[Mezuro] Merge branch 'master' into mezuro

Paulo Meireles
2 parents 0e8830f9 1aeb0d56
Showing 195 changed files with 74645 additions and 67678 deletions Show diff stats
AUTHORS
HACKING
INSTALL
INSTALL.email
INSTALL.varnish
app/controllers/my_profile/cms_controller.rb
app/controllers/my_profile/tasks_controller.rb
app/controllers/public/account_controller.rb
app/controllers/public/catalog_controller.rb
app/controllers/public/content_viewer_controller.rb
app/controllers/public/profile_controller.rb
app/helpers/application_helper.rb
app/helpers/catalog_helper.rb
app/helpers/content_viewer_helper.rb
app/helpers/display_helper.rb
app/helpers/folder_helper.rb
app/helpers/forms_helper.rb
app/helpers/language_helper.rb
app/models/approve_article.rb
app/models/article.rb
@@ -6,45 +6,144 @@ noosfero, that&#39;s not a problem).
 Developers
 ==========
  
+Alan Freihof Tygel <alantygel@gmail.com>
+Alessandro Palmeira <alessandro.palmeira@gmail.com>
+Alessandro Palmeira + Caio C. Salgado <alessandro.palmeira@gmail.com>
+Alessandro Palmeira + Caio Salgado <alessandro.palmeira@gmail.com>
+Alessandro Palmeira + Caio Salgado <caio.csalgado@gmail.com>
+Alessandro Palmeira + Caio Salgado + Diego Araújo + João M. M. da Silva <diegoamc90@gmail.com>
+Alessandro Palmeira + Carlos Morais <alessandro.palmeira@gmail.com>
+Alessandro Palmeira + Diego Araújo <alessandro.palmeira@gmail.com>
+Alessandro Palmeira + Diego Araújo <diegoamc90@gmail.com>
+Alessandro Palmeira + Diego Araújo + Pedro Leal <diegoamc90@gmail.com>
+Alessandro Palmeira + Diego Araújo + Pedro Leal + João M. M. da Silva <diegoamc90@gmail.com>
+Alessandro Palmeira + Diego Araujo + Rafael Manzo <alessandro.palmeira@gmail.com>
+Alessandro Palmeira + Jefferson Fernandes <alessandro.palmeira@gmail.com>
+Alessandro Palmeira + João M. M. da Silva <alessandro.palmeira@gmail.com>
+Alessandro Palmeira + João M. M. da Silva + Renan Teruo <alessandro.palmeira@gmail.com>
+Alessandro Palmeira + João M. M. Silva <alessandro.palmeira@gmail.com>
+Alessandro Palmeira + Paulo Meirelles <alessandro.palmeira@gmail.com>
+Alessandro Palmeira + Rafael Manzo <alessandro.palmeira@gmail.com>
 Antonio Terceiro + Carlos Morais <terceiro@colivre.coop.br>
 Antonio Terceiro + Paulo Meirelles <terceiro@colivre.coop.br>
 Antonio Terceiro <terceiro@colivre.coop.br>
 Aurelio A. Heckert <aurelio@colivre.coop.br>
 Braulio Bhavamitra <brauliobo@gmail.com>
 Bráulio Bhavamitra <brauliobo@gmail.com>
+Caio <caio.csalgado@gmail.com>
+Caio + Diego + Pedro + João <caio.csalgado@gmail.com>
+Caio, Pedro <caio.csalgado@gmail.com>
+Caio Salgado + Alessandro Palmeira <caio.csalgado@gmail.com>
+Caio Salgado <caio.csalgado@gmail.com>
+Caio Salgado + Carlos Morais + Diego Araújo + Pedro Leal <diegoamc90@gmail.com>
+Caio Salgado + Diego Araujo <caio.csalgado@gmail.com>
+Caio Salgado + Diego Araújo <caio.csalgado@gmail.com>
+Caio Salgado + Diego Araújo <diegoamc90@gmail.com>
+Caio Salgado + Diego Araújo + Jefferson Fernandes <caio.csalgado@gmail.com>
+Caio Salgado + Diego Araújo + João M. M. da Silva <caio.csalgado@gmail.com>
+Caio Salgado + Diego Araújo + Pedro Leal <caio.csalgado@gmail.com>
+Caio Salgado + Diego Araújo + Pedro Leal <diegoamc90@gmail.com>
+Caio Salgado + Diego Araújo + Rafael Manzo <diegoamc90@gmail.com>
+Caio Salgado + Jefferson Fernandes <caio.csalgado@gmail.com>
+Caio Salgado + Jefferson Fernandes <jeffs.fernandes@gmail.com>
+Caio Salgado + Rafael Manzo <caio.csalgado@gmail.com>
+Caio Salgado + Renan Teruo <caio.csalgado@gmail.com>
+Caio Salgado + Renan Teruo <caio.salgado@gmail.com>
+Caio Salgado + Renan Teruo + Jefferson Fernandes <jeffs.fernandes@gmail.com>
+Caio Salgado + Renan Teruo <renanteruoc@gmail.com>
 Caio SBA <caio@colivre.coop.br>
 Carlos Morais <carlos88morais@gmail.com>
 Carlos Morais + Diego Araújo <diegoamc90@gmail.com>
+Carlos Morais + Eduardo Morais <carlos88morais@gmail.com>
 Carlos Morais + Paulo Meirelles <carlos88morais@gmail.com>
+Carlos Morais + Pedro Leal <carlos88morais@gmail.com>
 Daniela Soares Feitosa <danielafeitosa@colivre.coop.br>
 Daniel Cunha <daniel@colivre.coop.br>
+diegoamc <diegoamc90@gmail.com>
+Diego Araújo + Alessandro Palmeira <diegoamc90@gmail.com>
+Diego Araujo + Caio Salgado <diegoamc90@gmail.com>
 Diego Araújo <diegoamc90@gmail.com>
+Diego Araújo + Jefferson Fernandes <diegoamc90@gmail.com>
+Diego Araujo + Jefferson Fernandes <jeffs.fernandes@gmail.com>
+Diego Araújo + João Machini <diegoamc90@gmail.com>
+Diego Araújo + João Machini <digoamc90@gmail.com>
 Diego Araújo + João M. M. da Silva <diegoamc90@gmail.com>
+Diego Araújo + João M. M. da Silva + João Machini <diegoamc90@gmail.com>
+Diego Araújo + João M. M. da Silva + Pedro Leal <diegoamc90@gmail.com>
+Diego Araújo + Paulo Meirelles <diegoamc90@gmail.com>
+Diego Araújo + Pedro Leal <diegoamc90@gmail.com>
+Diego Araújo + Rafael Manzo <diegoamc90@gmail.com>
+Diego Araújo + Renan Teruo + Alessandro Palmeira <diegoamc90@gmail.com>
+Diego Araújo + Renan Teruo <diegoamc90@gmail.com>
+Diego + Jefferson <diegoamc90@gmail.com>
+Diego Martinez <diegoamc90@gmail.com>
+Diego + Renan <renanteruoc@gmail.com>
 Fernanda Lopes <nanda.listas+psl@gmail.com>
 Grazieno Pellegrino <grazieno@gmail.com>
 Isaac Canan <isaac@intelletto.com.br>
 Italo Valcy <italo@dcc.ufba.br>
+Jefferson Fernandes + Diego Araujo + Rafael Manzo <jeffs.fernandes@gmail.com>
+Jefferson Fernandes + Joao M. M. da Silva <jeffs.fernandes@gmail.com>
+Jefferson Fernandes + Joao M. M. Silva <jeffs.fernandes@gmail.com>
 João da Silva <jaodsilv@linux.ime.usp.br>
+João Marco Maciel da Silva + Rafael Manzo + Renan Teruo <jaodsilv@linux.ime.usp.br>
+João M. M. da Silva + Alessandro Palmeira + Diego Araújo + Caio Salgado <jaodsilv@linux.ime.usp.br>
+João M. M. da Silva + Alessandro Palmeira + Diego Araújo <jaodsilv@linux.ime.usp.br>
+João M. M. da Silva + Alessandro Palmeira <jaodsilv@linux.ime.usp.br>
+João M. M. da Silva + Alessandro Palmeira + João Machini <jaodsilv@linux.ime.usp.br>
+João M. M. da Silva + Caio Salgado + Alessandro Palmeira <jaodsilv@linux.ime.usp.br>
+João M. M. da Silva + Caio Salgado <jaodsilv@linux.ime.usp.br>
 João M. M. da Silva + Carlos Morais <jaodsilv@linux.ime.usp.br>
 João M. M. da Silva + Diego Araújo <diegoamc90@gmail.com>
 João M. M. da Silva + Diego Araújo <jaodsilv@linux.ime.usp.br>
+João M. M. da Silva + Diego Araújo + Pedro Leal <jaodsilv@linux.ime.usp.br>
+João M. M. da Silva <jaodsilv@linux.ime.usp.br>
+Joao M. M. da Silva + Jefferson Fernandes <jaodsilv@linux.ime.usp.br>
+João M. M. da Silva + Jefferson Fernandes <jaodsilv@linux.ime.usp.br>
+João M. M. da Silva + João M. Miranda <jaodsilv@linux.ime.usp.br>
 João M. M. da Silva + Paulo Meirelles <jaodsilv@linux.ime.usp.br>
+João M. M. da Silva + Pedro Leal <jaodsilv@linux.ime.usp.br>
+João M. M. da Silva + Rafael Manzo + Diego Araújo <jaodsilv@linux.ime.usp.br>
+João M. M. da Silva + Rafael Manzo <jaodsilv@linux.ime.usp.br>
+João M. M. da Silva + Renan Teruo <jaodsilv@linux.ime.usp.br>
+João M. M. Silva + Caio Salgado <jaodsilv@linux.ime.usp.br>
+João M. M. Silva + Diego Araújo <jaodsilv@linux.ime.usp.br>
+Joao M. M. Silva + Jefferson Fernandes <jaodsilv@linux.ime.usp.br>
+João M. M. Silva + Paulo Meirelles <jaodsilv@linux.ime.usp.br>
+João M. M. Silva + Rafael Manzo <jaodsilv@linux.ime.usp.br>
+João M. M. Silva + Renan Teruo <jaodsilv@linux.ime.usp.br>
 Joenio Costa <joenio@colivre.coop.br>
 Josef Spillner <josef.spillner@tu-dresden.de>
 Keilla Menezes <keilla@colivre.coop.br>
 Larissa Reis <larissa@colivre.coop.br>
 Larissa Reis <reiss.larissa@gmail.com>
 Leandro Nunes dos Santos <leandronunes@gmail.com>
+Leandro Nunes dos Santos <leandro.santos@serpro.gov.br>
 LinguÁgil 2010 <linguagil.bahia@gmail.com>
+Luis David Aguilar Carlos <ludwig9003@gmail.com>
 Martín Olivera <molivera@solar.org.ar>
 Moises Machado <moises@colivre.coop.br>
 Nanda Lopes <nanda.listas+psl@gmail.com>
+Paulo Meirelles + Alessandro Palmeira <paulo@softwarelivre.org>
 Paulo Meirelles + Carlos Morais <paulo@softwarelivre.org>
+Paulo Meirelles + Diego Araújo <paulo@softwarelivre.org>
+Paulo Meirelles + João M. M. da Silva <paulo@softwarelivre.org>
 Paulo Meirelles <paulo@softwarelivre.org>
 Rafael Gomes <rafaelgomes@techfree.com.br>
+Rafael Manzo + João M. M. Silva <rr.manzo@gmail.com>
 Rafael Martins <rmmartins@gmail.com>
+Rafael Reggiani Manzo + Caio Salgado + Jefferson Fernandes <rr.manzo@gmail.com>
+Rafael Reggiani Manzo + Diego Araujo <diegoamc90@gmail.com>
+Rafael Reggiani Manzo + Diego Araujo <rr.manzo@gmail.com>
+Rafael Reggiani Manzo <rr.manzo@gmail.com>
 Raphaël Rousseau <raph@r4f.org>
 Raquel Lira <raquel.lira@gmail.com>
+Renan Teruo + Caio Salgado <renanteruoc@gmail.com>
+Renan Teruoc + Diego Araujo <renanteruoc@gmail.com>
+Renan Teruo + Diego Araujo <renanteruoc@gmail.com>
+Renan Teruo + Diego Araújo <renanteruoc@gmail.com>
+Renan Teruo + Paulo Meirelles <renanteruoc@gmail.com>
+Renan Teruo + Rafael Manzo <renanteruoc@gmail.com>
 Rodrigo Souto <rodrigo@colivre.coop.br>
 Ronny Kursawe <kursawe.ronny@googlemail.com>
 Samuel R. C. Vale <srcvale@holoscopio.com>
 = Noosfero instructions for developers
  
-This document provides useful information to those who want to help with
-Noosfero development.
+== A work about your the development platform
  
-== Requirements for development
+These instructions are tested and known to work on Debian stable, which is the
+system that the Noosfero core developers use to work on Noosfero.
  
-First, install all requirements listed in INSTALL. Note that you do not need to
-follow all the steps described there, you only need to install the packages
-listed in the "Requirements" section.
+If you want to use another OS, read "Instructions for other systems" below.
  
-After installing the requirements listed in INSTALL, you need to install some
-packages be able to run Noosfero tests. On Debian GNU/Linux and Debian-based
-systems, you install them with the following command:
+== Instructions for Debian stable
  
- # apt-get install libtidy-ruby libhpricot-ruby libmocha-ruby imagemagick po4a xvfb libxml2-dev libxslt-dev
+Download the source code:
  
-On other systems, they may or may not be available through your regular package
-management system. Below are the links to their homepages.
+  $ git clone git://gitorious.org/noosfero/noosfero.git
+  $ cd noosfero
  
-* Mocha: http://mocha.rubyforge.org/
-* Tidy: http://tidy.sourceforge.net/
-* Hpricot: http://github.com/whymirror/hpricot
-* Imagemagick: http://wwwimagemagick.org/
-* po4a: http://po4a.alioth.debian.org/
-* xvfb: http://packages.debian.org/lenny/xvfb
-* Libxml2: http://xmlsoft.org/
-* Libxslt: http://xmlsoft.org/xslt
+Run the quick start script:
  
-== Boostraping a development/test environment
+  $ ./script/quick-start
  
-You can copy and paste the commands below into a terminal (please review the
-commands and make sure you understand what you are doing):
+Now you can execute the development server with:
  
- # checkout the code from repository
- git clone git://gitorious.org/noosfero/noosfero.git
- # enter the directory
- cd noosfero
- # copy a sample config file
- cp config/database.yml.sqlite3 config/database.yml
- # create tmp directory if it doesn't exist
- mkdir tmp
- # start Solr
- rake solr:start
- # create the development database
- rake db:schema:load
- # run pending migrations
- rake db:migrate
- # compile translations:
- rake makemo
- # create some test data:
- ./script/sample-data
- # install latest requirements for running tests
- RAILS_ENV=cucumber rake gems:install
- RAILS_ENV=test rake gems:install
- # run the automated test suite to make sure your environment is sane:
- rake test
+  $ ./script/development
  
-You should now be ready to go. Issue the following command to start the Rails
-development server:
+You will be able to access Noosfero at http://localhost:3000/
  
- ./script/server
+If you want to use a different port than 3000, pass `-p <PORT>` to
+./script/development
  
-The server will be available at http://localhost:3000/ . If you want to use
-another port than 3000, you can use the -p option of ./script/server:
+== Instructions for other systems
  
- ./script/server -p 9999
+On other OS, you have 2 options:
  
-The above command makes the server available at http://localhost:9999/
+1) using a chroot or a VM with Debian stable (easier)
  
-The sample-data data scripts creates two administrator users with login "ze" and
-password "test" and login "adminuser" and password "admin".
+Use a chroot (http://wiki.debian.org/Schroot) or a Virtual Machine (e.g. with
+VirtualBox) with a Debian stable system and follow the instructions above for
+Debian stable.
  
-Note that some operations, like generating image thumbnails, sending e-mails,
-etc, are done in background in the context of a service independent from the
-Rails application server. To have those tasks performed in a development
-environment, you must run the delayed_job server like this:
+2) Installing dependencies on other OS (harder)
  
- ./script/delayed_job run
+If you want to setup a development environment in another OS, you can create a
+file under script/install-dependencies/, called <OS>-<CODENAME>.sh, which
+installed the dependencies for your system. With this script in place,
+./script/quick-start will call it at the point of installing the required
+packages for Noosfero development.
  
-This will block your terminal. To stop the delayed_job server, hit Control-C.
+You can check script/install-dependencies/debian-squeeze.sh to have an idea of
+what kind of stuff that script has to do. 
  
-== Enabling exceptions notification
-
-By default, exception notifications are disabled in development environment. If
-you want to enable it then you need to change some files:
-
-1) Add in config/environments/development.rb:
-   config.action_controller.consider_all_requests_local = false
-
-2) Add in app/controller/application.rb:
-   local_addresses.clear
-
-3) Add in config/noosfero.yml at development section:
-   exception_recipients: [admin@example.com]
-
-== Releasing and building Debian package
-
-See RELEASING file.
+If you write such script for your own OS, *please* share it with us at the
+development mailing list so that we can include it in the official repository.
+This way other people using the same OS will have to put less effort to develop
+Noosfero.
-= Noosfero installation instructions
+= Noosfero installation instructions from source for production environments
  
-Noosfero is written in Ruby with the "Rails framework":http://www.rubyonrails.org,
-so the process of setting it up is pretty similar to other Rails applications.
+The instructions below can be used for setting up a Noosfero production
+environment from the Noosfero sources.
  
-Below we have the instructions for installing Noosfero dependencies and setting
-up a production environment. If you have problems with the setup, please feel
-free to ask questions in the development mailing list.
+Before you start installing Noosfero manually, see the information about the
+Noosfero Debian package at http://noosfero.org/Development/DebianPackage. Using
+the Debian packages on a Debian stable system is the recommended method for
+installing production environments.
+
+If you want to setup a development environment instead of a production one,
+stop reading this file right now and read the file HACKING instead.
+
+For a complete installation guide, please see the following web page:
+http://noosfero.org/Development/HowToInstall
+
+If you have problems with the setup, please feel free to ask questions in the
+development mailing list.
  
 == Requirements
  
+DISCLAIMER: this installation procedure is tested with Debian stable, which is
+currently the only recommended operating system for production usage. It is
+possible that you can install it on other systems, and if you do so, please
+report it on one of the Noosfero mailing lists, and please send a patch
+updating these instructions.
+
+Noosfero is written in Ruby with the "Rails
+framework":http://www.rubyonrails.org, so the process of setting it up is
+pretty similar to other Rails applications.
+
 You need to install some packages Noosfero depends on.  On Debian GNU/Linux or
 Debian-based systems, all of these packages are available through the Debian
 archive. You can install them with the following command:
@@ -38,21 +58,9 @@ If you manage to install Noosfero successfully on other systems than Debian,
 please feel free to contact the Noosfero development mailing with the
 instructions for doing so, and we'll include it here.
  
-=== Setting up a production environment
-
-DISCLAIMER: this installation procedure is tested with Debian stable, which is
-currently the only recommended operating system for production usage. It is
-possible that you can install it on other systems, and if you do so, please
-report it on one of the Noosfero mailing lists, and please send a patch
-updating these instructions.
-
 As root user
 ============
  
-NOTE: these instructions are for seting up a *production* environment. If you
-are going to do Noosfero development, you don't need to do these steps. Stop
-here and see the HACKING file instead.
-
 Install memcached. On Debian:
  
 # apt-get install memcached
@@ -96,11 +104,11 @@ $ git checkout -b stable origin/stable
 downloading tarball
 -------------------
  
-Note: replace 0.35.0 below from the latest stable version.
+Note: replace 0.39.0 below from the latest stable version.
  
-$ wget http://noosfero.org/pub/Development/NoosferoVersion00x35x00/noosfero-0.35.0.tar.gz
-$ tar -zxvf noosfero-0.35.0.tar.gz
-$ ln -s noosfero-0.35.0 current
+$ wget http://noosfero.org/pub/Development/NoosferoVersion00x39x00/noosfero-0.39.0.tar.gz
+$ tar -zxvf noosfero-0.39.0.tar.gz
+$ ln -s noosfero-0.39.0 current
 $ cd current
  
 Copy config/solr.yml.dist to config/solr.yml. You will
@@ -108,7 +116,7 @@ probably not need to customize this configuration, but have a look at it.
  
 Create the thin configuration file:
  
-$ thin -C config/thin.yml config
+$ thin -C config/thin.yml -e production config
  
 Edit config/thin.yml to suit your needs. Make sure your apache
 configuration matches the thin cluster configuration, specially in respect
@@ -147,48 +155,7 @@ Restart postgresql:
  
 Noosfero needs a functional e-mail setup to work: the local mail system should
 be able to deliver e-mail to the internet, either directly or through an
-external SMTP server.
-
-If you know mail systems well, you just need to make sure thet the local MTA,
-listening on localhost:25, is able to deliver e-mails to the internet. Any mail
-server will do it.
-
-If you are not a mail specialist, we suggest that you use the Postfix mail
-server, since it is easy to configure and very reliable. Just follow the
-instructions below.
-
-To install Postfix:
-
-# apt-get install postfix
-
-During the installation process, you will be asked a few questions. Your answer
-to them will vary in 2 cases:
-
-Case 1: you can send e-mails directly to the internet. This will be the case
-for most commercial private servers. Your answers should be:
-
-  General type of mail configuration: Internet site
-  System mail name: the name of your domain, e.g. "mysocialnetwork.com"
-
-Case 2: you cannot, or don't want to, send e-mail directly to the internet.
-This happens for example if your server is not allowed to make outbound
-connections on port 25, or if you want to concentrate all your outbound mail
-through a single SMTP server. Your answers in this case should be:
-
-  General type of mail configuration: Internet with smarthost
-  System mail name: the name of your domain, e.g. "mysocialnetwork.com"
-  SMTP relay host: smtp.yourprovider.com
-
-Note that smtp.yourprovider.com must allow your server to deliver e-mails
-through it. You should probably ask your servive provider about this.
-
-There is another possibility: if you are installing on a shared server, and
-don't have permission to configure the local MTA, you can instruct Noosfero to
-send e-mails directly through an external server. Please note that this should
-be your last option, since contacting an external SMTP server directly may slow
-down your Noosfero application server. To configure Noosfero to send e-mails
-through an external SMTP server, follow the instructions on
-http://noosfero.org/Development/SMTPMailSending
+external SMTP server. Please check the documentation at the INSTALL.email file.
  
 As noosfero user
 ================
@@ -220,19 +187,6 @@ $ ./script/dbconsole production
 If it connects to your database, then everything is fine. If you got an error
 message, then you have to check your database configuration.
  
-Installing gem rack
-===================
-
-This gem is required if you want to run Mezuro plugin.
-
-Install RubyGem Rack 1.0.1.
-Others versions may not be compatible with Noosfero:
-
-# gem install rack -v 1.0.1
-
-As noosfero user
-================
-
 Create the database structure:
  
 $ RAILS_ENV=production rake db:schema:load
@@ -245,7 +199,7 @@ Run Solr:
  
 $ rake solr:start
  
-Now we have to create some initial data. To create your default environment
+Now we must create some initial data. To create your default environment
 (the first one), run the command below:
  
 $ RAILS_ENV=production ./script/runner 'Environment.create!(:name => "My environment", :is_default => true)'
@@ -261,10 +215,10 @@ $ RAILS_ENV=production ./script/runner &quot;Environment.default.domains &lt;&lt; Domain.ne
  
 Add at least one user as admin of environment:
  
-$ RAILS_ENV=production ./script/runner "User.create(:login => 'adminuser', :email => 'admin@example.com', :password => 'admin', :password_confirmation => 'admin', :environment => Environment.default)"
+$ RAILS_ENV=production ./script/runner "User.create(:login => 'adminuser', :email => 'admin@example.com', :password => 'admin', :password_confirmation => 'admin', :environment => Environment.default, :activated_at => Time.new)"
  
 (replace "adminuser", "admin@example.com", "admin" with the login, email
-and password of your environment admin)
+and password of your environment administrator)
  
 To start the Noosfero application servers:
  
@@ -274,23 +228,6 @@ At this point you have a functional Noosfero installation running, the only
 thing left is to configure your webserver as a reverse proxy to pass requests
 to them.
  
-Enabling exception notifications
-================================
-
-This is an optional step. You will need it only if you want to receive e-mail
-notifications when some exception occurs on Noosfero.
-
-First, install this version of the gem.
-Others versions may not be compatible with Noosfero:
-
-# gem install exception_notification -v 1.0.20090728
-
-You can configure the e-mails that will receive the notifications.
-Change the file config/noosfero.yml as the following example, replacing the
-e-mails by real ones:
-
-  production:
-    exception_recipients: [admin@example.com, you@example.com]
  
 ==================
 Apache instalation
@@ -384,6 +321,26 @@ Now restart your apache server (as root):
  
 # invoke-rc.d apache2 restart
  
+
+Enabling exception notifications
+================================
+
+This is an optional step. You will need it only if you want to receive e-mail
+notifications when some exception occurs on Noosfero.
+
+First, install this version of the gem.
+Others versions may not be compatible with Noosfero:
+
+# gem install exception_notification -v 1.0.20090728
+
+You can configure the e-mails that will receive the notifications.
+Change the file config/noosfero.yml as the following example, replacing the
+e-mails by real ones:
+
+  production:
+    exception_recipients: [admin@example.com, you@example.com]
+
+
 ============
 Maintainance
 ============
@@ -0,0 +1,43 @@
+= Noosfero email setup
+
+If you know mail systems well, you just need to make sure that the local MTA,
+listening on localhost:25, is able to deliver e-mails to the internet. Any mail
+server will do it. You can stop reading now.
+
+If you are not an email specialist, then follow the instructions below. We
+suggest that you use the Postfix mail server, since it is easy to configure and
+very reliable. Just follow the instructions below.
+
+To install Postfix:
+
+# apt-get install postfix
+
+During the installation process, you will be asked a few questions. Your answer
+to them will vary in 2 cases:
+
+Case 1: you can send e-mails directly to the internet. This will be the case
+for most commercial private servers. Your answers should be:
+
+  General type of mail configuration: Internet site
+  System mail name: the name of your domain, e.g. "mysocialnetwork.com"
+
+Case 2: you cannot, or don't want to, send e-mail directly to the internet.
+This happens for example if your server is not allowed to make outbound
+connections on port 25, or if you want to concentrate all your outbound mail
+through a single SMTP server. Your answers in this case should be:
+
+  General type of mail configuration: Internet with smarthost
+  System mail name: the name of your domain, e.g. "mysocialnetwork.com"
+  SMTP relay host: smtp.yourprovider.com
+
+Note that smtp.yourprovider.com must allow your server to deliver e-mails
+through it. You should probably ask your servive provider about this.
+
+There is another possibility: if you are installing on a shared server, and
+don't have permission to configure the local MTA, you can instruct Noosfero to
+send e-mails directly through an external server. Please note that this should
+be your last option, since contacting an external SMTP server directly may slow
+down your Noosfero application server. To configure Noosfero to send e-mails
+through an external SMTP server, follow the instructions on
+http://noosfero.org/Development/SMTPMailSending
+
@@ -5,75 +5,63 @@ recommended. See http://www.varnish-cache.org/ for more information on Varnish.
  
 Varnish can be set up to use with Noosfero with the following steps:
  
-1) setup Noosfero with apache according to the INSTALL file.
+1) setup Noosfero with apache according to the INSTALL file. If you used the
+Debian package to install noosfero, you don't need to do anything about this.
  
 2) install Varnish
  
   # apt-get install varnish
  
-Noosfero was tested with Varnish 2.x. If you are using a Debian Lenny (and you
-should, unless Debian already released Squeeze by now), make sure you install
-varnish from the lenny-backports suite.
-
 Install the RPAF apache module (or skip this step if not using apache):
  
   # apt-get install libapache2-mod-rpaf
  
-3) Enable varnish logging:
-
-3a) Edit /etc/default/varnishncsa and uncomment the line that contains:
-
-VARNISHNCSA_ENABLED=1
-
-The varnish log will be written to /var/log/varnish/varnishncsa.log in an
-apache-compatible format. You should change your statistics generation software
-(e.g. awstats) to use that instead of apache logs.
-
-3b) Restart Varnish Logging service
-
-  # invoke-rc.d varnishncsa start
-
-4) Change Apache to listen on port 8080 instead of 80
+3) Change Apache to listen on port 8080 instead of 80
  
-4a) Edit /etc/apache2/ports.conf, and:
+3a) Edit /etc/apache2/ports.conf, and:
  
-  * change 'Listen 80' to 'Listen 127.0.0.1:8080'
   * change 'NameVirtualHost *:80' to 'NameVirtualHost *:8080'
+  * change 'Listen 80' to 'Listen 127.0.0.1:8080'
  
-4b) Edit /etc/apache2/sites-enabled/*, and change '<VirtualHost *:80>' to '<VirtualHost *:8080>'
+3b) Edit /etc/apache2/sites-enabled/*, and change '<VirtualHost *:80>' to
+'<VirtualHost *:8080>'
  
-4c) Restart apache
+3c) Restart apache
  
   # invoke-rc.d apache2 restart
  
-5) Change Varnish to listen on port 80
+4) Varnish configuration
  
-5a) Edit /etc/default/varnish and change '-a :6081' to '-a :80'
+4a) Edit /etc/default/varnish
  
-5b) Restart Varnish
+   * change the line that says "START=no" to say "START=yes"
+   * change '-a :6081' to '-a :80'
  
-  # invoke-rc.d varnish restart
+4b) Edit /etc/varnish/default.vcl and add the following lines at the end:
  
-6) Configure varnish to fit noosfero
-(assuming Noosfero is installed in /var/lib/noosfero)
+  include "/etc/noosfero/varnish-noosfero.vcl";
+  include "/etc/noosfero/varnish-accept-language.vcl";
  
-6a) Configure noosfero to do specific routines to varnish
+On manual installations, change "/etc/noosfero/*" to
+"{Rails.root}/etc/noosfero/*"
  
-Add the following line to your /etc/varnish/default.vcl file:
+4c) Restart Varnish
  
-  include "/var/lib/noosfero/etc/noosfero/varnish-noosfero.vcl";
+  # invoke-rc.d varnish restart
  
-6b) Configure varnish to store separate caches for each language
+5) Enable varnish logging:
  
-Add the following line to your /etc/varnish/default.vcl file:
+5a) Edit /etc/default/varnishncsa and uncomment the line that contains:
  
-  include "/var/lib/noosfero/etc/noosfero/varnish-accept-language.vcl";
+VARNISHNCSA_ENABLED=1
  
-7) Restart Varnish
+The varnish log will be written to /var/log/varnish/varnishncsa.log in an
+apache-compatible format. You should change your statistics generation software
+(e.g. awstats) to use that instead of apache logs.
  
-  # invoke-rc.d varnish restart
+5b) Restart Varnish Logging service
+
+  # invoke-rc.d varnishncsa restart
  
 Thanks to Cosimo Streppone for varnish-accept-language. See
 http://github.com/cosimo/varnish-accept-language for more information.
-
- -- Antonio Terceiro <terceiro@colivre.coop.br>  Sat, 04 Sep 2010 17:29:27 -0300
@@ -16,7 +16,13 @@ class CmsController &lt; MyProfileController
  
   before_filter :login_required, :except => [:suggest_an_article]
  
-  protect_if :except => [:suggest_an_article, :set_home_page, :edit, :destroy, :publish] do |c, user, profile|
+  protect_if :only => :upload_files do |c, user, profile|
+    article_id = c.params[:parent_id]
+    (!article_id.blank? && profile.articles.find(article_id).allow_create?(user)) ||
+    (user && (user.has_permission?('post_content', profile) || user.has_permission?('publish_content', profile)))
+  end
+
+  protect_if :except => [:suggest_an_article, :set_home_page, :edit, :destroy, :publish, :upload_files] do |c, user, profile|
     user && (user.has_permission?('post_content', profile) || user.has_permission?('publish_content', profile))
   end
  
@@ -92,7 +98,7 @@ class CmsController &lt; MyProfileController
       @article_types = []
       available_article_types.each do |type|
         @article_types.push({
-          :name => type.name,
+          :class => type,
           :short_description => type.short_description,
           :description => type.description
         })
@@ -154,7 +160,7 @@ class CmsController &lt; MyProfileController
     end
     if request.post? && params[:uploaded_files]
       params[:uploaded_files].each do |file|
-        @uploaded_files << UploadedFile.create(:uploaded_data => file, :profile => profile, :parent => @parent) unless file == ''
+        @uploaded_files << UploadedFile.create(:uploaded_data => file, :profile => profile, :parent => @parent, :last_changed_by => user) unless file == ''
       end
       @errors = @uploaded_files.select { |f| f.errors.any? }
       if @errors.any?
@@ -9,7 +9,7 @@ class TasksController &lt; MyProfileController
   end
  
   def processed
-    @tasks = Task.to(profile).finished.sort_by(&:created_at)
+    @tasks = Task.to(profile).closed.sort_by(&:created_at)
   end
  
   VALID_DECISIONS = [ 'finish', 'cancel', 'skip' ]
@@ -4,6 +4,7 @@ class AccountController &lt; ApplicationController
  
   before_filter :login_required, :only => [:activation_question, :accept_terms, :activate_enterprise]
   before_filter :redirect_if_logged_in, :only => [:login, :signup]
+  before_filter :protect_from_bots, :only => :signup
  
   # say something nice, you goof!  something sweet.
   def index
@@ -55,6 +56,11 @@ class AccountController &lt; ApplicationController
     render :action => 'login', :layout => false
   end
  
+  def signup_time
+    key = set_signup_start_time_for_now
+    render :text => { :ok=>true, :key=>key }.to_json
+  end
+
   # action to register an user to the application
   def signup
     if @plugins.dispatch(:allow_user_registration).include?(false)
@@ -62,6 +68,7 @@ class AccountController &lt; ApplicationController
       session[:notice] = _("This environment doesn't allow user registration.")
     end
  
+    @block_bot = !!session[:may_be_a_bot]
     @invitation_code = params[:invitation_code]
     begin
       if params[:user]
@@ -76,19 +83,28 @@ class AccountController &lt; ApplicationController
       @person = Person.new(params[:profile_data])
       @person.environment = @user.environment
       if request.post?
-        @user.signup!
-        owner_role = Role.find_by_name('owner')
-        @user.person.affiliate(@user.person, [owner_role]) if owner_role
-        invitation = Task.find_by_code(@invitation_code)
-        if invitation
-          invitation.update_attributes!({:friend => @user.person})
-          invitation.finish
-        end
-        if @user.activated?
-          self.current_user = @user
-          redirect_to '/'
+        if may_be_a_bot
+          set_signup_start_time_for_now
+          @block_bot = true
+          session[:may_be_a_bot] = true
         else
-          @register_pending = true
+          if session[:may_be_a_bot]
+            return false unless verify_recaptcha :model=>@user, :message=>_('Captcha (the human test)')
+          end
+          @user.signup!
+          owner_role = Role.find_by_name('owner')
+          @user.person.affiliate(@user.person, [owner_role]) if owner_role
+          invitation = Task.find_by_code(@invitation_code)
+          if invitation
+            invitation.update_attributes!({:friend => @user.person})
+            invitation.finish
+          end
+          if @user.activated?
+            self.current_user = @user
+            redirect_to '/'
+          else
+            @register_pending = true
+          end
         end
       end
     rescue ActiveRecord::RecordInvalid
@@ -97,6 +113,7 @@ class AccountController &lt; ApplicationController
       @person.errors.delete(:user_id)
       render :action => 'signup'
     end
+    clear_signup_start_time
   end
  
   # action to perform logout from the application
@@ -271,7 +288,36 @@ class AccountController &lt; ApplicationController
   def no_redirect
     @cannot_redirect = true
   end
-  
+
+  def set_signup_start_time_for_now
+    key = 'signup_start_time_' + rand.to_s.split('.')[1]
+    Rails.cache.write key, Time.now
+    key
+  end
+
+  def get_signup_start_time
+    Rails.cache.read params[:signup_time_key]
+  end
+
+  def clear_signup_start_time
+    Rails.cache.delete params[:signup_time_key] if params[:signup_time_key]
+  end
+
+  def may_be_a_bot
+    # No minimum signup delay, no bot test.
+    return false if environment.min_signup_delay == 0
+
+    # answering captcha, may be human!
+    return false if params[:recaptcha_response_field]
+
+    # never set signup_time, hi wget!
+    signup_start_time = get_signup_start_time
+    return true if signup_start_time.nil?
+
+    # so fast, so bot.
+    signup_start_time > ( Time.now - environment.min_signup_delay.seconds )
+  end
+
   def check_answer
     unless answer_correct
       @enterprise.block
 class CatalogController < PublicController
   needs_profile
+  no_design_blocks
  
   before_filter :check_enterprise_and_environment
  
   def index
-    @products = @profile.products.paginate(:order => 'name asc', :per_page => 9, :page => params[:page])
+    @category = params[:level] ? ProductCategory.find(params[:level]) : nil
+    @products = @profile.products.from_category(@category).paginate(:order => 'available desc, highlighted desc, name asc', :per_page => 9, :page => params[:page])
+    @categories = ProductCategory.on_level(params[:level])
   end
  
   protected
@@ -25,24 +25,26 @@ class ContentViewerController &lt; ApplicationController
           return
         end
       end
-
-      # page not found, give error
-      if @page.nil?
-        render_not_found(@path)
-        return
-      end
     end
  
-    if !@page.display_to?(user)
-      if profile.display_info_to?(user) || !profile.visible?
-        message = _('You are not allowed to view this content. You can contact the owner of this profile to request access then.')
+    if !@page.nil? && !@page.display_to?(user)
+      if !profile.public?
+        private_profile_partial_parameters
+        render :template => 'profile/_private_profile.rhtml', :status => 403
+      else #if !profile.visible?
+        message = _('You are not allowed to view this content.')
+        message += ' ' + _('You can contact the owner of this profile to request access then.')
         render_access_denied(message)
-      elsif !profile.public?
-        redirect_to :controller => 'profile', :action => 'index', :profile => profile.identifier
       end
       return
     end
  
+    # page not found, give error
+    if @page.nil?
+      render_not_found(@path)
+      return
+    end
+
     if request.xhr? && params[:toolbar]
       render :partial => 'article_toolbar'
       return
@@ -368,18 +368,13 @@ class ProfileController &lt; PublicController
   end
  
   def private_profile
-    if profile.person?
-      @action = :add_friend
-      @message = _("The content here is available to %s's friends only.") % profile.short_name
-    else
-      @action = :join
-      @message = _('The contents in this community is available to members only.')
-    end
-    @no_design_blocks = true
+    private_profile_partial_parameters
   end
  
   def invisible_profile
-    render_access_denied(_("This profile is inaccessible. You don't have the permission to view the content here."), _("Oops ... you cannot go ahead here"))
+    unless profile.is_template?
+      render_access_denied(_("This profile is inaccessible. You don't have the permission to view the content here."), _("Oops ... you cannot go ahead here"))
+    end
   end
  
   def per_page
@@ -1284,7 +1284,7 @@ module ApplicationHelper
       (user.already_reported?(profile) ?
         content_tag('a', text, :class => klass + ' disabled comment-footer comment-footer-link', :title => already_reported_message) :
         link_to(text, url, :class => klass + ' comment-footer comment-footer-link', :title => report_profile_message)
-      ) + content_tag('span', ' | ', :class => 'comment-footer comment-footer-hide')
+      ) + content_tag('span', ' ', :class => 'comment-footer comment-footer-hide')
     end
   end
  
@@ -1337,11 +1337,12 @@ module ApplicationHelper
     counter = 0
     radios = klass.templates.map do |template|
       counter += 1
-      content_tag('li', labelled_radio_button(template.name, "#{field_name}[template_id]", template.id, counter==1))
+      content_tag('li', labelled_radio_button(link_to(template.name, template.url, :target => '_blank'), "#{field_name}[template_id]", template.id, counter==1))
     end.join("\n")
  
-    content_tag('div', content_tag('span', _('Template:')) +
-      content_tag('ul', radios, :style => 'list-style: none; padding-left: 0; margin-top: 0.5em;'),
+    content_tag('div', content_tag('label', _('Profile organization'), :for => 'template-options', :class => 'formlabel') +
+      content_tag('p', _('Your profile will be created according to the selected template. Click on the options to view them.'), :style => 'margin: 5px 15px;padding: 0px 10px;') +
+      content_tag('ul', radios, :style => 'list-style: none; padding-left: 20px; margin-top: 0.5em;'),
       :id => 'template-options',
       :style => 'margin-top: 1em'
     )
@@ -1410,4 +1411,16 @@ module ApplicationHelper
     options[:class] = "comment-footer comment-footer-link comment-footer-hide"
     expirable_content_reference content, action, text, url, options
   end
+
+  def private_profile_partial_parameters
+    if profile.person?
+      @action = :add_friend
+      @message = _("The content here is available to %s's friends only.") % profile.short_name
+    else
+      @action = :join
+      @message = _('The contents in this community is available to members only.')
+    end
+    @no_design_blocks = true
+  end
+
 end
@@ -3,4 +3,28 @@ module CatalogHelper
   include DisplayHelper
   include ManageProductsHelper
  
+  def breadcrumb(category)
+    start = link_to(_('Start'), {:action => 'index'})
+    ancestors = category.ancestors.map { |c| link_to(c.name, {:action => 'index', :level => c.id}) }.reverse
+    current_level = content_tag('strong', category.name)
+    all_items = [start] + ancestors + [current_level]
+    content_tag('div', all_items.join(' &rarr; '), :id => 'breadcrumb')
+  end
+
+  def category_link(category, sub = false)
+    count = profile.products.from_category(category).count
+    name = truncate(category.name, :length => 22 - count.to_s.size)
+    link_name = sub ? name : content_tag('strong', name)
+    link = link_to(link_name, {:action => 'index', :level => category.id}, :title => category.name)
+    content_tag('li', "#{link} (#{count})") if count > 0
+  end
+
+  def category_sub_links(category)
+    sub_categories = []
+    category.children.each do |sub_category|
+      sub_categories << category_link(sub_category, true)
+    end
+    content_tag('ul', sub_categories) if sub_categories.size > 1
+  end
+
 end
@@ -26,7 +26,7 @@ module ContentViewerHelper
       end
       title << content_tag('span',
         content_tag('span', show_date(article.published_at), :class => 'date') +
-        content_tag('span', [_(", by %s") % link_to(article.author_name, article.author.url)], :class => 'author') +
+        content_tag('span', [_(", by %s") % link_to(article.author_name, article.author_url)], :class => 'author') +
         content_tag('span', comments, :class => 'comments'),
         :class => 'created-at'
       )
@@ -8,6 +8,14 @@ module DisplayHelper
             opts
   end
  
+  def themed_path(file)
+    if File.exists?(File.join(Rails.root, 'public', theme_path, file))
+      File.join(theme_path, file)
+    else
+      file
+    end
+  end
+
   def image_link_to_product(product, opts={})
     return _('No product') unless product
     target = product_path(product)
@@ -52,8 +52,8 @@ module FolderHelper
     end
   end
  
-  def icon_for_new_article(type)
-    "icon-new icon-new%s" % type.constantize.icon_name
+  def icon_for_new_article(klass)
+    "icon-new icon-new%s" % klass.icon_name
   end
  
   def custom_options_for_article(article)
@@ -142,6 +142,38 @@ module FormsHelper
     content_tag('table',rows.join("\n"))
   end
  
+  def select_folder(label_text, field_id, collection, default_value=nil, html_options = {}, js_options = {})
+    root = profile ? profile.identifier : _("root")
+    labelled_form_field(
+      label_text,
+      select_tag(
+        field_id,
+        options_for_select(
+          [[root, '']] +
+          collection.collect {|f| [ root + '/' +  f.full_name, f.id ] },
+          default_value
+        ),
+        html_options.merge(js_options)
+      )
+    )
+  end
+
+  def select_profile_folder(label_text, field_id, profile, default_value='', html_options = {}, js_options = {})
+    result = labelled_form_field(
+      label_text,
+      select_tag(
+        field_id,
+        options_for_select(
+          [[profile.identifier, '']] +
+          profile.folders.collect {|f| [ profile.identifier + '/' +  f.full_name, f.id ] },
+          default_value
+        ),
+        html_options.merge(js_options)
+      )
+    )
+    return result
+  end
+
   def date_field(name, value, format = '%Y-%m-%d', datepicker_options = {}, html_options = {})
     datepicker_options[:disabled] ||= false
     datepicker_options[:alt_field] ||= ''
@@ -13,19 +13,20 @@ module LanguageHelper
  
   alias :calendar_date_select_language :tinymce_language
  
-  def language_chooser(environment, options = {})
-    return if environment.locales.size < 2
+  def language_chooser(environment=nil, options = {})
+    locales = environment.nil? ? Noosfero.locales : environment.locales
+    return if locales.size < 2
     current = language
     separator = options[:separator] || ' &mdash; '
  
     if options[:element] == 'dropdown'
       select_tag('lang', 
-        options_for_select(environment.locales.map{|code,name| [name, code]}, current),
+        options_for_select(locales.map{|code,name| [name, code]}, current),
         :onchange => "document.location.href= #{url_for(params.merge(:lang => 'LANGUAGE')).inspect}.replace(/LANGUAGE/, this.value) ;",
         :help => _('The language you choose here is the language used for options, buttons, etc. It does not affect the language of the content created by other users.')
       )
     else
-      languages = environment.locales.map do |code,name|
+      languages = locales.map do |code,name|
         if code == current
           content_tag('strong', name)
         else
@@ -48,7 +48,7 @@ class ApproveArticle &lt; Task
   end
  
   def perform
-     article.copy!(:name => name, :abstract => abstract, :body => body, :profile => target, :reference_article => article, :parent => article_parent, :highlighted => highlighted, :source => article.source)
+    article.copy!(:name => name, :abstract => abstract, :body => body, :profile => target, :reference_article => article, :parent => article_parent, :highlighted => highlighted, :source => article.source, :last_changed_by_id => article.author_id)
   end
  
   def title
@@ -13,10 +13,18 @@ class Article &lt; ActiveRecord::Base
   # xss_terminate plugin can't sanitize array fields
   before_save :sanitize_tag_list
  
+  before_create do |article|
+    if article.last_changed_by_id
+      article.author_name = Person.find(article.last_changed_by_id).name
+    end
+  end
+
   belongs_to :profile
   validates_presence_of :profile_id, :name
   validates_presence_of :slug, :path, :if => lambda { |article| !article.name.blank? }
  
+  validates_length_of :name, :maximum => 150
+
   validates_uniqueness_of :slug, :scope => ['profile_id', 'parent_id'], :message => N_('The title (article name) is already being used by another article, please use another title.'), :if => lambda { |article| !article.slug.blank? }
  
   belongs_to :last_changed_by, :class_name => 'Person', :foreign_key => 'last_changed_by_id'
@@ -289,7 +297,7 @@ class Article &lt; ActiveRecord::Base
     if last_comment
       {:date => last_comment.created_at, :author_name => last_comment.author_name, :author_url => last_comment.author_url}
     else
-      {:date => updated_at, :author_name => author.name, :author_url => author.url}
+      {:date => updated_at, :author_name => author_name, :author_url => author_url}
     end
   end
  
@@ -441,7 +449,7 @@ class Article &lt; ActiveRecord::Base
   end
  
   def allow_post_content?(user = nil)
-    user && (user.has_permission?('post_content', profile) || allow_publish_content?(user) && (user == self.creator))
+    user && (user.has_permission?('post_content', profile) || allow_publish_content?(user) && (user == author))
   end
  
   def allow_publish_content?(user = nil)
@@ -496,7 +504,6 @@ class Article &lt; ActiveRecord::Base
     :slug,
     :updated_at,
     :created_at,
-    :last_changed_by_id,
     :version,
     :lock_version,
     :type,
@@ -539,15 +546,24 @@ class Article &lt; ActiveRecord::Base
   end
  
   def author
-    if reference_article
-      reference_article.author
+    if versions.empty?
+      last_changed_by
     else
-      last_changed_by || profile
+      author_id = versions.first.last_changed_by_id
+      Person.exists?(author_id) ? Person.find(author_id) : nil
     end
   end
  
   def author_name
-    setting[:author_name].blank? ? author.name : setting[:author_name]
+    author ? author.name : (setting[:author_name] || _('Unknown'))
+  end
+
+  def author_url
+    author ? author.url : nil
+  end
+
+  def author_id
+    author ? author.id : nil
   end
  
   alias :active_record_cache_key :cache_key
@@ -572,11 +588,6 @@ class Article &lt; ActiveRecord::Base
     truncate sanitize_html(self.lead), :length => 170, :omission => '...'
   end
  
-  def creator
-    creator_id = versions[0][:last_changed_by_id]
-    creator_id && Profile.find(creator_id)
-  end
-
   def notifiable?
     false
   end
@@ -13,6 +13,16 @@ class Category &lt; ActiveRecord::Base
     {:conditions => ['parent_id is null and environment_id = ?', environment.id ]}
   }
  
+  named_scope :on_level, lambda { |parent| {:conditions => {:parent_id => parent}} }
+
+  named_scope :sub_categories, lambda { |category|
+    {:conditions => ['categories.path LIKE ? AND categories.id != ?', "%#{category.slug}%", category.id]}
+  }
+
+  named_scope :sub_tree, lambda { |category|
+    {:conditions => ['categories.path LIKE ?', "%#{category.slug}%"]}
+  }
+
   acts_as_filesystem
  
   has_many :article_categorizations, :dependent => :destroy
@@ -74,6 +74,10 @@ class Comment &lt; ActiveRecord::Base
     self.find(:all, :order => 'created_at desc, id desc', :limit => limit)
   end
  
+  def notification_emails
+    self.article.profile.notification_emails - [self.author_email || self.email]
+  end
+
   after_save :notify_article
   after_destroy :notify_article
   def notify_article
@@ -114,7 +118,7 @@ class Comment &lt; ActiveRecord::Base
  
   def notify_by_mail
     if source.kind_of?(Article) && article.notify_comments?
-      if !article.profile.notification_emails.empty?
+      if !notification_emails.empty?
         Comment::Notifier.deliver_mail(self)
       end
       emails = article.followers - [author_email]
@@ -174,7 +178,7 @@ class Comment &lt; ActiveRecord::Base
   class Notifier < ActionMailer::Base
     def mail(comment)
       profile = comment.article.profile
-      recipients profile.notification_emails
+      recipients comment.notification_emails
       from "#{profile.environment.name} <#{profile.environment.contact_email}>"
       subject _("[%s] you got a new comment!") % [profile.environment.name]
       body :recipient => profile.nickname || profile.name,
@@ -224,6 +228,7 @@ class Comment &lt; ActiveRecord::Base
   def spam!
     self.spam = true
     self.save!
+    SpammerLogger.log(ip_address, self)
     Delayed::Job.enqueue(CommentHandler.new(self.id, :marked_as_spam))
     self
   end
@@ -5,7 +5,7 @@ class EnterpriseHomepage &lt; Article
   end
  
   def self.short_description
-    __('Enterprise homepage.')
+    __('Enterprise homepage')
   end
  
   def self.description
@@ -233,8 +233,10 @@ class Environment &lt; ActiveRecord::Base
     settings[:message_for_member_invitation] || InviteMember.mail_template
   end
  
+  settings_items :min_signup_delay, :type => Integer, :default => 3 #seconds
   settings_items :activation_blocked_text, :type => String
-  settings_items :message_for_disabled_enterprise, :type => String
+  settings_items :message_for_disabled_enterprise, :type => String,
+                 :default => _('This enterprise needs to be enabled.')
   settings_items :location, :type => String
   settings_items :layout_template, :type => String, :default => 'default'
   settings_items :homepage, :type => String
@@ -38,7 +38,7 @@ class Event &lt; Article
   filter_iframes :body, :link, :address, :whitelist => lambda { profile && profile.environment && profile.environment.trusted_sites_for_iframe }
  
   def self.description
-    _('A calendar event')
+    _('A calendar event.')
   end
  
   def self.short_description
@@ -78,6 +78,8 @@ class Organization &lt; Profile
     country
     tag_list
     template_id
+    district
+    address_reference
   ]
  
   def self.fields
@@ -96,8 +98,8 @@ class Organization &lt; Profile
     []
   end
  
-  N_('Display name'); N_('Description'); N_('Contact person'); N_('Contact email'); N_('Acronym'); N_('Foundation year'); N_('Legal form'); N_('Economic activity'); N_('Management information'); N_('Tag list')
-  settings_items :display_name, :description, :contact_person, :contact_email, :acronym, :foundation_year, :legal_form, :economic_activity, :management_information
+  N_('Display name'); N_('Description'); N_('Contact person'); N_('Contact email'); N_('Acronym'); N_('Foundation year'); N_('Legal form'); N_('Economic activity'); N_('Management information'); N_('Tag list'); N_('District'); N_('Address reference')
+  settings_items :display_name, :description, :contact_person, :contact_email, :acronym, :foundation_year, :legal_form, :economic_activity, :management_information, :district, :address_reference
  
   validates_format_of :foundation_year, :with => Noosfero::Constants::INTEGER_FORMAT
   validates_format_of :contact_email, :with => Noosfero::Constants::EMAIL_FORMAT, :if => (lambda { |org| !org.contact_email.blank? })
@@ -67,6 +67,9 @@ class Person &lt; Profile
     :order => 'total DESC',
     :conditions => ['action_tracker.created_at >= ? OR action_tracker.id IS NULL', ActionTracker::Record::RECENT_DELAY.days.ago]
  
+  named_scope :abusers, :joins => :abuse_complaints, :conditions => ['tasks.status = 3'], :select => 'DISTINCT profiles.*'
+  named_scope :non_abusers, :joins => "LEFT JOIN tasks ON profiles.id = tasks.requestor_id AND tasks.type='AbuseComplaint'", :conditions => ["tasks.status != 3 OR tasks.id is NULL"], :select => "DISTINCT profiles.*"
+
   after_destroy do |person|
     Friendship.find(:all, :conditions => { :friend_id => person.id}).each { |friendship| friendship.destroy }
   end
@@ -144,6 +147,9 @@ class Person &lt; Profile
   contact_phone
   contact_information
   description
+  image
+  district
+  address_reference
   ]
  
   validates_multiparameter_assignments
@@ -198,8 +204,8 @@ class Person &lt; Profile
   N_('Education'); N_('Custom education'); N_('Custom area of study');
   settings_items :formation, :custom_formation, :custom_area_of_study
  
-  N_('Contact information'); N_('City'); N_('State'); N_('Country'); N_('Sex'); N_('Zip code')
-  settings_items :photo, :contact_information, :sex, :city, :state, :country, :zip_code
+  N_('Contact information'); N_('City'); N_('State'); N_('Country'); N_('Sex'); N_('Zip code'); N_('District'); N_('Address reference')
+  settings_items :photo, :contact_information, :sex, :city, :state, :country, :zip_code, :district, :address_reference
  
   extend SetProfileRegionFromCityState::ClassMethods
   set_profile_region_from_city_state
@@ -440,6 +446,10 @@ class Person &lt; Profile
     abuse_report.save!
   end
  
+  def abuser?
+    AbuseComplaint.finished.where(:requestor_id => self).count > 0
+  end
+
   def control_panel_settings_button
     {:title => _('Edit Profile'), :icon => 'edit-profile'}
   end
@@ -23,6 +23,10 @@ class Product &lt; ActiveRecord::Base
  
   named_scope :more_recent, :order => "created_at DESC"
  
+  named_scope :from_category, lambda { |category|
+    {:joins => :product_category, :conditions => ['categories.path LIKE ?', "%#{category.slug}%"]} if category
+  }
+
   after_update :save_image
  
   def lat
@@ -141,6 +141,10 @@ class Profile &lt; ActiveRecord::Base
  
   acts_as_having_settings :field => :data
  
+  def settings
+    data
+  end
+
   settings_items :redirect_l10n, :type => :boolean, :default => false
   settings_items :public_content, :type => :boolean, :default => true
   settings_items :description
@@ -229,7 +233,7 @@ class Profile &lt; ActiveRecord::Base
     if myregion
       myregion.hierarchy.reverse.first(2).map(&:name).join(separator)
     else
-      %w[address city state country_name zip_code ].map {|item| (self.respond_to?(item) && !self.send(item).blank?) ? self.send(item) : nil }.compact.join(separator)
+      %w[address district city state country_name zip_code ].map {|item| (self.respond_to?(item) && !self.send(item).blank?) ? self.send(item) : nil }.compact.join(separator)
     end
   end
  
@@ -463,6 +467,10 @@ class Profile &lt; ActiveRecord::Base
     { :profile => identifier, :controller => 'profile_editor', :action => 'index' }
   end
  
+  def tasks_url
+    { :profile => identifier, :controller => 'tasks', :action => 'index', :host => default_hostname }
+  end
+
   def leave_url(reload = false)
     { :profile => identifier, :controller => 'profile', :action => 'leave', :reload => reload }
   end
@@ -694,7 +702,7 @@ private :generate_url, :url_options
   def custom_footer_expanded
     footer = custom_footer
     if footer
-      %w[contact_person contact_email contact_phone location address economic_activity city state country zip_code].each do |att|
+      %w[contact_person contact_email contact_phone location address district address_reference economic_activity city state country zip_code].each do |att|
         if self.respond_to?(att) && footer.match(/\{[^{]*#{att}\}/)
           if !self.send(att).nil? && !self.send(att).blank?
             footer = footer.gsub(/\{([^{]*)#{att}\}/, '\1' + self.send(att))
@@ -5,11 +5,11 @@ class RawHTMLArticle &lt; TextArticle
   end
  
   def self.short_description
-    _('Raw HTML text article.')
+    _('Raw HTML text article')
   end
  
   def self.description
-    _('Allows HTML without filter (only for admins)')
+    _('Allows HTML without filter (only for admins).')
   end
  
   xss_terminate :only => [  ]
@@ -0,0 +1,24 @@
+class SpammerLogger < Logger
+  @logpath = File.join(Rails.root, 'log', "#{ENV['RAILS_ENV']}_spammers.log")
+  @logger = new(@logpath)
+
+  def self.log(spammer_ip, object=nil)
+    if object
+      if object.kind_of?(Comment)
+        @logger << "[#{Time.now.strftime("%F %T %z")}] Comment-id: #{object.id} IP: #{spammer_ip}\n"
+      end
+    else
+        @logger << "[#{Time.now.strftime("%F %T %z")}] IP: #{spammer_ip}\n"
+    end
+  end
+
+  def self.clean_log
+    File.delete(@logpath) if File.exists?(@logpath)
+  end
+
+  def self.reload_log
+    clean_log
+    @logger = new(@logpath)
+  end
+
+end
@@ -267,7 +267,10 @@ class Task &lt; ActiveRecord::Base
   end
  
   named_scope :pending, :conditions => { :status =>  Task::Status::ACTIVE }
-  named_scope :finished, :conditions => { :status =>  [Task::Status::CANCELLED, Task::Status::FINISHED] }
+  named_scope :hidden, :conditions => { :status =>  Task::Status::HIDDEN }
+  named_scope :finished, :conditions => { :status =>  Task::Status::FINISHED }
+  named_scope :canceled, :conditions => { :status =>  Task::Status::CANCELLED }
+  named_scope :closed, :conditions => { :status =>  [Task::Status::CANCELLED, Task::Status::FINISHED] }
   named_scope :opened, :conditions => { :status =>  [Task::Status::ACTIVE, Task::Status::HIDDEN] }
   named_scope :of, lambda { |type| conditions = type ? "type LIKE '#{type}'" : "1=1"; {:conditions =>  [conditions]} }
   named_scope :order_by, lambda { |attribute, ord| {:order => "#{attribute} #{ord}"} }
@@ -14,7 +14,7 @@ class TaskMailer &lt; ActionMailer::Base
  
     recipients task.target.notification_emails
  
-    url_for_tasks_list = task.target.kind_of?(Environment) ? '' : url_for(task.target.url.merge(:controller => 'tasks', :action => 'index'))
+    url_for_tasks_list = task.target.kind_of?(Environment) ? '' : url_for(task.target.tasks_url)
  
     from self.class.generate_from(task)
     subject '[%s] %s' % [task.environment.name, task.target_notification_description]
 class TinyMceArticle < TextArticle
  
   def self.short_description
-    _('Text article with visual editor.')
+    _('Text article with visual editor')
   end
  
   def self.description
@@ -31,7 +31,7 @@ class User &lt; ActiveRecord::Base
   after_create do |user|
     user.person ||= Person.new
     user.person.attributes = user.person_data.merge(:identifier => user.login, :user => user, :environment_id => user.environment_id)
-    user.person.name ||= user.login
+    user.person.name ||= user.name
     user.person.visible = false unless user.activated?
     user.person.save!
     if user.environment.enabled?('skip_new_user_email_confirmation')
-<%= error_messages_for :user, :person %>
+<% if @block_bot %>
+  <div class="atention" style="font-size: 150%;">
+    <strong><%=_('Are you a robot?')%></strong> <br />
+    <%=_('Please, prove that you are human by filling the captcha.')%>
+  </div>
+<% end %>
+
+<% @profile_data = @person %>
+
+<%= error_messages_for :user, :person, :header_message => _('The account could not be created') %>
+
+<% labelled_form_for :user, @user, :html => { :multipart => true, :id => 'signup-form', :honeypot => true } do |f| %>
  
-<% labelled_form_for :user, @user, :html => { :multipart => true, :id => 'signup-form' } do |f| %>
+<input type="hidden" id="signup_time_key" name="signup_time_key" />
+<script type="text/javascript">
+  jQuery.ajax({
+    type: "POST",
+    url: "<%= url_for :controller=>'account', :action=>'signup_time' %>",
+    dataType: 'json',
+    success: function(data) {
+      if (data.ok) jQuery('#signup_time_key').val(data.key);
+    }
+  });
+</script>
  
 <%= hidden_field_tag :invitation_code, @invitation_code %>
  
 <div id='signup-form-header'>
  
-  <span id="signup-domain"><%= environment.default_hostname %>/</span>
-  <div id='signup-login'>
-    <div id='signup-login-field'>
-      <%= required f.text_field(:login, :onchange => 'this.value = convToValidLogin(this.value);', :rel => s_('signup|Login')) %>
-      <div id='url-check'><p>&nbsp;</p></div>
+  <div id='signup-formfield-group'>
+    <%= label(:user, :login, _('Username'), {:class => 'formlabel'}) %>
+    <span id="signup-domain"><%= environment.default_hostname %>/</span>
+    <div id='signup-login'>
+      <div id='signup-login-field' class='formfield'>
+        <%= required text_field(:user, :login, :id => 'user_login', :onchange => 'this.value = convToValidLogin(this.value);') %>
+        <div id='url-check'><p>&nbsp;</p></div>
+      </div>
+      <%= content_tag(:small, _('Choose your login name carefully! It will be your network access and you will not be able to change it later.'), :id => 'signup-balloon') %>
+      <br style="clear: both;" />
     </div>
-    <%= content_tag(:small, _('Choose your login name carefully! It will be your network access and you will not be able to change it later.'), :id => 'signup-balloon') %>
-    <br style="clear: both;" />
   </div>
   <%= observe_field 'user_login',
         :url => { :action => 'check_url' },
@@ -26,20 +50,19 @@
  
   <div id='signup-password'>
     <%= required f.password_field(:password, :id => 'user_pw') %>
-    <%= f.text_field(:password_clear, :value => _('password')) %>
     <%= content_tag(:small,_('Choose a password that you can remember easily. It must have at least 4 characters.'), :id => 'password-balloon') %>
     <div id='fake-check'><p>&nbsp;</p></div>
   </div>
  
   <div id='signup-password-confirmation'>
     <%= required f.password_field(:password_confirmation) %>
-    <%= f.text_field(:password_confirmation_clear, :value => _('password confirmation')) %>
+    <%= content_tag(:small,_('We need to be sure that you filled in your password correctly. Confirm you password.'), :id => 'password-confirmation-balloon') %>
     <div id='password-check'><p>&nbsp;</p></div>
   </div>
  
   <div id='signup-email'>
-    <%= required f.text_field(:email, :rel => _('e-Mail')) %>
-    <%= content_tag(:small,_('This e-mail address will be used to contact you.')) %>
+    <%= required f.text_field(:email) %>
+    <%= content_tag(:small,_('This e-mail address will be used to contact you.'), :id => 'email-balloon') %>
     <div id='email-check'><p>&nbsp;</p></div>
   </div>
   <%= observe_field "user_email",
@@ -62,21 +85,23 @@
                       }"
   %>
  
-  <%= label :profile_data, :name %>
-  <%= required text_field(:profile_data, :name, :rel => _('Full name')) %>
+  <div id='signup-name'>
+    <%= labelled_form_field(_('Full name'), text_field(:profile_data, :name)) %>
+    <%= content_tag(:small,_('Tell us your name, it will be used to identify yourself.'), :id => 'name-balloon') %>
+  </div>
  
 </div>
  
 <div id="signup-form-profile">
  
-  <%= template_options(Person, 'profile_data') %>
-
   <% labelled_fields_for :profile_data, @person do |f| %>
     <%= render :partial => 'profile_editor/person_form', :locals => {:f => f} %>
   <% end %>
  
   <%= @plugins.dispatch(:signup_extra_contents).collect { |content| instance_eval(&content) }.join("") %>
  
+  <%= template_options(Person, 'profile_data') %>
+
   <% unless @terms_of_use.blank? %>
     <div id='terms-of-use-box' class='formfieldline'>
       <%= labelled_check_box(_('I accept the %s') % link_to(_('terms of use'), {:controller => 'home', :action => 'terms'}, :target => '_blank'), 'user[terms_accepted]') %>
@@ -91,6 +116,8 @@
   <% end %>
 </div>
  
+<%= recaptcha_tags :ajax => true, :display => {:theme => 'clean'} if @block_bot %>
+
 <p style="text-align: center">
   <%= submit_button('save', _('Create my account')) %>
 </p>
@@ -99,70 +126,59 @@
  
 <script type="text/javascript">
 jQuery(function($) {
+
+  $('#signup-form #user_login').css('width', 335 - $('#signup-domain').outerWidth());
+
   $('#signup-form input[type=text], #signup-form textarea').each(function() {
-    if ($(this).attr('rel')) var default_value = $(this).attr('rel').toLowerCase();
-    if ($(this).val() == '') $(this).val(default_value);
-    $(this).bind('focus', function() {
-      if ($(this).val() == default_value) $(this).val('');
-    });
     $(this).bind('blur', function() {
       if ($(this).val() == '') {
-        $(this).val(default_value);
         $(this).removeClass('filled-in');
       }
       else $(this).addClass('filled-in');
     });
   });
  
-  $('#signup-form').bind('submit', function() {
-    $('#signup-form input[type=text], #signup-form textarea').each(function() {
-      if ($(this).attr('rel')) var default_value = $(this).attr('rel').toLowerCase();
-      if ($(this).val() == default_value) $(this).val('');
-    });
-    return true;
-  });
-
-  $('#user_password_clear, #user_password_confirmation_clear').show();
-  $('#user_password_clear, #user_password_confirmation_clear').unbind();
-  $('#user_pw, #user_password_confirmation').hide();
-  $('#user_password_clear').focus(function() {
-    $(this).hide();
-    $('#user_pw').show();
-    $('#user_pw').focus();
-  });
   $('#user_pw').focus(function() {
     $('#password-balloon').fadeIn('slow');
   });
-  $('#user_pw').blur(function() {
-    if ($(this).val() == '') {
-      $('#user_password_clear').show();
-      $(this).hide();
-    }
-  });
-  $('#user_password_confirmation_clear').focus(function() {
-    $(this).hide();
-    $('#user_password_confirmation').show();
-    $('#user_password_confirmation').focus();
+  $('#user_password_confirmation').focus(function() {
+    $('#password-confirmation-balloon').fadeIn('slow');
   });
   $('#user_password_confirmation, #user_pw').blur(function() {
-    if ($('#user_password_confirmation').val() == '') {
-      $('#user_password_confirmation_clear').show();
-      $('#user_password_confirmation').hide();
-    } else if ($('#user_password_confirmation').val() == $('#user_pw').val()) {
-      $('#user_password_confirmation').addClass('validated').removeClass('invalid');
-      $('#user_pw').removeClass('invalid_input').addClass('valid_input');
-      $('#password-check').html("<p>&nbsp;</p>");
-    } else if ($('#user_password_confirmation').val() != $('#user_pw').val()) {
-      $('#user_password_confirmation').removeClass('validated').addClass('invalid');
-      $('#user_pw').addClass('invalid_input').removeClass('valid_input');
-      $('#password-check').html("<p><span class='invalid'><%= _('Passwords don\'t match') %></span></p>");
+    if ($('#user_password_confirmation').val() != '') {
+      if ($('#user_password_confirmation').val() == $('#user_pw').val()) {
+        $('#user_password_confirmation').addClass('validated').removeClass('invalid');
+        $('#user_pw').removeClass('invalid_input').addClass('valid_input');
+        $('#password-check').html("<p>&nbsp;</p>");
+      } else if ($('#user_password_confirmation').val() != $('#user_pw').val()) {
+        $('#user_password_confirmation').removeClass('validated').addClass('invalid');
+        $('#user_pw').addClass('invalid_input').removeClass('valid_input');
+        $('#password-check').html("<p><span class='invalid'><%= _('Passwords don\'t match') %></span></p>");
+      }
     }
     $('#password-balloon').fadeOut('slow');
+    $('#password-confirmation-balloon').fadeOut('slow');
   });
   $('#user_login').focus(function() {
     $('#signup-balloon').fadeIn('slow');
   });
   $('#user_login').blur(function() { $('#signup-balloon').fadeOut('slow'); });
   $('#signup-form').validate({ rules: { 'user[email]': { email: true } }, messages: { 'user[email]' : '' } });
+  $('#user_email').focus(function() {
+    $('#email-balloon').fadeIn('slow');
+  });
+  $('#user_email').blur(function() {
+    $('#email-balloon').fadeOut('slow');
+  });
+  $('#profile_data_name').focus(function() {
+    $('#name-balloon').fadeIn('slow');
+  });
+  $('#profile_data_name').blur(function() {
+    $('#name-balloon').fadeOut('slow');
+    if ($(this).val() == '') {
+      $(this).removeClass('validated');
+    }
+    else $(this).addClass('validated');
+  });
 });
 </script>
 <% extra_content = [] %>
 <% extra_content_list = [] %>
  
-<ul id="product-list">
-  <li><h1><%= _('Products/Services') %></h1></li>
+<h1><%= _('Products/Services') %></h1>
  
+<%= breadcrumb(@category) if params[:level] %>
+
+<div class='l-sidebar-left-bar'>
+  <ul>
+    <% if @categories.size > 0 %>
+      <% @categories.each do |category| %>
+        <%= category_link(category) %>
+        <%= category_sub_links(category) %>
+      <% end %>
+    <% else %>
+      <%= content_tag('li', _('There are no sub-categories for %s') % @category.name, :style => 'color: #555753; padding-bottom: 0.5em;') %>
+    <% end %>
+  </ul>
+</div>
+
+<ul id="product-list" class="l-sidebar-left-content">
   <% @products.each do |product| %>
     <% extra_content = @plugins.dispatch(:catalog_item_extras, product).collect { |content| instance_eval(&content) } %>
     <% extra_content_list = @plugins.dispatch(:catalog_list_item_extras, product).collect { |content| instance_eval(&content) } %>
  
-    <li class="product <%= "not-available" unless product.available %>">
+    <% status = [] %>
+    <% status << 'not-available' if !product.available %>
+    <% status << 'highlighted' if product.highlighted %>
+
+    <li id="product-<%= product.id %>" class="product <%= status.join(' ') %>">
       <ul>
         <li class="product-image-link">
+          <% if product.highlighted? %>
+            <%= link_to image_tag(themed_path('/images/star.png'), :class => 'star', :alt => _('Highlighted product')), product_path(product) %>
+          <% end %>
           <% if product.image %>
             <div class="zoomable-image">
               <%= link_to_product product, :class => 'product-big', :style => "background-image: url(#{product.default_image(:big)})" %>
@@ -4,7 +4,7 @@
  
 <%= render :file => 'shared/tiny_mce' %>
  
-<%= required f.text_field(:name, :size => '64', :onchange => "updateUrlField(this, 'article_slug')") %>
+<%= required f.text_field(:name, :size => '64', :maxlength => 150, :onchange => "updateUrlField(this, 'article_slug')") %>
  
 <%= render :partial => 'general_fields' %>
  
@@ -3,7 +3,7 @@
 <%# TODO add Textile help here %>
 <%= render :file => 'shared/tiny_mce' %>
  
-<%= required f.text_field('name', :size => '64') %>
+<%= required f.text_field('name', :size => '64', :maxlength => 150) %>
  
 <%= render :partial => 'general_fields' %>
 <%= render :partial => 'translatable' %>
 <%= required_fields_message %>
  
-<%= required f.text_field('name', :size => '64') %>
+<%= required f.text_field('name', :size => '64', :maxlength => 150) %>
 <%= render :partial => 'general_fields' %>
  
 <%= labelled_form_field(_('Description:'), text_area(:article, :body, :rows => 3, :cols => 64)) %>
@@ -4,7 +4,7 @@
  
 <%= render :file => 'shared/tiny_mce' %>
  
-<%= required f.text_field(:name, :size => '64', :onchange => "updateUrlField(this, 'article_slug')") %>
+<%= required f.text_field(:name, :size => '64', :maxlength => 150, :onchange => "updateUrlField(this, 'article_slug')") %>
  
 <%= render :partial => 'general_fields' %>
  
 <%= required_fields_message %>
  
-<%= required f.text_field('name', :size => '64') %>
+<%= required f.text_field('name', :size => '64', :maxlength => 150) %>
  
 <%= render :partial => 'general_fields' %>
  
-<%= f.text_field 'name', :size => '64' %>
+<%= f.text_field 'name', :size => '64', :maxlength => 150 %>
 <%= render :partial => 'general_fields' %>
  
 <p><%= _('This is a republication of "%s", by %s.') % [link_to(h(@article.reference_article.name), @article.reference_article.url), @article.reference_article.profile.name] %></p>
 <%= required_fields_message %>
  
-<%= required labelled_form_field(_('Title'), text_field(:article, 'name', :size => '64')) %>
+<%= required labelled_form_field(_('Title'), text_field(:article, 'name', :size => '64', :maxlength => 150)) %>
  
 <%= render :partial => 'general_fields' %>
 <%= render :partial => 'translatable' %>
@@ -2,7 +2,7 @@
  
 <%# TODO add Textile help here %>
  
-<%= required labelled_form_field(_('Title'), text_field(:article, 'name', :size => '72')) %>
+<%= required labelled_form_field(_('Title'), text_field(:article, 'name', :size => '72', :maxlength => 150)) %>
  
 <%= render :partial => 'general_fields' %>
 <%= render :partial => 'translatable' %>
@@ -3,7 +3,7 @@
 <%= render :file => 'shared/tiny_mce' %>
  
 <div>
-  <%= required labelled_form_field(_('Title'), text_field(:article, 'name', :size => '64')) %>
+  <%= required labelled_form_field(_('Title'), text_field(:article, 'name', :size => '64', :maxlength => 150)) %>
  
   <%= render :partial => 'general_fields' %>
   <%= render :partial => 'translatable' %>
@@ -2,9 +2,9 @@
  
 <ul id="article_types">
   <% for type in @article_types %>
-    <% action = type[:name] == 'UploadedFile' ? {:action => 'upload_files'} : {:action => 'new', :type => type[:name]} %>
+    <% action = type[:class].name == 'UploadedFile' ? {:action => 'upload_files'} : {:action => 'new', :type => type[:class].name} %>
     <% content_tag('a', :href => url_for(action.merge(:parent_id => @parent_id, :back_to => @back_to))) do %>
-      <li class="<%= icon_for_new_article(type[:name]) %>" onmouseover="javascript: jQuery(this).addClass('mouseover')" onmouseout="jQuery(this).removeClass('mouseover')">
+      <li class="<%= icon_for_new_article(type[:class]) %>" onmouseover="javascript: jQuery(this).addClass('mouseover')" onmouseout="jQuery(this).removeClass('mouseover')">
         <strong><%= type[:short_description] %></strong>
         <div class='description'><%= type[:description] %></div>
       </li>
@@ -34,11 +34,11 @@
         <%= expirable_button @page, :locale, content, url %>
       <% end %>
  
-      <%= colorbox_button(:new, label_for_new_article(@page), profile.admin_url.merge(:controller => 'cms', :action => 'new', :parent_id => (@page.folder? ? @page : (@page.parent.nil? ? nil : @page.parent)))) %>
+      <%= colorbox_button(:new, label_for_new_article(@page), profile.admin_url.merge(:controller => 'cms', :action => 'new', :parent_id => (@page.folder? ? @page : (@page.parent.nil? ? nil : @page.parent)))) unless remove_content_button(:new) %>
     <% end %>
  
     <% if @page.accept_uploads? && @page.allow_create?(user) %>
-      <%= button('upload-file', _('Upload files'), profile.admin_url.merge(:controller => 'cms', :action => 'upload_files', :parent_id => (@page.folder? ? @page : @page.parent))) %>
+      <%= button('upload-file', _('Upload files'), profile.admin_url.merge(:controller => 'cms', :action => 'upload_files', :parent_id => (@page.folder? ? @page : @page.parent))) unless remove_content_button(:upload)%>
     <% end %>
  
     <% if !@page.allow_create?(user) && profile.community? && (@page.blog? || @page.parent && @page.parent.blog?) && !remove_content_button(:suggest) %>
@@ -9,7 +9,7 @@
   <div class='profile-activity-lead'>
     <div class='article-name'><%= link_to(activity.params['name'], activity.params['url']) %></div>
     <span title='<%= activity.target.class.short_description %>' class='profile-activity-icon icon-new icon-new<%= activity.target.class.icon_name %>'></span>
-    <%= image_tag(activity.params['first_image']) unless activity.params['first_image'].blank? %><%= strip_tags(truncate(activity.params['lead'], :length => 1000, :ommision => '...')).gsub(/(\xA0|\xC2|\s)+/, ' ').gsub(/^\s+/, '') %> <small><%= link_to(_('See more'), activity.params['url']) unless activity.get_lead.blank? %></small>
+    <%= image_tag(activity.params['first_image']) unless activity.params['first_image'].blank? %><%= strip_tags(truncate(activity.params['lead'], :length => 1000, :ommision => '...')).gsub(/(\xC2\xA0|\s)+/, ' ').gsub(/^\s+/, '') %> <small><%= link_to(_('See more'), activity.params['url']) unless activity.get_lead.blank? %></small>
   </div>
   <%= content_tag(:p, link_to(_('See complete forum'), activity.get_url), :class => 'see-forum') if activity.target.is_a?(Forum) %>
   <p class='profile-activity-time'><%= time_ago_as_sentence(activity.created_at) %></p>
@@ -5,7 +5,7 @@
 <% cache_timeout(profile.communities_cache_key(params), 4.hour) do %>
   <ul class='profile-list'>
   <% @communities.each do |community| %>
-    <li><%= profile_image_link(community)%></li>
+    <%= profile_image_link(community)%>
   <% end %>
   </ul>
  
@@ -21,6 +21,8 @@
 <%= optional_field(@person, 'city', f.text_field(:city, :rel => _('City'))) %>
 <%= optional_field(@person, 'zip_code', labelled_form_field(_('ZIP code'), text_field(:profile_data, :zip_code, :rel => _('ZIP code')))) %>
 <%= optional_field(@person, 'address', labelled_form_field(_('Address (street and number)'), text_field(:profile_data, :address, :rel => _('Address')))) %>
+<%= optional_field(@person, 'address_reference', labelled_form_field(_('Address reference'), text_field(:profile_data, :address_reference, :rel => _('Address reference')))) %>
+<%= optional_field(@person, 'district', labelled_form_field(_('District'), text_field(:profile_data, :district, :rel => _('District')))) %>
  
 <% optional_field(@person, 'schooling') do %>
   <div class="formfieldline">
-<% extra_content = @plugins.dispatch(:asset_product_extras, product, product.enterprise).collect { |content| instance_eval(&content) } %>
+<% extra_content = @plugins.dispatch(:asset_product_extras, product).collect { |content| instance_eval(&content) } %>
 <% extra_properties = @plugins.dispatch(:asset_product_properties, product)%>
  
-<li class="search-product-item">
+<li class="search-product-item <%= 'highlighted' if product.highlighted? %>">
  
   <div class="search-product-item-first-column">
     <%= render :partial => 'search/image', :object => product %>
@@ -10,6 +10,8 @@
 <%= optional_field(profile, 'economic_activity', f.text_field(:economic_activity)) %>
 <%= optional_field(profile, 'management_information', f.text_area(:management_information, :rows => 5)) %>
 <%= optional_field(profile, 'address', labelled_form_field(_('Address (street and number)'), text_field(object_name, :address))) %>
+<%= optional_field(profile, 'address_reference', labelled_form_field(_('Address reference'), text_field(object_name, :address_reference))) %>
+<%= optional_field(profile, 'district', labelled_form_field(_('District'), text_field(object_name, :district))) %>
 <%= optional_field(profile, 'zip_code', labelled_form_field(_('ZIP code'), text_field(object_name, :zip_code))) %>
 <%= optional_field(profile, 'city', f.text_field(:city)) %>
 <%= optional_field(profile, 'state', f.text_field(:state)) %>
@@ -3,4 +3,5 @@ require &#39;noosfero/plugin/hot_spot&#39;
 require 'noosfero/plugin/manager'
 require 'noosfero/plugin/active_record'
 require 'noosfero/plugin/mailer_base'
+require 'noosfero/plugin/settings'
 Noosfero::Plugin.init_system if $NOOSFERO_LOAD_PLUGINS
@@ -0,0 +1,39 @@
+class AggressiveIndexingStrategy3 < ActiveRecord::Migration
+  def self.up
+    add_index :articles, :slug
+    add_index :articles, :parent_id
+    add_index :articles, :profile_id
+    add_index :articles, :name
+
+    add_index :article_versions, :article_id
+
+    add_index :comments, [:source_id, :spam]
+
+    add_index :profiles, :identifier
+
+    add_index :friendships, :person_id
+    add_index :friendships, :friend_id
+    add_index :friendships, [:person_id, :friend_id], :uniq => true
+
+    add_index :external_feeds, :blog_id
+  end
+
+  def self.down
+    remove_index :articles, :slug
+    remove_index :articles, :parent_id
+    remove_index :articles, :profile_id
+    remove_index :articles, :name
+
+    remove_index :article_versions, :article_id
+
+    remove_index :comments, [:source_id, :spam]
+
+    remove_index :profiles, :identifier
+
+    remove_index :friendships, :person_id
+    remove_index :friendships, :friend_id
+    remove_index :friendships, [:person_id, :friend_id]
+
+    remove_index :external_feeds, :blog_id
+  end
+end
@@ -9,7 +9,7 @@
 #
 # It's strongly recommended to check this file into your version control system.
  
-ActiveRecord::Schema.define(:version => 20121008185303) do
+ActiveRecord::Schema.define(:version => 20130111232201) do
  
   create_table "abuse_reports", :force => true do |t|
     t.integer  "reporter_id"
@@ -88,6 +88,8 @@ ActiveRecord::Schema.define(:version =&gt; 20121008185303) do
     t.integer  "license_id"
   end
  
+  add_index "article_versions", ["article_id"], :name => "index_article_versions_on_article_id"
+
   create_table "articles", :force => true do |t|
     t.string   "name"
     t.string   "slug"
@@ -129,6 +131,10 @@ ActiveRecord::Schema.define(:version =&gt; 20121008185303) do
     t.integer  "license_id"
   end
  
+  add_index "articles", ["name"], :name => "index_articles_on_name"
+  add_index "articles", ["parent_id"], :name => "index_articles_on_parent_id"
+  add_index "articles", ["profile_id"], :name => "index_articles_on_profile_id"
+  add_index "articles", ["slug"], :name => "index_articles_on_slug"
   add_index "articles", ["translation_of_id"], :name => "index_articles_on_translation_of_id"
  
   create_table "articles_categories", :id => false, :force => true do |t|
@@ -217,6 +223,8 @@ ActiveRecord::Schema.define(:version =&gt; 20121008185303) do
     t.string   "referrer"
   end
  
+  add_index "comments", ["source_id", "spam"], :name => "index_comments_on_source_id_and_spam"
+
   create_table "contact_lists", :force => true do |t|
     t.text     "list"
     t.string   "error_fetching"
@@ -280,6 +288,7 @@ ActiveRecord::Schema.define(:version =&gt; 20121008185303) do
     t.integer  "update_errors", :default => 0
   end
  
+  add_index "external_feeds", ["blog_id"], :name => "index_external_feeds_on_blog_id"
   add_index "external_feeds", ["enabled"], :name => "index_external_feeds_on_enabled"
   add_index "external_feeds", ["fetched_at"], :name => "index_external_feeds_on_fetched_at"
  
@@ -295,6 +304,10 @@ ActiveRecord::Schema.define(:version =&gt; 20121008185303) do
     t.string   "group"
   end
  
+  add_index "friendships", ["friend_id"], :name => "index_friendships_on_friend_id"
+  add_index "friendships", ["person_id", "friend_id"], :name => "index_friendships_on_person_id_and_friend_id"
+  add_index "friendships", ["person_id"], :name => "index_friendships_on_person_id"
+
   create_table "images", :force => true do |t|
     t.integer "parent_id"
     t.string  "content_type"
@@ -446,6 +459,7 @@ ActiveRecord::Schema.define(:version =&gt; 20121008185303) do
   end
  
   add_index "profiles", ["environment_id"], :name => "index_profiles_on_environment_id"
+  add_index "profiles", ["identifier"], :name => "index_profiles_on_identifier"
   add_index "profiles", ["region_id"], :name => "index_profiles_on_region_id"
  
   create_table "qualifier_certifiers", :force => true do |t|
+noosfero (0.41.0) unstable; urgency=low
+
+  * Features version with anti spam-bot measures
+
+ -- Rodrigo Souto <rodrigo@colivre.coop.br>  Mon, 28 Jan 2013 10:20:21 +0000
+
+noosfero (0.40.0) unstable; urgency=low
+
+  * Features version release 
+
+ -- Rodrigo Souto <rodrigo@colivre.coop.br>  Sat, 19 Jan 2013 21:58:06 +0000
+
+noosfero (0.39.3) unstable; urgency=low
+
+  * Bugfixes release
+
+ -- Rodrigo Souto <rodrigo@colivre.coop.br>  Sat, 19 Jan 2013 19:27:04 +0000
+
+noosfero (0.39.2) unstable; urgency=low
+
+  * Bugfixes release
+
+ -- Rodrigo Souto <rodrigo@colivre.coop.br>  Sat, 12 Jan 2013 10:13:46 +0000
+
+noosfero (0.39.1) unstable; urgency=low
+
+  * Bugfixes release
+
+ -- Daniela Soares Feitosa <daniela@colivre.coop.br>  Thu, 20 Dec 2012 15:47:55 -0200
+
+noosfero (0.39.0) unstable; urgency=low
+
+  * Features version release
+
+ -- Daniela Soares Feitosa <daniela@colivre.coop.br>  Fri, 07 Dec 2012 09:53:42 -0200
+
 noosfero (0.39.0~1) UNRELEASED; urgency=low
  
   * Pre-release to test the antispam mechanism.
  
  -- Antonio Terceiro <terceiro@debian.org>  Thu, 30 Aug 2012 14:55:10 -0300
  
+noosfero (0.38.3) unstable; urgency=low
+
+  * Bugfixes release
+
+ -- Daniela Soares Feitosa <daniela@colivre.coop.br>  Wed, 07 Nov 2012 20:25:51 -0200
+
 noosfero (0.38.2) unstable; urgency=low
  
   * Bugfixes release
@@ -32,6 +32,8 @@ debian/solr.yml                   etc/noosfero
 debian/thin.yml                   etc/noosfero
 etc/logrotate.d/noosfero          etc/logrotate.d
 debian/noosfero.yml               etc/noosfero
+etc/noosfero/varnish-accept-language.vcl  etc/noosfero
+etc/noosfero/varnish-noosfero.vcl         etc/noosfero
  
 locale                            usr/share/noosfero
 doc/noosfero                      usr/share/noosfero/doc
 sub vcl_recv {
   if (req.request == "GET" || req.request == "HEAD") {
     if (req.http.Cookie) {
-      # We only care about the "_noosfero_session.*" cookie, used for
-      # authentication.
-      if (req.http.Cookie !~ "_noosfero_session.*" ) {
+      # We only care about the "_noosfero_.*" cookies, used by Noosfero
+      if (req.http.Cookie !~ "_noosfero_.*" ) {
         # strip all cookies
         unset req.http.Cookie;
       }
@@ -12,7 +12,7 @@ Feature: signup
       | Username              | josesilva             |
       | Password              | secret                |
       | Password confirmation | secret                |
-      | Name                  | José da Silva         |
+      | Full name             | José da Silva         |
     And I press "Create my account"
     Then I should not be logged in
     And I should receive an e-mail on josesilva@example.com
@@ -19,9 +19,10 @@ public/image_uploads
 public/thumbnails
 public/user_themes
 public/designs/themes/default
+public/designs/themes/*
 public/designs/icons/default
-public/javascripts/cache*.js
-public/stylesheets/cache*.css
+public/javascripts/cache*
+public/stylesheets/cache*
 public/plugins
 db/development.db
 db/production.db
@@ -2,7 +2,7 @@ require &#39;fast_gettext&#39;
  
 module Noosfero
   PROJECT = 'noosfero'
-  VERSION = '0.39.0~1'
+  VERSION = '0.41.0'
  
   def self.pattern_for_controllers_in_directory(dir)
     disjunction = controllers_in_directory(dir).join('|')
@@ -130,7 +130,7 @@ class Noosfero::Plugin
   end
  
   # -> Adds plugin-specific content types to CMS
-  # returns  = { content type class }
+  # returns  = [ContentClass1, ContentClass2, ...]
   def content_types
     nil
   end
@@ -161,7 +161,7 @@ class Noosfero::Plugin
  
   # -> Adds content to products on asset list
   # returns = lambda block that creates html code
-  def asset_product_extras(product, enterprise)
+  def asset_product_extras(product)
     nil
   end
  
@@ -384,7 +384,9 @@ class Noosfero::Plugin
   private
  
   def content_actions
-    %w[edit delete spread locale suggest home]
+    #FIXME 'new' and 'upload' only works for content_remove. It should work for
+    #content_expire too.
+    %w[edit delete spread locale suggest home new upload]
   end
  
 end
@@ -0,0 +1,45 @@
+class Noosfero::Plugin::Settings
+
+  def initialize(base, plugin, attributes = nil)
+    @base = base
+    @plugin = plugin
+    attributes ||= {}
+    attributes.each do |k,v|
+      self.send("#{k}=", v)
+    end
+  end
+
+  def settings
+    @base.settings["#{@plugin.public_name}_plugin".to_sym] ||= {}
+  end
+
+  def method_missing(method, *args, &block)
+    if method.to_s =~ /^(.+)=$/
+      set_setting($1, args.first)
+    elsif method.to_s =~ /^(.+)$/
+      get_setting($1)
+    end
+  end
+
+  def get_setting(name)
+    if settings[name.to_sym].nil?
+      if @plugin.respond_to?("#{name}_default_setting")
+        @plugin.send("#{name}_default_setting")
+      else
+        nil
+      end
+    else
+      settings[name.to_sym]
+    end
+  end
+
+  def set_setting(name, value)
+    settings[name.to_sym] = value
+  end
+
+  def save!
+    @base.save!
+  end
+
+end
+
@@ -0,0 +1,33 @@
+README - AntiSpam (AntiSpam Plugin)
+=======================================
+
+Plugin that checks comments against a spam checking service compatible
+with the Akismet API.
+
+
+Enable Plugin
+-------------
+
+Also, you need to enable AntiSpam Plugin at your Noosfero:
+
+cd <your_noosfero_dir>
+./script/noosfero-plugins enable anti_spam
+
+
+Activate Plugin
+-------------
+
+As a Noosfero administrator user, go to administrator panel:
+
+- Click on "Plugins" option
+- Click on "AntiSpam Plugin" check-box
+
+Configure Plugin
+----------------
+
+As a Noosfero administrator user, go to administrator panel:
+
+- Click on "Configuration" below the "AntiSpam Plugin"
+- Fill in the "API key" field with the key generated after signing up to
+  akismet: https://akismet.com/signup/
+- Save your changes
@@ -2,7 +2,7 @@ class AntiSpamPluginAdminController &lt; AdminController
   append_view_path File.join(File.dirname(__FILE__) + '/../views')
  
   def index
-    @settings = AntiSpamPlugin::Settings.new(environment, params[:settings])
+    @settings = Noosfero::Plugin::Settings.new(environment, AntiSpamPlugin, params[:settings])
     if request.post?
       @settings.save!
       redirect_to :action => 'index'
@@ -8,6 +8,10 @@ class AntiSpamPlugin &lt; Noosfero::Plugin
     _("Checks comments against a spam checking service compatible with the Akismet API")
   end
  
+  def self.host_default_setting
+    'api.antispam.typepad.com'
+  end
+
   def check_comment_for_spam(comment)
     if rakismet_call(comment, :spam?)
       comment.spam = true
@@ -26,7 +30,7 @@ class AntiSpamPlugin &lt; Noosfero::Plugin
   protected
  
   def rakismet_call(comment, op)
-    settings = AntiSpamPlugin::Settings.new(comment.environment)
+    settings = Noosfero::Plugin::Settings.new(comment.environment, self.class)
  
     Rakismet.host = settings.host
     Rakismet.key = settings.api_key
@@ -1,35 +0,0 @@
-class AntiSpamPlugin::Settings
-
-  def initialize(environment, attributes = nil)
-    @environment = environment
-    attributes ||= {}
-    attributes.each do |k,v|
-      self.send("#{k}=", v)
-    end
-  end
-
-  def settings
-    @environment.settings[:anti_spam_plugin] ||= {}
-  end
-
-  def host
-    settings[:host] ||= 'api.antispam.typepad.com'
-  end
-
-  def host=(value)
-    settings[:host] = value
-  end
-
-  def api_key
-    settings[:api_key]
-  end
-
-  def api_key=(value)
-    settings[:api_key] = value
-  end
-
-  def save!
-    @environment.save!
-  end
-
-end
@@ -1,115 +0,0 @@
-require 'benchmark'
-
-class AntiSpamPlugin::Spaminator
-
-  class << self
-    def run(environment)
-      instance = new(environment)
-      instance.run
-    end
-
-    def benchmark(environment)
-      puts Benchmark.measure { run(environment) }
-    end
-  end
-
-
-  def initialize(environment)
-    @environment = environment
-  end
-
-  def run
-    start_time = Time.now
-
-    process_all_comments
-    process_all_people
-    process_people_without_network
-
-    finish(start_time)
-  end
-
-  protected
-
-  def finish(start_time)
-    @environment.settings[:spaminator_last_run] = start_time
-    @environment.save!
-  end
-
-  def conditions(table)
-    last_run = @environment.settings[:spaminator_last_run]
-    if last_run
-      ["profiles.environment_id = ? AND #{table}.created_at > ?", @environment.id, last_run]
-    else
-      [ "profiles.environment_id = ?", @environment.id]
-    end
-  end
-
-  def process_all_comments
-    puts 'Processing comments ...'
-    i = 0
-    comments = Comment.joins("JOIN articles ON (comments.source_id = articles.id AND comments.source_type = 'Article') JOIN profiles ON (profiles.id = articles.profile_id)").where(conditions(:comments))
-    total = comments.count
-    comments.find_each do |comment|
-      puts "Comment #{i += 1}/#{total} (#{100*i/total}%)"
-      process_comment(comment)
-    end
-  end
-
-  def process_all_people
-    puts 'Processing people ...'
-    i = 0
-    people = Person.where(conditions(:profiles))
-    total = people.count
-    people.find_each do |person|
-      puts "Person #{i += 1}/#{total} (#{100*i/total}%)"
-      process_person(person)
-    end
-  end
-
-  def process_comment(comment)
-    comment.check_for_spam
-
-    # TODO several comments with the same content:
-    #   → disable author
-    #   → mark all of them as spam
-
-    # TODO check comments that contains URL's
-  end
-
-  def process_person(person)
-    # person is author of more than 2 comments marked as spam
-    #   → burn
-    #
-    number_of_spam_comments = Comment.spam.where(author_id => person.id).count
-    if number_of_spam_comments > 2
-      mark_as_spammer(person)
-    end
-  end
-
-  def process_people_without_network
-    # people who signed up more than one month ago, have no friends and <= 1
-    # communities
-    #
-    #   → burn
-    #   → mark their comments as spam
-    #
-    Person.where(:environment_id => @environment.id).where(['created_at < ?', Time.now - 1.month]).find_each do |person|
-      # TODO progress indicator - see process_all_people above
-      number_of_friends = person.friends.count
-      number_of_communities = person.communities.count
-      if number_of_friends == 0 && number_of_communities <= 1
-        mark_as_spammer(person)
-        Comment.where(:author_id => person.id).find_each do |comment|
-          comment.spam!
-        end
-      end
-    end
-  end
-
-  def mark_as_spammer(person)
-    # FIXME create an AbuseComplaint and finish instead of calling
-    # Person#disable directly
-    person.disable
-  end
-
-end
@@ -1,29 +0,0 @@
-require 'test_helper'
-
-class AntiSpamSettingsTest < ActiveSupport::TestCase
-
-  def setup
-    @environment = Environment.new
-    @settings = AntiSpamPlugin::Settings.new(@environment)
-  end
-
-  should 'store setttings in environment' do
-    @settings.host = 'foo.com'
-    @settings.api_key = '1234567890'
-    assert_equal 'foo.com', @environment.settings[:anti_spam_plugin][:host]
-    assert_equal '1234567890', @environment.settings[:anti_spam_plugin][:api_key]
-    assert_equal 'foo.com', @settings.host
-    assert_equal '1234567890', @settings.api_key
-  end
-
-  should 'save environment on save' do
-    @environment.expects(:save!)
-    @settings.save!
-  end
-
-  should 'use TypePad AntiSpam by default' do
-    assert_equal 'api.antispam.typepad.com', @settings.host
-  end
-
-
-end
@@ -1,53 +0,0 @@
-require 'test_helper'
-
-class AntiSpamPluginSpaminatorTest < ActiveSupport::TestCase
-
-  def setup
-    @environment = Environment.new
-    @environment.id = 99
-    @spaminator = AntiSpamPlugin::Spaminator.new(@environment)
-    @spaminator.stubs(:puts)
-    @now = Time.now
-    Time.stubs(:now).returns(@now)
-  end
-
-  should 'search everything in the first run' do
-    assert_equal(['profiles.environment_id = ?',99], @spaminator.send(:conditions, nil))
-  end
-
-  should 'search using recorded last date' do
-    @environment.settings[:spaminator_last_run] = @now
-    assert_equal(['profiles.environment_id = ? AND table.created_at > ?', 99, @now], @spaminator.send(:conditions, 'table'))
-  end
-
-  should 'record time of last run in environment' do
-    @spaminator.expects(:process_all_comments)
-    @spaminator.expects(:process_all_people)
-    @environment.stubs(:save!)
-    @spaminator.run
-    assert_equal @now, @environment.settings[:spaminator_last_run]
-  end
-
-  should 'find all comments' do
-    @spaminator.stubs(:process_comment)
-    @spaminator.send :process_all_comments
-  end
-
-  should 'find all people' do
-    @spaminator.stubs(:process_person)
-    @spaminator.send :process_all_people
-  end
-
-  should 'find all comments newer than a date' do
-    @environment.settings[:spaminator_last_run] = Time.now - 1.month
-    @spaminator.stubs(:process_comment)
-    @spaminator.send :process_all_comments
-  end
-
-  should 'find all people newer than a date' do
-    @environment.settings[:spaminator_last_run] = Time.now - 1.month
-    @spaminator.stubs(:process_person)
-    @spaminator.send :process_all_people
-  end
-
-end
@@ -7,7 +7,7 @@ class AntiSpamPluginTest &lt; ActiveSupport::TestCase
     article = fast_create(TextileArticle, :profile_id => profile.id)
     @comment = fast_create(Comment, :source_id => article.id, :source_type => 'Article')
  
-    @settings = AntiSpamPlugin::Settings.new(@comment.environment)
+    @settings = Noosfero::Plugin::Settings.new(@comment.environment, AntiSpamPlugin)
     @settings.api_key = 'b8b80ddb8084062d0c9119c945ce3bc3'
     @settings.save!
  
 require File.dirname(__FILE__) + '/../../../../test/test_helper'
 require File.dirname(__FILE__) + '/../../controllers/bsc_plugin_admin_controller'
-require File.dirname(__FILE__) + '/../../../../app/models/uploaded_file'
  
 # Re-raise errors caught by the controller.
 class BscPluginAdminController; def rescue_action(e) raise e end; end
 require File.dirname(__FILE__) + '/../../../../test/test_helper'
 require File.dirname(__FILE__) + '/../../controllers/bsc_plugin_myprofile_controller'
-require File.dirname(__FILE__) + '/../../../../app/models/uploaded_file'
  
 # Re-raise errors caught by the controller.
 class BscPluginMyprofileController; def rescue_action(e) raise e end; end
 require File.dirname(__FILE__) + '/../../../../../test/test_helper'
-require File.dirname(__FILE__) + '/../../../../../app/models/uploaded_file'
  
 class BscPlugin::AssociateEnterpriseTest < ActiveSupport::TestCase
   VALID_CNPJ = '94.132.024/0001-48'
 require File.dirname(__FILE__) + '/../../../../../test/test_helper'
-#require File.dirname(__FILE__) + '/../../../../../app/models/uploaded_file'
-#require File.dirname(__FILE__) + '/../../../lib/ext/enterprise'
  
 class BscPlugin::ContractTest < ActiveSupport::TestCase
   def setup
 require File.dirname(__FILE__) + '/../../../../../test/test_helper'
-require File.dirname(__FILE__) + '/../../../../../app/models/uploaded_file'
  
 class ProductTest < ActiveSupport::TestCase
   VALID_CNPJ = '94.132.024/0001-48'
+require 'rubygems'
 require 'savon'
 require 'googlecharts'
@@ -0,0 +1,320 @@
+require 'base64'
+
+class ShoppingCartPluginController < PublicController
+
+  include ShoppingCartPlugin::CartHelper
+  helper ShoppingCartPlugin::CartHelper
+
+  append_view_path File.join(File.dirname(__FILE__) + '/../views')
+  before_filter :login_required, :only => []
+
+  before_filter :login_required, :only => []
+
+  def get
+    config =
+      if cart.nil?
+        { 'enterprise_id' => nil, 'hasProducts' => false }
+      else
+        { 'enterprise_id' => cart[:enterprise_id], 'hasProducts' => (cart[:items].keys.size > 0) }
+      end
+    render :text => config.to_json
+  end
+
+  def add
+    product = find_product(params[:id])
+    if product && enterprise = validate_same_enterprise(product)
+      self.cart = { :enterprise_id => enterprise.id, :items => {} } if self.cart.nil?
+      self.cart[:items][product.id] = 0 if self.cart[:items][product.id].nil?
+      self.cart[:items][product.id] += 1
+      render :text => {
+        :ok => true,
+        :error => {:code => 0},
+        :products => [{
+          :id => product.id,
+          :name => product.name,
+          :price => get_price(product, enterprise.environment),
+          :description => product.description,
+          :picture => product.default_image(:minor),
+          :quantity => self.cart[:items][product.id]
+        }]
+      }.to_json
+    end
+  end
+
+  def remove
+    id = params[:id].to_i
+    if validate_cart_presence && validate_cart_has_product(id)
+      self.cart[:items].delete(id)
+      self.cart = nil if self.cart[:items].empty?
+      render :text => {
+        :ok => true,
+        :error => {:code => 0},
+        :product_id => id
+      }.to_json
+    end
+  end
+
+  def list
+    if validate_cart_presence
+      products = self.cart[:items].collect do |id, quantity|
+        product = Product.find(id)
+        { :id => product.id,
+          :name => product.name,
+          :price => get_price(product, product.enterprise.environment),
+          :description => product.description,
+          :picture => product.default_image(:minor),
+          :quantity => quantity
+        }
+      end
+      render :text => {
+        :ok => true,
+        :error => {:code => 0},
+        :products => products
+      }.to_json
+    end
+  end
+
+  def update_quantity
+    quantity = params[:quantity].to_i
+    id = params[:id].to_i
+    if validate_cart_presence && validate_cart_has_product(id) && validate_item_quantity(quantity)
+      product = Product.find(id)
+      self.cart[:items][product.id] = quantity
+      render :text => {
+        :ok => true,
+        :error => {:code => 0},
+        :product_id => id,
+        :quantity => quantity
+      }.to_json
+    end
+  end
+
+  def clean
+    self.cart = nil
+    render :text => {
+      :ok => true,
+      :error => {:code => 0}
+    }.to_json
+  end
+
+  def buy
+    @cart = cart
+    @enterprise = environment.enterprises.find(cart[:enterprise_id])
+    @settings = Noosfero::Plugin::Settings.new(@enterprise, ShoppingCartPlugin)
+    render :layout => false
+  end
+
+  def send_request
+    register_order(params[:customer], self.cart[:items])
+    begin
+      enterprise = environment.enterprises.find(cart[:enterprise_id])
+      ShoppingCartPlugin::Mailer.deliver_customer_notification(params[:customer], enterprise, self.cart[:items], params[:delivery_option])
+      ShoppingCartPlugin::Mailer.deliver_supplier_notification(params[:customer], enterprise, self.cart[:items], params[:delivery_option])
+      self.cart = nil
+      render :text => {
+        :ok => true,
+        :message => _('Request sent successfully. Check your email.'),
+        :error => {:code => 0}
+      }.to_json
+    rescue ActiveRecord::ActiveRecordError
+      render :text => {
+        :ok => false,
+        :error => {
+          :code => 6,
+          :message => exception.message
+        }
+      }.to_json
+    end
+  end
+
+  def visibility
+    render :text => self.cart.has_key?(:visibility) ? self.cart[:visibility].to_json : true.to_json
+  end
+
+  def show
+    begin
+      self.cart[:visibility] = true
+      render :text => {
+        :ok => true,
+        :message => _('Basket displayed.'),
+        :error => {:code => 0}
+      }.to_json
+    rescue Exception => exception
+      render :text => {
+        :ok => false,
+        :error => {
+          :code => 7,
+          :message => exception.message
+        }
+      }.to_json
+    end
+  end
+
+  def hide
+    begin
+      self.cart[:visibility] = false
+      render :text => {
+        :ok => true,
+        :message => _('Basket hidden.'),
+        :error => {:code => 0}
+      }.to_json
+    rescue Exception => exception
+      render :text => {
+        :ok => false,
+        :error => {
+          :code => 8,
+          :message => exception.message
+        }
+      }.to_json
+    end
+  end
+
+  def update_delivery_option
+    enterprise = environment.enterprises.find(cart[:enterprise_id])
+    settings = Noosfero::Plugin::Settings.new(enterprise, ShoppingCartPlugin)
+    delivery_price = settings.delivery_options[params[:delivery_option]]
+    delivery = Product.new(:name => params[:delivery_option], :price => delivery_price)
+    delivery.save(false)
+    items = self.cart[:items].clone
+    items[delivery.id] = 1
+    total_price = get_total_on_currency(items, environment)
+    delivery.destroy
+    render :text => {
+      :ok => true,
+      :delivery_price => float_to_currency_cart(delivery_price, environment),
+      :total_price => total_price,
+      :message => _('Delivery option updated.'),
+      :error => {:code => 0}
+    }.to_json
+  end
+
+  private
+
+  def validate_same_enterprise(product)
+    if self.cart && self.cart[:enterprise_id] && product.enterprise_id != self.cart[:enterprise_id]
+      render :text => {
+        :ok => false,
+        :error => {
+        :code => 1,
+        :message => _("Can't join items from different enterprises.")
+      }
+      }.to_json
+      return nil
+    end
+    product.enterprise
+  end
+
+  def validate_cart_presence
+    if self.cart.nil?
+      render :text => {
+        :ok => false,
+        :error => {
+        :code => 2,
+        :message => _("There is no basket.")
+      }
+      }.to_json
+      return false
+    end
+    true
+  end
+
+  def find_product(id)
+    begin
+      product = Product.find(id)
+    rescue ActiveRecord::RecordNotFound
+      render :text => {
+        :ok => false,
+        :error => {
+        :code => 3,
+        :message => _("This enterprise doesn't have this product.")
+      }
+      }.to_json
+      return nil
+    end
+    product
+  end
+
+  def validate_cart_has_product(id)
+    if !self.cart[:items].has_key?(id)
+      render :text => {
+        :ok => false,
+        :error => {
+        :code => 4,
+        :message => _("The basket doesn't have this product.")
+      }
+      }.to_json
+      return false
+    end
+    true
+  end
+
+  def validate_item_quantity(quantity)
+    if quantity.to_i < 1
+      render :text => {
+        :ok => false,
+        :error => {
+        :code => 5,
+        :message => _("Invalid quantity.")
+      }
+      }.to_json
+      return false
+    end
+    true
+  end
+
+  def register_order(custumer, items)
+    new_items = {}
+    items.each do |id, quantity|
+      product = Product.find(id)
+      price = product.price || 0
+      new_items[id] = {:quantity => quantity, :price => price, :name => product.name}
+    end
+    ShoppingCartPlugin::PurchaseOrder.create!(
+      :seller => Enterprise.find(cart[:enterprise_id]),
+      :customer => user,
+      :status => ShoppingCartPlugin::PurchaseOrder::Status::OPENED,
+      :products_list => new_items,
+      :customer_delivery_option => params[:delivery_option],
+      :customer_payment => params[:customer][:payment],
+      :customer_change => params[:customer][:change],
+      :customer_name => params[:customer][:name],
+      :customer_email => params[:customer][:email],
+      :customer_contact_phone => params[:customer][:contact_phone],
+      :customer_address => params[:customer][:address],
+      :customer_district => params[:customer][:district],
+      :customer_city => params[:customer][:city],
+      :customer_zip_code => params[:customer][:zip_code]
+    )
+  end
+
+  protected
+
+  def cart
+    @cart ||=
+      begin
+        cookies[cookie_key] && YAML.load(Base64.decode64(cookies[cookie_key])) || nil
+      end
+    @cart
+  end
+
+  def cart=(data)
+    @cart = data
+  end
+
+  after_filter :save_cookie
+  def save_cookie
+    if @cart.nil?
+      cookies.delete(cookie_key, :path => '/plugin/shopping_cart')
+    else
+      cookies[cookie_key] = {
+        :value => Base64.encode64(@cart.to_yaml),
+        :path => "/plugin/shopping_cart"
+      }
+    end
+  end
+
+  def cookie_key
+    :_noosfero_plugin_shopping_cart
+  end
+
+end
@@ -4,9 +4,12 @@ class ShoppingCartPluginMyprofileController &lt; MyProfileController
   append_view_path File.join(File.dirname(__FILE__) + '/../views')
  
   def edit
+    params[:settings] = treat_cart_options(params[:settings])
+
+    @settings = Noosfero::Plugin::Settings.new(profile, ShoppingCartPlugin, params[:settings])
     if request.post?
       begin
-        profile.update_attributes!(params[:profile_attr])
+        @settings.save!
         session[:notice] = _('Option updated successfully.')
       rescue Exception => exception
         session[:notice] = _('Option wasn\'t updated successfully.')
@@ -46,4 +49,25 @@ class ShoppingCartPluginMyprofileController &lt; MyProfileController
     order.save!
     redirect_to :action => 'reports', :from => params[:context_from], :to => params[:context_to], :filter_status => params[:context_status]
   end
+
+  private
+
+  def treat_cart_options(settings)
+    return if settings.blank?
+    settings[:enabled] = settings[:enabled] == '1'
+    settings[:delivery] = settings[:delivery] == '1'
+    settings[:free_delivery_price] = settings[:free_delivery_price].blank? ? nil : settings[:free_delivery_price].to_d
+    settings[:delivery_options] = treat_delivery_options(settings[:delivery_options])
+    settings
+  end
+
+  def treat_delivery_options(params)
+    result = {}
+    params[:options].size.times do |counter|
+      if params[:options][counter].present? && params[:prices][counter].present?
+        result[params[:options][counter]] = params[:prices][counter]
+      end
+    end
+    result
+  end
 end
@@ -1,248 +0,0 @@
-include ShoppingCartPlugin::CartHelper
-
-class ShoppingCartPluginProfileController < ProfileController
-  append_view_path File.join(File.dirname(__FILE__) + '/../views')
-  before_filter :login_required, :only => []
-
-  before_filter :login_required, :only => []
-
-  def add
-    session[:cart] = { :enterprise_id => profile.id, :items => {} } if session[:cart].nil?
-    if validate_same_enterprise && product = validate_enterprise_has_product(params[:id])
-      session[:cart][:items][product.id] = 0 if session[:cart][:items][product.id].nil?
-      session[:cart][:items][product.id] += 1
-      render :text => {
-        :ok => true,
-        :error => {:code => 0},
-        :products => [{
-          :id => product.id,
-          :name => product.name,
-          :price => get_price(product, profile.environment),
-          :description => product.description,
-          :picture => product.default_image(:minor),
-          :quantity => session[:cart][:items][product.id]
-        }]
-      }.to_json
-    end
-  end
-
-  def remove
-    id = params[:id].to_i
-    if validate_cart_presence && validate_cart_has_product(id)
-      session[:cart][:items].delete(id)
-      session[:cart] = nil if session[:cart][:items].empty?
-      render :text => {
-        :ok => true,
-        :error => {:code => 0},
-        :product_id => id
-      }.to_json
-    end
-  end
-
-  def list
-    if validate_cart_presence
-      products = session[:cart][:items].collect do |id, quantity|
-        product = Product.find(id)
-        { :id => product.id,
-          :name => product.name,
-          :price => get_price(product, profile.environment),
-          :description => product.description,
-          :picture => product.default_image(:minor),
-          :quantity => quantity
-        }
-      end
-      render :text => {
-        :ok => true,
-        :error => {:code => 0},
-        :enterprise => Enterprise.find(session[:cart][:enterprise_id]).identifier,
-        :products => products
-      }.to_json
-    end
-  end
-
-  def update_quantity
-    quantity = params[:quantity].to_i
-    id = params[:id].to_i
-    if validate_cart_presence && validate_cart_has_product(id) && validate_item_quantity(quantity)
-      product = Product.find(id)
-      session[:cart][:items][product.id] = quantity
-      render :text => {
-        :ok => true,
-        :error => {:code => 0},
-        :product_id => id,
-        :quantity => quantity
-      }.to_json
-    end
-  end
-
-  def clean
-    session[:cart] = nil
-    render :text => {
-      :ok => true,
-      :error => {:code => 0}
-    }.to_json
-  end
-
-  def buy
-    @environment = profile.environment
-    render :layout => false
-  end
-
-  def send_request
-      register_order(params[:customer], session[:cart][:items])
-    begin
-      ShoppingCartPlugin::Mailer.deliver_customer_notification(params[:customer], profile, session[:cart][:items])
-      ShoppingCartPlugin::Mailer.deliver_supplier_notification(params[:customer], profile, session[:cart][:items])
-      render :text => {
-        :ok => true,
-        :message => _('Request sent successfully. Check your email.'),
-        :error => {:code => 0}
-      }.to_json
-    rescue Exception => exception
-      render :text => {
-        :ok => false,
-        :error => {
-          :code => 6,
-          :message => exception.message
-        }
-      }.to_json
-    end
-  end
-
-  def visibility
-    render :text => session[:cart].has_key?(:visibility) ? session[:cart][:visibility].to_json : true.to_json
-  end
-
-  def show
-    begin
-      session[:cart][:visibility] = true
-      render :text => {
-        :ok => true,
-        :message => _('Basket displayed.'),
-        :error => {:code => 0}
-      }.to_json
-    rescue Exception => exception
-      render :text => {
-        :ok => false,
-        :error => {
-          :code => 7,
-          :message => exception.message
-        }
-      }.to_json
-    end
-  end
-
-  def hide
-    begin
-      session[:cart][:visibility] = false
-      render :text => {
-        :ok => true,
-        :message => _('Basket hidden.'),
-        :error => {:code => 0}
-      }.to_json
-    rescue Exception => exception
-      render :text => {
-        :ok => false,
-        :error => {
-          :code => 8,
-          :message => exception.message
-        }
-      }.to_json
-    end
-  end
-
-  private
-
-  def validate_same_enterprise
-    if profile.id != session[:cart][:enterprise_id]
-      render :text => {
-        :ok => false,
-        :error => {
-        :code => 1,
-        :message => _("Can't join items from different enterprises.")
-      }
-      }.to_json
-      return false
-    end
-    true
-  end
-
-  def validate_cart_presence
-    if session[:cart].nil?
-      render :text => {
-        :ok => false,
-        :error => {
-        :code => 2,
-        :message => _("There is no basket.")
-      }
-      }.to_json
-      return false
-    end
-    true
-  end
-
-  def validate_enterprise_has_product(id)
-    begin
-      product = profile.products.find(id)
-    rescue
-      render :text => {
-        :ok => false,
-        :error => {
-        :code => 3,
-        :message => _("This enterprise doesn't have this product.")
-      }
-      }.to_json
-      return nil
-    end
-    product
-  end
-
-  def validate_cart_has_product(id)
-    if !session[:cart][:items].has_key?(id)
-      render :text => {
-        :ok => false,
-        :error => {
-        :code => 4,
-        :message => _("The basket doesn't have this product.")
-      }
-      }.to_json
-      return false
-    end
-    true
-  end
-
-  def validate_item_quantity(quantity)
-    if quantity.to_i < 1
-      render :text => {
-        :ok => false,
-        :error => {
-        :code => 5,
-        :message => _("Invalid quantity.")
-      }
-      }.to_json
-      return false
-    end
-    true
-  end
-
-  def register_order(custumer, items)
-    new_items = {}
-    items.each do |id, quantity|
-      product = Product.find(id)
-      price = product.price || 0
-      new_items[id] = {:quantity => quantity, :price => price, :name => product.name}
-    end
-    ShoppingCartPlugin::PurchaseOrder.create!(
-      :seller => profile,
-      :customer => user,
-      :status => ShoppingCartPlugin::PurchaseOrder::Status::OPENED,
-      :products_list => new_items,
-      :customer_name => params[:customer][:name],
-      :customer_email => params[:customer][:email],
-      :customer_contact_phone => params[:customer][:contact_phone],
-      :customer_address => params[:customer][:address],
-      :customer_city => params[:customer][:city],
-      :customer_zip_code => params[:customer][:zip_code]
-    )
-  end
-end
@@ -0,0 +1,19 @@
+class MoveFieldsIncludedOnProfilesTableToSettings < ActiveRecord::Migration
+  def self.up
+    Profile.find_each do |profile|
+      settings = Noosfero::Plugin::Settings.new(profile, ShoppingCartPlugin)
+      settings.enabled = profile.shopping_cart
+      settings.delivery = profile.shopping_cart_delivery
+      settings.delivery_price = profile.shopping_cart_delivery_price
+      settings.save!
+    end
+
+    remove_column :profiles, :shopping_cart
+    remove_column :profiles, :shopping_cart_delivery
+    remove_column :profiles, :shopping_cart_delivery_price
+  end
+
+  def self.down
+    say "This migration can not be reverted!"
+  end
+end
@@ -3,20 +3,40 @@ require_dependency &#39;shopping_cart_plugin/ext/person&#39;
  
 class ShoppingCartPlugin < Noosfero::Plugin
  
-  def self.plugin_name
+  class << self
+    def plugin_name
     "Shopping Basket"
-  end
+    end
+
+    def plugin_description
+      _("A shopping basket feature for enterprises")
+    end
+
+    def enabled_default_setting
+      true
+    end
  
-  def self.plugin_description
-    _("A shopping basket feature for enterprises")
+    def delivery_default_setting
+      false
+    end
+
+    def delivery_price_default_setting
+      0
+    end
+
+    def delivery_options_default_setting
+      {}
+    end
   end
  
-  def add_to_cart_button(item, enterprise = context.profile)
-    if enterprise.shopping_cart && item.available
+  def add_to_cart_button(item)
+    enterprise = item.enterprise
+    settings = Noosfero::Plugin::Settings.new(enterprise, ShoppingCartPlugin)
+    if settings.enabled && item.available
        lambda {
          link_to(_('Add to basket'), "add:#{item.name}",
            :class => 'cart-add-item',
-           :onclick => "Cart.addItem('#{enterprise.identifier}', #{item.id}, this); return false"
+           :onclick => "Cart.addItem(#{item.id}, this); return false"
          )
        }
     end
@@ -35,15 +55,16 @@ class ShoppingCartPlugin &lt; Noosfero::Plugin
   end
  
   def body_beginning
-    expanded_template('cart.html.erb',{:cart => context.session[:cart]})
+    expanded_template('cart.html.erb')
   end
  
   def control_panel_buttons
+    settings = Noosfero::Plugin::Settings.new(context.profile, ShoppingCartPlugin)
     buttons = []
     if context.profile.enterprise?
       buttons << { :title => _('Shopping basket'), :icon => 'shopping-cart-icon', :url => {:controller => 'shopping_cart_plugin_myprofile', :action => 'edit'} }
     end
-    if context.profile.enterprise? && context.profile.shopping_cart
+    if context.profile.enterprise? && settings.enabled
       buttons << { :title => _('Purchase reports'), :icon => 'shopping-cart-purchase-report', :url => {:controller => 'shopping_cart_plugin_myprofile', :action => 'reports'} }
     end
  
 module ShoppingCartPlugin::CartHelper
  
   include ActionView::Helpers::NumberHelper
+  include ActionView::Helpers::TagHelper
  
   def sell_price(product)
     return 0 if product.price.nil?
     product.discount ? product.price_with_discount : product.price
   end
  
-  def get_price(product, environment)
-    float_to_currency_cart(sell_price(product), environment)
+  def get_price(product, environment, quantity=1)
+    float_to_currency_cart(price_with_quantity(product,quantity), environment)
   end
  
-  def get_total(items, environment)
-    float_to_currency_cart(items.map { |id, quantity| sell_price(Product.find(id)) * quantity}.sum, environment)
+  def price_with_quantity(product, quantity=1)
+    quantity = 1 if !quantity.kind_of?(Numeric)
+    sell_price(product)*quantity
   end
  
-  def items_table(items, profile, by_mail = false)
+  def get_total(items)
+    items.map { |id, quantity| price_with_quantity(Product.find(id),quantity)}.sum
+  end
+
+  def get_total_on_currency(items, environment)
+    float_to_currency_cart(get_total(items), environment)
+  end
+
+  def items_table(items, profile, delivery_option = nil, by_mail = false)
     environment = profile.environment
+    settings = Noosfero::Plugin::Settings.new(profile, ShoppingCartPlugin)
     items = items.to_a
-    if profile.shopping_cart_delivery
-      delivery = Product.create!(:name => _('Delivery'), :price => profile.shopping_cart_delivery_price, :product_category => ProductCategory.last)
-      items << [delivery.id, 1]
-    end
  
     quantity_opts = { :class => 'cart-table-quantity' }
     quantity_opts.merge!({:align => 'center'}) if by_mail
     price_opts = {:class => 'cart-table-price'}
     price_opts.merge!({:align => 'right'}) if by_mail
+    items.sort! {|a, b| Product.find(a.first).name <=> Product.find(b.first).name}
+
+    if settings.delivery
+      if settings.free_delivery_price && get_total(items) >= settings.free_delivery_price
+        delivery = Product.new(:name => _('Free delivery'), :price => 0)
+      else
+        delivery = Product.new(:name => delivery_option || _('Delivery'), :price => settings.delivery_options[delivery_option])
+      end
+      delivery.save(false)
+      items << [delivery.id, '']
+    end
  
     table = '<table id="cart-items-table" cellpadding="2" cellspacing="0"
     border="'+(by_mail ? '1' : '0')+'"
     style="'+(by_mail ? 'border-collapse:collapse' : '')+'">' +
     content_tag('tr',
-                content_tag('th', _('Item name')) +
-                content_tag('th', by_mail ? '&nbsp;#&nbsp;' : '#') +
-                content_tag('th', _('Price'))
+      content_tag('th', _('Item name')) +
+      content_tag('th', by_mail ? '&nbsp;#&nbsp;' : '#') +
+      content_tag('th', _('Price'))
     ) +
     items.map do |id, quantity|
       product = Product.find(id)
+      name_opts = {}
+      is_delivery = quantity.kind_of?(String)
+      if is_delivery
+        price_opts.merge!({:id => 'delivery-price'})
+        name_opts.merge!({:id => 'delivery-name'})
+      end
       content_tag('tr',
-                  content_tag('td', product.name) +
-                  content_tag('td', quantity, quantity_opts ) +
-                  content_tag('td', get_price(product, environment), price_opts )
-                 )
+        content_tag('td', product.name, name_opts) +
+        content_tag('td', quantity, quantity_opts ) +
+        content_tag('td', get_price(product, environment, quantity), price_opts)
+      )
     end.join("\n")
  
-    total = get_total(items, environment)
-    delivery.destroy if profile.shopping_cart_delivery
+    total = get_total_on_currency(items, environment)
+    delivery.destroy if settings.delivery
  
     table +
     content_tag('th', _('Total:'), :colspan => 2, :class => 'cart-table-total-label') +
@@ -55,6 +79,14 @@ module ShoppingCartPlugin::CartHelper
   end
  
   def float_to_currency_cart(value, environment)
-    number_to_currency(value, :unit => environment.currency_unit, :separator => environment.currency_separator, :delimiter => environment.currency_delimiter, :precision => 2, :format => "%u %n")
+    number_to_currency(value, :unit => environment.currency_unit, :separator => environment.currency_separator, :delimiter => environment.currency_delimiter, :precision => 2, :format => "%u%n")
+  end
+
+  def select_delivery_options(options, environment)
+    result = options.map do |option, price|
+      ["#{option} (#{float_to_currency_cart(price, environment)})", option]
+    end
+    result << ["#{_('Delivery')} (#{float_to_currency_cart(0, environment)})", 'delivery'] if result.empty?
+    result
   end
 end
 class ShoppingCartPlugin::Mailer < Noosfero::Plugin::MailerBase
  
-  def customer_notification(customer, supplier, items)
+  include ShoppingCartPlugin::CartHelper
+
+  def customer_notification(customer, supplier, items, delivery_option)
     domain = supplier.hostname || supplier.environment.default_hostname
     recipients    customer[:email]
     from          'no-reply@' + domain
@@ -10,10 +12,12 @@ class ShoppingCartPlugin::Mailer &lt; Noosfero::Plugin::MailerBase
     body :customer => customer,
          :supplier => supplier,
          :items => items,
-         :environment => supplier.environment
+         :environment => supplier.environment,
+         :helper => self,
+         :delivery_option => delivery_option
   end
  
-  def supplier_notification(customer, supplier, items)
+  def supplier_notification(customer, supplier, items, delivery_option)
     domain = supplier.environment.default_hostname
     recipients    supplier.contact_email
     from          'no-reply@' + domain
@@ -23,6 +27,8 @@ class ShoppingCartPlugin::Mailer &lt; Noosfero::Plugin::MailerBase
     body :customer => customer,
          :supplier => supplier,
          :items => items,
-         :environment => supplier.environment
+         :environment => supplier.environment,
+         :helper => self,
+         :delivery_option => delivery_option
   end
 end
@@ -12,8 +12,12 @@ class ShoppingCartPlugin::PurchaseOrder &lt; Noosfero::Plugin::ActiveRecord
   settings_items :customer_email, :type => String
   settings_items :customer_contact_phone, :type => String
   settings_items :customer_address, :type => String
+  settings_items :customer_district, :type => String
   settings_items :customer_city, :type => String
   settings_items :customer_zip_code, :type => String
+  settings_items :customer_delivery_option, :type => String
+  settings_items :customer_payment, :type => String
+  settings_items :customer_change, :type => String
  
   before_create do |order|
     order.created_at = Time.now.utc
@@ -0,0 +1,34 @@
+jQuery(document).ready(function(){
+  jQuery("#cart-request-form").validate({
+    submitHandler: function(form) {
+      jQuery(form).find('input.submit').attr('disabled', true);
+      jQuery('#cboxLoadingOverlay').show().addClass('loading');
+      jQuery('#cboxLoadingGraphic').show().addClass('loading');
+    }
+  });
+});
+
+jQuery('#delivery_option').change(function(){
+  jQuery('#cboxLoadingGraphic').show();
+  me = this;
+  enterprise = jQuery(me).attr('data-profile-identifier');
+  option = jQuery(me).val();
+  jQuery.ajax({
+    url: '/plugin/shopping_cart/update_delivery_option',
+    dataType: "json",
+    data: 'delivery_option='+option,
+    success: function(data, st, ajax) {
+      jQuery('#delivery-price').text(data.delivery_price);
+      jQuery('.cart-table-total-value').text(data.total_price);
+      jQuery('#delivery-name').text(option);
+      jQuery('#cboxLoadingGraphic').hide();
+    },
+    error: function(ajax, st, errorThrown) {
+      alert('Update delivery option - HTTP '+st+': '+errorThrown);
+    },
+  });
+});
+
+jQuery('#customer_payment').change(function(){
+  jQuery(this).closest('.formfieldline').next().slideToggle('fast');
+});
@@ -11,10 +11,9 @@ function Cart(config) {
   $(".cart-buy", this.cartElem).button({ icons: { primary: 'ui-icon-cart'} });
   if (!this.empty) {
     $(this.cartElem).show();
-    this.enterprise = config.enterprise;
     me = this;
     $.ajax({
-      url: '/profile/'+ this.enterprise +'/plugins/shopping_cart/visibility',
+      url: '/plugin/shopping_cart/visibility',
       dataType: 'json',
       success: function(data, status, ajax){
         me.visible = /^true$/i.test(data);
@@ -25,7 +24,7 @@ function Cart(config) {
         alert('Visibility - HTTP '+status+': '+errorThrown);
       }
     });
-    $(".cart-buy", this.cartElem).colorbox({href: '/profile/' + this.enterprise + '/plugins/shopping_cart/buy'});
+    $(".cart-buy", this.cartElem).colorbox({ href: '/plugin/shopping_cart/buy' });
   }
 }
  
@@ -34,7 +33,7 @@ function Cart(config) {
   Cart.prototype.listProducts = function() {
     var me = this;
     $.ajax({
-      url: '/profile/'+ this.enterprise +'/plugins/shopping_cart/list',
+      url: '/plugin/shopping_cart/list',
       dataType: 'json',
       success: function(data, ststus, ajax){
         if ( !data.ok ) alert(data.error.message);
@@ -61,7 +60,7 @@ function Cart(config) {
         '<span class="item-name">'+ item.name +'</span>' +
         '<div class="item-price">' +
         '<input size="1" value="'+item.quantity+'" />'+ (item.price ? '&times; '+ item.price : '') +'</div>' +
-        ' <a href="remove:'+item.name+'" onclick="Cart.removeItem(\''+this.enterprise+'\', '+item.id+'); return false"' +
+        ' <a href="remove:'+item.name+'" onclick="Cart.removeItem('+item.id+'); return false"' +
         ' class="button icon-remove"><span>remove</span></a>'
        ).appendTo(li);
       var input = $("input", li)[0];
@@ -100,7 +99,7 @@ function Cart(config) {
     var me = this;
     if( quantity == NaN ) return input.value = input.lastValue;
     $.ajax({
-      url: '/profile/'+ this.enterprise +'/plugins/shopping_cart/update_quantity/'+ itemId +'?quantity='+ quantity,
+      url: '/plugin/shopping_cart/update_quantity/'+ itemId +'?quantity='+ quantity,
       dataType: 'json',
       success: function(data, status, ajax){
         if ( !data.ok ) {
@@ -132,8 +131,7 @@ function Cart(config) {
     this.updateTotal();
   }
  
-  Cart.addItem = function(enterprise, itemId, link) {
-    // on the future, the instance may be found by the enterprise identifier.
+  Cart.addItem = function(itemId, link) {
     link.intervalId = setInterval(function() {
       steps = ['w', 'n', 'e', 's'];
       if( !link.step || link.step==3 ) link.step = 0;
@@ -144,18 +142,13 @@ function Cart(config) {
       clearInterval(link.intervalId);
       $(link).button({ icons: { primary: 'ui-icon-cart'}, disable: false });
     };
-    this.instance.addItem(enterprise, itemId, stopBtLoading);
+    this.instance.addItem(itemId, stopBtLoading);
   }
  
-  Cart.prototype.addItem = function(enterprise, itemId, callback) {
-    if(!this.enterprise) {
-      this.enterprise = enterprise;
-      $(".cart-buy", this.cartElem).colorbox({href: '/profile/' + this.enterprise + '/plugins/shopping_cart/buy'});
-//      $(this.cartElem).show();
-    }
+  Cart.prototype.addItem = function(itemId, callback) {
     var me = this;
     $.ajax({
-      url: '/profile/'+ enterprise +'/plugins/shopping_cart/add/'+ itemId,
+      url: '/plugin/shopping_cart/add/'+ itemId,
       dataType: 'json',
       success: function(data, status, ajax){
         if ( !data.ok ) alert(data.error.message);
@@ -169,16 +162,16 @@ function Cart(config) {
     });
   }
  
-  Cart.removeItem = function(enterprise, itemId) {
+  Cart.removeItem = function(itemId) {
     var message = this.instance.cartElem.getAttribute('data-l10nRemoveItem');
-    if( confirm(message) ) this.instance.removeItem(enterprise, itemId);
+    if( confirm(message) ) this.instance.removeItem(itemId);
   }
  
-  Cart.prototype.removeItem = function(enterprise, itemId) {
+  Cart.prototype.removeItem = function(itemId) {
     if ($("li", this.itemsBox).size() < 2) return this.clean();
     var me = this;
     $.ajax({
-      url: '/profile/'+ enterprise +'/plugins/shopping_cart/remove/'+ itemId,
+      url: '/plugin/shopping_cart/remove/'+ itemId,
       dataType: 'json',
       success: function(data, status, ajax){
         if ( !data.ok ) alert(data.error.message);
@@ -200,7 +193,7 @@ function Cart(config) {
  
   Cart.prototype.show = function() {
     $.ajax({
-      url: '/profile/'+ this.enterprise +'/plugins/shopping_cart/show',
+      url: '/plugin/shopping_cart/show',
       dataType: 'json',
       cache: false,
       error: function(ajax, status, errorThrown) {
@@ -215,7 +208,7 @@ function Cart(config) {
   }
   Cart.prototype.hide = function() {
     $.ajax({
-      url: '/profile/'+ this.enterprise +'/plugins/shopping_cart/hide',
+      url: '/plugin/shopping_cart/hide',
       dataType: 'json',
       cache: false,
       error: function(ajax, status, errorThrown) {
@@ -252,7 +245,7 @@ function Cart(config) {
   Cart.prototype.clean = function() {
     var me = this;
     $.ajax({
-      url: '/profile/'+ me.enterprise +'/plugins/shopping_cart/clean',
+      url: '/plugin/shopping_cart/clean',
       dataType: 'json',
       success: function(data, status, ajax){
         if ( !data.ok ) alert(data.error.message);
@@ -261,7 +254,6 @@ function Cart(config) {
           $(me.cartElem).slideUp(500, function() {
             $(me.itemsBox).empty();
             me.hide();
-            me.enterprise = null;
             me.updateTotal();
             me.empty = true;
           });
@@ -284,7 +276,7 @@ function Cart(config) {
     var me = this;
     $.ajax({
       type: 'POST',
-      url: '/profile/'+ me.enterprise +'/plugins/shopping_cart/send_request',
+      url: '/plugin/shopping_cart/send_request',
       data: params,
       dataType: 'json',
       success: function(data, status, ajax){
@@ -309,7 +301,19 @@ function Cart(config) {
   }
  
   $(function(){
-    $('.cart-add-item').button({ icons: { primary: 'ui-icon-cart'} })
+
+    $.ajax({
+      url: "/plugin/shopping_cart/get",
+      dataType: 'json',
+      success: function(data) {
+        new Cart(data);
+        $('.cart-add-item').button({ icons: { primary: 'ui-icon-cart'} })
+      },
+      cache: false,
+      error: function(ajax, status, errorThrown) {
+        alert('Error getting shopping cart - HTTP '+status+': '+errorThrown);
+      }
+    });
   });
  
 })(jQuery);
@@ -0,0 +1,16 @@
+jQuery('#settings_delivery').click(function(){
+  jQuery('#delivery_settings').toggle('fast');
+});
+
+jQuery('#add-new-option').click(function(){
+  new_option = jQuery('#empty-option').clone();
+  new_option.removeAttr('id');
+  jQuery('#add-new-option-row').before(new_option);
+  new_option.show();
+  return false;
+});
+
+jQuery('.remove-option').live('click', function(){
+  jQuery(this).closest('tr').remove();
+  return false;
+});
-@import url(colorbox/colorbox.css);
-
 .cart-add-item .ui-icon-cart {
   background: url("/plugins/shopping_cart/images/button-icon.png") no-repeat scroll left center transparent;
   width: 22px;
@@ -0,0 +1,225 @@
+require File.dirname(__FILE__) + '/../../../../test/test_helper'
+require File.dirname(__FILE__) + '/../../controllers/shopping_cart_plugin_controller'
+
+# Re-raise errors caught by the controller.
+class ShoppingCartPluginController; def rescue_action(e) raise e end; end
+
+class ShoppingCartPluginControllerTest < ActionController::TestCase
+
+  def setup
+    @controller = ShoppingCartPluginController.new
+    @request    = ActionController::TestRequest.new
+    @response   = ActionController::TestResponse.new
+    @enterprise = fast_create(Enterprise)
+    @product = fast_create(Product, :enterprise_id => @enterprise.id)
+  end
+  attr_reader :enterprise
+  attr_reader :product
+
+  should 'force cookie expiration with explicit path for an empty cart' do
+    get :get
+    assert @response.headers['Set-Cookie'].any? { |c| c =~ /_noosfero_plugin_shopping_cart=; path=\/plugin\/shopping_cart; expires=.*-1970/}
+  end
+
+  should 'add a new product to cart' do
+    get :add, :id => product.id
+
+    assert product_in_cart?(product)
+    assert_equal 1, product_quantity(product)
+  end
+
+  should 'grow quantity through add' do
+    get :add, :id => product.id
+    assert_equal 1, product_quantity(product)
+
+    get :add, :id => product.id
+    assert_equal 2, product_quantity(product)
+  end
+
+  should 'not add product to cart if it does not exists' do
+    assert_nothing_raised { get :add, :id => 9999 }
+
+    assert !product_in_cart?(product)
+    assert !response_ok?
+    assert 3, reponse_error_code
+  end
+
+  should 'remove cart if the product being removed is the last one' do
+    get :add, :id => product.id
+    assert cart?
+
+    get :remove, :id => product.id
+    assert !cart?
+  end
+
+  should 'not try to remove a product if there is no cart' do
+    instantiate_cart
+    assert !cart?
+
+    assert_nothing_raised { get :remove, :id => 9999 }
+    assert !response_ok?
+    assert_equal 2, reponse_error_code
+  end
+
+  should 'just remove product if there are other products on cart' do
+    another_product = fast_create(Product, :enterprise_id => enterprise.id)
+    get :add, :id => product.id
+    get :add, :id => another_product.id
+
+    get :remove, :id => product.id
+    assert cart?
+    assert !product_in_cart?(product)
+  end
+
+  should 'not try to remove a product that is not in the cart' do
+    get :add, :id => product.id
+    assert cart?
+    assert_nothing_raised { get :remove, :id => 9999 }
+
+    assert !response_ok?
+    assert_equal 4, reponse_error_code
+  end
+
+  should 'not try to list the cart if there is no cart' do
+    instantiate_cart
+    assert !cart?
+
+    assert_nothing_raised { get :list  }
+    assert !response_ok?
+    assert_equal 2, reponse_error_code
+  end
+
+  should 'list products without errors' do
+    get :add, :id => product.id
+
+    assert_nothing_raised { get :list  }
+    assert response_ok?
+  end
+
+  should 'update the quantity of a product' do
+    get :add, :id => product.id
+    assert 1, product_quantity(product)
+
+    get :update_quantity, :id => product.id, :quantity => 3
+    assert 3, product_quantity(product)
+  end
+
+  should 'not try to update quantity the quantity of a product if there is no cart' do
+    instantiate_cart
+    assert !cart?
+
+    assert_nothing_raised { get :update_quantity, :id => 9999, :quantity => 3 }
+    assert !response_ok?
+    assert_equal 2, reponse_error_code
+  end
+
+  should 'not try to update the quantity of a product that is not in the cart' do
+    get :add, :id => product.id
+    assert cart?
+    assert_nothing_raised { get :update_quantity, :id => 9999, :quantity => 3 }
+
+    assert !response_ok?
+    assert_equal 4, reponse_error_code
+  end
+
+  should 'not update the quantity of a product with a invalid value' do
+    get :add, :id => product.id
+
+    assert_nothing_raised { get :update_quantity, :id => product.id, :quantity => -1}
+    assert !response_ok?
+    assert_equal 5, reponse_error_code
+
+    assert_nothing_raised { get :update_quantity, :id => product.id, :quantity => 'asdf'}
+    assert !response_ok?
+    assert_equal 5, reponse_error_code
+  end
+
+  should 'clean the cart' do
+    another_product = fast_create(Product, :enterprise_id => enterprise.id)
+    get :add, :id => product.id
+    get :add, :id => another_product.id
+
+    assert_nothing_raised {  get :clean }
+    assert !cart?
+  end
+
+  should 'not crash if there is no cart' do
+    instantiate_cart
+    assert !cart?
+    assert_nothing_raised {  get :clean  }
+  end
+
+  should 'register order on send request' do
+    product1 = fast_create(Product, :enterprise_id => enterprise.id, :price => 1.99)
+    product2 = fast_create(Product, :enterprise_id => enterprise.id, :price => 2.23)
+    @controller.stubs(:cart).returns({ :enterprise_id => enterprise.id, :items => {product1.id => 1, product2.id => 2}})
+    assert_difference ShoppingCartPlugin::PurchaseOrder, :count, 1 do
+      post :send_request,
+        :customer => {:name => "Manuel", :email => "manuel@ceu.com"}
+    end
+
+    order = ShoppingCartPlugin::PurchaseOrder.last
+
+    assert_equal 1.99, order.products_list[product1.id][:price]
+    assert_equal 1, order.products_list[product1.id][:quantity]
+    assert_equal 2.23, order.products_list[product2.id][:price]
+    assert_equal 2, order.products_list[product2.id][:quantity]
+    assert_equal ShoppingCartPlugin::PurchaseOrder::Status::OPENED, order.status
+  end
+
+  should 'register order on send request and not crash if product is not defined' do
+    product1 = fast_create(Product, :enterprise_id => enterprise.id)
+    @controller.stubs(:cart).returns({ :enterprise_id => enterprise.id, :items => {product1.id => 1}})
+    assert_difference ShoppingCartPlugin::PurchaseOrder, :count, 1 do
+      post :send_request,
+        :customer => {:name => "Manuel", :email => "manuel@ceu.com"}
+    end
+
+    order = ShoppingCartPlugin::PurchaseOrder.last
+
+    assert_equal 0, order.products_list[product1.id][:price]
+  end
+
+  should 'clean the cart after placing the order' do
+    product1 = fast_create(Product, :enterprise_id => enterprise.id)
+    post :add, :id => product1.id
+    post :send_request, :customer => { :name => "Manuel", :email => "manuel@ceu.com" }
+    assert !cart?, "cart expected to be empty!"
+  end
+
+  private
+
+  def json_response
+    ActiveSupport::JSON.decode @response.body
+  end
+
+  def cart?
+    !@controller.send(:cart).nil?
+  end
+
+  def product_in_cart?(product)
+    @controller.send(:cart) &&
+      @controller.send(:cart)[:items] &&
+      @controller.send(:cart)[:items].has_key?(product.id)
+  end
+
+  def product_quantity(product)
+    @controller.send(:cart)[:items][product.id]
+  end
+
+  def response_ok?
+    json_response['ok']
+  end
+
+  def reponse_error_code
+    json_response['error']['code']
+  end
+
+  # temporary hack...if I don't do this the session stays as an Array instead
+  # of a TestSession
+  def instantiate_cart
+    get :add, :id => product.id
+    get :remove, :id => product.id
+  end
+
+end
@@ -13,46 +13,42 @@ class ShoppingCartPluginMyprofileControllerTest &lt; ActionController::TestCase
   attr_reader :enterprise
  
   should 'be able to enable shopping cart' do
-    enterprise.shopping_cart = false
-    enterprise.save
-    post :edit, :profile => enterprise.identifier, :profile_attr => {:shopping_cart => '1'}
-    enterprise.reload
+    settings.enabled = false
+    settings.save!
+    post :edit, :profile => enterprise.identifier, :settings => {:enabled => '1'}
  
-    assert enterprise.shopping_cart
+    assert settings.enabled
   end
  
   should 'be able to disable shopping cart' do
-    enterprise.shopping_cart = true
-    enterprise.save
-    post :edit, :profile => enterprise.identifier, :profile_attr => {:shopping_cart => '0'}
-    enterprise.reload
+    settings.enabled = true
+    settings.save!
+    post :edit, :profile => enterprise.identifier, :settings => {:enabled => '0'}
  
-    assert !enterprise.shopping_cart
+    assert !settings.enabled
   end
  
   should 'be able to enable shopping cart delivery' do
-    enterprise.shopping_cart_delivery = false
-    enterprise.save
-    post :edit, :profile => enterprise.identifier, :profile_attr => {:shopping_cart_delivery => '1'}
-    enterprise.reload
+    settings.delivery = false
+    settings.save!
+    post :edit, :profile => enterprise.identifier, :settings => {:delivery => '1'}
  
-    assert enterprise.shopping_cart_delivery
+    assert settings.delivery
   end
  
   should 'be able to disable shopping cart delivery' do
-    enterprise.shopping_cart_delivery = true
-    enterprise.save
-    post :edit, :profile => enterprise.identifier, :profile_attr => {:shopping_cart_delivery => '0'}
-    enterprise.reload
+    settings.delivery = true
+    settings.save!
+    post :edit, :profile => enterprise.identifier, :settings => {:delivery => '0'}
  
-    assert !enterprise.shopping_cart_delivery
+    assert !settings.delivery
   end
  
   should 'be able to choose the delivery price' do
     price = 4.35
-    post :edit, :profile => enterprise.identifier, :profile_attr => {:shopping_cart_delivery_price => price}
-    enterprise.reload
-    assert enterprise.shopping_cart_delivery_price == price
+    post :edit, :profile => enterprise.identifier, :settings => {:delivery_price => price}
+
+    assert settings.delivery_price == price
   end
  
   should 'filter the reports correctly' do
@@ -112,4 +108,11 @@ class ShoppingCartPluginMyprofileControllerTest &lt; ActionController::TestCase
     po.reload
     assert_equal ShoppingCartPlugin::PurchaseOrder::Status::CONFIRMED, po.status
   end
+
+  private
+
+  def settings
+    @enterprise.reload
+    Noosfero::Plugin::Settings.new(@enterprise, ShoppingCartPlugin)
+  end
 end
@@ -1,213 +0,0 @@
-require File.dirname(__FILE__) + '/../../../../test/test_helper'
-require File.dirname(__FILE__) + '/../../controllers/shopping_cart_plugin_profile_controller'
-
-# Re-raise errors caught by the controller.
-class ShoppingCartPluginProfileController; def rescue_action(e) raise e end; end
-
-class ShoppingCartPluginProfileControllerTest < ActionController::TestCase
-
-  def setup
-    @controller = ShoppingCartPluginProfileController.new
-    @request    = ActionController::TestRequest.new
-    @response   = ActionController::TestResponse.new
-    @enterprise = fast_create(Enterprise)
-    @product = fast_create(Product, :enterprise_id => @enterprise.id)
-  end
-  attr_reader :enterprise
-  attr_reader :product
-
-  should 'add a new product to cart' do
-    get :add, :profile => enterprise.identifier, :id => product.id
-
-    assert product_in_cart?(product)
-    assert_equal 1, product_quantity(product)
-  end
-
-  should 'grow quantity through add' do
-    get :add, :profile => enterprise.identifier, :id => product.id
-    assert_equal 1, product_quantity(product)
-
-    get :add, :profile => enterprise.identifier, :id => product.id
-    assert_equal 2, product_quantity(product)
-  end
-
-  should 'not add product to cart if it does not exists' do
-    assert_nothing_raised { get :add, :profile => enterprise.identifier, :id => 9999 }
-
-    assert !product_in_cart?(product)
-    assert !response_ok?
-    assert 3, reponse_error_code
-  end
-
-  should 'remove cart if the product being removed is the last one' do
-    get :add, :profile => enterprise.identifier, :id => product.id
-    assert cart?
-
-    get :remove, :profile => enterprise.identifier, :id => product.id
-    assert !cart?
-  end
-
-  should 'not try to remove a product if there is no cart' do
-    instantiate_session
-    assert !cart?
-
-    assert_nothing_raised { get :remove, :profile => enterprise.identifier, :id => 9999 }
-    assert !response_ok?
-    assert_equal 2, reponse_error_code
-  end
-
-  should 'just remove product if there are other products on cart' do
-    another_product = fast_create(Product, :enterprise_id => enterprise.id)
-    get :add, :profile => enterprise.identifier, :id => product.id
-    get :add, :profile => enterprise.identifier, :id => another_product.id
-
-    get :remove, :profile => enterprise.identifier, :id => product.id
-    assert cart?
-    assert !product_in_cart?(product)
-  end
-
-  should 'not try to remove a product that is not in the cart' do
-    get :add, :profile => enterprise.identifier, :id => product.id
-    assert cart?
-    assert_nothing_raised { get :remove, :profile => enterprise.identifier, :id => 9999 }
-
-    assert !response_ok?
-    assert_equal 4, reponse_error_code
-  end
-
-  should 'not try to list the cart if there is no cart' do
-    instantiate_session
-    assert !cart?
-
-    assert_nothing_raised { get :list, :profile => enterprise.identifier }
-    assert !response_ok?
-    assert_equal 2, reponse_error_code
-  end
-
-  should 'list products without errors' do
-    get :add, :profile => enterprise.identifier, :id => product.id
-
-    assert_nothing_raised { get :list, :profile => enterprise.identifier }
-    assert response_ok?
-  end
-
-  should 'update the quantity of a product' do
-    get :add, :profile => enterprise.identifier, :id => product.id
-    assert 1, product_quantity(product)
-
-    get :update_quantity, :profile => enterprise.identifier, :id => product.id, :quantity => 3
-    assert 3, product_quantity(product)
-  end
-
-  should 'not try to update quantity the quantity of a product if there is no cart' do
-    instantiate_session
-    assert !cart?
-
-    assert_nothing_raised { get :update_quantity, :profile => enterprise.identifier, :id => 9999, :quantity => 3 }
-    assert !response_ok?
-    assert_equal 2, reponse_error_code
-  end
-
-  should 'not try to update the quantity of a product that is not in the cart' do
-    get :add, :profile => enterprise.identifier, :id => product.id
-    assert cart?
-    assert_nothing_raised { get :update_quantity, :profile => enterprise.identifier, :id => 9999, :quantity => 3 }
-
-    assert !response_ok?
-    assert_equal 4, reponse_error_code
-  end
-
-  should 'not update the quantity of a product with a invalid value' do
-    get :add, :profile => enterprise.identifier, :id => product.id
-
-    assert_nothing_raised { get :update_quantity, :profile => enterprise.identifier, :id => product.id, :quantity => -1}
-    assert !response_ok?
-    assert_equal 5, reponse_error_code
-
-    assert_nothing_raised { get :update_quantity, :profile => enterprise.identifier, :id => product.id, :quantity => 'asdf'}
-    assert !response_ok?
-    assert_equal 5, reponse_error_code
-  end
-
-  should 'clean the cart' do
-    another_product = fast_create(Product, :enterprise_id => enterprise.id)
-    get :add, :profile => enterprise.identifier, :id => product.id
-    get :add, :profile => enterprise.identifier, :id => another_product.id
-
-    assert_nothing_raised {  get :clean, :profile => enterprise.identifier }
-    assert !cart?
-  end
-
-  should 'not crash if there is no cart' do
-    instantiate_session
-    assert !cart?
-    assert_nothing_raised {  get :clean, :profile => enterprise.identifier }
-  end
-
-  should 'register order on send request' do
-    product1 = fast_create(Product, :enterprise_id => enterprise.id, :price => 1.99)
-    product2 = fast_create(Product, :enterprise_id => enterprise.id, :price => 2.23)
-    @controller.stubs(:session).returns({:cart => {:items => {product1.id => 1, product2.id => 2}}})
-    assert_difference ShoppingCartPlugin::PurchaseOrder, :count, 1 do
-      post :send_request,
-        :customer => {:name => "Manuel", :email => "manuel@ceu.com"},
-        :profile => enterprise.identifier
-    end
-
-    order = ShoppingCartPlugin::PurchaseOrder.last
-
-    assert_equal 1.99, order.products_list[product1.id][:price]
-    assert_equal 1, order.products_list[product1.id][:quantity]
-    assert_equal 2.23, order.products_list[product2.id][:price]
-    assert_equal 2, order.products_list[product2.id][:quantity]
-    assert_equal ShoppingCartPlugin::PurchaseOrder::Status::OPENED, order.status
-  end
-
-  should 'register order on send request and not crash if product is not defined' do
-    product1 = fast_create(Product, :enterprise_id => enterprise.id)
-    @controller.stubs(:session).returns({:cart => {:items => {product1.id => 1}}})
-    assert_difference ShoppingCartPlugin::PurchaseOrder, :count, 1 do
-      post :send_request,
-        :customer => {:name => "Manuel", :email => "manuel@ceu.com"},
-        :profile => enterprise.identifier
-    end
-
-    order = ShoppingCartPlugin::PurchaseOrder.last
-
-    assert_equal 0, order.products_list[product1.id][:price]
-  end
-
-  private
-
-  def json_response
-    ActiveSupport::JSON.decode @response.body
-  end
-
-  def cart?
-    !session[:cart].nil?
-  end
-
-  def product_in_cart?(product)
-    session[:cart][:items].has_key?(product.id)
-  end
-
-  def product_quantity(product)
-    session[:cart][:items][product.id]
-  end
-
-  def response_ok?
-    json_response['ok']
-  end
-
-  def reponse_error_code
-    json_response['error']['code']
-  end
-
-  # temporary hack...if I don't do this the session stays as an Array instead
-  # of a TestSession
-  def instantiate_session
-    get :add, :profile => enterprise.identifier, :id => product.id
-    get :remove, :profile => enterprise.identifier, :id => product.id
-  end
-
-end
@@ -7,7 +7,6 @@ class ShoppingCartPluginTest &lt; ActiveSupport::TestCase
     @context = mock()
     @profile = mock()
     @profile.stubs(:identifier).returns('random-user')
-    @context.stubs(:profile).returns(@profile)
     @shopping_cart.context = @context
     @shopping_cart.stubs(:profile).returns(@profile)
   end
@@ -23,7 +22,8 @@ class ShoppingCartPluginTest &lt; ActiveSupport::TestCase
     product = fast_create(Product, :available => false)
     enterprise = mock()
     enterprise.stubs(:shopping_cart).returns(true)
+    product.stubs(:enterprise).returns(enterprise)
  
-    assert_nil shopping_cart.add_to_cart_button(product, enterprise)
+    assert_nil shopping_cart.add_to_cart_button(product)
   end
 end
@@ -7,7 +7,7 @@
       <a href="cart:clean" onclick="Cart.clean(this); return false" class="cart-clean"><%=_('Clean basket')%></a>
       <ul class="cart-items"></ul>
       <div class="cart-total"><%=_('Total:')%> <b></b></div>
-      <a href="cart:buy" class="cart-buy"><%=_('Shopping checkout')%></a>
+      <a href="/plugin/shopping_cart/buy" class="cart-buy"><%=_('Shopping checkout')%></a>
     </div>
     <a href="#" onclick="Cart.toggle(this); return false" class="cart-toggle">
       <span class="str-show"><%=_('Show basket')%></span>
@@ -15,9 +15,3 @@
     </a>
   </div>
 </div>
-
-<script type="text/javascript">
-//<![CDATA[
-  new Cart({hasProducts:<%= !locals[:cart].nil? ? "true, enterprise:'#{Enterprise.find(locals[:cart][:enterprise_id]).identifier}'" : "false" %>});
-//]]>
-</script>
@@ -0,0 +1,31 @@
+<% person = user.nil? ? Person.new : user %>
+<div id='cart-request-box'>
+  <% form_for(:customer, person, :url => {:action => 'send_request'},
+              :html => {:onsubmit => "return Cart.send_request(this)", :id => 'cart-request-form' }) do |f| %>
+    <div id="cart-form-main">
+      <%= labelled_form_field('* ' + _("Name"), f.text_field(:name, :class => 'required') ) %>
+      <%= labelled_form_field('* ' +  _("Email"), f.text_field(:email, :class => 'required email') ) %>
+      <%= labelled_form_field('* ' +  _("Contact phone"), f.text_field(:contact_phone, :class => 'required') ) %>
+      <%= labelled_form_field(_('Delivery option'), select_tag(:delivery_option, options_for_select(select_delivery_options(@settings.delivery_options, environment)), 'data-profile-identifier' => @enterprise.identifier)) unless !@settings.delivery || (@settings.free_delivery_price && get_total(@cart[:items]) >= @settings.free_delivery_price) %>
+      <%= labelled_form_field(_('Payment'), select_tag('customer[payment]', options_for_select([[_("Money"), :money],[_('Check'), :check]]))) %>
+      <%= labelled_form_field(_('Change'), text_field_tag('customer[change]')) %>
+    </div>
+    <% if @settings.delivery %>
+      <fieldset><legend><%=_('Delivery Address')%></legend>
+        <%= labelled_form_field(_('Address (street and number)'), f.text_field(:address)) %>
+        <%= labelled_form_field(_('Address reference'), f.text_field(:address_reference)) %>
+        <%= labelled_form_field(_('District'), f.text_field(:district)) %>
+        <%= labelled_form_field( _("City"), f.text_field(:city)) %>
+        <%= labelled_form_field(_('ZIP code'), f.text_field(:zip_code)) %>
+      </fieldset>
+    <% end %>
+    <div id="cart-form-actions">
+      <%= submit_button(:send, _('Send buy request')) %>
+    </div>
+  <% end %>
+  <% delivery_option = @settings.delivery_options.first && @settings.delivery_options.first.first %>
+  <%= items_table(@cart[:items], @enterprise, delivery_option) %>
+  <%= link_to '', '#', :onclick => "Cart.colorbox_close(this);", :class => 'cart-box-close icon-cancel' %>
+</div>
+
+<%= javascript_include_tag '../plugins/shopping_cart/buy' %>
@@ -17,26 +17,35 @@
       <li><b><%= _('Full name') %>: </b><%= @customer[:name] %></li>
       <li><b><%= _('Email') %>: </b><%= @customer[:email] %></li>
       <li><b><%= _('Phone number') %>: </b><%= @customer[:contact_phone] %></li>
-      <% if !@customer[:address].blank? || !@customer[:city].blank? || !@customer[:zip_code].blank? %>
+      <li><b><%= _('Payment') %>: </b><%= @customer[:payment] == 'money' ? _('Money') : _('Check') %></li>
+      <% if @customer[:payment] == 'money' %>
+        <li><b><%= _('Change') %>: </b><%= @customer[:change] %></li>
+      <% end %>
+      <% if !@customer[:address].blank? || !@customer[:city].blank? || !@customer[:zip_code].blank? || !@customer[:district].blank? || !@customer[:address_reference].blank? %>
         <li><b><%= _('Address') %>:</b>
       <% end %>
       <% if !@customer[:address].blank? %>
         <%= @customer[:address] %><br \>
       <% end %>
+      <% if !@customer[:district].blank? %>
+        <%= @customer[:district] %><br \>
+      <% end %>
       <% if !@customer[:city].blank? %>
         <%= @customer[:city] %><br \>
       <% end %>
       <% if !@customer[:zip_code].blank? %>
         <%= @customer[:zip_code] %>
       <% end %>
-      <% if !@customer[:address].blank? || !@customer[:city].blank? || !@customer[:zip_code].blank? %>
+      <% if !@customer[:address_reference].blank? %>
+        <%= @customer[:address_reference] %><br \>
+      <% end %>
+      <% if !@customer[:address].blank? || !@customer[:city].blank? || !@customer[:zip_code].blank? || !@customer[:district].blank? || !@customer[:address_reference].blank? %>
         </li>
       <% end %>
     </ul>
  
     <p><%=_('Here are the products you bought:')%></p>
-    <%= items_table(@items, @supplier, true) %>
-
+    <%= @helper.items_table(@items, @supplier, @delivery_option, true) %>
     <p>
       --<br/>
       <%=_('Thanks for buying with us!')%><br/>
@@ -15,26 +15,35 @@
       <li><b><%= _('Full name') %>: </b><%= @customer[:name] %></li>
       <li><b><%= _('Email') %>: </b><%= @customer[:email] %></li>
       <li><b><%= _('Phone number') %>: </b><%= @customer[:contact_phone] %></li>
-      <% if !@customer[:address].blank? || !@customer[:city].blank? || !@customer[:zip_code].blank? %>
+      <li><b><%= _('Payment') %>: </b><%= @customer[:payment] == 'money' ? _('Money') : _('Check') %></li>
+      <% if @customer[:payment] == 'money' %>
+        <li><b><%= _('Change') %>: </b><%= @customer[:change] %></li>
+      <% end %>
+      <% if !@customer[:address].blank? || !@customer[:city].blank? || !@customer[:zip_code].blank? || !@customer[:district].blank? || !@customer[:address_reference].blank? %>
         <li><b><%= _('Address') %>:</b>
       <% end %>
       <% if !@customer[:address].blank? %>
         <%= @customer[:address] %><br \>
       <% end %>
+      <% if !@customer[:district].blank? %>
+        <%= @customer[:district] %><br \>
+      <% end %>
       <% if !@customer[:city].blank? %>
         <%= @customer[:city] %><br \>
       <% end %>
       <% if !@customer[:zip_code].blank? %>
         <%= @customer[:zip_code] %>
       <% end %>
-      <% if !@customer[:address].blank? || !@customer[:city].blank? || !@customer[:zip_code].blank? %>
+      <% if !@customer[:address_reference].blank? %>
+        <%= @customer[:address_reference] %><br \>
+      <% end %>
+      <% if !@customer[:address].blank? || !@customer[:city].blank? || !@customer[:zip_code].blank? || !@customer[:district].blank? || !@customer[:address_reference].blank? %>
         </li>
       <% end %>
     </ul>
  
     <p><%=_('And here are the items bought by this customer:')%></p>
-    <%= items_table(@items, @supplier, true) %>
-
+    <%= @helper.items_table(@items, @supplier, @delivery_option, true) %>
     <p>
       --<br/>
       <%=_('If there are any problems with this email contact the admin of %s.') % @environment.name %>
@@ -0,0 +1 @@
+<%= _("Request sent successfully check your email.")%>
@@ -32,7 +32,9 @@
         <td class="order-info" colspan="5">
           <div style="display:none">
             <ul class="customer-details">
-              <% { 'name' =>_('Name'), 'email' => _('E-mail'), 'contact_phone' => _('Contact phone'), 'address' => _('Address'), 'city' => _('City'), 'zip_code' => _('Zip code')}.each do |attribute, name| %>
+              <% [['name', _('Name')], ['email', _('E-mail')], ['contact_phone', _('Contact phone')], ['address', _('Address')], ['district', _('District')], ['city', _('City')], ['zip_code', _('Zip code')], ['delivery_option', _('Delivery option')], ['payment', _('Payment')], ['change', _('Change')]].each do |field| %>
+                <% attribute = field.first %>
+                <% name = field.last %>
                 <%= content_tag('li', content_tag('strong', name+': ') + order.send('customer_'+attribute)) if !order.send('customer_'+attribute).blank? %>
               <% end %>
             </ul>
...	...	@@ -6,45 +6,144 @@ noosfero, that's not a problem).
6	6	Developers
7	7	==========
8	8
	9	+Alan Freihof Tygel <alantygel@gmail.com>
	10	+Alessandro Palmeira <alessandro.palmeira@gmail.com>
	11	+Alessandro Palmeira + Caio C. Salgado <alessandro.palmeira@gmail.com>
	12	+Alessandro Palmeira + Caio Salgado <alessandro.palmeira@gmail.com>
	13	+Alessandro Palmeira + Caio Salgado <caio.csalgado@gmail.com>
	14	+Alessandro Palmeira + Caio Salgado + Diego Araújo + João M. M. da Silva <diegoamc90@gmail.com>
	15	+Alessandro Palmeira + Carlos Morais <alessandro.palmeira@gmail.com>
	16	+Alessandro Palmeira + Diego Araújo <alessandro.palmeira@gmail.com>
	17	+Alessandro Palmeira + Diego Araújo <diegoamc90@gmail.com>
	18	+Alessandro Palmeira + Diego Araújo + Pedro Leal <diegoamc90@gmail.com>
	19	+Alessandro Palmeira + Diego Araújo + Pedro Leal + João M. M. da Silva <diegoamc90@gmail.com>
	20	+Alessandro Palmeira + Diego Araujo + Rafael Manzo <alessandro.palmeira@gmail.com>
	21	+Alessandro Palmeira + Jefferson Fernandes <alessandro.palmeira@gmail.com>
	22	+Alessandro Palmeira + João M. M. da Silva <alessandro.palmeira@gmail.com>
	23	+Alessandro Palmeira + João M. M. da Silva + Renan Teruo <alessandro.palmeira@gmail.com>
	24	+Alessandro Palmeira + João M. M. Silva <alessandro.palmeira@gmail.com>
	25	+Alessandro Palmeira + Paulo Meirelles <alessandro.palmeira@gmail.com>
	26	+Alessandro Palmeira + Rafael Manzo <alessandro.palmeira@gmail.com>
9	27	Antonio Terceiro + Carlos Morais <terceiro@colivre.coop.br>
10	28	Antonio Terceiro + Paulo Meirelles <terceiro@colivre.coop.br>
11	29	Antonio Terceiro <terceiro@colivre.coop.br>
12	30	Aurelio A. Heckert <aurelio@colivre.coop.br>
13	31	Braulio Bhavamitra <brauliobo@gmail.com>
14	32	Bráulio Bhavamitra <brauliobo@gmail.com>
	33	+Caio <caio.csalgado@gmail.com>
	34	+Caio + Diego + Pedro + João <caio.csalgado@gmail.com>
	35	+Caio, Pedro <caio.csalgado@gmail.com>
	36	+Caio Salgado + Alessandro Palmeira <caio.csalgado@gmail.com>
	37	+Caio Salgado <caio.csalgado@gmail.com>
	38	+Caio Salgado + Carlos Morais + Diego Araújo + Pedro Leal <diegoamc90@gmail.com>
	39	+Caio Salgado + Diego Araujo <caio.csalgado@gmail.com>
	40	+Caio Salgado + Diego Araújo <caio.csalgado@gmail.com>
	41	+Caio Salgado + Diego Araújo <diegoamc90@gmail.com>
	42	+Caio Salgado + Diego Araújo + Jefferson Fernandes <caio.csalgado@gmail.com>
	43	+Caio Salgado + Diego Araújo + João M. M. da Silva <caio.csalgado@gmail.com>
	44	+Caio Salgado + Diego Araújo + Pedro Leal <caio.csalgado@gmail.com>
	45	+Caio Salgado + Diego Araújo + Pedro Leal <diegoamc90@gmail.com>
	46	+Caio Salgado + Diego Araújo + Rafael Manzo <diegoamc90@gmail.com>
	47	+Caio Salgado + Jefferson Fernandes <caio.csalgado@gmail.com>
	48	+Caio Salgado + Jefferson Fernandes <jeffs.fernandes@gmail.com>
	49	+Caio Salgado + Rafael Manzo <caio.csalgado@gmail.com>
	50	+Caio Salgado + Renan Teruo <caio.csalgado@gmail.com>
	51	+Caio Salgado + Renan Teruo <caio.salgado@gmail.com>
	52	+Caio Salgado + Renan Teruo + Jefferson Fernandes <jeffs.fernandes@gmail.com>
	53	+Caio Salgado + Renan Teruo <renanteruoc@gmail.com>
15	54	Caio SBA <caio@colivre.coop.br>
16	55	Carlos Morais <carlos88morais@gmail.com>
17	56	Carlos Morais + Diego Araújo <diegoamc90@gmail.com>
	57	+Carlos Morais + Eduardo Morais <carlos88morais@gmail.com>
18	58	Carlos Morais + Paulo Meirelles <carlos88morais@gmail.com>
	59	+Carlos Morais + Pedro Leal <carlos88morais@gmail.com>
19	60	Daniela Soares Feitosa <danielafeitosa@colivre.coop.br>
20	61	Daniel Cunha <daniel@colivre.coop.br>
	62	+diegoamc <diegoamc90@gmail.com>
	63	+Diego Araújo + Alessandro Palmeira <diegoamc90@gmail.com>
	64	+Diego Araujo + Caio Salgado <diegoamc90@gmail.com>
21	65	Diego Araújo <diegoamc90@gmail.com>
	66	+Diego Araújo + Jefferson Fernandes <diegoamc90@gmail.com>
	67	+Diego Araujo + Jefferson Fernandes <jeffs.fernandes@gmail.com>
	68	+Diego Araújo + João Machini <diegoamc90@gmail.com>
	69	+Diego Araújo + João Machini <digoamc90@gmail.com>
22	70	Diego Araújo + João M. M. da Silva <diegoamc90@gmail.com>
	71	+Diego Araújo + João M. M. da Silva + João Machini <diegoamc90@gmail.com>
	72	+Diego Araújo + João M. M. da Silva + Pedro Leal <diegoamc90@gmail.com>
	73	+Diego Araújo + Paulo Meirelles <diegoamc90@gmail.com>
	74	+Diego Araújo + Pedro Leal <diegoamc90@gmail.com>
	75	+Diego Araújo + Rafael Manzo <diegoamc90@gmail.com>
	76	+Diego Araújo + Renan Teruo + Alessandro Palmeira <diegoamc90@gmail.com>
	77	+Diego Araújo + Renan Teruo <diegoamc90@gmail.com>
	78	+Diego + Jefferson <diegoamc90@gmail.com>
	79	+Diego Martinez <diegoamc90@gmail.com>
	80	+Diego + Renan <renanteruoc@gmail.com>
23	81	Fernanda Lopes <nanda.listas+psl@gmail.com>
24	82	Grazieno Pellegrino <grazieno@gmail.com>
25	83	Isaac Canan <isaac@intelletto.com.br>
26	84	Italo Valcy <italo@dcc.ufba.br>
	85	+Jefferson Fernandes + Diego Araujo + Rafael Manzo <jeffs.fernandes@gmail.com>
	86	+Jefferson Fernandes + Joao M. M. da Silva <jeffs.fernandes@gmail.com>
	87	+Jefferson Fernandes + Joao M. M. Silva <jeffs.fernandes@gmail.com>
27	88	João da Silva <jaodsilv@linux.ime.usp.br>
	89	+João Marco Maciel da Silva + Rafael Manzo + Renan Teruo <jaodsilv@linux.ime.usp.br>
	90	+João M. M. da Silva + Alessandro Palmeira + Diego Araújo + Caio Salgado <jaodsilv@linux.ime.usp.br>
	91	+João M. M. da Silva + Alessandro Palmeira + Diego Araújo <jaodsilv@linux.ime.usp.br>
	92	+João M. M. da Silva + Alessandro Palmeira <jaodsilv@linux.ime.usp.br>
	93	+João M. M. da Silva + Alessandro Palmeira + João Machini <jaodsilv@linux.ime.usp.br>
	94	+João M. M. da Silva + Caio Salgado + Alessandro Palmeira <jaodsilv@linux.ime.usp.br>
	95	+João M. M. da Silva + Caio Salgado <jaodsilv@linux.ime.usp.br>
28	96	João M. M. da Silva + Carlos Morais <jaodsilv@linux.ime.usp.br>
29	97	João M. M. da Silva + Diego Araújo <diegoamc90@gmail.com>
30	98	João M. M. da Silva + Diego Araújo <jaodsilv@linux.ime.usp.br>
	99	+João M. M. da Silva + Diego Araújo + Pedro Leal <jaodsilv@linux.ime.usp.br>
	100	+João M. M. da Silva <jaodsilv@linux.ime.usp.br>
	101	+Joao M. M. da Silva + Jefferson Fernandes <jaodsilv@linux.ime.usp.br>
	102	+João M. M. da Silva + Jefferson Fernandes <jaodsilv@linux.ime.usp.br>
	103	+João M. M. da Silva + João M. Miranda <jaodsilv@linux.ime.usp.br>
31	104	João M. M. da Silva + Paulo Meirelles <jaodsilv@linux.ime.usp.br>
	105	+João M. M. da Silva + Pedro Leal <jaodsilv@linux.ime.usp.br>
	106	+João M. M. da Silva + Rafael Manzo + Diego Araújo <jaodsilv@linux.ime.usp.br>
	107	+João M. M. da Silva + Rafael Manzo <jaodsilv@linux.ime.usp.br>
	108	+João M. M. da Silva + Renan Teruo <jaodsilv@linux.ime.usp.br>
	109	+João M. M. Silva + Caio Salgado <jaodsilv@linux.ime.usp.br>
	110	+João M. M. Silva + Diego Araújo <jaodsilv@linux.ime.usp.br>
	111	+Joao M. M. Silva + Jefferson Fernandes <jaodsilv@linux.ime.usp.br>
	112	+João M. M. Silva + Paulo Meirelles <jaodsilv@linux.ime.usp.br>
	113	+João M. M. Silva + Rafael Manzo <jaodsilv@linux.ime.usp.br>
	114	+João M. M. Silva + Renan Teruo <jaodsilv@linux.ime.usp.br>
32	115	Joenio Costa <joenio@colivre.coop.br>
33	116	Josef Spillner <josef.spillner@tu-dresden.de>
34	117	Keilla Menezes <keilla@colivre.coop.br>
35	118	Larissa Reis <larissa@colivre.coop.br>
36	119	Larissa Reis <reiss.larissa@gmail.com>
37	120	Leandro Nunes dos Santos <leandronunes@gmail.com>
	121	+Leandro Nunes dos Santos <leandro.santos@serpro.gov.br>
38	122	LinguÁgil 2010 <linguagil.bahia@gmail.com>
	123	+Luis David Aguilar Carlos <ludwig9003@gmail.com>
39	124	Martín Olivera <molivera@solar.org.ar>
40	125	Moises Machado <moises@colivre.coop.br>
41	126	Nanda Lopes <nanda.listas+psl@gmail.com>
	127	+Paulo Meirelles + Alessandro Palmeira <paulo@softwarelivre.org>
42	128	Paulo Meirelles + Carlos Morais <paulo@softwarelivre.org>
	129	+Paulo Meirelles + Diego Araújo <paulo@softwarelivre.org>
	130	+Paulo Meirelles + João M. M. da Silva <paulo@softwarelivre.org>
43	131	Paulo Meirelles <paulo@softwarelivre.org>
44	132	Rafael Gomes <rafaelgomes@techfree.com.br>
	133	+Rafael Manzo + João M. M. Silva <rr.manzo@gmail.com>
45	134	Rafael Martins <rmmartins@gmail.com>
	135	+Rafael Reggiani Manzo + Caio Salgado + Jefferson Fernandes <rr.manzo@gmail.com>
	136	+Rafael Reggiani Manzo + Diego Araujo <diegoamc90@gmail.com>
	137	+Rafael Reggiani Manzo + Diego Araujo <rr.manzo@gmail.com>
	138	+Rafael Reggiani Manzo <rr.manzo@gmail.com>
46	139	Raphaël Rousseau <raph@r4f.org>
47	140	Raquel Lira <raquel.lira@gmail.com>
	141	+Renan Teruo + Caio Salgado <renanteruoc@gmail.com>
	142	+Renan Teruoc + Diego Araujo <renanteruoc@gmail.com>
	143	+Renan Teruo + Diego Araujo <renanteruoc@gmail.com>
	144	+Renan Teruo + Diego Araújo <renanteruoc@gmail.com>
	145	+Renan Teruo + Paulo Meirelles <renanteruoc@gmail.com>
	146	+Renan Teruo + Rafael Manzo <renanteruoc@gmail.com>
48	147	Rodrigo Souto <rodrigo@colivre.coop.br>
49	148	Ronny Kursawe <kursawe.ronny@googlemail.com>
50	149	Samuel R. C. Vale <srcvale@holoscopio.com>
...	...
1	1	= Noosfero instructions for developers
2	2
3		-This document provides useful information to those who want to help with
4		-Noosfero development.
	3	+== A work about your the development platform
5	4
6		-== Requirements for development
	5	+These instructions are tested and known to work on Debian stable, which is the
	6	+system that the Noosfero core developers use to work on Noosfero.
7	7
8		-First, install all requirements listed in INSTALL. Note that you do not need to
9		-follow all the steps described there, you only need to install the packages
10		-listed in the "Requirements" section.
	8	+If you want to use another OS, read "Instructions for other systems" below.
11	9
12		-After installing the requirements listed in INSTALL, you need to install some
13		-packages be able to run Noosfero tests. On Debian GNU/Linux and Debian-based
14		-systems, you install them with the following command:
	10	+== Instructions for Debian stable
15	11
16		- # apt-get install libtidy-ruby libhpricot-ruby libmocha-ruby imagemagick po4a xvfb libxml2-dev libxslt-dev
	12	+Download the source code:
17	13
18		-On other systems, they may or may not be available through your regular package
19		-management system. Below are the links to their homepages.
	14	+ $ git clone git://gitorious.org/noosfero/noosfero.git
	15	+ $ cd noosfero
20	16
21		-* Mocha: http://mocha.rubyforge.org/
22		-* Tidy: http://tidy.sourceforge.net/
23		-* Hpricot: http://github.com/whymirror/hpricot
24		-* Imagemagick: http://wwwimagemagick.org/
25		-* po4a: http://po4a.alioth.debian.org/
26		-* xvfb: http://packages.debian.org/lenny/xvfb
27		-* Libxml2: http://xmlsoft.org/
28		-* Libxslt: http://xmlsoft.org/xslt
	17	+Run the quick start script:
29	18
30		-== Boostraping a development/test environment
	19	+ $ ./script/quick-start
31	20
32		-You can copy and paste the commands below into a terminal (please review the
33		-commands and make sure you understand what you are doing):
	21	+Now you can execute the development server with:
34	22
35		- # checkout the code from repository
36		- git clone git://gitorious.org/noosfero/noosfero.git
37		- # enter the directory
38		- cd noosfero
39		- # copy a sample config file
40		- cp config/database.yml.sqlite3 config/database.yml
41		- # create tmp directory if it doesn't exist
42		- mkdir tmp
43		- # start Solr
44		- rake solr:start
45		- # create the development database
46		- rake db:schema:load
47		- # run pending migrations
48		- rake db:migrate
49		- # compile translations:
50		- rake makemo
51		- # create some test data:
52		- ./script/sample-data
53		- # install latest requirements for running tests
54		- RAILS_ENV=cucumber rake gems:install
55		- RAILS_ENV=test rake gems:install
56		- # run the automated test suite to make sure your environment is sane:
57		- rake test
	23	+ $ ./script/development
58	24
59		-You should now be ready to go. Issue the following command to start the Rails
60		-development server:
	25	+You will be able to access Noosfero at http://localhost:3000/
61	26
62		- ./script/server
	27	+If you want to use a different port than 3000, pass `-p <PORT>` to
	28	+./script/development
63	29
64		-The server will be available at http://localhost:3000/ . If you want to use
65		-another port than 3000, you can use the -p option of ./script/server:
	30	+== Instructions for other systems
66	31
67		- ./script/server -p 9999
	32	+On other OS, you have 2 options:
68	33
69		-The above command makes the server available at http://localhost:9999/
	34	+1) using a chroot or a VM with Debian stable (easier)
70	35
71		-The sample-data data scripts creates two administrator users with login "ze" and
72		-password "test" and login "adminuser" and password "admin".
	36	+Use a chroot (http://wiki.debian.org/Schroot) or a Virtual Machine (e.g. with
	37	+VirtualBox) with a Debian stable system and follow the instructions above for
	38	+Debian stable.
73	39
74		-Note that some operations, like generating image thumbnails, sending e-mails,
75		-etc, are done in background in the context of a service independent from the
76		-Rails application server. To have those tasks performed in a development
77		-environment, you must run the delayed_job server like this:
	40	+2) Installing dependencies on other OS (harder)
78	41
79		- ./script/delayed_job run
	42	+If you want to setup a development environment in another OS, you can create a
	43	+file under script/install-dependencies/, called <OS>-<CODENAME>.sh, which
	44	+installed the dependencies for your system. With this script in place,
	45	+./script/quick-start will call it at the point of installing the required
	46	+packages for Noosfero development.
80	47
81		-This will block your terminal. To stop the delayed_job server, hit Control-C.
	48	+You can check script/install-dependencies/debian-squeeze.sh to have an idea of
	49	+what kind of stuff that script has to do.
82	50
83		-== Enabling exceptions notification
84		-
85		-By default, exception notifications are disabled in development environment. If
86		-you want to enable it then you need to change some files:
87		-
88		-1) Add in config/environments/development.rb:
89		- config.action_controller.consider_all_requests_local = false
90		-
91		-2) Add in app/controller/application.rb:
92		- local_addresses.clear
93		-
94		-3) Add in config/noosfero.yml at development section:
95		- exception_recipients: [admin@example.com]
96		-
97		-== Releasing and building Debian package
98		-
99		-See RELEASING file.
	51	+If you write such script for your own OS, please share it with us at the
	52	+development mailing list so that we can include it in the official repository.
	53	+This way other people using the same OS will have to put less effort to develop
	54	+Noosfero.
...	...
1		-= Noosfero installation instructions
	1	+= Noosfero installation instructions from source for production environments
2	2
3		-Noosfero is written in Ruby with the "Rails framework":http://www.rubyonrails.org,
4		-so the process of setting it up is pretty similar to other Rails applications.
	3	+The instructions below can be used for setting up a Noosfero production
	4	+environment from the Noosfero sources.
5	5
6		-Below we have the instructions for installing Noosfero dependencies and setting
7		-up a production environment. If you have problems with the setup, please feel
8		-free to ask questions in the development mailing list.
	6	+Before you start installing Noosfero manually, see the information about the
	7	+Noosfero Debian package at http://noosfero.org/Development/DebianPackage. Using
	8	+the Debian packages on a Debian stable system is the recommended method for
	9	+installing production environments.
	10	+
	11	+If you want to setup a development environment instead of a production one,
	12	+stop reading this file right now and read the file HACKING instead.
	13	+
	14	+For a complete installation guide, please see the following web page:
	15	+http://noosfero.org/Development/HowToInstall
	16	+
	17	+If you have problems with the setup, please feel free to ask questions in the
	18	+development mailing list.
9	19
10	20	== Requirements
11	21
	22	+DISCLAIMER: this installation procedure is tested with Debian stable, which is
	23	+currently the only recommended operating system for production usage. It is
	24	+possible that you can install it on other systems, and if you do so, please
	25	+report it on one of the Noosfero mailing lists, and please send a patch
	26	+updating these instructions.
	27	+
	28	+Noosfero is written in Ruby with the "Rails
	29	+framework":http://www.rubyonrails.org, so the process of setting it up is
	30	+pretty similar to other Rails applications.
	31	+
12	32	You need to install some packages Noosfero depends on. On Debian GNU/Linux or
13	33	Debian-based systems, all of these packages are available through the Debian
14	34	archive. You can install them with the following command:
...	...	@@ -38,21 +58,9 @@ If you manage to install Noosfero successfully on other systems than Debian,
38	58	please feel free to contact the Noosfero development mailing with the
39	59	instructions for doing so, and we'll include it here.
40	60
41		-=== Setting up a production environment
42		-
43		-DISCLAIMER: this installation procedure is tested with Debian stable, which is
44		-currently the only recommended operating system for production usage. It is
45		-possible that you can install it on other systems, and if you do so, please
46		-report it on one of the Noosfero mailing lists, and please send a patch
47		-updating these instructions.
48		-
49	61	As root user
50	62	============
51	63
52		-NOTE: these instructions are for seting up a production environment. If you
53		-are going to do Noosfero development, you don't need to do these steps. Stop
54		-here and see the HACKING file instead.
55		-
56	64	Install memcached. On Debian:
57	65
58	66	# apt-get install memcached
...	...	@@ -96,11 +104,11 @@ $ git checkout -b stable origin/stable
96	104	downloading tarball
97	105	-------------------
98	106
99		-Note: replace 0.35.0 below from the latest stable version.
	107	+Note: replace 0.39.0 below from the latest stable version.
100	108
101		-$ wget http://noosfero.org/pub/Development/NoosferoVersion00x35x00/noosfero-0.35.0.tar.gz
102		-$ tar -zxvf noosfero-0.35.0.tar.gz
103		-$ ln -s noosfero-0.35.0 current
	109	+$ wget http://noosfero.org/pub/Development/NoosferoVersion00x39x00/noosfero-0.39.0.tar.gz
	110	+$ tar -zxvf noosfero-0.39.0.tar.gz
	111	+$ ln -s noosfero-0.39.0 current
104	112	$ cd current
105	113
106	114	Copy config/solr.yml.dist to config/solr.yml. You will
...	...	@@ -108,7 +116,7 @@ probably not need to customize this configuration, but have a look at it.
108	116
109	117	Create the thin configuration file:
110	118
111		-$ thin -C config/thin.yml config
	119	+$ thin -C config/thin.yml -e production config
112	120
113	121	Edit config/thin.yml to suit your needs. Make sure your apache
114	122	configuration matches the thin cluster configuration, specially in respect
...	...	@@ -147,48 +155,7 @@ Restart postgresql:
147	155
148	156	Noosfero needs a functional e-mail setup to work: the local mail system should
149	157	be able to deliver e-mail to the internet, either directly or through an
150		-external SMTP server.
151		-
152		-If you know mail systems well, you just need to make sure thet the local MTA,
153		-listening on localhost:25, is able to deliver e-mails to the internet. Any mail
154		-server will do it.
155		-
156		-If you are not a mail specialist, we suggest that you use the Postfix mail
157		-server, since it is easy to configure and very reliable. Just follow the
158		-instructions below.
159		-
160		-To install Postfix:
161		-
162		-# apt-get install postfix
163		-
164		-During the installation process, you will be asked a few questions. Your answer
165		-to them will vary in 2 cases:
166		-
167		-Case 1: you can send e-mails directly to the internet. This will be the case
168		-for most commercial private servers. Your answers should be:
169		-
170		- General type of mail configuration: Internet site
171		- System mail name: the name of your domain, e.g. "mysocialnetwork.com"
172		-
173		-Case 2: you cannot, or don't want to, send e-mail directly to the internet.
174		-This happens for example if your server is not allowed to make outbound
175		-connections on port 25, or if you want to concentrate all your outbound mail
176		-through a single SMTP server. Your answers in this case should be:
177		-
178		- General type of mail configuration: Internet with smarthost
179		- System mail name: the name of your domain, e.g. "mysocialnetwork.com"
180		- SMTP relay host: smtp.yourprovider.com
181		-
182		-Note that smtp.yourprovider.com must allow your server to deliver e-mails
183		-through it. You should probably ask your servive provider about this.
184		-
185		-There is another possibility: if you are installing on a shared server, and
186		-don't have permission to configure the local MTA, you can instruct Noosfero to
187		-send e-mails directly through an external server. Please note that this should
188		-be your last option, since contacting an external SMTP server directly may slow
189		-down your Noosfero application server. To configure Noosfero to send e-mails
190		-through an external SMTP server, follow the instructions on
191		-http://noosfero.org/Development/SMTPMailSending
	158	+external SMTP server. Please check the documentation at the INSTALL.email file.
192	159
193	160	As noosfero user
194	161	================
...	...	@@ -220,19 +187,6 @@ $ ./script/dbconsole production
220	187	If it connects to your database, then everything is fine. If you got an error
221	188	message, then you have to check your database configuration.
222	189
223		-Installing gem rack
224		-===================
225		-
226		-This gem is required if you want to run Mezuro plugin.
227		-
228		-Install RubyGem Rack 1.0.1.
229		-Others versions may not be compatible with Noosfero:
230		-
231		-# gem install rack -v 1.0.1
232		-
233		-As noosfero user
234		-================
235		-
236	190	Create the database structure:
237	191
238	192	$ RAILS_ENV=production rake db:schema:load
...	...	@@ -245,7 +199,7 @@ Run Solr:
245	199
246	200	$ rake solr:start
247	201
248		-Now we have to create some initial data. To create your default environment
	202	+Now we must create some initial data. To create your default environment
249	203	(the first one), run the command below:
250	204
251	205	$ RAILS_ENV=production ./script/runner 'Environment.create!(:name => "My environment", :is_default => true)'
...	...	@@ -261,10 +215,10 @@ $ RAILS_ENV=production ./script/runner "Environment.default.domains << Domain.ne
261	215
262	216	Add at least one user as admin of environment:
263	217
264		-$ RAILS_ENV=production ./script/runner "User.create(:login => 'adminuser', :email => 'admin@example.com', :password => 'admin', :password_confirmation => 'admin', :environment => Environment.default)"
	218	+$ RAILS_ENV=production ./script/runner "User.create(:login => 'adminuser', :email => 'admin@example.com', :password => 'admin', :password_confirmation => 'admin', :environment => Environment.default, :activated_at => Time.new)"
265	219
266	220	(replace "adminuser", "admin@example.com", "admin" with the login, email
267		-and password of your environment admin)
	221	+and password of your environment administrator)
268	222
269	223	To start the Noosfero application servers:
270	224
...	...	@@ -274,23 +228,6 @@ At this point you have a functional Noosfero installation running, the only
274	228	thing left is to configure your webserver as a reverse proxy to pass requests
275	229	to them.
276	230
277		-Enabling exception notifications
278		-================================
279		-
280		-This is an optional step. You will need it only if you want to receive e-mail
281		-notifications when some exception occurs on Noosfero.
282		-
283		-First, install this version of the gem.
284		-Others versions may not be compatible with Noosfero:
285		-
286		-# gem install exception_notification -v 1.0.20090728
287		-
288		-You can configure the e-mails that will receive the notifications.
289		-Change the file config/noosfero.yml as the following example, replacing the
290		-e-mails by real ones:
291		-
292		- production:
293		- exception_recipients: [admin@example.com, you@example.com]
294	231
295	232	==================
296	233	Apache instalation
...	...	@@ -384,6 +321,26 @@ Now restart your apache server (as root):
384	321
385	322	# invoke-rc.d apache2 restart
386	323
	324	+
	325	+Enabling exception notifications
	326	+================================
	327	+
	328	+This is an optional step. You will need it only if you want to receive e-mail
	329	+notifications when some exception occurs on Noosfero.
	330	+
	331	+First, install this version of the gem.
	332	+Others versions may not be compatible with Noosfero:
	333	+
	334	+# gem install exception_notification -v 1.0.20090728
	335	+
	336	+You can configure the e-mails that will receive the notifications.
	337	+Change the file config/noosfero.yml as the following example, replacing the
	338	+e-mails by real ones:
	339	+
	340	+ production:
	341	+ exception_recipients: [admin@example.com, you@example.com]
	342	+
	343	+
387	344	============
388	345	Maintainance
389	346	============
...	...
...	...	@@ -0,0 +1,43 @@
	1	+= Noosfero email setup
	2	+
	3	+If you know mail systems well, you just need to make sure that the local MTA,
	4	+listening on localhost:25, is able to deliver e-mails to the internet. Any mail
	5	+server will do it. You can stop reading now.
	6	+
	7	+If you are not an email specialist, then follow the instructions below. We
	8	+suggest that you use the Postfix mail server, since it is easy to configure and
	9	+very reliable. Just follow the instructions below.
	10	+
	11	+To install Postfix:
	12	+
	13	+# apt-get install postfix
	14	+
	15	+During the installation process, you will be asked a few questions. Your answer
	16	+to them will vary in 2 cases:
	17	+
	18	+Case 1: you can send e-mails directly to the internet. This will be the case
	19	+for most commercial private servers. Your answers should be:
	20	+
	21	+ General type of mail configuration: Internet site
	22	+ System mail name: the name of your domain, e.g. "mysocialnetwork.com"
	23	+
	24	+Case 2: you cannot, or don't want to, send e-mail directly to the internet.
	25	+This happens for example if your server is not allowed to make outbound
	26	+connections on port 25, or if you want to concentrate all your outbound mail
	27	+through a single SMTP server. Your answers in this case should be:
	28	+
	29	+ General type of mail configuration: Internet with smarthost
	30	+ System mail name: the name of your domain, e.g. "mysocialnetwork.com"
	31	+ SMTP relay host: smtp.yourprovider.com
	32	+
	33	+Note that smtp.yourprovider.com must allow your server to deliver e-mails
	34	+through it. You should probably ask your servive provider about this.
	35	+
	36	+There is another possibility: if you are installing on a shared server, and
	37	+don't have permission to configure the local MTA, you can instruct Noosfero to
	38	+send e-mails directly through an external server. Please note that this should
	39	+be your last option, since contacting an external SMTP server directly may slow
	40	+down your Noosfero application server. To configure Noosfero to send e-mails
	41	+through an external SMTP server, follow the instructions on
	42	+http://noosfero.org/Development/SMTPMailSending
	43	+
...	...
...	...	@@ -5,75 +5,63 @@ recommended. See http://www.varnish-cache.org/ for more information on Varnish.
5	5
6	6	Varnish can be set up to use with Noosfero with the following steps:
7	7
8		-1) setup Noosfero with apache according to the INSTALL file.
	8	+1) setup Noosfero with apache according to the INSTALL file. If you used the
	9	+Debian package to install noosfero, you don't need to do anything about this.
9	10
10	11	2) install Varnish
11	12
12	13	# apt-get install varnish
13	14
14		-Noosfero was tested with Varnish 2.x. If you are using a Debian Lenny (and you
15		-should, unless Debian already released Squeeze by now), make sure you install
16		-varnish from the lenny-backports suite.
17		-
18	15	Install the RPAF apache module (or skip this step if not using apache):
19	16
20	17	# apt-get install libapache2-mod-rpaf
21	18
22		-3) Enable varnish logging:
23		-
24		-3a) Edit /etc/default/varnishncsa and uncomment the line that contains:
25		-
26		-VARNISHNCSA_ENABLED=1
27		-
28		-The varnish log will be written to /var/log/varnish/varnishncsa.log in an
29		-apache-compatible format. You should change your statistics generation software
30		-(e.g. awstats) to use that instead of apache logs.
31		-
32		-3b) Restart Varnish Logging service
33		-
34		- # invoke-rc.d varnishncsa start
35		-
36		-4) Change Apache to listen on port 8080 instead of 80
	19	+3) Change Apache to listen on port 8080 instead of 80
37	20
38		-4a) Edit /etc/apache2/ports.conf, and:
	21	+3a) Edit /etc/apache2/ports.conf, and:
39	22
40		- * change 'Listen 80' to 'Listen 127.0.0.1:8080'
41	23	* change 'NameVirtualHost :80' to 'NameVirtualHost :8080'
	24	+ * change 'Listen 80' to 'Listen 127.0.0.1:8080'
42	25
43		-4b) Edit /etc/apache2/sites-enabled/, and change '<VirtualHost :80>' to '<VirtualHost *:8080>'
	26	+3b) Edit /etc/apache2/sites-enabled/, and change '<VirtualHost :80>' to
	27	+'<VirtualHost *:8080>'
44	28
45		-4c) Restart apache
	29	+3c) Restart apache
46	30
47	31	# invoke-rc.d apache2 restart
48	32
49		-5) Change Varnish to listen on port 80
	33	+4) Varnish configuration
50	34
51		-5a) Edit /etc/default/varnish and change '-a :6081' to '-a :80'
	35	+4a) Edit /etc/default/varnish
52	36
53		-5b) Restart Varnish
	37	+ * change the line that says "START=no" to say "START=yes"
	38	+ * change '-a :6081' to '-a :80'
54	39
55		- # invoke-rc.d varnish restart
	40	+4b) Edit /etc/varnish/default.vcl and add the following lines at the end:
56	41
57		-6) Configure varnish to fit noosfero
58		-(assuming Noosfero is installed in /var/lib/noosfero)
	42	+ include "/etc/noosfero/varnish-noosfero.vcl";
	43	+ include "/etc/noosfero/varnish-accept-language.vcl";
59	44
60		-6a) Configure noosfero to do specific routines to varnish
	45	+On manual installations, change "/etc/noosfero/*" to
	46	+"{Rails.root}/etc/noosfero/*"
61	47
62		-Add the following line to your /etc/varnish/default.vcl file:
	48	+4c) Restart Varnish
63	49
64		- include "/var/lib/noosfero/etc/noosfero/varnish-noosfero.vcl";
	50	+ # invoke-rc.d varnish restart
65	51
66		-6b) Configure varnish to store separate caches for each language
	52	+5) Enable varnish logging:
67	53
68		-Add the following line to your /etc/varnish/default.vcl file:
	54	+5a) Edit /etc/default/varnishncsa and uncomment the line that contains:
69	55
70		- include "/var/lib/noosfero/etc/noosfero/varnish-accept-language.vcl";
	56	+VARNISHNCSA_ENABLED=1
71	57
72		-7) Restart Varnish
	58	+The varnish log will be written to /var/log/varnish/varnishncsa.log in an
	59	+apache-compatible format. You should change your statistics generation software
	60	+(e.g. awstats) to use that instead of apache logs.
73	61
74		- # invoke-rc.d varnish restart
	62	+5b) Restart Varnish Logging service
	63	+
	64	+ # invoke-rc.d varnishncsa restart
75	65
76	66	Thanks to Cosimo Streppone for varnish-accept-language. See
77	67	http://github.com/cosimo/varnish-accept-language for more information.
78		-
79		- -- Antonio Terceiro <terceiro@colivre.coop.br> Sat, 04 Sep 2010 17:29:27 -0300
...	...
...	...	@@ -16,7 +16,13 @@ class CmsController < MyProfileController
16	16
17	17	before_filter :login_required, :except => [:suggest_an_article]
18	18
19		- protect_if :except => [:suggest_an_article, :set_home_page, :edit, :destroy, :publish] do \|c, user, profile\|
	19	+ protect_if :only => :upload_files do \|c, user, profile\|
	20	+ article_id = c.params[:parent_id]
	21	+ (!article_id.blank? && profile.articles.find(article_id).allow_create?(user)) \|\|
	22	+ (user && (user.has_permission?('post_content', profile) \|\| user.has_permission?('publish_content', profile)))
	23	+ end
	24	+
	25	+ protect_if :except => [:suggest_an_article, :set_home_page, :edit, :destroy, :publish, :upload_files] do \|c, user, profile\|
20	26	user && (user.has_permission?('post_content', profile) \|\| user.has_permission?('publish_content', profile))
21	27	end
22	28
...	...	@@ -92,7 +98,7 @@ class CmsController < MyProfileController
92	98	@article_types = []
93	99	available_article_types.each do \|type\|
94	100	@article_types.push({
95		- :name => type.name,
	101	+ :class => type,
96	102	:short_description => type.short_description,
97	103	:description => type.description
98	104	})
...	...	@@ -154,7 +160,7 @@ class CmsController < MyProfileController
154	160	end
155	161	if request.post? && params[:uploaded_files]
156	162	params[:uploaded_files].each do \|file\|
157		- @uploaded_files << UploadedFile.create(:uploaded_data => file, :profile => profile, :parent => @parent) unless file == ''
	163	+ @uploaded_files << UploadedFile.create(:uploaded_data => file, :profile => profile, :parent => @parent, :last_changed_by => user) unless file == ''
158	164	end
159	165	@errors = @uploaded_files.select { \|f\| f.errors.any? }
160	166	if @errors.any?
...	...
...	...	@@ -9,7 +9,7 @@ class TasksController < MyProfileController
9	9	end
10	10
11	11	def processed
12		- @tasks = Task.to(profile).finished.sort_by(&:created_at)
	12	+ @tasks = Task.to(profile).closed.sort_by(&:created_at)
13	13	end
14	14
15	15	VALID_DECISIONS = [ 'finish', 'cancel', 'skip' ]
...	...
...	...	@@ -4,6 +4,7 @@ class AccountController < ApplicationController
4	4
5	5	before_filter :login_required, :only => [:activation_question, :accept_terms, :activate_enterprise]
6	6	before_filter :redirect_if_logged_in, :only => [:login, :signup]
	7	+ before_filter :protect_from_bots, :only => :signup
7	8
8	9	# say something nice, you goof! something sweet.
9	10	def index
...	...	@@ -55,6 +56,11 @@ class AccountController < ApplicationController
55	56	render :action => 'login', :layout => false
56	57	end
57	58
	59	+ def signup_time
	60	+ key = set_signup_start_time_for_now
	61	+ render :text => { :ok=>true, :key=>key }.to_json
	62	+ end
	63	+
58	64	# action to register an user to the application
59	65	def signup
60	66	if @plugins.dispatch(:allow_user_registration).include?(false)
...	...	@@ -62,6 +68,7 @@ class AccountController < ApplicationController
62	68	session[:notice] = _("This environment doesn't allow user registration.")
63	69	end
64	70
	71	+ @block_bot = !!session[:may_be_a_bot]
65	72	@invitation_code = params[:invitation_code]
66	73	begin
67	74	if params[:user]
...	...	@@ -76,19 +83,28 @@ class AccountController < ApplicationController
76	83	@person = Person.new(params[:profile_data])
77	84	@person.environment = @user.environment
78	85	if request.post?
79		- @user.signup!
80		- owner_role = Role.find_by_name('owner')
81		- @user.person.affiliate(@user.person, [owner_role]) if owner_role
82		- invitation = Task.find_by_code(@invitation_code)
83		- if invitation
84		- invitation.update_attributes!({:friend => @user.person})
85		- invitation.finish
86		- end
87		- if @user.activated?
88		- self.current_user = @user
89		- redirect_to '/'
	86	+ if may_be_a_bot
	87	+ set_signup_start_time_for_now
	88	+ @block_bot = true
	89	+ session[:may_be_a_bot] = true
90	90	else
91		- @register_pending = true
	91	+ if session[:may_be_a_bot]
	92	+ return false unless verify_recaptcha :model=>@user, :message=>_('Captcha (the human test)')
	93	+ end
	94	+ @user.signup!
	95	+ owner_role = Role.find_by_name('owner')
	96	+ @user.person.affiliate(@user.person, [owner_role]) if owner_role
	97	+ invitation = Task.find_by_code(@invitation_code)
	98	+ if invitation
	99	+ invitation.update_attributes!({:friend => @user.person})
	100	+ invitation.finish
	101	+ end
	102	+ if @user.activated?
	103	+ self.current_user = @user
	104	+ redirect_to '/'
	105	+ else
	106	+ @register_pending = true
	107	+ end
92	108	end
93	109	end
94	110	rescue ActiveRecord::RecordInvalid
...	...	@@ -97,6 +113,7 @@ class AccountController < ApplicationController
97	113	@person.errors.delete(:user_id)
98	114	render :action => 'signup'
99	115	end
	116	+ clear_signup_start_time
100	117	end
101	118
102	119	# action to perform logout from the application
...	...	@@ -271,7 +288,36 @@ class AccountController < ApplicationController
271	288	def no_redirect
272	289	@cannot_redirect = true
273	290	end
274		-
	291	+
	292	+ def set_signup_start_time_for_now
	293	+ key = 'signup_start_time_' + rand.to_s.split('.')[1]
	294	+ Rails.cache.write key, Time.now
	295	+ key
	296	+ end
	297	+
	298	+ def get_signup_start_time
	299	+ Rails.cache.read params[:signup_time_key]
	300	+ end
	301	+
	302	+ def clear_signup_start_time
	303	+ Rails.cache.delete params[:signup_time_key] if params[:signup_time_key]
	304	+ end
	305	+
	306	+ def may_be_a_bot
	307	+ # No minimum signup delay, no bot test.
	308	+ return false if environment.min_signup_delay == 0
	309	+
	310	+ # answering captcha, may be human!
	311	+ return false if params[:recaptcha_response_field]
	312	+
	313	+ # never set signup_time, hi wget!
	314	+ signup_start_time = get_signup_start_time
	315	+ return true if signup_start_time.nil?
	316	+
	317	+ # so fast, so bot.
	318	+ signup_start_time > ( Time.now - environment.min_signup_delay.seconds )
	319	+ end
	320	+
275	321	def check_answer
276	322	unless answer_correct
277	323	@enterprise.block
...	...
1	1	class CatalogController < PublicController
2	2	needs_profile
	3	+ no_design_blocks
3	4
4	5	before_filter :check_enterprise_and_environment
5	6
6	7	def index
7		- @products = @profile.products.paginate(:order => 'name asc', :per_page => 9, :page => params[:page])
	8	+ @category = params[:level] ? ProductCategory.find(params[:level]) : nil
	9	+ @products = @profile.products.from_category(@category).paginate(:order => 'available desc, highlighted desc, name asc', :per_page => 9, :page => params[:page])
	10	+ @categories = ProductCategory.on_level(params[:level])
8	11	end
9	12
10	13	protected
...	...
...	...	@@ -25,24 +25,26 @@ class ContentViewerController < ApplicationController
25	25	return
26	26	end
27	27	end
28		-
29		- # page not found, give error
30		- if @page.nil?
31		- render_not_found(@path)
32		- return
33		- end
34	28	end
35	29
36		- if !@page.display_to?(user)
37		- if profile.display_info_to?(user) \|\| !profile.visible?
38		- message = _('You are not allowed to view this content. You can contact the owner of this profile to request access then.')
	30	+ if !@page.nil? && !@page.display_to?(user)
	31	+ if !profile.public?
	32	+ private_profile_partial_parameters
	33	+ render :template => 'profile/_private_profile.rhtml', :status => 403
	34	+ else #if !profile.visible?
	35	+ message = _('You are not allowed to view this content.')
	36	+ message += ' ' + _('You can contact the owner of this profile to request access then.')
39	37	render_access_denied(message)
40		- elsif !profile.public?
41		- redirect_to :controller => 'profile', :action => 'index', :profile => profile.identifier
42	38	end
43	39	return
44	40	end
45	41
	42	+ # page not found, give error
	43	+ if @page.nil?
	44	+ render_not_found(@path)
	45	+ return
	46	+ end
	47	+
46	48	if request.xhr? && params[:toolbar]
47	49	render :partial => 'article_toolbar'
48	50	return
...	...