!(:target => @community, :comment_attributes => @comment.attributes.to_json, :requestor => @profile)
+
+    @article.destroy
+    assert_match(/#{task.requestor.name} wanted to comment the article but it was removed/, task.target_notification_description)
+  end
+
+  should 'have a default finished messsage after approval' do
+    task = ApproveComment.create!(:target => @community, :comment_attributes => @comment.attributes.to_json, :requestor => @profile)
+    assert_match(/Your request for comment the article "#{task.article.title}" was approved/, task.task_finished_message)
+  end
+
+  should 'have a personalized finished messsage after approval' do
+    task = ApproveComment.create!(:target => @community, :comment_attributes => @comment.attributes.to_json, :requestor => @profile)
+    task.stubs(:closing_statment).returns('somenthing')
+
+    assert_match(/Your .*#{task.article.title}.*Here is the comment.*\n\n#{task.closing_statment}/, task.task_finished_message)
+  end
+
+  should 'return reject message even without reject explanation' do
+    task = ApproveComment.new
+    assert_not_nil task.task_cancelled_message
+  end
+
+  should 'show the name of the article in the reject message' do
+    task = ApproveComment.new(:comment_attributes => @comment.attributes.to_json)
+    assert_match /Your request for commenting the article .*#{@article.name}.* was rejected/, task.task_cancelled_message
+  end
+
+  should 'return reject message with reject explanation' do
+    task = ApproveComment.new
+    task.reject_explanation= "Some reject explanation"
+    assert_match(/Your request for commenting .* Here is the reject explanation .*\n\n#{task.reject_explanation}/, task.task_cancelled_message)
+  end
+
+  should 'requestor name be the name of the requestor' do
+    a = fast_create(ApproveComment, :target_id => community, :requestor_id => profile)
+    assert_equal profile.name, a.requestor_name
+  end
+
+  should 'requestor name be Anonymous if there is no requestor' do
+    a = fast_create(ApproveComment, :target_id => community)
+    assert_equal 'Anonymous', a.requestor_name
+  end
+
+end
@@ -664,6 +664,30 @@ class ArticleTest &lt; ActiveSupport::TestCase
     assert a.notify_comments?
   end
  
+  should 'has moderate comments false by default' do
+    a = Article.create!(:name => 'my article', :body => 'my text', :profile_id => profile.id)
+    a.reload
+    assert a.moderate_comments == false
+  end
+
+  should 'save a article with moderate comments as true' do
+    a = Article.create!(:name => 'my article', :body => 'my text', :profile_id => profile.id, :moderate_comments => true)
+    a.reload
+    assert a.moderate_comments
+  end
+
+  should 'moderate_comments? return true if moderate_comments variable is true' do
+    a = Article.new
+    a.moderate_comments= true
+    assert a.moderate_comments?
+  end
+
+  should 'moderate_comments? return false if moderate_comments variable is false' do
+    a = Article.new
+    a.moderate_comments= false
+    assert !a.moderate_comments?
+  end
+
   should 'hold hits count' do
     a = fast_create(Article, :name => 'Test article', :profile_id => profile.id)
     a.hits = 10
@@ -0,0 +1,139 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class CommentHelperTest < ActiveSupport::TestCase
+
+  include CommentHelper
+  include ActionView::Helpers::TagHelper
+  include NoosferoTestHelper
+
+  def setup
+    @user = create_user('usertest').person
+    @profile = @user
+    self.stubs(:logged_in?).returns(true)
+    self.stubs(:report_abuse).returns('<a href="#">link</a>')
+    self.stubs(:expirable_comment_link).returns('<a href="#">link</a>')
+    @plugins.stubs(:dispatch).returns([])
+  end
+
+  attr_reader :user, :profile
+
+  should 'show menu if it has links for actions' do
+    article = Article.new(:profile => profile)
+    comment = Comment.new(:article => article)
+    menu = comment_actions(comment)
+    assert menu
+  end
+
+  should 'do not show menu if it has no actions' do
+    comment = Comment.new
+    self.stubs(:links_for_comment_actions).returns([])
+    menu = comment_actions(comment)
+    assert !menu
+  end
+
+  should 'do not show menu if it has nil actions only' do
+    comment = Comment.new
+    self.stubs(:link_for_report_abuse).returns(nil)
+    self.stubs(:link_for_spam).returns(nil)
+    self.stubs(:link_for_edit).returns(nil)
+    self.stubs(:link_for_remove).returns(nil)
+    menu = comment_actions(comment)
+    assert !menu
+  end
+
+  should 'include actions of plugins in menu' do
+    article = Article.new(:profile => profile)
+    comment = Comment.new(:article => article)
+    plugin_action = {:link => 'plugin_action'}
+    @plugins.stubs(:dispatch).returns([plugin_action])
+    links = links_for_comment_actions(comment)
+    assert_includes links, plugin_action
+  end
+
+  should 'include lambda actions of plugins in menu' do
+    article = Article.new(:profile => profile)
+    comment = Comment.new(:article => article)
+    plugin_action = lambda{[{:link => 'plugin_action'}, {:link => 'plugin_action2'}]}
+    @plugins.stubs(:dispatch).returns([plugin_action])
+    links = links_for_comment_actions(comment)
+    assert_includes links, {:link => 'plugin_action'}
+    assert_includes links, {:link => 'plugin_action2'}
+  end
+
+  should 'return link for report abuse action when comment has a author' do
+    comment = Comment.new
+    comment.author = user
+    link = link_for_report_abuse(comment)
+    assert link
+  end
+
+  should 'do not return link for report abuse action when comment has no author' do
+    comment = Comment.new
+    link = link_for_report_abuse(comment)
+    assert !link
+  end
+
+  should 'return link for mark comment as spam' do
+    comment = Comment.new
+    comment.stubs(:can_be_marked_as_spam_by?).with(user).returns(true)
+    link = link_for_spam(comment)
+    assert_match /Mark as SPAM/, link[:link]
+  end
+
+  should 'not return link for mark comment as spam if user does not have the permissions' do
+    comment = Comment.new
+    comment.stubs(:can_be_marked_as_spam_by?).with(user).returns(false)
+    link = link_for_spam(comment)
+    assert_nil link
+  end
+
+  should 'return link for mark comment as not spam' do
+    comment = Comment.new
+    comment.spam = true
+    comment.stubs(:can_be_marked_as_spam_by?).with(user).returns(true)
+    link = link_for_spam(comment)
+    assert_match /Mark as NOT SPAM/, link[:link]
+  end
+
+  should 'not return link for mark comment as not spam if user does not have the permissions' do
+    comment = Comment.new
+    comment.spam = true
+    comment.stubs(:can_be_marked_as_spam_by?).with(user).returns(false)
+    link = link_for_spam(comment)
+    assert_nil link
+  end
+
+  should 'do not return link for edit comment' do
+    comment = Comment.new
+    comment.stubs(:can_be_updated_by?).with(user).returns(false)
+    link = link_for_edit(comment)
+    assert_nil link
+  end
+
+  should 'return link for edit comment' do
+    comment = Comment.new
+    comment.stubs(:can_be_updated_by?).with(user).returns(true)
+    link = link_for_edit(comment)
+    assert link
+  end
+
+  should 'do not return link for remove comment' do
+    comment = Comment.new
+    comment.stubs(:can_be_destroyed_by?).with(user).returns(false)
+    link = link_for_remove(comment)
+    assert_nil link
+  end
+
+  should 'return link for remove comment' do
+    comment = Comment.new
+    comment.stubs(:can_be_destroyed_by?).with(user).returns(true)
+    link = link_for_remove(comment)
+    assert link
+  end
+
+  def link_to_function(content, url, options = {})
+    link_to(content, url, options)
+  end
+
+end
+
@@ -550,6 +550,156 @@ class CommentTest &lt; ActiveSupport::TestCase
     SpammerLogger.clean_log
   end
  
+  should 'not need moderation if article is not moderated' do
+    article = Article.new
+    comment = Comment.new(:article => article)
+
+    assert !comment.need_moderation?
+  end
+
+  should 'not need moderation if the comment author is the article author' do
+    author = Person.new
+    article = Article.new
+
+    article.stubs(:author).returns(author)
+    article.moderate_comments = true
+
+    comment = Comment.new(:article => article)
+    comment.stubs(:author).returns(author)
+
+    assert !comment.need_moderation?
+  end
+
+  should 'need moderation if article is moderated and the comment has no author' do
+    article = Article.new
+    article.stubs(:moderate_comments?).returns(true)
+
+    comment = Comment.new(:article => article)
+
+    assert comment.need_moderation?
+  end
+
+  should 'need moderation if article is moderated and the comment author is different from article author' do
+    article_author = Person.new
+    comment_author = Person.new
+
+    article = Article.new
+    article.stubs(:author).returns(article_author)
+    article.stubs(:moderate_comments?).returns(true)
+
+    comment = Comment.new(:article => article)
+    comment.stubs(:author).returns(comment_author)
+
+    assert comment.need_moderation?
+  end
+
+  should 'not be able to destroy comment without user' do
+    comment = Comment.new
+
+    assert !comment.can_be_destroyed_by?(nil)
+  end
+
+  should 'not be able to destroy comment' do
+    user = Person.new
+    profile = Profile.new
+    article = Article.new(:profile => profile)
+    comment = Comment.new(:article => article)
+    user.expects(:has_permission?).with(:moderate_comments, profile).returns(false)
+
+    assert !comment.can_be_destroyed_by?(user)
+  end
+
+  should 'be able to destroy comment if is the author' do
+    user = Person.new
+    comment = Comment.new(:author => user)
+
+    assert comment.can_be_destroyed_by?(user)
+  end
+
+  should 'be able to destroy comment if is the profile' do
+    user = Person.new
+    article = Article.new(:profile => user)
+    comment = Comment.new(:article => article)
+
+    assert comment.can_be_destroyed_by?(user)
+  end
+
+  should 'be able to destroy comment if can moderate_comments on the profile' do
+    user = Person.new
+    profile = Profile.new
+    article = Article.new(:profile => profile)
+    comment = Comment.new(:article => article)
+
+    user.expects(:has_permission?).with(:moderate_comments, profile).returns(true)
+
+    assert comment.can_be_destroyed_by?(user)
+  end
+
+  should 'not be able to mark comment as spam without user' do
+    comment = Comment.new
+
+    assert !comment.can_be_marked_as_spam_by?(nil)
+  end
+
+  should 'not be able to mark comment as spam' do
+    user = Person.new
+    profile = Profile.new
+    article = Article.new(:profile => profile)
+    comment = Comment.new(:article => article)
+    user.expects(:has_permission?).with(:moderate_comments, profile).returns(false)
+
+    assert !comment.can_be_marked_as_spam_by?(user)
+  end
+
+  should 'be able to mark comment as spam if is the profile' do
+    user = Person.new
+    article = Article.new(:profile => user)
+    comment = Comment.new(:article => article)
+
+    assert comment.can_be_marked_as_spam_by?(user)
+  end
+
+  should 'be able to mark comment as spam if can moderate_comments on the profile' do
+    user = Person.new
+    profile = Profile.new
+    article = Article.new(:profile => profile)
+    comment = Comment.new(:article => article)
+
+    user.expects(:has_permission?).with(:moderate_comments, profile).returns(true)
+
+    assert comment.can_be_marked_as_spam_by?(user)
+  end
+
+  should 'not be able to update comment without user' do
+    comment = Comment.new
+
+    assert !comment.can_be_updated_by?(nil)
+  end
+
+  should 'not be able to update comment' do
+    user = Person.new
+    comment = Comment.new
+
+    assert !comment.can_be_updated_by?(user)
+  end
+
+  should 'be able to update comment if is the author' do
+    user = Person.new
+    comment = Comment.new(:author => user)
+
+    assert comment.can_be_updated_by?(user)
+  end
+
+  should 'get comment root' do
+    c1 = Comment.new
+    c2 = Comment.new(:reply_of => c1)
+    c3 = Comment.new(:reply_of => c2)
+
+    assert_equal c1, c3.comment_root
+    assert_equal c1, c2.comment_root
+    assert_equal c1, c1.comment_root
+  end
+
   private
  
   def create_comment(args = {})
...	...	@@ -0,0 +1,164 @@
	1	+class CommentController < ApplicationController
	2	+
	3	+ needs_profile
	4	+
	5	+ before_filter :can_update?, :only => [:edit, :update]
	6	+
	7	+ def create
	8	+ begin
	9	+ @page = profile.articles.find(params[:id])
	10	+ rescue
	11	+ @page = nil
	12	+ end
	13	+
	14	+ # page not found, give error
	15	+ if @page.nil?
	16	+ respond_to do \|format\|
	17	+ format.js do
	18	+ render :json => { :msg => _('Page not found.')}
	19	+ end
	20	+ end
	21	+ return
	22	+ end
	23	+
	24	+ unless @page.accept_comments?
	25	+ respond_to do \|format\|
	26	+ format.js do
	27	+ render :json => { :msg => _('Comment not allowed in this article')}
	28	+ end
	29	+ end
	30	+ return
	31	+ end
	32	+
	33	+ @comment = Comment.new(params[:comment])
	34	+ @comment.author = user if logged_in?
	35	+ @comment.article = @page
	36	+ @comment.ip_address = request.remote_ip
	37	+ @comment.user_agent = request.user_agent
	38	+ @comment.referrer = request.referrer
	39	+ @plugins.dispatch(:filter_comment, @comment)
	40	+
	41	+ if @comment.rejected?
	42	+ respond_to do \|format\|
	43	+ format.js do
	44	+ render :json => { :msg => _('Comment was rejected')}
	45	+ end
	46	+ end
	47	+ return
	48	+ end
	49	+
	50	+ if !@comment.valid? \|\| (not pass_without_comment_captcha? and not verify_recaptcha(:model => @comment, :message => _('Please type the words correctly')))
	51	+ respond_to do \|format\|
	52	+ format.js do
	53	+ render :json => {
	54	+ :render_target => 'form',
	55	+ :html => render_to_string(:partial => 'comment_form', :object => @comment, :locals => {:comment => @comment, :display_link => true, :show_form => true})
	56	+ }
	57	+ end
	58	+ end
	59	+ return
	60	+ end
	61	+
	62	+ if @comment.need_moderation?
	63	+ @comment.created_at = Time.now
	64	+ ApproveComment.create!(:requestor => @comment.author, :target => profile, :comment_attributes => @comment.attributes.to_json)
	65	+
	66	+ respond_to do \|format\|
	67	+ format.js do
	68	+ render :json => { :render_target => nil, :msg => _('Your comment is waiting for approval.') }
	69	+ end
	70	+ end
	71	+ return
	72	+ end
	73	+
	74	+ @comment.save
	75	+
	76	+ respond_to do \|format\|
	77	+ format.js do
	78	+ comment_to_render = @comment.comment_root
	79	+ render :json => {
	80	+ :render_target => comment_to_render.anchor,
	81	+ :html => render_to_string(:partial => 'comment', :locals => {:comment => comment_to_render, :display_link => true}),
	82	+ :msg => _('Comment successfully created.')
	83	+ }
	84	+ end
	85	+ end
	86	+ end
	87	+
	88	+ def destroy
	89	+ comment = profile.comments_received.find(params[:id])
	90	+
	91	+ if comment && comment.can_be_destroyed_by?(user) && comment.destroy
	92	+ render :text => {'ok' => true}.to_json, :content_type => 'application/json'
	93	+ else
	94	+ session[:notice] = _("The comment was not removed.")
	95	+ render :text => {'ok' => false}.to_json, :content_type => 'application/json'
	96	+ end
	97	+ end
	98	+
	99	+ def mark_as_spam
	100	+ comment = profile.comments_received.find(params[:id])
	101	+ if comment.can_be_marked_as_spam_by?(user)
	102	+ comment.spam!
	103	+ render :text => {'ok' => true}.to_json, :content_type => 'application/json'
	104	+ else
	105	+ session[:notice] = _("You couldn't mark this comment as spam.")
	106	+ render :text => {'ok' => false}.to_json, :content_type => 'application/json'
	107	+ end
	108	+ end
	109	+
	110	+ def edit
	111	+ render :partial => "comment_form", :locals => {:comment => @comment, :display_link => params[:reply_of_id].present?, :edition_mode => true, :show_form => true}
	112	+ end
	113	+
	114	+ def update
	115	+ if @comment.update_attributes(params[:comment])
	116	+ respond_to do \|format\|
	117	+ format.js do
	118	+ comment_to_render = @comment.comment_root
	119	+ render :json => {
	120	+ :ok => true,
	121	+ :render_target => comment_to_render.anchor,
	122	+ :html => render_to_string(:partial => 'comment', :locals => {:comment => comment_to_render})
	123	+ }
	124	+ end
	125	+ end
	126	+ else
	127	+ respond_to do \|format\|
	128	+ format.js do
	129	+ render :json => {
	130	+ :ok => false,
	131	+ :render_target => 'form',
	132	+ :html => render_to_string(:partial => 'comment_form', :object => @comment, :locals => {:comment => @comment, :display_link => false, :edition_mode => true, :show_form => true})
	133	+ }
	134	+ end
	135	+ end
	136	+ end
	137	+ end
	138	+
	139	+ def check_actions
	140	+ comment = profile.comments_received.find(params[:id])
	141	+ ids = @plugins.dispatch(:check_comment_actions, comment).collect do \|action\|
	142	+ action.kind_of?(Proc) ? self.instance_eval(&action) : action
	143	+ end.flatten.compact
	144	+ render :json => {:ids => ids}
	145	+ end
	146	+
	147	+ protected
	148	+
	149	+ def pass_without_comment_captcha?
	150	+ logged_in? && !environment.enabled?('captcha_for_logged_users')
	151	+ end
	152	+ helper_method :pass_without_comment_captcha?
	153	+
	154	+ def can_update?
	155	+ begin
	156	+ @comment = profile.comments_received.find(params[:id])
	157	+ raise ActiveRecord::RecordNotFound unless @comment.can_be_updated_by?(user) # Not reveal that the comment exists
	158	+ rescue ActiveRecord::RecordNotFound
	159	+ render_not_found
	160	+ return
	161	+ end
	162	+ end
	163	+
	164	+end
...	...
...	...	@@ -2,8 +2,6 @@ class ContentViewerController < ApplicationController
2	2
3	3	needs_profile
4	4
5		- before_filter :comment_author, :only => :edit_comment
6		-
7	5	helper ProfileHelper
8	6	helper TagsHelper
9	7
...	...	@@ -70,24 +68,8 @@ class ContentViewerController < ApplicationController
70	68
71	69	@form_div = params[:form]
72	70
73		- if params[:comment] && params[:confirm] == 'true'
74		- @comment = Comment.new(params[:comment])
75		- if request.post? && @page.accept_comments?
76		- add_comment
77		- end
78		- else
79		- @comment = Comment.new
80		- end
81		-
82		- if request.post?
83		- if params[:remove_comment]
84		- remove_comment
85		- return
86		- elsif params[:mark_comment_as_spam]
87		- mark_comment_as_spam
88		- return
89		- end
90		- end
	71	+ #FIXME see a better way to do this. It's not need to pass this variable anymore
	72	+ @comment = Comment.new
91	73
92	74	if @page.has_posts?
93	75	posts = if params[:year] and params[:month]
...	...	@@ -125,81 +107,8 @@ class ContentViewerController < ApplicationController
125	107	end
126	108	end
127	109
128		- def edit_comment
129		- path = params[:page].join('/')
130		- @page = profile.articles.find_by_path(path)
131		- @form_div = 'opened'
132		- @comment = @page.comments.find_by_id(params[:id])
133		- if @comment
134		- if request.post?
135		- begin
136		- @comment.update_attributes(params[:comment])
137		- session[:notice] = _('Comment succesfully updated')
138		- redirect_to :action => 'view_page', :profile => profile.identifier, :page => @comment.article.explode_path
139		- rescue
140		- session[:notice] = _('Comment could not be updated')
141		- end
142		- end
143		- else
144		- redirect_to @page.view_url
145		- session[:notice] = _('Could not find the comment in the article')
146		- end
147		- end
148		-
149	110	protected
150	111
151		- def add_comment
152		- @comment.author = user if logged_in?
153		- @comment.article = @page
154		- @comment.ip_address = request.remote_ip
155		- @comment.user_agent = request.user_agent
156		- @comment.referrer = request.referrer
157		- plugins_filter_comment(@comment)
158		- return if @comment.rejected?
159		- if (pass_without_comment_captcha? \|\| verify_recaptcha(:model => @comment, :message => _('Please type the words correctly'))) && @comment.save
160		- @page.touch
161		- @comment = nil # clear the comment form
162		- redirect_to :action => 'view_page', :profile => params[:profile], :page => @page.explode_path, :view => params[:view]
163		- else
164		- @form_div = 'opened' if params[:comment][:reply_of_id].blank?
165		- end
166		- end
167		-
168		- def plugins_filter_comment(comment)
169		- @plugins.each do \|plugin\|
170		- plugin.filter_comment(comment)
171		- end
172		- end
173		-
174		- def pass_without_comment_captcha?
175		- logged_in? && !environment.enabled?('captcha_for_logged_users')
176		- end
177		- helper_method :pass_without_comment_captcha?
178		-
179		- def remove_comment
180		- @comment = @page.comments.find(params[:remove_comment])
181		- if (user == @comment.author \|\| user == @page.profile \|\| user.has_permission?(:moderate_comments, @page.profile))
182		- @comment.destroy
183		- end
184		- finish_comment_handling
185		- end
186		-
187		- def mark_comment_as_spam
188		- @comment = @page.comments.find(params[:mark_comment_as_spam])
189		- if logged_in? && (user == @page.profile \|\| user.has_permission?(:moderate_comments, @page.profile))
190		- @comment.spam!
191		- end
192		- finish_comment_handling
193		- end
194		-
195		- def finish_comment_handling
196		- if request.xhr?
197		- render :text => {'ok' => true}.to_json, :content_type => 'application/json'
198		- else
199		- redirect_to :action => 'view_page', :profile => params[:profile], :page => @page.explode_path, :view => params[:view]
200		- end
201		- end
202		-
203	112	def per_page
204	113	12
205	114	end
...	...	@@ -223,13 +132,9 @@ class ContentViewerController < ApplicationController
223	132	end
224	133	end
225	134
226		- def comment_author
227		- comment = Comment.find_by_id(params[:id])
228		- if comment
229		- render_access_denied if comment.author.blank? \|\| comment.author != user
230		- else
231		- render_not_found
232		- end
	135	+ def pass_without_comment_captcha?
	136	+ logged_in? && !environment.enabled?('captcha_for_logged_users')
233	137	end
	138	+ helper_method :pass_without_comment_captcha?
234	139
235	140	end
...	...
...	...	@@ -30,6 +30,8 @@ module ApplicationHelper
30	30
31	31	include AccountHelper
32	32
	33	+ include CommentHelper
	34	+
33	35	include BlogHelper
34	36
35	37	include ContentViewerHelper
...	...	@@ -1385,12 +1387,12 @@ module ApplicationHelper
1385	1387	end
1386	1388
1387	1389	def expirable_button(content, action, text, url, options = {})
1388		- options[:class] = "button with-text icon-#{action.to_s}"
	1390	+ options[:class] = ["button with-text icon-#{action.to_s}", options[:class]].compact.join(' ')
1389	1391	expirable_content_reference content, action, text, url, options
1390	1392	end
1391	1393
1392	1394	def expirable_comment_link(content, action, text, url, options = {})
1393		- options[:class] = "comment-footer comment-footer-link comment-footer-hide"
	1395	+ options[:class] = ["comment-footer comment-footer-link comment-footer-hide", options[:class]].compact.join(' ')
1394	1396	expirable_content_reference content, action, text, url, options
1395	1397	end
1396	1398
...	...
...	...	@@ -35,7 +35,13 @@ module ArticleHelper
35	35	'div',
36	36	check_box(:article, :notify_comments) +
37	37	content_tag('label', _('I want to receive a notification of each comment written by e-mail'), :for => 'article_notify_comments') +
38		- observe_field(:article_accept_comments, :function => "$('article_notify_comments').disabled = ! $('article_accept_comments').checked")
	38	+ observe_field(:article_accept_comments, :function => "$('article_notify_comments').disabled = ! $('article_accept_comments').checked;$('article_moderate_comments').disabled = ! $('article_accept_comments').checked")
	39	+ ) +
	40	+
	41	+ content_tag(
	42	+ 'div',
	43	+ check_box(:article, :moderate_comments) +
	44	+ content_tag('label', _('I want to approve comments on this article'), :for => 'article_moderate_comments')
39	45	) +
40	46
41	47	(article.can_display_hits? ?
...	...
...	...	@@ -0,0 +1,70 @@
	1	+module CommentHelper
	2	+
	3	+ def article_title(article, args = {})
	4	+ title = article.title
	5	+ title = article.display_title if article.kind_of?(UploadedFile) && article.image?
	6	+ title = content_tag('h1', h(title), :class => 'title')
	7	+ if article.belongs_to_blog?
	8	+ unless args[:no_link]
	9	+ title = content_tag('h1', link_to(article.name, article.url), :class => 'title')
	10	+ end
	11	+ comments = ''
	12	+ unless args[:no_comments] \|\| !article.accept_comments
	13	+ comments = (" - %s") % link_to_comments(article)
	14	+ end
	15	+ title << content_tag('span',
	16	+ content_tag('span', show_date(article.published_at), :class => 'date') +
	17	+ content_tag('span', [_(", by %s") % link_to(article.author_name, article.author_url)], :class => 'author') +
	18	+ content_tag('span', comments, :class => 'comments'),
	19	+ :class => 'created-at'
	20	+ )
	21	+ end
	22	+ title
	23	+ end
	24	+
	25	+ def comment_actions(comment)
	26	+ url = url_for(:profile => profile.identifier, :controller => :comment, :action => :check_actions, :id => comment.id)
	27	+ links = links_for_comment_actions(comment)
	28	+ content_tag(:li, link_to(content_tag(:span, _('Contents menu')), '#', :onclick => "toggleSubmenu(this,'',#{links.to_json}); return false", :class => 'menu-submenu-trigger comment-trigger', :url => url), :class=> 'vcard') unless links.empty?
	29	+ end
	30	+
	31	+ private
	32	+
	33	+ def links_for_comment_actions(comment)
	34	+ actions = [link_for_report_abuse(comment), link_for_spam(comment), link_for_edit(comment), link_for_remove(comment)]
	35	+ @plugins.dispatch(:comment_actions, comment).collect do \|action\|
	36	+ actions << (action.kind_of?(Proc) ? self.instance_eval(&action) : action)
	37	+ end
	38	+ actions.flatten.compact
	39	+ end
	40	+
	41	+ def link_for_report_abuse(comment)
	42	+ if comment.author
	43	+ report_abuse_link = report_abuse(comment.author, :comment_link, comment)
	44	+ {:link => report_abuse_link} if report_abuse_link
	45	+ end
	46	+ end
	47	+
	48	+ def link_for_spam(comment)
	49	+ if comment.can_be_marked_as_spam_by?(user)
	50	+ if comment.spam?
	51	+ {:link => link_to_function(_('Mark as NOT SPAM'), 'remove_comment(this, %s); return false;' % url_for(:profile => profile.identifier, :mark_comment_as_ham => comment.id).to_json, :class => 'comment-footer comment-footer-link comment-footer-hide')}
	52	+ else
	53	+ {:link => link_to_function(_('Mark as SPAM'), 'remove_comment(this, %s, %s); return false;' % [url_for(:profile => profile.identifier, :controller => 'comment', :action => :mark_as_spam, :id => comment.id).to_json, _('Are you sure you want to mark this comment as SPAM?').to_json], :class => 'comment-footer comment-footer-link comment-footer-hide')}
	54	+ end
	55	+ end
	56	+ end
	57	+
	58	+ def link_for_edit(comment)
	59	+ if comment.can_be_updated_by?(user)
	60	+ {:link => expirable_comment_link(comment, :edit, _('Edit'), url_for(:profile => profile.identifier, :controller => :comment, :action => :edit, :id => comment.id),:class => 'colorbox')}
	61	+ end
	62	+ end
	63	+
	64	+ def link_for_remove(comment)
	65	+ if comment.can_be_destroyed_by?(user)
	66	+ {:link => link_to_function(_('Remove'), 'remove_comment(this, %s, %s); return false ;' % [url_for(:profile => profile.identifier, :controller => 'comment', :action => :destroy, :id => comment.id).to_json, _('Are you sure you want to remove this comment and all its replies?').to_json], :class => 'comment-footer comment-footer-link comment-footer-hide remove-children')}
	67	+ end
	68	+ end
	69	+
	70	+end
...	...
...	...	@@ -5,11 +5,9 @@ module ContentViewerHelper
5	5
6	6	def number_of_comments(article)
7	7	n = article.comments.without_spam.count
8		- if n == 0
9		- _('No comments yet')
10		- else
11		- n_('One comment', '<span class="comment-count">%{comments}</span> comments', n) % { :comments => n }
12		- end
	8	+ base_str = "<span class='comment-count hide'>#{n}</span>"
	9	+ amount_str = n == 0 ? _('no comments yet') : (n == 1 ? _('One comment') : _('%s comments') % n)
	10	+ base_str + "<span class='comment-count-write-out'>#{amount_str}</span>"
13	11	end
14	12
15	13	def article_title(article, args = {})
...	...
...	...	@@ -0,0 +1,104 @@
	1	+class ApproveComment < Task
	2	+ validates_presence_of :target_id
	3	+
	4	+ settings_items :comment_attributes, :closing_statment
	5	+
	6	+ validates_presence_of :comment_attributes
	7	+
	8	+ def comment
	9	+ @comment \|\|= Comment.new(JSON.parse(self.comment_attributes)) unless self.comment_attributes.nil?
	10	+ end
	11	+
	12	+ def requestor_name
	13	+ requestor ? requestor.name : (comment.name \|\| _('Anonymous'))
	14	+ end
	15	+
	16	+ def article
	17	+ Article.find_by_id comment.source_id unless self.comment.nil?
	18	+ end
	19	+
	20	+ def article_name
	21	+ article ? article.name : _("Article removed.")
	22	+ end
	23	+
	24	+ def perform
	25	+ comment.save!
	26	+ end
	27	+
	28	+ def title
	29	+ _("New comment to article")
	30	+ end
	31	+
	32	+ def icon
	33	+ result = {:type => :defined_image, :src => '/images/icons-app/article-minor.png'}
	34	+ result.merge!({:url => article.url}) if article
	35	+ result
	36	+ end
	37	+
	38	+ def linked_subject
	39	+ {:text => article_name, :url => article.url} if article
	40	+ end
	41	+
	42	+ def information
	43	+ if article
	44	+ if requestor
	45	+ {:message => _('%{requestor} commented on the the article: %{linked_subject}.')}
	46	+ else
	47	+ { :message => _('%{requestor} commented on the the article: %{linked_subject}.'),
	48	+ :variables => {:requestor => requestor_name} }
	49	+ end
	50	+ else
	51	+ {:message => _("The article was removed.")}
	52	+ end
	53	+ end
	54	+
	55	+ def accept_details
	56	+ true
	57	+ end
	58	+
	59	+ def reject_details
	60	+ true
	61	+ end
	62	+
	63	+ def default_decision
	64	+ if article
	65	+ 'skip'
	66	+ else
	67	+ 'reject'
	68	+ end
	69	+ end
	70	+
	71	+ def accept_disabled?
	72	+ article.blank?
	73	+ end
	74	+
	75	+ def target_notification_description
	76	+ if article
	77	+ _('%{requestor} wants to comment the article: %{article}.') % {:requestor => requestor_name, :article => article.name}
	78	+ else
	79	+ _('%{requestor} wanted to comment the article but it was removed.') % {:requestor => requestor_name}
	80	+ end
	81	+ end
	82	+
	83	+ def target_notification_message
	84	+ target_notification_description + "\n\n" +
	85	+ _('You need to login on %{system} in order to approve or reject this comment.') % { :system => target.environment.name }
	86	+ end
	87	+
	88	+ def task_finished_message
	89	+ if !closing_statment.blank?
	90	+ _("Your comment to the article \"%{article}\" was approved. Here is the comment left by the admin who approved your comment:\n\n%{comment} ") % {:article => article_name, :comment => closing_statment}
	91	+ else
	92	+ _('Your request for comment the article "%{article}" was approved.') % {:article => article_name}
	93	+ end
	94	+ end
	95	+
	96	+ def task_cancelled_message
	97	+ message = _('Your request for commenting the article "%{article}" was rejected.') % {:article => article_name}
	98	+ if !reject_explanation.blank?
	99	+ message += " " + _("Here is the reject explanation left by the administrator who rejected your comment: \n\n%{reject_explanation}") % {:reject_explanation => reject_explanation}
	100	+ end
	101	+ message
	102	+ end
	103	+
	104	+end
...	...
...	...	@@ -65,6 +65,7 @@ class Article < ActiveRecord::Base
65	65	settings_items :display_hits, :type => :boolean, :default => true
66	66	settings_items :author_name, :type => :string, :default => ""
67	67	settings_items :allow_members_to_edit, :type => :boolean, :default => false
	68	+ settings_items :moderate_comments, :type => :boolean, :default => false
68	69	settings_items :followers, :type => Array, :default => []
69	70
70	71	belongs_to :reference_article, :class_name => "Article", :foreign_key => 'reference_article_id'
...	...	@@ -327,6 +328,14 @@ class Article < ActiveRecord::Base
327	328	@view_url \|\|= image? ? url.merge(:view => true) : url
328	329	end
329	330
	331	+ def comment_url_structure(comment, action = :edit)
	332	+ if comment.new_record?
	333	+ profile.url.merge(:page => path.split("/"), :controller => :comment, :action => :create)
	334	+ else
	335	+ profile.url.merge(:page => path.split("/"), :controller => :comment, :action => action \|\| :edit, :id => comment.id)
	336	+ end
	337	+ end
	338	+
330	339	def allow_children?
331	340	true
332	341	end
...	...	@@ -489,6 +498,14 @@ class Article < ActiveRecord::Base
489	498	allow_post_content?(user) \|\| user && allow_members_to_edit && user.is_member_of?(profile)
490	499	end
491	500
	501	+ def moderate_comments?
	502	+ moderate_comments == true
	503	+ end
	504	+
	505	+ def comments_updated
	506	+ solr_save
	507	+ end
	508	+
492	509	def accept_category?(cat)
493	510	!cat.is_a?(ProductCategory)
494	511	end
...	...
...	...	@@ -34,7 +34,9 @@ class Comment < ActiveRecord::Base
34	34
35	35	xss_terminate :only => [ :body, :title, :name ], :on => 'validation'
36	36
37		- delegate :environment, :to => :source
	37	+ def comment_root
	38	+ (reply_of && reply_of.comment_root) \|\| self
	39	+ end
38	40
39	41	def action_tracker_target
40	42	self.article.profile
...	...	@@ -248,4 +250,22 @@ class Comment < ActiveRecord::Base
248	250	plugins.dispatch(:comment_marked_as_ham, self)
249	251	end
250	252
	253	+ def need_moderation?
	254	+ article.moderate_comments? && (author.nil? \|\| article.author != author)
	255	+ end
	256	+
	257	+ def can_be_destroyed_by?(user)
	258	+ return if user.nil?
	259	+ user == author \|\| user == profile \|\| user.has_permission?(:moderate_comments, profile)
	260	+ end
	261	+
	262	+ def can_be_marked_as_spam_by?(user)
	263	+ return if user.nil?
	264	+ user == profile \|\| user.has_permission?(:moderate_comments, profile)
	265	+ end
	266	+
	267	+ def can_be_updated_by?(user)
	268	+ user.present? && user == author
	269	+ end
	270	+
251	271	end
...	...
...	...	@@ -74,7 +74,7 @@ class Task < ActiveRecord::Base
74	74	end
75	75
76	76	def self.all_types
77		- %w[Invitation EnterpriseActivation AddMember Ticket SuggestArticle AddFriend CreateCommunity AbuseComplaint ApproveArticle CreateEnterprise ChangePassword EmailActivation InviteFriend InviteMember]
	77	+ %w[Invitation EnterpriseActivation AddMember Ticket SuggestArticle AddFriend CreateCommunity AbuseComplaint ApproveComment ApproveArticle CreateEnterprise ChangePassword EmailActivation InviteFriend InviteMember]
78	78	end
79	79
80	80	# this method finished the task. It calls #perform, which must be overriden
...	...