Merge branch 'master' into rails-2.3.5

Conflicts: app/controllers/admin_controller.rb app/controllers/application.rb app/controllers/public/account_controller.rb app/controllers/public/content_viewer_controller.rb lib/noosfero/i18n.rb test/functional/account_controller_test.rb test/functional/admin_controller_test.rb test/unit/contact_test.rb test/unit/profile_test.rb

Merge branch 'master' into rails-2.3.5
Conflicts: app/controllers/admin_controller.rb app/controllers/application.rb app/controllers/public/account_controller.rb app/controllers/public/content_viewer_controller.rb lib/noosfero/i18n.rb test/functional/account_controller_test.rb test/functional/admin_controller_test.rb test/unit/contact_test.rb test/unit/profile_test.rb
Antonio Terceiro
2 parents 1420310b af89dbce
Showing 842 changed files with 113986 additions and 21393 deletions Show diff stats
.mailmap
AUTHORS
HACKING
INSTALL
INSTALL.chat
INSTALL.multitenancy
INSTALL.varnish
RELEASING
app/controllers/admin/admin_panel_controller.rb
app/controllers/admin/categories_controller.rb
app/controllers/admin/plugins_controller.rb
app/controllers/admin/role_controller.rb
app/controllers/admin_controller.rb
app/controllers/box_organizer_controller.rb
app/controllers/my_profile/cms_controller.rb
app/controllers/my_profile/manage_products_controller.rb
app/controllers/my_profile/profile_design_controller.rb
app/controllers/my_profile/profile_editor_controller.rb
app/controllers/my_profile/profile_members_controller.rb
app/controllers/my_profile/tasks_controller.rb
@@ -3,7 +3,8 @@ Antonio Terceiro &lt;terceiro@colivre.coop.br&gt; &lt;terceiro@softwarelivre.org&gt;
 Aurelio A. Heckert <aurelio@colivre.coop.br> <AurelioAHeckert@3f533792-8f58-4932-b0fe-aaf55b0a4547>
 Aurelio A. Heckert <aurelio@colivre.coop.br> <aurelio@colivre.coop.br>
 Aurelio A. Heckert <aurelio@colivre.coop.br> <aurium@gmail.com>
-Caio SBA <caiosba@gmail.com> <caiosba@safernet.org.br>
+Caio SBA <caio@colivre.coop.br> <caiosba@gmail.com>
+Caio SBA <caio@colivre.coop.br> <caiosba@safernet.org.br>
 Daniela Soares Feitosa <danielafeitosa@colivre.coop.br> <DanielaFeitosa@3f533792-8f58-4932-b0fe-aaf55b0a4547>
 Daniela Soares Feitosa <danielafeitosa@colivre.coop.br> <danielafeitosa@colivre.coop.br>
 Daniela Soares Feitosa <danielafeitosa@colivre.coop.br> <daniela@sede.colivre.coop.br>
@@ -8,8 +8,9 @@ Developers
 Antonio Terceiro <terceiro@colivre.coop.br>
 Aurelio A. Heckert <aurelio@colivre.coop.br>
+Braulio Bhavamitra <brauliobo@gmail.com>
 Bráulio Bhavamitra <brauliobo@gmail.com>
-Caio SBA <caiosba@gmail.com>
+Caio SBA <caio@colivre.coop.br>
 Daniela Soares Feitosa <danielafeitosa@colivre.coop.br>
 Daniel Cunha <daniel@colivre.coop.br>
 Fernanda Lopes <nanda.listas+psl@gmail.com>
@@ -23,6 +24,7 @@ LinguÁgil 2010 &lt;linguagil.bahia@gmail.com&gt;
 Martín Olivera <molivera@solar.org.ar>
 Moises Machado <moises@colivre.coop.br>
 Nanda Lopes <nanda.listas+psl@gmail.com>
+Rafael Gomes <rafaelgomes@techfree.com.br>
 Raphaël Rousseau <raph@r4f.org>
 Raquel Lira <raquel.lira@gmail.com>
 Rodrigo Souto <rodrigo@colivre.coop.br>
@@ -31,11 +31,13 @@ You can copy and paste the commands below into a terminal (please review the
 commands and make sure you understand what you are doing):
  # checkout the code from repository
- git clone git://git.colivre.coop.br/noosfero.git
+ git clone git://gitorious.org/noosfero/noosfero.git
  # enter the directory
  cd noosfero
  # copy a sample config file
  cp config/database.yml.sqlite3 config/database.yml
+ # create tmp directory if it doesn't exist
+ mkdir tmp
  # create the development database
  rake db:schema:load
  # run pending migrations
@@ -59,8 +61,8 @@ another port than 3000, you can use the -p option of ./script/server:
 The above command makes the server available at http://localhost:9999/
-The sample-data data scripts creates one administrator user with login "ze" and
-password "test".
+The sample-data data scripts creates two administrator users with login "ze" and
+password "test" and login "adminuser" and password "admin".
 Note that some operations, like generating image thumbnails, sending e-mails,
 etc, are done in background in the context of a service independent from the
@@ -84,3 +86,7 @@ you want to enable it then you need to change some files:
 3) Add in config/noosfero.yml at development section:
    exception_recipients: [admin@example.com]
+
+== Releasing and building Debian package
+
+See RELEASING file.
@@ -43,6 +43,9 @@ case will need do install hicolor-icon-theme as well bacause tango-icon-theme
 depends on it.  After that you can try the command line above again, but
 without "tango-icon-theme".
+More Informations to install the tango-icon-theme on Debian Lenny:
+* http://packages.debian.org/en/lenny/all/tango-icon-theme/download
+
 If you manage to install Noosfero successfully on other systems than Debian,
 please feel free to contact the Noosfero development mailing with the
 instructions for doing so, and we'll include it here.
@@ -98,7 +101,7 @@ downloading from git
 Here we are cloning the noosfero repository from git. Note: you will need to
 install git before.
-$ git clone git://git.colivre.coop.br/noosfero.git current
+$ git clone git://gitorious.org/noosfero/noosfero.git current
 $ cd current
 $ git checkout -b stable origin/stable
@@ -221,16 +221,19 @@ Note: module proxy_http must be enabled:
 # a2enmod proxy_http
-
 8. DNS configuration
- * /etc/bind/db.colivre:
+For this point, we assume you are using BIND as your DNS server. You need to
+add the following entries to the DNS zone file corresponding to the domain
+of your noosfero site:
 _xmpp-client._tcp   SRV   5 100 5222 master
-(...)
 conference   CNAME master
 _xmpp-client._tcp.conference   SRV   5 100 5222 master
+If you are running a DNS server other than BIND, you will have to figure out
+how to create equivalente rules for your zone file. Patches to this
+documentation are welcome.
 9. Testing this Setup
@@ -0,0 +1,163 @@
+== Multitenancy support
+
+Multitenancy refers to a principle in software architecture where a
+single instance of the software runs on a server, serving multiple
+client organizations (tenants). Multitenancy is contrasted with a
+multi-instance architecture where separate software instances (or
+hardware systems) are set up for different client organizations. With
+a multitenant architecture, a software application is designed to
+virtually partition its data and configuration, and each client
+organization works with a customized virtual application instance.
+
+Today this feature is available only for PostgreSQL databases.
+
+This document assumes that you have a new fully PostgresSQL default Noosfero
+installation as explained at the INSTALL file.
+
+== Separated data
+
+The items below are separated for each hosted environment:
+
+* Uploaded files
+* Database
+* Ferret index
+* ActiveRecord#cache_key
+* Feed updater
+* Delayed Job Workers
+
+== Database configuration file
+
+The file config/database.yml must follow a structure in order to
+achieve multitenancy support. In this example, we will set 3
+different environments: env1, env2 and env3.
+
+Each "hosted" environment must have an entry like this:
+
+env1_production:
+  adapter: postgresql
+  encoding: unicode
+  database: noosfero
+  schema_search_path: public
+  username: noosfero
+  domains:
+    - env1.com
+    - env1.org
+
+env2_production:
+  adapter: postgresql
+  encoding: unicode
+  database: noosfero
+  schema_search_path: env2
+  username: noosfero
+  domains:
+    - env2.com
+    - env2.org
+
+env3_production:
+  adapter: postgresql
+  encoding: unicode
+  database: noosfero
+  schema_search_path: env3
+  username: noosfero
+  domains:
+    - env3.com
+    - env3.net
+
+The "hosted" environments define, besides the schema_search_path, a
+list of domains that, when accessed, tells which database the
+application should use. Also, the environment name must end with
+'_hosting', where 'hosting' is the name of the hosting environment.
+
+You must also tell the application which is the default environment.
+
+production:
+  env1_production
+
+On the example above there are only three hosted environments, but it
+can be more than three. The schemas 'env2' and 'env3' must already
+exist in the same database of the hosting environment. As postgres
+user, you can create them typing:
+
+$ psql database_name -c "CREATE SCHEMA env2 AUTHORIZATION database_user"
+$ psql database_name -c "CREATE SCHEMA env3 AUTHORIZATION database_user"
+
+Replace database_name and database_user above with your stuff.
+
+So, yet on this same example, when a user accesses http://env2.com or
+http://env2.org, the Noosfero application running on production will
+turn the database schema to 'env2'. When the access is from domains
+http://env3.com or http://env3.net, the schema to be loaded will be
+'env3'.
+
+There is an example of this file in config/database.yml.multitenancy
+
+== Preparing the database
+
+Now create the environments:
+
+$ RAILS_ENV=production rake multitenancy:create
+
+This command above will create the hosted environment files equal to
+their hosting environment, here called 'production'.
+
+Run db:schema:load for each other environment:
+
+$ RAILS_ENV=env2_production rake db:schema:load
+$ RAILS_ENV=env3_production rake db:schema:load
+
+Then run the migrations for the hosting environment, and it will
+run for each of its hosted environments:
+
+RAILS_ENV=production rake db:migrate
+
+== Start Noosfero
+
+Run Noosfero init file as root:
+
+# invoke-rc.d noosfero start
+
+== Ferret
+
+It's necessary to run only one instance of ferret_server. Don't worry
+about this, Noosfero initializer had already done this for you.
+
+== Feed updater & Delayed job
+
+Just for your information, a daemon of feed-updater and delayed_job
+must be running for each environment. Noosfero initializer do this,
+relax.
+
+== Uploaded files
+
+When running with PostgreSQL, Noosfero uploads stuff to a folder named
+the same way as the running schema. Inside the upload folder root, for
+example, will be public/image_uploads/env2 and public/image_uploads/env3.
+
+== Adding multitenancy support to an existing Noosfero environment
+
+If you already have a Noosfero environment, you can turn it multitenant
+by following the steps below in addition to the previous steps:
+
+1. Reindex your database
+
+Rebuild the Ferret index by running the following task just
+for your hosting environment, do this as noosfero user:
+
+$ RAILS_ENV=production rake multitenancy:reindex
+
+2. Move the uploaded files to the right place
+
+Add a directory with the same name as your schema name (by default this
+name is 'public') in the root of each upload directory, for example,
+public/articles/0000 will be moved to public/articles/public/0000. Do this
+with the directories public/image_uploads, public/articles and public/thumbnails.
+
+3. Fix paths on activities
+
+The profile activities store static paths to the images, so it's necessary to fix
+these paths. You can do this easily by setting an alias on your webserver.
+On Apache you can add the three rules below, where 'public' is the schema name:
+
+  RewriteRule ^/articles(.+) /articles/public$1
+  RewriteRule ^/image_uploads(.+) /image_uploads/public$1
+  RewriteRule ^/thumbnails(.+) /thumbnails/public$1
@@ -50,14 +50,22 @@ apache-compatible format. You should change your statistics generation software
   # invoke-rc.d varnish restart
-6) Configure varnish to store separate caches for each language
+6) Configure varnish to fit noosfero
+(assuming Noosfero is installed in /var/lib/noosfero)
-6a) Add the following line to your /etc/varnish/default.vcl file (assuming
-Noosfero is installed in /var/lib/noosfero):
+6a) Configure noosfero to do specific routines to varnish
+
+Add the following line to your /etc/varnish/default.vcl file:
+
+  include "/var/lib/noosfero/etc/noosfero/varnish-noosfero.vcl";
+
+6b) Configure varnish to store separate caches for each language
+
+Add the following line to your /etc/varnish/default.vcl file:
   include "/var/lib/noosfero/etc/noosfero/varnish-accept-language.vcl";
-6b) Restart Varnish
+7) Restart Varnish
   # invoke-rc.d varnish restart
@@ -12,28 +12,28 @@ This file documents release-related activities.
 == Releasing noosfero
+Considering you are on a Debian GNU/Linux or Debian-based system
+ # apt-get install devscripts debhelper
+
 To prepare a release of noosfero, you must follow the steps below:
-* finish all requirements and bugs assigned to the to-be-released version
-* make sure all tests pass
-* write release notes at the version's wiki topic.
-* generate package with <tt>rake package</tt>. Your tarball will be under the pkg/
-  directory, named as noosfero-${VERSION}.tar.gz
-* test that the package contains everything that is needed: explode the tarball
-  in a temporary directory, copy config/database.yml.sqlite3 to
-  config/database.yml, and make <tt>rake db:migrate</tt> and <tt>rake test</tt>. If
-  everything is ok, you are done. If not, maybe some files are not going into
-  the tarball. See lib/tasks/package.rake, probably you'll need to change it.
-* Go to the version's wiki topic and edit it to reflect the new reality.
-* Attach the generated package to that topic. Before attaching calculate the md5 of the package (with mu5sum and paste the MD5 hash as comment in the attachment form)
+* Finish all requirements and bugs assigned to the to-be-released version
+* Make sure all tests pass
+* Change the version in lib/noosfero.rb and debian/changelog to the
+  to-be-released version (e.g. 0.2.0, 0.3.1)
+* Write release notes at the version's wiki topic
+* Generate packages with <tt>rake noosfero:release</tt>. Your tarball and deb
+  pkg will be under the pkg/ directory. This task will create a git tag too.
+* Test that the tarball and deb package are ok
+* Go to the version's wiki topic and edit it to reflect the new reality
+* Edit the topic WebPreferences and update DEBIAN_REPOSITORY_TOPICS setting
+* Attach the generated packages to that topic. Before attaching calculate the
+  sha1 of the package (with sha1sum and paste the SHA1 hash as comment in the
+  attachment form)
 * Download the attached and verify the MD5 hash
-* create a git tag for the released version with <tt>git tag</tt>.
-* IMMEDIATELY change the version in lib/noosfero.rb to the next version. (e.g.
-  0.2.0 -> 0.3.0)
-* update an eventual demonstration version that you run.
-* write an announcement e-mail to the relevant maimling lists pointing to the release notes, and maybe to the demonstration version.
+* Update an eventual demonstration version that you run.
+* Write an announcement e-mail to the relevant mailing lists pointing to the
+  release notes, and maybe to the demonstration version.
 If you had any problem during these steps, you can do <tt>rake clobber_package</tt> to
 completely delete the generated packages and start the process again.
-
-
 class AdminPanelController < AdminController
-  before_filter :login_required
-  
   protect 'view_environment_admin_panel', :environment
   def boxes_holder
@@ -11,6 +9,7 @@ class AdminPanelController &lt; AdminController
   def site_info
     if request.post?
       if @environment.update_attributes(params[:environment])
+        session[:notice] = _('Environment settings updated')
         redirect_to :action => 'index'
       end
     end
@@ -10,11 +10,16 @@ class CategoriesController &lt; AdminController
     @product_categories = environment.product_categories.find(:all, :conditions => {:parent_id => nil})
   end
+  def get_children
+    children = Category.find(params[:id]).children
+    render :partial => 'category_children', :locals => {:children => children}
+  end
+
   ALLOWED_TYPES = CategoriesHelper::TYPES.map {|item| item[1] }
   # posts back
   def new
-    type = (params[:type] || 'Category')
+    type = (params[:type] || params[:parent_type] || 'Category')
     raise 'Type not allowed' unless ALLOWED_TYPES.include?(type)
     @category = type.constantize.new(params[:category])
 class PluginsController < AdminController
+  protect 'edit_environment_features', :environment
   def index
     @active_plugins = Noosfero::Plugin.all.map {|plugin_name| plugin_name.constantize }.compact
@@ -9,21 +9,6 @@ class RoleController &lt; AdminController
     @role = environment.roles.find(params[:id])
   end
-  def new
-    @role = Role.new
-  end
-
-  def create
-    @role = Role.new(params[:role])
-    @role.environment = environment
-    if @role.save
-      redirect_to :action => 'show', :id => @role
-    else
-      session[:notice] = _('Failed to create role')
-      render :action => 'new'
-    end
-  end
-
   def edit
     @role = environment.roles.find(params[:id])
   end
@@ -38,13 +23,4 @@ class RoleController &lt; AdminController
     end
   end
-  def destroy
-    @role = environment.roles.find(params[:id])
-    if @role.destroy
-      redirect_to :action => 'index'
-    else
-      session[:notice] = _('Failed to edit role')
-      redirect_to :action => 'index'
-    end
-  end
 end
 class AdminController < ApplicationController
+  before_filter :login_required
 end
@@ -82,7 +82,7 @@ class BoxOrganizerController &lt; ApplicationController
   def save
     @block = boxes_holder.blocks.find(params[:id])
     @block.update_attributes(params[:block])
-    expire_timeout_fragment(@block.cache_keys)
+    expire_timeout_fragment(@block.cache_key)
     redirect_to :action => 'index'
   end
@@ -93,7 +93,7 @@ class BoxOrganizerController &lt; ApplicationController
   def remove
     @block = Block.find(params[:id])
     if @block.destroy
-      expire_timeout_fragment(@block.cache_keys)
+      expire_timeout_fragment(@block.cache_key)
       redirect_to :action => 'index'
     else
       session[:notice] = _('Failed to remove block')
@@ -43,6 +43,9 @@ class CmsController &lt; MyProfileController
     if @parent && @parent.blog?
       articles -= Article.folder_types.map(&:constantize)
     end
+    if user.is_admin?(profile.environment)
+      articles << RawHTMLArticle
+    end
     articles
   end
@@ -168,8 +171,7 @@ class CmsController &lt; MyProfileController
     @article = @parent = check_parent(params[:parent_id])
     @target = @parent ? ('/%s/%s' % [profile.identifier, @parent.full_name]) : '/%s' % profile.identifier
     @folders = Folder.find(:all, :conditions => { :profile_id => profile })
-    @media_listing = params[:media_listing]
-    if @article && !@media_listing
+    if @article
       record_coming
     end
     if request.post? && params[:uploaded_files]
@@ -178,26 +180,14 @@ class CmsController &lt; MyProfileController
       end
       @errors = @uploaded_files.select { |f| f.errors.any? }
       if @errors.any?
-        if @media_listing
-          flash[:notice] = _('Could not upload all files')
-          redirect_to :action => 'media_listing'
-        else
-          render :action => 'upload_files', :parent_id => @parent_id
-        end
+        render :action => 'upload_files', :parent_id => @parent_id
       else
-        if @media_listing
-          flash[:notice] = _('All files were uploaded successfully')
-          redirect_to :action => 'media_listing'
+        if @back_to
+          redirect_to @back_to
+        elsif @parent
+          redirect_to :action => 'view', :id => @parent.id
         else
-          if @back_to
-            redirect_to @back_to
-          else
-            redirect_to( if @parent
-              {:action => 'view', :id => @parent.id}
-            else
-              {:action => 'index'}
-            end)
-          end
+          redirect_to :action => 'index'
         end
       end
     end
@@ -286,44 +276,28 @@ class CmsController &lt; MyProfileController
     @task = SuggestArticle.new(params[:task])
     if request.post?
        @task.target = profile
-      if @task.save
+      if verify_recaptcha(:model => @task, :message => _('Please type the words correctly')) && @task.save
         session[:notice] = _('Thanks for your suggestion. The community administrators were notified.')
         redirect_to @back_to
       end
     end
   end
-  def media_listing
-    if params[:image_folder_id]
-      folder = profile.articles.find(params[:image_folder_id]) if !params[:image_folder_id].blank?
-      @images = (folder ? folder.children : profile.top_level_articles).images
-    elsif params[:document_folder_id]
-      folder = profile.articles.find(params[:document_folder_id]) if !params[:document_folder_id].blank?
-      @documents = (folder ? folder.children : profile.top_level_articles)
-    else
-      @documents = profile.articles
-      @images = @documents.images
-      @documents -= @images
-    end
-
-    @images = @images.paginate(:per_page => per_page, :page => params[:ipage], :order => "updated_at desc") if @images
-    @documents = @documents.paginate(:per_page => per_page, :page => params[:dpage], :order => "updated_at desc", :conditions => {:is_image => false}) if @documents
-
-    @folders = profile.folders
-    @image_folders = @folders.select {|f| f.children.any? {|c| c.image?} }
-    @document_folders = @folders.select {|f| f.children.any? {|c| !c.image? && c.kind_of?(UploadedFile) } }
-
-    @media_listing = true
-
-    respond_to do |format|
-      format.html { render :layout => false}
-      format.js {
-        render :update do |page|
-          page.replace_html 'media-listing-folder-images', :partial => 'image_thumb', :locals => {:images => @images } if !@images.blank?
-          page.replace_html 'media-listing-folder-documents', :partial => 'document_link', :locals => {:documents => @documents } if !@documents.blank?
-        end
-      }
+  def search
+    query = params[:q]
+    results = query.blank? ? [] : profile.articles.published.find_by_contents(query)
+    render :text => article_list_to_json(results), :content_type => 'application/json'
+  end
+  def media_upload
+    files_uploaded = []
+    parent = check_parent(params[:parent_id])
+    files = [:file1,:file2, :file3].map { |f| params[f] }.compact
+    if request.post?
+      files.each do |file|
+        files_uploaded << UploadedFile.create(:uploaded_data => file, :profile => profile, :parent => parent) unless file == ''
+      end
     end
+    render :text => article_list_to_json(files_uploaded), :content_type => 'text/plain'
   end
   protected
@@ -353,7 +327,7 @@ class CmsController &lt; MyProfileController
   end
   def refuse_blocks
-    if ['TinyMceArticle', 'Event', 'EnterpriseHomepage'].include?(@type)
+    if ['TinyMceArticle', 'TextileArticle', 'Event', 'EnterpriseHomepage'].include?(@type)
       @no_design_blocks = true
     end
   end
@@ -367,5 +341,21 @@ class CmsController &lt; MyProfileController
     @selected_locale = @article.language || FastGettext.locale
   end
+  def article_list_to_json(list)
+    list.map do |item|
+      {
+        'title' => item.title,
+        'url' => item.image? ? item.public_filename(:uploaded) : url_for(item.url),
+        :icon => icon_for_article(item),
+        :content_type => item.mime_type,
+        :error => item.errors.any? ? _('%s could not be uploaded') % item.title : nil,
+      }
+    end.to_json
+  end
+  
+  def content_editor?
+    true
+  end
+
 end
@@ -4,6 +4,7 @@ class ManageProductsController &lt; ApplicationController
   protect 'manage_products', :profile, :except => [:show]
   before_filter :check_environment_feature
   before_filter :login_required, :except => [:show]
+  before_filter :create_product?, :only => [:new]
   protected  
@@ -14,6 +15,13 @@ class ManageProductsController &lt; ApplicationController
     end
   end
+  def create_product?
+    if !profile.create_product?
+      render_access_denied
+      return
+    end
+  end
+
   public
   def index
@@ -40,8 +48,8 @@ class ManageProductsController &lt; ApplicationController
   end
   def new
-    @product = @profile.products.build(:product_category_id => params[:selected_category_id])
-    @category = @product.product_category
+    @category = params[:selected_category_id] ? Category.find(params[:selected_category_id]) : nil
+    @product = @profile.products.build(:product_category => @category)
     @categories = ProductCategory.top_level_for(environment)
     @level = 0
     if request.post?
@@ -50,7 +58,7 @@ class ManageProductsController &lt; ApplicationController
         render :partial => 'shared/redirect_via_javascript',
           :locals => { :url => url_for(:controller => 'manage_products', :action => 'show', :id => @product) }
       else
-        render :partial => 'shared/dialog_error_messages', :locals => { :object_name => 'product' }
+        render_dialog_error_messages 'product'
       end
     end
   end
@@ -72,7 +80,7 @@ class ManageProductsController &lt; ApplicationController
   def edit_category
     @product = @profile.products.find(params[:id])
-    @category = @product.product_category
+    @category = @product.product_category || ProductCategory.first
     @categories = ProductCategory.top_level_for(environment)
     @edit = true
     @level = @category.level
@@ -81,7 +89,7 @@ class ManageProductsController &lt; ApplicationController
         render :partial => 'shared/redirect_via_javascript',
           :locals => { :url => url_for(:controller => 'manage_products', :action => 'show', :id => @product) }
       else
-        render :partial => 'shared/dialog_error_messages', :locals => { :object_name => 'product' }
+        render_dialog_error_messages 'product'
       end
     end
   end
@@ -96,7 +104,7 @@ class ManageProductsController &lt; ApplicationController
         @inputs = @product.inputs
         render :partial => 'display_inputs'
       else
-        render :partial => 'shared/dialog_error_messages', :locals => { :object_name => 'product' }
+        render_dialog_error_messages 'product'
       end
     else
       render :partial => 'add_input'
@@ -147,7 +155,7 @@ class ManageProductsController &lt; ApplicationController
         @inputs = @product.inputs
         render :partial => 'display_inputs'
       else
-        render :partial => 'shared/dialog_error_messages', :locals => { :object_name => 'input' }
+        render_dialog_error_messages 'input'
       end
     end
   end
@@ -25,6 +25,7 @@ class ProfileDesignController &lt; BoxOrganizerController
       blocks << DisabledEnterpriseMessageBlock
       blocks << HighlightsBlock
       blocks << FeaturedProductsBlock
+      blocks << FansBlock
     end
     # product block exclusive for enterprises in environments that permits it
@@ -37,6 +38,10 @@ class ProfileDesignController &lt; BoxOrganizerController
       blocks << BlogArchivesBlock
     end
+    if user.is_admin?(profile.environment)
+      blocks << RawHTMLBlock
+    end
+
     blocks
   end
@@ -4,7 +4,7 @@ class ProfileEditorController &lt; MyProfileController
   protect 'destroy_profile', :profile, :only => [:destroy_profile]
   def index
-    @pending_tasks = profile.all_pending_tasks.select{|i| user.has_permission?(i.permission, profile)}
+    @pending_tasks = Task.to(profile).pending.select{|i| user.has_permission?(i.permission, profile)}
   end
   helper :profile
 class ProfileMembersController < MyProfileController
   protect 'manage_memberships', :profile
-  no_design_blocks
   def index
     @members = profile.members
@@ -15,29 +14,25 @@ class ProfileMembersController &lt; MyProfileController
     rescue ActiveRecord::RecordNotFound
       @person = nil
     end
-    if !params[:confirmation] && @person && @person.is_last_admin_leaving?(profile, @roles)
-      redirect_to :action => :last_admin, :roles => params[:roles], :person => @person
-    else
-      if @person && @person.define_roles(@roles, profile)
+
+    if @person
+      if@person.is_last_admin_leaving?(profile, @roles)
+        redirect_to :action => :last_admin
+      elsif @person.define_roles(@roles, profile)
         session[:notice] = _('Roles successfuly updated')
+        redirect_to :controller => 'profile_editor'
       else
         session[:notice] = _('Couldn\'t change the roles')
+        redirect_to :action => 'index'
       end
-      if params[:confirmation]
-        redirect_to profile.url
-      else
-        redirect_to :action => :index
-      end
+    else
+      redirect_to :action => 'index'
     end
   end
-  
+
   def last_admin
-    @person = params[:person]
-    @roles = params[:roles] || []
-    @members = profile.members.select {|member| !profile.admins.include?(member)}
-    @title = _('Current admins')
-    @collection = :profile_admins
-    @remove_action = {:action => 'remove_admin'}
+    @roles = [Profile::Roles.admin(environment.id)]
+    @pre_population = [].to_json
   end
   def add_role
@@ -90,6 +85,7 @@ class ProfileMembersController &lt; MyProfileController
   end
   def add_members
+    @roles = Profile::Roles.organization_member_roles(environment.id)
   end
   def add_member
@@ -122,19 +118,42 @@ class ProfileMembersController &lt; MyProfileController
     render :layout => false
   end
-  def find_users
-    if !params[:query] || params[:query].length <= 2
-      @users_found = []
-    elsif params[:scope] == 'all_users'
-      @users_found = Person.find_by_contents(params[:query] + '*').select {|user| !profile.members.include?(user)}
-      @button_alt = _('Add member')
-      @add_action = {:action => 'add_member'}
-    elsif params[:scope] == 'new_admins'
-      @users_found = Person.find_by_contents(params[:query] + '*').select {|user| profile.members.include?(user) && !profile.admins.include?(user)}
-      @button_alt = _('Add member')
-      @add_action = {:action => 'add_admin'}
+  def search_user
+    role = Role.find(params[:role])
+    render :text => environment.people.find(:all, :conditions => ['LOWER(name) LIKE ? OR LOWER(identifier) LIKE ?', "%#{params['q_'+role.key]}%", "%#{params['q_'+role.key]}%"]).
+      select { |person| !profile.members_by_role(role).include?(person) }.
+      map {|person| {:id => person.id, :name => person.name} }.
+      to_json
+  end
+
+  def save_associations
+    error = false
+    roles = Profile::Roles.organization_member_roles(environment.id)
+    roles.select { |role| params['q_'+role.key] }.each do |role|
+      people = [Person.find(params['q_'+role.key].split(','))].flatten
+      to_remove = profile.members_by_role(role) - people
+      to_add = people - profile.members_by_role(role)
+
+      begin
+        to_remove.each { |person| profile.disaffiliate(person, role) }
+        to_add.each { |person| profile.affiliate(person, role) }
+      rescue Exception => ex
+        logger.info ex
+        error = true
+      end
+    end
+
+    if error
+      session[:notice] = _('The members list couldn\'t be updated. Please contact the administrator.')
+      redirect_to :action => 'add_members'
+    else
+      if profile.admins.blank? && !params[:last_admin]
+        redirect_to :action => 'last_admin'
+      else
+        session[:notice] = _('The members list was updated.')
+        redirect_to :controller => 'profile_editor'
+      end
     end
-    render :layout => false
   end
   def send_mail
@@ -3,12 +3,13 @@ class TasksController &lt; MyProfileController
   protect 'perform_task', :profile
   def index
-    @tasks = profile.all_pending_tasks.sort_by(&:created_at)
+    @filter = params[:filter_type].blank? ? nil : params[:filter_type]
+    @tasks = Task.to(profile).pending.of(@filter).order_by('created_at', 'asc').paginate(:per_page => Task.per_page, :page => params[:page])
     @failed = params ? params[:failed] : {}
   end
   def processed
-    @tasks = profile.all_finished_tasks.sort_by(&:created_at)
+    @tasks = Task.to(profile).finished.sort_by(&:created_at)
   end
   VALID_DECISIONS = [ 'finish', 'cancel', 'skip' ]
@@ -4,7 +4,6 @@ class AccountController &lt; ApplicationController
   inverse_captcha :field => 'e_mail'
-
   before_filter :login_required, :only => [:activation_question, :accept_terms, :activate_enterprise]
   before_filter :redirect_if_logged_in, :only => [:login, :signup]
@@ -15,6 +14,17 @@ class AccountController &lt; ApplicationController
     end
   end
+  def activate
+    @user = User.find_by_activation_code(params[:activation_code]) if params[:activation_code]
+    if @user and @user.activate
+      @message = _("Your account has been activated, now you can log in!")
+      render :action => 'login', :userlogin => @user.login
+    else
+      session[:notice] = _("It looks like you're trying to activate an account. Perhaps have already activated this account?")
+      redirect_to :controller => :home
+    end
+  end
+
   # action to perform login to the application
   def login
     @user = User.new
@@ -57,9 +67,8 @@ class AccountController &lt; ApplicationController
       @user.person_data = params[:profile_data]
       @person = Person.new(params[:profile_data])
       @person.environment = @user.environment
-      if request.post? && params[self.icaptcha_field].blank?
+      if request.post?
         @user.signup!
-        self.current_user = @user
         owner_role = Role.find_by_name('owner')
         @user.person.affiliate(@user.person, [owner_role]) if owner_role
         invitation = Task.find_by_code(@invitation_code)
@@ -67,8 +76,7 @@ class AccountController &lt; ApplicationController
           invitation.update_attributes!({:friend => @user.person})
           invitation.finish
         end
-        session[:notice] = _("Thanks for signing up!")
-        go_to_initial_page if redirect?
+        @register_pending = true
       end
     rescue ActiveRecord::RecordInvalid
       @person.valid?
@@ -223,6 +231,8 @@ class AccountController &lt; ApplicationController
       session[:notice] = nil # consume the notice
     end
+    @plugins.enabled_plugins.each { |plugin| user_data.merge!(plugin.user_data_extras) }
+
     render :text => user_data.to_json, :layout => false, :content_type => "application/javascript"
   end
@@ -6,6 +6,8 @@ class BrowseController &lt; PublicController
     more_recent
     more_active
     more_popular
+    more_comments
+    more_views
   )
   def per_page
@@ -36,6 +38,18 @@ class BrowseController &lt; PublicController
     @results = @results.compact.paginate(:per_page => per_page, :page => params[:page])
   end
+  def contents
+    @filter = filter
+    @title = self.filter_description(params[:action] + '_' + @filter )
+
+    @results = @environment.articles.published.text_articles.send(@filter)
+
+    if !params[:query].blank?
+      @results = @results.find_by_contents(params[:query])
+    end
+    @results = @results.compact.paginate(:per_page => per_page, :page => params[:page])
+  end
+
   protected
   def filter
@@ -54,6 +68,9 @@ class BrowseController &lt; PublicController
       'communities_more_recent' => _('More recent communities'),  
       'communities_more_active' => _('More active communities'),  
       'communities_more_popular' => _('More popular communities'),
+      'contents_more_recent' => _('More recent contents'),
+      'contents_more_views' => _('Most viewed contents'),
+      'contents_more_comments' => _('Most commented contents'),
     }[str] || str
   end
@@ -4,10 +4,9 @@ class ContactController &lt; PublicController
   needs_profile
-  inverse_captcha :field => 'e_mail'
   def new
     @contact
-    if request.post? && params[self.icaptcha_field].blank? && params[:confirm] == 'true'
+    if request.post? && params[:confirm] == 'true'
       @contact = user.build_contact(profile, params[:contact])
       @contact.city = (!params[:city].blank? && City.exists?(params[:city])) ? City.find(params[:city]).name : nil
       @contact.state = (!params[:state].blank? && State.exists?(params[:state])) ? State.find(params[:state]).name : nil
@@ -2,8 +2,6 @@ class ContentViewerController &lt; ApplicationController
   needs_profile
-  inverse_captcha :field => 'e_mail'
-
   helper ProfileHelper
   helper TagsHelper
@@ -68,8 +66,13 @@ class ContentViewerController &lt; ApplicationController
     @form_div = params[:form]
-    if request.post? && params[:comment] && params[self.icaptcha_field].blank? && params[:confirm] == 'true' && @page.accept_comments?
-      add_comment
+    if params[:comment] && params[:confirm] == 'true'
+      @comment = Comment.new(params[:comment])
+      if request.post? && @page.accept_comments?
+        add_comment
+      end
+    else
+      @comment = Comment.new
     end
     if request.post? && params[:remove_comment]
@@ -106,11 +109,10 @@ class ContentViewerController &lt; ApplicationController
   protected
   def add_comment
-    @comment = Comment.new(params[:comment])
     @comment.author = user if logged_in?
     @comment.article = @page
-    if @comment.save
-      @page.update_attribute(:updated_at, Time.now)
+    if (logged_in? || verify_recaptcha(:model => @comment, :message => _('Please type the words correctly'))) && @comment.save
+      @page.touch
       @comment = nil # clear the comment form
       redirect_to :action => 'view_page', :profile => params[:profile], :page => @page.explode_path, :view => params[:view]
     else
@@ -2,8 +2,8 @@ class ProfileController &lt; PublicController
   needs_profile
   before_filter :check_access_to_profile, :except => [:join, :join_not_logged, :index, :add]
-  before_filter :store_before_join, :only => [:join, :join_not_logged]
-  before_filter :login_required, :only => [:add, :join, :join_not_logged, :leave, :unblock, :leave_scrap, :remove_scrap, :remove_activity, :view_more_scraps, :view_more_activities, :view_more_network_activities]
+  before_filter :store_location, :only => [:join, :join_not_logged, :report_abuse]
+  before_filter :login_required, :only => [:add, :join, :join_not_logged, :leave, :unblock, :leave_scrap, :remove_scrap, :remove_activity, :view_more_scraps, :view_more_activities, :view_more_network_activities, :report_abuse, :register_report]
   helper TagsHelper
@@ -44,7 +44,7 @@ class ProfileController &lt; PublicController
       tagged,
       :title => _("%s's contents tagged with \"%s\"") % [profile.name, @tag],
       :description => _("%s's contents tagged with \"%s\"") % [profile.name, @tag],
-      :link => url_for(:action => 'tags')
+      :link => url_for(profile.url)
     )
     render :text => data, :content_type => "text/xml"
   end
@@ -71,6 +71,10 @@ class ProfileController &lt; PublicController
     end
   end
+  def fans
+    @fans = profile.fans
+  end
+
   def favorite_enterprises
     @favorite_enterprises = profile.favorite_enterprises
   end
@@ -96,7 +100,7 @@ class ProfileController &lt; PublicController
     if request.post?
       profile.add_member(user)
       session[:notice] = _('%s administrator still needs to accept you as member.') % profile.name if profile.closed?
-      redirect_to_before_join
+      redirect_to_previous_location
     else
       if user.memberships.include?(profile)
         session[:notice] = _('You are already a member of %s.') % profile.name
@@ -223,6 +227,52 @@ class ProfileController &lt; PublicController
     end
   end
+  def report_abuse
+    @abuse_report = AbuseReport.new
+    render :layout => false
+  end
+
+  def register_report
+    if !verify_recaptcha
+      render :text => {
+        :ok => false,
+        :error => {
+          :code => 1,
+          :message => _('You could not answer the captcha.')
+        }
+      }.to_json
+    else
+      begin
+        abuse_report = AbuseReport.new(params[:abuse_report])
+        if !params[:content_type].blank?
+          article = params[:content_type].constantize.find(params[:content_id])
+          abuse_report.content = instance_eval(&article.reported_version)
+        end
+
+        user.register_report(abuse_report, profile)
+
+        if !params[:content_type].blank?
+          abuse_report = AbuseReport.find_by_reporter_id_and_abuse_complaint_id(user.id, profile.opened_abuse_complaint.id)
+          Delayed::Job.enqueue DownloadReportedImagesJob.new(abuse_report, article)
+        end
+
+        render :text => {
+          :ok => true,
+          :message => _('Your abuse report was registered. The administrators are reviewing your report.'),
+        }.to_json
+      rescue Exception => exception
+        logger.error(exception.to_s)
+        render :text => {
+          :ok => false,
+          :error => {
+            :code => 2,
+            :message => _('Your report couldn\'t be saved due to some problem. Please contact the administrator.')
+          }
+        }.to_json
+      end
+    end
+  end
+
   protected
   def check_access_to_profile
@@ -231,16 +281,16 @@ class ProfileController &lt; PublicController
     end
   end
-  def store_before_join
-    if session[:before_join].nil?
-      session[:before_join] = request.referer
+  def store_location
+    if session[:previous_location].nil?
+      session[:previous_location] = request.referer
     end
   end
-  def redirect_to_before_join
-    back = session[:before_join]
+  def redirect_to_previous_location
+    back = session[:previous_location]
     if back
-      session[:before_join] = nil
+      session[:previous_location] = nil
       redirect_to back
     else
       redirect_to profile.url
@@ -259,7 +309,7 @@ class ProfileController &lt; PublicController
   end
   def invisible_profile
-    render_access_denied(_("Sorry, this profile was defined as private by its owner. You'll not be able to view content here unless the profile owner adds adds you."), _("Oops ... you cannot go ahead here"))
+    render_access_denied(_("This profile is inaccessible. You don't have the permission to view the content here."), _("Oops ... you cannot go ahead here"))
   end
   def per_page
@@ -209,7 +209,11 @@ module ApplicationHelper
       the_class << ' ' << html_options[:class]
     end
     the_title = html_options[:title] || label
-    link_to('&nbsp;'+content_tag('span', label), url, html_options.merge(:class => the_class, :title => the_title))
+    if html_options[:disabled]
+      content_tag('a', '&nbsp;'+content_tag('span', label), html_options.merge(:class => the_class, :title => the_title))
+    else
+      link_to('&nbsp;'+content_tag('span', label), url, html_options.merge(:class => the_class, :title => the_title))
+    end
   end
   def button_to_function(type, label, js_code, html_options = {}, &block)
@@ -257,30 +261,59 @@ module ApplicationHelper
     concat(content_tag('div', capture(&block) + tag('br', :style => 'clear: left;'), { :class => 'button-bar' }.merge(options)))
   end
-  def partial_for_class(klass)
-    if klass.nil?
-      raise ArgumentError, 'No partial for object. Is there a partial for any class in the inheritance hierarchy?'
-    end
+  VIEW_EXTENSIONS = %w[.rhtml .html.erb]
+  def partial_for_class_in_view_path(klass, view_path)
+    return nil if klass.nil?
     name = klass.name.underscore
-    if File.exists?(File.join(RAILS_ROOT, 'app', 'views', params[:controller], "_#{name}.rhtml"))
-      name
+
+    search_name = String.new(name)
+    if search_name.include?("/")
+      search_name.gsub!(/(\/)([^\/]*)$/,'\1_\2')
+      name = File.join(params[:controller], name) if defined?(params) && params[:controller]
     else
-      partial_for_class(klass.superclass)
+      search_name = "_" + search_name
+    end
+
+    VIEW_EXTENSIONS.each do |ext|
+      path = defined?(params) && params[:controller] ? File.join(view_path, params[:controller], search_name+ext) : File.join(view_path, search_name+ext)
+      return name if File.exists?(File.join(path))
     end
+
+    partial_for_class_in_view_path(klass.superclass, view_path)
   end
-  def partial_for_task_class(klass, action)
-    if klass.nil?
-      raise ArgumentError, 'No partial for object. Is there a partial for any class in the inheritance hierarchy?'
+  def partial_for_class(klass)
+    raise ArgumentError, 'No partial for object. Is there a partial for any class in the inheritance hierarchy?' if klass.nil?
+    name = klass.name.underscore
+    @controller.view_paths.each do |view_path|
+      partial = partial_for_class_in_view_path(klass, view_path)
+      return partial if partial
     end
+    raise ArgumentError, 'No partial for object. Is there a partial for any class in the inheritance hierarchy?'
+  end
+
+  def partial_for_task_class(klass, action)
+    raise ArgumentError, 'No partial for object. Is there a partial for any class in the inheritance hierarchy?' if klass.nil?
+
     name = "#{klass.name.underscore}_#{action.to_s}"
-    if File.exists?(File.join(RAILS_ROOT, 'app', 'views', params[:controller], "_#{name}.rhtml"))
-      name
-    else
-      partial_for_task_class(klass.superclass, action)
+    VIEW_EXTENSIONS.each do |ext|
+      return name if File.exists?(File.join(RAILS_ROOT, 'app', 'views', params[:controller], '_'+name+ext))
+    end
+
+    partial_for_task_class(klass.superclass, action)
+  end
+
+  def view_for_profile_actions(klass)
+    raise ArgumentError, 'No profile actions view for this class.' if klass.nil?
+
+    name = klass.name.underscore
+    VIEW_EXTENSIONS.each do |ext|
+      return "blocks/profile_info_actions/"+name+ext if File.exists?(File.join(RAILS_ROOT, 'app', 'views', 'blocks', 'profile_info_actions', name+ext))
     end
+
+    view_for_profile_actions(klass.superclass)
   end
   def user
@@ -556,17 +589,18 @@ module ApplicationHelper
   def gravatar_url_for(email, options = {})
     # Ta dando erro de roteamento
+    default = theme_option['gravatar'] || NOOSFERO_CONF['gravatar'] || nil
     url_for( { :gravatar_id => Digest::MD5.hexdigest(email),
                :host => 'www.gravatar.com',
                :protocol => 'http://',
                :only_path => false,
                :controller => 'avatar.php',
-               :d => NOOSFERO_CONF['gravatar'] ? NOOSFERO_CONF['gravatar'] : nil
+               :d => default
              }.merge(options) )
   end
   def str_gravatar_url_for(email, options = {})
-    default = NOOSFERO_CONF['gravatar'] ? NOOSFERO_CONF['gravatar'] : nil
+    default = theme_option['gravatar'] || NOOSFERO_CONF['gravatar'] || nil
     url = 'http://www.gravatar.com/avatar.php?gravatar_id=' +
            Digest::MD5.hexdigest(email)
     {
@@ -870,7 +904,7 @@ module ApplicationHelper
   def template_stylesheet_path
     if profile.nil?
-      '/designs/templates/default/stylesheets/style.css'
+      "/designs/templates/#{environment.layout_template}/stylesheets/style.css"
     else
       "/designs/templates/#{profile.layout_template}/stylesheets/style.css"
     end
@@ -947,8 +981,10 @@ module ApplicationHelper
       'thickbox',
       'lightbox',
       'colorpicker',
+      colorbox_stylesheet_path,
       pngfix_stylesheet_path,
-    ]
+    ] +
+    tokeninput_stylesheets
   end
   # DEPRECATED. Do not use this·
@@ -960,6 +996,14 @@ module ApplicationHelper
     'iepngfix/iepngfix.css'
   end
+  def colorbox_stylesheet_path
+    'colorbox/colorbox.css'
+  end
+
+  def tokeninput_stylesheets
+    ['token-input', 'token-input-facebook', 'token-input-mac']
+  end
+
   def noosfero_layout_features
     render :file => 'shared/noosfero_layout_features'
   end
@@ -975,7 +1019,10 @@ module ApplicationHelper
   def article_to_html(article, options = {})
     options.merge!(:page => params[:npage])
     content = article.to_html(options)
-    return self.instance_eval(&content) if content.kind_of?(Proc)
+    content = content.kind_of?(Proc) ? self.instance_eval(&content) : content
+    @plugins && @plugins.enabled_plugins.each do |plugin|
+      content = plugin.parse_content(content)
+    end
     content
   end
@@ -1083,6 +1130,17 @@ module ApplicationHelper
     link_to(content_tag(:span, _('Communities Menu')), '#', :onclick => "toggleSubmenu(this,'',#{links.to_json}); return false", :class => 'menu-submenu-trigger up', :id => 'submenu-communities-trigger')
   end
+  def browse_contents_menu
+     links = [
+       {s_('contents|More Comments') => {:href => url_for({:controller => 'browse', :action => 'contents', :filter => 'more_comments'})}},
+       {s_('contents|More Views') => {:href => url_for({:controller => 'browse', :action => 'contents', :filter => 'more_views'})}},
+       {s_('contents|More Recent') => {:href => url_for({:controller => 'browse', :action => 'contents', :filter => 'more_recent'})}}
+     ]
+
+    link_to(content_tag(:span, _('Contents'), :class => 'icon-blog'), {:controller => "browse", :action => 'contents'}, :id => 'submenu-contents') +
+    link_to(content_tag(:span, _('Contents Menu')), '#', :onclick => "toggleSubmenu(this,'',#{links.to_json}); return false", :class => 'menu-submenu-trigger up', :id => 'submenu-contents-trigger')
+  end
+
   def pagination_links(collection, options={})
     options = {:prev_label => '&laquo; ' + _('Previous'), :next_label => _('Next') + ' &raquo;'}.merge(options)
     will_paginate(collection, options)
@@ -1099,16 +1157,27 @@ module ApplicationHelper
     result
   end
+  def manage_enterprises
+    if user && !user.enterprises.empty?
+      enterprises_link = user.enterprises.map do |enterprise|
+        link_to(content_tag('strong', [_('<span>Manage</span> %s') % enterprise.short_name(25)]), @environment.top_url + "/myprofile/#{enterprise.identifier}", :class => "icon-menu-"+enterprise.class.identification.underscore, :title => [_('Manage %s') % enterprise.short_name])
+      end
+      render :partial => 'shared/manage_enterprises', :locals => {:enterprises_link => enterprises_link}
+    end
+  end
+
   def usermenu_logged_in
     pending_tasks_count = ''
-    if user && user.all_pending_tasks.count > 0
-      pending_tasks_count = link_to(user.all_pending_tasks.count.to_s, '/myprofile/{login}/tasks', :id => 'pending-tasks-count', :title => _("Manage your pending tasks"))
+    count = user ? Task.to(user).pending.count : -1
+    if count > 0
+      pending_tasks_count = link_to(count.to_s, @environment.top_url + '/myprofile/{login}/tasks', :id => 'pending-tasks-count', :title => _("Manage your pending tasks"))
     end
-    (_('Welcome, %s') % link_to('<i></i><strong>{login}</strong>', '/{login}', :id => "homepage-link", :title => _('Go to your homepage'))) +
+    (_("<span class='welcome'>Welcome,</span> %s") % link_to('<i></i><strong>{login}</strong>', @environment.top_url + '/{login}', :id => "homepage-link", :title => _('Go to your homepage'))) +
     render_environment_features(:usermenu) +
-    link_to('<i class="icon-menu-admin"></i><strong>' + _('Administration') + '</strong>', { :controller => 'admin_panel', :action => 'index' }, :id => "controlpanel", :title => _("Configure the environment"), :class => 'admin-link', :style => 'display: none') +
-    link_to('<i class="icon-menu-ctrl-panel"></i><strong>' + _('Control panel') + '</strong>', '/myprofile/{login}', :id => "controlpanel", :title => _("Configure your personal account and content")) +
+    link_to('<i class="icon-menu-admin"></i><strong>' + _('Administration') + '</strong>', @environment.top_url + '/admin', :id => "controlpanel", :title => _("Configure the environment"), :class => 'admin-link', :style => 'display: none') +
+    manage_enterprises.to_s +
+    link_to('<i class="icon-menu-ctrl-panel"></i><strong>' + _('Control panel') + '</strong>', @environment.top_url + '/myprofile/{login}', :id => "controlpanel", :title => _("Configure your personal account and content")) +
     pending_tasks_count +
     link_to('<i class="icon-menu-logout"></i><strong>' + _('Logout') + '</strong>', { :controller => 'account', :action => 'logout'} , :id => "logout", :title => _("Leave the system"))
   end
@@ -1206,4 +1275,39 @@ module ApplicationHelper
     end
   end
+  def render_dialog_error_messages(instance_name)
+    render :partial => 'shared/dialog_error_messages', :locals => { :object_name => instance_name }
+  end
+
+  def report_abuse(profile, type, content=nil)
+    return if !user || user == profile
+
+    url = { :controller => 'profile',
+            :action => 'report_abuse',
+            :profile => profile.identifier }
+    url.merge!({:content_type => content.class.name, :content_id => content.id}) if content
+    text = content_tag('span', _('Report abuse'))
+    klass = 'report-abuse-action'
+    already_reported_message = _('You already reported this profile.')
+    report_profile_message = _('Report this profile for abusive behaviour')
+
+    if type == :button
+      if user.already_reported?(profile)
+        button(:alert, text, url, :class => klass+' disabled', :disabled => true, :title => already_reported_message)
+      else
+        button(:alert, text, url, :class => klass, :title => report_profile_message)
+      end
+    elsif type == :link
+      if user.already_reported?(profile)
+        content_tag('a', text, :class => klass + ' disabled button with-text icon-alert', :title => already_reported_message)
+      else
+        link_to(text, url, :class => klass + ' button with-text icon-alert', :title => report_profile_message)
+      end
+    elsif type == :comment_link
+      (user.already_reported?(profile) ?
+        content_tag('a', text, :class => klass + ' disabled comment-footer comment-footer-link', :title => already_reported_message) :
+        link_to(text, url, :class => klass + ' comment-footer comment-footer-link', :title => report_profile_message)
+      ) + content_tag('span', ' | ', :class => 'comment-footer comment-footer-hide')
+    end
+  end
 end
@@ -99,7 +99,9 @@ module BoxesHelper
     unless block.visible?
       options[:title] = _("This block is invisible. Your visitors will not see it.")
     end
-
+    @controller.send(:content_editor?) || @plugins.enabled_plugins.each do |plugin|
+      result = plugin.parse_content(result)
+    end
     box_decorator.block_target(block.box, block) +
       content_tag('div',
        content_tag('div',
@@ -5,16 +5,24 @@ include ManageProductsHelper
   def display_products_list(profile, products)
     data = ''
+    extra_content = []
+    extra_content_list = []
     products.each { |product|
-
+      extra_content = @plugins.map(:catalog_item_extras, product).collect { |content| instance_eval(&content) } if @plugins
+      extra_content_list = @plugins.map(:catalog_list_item_extras, product).collect { |content| instance_eval(&content) } if @plugins
       data << content_tag('li',
-        link_to_product(product, :class => 'product-pic', :style => 'background-image:url(%s)' % ( product.image ? product.image.public_filename(:portrait) : '/images/icons-app/product-default-pic-portrait.png' )) +
+        link_to_product(product, :class => 'product-pic', :style => 'background-image:url(%s)' % product.default_image(:portrait) ) +
         content_tag('h3', link_to_product(product)) +
         content_tag('ul',
           (product.price ? content_tag('li', _('Price: %s') % ( "%.2f" % product.price), :class => 'product_price') : '') +
-          content_tag('li', product_category_name(profile, product.product_category), :class => 'product_category')
+          content_tag('li', product_category_name(profile, product.product_category), :class => 'product_category') +
+          extra_content_list.map { |content| content_tag('li', content)}.join("\n")
         ) +
-        (product.description ? content_tag('div', txt2html(product.description), :class => 'description') : tag('br', :style => 'clear:both')),
+        (product.description ? content_tag('div',
+                                           txt2html(product.description),
+                                           :class => 'description') : tag('br',
+                                           :style => 'clear:both')) +
+        extra_content.join("\n"),
         :class => 'product')
     }
     content_tag('h1', _('Products/Services')) + content_tag('ul', data, :id => 'product_list')
@@ -22,9 +22,14 @@ module ContentViewerHelper
       end
       comments = ''
       unless args[:no_comments] || !article.accept_comments
-        comments = ("- %s") % link_to_comments(article)
+        comments = (" - %s") % link_to_comments(article)
       end
-      title << content_tag('span', _("%s, by %s %s") % [show_date(article.published_at), link_to(article.author_name, article.author.url), comments], :class => 'created-at')
+      title << content_tag('span',
+        content_tag('span', show_date(article.published_at), :class => 'date') +
+        content_tag('span', [_(", by %s") % link_to(article.author_name, article.author.url)], :class => 'author') +
+        content_tag('span', comments, :class => 'comments'),
+        :class => 'created-at'
+      )
     end
     title
   end
@@ -46,4 +51,21 @@ module ContentViewerHelper
     end
   end
+  def addthis_facebook_url(article)
+    "http://www.facebook.com/sharer.php?s=100&p[title]=%{title}&p[summary]=%{summary}&p[url]=%{url}&p[images][0]=%{image}" % {
+      :title => CGI.escape(article.title),
+      :url => CGI.escape(url_for(article.url)),
+      :summary => CGI.escape(truncate(strip_tags(article.body.to_s), 300)),
+      :image => CGI.escape(article.body_images_paths.first.to_s)
+    }
+  end
+
+  def addthis_image_tag
+    if File.exists?(File.join(Rails.root, 'public', theme_path, 'images', 'addthis.gif'))
+      image_tag(File.join(theme_path, 'images', 'addthis.gif'), :border => 0, :alt => '')
+    else
+      image_tag("/images/bt-bookmark.gif", :width => 53, :height => 16, :border => 0, :alt => '')
+    end
+  end
+
 end
@@ -42,11 +42,11 @@ module DatesHelper
     end
   end
-  def show_period(date1, date2 = nil)
+  def show_period(date1, date2 = nil, use_numbers = false)
     if (date1 == date2) || (date2.nil?)
-      show_date(date1)
+      show_date(date1, use_numbers)
     else
-      _('from %{date1} to %{date2}') % {:date1 => show_date(date1), :date2 => show_date(date2)}
+      _('from %{date1} to %{date2}') % {:date1 => show_date(date1, use_numbers), :date2 => show_date(date2, use_numbers)}
     end
   end
@@ -27,14 +27,18 @@ module DisplayHelper
   end
   def txt2html(txt)
-    txt.
-      gsub( /\n\s*\n/, ' <p/> ' ).
-      gsub( /\n/, ' <br/> ' ).
-      gsub( /(^|\s)(www\.[^\s])/, '\1http://\2' ).
-      gsub( /(https?:\/\/([^\s]+))/ ) do
-        href, content = $1, $2.scan(/.{4}/).join('&#x200B;')
-        content_tag(:a, content, :href => href, :target => '_blank', :rel => 'nofolow',
-                    :onclick => "return confirm('%s')" % escape_javascript(_('Are you sure you want to visit this web site?')))
+    txt.strip.
+      gsub( /\s*\n\s*\n\s*/, "\r<p/>\r" ).
+      gsub( /\s*\n\s*/, "\n<br/>\n" ).
+      gsub( /\r/, "\n" ).
+      gsub( /(^|\s)(www\.[^\s]+|https?:\/\/[^\s]+)/ ) do
+        pre_char, href = $1, $2
+        href = 'http://'+href  if ! href.match /^https?:/
+        content = href.gsub(/^https?:\/\//, '').scan(/.{1,4}/).join('&#x200B;')
+        pre_char +
+        content_tag(:a, content, :href => href, :target => '_blank',
+                    :rel => 'nofolow', :onclick => "return confirm('%s')" %
+                      _('Are you sure you want to visit this web site?'))
       end
   end
 end
@@ -21,14 +21,13 @@ module EventsHelper
   end
   def populate_calendar(selected_date, events)
+    events.reject! {|event| !event.display_to?(user)}
     calendar = Event.date_range(selected_date.year, selected_date.month).map do |date|
       [
         # the day itself
         date,
         # is there any events in this date?
-        events.select {|event| event.display_to?(user)}.any? do |event|
-          event.date_range.include?(date)
-        end,
+        events.any? {|event| event.date_range.include?(date)},
         # is this date in the current month?
         true
       ]
@@ -104,8 +104,8 @@ module ProfileEditorHelper
     @country_helper ||= CountriesHelper.instance
   end
-  def select_country(title, object, method, options)
-    labelled_form_field(title, select(object, method, [[_('[Select ...]'), nil]] + country_helper.countries, {}, options))
+  def select_country(title, object, method, html_options = {}, options = {})
+    labelled_form_field(title, select(object, method, [[_('[Select ...]'), nil]] + country_helper.countries, options, html_options))
   end
   def select_schooling(object, method, options)
@@ -22,7 +22,7 @@ module SweeperHelper
     # friends blocks
     blocks = profile.blocks.select{|b| b.kind_of?(FriendsBlock)}
-    blocks.map(&:cache_keys).each{|ck|expire_timeout_fragment(ck)}
+    blocks.map(&:cache_key).each{|ck|expire_timeout_fragment(ck)}
   end
   def expire_communities(profile)
@@ -34,13 +34,13 @@ module SweeperHelper
     # communities block
     blocks = profile.blocks.select{|b| b.kind_of?(CommunitiesBlock)}
-    blocks.map(&:cache_keys).each{|ck|expire_timeout_fragment(ck)}
+    blocks.map(&:cache_key).each{|ck|expire_timeout_fragment(ck)}
   end
   def expire_enterprises(profile)
     # enterprises and favorite enterprises blocks
     blocks = profile.blocks.select {|b| [EnterprisesBlock, FavoriteEnterprisesBlock].any?{|klass| b.kind_of?(klass)} }
-    blocks.map(&:cache_keys).each{|ck|expire_timeout_fragment(ck)}
+    blocks.map(&:cache_key).each{|ck|expire_timeout_fragment(ck)}
   end
   def expire_profile_index(profile)
@@ -28,7 +28,6 @@ module TagsHelper
   # courtesy of Aurelio: http://www.colivre.coop.br/Aurium/Nuvem 
   # (pt_BR only).
   def tag_cloud(tags, tagname_option, url, options = {})
-  
     return content_tag('em', _('No tags yet.')) +
            ' <a href="' + _('http://en.wikipedia.org/wiki/Tag_%28metadata%29') +
@@ -42,7 +41,7 @@ module TagsHelper
     max = tags.values.max.to_f
     min = tags.values.min.to_f
-    tags.map do |tag,count|
+    tags.sort_by{ |k,v| k.downcase }.map do |tag,count|
       if ( max == min )
         v = 0.5
       else
@@ -0,0 +1,75 @@
+class AbuseComplaint < Task
+  has_many :abuse_reports, :dependent => :destroy
+  belongs_to :reported, :class_name => "Profile", :foreign_key => "requestor_id"
+
+  validates_presence_of :reported
+  alias :requestor :reported
+
+  def initialize(*args)
+    super
+    self.status = (args.first ? args.first[:status] : nil) || Task::Status::HIDDEN
+  end
+
+  after_update do |abuse_complaint|
+    if abuse_complaint.reported.environment.reports_lower_bound < abuse_complaint.abuse_reports.count && abuse_complaint.status == Task::Status::HIDDEN
+      abuse_complaint.activate
+    end
+  end
+
+  def target
+    reported.environment
+  end
+
+  def environment
+    target
+  end
+
+  def title
+    abuse_reports.count > 1 ? (_('Abuse complaint (%s)') % abuse_reports.count) :_('Abuse complaint')
+  end
+
+  def linked_subject
+    {:text => reported.name, :url => reported.url}
+  end
+
+  def information
+    {:message => _('%{linked_subject} was reported due to inappropriate behavior.')}
+  end
+
+  def accept_details
+    true
+  end
+
+  def reject_details
+    true
+  end
+
+  def icon
+    {:type => :profile_image, :profile => reported, :url => reported.url}
+  end
+
+  def default_decision
+    'skip'
+  end
+
+  def perform
+    reported.disable
+  end
+
+  def task_activated_message
+    _('Your profile was reported by the users of %s due to inappropriate behavior. The administrators of the environment are now reviewing the report. To solve this misunderstanding, please contact the administrators.') % environment.name
+  end
+
+  def task_finished_message
+    _('Your profile was disabled by the administrators of %s due to inappropriate behavior. To solve this misunderstanding please contact them.') % environment.name
+  end
+
+  def target_notification_description
+    _('%s was reported due to inappropriate behavior.') % reported.name
+  end
+
+  def target_notification_message
+    _('The users of %{environment} reported %{reported} due to inappropriate behavior. A task was created with all the reports including the reasons and contents reported by these users. Please verify the reports and decide whether this profile must be disabled or not.') % {:environment => environment.name, :reported => reported.name}
+  end
+
+end
@@ -0,0 +1,15 @@
+class AbuseReport < ActiveRecord::Base
+
+  belongs_to :reporter, :class_name => 'Person'
+  belongs_to :abuse_complaint
+  has_many :reported_images, :dependent => :destroy
+
+  validates_presence_of :reporter, :abuse_complaint, :reason
+  validates_uniqueness_of :reporter_id, :scope => :abuse_complaint_id
+
+  xss_terminate :sanitize => [:reason]
+
+  after_create do |abuse_report|
+    abuse_report.abuse_complaint.save!
+  end
+end
@@ -77,6 +77,10 @@ class ApproveArticle &lt; Task
     true
   end
+  def reject_details
+    true
+  end
+
   def default_decision
     if article
       'skip'
@@ -90,7 +94,11 @@ class ApproveArticle &lt; Task
   end
   def target_notification_description
-    _('%{requestor} wants to publish the article: %{article}.') % {:requestor => requestor.name, :article => article.name}
+    if article
+      _('%{requestor} wants to publish the article: %{article}.') % {:requestor => requestor.name, :article => article.name}
+    else
+      _('%{requestor} wanted to publish an article but it was removed.') % {:requestor => requestor.name}
+    end
   end
   def target_notification_message
@@ -107,4 +115,11 @@ class ApproveArticle &lt; Task
     end
   end
+  def task_cancelled_message
+    message = _('Your request for publishing the article "{article}" was rejected.')
+    if !reject_explanation.blank?
+      message += " " + _("Here is the reject explanation left by the administrator who rejected your article: \n\n%{reject_explanation}") % {:reject_explanation => reject_explanation}
+    end
+  end
+
 end
@@ -188,6 +188,14 @@ class Article &lt; ActiveRecord::Base
     body || ''
   end
+  include ApplicationHelper
+  def reported_version(options = {})
+    article = self
+    search_path = File.join(Rails.root, 'app', 'views', 'shared', 'reported_versions')
+    partial_path = File.join('shared', 'reported_versions', partial_for_class_in_view_path(article.class, search_path))
+    lambda { render_to_string(:partial => partial_path, :locals => {:article => article}) }
+  end
+
   # returns the data of the article. Must be overriden in each subclass to
   # provide the correct content for the article. 
   def data
@@ -265,6 +273,10 @@ class Article &lt; ActiveRecord::Base
     false
   end
+  def uploaded_file?
+    false
+  end
+
   def has_posts?
     false
   end
@@ -343,11 +355,20 @@ class Article &lt; ActiveRecord::Base
     ['Folder', 'Blog', 'Forum', 'Gallery']
   end
+  def self.text_article_types
+    ['TextArticle', 'TextileArticle', 'TinyMceArticle']
+  end
+
   named_scope :published, :conditions => { :published => true }
   named_scope :folders, :conditions => { :type => folder_types}
   named_scope :no_folders, :conditions => ['type NOT IN (?)', folder_types]
   named_scope :galleries, :conditions => { :type => 'Gallery' }
   named_scope :images, :conditions => { :is_image => true }
+  named_scope :text_articles, :conditions => [ 'articles.type IN (?)', text_article_types ]
+
+  named_scope :more_comments, :order => "comments_count DESC"
+  named_scope :more_views, :order => "hits DESC"
+  named_scope :more_recent, :order => "created_at DESC"
   def self.display_filter(user, profile)
     return {:conditions => ['published = ?', true]} if !user
@@ -509,6 +530,35 @@ class Article &lt; ActiveRecord::Base
     self.parent && self.parent.accept_uploads?
   end
+  def body_images_paths
+    require 'uri'
+    Hpricot(self.body.to_s).search('img[@src]').collect do |i|
+      (self.profile && self.profile.environment) ? URI.join(self.profile.environment.top_url, URI.escape(i.attributes['src'])).to_s : i.attributes['src']
+    end
+  end
+
+  def more_comments_label
+    amount = self.comments_count
+    {
+      0 => _('no comments'),
+      1 => _('one comment')
+    }[amount] || _("%s comments") % amount
+
+  end
+
+  def more_views_label
+    amount = self.hits
+    {
+      0 => _('no views'),
+      1 => _('one view')
+    }[amount] || _("%s views") % amount
+
+  end
+
+  def more_recent_label
+    _('Created at: ')
+  end
+
   private
   def sanitize_tag_list
@@ -34,6 +34,12 @@ class Block &lt; ActiveRecord::Base
         else
           return context[:request_path] == '/'
         end
+      elsif display == 'except_home_page'
+        if context[:article]
+          return context[:article] != owner.home_page
+        else
+          return context[:request_path] != '/' + owner.identifier
+        end
       end
     end
     true
@@ -45,6 +51,8 @@ class Block &lt; ActiveRecord::Base
   # * <tt>'never'</tt>: the block is hidden (it does not appear for visitors)
   # * <tt>'home_page_only'</tt> the block is displayed only when viewing the
   #   homepage of its owner.
+  # * <tt>'except_home_page'</tt> the block is displayed only when viewing
+  #   the homepage of its owner.
   settings_items :display, :type => :string, :default => 'always'
   # The block can be configured to be displayed in all languages or in just one language. It can assume any locale of the environment:
@@ -119,10 +127,6 @@ class Block &lt; ActiveRecord::Base
     true
   end
-  def cache_keys
-    "block-id-#{id}"
-  end
-
   def timeout
     4.hours
   end
@@ -72,4 +72,8 @@ class Blog &lt; Folder
   alias :display_posts_in_current_language? :display_posts_in_current_language
+  def empty?
+    posts.empty?
+  end
+
 end
@@ -2,7 +2,7 @@ class Comment &lt; ActiveRecord::Base
   track_actions :leave_comment, :after_create, :keep_params => ["article.title", "article.url", "title", "url", "body"], :custom_target => :action_tracker_target 
-  validates_presence_of :title, :body
+  validates_presence_of :body
   belongs_to :article, :counter_cache => true
   belongs_to :author, :class_name => 'Person', :foreign_key => 'author_id'
   has_many :children, :class_name => 'Comment', :foreign_key => 'reply_of_id', :dependent => :destroy
@@ -98,6 +98,16 @@ class Comment &lt; ActiveRecord::Base
     root
   end
+  include ApplicationHelper
+  def reported_version(options = {})
+    comment = self
+    lambda { render_to_string(:partial => 'shared/reported_versions/comment', :locals => {:comment => comment}) }
+  end
+
+  def to_html(option={})
+    body || ''
+  end
+
   class Notifier < ActionMailer::Base
     def mail(comment)
       profile = comment.article.profile
@@ -75,4 +75,8 @@ class Community &lt; Organization
     end
   end
+  def control_panel_settings_button
+    {:title => __('Community Info and settings'), :icon => 'edit-profile-group'}
+  end
+
 end
@@ -23,23 +23,26 @@ class Contact &lt; ActiveRecord::Base #WithoutTable
   class Sender < ActionMailer::Base
     def mail(contact)
+      content_type 'text/html'
       emails = contact.dest.notification_emails
       recipients emails
-      from "#{contact.name} <#{contact.email}>"
+      from "#{contact.name} <#{contact.dest.environment.contact_email}>"
+      reply_to contact.email
       if contact.sender
         headers 'X-Noosfero-Sender' => contact.sender.identifier
       end
       if contact.receive_a_copy
         cc "#{contact.name} <#{contact.email}>"
       end
-      subject contact.subject
+      subject "[#{contact.dest.short_name(30)}] " + contact.subject
       body :name => contact.name,
         :email => contact.email,
         :city => contact.city,
         :state => contact.state,
         :message => contact.message,
         :environment => contact.dest.environment.name,
-        :url => url_for(:host => contact.dest.environment.default_hostname, :controller => 'home')
+        :url => url_for(:host => contact.dest.environment.default_hostname, :controller => 'home'),
+        :target => contact.dest.name
     end
   end
@@ -10,7 +10,7 @@ class Domain &lt; ActiveRecord::Base
   # <tt>name</tt> must be a sequence of word characters (a to z, plus 0 to 9,
   # plus '_'). Letters must be lowercase
-  validates_format_of :name, :with => /^([a-z0-9_]+\.)+[a-z0-9_]+$/, :message => N_('%{fn} must be composed only of lowercase latters (a to z), numbers (0 to 9) and "_"')
+  validates_format_of :name, :with => /^([a-z0-9_-]+\.)+[a-z0-9_-]+$/, :message => N_('%{fn} must be composed only of lowercase latters (a to z), numbers (0 to 9), "_" and "-"')
   # checks validations that could not be expressed using Rails' predefined
   # validations. In particular:
@@ -7,6 +7,8 @@ class Enterprise &lt; Organization
   has_many :products, :dependent => :destroy, :order => 'name ASC'
   has_many :inputs, :through => :products
+  has_and_belongs_to_many :fans, :class_name => 'Person', :join_table => 'favorite_enteprises_people'
+
   extra_data_for_index :product_categories
   N_('Organization website'); N_('Historic and current context'); N_('Activities short description'); N_('City'); N_('State'); N_('Country'); N_('ZIP code')
@@ -145,6 +147,7 @@ class Enterprise &lt; Organization
   end
   before_create do |enterprise|
+    enterprise.validated = enterprise.environment.enabled?('enterprises_are_validated_when_created')
     if enterprise.environment.enabled?('enterprises_are_disabled_when_created')
       enterprise.enabled = false
     end
@@ -165,4 +168,12 @@ class Enterprise &lt; Organization
     enable_contact_us
   end
+  def control_panel_settings_button
+    {:title => __('Enterprise Info and settings'), :icon => 'edit-profile-enterprise'}
+  end
+
+  def create_product?
+    true
+  end
+
 end
@@ -9,6 +9,13 @@ class Environment &lt; ActiveRecord::Base
   has_many :tasks, :dependent => :destroy, :as => 'target'
+  IDENTIFY_SCRIPTS = /(php[0-9s]?|[sp]htm[l]?|pl|py|cgi|rb)/
+
+  def self.verify_filename(filename)
+    filename += '.txt' if File.extname(filename) =~ IDENTIFY_SCRIPTS
+    filename
+  end
+
   PERMISSIONS['Environment'] = {
     'view_environment_admin_panel' => N_('View environment admin panel'),
     'edit_environment_features' => N_('Edit environment features'),
@@ -67,6 +74,10 @@ class Environment &lt; ActiveRecord::Base
     self.affiliate(user, Environment::Roles.admin(self.id))
   end
+  def remove_admin(user)
+    self.disaffiliate(user, Environment::Roles.admin(self.id))
+  end
+
   def admins
     Person.members_of(self).all(:conditions => ['role_assignments.role_id = ?', Environment::Roles.admin(self).id])
   end
@@ -106,6 +117,7 @@ class Environment &lt; ActiveRecord::Base
       'enable_organization_url_change' => _("Allow organizations to change their URL"),
       'admin_must_approve_new_communities' => _("Admin must approve creation of communities"),
       'enterprises_are_disabled_when_created' => __('Enterprises are disabled when created'),
+      'enterprises_are_validated_when_created' => __('Enterprises are validated when created'),
       'show_balloon_with_profile_links_when_clicked' => _('Show a balloon with profile links when a profile image is clicked'),
       'xmpp_chat' => _('XMPP/Jabber based chat'),
       'show_zoom_button_on_article_images' => _('Show a zoom link on all article images')
@@ -218,7 +230,19 @@ class Environment &lt; ActiveRecord::Base
   settings_items :currency_separator, :type => String, :default => '.'
   settings_items :currency_delimiter, :type => String, :default => ','
-  settings_items :trusted_sites_for_iframe, :type => Array, :default => ['itheora.org', 'tv.softwarelivre.org', 'stream.softwarelivre.org']
+  settings_items :trusted_sites_for_iframe, :type => Array, :default => %w[
+    developer.myspace.com
+    itheora.org
+    maps.google.com
+    platform.twitter.com
+    player.vimeo.com
+    stream.softwarelivre.org
+    tv.softwarelivre.org
+    www.facebook.com
+    www.flickr.com
+    www.gmodules.com
+    www.youtube.com
+  ] + ('a' .. 'z').map{|i| "#{i}.yimg.com"}
   settings_items :enabled_plugins, :type => Array, :default => []
@@ -228,17 +252,28 @@ class Environment &lt; ActiveRecord::Base
   # Enables a feature identified by its name
   def enable(feature)
-    self.settings["#{feature}_enabled"] = true
+    self.settings["#{feature}_enabled".to_sym] = true
+  end
+
+  def enable_plugin(plugin)
+    self.enabled_plugins += [plugin]
+    self.enabled_plugins.uniq!
+    self.save!
   end
   # Disables a feature identified by its name
   def disable(feature)
-    self.settings["#{feature}_enabled"] = false
+    self.settings["#{feature}_enabled".to_sym] = false
+  end
+
+  def disable_plugin(plugin)
+    self.enabled_plugins.delete(plugin)
+    self.save!
   end
   # Tells if a feature, identified by its name, is enabled
   def enabled?(feature)
-    self.settings["#{feature}_enabled"] == true
+    self.settings["#{feature}_enabled".to_sym] == true
   end
   # enables the features identified by <tt>features</tt>, which is expected to
@@ -494,6 +529,7 @@ class Environment &lt; ActiveRecord::Base
   xss_terminate :only => [ :message_for_disabled_enterprise ], :with => 'white_list', :on => 'validation'
   validates_presence_of :theme
+  validates_numericality_of :reports_lower_bound, :allow_nil => false, :only_integer => true, :greater_than_or_equal_to => 0
   include WhiteListFilter
   filter_iframes :message_for_disabled_enterprise, :whitelist => lambda { trusted_sites_for_iframe }
@@ -517,12 +553,12 @@ class Environment &lt; ActiveRecord::Base
   # If #force_www is true, adds 'www.' at the beginning of the hostname. If the
   # environment has not associated domains, returns 'localhost'.
   def default_hostname(email_hostname = false)
-    if self.domains(true).empty?
-      'localhost'
-    else
+    domain = 'localhost'
+    unless self.domains(true).empty?
       domain = (self.domains.find_by_is_default(true) || self.domains.find(:first, :order => 'id')).name
-      email_hostname ? domain : (force_www ? ('www.' + domain) : domain)
+      domain = email_hostname ? domain : (force_www ? ('www.' + domain) : domain)
     end
+    domain
   end
   def top_url
@@ -671,13 +707,14 @@ class Environment &lt; ActiveRecord::Base
   def create_templates
     pre = self.name.to_slug + '_'
     ent_id = Enterprise.create!(:name => 'Enterprise template', :identifier => pre + 'enterprise_template', :environment => self, :visible => false).id
+    inactive_enterprise_tmpl = Enterprise.create!(:name => 'Inactive Enterprise template', :identifier => pre + 'inactive_enterprise_template', :environment => self, :visible => false)
     com_id = Community.create!(:name => 'Community template', :identifier => pre + 'community_template', :environment => self, :visible => false).id
     pass = Digest::MD5.hexdigest rand.to_s
     user = User.create!(:login => (pre + 'person_template'), :email => (pre + 'template@template.noo'), :password => pass, :password_confirmation => pass, :environment => self).person
-    user.visible = false
-    user.save!
+    user.update_attributes(:visible => false, :name => "Person template")
     usr_id = user.id
     self.settings[:enterprise_template_id] = ent_id
+    self.inactive_enterprise_template = inactive_enterprise_tmpl
     self.settings[:community_template_id] = com_id
     self.settings[:person_template_id] = usr_id
     self.save!
@@ -685,7 +722,7 @@ class Environment &lt; ActiveRecord::Base
   after_destroy :destroy_templates
   def destroy_templates
-    [enterprise_template, community_template, person_template].compact.each do |template|
+    [enterprise_template, inactive_enterprise_template, community_template, person_template].compact.each do |template|
       template.destroy
     end
   end
@@ -701,6 +738,4 @@ class Environment &lt; ActiveRecord::Base
   def image_galleries
     portal_community ? portal_community.image_galleries : []
   end
-
 end
-
@@ -0,0 +1,31 @@
+class FansBlock < ProfileListBlock
+
+  def self.description
+    _('Displays the people who like the enterprise')
+  end
+
+  def default_title
+    n__('{#} fan', '{#} fans', profile_count)
+  end
+
+  def help
+    _('This block presents the fans of an enterprise.')
+  end
+
+  def footer
+    profile = self.owner
+    lambda do
+      link_to _('View all'), :profile => profile.identifier, :controller =>
+      'profile', :action => 'fans'
+    end
+  end
+
+  def profiles
+    owner.fans
+  end
+
+  def profile_count
+    profiles.visible.count
+  end
+
+end
@@ -29,7 +29,7 @@ class Folder &lt; Article
   def to_html(options = {})
     folder = self
     lambda do
-      render :file => 'content_viewer/folder', :locals => { :folder => folder }
+      render :file => 'content_viewer/folder', :locals => {:folder => folder}
     end
   end
 class Image < ActiveRecord::Base
-  belongs_to :owner, :polymorphic => true
   def self.max_size
     Image.attachment_options[:max_size]
   end
+  sanitize_filename
+
   has_attachment :content_type => :image, 
                  :storage => :file_system, 
                  :path_prefix => 'public/image_uploads',
@@ -20,4 +21,6 @@ class Image &lt; ActiveRecord::Base
   delay_attachment_fu_thumbnails
+  postgresql_attachment_fu
+
 end
@@ -27,6 +27,10 @@ class Invitation &lt; Task
     TaskMailer.deliver_invitation_notification(task) unless task.friend
   end
+  def title
+    _('Invitation')
+  end
+
   def validate
     super
     email = friend ? friend.user.email : friend_email
@@ -8,7 +8,7 @@ class InviteFriend &lt; Invitation
   end
   def title
-    _("New friend")
+    _("Friend invitation")
   end
   def information
@@ -57,7 +57,7 @@ class LinkListBlock &lt; Block
   def link_html(link)
     klass = 'icon-' + link[:icon] if link[:icon]
     sanitize_link(
-      link_to(_(link[:name]), expand_address(link[:address]), :class => klass)
+      link_to(link[:name], expand_address(link[:address]), :class => klass)
     )
   end
@@ -95,12 +95,12 @@ class Organization &lt; Profile
     []
   end
-  N_('Display name'); N_('Description'); N_('Contact person'); N_('Contact email'); N_('Acronym'); N_('Foundation year'); N_('Legal form'); N_('Economic activity'); N_('Management information'); N_('Validated'); N_('Tag list')
-  settings_items :display_name, :description, :contact_person, :contact_email, :acronym, :foundation_year, :legal_form, :economic_activity, :management_information, :validated, :cnpj
+  N_('Display name'); N_('Description'); N_('Contact person'); N_('Contact email'); N_('Acronym'); N_('Foundation year'); N_('Legal form'); N_('Economic activity'); N_('Management information'); N_('Tag list')
+  settings_items :display_name, :description, :contact_person, :contact_email, :acronym, :foundation_year, :legal_form, :economic_activity, :management_information
   validates_format_of :foundation_year, :with => Noosfero::Constants::INTEGER_FORMAT
-
   validates_format_of :contact_email, :with => Noosfero::Constants::EMAIL_FORMAT, :if => (lambda { |org| !org.contact_email.blank? })
+  validates_as_cnpj :cnpj
   xss_terminate :only => [ :acronym, :contact_person, :contact_email, :legal_form, :economic_activity, :management_information ], :on => 'validation'
@@ -149,4 +149,12 @@ class Organization &lt; Profile
     false
   end
+  def members_to_json
+    members.map { |member| {:id => member.id, :name => member.name} }.to_json
+  end
+
+  def members_by_role_to_json(role)
+    members_by_role(role).map { |member| {:id => member.id, :name => member.name} }.to_json
+  end
+
 end
@@ -17,6 +17,8 @@ class Person &lt; Profile
   has_many :requested_tasks, :class_name => 'Task', :foreign_key => :requestor_id, :dependent => :destroy
+  has_many :abuse_reports, :foreign_key => 'reporter_id', :dependent => :destroy
+
   has_many :mailings
   has_many :scraps_sent, :class_name => 'Scrap', :foreign_key => :sender_id, :dependent => :destroy
@@ -116,6 +118,8 @@ class Person &lt; Profile
   description
   ]
+  validates_multiparameter_assignments
+
   def self.fields
     FIELDS
   end
@@ -387,6 +391,21 @@ class Person &lt; Profile
     leave_hash.to_json
   end
+  def already_reported?(profile)
+    abuse_reports.any? { |report| report.abuse_complaint.reported == profile && report.abuse_complaint.opened? }
+  end
+
+  def register_report(abuse_report, profile)
+    AbuseComplaint.create!(:reported => profile, :target => profile.environment) if !profile.opened_abuse_complaint
+    abuse_report.abuse_complaint = profile.opened_abuse_complaint
+    abuse_report.reporter = self
+    abuse_report.save!
+  end
+
+  def control_panel_settings_button
+    {:title => _('Profile Info and settings'), :icon => 'edit-profile'}
+  end
+
   protected
   def followed_by?(profile)
@@ -66,7 +66,7 @@ class Product &lt; ActiveRecord::Base
   end
   def default_image(size='thumb')
-    '/images/icons-app/product-default-pic-%s.png' % size
+    image ? image.public_filename(size) : '/images/icons-app/product-default-pic-%s.png' % size
   end
   def category_full_name
@@ -149,4 +149,8 @@ class Product &lt; ActiveRecord::Base
     unit.blank? ? name : "#{name} - #{unit.name.downcase}"
   end
+  def display_supplier_on_search?
+    true
+  end
+
 end
@@ -20,7 +20,15 @@ class ProductsBlock &lt; Block
     block_title(title) +
     content_tag(
       'ul',
-      products.map {|product| content_tag('li', link_to(product.name, product.url, :style => 'background-image:url(%s)' % ( product.image ? product.image.public_filename(:minor) : product.default_image('minor'))), :class => 'product' )}
+      products.map {|product|
+        content_tag('li',
+          link_to( product.name,
+                   product.url,
+                   :style => 'background-image:url(%s)' % product.default_image('minor')
+                 ),
+          :class => 'product'
+        )
+      }
     )
   end
@@ -52,8 +52,9 @@ class Profile &lt; ActiveRecord::Base
   acts_as_accessible
   named_scope :memberships_of, lambda { |person| { :select => 'DISTINCT profiles.*', :joins => :role_assignments, :conditions => ['role_assignments.accessor_type = ? AND role_assignments.accessor_id = ?', person.class.base_class.name, person.id ] } }
-  named_scope :enterprises, :conditions => "profiles.type = 'Enterprise'"
-  named_scope :communities, :conditions => "profiles.type = 'Community'"
+  #FIXME: these will work only if the subclass is already loaded
+  named_scope :enterprises, lambda { {:conditions => (Enterprise.send(:subclasses).map(&:name) << 'Enterprise').map { |klass| "profiles.type = '#{klass}'"}.join(" OR ")} }
+  named_scope :communities, lambda { {:conditions => (Community.send(:subclasses).map(&:name) << 'Community').map { |klass| "profiles.type = '#{klass}'"}.join(" OR ")} }
   def members
     Person.members_of(self)
@@ -163,34 +164,19 @@ class Profile &lt; ActiveRecord::Base
   has_many :events, :source => 'articles', :class_name => 'Event', :order => 'name'
-  %w[ pending finished ].each do |status|
-    class_eval <<-CODE
-      def all_#{status}_tasks
-        env_tasks = []
-        if self.person?
-          env_tasks = Environment.find(:all).select{ |env| self.is_admin?(env) }.map{ |env| env.tasks.#{status} }.flatten
-        end
-        tasks.#{status} + env_tasks
-      end
-    CODE
-  end
-
   def find_in_all_tasks(task_id)
-    if tasks.exists?(task_id)
-      return tasks.find(task_id)
-    else
-      if self.person?
-        environments_admin = Environment.find(:all).select{ |env| self.is_admin?(env) }
-        task = environments_admin.select{ |env| env.tasks.exists?(task_id) }.map{ |i| i.tasks.find(task_id) }
-        return task.first unless task.empty?
-      end
+    begin
+      Task.to(self).find(task_id)
+    rescue
+      nil
     end
-    return nil
   end
   has_many :profile_categorizations, :conditions => [ 'categories_profiles.virtual = ?', false ]
   has_many :categories, :through => :profile_categorizations
+  has_many :abuse_complaints, :foreign_key => 'requestor_id'
+
   def interests
     categories.select {|item| !item.is_a?(Region)}
   end
@@ -564,9 +550,7 @@ private :generate_url, :url_options
       if self.closed? && members_count > 0
         AddMember.create!(:person => person, :organization => self) unless self.already_request_membership?(person)
       else
-        if members_count == 0
-          self.affiliate(person, Profile::Roles.admin(environment.id))
-        end
+        self.affiliate(person, Profile::Roles.admin(environment.id)) if members_count == 0
         self.affiliate(person, Profile::Roles.member(environment.id))
       end
     else
@@ -809,6 +793,34 @@ private :generate_url, :url_options
     "#{jid(options)}/#{short_name}"
   end
+  def is_on_homepage?(url, page=nil)
+    if page
+      page == self.home_page
+    else
+      url == '/' + self.identifier
+    end
+  end
+
+  def opened_abuse_complaint
+    abuse_complaints.opened.first
+  end
+
+  def disable
+    self.visible = false
+    user.password = Digest::SHA1.hexdigest("--#{Time.now.to_s}--#{identifier}--")
+    user.password_confirmation = user.password
+    save!
+    user.save!
+  end
+
+  def control_panel_settings_button
+    {:title => _('Profile Info and settings'), :icon => 'edit-profile'}
+  end
+
+  def self.identification
+    name
+  end
+
   protected
     def followed_by?(person)
 class ProfileListBlock < Block
   settings_items :limit, :type => :integer, :default => 6
-  settings_items :prioritize_profiles_with_image, :type => :boolean, :default => false
+  settings_items :prioritize_profiles_with_image, :type => :boolean, :default => true
   def self.description
     _('Random profiles')
@@ -13,21 +13,21 @@ class ProfileListBlock &lt; Block
   end
   def profile_list
-    profiles.visible.all(:limit => limit, :select => 'DISTINCT profiles.*, ' + image_prioritizer + randomizer, :joins => "LEFT OUTER JOIN images ON images.owner_id = profiles.id", :order => image_prioritizer + randomizer)
+    result = nil
+    if !prioritize_profiles_with_image
+      result = profiles.visible.all(:limit => limit, :order => 'updated_at DESC').sort_by{ rand }
+    elsif profiles.visible.with_image.count >= limit
+      result = profiles.visible.with_image.all(:limit => limit * 5, :order => 'updated_at DESC').sort_by{ rand }
+    else
+      result = profiles.visible.with_image.sort_by{ rand } + profiles.visible.without_image.all(:limit => limit * 5, :order => 'updated_at DESC').sort_by{ rand }
+    end
+    result.slice(0..limit-1)
   end
   def profile_count
     profiles.visible.count('DISTINCT(profiles.id)')
   end
-  def randomizer
-    @randomizer ||= "(profiles.id % #{rand(profile_count) + 1})"
-  end
-
-  def image_prioritizer
-    prioritize_profiles_with_image ? '(images.id is null),' : ''
-  end
-
   # the title of the block. Probably will be overriden in subclasses.
   def default_title
     _('{#} People or Groups')
@@ -0,0 +1,13 @@
+class RawHTMLArticle < TextArticle
+
+  def self.short_description
+    _('Raw HTML text article.')
+  end
+
+  def self.description
+    _('Allows HTML without filter (only for admins)')
+  end
+
+  xss_terminate :only => [  ]
+
+end
@@ -0,0 +1,10 @@
+class ReportedImage < ActiveRecord::Base
+  belongs_to :abuse_report
+
+  validates_presence_of :abuse_report
+
+  has_attachment :content_type => :image,
+    :storage     => :file_system,
+    :max_size => 5.megabytes
+
+end
 class SuggestArticle < Task
-  has_captcha  
-
   validates_presence_of :target_id, :article_name, :email, :name, :article_body
   settings_items :email, :type => String
@@ -20,11 +20,14 @@ class Task &lt; ActiveRecord::Base
     # the status of a task that was cancelled.
     CANCELLED = 2
-    # the status os a task that was successfully finished
+    # the status of a task that was successfully finished
     FINISHED = 3
+    # the status of a task that was created but is not displayed yet
+    HIDDEN = 4
+
     def self.names
-      [nil, N_('Active'), N_('Cancelled'), N_('Finished')]
+      [nil, N_('Active'), N_('Cancelled'), N_('Finished'), N_('Hidden')]
     end
   end
@@ -38,7 +41,7 @@ class Task &lt; ActiveRecord::Base
   def initialize(*args)
     super
-    self.status ||= Task::Status::ACTIVE
+    self.status = (args.first ? args.first[:status] : nil) || Task::Status::ACTIVE
   end
   attr_accessor :code_length
@@ -52,20 +55,26 @@ class Task &lt; ActiveRecord::Base
   end
   after_create do |task|
-    begin
-      task.send(:send_notification, :created)
-    rescue NotImplementedError => ex
-      RAILS_DEFAULT_LOGGER.info ex.to_s
-    end
-    
-    begin
-      target_msg = task.target_notification_message
-      TaskMailer.deliver_target_notification(task, target_msg) if target_msg
-    rescue NotImplementedError => ex
-      RAILS_DEFAULT_LOGGER.info ex.to_s
+    unless task.status == Task::Status::HIDDEN
+      begin
+        task.send(:send_notification, :created)
+      rescue NotImplementedError => ex
+        RAILS_DEFAULT_LOGGER.info ex.to_s
+      end
+
+      begin
+        target_msg = task.target_notification_message
+        TaskMailer.deliver_target_notification(task, target_msg) if target_msg
+      rescue NotImplementedError => ex
+        RAILS_DEFAULT_LOGGER.info ex.to_s
+      end
     end
   end
+  def self.all_types
+    %w[Invitation EnterpriseActivation AddMember Ticket SuggestArticle  AddFriend CreateCommunity AbuseComplaint ApproveArticle CreateEnterprise ChangePassword EmailActivation InviteFriend InviteMember]
+  end
+
   # this method finished the task. It calls #perform, which must be overriden
   # by subclasses. At the end a message (as returned by #finish_message) is
   # sent to the requestor with #notify_requestor.
@@ -175,6 +184,12 @@ class Task &lt; ActiveRecord::Base
     raise NotImplementedError, "#{self} does not implement #task_cancelled_message"
   end
+  # The message that will be sent to the requestor of the task when its
+  # activated.
+  def task_activated_message
+    raise NotImplementedError, "#{self} does not implement #task_cancelled_message"
+  end
+
   # The message that will be sent to the *target* of the task when it is
   # created. The indent of this message is to notify the target about the
   # request that was just created for him/her. 
@@ -199,6 +214,23 @@ class Task &lt; ActiveRecord::Base
     self.target.environment unless self.target.nil?
   end
+  def activate
+    self.status = Task::Status::ACTIVE
+    save!
+    begin
+      self.send(:send_notification, :activated)
+    rescue NotImplementedError => ex
+      RAILS_DEFAULT_LOGGER.info ex.to_s
+    end
+
+    begin
+      target_msg = target_notification_message
+      TaskMailer.deliver_target_notification(self, target_msg) if target_msg
+    rescue NotImplementedError => ex
+      RAILS_DEFAULT_LOGGER.info ex.to_s
+    end
+  end
+
   protected
   # This method must be overrided in subclasses, and its implementation must do
@@ -232,6 +264,23 @@ class Task &lt; ActiveRecord::Base
   named_scope :pending, :conditions => { :status =>  Task::Status::ACTIVE }
   named_scope :finished, :conditions => { :status =>  [Task::Status::CANCELLED, Task::Status::FINISHED] }
+  named_scope :opened, :conditions => { :status =>  [Task::Status::ACTIVE, Task::Status::HIDDEN] }
+  named_scope :of, lambda { |type| conditions = type ? "type LIKE '#{type}'" : "1=1"; {:conditions =>  [conditions]} }
+  named_scope :order_by, lambda { |attribute, ord| {:order => "#{attribute} #{ord}"} }
+
+  named_scope :to, lambda { |profile|
+    environment_condition = nil
+    if profile.person?
+      envs_ids = Environment.find(:all).select{ |env| profile.is_admin?(env) }.map { |env| "target_id = #{env.id}"}.join(' OR ')
+      environment_condition = envs_ids.blank? ? nil : "(target_type = 'Environment' AND (#{envs_ids}))"
+    end
+    profile_condition = "(target_type = 'Profile' AND target_id = #{profile.id})"
+    { :conditions => [environment_condition, profile_condition].compact.join(' OR ') }
+  }
+
+  def opened?
+    status == Task::Status::ACTIVE || status == Task::Status::HIDDEN
+  end
   class << self
@@ -254,6 +303,10 @@ class Task &lt; ActiveRecord::Base
       self.find(:first, :conditions => { :code => code, :status => Task::Status::ACTIVE })
     end
+    def per_page
+      15
+    end
+
   end
 end
 # a base class for all text article types.  
 class TextArticle < Article
-  xss_terminate :only => [ :name, :abstract, :body ], :on => 'validation'
+  xss_terminate :only => [ :name ], :on => 'validation'
   include Noosfero::TranslatableContent
@@ -9,11 +9,28 @@ class TextileArticle &lt; TextArticle
   end
   def to_html(options ={})
-    RedCloth.new(self.body|| '').to_html
+    convert_to_html(body)
+  end
+
+  def lead
+    if abstract.blank?
+      super
+    else
+      convert_to_html(abstract)
+    end
   end
   def notifiable?
     true
   end
+  protected
+
+  def convert_to_html(textile)
+    @@sanitizer ||= HTML::WhiteListSanitizer.new
+    converter = RedCloth.new(textile|| '')
+    converter.hard_breaks = false
+    @@sanitizer.sanitize(converter.to_html)
+  end
+
 end
@@ -2,4 +2,8 @@ class Thumbnail &lt; ActiveRecord::Base
   has_attachment :storage => :file_system,
     :content_type => :image, :max_size => 5.megabytes
   validates_as_attachment
+
+  sanitize_filename
+
+  postgresql_attachment_fu
 end
 class Ticket < Task
-  settings_items :title, :message
+  settings_items :name, :message
+
+  def title
+    _('Ticket') + (name ? ': '+name : '')
+  end
 end
@@ -18,6 +18,8 @@ class UploadedFile &lt; Article
   validates_size_of :title, :maximum => 60, :if => (lambda { |file| !file.title.blank? })
+  sanitize_filename
+
   before_create do |uploaded_file|
     uploaded_file.is_image = true if uploaded_file.image?
   end
@@ -52,6 +54,8 @@ class UploadedFile &lt; Article
   delay_attachment_fu_thumbnails
+  postgresql_attachment_fu
+
   def self.icon_name(article = nil)
     if article
       article.image? ? article.public_filename(:icon) : (article.mime_type ? article.mime_type.gsub(/[\/+.]/, '-') : 'upload-file')
@@ -132,4 +136,8 @@ class UploadedFile &lt; Article
   def gallery?
     self.parent && self.parent.folder? && self.parent.gallery?
   end
+
+  def uploaded_file?
+    true
+  end
 end
@@ -21,6 +21,8 @@ class User &lt; ActiveRecord::Base
     end
   end
+  before_create :make_activation_code
+
   before_create do |user|
     if user.environment.nil?
       user.environment = Environment.default
@@ -31,8 +33,11 @@ class User &lt; ActiveRecord::Base
     user.person ||= Person.new
     user.person.attributes = user.person_data.merge(:identifier => user.login, :user_id => user.id, :environment_id => user.environment_id)
     user.person.name ||= user.login
+    user.person.visible = false unless user.activated?
     user.person.save!
   end
+  after_create :deliver_activation_code
+  after_create :delay_activation_check
   attr_writer :person_data
   def person_data
@@ -55,6 +60,17 @@ class User &lt; ActiveRecord::Base
         :environment => user.environment.name,
         :url => url_for(:host => user.environment.default_hostname, :controller => 'home')
     end
+
+    def activation_code(user)
+      recipients user.email
+
+      from "#{user.environment.name} <#{user.environment.contact_email}>"
+      subject _("[%s] Activate your account") % [user.environment.name]
+      body :recipient => user.name,
+        :activation_code => user.activation_code,
+        :environment => user.environment.name,
+        :url => user.environment.top_url
+    end
   end
   def signup!
@@ -67,6 +83,8 @@ class User &lt; ActiveRecord::Base
   has_one :person, :dependent => :destroy
   belongs_to :environment
+  attr_protected :activated_at
+
   # Virtual attribute for the unencrypted password
   attr_accessor :password
@@ -87,10 +105,22 @@ class User &lt; ActiveRecord::Base
   # Authenticates a user by their login name and unencrypted password.  Returns the user or nil.
   def self.authenticate(login, password, environment = nil)
     environment ||= Environment.default
-    u = find_by_login_and_environment_id(login, environment.id) # need to get the salt
+    u = first :conditions => ['login = ? AND environment_id = ? AND activated_at IS NOT NULL', login, environment.id] # need to get the salt
     u && u.authenticated?(password) ? u : nil
   end
+  # Activates the user in the database.
+  def activate
+    self.activated_at = Time.now.utc
+    self.activation_code = nil
+    self.person.visible = true
+    self.person.save! && self.save
+  end
+
+  def activated?
+    self.activation_code.nil? && !self.activated_at.nil?
+  end
+
   class UnsupportedEncryptionType < Exception; end
   def self.system_encryption_method
@@ -195,7 +225,7 @@ class User &lt; ActiveRecord::Base
   end
   def name
-    person.name
+    person ? person.name : login
   end
   def enable_email!
@@ -253,4 +283,16 @@ class User &lt; ActiveRecord::Base
     def password_required?
       crypted_password.blank? || !password.blank?
     end
+
+    def make_activation_code
+      self.activation_code = Digest::SHA1.hexdigest(Time.now.to_s.split(//).sort_by{rand}.join)
+    end
+
+    def deliver_activation_code
+      User::Mailer.deliver_activation_code(self) unless self.activation_code.blank?
+    end
+
+    def delay_activation_check
+      Delayed::Job.enqueue(UserActivationJob.new(self.id), 0, 72.hours.from_now)
+    end
 end
@@ -21,7 +21,7 @@ protected
     blocks = article.profile.blocks
     blocks += article.profile.environment.blocks if article.profile.environment
     blocks = blocks.select{|b|[RecentDocumentsBlock, BlogArchivesBlock].any?{|c| b.kind_of?(c)}}
-    blocks.map(&:cache_keys).each{|ck|expire_timeout_fragment(ck)}
+    blocks.map(&:cache_key).each{|ck|expire_timeout_fragment(ck)}
     env = article.profile.environment
     if env && (env.portal_community == article.profile)
       expire_fragment(env.portal_news_cache_key)
@@ -35,7 +35,7 @@ protected
     end
     blocks = profile.blocks.select{|b| b.kind_of?(FriendsBlock)}
-    blocks.map(&:cache_keys).each{|ck|expire_timeout_fragment(ck)}
+    blocks.map(&:cache_key).each{|ck|expire_timeout_fragment(ck)}
   end
 end
@@ -23,12 +23,25 @@ protected
     expire_profile_index(profile) if profile.person?
     profile.blocks.each do |block|
-      expire_timeout_fragment(block.cache_keys)
+      expire_timeout_fragment(block.cache_key)
     end
+
+    expire_blogs(profile) if profile.organization?
   end
   def expire_statistics_block_cache(profile)
     blocks = profile.environment.blocks.select { |b| b.kind_of?(EnvironmentStatisticsBlock) }
-    blocks.map(&:cache_keys).each{|ck|expire_timeout_fragment(ck)}
+    blocks.map(&:cache_key).each{|ck|expire_timeout_fragment(ck)}
   end
+
+  def expire_blogs(profile)
+    profile.blogs.select{|b| !b.empty?}.each do |blog|
+      pages = blog.posts.count / blog.posts_per_page + 1
+      ([nil] + (1..pages).to_a).each do |i|
+        expire_timeout_fragment(blog.cache_key({:npage => i}))
+        expire_timeout_fragment(blog.cache_key({:npage => i}, profile))
+      end
+    end
+  end
+
 end
@@ -25,7 +25,7 @@ protected
     profile.blocks_to_expire_cache.each { |block|
       blocks = profile.blocks.select{|b| b.kind_of?(block)}
-      blocks.map(&:cache_keys).each{|ck|expire_timeout_fragment(ck)}
+      blocks.map(&:cache_key).each{|ck|expire_timeout_fragment(ck)}
     }
   end
@@ -7,8 +7,7 @@
 </div>
 <% end %>
-<% labelled_form_for :user, @user do |f| %>
-<%= icaptcha_field() %>
+<% labelled_form_for :user, @user, :html => { :multipart => true } do |f| %>
 <%= hidden_field_tag :invitation_code, @invitation_code %>
@@ -5,9 +5,11 @@
 <% @user ||= User.new %>
 <% is_thickbox ||= false %>
+<%= @message %>
+
 <% labelled_form_for :user, @user, :url => login_url do |f| %>
-     <%= f.text_field :login, :id => 'main_user_login', :onchange => 'this.value = convToValidLogin( this.value )' %>
+     <%= f.text_field :login, :id => 'main_user_login', :onchange => 'this.value = convToValidLogin( this.value )', :value => params[:userlogin] %>
      <%= f.password_field :password %>
 <h1><%= _('Signup') %></h1>
-<%= render :partial => 'signup_form' %>
+<% if @register_pending %>
+  <%= _('Thanks for signing up! Now check your e-mail to activate your account!') %>
+  <p style="text-align: center"><%= link_to(_('Go to the homepage'), '/') %></p>
+<% else %>
+  <%= render :partial => 'signup_form' %>
+<% end %>
 <h1><%= _('Edit Templates') %></h1>
 <ul>
-<li><%= link_to _('Edit Person Template'), :controller => 'profile_editor', :profile => environment.person_template.identifier %></li>
-<li><%= link_to _('Edit Community Template'), :controller => 'profile_editor', :profile => environment.community_template.identifier %></li>
-<li><%= link_to __('Edit Enterprise Template'), :controller => 'profile_editor', :profile => environment.enterprise_template.identifier %></li>
+<% [[_('Edit Person Template'), environment.person_template],
+    [_('Edit Community Template'), environment.community_template],
+    [__('Edit Enterprise Template'), environment.enterprise_template],
+    [__('Edit Inactive Enterprise Template'), environment.inactive_enterprise_template]].select{|i| i[1]}.each do |row| %>
+<li><%= link_to row[0], :controller => 'profile_editor', :profile => row[1].identifier %></li>
+<% end %>
 </ul>
@@ -3,7 +3,7 @@
 <p><%= _('You, as an environment administrator, has the following options:')%></p>
 <table>
-  <tr><td><%= link_to _('Edit site info'), :action => 'site_info' %></td></tr>
+  <tr><td><%= link_to _('Edit environment settings'), :action => 'site_info' %></td></tr>
   <tr><td><%= link_to __('Edit message for disabled enterprises'), :action => 'message_for_disabled_enterprise' %></td></tr>
   <tr><td><%= link_to _('Enable/disable features'), :controller => 'features' %></td></tr>
   <tr><td><%= link_to _('Enable/disable plugins'), :controller => 'plugins' %></td></tr>
@@ -16,4 +16,7 @@
   <tr><td><%= link_to _('Manage Fields'), :controller => 'features', :action => 'manage_fields' %></td></tr>
   <tr><td><%= link_to _('Set Portal'), :action => 'set_portal_community' %></td></tr>
   <tr><td><%= link_to _('Terms of use'), :action => 'terms_of_use' %></td></tr>
+  <% @plugins.map(:admin_panel_links).each do |link| %>
+    <tr><td><%= link_to link[:title], link[:url] %></td></tr>
+  <% end %>
 </table>
-<h2><%= _('Site info') %></h2>
+<h2><%= _('Environment settings') %></h2>
-<%= render :file => 'shared/tiny_mce' %>
-
-<% labelled_form_for :environment, @environment do |f| %>
+<%= error_messages_for :environment %>
-  <%= labelled_form_field(_('Site name'), text_field(:environment, :name)) %>
+<%= render :file => 'shared/tiny_mce' %>
+<% labelled_form_for :environment, @environment, :url => {:host => @environment.default_hostname} do |f| %>
+  <%= required labelled_form_field(_('Site name'), text_field(:environment, :name)) %>
+  <%= required f.text_field(:reports_lower_bound, :size => 3) %>
   <%= labelled_form_field _('Homepage content'), text_area(:environment, :description, :cols => 40, :style => 'width: 90%', :class => 'mceEditor') %>
   <% button_bar do %>
-    <%= submit_button(:save, _('Save')) %>
-    <%= button(:cancel, _('Cancel'), :action => 'index') %>
+    <%= submit_button(:save, _('Save'), :cancel => {:action => 'index'}) %>
   <% end %>
-
 <% end %>
@@ -6,7 +6,7 @@
   <li><%= link_to(__('Homepage'), owner.url, :class => 'url') %></li>
   <li><%= link_to(_('View profile'), owner.public_profile_url) %></li>
   <% if !user.nil? and owner.organization? and user.has_permission?('edit_profile', profile) %>
-    <li><%= link_to _('Control panel'), :controller => 'profile_editor' %></li>
+    <li><%= link_to _('Control panel'), :controller => 'profile_editor', :profile => profile.identifier %></li>
   <% end %>
 </ul>
@@ -20,5 +20,5 @@
 </div><!-- end class="vcard" -->
 <script type="text/javascript">
-  <%= remote_function :url => { :controller => 'profile', :action => 'profile_info', :block_id => block.id } %>
+  <%= remote_function :url => { :controller => 'profile', :profile => profile.identifier, :action => 'profile_info', :block_id => block.id } %>
 </script>
@@ -41,5 +41,5 @@
 </div><!-- end class="vcard" -->
 <script type="text/javascript">
-  <%= remote_function :url => { :controller => 'profile', :action => 'profile_info', :block_id => block.id } %>
+  <%= remote_function :url => { :controller => 'profile', :profile => profile.identifier, :action => 'profile_info', :block_id => block.id } %>
 </script>
 <ul>
   <% if logged_in? %>
-
     <% if profile.members.include?(user) %>
       <li>
-        <%= button(:delete, content_tag('span', __('Leave')), profile.leave_url, :class => 'leave-community', :title => _("Leave community"), :style => 'position: relative;') %>
-        <%= button(:add, content_tag('span', __('Join')), profile.join_url, :class => 'join-community', :title => _("Join community"), :style => 'position: relative; display: none;') %>
+        <%= button(:delete, content_tag('span', __('Leave')), profile.leave_url,
+          :class => 'leave-community',
+          :title => _("Leave community"),
+          :style => 'position: relative;') %>
+        <%= button(:add, content_tag('span', __('Join')), profile.join_url,
+          :class => 'join-community',
+          :title => _("Join community"),
+          :style => 'position: relative; display: none;') %>
       </li>
     <% else %>
       <% unless profile.already_request_membership?(user) %>
         <li>
-          <%= button(:delete, content_tag('span', __('Leave')), profile.leave_url, :class => 'leave-community', :title => _("Leave community"), :style => 'position: relative; display: none;') %>
-          <%= button(:add, content_tag('span', __('Join')), profile.join_url, :class => 'join-community', :title => _("Join community"), :style => 'position: relative;') %>
+        <%= button(:delete, content_tag('span', __('Leave')), profile.leave_url,
+          :class => 'leave-community',
+          :title => _("Leave community"),
+          :style => 'position: relative; display: none;') %>
+        <%= button(:add, content_tag('span', __('Join')), profile.join_url,
+          :class => 'join-community',
+          :title => _("Join community"),
+          :style => 'position: relative;') %>
         </li>
       <% end %>
     <% end %>
+
     <% if profile.enable_contact? %>
       <li>
-        <%= link_to content_tag('span', _('Send an e-mail')), {:profile => profile.identifier, :controller => 'contact', :action => 'new'}, :class => 'button with-text icon-menu-mail' %>
+      <%= link_to content_tag('span', _('Send an e-mail')),
+        { :profile => profile.identifier,
+          :controller => 'contact',
+          :action => 'new' },
+        :class => 'button with-text icon-menu-mail' %>
       </li>
     <% end %>
-    <%= render_environment_features(:profile_actions) %>
-  <% else %>
+    <li><%= report_abuse(profile, :button) %></li>
+    <%= render_environment_features(:profile_actions) %>
+  <% else %>
     <li>
-      <%= link_to content_tag('span', _('Join')), profile.join_not_logged_url, :class => 'button with-text icon-add', :title => _('Join this community') %>
+    <%= link_to content_tag('span', _('Join')), profile.join_not_logged_url,
+      :class => 'button with-text icon-add',
+      :title => _('Join this community') %>
     </li>
-
   <% end %>
 </ul>
@@ -7,4 +7,6 @@
   <% if profile.enable_contact? %>
     <li> <%= link_to content_tag('span', _('Send an e-mail')), {:profile => profile.identifier, :controller => 'contact', :action => 'new'}, {:id => 'enterprise-contact-button', :class => 'button with-text icon-menu-mail'} %> </li>
   <% end %>
+
+  <li><%= report_abuse(profile, :button) %></li>
 </ul>
@@ -11,5 +11,6 @@
       <li> <%= link_to content_tag('span', _('Send an e-mail')), {:profile => profile.identifier, :controller => 'contact', :action => 'new'}, :class => 'button with-text icon-menu-mail' %> </li>
     <% end %>
+    <li><%= report_abuse(profile, :button) %></li>
   <% end %>
 </ul>
@@ -5,6 +5,6 @@
   </p>
 <% else %>
   <% articles = @block.available_articles.select {|article| !article.folder? } %>
-  <%= select_tag('block[article_id]', options_for_select_with_title(articles.map {|item| [item.path, item.id]})) %>
+  <%= select_tag('block[article_id]', options_for_select_with_title(articles.map {|item| [item.path, item.id]}, @block.article ? @block.article.id : nil)) %>
 <% end %>
 </div>
@@ -14,6 +14,9 @@
     <%= radio_button(:block, :display, 'home_page_only') %>
     <%= label_tag('block_display_home_page_only', _('Only in the homepage')) %>
     <br/>
+    <%= radio_button(:block, :display, 'except_home_page') %>
+    <%= label_tag('block_display_except_home_page', _('In all pages, except in the homepage')) %>
+    <br/>
     <%= radio_button(:block, :display, 'never') %>
     <%= label_tag('block_display_never', _("Don't display")) %>
   </div>
@@ -0,0 +1,11 @@
+<li class="<%= 'browse-results-type-content ' + icon_for_article(result) %>">
+  <strong><%= link_to(result.title, result.view_url) %></strong>
+  <div class="item_meta">
+    <span class="item_by">
+    <%= _('by %s') % link_to(result.author.name, result.author.url) %>
+    </span>
+    <span class="extra-info">
+      <%= (@filter == 'more_recent' ? result.send(@filter + '_label') + show_date(result.created_at) : result.send(@filter + '_label')) %>
+    </span>
+  </div>
+</li>
@@ -8,7 +8,7 @@
     <% end %>
     <ul class='common-profile-list-block'>
       <% @results.each do |result| %>
-        <%= render :partial => partial_for_class(result.class), :locals => {:profile => result} %>
+        <%= render :partial => partial_for_class(result.class), :locals => {:result => result} %>
       <% end %>
     </ul>
     <br style='clear: both;'>
-<%= profile_image_link profile, :portrait, 'li',
-                                "<span class='adr'>#{profile.city}</span>" +
-                                (@filter == 'more_recent' ? profile.send(@filter + '_label') + show_date(profile.created_at) : profile.send(@filter + '_label')) %>
+<%= profile_image_link result, :portrait, 'li',
+                                "<span class='adr'>#{result.city}</span>" +
+                                (@filter == 'more_recent' ? result.send(@filter + '_label') + show_date(result.created_at) : result.send(@filter + '_label')) %>
-<%= profile_image_link profile, :portrait, 'li', @filter == 'more_recent' ? profile.send(@filter + '_label') + show_date(profile.created_at) : profile.send(@filter + '_label') %>
+<%= profile_image_link result, :portrait, 'li', @filter == 'more_recent' ? result.send(@filter + '_label') + show_date(result.created_at) : result.send(@filter + '_label') %>
@@ -0,0 +1,9 @@
+<%= search_page_title( @title, { :query => @query} ) %>
+
+<%= render :partial => 'search_form', :locals => {:action => 'contents'} %>
+
+<%= render :partial => 'display_results' %>
+
+<%= pagination_links @results %>
+
+<br style="clear:both" />
@@ -2,12 +2,12 @@
 <div class='treeitem'>
   <%= display_color_for_category(category) %>
   <%= category.name %>
-  <div class='button' id="show_button_<%= category.id %>">
-    <%= link_to_function(_('Show'), "['category_#{category.id}','hide_button_#{category.id}'].each(Element.show); Element.hide('show_button_#{category.id}');") unless category.children.empty? %>
-  </div>
-  <div class='button' id="hide_button_<%= category.id %>" style='display:none;'>
-    <%= link_to_function(_('Hide'), "['category_#{category.id}','hide_button_#{category.id}'].each(Element.hide); Element.show('show_button_#{category.id}') ") %>
-  </div>
+  <% if category.children.count > 0 %>
+    <div class='button' id="category-loading-<%= category.id %>" style="position: relative;">
+      <a href="#" id="show-button-<%= category.id %>" class="show-button" onclick="return false;" data-category="<%= category.id %>"><%= _('Show') %></a>
+    </div>
+    <a href="#" id="hide-button-<%= category.id %>" class="hide-button" onclick="return false;" data-category="<%= category.id %>" style="display: none;"><%= _('Hide') %></a>
+  <% end %>
   <div>
     <%= link_to _('Add subcategory'), :action => 'new', :parent_id => category %>
@@ -16,12 +16,6 @@
   </div>
 </div>
-  <div id="category_<%= category.id %>" style='display:none;'>
-    <% unless category.children.empty? %>
-      <ul class='tree'>
-        <%= render :partial => 'category', :collection => category.children %>
-      </ul>
-    <% end %>
-  </div>
+<ul id="category-sub-items-<%= category.id %>" class="tree" style='display:none;'></ul>
 </li>
@@ -0,0 +1,3 @@
+<% children.each do |category| %>
+  <%= render :partial => 'category', :locals => {:category => category} %>
+<% end %>
@@ -25,3 +25,4 @@
   <%= link_to _('New category'), :action => 'new', :type => 'Region' %>
 </div>
+<%= javascript_include_tag 'manage-categories' %>
@@ -50,7 +50,7 @@
   %>
 </div>
-<%= labelled_form_field(_('Description:'), text_area(:article, :body, :cols => 64, :rows => 10)) %>
+<%= labelled_form_field(_('Description:'), text_area(:article, :body, :rows => 10)) %>
 <%= labelled_form_field(_('How to display posts:'), f.select(:visualization_format, [ [ _('Full post'), 'full'], [ _('First paragraph'), 'short'] ])) %>
@@ -1,10 +0,0 @@
-<div id='media-listing-folder-documents' >
-  <ul>
-    <% documents.each do |document| %>
-      <li><%= link_to(document.name, document.view_url, :class => icon_for_article(document)) %></li>
-    <% end %>
-  </ul>
-  <div id='pagination-documents'>
-    <%= pagination_links documents, :param_name => 'dpage', :params => {:document_folder_id => params[:document_folder_id]} %>
-  </div>
-</div>
@@ -0,0 +1,4 @@
+<p>
+<em><%= _('Drag images to add them to the text.') unless @article.is_a?(TextileArticle) %>
+<%= _('Drag item names to the text to add links.') %></em>
+</p>
@@ -1,10 +0,0 @@
-<div id='media-listing-folder-images' >
-  <ul>
-    <% images.each do |image| %>
-      <li><%= image_tag image.public_filename %></li>
-    <% end %>
-  </ul>
-  <div id='pagination-images'>
-    <%= pagination_links images, :param_name => 'ipage', :params => {:image_folder_id => params[:image_folder_id]} %>
-  </div>
-</div>
@@ -1,3 +0,0 @@
-<iframe id='media-listing-iframe' src="<%= url_for(:controller => 'cms', :action => 'media_listing', :profile => profile.identifier, :type => @type) %>">
-  <p><%= _('Your browser does not support iframes.') %></p>
-</iframe>
@@ -0,0 +1,163 @@		@@ -0,0 +1,163 @@
	1	+== Multitenancy support
	2	+
	3	+Multitenancy refers to a principle in software architecture where a
	4	+single instance of the software runs on a server, serving multiple
	5	+client organizations (tenants). Multitenancy is contrasted with a
	6	+multi-instance architecture where separate software instances (or
	7	+hardware systems) are set up for different client organizations. With
	8	+a multitenant architecture, a software application is designed to
	9	+virtually partition its data and configuration, and each client
	10	+organization works with a customized virtual application instance.
	11	+
	12	+Today this feature is available only for PostgreSQL databases.
	13	+
	14	+This document assumes that you have a new fully PostgresSQL default Noosfero
	15	+installation as explained at the INSTALL file.
	16	+
	17	+== Separated data
	18	+
	19	+The items below are separated for each hosted environment:
	20	+
	21	+* Uploaded files
	22	+* Database
	23	+* Ferret index
	24	+* ActiveRecord#cache_key
	25	+* Feed updater
	26	+* Delayed Job Workers
	27	+
	28	+== Database configuration file
	29	+
	30	+The file config/database.yml must follow a structure in order to
	31	+achieve multitenancy support. In this example, we will set 3
	32	+different environments: env1, env2 and env3.
	33	+
	34	+Each "hosted" environment must have an entry like this:
	35	+
	36	+env1_production:
	37	+ adapter: postgresql
	38	+ encoding: unicode
	39	+ database: noosfero
	40	+ schema_search_path: public
	41	+ username: noosfero
	42	+ domains:
	43	+ - env1.com
	44	+ - env1.org
	45	+
	46	+env2_production:
	47	+ adapter: postgresql
	48	+ encoding: unicode
	49	+ database: noosfero
	50	+ schema_search_path: env2
	51	+ username: noosfero
	52	+ domains:
	53	+ - env2.com
	54	+ - env2.org
	55	+
	56	+env3_production:
	57	+ adapter: postgresql
	58	+ encoding: unicode
	59	+ database: noosfero
	60	+ schema_search_path: env3
	61	+ username: noosfero
	62	+ domains:
	63	+ - env3.com
	64	+ - env3.net
	65	+
	66	+The "hosted" environments define, besides the schema_search_path, a
	67	+list of domains that, when accessed, tells which database the
	68	+application should use. Also, the environment name must end with
	69	+'_hosting', where 'hosting' is the name of the hosting environment.
	70	+
	71	+You must also tell the application which is the default environment.
	72	+
	73	+production:
	74	+ env1_production
	75	+
	76	+On the example above there are only three hosted environments, but it
	77	+can be more than three. The schemas 'env2' and 'env3' must already
	78	+exist in the same database of the hosting environment. As postgres
	79	+user, you can create them typing:
	80	+
	81	+$ psql database_name -c "CREATE SCHEMA env2 AUTHORIZATION database_user"
	82	+$ psql database_name -c "CREATE SCHEMA env3 AUTHORIZATION database_user"
	83	+
	84	+Replace database_name and database_user above with your stuff.
	85	+
	86	+So, yet on this same example, when a user accesses http://env2.com or
	87	+http://env2.org, the Noosfero application running on production will
	88	+turn the database schema to 'env2'. When the access is from domains
	89	+http://env3.com or http://env3.net, the schema to be loaded will be
	90	+'env3'.
	91	+
	92	+There is an example of this file in config/database.yml.multitenancy
	93	+
	94	+== Preparing the database
	95	+
	96	+Now create the environments:
	97	+
	98	+$ RAILS_ENV=production rake multitenancy:create
	99	+
	100	+This command above will create the hosted environment files equal to
	101	+their hosting environment, here called 'production'.
	102	+
	103	+Run db:schema:load for each other environment:
	104	+
	105	+$ RAILS_ENV=env2_production rake db:schema:load
	106	+$ RAILS_ENV=env3_production rake db:schema:load
	107	+
	108	+Then run the migrations for the hosting environment, and it will
	109	+run for each of its hosted environments:
	110	+
	111	+RAILS_ENV=production rake db:migrate
	112	+
	113	+== Start Noosfero
	114	+
	115	+Run Noosfero init file as root:
	116	+
	117	+# invoke-rc.d noosfero start
	118	+
	119	+== Ferret
	120	+
	121	+It's necessary to run only one instance of ferret_server. Don't worry
	122	+about this, Noosfero initializer had already done this for you.
	123	+
	124	+== Feed updater & Delayed job
	125	+
	126	+Just for your information, a daemon of feed-updater and delayed_job
	127	+must be running for each environment. Noosfero initializer do this,
	128	+relax.
	129	+
	130	+== Uploaded files
	131	+
	132	+When running with PostgreSQL, Noosfero uploads stuff to a folder named
	133	+the same way as the running schema. Inside the upload folder root, for
	134	+example, will be public/image_uploads/env2 and public/image_uploads/env3.
	135	+
	136	+== Adding multitenancy support to an existing Noosfero environment
	137	+
	138	+If you already have a Noosfero environment, you can turn it multitenant
	139	+by following the steps below in addition to the previous steps:
	140	+
	141	+1. Reindex your database
	142	+
	143	+Rebuild the Ferret index by running the following task just
	144	+for your hosting environment, do this as noosfero user:
	145	+
	146	+$ RAILS_ENV=production rake multitenancy:reindex
	147	+
	148	+2. Move the uploaded files to the right place
	149	+
	150	+Add a directory with the same name as your schema name (by default this
	151	+name is 'public') in the root of each upload directory, for example,
	152	+public/articles/0000 will be moved to public/articles/public/0000. Do this
	153	+with the directories public/image_uploads, public/articles and public/thumbnails.
	154	+
	155	+3. Fix paths on activities
	156	+
	157	+The profile activities store static paths to the images, so it's necessary to fix
	158	+these paths. You can do this easily by setting an alias on your webserver.
	159	+On Apache you can add the three rules below, where 'public' is the schema name:
	160	+
	161	+ RewriteRule ^/articles(.+) /articles/public$1
	162	+ RewriteRule ^/image_uploads(.+) /image_uploads/public$1
	163	+ RewriteRule ^/thumbnails(.+) /thumbnails/public$1
1	class PluginsController < AdminController	1	class PluginsController < AdminController
		2	+ protect 'edit_environment_features', :environment
2		3
3	def index	4	def index
4	@active_plugins = Noosfero::Plugin.all.map {\|plugin_name\| plugin_name.constantize }.compact	5	@active_plugins = Noosfero::Plugin.all.map {\|plugin_name\| plugin_name.constantize }.compact
	@@ -9,21 +9,6 @@ class RoleController < AdminController		@@ -9,21 +9,6 @@ class RoleController < AdminController
9	@role = environment.roles.find(params[:id])	9	@role = environment.roles.find(params[:id])
10	end	10	end
11		11
12	- def new
13	- @role = Role.new
14	- end
15	-
16	- def create
17	- @role = Role.new(params[:role])
18	- @role.environment = environment
19	- if @role.save
20	- redirect_to :action => 'show', :id => @role
21	- else
22	- session[:notice] = _('Failed to create role')
23	- render :action => 'new'
24	- end
25	- end
26	-
27	def edit	12	def edit
28	@role = environment.roles.find(params[:id])	13	@role = environment.roles.find(params[:id])
29	end	14	end
	@@ -38,13 +23,4 @@ class RoleController < AdminController		@@ -38,13 +23,4 @@ class RoleController < AdminController
38	end	23	end
39	end	24	end
40		25
41	- def destroy
42	- @role = environment.roles.find(params[:id])
43	- if @role.destroy
44	- redirect_to :action => 'index'
45	- else
46	- session[:notice] = _('Failed to edit role')
47	- redirect_to :action => 'index'
48	- end
49	- end
50	end	26	end
1	class AdminController < ApplicationController	1	class AdminController < ApplicationController
		2	+ before_filter :login_required
2	end	3	end
	@@ -82,7 +82,7 @@ class BoxOrganizerController < ApplicationController		@@ -82,7 +82,7 @@ class BoxOrganizerController < ApplicationController
82	def save	82	def save
83	@block = boxes_holder.blocks.find(params[:id])	83	@block = boxes_holder.blocks.find(params[:id])
84	@block.update_attributes(params[:block])	84	@block.update_attributes(params[:block])
85	- expire_timeout_fragment(@block.cache_keys)	85	+ expire_timeout_fragment(@block.cache_key)
86	redirect_to :action => 'index'	86	redirect_to :action => 'index'
87	end	87	end
88		88
	@@ -93,7 +93,7 @@ class BoxOrganizerController < ApplicationController		@@ -93,7 +93,7 @@ class BoxOrganizerController < ApplicationController
93	def remove	93	def remove
94	@block = Block.find(params[:id])	94	@block = Block.find(params[:id])
95	if @block.destroy	95	if @block.destroy
96	- expire_timeout_fragment(@block.cache_keys)	96	+ expire_timeout_fragment(@block.cache_key)
97	redirect_to :action => 'index'	97	redirect_to :action => 'index'
98	else	98	else
99	session[:notice] = _('Failed to remove block')	99	session[:notice] = _('Failed to remove block')
	@@ -4,7 +4,7 @@ class ProfileEditorController < MyProfileController		@@ -4,7 +4,7 @@ class ProfileEditorController < MyProfileController
4	protect 'destroy_profile', :profile, :only => [:destroy_profile]	4	protect 'destroy_profile', :profile, :only => [:destroy_profile]
5		5
6	def index	6	def index
7	- @pending_tasks = profile.all_pending_tasks.select{\|i\| user.has_permission?(i.permission, profile)}	7	+ @pending_tasks = Task.to(profile).pending.select{\|i\| user.has_permission?(i.permission, profile)}
8	end	8	end
9		9
10	helper :profile	10	helper :profile
	@@ -6,6 +6,8 @@ class BrowseController < PublicController		@@ -6,6 +6,8 @@ class BrowseController < PublicController
6	more_recent	6	more_recent
7	more_active	7	more_active
8	more_popular	8	more_popular
		9	+ more_comments
		10	+ more_views
9	)	11	)
10		12
11	def per_page	13	def per_page
	@@ -36,6 +38,18 @@ class BrowseController < PublicController		@@ -36,6 +38,18 @@ class BrowseController < PublicController
36	@results = @results.compact.paginate(:per_page => per_page, :page => params[:page])	38	@results = @results.compact.paginate(:per_page => per_page, :page => params[:page])
37	end	39	end
38		40
		41	+ def contents
		42	+ @filter = filter
		43	+ @title = self.filter_description(params[:action] + '_' + @filter )
		44	+
		45	+ @results = @environment.articles.published.text_articles.send(@filter)
		46	+
		47	+ if !params[:query].blank?
		48	+ @results = @results.find_by_contents(params[:query])
		49	+ end
		50	+ @results = @results.compact.paginate(:per_page => per_page, :page => params[:page])
		51	+ end
		52	+
39	protected	53	protected
40		54
41	def filter	55	def filter
	@@ -54,6 +68,9 @@ class BrowseController < PublicController		@@ -54,6 +68,9 @@ class BrowseController < PublicController
54	'communities_more_recent' => _('More recent communities'),	68	'communities_more_recent' => _('More recent communities'),
55	'communities_more_active' => _('More active communities'),	69	'communities_more_active' => _('More active communities'),
56	'communities_more_popular' => _('More popular communities'),	70	'communities_more_popular' => _('More popular communities'),
		71	+ 'contents_more_recent' => _('More recent contents'),
		72	+ 'contents_more_views' => _('Most viewed contents'),
		73	+ 'contents_more_comments' => _('Most commented contents'),
57	}[str] \|\| str	74	}[str] \|\| str
58	end	75	end
59		76
	@@ -2,8 +2,8 @@ class ProfileController < PublicController		@@ -2,8 +2,8 @@ class ProfileController < PublicController
2		2
3	needs_profile	3	needs_profile
4	before_filter :check_access_to_profile, :except => [:join, :join_not_logged, :index, :add]	4	before_filter :check_access_to_profile, :except => [:join, :join_not_logged, :index, :add]
5	- before_filter :store_before_join, :only => [:join, :join_not_logged]
6	- before_filter :login_required, :only => [:add, :join, :join_not_logged, :leave, :unblock, :leave_scrap, :remove_scrap, :remove_activity, :view_more_scraps, :view_more_activities, :view_more_network_activities]	5	+ before_filter :store_location, :only => [:join, :join_not_logged, :report_abuse]
		6	+ before_filter :login_required, :only => [:add, :join, :join_not_logged, :leave, :unblock, :leave_scrap, :remove_scrap, :remove_activity, :view_more_scraps, :view_more_activities, :view_more_network_activities, :report_abuse, :register_report]
7		7
8	helper TagsHelper	8	helper TagsHelper
9		9
	@@ -44,7 +44,7 @@ class ProfileController < PublicController		@@ -44,7 +44,7 @@ class ProfileController < PublicController
44	tagged,	44	tagged,
45	:title => _("%s's contents tagged with \"%s\"") % [profile.name, @tag],	45	:title => _("%s's contents tagged with \"%s\"") % [profile.name, @tag],
46	:description => _("%s's contents tagged with \"%s\"") % [profile.name, @tag],	46	:description => _("%s's contents tagged with \"%s\"") % [profile.name, @tag],
47	- :link => url_for(:action => 'tags')	47	+ :link => url_for(profile.url)
48	)	48	)
49	render :text => data, :content_type => "text/xml"	49	render :text => data, :content_type => "text/xml"
50	end	50	end
	@@ -71,6 +71,10 @@ class ProfileController < PublicController		@@ -71,6 +71,10 @@ class ProfileController < PublicController
71	end	71	end
72	end	72	end
73		73
		74	+ def fans
		75	+ @fans = profile.fans
		76	+ end
		77	+
74	def favorite_enterprises	78	def favorite_enterprises
75	@favorite_enterprises = profile.favorite_enterprises	79	@favorite_enterprises = profile.favorite_enterprises
76	end	80	end
	@@ -96,7 +100,7 @@ class ProfileController < PublicController		@@ -96,7 +100,7 @@ class ProfileController < PublicController
96	if request.post?	100	if request.post?
97	profile.add_member(user)	101	profile.add_member(user)
98	session[:notice] = _('%s administrator still needs to accept you as member.') % profile.name if profile.closed?	102	session[:notice] = _('%s administrator still needs to accept you as member.') % profile.name if profile.closed?
99	- redirect_to_before_join	103	+ redirect_to_previous_location
100	else	104	else
101	if user.memberships.include?(profile)	105	if user.memberships.include?(profile)
102	session[:notice] = _('You are already a member of %s.') % profile.name	106	session[:notice] = _('You are already a member of %s.') % profile.name
	@@ -223,6 +227,52 @@ class ProfileController < PublicController		@@ -223,6 +227,52 @@ class ProfileController < PublicController
223	end	227	end
224	end	228	end
225		229
		230	+ def report_abuse
		231	+ @abuse_report = AbuseReport.new
		232	+ render :layout => false
		233	+ end
		234	+
		235	+ def register_report
		236	+ if !verify_recaptcha
		237	+ render :text => {
		238	+ :ok => false,
		239	+ :error => {
		240	+ :code => 1,
		241	+ :message => _('You could not answer the captcha.')
		242	+ }
		243	+ }.to_json
		244	+ else
		245	+ begin
		246	+ abuse_report = AbuseReport.new(params[:abuse_report])
		247	+ if !params[:content_type].blank?
		248	+ article = params[:content_type].constantize.find(params[:content_id])
		249	+ abuse_report.content = instance_eval(&article.reported_version)
		250	+ end
		251	+
		252	+ user.register_report(abuse_report, profile)
		253	+
		254	+ if !params[:content_type].blank?
		255	+ abuse_report = AbuseReport.find_by_reporter_id_and_abuse_complaint_id(user.id, profile.opened_abuse_complaint.id)
		256	+ Delayed::Job.enqueue DownloadReportedImagesJob.new(abuse_report, article)
		257	+ end
		258	+
		259	+ render :text => {
		260	+ :ok => true,
		261	+ :message => _('Your abuse report was registered. The administrators are reviewing your report.'),
		262	+ }.to_json
		263	+ rescue Exception => exception
		264	+ logger.error(exception.to_s)
		265	+ render :text => {
		266	+ :ok => false,
		267	+ :error => {
		268	+ :code => 2,
		269	+ :message => _('Your report couldn\'t be saved due to some problem. Please contact the administrator.')
		270	+ }
		271	+ }.to_json
		272	+ end
		273	+ end
		274	+ end
		275	+
226	protected	276	protected
227		277
228	def check_access_to_profile	278	def check_access_to_profile
	@@ -231,16 +281,16 @@ class ProfileController < PublicController		@@ -231,16 +281,16 @@ class ProfileController < PublicController
231	end	281	end
232	end	282	end
233		283
234	- def store_before_join
235	- if session[:before_join].nil?
236	- session[:before_join] = request.referer	284	+ def store_location
		285	+ if session[:previous_location].nil?
		286	+ session[:previous_location] = request.referer
237	end	287	end
238	end	288	end
239		289
240	- def redirect_to_before_join
241	- back = session[:before_join]	290	+ def redirect_to_previous_location
		291	+ back = session[:previous_location]
242	if back	292	if back
243	- session[:before_join] = nil	293	+ session[:previous_location] = nil
244	redirect_to back	294	redirect_to back
245	else	295	else
246	redirect_to profile.url	296	redirect_to profile.url
	@@ -259,7 +309,7 @@ class ProfileController < PublicController		@@ -259,7 +309,7 @@ class ProfileController < PublicController
259	end	309	end
260		310
261	def invisible_profile	311	def invisible_profile
262	- render_access_denied(_("Sorry, this profile was defined as private by its owner. You'll not be able to view content here unless the profile owner adds adds you."), _("Oops ... you cannot go ahead here"))	312	+ render_access_denied(_("This profile is inaccessible. You don't have the permission to view the content here."), _("Oops ... you cannot go ahead here"))
263	end	313	end
264		314
265	def per_page	315	def per_page
	@@ -209,7 +209,11 @@ module ApplicationHelper		@@ -209,7 +209,11 @@ module ApplicationHelper
209	the_class << ' ' << html_options[:class]	209	the_class << ' ' << html_options[:class]
210	end	210	end
211	the_title = html_options[:title] \|\| label	211	the_title = html_options[:title] \|\| label
212	- link_to(' '+content_tag('span', label), url, html_options.merge(:class => the_class, :title => the_title))	212	+ if html_options[:disabled]
		213	+ content_tag('a', ' '+content_tag('span', label), html_options.merge(:class => the_class, :title => the_title))
		214	+ else
		215	+ link_to(' '+content_tag('span', label), url, html_options.merge(:class => the_class, :title => the_title))
		216	+ end
213	end	217	end
214		218
215	def button_to_function(type, label, js_code, html_options = {}, &block)	219	def button_to_function(type, label, js_code, html_options = {}, &block)
	@@ -257,30 +261,59 @@ module ApplicationHelper		@@ -257,30 +261,59 @@ module ApplicationHelper
257	concat(content_tag('div', capture(&block) + tag('br', :style => 'clear: left;'), { :class => 'button-bar' }.merge(options)))	261	concat(content_tag('div', capture(&block) + tag('br', :style => 'clear: left;'), { :class => 'button-bar' }.merge(options)))
258	end	262	end
259		263
260	- def partial_for_class(klass)
261	- if klass.nil?
262	- raise ArgumentError, 'No partial for object. Is there a partial for any class in the inheritance hierarchy?'
263	- end	264	+ VIEW_EXTENSIONS = %w[.rhtml .html.erb]
264		265
		266	+ def partial_for_class_in_view_path(klass, view_path)
		267	+ return nil if klass.nil?
265	name = klass.name.underscore	268	name = klass.name.underscore
266	- if File.exists?(File.join(RAILS_ROOT, 'app', 'views', params[:controller], "_#{name}.rhtml"))
267	- name	269	+
		270	+ search_name = String.new(name)
		271	+ if search_name.include?("/")
		272	+ search_name.gsub!(/(\/)([^\/]*)$/,'\1_\2')
		273	+ name = File.join(params[:controller], name) if defined?(params) && params[:controller]
268	else	274	else
269	- partial_for_class(klass.superclass)	275	+ search_name = "_" + search_name
		276	+ end
		277	+
		278	+ VIEW_EXTENSIONS.each do \|ext\|
		279	+ path = defined?(params) && params[:controller] ? File.join(view_path, params[:controller], search_name+ext) : File.join(view_path, search_name+ext)
		280	+ return name if File.exists?(File.join(path))
270	end	281	end
		282	+
		283	+ partial_for_class_in_view_path(klass.superclass, view_path)
271	end	284	end
272		285
273	- def partial_for_task_class(klass, action)
274	- if klass.nil?
275	- raise ArgumentError, 'No partial for object. Is there a partial for any class in the inheritance hierarchy?'	286	+ def partial_for_class(klass)
		287	+ raise ArgumentError, 'No partial for object. Is there a partial for any class in the inheritance hierarchy?' if klass.nil?
		288	+ name = klass.name.underscore
		289	+ @controller.view_paths.each do \|view_path\|
		290	+ partial = partial_for_class_in_view_path(klass, view_path)
		291	+ return partial if partial
276	end	292	end
277		293
		294	+ raise ArgumentError, 'No partial for object. Is there a partial for any class in the inheritance hierarchy?'
		295	+ end
		296	+
		297	+ def partial_for_task_class(klass, action)
		298	+ raise ArgumentError, 'No partial for object. Is there a partial for any class in the inheritance hierarchy?' if klass.nil?
		299	+
278	name = "#{klass.name.underscore}_#{action.to_s}"	300	name = "#{klass.name.underscore}_#{action.to_s}"
279	- if File.exists?(File.join(RAILS_ROOT, 'app', 'views', params[:controller], "_#{name}.rhtml"))
280	- name
281	- else
282	- partial_for_task_class(klass.superclass, action)	301	+ VIEW_EXTENSIONS.each do \|ext\|
		302	+ return name if File.exists?(File.join(RAILS_ROOT, 'app', 'views', params[:controller], '_'+name+ext))
		303	+ end
		304	+
		305	+ partial_for_task_class(klass.superclass, action)
		306	+ end
		307	+
		308	+ def view_for_profile_actions(klass)
		309	+ raise ArgumentError, 'No profile actions view for this class.' if klass.nil?
		310	+
		311	+ name = klass.name.underscore
		312	+ VIEW_EXTENSIONS.each do \|ext\|
		313	+ return "blocks/profile_info_actions/"+name+ext if File.exists?(File.join(RAILS_ROOT, 'app', 'views', 'blocks', 'profile_info_actions', name+ext))
283	end	314	end
		315	+
		316	+ view_for_profile_actions(klass.superclass)
284	end	317	end
285		318
286	def user	319	def user
	@@ -556,17 +589,18 @@ module ApplicationHelper		@@ -556,17 +589,18 @@ module ApplicationHelper
556		589
557	def gravatar_url_for(email, options = {})	590	def gravatar_url_for(email, options = {})
558	# Ta dando erro de roteamento	591	# Ta dando erro de roteamento
		592	+ default = theme_option['gravatar'] \|\| NOOSFERO_CONF['gravatar'] \|\| nil
559	url_for( { :gravatar_id => Digest::MD5.hexdigest(email),	593	url_for( { :gravatar_id => Digest::MD5.hexdigest(email),
560	:host => 'www.gravatar.com',	594	:host => 'www.gravatar.com',
561	:protocol => 'http://',	595	:protocol => 'http://',
562	:only_path => false,	596	:only_path => false,
563	:controller => 'avatar.php',	597	:controller => 'avatar.php',
564	- :d => NOOSFERO_CONF['gravatar'] ? NOOSFERO_CONF['gravatar'] : nil	598	+ :d => default
565	}.merge(options) )	599	}.merge(options) )
566	end	600	end
567		601
568	def str_gravatar_url_for(email, options = {})	602	def str_gravatar_url_for(email, options = {})
569	- default = NOOSFERO_CONF['gravatar'] ? NOOSFERO_CONF['gravatar'] : nil	603	+ default = theme_option['gravatar'] \|\| NOOSFERO_CONF['gravatar'] \|\| nil
570	url = 'http://www.gravatar.com/avatar.php?gravatar_id=' +	604	url = 'http://www.gravatar.com/avatar.php?gravatar_id=' +
571	Digest::MD5.hexdigest(email)	605	Digest::MD5.hexdigest(email)
572	{	606	{
	@@ -870,7 +904,7 @@ module ApplicationHelper		@@ -870,7 +904,7 @@ module ApplicationHelper
870		904
871	def template_stylesheet_path	905	def template_stylesheet_path
872	if profile.nil?	906	if profile.nil?
873	- '/designs/templates/default/stylesheets/style.css'	907	+ "/designs/templates/#{environment.layout_template}/stylesheets/style.css"
874	else	908	else
875	"/designs/templates/#{profile.layout_template}/stylesheets/style.css"	909	"/designs/templates/#{profile.layout_template}/stylesheets/style.css"
876	end	910	end
	@@ -947,8 +981,10 @@ module ApplicationHelper		@@ -947,8 +981,10 @@ module ApplicationHelper
947	'thickbox',	981	'thickbox',
948	'lightbox',	982	'lightbox',
949	'colorpicker',	983	'colorpicker',
		984	+ colorbox_stylesheet_path,
950	pngfix_stylesheet_path,	985	pngfix_stylesheet_path,
951	- ]	986	+ ] +
		987	+ tokeninput_stylesheets
952	end	988	end
953		989
954	# DEPRECATED. Do not use this·	990	# DEPRECATED. Do not use this·
	@@ -960,6 +996,14 @@ module ApplicationHelper		@@ -960,6 +996,14 @@ module ApplicationHelper
960	'iepngfix/iepngfix.css'	996	'iepngfix/iepngfix.css'
961	end	997	end
962		998
		999	+ def colorbox_stylesheet_path
		1000	+ 'colorbox/colorbox.css'
		1001	+ end
		1002	+
		1003	+ def tokeninput_stylesheets
		1004	+ ['token-input', 'token-input-facebook', 'token-input-mac']
		1005	+ end
		1006	+
963	def noosfero_layout_features	1007	def noosfero_layout_features
964	render :file => 'shared/noosfero_layout_features'	1008	render :file => 'shared/noosfero_layout_features'
965	end	1009	end
	@@ -975,7 +1019,10 @@ module ApplicationHelper		@@ -975,7 +1019,10 @@ module ApplicationHelper
975	def article_to_html(article, options = {})	1019	def article_to_html(article, options = {})
976	options.merge!(:page => params[:npage])	1020	options.merge!(:page => params[:npage])
977	content = article.to_html(options)	1021	content = article.to_html(options)
978	- return self.instance_eval(&content) if content.kind_of?(Proc)	1022	+ content = content.kind_of?(Proc) ? self.instance_eval(&content) : content
		1023	+ @plugins && @plugins.enabled_plugins.each do \|plugin\|
		1024	+ content = plugin.parse_content(content)
		1025	+ end
979	content	1026	content
980	end	1027	end
981		1028
	@@ -1083,6 +1130,17 @@ module ApplicationHelper		@@ -1083,6 +1130,17 @@ module ApplicationHelper
1083	link_to(content_tag(:span, _('Communities Menu')), '#', :onclick => "toggleSubmenu(this,'',#{links.to_json}); return false", :class => 'menu-submenu-trigger up', :id => 'submenu-communities-trigger')	1130	link_to(content_tag(:span, _('Communities Menu')), '#', :onclick => "toggleSubmenu(this,'',#{links.to_json}); return false", :class => 'menu-submenu-trigger up', :id => 'submenu-communities-trigger')
1084	end	1131	end
1085		1132
		1133	+ def browse_contents_menu
		1134	+ links = [
		1135	+ {s_('contents\|More Comments') => {:href => url_for({:controller => 'browse', :action => 'contents', :filter => 'more_comments'})}},
		1136	+ {s_('contents\|More Views') => {:href => url_for({:controller => 'browse', :action => 'contents', :filter => 'more_views'})}},
		1137	+ {s_('contents\|More Recent') => {:href => url_for({:controller => 'browse', :action => 'contents', :filter => 'more_recent'})}}
		1138	+ ]
		1139	+
		1140	+ link_to(content_tag(:span, _('Contents'), :class => 'icon-blog'), {:controller => "browse", :action => 'contents'}, :id => 'submenu-contents') +
		1141	+ link_to(content_tag(:span, _('Contents Menu')), '#', :onclick => "toggleSubmenu(this,'',#{links.to_json}); return false", :class => 'menu-submenu-trigger up', :id => 'submenu-contents-trigger')
		1142	+ end
		1143	+
1086	def pagination_links(collection, options={})	1144	def pagination_links(collection, options={})
1087	options = {:prev_label => '« ' + _('Previous'), :next_label => _('Next') + ' »'}.merge(options)	1145	options = {:prev_label => '« ' + _('Previous'), :next_label => _('Next') + ' »'}.merge(options)
1088	will_paginate(collection, options)	1146	will_paginate(collection, options)
	@@ -1099,16 +1157,27 @@ module ApplicationHelper		@@ -1099,16 +1157,27 @@ module ApplicationHelper
1099	result	1157	result
1100	end	1158	end
1101		1159
		1160	+ def manage_enterprises
		1161	+ if user && !user.enterprises.empty?
		1162	+ enterprises_link = user.enterprises.map do \|enterprise\|
		1163	+ link_to(content_tag('strong', [_('<span>Manage</span> %s') % enterprise.short_name(25)]), @environment.top_url + "/myprofile/#{enterprise.identifier}", :class => "icon-menu-"+enterprise.class.identification.underscore, :title => [_('Manage %s') % enterprise.short_name])
		1164	+ end
		1165	+ render :partial => 'shared/manage_enterprises', :locals => {:enterprises_link => enterprises_link}
		1166	+ end
		1167	+ end
		1168	+
1102	def usermenu_logged_in	1169	def usermenu_logged_in
1103	pending_tasks_count = ''	1170	pending_tasks_count = ''
1104	- if user && user.all_pending_tasks.count > 0
1105	- pending_tasks_count = link_to(user.all_pending_tasks.count.to_s, '/myprofile/{login}/tasks', :id => 'pending-tasks-count', :title => _("Manage your pending tasks"))	1171	+ count = user ? Task.to(user).pending.count : -1
		1172	+ if count > 0
		1173	+ pending_tasks_count = link_to(count.to_s, @environment.top_url + '/myprofile/{login}/tasks', :id => 'pending-tasks-count', :title => _("Manage your pending tasks"))
1106	end	1174	end
1107		1175
1108	- (_('Welcome, %s') % link_to('<i></i><strong>{login}</strong>', '/{login}', :id => "homepage-link", :title => _('Go to your homepage'))) +	1176	+ (_("<span class='welcome'>Welcome,</span> %s") % link_to('<i></i><strong>{login}</strong>', @environment.top_url + '/{login}', :id => "homepage-link", :title => _('Go to your homepage'))) +
1109	render_environment_features(:usermenu) +	1177	render_environment_features(:usermenu) +
1110	- link_to('<i class="icon-menu-admin"></i><strong>' + _('Administration') + '</strong>', { :controller => 'admin_panel', :action => 'index' }, :id => "controlpanel", :title => _("Configure the environment"), :class => 'admin-link', :style => 'display: none') +
1111	- link_to('<i class="icon-menu-ctrl-panel"></i><strong>' + _('Control panel') + '</strong>', '/myprofile/{login}', :id => "controlpanel", :title => _("Configure your personal account and content")) +	1178	+ link_to('<i class="icon-menu-admin"></i><strong>' + _('Administration') + '</strong>', @environment.top_url + '/admin', :id => "controlpanel", :title => _("Configure the environment"), :class => 'admin-link', :style => 'display: none') +
		1179	+ manage_enterprises.to_s +
		1180	+ link_to('<i class="icon-menu-ctrl-panel"></i><strong>' + _('Control panel') + '</strong>', @environment.top_url + '/myprofile/{login}', :id => "controlpanel", :title => _("Configure your personal account and content")) +
1112	pending_tasks_count +	1181	pending_tasks_count +
1113	link_to('<i class="icon-menu-logout"></i><strong>' + _('Logout') + '</strong>', { :controller => 'account', :action => 'logout'} , :id => "logout", :title => _("Leave the system"))	1182	link_to('<i class="icon-menu-logout"></i><strong>' + _('Logout') + '</strong>', { :controller => 'account', :action => 'logout'} , :id => "logout", :title => _("Leave the system"))
1114	end	1183	end
	@@ -1206,4 +1275,39 @@ module ApplicationHelper		@@ -1206,4 +1275,39 @@ module ApplicationHelper
1206	end	1275	end
1207	end	1276	end
1208		1277
		1278	+ def render_dialog_error_messages(instance_name)
		1279	+ render :partial => 'shared/dialog_error_messages', :locals => { :object_name => instance_name }
		1280	+ end
		1281	+
		1282	+ def report_abuse(profile, type, content=nil)
		1283	+ return if !user \|\| user == profile
		1284	+
		1285	+ url = { :controller => 'profile',
		1286	+ :action => 'report_abuse',
		1287	+ :profile => profile.identifier }
		1288	+ url.merge!({:content_type => content.class.name, :content_id => content.id}) if content
		1289	+ text = content_tag('span', _('Report abuse'))
		1290	+ klass = 'report-abuse-action'
		1291	+ already_reported_message = _('You already reported this profile.')
		1292	+ report_profile_message = _('Report this profile for abusive behaviour')
		1293	+
		1294	+ if type == :button
		1295	+ if user.already_reported?(profile)
		1296	+ button(:alert, text, url, :class => klass+' disabled', :disabled => true, :title => already_reported_message)
		1297	+ else
		1298	+ button(:alert, text, url, :class => klass, :title => report_profile_message)
		1299	+ end
		1300	+ elsif type == :link
		1301	+ if user.already_reported?(profile)
		1302	+ content_tag('a', text, :class => klass + ' disabled button with-text icon-alert', :title => already_reported_message)
		1303	+ else
		1304	+ link_to(text, url, :class => klass + ' button with-text icon-alert', :title => report_profile_message)
		1305	+ end
		1306	+ elsif type == :comment_link
		1307	+ (user.already_reported?(profile) ?
		1308	+ content_tag('a', text, :class => klass + ' disabled comment-footer comment-footer-link', :title => already_reported_message) :
		1309	+ link_to(text, url, :class => klass + ' comment-footer comment-footer-link', :title => report_profile_message)
		1310	+ ) + content_tag('span', ' \| ', :class => 'comment-footer comment-footer-hide')
		1311	+ end
		1312	+ end
1209	end	1313	end
	@@ -22,9 +22,14 @@ module ContentViewerHelper		@@ -22,9 +22,14 @@ module ContentViewerHelper
22	end	22	end
23	comments = ''	23	comments = ''
24	unless args[:no_comments] \|\| !article.accept_comments	24	unless args[:no_comments] \|\| !article.accept_comments
25	- comments = ("- %s") % link_to_comments(article)	25	+ comments = (" - %s") % link_to_comments(article)
26	end	26	end
27	- title << content_tag('span', _("%s, by %s %s") % [show_date(article.published_at), link_to(article.author_name, article.author.url), comments], :class => 'created-at')	27	+ title << content_tag('span',
		28	+ content_tag('span', show_date(article.published_at), :class => 'date') +
		29	+ content_tag('span', [_(", by %s") % link_to(article.author_name, article.author.url)], :class => 'author') +
		30	+ content_tag('span', comments, :class => 'comments'),
		31	+ :class => 'created-at'
		32	+ )
28	end	33	end
29	title	34	title
30	end	35	end
	@@ -46,4 +51,21 @@ module ContentViewerHelper		@@ -46,4 +51,21 @@ module ContentViewerHelper
46	end	51	end
47	end	52	end
48		53
		54	+ def addthis_facebook_url(article)
		55	+ "http://www.facebook.com/sharer.php?s=100&p[title]=%{title}&p[summary]=%{summary}&p[url]=%{url}&p[images][0]=%{image}" % {
		56	+ :title => CGI.escape(article.title),
		57	+ :url => CGI.escape(url_for(article.url)),
		58	+ :summary => CGI.escape(truncate(strip_tags(article.body.to_s), 300)),
		59	+ :image => CGI.escape(article.body_images_paths.first.to_s)
		60	+ }
		61	+ end
		62	+
		63	+ def addthis_image_tag
		64	+ if File.exists?(File.join(Rails.root, 'public', theme_path, 'images', 'addthis.gif'))
		65	+ image_tag(File.join(theme_path, 'images', 'addthis.gif'), :border => 0, :alt => '')
		66	+ else
		67	+ image_tag("/images/bt-bookmark.gif", :width => 53, :height => 16, :border => 0, :alt => '')
		68	+ end
		69	+ end
		70	+
49	end	71	end