Merge commit 'refs/merge-requests/30' of git://gitorious.org/noosfero/noosfero i…

…nto merge-requests/30

Merge commit 'refs/merge-requests/30' of git://gitorious.org/noosfero/noosfero i…
…nto merge-requests/30
Daniela Feitosa
2 parents 7214021c 7e25eaaa
Showing 49 changed files with 674 additions and 24 deletions Show diff stats
app/controllers/admin/admin_panel_controller.rb
app/controllers/admin/plugins_controller.rb
app/controllers/admin_controller.rb
app/controllers/application.rb
app/controllers/my_profile/cms_controller.rb
app/controllers/my_profile/manage_products_controller.rb
app/helpers/application_helper.rb
app/helpers/boxes_helper.rb
app/models/raw_html_article.rb
app/views/cms/_raw_html_article.rhtml
app/views/manage_products/_edit_image.rhtml
app/views/manage_products/_edit_info.rhtml
app/views/manage_products/_edit_name.rhtml
app/views/plugins/index.rhtml
config/cucumber.yml
doc/noosfero/plugins/index.textile
features/plugins.feature
features/send_email_to_environment_members.feature
lib/noosfero/i18n.rb
lib/noosfero/plugin.rb
 class AdminPanelController < AdminController
  
-  before_filter :login_required
-  
   protect 'view_environment_admin_panel', :environment
  
   def boxes_holder
 class PluginsController < AdminController
+  protect 'edit_environment_features', :environment
  
   def index
     @active_plugins = Noosfero::Plugin.all.map {|plugin_name| plugin_name.constantize }.compact
 class AdminController < ApplicationController
   require_ssl
+  before_filter :login_required
 end
@@ -25,11 +25,6 @@ class ApplicationController &lt; ActionController::Base
   helper :document
   helper :language
  
-  def boxes_editor?
-    false
-  end
-  protected :boxes_editor?
-
   def self.no_design_blocks
     @no_design_blocks = true
   end
@@ -106,6 +101,14 @@ class ApplicationController &lt; ActionController::Base
  
   protected
  
+  def boxes_editor?
+    false
+  end
+
+  def content_editor?
+    false
+  end
+
   def user
     current_user.person if logged_in?
   end
@@ -52,6 +52,9 @@ class CmsController &lt; MyProfileController
     if @parent && @parent.blog?
       articles -= Article.folder_types.map(&:constantize)
     end
+    if user.is_admin?(profile.environment)
+      articles << RawHTMLArticle
+    end
     articles
   end
  
@@ -380,5 +383,9 @@ class CmsController &lt; MyProfileController
     @selected_locale = @article.language || FastGettext.locale
   end
  
+  def content_editor?
+    true
+  end
+
 end
  
@@ -50,7 +50,7 @@ class ManageProductsController &lt; ApplicationController
         render :partial => 'shared/redirect_via_javascript',
           :locals => { :url => url_for(:controller => 'manage_products', :action => 'show', :id => @product) }
       else
-        render :partial => 'shared/dialog_error_messages', :locals => { :object_name => 'product' }
+        render_dialog_error_messages 'product'
       end
     end
   end
@@ -81,7 +81,7 @@ class ManageProductsController &lt; ApplicationController
         render :partial => 'shared/redirect_via_javascript',
           :locals => { :url => url_for(:controller => 'manage_products', :action => 'show', :id => @product) }
       else
-        render :partial => 'shared/dialog_error_messages', :locals => { :object_name => 'product' }
+        render_dialog_error_messages 'product'
       end
     end
   end
@@ -96,7 +96,7 @@ class ManageProductsController &lt; ApplicationController
         @inputs = @product.inputs
         render :partial => 'display_inputs'
       else
-        render :partial => 'shared/dialog_error_messages', :locals => { :object_name => 'product' }
+        render_dialog_error_messages 'product'
       end
     else
       render :partial => 'add_input'
@@ -147,7 +147,7 @@ class ManageProductsController &lt; ApplicationController
         @inputs = @product.inputs
         render :partial => 'display_inputs'
       else
-        render :partial => 'shared/dialog_error_messages', :locals => { :object_name => 'input' }
+        render_dialog_error_messages 'input'
       end
     end
   end
@@ -997,7 +997,10 @@ module ApplicationHelper
   def article_to_html(article, options = {})
     options.merge!(:page => params[:npage])
     content = article.to_html(options)
-    return self.instance_eval(&content) if content.kind_of?(Proc)
+    content = content.kind_of?(Proc) ? self.instance_eval(&content) : content
+    @plugins && @plugins.enabled_plugins.each do |plugin|
+      content = plugin.parse_content(content)
+    end
     content
   end
  
@@ -1238,4 +1241,8 @@ module ApplicationHelper
     end
   end
  
+  def render_dialog_error_messages(instance_name)
+    render :partial => 'shared/dialog_error_messages', :locals => { :object_name => instance_name }
+  end
+
 end
@@ -99,7 +99,9 @@ module BoxesHelper
     unless block.visible?
       options[:title] = _("This block is invisible. Your visitors will not see it.")
     end
-
+    @controller.send(:content_editor?) || @plugins.enabled_plugins.each do |plugin|
+      result = plugin.parse_content(result)
+    end
     box_decorator.block_target(block.box, block) +
       content_tag('div',
        content_tag('div',
@@ -0,0 +1,13 @@
+class RawHTMLArticle < TextArticle
+
+  def self.short_description
+    _('Raw HTML text article.')
+  end
+
+  def self.description
+    _('Allows HTML without filter (only for admins)')
+  end
+
+  xss_terminate :only => [  ]
+
+end
@@ -0,0 +1,6 @@
+<%= required_fields_message %>
+
+<%= required labelled_form_field(_('Title'), text_field(:article, 'name', :size => '64')) %>
+
+<%= render :partial => 'translatable' %>
+<%= render :partial => 'shared/lead_and_body' %>
@@ -22,5 +22,5 @@
 </script>
  
 <% if errors %>
-  <%= render :partial => 'shared/dialog_error_messages', :locals => { :object_name => 'product' } %>
+  <%= render_dialog_error_messages 'product' %>
 <% end %>
 <% if errors %>
-  <%= render :partial => 'shared/dialog_error_messages', :locals => { :object_name => 'product' } %>
+  <%= render_dialog_error_messages 'product' %>
 <% end %>
  
 <% remote_form_for(@product,
@@ -17,5 +17,5 @@
 </script>
  
 <% if errors %>
-  <%= render :partial => 'shared/dialog_error_messages', :locals => { :object_name => 'product' } %>
+  <%= render_dialog_error_messages 'product' %>
 <% end %>
@@ -12,7 +12,7 @@
   <%= hidden_field_tag('environment[enabled_plugins][]', '') %>
   <% @active_plugins.each do |plugin|   %>
     <tr>
-      <td><%= plugin.plugin_name %></td>
+      <td><%= plugin.has_admin_url? ? link_to(plugin.plugin_name, plugin.admin_url) : plugin.plugin_name %></td>
       <td><%= plugin.plugin_description %></td>
       <td><%= check_box_tag "environment[enabled_plugins][]", plugin, @environment.enabled_plugins.include?(plugin.to_s), :id => plugin.plugin_name %></td>
     </tr>
-default: --tags ~@selenium,~@wip --exclude features/support/selenium.rb --exclude features/step_definitions/selenium_steps.rb
-selenium: --tags @selenium,~@wip
+default: --tags ~@selenium,~@wip --exclude features/support/selenium.rb --exclude features/step_definitions/selenium_steps.rb -r features/support -r features/step_definitions
+selenium: --tags @selenium,~@wip -r features/support -r features/step_definitions
@@ -0,0 +1,2 @@
+h1. Plugins
+
@@ -56,4 +56,3 @@ Feature: plugins
     Then I should not see "Test plugin button"
     When I go to the profile
     Then I should not see "Test plugin tab"
-
@@ -5,7 +5,7 @@ Feature: send emails to environment members users
   Scenario: Cant access if not logged in
     Given I am not logged in
     When I go to /admin/users/send_mail
-    Then I should see "Access denied"
+    Then I should be on login page
  
   Scenario: Cant access as normal user
     Given the following user
@@ -71,7 +71,9 @@ module ActionView::Helpers::ActiveRecordHelper
         end
       end
  
-      if options[:message_title]
+      if options[:header_message]
+        header_message = options[:header_message]
+      elsif options[:message_title]
         header_message = instance.error_message(options[:message_title], count) % {:num => count, :record => record}
       else
         header_message = ((count == 1) ? _(@error_message_title[0]) : _(@error_message_title[1])) % {:num => count, :record => record}
@@ -52,6 +52,13 @@ class Noosfero::Plugin
       _("No description informed.")
     end
  
+    def admin_url
+      {:controller => "#{name.underscore}_admin", :action => 'index'}
+    end
+
+    def has_admin_url?
+      File.exists?(File.join(root_path, 'controllers', "#{name.underscore}_admin_controller.rb"))
+    end
   end
  
   def expanded_template(file_path, locals = {})
@@ -121,4 +128,10 @@ class Noosfero::Plugin
     []
   end
  
+  # -> Parse and possibly make changes of content (article, block, etc) during HTML rendering
+  # returns = content as string after parser and changes
+  def parse_content(raw_content)
+    raw_content
+  end
+
 end
 namespace :noosfero do
   namespace :doc do
+    Dir.glob('plugins/**/doc/*.textile').each do |file|
+      ln_sf File.join(RAILS_ROOT, file), 'doc/noosfero/plugins/'
+    end
     input = Dir.glob('doc/noosfero/**/*.textile')
     topics_xhtml = input.map { |item| item.sub('.textile', '.en.xhtml') }
     sections = Dir.glob('doc/noosfero/*').select {|item| File.directory?(item) }
@@ -0,0 +1,16 @@
+class SendEmailPluginAdminController < PluginsController
+  append_view_path File.join(File.dirname(__FILE__) + '/../views')
+
+  def index
+    @environment = environment
+    if request.post?
+      if environment.update_attributes(params[:environment])
+        session[:notice] = _('Configurations was saved')
+        redirect_to :controller => 'plugins'
+      else
+        session[:notice] = _('Configurations could not be saved')
+      end
+    end
+  end
+
+end
@@ -0,0 +1,31 @@
+module SendEmailPluginBaseController
+  def deliver
+    if request.post?
+      @context_url = profile ? profile.url : {:host => environment.default_hostname, :controller => 'home'}
+      @mail = SendEmailPlugin::Mail.new(
+        :from => environment.contact_email,
+        :to => params[:to],
+        :message => params[:message],
+        :environment => environment,
+        :params => params.dup
+      )
+      @mail.subject = params[:subject] unless params[:subject].blank?
+      if @mail.valid?
+        SendEmailPlugin::Sender.deliver_mail(request.referer, @context_url, @mail)
+        if request.xhr?
+          render :text => _('Message sent')
+        else
+          render :action => 'success'
+        end
+      else
+        if request.xhr?
+          render_dialog_error_messages :mail
+        else
+          render :action => 'fail'
+        end
+      end
+    else
+      render_access_denied
+    end
+  end
+end
@@ -0,0 +1,4 @@
+class SendEmailPluginEnvironmentController < ApplicationController
+  append_view_path File.join(File.dirname(__FILE__) + '/../views')
+  include SendEmailPluginBaseController
+end
@@ -0,0 +1,4 @@
+class SendEmailPluginProfileController < ProfileController
+  append_view_path File.join(File.dirname(__FILE__) + '/../views')
+  include SendEmailPluginBaseController
+end
@@ -0,0 +1,9 @@
+class AddSendEmailPluginConfigToEnvironment < ActiveRecord::Migration
+  def self.up
+    add_column :environments, :send_email_plugin_allow_to, :text
+  end
+
+  def self.down
+    remove_column :environments, :send_email_plugin_allow_to
+  end
+end
@@ -0,0 +1,61 @@
+h1. SendEmailPlugin
+
+Allows to send e-mails through an e-mail form.
+
+h2. Usage
+
+* Create a HTML form using RawHTMLBlock or RawHTMLArticle that invokes the {sendemail} action
+* Add a "to" and "message" field and a submit button
+* Make sure to fill in allowed 'to' addresses in plugin settings
+
+h2. HTML form
+
+h3. Form action
+
+You should use {sendemail} macro as form action, it will be expanded as:
+
+* */profile/&lt;identifier&gt;/plugins/send_email/deliver* in profile context
+* */plugin/send_email/deliver* in environment context
+
+h3. 'Subject' field
+
+Subject of message.
+
+(default: 'New mail')
+
+h3. 'Message' field
+
+Body of message.
+
+(required)
+
+h3. 'To' field
+
+Target address. Accepts multiple addresses separated by comma.
+
+(required)
+
+h3. extra fields
+
+Each other params in HTML form will compose message body in a format "key: value"
+
+h2. Options
+
+h3. Using ajax
+
+Ajax is supported using #ajax-form as id of HTML form.
+
+Example:
+
+<pre>
+<form action='{sendemail}' id='ajax-form'>
+   <input type='text' name='to'/>
+   <input type='text' name='subject'/>
+   <input type='text' name='message'/>
+   <input type='subject'/>
+</form>
+</pre>
+
+h2. Info
+
+This plugin was inspired by "Foswiki SendEmailPlugin":http://foswiki.org/Extensions/SendEmailPlugin
@@ -0,0 +1,23 @@
+class SendEmailPlugin < Noosfero::Plugin
+
+  def self.plugin_name
+    "SendEmailPlugin"
+  end
+
+  def self.plugin_description
+    _("A plugin that allows sending e-mails via HTML forms.")
+  end
+
+  def stylesheet?
+    true
+  end
+
+  def parse_content(raw_content)
+    if context.profile
+      raw_content.gsub(/\{sendemail\}/, "/profile/#{context.profile.identifier}/plugins/send_email/deliver")
+    else
+      raw_content.gsub(/\{sendemail\}/, '/plugin/send_email/deliver')
+    end
+  end
+
+end
@@ -0,0 +1,42 @@
+class SendEmailPlugin::Mail < ActiveRecord::Base #WithoutTable
+
+  N_('Subject'); N_('Message'); N_('To'); N_('From')
+  tableless :columns => [
+    [:from, :string],
+    [:to, :string],
+    [:subject, :string, _('New mail')],
+    [:message, :string],
+    [:params, :hash, {}],
+  ]
+  attr_accessor :environment
+
+  validates_presence_of :environment
+  validates_presence_of :to, :message
+
+  def validate
+    if to_as_list.any? do |value|
+        if value !~ Noosfero::Constants::EMAIL_FORMAT
+          self.errors.add(:to, _("%{fn} '%s' isn't a valid e-mail address") % value)
+        end
+      end
+    else
+      allowed_emails = environment ? environment.send_email_plugin_allow_to.to_s.gsub(/\s+/, '').split(/,/) : []
+      if to_as_list.any? do |value|
+          if !allowed_emails.include?(value)
+            self.errors.add(:to, _("%{fn} '%s' address is not allowed (see SendEmailPlugin config)") % value)
+          end
+        end
+      end
+    end
+  end
+
+  def params=(value = {})
+    [:action, :controller, :to, :message, :subject, :from].each{|k| value.delete(k)}
+    self[:params] = value
+  end
+
+  def to_as_list
+    to && to.split(/,/) || []
+  end
+
+end
@@ -0,0 +1,13 @@
+class SendEmailPlugin::Sender < Noosfero::Plugin::MailerBase
+  prepend_view_path(SendEmailPlugin.root_path+'/views')
+
+  def mail(referer, url, mail)
+    recipients mail.to
+    from mail.from
+    subject "[#{mail.environment.name}] #{mail.subject}"
+    body :message => mail.message,
+      :referer => referer,
+      :context_url => url,
+      :params => mail.params
+  end
+end
@@ -0,0 +1,22 @@
+.sendemail-plugin-message-sent {
+  width: 100%;
+  background-color: #F0F0F0;
+  border: 1px solid #CFCFCF;
+}
+.sendemail-plugin-message-sent td {
+  border: 0;
+}
+.sendemail-plugin-message-sent tr:hover,
+.sendemail-plugin-message-sent td:hover,
+.sendemail-plugin-message-sent tr:hover td {
+  background-color: auto;
+}
+.sendemail-plugin-message-sent pre {
+  margin: 0 auto;
+}
+.sendemail-plugin-message-sent td {
+  vertical-align: top;
+}
+.sendemail-plugin-message-sent .value {
+  width: 100%;
+}
@@ -0,0 +1,41 @@
+Feature: send_email_plugin
+
+  Background:
+    Given the following users
+      | login | name |
+      | joaosilva | Joao Silva |
+    And I am logged in as "joaosilva"
+
+  Scenario: expand macro in article content
+    Given plugin SendEmailPlugin is enabled on environment
+    And the following articles
+      | owner | name | body |
+      | joaosilva | sample-article | URL path to {sendemail} action |
+    When I go to /joaosilva/sample-article
+    Then I should see "URL path to /profile/joaosilva/plugins/send_email/deliver action"
+
+  Scenario: expand macro in block content
+    Given plugin SendEmailPlugin is enabled on environment
+    And the following blocks
+      | owner     | type         | html |
+      | joaosilva | RawHTMLBlock | URL path to {sendemail} action |
+    When I go to Joao Silva's homepage
+    Then I should see "URL path to /profile/joaosilva/plugins/send_email/deliver action"
+
+  Scenario: as admin I can configure plugin
+    Given I am logged in as admin
+    When I go to the environment control panel
+    And I follow "Enable/disable plugins"
+    Then I should see "SendEmailPlugin" linking to "/admin/plugin/send_email"
+
+  Scenario: configure plugin to allow emails to john@example.com
+    Given I am logged in as admin
+    And I go to the environment control panel
+    And I follow "Enable/disable plugins"
+    When I follow "SendEmailPlugin"
+    Then I should not see "john@example.com"
+    When I fill in "E-Mail addresses you want to allow to send" with "john@example.com"
+    And I press "Save"
+    Then I should be on /admin/plugins
+    When I follow "SendEmailPlugin"
+    Then I should see "john@example.com"
@@ -0,0 +1,37 @@
+require File.dirname(__FILE__) + '/../../../../test/test_helper'
+require File.dirname(__FILE__) + '/../../controllers/send_email_plugin_admin_controller'
+
+# Re-raise errors caught by the controller.
+class SendEmailPluginAdminController; def rescue_action(e) raise e end; end
+
+class SendEmailPluginAdminControllerTest < Test::Unit::TestCase
+
+  def setup
+    @controller = SendEmailPluginAdminController.new
+    @request    = ActionController::TestRequest.new
+    @response   = ActionController::TestResponse.new
+    @admin = create_user('adminplug').person
+    @environment = @admin.environment
+    @environment.add_admin(@admin)
+  end
+
+  should 'deny access to guests and redirect to login' do
+    get :index
+    assert_response :redirect
+    assert_redirected_to :controller => 'account', :action => 'login'
+  end
+
+  should 'allow access to admin' do
+    login_as @admin.identifier
+    get :index
+    assert_response :success
+  end
+
+  should 'deny access to ordinary users' do
+    @user = create_user('normaluser').person
+    login_as @user.identifier
+    get :index
+    assert_response 403
+  end
+
+end
@@ -0,0 +1,81 @@
+require File.dirname(__FILE__) + '/../../../../test/test_helper'
+require File.dirname(__FILE__) + '/../../controllers/send_email_plugin_profile_controller'
+
+# Re-raise errors caught by the controller.
+class SendEmailPluginProfileController; def rescue_action(e) raise e end; end
+
+def run_common_tests
+  should 'not deliver emails via GET requests' do
+    get :deliver, @extra_args
+    assert_response 403 # forbidden
+  end
+
+  should 'deliver emails only via POST requests' do
+    post :deliver, @extra_args
+    assert_response :success
+  end
+
+  should 'render fail template if could not deliver mail' do
+    post :deliver, @extra_args
+    assert_template 'fail'
+  end
+
+  should 'render success template after deliver mail' do
+    SendEmailPlugin::Mail.any_instance.stubs(:valid?).returns(true)
+    post :deliver, @extra_args.merge(:to => 'john@example.com', :message => 'Hi john')
+    assert_template 'success'
+  end
+
+  should 'render dialog error if could not deliver mail by ajax request' do
+    xhr :post, :deliver, @extra_args
+    assert_template '_dialog_error_messages'
+  end
+
+  should 'render success message after deliver mail by ajax request' do
+    SendEmailPlugin::Mail.any_instance.stubs(:valid?).returns(true)
+    xhr :post, :deliver, @extra_args.merge(:to => 'john@example.com', :message => 'Hi john')
+    assert_equal 'Message sent', @response.body
+  end
+
+  should 'deliver mail' do
+    Environment.any_instance.stubs(:send_email_plugin_allow_to).returns('john@example.com')
+    assert_difference ActionMailer::Base.deliveries, :size do
+      post :deliver, @extra_args.merge(:to => 'john@example.com', :message => 'Hi john')
+    end
+  end
+
+  should 'deliver mail with nondefault subject' do
+    Environment.any_instance.stubs(:send_email_plugin_allow_to).returns('john@example.com')
+    post :deliver, @extra_args.merge(:to => 'john@example.com', :message => 'Hi john', :subject => 'Hello john')
+    assert_equal '[Colivre.net] Hello john', ActionMailer::Base.deliveries.first.subject
+  end
+end
+
+class SendEmailPluginProfileControllerTest < Test::Unit::TestCase
+  def setup
+    @controller = SendEmailPluginProfileController.new
+    @request    = ActionController::TestRequest.new
+    @response   = ActionController::TestResponse.new
+    ActionMailer::Base.delivery_method = :test
+    ActionMailer::Base.perform_deliveries = true
+    ActionMailer::Base.deliveries = []
+    community = fast_create(Community)
+    @extra_args = {:profile => community.identifier}
+  end
+
+  run_common_tests()
+end
+
+class SendEmailPluginEnvironmentControllerTest < Test::Unit::TestCase
+  def setup
+    @controller = SendEmailPluginEnvironmentController.new
+    @request    = ActionController::TestRequest.new
+    @response   = ActionController::TestResponse.new
+    ActionMailer::Base.delivery_method = :test
+    ActionMailer::Base.perform_deliveries = true
+    ActionMailer::Base.deliveries = []
+    @extra_args = {}
+  end
+
+  run_common_tests()
+end
@@ -0,0 +1,63 @@
+require File.dirname(__FILE__) + '/../../../../test/test_helper'
+
+class SendEmailPluginMailTest < Test::Unit::TestCase
+
+  def setup
+    @environment = mock()
+    @environment.stubs(:send_email_plugin_allow_to).returns('john@example.com, someone@example.com, someother@example.com')
+  end
+
+  should 'instance a valid object with fields to be fired in mail' do
+    mail = SendEmailPlugin::Mail.new(:subject => 'Hi', :message => 'Hi john', :to => 'john@example.com', :environment => @environment)
+    assert mail.valid?
+  end
+
+  should 'requires to field' do
+    mail = SendEmailPlugin::Mail.new(:subject => 'Hi', :message => 'Hi john', :environment => @environment)
+    assert !mail.valid?
+  end
+
+  should 'require message field' do
+    mail = SendEmailPlugin::Mail.new(:subject => 'Hi', :to => 'john@example.com', :environment => @environment)
+    assert !mail.valid?
+  end
+
+  should 'require environment field' do
+    mail = SendEmailPlugin::Mail.new(:subject => 'Hi', :to => 'john@example.com', :message => 'Hi john')
+    assert !mail.valid?
+  end
+
+  should 'have a default subject' do
+    mail = SendEmailPlugin::Mail.new
+    assert_equal 'New mail', mail.subject
+  end
+
+  should 'not accept invalid email address' do
+    mail = SendEmailPlugin::Mail.new(:subject => 'Hi', :message => 'Hi john', :to => 'invalid-mail-address', :environment => @environment)
+    assert !mail.valid?
+  end
+
+  should 'not accept email that is not in allowed address list' do
+    mail = SendEmailPlugin::Mail.new(:subject => 'Hi', :message => 'Hi john', :to => 'unknow@example.com', :environment => @environment)
+    assert !mail.valid?
+  end
+
+  should 'discard some keys on set params hash' do
+    mail = SendEmailPlugin::Mail.new(:params => {:action => 1, :controller => 2, :to => 3, :message => 4, :subject => 5, :age => 6})
+    [:action, :controller, :to, :message, :subject].each do |k|
+      assert !mail.params.include?(k)
+    end
+    assert mail.params.include?(:age)
+  end
+
+  should "accept multiple 'to' emails" do
+    mail = SendEmailPlugin::Mail.new(:subject => 'Hi', :message => 'Hi john', :to => 'john@example.com,someother@example.com', :environment => @environment)
+    assert mail.valid?
+  end
+
+  should "invalid if just one listed in 'to' list was not allowed" do
+    mail = SendEmailPlugin::Mail.new(:subject => 'Hi', :message => 'Hi john', :to => 'john@example.com,notallowed@example.com,someother@example.com', :environment => @environment)
+    assert !mail.valid?
+  end
+
+end
@@ -0,0 +1,35 @@
+require File.dirname(__FILE__) + '/../../../../test/test_helper'
+
+class SendEmailPluginSenderTest < Test::Unit::TestCase
+
+  def setup
+    ActionMailer::Base.delivery_method = :test
+    ActionMailer::Base.perform_deliveries = true
+    ActionMailer::Base.deliveries = []
+    @environment = mock()
+    @environment.stubs(:contact_email).returns('noreply@localhost')
+    @environment.stubs(:default_hostname).returns('localhost')
+    @environment.stubs(:name).returns('Noosfero')
+    @environment.stubs(:send_email_plugin_allow_to).returns('john@example.com, someone@example.com, someother@example.com')
+    @mail = SendEmailPlugin::Mail.new(:subject => 'Hi', :message => 'Hi john', :to => 'john@example.com', :from => 'noreply@localhost', :environment => @environment)
+  end
+
+  should 'be able to deliver mail' do
+    response = SendEmailPlugin::Sender.deliver_mail("http://localhost/contact", 'http//profile', @mail)
+    assert_equal 'noreply@localhost', response.from.to_s
+    assert_equal "[Noosfero] #{@mail.subject}", response.subject
+  end
+
+  should 'deliver mail to john@example.com' do
+    response = SendEmailPlugin::Sender.deliver_mail("http://localhost/contact", 'http//profile', @mail)
+    assert_equal ['john@example.com'], response.to
+  end
+
+  should 'add each key value pair to message body' do
+    @mail.params = {:param1 => 'value1', :param2 => 'value2'}
+    response = SendEmailPlugin::Sender.deliver_mail("http://localhost/contact", 'http//profile', @mail)
+    assert_match /param1.+value1/m, response.body
+    assert_match /param2.+value2/m, response.body
+  end
+
+end
@@ -0,0 +1,29 @@
+require File.dirname(__FILE__) + '/../../../../test/test_helper'
+
+class SendEmailPluginTest < Test::Unit::TestCase
+
+  def setup
+    @plugin = SendEmailPlugin.new
+    @context = mock()
+    @plugin.context = @context
+  end
+
+  should 'return true to stylesheet?' do
+    assert @plugin.stylesheet?
+  end
+
+  should 'have admin controller' do
+    assert SendEmailPlugin.has_admin_url?
+  end
+
+  should 'expand macro in parse_content event' do
+    @plugin.context.stubs(:profile).returns(nil)
+    assert_match /plugin\/send_email\/deliver/, @plugin.parse_content("expand this macro {sendemail}")
+  end
+
+  should 'expand macro in parse_content event on profile context' do
+    @plugin.context.stubs(:profile).returns(fast_create(Community))
+    assert_match /profile\/#{@plugin.context.profile.identifier}\/plugins\/send_email\/deliver/, @plugin.parse_content("expand this macro {sendemail}")
+  end
+
+end
@@ -0,0 +1,8 @@
+<%= _('Contact from %s') % @referer %>
+
+<%= word_wrap(@message || @mail.message) %>
+<% (@params || @mail.params).each_pair do |key, value| %>
+<%= key %>: <%= word_wrap(value) %>
+<% end %>
+---
+<%= url_for @context_url %>
@@ -0,0 +1,9 @@
+<h1><%= _("SendEmailPlugin's config") %></h1>
+
+<% form_for :environment, :url => {:action => 'index'}, :html => {:method => 'post'} do |f| %>
+  <%= labelled_form_field(_("E-Mail addresses you want to allow to send"), f.text_area(:send_email_plugin_allow_to, :rows => 8)) %>
+  <small><%= _('(list of email addresses separated by comma)') %></small>
+  <% button_bar do %>
+    <%= submit_button 'save', _('Save'), :cancel => {:controller => 'plugins'} %>
+  <% end %>
+<% end %>
@@ -0,0 +1,3 @@
+<%= error_messages_for 'mail', :header_message => _('The message could not be sent') %>
+
+<%= button :back, _('Back'), :back %>
@@ -0,0 +1,8 @@
+<h2><%= _('Message sent') %></h2>
+
+<table class='sendemail-plugin-message-sent'>
+  <tr><td class='label'><strong><%= _('Subject') %>:</strong></td><td class='value'><em><%=h @mail.subject %></em></td></tr>
+  <tr><td class='label'><strong><%= _('Message') %>:</strong></td><td class='value'><pre><%=h render :file => 'send_email_plugin/sender/mail' %></pre></td></tr>
+</table>
+
+<p><%= button :back, _('Back'), :back %></p>
@@ -0,0 +1 @@
+send_email_plugin_base
 \ No newline at end of file
@@ -0,0 +1 @@
+send_email_plugin_base
 \ No newline at end of file
@@ -677,3 +677,18 @@ function original_image_dimensions(src) {
   img.src = src;
   return { 'width' : img.width, 'height' : img.height };
 }
+
+jQuery(function() {
+  jQuery("#ajax-form").before("<div id='ajax-form-loading-area' style='display:block;width:16px;height:16px;'></div>");
+  jQuery("#ajax-form").before("<div id='ajax-form-message-area'></div>");
+  jQuery("#ajax-form").ajaxForm({
+    beforeSubmit: function(a,f,o) {
+      jQuery('#ajax-form-message-area').html('');
+      o.loading = small_loading('ajax-form-loading-area');
+    },
+    success: function() {
+      loading_done('ajax-form-loading-area');
+    },
+    target: "#ajax-form-message-area"
+  })
+});
@@ -25,6 +25,7 @@ class AdminControllerTest &lt; Test::Unit::TestCase
   end
  
   should 'detect ssl' do
+    login_as 'ze'
     @request.expects(:ssl?).returns(true).at_least_once
     get :index
     assert_response :success
@@ -16,6 +16,7 @@ class CmsControllerTest &lt; Test::Unit::TestCase
  
     @profile = create_user_with_permission('testinguser', 'post_content')
     login_as :testinguser
+    @controller.stubs(:user).returns(@profile)
   end
  
   attr_reader :profile
@@ -614,7 +615,7 @@ class CmsControllerTest &lt; Test::Unit::TestCase
   end
  
   should 'not make enterprise homepage available to person' do
-    @controller.stubs(:profile).returns(create_user('test_user').person)
+    @controller.stubs(:profile).returns(profile)
     assert_not_includes @controller.available_article_types, EnterpriseHomepage
   end
  
@@ -1278,6 +1279,7 @@ class CmsControllerTest &lt; Test::Unit::TestCase
     c = Community.create!(:name => 'test_comm', :identifier => 'test_comm')
     u = create_user_with_permission('test_user', 'publish_content', c)
     login_as :test_user
+    @controller.stubs(:user).returns(u)
  
     get :new, :profile => c.identifier, :type => 'TinyMceArticle'
     assert_response :success
@@ -1311,6 +1313,7 @@ class CmsControllerTest &lt; Test::Unit::TestCase
     u = create_user_with_permission('test_user', 'publish_content', c)
     a = c.articles.create!(:name => 'test_article', :last_changed_by => u)
     login_as :test_user
+    @controller.stubs(:user).returns(u)
  
     get :edit, :profile => c.identifier, :id => a.id
  
@@ -1618,4 +1621,11 @@ class CmsControllerTest &lt; Test::Unit::TestCase
     end
   end
  
+  should 'make RawHTMLArticle available only to environment admins' do
+    @controller.stubs(:profile).returns(profile)
+    assert_not_includes @controller.available_article_types, RawHTMLArticle
+    profile.environment.add_admin(profile)
+    assert_includes @controller.available_article_types, RawHTMLArticle
+  end
+
 end
@@ -15,6 +15,8 @@ class UsersControllerTest &lt; Test::Unit::TestCase
   end
  
   should 'not access without right permission' do
+    create_user('guest')
+    login_as 'guest'
     get :index
     assert_response 403 # forbidden
   end
@@ -18,6 +18,12 @@ class PluginTest &lt; Test::Unit::TestCase
     assert_includes  Noosfero::Plugin.all, Plugin1.to_s
   end
  
-end
+  should 'returns url to plugin management if plugin has admin_controller' do
+    class Plugin1 < Noosfero::Plugin
+    end
+    File.stubs(:exists?).with(anything).returns(true)
  
+    assert_equal({:controller => 'plugin_test/plugin1_admin', :action => 'index'}, Plugin1.admin_url)
+  end
  
+end
@@ -0,0 +1,18 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class RawHTMLArticleTest < ActiveSupport::TestCase
+
+  def setup
+    @profile = create_user('testing').person
+  end
+
+  should 'not filter HTML' do
+    article = RawHTMLArticle.create!(
+      :name => 'Raw HTML',
+      :body => '<strong>HTML!</strong><form action="#"></form>',
+      :profile => @profile
+    )
+    assert_equal '<strong>HTML!</strong><form action="#"></form>', article.body
+  end
+
+end
1	1	class AdminPanelController < AdminController
2	2
3		- before_filter :login_required
4		-
5	3	protect 'view_environment_admin_panel', :environment
6	4
7	5	def boxes_holder
...	...
1	1	class PluginsController < AdminController
	2	+ protect 'edit_environment_features', :environment
2	3
3	4	def index
4	5	@active_plugins = Noosfero::Plugin.all.map {\|plugin_name\| plugin_name.constantize }.compact
...	...
1	1	class AdminController < ApplicationController
2	2	require_ssl
	3	+ before_filter :login_required
3	4	end
...	...
...	...	@@ -25,11 +25,6 @@ class ApplicationController < ActionController::Base
25	25	helper :document
26	26	helper :language
27	27
28		- def boxes_editor?
29		- false
30		- end
31		- protected :boxes_editor?
32		-
33	28	def self.no_design_blocks
34	29	@no_design_blocks = true
35	30	end
...	...	@@ -106,6 +101,14 @@ class ApplicationController < ActionController::Base
106	101
107	102	protected
108	103
	104	+ def boxes_editor?
	105	+ false
	106	+ end
	107	+
	108	+ def content_editor?
	109	+ false
	110	+ end
	111	+
109	112	def user
110	113	current_user.person if logged_in?
111	114	end
...	...
...	...	@@ -52,6 +52,9 @@ class CmsController < MyProfileController
52	52	if @parent && @parent.blog?
53	53	articles -= Article.folder_types.map(&:constantize)
54	54	end
	55	+ if user.is_admin?(profile.environment)
	56	+ articles << RawHTMLArticle
	57	+ end
55	58	articles
56	59	end
57	60
...	...	@@ -380,5 +383,9 @@ class CmsController < MyProfileController
380	383	@selected_locale = @article.language \|\| FastGettext.locale
381	384	end
382	385
	386	+ def content_editor?
	387	+ true
	388	+ end
	389	+
383	390	end
384	391
...	...
...	...	@@ -50,7 +50,7 @@ class ManageProductsController < ApplicationController
50	50	render :partial => 'shared/redirect_via_javascript',
51	51	:locals => { :url => url_for(:controller => 'manage_products', :action => 'show', :id => @product) }
52	52	else
53		- render :partial => 'shared/dialog_error_messages', :locals => { :object_name => 'product' }
	53	+ render_dialog_error_messages 'product'
54	54	end
55	55	end
56	56	end
...	...	@@ -81,7 +81,7 @@ class ManageProductsController < ApplicationController
81	81	render :partial => 'shared/redirect_via_javascript',
82	82	:locals => { :url => url_for(:controller => 'manage_products', :action => 'show', :id => @product) }
83	83	else
84		- render :partial => 'shared/dialog_error_messages', :locals => { :object_name => 'product' }
	84	+ render_dialog_error_messages 'product'
85	85	end
86	86	end
87	87	end
...	...	@@ -96,7 +96,7 @@ class ManageProductsController < ApplicationController
96	96	@inputs = @product.inputs
97	97	render :partial => 'display_inputs'
98	98	else
99		- render :partial => 'shared/dialog_error_messages', :locals => { :object_name => 'product' }
	99	+ render_dialog_error_messages 'product'
100	100	end
101	101	else
102	102	render :partial => 'add_input'
...	...	@@ -147,7 +147,7 @@ class ManageProductsController < ApplicationController
147	147	@inputs = @product.inputs
148	148	render :partial => 'display_inputs'
149	149	else
150		- render :partial => 'shared/dialog_error_messages', :locals => { :object_name => 'input' }
	150	+ render_dialog_error_messages 'input'
151	151	end
152	152	end
153	153	end
...	...
...	...	@@ -997,7 +997,10 @@ module ApplicationHelper
997	997	def article_to_html(article, options = {})
998	998	options.merge!(:page => params[:npage])
999	999	content = article.to_html(options)
1000		- return self.instance_eval(&content) if content.kind_of?(Proc)
	1000	+ content = content.kind_of?(Proc) ? self.instance_eval(&content) : content
	1001	+ @plugins && @plugins.enabled_plugins.each do \|plugin\|
	1002	+ content = plugin.parse_content(content)
	1003	+ end
1001	1004	content
1002	1005	end
1003	1006
...	...	@@ -1238,4 +1241,8 @@ module ApplicationHelper
1238	1241	end
1239	1242	end
1240	1243
	1244	+ def render_dialog_error_messages(instance_name)
	1245	+ render :partial => 'shared/dialog_error_messages', :locals => { :object_name => instance_name }
	1246	+ end
	1247	+
1241	1248	end
...	...
...	...	@@ -99,7 +99,9 @@ module BoxesHelper
99	99	unless block.visible?
100	100	options[:title] = _("This block is invisible. Your visitors will not see it.")
101	101	end
102		-
	102	+ @controller.send(:content_editor?) \|\| @plugins.enabled_plugins.each do \|plugin\|
	103	+ result = plugin.parse_content(result)
	104	+ end
103	105	box_decorator.block_target(block.box, block) +
104	106	content_tag('div',
105	107	content_tag('div',
...	...
...	...	@@ -0,0 +1,13 @@
	1	+class RawHTMLArticle < TextArticle
	2	+
	3	+ def self.short_description
	4	+ _('Raw HTML text article.')
	5	+ end
	6	+
	7	+ def self.description
	8	+ _('Allows HTML without filter (only for admins)')
	9	+ end
	10	+
	11	+ xss_terminate :only => [ ]
	12	+
	13	+end
...	...
...	...	@@ -0,0 +1,6 @@
	1	+<%= required_fields_message %>
	2	+
	3	+<%= required labelled_form_field(_('Title'), text_field(:article, 'name', :size => '64')) %>
	4	+
	5	+<%= render :partial => 'translatable' %>
	6	+<%= render :partial => 'shared/lead_and_body' %>
...	...