Merge branch 'bsag'

app/controllers/application_controller.rb

@@ -20,7 +20,7 @@ class CannotAccessContext < RuntimeError; end
 
 class ApplicationController < ActionController::Base
 
-  protect_from_forgery :secret => SITE_CONFIG['salt']
+  protect_from_forgery
 
   helper :application
   include LoginSystem
@@ -28,6 +28,7 @@ class ApplicationController < ActionController::Base
 
   layout proc{ |controller| controller.mobile? ? "mobile" : "standard" }
   exempt_from_layout /\.js\.erb$/
+
   
   before_filter :set_session_expiration
   before_filter :set_time_zone
@@ -217,6 +218,22 @@ class ApplicationController < ActionController::Base
     self.class.openid_enabled?
   end
 
+  def self.cas_enabled?
+    Tracks::Config.cas_enabled?
+  end
+
+  def cas_enabled?
+    self.class.cas_enabled?
+  end
+
+  def self.prefered_auth?
+    Tracks::Config.prefered_auth?
+  end
+
+  def prefered_auth?
+    self.class.prefered_auth?
+  end
+
   private
         
   def parse_date_per_user_prefs( s )
@@ -259,6 +276,8 @@ class ApplicationController < ActionController::Base
   
   def set_time_zone
     Time.zone = current_user.prefs.time_zone if logged_in?
+    locale = params[:locale] || 'en-US'
+    I18n.locale = locale
   end
 
   def set_zindex_counter

app/controllers/contexts_controller.rb

@@ -7,7 +7,6 @@ class ContextsController < ApplicationController
   before_filter :set_context_from_params, :only => [:update, :destroy]
   skip_before_filter :login_required, :only => [:index]
   prepend_before_filter :login_or_feed_token_required, :only => [:index]
-  session :off, :only => :index, :if => Proc.new { |req| ['rss','atom','txt'].include?(req.parameters[:format]) }
 
   def index
     # #true is passed here to force an immediate load so that size and empty?

app/controllers/login_controller.rb

@@ -6,12 +6,32 @@ class LoginController < ApplicationController
   skip_before_filter :login_required
   before_filter :login_optional
   before_filter :get_current_user
-  
+  if ( SITE_CONFIG['authentication_schemes'].include? 'cas')
+    # This will allow the user to view the index page without authentication
+    # but will process CAS authentication data if the user already
+    # has an SSO session open.
+    if defined? CASClient
+      # Only require sub-library if gem is installed and loaded
+      require 'casclient/frameworks/rails/filter'
+      before_filter CASClient::Frameworks::Rails::GatewayFilter, :only => :login_cas
+
+      # This requires the user to be authenticated for viewing all other pages.
+      before_filter CASClient::Frameworks::Rails::Filter, :only => [:login_cas ]
+    end
+  end
+
   def login
+    if cas_enabled?
+      @username = session[:cas_user]
+      @login_url = CASClient::Frameworks::Rails::Filter.login_url(self)
+    end
     if openid_enabled? && using_open_id?
       login_openid
+    elsif cas_enabled? && session[:cas_user]
+      login_cas
     else
       @page_title = "TRACKS::Login"
+      cookies[:preferred_auth] = prefered_auth? unless cookies[:preferred_auth]
       case request.method
         when :post
           if @user = User.authenticate(params['user_login'], params['user_password'])
@@ -49,9 +69,13 @@ class LoginController < ApplicationController
     @user.forget_me if logged_in?
     cookies.delete :auth_token
     session['user_id'] = nil
-    reset_session
-    notify :notice, "You have been logged out of Tracks."
-    redirect_to_login
+    if ( SITE_CONFIG['authentication_schemes'].include? 'cas')  && session[:cas_user]
+      CASClient::Frameworks::Rails::Filter.logout(self)
+    else
+      reset_session
+      notify :notice, "You have been logged out of Tracks."
+      redirect_to_login
+    end
   end
   
   def check_expiry
@@ -73,6 +97,33 @@ class LoginController < ApplicationController
     respond_to do |format|
       format.js
     end
+  end
+
+    def login_cas
+    # If checkbox on login page checked, we don't expire the session after 1 hour
+    # of inactivity and we remember this user for future browser sessions
+
+    session['noexpiry'] ||= params['user_noexpiry']
+    if session[:cas_user]
+      if @user = User.find_by_login(session[:cas_user])
+        session['user_id'] = @user.id
+        msg = (should_expire_sessions?) ? "will expire after 1 hour of inactivity." : "will not expire."
+        notify :notice, "Login successful: session #{msg}"
+        cookies[:tracks_login] = { :value => @user.login, :expires => Time.now + 1.year, :secure => SITE_CONFIG['secure_cookies'] }
+        unless should_expire_sessions?
+          @user.remember_me
+          cookies[:auth_token] = { :value => @user.remember_token, :expires => @user.remember_token_expires_at, :secure => SITE_CONFIG['secure_cookies'] }
+        end
+        #redirect_back_or_home
+      else
+        notify :warning, "Sorry, no user by that CAS username exists (#{session[:cas_user]})"
+        redirect_to signup_url ; return
+      end
+    else
+      notify :warning, result.message
+    end
+    redirect_back_or_home 
+
   end
   
   private
@@ -80,7 +131,7 @@ class LoginController < ApplicationController
   def redirect_to_login
     respond_to do |format|
       format.html { redirect_to login_path }
-      format.m { redirect_to formatted_login_path(:format => 'm') }
+      format.m { redirect_to login_path(:format => 'm') }
     end
   end
   
@@ -114,4 +165,6 @@ class LoginController < ApplicationController
       end
     end
   end
+
+
 end

app/controllers/projects_controller.rb

@@ -6,7 +6,6 @@ class ProjectsController < ApplicationController
   before_filter :default_context_filter, :only => [:create, :update]
   skip_before_filter :login_required, :only => [:index]
   prepend_before_filter :login_or_feed_token_required, :only => [:index]
-  session :off, :only => :index, :if => Proc.new { |req| ['rss','atom','txt'].include?(req.parameters[:format]) }
 
   def index
     @source_view = params['_source_view'] || 'project_list'

app/controllers/todos_controller.rb

@@ -10,8 +10,6 @@ class TodosController < ApplicationController
   append_before_filter :get_todo_from_params, :only => [ :edit, :toggle_check, :toggle_star, :show, :update, :destroy, :remove_predecessor]
   protect_from_forgery :except => [:auto_complete_for_tag, :auto_complete_for_predecessor]
 
-  session :off, :only => :index, :if => Proc.new { |req| is_feed_request(req) }
-
   def index
     current_user.deferred_todos.find_and_activate_ready
     @projects = current_user.projects.find(:all, :include => [:default_context])
@@ -351,7 +349,7 @@ class TodosController < ApplicationController
             cookies[:mobile_url] = {:value => nil, :secure => SITE_CONFIG['secure_cookies']}
             redirect_to old_path
           else
-            redirect_to formatted_todos_path(:m)
+            redirect_to todos_path(:format => 'm')
           end
         else
           render :action => "edit", :format => :m
@@ -463,12 +461,12 @@ class TodosController < ApplicationController
   
   def filter_to_context
     context = current_user.contexts.find(params['context']['id'])
-    redirect_to formatted_context_todos_path(context, :m)
+    redirect_to context_todos_path(context, :format => 'm')
   end
   
   def filter_to_project
     project = current_user.projects.find(params['project']['id'])
-    redirect_to formatted_project_todos_path(project, :m)
+    redirect_to project_todos_path(project, :format => 'm')
   end
   
   # /todos/tag/[tag_name] shows all the actions tagged with tag_name
@@ -607,9 +605,9 @@ class TodosController < ApplicationController
       # Begin matching todos in current project
       @items = current_user.todos.find(:all, 
         :select => 'description, project_id, context_id, created_at',
-        :conditions => [ '(todos.state = ? OR todos.state = ?) AND ' +
+        :conditions => [ '(todos.state = ? OR todos.state = ? OR todos.state = ?) AND ' +
                          'NOT (id = ?) AND lower(description) LIKE ? AND project_id = ?', 
-                         'active', 'pending',
+                         'active', 'pending', 'deferred',
                          @todo.id, 
                          '%' + params[:predecessor_list].downcase + '%',
                          @todo.project_id ],
@@ -619,9 +617,9 @@ class TodosController < ApplicationController
       if @items.empty? # Match todos in other projects
         @items = current_user.todos.find(:all, 
         :select => 'description, project_id, context_id, created_at',
-          :conditions => [ '(todos.state = ? OR todos.state = ?) AND ' +
+          :conditions => [ '(todos.state = ? OR todos.state = ? OR todos.state = ?) AND ' +
                            'NOT (id = ?) AND lower(description) LIKE ?', 
-                           'active', 'pending',
+                           'active', 'pending', 'deferred',
                             params[:id], '%' + params[:q].downcase + '%' ],
           :order => 'description ASC',
           :limit => 10
@@ -631,8 +629,8 @@ class TodosController < ApplicationController
       # New todo - TODO: Filter on project
       @items = current_user.todos.find(:all, 
         :select => 'description, project_id, context_id, created_at',
-        :conditions => [ '(todos.state = ? OR todos.state = ?) AND lower(description) LIKE ?', 
-                         'active', 'pending',
+        :conditions => [ '(todos.state = ? OR todos.state = ? OR todos.state = ?) AND lower(description) LIKE ?', 
+                         'active', 'pending', 'deferred',
                          '%' + params[:q].downcase + '%' ],
         :order => 'description ASC',
         :limit => 10
@@ -640,6 +638,15 @@ class TodosController < ApplicationController
     end
     render :inline => "<%= auto_complete_result2(@items) %>"
   end
+
+  def convert_to_project
+    @todo = Todo.find(params[:id])
+    @project = Project.new(:name => @todo.description, :description => @todo.notes,
+                           :default_context => @todo.context)
+    @todo.destroy
+    @project.save!
+    redirect_to project_url(@project)
+  end
   
   private
   

app/controllers/users_controller.rb

@@ -27,6 +27,13 @@ class UsersController < ApplicationController
 
   # GET /users/new
   def new
+    @auth_types = []
+    unless session[:cas_user]
+      Tracks::Config.auth_schemes.each {|auth| @auth_types << [auth,auth]}
+    else
+      @auth_types << ['cas','cas']
+    end
+
     if User.no_users_yet?
       @page_title = "TRACKS::Sign up as the admin user"
       @heading = "Welcome to TRACKS. To get started, please create an admin account:"
@@ -66,6 +73,13 @@ class UsersController < ApplicationController
         end
         
         user = User.new(params['user'])
+
+        if Tracks::Config.auth_schemes.include?('cas')
+          if user.auth_type.eql? "cas"
+             user.crypted_password = "cas"
+          end
+        end
+
         unless user.valid?
           session['new_user'] = user
           redirect_to :action => 'new'
@@ -94,6 +108,9 @@ class UsersController < ApplicationController
           return
         end
         user = User.new(params[:request])
+        if Tracks::Config.auth_schemes.include?('cas')   && session[:cas_user]
+          user.auth_type = "cas" #if they area  cas user
+        end
         user.password_confirmation = params[:request][:password]
         if user.save
           render :text => "User created.", :status => 200
@@ -203,4 +220,4 @@ class UsersController < ApplicationController
     return true
   end
   
-end
+end

app/helpers/application_helper.rb

@@ -112,7 +112,7 @@ module ApplicationHelper
   end
   
   def link_to_project_mobile(project, accesskey, descriptor = sanitize(project.name))
-    link_to( descriptor, formatted_project_path(project, :m), {:title => "View project: #{project.name}", :accesskey => accesskey} )
+    link_to( descriptor, project_path(project, :format => 'm'), {:title => "View project: #{project.name}", :accesskey => accesskey} )
   end
   
   def item_link_to_context(item)
@@ -170,13 +170,41 @@ module ApplicationHelper
     standard_format = current_user.prefs.date_format
     translations = [
       ['%m', 'mm'],
+      ['%b', 'M'],
+      ['%B', 'MM'],
       ['%d', 'dd'],
-      ['%Y', 'yy'],
-      ['%y', 'y']
+      ['%a', 'D'],
+      ['%A', 'DD'],
+      ['%y', 'y'],
+      ['%Y', 'yy']
     ]
     translations.inject(standard_format) do |str, translation|
       str.gsub(*translation)
     end
   end
 
+  AUTO_LINK_MESSAGE_RE = %r{message://<[^>]+>} unless const_defined?(:AUTO_LINK_MESSAGE_RE)
+
+  # Converts message:// links to href. This URL scheme is used on Mac OS X
+  # to link to a mail message in Mail.app.
+  def auto_link_message(text)
+    text.gsub(AUTO_LINK_MESSAGE_RE) do
+      href = $&
+      left, right = $`, $'
+      # detect already linked URLs and URLs in the middle of a tag
+      if left =~ /<[^>]+$/ && right =~ /^[^>]*>/
+        # do not change string; URL is alreay linked
+        href
+      else
+        content_tag(:a, h(href), :href => h(href))
+      end
+    end
+  end
+
+  def format_note(note)
+    note = auto_link_message(note)
+    note = auto_link(note)
+    note = markdown(note)
+    note = sanitize(note)
+  end
 end

app/helpers/todos_helper.rb

@@ -64,6 +64,14 @@ module TodosHelper
         :complete => todo_stop_waiting_js(todo))
     end
   end
+
+  def remote_promote_to_project_menu_item(todo)
+    url = {:controller => 'todos', :action => 'convert_to_project', :id => todo.id,
+      :_source_view => (@source_view.underscore.gsub(/\s+/,'_') rescue "")}
+    url[:_tag_name] = @tag_name if @source_view == 'tag'
+
+    return link_to("Promote to project", url)
+  end
   
   def todo_start_waiting_js(todo)
     return "$('#ul#{dom_id(todo)}').css('visibility', 'hidden'); $('##{dom_id(todo)}').block({message: null})"
@@ -262,9 +270,10 @@ module TodosHelper
   end
   
   def empty_container_msg_div_id
-    return "tickler-empty-nd" if source_view_is_one_of(:project, :tag) && @todo.deferred?
-    return "p#{@todo.project_id}empty-nd" if source_view_is :project
-    return "c#{@todo.context_id}empty-nd"
+    todo = @todo || @successor
+    return "tickler-empty-nd" if source_view_is_one_of(:project, :tag) && todo.deferred?
+    return "p#{todo.project_id}empty-nd" if source_view_is :project
+    return "c#{todo.context_id}empty-nd"
   end
   
   def project_names_for_autocomplete
@@ -315,5 +324,5 @@ module TodosHelper
   def auto_complete_result2(entries, phrase = nil)
     return entries.map{|e| e.specification()}.join("\n") rescue ''
   end
-  
+
 end

app/models/todo.rb

@@ -17,7 +17,7 @@ class Todo < ActiveRecord::Base
   after_save :save_predecessors
 
   named_scope :active, :conditions => { :state => 'active' }
-  named_scope :not_completed, :conditions =>  ['NOT (state = ? )', 'completed']
+  named_scope :not_completed, :conditions =>  ['NOT (todos.state = ? )', 'completed']
   named_scope :are_due, :conditions => ['NOT (todos.due IS NULL)']
 
   STARRED_TAG_NAME = "starred"

app/models/user.rb

@@ -153,11 +153,14 @@ class User < ActiveRecord::Base
     if Tracks::Config.auth_schemes.include?('ldap')
       return candidate if candidate.auth_type == 'ldap' && SimpleLdapAuthenticator.valid?(login, pass)
     end
+    if Tracks::Config.auth_schemes.include?('cas') && candidate.auth_type.eql?("cas")
+      return candidate #because we can not auth them with out thier real password we have to settle for this
+    end
     return nil
   end
   
   def self.find_by_open_id_url(raw_identity_url)
-    normalized_open_id_url = OpenIdAuthentication.normalize_url(raw_identity_url)
+    normalized_open_id_url = OpenIdAuthentication.normalize_identifier(raw_identity_url)
     find(:first, :conditions => ['open_id_url = ?', normalized_open_id_url])
   end
   
@@ -248,6 +251,6 @@ protected
   
   def normalize_open_id_url
     return if open_id_url.nil?
-    self.open_id_url = OpenIdAuthentication.normalize_url(open_id_url)
+    self.open_id_url = OpenIdAuthentication.normalize_identifier(open_id_url)
   end
 end

app/views/contexts/_mobile_context_listing.rhtml

@@ -1,2 +1,2 @@
 <% context = mobile_context_listing -%>
-<div id="ctx"><%= link_to context.name, formatted_context_path(context, :m) %><%= " (" + count_undone_todos_phrase(context,"actions") + ")" %></div>
+<div id="ctx"><%= link_to context.name, context_path(context, :format => 'm') %><%= " (" + count_undone_todos_phrase(context,"actions") + ")" %></div>

app/views/integrations/_applescript2.rhtml

@@ -35,6 +35,7 @@ on importMessage(theMessage)
 			set theSender to the sender of theMessage
 			set theSubject to subject of theMessage
 			if theSubject is equal to "" then set theSubject to emptySubject
+			set theMessageId to message id of theMessage
 			
 			-- Construct the description string from the email info
 			set myDesc to "Email " & theSender & " about " & theSubject
@@ -42,13 +43,15 @@ on importMessage(theMessage)
 			if length of myDesc > 100 then
 				set myDesc to characters 1 thru 100 of myDesc
 			end if
+			
+			set myNote to "message://<" & theMessageId & ">"
 		end try
 	end tell
 	
 	-- Now send all that info to Tracks
 	-- Edit the URL of your Tracks installation if necessary"
 	tell application "<%= home_url %>backend/api"
-		set returnValue to call xmlrpc {method name:"NewTodo", parameters:{myUsername, myToken, myContextID, myDesc}}
+		set returnValue to call xmlrpc {method name:"NewTodo", parameters:{myUsername, myToken, myContextID, myDesc, myNote}}
 	end tell
 	
 	(* Growl support - comment out or delete this section if 

app/views/layouts/mobile.m.erb

@@ -16,10 +16,10 @@
 <h1><span class="count"><%= @down_count %></span> <%= 
         current_user.time.strftime(@prefs.title_date_format) -%></h1>
 <div class="nav">
-<%=     (link_to("0-New action", formatted_new_todo_path(:m, new_todo_params))+" | ") unless @new_mobile -%>
-<%=     (link_to("1-Home", formatted_todos_path(:m))+" | ") unless @home -%>
-<%=     (link_to("2-Contexts", formatted_contexts_path(:m))+" | ") -%>
-<%=     (link_to("3-Projects", formatted_projects_path(:m))+" | ") -%>
+<%=     (link_to("0-New action", new_todo_path(new_todo_params, :format => 'm'))+" | ") unless @new_mobile -%>
+<%=     (link_to("1-Home", todos_path(:format => 'm'))+" | ") unless @home -%>
+<%=     (link_to("2-Contexts", contexts_path(:format => 'm'))+" | ") -%>
+<%=     (link_to("3-Projects", projects_path(:format => 'm'))+" | ") -%>
 <%=     (link_to("4-Starred", {:action => "tag", :controller => "todos", :id => "starred.m"})) -%>
 <%    end
   end -%><%= render_flash -%>
@@ -27,15 +27,15 @@
 <%=  yield -%>
 <hr/><% if !@prefs.nil? -%>
 <div class="nav">
-<%= (link_to("Logout", formatted_logout_path(:format => 'm')) +" | ") -%>
-<%= (link_to("0-New action", formatted_new_todo_path(:m), {:accesskey => "0"})+" | ") unless @new_mobile -%>
-<%= (link_to("1-Home", formatted_todos_path(:m), {:accesskey => "1"})+" | ") unless @home -%>
-<%= (link_to("2-Contexts", formatted_contexts_path(:m), {:accesskey => "2"})+" | ") -%>
-<%= (link_to("3-Projects", formatted_projects_path(:m), {:accesskey => "3"})+" | ") -%>
+<%= (link_to("Logout", logout_path(:format => 'm')) +" | ") -%>
+<%= (link_to("0-New action", new_todo_path(:format => 'm'), {:accesskey => "0"})+" | ") unless @new_mobile -%>
+<%= (link_to("1-Home", todos_path(:format => 'm'), {:accesskey => "1"})+" | ") unless @home -%>
+<%= (link_to("2-Contexts", contexts_path(:format => 'm'), {:accesskey => "2"})+" | ") -%>
+<%= (link_to("3-Projects", projects_path(:format => 'm'), {:accesskey => "3"})+" | ") -%>
 <%= (link_to("4-Starred", {:action => "tag", :controller => "todos", :id => "starred.m"}, {:accesskey => "4"})+" | ") -%> 
 <%= (link_to("Tickler", {:action => "index", :controller => "tickler.m"})+" | ") -%>
 <%= (link_to("Feeds", {:action => "index", :controller => "feeds.m"})) -%>
 </div>
 <% end -%>
 <%= render :partial => "shared/mobile_footer" -%>  
-</body></html>
+</body></html>

app/views/layouts/standard.html.erb

@@ -54,7 +54,7 @@
       <div id="minilinks">
         <%= link_to("Toggle notes", "#", {:accesskey => "S", :title => "Toggle all notes", :id => "toggle-notes-nav"}) %>
         &nbsp;|&nbsp;
-        <%= link_to "Logout (#{current_user.display_name}) »", logout_path %>
+        <%= link_to "Logout (#{current_user.display_name}) »", logout_path %> <p>
       </div>
       <div id="navcontainer">
         <ul class="sf-menu">
@@ -103,7 +103,7 @@
         <%= periodically_call_remote( :url => {:controller => "login", :action => "check_expiry"},
           :frequency => (5*60)) %>
       <% end -%>
-      <%= periodically_call_remote( :url => formatted_check_deferred_todos_path(:js),
+      <%= periodically_call_remote( :url => check_deferred_todos_path(:format => 'js'),
         :method => :post,
         :frequency => (10*60)) %>
       <%= yield %>

app/views/login/login.html.erb

@@ -1,6 +1,7 @@
 <% auth_schemes = Tracks::Config.auth_schemes
    show_database_form = auth_schemes.include?('database')
    show_openid_form = auth_schemes.include?('open_id')
+   show_cas_form = auth_schemes.include?('cas')
 -%>
 
 <div title="Account login" id="loginform" class="form">
@@ -8,9 +9,8 @@
   <%= render_flash %>
 
   <h3>Please log in to use Tracks:</h3>
-
 <% if show_database_form %>
-  <div id="database_auth_form" style="display:block">
+  <div id="database_auth_form" style="display:<%=(@prefered_auth.eql?('database')) ? "block" : "none"%>">
       <% form_tag :action=> 'login' do %>
         <table>
           <tr>
@@ -35,7 +35,7 @@
 <% end %>
 
 <% if show_openid_form %>
-  <div id="openid_auth_form" style="display:none">
+  <div id="openid_auth_form" style="display:<%=(@prefered_auth.eql?('openid')) ? "block" : "none"%>">
     <% form_tag :action=> 'login' do %>
       <table>
         <tr>
@@ -54,24 +54,48 @@
     <% end %>
   </div>
  <% end %>
+
+<% if show_cas_form %>
+  <div id="cas_auth_form" style="display:<%=(@prefered_auth.eql?('cas')) ? "block" : "none"%>">
+      <table>
+        <tr>
+          <td>	
+			<% if @username && @user%>
+			  <p>Hello, <%= @username %>! You are authenticated.</p>
+			<% elsif @username %>
+			  <p>Hello, <%= @username %>! You do not have an account on Tracks.
+                <%if SITE_CONFIG['open_signups']%>
+                   If you like to request on please go here to <%= link_to "Request Account" , signup_url %>
+                <%end%>
+              </p>
+			<% else %>
+			  <p><%= link_to("CAS Login", login_cas_url) %>  </p>
+			<% end %>
+			</td>
+        </tr>
+      </table>
+  </div>
+ <% end %>
  
 </div>
 <% if show_openid_form %><p id="alternate_auth_openid" class="alternate_auth">or, <a href="#" onclick="Login.showOpenid();return false;">login with an OpenId</a></p><% end %>
 <% if show_database_form %><p id="alternate_auth_database" class="alternate_auth">or, <a href="#" onclick="Login.showDatabase();return false;">go back to the standard login</a></p><% end %>
+<% if show_cas_form %><p id="alternate_auth_cas" class="alternate_auth">or, <a href="#" onclick="Login.showCAS();return false;">go to the CAS</a></p><% end %>
 
 <script type="text/javascript">
 function showPreferredAuth() {
   var preferredAuth = $.cookie('preferred_auth');
+  var casEnabled = <%= show_cas_form ? 'true' : 'false' %>;
   var databaseEnabled = <%= show_database_form ? 'true' : 'false' %>;
   var openidEnabled = <%= show_openid_form ? 'true' : 'false' %>;
 	if (preferredAuth && preferredAuth == 'openid' && openidEnabled) {
 	  Login.showOpenid();
 	}
-	else if (databaseEnabled)  {
+	else if (preferredAuth && preferredAuth == 'database' && databaseEnabled)  {
 	  Login.showDatabase();
 	}
-	else if (openidEnabled)  {
-	  Login.showOpenid();
+	else if (preferredAuth && preferredAuth == 'cas' && casEnabled)  {
+	  Login.showCAS();
 	}
 }
 $(document).ready(showPreferredAuth);
@@ -81,7 +105,8 @@ var Login = {
         $('#database_auth_form').hide();
         $('#openid_auth_form').show();
         $('#alternate_auth_openid').hide();
-        $('#alternate_auth_database').show();
+        $('#alternate_auth_database').show();  ;
+        $('#alternate_auth_cas').show();
         $('#openid_url').focus();
         $('#openid_url').select();
         $.cookie('preferred_auth', 'openid');
@@ -92,10 +117,21 @@ var Login = {
         $('#database_auth_form').show();
         $('#alternate_auth_database').hide();
         $('#alternate_auth_openid').show();
+        $('#alternate_auth_cas').show();
         $('#user_login').focus();
         $('#user_login').select();
         $.cookie('preferred_auth', 'database');
+    },
+    showCAS: function(container) {
+        $('#database_auth_form').hide();
+        $('#openid_auth_form').hide();
+        $('#cas_auth_form').show();
+        $('#alternate_auth_cas').hide();
+        $('#alternate_auth_openid').show();
+        $('#alternate_auth_database').show();
+        $.cookie('preferred_auth', 'cas');
     }
+
 }
 
 </script>

app/views/login/login_mobile.html.erb

@@ -11,7 +11,7 @@
 
 <% if show_database_form %>
   <div id="database_auth_form">
-      <% form_tag formatted_login_path(:format => 'm') do %>
+      <% form_tag login_path(:format => 'm') do %>
         <table>
           <tr>
             <td><label for="user_login">Login:</label></td>
@@ -39,7 +39,7 @@
   <h4>...or login with an Open ID:</h4>
 
   <div id="openid_auth_form">
-    <% form_tag formatted_login_path(:format => 'm') do %>
+    <% form_tag login_path(:format => 'm') do %>
       <table>
         <tr>
           <td width="100px"><label for="openid_url">Identity URL:</label></td>

app/views/notes/_mobile_notes.rhtml

@@ -4,7 +4,7 @@
 </div>
 <div class="mobile_note_info">
   <br/>
-  <%= link_to("In: " + note.project.name, formatted_project_path(note.project, :m)) %>
+  <%= link_to("In: " + note.project.name, project_path(note.project, :format => 'm')) %>
   Created: <%= format_date(note.created_at) %>
   <% if note.updated_at? -%>
   &nbsp;|&nbsp;Modified: <%= format_date(note.updated_at) %>

app/views/notes/_mobile_notes_summary.rhtml

@@ -1,3 +1,3 @@
 <% note = mobile_notes_summary -%>
-<div class="note"><%= link_to( truncated_note(note), formatted_note_path(note, :m)) %></div>
+<div class="note"><%= link_to( truncated_note(note), note_path(note, :format => 'm')) %></div>
 <% note = nil -%>

app/views/notes/_notes.rhtml

@@ -2,8 +2,8 @@
 <div id="<%= dom_id(note, 'container') %>">
   <h2><%= link_to("Note #{note.id}", note_path(note), :title => "Show note #{note.id}" ) %></h2>
   <div class="project_notes" id="<%= dom_id(note) %>">
-    <%= sanitize(markdown(auto_link(note.body))) %>
-       
+    <%= format_note(note.body) %>
+
     <div class="note_footer">
       <%= link_to_remote( 
         image_tag("blank.png", 

app/views/projects/_mobile_project_listing.rhtml

@@ -1,4 +1,4 @@
 <% project = mobile_project_listing -%>
 <div id="pjr"><%= 
-    link_to(project.name, formatted_project_path(project)) +
-    " (" + count_undone_todos_and_notes_phrase(project,"actions") + ")" %></div>
+  link_to(project.name, project_path(project, :format => 'm')) +
+    " (" + count_undone_todos_and_notes_phrase(project,"actions") + ")" %></div>

app/views/projects/_project_listing.rhtml

@@ -15,7 +15,7 @@ suppress_edit_button ||= false
     <div class="buttons">
       <span class="grey"><%= project.current_state.to_s.upcase %></span>
       <a class="delete_project_button"
-         href="<%= formatted_project_path(project, :js) %>"
+        href="<%= project_path(project, :format => 'js') %>"
          title="delete the project '<%= project.name %>'"><%= image_tag( "blank.png",
           :title => "Delete project",
           :class=>"delete_item") %></a>

app/views/todos/_mobile_todo.rhtml

@@ -12,15 +12,15 @@ end -%>
 <%  else 
 -%><span class="m_t">
 <%  end -%>
-<%= date_span -%> <%= link_to mobile_todo.description, formatted_todo_path(mobile_todo, :m) -%>
+<%= date_span -%> <%= link_to mobile_todo.description, todo_path(mobile_todo, :format => 'm') -%>
 <%  if parent_container_type == 'context' or parent_container_type == 'tag' -%>
 <%=    "<span class=\"prj\"> (" +
-       link_to(mobile_todo.project.name, formatted_project_path(mobile_todo.project, :m)) + 
+  link_to(mobile_todo.project.name, project_path(mobile_todo.project, :format => 'm')) + 
        ")</span>" unless mobile_todo.project.nil? -%>
 <%  end
     if parent_container_type == 'project' or parent_container_type == 'tag' -%>
 <%=    "<span class=\"ctx\"> (" +
-       link_to(mobile_todo.context.name, formatted_context_path(mobile_todo.context, :m)) + 
+  link_to(mobile_todo.context.name, context_path(mobile_todo.context, :format => 'm')) + 
        ")</span>" -%>
 <%  end -%>
  <%= tag_list_mobile -%>

app/views/todos/_todo.html.erb

@@ -22,6 +22,7 @@ parameters += "&_tag_name=#{@tag_name}" if @source_view == 'tag'
             <li><%= remote_defer_menu_item(1, todo) %></li>
             <li><%= remote_defer_menu_item(7, todo) %></li>
           <% end %>
+          <li><%= remote_promote_to_project_menu_item(todo) %></li>
         </ul>
       </li>
     </ul>

app/views/todos/_toggle_notes.rhtml

@@ -1,5 +1,5 @@
 <%= link_to(image_tag( 'blank.png', :width=>'16', :height=>'16', :border=>'0' ), "#", {:class => 'show_notes', :title => 'Show notes'}) %>
 
 <div class="todo_notes" id="<%= dom_id(item, 'notes') %>" style="display:none">
-  <%= sanitize(markdown( auto_link(item.notes)) ) %>
+  <%= format_note(item.notes) %>
 </div>

app/views/todos/create.js.rjs

@@ -17,7 +17,7 @@ if @saved
     if @new_context_created
       page.insert_html :top, 'display_box', :partial => 'contexts/context', :locals => { :context => @todo.context, :collapsible => true }
     else
-      page.call "todoItems.ensureVisibleWithEffectAppear", "c#{@todo.context_id}" if source_view_is_one_of(:todo, :deferred)
+      page.call "todoItems.ensureVisibleWithEffectAppear", "c#{@todo.context_id}" if source_view_is_one_of(:todo, :deferred, :tag)
       page.insert_html :bottom, item_container_id(@todo), :partial => 'todos/todo', :locals => { :todo => @todo, :parent_container_type => parent_container_type, :source_view => @source_view }
       page.visual_effect :highlight, dom_id(@todo), :duration => 3
       page[empty_container_msg_div_id].hide unless empty_container_msg_div_id.nil?

app/views/todos/new.m.erb

@@ -1,5 +1,5 @@
-<% form_tag formatted_todos_path(:m), :method => :post do %>
+<% form_tag todos_path(:format => 'm'), :method => :post do %>
   <%= render :partial => 'edit_mobile' %>
   <p><input type="submit" value="Create" tabindex="12" accesskey="#" /></p>
 <% end -%>
-<%= link_to "Back", @return_path %>
+<%= link_to "Back", @return_path %>

app/views/todos/remove_predecessor.js.rjs

@@ -9,6 +9,8 @@ if @removed
   # update display if pending->active
   if @successor.active?
       page[@successor].remove unless source_view_is_one_of(:todo, :context)
+      page[empty_container_msg_div_id].hide unless empty_container_msg_div_id.nil?
+      page.call "todoItems.ensureVisibleWithEffectAppear", "c#{@successor.context_id}"
       page.insert_html :bottom, item_container_id(@successor), :partial => 'todos/todo', :locals => { 
         :todo => @successor, :parent_container_type => parent_container_type }
       page.visual_effect :highlight, dom_id(@successor, 'line'), {'startcolor' => "'#99ff99'"}

app/views/todos/show.m.erb

@@ -1,4 +1,4 @@
-<% form_tag formatted_todo_path(@todo, :m), :method => :put do %>
+<% form_tag todo_path(@todo, :format => 'm'), :method => :put do %>
   <%= render :partial => 'edit_mobile', :locals => { :parent_container_type => "show_mobile" } %>
   <p><input type="submit" value="Update" tabindex="6" accesskey="#" /></p>
 <% end -%>

app/views/todos/toggle_check.js.rjs

@@ -20,7 +20,7 @@ if @saved
     end
     
     # remove container if empty
-    if @remaining_in_context == 0 && source_view_is(:todo)
+    if @remaining_in_context == 0 && source_view_is_one_of(:todo, :tag)
       page.visual_effect :fade, "c"+@todo.context.id.to_s, :duration => 0.4
     end
 

app/views/users/new.html.erb

@@ -8,11 +8,22 @@
   <h3><%= @heading -%></h3>
 
   <table>
+	<%if Tracks::Config.auth_schemes.include?('cas') && session[:cas_user]%>
+        <tr>
+      <td><label for="user_login">With your CAS username:</label></td>
+      <td> "<%= session[:cas_user]%>"  </td>
+      <td>
+        <%= hidden_field "user", "login",                   :value => session[:cas_user] %>
+        <%= hidden_field "user", "password",                :value => session[:cas_user] %>
+        <%= hidden_field "user", "password_confirmation",   :value => session[:cas_user] %>
+        <%= hidden_field"user", "auth_type",                :value => "cas" %></td>
+    </tr>
+	<%else%>
     <tr>
       <td><label for="user_login">Desired login:</label></td>
       <td> <%= text_field "user", "login", :size => 20 %></td>
     </tr>
-    <tr>
+	<tr>
       <td><label for="user_password">Choose password:</label></td>
       <td><%= password_field "user", "password", :size => 20 %></td>
     </tr>
@@ -20,6 +31,11 @@
       <td><label for="user_password_confirmation">Confirm password:</label></td>
       <td><%= password_field "user", "password_confirmation", :size => 20 %></td>
     </tr>
+    <tr>
+      <td><label for="user_auth_type">Authentication Type:</label></td>
+      <td><%=  select("user", "auth_type", @auth_types, { :include_blank => false })%></td>
+    </tr>
+    <%end%>
     <tr>
       <td></td>
       <td><input type="submit" id="signup" value="Signup &#187;" class="primary" /></td>