[Mezuro] Merge branch 'master' into mezuro

Paulo Meireles
2 parents 0e8830f9 1aeb0d56
Showing 195 changed files with 74645 additions and 67678 deletions Show diff stats
AUTHORS
HACKING
INSTALL
INSTALL.email
INSTALL.varnish
app/controllers/my_profile/cms_controller.rb
app/controllers/my_profile/tasks_controller.rb
app/controllers/public/account_controller.rb
app/controllers/public/catalog_controller.rb
app/controllers/public/content_viewer_controller.rb
app/controllers/public/profile_controller.rb
app/helpers/application_helper.rb
app/helpers/catalog_helper.rb
app/helpers/content_viewer_helper.rb
app/helpers/display_helper.rb
app/helpers/folder_helper.rb
app/helpers/forms_helper.rb
app/helpers/language_helper.rb
app/models/approve_article.rb
app/models/article.rb
@@ -6,45 +6,144 @@ noosfero, that&#39;s not a problem).
 Developers
 ==========
+Alan Freihof Tygel <alantygel@gmail.com>
+Alessandro Palmeira <alessandro.palmeira@gmail.com>
+Alessandro Palmeira + Caio C. Salgado <alessandro.palmeira@gmail.com>
+Alessandro Palmeira + Caio Salgado <alessandro.palmeira@gmail.com>
+Alessandro Palmeira + Caio Salgado <caio.csalgado@gmail.com>
+Alessandro Palmeira + Caio Salgado + Diego Araújo + João M. M. da Silva <diegoamc90@gmail.com>
+Alessandro Palmeira + Carlos Morais <alessandro.palmeira@gmail.com>
+Alessandro Palmeira + Diego Araújo <alessandro.palmeira@gmail.com>
+Alessandro Palmeira + Diego Araújo <diegoamc90@gmail.com>
+Alessandro Palmeira + Diego Araújo + Pedro Leal <diegoamc90@gmail.com>
+Alessandro Palmeira + Diego Araújo + Pedro Leal + João M. M. da Silva <diegoamc90@gmail.com>
+Alessandro Palmeira + Diego Araujo + Rafael Manzo <alessandro.palmeira@gmail.com>
+Alessandro Palmeira + Jefferson Fernandes <alessandro.palmeira@gmail.com>
+Alessandro Palmeira + João M. M. da Silva <alessandro.palmeira@gmail.com>
+Alessandro Palmeira + João M. M. da Silva + Renan Teruo <alessandro.palmeira@gmail.com>
+Alessandro Palmeira + João M. M. Silva <alessandro.palmeira@gmail.com>
+Alessandro Palmeira + Paulo Meirelles <alessandro.palmeira@gmail.com>
+Alessandro Palmeira + Rafael Manzo <alessandro.palmeira@gmail.com>
 Antonio Terceiro + Carlos Morais <terceiro@colivre.coop.br>
 Antonio Terceiro + Paulo Meirelles <terceiro@colivre.coop.br>
 Antonio Terceiro <terceiro@colivre.coop.br>
 Aurelio A. Heckert <aurelio@colivre.coop.br>
 Braulio Bhavamitra <brauliobo@gmail.com>
 Bráulio Bhavamitra <brauliobo@gmail.com>
+Caio <caio.csalgado@gmail.com>
+Caio + Diego + Pedro + João <caio.csalgado@gmail.com>
+Caio, Pedro <caio.csalgado@gmail.com>
+Caio Salgado + Alessandro Palmeira <caio.csalgado@gmail.com>
+Caio Salgado <caio.csalgado@gmail.com>
+Caio Salgado + Carlos Morais + Diego Araújo + Pedro Leal <diegoamc90@gmail.com>
+Caio Salgado + Diego Araujo <caio.csalgado@gmail.com>
+Caio Salgado + Diego Araújo <caio.csalgado@gmail.com>
+Caio Salgado + Diego Araújo <diegoamc90@gmail.com>
+Caio Salgado + Diego Araújo + Jefferson Fernandes <caio.csalgado@gmail.com>
+Caio Salgado + Diego Araújo + João M. M. da Silva <caio.csalgado@gmail.com>
+Caio Salgado + Diego Araújo + Pedro Leal <caio.csalgado@gmail.com>
+Caio Salgado + Diego Araújo + Pedro Leal <diegoamc90@gmail.com>
+Caio Salgado + Diego Araújo + Rafael Manzo <diegoamc90@gmail.com>
+Caio Salgado + Jefferson Fernandes <caio.csalgado@gmail.com>
+Caio Salgado + Jefferson Fernandes <jeffs.fernandes@gmail.com>
+Caio Salgado + Rafael Manzo <caio.csalgado@gmail.com>
+Caio Salgado + Renan Teruo <caio.csalgado@gmail.com>
+Caio Salgado + Renan Teruo <caio.salgado@gmail.com>
+Caio Salgado + Renan Teruo + Jefferson Fernandes <jeffs.fernandes@gmail.com>
+Caio Salgado + Renan Teruo <renanteruoc@gmail.com>
 Caio SBA <caio@colivre.coop.br>
 Carlos Morais <carlos88morais@gmail.com>
 Carlos Morais + Diego Araújo <diegoamc90@gmail.com>
+Carlos Morais + Eduardo Morais <carlos88morais@gmail.com>
 Carlos Morais + Paulo Meirelles <carlos88morais@gmail.com>
+Carlos Morais + Pedro Leal <carlos88morais@gmail.com>
 Daniela Soares Feitosa <danielafeitosa@colivre.coop.br>
 Daniel Cunha <daniel@colivre.coop.br>
+diegoamc <diegoamc90@gmail.com>
+Diego Araújo + Alessandro Palmeira <diegoamc90@gmail.com>
+Diego Araujo + Caio Salgado <diegoamc90@gmail.com>
 Diego Araújo <diegoamc90@gmail.com>
+Diego Araújo + Jefferson Fernandes <diegoamc90@gmail.com>
+Diego Araujo + Jefferson Fernandes <jeffs.fernandes@gmail.com>
+Diego Araújo + João Machini <diegoamc90@gmail.com>
+Diego Araújo + João Machini <digoamc90@gmail.com>
 Diego Araújo + João M. M. da Silva <diegoamc90@gmail.com>
+Diego Araújo + João M. M. da Silva + João Machini <diegoamc90@gmail.com>
+Diego Araújo + João M. M. da Silva + Pedro Leal <diegoamc90@gmail.com>
+Diego Araújo + Paulo Meirelles <diegoamc90@gmail.com>
+Diego Araújo + Pedro Leal <diegoamc90@gmail.com>
+Diego Araújo + Rafael Manzo <diegoamc90@gmail.com>
+Diego Araújo + Renan Teruo + Alessandro Palmeira <diegoamc90@gmail.com>
+Diego Araújo + Renan Teruo <diegoamc90@gmail.com>
+Diego + Jefferson <diegoamc90@gmail.com>
+Diego Martinez <diegoamc90@gmail.com>
+Diego + Renan <renanteruoc@gmail.com>
 Fernanda Lopes <nanda.listas+psl@gmail.com>
 Grazieno Pellegrino <grazieno@gmail.com>
 Isaac Canan <isaac@intelletto.com.br>
 Italo Valcy <italo@dcc.ufba.br>
+Jefferson Fernandes + Diego Araujo + Rafael Manzo <jeffs.fernandes@gmail.com>
+Jefferson Fernandes + Joao M. M. da Silva <jeffs.fernandes@gmail.com>
+Jefferson Fernandes + Joao M. M. Silva <jeffs.fernandes@gmail.com>
 João da Silva <jaodsilv@linux.ime.usp.br>
+João Marco Maciel da Silva + Rafael Manzo + Renan Teruo <jaodsilv@linux.ime.usp.br>
+João M. M. da Silva + Alessandro Palmeira + Diego Araújo + Caio Salgado <jaodsilv@linux.ime.usp.br>
+João M. M. da Silva + Alessandro Palmeira + Diego Araújo <jaodsilv@linux.ime.usp.br>
+João M. M. da Silva + Alessandro Palmeira <jaodsilv@linux.ime.usp.br>
+João M. M. da Silva + Alessandro Palmeira + João Machini <jaodsilv@linux.ime.usp.br>
+João M. M. da Silva + Caio Salgado + Alessandro Palmeira <jaodsilv@linux.ime.usp.br>
+João M. M. da Silva + Caio Salgado <jaodsilv@linux.ime.usp.br>
 João M. M. da Silva + Carlos Morais <jaodsilv@linux.ime.usp.br>
 João M. M. da Silva + Diego Araújo <diegoamc90@gmail.com>
 João M. M. da Silva + Diego Araújo <jaodsilv@linux.ime.usp.br>
+João M. M. da Silva + Diego Araújo + Pedro Leal <jaodsilv@linux.ime.usp.br>
+João M. M. da Silva <jaodsilv@linux.ime.usp.br>
+Joao M. M. da Silva + Jefferson Fernandes <jaodsilv@linux.ime.usp.br>
+João M. M. da Silva + Jefferson Fernandes <jaodsilv@linux.ime.usp.br>
+João M. M. da Silva + João M. Miranda <jaodsilv@linux.ime.usp.br>
 João M. M. da Silva + Paulo Meirelles <jaodsilv@linux.ime.usp.br>
+João M. M. da Silva + Pedro Leal <jaodsilv@linux.ime.usp.br>
+João M. M. da Silva + Rafael Manzo + Diego Araújo <jaodsilv@linux.ime.usp.br>
+João M. M. da Silva + Rafael Manzo <jaodsilv@linux.ime.usp.br>
+João M. M. da Silva + Renan Teruo <jaodsilv@linux.ime.usp.br>
+João M. M. Silva + Caio Salgado <jaodsilv@linux.ime.usp.br>
+João M. M. Silva + Diego Araújo <jaodsilv@linux.ime.usp.br>
+Joao M. M. Silva + Jefferson Fernandes <jaodsilv@linux.ime.usp.br>
+João M. M. Silva + Paulo Meirelles <jaodsilv@linux.ime.usp.br>
+João M. M. Silva + Rafael Manzo <jaodsilv@linux.ime.usp.br>
+João M. M. Silva + Renan Teruo <jaodsilv@linux.ime.usp.br>
 Joenio Costa <joenio@colivre.coop.br>
 Josef Spillner <josef.spillner@tu-dresden.de>
 Keilla Menezes <keilla@colivre.coop.br>
 Larissa Reis <larissa@colivre.coop.br>
 Larissa Reis <reiss.larissa@gmail.com>
 Leandro Nunes dos Santos <leandronunes@gmail.com>
+Leandro Nunes dos Santos <leandro.santos@serpro.gov.br>
 LinguÁgil 2010 <linguagil.bahia@gmail.com>
+Luis David Aguilar Carlos <ludwig9003@gmail.com>
 Martín Olivera <molivera@solar.org.ar>
 Moises Machado <moises@colivre.coop.br>
 Nanda Lopes <nanda.listas+psl@gmail.com>
+Paulo Meirelles + Alessandro Palmeira <paulo@softwarelivre.org>
 Paulo Meirelles + Carlos Morais <paulo@softwarelivre.org>
+Paulo Meirelles + Diego Araújo <paulo@softwarelivre.org>
+Paulo Meirelles + João M. M. da Silva <paulo@softwarelivre.org>
 Paulo Meirelles <paulo@softwarelivre.org>
 Rafael Gomes <rafaelgomes@techfree.com.br>
+Rafael Manzo + João M. M. Silva <rr.manzo@gmail.com>
 Rafael Martins <rmmartins@gmail.com>
+Rafael Reggiani Manzo + Caio Salgado + Jefferson Fernandes <rr.manzo@gmail.com>
+Rafael Reggiani Manzo + Diego Araujo <diegoamc90@gmail.com>
+Rafael Reggiani Manzo + Diego Araujo <rr.manzo@gmail.com>
+Rafael Reggiani Manzo <rr.manzo@gmail.com>
 Raphaël Rousseau <raph@r4f.org>
 Raquel Lira <raquel.lira@gmail.com>
+Renan Teruo + Caio Salgado <renanteruoc@gmail.com>
+Renan Teruoc + Diego Araujo <renanteruoc@gmail.com>
+Renan Teruo + Diego Araujo <renanteruoc@gmail.com>
+Renan Teruo + Diego Araújo <renanteruoc@gmail.com>
+Renan Teruo + Paulo Meirelles <renanteruoc@gmail.com>
+Renan Teruo + Rafael Manzo <renanteruoc@gmail.com>
 Rodrigo Souto <rodrigo@colivre.coop.br>
 Ronny Kursawe <kursawe.ronny@googlemail.com>
 Samuel R. C. Vale <srcvale@holoscopio.com>
 = Noosfero instructions for developers
-This document provides useful information to those who want to help with
-Noosfero development.
+== A work about your the development platform
-== Requirements for development
+These instructions are tested and known to work on Debian stable, which is the
+system that the Noosfero core developers use to work on Noosfero.
-First, install all requirements listed in INSTALL. Note that you do not need to
-follow all the steps described there, you only need to install the packages
-listed in the "Requirements" section.
+If you want to use another OS, read "Instructions for other systems" below.
-After installing the requirements listed in INSTALL, you need to install some
-packages be able to run Noosfero tests. On Debian GNU/Linux and Debian-based
-systems, you install them with the following command:
+== Instructions for Debian stable
- # apt-get install libtidy-ruby libhpricot-ruby libmocha-ruby imagemagick po4a xvfb libxml2-dev libxslt-dev
+Download the source code:
-On other systems, they may or may not be available through your regular package
-management system. Below are the links to their homepages.
+  $ git clone git://gitorious.org/noosfero/noosfero.git
+  $ cd noosfero
-* Mocha: http://mocha.rubyforge.org/
-* Tidy: http://tidy.sourceforge.net/
-* Hpricot: http://github.com/whymirror/hpricot
-* Imagemagick: http://wwwimagemagick.org/
-* po4a: http://po4a.alioth.debian.org/
-* xvfb: http://packages.debian.org/lenny/xvfb
-* Libxml2: http://xmlsoft.org/
-* Libxslt: http://xmlsoft.org/xslt
+Run the quick start script:
-== Boostraping a development/test environment
+  $ ./script/quick-start
-You can copy and paste the commands below into a terminal (please review the
-commands and make sure you understand what you are doing):
+Now you can execute the development server with:
- # checkout the code from repository
- git clone git://gitorious.org/noosfero/noosfero.git
- # enter the directory
- cd noosfero
- # copy a sample config file
- cp config/database.yml.sqlite3 config/database.yml
- # create tmp directory if it doesn't exist
- mkdir tmp
- # start Solr
- rake solr:start
- # create the development database
- rake db:schema:load
- # run pending migrations
- rake db:migrate
- # compile translations:
- rake makemo
- # create some test data:
- ./script/sample-data
- # install latest requirements for running tests
- RAILS_ENV=cucumber rake gems:install
- RAILS_ENV=test rake gems:install
- # run the automated test suite to make sure your environment is sane:
- rake test
+  $ ./script/development
-You should now be ready to go. Issue the following command to start the Rails
-development server:
+You will be able to access Noosfero at http://localhost:3000/
- ./script/server
+If you want to use a different port than 3000, pass `-p <PORT>` to
+./script/development
-The server will be available at http://localhost:3000/ . If you want to use
-another port than 3000, you can use the -p option of ./script/server:
+== Instructions for other systems
- ./script/server -p 9999
+On other OS, you have 2 options:
-The above command makes the server available at http://localhost:9999/
+1) using a chroot or a VM with Debian stable (easier)
-The sample-data data scripts creates two administrator users with login "ze" and
-password "test" and login "adminuser" and password "admin".
+Use a chroot (http://wiki.debian.org/Schroot) or a Virtual Machine (e.g. with
+VirtualBox) with a Debian stable system and follow the instructions above for
+Debian stable.
-Note that some operations, like generating image thumbnails, sending e-mails,
-etc, are done in background in the context of a service independent from the
-Rails application server. To have those tasks performed in a development
-environment, you must run the delayed_job server like this:
+2) Installing dependencies on other OS (harder)
- ./script/delayed_job run
+If you want to setup a development environment in another OS, you can create a
+file under script/install-dependencies/, called <OS>-<CODENAME>.sh, which
+installed the dependencies for your system. With this script in place,
+./script/quick-start will call it at the point of installing the required
+packages for Noosfero development.
-This will block your terminal. To stop the delayed_job server, hit Control-C.
+You can check script/install-dependencies/debian-squeeze.sh to have an idea of
+what kind of stuff that script has to do. 
-== Enabling exceptions notification
-
-By default, exception notifications are disabled in development environment. If
-you want to enable it then you need to change some files:
-
-1) Add in config/environments/development.rb:
-   config.action_controller.consider_all_requests_local = false
-
-2) Add in app/controller/application.rb:
-   local_addresses.clear
-
-3) Add in config/noosfero.yml at development section:
-   exception_recipients: [admin@example.com]
-
-== Releasing and building Debian package
-
-See RELEASING file.
+If you write such script for your own OS, *please* share it with us at the
+development mailing list so that we can include it in the official repository.
+This way other people using the same OS will have to put less effort to develop
+Noosfero.
-= Noosfero installation instructions
+= Noosfero installation instructions from source for production environments
-Noosfero is written in Ruby with the "Rails framework":http://www.rubyonrails.org,
-so the process of setting it up is pretty similar to other Rails applications.
+The instructions below can be used for setting up a Noosfero production
+environment from the Noosfero sources.
-Below we have the instructions for installing Noosfero dependencies and setting
-up a production environment. If you have problems with the setup, please feel
-free to ask questions in the development mailing list.
+Before you start installing Noosfero manually, see the information about the
+Noosfero Debian package at http://noosfero.org/Development/DebianPackage. Using
+the Debian packages on a Debian stable system is the recommended method for
+installing production environments.
+
+If you want to setup a development environment instead of a production one,
+stop reading this file right now and read the file HACKING instead.
+
+For a complete installation guide, please see the following web page:
+http://noosfero.org/Development/HowToInstall
+
+If you have problems with the setup, please feel free to ask questions in the
+development mailing list.
 == Requirements
+DISCLAIMER: this installation procedure is tested with Debian stable, which is
+currently the only recommended operating system for production usage. It is
+possible that you can install it on other systems, and if you do so, please
+report it on one of the Noosfero mailing lists, and please send a patch
+updating these instructions.
+
+Noosfero is written in Ruby with the "Rails
+framework":http://www.rubyonrails.org, so the process of setting it up is
+pretty similar to other Rails applications.
+
 You need to install some packages Noosfero depends on.  On Debian GNU/Linux or
 Debian-based systems, all of these packages are available through the Debian
 archive. You can install them with the following command:
@@ -38,21 +58,9 @@ If you manage to install Noosfero successfully on other systems than Debian,
 please feel free to contact the Noosfero development mailing with the
 instructions for doing so, and we'll include it here.
-=== Setting up a production environment
-
-DISCLAIMER: this installation procedure is tested with Debian stable, which is
-currently the only recommended operating system for production usage. It is
-possible that you can install it on other systems, and if you do so, please
-report it on one of the Noosfero mailing lists, and please send a patch
-updating these instructions.
-
 As root user
 ============
-NOTE: these instructions are for seting up a *production* environment. If you
-are going to do Noosfero development, you don't need to do these steps. Stop
-here and see the HACKING file instead.
-
 Install memcached. On Debian:
 # apt-get install memcached
@@ -96,11 +104,11 @@ $ git checkout -b stable origin/stable
 downloading tarball
 -------------------
-Note: replace 0.35.0 below from the latest stable version.
+Note: replace 0.39.0 below from the latest stable version.
-$ wget http://noosfero.org/pub/Development/NoosferoVersion00x35x00/noosfero-0.35.0.tar.gz
-$ tar -zxvf noosfero-0.35.0.tar.gz
-$ ln -s noosfero-0.35.0 current
+$ wget http://noosfero.org/pub/Development/NoosferoVersion00x39x00/noosfero-0.39.0.tar.gz
+$ tar -zxvf noosfero-0.39.0.tar.gz
+$ ln -s noosfero-0.39.0 current
 $ cd current
 Copy config/solr.yml.dist to config/solr.yml. You will
@@ -108,7 +116,7 @@ probably not need to customize this configuration, but have a look at it.
 Create the thin configuration file:
-$ thin -C config/thin.yml config
+$ thin -C config/thin.yml -e production config
 Edit config/thin.yml to suit your needs. Make sure your apache
 configuration matches the thin cluster configuration, specially in respect
@@ -147,48 +155,7 @@ Restart postgresql:
 Noosfero needs a functional e-mail setup to work: the local mail system should
 be able to deliver e-mail to the internet, either directly or through an
-external SMTP server.
-
-If you know mail systems well, you just need to make sure thet the local MTA,
-listening on localhost:25, is able to deliver e-mails to the internet. Any mail
-server will do it.
-
-If you are not a mail specialist, we suggest that you use the Postfix mail
-server, since it is easy to configure and very reliable. Just follow the
-instructions below.
-
-To install Postfix:
-
-# apt-get install postfix
-
-During the installation process, you will be asked a few questions. Your answer
-to them will vary in 2 cases:
-
-Case 1: you can send e-mails directly to the internet. This will be the case
-for most commercial private servers. Your answers should be:
-
-  General type of mail configuration: Internet site
-  System mail name: the name of your domain, e.g. "mysocialnetwork.com"
-
-Case 2: you cannot, or don't want to, send e-mail directly to the internet.
-This happens for example if your server is not allowed to make outbound
-connections on port 25, or if you want to concentrate all your outbound mail
-through a single SMTP server. Your answers in this case should be:
-
-  General type of mail configuration: Internet with smarthost
-  System mail name: the name of your domain, e.g. "mysocialnetwork.com"
-  SMTP relay host: smtp.yourprovider.com
-
-Note that smtp.yourprovider.com must allow your server to deliver e-mails
-through it. You should probably ask your servive provider about this.
-
-There is another possibility: if you are installing on a shared server, and
-don't have permission to configure the local MTA, you can instruct Noosfero to
-send e-mails directly through an external server. Please note that this should
-be your last option, since contacting an external SMTP server directly may slow
-down your Noosfero application server. To configure Noosfero to send e-mails
-through an external SMTP server, follow the instructions on
-http://noosfero.org/Development/SMTPMailSending
+external SMTP server. Please check the documentation at the INSTALL.email file.
 As noosfero user
 ================
@@ -220,19 +187,6 @@ $ ./script/dbconsole production
 If it connects to your database, then everything is fine. If you got an error
 message, then you have to check your database configuration.
-Installing gem rack
-===================
-
-This gem is required if you want to run Mezuro plugin.
-
-Install RubyGem Rack 1.0.1.
-Others versions may not be compatible with Noosfero:
-
-# gem install rack -v 1.0.1
-
-As noosfero user
-================
-
 Create the database structure:
 $ RAILS_ENV=production rake db:schema:load
@@ -245,7 +199,7 @@ Run Solr:
 $ rake solr:start
-Now we have to create some initial data. To create your default environment
+Now we must create some initial data. To create your default environment
 (the first one), run the command below:
 $ RAILS_ENV=production ./script/runner 'Environment.create!(:name => "My environment", :is_default => true)'
@@ -261,10 +215,10 @@ $ RAILS_ENV=production ./script/runner &quot;Environment.default.domains &lt;&lt; Domain.ne
 Add at least one user as admin of environment:
-$ RAILS_ENV=production ./script/runner "User.create(:login => 'adminuser', :email => 'admin@example.com', :password => 'admin', :password_confirmation => 'admin', :environment => Environment.default)"
+$ RAILS_ENV=production ./script/runner "User.create(:login => 'adminuser', :email => 'admin@example.com', :password => 'admin', :password_confirmation => 'admin', :environment => Environment.default, :activated_at => Time.new)"
 (replace "adminuser", "admin@example.com", "admin" with the login, email
-and password of your environment admin)
+and password of your environment administrator)
 To start the Noosfero application servers:
@@ -274,23 +228,6 @@ At this point you have a functional Noosfero installation running, the only
 thing left is to configure your webserver as a reverse proxy to pass requests
 to them.
-Enabling exception notifications
-================================
-
-This is an optional step. You will need it only if you want to receive e-mail
-notifications when some exception occurs on Noosfero.
-
-First, install this version of the gem.
-Others versions may not be compatible with Noosfero:
-
-# gem install exception_notification -v 1.0.20090728
-
-You can configure the e-mails that will receive the notifications.
-Change the file config/noosfero.yml as the following example, replacing the
-e-mails by real ones:
-
-  production:
-    exception_recipients: [admin@example.com, you@example.com]
 ==================
 Apache instalation
@@ -384,6 +321,26 @@ Now restart your apache server (as root):
 # invoke-rc.d apache2 restart
+
+Enabling exception notifications
+================================
+
+This is an optional step. You will need it only if you want to receive e-mail
+notifications when some exception occurs on Noosfero.
+
+First, install this version of the gem.
+Others versions may not be compatible with Noosfero:
+
+# gem install exception_notification -v 1.0.20090728
+
+You can configure the e-mails that will receive the notifications.
+Change the file config/noosfero.yml as the following example, replacing the
+e-mails by real ones:
+
+  production:
+    exception_recipients: [admin@example.com, you@example.com]
+
+
 ============
 Maintainance
 ============
@@ -0,0 +1,43 @@
+= Noosfero email setup
+
+If you know mail systems well, you just need to make sure that the local MTA,
+listening on localhost:25, is able to deliver e-mails to the internet. Any mail
+server will do it. You can stop reading now.
+
+If you are not an email specialist, then follow the instructions below. We
+suggest that you use the Postfix mail server, since it is easy to configure and
+very reliable. Just follow the instructions below.
+
+To install Postfix:
+
+# apt-get install postfix
+
+During the installation process, you will be asked a few questions. Your answer
+to them will vary in 2 cases:
+
+Case 1: you can send e-mails directly to the internet. This will be the case
+for most commercial private servers. Your answers should be:
+
+  General type of mail configuration: Internet site
+  System mail name: the name of your domain, e.g. "mysocialnetwork.com"
+
+Case 2: you cannot, or don't want to, send e-mail directly to the internet.
+This happens for example if your server is not allowed to make outbound
+connections on port 25, or if you want to concentrate all your outbound mail
+through a single SMTP server. Your answers in this case should be:
+
+  General type of mail configuration: Internet with smarthost
+  System mail name: the name of your domain, e.g. "mysocialnetwork.com"
+  SMTP relay host: smtp.yourprovider.com
+
+Note that smtp.yourprovider.com must allow your server to deliver e-mails
+through it. You should probably ask your servive provider about this.
+
+There is another possibility: if you are installing on a shared server, and
+don't have permission to configure the local MTA, you can instruct Noosfero to
+send e-mails directly through an external server. Please note that this should
+be your last option, since contacting an external SMTP server directly may slow
+down your Noosfero application server. To configure Noosfero to send e-mails
+through an external SMTP server, follow the instructions on
+http://noosfero.org/Development/SMTPMailSending
+
@@ -5,75 +5,63 @@ recommended. See http://www.varnish-cache.org/ for more information on Varnish.
 Varnish can be set up to use with Noosfero with the following steps:
-1) setup Noosfero with apache according to the INSTALL file.
+1) setup Noosfero with apache according to the INSTALL file. If you used the
+Debian package to install noosfero, you don't need to do anything about this.
 2) install Varnish
   # apt-get install varnish
-Noosfero was tested with Varnish 2.x. If you are using a Debian Lenny (and you
-should, unless Debian already released Squeeze by now), make sure you install
-varnish from the lenny-backports suite.
-
 Install the RPAF apache module (or skip this step if not using apache):
   # apt-get install libapache2-mod-rpaf
-3) Enable varnish logging:
-
-3a) Edit /etc/default/varnishncsa and uncomment the line that contains:
-
-VARNISHNCSA_ENABLED=1
-
-The varnish log will be written to /var/log/varnish/varnishncsa.log in an
-apache-compatible format. You should change your statistics generation software
-(e.g. awstats) to use that instead of apache logs.
-
-3b) Restart Varnish Logging service
-
-  # invoke-rc.d varnishncsa start
-
-4) Change Apache to listen on port 8080 instead of 80
+3) Change Apache to listen on port 8080 instead of 80
-4a) Edit /etc/apache2/ports.conf, and:
+3a) Edit /etc/apache2/ports.conf, and:
-  * change 'Listen 80' to 'Listen 127.0.0.1:8080'
   * change 'NameVirtualHost *:80' to 'NameVirtualHost *:8080'
+  * change 'Listen 80' to 'Listen 127.0.0.1:8080'
-4b) Edit /etc/apache2/sites-enabled/*, and change '<VirtualHost *:80>' to '<VirtualHost *:8080>'
+3b) Edit /etc/apache2/sites-enabled/*, and change '<VirtualHost *:80>' to
+'<VirtualHost *:8080>'
-4c) Restart apache
+3c) Restart apache
   # invoke-rc.d apache2 restart
-5) Change Varnish to listen on port 80
+4) Varnish configuration
-5a) Edit /etc/default/varnish and change '-a :6081' to '-a :80'
+4a) Edit /etc/default/varnish
-5b) Restart Varnish
+   * change the line that says "START=no" to say "START=yes"
+   * change '-a :6081' to '-a :80'
-  # invoke-rc.d varnish restart
+4b) Edit /etc/varnish/default.vcl and add the following lines at the end:
-6) Configure varnish to fit noosfero
-(assuming Noosfero is installed in /var/lib/noosfero)
+  include "/etc/noosfero/varnish-noosfero.vcl";
+  include "/etc/noosfero/varnish-accept-language.vcl";
-6a) Configure noosfero to do specific routines to varnish
+On manual installations, change "/etc/noosfero/*" to
+"{Rails.root}/etc/noosfero/*"
-Add the following line to your /etc/varnish/default.vcl file:
+4c) Restart Varnish
-  include "/var/lib/noosfero/etc/noosfero/varnish-noosfero.vcl";
+  # invoke-rc.d varnish restart
-6b) Configure varnish to store separate caches for each language
+5) Enable varnish logging:
-Add the following line to your /etc/varnish/default.vcl file:
+5a) Edit /etc/default/varnishncsa and uncomment the line that contains:
-  include "/var/lib/noosfero/etc/noosfero/varnish-accept-language.vcl";
+VARNISHNCSA_ENABLED=1
-7) Restart Varnish
+The varnish log will be written to /var/log/varnish/varnishncsa.log in an
+apache-compatible format. You should change your statistics generation software
+(e.g. awstats) to use that instead of apache logs.
-  # invoke-rc.d varnish restart
+5b) Restart Varnish Logging service
+
+  # invoke-rc.d varnishncsa restart
 Thanks to Cosimo Streppone for varnish-accept-language. See
 http://github.com/cosimo/varnish-accept-language for more information.
-
- -- Antonio Terceiro <terceiro@colivre.coop.br>  Sat, 04 Sep 2010 17:29:27 -0300
@@ -16,7 +16,13 @@ class CmsController &lt; MyProfileController
   before_filter :login_required, :except => [:suggest_an_article]
-  protect_if :except => [:suggest_an_article, :set_home_page, :edit, :destroy, :publish] do |c, user, profile|
+  protect_if :only => :upload_files do |c, user, profile|
+    article_id = c.params[:parent_id]
+    (!article_id.blank? && profile.articles.find(article_id).allow_create?(user)) ||
+    (user && (user.has_permission?('post_content', profile) || user.has_permission?('publish_content', profile)))
+  end
+
+  protect_if :except => [:suggest_an_article, :set_home_page, :edit, :destroy, :publish, :upload_files] do |c, user, profile|
     user && (user.has_permission?('post_content', profile) || user.has_permission?('publish_content', profile))
   end
@@ -92,7 +98,7 @@ class CmsController &lt; MyProfileController
       @article_types = []
       available_article_types.each do |type|
         @article_types.push({
-          :name => type.name,
+          :class => type,
           :short_description => type.short_description,
           :description => type.description
         })
@@ -154,7 +160,7 @@ class CmsController &lt; MyProfileController
     end
     if request.post? && params[:uploaded_files]
       params[:uploaded_files].each do |file|
-        @uploaded_files << UploadedFile.create(:uploaded_data => file, :profile => profile, :parent => @parent) unless file == ''
+        @uploaded_files << UploadedFile.create(:uploaded_data => file, :profile => profile, :parent => @parent, :last_changed_by => user) unless file == ''
       end
       @errors = @uploaded_files.select { |f| f.errors.any? }
       if @errors.any?
@@ -9,7 +9,7 @@ class TasksController &lt; MyProfileController
   end
   def processed
-    @tasks = Task.to(profile).finished.sort_by(&:created_at)
+    @tasks = Task.to(profile).closed.sort_by(&:created_at)
   end
   VALID_DECISIONS = [ 'finish', 'cancel', 'skip' ]
@@ -4,6 +4,7 @@ class AccountController &lt; ApplicationController
   before_filter :login_required, :only => [:activation_question, :accept_terms, :activate_enterprise]
   before_filter :redirect_if_logged_in, :only => [:login, :signup]
+  before_filter :protect_from_bots, :only => :signup
   # say something nice, you goof!  something sweet.
   def index
@@ -55,6 +56,11 @@ class AccountController &lt; ApplicationController
     render :action => 'login', :layout => false
   end
+  def signup_time
+    key = set_signup_start_time_for_now
+    render :text => { :ok=>true, :key=>key }.to_json
+  end
+
   # action to register an user to the application
   def signup
     if @plugins.dispatch(:allow_user_registration).include?(false)
@@ -62,6 +68,7 @@ class AccountController &lt; ApplicationController
       session[:notice] = _("This environment doesn't allow user registration.")
     end
+    @block_bot = !!session[:may_be_a_bot]
     @invitation_code = params[:invitation_code]
     begin
       if params[:user]
@@ -76,19 +83,28 @@ class AccountController &lt; ApplicationController
       @person = Person.new(params[:profile_data])
       @person.environment = @user.environment
       if request.post?
-        @user.signup!
-        owner_role = Role.find_by_name('owner')
-        @user.person.affiliate(@user.person, [owner_role]) if owner_role
-        invitation = Task.find_by_code(@invitation_code)
-        if invitation
-          invitation.update_attributes!({:friend => @user.person})
-          invitation.finish
-        end
-        if @user.activated?
-          self.current_user = @user
-          redirect_to '/'
+        if may_be_a_bot
+          set_signup_start_time_for_now
+          @block_bot = true
+          session[:may_be_a_bot] = true
         else
-          @register_pending = true
+          if session[:may_be_a_bot]
+            return false unless verify_recaptcha :model=>@user, :message=>_('Captcha (the human test)')
+          end
+          @user.signup!
+          owner_role = Role.find_by_name('owner')
+          @user.person.affiliate(@user.person, [owner_role]) if owner_role
+          invitation = Task.find_by_code(@invitation_code)
+          if invitation
+            invitation.update_attributes!({:friend => @user.person})
+            invitation.finish
+          end
+          if @user.activated?
+            self.current_user = @user
+            redirect_to '/'
+          else
+            @register_pending = true
+          end
         end
       end
     rescue ActiveRecord::RecordInvalid
@@ -97,6 +113,7 @@ class AccountController &lt; ApplicationController
       @person.errors.delete(:user_id)
       render :action => 'signup'
     end
+    clear_signup_start_time
   end
   # action to perform logout from the application
@@ -271,7 +288,36 @@ class AccountController &lt; ApplicationController
   def no_redirect
     @cannot_redirect = true
   end
-  
+
+  def set_signup_start_time_for_now
+    key = 'signup_start_time_' + rand.to_s.split('.')[1]
+    Rails.cache.write key, Time.now
+    key
+  end
+
+  def get_signup_start_time
+    Rails.cache.read params[:signup_time_key]
+  end
+
+  def clear_signup_start_time
+    Rails.cache.delete params[:signup_time_key] if params[:signup_time_key]
+  end
+
+  def may_be_a_bot
+    # No minimum signup delay, no bot test.
+    return false if environment.min_signup_delay == 0
+
+    # answering captcha, may be human!
+    return false if params[:recaptcha_response_field]
+
+    # never set signup_time, hi wget!
+    signup_start_time = get_signup_start_time
+    return true if signup_start_time.nil?
+
+    # so fast, so bot.
+    signup_start_time > ( Time.now - environment.min_signup_delay.seconds )
+  end
+
   def check_answer
     unless answer_correct
       @enterprise.block
 class CatalogController < PublicController
   needs_profile
+  no_design_blocks
   before_filter :check_enterprise_and_environment
   def index
-    @products = @profile.products.paginate(:order => 'name asc', :per_page => 9, :page => params[:page])
+    @category = params[:level] ? ProductCategory.find(params[:level]) : nil
+    @products = @profile.products.from_category(@category).paginate(:order => 'available desc, highlighted desc, name asc', :per_page => 9, :page => params[:page])
+    @categories = ProductCategory.on_level(params[:level])
   end
   protected
@@ -25,24 +25,26 @@ class ContentViewerController &lt; ApplicationController
           return
         end
       end
-
-      # page not found, give error
-      if @page.nil?
-        render_not_found(@path)
-        return
-      end
     end
-    if !@page.display_to?(user)
-      if profile.display_info_to?(user) || !profile.visible?
-        message = _('You are not allowed to view this content. You can contact the owner of this profile to request access then.')
+    if !@page.nil? && !@page.display_to?(user)
+      if !profile.public?
+        private_profile_partial_parameters
+        render :template => 'profile/_private_profile.rhtml', :status => 403
+      else #if !profile.visible?
+        message = _('You are not allowed to view this content.')
+        message += ' ' + _('You can contact the owner of this profile to request access then.')
         render_access_denied(message)
-      elsif !profile.public?
-        redirect_to :controller => 'profile', :action => 'index', :profile => profile.identifier
       end
       return
     end
+    # page not found, give error
+    if @page.nil?
+      render_not_found(@path)
+      return
+    end
+
     if request.xhr? && params[:toolbar]
       render :partial => 'article_toolbar'
       return
@@ -368,18 +368,13 @@ class ProfileController &lt; PublicController
   end
   def private_profile
-    if profile.person?
-      @action = :add_friend
-      @message = _("The content here is available to %s's friends only.") % profile.short_name
-    else
-      @action = :join
-      @message = _('The contents in this community is available to members only.')
-    end
-    @no_design_blocks = true
+    private_profile_partial_parameters
   end
   def invisible_profile
-    render_access_denied(_("This profile is inaccessible. You don't have the permission to view the content here."), _("Oops ... you cannot go ahead here"))
+    unless profile.is_template?
+      render_access_denied(_("This profile is inaccessible. You don't have the permission to view the content here."), _("Oops ... you cannot go ahead here"))
+    end
   end
   def per_page
@@ -1284,7 +1284,7 @@ module ApplicationHelper
       (user.already_reported?(profile) ?
         content_tag('a', text, :class => klass + ' disabled comment-footer comment-footer-link', :title => already_reported_message) :
         link_to(text, url, :class => klass + ' comment-footer comment-footer-link', :title => report_profile_message)
-      ) + content_tag('span', ' | ', :class => 'comment-footer comment-footer-hide')
+      ) + content_tag('span', ' ', :class => 'comment-footer comment-footer-hide')
     end
   end
@@ -1337,11 +1337,12 @@ module ApplicationHelper
     counter = 0
     radios = klass.templates.map do |template|
       counter += 1
-      content_tag('li', labelled_radio_button(template.name, "#{field_name}[template_id]", template.id, counter==1))
+      content_tag('li', labelled_radio_button(link_to(template.name, template.url, :target => '_blank'), "#{field_name}[template_id]", template.id, counter==1))
     end.join("\n")
-    content_tag('div', content_tag('span', _('Template:')) +
-      content_tag('ul', radios, :style => 'list-style: none; padding-left: 0; margin-top: 0.5em;'),
+    content_tag('div', content_tag('label', _('Profile organization'), :for => 'template-options', :class => 'formlabel') +
+      content_tag('p', _('Your profile will be created according to the selected template. Click on the options to view them.'), :style => 'margin: 5px 15px;padding: 0px 10px;') +
+      content_tag('ul', radios, :style => 'list-style: none; padding-left: 20px; margin-top: 0.5em;'),
       :id => 'template-options',
       :style => 'margin-top: 1em'
     )
@@ -1410,4 +1411,16 @@ module ApplicationHelper
     options[:class] = "comment-footer comment-footer-link comment-footer-hide"
     expirable_content_reference content, action, text, url, options
   end
+
+  def private_profile_partial_parameters
+    if profile.person?
+      @action = :add_friend
+      @message = _("The content here is available to %s's friends only.") % profile.short_name
+    else
+      @action = :join
+      @message = _('The contents in this community is available to members only.')
+    end
+    @no_design_blocks = true
+  end
+
 end
@@ -3,4 +3,28 @@ module CatalogHelper
   include DisplayHelper
   include ManageProductsHelper
+  def breadcrumb(category)
+    start = link_to(_('Start'), {:action => 'index'})
+    ancestors = category.ancestors.map { |c| link_to(c.name, {:action => 'index', :level => c.id}) }.reverse
+    current_level = content_tag('strong', category.name)
+    all_items = [start] + ancestors + [current_level]
+    content_tag('div', all_items.join(' &rarr; '), :id => 'breadcrumb')
+  end
+
+  def category_link(category, sub = false)
+    count = profile.products.from_category(category).count
+    name = truncate(category.name, :length => 22 - count.to_s.size)
+    link_name = sub ? name : content_tag('strong', name)
+    link = link_to(link_name, {:action => 'index', :level => category.id}, :title => category.name)
+    content_tag('li', "#{link} (#{count})") if count > 0
+  end
+
+  def category_sub_links(category)
+    sub_categories = []
+    category.children.each do |sub_category|
+      sub_categories << category_link(sub_category, true)
+    end
+    content_tag('ul', sub_categories) if sub_categories.size > 1
+  end
+
 end
@@ -26,7 +26,7 @@ module ContentViewerHelper
       end
       title << content_tag('span',
         content_tag('span', show_date(article.published_at), :class => 'date') +
-        content_tag('span', [_(", by %s") % link_to(article.author_name, article.author.url)], :class => 'author') +
+        content_tag('span', [_(", by %s") % link_to(article.author_name, article.author_url)], :class => 'author') +
         content_tag('span', comments, :class => 'comments'),
         :class => 'created-at'
       )
@@ -8,6 +8,14 @@ module DisplayHelper
             opts
   end
+  def themed_path(file)
+    if File.exists?(File.join(Rails.root, 'public', theme_path, file))
+      File.join(theme_path, file)
+    else
+      file
+    end
+  end
+
   def image_link_to_product(product, opts={})
     return _('No product') unless product
     target = product_path(product)
@@ -52,8 +52,8 @@ module FolderHelper
     end
   end
-  def icon_for_new_article(type)
-    "icon-new icon-new%s" % type.constantize.icon_name
+  def icon_for_new_article(klass)
+    "icon-new icon-new%s" % klass.icon_name
   end
   def custom_options_for_article(article)
@@ -142,6 +142,38 @@ module FormsHelper
     content_tag('table',rows.join("\n"))
   end
+  def select_folder(label_text, field_id, collection, default_value=nil, html_options = {}, js_options = {})
+    root = profile ? profile.identifier : _("root")
+    labelled_form_field(
+      label_text,
+      select_tag(
+        field_id,
+        options_for_select(
+          [[root, '']] +
+          collection.collect {|f| [ root + '/' +  f.full_name, f.id ] },
+          default_value
+        ),
+        html_options.merge(js_options)
+      )
+    )
+  end
+
+  def select_profile_folder(label_text, field_id, profile, default_value='', html_options = {}, js_options = {})
+    result = labelled_form_field(
+      label_text,
+      select_tag(
+        field_id,
+        options_for_select(
+          [[profile.identifier, '']] +
+          profile.folders.collect {|f| [ profile.identifier + '/' +  f.full_name, f.id ] },
+          default_value
+        ),
+        html_options.merge(js_options)
+      )
+    )
+    return result
+  end
+
   def date_field(name, value, format = '%Y-%m-%d', datepicker_options = {}, html_options = {})
     datepicker_options[:disabled] ||= false
     datepicker_options[:alt_field] ||= ''
@@ -13,19 +13,20 @@ module LanguageHelper
   alias :calendar_date_select_language :tinymce_language
-  def language_chooser(environment, options = {})
-    return if environment.locales.size < 2
+  def language_chooser(environment=nil, options = {})
+    locales = environment.nil? ? Noosfero.locales : environment.locales
+    return if locales.size < 2
     current = language
     separator = options[:separator] || ' &mdash; '
     if options[:element] == 'dropdown'
       select_tag('lang', 
-        options_for_select(environment.locales.map{|code,name| [name, code]}, current),
+        options_for_select(locales.map{|code,name| [name, code]}, current),
         :onchange => "document.location.href= #{url_for(params.merge(:lang => 'LANGUAGE')).inspect}.replace(/LANGUAGE/, this.value) ;",
         :help => _('The language you choose here is the language used for options, buttons, etc. It does not affect the language of the content created by other users.')
       )
     else
-      languages = environment.locales.map do |code,name|
+      languages = locales.map do |code,name|
         if code == current
           content_tag('strong', name)
         else
@@ -48,7 +48,7 @@ class ApproveArticle &lt; Task
   end
   def perform
-     article.copy!(:name => name, :abstract => abstract, :body => body, :profile => target, :reference_article => article, :parent => article_parent, :highlighted => highlighted, :source => article.source)
+    article.copy!(:name => name, :abstract => abstract, :body => body, :profile => target, :reference_article => article, :parent => article_parent, :highlighted => highlighted, :source => article.source, :last_changed_by_id => article.author_id)
   end
   def title
@@ -13,10 +13,18 @@ class Article &lt; ActiveRecord::Base
   # xss_terminate plugin can't sanitize array fields
   before_save :sanitize_tag_list
+  before_create do |article|
+    if article.last_changed_by_id
+      article.author_name = Person.find(article.last_changed_by_id).name
+    end
+  end
+
   belongs_to :profile
   validates_presence_of :profile_id, :name
   validates_presence_of :slug, :path, :if => lambda { |article| !article.name.blank? }
+  validates_length_of :name, :maximum => 150
+
   validates_uniqueness_of :slug, :scope => ['profile_id', 'parent_id'], :message => N_('The title (article name) is already being used by another article, please use another title.'), :if => lambda { |article| !article.slug.blank? }
   belongs_to :last_changed_by, :class_name => 'Person', :foreign_key => 'last_changed_by_id'
@@ -289,7 +297,7 @@ class Article &lt; ActiveRecord::Base
     if last_comment
       {:date => last_comment.created_at, :author_name => last_comment.author_name, :author_url => last_comment.author_url}
     else
-      {:date => updated_at, :author_name => author.name, :author_url => author.url}
+      {:date => updated_at, :author_name => author_name, :author_url => author_url}
     end
   end
@@ -441,7 +449,7 @@ class Article &lt; ActiveRecord::Base
   end
   def allow_post_content?(user = nil)
-    user && (user.has_permission?('post_content', profile) || allow_publish_content?(user) && (user == self.creator))
+    user && (user.has_permission?('post_content', profile) || allow_publish_content?(user) && (user == author))
   end
   def allow_publish_content?(user = nil)
@@ -496,7 +504,6 @@ class Article &lt; ActiveRecord::Base
     :slug,
     :updated_at,
     :created_at,
-    :last_changed_by_id,
     :version,
     :lock_version,
     :type,
@@ -539,15 +546,24 @@ class Article &lt; ActiveRecord::Base
   end
   def author
-    if reference_article
-      reference_article.author
+    if versions.empty?
+      last_changed_by
     else
-      last_changed_by || profile
+      author_id = versions.first.last_changed_by_id
+      Person.exists?(author_id) ? Person.find(author_id) : nil
     end
   end
   def author_name
-    setting[:author_name].blank? ? author.name : setting[:author_name]
+    author ? author.name : (setting[:author_name] || _('Unknown'))
+  end
+
+  def author_url
+    author ? author.url : nil
+  end
+
+  def author_id
+    author ? author.id : nil
   end
   alias :active_record_cache_key :cache_key
@@ -572,11 +588,6 @@ class Article &lt; ActiveRecord::Base
     truncate sanitize_html(self.lead), :length => 170, :omission => '...'
   end
-  def creator
-    creator_id = versions[0][:last_changed_by_id]
-    creator_id && Profile.find(creator_id)
-  end
-
   def notifiable?
     false
   end
@@ -13,6 +13,16 @@ class Category &lt; ActiveRecord::Base
     {:conditions => ['parent_id is null and environment_id = ?', environment.id ]}
   }
+  named_scope :on_level, lambda { |parent| {:conditions => {:parent_id => parent}} }
+
+  named_scope :sub_categories, lambda { |category|
+    {:conditions => ['categories.path LIKE ? AND categories.id != ?', "%#{category.slug}%", category.id]}
+  }
+
+  named_scope :sub_tree, lambda { |category|
+    {:conditions => ['categories.path LIKE ?', "%#{category.slug}%"]}
+  }
+
   acts_as_filesystem
   has_many :article_categorizations, :dependent => :destroy
@@ -74,6 +74,10 @@ class Comment &lt; ActiveRecord::Base
     self.find(:all, :order => 'created_at desc, id desc', :limit => limit)
   end
+  def notification_emails
+    self.article.profile.notification_emails - [self.author_email || self.email]
+  end
+
   after_save :notify_article
   after_destroy :notify_article
   def notify_article
@@ -114,7 +118,7 @@ class Comment &lt; ActiveRecord::Base
   def notify_by_mail
     if source.kind_of?(Article) && article.notify_comments?
-      if !article.profile.notification_emails.empty?
+      if !notification_emails.empty?
         Comment::Notifier.deliver_mail(self)
       end
       emails = article.followers - [author_email]
@@ -174,7 +178,7 @@ class Comment &lt; ActiveRecord::Base
   class Notifier < ActionMailer::Base
     def mail(comment)
       profile = comment.article.profile
-      recipients profile.notification_emails
+      recipients comment.notification_emails
       from "#{profile.environment.name} <#{profile.environment.contact_email}>"
       subject _("[%s] you got a new comment!") % [profile.environment.name]
       body :recipient => profile.nickname || profile.name,
@@ -224,6 +228,7 @@ class Comment &lt; ActiveRecord::Base
   def spam!
     self.spam = true
     self.save!
+    SpammerLogger.log(ip_address, self)
     Delayed::Job.enqueue(CommentHandler.new(self.id, :marked_as_spam))
     self
   end
@@ -5,7 +5,7 @@ class EnterpriseHomepage &lt; Article
   end
   def self.short_description
-    __('Enterprise homepage.')
+    __('Enterprise homepage')
   end
   def self.description
@@ -233,8 +233,10 @@ class Environment &lt; ActiveRecord::Base
     settings[:message_for_member_invitation] || InviteMember.mail_template
   end
+  settings_items :min_signup_delay, :type => Integer, :default => 3 #seconds
   settings_items :activation_blocked_text, :type => String
-  settings_items :message_for_disabled_enterprise, :type => String
+  settings_items :message_for_disabled_enterprise, :type => String,
+                 :default => _('This enterprise needs to be enabled.')
   settings_items :location, :type => String
   settings_items :layout_template, :type => String, :default => 'default'
   settings_items :homepage, :type => String
@@ -38,7 +38,7 @@ class Event &lt; Article
   filter_iframes :body, :link, :address, :whitelist => lambda { profile && profile.environment && profile.environment.trusted_sites_for_iframe }
   def self.description
-    _('A calendar event')
+    _('A calendar event.')
   end
   def self.short_description
@@ -78,6 +78,8 @@ class Organization &lt; Profile
     country
     tag_list
     template_id
+    district
+    address_reference
   ]
   def self.fields
@@ -96,8 +98,8 @@ class Organization &lt; Profile
     []
   end
-  N_('Display name'); N_('Description'); N_('Contact person'); N_('Contact email'); N_('Acronym'); N_('Foundation year'); N_('Legal form'); N_('Economic activity'); N_('Management information'); N_('Tag list')
-  settings_items :display_name, :description, :contact_person, :contact_email, :acronym, :foundation_year, :legal_form, :economic_activity, :management_information
+  N_('Display name'); N_('Description'); N_('Contact person'); N_('Contact email'); N_('Acronym'); N_('Foundation year'); N_('Legal form'); N_('Economic activity'); N_('Management information'); N_('Tag list'); N_('District'); N_('Address reference')
+  settings_items :display_name, :description, :contact_person, :contact_email, :acronym, :foundation_year, :legal_form, :economic_activity, :management_information, :district, :address_reference
   validates_format_of :foundation_year, :with => Noosfero::Constants::INTEGER_FORMAT
   validates_format_of :contact_email, :with => Noosfero::Constants::EMAIL_FORMAT, :if => (lambda { |org| !org.contact_email.blank? })
@@ -67,6 +67,9 @@ class Person &lt; Profile
     :order => 'total DESC',
     :conditions => ['action_tracker.created_at >= ? OR action_tracker.id IS NULL', ActionTracker::Record::RECENT_DELAY.days.ago]
+  named_scope :abusers, :joins => :abuse_complaints, :conditions => ['tasks.status = 3'], :select => 'DISTINCT profiles.*'
+  named_scope :non_abusers, :joins => "LEFT JOIN tasks ON profiles.id = tasks.requestor_id AND tasks.type='AbuseComplaint'", :conditions => ["tasks.status != 3 OR tasks.id is NULL"], :select => "DISTINCT profiles.*"
+
   after_destroy do |person|
     Friendship.find(:all, :conditions => { :friend_id => person.id}).each { |friendship| friendship.destroy }
   end
@@ -144,6 +147,9 @@ class Person &lt; Profile
   contact_phone
   contact_information
   description
+  image
+  district
+  address_reference
   ]
   validates_multiparameter_assignments
@@ -198,8 +204,8 @@ class Person &lt; Profile
   N_('Education'); N_('Custom education'); N_('Custom area of study');
   settings_items :formation, :custom_formation, :custom_area_of_study
-  N_('Contact information'); N_('City'); N_('State'); N_('Country'); N_('Sex'); N_('Zip code')
-  settings_items :photo, :contact_information, :sex, :city, :state, :country, :zip_code
+  N_('Contact information'); N_('City'); N_('State'); N_('Country'); N_('Sex'); N_('Zip code'); N_('District'); N_('Address reference')
+  settings_items :photo, :contact_information, :sex, :city, :state, :country, :zip_code, :district, :address_reference
   extend SetProfileRegionFromCityState::ClassMethods
   set_profile_region_from_city_state
@@ -440,6 +446,10 @@ class Person &lt; Profile
     abuse_report.save!
   end
+  def abuser?
+    AbuseComplaint.finished.where(:requestor_id => self).count > 0
+  end
+
   def control_panel_settings_button
     {:title => _('Edit Profile'), :icon => 'edit-profile'}
   end
@@ -23,6 +23,10 @@ class Product &lt; ActiveRecord::Base
   named_scope :more_recent, :order => "created_at DESC"
+  named_scope :from_category, lambda { |category|
+    {:joins => :product_category, :conditions => ['categories.path LIKE ?', "%#{category.slug}%"]} if category
+  }
+
   after_update :save_image
   def lat
@@ -141,6 +141,10 @@ class Profile &lt; ActiveRecord::Base
   acts_as_having_settings :field => :data
+  def settings
+    data
+  end
+
   settings_items :redirect_l10n, :type => :boolean, :default => false
   settings_items :public_content, :type => :boolean, :default => true
   settings_items :description
@@ -229,7 +233,7 @@ class Profile &lt; ActiveRecord::Base
     if myregion
       myregion.hierarchy.reverse.first(2).map(&:name).join(separator)
     else
-      %w[address city state country_name zip_code ].map {|item| (self.respond_to?(item) && !self.send(item).blank?) ? self.send(item) : nil }.compact.join(separator)
+      %w[address district city state country_name zip_code ].map {|item| (self.respond_to?(item) && !self.send(item).blank?) ? self.send(item) : nil }.compact.join(separator)
     end
   end
@@ -463,6 +467,10 @@ class Profile &lt; ActiveRecord::Base
     { :profile => identifier, :controller => 'profile_editor', :action => 'index' }
   end
+  def tasks_url
+    { :profile => identifier, :controller => 'tasks', :action => 'index', :host => default_hostname }
+  end
+
   def leave_url(reload = false)
     { :profile => identifier, :controller => 'profile', :action => 'leave', :reload => reload }
   end
@@ -694,7 +702,7 @@ private :generate_url, :url_options
   def custom_footer_expanded
     footer = custom_footer
     if footer
-      %w[contact_person contact_email contact_phone location address economic_activity city state country zip_code].each do |att|
+      %w[contact_person contact_email contact_phone location address district address_reference economic_activity city state country zip_code].each do |att|
         if self.respond_to?(att) && footer.match(/\{[^{]*#{att}\}/)
           if !self.send(att).nil? && !self.send(att).blank?
             footer = footer.gsub(/\{([^{]*)#{att}\}/, '\1' + self.send(att))
@@ -5,11 +5,11 @@ class RawHTMLArticle &lt; TextArticle
   end
   def self.short_description
-    _('Raw HTML text article.')
+    _('Raw HTML text article')
   end
   def self.description
-    _('Allows HTML without filter (only for admins)')
+    _('Allows HTML without filter (only for admins).')
   end
   xss_terminate :only => [  ]
@@ -0,0 +1,24 @@
+class SpammerLogger < Logger
+  @logpath = File.join(Rails.root, 'log', "#{ENV['RAILS_ENV']}_spammers.log")
+  @logger = new(@logpath)
+
+  def self.log(spammer_ip, object=nil)
+    if object
+      if object.kind_of?(Comment)
+        @logger << "[#{Time.now.strftime("%F %T %z")}] Comment-id: #{object.id} IP: #{spammer_ip}\n"
+      end
+    else
+        @logger << "[#{Time.now.strftime("%F %T %z")}] IP: #{spammer_ip}\n"
+    end
+  end
+
+  def self.clean_log
+    File.delete(@logpath) if File.exists?(@logpath)
+  end
+
+  def self.reload_log
+    clean_log
+    @logger = new(@logpath)
+  end
+
+end
@@ -267,7 +267,10 @@ class Task &lt; ActiveRecord::Base
   end
   named_scope :pending, :conditions => { :status =>  Task::Status::ACTIVE }
-  named_scope :finished, :conditions => { :status =>  [Task::Status::CANCELLED, Task::Status::FINISHED] }
+  named_scope :hidden, :conditions => { :status =>  Task::Status::HIDDEN }
+  named_scope :finished, :conditions => { :status =>  Task::Status::FINISHED }
+  named_scope :canceled, :conditions => { :status =>  Task::Status::CANCELLED }
+  named_scope :closed, :conditions => { :status =>  [Task::Status::CANCELLED, Task::Status::FINISHED] }
   named_scope :opened, :conditions => { :status =>  [Task::Status::ACTIVE, Task::Status::HIDDEN] }
   named_scope :of, lambda { |type| conditions = type ? "type LIKE '#{type}'" : "1=1"; {:conditions =>  [conditions]} }
   named_scope :order_by, lambda { |attribute, ord| {:order => "#{attribute} #{ord}"} }
@@ -14,7 +14,7 @@ class TaskMailer &lt; ActionMailer::Base
     recipients task.target.notification_emails
-    url_for_tasks_list = task.target.kind_of?(Environment) ? '' : url_for(task.target.url.merge(:controller => 'tasks', :action => 'index'))
+    url_for_tasks_list = task.target.kind_of?(Environment) ? '' : url_for(task.target.tasks_url)
     from self.class.generate_from(task)
     subject '[%s] %s' % [task.environment.name, task.target_notification_description]
 class TinyMceArticle < TextArticle
   def self.short_description
-    _('Text article with visual editor.')
+    _('Text article with visual editor')
   end
   def self.description
@@ -31,7 +31,7 @@ class User &lt; ActiveRecord::Base
   after_create do |user|
     user.person ||= Person.new
     user.person.attributes = user.person_data.merge(:identifier => user.login, :user => user, :environment_id => user.environment_id)
-    user.person.name ||= user.login
+    user.person.name ||= user.name
     user.person.visible = false unless user.activated?
     user.person.save!
     if user.environment.enabled?('skip_new_user_email_confirmation')
-<%= error_messages_for :user, :person %>
+<% if @block_bot %>
+  <div class="atention" style="font-size: 150%;">
+    <strong><%=_('Are you a robot?')%></strong> <br />
+    <%=_('Please, prove that you are human by filling the captcha.')%>
+  </div>
+<% end %>
+
+<% @profile_data = @person %>
+
+<%= error_messages_for :user, :person, :header_message => _('The account could not be created') %>
+
+<% labelled_form_for :user, @user, :html => { :multipart => true, :id => 'signup-form', :honeypot => true } do |f| %>
-<% labelled_form_for :user, @user, :html => { :multipart => true, :id => 'signup-form' } do |f| %>
+<input type="hidden" id="signup_time_key" name="signup_time_key" />
+<script type="text/javascript">
+  jQuery.ajax({
+    type: "POST",
+    url: "<%= url_for :controller=>'account', :action=>'signup_time' %>",
+    dataType: 'json',
+    success: function(data) {
+      if (data.ok) jQuery('#signup_time_key').val(data.key);
+    }
+  });
+</script>
 <%= hidden_field_tag :invitation_code, @invitation_code %>
 <div id='signup-form-header'>
-  <span id="signup-domain"><%= environment.default_hostname %>/</span>
-  <div id='signup-login'>
-    <div id='signup-login-field'>
-      <%= required f.text_field(:login, :onchange => 'this.value = convToValidLogin(this.value);', :rel => s_('signup|Login')) %>
-      <div id='url-check'><p>&nbsp;</p></div>
+  <div id='signup-formfield-group'>
+    <%= label(:user, :login, _('Username'), {:class => 'formlabel'}) %>
+    <span id="signup-domain"><%= environment.default_hostname %>/</span>
+    <div id='signup-login'>
+      <div id='signup-login-field' class='formfield'>
+        <%= required text_field(:user, :login, :id => 'user_login', :onchange => 'this.value = convToValidLogin(this.value);') %>
+        <div id='url-check'><p>&nbsp;</p></div>
+      </div>
+      <%= content_tag(:small, _('Choose your login name carefully! It will be your network access and you will not be able to change it later.'), :id => 'signup-balloon') %>
+      <br style="clear: both;" />
     </div>
-    <%= content_tag(:small, _('Choose your login name carefully! It will be your network access and you will not be able to change it later.'), :id => 'signup-balloon') %>
-    <br style="clear: both;" />
   </div>
   <%= observe_field 'user_login',
         :url => { :action => 'check_url' },
@@ -26,20 +50,19 @@
   <div id='signup-password'>
     <%= required f.password_field(:password, :id => 'user_pw') %>
-    <%= f.text_field(:password_clear, :value => _('password')) %>
     <%= content_tag(:small,_('Choose a password that you can remember easily. It must have at least 4 characters.'), :id => 'password-balloon') %>
     <div id='fake-check'><p>&nbsp;</p></div>
   </div>
   <div id='signup-password-confirmation'>
     <%= required f.password_field(:password_confirmation) %>
-    <%= f.text_field(:password_confirmation_clear, :value => _('password confirmation')) %>
+    <%= content_tag(:small,_('We need to be sure that you filled in your password correctly. Confirm you password.'), :id => 'password-confirmation-balloon') %>
     <div id='password-check'><p>&nbsp;</p></div>
   </div>
   <div id='signup-email'>
-    <%= required f.text_field(:email, :rel => _('e-Mail')) %>
-    <%= content_tag(:small,_('This e-mail address will be used to contact you.')) %>
+    <%= required f.text_field(:email) %>
+    <%= content_tag(:small,_('This e-mail address will be used to contact you.'), :id => 'email-balloon') %>
     <div id='email-check'><p>&nbsp;</p></div>
   </div>
   <%= observe_field "user_email",
@@ -62,21 +85,23 @@
                       }"
   %>
-  <%= label :profile_data, :name %>
-  <%= required text_field(:profile_data, :name, :rel => _('Full name')) %>
+  <div id='signup-name'>
+    <%= labelled_form_field(_('Full name'), text_field(:profile_data, :name)) %>
+    <%= content_tag(:small,_('Tell us your name, it will be used to identify yourself.'), :id => 'name-balloon') %>
+  </div>
 </div>
 <div id="signup-form-profile">
-  <%= template_options(Person, 'profile_data') %>
-
   <% labelled_fields_for :profile_data, @person do |f| %>
     <%= render :partial => 'profile_editor/person_form', :locals => {:f => f} %>
   <% end %>
   <%= @plugins.dispatch(:signup_extra_contents).collect { |content| instance_eval(&content) }.join("") %>
+  <%= template_options(Person, 'profile_data') %>
+
   <% unless @terms_of_use.blank? %>
     <div id='terms-of-use-box' class='formfieldline'>
       <%= labelled_check_box(_('I accept the %s') % link_to(_('terms of use'), {:controller => 'home', :action => 'terms'}, :target => '_blank'), 'user[terms_accepted]') %>
@@ -91,6 +116,8 @@
   <% end %>
 </div>
+<%= recaptcha_tags :ajax => true, :display => {:theme => 'clean'} if @block_bot %>
+
 <p style="text-align: center">
   <%= submit_button('save', _('Create my account')) %>
 </p>
@@ -99,70 +126,59 @@
 <script type="text/javascript">
 jQuery(function($) {
+
+  $('#signup-form #user_login').css('width', 335 - $('#signup-domain').outerWidth());
+
   $('#signup-form input[type=text], #signup-form textarea').each(function() {
-    if ($(this).attr('rel')) var default_value = $(this).attr('rel').toLowerCase();
-    if ($(this).val() == '') $(this).val(default_value);
-    $(this).bind('focus', function() {
-      if ($(this).val() == default_value) $(this).val('');
-    });
     $(this).bind('blur', function() {
       if ($(this).val() == '') {
-        $(this).val(default_value);
         $(this).removeClass('filled-in');
       }
       else $(this).addClass('filled-in');
     });
   });
-  $('#signup-form').bind('submit', function() {
-    $('#signup-form input[type=text], #signup-form textarea').each(function() {
-      if ($(this).attr('rel')) var default_value = $(this).attr('rel').toLowerCase();
-      if ($(this).val() == default_value) $(this).val('');
-    });
-    return true;
-  });
-
-  $('#user_password_clear, #user_password_confirmation_clear').show();
-  $('#user_password_clear, #user_password_confirmation_clear').unbind();
-  $('#user_pw, #user_password_confirmation').hide();
-  $('#user_password_clear').focus(function() {
-    $(this).hide();
-    $('#user_pw').show();
-    $('#user_pw').focus();
-  });
   $('#user_pw').focus(function() {
     $('#password-balloon').fadeIn('slow');
   });
-  $('#user_pw').blur(function() {
-    if ($(this).val() == '') {
-      $('#user_password_clear').show();
-      $(this).hide();
-    }
-  });
-  $('#user_password_confirmation_clear').focus(function() {
-    $(this).hide();
-    $('#user_password_confirmation').show();
-    $('#user_password_confirmation').focus();
+  $('#user_password_confirmation').focus(function() {
+    $('#password-confirmation-balloon').fadeIn('slow');
   });
   $('#user_password_confirmation, #user_pw').blur(function() {
-    if ($('#user_password_confirmation').val() == '') {
-      $('#user_password_confirmation_clear').show();
-      $('#user_password_confirmation').hide();
-    } else if ($('#user_password_confirmation').val() == $('#user_pw').val()) {
-      $('#user_password_confirmation').addClass('validated').removeClass('invalid');
-      $('#user_pw').removeClass('invalid_input').addClass('valid_input');
-      $('#password-check').html("<p>&nbsp;</p>");
-    } else if ($('#user_password_confirmation').val() != $('#user_pw').val()) {
-      $('#user_password_confirmation').removeClass('validated').addClass('invalid');
-      $('#user_pw').addClass('invalid_input').removeClass('valid_input');
-      $('#password-check').html("<p><span class='invalid'><%= _('Passwords don\'t match') %></span></p>");
+    if ($('#user_password_confirmation').val() != '') {
+      if ($('#user_password_confirmation').val() == $('#user_pw').val()) {
+        $('#user_password_confirmation').addClass('validated').removeClass('invalid');
+        $('#user_pw').removeClass('invalid_input').addClass('valid_input');
+        $('#password-check').html("<p>&nbsp;</p>");
+      } else if ($('#user_password_confirmation').val() != $('#user_pw').val()) {
+        $('#user_password_confirmation').removeClass('validated').addClass('invalid');
+        $('#user_pw').addClass('invalid_input').removeClass('valid_input');
+        $('#password-check').html("<p><span class='invalid'><%= _('Passwords don\'t match') %></span></p>");
+      }
     }
     $('#password-balloon').fadeOut('slow');
+    $('#password-confirmation-balloon').fadeOut('slow');
   });
   $('#user_login').focus(function() {
     $('#signup-balloon').fadeIn('slow');
   });
   $('#user_login').blur(function() { $('#signup-balloon').fadeOut('slow'); });
   $('#signup-form').validate({ rules: { 'user[email]': { email: true } }, messages: { 'user[email]' : '' } });
+  $('#user_email').focus(function() {
+    $('#email-balloon').fadeIn('slow');
+  });
+  $('#user_email').blur(function() {
+    $('#email-balloon').fadeOut('slow');
+  });
+  $('#profile_data_name').focus(function() {
+    $('#name-balloon').fadeIn('slow');
+  });
+  $('#profile_data_name').blur(function() {
+    $('#name-balloon').fadeOut('slow');
+    if ($(this).val() == '') {
+      $(this).removeClass('validated');
+    }
+    else $(this).addClass('validated');
+  });
 });
 </script>
 <% extra_content = [] %>
 <% extra_content_list = [] %>
-<ul id="product-list">
-  <li><h1><%= _('Products/Services') %></h1></li>
+<h1><%= _('Products/Services') %></h1>
+<%= breadcrumb(@category) if params[:level] %>
+
+<div class='l-sidebar-left-bar'>
+  <ul>
+    <% if @categories.size > 0 %>
+      <% @categories.each do |category| %>
+        <%= category_link(category) %>
+        <%= category_sub_links(category) %>
+      <% end %>
+    <% else %>
+      <%= content_tag('li', _('There are no sub-categories for %s') % @category.name, :style => 'color: #555753; padding-bottom: 0.5em;') %>
+    <% end %>
+  </ul>
+</div>
+
+<ul id="product-list" class="l-sidebar-left-content">
   <% @products.each do |product| %>
     <% extra_content = @plugins.dispatch(:catalog_item_extras, product).collect { |content| instance_eval(&content) } %>
     <% extra_content_list = @plugins.dispatch(:catalog_list_item_extras, product).collect { |content| instance_eval(&content) } %>
-    <li class="product <%= "not-available" unless product.available %>">
+    <% status = [] %>
+    <% status << 'not-available' if !product.available %>
+    <% status << 'highlighted' if product.highlighted %>
+
+    <li id="product-<%= product.id %>" class="product <%= status.join(' ') %>">
       <ul>
         <li class="product-image-link">
+          <% if product.highlighted? %>
+            <%= link_to image_tag(themed_path('/images/star.png'), :class => 'star', :alt => _('Highlighted product')), product_path(product) %>
+          <% end %>
           <% if product.image %>
             <div class="zoomable-image">
               <%= link_to_product product, :class => 'product-big', :style => "background-image: url(#{product.default_image(:big)})" %>
@@ -4,7 +4,7 @@
 <%= render :file => 'shared/tiny_mce' %>
-<%= required f.text_field(:name, :size => '64', :onchange => "updateUrlField(this, 'article_slug')") %>
+<%= required f.text_field(:name, :size => '64', :maxlength => 150, :onchange => "updateUrlField(this, 'article_slug')") %>
 <%= render :partial => 'general_fields' %>
@@ -3,7 +3,7 @@
 <%# TODO add Textile help here %>
 <%= render :file => 'shared/tiny_mce' %>
-<%= required f.text_field('name', :size => '64') %>
+<%= required f.text_field('name', :size => '64', :maxlength => 150) %>
 <%= render :partial => 'general_fields' %>
 <%= render :partial => 'translatable' %>
 <%= required_fields_message %>
-<%= required f.text_field('name', :size => '64') %>
+<%= required f.text_field('name', :size => '64', :maxlength => 150) %>
 <%= render :partial => 'general_fields' %>
 <%= labelled_form_field(_('Description:'), text_area(:article, :body, :rows => 3, :cols => 64)) %>
@@ -4,7 +4,7 @@
 <%= render :file => 'shared/tiny_mce' %>
-<%= required f.text_field(:name, :size => '64', :onchange => "updateUrlField(this, 'article_slug')") %>
+<%= required f.text_field(:name, :size => '64', :maxlength => 150, :onchange => "updateUrlField(this, 'article_slug')") %>
 <%= render :partial => 'general_fields' %>
 <%= required_fields_message %>
-<%= required f.text_field('name', :size => '64') %>
+<%= required f.text_field('name', :size => '64', :maxlength => 150) %>
 <%= render :partial => 'general_fields' %>
-<%= f.text_field 'name', :size => '64' %>
+<%= f.text_field 'name', :size => '64', :maxlength => 150 %>
 <%= render :partial => 'general_fields' %>
 <p><%= _('This is a republication of "%s", by %s.') % [link_to(h(@article.reference_article.name), @article.reference_article.url), @article.reference_article.profile.name] %></p>
 <%= required_fields_message %>
-<%= required labelled_form_field(_('Title'), text_field(:article, 'name', :size => '64')) %>
+<%= required labelled_form_field(_('Title'), text_field(:article, 'name', :size => '64', :maxlength => 150)) %>
 <%= render :partial => 'general_fields' %>
 <%= render :partial => 'translatable' %>
@@ -2,7 +2,7 @@
 <%# TODO add Textile help here %>
-<%= required labelled_form_field(_('Title'), text_field(:article, 'name', :size => '72')) %>
+<%= required labelled_form_field(_('Title'), text_field(:article, 'name', :size => '72', :maxlength => 150)) %>
 <%= render :partial => 'general_fields' %>
 <%= render :partial => 'translatable' %>
@@ -3,7 +3,7 @@
 <%= render :file => 'shared/tiny_mce' %>
 <div>
-  <%= required labelled_form_field(_('Title'), text_field(:article, 'name', :size => '64')) %>
+  <%= required labelled_form_field(_('Title'), text_field(:article, 'name', :size => '64', :maxlength => 150)) %>
   <%= render :partial => 'general_fields' %>
   <%= render :partial => 'translatable' %>
@@ -2,9 +2,9 @@
 <ul id="article_types">
   <% for type in @article_types %>
-    <% action = type[:name] == 'UploadedFile' ? {:action => 'upload_files'} : {:action => 'new', :type => type[:name]} %>
+    <% action = type[:class].name == 'UploadedFile' ? {:action => 'upload_files'} : {:action => 'new', :type => type[:class].name} %>
     <% content_tag('a', :href => url_for(action.merge(:parent_id => @parent_id, :back_to => @back_to))) do %>
-      <li class="<%= icon_for_new_article(type[:name]) %>" onmouseover="javascript: jQuery(this).addClass('mouseover')" onmouseout="jQuery(this).removeClass('mouseover')">
+      <li class="<%= icon_for_new_article(type[:class]) %>" onmouseover="javascript: jQuery(this).addClass('mouseover')" onmouseout="jQuery(this).removeClass('mouseover')">
         <strong><%= type[:short_description] %></strong>
         <div class='description'><%= type[:description] %></div>
       </li>
@@ -34,11 +34,11 @@
         <%= expirable_button @page, :locale, content, url %>
       <% end %>
-      <%= colorbox_button(:new, label_for_new_article(@page), profile.admin_url.merge(:controller => 'cms', :action => 'new', :parent_id => (@page.folder? ? @page : (@page.parent.nil? ? nil : @page.parent)))) %>
+      <%= colorbox_button(:new, label_for_new_article(@page), profile.admin_url.merge(:controller => 'cms', :action => 'new', :parent_id => (@page.folder? ? @page : (@page.parent.nil? ? nil : @page.parent)))) unless remove_content_button(:new) %>
     <% end %>
     <% if @page.accept_uploads? && @page.allow_create?(user) %>
-      <%= button('upload-file', _('Upload files'), profile.admin_url.merge(:controller => 'cms', :action => 'upload_files', :parent_id => (@page.folder? ? @page : @page.parent))) %>
+      <%= button('upload-file', _('Upload files'), profile.admin_url.merge(:controller => 'cms', :action => 'upload_files', :parent_id => (@page.folder? ? @page : @page.parent))) unless remove_content_button(:upload)%>
     <% end %>
     <% if !@page.allow_create?(user) && profile.community? && (@page.blog? || @page.parent && @page.parent.blog?) && !remove_content_button(:suggest) %>
@@ -9,7 +9,7 @@
   <div class='profile-activity-lead'>
     <div class='article-name'><%= link_to(activity.params['name'], activity.params['url']) %></div>
     <span title='<%= activity.target.class.short_description %>' class='profile-activity-icon icon-new icon-new<%= activity.target.class.icon_name %>'></span>
-    <%= image_tag(activity.params['first_image']) unless activity.params['first_image'].blank? %><%= strip_tags(truncate(activity.params['lead'], :length => 1000, :ommision => '...')).gsub(/(\xA0|\xC2|\s)+/, ' ').gsub(/^\s+/, '') %> <small><%= link_to(_('See more'), activity.params['url']) unless activity.get_lead.blank? %></small>
+    <%= image_tag(activity.params['first_image']) unless activity.params['first_image'].blank? %><%= strip_tags(truncate(activity.params['lead'], :length => 1000, :ommision => '...')).gsub(/(\xC2\xA0|\s)+/, ' ').gsub(/^\s+/, '') %> <small><%= link_to(_('See more'), activity.params['url']) unless activity.get_lead.blank? %></small>
   </div>
   <%= content_tag(:p, link_to(_('See complete forum'), activity.get_url), :class => 'see-forum') if activity.target.is_a?(Forum) %>
   <p class='profile-activity-time'><%= time_ago_as_sentence(activity.created_at) %></p>
@@ -5,7 +5,7 @@
 <% cache_timeout(profile.communities_cache_key(params), 4.hour) do %>
   <ul class='profile-list'>
   <% @communities.each do |community| %>
-    <li><%= profile_image_link(community)%></li>
+    <%= profile_image_link(community)%>
   <% end %>
   </ul>
@@ -21,6 +21,8 @@
 <%= optional_field(@person, 'city', f.text_field(:city, :rel => _('City'))) %>
 <%= optional_field(@person, 'zip_code', labelled_form_field(_('ZIP code'), text_field(:profile_data, :zip_code, :rel => _('ZIP code')))) %>
 <%= optional_field(@person, 'address', labelled_form_field(_('Address (street and number)'), text_field(:profile_data, :address, :rel => _('Address')))) %>
+<%= optional_field(@person, 'address_reference', labelled_form_field(_('Address reference'), text_field(:profile_data, :address_reference, :rel => _('Address reference')))) %>
+<%= optional_field(@person, 'district', labelled_form_field(_('District'), text_field(:profile_data, :district, :rel => _('District')))) %>
 <% optional_field(@person, 'schooling') do %>
   <div class="formfieldline">
-<% extra_content = @plugins.dispatch(:asset_product_extras, product, product.enterprise).collect { |content| instance_eval(&content) } %>
+<% extra_content = @plugins.dispatch(:asset_product_extras, product).collect { |content| instance_eval(&content) } %>
 <% extra_properties = @plugins.dispatch(:asset_product_properties, product)%>
-<li class="search-product-item">
+<li class="search-product-item <%= 'highlighted' if product.highlighted? %>">
   <div class="search-product-item-first-column">
     <%= render :partial => 'search/image', :object => product %>
@@ -10,6 +10,8 @@
 <%= optional_field(profile, 'economic_activity', f.text_field(:economic_activity)) %>
 <%= optional_field(profile, 'management_information', f.text_area(:management_information, :rows => 5)) %>
 <%= optional_field(profile, 'address', labelled_form_field(_('Address (street and number)'), text_field(object_name, :address))) %>
+<%= optional_field(profile, 'address_reference', labelled_form_field(_('Address reference'), text_field(object_name, :address_reference))) %>
+<%= optional_field(profile, 'district', labelled_form_field(_('District'), text_field(object_name, :district))) %>
 <%= optional_field(profile, 'zip_code', labelled_form_field(_('ZIP code'), text_field(object_name, :zip_code))) %>
 <%= optional_field(profile, 'city', f.text_field(:city)) %>
 <%= optional_field(profile, 'state', f.text_field(:state)) %>
@@ -3,4 +3,5 @@ require &#39;noosfero/plugin/hot_spot&#39;
 require 'noosfero/plugin/manager'
 require 'noosfero/plugin/active_record'
 require 'noosfero/plugin/mailer_base'
+require 'noosfero/plugin/settings'
 Noosfero::Plugin.init_system if $NOOSFERO_LOAD_PLUGINS
@@ -0,0 +1,39 @@
+class AggressiveIndexingStrategy3 < ActiveRecord::Migration
+  def self.up
+    add_index :articles, :slug
+    add_index :articles, :parent_id
+    add_index :articles, :profile_id
+    add_index :articles, :name
+
+    add_index :article_versions, :article_id
+
+    add_index :comments, [:source_id, :spam]
+
+    add_index :profiles, :identifier
+
+    add_index :friendships, :person_id
+    add_index :friendships, :friend_id
+    add_index :friendships, [:person_id, :friend_id], :uniq => true
+
+    add_index :external_feeds, :blog_id
+  end
+
+  def self.down
+    remove_index :articles, :slug
+    remove_index :articles, :parent_id
+    remove_index :articles, :profile_id
+    remove_index :articles, :name
+
+    remove_index :article_versions, :article_id
+
+    remove_index :comments, [:source_id, :spam]
+
+    remove_index :profiles, :identifier
+
+    remove_index :friendships, :person_id
+    remove_index :friendships, :friend_id
+    remove_index :friendships, [:person_id, :friend_id]
+
+    remove_index :external_feeds, :blog_id
+  end
+end
@@ -9,7 +9,7 @@
 #
 # It's strongly recommended to check this file into your version control system.
-ActiveRecord::Schema.define(:version => 20121008185303) do
+ActiveRecord::Schema.define(:version => 20130111232201) do
   create_table "abuse_reports", :force => true do |t|
     t.integer  "reporter_id"
@@ -88,6 +88,8 @@ ActiveRecord::Schema.define(:version =&gt; 20121008185303) do
     t.integer  "license_id"
   end
+  add_index "article_versions", ["article_id"], :name => "index_article_versions_on_article_id"
+
   create_table "articles", :force => true do |t|
     t.string   "name"
     t.string   "slug"
@@ -129,6 +131,10 @@ ActiveRecord::Schema.define(:version =&gt; 20121008185303) do
     t.integer  "license_id"
   end
+  add_index "articles", ["name"], :name => "index_articles_on_name"
+  add_index "articles", ["parent_id"], :name => "index_articles_on_parent_id"
+  add_index "articles", ["profile_id"], :name => "index_articles_on_profile_id"
+  add_index "articles", ["slug"], :name => "index_articles_on_slug"
   add_index "articles", ["translation_of_id"], :name => "index_articles_on_translation_of_id"
   create_table "articles_categories", :id => false, :force => true do |t|
@@ -217,6 +223,8 @@ ActiveRecord::Schema.define(:version =&gt; 20121008185303) do
     t.string   "referrer"
   end
+  add_index "comments", ["source_id", "spam"], :name => "index_comments_on_source_id_and_spam"
+
   create_table "contact_lists", :force => true do |t|
     t.text     "list"
     t.string   "error_fetching"
@@ -280,6 +288,7 @@ ActiveRecord::Schema.define(:version =&gt; 20121008185303) do
     t.integer  "update_errors", :default => 0
   end
+  add_index "external_feeds", ["blog_id"], :name => "index_external_feeds_on_blog_id"
   add_index "external_feeds", ["enabled"], :name => "index_external_feeds_on_enabled"
   add_index "external_feeds", ["fetched_at"], :name => "index_external_feeds_on_fetched_at"
@@ -295,6 +304,10 @@ ActiveRecord::Schema.define(:version =&gt; 20121008185303) do
     t.string   "group"
   end
+  add_index "friendships", ["friend_id"], :name => "index_friendships_on_friend_id"
+  add_index "friendships", ["person_id", "friend_id"], :name => "index_friendships_on_person_id_and_friend_id"
+  add_index "friendships", ["person_id"], :name => "index_friendships_on_person_id"
+
   create_table "images", :force => true do |t|
     t.integer "parent_id"
     t.string  "content_type"
@@ -446,6 +459,7 @@ ActiveRecord::Schema.define(:version =&gt; 20121008185303) do
   end
   add_index "profiles", ["environment_id"], :name => "index_profiles_on_environment_id"
+  add_index "profiles", ["identifier"], :name => "index_profiles_on_identifier"
   add_index "profiles", ["region_id"], :name => "index_profiles_on_region_id"
   create_table "qualifier_certifiers", :force => true do |t|
+noosfero (0.41.0) unstable; urgency=low
+
+  * Features version with anti spam-bot measures
+
+ -- Rodrigo Souto <rodrigo@colivre.coop.br>  Mon, 28 Jan 2013 10:20:21 +0000
+
+noosfero (0.40.0) unstable; urgency=low
+
+  * Features version release 
+
+ -- Rodrigo Souto <rodrigo@colivre.coop.br>  Sat, 19 Jan 2013 21:58:06 +0000
+
+noosfero (0.39.3) unstable; urgency=low
+
+  * Bugfixes release
+
+ -- Rodrigo Souto <rodrigo@colivre.coop.br>  Sat, 19 Jan 2013 19:27:04 +0000
+
+noosfero (0.39.2) unstable; urgency=low
+
+  * Bugfixes release
+
+ -- Rodrigo Souto <rodrigo@colivre.coop.br>  Sat, 12 Jan 2013 10:13:46 +0000
+
+noosfero (0.39.1) unstable; urgency=low
+
+  * Bugfixes release
+
+ -- Daniela Soares Feitosa <daniela@colivre.coop.br>  Thu, 20 Dec 2012 15:47:55 -0200
+
+noosfero (0.39.0) unstable; urgency=low
+
+  * Features version release
+
+ -- Daniela Soares Feitosa <daniela@colivre.coop.br>  Fri, 07 Dec 2012 09:53:42 -0200
+
 noosfero (0.39.0~1) UNRELEASED; urgency=low
   * Pre-release to test the antispam mechanism.
  -- Antonio Terceiro <terceiro@debian.org>  Thu, 30 Aug 2012 14:55:10 -0300
+noosfero (0.38.3) unstable; urgency=low
+
+  * Bugfixes release
+
+ -- Daniela Soares Feitosa <daniela@colivre.coop.br>  Wed, 07 Nov 2012 20:25:51 -0200
+
 noosfero (0.38.2) unstable; urgency=low
   * Bugfixes release
@@ -32,6 +32,8 @@ debian/solr.yml                   etc/noosfero
 debian/thin.yml                   etc/noosfero
 etc/logrotate.d/noosfero          etc/logrotate.d
 debian/noosfero.yml               etc/noosfero
+etc/noosfero/varnish-accept-language.vcl  etc/noosfero
+etc/noosfero/varnish-noosfero.vcl         etc/noosfero
 locale                            usr/share/noosfero
 doc/noosfero                      usr/share/noosfero/doc
 sub vcl_recv {
   if (req.request == "GET" || req.request == "HEAD") {
     if (req.http.Cookie) {
-      # We only care about the "_noosfero_session.*" cookie, used for
-      # authentication.
-      if (req.http.Cookie !~ "_noosfero_session.*" ) {
+      # We only care about the "_noosfero_.*" cookies, used by Noosfero
+      if (req.http.Cookie !~ "_noosfero_.*" ) {
         # strip all cookies
         unset req.http.Cookie;
       }
@@ -12,7 +12,7 @@ Feature: signup
       | Username              | josesilva             |
       | Password              | secret                |
       | Password confirmation | secret                |
-      | Name                  | José da Silva         |
+      | Full name             | José da Silva         |
     And I press "Create my account"
     Then I should not be logged in
     And I should receive an e-mail on josesilva@example.com
@@ -19,9 +19,10 @@ public/image_uploads
 public/thumbnails
 public/user_themes
 public/designs/themes/default
+public/designs/themes/*
 public/designs/icons/default
-public/javascripts/cache*.js
-public/stylesheets/cache*.css
+public/javascripts/cache*
+public/stylesheets/cache*
 public/plugins
 db/development.db
 db/production.db
@@ -2,7 +2,7 @@ require &#39;fast_gettext&#39;
 module Noosfero
   PROJECT = 'noosfero'
-  VERSION = '0.39.0~1'
+  VERSION = '0.41.0'
   def self.pattern_for_controllers_in_directory(dir)
     disjunction = controllers_in_directory(dir).join('|')
@@ -130,7 +130,7 @@ class Noosfero::Plugin
   end
   # -> Adds plugin-specific content types to CMS
-  # returns  = { content type class }
+  # returns  = [ContentClass1, ContentClass2, ...]
   def content_types
     nil
   end
@@ -161,7 +161,7 @@ class Noosfero::Plugin
   # -> Adds content to products on asset list
   # returns = lambda block that creates html code
-  def asset_product_extras(product, enterprise)
+  def asset_product_extras(product)
     nil
   end
@@ -384,7 +384,9 @@ class Noosfero::Plugin
   private
   def content_actions
-    %w[edit delete spread locale suggest home]
+    #FIXME 'new' and 'upload' only works for content_remove. It should work for
+    #content_expire too.
+    %w[edit delete spread locale suggest home new upload]
   end
 end
@@ -0,0 +1,45 @@
+class Noosfero::Plugin::Settings
+
+  def initialize(base, plugin, attributes = nil)
+    @base = base
+    @plugin = plugin
+    attributes ||= {}
+    attributes.each do |k,v|
+      self.send("#{k}=", v)
+    end
+  end
+
+  def settings
+    @base.settings["#{@plugin.public_name}_plugin".to_sym] ||= {}
+  end
+
+  def method_missing(method, *args, &block)
+    if method.to_s =~ /^(.+)=$/
+      set_setting($1, args.first)
+    elsif method.to_s =~ /^(.+)$/
+      get_setting($1)
+    end
+  end
+
+  def get_setting(name)
+    if settings[name.to_sym].nil?
+      if @plugin.respond_to?("#{name}_default_setting")
+        @plugin.send("#{name}_default_setting")
+      else
+        nil
+      end
+    else
+      settings[name.to_sym]
+    end
+  end
+
+  def set_setting(name, value)
+    settings[name.to_sym] = value
+  end
+
+  def save!
+    @base.save!
+  end
+
+end
+
@@ -0,0 +1,33 @@
+README - AntiSpam (AntiSpam Plugin)
+=======================================
+
+Plugin that checks comments against a spam checking service compatible
+with the Akismet API.
+
+
+Enable Plugin
+-------------
+
+Also, you need to enable AntiSpam Plugin at your Noosfero:
+
+cd <your_noosfero_dir>
+./script/noosfero-plugins enable anti_spam
+
+
+Activate Plugin
+-------------
+
+As a Noosfero administrator user, go to administrator panel:
+
+- Click on "Plugins" option
+- Click on "AntiSpam Plugin" check-box
+
+Configure Plugin
+----------------
+
+As a Noosfero administrator user, go to administrator panel:
+
+- Click on "Configuration" below the "AntiSpam Plugin"
+- Fill in the "API key" field with the key generated after signing up to
+  akismet: https://akismet.com/signup/
+- Save your changes
@@ -2,7 +2,7 @@ class AntiSpamPluginAdminController &lt; AdminController
   append_view_path File.join(File.dirname(__FILE__) + '/../views')
   def index
-    @settings = AntiSpamPlugin::Settings.new(environment, params[:settings])
+    @settings = Noosfero::Plugin::Settings.new(environment, AntiSpamPlugin, params[:settings])
     if request.post?
       @settings.save!
       redirect_to :action => 'index'
@@ -8,6 +8,10 @@ class AntiSpamPlugin &lt; Noosfero::Plugin
     _("Checks comments against a spam checking service compatible with the Akismet API")
   end
+  def self.host_default_setting
+    'api.antispam.typepad.com'
+  end
+
   def check_comment_for_spam(comment)
     if rakismet_call(comment, :spam?)
       comment.spam = true
@@ -26,7 +30,7 @@ class AntiSpamPlugin &lt; Noosfero::Plugin
   protected
   def rakismet_call(comment, op)
-    settings = AntiSpamPlugin::Settings.new(comment.environment)
+    settings = Noosfero::Plugin::Settings.new(comment.environment, self.class)
     Rakismet.host = settings.host
     Rakismet.key = settings.api_key
@@ -1,35 +0,0 @@
-class AntiSpamPlugin::Settings
-
-  def initialize(environment, attributes = nil)
-    @environment = environment
-    attributes ||= {}
-    attributes.each do |k,v|
-      self.send("#{k}=", v)
-    end
-  end
-
-  def settings
-    @environment.settings[:anti_spam_plugin] ||= {}
-  end
-
-  def host
-    settings[:host] ||= 'api.antispam.typepad.com'
-  end
-
-  def host=(value)
-    settings[:host] = value
-  end
-
-  def api_key
-    settings[:api_key]
-  end
-
-  def api_key=(value)
-    settings[:api_key] = value
-  end
-
-  def save!
-    @environment.save!
-  end
-
-end
@@ -1,115 +0,0 @@
-require 'benchmark'
-
-class AntiSpamPlugin::Spaminator
-
-  class << self
-    def run(environment)
-      instance = new(environment)
-      instance.run
-    end
-
-    def benchmark(environment)
-      puts Benchmark.measure { run(environment) }
-    end
-  end
-
-
-  def initialize(environment)
-    @environment = environment
-  end
-
-  def run
-    start_time = Time.now
-
-    process_all_comments
-    process_all_people
-    process_people_without_network
-
-    finish(start_time)
-  end
-
-  protected
-
-  def finish(start_time)
-    @environment.settings[:spaminator_last_run] = start_time
-    @environment.save!
-  end
-
-  def conditions(table)
-    last_run = @environment.settings[:spaminator_last_run]
-    if last_run
-      ["profiles.environment_id = ? AND #{table}.created_at > ?", @environment.id, last_run]
-    else
-      [ "profiles.environment_id = ?", @environment.id]
-    end
-  end
-
-  def process_all_comments
-    puts 'Processing comments ...'
-    i = 0
-    comments = Comment.joins("JOIN articles ON (comments.source_id = articles.id AND comments.source_type = 'Article') JOIN profiles ON (profiles.id = articles.profile_id)").where(conditions(:comments))
-    total = comments.count
-    comments.find_each do |comment|
-      puts "Comment #{i += 1}/#{total} (#{100*i/total}%)"
-      process_comment(comment)
-    end
-  end
-
-  def process_all_people
-    puts 'Processing people ...'
-    i = 0
-    people = Person.where(conditions(:profiles))
-    total = people.count
-    people.find_each do |person|
-      puts "Person #{i += 1}/#{total} (#{100*i/total}%)"
-      process_person(person)
-    end
-  end
-
-  def process_comment(comment)
-    comment.check_for_spam
-
-    # TODO several comments with the same content:
-    #   → disable author
-    #   → mark all of them as spam
-
-    # TODO check comments that contains URL's
-  end
-
-  def process_person(person)
-    # person is author of more than 2 comments marked as spam
-    #   → burn
-    #
-    number_of_spam_comments = Comment.spam.where(author_id => person.id).count
-    if number_of_spam_comments > 2
-      mark_as_spammer(person)
-    end
-  end
-
-  def process_people_without_network
-    # people who signed up more than one month ago, have no friends and <= 1
-    # communities
-    #
-    #   → burn
-    #   → mark their comments as spam
-    #
-    Person.where(:environment_id => @environment.id).where(['created_at < ?', Time.now - 1.month]).find_each do |person|
-      # TODO progress indicator - see process_all_people above
-      number_of_friends = person.friends.count
-      number_of_communities = person.communities.count
-      if number_of_friends == 0 && number_of_communities <= 1
-        mark_as_spammer(person)
-        Comment.where(:author_id => person.id).find_each do |comment|
-          comment.spam!
-        end
-      end
-    end
-  end
-
-  def mark_as_spammer(person)
-    # FIXME create an AbuseComplaint and finish instead of calling
-    # Person#disable directly
-    person.disable
-  end
-
-end
@@ -1,29 +0,0 @@
-require 'test_helper'
-
-class AntiSpamSettingsTest < ActiveSupport::TestCase
-
-  def setup
-    @environment = Environment.new
-    @settings = AntiSpamPlugin::Settings.new(@environment)
-  end
-
-  should 'store setttings in environment' do
-    @settings.host = 'foo.com'
-    @settings.api_key = '1234567890'
-    assert_equal 'foo.com', @environment.settings[:anti_spam_plugin][:host]
-    assert_equal '1234567890', @environment.settings[:anti_spam_plugin][:api_key]
-    assert_equal 'foo.com', @settings.host
-    assert_equal '1234567890', @settings.api_key
-  end
-
-  should 'save environment on save' do
-    @environment.expects(:save!)
-    @settings.save!
-  end
-
-  should 'use TypePad AntiSpam by default' do
-    assert_equal 'api.antispam.typepad.com', @settings.host
-  end
-
-
-end
@@ -1,53 +0,0 @@
-require 'test_helper'
-
-class AntiSpamPluginSpaminatorTest < ActiveSupport::TestCase
-
-  def setup
-    @environment = Environment.new
-    @environment.id = 99
-    @spaminator = AntiSpamPlugin::Spaminator.new(@environment)
-    @spaminator.stubs(:puts)
-    @now = Time.now
-    Time.stubs(:now).returns(@now)
-  end
-
-  should 'search everything in the first run' do
-    assert_equal(['profiles.environment_id = ?',99], @spaminator.send(:conditions, nil))
-  end
-
-  should 'search using recorded last date' do
-    @environment.settings[:spaminator_last_run] = @now
-    assert_equal(['profiles.environment_id = ? AND table.created_at > ?', 99, @now], @spaminator.send(:conditions, 'table'))
-  end
-
-  should 'record time of last run in environment' do
-    @spaminator.expects(:process_all_comments)
-    @spaminator.expects(:process_all_people)
-    @environment.stubs(:save!)
-    @spaminator.run
-    assert_equal @now, @environment.settings[:spaminator_last_run]
-  end
-
-  should 'find all comments' do
-    @spaminator.stubs(:process_comment)
-    @spaminator.send :process_all_comments
-  end
-
-  should 'find all people' do
-    @spaminator.stubs(:process_person)
-    @spaminator.send :process_all_people
-  end
-
-  should 'find all comments newer than a date' do
-    @environment.settings[:spaminator_last_run] = Time.now - 1.month
-    @spaminator.stubs(:process_comment)
-    @spaminator.send :process_all_comments
-  end
-
-  should 'find all people newer than a date' do
-    @environment.settings[:spaminator_last_run] = Time.now - 1.month
-    @spaminator.stubs(:process_person)
-    @spaminator.send :process_all_people
-  end
-
-end
@@ -7,7 +7,7 @@ class AntiSpamPluginTest &lt; ActiveSupport::TestCase
     article = fast_create(TextileArticle, :profile_id => profile.id)
     @comment = fast_create(Comment, :source_id => article.id, :source_type => 'Article')
-    @settings = AntiSpamPlugin::Settings.new(@comment.environment)
+    @settings = Noosfero::Plugin::Settings.new(@comment.environment, AntiSpamPlugin)
     @settings.api_key = 'b8b80ddb8084062d0c9119c945ce3bc3'
     @settings.save!
 require File.dirname(__FILE__) + '/../../../../test/test_helper'
 require File.dirname(__FILE__) + '/../../controllers/bsc_plugin_admin_controller'
-require File.dirname(__FILE__) + '/../../../../app/models/uploaded_file'
 # Re-raise errors caught by the controller.
 class BscPluginAdminController; def rescue_action(e) raise e end; end
 require File.dirname(__FILE__) + '/../../../../test/test_helper'
 require File.dirname(__FILE__) + '/../../controllers/bsc_plugin_myprofile_controller'
-require File.dirname(__FILE__) + '/../../../../app/models/uploaded_file'
 # Re-raise errors caught by the controller.
 class BscPluginMyprofileController; def rescue_action(e) raise e end; end
 require File.dirname(__FILE__) + '/../../../../../test/test_helper'
-require File.dirname(__FILE__) + '/../../../../../app/models/uploaded_file'
 class BscPlugin::AssociateEnterpriseTest < ActiveSupport::TestCase
   VALID_CNPJ = '94.132.024/0001-48'
 require File.dirname(__FILE__) + '/../../../../../test/test_helper'
-#require File.dirname(__FILE__) + '/../../../../../app/models/uploaded_file'
-#require File.dirname(__FILE__) + '/../../../lib/ext/enterprise'
 class BscPlugin::ContractTest < ActiveSupport::TestCase
   def setup
 require File.dirname(__FILE__) + '/../../../../../test/test_helper'
-require File.dirname(__FILE__) + '/../../../../../app/models/uploaded_file'
 class ProductTest < ActiveSupport::TestCase
   VALID_CNPJ = '94.132.024/0001-48'
+require 'rubygems'
 require 'savon'
 require 'googlecharts'
@@ -0,0 +1,320 @@
+require 'base64'
+
+class ShoppingCartPluginController < PublicController
+
+  include ShoppingCartPlugin::CartHelper
+  helper ShoppingCartPlugin::CartHelper
+
+  append_view_path File.join(File.dirname(__FILE__) + '/../views')
+  before_filter :login_required, :only => []
+
+  before_filter :login_required, :only => []
+
+  def get
+    config =
+      if cart.nil?
+        { 'enterprise_id' => nil, 'hasProducts' => false }
+      else
+        { 'enterprise_id' => cart[:enterprise_id], 'hasProducts' => (cart[:items].keys.size > 0) }
+      end
+    render :text => config.to_json
+  end
+
+  def add
+    product = find_product(params[:id])
+    if product && enterprise = validate_same_enterprise(product)
+      self.cart = { :enterprise_id => enterprise.id, :items => {} } if self.cart.nil?
+      self.cart[:items][product.id] = 0 if self.cart[:items][product.id].nil?
+      self.cart[:items][product.id] += 1
+      render :text => {
+        :ok => true,
+        :error => {:code => 0},
+        :products => [{
+          :id => product.id,
+          :name => product.name,
+          :price => get_price(product, enterprise.environment),
+          :description => product.description,
+          :picture => product.default_image(:minor),
+          :quantity => self.cart[:items][product.id]
+        }]
+      }.to_json
+    end
+  end
+
+  def remove
+    id = params[:id].to_i
+    if validate_cart_presence && validate_cart_has_product(id)
+      self.cart[:items].delete(id)
+      self.cart = nil if self.cart[:items].empty?
+      render :text => {
+        :ok => true,
+        :error => {:code => 0},
+        :product_id => id
+      }.to_json
+    end
+  end
+
+  def list
+    if validate_cart_presence
+      products = self.cart[:items].collect do |id, quantity|
+        product = Product.find(id)
+        { :id => product.id,
+          :name => product.name,
+          :price => get_price(product, product.enterprise.environment),
+          :description => product.description,
+          :picture => product.default_image(:minor),
+          :quantity => quantity
+        }
+      end
+      render :text => {
+        :ok => true,
+        :error => {:code => 0},
+        :products => products
+      }.to_json
+    end
+  end
+
+  def update_quantity
+    quantity = params[:quantity].to_i
+    id = params[:id].to_i
+    if validate_cart_presence && validate_cart_has_product(id) && validate_item_quantity(quantity)
+      product = Product.find(id)
+      self.cart[:items][product.id] = quantity
+      render :text => {
+        :ok => true,
+        :error => {:code => 0},
+        :product_id => id,
+        :quantity => quantity
+      }.to_json
+    end
+  end
+
+  def clean
+    self.cart = nil
+    render :text => {
+      :ok => true,
+      :error => {:code => 0}
+    }.to_json
+  end
+
+  def buy
+    @cart = cart
+    @enterprise = environment.enterprises.find(cart[:enterprise_id])
+    @settings = Noosfero::Plugin::Settings.new(@enterprise, ShoppingCartPlugin)
+    render :layout => false
+  end
+
+  def send_request
+    register_order(params[:customer], self.cart[:items])
+    begin
+      enterprise = environment.enterprises.find(cart[:enterprise_id])
+      ShoppingCartPlugin::Mailer.deliver_customer_notification(params[:customer], enterprise, self.cart[:items], params[:delivery_option])
+      ShoppingCartPlugin::Mailer.deliver_supplier_notification(params[:customer], enterprise, self.cart[:items], params[:delivery_option])
+      self.cart = nil
+      render :text => {
+        :ok => true,
+        :message => _('Request sent successfully. Check your email.'),
+        :error => {:code => 0}
+      }.to_json
+    rescue ActiveRecord::ActiveRecordError
+      render :text => {
+        :ok => false,
+        :error => {
+          :code => 6,
+          :message => exception.message
+        }
+      }.to_json
+    end
+  end
+
+  def visibility
+    render :text => self.cart.has_key?(:visibility) ? self.cart[:visibility].to_json : true.to_json
+  end
+
+  def show
+    begin
+      self.cart[:visibility] = true
+      render :text => {
+        :ok => true,
+        :message => _('Basket displayed.'),
+        :error => {:code => 0}
+      }.to_json
+    rescue Exception => exception
+      render :text => {
+        :ok => false,
+        :error => {
+          :code => 7,
+          :message => exception.message
+        }
+      }.to_json
+    end
+  end
+
+  def hide
+    begin
+      self.cart[:visibility] = false
+      render :text => {
+        :ok => true,
+        :message => _('Basket hidden.'),
+        :error => {:code => 0}
+      }.to_json
+    rescue Exception => exception
+      render :text => {
+        :ok => false,
+        :error => {
+          :code => 8,
+          :message => exception.message
+        }
+      }.to_json
+    end
+  end
+
+  def update_delivery_option
+    enterprise = environment.enterprises.find(cart[:enterprise_id])
+    settings = Noosfero::Plugin::Settings.new(enterprise, ShoppingCartPlugin)
+    delivery_price = settings.delivery_options[params[:delivery_option]]
+    delivery = Product.new(:name => params[:delivery_option], :price => delivery_price)
+    delivery.save(false)
+    items = self.cart[:items].clone
+    items[delivery.id] = 1
+    total_price = get_total_on_currency(items, environment)
+    delivery.destroy
+    render :text => {
+      :ok => true,
+      :delivery_price => float_to_currency_cart(delivery_price, environment),
+      :total_price => total_price,
+      :message => _('Delivery option updated.'),
+      :error => {:code => 0}
+    }.to_json
+  end
+
+  private
+
+  def validate_same_enterprise(product)
+    if self.cart && self.cart[:enterprise_id] && product.enterprise_id != self.cart[:enterprise_id]
+      render :text => {
+        :ok => false,
+        :error => {
+        :code => 1,
+        :message => _("Can't join items from different enterprises.")
+      }
+      }.to_json
+      return nil
+    end
+    product.enterprise
+  end
+
+  def validate_cart_presence
+    if self.cart.nil?
+      render :text => {
+        :ok => false,
+        :error => {
+        :code => 2,
+        :message => _("There is no basket.")
+      }
+      }.to_json
+      return false
+    end
+    true
+  end
+
+  def find_product(id)
+    begin
+      product = Product.find(id)
+    rescue ActiveRecord::RecordNotFound
+      render :text => {
+        :ok => false,
+        :error => {
+        :code => 3,
+        :message => _("This enterprise doesn't have this product.")
+      }
+      }.to_json
+      return nil
+    end
+    product
+  end
+
+  def validate_cart_has_product(id)
+    if !self.cart[:items].has_key?(id)
+      render :text => {
+        :ok => false,
+        :error => {
+        :code => 4,
+        :message => _("The basket doesn't have this product.")
+      }
+      }.to_json
+      return false
+    end
+    true
+  end
+
+  def validate_item_quantity(quantity)
+    if quantity.to_i < 1
+      render :text => {
+        :ok => false,
+        :error => {
+        :code => 5,
+        :message => _("Invalid quantity.")
+      }
+      }.to_json
+      return false
+    end
+    true
+  end
+
+  def register_order(custumer, items)
+    new_items = {}
+    items.each do |id, quantity|
+      product = Product.find(id)
+      price = product.price || 0
+      new_items[id] = {:quantity => quantity, :price => price, :name => product.name}
+    end
+    ShoppingCartPlugin::PurchaseOrder.create!(
+      :seller => Enterprise.find(cart[:enterprise_id]),
+      :customer => user,
+      :status => ShoppingCartPlugin::PurchaseOrder::Status::OPENED,
+      :products_list => new_items,
+      :customer_delivery_option => params[:delivery_option],
+      :customer_payment => params[:customer][:payment],
+      :customer_change => params[:customer][:change],
+      :customer_name => params[:customer][:name],
+      :customer_email => params[:customer][:email],
+      :customer_contact_phone => params[:customer][:contact_phone],
+      :customer_address => params[:customer][:address],
+      :customer_district => params[:customer][:district],
+      :customer_city => params[:customer][:city],
+      :customer_zip_code => params[:customer][:zip_code]
+    )
+  end
+
+  protected
+
+  def cart
+    @cart ||=
+      begin
+        cookies[cookie_key] && YAML.load(Base64.decode64(cookies[cookie_key])) || nil
+      end
+    @cart
+  end
+
+  def cart=(data)
+    @cart = data
+  end
+
+  after_filter :save_cookie
+  def save_cookie
+    if @cart.nil?
+      cookies.delete(cookie_key, :path => '/plugin/shopping_cart')
+    else
+      cookies[cookie_key] = {
+        :value => Base64.encode64(@cart.to_yaml),
+        :path => "/plugin/shopping_cart"
+      }
+    end
+  end
+
+  def cookie_key
+    :_noosfero_plugin_shopping_cart
+  end
+
+end
@@ -4,9 +4,12 @@ class ShoppingCartPluginMyprofileController &lt; MyProfileController
   append_view_path File.join(File.dirname(__FILE__) + '/../views')
   def edit
+    params[:settings] = treat_cart_options(params[:settings])
+
+    @settings = Noosfero::Plugin::Settings.new(profile, ShoppingCartPlugin, params[:settings])
     if request.post?
       begin
-        profile.update_attributes!(params[:profile_attr])
+        @settings.save!
         session[:notice] = _('Option updated successfully.')
       rescue Exception => exception
         session[:notice] = _('Option wasn\'t updated successfully.')
@@ -46,4 +49,25 @@ class ShoppingCartPluginMyprofileController &lt; MyProfileController
     order.save!
     redirect_to :action => 'reports', :from => params[:context_from], :to => params[:context_to], :filter_status => params[:context_status]
   end
+
+  private
+
+  def treat_cart_options(settings)
+    return if settings.blank?
+    settings[:enabled] = settings[:enabled] == '1'
+    settings[:delivery] = settings[:delivery] == '1'
+    settings[:free_delivery_price] = settings[:free_delivery_price].blank? ? nil : settings[:free_delivery_price].to_d
+    settings[:delivery_options] = treat_delivery_options(settings[:delivery_options])
+    settings
+  end
+
+  def treat_delivery_options(params)
+    result = {}
+    params[:options].size.times do |counter|
+      if params[:options][counter].present? && params[:prices][counter].present?
+        result[params[:options][counter]] = params[:prices][counter]
+      end
+    end
+    result
+  end
 end
@@ -1,248 +0,0 @@
-include ShoppingCartPlugin::CartHelper
-
-class ShoppingCartPluginProfileController < ProfileController
-  append_view_path File.join(File.dirname(__FILE__) + '/../views')
-  before_filter :login_required, :only => []
-
-  before_filter :login_required, :only => []
-
-  def add
-    session[:cart] = { :enterprise_id => profile.id, :items => {} } if session[:cart].nil?
-    if validate_same_enterprise && product = validate_enterprise_has_product(params[:id])
-      session[:cart][:items][product.id] = 0 if session[:cart][:items][product.id].nil?
-      session[:cart][:items][product.id] += 1
-      render :text => {
-        :ok => true,
-        :error => {:code => 0},
-        :products => [{
-          :id => product.id,
-          :name => product.name,
-          :price => get_price(product, profile.environment),
-          :description => product.description,
-          :picture => product.default_image(:minor),
-          :quantity => session[:cart][:items][product.id]
-        }]
-      }.to_json
-    end
-  end
-
-  def remove
-    id = params[:id].to_i
-    if validate_cart_presence && validate_cart_has_product(id)
-      session[:cart][:items].delete(id)
-      session[:cart] = nil if session[:cart][:items].empty?
-      render :text => {
-        :ok => true,
-        :error => {:code => 0},
-        :product_id => id
-      }.to_json
-    end
-  end
-
-  def list
-    if validate_cart_presence
-      products = session[:cart][:items].collect do |id, quantity|
-        product = Product.find(id)
-        { :id => product.id,
-          :name => product.name,
-          :price => get_price(product, profile.environment),
-          :description => product.description,
-          :picture => product.default_image(:minor),
-          :quantity => quantity
-        }
-      end
-      render :text => {
-        :ok => true,
-        :error => {:code => 0},
-        :enterprise => Enterprise.find(session[:cart][:enterprise_id]).identifier,
-        :products => products
-      }.to_json
-    end
-  end
-
-  def update_quantity
-    quantity = params[:quantity].to_i
-    id = params[:id].to_i
-    if validate_cart_presence && validate_cart_has_product(id) && validate_item_quantity(quantity)
-      product = Product.find(id)
-      session[:cart][:items][product.id] = quantity
-      render :text => {
-        :ok => true,
-        :error => {:code => 0},
-        :product_id => id,
-        :quantity => quantity
-      }.to_json
-    end
-  end
-
-  def clean
-    session[:cart] = nil
-    render :text => {
-      :ok => true,
-      :error => {:code => 0}
-    }.to_json
-  end
-
-  def buy
-    @environment = profile.environment
-    render :layout => false
-  end
-
-  def send_request
-      register_order(params[:customer], session[:cart][:items])
-    begin
-      ShoppingCartPlugin::Mailer.deliver_customer_notification(params[:customer], profile, session[:cart][:items])
-      ShoppingCartPlugin::Mailer.deliver_supplier_notification(params[:customer], profile, session[:cart][:items])
-      render :text => {
-        :ok => true,
-        :message => _('Request sent successfully. Check your email.'),
-        :error => {:code => 0}
-      }.to_json
-    rescue Exception => exception
-      render :text => {
-        :ok => false,
-        :error => {
-          :code => 6,
-          :message => exception.message
-        }
-      }.to_json
-    end
-  end
-
-  def visibility
-    render :text => session[:cart].has_key?(:visibility) ? session[:cart][:visibility].to_json : true.to_json
-  end
-
-  def show
-    begin
-      session[:cart][:visibility] = true
-      render :text => {
-        :ok => true,
-        :message => _('Basket displayed.'),
-        :error => {:code => 0}
-      }.to_json
-    rescue Exception => exception
-      render :text => {
-        :ok => false,
-        :error => {
-          :code => 7,
-          :message => exception.message
-        }
-      }.to_json
-    end
-  end
-
-  def hide
-    begin
-      session[:cart][:visibility] = false
-      render :text => {
-        :ok => true,
-        :message => _('Basket hidden.'),
-        :error => {:code => 0}
-      }.to_json
-    rescue Exception => exception
-      render :text => {
-        :ok => false,
-        :error => {
-          :code => 8,
-          :message => exception.message
-        }
-      }.to_json
-    end
-  end
-
-  private
-
-  def validate_same_enterprise
-    if profile.id != session[:cart][:enterprise_id]
-      render :text => {
-        :ok => false,
-        :error => {
-        :code => 1,
-        :message => _("Can't join items from different enterprises.")
-      }
-      }.to_json
-      return false
-    end
-    true
-  end
-
-  def validate_cart_presence
-    if session[:cart].nil?
-      render :text => {
-        :ok => false,
-        :error => {
-        :code => 2,
-        :message => _("There is no basket.")
-      }
-      }.to_json
-      return false
-    end
-    true
-  end
-
-  def validate_enterprise_has_product(id)
-    begin
-      product = profile.products.find(id)
-    rescue
-      render :text => {
-        :ok => false,
-        :error => {
-        :code => 3,
-        :message => _("This enterprise doesn't have this product.")
-      }
-      }.to_json
-      return nil
-    end
-    product
-  end
-
-  def validate_cart_has_product(id)
-    if !session[:cart][:items].has_key?(id)
-      render :text => {
-        :ok => false,
-        :error => {
-        :code => 4,
-        :message => _("The basket doesn't have this product.")
-      }
-      }.to_json
-      return false
-    end
-    true
-  end
-
-  def validate_item_quantity(quantity)
-    if quantity.to_i < 1
-      render :text => {
-        :ok => false,
-        :error => {
-        :code => 5,
-        :message => _("Invalid quantity.")
-      }
-      }.to_json
-      return false
-    end
-    true
-  end
-
-  def register_order(custumer, items)
-    new_items = {}
-    items.each do |id, quantity|
-      product = Product.find(id)
-      price = product.price || 0
-      new_items[id] = {:quantity => quantity, :price => price, :name => product.name}
-    end
-    ShoppingCartPlugin::PurchaseOrder.create!(
-      :seller => profile,
-      :customer => user,
-      :status => ShoppingCartPlugin::PurchaseOrder::Status::OPENED,
-      :products_list => new_items,
-      :customer_name => params[:customer][:name],
-      :customer_email => params[:customer][:email],
-      :customer_contact_phone => params[:customer][:contact_phone],
-      :customer_address => params[:customer][:address],
-      :customer_city => params[:customer][:city],
-      :customer_zip_code => params[:customer][:zip_code]
-    )
-  end
-end
@@ -0,0 +1,19 @@
+class MoveFieldsIncludedOnProfilesTableToSettings < ActiveRecord::Migration
+  def self.up
+    Profile.find_each do |profile|
+      settings = Noosfero::Plugin::Settings.new(profile, ShoppingCartPlugin)
+      settings.enabled = profile.shopping_cart
+      settings.delivery = profile.shopping_cart_delivery
+      settings.delivery_price = profile.shopping_cart_delivery_price
+      settings.save!
+    end
+
+    remove_column :profiles, :shopping_cart
+    remove_column :profiles, :shopping_cart_delivery
+    remove_column :profiles, :shopping_cart_delivery_price
+  end
+
+  def self.down
+    say "This migration can not be reverted!"
+  end
+end
@@ -3,20 +3,40 @@ require_dependency &#39;shopping_cart_plugin/ext/person&#39;
 class ShoppingCartPlugin < Noosfero::Plugin
-  def self.plugin_name
+  class << self
+    def plugin_name
     "Shopping Basket"
-  end
+    end
+
+    def plugin_description
+      _("A shopping basket feature for enterprises")
+    end
+
+    def enabled_default_setting
+      true
+    end
-  def self.plugin_description
-    _("A shopping basket feature for enterprises")
+    def delivery_default_setting
+      false
+    end
+
+    def delivery_price_default_setting
+      0
+    end
+
+    def delivery_options_default_setting
+      {}
+    end
   end
-  def add_to_cart_button(item, enterprise = context.profile)
-    if enterprise.shopping_cart && item.available
+  def add_to_cart_button(item)
+    enterprise = item.enterprise
+    settings = Noosfero::Plugin::Settings.new(enterprise, ShoppingCartPlugin)
+    if settings.enabled && item.available
        lambda {
          link_to(_('Add to basket'), "add:#{item.name}",
            :class => 'cart-add-item',
-           :onclick => "Cart.addItem('#{enterprise.identifier}', #{item.id}, this); return false"
+           :onclick => "Cart.addItem(#{item.id}, this); return false"
          )
        }
     end
@@ -35,15 +55,16 @@ class ShoppingCartPlugin &lt; Noosfero::Plugin
   end
   def body_beginning
-    expanded_template('cart.html.erb',{:cart => context.session[:cart]})
+    expanded_template('cart.html.erb')
   end
   def control_panel_buttons
+    settings = Noosfero::Plugin::Settings.new(context.profile, ShoppingCartPlugin)
     buttons = []
     if context.profile.enterprise?
       buttons << { :title => _('Shopping basket'), :icon => 'shopping-cart-icon', :url => {:controller => 'shopping_cart_plugin_myprofile', :action => 'edit'} }
     end
-    if context.profile.enterprise? && context.profile.shopping_cart
+    if context.profile.enterprise? && settings.enabled
       buttons << { :title => _('Purchase reports'), :icon => 'shopping-cart-purchase-report', :url => {:controller => 'shopping_cart_plugin_myprofile', :action => 'reports'} }
     end
 module ShoppingCartPlugin::CartHelper
   include ActionView::Helpers::NumberHelper
+  include ActionView::Helpers::TagHelper
   def sell_price(product)
     return 0 if product.price.nil?
     product.discount ? product.price_with_discount : product.price
   end
-  def get_price(product, environment)
-    float_to_currency_cart(sell_price(product), environment)
+  def get_price(product, environment, quantity=1)
+    float_to_currency_cart(price_with_quantity(product,quantity), environment)
   end
-  def get_total(items, environment)
-    float_to_currency_cart(items.map { |id, quantity| sell_price(Product.find(id)) * quantity}.sum, environment)
+  def price_with_quantity(product, quantity=1)
+    quantity = 1 if !quantity.kind_of?(Numeric)
+    sell_price(product)*quantity
   end
-  def items_table(items, profile, by_mail = false)
+  def get_total(items)
+    items.map { |id, quantity| price_with_quantity(Product.find(id),quantity)}.sum
+  end
+
+  def get_total_on_currency(items, environment)
+    float_to_currency_cart(get_total(items), environment)
+  end
+
+  def items_table(items, profile, delivery_option = nil, by_mail = false)
     environment = profile.environment
+    settings = Noosfero::Plugin::Settings.new(profile, ShoppingCartPlugin)
     items = items.to_a
-    if profile.shopping_cart_delivery
-      delivery = Product.create!(:name => _('Delivery'), :price => profile.shopping_cart_delivery_price, :product_category => ProductCategory.last)
-      items << [delivery.id, 1]
-    end
     quantity_opts = { :class => 'cart-table-quantity' }
     quantity_opts.merge!({:align => 'center'}) if by_mail
     price_opts = {:class => 'cart-table-price'}
     price_opts.merge!({:align => 'right'}) if by_mail
+    items.sort! {|a, b| Product.find(a.first).name <=> Product.find(b.first).name}
+
+    if settings.delivery
+      if settings.free_delivery_price && get_total(items) >= settings.free_delivery_price
+        delivery = Product.new(:name => _('Free delivery'), :price => 0)
+      else
+        delivery = Product.new(:name => delivery_option || _('Delivery'), :price => settings.delivery_options[delivery_option])
+      end
+      delivery.save(false)
+      items << [delivery.id, '']
+    end
     table = '<table id="cart-items-table" cellpadding="2" cellspacing="0"
     border="'+(by_mail ? '1' : '0')+'"
     style="'+(by_mail ? 'border-collapse:collapse' : '')+'">' +
     content_tag('tr',
-                content_tag('th', _('Item name')) +
-                content_tag('th', by_mail ? '&nbsp;#&nbsp;' : '#') +
-                content_tag('th', _('Price'))
+      content_tag('th', _('Item name')) +
+      content_tag('th', by_mail ? '&nbsp;#&nbsp;' : '#') +
+      content_tag('th', _('Price'))
     ) +
     items.map do |id, quantity|
       product = Product.find(id)
+      name_opts = {}
+      is_delivery = quantity.kind_of?(String)
+      if is_delivery
+        price_opts.merge!({:id => 'delivery-price'})
+        name_opts.merge!({:id => 'delivery-name'})
+      end
       content_tag('tr',
-                  content_tag('td', product.name) +
-                  content_tag('td', quantity, quantity_opts ) +
-                  content_tag('td', get_price(product, environment), price_opts )
-                 )
+        content_tag('td', product.name, name_opts) +
+        content_tag('td', quantity, quantity_opts ) +
+        content_tag('td', get_price(product, environment, quantity), price_opts)
+      )
     end.join("\n")
-    total = get_total(items, environment)
-    delivery.destroy if profile.shopping_cart_delivery
+    total = get_total_on_currency(items, environment)
+    delivery.destroy if settings.delivery
     table +
     content_tag('th', _('Total:'), :colspan => 2, :class => 'cart-table-total-label') +
@@ -55,6 +79,14 @@ module ShoppingCartPlugin::CartHelper
   end
   def float_to_currency_cart(value, environment)
-    number_to_currency(value, :unit => environment.currency_unit, :separator => environment.currency_separator, :delimiter => environment.currency_delimiter, :precision => 2, :format => "%u %n")
+    number_to_currency(value, :unit => environment.currency_unit, :separator => environment.currency_separator, :delimiter => environment.currency_delimiter, :precision => 2, :format => "%u%n")
+  end
+
+  def select_delivery_options(options, environment)
+    result = options.map do |option, price|
+      ["#{option} (#{float_to_currency_cart(price, environment)})", option]
+    end
+    result << ["#{_('Delivery')} (#{float_to_currency_cart(0, environment)})", 'delivery'] if result.empty?
+    result
   end
 end
 class ShoppingCartPlugin::Mailer < Noosfero::Plugin::MailerBase
-  def customer_notification(customer, supplier, items)
+  include ShoppingCartPlugin::CartHelper
+
+  def customer_notification(customer, supplier, items, delivery_option)
     domain = supplier.hostname || supplier.environment.default_hostname
     recipients    customer[:email]
     from          'no-reply@' + domain
@@ -10,10 +12,12 @@ class ShoppingCartPlugin::Mailer &lt; Noosfero::Plugin::MailerBase
     body :customer => customer,
          :supplier => supplier,
          :items => items,
-         :environment => supplier.environment
+         :environment => supplier.environment,
+         :helper => self,
+         :delivery_option => delivery_option
   end
-  def supplier_notification(customer, supplier, items)
+  def supplier_notification(customer, supplier, items, delivery_option)
     domain = supplier.environment.default_hostname
     recipients    supplier.contact_email
     from          'no-reply@' + domain
@@ -23,6 +27,8 @@ class ShoppingCartPlugin::Mailer &lt; Noosfero::Plugin::MailerBase
     body :customer => customer,
          :supplier => supplier,
          :items => items,
-         :environment => supplier.environment
+         :environment => supplier.environment,
+         :helper => self,
+         :delivery_option => delivery_option
   end
 end
@@ -12,8 +12,12 @@ class ShoppingCartPlugin::PurchaseOrder &lt; Noosfero::Plugin::ActiveRecord
   settings_items :customer_email, :type => String
   settings_items :customer_contact_phone, :type => String
   settings_items :customer_address, :type => String
+  settings_items :customer_district, :type => String
   settings_items :customer_city, :type => String
   settings_items :customer_zip_code, :type => String
+  settings_items :customer_delivery_option, :type => String
+  settings_items :customer_payment, :type => String
+  settings_items :customer_change, :type => String
   before_create do |order|
     order.created_at = Time.now.utc
@@ -0,0 +1,34 @@
+jQuery(document).ready(function(){
+  jQuery("#cart-request-form").validate({
+    submitHandler: function(form) {
+      jQuery(form).find('input.submit').attr('disabled', true);
+      jQuery('#cboxLoadingOverlay').show().addClass('loading');
+      jQuery('#cboxLoadingGraphic').show().addClass('loading');
+    }
+  });
+});
+
+jQuery('#delivery_option').change(function(){
+  jQuery('#cboxLoadingGraphic').show();
+  me = this;
+  enterprise = jQuery(me).attr('data-profile-identifier');
+  option = jQuery(me).val();
+  jQuery.ajax({
+    url: '/plugin/shopping_cart/update_delivery_option',
+    dataType: "json",
+    data: 'delivery_option='+option,
+    success: function(data, st, ajax) {
+      jQuery('#delivery-price').text(data.delivery_price);
+      jQuery('.cart-table-total-value').text(data.total_price);
+      jQuery('#delivery-name').text(option);
+      jQuery('#cboxLoadingGraphic').hide();
+    },
+    error: function(ajax, st, errorThrown) {
+      alert('Update delivery option - HTTP '+st+': '+errorThrown);
+    },
+  });
+});
+
+jQuery('#customer_payment').change(function(){
+  jQuery(this).closest('.formfieldline').next().slideToggle('fast');
+});
@@ -11,10 +11,9 @@ function Cart(config) {
   $(".cart-buy", this.cartElem).button({ icons: { primary: 'ui-icon-cart'} });
   if (!this.empty) {
     $(this.cartElem).show();
-    this.enterprise = config.enterprise;
     me = this;
     $.ajax({
-      url: '/profile/'+ this.enterprise +'/plugins/shopping_cart/visibility',
+      url: '/plugin/shopping_cart/visibility',
       dataType: 'json',
       success: function(data, status, ajax){
         me.visible = /^true$/i.test(data);
@@ -25,7 +24,7 @@ function Cart(config) {
         alert('Visibility - HTTP '+status+': '+errorThrown);
       }
     });
-    $(".cart-buy", this.cartElem).colorbox({href: '/profile/' + this.enterprise + '/plugins/shopping_cart/buy'});
+    $(".cart-buy", this.cartElem).colorbox({ href: '/plugin/shopping_cart/buy' });
   }
 }
@@ -34,7 +33,7 @@ function Cart(config) {
   Cart.prototype.listProducts = function() {
     var me = this;
     $.ajax({
-      url: '/profile/'+ this.enterprise +'/plugins/shopping_cart/list',
+      url: '/plugin/shopping_cart/list',
       dataType: 'json',
       success: function(data, ststus, ajax){
         if ( !data.ok ) alert(data.error.message);
@@ -61,7 +60,7 @@ function Cart(config) {
         '<span class="item-name">'+ item.name +'</span>' +
         '<div class="item-price">' +
         '<input size="1" value="'+item.quantity+'" />'+ (item.price ? '&times; '+ item.price : '') +'</div>' +
-        ' <a href="remove:'+item.name+'" onclick="Cart.removeItem(\''+this.enterprise+'\', '+item.id+'); return false"' +
+        ' <a href="remove:'+item.name+'" onclick="Cart.removeItem('+item.id+'); return false"' +
         ' class="button icon-remove"><span>remove</span></a>'
        ).appendTo(li);
       var input = $("input", li)[0];
@@ -100,7 +99,7 @@ function Cart(config) {
     var me = this;
     if( quantity == NaN ) return input.value = input.lastValue;
     $.ajax({
-      url: '/profile/'+ this.enterprise +'/plugins/shopping_cart/update_quantity/'+ itemId +'?quantity='+ quantity,
+      url: '/plugin/shopping_cart/update_quantity/'+ itemId +'?quantity='+ quantity,
       dataType: 'json',
       success: function(data, status, ajax){
         if ( !data.ok ) {
@@ -132,8 +131,7 @@ function Cart(config) {
     this.updateTotal();
   }
-  Cart.addItem = function(enterprise, itemId, link) {
-    // on the future, the instance may be found by the enterprise identifier.
+  Cart.addItem = function(itemId, link) {
     link.intervalId = setInterval(function() {
       steps = ['w', 'n', 'e', 's'];
       if( !link.step || link.step==3 ) link.step = 0;
@@ -144,18 +142,13 @@ function Cart(config) {
       clearInterval(link.intervalId);
       $(link).button({ icons: { primary: 'ui-icon-cart'}, disable: false });
     };
-    this.instance.addItem(enterprise, itemId, stopBtLoading);
+    this.instance.addItem(itemId, stopBtLoading);
   }
-  Cart.prototype.addItem = function(enterprise, itemId, callback) {
-    if(!this.enterprise) {
-      this.enterprise = enterprise;
-      $(".cart-buy", this.cartElem).colorbox({href: '/profile/' + this.enterprise + '/plugins/shopping_cart/buy'});
-//      $(this.cartElem).show();
-    }
+  Cart.prototype.addItem = function(itemId, callback) {
     var me = this;
     $.ajax({
-      url: '/profile/'+ enterprise +'/plugins/shopping_cart/add/'+ itemId,
+      url: '/plugin/shopping_cart/add/'+ itemId,
       dataType: 'json',
       success: function(data, status, ajax){
         if ( !data.ok ) alert(data.error.message);
@@ -169,16 +162,16 @@ function Cart(config) {
     });
   }
-  Cart.removeItem = function(enterprise, itemId) {
+  Cart.removeItem = function(itemId) {
     var message = this.instance.cartElem.getAttribute('data-l10nRemoveItem');
-    if( confirm(message) ) this.instance.removeItem(enterprise, itemId);
+    if( confirm(message) ) this.instance.removeItem(itemId);
   }
-  Cart.prototype.removeItem = function(enterprise, itemId) {
+  Cart.prototype.removeItem = function(itemId) {
     if ($("li", this.itemsBox).size() < 2) return this.clean();
     var me = this;
     $.ajax({
-      url: '/profile/'+ enterprise +'/plugins/shopping_cart/remove/'+ itemId,
+      url: '/plugin/shopping_cart/remove/'+ itemId,
       dataType: 'json',
       success: function(data, status, ajax){
         if ( !data.ok ) alert(data.error.message);
@@ -200,7 +193,7 @@ function Cart(config) {
   Cart.prototype.show = function() {
     $.ajax({
-      url: '/profile/'+ this.enterprise +'/plugins/shopping_cart/show',
+      url: '/plugin/shopping_cart/show',
       dataType: 'json',
       cache: false,
       error: function(ajax, status, errorThrown) {
@@ -215,7 +208,7 @@ function Cart(config) {
   }
   Cart.prototype.hide = function() {
     $.ajax({
-      url: '/profile/'+ this.enterprise +'/plugins/shopping_cart/hide',
+      url: '/plugin/shopping_cart/hide',
       dataType: 'json',
       cache: false,
       error: function(ajax, status, errorThrown) {
@@ -252,7 +245,7 @@ function Cart(config) {
   Cart.prototype.clean = function() {
     var me = this;
     $.ajax({
-      url: '/profile/'+ me.enterprise +'/plugins/shopping_cart/clean',
+      url: '/plugin/shopping_cart/clean',
       dataType: 'json',
       success: function(data, status, ajax){
         if ( !data.ok ) alert(data.error.message);
@@ -261,7 +254,6 @@ function Cart(config) {
           $(me.cartElem).slideUp(500, function() {
             $(me.itemsBox).empty();
             me.hide();
-            me.enterprise = null;
             me.updateTotal();
             me.empty = true;
           });
@@ -284,7 +276,7 @@ function Cart(config) {
     var me = this;
     $.ajax({
       type: 'POST',
-      url: '/profile/'+ me.enterprise +'/plugins/shopping_cart/send_request',
+      url: '/plugin/shopping_cart/send_request',
       data: params,
       dataType: 'json',
       success: function(data, status, ajax){
@@ -309,7 +301,19 @@ function Cart(config) {
   }
   $(function(){
-    $('.cart-add-item').button({ icons: { primary: 'ui-icon-cart'} })
+
+    $.ajax({
+      url: "/plugin/shopping_cart/get",
+      dataType: 'json',
+      success: function(data) {
+        new Cart(data);
+        $('.cart-add-item').button({ icons: { primary: 'ui-icon-cart'} })
+      },
+      cache: false,
+      error: function(ajax, status, errorThrown) {
+        alert('Error getting shopping cart - HTTP '+status+': '+errorThrown);
+      }
+    });
   });
 })(jQuery);
@@ -0,0 +1,16 @@
+jQuery('#settings_delivery').click(function(){
+  jQuery('#delivery_settings').toggle('fast');
+});
+
+jQuery('#add-new-option').click(function(){
+  new_option = jQuery('#empty-option').clone();
+  new_option.removeAttr('id');
+  jQuery('#add-new-option-row').before(new_option);
+  new_option.show();
+  return false;
+});
+
+jQuery('.remove-option').live('click', function(){
+  jQuery(this).closest('tr').remove();
+  return false;
+});
-@import url(colorbox/colorbox.css);
-
 .cart-add-item .ui-icon-cart {
   background: url("/plugins/shopping_cart/images/button-icon.png") no-repeat scroll left center transparent;
   width: 22px;
@@ -0,0 +1,225 @@
+require File.dirname(__FILE__) + '/../../../../test/test_helper'
+require File.dirname(__FILE__) + '/../../controllers/shopping_cart_plugin_controller'
+
+# Re-raise errors caught by the controller.
+class ShoppingCartPluginController; def rescue_action(e) raise e end; end
+
+class ShoppingCartPluginControllerTest < ActionController::TestCase
+
+  def setup
+    @controller = ShoppingCartPluginController.new
+    @request    = ActionController::TestRequest.new
+    @response   = ActionController::TestResponse.new
+    @enterprise = fast_create(Enterprise)
+    @product = fast_create(Product, :enterprise_id => @enterprise.id)
+  end
+  attr_reader :enterprise
+  attr_reader :product
+
+  should 'force cookie expiration with explicit path for an empty cart' do
+    get :get
+    assert @response.headers['Set-Cookie'].any? { |c| c =~ /_noosfero_plugin_shopping_cart=; path=\/plugin\/shopping_cart; expires=.*-1970/}
+  end
+
+  should 'add a new product to cart' do
+    get :add, :id => product.id
+
+    assert product_in_cart?(product)
+    assert_equal 1, product_quantity(product)
+  end
+
+  should 'grow quantity through add' do
+    get :add, :id => product.id
+    assert_equal 1, product_quantity(product)
+
+    get :add, :id => product.id
+    assert_equal 2, product_quantity(product)
+  end
+
+  should 'not add product to cart if it does not exists' do
+    assert_nothing_raised { get :add, :id => 9999 }
+
+    assert !product_in_cart?(product)
+    assert !response_ok?
+    assert 3, reponse_error_code
+  end
+
+  should 'remove cart if the product being removed is the last one' do
+    get :add, :id => product.id
+    assert cart?
+
+    get :remove, :id => product.id
+    assert !cart?
+  end
+
+  should 'not try to remove a product if there is no cart' do
+    instantiate_cart
+    assert !cart?
+
+    assert_nothing_raised { get :remove, :id => 9999 }
+    assert !response_ok?
+    assert_equal 2, reponse_error_code
+  end
+
+  should 'just remove product if there are other products on cart' do
+    another_product = fast_create(Product, :enterprise_id => enterprise.id)
+    get :add, :id => product.id
+    get :add, :id => another_product.id
+
+    get :remove, :id => product.id
+    assert cart?
+    assert !product_in_cart?(product)
+  end
+
+  should 'not try to remove a product that is not in the cart' do
+    get :add, :id => product.id
+    assert cart?
+    assert_nothing_raised { get :remove, :id => 9999 }
+
+    assert !response_ok?
+    assert_equal 4, reponse_error_code
+  end
+
+  should 'not try to list the cart if there is no cart' do
+    instantiate_cart
+    assert !cart?
+
+    assert_nothing_raised { get :list  }
+    assert !response_ok?
+    assert_equal 2, reponse_error_code
+  end
+
+  should 'list products without errors' do
+    get :add, :id => product.id
+
+    assert_nothing_raised { get :list  }
+    assert response_ok?
+  end
+
+  should 'update the quantity of a product' do
+    get :add, :id => product.id
+    assert 1, product_quantity(product)
+
+    get :update_quantity, :id => product.id, :quantity => 3
+    assert 3, product_quantity(product)
+  end
+
+  should 'not try to update quantity the quantity of a product if there is no cart' do
+    instantiate_cart
+    assert !cart?
+
+    assert_nothing_raised { get :update_quantity, :id => 9999, :quantity => 3 }
+    assert !response_ok?
+    assert_equal 2, reponse_error_code
+  end
+
+  should 'not try to update the quantity of a product that is not in the cart' do
+    get :add, :id => product.id
+    assert cart?
+    assert_nothing_raised { get :update_quantity, :id => 9999, :quantity => 3 }
+
+    assert !response_ok?
+    assert_equal 4, reponse_error_code
+  end
+
+  should 'not update the quantity of a product with a invalid value' do
+    get :add, :id => product.id
+
+    assert_nothing_raised { get :update_quantity, :id => product.id, :quantity => -1}
+    assert !response_ok?
+    assert_equal 5, reponse_error_code
+
+    assert_nothing_raised { get :update_quantity, :id => product.id, :quantity => 'asdf'}
+    assert !response_ok?
+    assert_equal 5, reponse_error_code
+  end
+
+  should 'clean the cart' do
+    another_product = fast_create(Product, :enterprise_id => enterprise.id)
+    get :add, :id => product.id
+    get :add, :id => another_product.id
+
+    assert_nothing_raised {  get :clean }
+    assert !cart?
+  end
+
+  should 'not crash if there is no cart' do
+    instantiate_cart
+    assert !cart?
+    assert_nothing_raised {  get :clean  }
+  end
+
+  should 'register order on send request' do
+    product1 = fast_create(Product, :enterprise_id => enterprise.id, :price => 1.99)
+    product2 = fast_create(Product, :enterprise_id => enterprise.id, :price => 2.23)
+    @controller.stubs(:cart).returns({ :enterprise_id => enterprise.id, :items => {product1.id => 1, product2.id => 2}})
+    assert_difference ShoppingCartPlugin::PurchaseOrder, :count, 1 do
+      post :send_request,
+        :customer => {:name => "Manuel", :email => "manuel@ceu.com"}
+    end
+
+    order = ShoppingCartPlugin::PurchaseOrder.last
+
+    assert_equal 1.99, order.products_list[product1.id][:price]
+    assert_equal 1, order.products_list[product1.id][:quantity]
+    assert_equal 2.23, order.products_list[product2.id][:price]
+    assert_equal 2, order.products_list[product2.id][:quantity]
+    assert_equal ShoppingCartPlugin::PurchaseOrder::Status::OPENED, order.status
+  end
+
+  should 'register order on send request and not crash if product is not defined' do
+    product1 = fast_create(Product, :enterprise_id => enterprise.id)
+    @controller.stubs(:cart).returns({ :enterprise_id => enterprise.id, :items => {product1.id => 1}})
+    assert_difference ShoppingCartPlugin::PurchaseOrder, :count, 1 do
+      post :send_request,
+        :customer => {:name => "Manuel", :email => "manuel@ceu.com"}
+    end
+
+    order = ShoppingCartPlugin::PurchaseOrder.last
+
+    assert_equal 0, order.products_list[product1.id][:price]
+  end
+
+  should 'clean the cart after placing the order' do
+    product1 = fast_create(Product, :enterprise_id => enterprise.id)
+    post :add, :id => product1.id
+    post :send_request, :customer => { :name => "Manuel", :email => "manuel@ceu.com" }
+    assert !cart?, "cart expected to be empty!"
+  end
+
+  private
+
+  def json_response
+    ActiveSupport::JSON.decode @response.body
+  end
+
+  def cart?
+    !@controller.send(:cart).nil?
+  end
+
+  def product_in_cart?(product)
+    @controller.send(:cart) &&
+      @controller.send(:cart)[:items] &&
+      @controller.send(:cart)[:items].has_key?(product.id)
+  end
+
+  def product_quantity(product)
+    @controller.send(:cart)[:items][product.id]
+  end
+
+  def response_ok?
+    json_response['ok']
+  end
+
+  def reponse_error_code
+    json_response['error']['code']
+  end
+
+  # temporary hack...if I don't do this the session stays as an Array instead
+  # of a TestSession
+  def instantiate_cart
+    get :add, :id => product.id
+    get :remove, :id => product.id
+  end
+
+end
@@ -13,46 +13,42 @@ class ShoppingCartPluginMyprofileControllerTest &lt; ActionController::TestCase
   attr_reader :enterprise
   should 'be able to enable shopping cart' do
-    enterprise.shopping_cart = false
-    enterprise.save
-    post :edit, :profile => enterprise.identifier, :profile_attr => {:shopping_cart => '1'}
-    enterprise.reload
+    settings.enabled = false
+    settings.save!
+    post :edit, :profile => enterprise.identifier, :settings => {:enabled => '1'}
-    assert enterprise.shopping_cart
+    assert settings.enabled
   end
   should 'be able to disable shopping cart' do
-    enterprise.shopping_cart = true
-    enterprise.save
-    post :edit, :profile => enterprise.identifier, :profile_attr => {:shopping_cart => '0'}
-    enterprise.reload
+    settings.enabled = true
+    settings.save!
+    post :edit, :profile => enterprise.identifier, :settings => {:enabled => '0'}
-    assert !enterprise.shopping_cart
+    assert !settings.enabled
   end
   should 'be able to enable shopping cart delivery' do
-    enterprise.shopping_cart_delivery = false
-    enterprise.save
-    post :edit, :profile => enterprise.identifier, :profile_attr => {:shopping_cart_delivery => '1'}
-    enterprise.reload
+    settings.delivery = false
+    settings.save!
+    post :edit, :profile => enterprise.identifier, :settings => {:delivery => '1'}
-    assert enterprise.shopping_cart_delivery
+    assert settings.delivery
   end
   should 'be able to disable shopping cart delivery' do
-    enterprise.shopping_cart_delivery = true
-    enterprise.save
-    post :edit, :profile => enterprise.identifier, :profile_attr => {:shopping_cart_delivery => '0'}
-    enterprise.reload
+    settings.delivery = true
+    settings.save!
+    post :edit, :profile => enterprise.identifier, :settings => {:delivery => '0'}
-    assert !enterprise.shopping_cart_delivery
+    assert !settings.delivery
   end
   should 'be able to choose the delivery price' do
     price = 4.35
-    post :edit, :profile => enterprise.identifier, :profile_attr => {:shopping_cart_delivery_price => price}
-    enterprise.reload
-    assert enterprise.shopping_cart_delivery_price == price
+    post :edit, :profile => enterprise.identifier, :settings => {:delivery_price => price}
+
+    assert settings.delivery_price == price
   end
   should 'filter the reports correctly' do
@@ -112,4 +108,11 @@ class ShoppingCartPluginMyprofileControllerTest &lt; ActionController::TestCase
     po.reload
     assert_equal ShoppingCartPlugin::PurchaseOrder::Status::CONFIRMED, po.status
   end
+
+  private
+
+  def settings
+    @enterprise.reload
+    Noosfero::Plugin::Settings.new(@enterprise, ShoppingCartPlugin)
+  end
 end
@@ -1,213 +0,0 @@
-require File.dirname(__FILE__) + '/../../../../test/test_helper'
-require File.dirname(__FILE__) + '/../../controllers/shopping_cart_plugin_profile_controller'
-
-# Re-raise errors caught by the controller.
-class ShoppingCartPluginProfileController; def rescue_action(e) raise e end; end
-
-class ShoppingCartPluginProfileControllerTest < ActionController::TestCase
-
-  def setup
-    @controller = ShoppingCartPluginProfileController.new
-    @request    = ActionController::TestRequest.new
-    @response   = ActionController::TestResponse.new
-    @enterprise = fast_create(Enterprise)
-    @product = fast_create(Product, :enterprise_id => @enterprise.id)
-  end
-  attr_reader :enterprise
-  attr_reader :product
-
-  should 'add a new product to cart' do
-    get :add, :profile => enterprise.identifier, :id => product.id
-
-    assert product_in_cart?(product)
-    assert_equal 1, product_quantity(product)
-  end
-
-  should 'grow quantity through add' do
-    get :add, :profile => enterprise.identifier, :id => product.id
-    assert_equal 1, product_quantity(product)
-
-    get :add, :profile => enterprise.identifier, :id => product.id
-    assert_equal 2, product_quantity(product)
-  end
-
-  should 'not add product to cart if it does not exists' do
-    assert_nothing_raised { get :add, :profile => enterprise.identifier, :id => 9999 }
-
-    assert !product_in_cart?(product)
-    assert !response_ok?
-    assert 3, reponse_error_code
-  end
-
-  should 'remove cart if the product being removed is the last one' do
-    get :add, :profile => enterprise.identifier, :id => product.id
-    assert cart?
-
-    get :remove, :profile => enterprise.identifier, :id => product.id
-    assert !cart?
-  end
-
-  should 'not try to remove a product if there is no cart' do
-    instantiate_session
-    assert !cart?
-
-    assert_nothing_raised { get :remove, :profile => enterprise.identifier, :id => 9999 }
-    assert !response_ok?
-    assert_equal 2, reponse_error_code
-  end
-
-  should 'just remove product if there are other products on cart' do
-    another_product = fast_create(Product, :enterprise_id => enterprise.id)
-    get :add, :profile => enterprise.identifier, :id => product.id
-    get :add, :profile => enterprise.identifier, :id => another_product.id
-
-    get :remove, :profile => enterprise.identifier, :id => product.id
-    assert cart?
-    assert !product_in_cart?(product)
-  end
-
-  should 'not try to remove a product that is not in the cart' do
-    get :add, :profile => enterprise.identifier, :id => product.id
-    assert cart?
-    assert_nothing_raised { get :remove, :profile => enterprise.identifier, :id => 9999 }
-
-    assert !response_ok?
-    assert_equal 4, reponse_error_code
-  end
-
-  should 'not try to list the cart if there is no cart' do
-    instantiate_session
-    assert !cart?
-
-    assert_nothing_raised { get :list, :profile => enterprise.identifier }
-    assert !response_ok?
-    assert_equal 2, reponse_error_code
-  end
-
-  should 'list products without errors' do
-    get :add, :profile => enterprise.identifier, :id => product.id
-
-    assert_nothing_raised { get :list, :profile => enterprise.identifier }
-    assert response_ok?
-  end
-
-  should 'update the quantity of a product' do
-    get :add, :profile => enterprise.identifier, :id => product.id
-    assert 1, product_quantity(product)
-
-    get :update_quantity, :profile => enterprise.identifier, :id => product.id, :quantity => 3
-    assert 3, product_quantity(product)
-  end
-
-  should 'not try to update quantity the quantity of a product if there is no cart' do
-    instantiate_session
-    assert !cart?
-
-    assert_nothing_raised { get :update_quantity, :profile => enterprise.identifier, :id => 9999, :quantity => 3 }
-    assert !response_ok?
-    assert_equal 2, reponse_error_code
-  end
-
-  should 'not try to update the quantity of a product that is not in the cart' do
-    get :add, :profile => enterprise.identifier, :id => product.id
-    assert cart?
-    assert_nothing_raised { get :update_quantity, :profile => enterprise.identifier, :id => 9999, :quantity => 3 }
-
-    assert !response_ok?
-    assert_equal 4, reponse_error_code
-  end
-
-  should 'not update the quantity of a product with a invalid value' do
-    get :add, :profile => enterprise.identifier, :id => product.id
-
-    assert_nothing_raised { get :update_quantity, :profile => enterprise.identifier, :id => product.id, :quantity => -1}
-    assert !response_ok?
-    assert_equal 5, reponse_error_code
-
-    assert_nothing_raised { get :update_quantity, :profile => enterprise.identifier, :id => product.id, :quantity => 'asdf'}
-    assert !response_ok?
-    assert_equal 5, reponse_error_code
-  end
-
-  should 'clean the cart' do
-    another_product = fast_create(Product, :enterprise_id => enterprise.id)
-    get :add, :profile => enterprise.identifier, :id => product.id
-    get :add, :profile => enterprise.identifier, :id => another_product.id
-
-    assert_nothing_raised {  get :clean, :profile => enterprise.identifier }
-    assert !cart?
-  end
-
-  should 'not crash if there is no cart' do
-    instantiate_session
-    assert !cart?
-    assert_nothing_raised {  get :clean, :profile => enterprise.identifier }
-  end
-
-  should 'register order on send request' do
-    product1 = fast_create(Product, :enterprise_id => enterprise.id, :price => 1.99)
-    product2 = fast_create(Product, :enterprise_id => enterprise.id, :price => 2.23)
-    @controller.stubs(:session).returns({:cart => {:items => {product1.id => 1, product2.id => 2}}})
-    assert_difference ShoppingCartPlugin::PurchaseOrder, :count, 1 do
-      post :send_request,
-        :customer => {:name => "Manuel", :email => "manuel@ceu.com"},
-        :profile => enterprise.identifier
-    end
-
-    order = ShoppingCartPlugin::PurchaseOrder.last
-
-    assert_equal 1.99, order.products_list[product1.id][:price]
-    assert_equal 1, order.products_list[product1.id][:quantity]
-    assert_equal 2.23, order.products_list[product2.id][:price]
-    assert_equal 2, order.products_list[product2.id][:quantity]
-    assert_equal ShoppingCartPlugin::PurchaseOrder::Status::OPENED, order.status
-  end
-
-  should 'register order on send request and not crash if product is not defined' do
-    product1 = fast_create(Product, :enterprise_id => enterprise.id)
-    @controller.stubs(:session).returns({:cart => {:items => {product1.id => 1}}})
-    assert_difference ShoppingCartPlugin::PurchaseOrder, :count, 1 do
-      post :send_request,
-        :customer => {:name => "Manuel", :email => "manuel@ceu.com"},
-        :profile => enterprise.identifier
-    end
-
-    order = ShoppingCartPlugin::PurchaseOrder.last
-
-    assert_equal 0, order.products_list[product1.id][:price]
-  end
-
-  private
-
-  def json_response
-    ActiveSupport::JSON.decode @response.body
-  end
-
-  def cart?
-    !session[:cart].nil?
-  end
-
-  def product_in_cart?(product)
-    session[:cart][:items].has_key?(product.id)
-  end
-
-  def product_quantity(product)
-    session[:cart][:items][product.id]
-  end
-
-  def response_ok?
-    json_response['ok']
-  end
-
-  def reponse_error_code
-    json_response['error']['code']
-  end
-
-  # temporary hack...if I don't do this the session stays as an Array instead
-  # of a TestSession
-  def instantiate_session
-    get :add, :profile => enterprise.identifier, :id => product.id
-    get :remove, :profile => enterprise.identifier, :id => product.id
-  end
-
-end
@@ -7,7 +7,6 @@ class ShoppingCartPluginTest &lt; ActiveSupport::TestCase
     @context = mock()
     @profile = mock()
     @profile.stubs(:identifier).returns('random-user')
-    @context.stubs(:profile).returns(@profile)
     @shopping_cart.context = @context
     @shopping_cart.stubs(:profile).returns(@profile)
   end
@@ -23,7 +22,8 @@ class ShoppingCartPluginTest &lt; ActiveSupport::TestCase
     product = fast_create(Product, :available => false)
     enterprise = mock()
     enterprise.stubs(:shopping_cart).returns(true)
+    product.stubs(:enterprise).returns(enterprise)
-    assert_nil shopping_cart.add_to_cart_button(product, enterprise)
+    assert_nil shopping_cart.add_to_cart_button(product)
   end
 end
@@ -7,7 +7,7 @@
       <a href="cart:clean" onclick="Cart.clean(this); return false" class="cart-clean"><%=_('Clean basket')%></a>
       <ul class="cart-items"></ul>
       <div class="cart-total"><%=_('Total:')%> <b></b></div>
-      <a href="cart:buy" class="cart-buy"><%=_('Shopping checkout')%></a>
+      <a href="/plugin/shopping_cart/buy" class="cart-buy"><%=_('Shopping checkout')%></a>
     </div>
     <a href="#" onclick="Cart.toggle(this); return false" class="cart-toggle">
       <span class="str-show"><%=_('Show basket')%></span>
@@ -15,9 +15,3 @@
     </a>
   </div>
 </div>
-
-<script type="text/javascript">
-//<![CDATA[
-  new Cart({hasProducts:<%= !locals[:cart].nil? ? "true, enterprise:'#{Enterprise.find(locals[:cart][:enterprise_id]).identifier}'" : "false" %>});
-//]]>
-</script>
@@ -0,0 +1,31 @@
+<% person = user.nil? ? Person.new : user %>
+<div id='cart-request-box'>
+  <% form_for(:customer, person, :url => {:action => 'send_request'},
+              :html => {:onsubmit => "return Cart.send_request(this)", :id => 'cart-request-form' }) do |f| %>
+    <div id="cart-form-main">
+      <%= labelled_form_field('* ' + _("Name"), f.text_field(:name, :class => 'required') ) %>
+      <%= labelled_form_field('* ' +  _("Email"), f.text_field(:email, :class => 'required email') ) %>
+      <%= labelled_form_field('* ' +  _("Contact phone"), f.text_field(:contact_phone, :class => 'required') ) %>
+      <%= labelled_form_field(_('Delivery option'), select_tag(:delivery_option, options_for_select(select_delivery_options(@settings.delivery_options, environment)), 'data-profile-identifier' => @enterprise.identifier)) unless !@settings.delivery || (@settings.free_delivery_price && get_total(@cart[:items]) >= @settings.free_delivery_price) %>
+      <%= labelled_form_field(_('Payment'), select_tag('customer[payment]', options_for_select([[_("Money"), :money],[_('Check'), :check]]))) %>
+      <%= labelled_form_field(_('Change'), text_field_tag('customer[change]')) %>
+    </div>
+    <% if @settings.delivery %>
+      <fieldset><legend><%=_('Delivery Address')%></legend>
+        <%= labelled_form_field(_('Address (street and number)'), f.text_field(:address)) %>
+        <%= labelled_form_field(_('Address reference'), f.text_field(:address_reference)) %>
+        <%= labelled_form_field(_('District'), f.text_field(:district)) %>
+        <%= labelled_form_field( _("City"), f.text_field(:city)) %>
+        <%= labelled_form_field(_('ZIP code'), f.text_field(:zip_code)) %>
+      </fieldset>
+    <% end %>
+    <div id="cart-form-actions">
+      <%= submit_button(:send, _('Send buy request')) %>
+    </div>
+  <% end %>
+  <% delivery_option = @settings.delivery_options.first && @settings.delivery_options.first.first %>
+  <%= items_table(@cart[:items], @enterprise, delivery_option) %>
+  <%= link_to '', '#', :onclick => "Cart.colorbox_close(this);", :class => 'cart-box-close icon-cancel' %>
+</div>
+
+<%= javascript_include_tag '../plugins/shopping_cart/buy' %>
@@ -17,26 +17,35 @@
       <li><b><%= _('Full name') %>: </b><%= @customer[:name] %></li>
       <li><b><%= _('Email') %>: </b><%= @customer[:email] %></li>
       <li><b><%= _('Phone number') %>: </b><%= @customer[:contact_phone] %></li>
-      <% if !@customer[:address].blank? || !@customer[:city].blank? || !@customer[:zip_code].blank? %>
+      <li><b><%= _('Payment') %>: </b><%= @customer[:payment] == 'money' ? _('Money') : _('Check') %></li>
+      <% if @customer[:payment] == 'money' %>
+        <li><b><%= _('Change') %>: </b><%= @customer[:change] %></li>
+      <% end %>
+      <% if !@customer[:address].blank? || !@customer[:city].blank? || !@customer[:zip_code].blank? || !@customer[:district].blank? || !@customer[:address_reference].blank? %>
         <li><b><%= _('Address') %>:</b>
       <% end %>
       <% if !@customer[:address].blank? %>
         <%= @customer[:address] %><br \>
       <% end %>
+      <% if !@customer[:district].blank? %>
+        <%= @customer[:district] %><br \>
+      <% end %>
       <% if !@customer[:city].blank? %>
         <%= @customer[:city] %><br \>
       <% end %>
       <% if !@customer[:zip_code].blank? %>
         <%= @customer[:zip_code] %>
       <% end %>
-      <% if !@customer[:address].blank? || !@customer[:city].blank? || !@customer[:zip_code].blank? %>
+      <% if !@customer[:address_reference].blank? %>
+        <%= @customer[:address_reference] %><br \>
+      <% end %>
+      <% if !@customer[:address].blank? || !@customer[:city].blank? || !@customer[:zip_code].blank? || !@customer[:district].blank? || !@customer[:address_reference].blank? %>
         </li>
       <% end %>
     </ul>
     <p><%=_('Here are the products you bought:')%></p>
-    <%= items_table(@items, @supplier, true) %>
-
+    <%= @helper.items_table(@items, @supplier, @delivery_option, true) %>
     <p>
       --<br/>
       <%=_('Thanks for buying with us!')%><br/>
@@ -15,26 +15,35 @@
       <li><b><%= _('Full name') %>: </b><%= @customer[:name] %></li>
       <li><b><%= _('Email') %>: </b><%= @customer[:email] %></li>
       <li><b><%= _('Phone number') %>: </b><%= @customer[:contact_phone] %></li>
-      <% if !@customer[:address].blank? || !@customer[:city].blank? || !@customer[:zip_code].blank? %>
+      <li><b><%= _('Payment') %>: </b><%= @customer[:payment] == 'money' ? _('Money') : _('Check') %></li>
+      <% if @customer[:payment] == 'money' %>
+        <li><b><%= _('Change') %>: </b><%= @customer[:change] %></li>
+      <% end %>
+      <% if !@customer[:address].blank? || !@customer[:city].blank? || !@customer[:zip_code].blank? || !@customer[:district].blank? || !@customer[:address_reference].blank? %>
         <li><b><%= _('Address') %>:</b>
       <% end %>
       <% if !@customer[:address].blank? %>
         <%= @customer[:address] %><br \>
       <% end %>
+      <% if !@customer[:district].blank? %>
+        <%= @customer[:district] %><br \>
+      <% end %>
       <% if !@customer[:city].blank? %>
         <%= @customer[:city] %><br \>
       <% end %>
       <% if !@customer[:zip_code].blank? %>
         <%= @customer[:zip_code] %>
       <% end %>
-      <% if !@customer[:address].blank? || !@customer[:city].blank? || !@customer[:zip_code].blank? %>
+      <% if !@customer[:address_reference].blank? %>
+        <%= @customer[:address_reference] %><br \>
+      <% end %>
+      <% if !@customer[:address].blank? || !@customer[:city].blank? || !@customer[:zip_code].blank? || !@customer[:district].blank? || !@customer[:address_reference].blank? %>
         </li>
       <% end %>
     </ul>
     <p><%=_('And here are the items bought by this customer:')%></p>
-    <%= items_table(@items, @supplier, true) %>
-
+    <%= @helper.items_table(@items, @supplier, @delivery_option, true) %>
     <p>
       --<br/>
       <%=_('If there are any problems with this email contact the admin of %s.') % @environment.name %>
@@ -0,0 +1 @@
+<%= _("Request sent successfully check your email.")%>
@@ -32,7 +32,9 @@
         <td class="order-info" colspan="5">
           <div style="display:none">
             <ul class="customer-details">
-              <% { 'name' =>_('Name'), 'email' => _('E-mail'), 'contact_phone' => _('Contact phone'), 'address' => _('Address'), 'city' => _('City'), 'zip_code' => _('Zip code')}.each do |attribute, name| %>
+              <% [['name', _('Name')], ['email', _('E-mail')], ['contact_phone', _('Contact phone')], ['address', _('Address')], ['district', _('District')], ['city', _('City')], ['zip_code', _('Zip code')], ['delivery_option', _('Delivery option')], ['payment', _('Payment')], ['change', _('Change')]].each do |field| %>
+                <% attribute = field.first %>
+                <% name = field.last %>
                 <%= content_tag('li', content_tag('strong', name+': ') + order.send('customer_'+attribute)) if !order.send('customer_'+attribute).blank? %>
               <% end %>
             </ul>
	@@ -6,45 +6,144 @@ noosfero, that's not a problem).		@@ -6,45 +6,144 @@ noosfero, that's not a problem).
6	Developers	6	Developers
7	==========	7	==========
8		8
		9	+Alan Freihof Tygel <alantygel@gmail.com>
		10	+Alessandro Palmeira <alessandro.palmeira@gmail.com>
		11	+Alessandro Palmeira + Caio C. Salgado <alessandro.palmeira@gmail.com>
		12	+Alessandro Palmeira + Caio Salgado <alessandro.palmeira@gmail.com>
		13	+Alessandro Palmeira + Caio Salgado <caio.csalgado@gmail.com>
		14	+Alessandro Palmeira + Caio Salgado + Diego Araújo + João M. M. da Silva <diegoamc90@gmail.com>
		15	+Alessandro Palmeira + Carlos Morais <alessandro.palmeira@gmail.com>
		16	+Alessandro Palmeira + Diego Araújo <alessandro.palmeira@gmail.com>
		17	+Alessandro Palmeira + Diego Araújo <diegoamc90@gmail.com>
		18	+Alessandro Palmeira + Diego Araújo + Pedro Leal <diegoamc90@gmail.com>
		19	+Alessandro Palmeira + Diego Araújo + Pedro Leal + João M. M. da Silva <diegoamc90@gmail.com>
		20	+Alessandro Palmeira + Diego Araujo + Rafael Manzo <alessandro.palmeira@gmail.com>
		21	+Alessandro Palmeira + Jefferson Fernandes <alessandro.palmeira@gmail.com>
		22	+Alessandro Palmeira + João M. M. da Silva <alessandro.palmeira@gmail.com>
		23	+Alessandro Palmeira + João M. M. da Silva + Renan Teruo <alessandro.palmeira@gmail.com>
		24	+Alessandro Palmeira + João M. M. Silva <alessandro.palmeira@gmail.com>
		25	+Alessandro Palmeira + Paulo Meirelles <alessandro.palmeira@gmail.com>
		26	+Alessandro Palmeira + Rafael Manzo <alessandro.palmeira@gmail.com>
9	Antonio Terceiro + Carlos Morais <terceiro@colivre.coop.br>	27	Antonio Terceiro + Carlos Morais <terceiro@colivre.coop.br>
10	Antonio Terceiro + Paulo Meirelles <terceiro@colivre.coop.br>	28	Antonio Terceiro + Paulo Meirelles <terceiro@colivre.coop.br>
11	Antonio Terceiro <terceiro@colivre.coop.br>	29	Antonio Terceiro <terceiro@colivre.coop.br>
12	Aurelio A. Heckert <aurelio@colivre.coop.br>	30	Aurelio A. Heckert <aurelio@colivre.coop.br>
13	Braulio Bhavamitra <brauliobo@gmail.com>	31	Braulio Bhavamitra <brauliobo@gmail.com>
14	Bráulio Bhavamitra <brauliobo@gmail.com>	32	Bráulio Bhavamitra <brauliobo@gmail.com>
		33	+Caio <caio.csalgado@gmail.com>
		34	+Caio + Diego + Pedro + João <caio.csalgado@gmail.com>
		35	+Caio, Pedro <caio.csalgado@gmail.com>
		36	+Caio Salgado + Alessandro Palmeira <caio.csalgado@gmail.com>
		37	+Caio Salgado <caio.csalgado@gmail.com>
		38	+Caio Salgado + Carlos Morais + Diego Araújo + Pedro Leal <diegoamc90@gmail.com>
		39	+Caio Salgado + Diego Araujo <caio.csalgado@gmail.com>
		40	+Caio Salgado + Diego Araújo <caio.csalgado@gmail.com>
		41	+Caio Salgado + Diego Araújo <diegoamc90@gmail.com>
		42	+Caio Salgado + Diego Araújo + Jefferson Fernandes <caio.csalgado@gmail.com>
		43	+Caio Salgado + Diego Araújo + João M. M. da Silva <caio.csalgado@gmail.com>
		44	+Caio Salgado + Diego Araújo + Pedro Leal <caio.csalgado@gmail.com>
		45	+Caio Salgado + Diego Araújo + Pedro Leal <diegoamc90@gmail.com>
		46	+Caio Salgado + Diego Araújo + Rafael Manzo <diegoamc90@gmail.com>
		47	+Caio Salgado + Jefferson Fernandes <caio.csalgado@gmail.com>
		48	+Caio Salgado + Jefferson Fernandes <jeffs.fernandes@gmail.com>
		49	+Caio Salgado + Rafael Manzo <caio.csalgado@gmail.com>
		50	+Caio Salgado + Renan Teruo <caio.csalgado@gmail.com>
		51	+Caio Salgado + Renan Teruo <caio.salgado@gmail.com>
		52	+Caio Salgado + Renan Teruo + Jefferson Fernandes <jeffs.fernandes@gmail.com>
		53	+Caio Salgado + Renan Teruo <renanteruoc@gmail.com>
15	Caio SBA <caio@colivre.coop.br>	54	Caio SBA <caio@colivre.coop.br>
16	Carlos Morais <carlos88morais@gmail.com>	55	Carlos Morais <carlos88morais@gmail.com>
17	Carlos Morais + Diego Araújo <diegoamc90@gmail.com>	56	Carlos Morais + Diego Araújo <diegoamc90@gmail.com>
		57	+Carlos Morais + Eduardo Morais <carlos88morais@gmail.com>
18	Carlos Morais + Paulo Meirelles <carlos88morais@gmail.com>	58	Carlos Morais + Paulo Meirelles <carlos88morais@gmail.com>
		59	+Carlos Morais + Pedro Leal <carlos88morais@gmail.com>
19	Daniela Soares Feitosa <danielafeitosa@colivre.coop.br>	60	Daniela Soares Feitosa <danielafeitosa@colivre.coop.br>
20	Daniel Cunha <daniel@colivre.coop.br>	61	Daniel Cunha <daniel@colivre.coop.br>
		62	+diegoamc <diegoamc90@gmail.com>
		63	+Diego Araújo + Alessandro Palmeira <diegoamc90@gmail.com>
		64	+Diego Araujo + Caio Salgado <diegoamc90@gmail.com>
21	Diego Araújo <diegoamc90@gmail.com>	65	Diego Araújo <diegoamc90@gmail.com>
		66	+Diego Araújo + Jefferson Fernandes <diegoamc90@gmail.com>
		67	+Diego Araujo + Jefferson Fernandes <jeffs.fernandes@gmail.com>
		68	+Diego Araújo + João Machini <diegoamc90@gmail.com>
		69	+Diego Araújo + João Machini <digoamc90@gmail.com>
22	Diego Araújo + João M. M. da Silva <diegoamc90@gmail.com>	70	Diego Araújo + João M. M. da Silva <diegoamc90@gmail.com>
		71	+Diego Araújo + João M. M. da Silva + João Machini <diegoamc90@gmail.com>
		72	+Diego Araújo + João M. M. da Silva + Pedro Leal <diegoamc90@gmail.com>
		73	+Diego Araújo + Paulo Meirelles <diegoamc90@gmail.com>
		74	+Diego Araújo + Pedro Leal <diegoamc90@gmail.com>
		75	+Diego Araújo + Rafael Manzo <diegoamc90@gmail.com>
		76	+Diego Araújo + Renan Teruo + Alessandro Palmeira <diegoamc90@gmail.com>
		77	+Diego Araújo + Renan Teruo <diegoamc90@gmail.com>
		78	+Diego + Jefferson <diegoamc90@gmail.com>
		79	+Diego Martinez <diegoamc90@gmail.com>
		80	+Diego + Renan <renanteruoc@gmail.com>
23	Fernanda Lopes <nanda.listas+psl@gmail.com>	81	Fernanda Lopes <nanda.listas+psl@gmail.com>
24	Grazieno Pellegrino <grazieno@gmail.com>	82	Grazieno Pellegrino <grazieno@gmail.com>
25	Isaac Canan <isaac@intelletto.com.br>	83	Isaac Canan <isaac@intelletto.com.br>
26	Italo Valcy <italo@dcc.ufba.br>	84	Italo Valcy <italo@dcc.ufba.br>
		85	+Jefferson Fernandes + Diego Araujo + Rafael Manzo <jeffs.fernandes@gmail.com>
		86	+Jefferson Fernandes + Joao M. M. da Silva <jeffs.fernandes@gmail.com>
		87	+Jefferson Fernandes + Joao M. M. Silva <jeffs.fernandes@gmail.com>
27	João da Silva <jaodsilv@linux.ime.usp.br>	88	João da Silva <jaodsilv@linux.ime.usp.br>
		89	+João Marco Maciel da Silva + Rafael Manzo + Renan Teruo <jaodsilv@linux.ime.usp.br>
		90	+João M. M. da Silva + Alessandro Palmeira + Diego Araújo + Caio Salgado <jaodsilv@linux.ime.usp.br>
		91	+João M. M. da Silva + Alessandro Palmeira + Diego Araújo <jaodsilv@linux.ime.usp.br>
		92	+João M. M. da Silva + Alessandro Palmeira <jaodsilv@linux.ime.usp.br>
		93	+João M. M. da Silva + Alessandro Palmeira + João Machini <jaodsilv@linux.ime.usp.br>
		94	+João M. M. da Silva + Caio Salgado + Alessandro Palmeira <jaodsilv@linux.ime.usp.br>
		95	+João M. M. da Silva + Caio Salgado <jaodsilv@linux.ime.usp.br>
28	João M. M. da Silva + Carlos Morais <jaodsilv@linux.ime.usp.br>	96	João M. M. da Silva + Carlos Morais <jaodsilv@linux.ime.usp.br>
29	João M. M. da Silva + Diego Araújo <diegoamc90@gmail.com>	97	João M. M. da Silva + Diego Araújo <diegoamc90@gmail.com>
30	João M. M. da Silva + Diego Araújo <jaodsilv@linux.ime.usp.br>	98	João M. M. da Silva + Diego Araújo <jaodsilv@linux.ime.usp.br>
		99	+João M. M. da Silva + Diego Araújo + Pedro Leal <jaodsilv@linux.ime.usp.br>
		100	+João M. M. da Silva <jaodsilv@linux.ime.usp.br>
		101	+Joao M. M. da Silva + Jefferson Fernandes <jaodsilv@linux.ime.usp.br>
		102	+João M. M. da Silva + Jefferson Fernandes <jaodsilv@linux.ime.usp.br>
		103	+João M. M. da Silva + João M. Miranda <jaodsilv@linux.ime.usp.br>
31	João M. M. da Silva + Paulo Meirelles <jaodsilv@linux.ime.usp.br>	104	João M. M. da Silva + Paulo Meirelles <jaodsilv@linux.ime.usp.br>
		105	+João M. M. da Silva + Pedro Leal <jaodsilv@linux.ime.usp.br>
		106	+João M. M. da Silva + Rafael Manzo + Diego Araújo <jaodsilv@linux.ime.usp.br>
		107	+João M. M. da Silva + Rafael Manzo <jaodsilv@linux.ime.usp.br>
		108	+João M. M. da Silva + Renan Teruo <jaodsilv@linux.ime.usp.br>
		109	+João M. M. Silva + Caio Salgado <jaodsilv@linux.ime.usp.br>
		110	+João M. M. Silva + Diego Araújo <jaodsilv@linux.ime.usp.br>
		111	+Joao M. M. Silva + Jefferson Fernandes <jaodsilv@linux.ime.usp.br>
		112	+João M. M. Silva + Paulo Meirelles <jaodsilv@linux.ime.usp.br>
		113	+João M. M. Silva + Rafael Manzo <jaodsilv@linux.ime.usp.br>
		114	+João M. M. Silva + Renan Teruo <jaodsilv@linux.ime.usp.br>
32	Joenio Costa <joenio@colivre.coop.br>	115	Joenio Costa <joenio@colivre.coop.br>
33	Josef Spillner <josef.spillner@tu-dresden.de>	116	Josef Spillner <josef.spillner@tu-dresden.de>
34	Keilla Menezes <keilla@colivre.coop.br>	117	Keilla Menezes <keilla@colivre.coop.br>
35	Larissa Reis <larissa@colivre.coop.br>	118	Larissa Reis <larissa@colivre.coop.br>
36	Larissa Reis <reiss.larissa@gmail.com>	119	Larissa Reis <reiss.larissa@gmail.com>
37	Leandro Nunes dos Santos <leandronunes@gmail.com>	120	Leandro Nunes dos Santos <leandronunes@gmail.com>
		121	+Leandro Nunes dos Santos <leandro.santos@serpro.gov.br>
38	LinguÁgil 2010 <linguagil.bahia@gmail.com>	122	LinguÁgil 2010 <linguagil.bahia@gmail.com>
		123	+Luis David Aguilar Carlos <ludwig9003@gmail.com>
39	Martín Olivera <molivera@solar.org.ar>	124	Martín Olivera <molivera@solar.org.ar>
40	Moises Machado <moises@colivre.coop.br>	125	Moises Machado <moises@colivre.coop.br>
41	Nanda Lopes <nanda.listas+psl@gmail.com>	126	Nanda Lopes <nanda.listas+psl@gmail.com>
		127	+Paulo Meirelles + Alessandro Palmeira <paulo@softwarelivre.org>
42	Paulo Meirelles + Carlos Morais <paulo@softwarelivre.org>	128	Paulo Meirelles + Carlos Morais <paulo@softwarelivre.org>
		129	+Paulo Meirelles + Diego Araújo <paulo@softwarelivre.org>
		130	+Paulo Meirelles + João M. M. da Silva <paulo@softwarelivre.org>
43	Paulo Meirelles <paulo@softwarelivre.org>	131	Paulo Meirelles <paulo@softwarelivre.org>
44	Rafael Gomes <rafaelgomes@techfree.com.br>	132	Rafael Gomes <rafaelgomes@techfree.com.br>
		133	+Rafael Manzo + João M. M. Silva <rr.manzo@gmail.com>
45	Rafael Martins <rmmartins@gmail.com>	134	Rafael Martins <rmmartins@gmail.com>
		135	+Rafael Reggiani Manzo + Caio Salgado + Jefferson Fernandes <rr.manzo@gmail.com>
		136	+Rafael Reggiani Manzo + Diego Araujo <diegoamc90@gmail.com>
		137	+Rafael Reggiani Manzo + Diego Araujo <rr.manzo@gmail.com>
		138	+Rafael Reggiani Manzo <rr.manzo@gmail.com>
46	Raphaël Rousseau <raph@r4f.org>	139	Raphaël Rousseau <raph@r4f.org>
47	Raquel Lira <raquel.lira@gmail.com>	140	Raquel Lira <raquel.lira@gmail.com>
		141	+Renan Teruo + Caio Salgado <renanteruoc@gmail.com>
		142	+Renan Teruoc + Diego Araujo <renanteruoc@gmail.com>
		143	+Renan Teruo + Diego Araujo <renanteruoc@gmail.com>
		144	+Renan Teruo + Diego Araújo <renanteruoc@gmail.com>
		145	+Renan Teruo + Paulo Meirelles <renanteruoc@gmail.com>
		146	+Renan Teruo + Rafael Manzo <renanteruoc@gmail.com>
48	Rodrigo Souto <rodrigo@colivre.coop.br>	147	Rodrigo Souto <rodrigo@colivre.coop.br>
49	Ronny Kursawe <kursawe.ronny@googlemail.com>	148	Ronny Kursawe <kursawe.ronny@googlemail.com>
50	Samuel R. C. Vale <srcvale@holoscopio.com>	149	Samuel R. C. Vale <srcvale@holoscopio.com>
1	= Noosfero instructions for developers	1	= Noosfero instructions for developers
2		2
3	-This document provides useful information to those who want to help with
4	-Noosfero development.	3	+== A work about your the development platform
5		4
6	-== Requirements for development	5	+These instructions are tested and known to work on Debian stable, which is the
		6	+system that the Noosfero core developers use to work on Noosfero.
7		7
8	-First, install all requirements listed in INSTALL. Note that you do not need to
9	-follow all the steps described there, you only need to install the packages
10	-listed in the "Requirements" section.	8	+If you want to use another OS, read "Instructions for other systems" below.
11		9
12	-After installing the requirements listed in INSTALL, you need to install some
13	-packages be able to run Noosfero tests. On Debian GNU/Linux and Debian-based
14	-systems, you install them with the following command:	10	+== Instructions for Debian stable
15		11
16	- # apt-get install libtidy-ruby libhpricot-ruby libmocha-ruby imagemagick po4a xvfb libxml2-dev libxslt-dev	12	+Download the source code:
17		13
18	-On other systems, they may or may not be available through your regular package
19	-management system. Below are the links to their homepages.	14	+ $ git clone git://gitorious.org/noosfero/noosfero.git
		15	+ $ cd noosfero
20		16
21	-* Mocha: http://mocha.rubyforge.org/
22	-* Tidy: http://tidy.sourceforge.net/
23	-* Hpricot: http://github.com/whymirror/hpricot
24	-* Imagemagick: http://wwwimagemagick.org/
25	-* po4a: http://po4a.alioth.debian.org/
26	-* xvfb: http://packages.debian.org/lenny/xvfb
27	-* Libxml2: http://xmlsoft.org/
28	-* Libxslt: http://xmlsoft.org/xslt	17	+Run the quick start script:
29		18
30	-== Boostraping a development/test environment	19	+ $ ./script/quick-start
31		20
32	-You can copy and paste the commands below into a terminal (please review the
33	-commands and make sure you understand what you are doing):	21	+Now you can execute the development server with:
34		22
35	- # checkout the code from repository
36	- git clone git://gitorious.org/noosfero/noosfero.git
37	- # enter the directory
38	- cd noosfero
39	- # copy a sample config file
40	- cp config/database.yml.sqlite3 config/database.yml
41	- # create tmp directory if it doesn't exist
42	- mkdir tmp
43	- # start Solr
44	- rake solr:start
45	- # create the development database
46	- rake db:schema:load
47	- # run pending migrations
48	- rake db:migrate
49	- # compile translations:
50	- rake makemo
51	- # create some test data:
52	- ./script/sample-data
53	- # install latest requirements for running tests
54	- RAILS_ENV=cucumber rake gems:install
55	- RAILS_ENV=test rake gems:install
56	- # run the automated test suite to make sure your environment is sane:
57	- rake test	23	+ $ ./script/development
58		24
59	-You should now be ready to go. Issue the following command to start the Rails
60	-development server:	25	+You will be able to access Noosfero at http://localhost:3000/
61		26
62	- ./script/server	27	+If you want to use a different port than 3000, pass `-p <PORT>` to
		28	+./script/development
63		29
64	-The server will be available at http://localhost:3000/ . If you want to use
65	-another port than 3000, you can use the -p option of ./script/server:	30	+== Instructions for other systems
66		31
67	- ./script/server -p 9999	32	+On other OS, you have 2 options:
68		33
69	-The above command makes the server available at http://localhost:9999/	34	+1) using a chroot or a VM with Debian stable (easier)
70		35
71	-The sample-data data scripts creates two administrator users with login "ze" and
72	-password "test" and login "adminuser" and password "admin".	36	+Use a chroot (http://wiki.debian.org/Schroot) or a Virtual Machine (e.g. with
		37	+VirtualBox) with a Debian stable system and follow the instructions above for
		38	+Debian stable.
73		39
74	-Note that some operations, like generating image thumbnails, sending e-mails,
75	-etc, are done in background in the context of a service independent from the
76	-Rails application server. To have those tasks performed in a development
77	-environment, you must run the delayed_job server like this:	40	+2) Installing dependencies on other OS (harder)
78		41
79	- ./script/delayed_job run	42	+If you want to setup a development environment in another OS, you can create a
		43	+file under script/install-dependencies/, called <OS>-<CODENAME>.sh, which
		44	+installed the dependencies for your system. With this script in place,
		45	+./script/quick-start will call it at the point of installing the required
		46	+packages for Noosfero development.
80		47
81	-This will block your terminal. To stop the delayed_job server, hit Control-C.	48	+You can check script/install-dependencies/debian-squeeze.sh to have an idea of
		49	+what kind of stuff that script has to do.
82		50
83	-== Enabling exceptions notification
84	-
85	-By default, exception notifications are disabled in development environment. If
86	-you want to enable it then you need to change some files:
87	-
88	-1) Add in config/environments/development.rb:
89	- config.action_controller.consider_all_requests_local = false
90	-
91	-2) Add in app/controller/application.rb:
92	- local_addresses.clear
93	-
94	-3) Add in config/noosfero.yml at development section:
95	- exception_recipients: [admin@example.com]
96	-
97	-== Releasing and building Debian package
98	-
99	-See RELEASING file.	51	+If you write such script for your own OS, please share it with us at the
		52	+development mailing list so that we can include it in the official repository.
		53	+This way other people using the same OS will have to put less effort to develop
		54	+Noosfero.
@@ -0,0 +1,43 @@		@@ -0,0 +1,43 @@
	1	+= Noosfero email setup
	2	+
	3	+If you know mail systems well, you just need to make sure that the local MTA,
	4	+listening on localhost:25, is able to deliver e-mails to the internet. Any mail
	5	+server will do it. You can stop reading now.
	6	+
	7	+If you are not an email specialist, then follow the instructions below. We
	8	+suggest that you use the Postfix mail server, since it is easy to configure and
	9	+very reliable. Just follow the instructions below.
	10	+
	11	+To install Postfix:
	12	+
	13	+# apt-get install postfix
	14	+
	15	+During the installation process, you will be asked a few questions. Your answer
	16	+to them will vary in 2 cases:
	17	+
	18	+Case 1: you can send e-mails directly to the internet. This will be the case
	19	+for most commercial private servers. Your answers should be:
	20	+
	21	+ General type of mail configuration: Internet site
	22	+ System mail name: the name of your domain, e.g. "mysocialnetwork.com"
	23	+
	24	+Case 2: you cannot, or don't want to, send e-mail directly to the internet.
	25	+This happens for example if your server is not allowed to make outbound
	26	+connections on port 25, or if you want to concentrate all your outbound mail
	27	+through a single SMTP server. Your answers in this case should be:
	28	+
	29	+ General type of mail configuration: Internet with smarthost
	30	+ System mail name: the name of your domain, e.g. "mysocialnetwork.com"
	31	+ SMTP relay host: smtp.yourprovider.com
	32	+
	33	+Note that smtp.yourprovider.com must allow your server to deliver e-mails
	34	+through it. You should probably ask your servive provider about this.
	35	+
	36	+There is another possibility: if you are installing on a shared server, and
	37	+don't have permission to configure the local MTA, you can instruct Noosfero to
	38	+send e-mails directly through an external server. Please note that this should
	39	+be your last option, since contacting an external SMTP server directly may slow
	40	+down your Noosfero application server. To configure Noosfero to send e-mails
	41	+through an external SMTP server, follow the instructions on
	42	+http://noosfero.org/Development/SMTPMailSending
	43	+
	@@ -9,7 +9,7 @@ class TasksController < MyProfileController		@@ -9,7 +9,7 @@ class TasksController < MyProfileController
9	end	9	end
10		10
11	def processed	11	def processed
12	- @tasks = Task.to(profile).finished.sort_by(&:created_at)	12	+ @tasks = Task.to(profile).closed.sort_by(&:created_at)
13	end	13	end
14		14
15	VALID_DECISIONS = [ 'finish', 'cancel', 'skip' ]	15	VALID_DECISIONS = [ 'finish', 'cancel', 'skip' ]
	@@ -4,6 +4,7 @@ class AccountController < ApplicationController		@@ -4,6 +4,7 @@ class AccountController < ApplicationController
4		4
5	before_filter :login_required, :only => [:activation_question, :accept_terms, :activate_enterprise]	5	before_filter :login_required, :only => [:activation_question, :accept_terms, :activate_enterprise]
6	before_filter :redirect_if_logged_in, :only => [:login, :signup]	6	before_filter :redirect_if_logged_in, :only => [:login, :signup]
		7	+ before_filter :protect_from_bots, :only => :signup
7		8
8	# say something nice, you goof! something sweet.	9	# say something nice, you goof! something sweet.
9	def index	10	def index
	@@ -55,6 +56,11 @@ class AccountController < ApplicationController		@@ -55,6 +56,11 @@ class AccountController < ApplicationController
55	render :action => 'login', :layout => false	56	render :action => 'login', :layout => false
56	end	57	end
57		58
		59	+ def signup_time
		60	+ key = set_signup_start_time_for_now
		61	+ render :text => { :ok=>true, :key=>key }.to_json
		62	+ end
		63	+
58	# action to register an user to the application	64	# action to register an user to the application
59	def signup	65	def signup
60	if @plugins.dispatch(:allow_user_registration).include?(false)	66	if @plugins.dispatch(:allow_user_registration).include?(false)
	@@ -62,6 +68,7 @@ class AccountController < ApplicationController		@@ -62,6 +68,7 @@ class AccountController < ApplicationController
62	session[:notice] = _("This environment doesn't allow user registration.")	68	session[:notice] = _("This environment doesn't allow user registration.")
63	end	69	end
64		70
		71	+ @block_bot = !!session[:may_be_a_bot]
65	@invitation_code = params[:invitation_code]	72	@invitation_code = params[:invitation_code]
66	begin	73	begin
67	if params[:user]	74	if params[:user]
	@@ -76,19 +83,28 @@ class AccountController < ApplicationController		@@ -76,19 +83,28 @@ class AccountController < ApplicationController
76	@person = Person.new(params[:profile_data])	83	@person = Person.new(params[:profile_data])
77	@person.environment = @user.environment	84	@person.environment = @user.environment
78	if request.post?	85	if request.post?
79	- @user.signup!
80	- owner_role = Role.find_by_name('owner')
81	- @user.person.affiliate(@user.person, [owner_role]) if owner_role
82	- invitation = Task.find_by_code(@invitation_code)
83	- if invitation
84	- invitation.update_attributes!({:friend => @user.person})
85	- invitation.finish
86	- end
87	- if @user.activated?
88	- self.current_user = @user
89	- redirect_to '/'	86	+ if may_be_a_bot
		87	+ set_signup_start_time_for_now
		88	+ @block_bot = true
		89	+ session[:may_be_a_bot] = true
90	else	90	else
91	- @register_pending = true	91	+ if session[:may_be_a_bot]
		92	+ return false unless verify_recaptcha :model=>@user, :message=>_('Captcha (the human test)')
		93	+ end
		94	+ @user.signup!
		95	+ owner_role = Role.find_by_name('owner')
		96	+ @user.person.affiliate(@user.person, [owner_role]) if owner_role
		97	+ invitation = Task.find_by_code(@invitation_code)
		98	+ if invitation
		99	+ invitation.update_attributes!({:friend => @user.person})
		100	+ invitation.finish
		101	+ end
		102	+ if @user.activated?
		103	+ self.current_user = @user
		104	+ redirect_to '/'
		105	+ else
		106	+ @register_pending = true
		107	+ end
92	end	108	end
93	end	109	end
94	rescue ActiveRecord::RecordInvalid	110	rescue ActiveRecord::RecordInvalid
	@@ -97,6 +113,7 @@ class AccountController < ApplicationController		@@ -97,6 +113,7 @@ class AccountController < ApplicationController
97	@person.errors.delete(:user_id)	113	@person.errors.delete(:user_id)
98	render :action => 'signup'	114	render :action => 'signup'
99	end	115	end
		116	+ clear_signup_start_time
100	end	117	end
101		118
102	# action to perform logout from the application	119	# action to perform logout from the application
	@@ -271,7 +288,36 @@ class AccountController < ApplicationController		@@ -271,7 +288,36 @@ class AccountController < ApplicationController
271	def no_redirect	288	def no_redirect
272	@cannot_redirect = true	289	@cannot_redirect = true
273	end	290	end
274	-	291	+
		292	+ def set_signup_start_time_for_now
		293	+ key = 'signup_start_time_' + rand.to_s.split('.')[1]
		294	+ Rails.cache.write key, Time.now
		295	+ key
		296	+ end
		297	+
		298	+ def get_signup_start_time
		299	+ Rails.cache.read params[:signup_time_key]
		300	+ end
		301	+
		302	+ def clear_signup_start_time
		303	+ Rails.cache.delete params[:signup_time_key] if params[:signup_time_key]
		304	+ end
		305	+
		306	+ def may_be_a_bot
		307	+ # No minimum signup delay, no bot test.
		308	+ return false if environment.min_signup_delay == 0
		309	+
		310	+ # answering captcha, may be human!
		311	+ return false if params[:recaptcha_response_field]
		312	+
		313	+ # never set signup_time, hi wget!
		314	+ signup_start_time = get_signup_start_time
		315	+ return true if signup_start_time.nil?
		316	+
		317	+ # so fast, so bot.
		318	+ signup_start_time > ( Time.now - environment.min_signup_delay.seconds )
		319	+ end
		320	+
275	def check_answer	321	def check_answer
276	unless answer_correct	322	unless answer_correct
277	@enterprise.block	323	@enterprise.block
	@@ -3,4 +3,28 @@ module CatalogHelper		@@ -3,4 +3,28 @@ module CatalogHelper
3	include DisplayHelper	3	include DisplayHelper
4	include ManageProductsHelper	4	include ManageProductsHelper
5		5
		6	+ def breadcrumb(category)
		7	+ start = link_to(_('Start'), {:action => 'index'})
		8	+ ancestors = category.ancestors.map { \|c\| link_to(c.name, {:action => 'index', :level => c.id}) }.reverse
		9	+ current_level = content_tag('strong', category.name)
		10	+ all_items = [start] + ancestors + [current_level]
		11	+ content_tag('div', all_items.join(' → '), :id => 'breadcrumb')
		12	+ end
		13	+
		14	+ def category_link(category, sub = false)
		15	+ count = profile.products.from_category(category).count
		16	+ name = truncate(category.name, :length => 22 - count.to_s.size)
		17	+ link_name = sub ? name : content_tag('strong', name)
		18	+ link = link_to(link_name, {:action => 'index', :level => category.id}, :title => category.name)
		19	+ content_tag('li', "#{link} (#{count})") if count > 0
		20	+ end
		21	+
		22	+ def category_sub_links(category)
		23	+ sub_categories = []
		24	+ category.children.each do \|sub_category\|
		25	+ sub_categories << category_link(sub_category, true)
		26	+ end
		27	+ content_tag('ul', sub_categories) if sub_categories.size > 1
		28	+ end
		29	+
6	end	30	end
	@@ -26,7 +26,7 @@ module ContentViewerHelper		@@ -26,7 +26,7 @@ module ContentViewerHelper
26	end	26	end
27	title << content_tag('span',	27	title << content_tag('span',
28	content_tag('span', show_date(article.published_at), :class => 'date') +	28	content_tag('span', show_date(article.published_at), :class => 'date') +
29	- content_tag('span', [_(", by %s") % link_to(article.author_name, article.author.url)], :class => 'author') +	29	+ content_tag('span', [_(", by %s") % link_to(article.author_name, article.author_url)], :class => 'author') +
30	content_tag('span', comments, :class => 'comments'),	30	content_tag('span', comments, :class => 'comments'),
31	:class => 'created-at'	31	:class => 'created-at'
32	)	32	)
	@@ -8,6 +8,14 @@ module DisplayHelper		@@ -8,6 +8,14 @@ module DisplayHelper
8	opts	8	opts
9	end	9	end
10		10
		11	+ def themed_path(file)
		12	+ if File.exists?(File.join(Rails.root, 'public', theme_path, file))
		13	+ File.join(theme_path, file)
		14	+ else
		15	+ file
		16	+ end
		17	+ end
		18	+
11	def image_link_to_product(product, opts={})	19	def image_link_to_product(product, opts={})
12	return _('No product') unless product	20	return _('No product') unless product
13	target = product_path(product)	21	target = product_path(product)
	@@ -142,6 +142,38 @@ module FormsHelper		@@ -142,6 +142,38 @@ module FormsHelper
142	content_tag('table',rows.join("\n"))	142	content_tag('table',rows.join("\n"))
143	end	143	end
144		144
		145	+ def select_folder(label_text, field_id, collection, default_value=nil, html_options = {}, js_options = {})
		146	+ root = profile ? profile.identifier : _("root")
		147	+ labelled_form_field(
		148	+ label_text,
		149	+ select_tag(
		150	+ field_id,
		151	+ options_for_select(
		152	+ [[root, '']] +
		153	+ collection.collect {\|f\| [ root + '/' + f.full_name, f.id ] },
		154	+ default_value
		155	+ ),
		156	+ html_options.merge(js_options)
		157	+ )
		158	+ )
		159	+ end
		160	+
		161	+ def select_profile_folder(label_text, field_id, profile, default_value='', html_options = {}, js_options = {})
		162	+ result = labelled_form_field(
		163	+ label_text,
		164	+ select_tag(
		165	+ field_id,
		166	+ options_for_select(
		167	+ [[profile.identifier, '']] +
		168	+ profile.folders.collect {\|f\| [ profile.identifier + '/' + f.full_name, f.id ] },
		169	+ default_value
		170	+ ),
		171	+ html_options.merge(js_options)
		172	+ )
		173	+ )
		174	+ return result
		175	+ end
		176	+
145	def date_field(name, value, format = '%Y-%m-%d', datepicker_options = {}, html_options = {})	177	def date_field(name, value, format = '%Y-%m-%d', datepicker_options = {}, html_options = {})
146	datepicker_options[:disabled] \|\|= false	178	datepicker_options[:disabled] \|\|= false
147	datepicker_options[:alt_field] \|\|= ''	179	datepicker_options[:alt_field] \|\|= ''
	@@ -48,7 +48,7 @@ class ApproveArticle < Task		@@ -48,7 +48,7 @@ class ApproveArticle < Task
48	end	48	end
49		49
50	def perform	50	def perform
51	- article.copy!(:name => name, :abstract => abstract, :body => body, :profile => target, :reference_article => article, :parent => article_parent, :highlighted => highlighted, :source => article.source)	51	+ article.copy!(:name => name, :abstract => abstract, :body => body, :profile => target, :reference_article => article, :parent => article_parent, :highlighted => highlighted, :source => article.source, :last_changed_by_id => article.author_id)
52	end	52	end
53		53
54	def title	54	def title