Merge branch 'develop' into feature/gen-magic

2020-10-09 11:26:10 -05:00 · 2020-10-09 11:26:10 -05:00 · 04b514c567
commit 04b514c567
parent 55562ca936 d239bd3ca4
239 changed files with 8638 additions and 2322 deletions
--- a/test/web/activity_pub/activity_pub_test.exs
+++ b/test/web/activity_pub/activity_pub_test.exs
@ -1810,6 +1810,14 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
        |> Enum.map(& &1.id)

      assert activities_ids == []
+
+      activities_ids =
+        %{}
+        |> Map.put(:reply_visibility, "self")
+        |> Map.put(:reply_filtering_user, nil)
+        |> ActivityPub.fetch_public_activities()
+
+      assert activities_ids == []
    end

    test "home timeline", %{users: %{u1: user}} do
@ -2169,4 +2177,84 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
      assert user.nickname == orig_user.nickname
    end
  end
+
+  describe "reply filtering" do
+    test "`following` still contains announcements by friends" do
+      user = insert(:user)
+      followed = insert(:user)
+      not_followed = insert(:user)
+
+      User.follow(user, followed)
+
+      {:ok, followed_post} = CommonAPI.post(followed, %{status: "Hello"})
+
+      {:ok, not_followed_to_followed} =
+        CommonAPI.post(not_followed, %{
+          status: "Also hello",
+          in_reply_to_status_id: followed_post.id
+        })
+
+      {:ok, retoot} = CommonAPI.repeat(not_followed_to_followed.id, followed)
+
+      params =
+        %{}
+        |> Map.put(:type, ["Create", "Announce"])
+        |> Map.put(:blocking_user, user)
+        |> Map.put(:muting_user, user)
+        |> Map.put(:reply_filtering_user, user)
+        |> Map.put(:reply_visibility, "following")
+        |> Map.put(:announce_filtering_user, user)
+        |> Map.put(:user, user)
+
+      activities =
+        [user.ap_id | User.following(user)]
+        |> ActivityPub.fetch_activities(params)
+
+      followed_post_id = followed_post.id
+      retoot_id = retoot.id
+
+      assert [%{id: ^followed_post_id}, %{id: ^retoot_id}] = activities
+
+      assert length(activities) == 2
+    end
+
+    # This test is skipped because, while this is the desired behavior,
+    # there seems to be no good way to achieve it with the method that
+    # we currently use for detecting to who a reply is directed.
+    # This is a TODO and should be fixed by a later rewrite of the code
+    # in question.
+    @tag skip: true
+    test "`following` still contains self-replies by friends" do
+      user = insert(:user)
+      followed = insert(:user)
+      not_followed = insert(:user)
+
+      User.follow(user, followed)
+
+      {:ok, followed_post} = CommonAPI.post(followed, %{status: "Hello"})
+      {:ok, not_followed_post} = CommonAPI.post(not_followed, %{status: "Also hello"})
+
+      {:ok, _followed_to_not_followed} =
+        CommonAPI.post(followed, %{status: "sup", in_reply_to_status_id: not_followed_post.id})
+
+      {:ok, _followed_self_reply} =
+        CommonAPI.post(followed, %{status: "Also cofe", in_reply_to_status_id: followed_post.id})
+
+      params =
+        %{}
+        |> Map.put(:type, ["Create", "Announce"])
+        |> Map.put(:blocking_user, user)
+        |> Map.put(:muting_user, user)
+        |> Map.put(:reply_filtering_user, user)
+        |> Map.put(:reply_visibility, "following")
+        |> Map.put(:announce_filtering_user, user)
+        |> Map.put(:user, user)
+
+      activities =
+        [user.ap_id | User.following(user)]
+        |> ActivityPub.fetch_activities(params)
+
+      assert length(activities) == 2
+    end
+  end
 end
--- a/test/web/activity_pub/mrf/mediaproxy_warming_policy_test.exs
+++ b/test/web/activity_pub/mrf/mediaproxy_warming_policy_test.exs
@ -22,6 +22,8 @@ defmodule Pleroma.Web.ActivityPub.MRF.MediaProxyWarmingPolicyTest do
    }
  }

+  setup do: clear_config([:media_proxy, :enabled], true)
+
  test "it prefetches media proxy URIs" do
    with_mock HTTP, get: fn _, _, _ -> {:ok, []} end do
      MediaProxyWarmingPolicy.filter(@message)
--- a/test/web/activity_pub/mrf/mrf_test.exs
+++ b/test/web/activity_pub/mrf/mrf_test.exs
@ -61,6 +61,8 @@ defmodule Pleroma.Web.ActivityPub.MRFTest do

  describe "describe/0" do
    test "it works as expected with noop policy" do
+      clear_config([:mrf, :policies], [Pleroma.Web.ActivityPub.MRF.NoOpPolicy])
+
      expected = %{
        mrf_policies: ["NoOpPolicy"],
        exclusions: false
--- a/test/web/activity_pub/object_validators/article_note_validator_test.exs
+++ b/test/web/activity_pub/object_validators/article_note_validator_test.exs
@ -2,10 +2,10 @@
 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
 # SPDX-License-Identifier: AGPL-3.0-only

-defmodule Pleroma.Web.ActivityPub.ObjectValidators.NoteValidatorTest do
+defmodule Pleroma.Web.ActivityPub.ObjectValidators.ArticleNoteValidatorTest do
  use Pleroma.DataCase

-  alias Pleroma.Web.ActivityPub.ObjectValidators.NoteValidator
+  alias Pleroma.Web.ActivityPub.ObjectValidators.ArticleNoteValidator
  alias Pleroma.Web.ActivityPub.Utils

  import Pleroma.Factory
@ -29,7 +29,7 @@ defmodule Pleroma.Web.ActivityPub.ObjectValidators.NoteValidatorTest do
    end

    test "a basic note validates", %{note: note} do
-      %{valid?: true} = NoteValidator.cast_and_validate(note)
+      %{valid?: true} = ArticleNoteValidator.cast_and_validate(note)
    end
  end
 end
--- a/test/web/activity_pub/pipeline_test.exs
+++ b/test/web/activity_pub/pipeline_test.exs
@ -26,7 +26,7 @@ defmodule Pleroma.Web.ActivityPub.PipelineTest do
        {
          Pleroma.Web.ActivityPub.MRF,
          [],
-          [filter: fn o -> {:ok, o} end]
+          [pipeline_filter: fn o, m -> {:ok, o, m} end]
        },
        {
          Pleroma.Web.ActivityPub.ActivityPub,
@ -51,7 +51,7 @@ defmodule Pleroma.Web.ActivityPub.PipelineTest do
                 Pleroma.Web.ActivityPub.Pipeline.common_pipeline(activity, meta)

        assert_called(Pleroma.Web.ActivityPub.ObjectValidator.validate(activity, meta))
-        assert_called(Pleroma.Web.ActivityPub.MRF.filter(activity))
+        assert_called(Pleroma.Web.ActivityPub.MRF.pipeline_filter(activity, meta))
        assert_called(Pleroma.Web.ActivityPub.ActivityPub.persist(activity, meta))
        assert_called(Pleroma.Web.ActivityPub.SideEffects.handle(activity, meta))
        refute called(Pleroma.Web.Federator.publish(activity))
@ -68,7 +68,7 @@ defmodule Pleroma.Web.ActivityPub.PipelineTest do
        {
          Pleroma.Web.ActivityPub.MRF,
          [],
-          [filter: fn o -> {:ok, o} end]
+          [pipeline_filter: fn o, m -> {:ok, o, m} end]
        },
        {
          Pleroma.Web.ActivityPub.ActivityPub,
@ -93,7 +93,7 @@ defmodule Pleroma.Web.ActivityPub.PipelineTest do
                 Pleroma.Web.ActivityPub.Pipeline.common_pipeline(activity, meta)

        assert_called(Pleroma.Web.ActivityPub.ObjectValidator.validate(activity, meta))
-        assert_called(Pleroma.Web.ActivityPub.MRF.filter(activity))
+        assert_called(Pleroma.Web.ActivityPub.MRF.pipeline_filter(activity, meta))
        assert_called(Pleroma.Web.ActivityPub.ActivityPub.persist(activity, meta))
        assert_called(Pleroma.Web.ActivityPub.SideEffects.handle(activity, meta))
        assert_called(Pleroma.Web.Federator.publish(activity))
@ -109,7 +109,7 @@ defmodule Pleroma.Web.ActivityPub.PipelineTest do
        {
          Pleroma.Web.ActivityPub.MRF,
          [],
-          [filter: fn o -> {:ok, o} end]
+          [pipeline_filter: fn o, m -> {:ok, o, m} end]
        },
        {
          Pleroma.Web.ActivityPub.ActivityPub,
@ -131,7 +131,7 @@ defmodule Pleroma.Web.ActivityPub.PipelineTest do
                 Pleroma.Web.ActivityPub.Pipeline.common_pipeline(activity, meta)

        assert_called(Pleroma.Web.ActivityPub.ObjectValidator.validate(activity, meta))
-        assert_called(Pleroma.Web.ActivityPub.MRF.filter(activity))
+        assert_called(Pleroma.Web.ActivityPub.MRF.pipeline_filter(activity, meta))
        assert_called(Pleroma.Web.ActivityPub.ActivityPub.persist(activity, meta))
        assert_called(Pleroma.Web.ActivityPub.SideEffects.handle(activity, meta))
      end
@ -148,7 +148,7 @@ defmodule Pleroma.Web.ActivityPub.PipelineTest do
        {
          Pleroma.Web.ActivityPub.MRF,
          [],
-          [filter: fn o -> {:ok, o} end]
+          [pipeline_filter: fn o, m -> {:ok, o, m} end]
        },
        {
          Pleroma.Web.ActivityPub.ActivityPub,
@ -170,7 +170,7 @@ defmodule Pleroma.Web.ActivityPub.PipelineTest do
                 Pleroma.Web.ActivityPub.Pipeline.common_pipeline(activity, meta)

        assert_called(Pleroma.Web.ActivityPub.ObjectValidator.validate(activity, meta))
-        assert_called(Pleroma.Web.ActivityPub.MRF.filter(activity))
+        assert_called(Pleroma.Web.ActivityPub.MRF.pipeline_filter(activity, meta))
        assert_called(Pleroma.Web.ActivityPub.ActivityPub.persist(activity, meta))
        assert_called(Pleroma.Web.ActivityPub.SideEffects.handle(activity, meta))
      end
--- a/test/web/activity_pub/relay_test.exs
+++ b/test/web/activity_pub/relay_test.exs
@ -63,6 +63,46 @@ defmodule Pleroma.Web.ActivityPub.RelayTest do
      assert activity.data["to"] == [user.ap_id]
      refute "#{user.ap_id}/followers" in User.following(service_actor)
    end
+
+    test "force unfollow when target service is dead" do
+      user = insert(:user)
+      user_ap_id = user.ap_id
+      user_id = user.id
+
+      Tesla.Mock.mock(fn %{method: :get, url: ^user_ap_id} ->
+        %Tesla.Env{status: 404}
+      end)
+
+      service_actor = Relay.get_actor()
+      CommonAPI.follow(service_actor, user)
+      assert "#{user.ap_id}/followers" in User.following(service_actor)
+
+      assert Pleroma.Repo.get_by(
+               Pleroma.FollowingRelationship,
+               follower_id: service_actor.id,
+               following_id: user_id
+             )
+
+      Pleroma.Repo.delete(user)
+      Cachex.clear(:user_cache)
+
+      assert {:ok, %Activity{} = activity} = Relay.unfollow(user_ap_id, %{force: true})
+
+      assert refresh_record(service_actor).following_count == 0
+
+      refute Pleroma.Repo.get_by(
+               Pleroma.FollowingRelationship,
+               follower_id: service_actor.id,
+               following_id: user_id
+             )
+
+      assert activity.actor == "#{Pleroma.Web.Endpoint.url()}/relay"
+      assert user.ap_id in activity.recipients
+      assert activity.data["type"] == "Undo"
+      assert activity.data["actor"] == service_actor.ap_id
+      assert activity.data["to"] == [user_ap_id]
+      refute "#{user.ap_id}/followers" in User.following(service_actor)
+    end
  end

  describe "publish/1" do
--- a/test/web/activity_pub/transmogrifier/article_handling_test.exs
+++ b/test/web/activity_pub/transmogrifier/article_handling_test.exs
@ -0,0 +1,75 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.ActivityPub.Transmogrifier.ArticleHandlingTest do
+  use Oban.Testing, repo: Pleroma.Repo
+  use Pleroma.DataCase
+
+  alias Pleroma.Activity
+  alias Pleroma.Object
+  alias Pleroma.Object.Fetcher
+  alias Pleroma.Web.ActivityPub.Transmogrifier
+
+  test "Pterotype (Wordpress Plugin) Article" do
+    Tesla.Mock.mock(fn %{url: "https://wedistribute.org/wp-json/pterotype/v1/actor/-blog"} ->
+      %Tesla.Env{status: 200, body: File.read!("test/fixtures/tesla_mock/wedistribute-user.json")}
+    end)
+
+    data =
+      File.read!("test/fixtures/tesla_mock/wedistribute-create-article.json") |> Jason.decode!()
+
+    {:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data)
+
+    object = Object.normalize(data["object"])
+
+    assert object.data["name"] == "The end is near: Mastodon plans to drop OStatus support"
+
+    assert object.data["summary"] ==
+             "One of the largest platforms in the federated social web is dropping the protocol that it started with."
+
+    assert object.data["url"] == "https://wedistribute.org/2019/07/mastodon-drops-ostatus/"
+  end
+
+  test "Plume Article" do
+    Tesla.Mock.mock(fn
+      %{url: "https://baptiste.gelez.xyz/~/PlumeDevelopment/this-month-in-plume-june-2018/"} ->
+        %Tesla.Env{
+          status: 200,
+          body: File.read!("test/fixtures/tesla_mock/baptiste.gelex.xyz-article.json")
+        }
+
+      %{url: "https://baptiste.gelez.xyz/@/BaptisteGelez"} ->
+        %Tesla.Env{
+          status: 200,
+          body: File.read!("test/fixtures/tesla_mock/baptiste.gelex.xyz-user.json")
+        }
+    end)
+
+    {:ok, object} =
+      Fetcher.fetch_object_from_id(
+        "https://baptiste.gelez.xyz/~/PlumeDevelopment/this-month-in-plume-june-2018/"
+      )
+
+    assert object.data["name"] == "This Month in Plume: June 2018"
+
+    assert object.data["url"] ==
+             "https://baptiste.gelez.xyz/~/PlumeDevelopment/this-month-in-plume-june-2018/"
+  end
+
+  test "Prismo Article" do
+    Tesla.Mock.mock(fn %{url: "https://prismo.news/@mxb"} ->
+      %Tesla.Env{
+        status: 200,
+        body: File.read!("test/fixtures/tesla_mock/https___prismo.news__mxb.json")
+      }
+    end)
+
+    data = File.read!("test/fixtures/prismo-url-map.json") |> Jason.decode!()
+
+    {:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data)
+    object = Object.normalize(data["object"])
+
+    assert object.data["url"] == "https://prismo.news/posts/83"
+  end
+end
--- a/test/web/activity_pub/transmogrifier/question_handling_test.exs
+++ b/test/web/activity_pub/transmogrifier/question_handling_test.exs
@ -157,12 +157,12 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier.QuestionHandlingTest do
           }
  end

-  test "returns an error if received a second time" do
+  test "returns same activity if received a second time" do
    data = File.read!("test/fixtures/mastodon-question-activity.json") |> Poison.decode!()

    assert {:ok, %Activity{local: false} = activity} = Transmogrifier.handle_incoming(data)

-    assert {:error, {:validate_object, {:error, _}}} = Transmogrifier.handle_incoming(data)
+    assert {:ok, ^activity} = Transmogrifier.handle_incoming(data)
  end

  test "accepts a Question with no content" do
--- a/test/web/activity_pub/transmogrifier/video_handling_test.exs
+++ b/test/web/activity_pub/transmogrifier/video_handling_test.exs
@ -0,0 +1,93 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.ActivityPub.Transmogrifier.VideoHandlingTest do
+  use Oban.Testing, repo: Pleroma.Repo
+  use Pleroma.DataCase
+
+  alias Pleroma.Activity
+  alias Pleroma.Object
+  alias Pleroma.Object.Fetcher
+  alias Pleroma.Web.ActivityPub.Transmogrifier
+
+  setup_all do
+    Tesla.Mock.mock_global(fn env -> apply(HttpRequestMock, :request, [env]) end)
+    :ok
+  end
+
+  test "skip converting the content when it is nil" do
+    data =
+      File.read!("test/fixtures/tesla_mock/framatube.org-video.json")
+      |> Jason.decode!()
+      |> Kernel.put_in(["object", "content"], nil)
+
+    {:ok, %Activity{local: false} = activity} = Transmogrifier.handle_incoming(data)
+
+    assert object = Object.normalize(activity, false)
+
+    assert object.data["content"] == nil
+  end
+
+  test "it converts content of object to html" do
+    data = File.read!("test/fixtures/tesla_mock/framatube.org-video.json") |> Jason.decode!()
+
+    {:ok, %Activity{local: false} = activity} = Transmogrifier.handle_incoming(data)
+
+    assert object = Object.normalize(activity, false)
+
+    assert object.data["content"] ==
+             "<p>Après avoir mené avec un certain succès la campagne « Dégooglisons Internet » en 2014, l’association Framasoft annonce fin 2019 arrêter progressivement un certain nombre de ses services alternatifs aux GAFAM. Pourquoi ?</p><p>Transcription par @aprilorg ici : <a href=\"https://www.april.org/deframasoftisons-internet-pierre-yves-gosset-framasoft\">https://www.april.org/deframasoftisons-internet-pierre-yves-gosset-framasoft</a></p>"
+  end
+
+  test "it remaps video URLs as attachments if necessary" do
+    {:ok, object} =
+      Fetcher.fetch_object_from_id(
+        "https://peertube.moe/videos/watch/df5f464b-be8d-46fb-ad81-2d4c2d1630e3"
+      )
+
+    assert object.data["url"] ==
+             "https://peertube.moe/videos/watch/df5f464b-be8d-46fb-ad81-2d4c2d1630e3"
+
+    assert object.data["attachment"] == [
+             %{
+               "type" => "Link",
+               "mediaType" => "video/mp4",
+               "name" => nil,
+               "url" => [
+                 %{
+                   "href" =>
+                     "https://peertube.moe/static/webseed/df5f464b-be8d-46fb-ad81-2d4c2d1630e3-480.mp4",
+                   "mediaType" => "video/mp4",
+                   "type" => "Link"
+                 }
+               ]
+             }
+           ]
+
+    data = File.read!("test/fixtures/tesla_mock/framatube.org-video.json") |> Jason.decode!()
+
+    {:ok, %Activity{local: false} = activity} = Transmogrifier.handle_incoming(data)
+
+    assert object = Object.normalize(activity, false)
+
+    assert object.data["attachment"] == [
+             %{
+               "type" => "Link",
+               "mediaType" => "video/mp4",
+               "name" => nil,
+               "url" => [
+                 %{
+                   "href" =>
+                     "https://framatube.org/static/webseed/6050732a-8a7a-43d4-a6cd-809525a1d206-1080.mp4",
+                   "mediaType" => "video/mp4",
+                   "type" => "Link"
+                 }
+               ]
+             }
+           ]
+
+    assert object.data["url"] ==
+             "https://framatube.org/videos/watch/6050732a-8a7a-43d4-a6cd-809525a1d206"
+  end
+end
--- a/test/web/activity_pub/transmogrifier_test.exs
+++ b/test/web/activity_pub/transmogrifier_test.exs
@ -8,7 +8,6 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do

  alias Pleroma.Activity
  alias Pleroma.Object
-  alias Pleroma.Object.Fetcher
  alias Pleroma.Tests.ObanHelpers
  alias Pleroma.User
  alias Pleroma.Web.ActivityPub.Transmogrifier
@ -45,15 +44,6 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do
      assert "test" in object.data["tag"]
    end

-    test "it works for incoming notices with url not being a string (prismo)" do
-      data = File.read!("test/fixtures/prismo-url-map.json") |> Poison.decode!()
-
-      {:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data)
-      object = Object.normalize(data["object"])
-
-      assert object.data["url"] == "https://prismo.news/posts/83"
-    end
-
    test "it cleans up incoming notices which are not really DMs" do
      user = insert(:user)
      other_user = insert(:user)
@ -355,83 +345,6 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do
      refute User.following?(User.get_cached_by_ap_id(data["actor"]), user)
    end

-    test "skip converting the content when it is nil" do
-      object_id = "https://peertube.social/videos/watch/278d2b7c-0f38-4aaa-afe6-9ecc0c4a34fe"
-
-      {:ok, object} = Fetcher.fetch_and_contain_remote_object_from_id(object_id)
-
-      result =
-        Pleroma.Web.ActivityPub.Transmogrifier.fix_object(Map.merge(object, %{"content" => nil}))
-
-      assert result["content"] == nil
-    end
-
-    test "it converts content of object to html" do
-      object_id = "https://peertube.social/videos/watch/278d2b7c-0f38-4aaa-afe6-9ecc0c4a34fe"
-
-      {:ok, %{"content" => content_markdown}} =
-        Fetcher.fetch_and_contain_remote_object_from_id(object_id)
-
-      {:ok, %Pleroma.Object{data: %{"content" => content}} = object} =
-        Fetcher.fetch_object_from_id(object_id)
-
-      assert content_markdown ==
-               "Support this and our other Michigan!/usr/group videos and meetings. Learn more at http://mug.org/membership\n\nTwenty Years in Jail: FreeBSD's Jails, Then and Now\n\nJails started as a limited virtualization system, but over the last two years they've..."
-
-      assert content ==
-               "<p>Support this and our other Michigan!/usr/group videos and meetings. Learn more at <a href=\"http://mug.org/membership\">http://mug.org/membership</a></p><p>Twenty Years in Jail: FreeBSD’s Jails, Then and Now</p><p>Jails started as a limited virtualization system, but over the last two years they’ve…</p>"
-
-      assert object.data["mediaType"] == "text/html"
-    end
-
-    test "it remaps video URLs as attachments if necessary" do
-      {:ok, object} =
-        Fetcher.fetch_object_from_id(
-          "https://peertube.moe/videos/watch/df5f464b-be8d-46fb-ad81-2d4c2d1630e3"
-        )
-
-      assert object.data["url"] ==
-               "https://peertube.moe/videos/watch/df5f464b-be8d-46fb-ad81-2d4c2d1630e3"
-
-      assert object.data["attachment"] == [
-               %{
-                 "type" => "Link",
-                 "mediaType" => "video/mp4",
-                 "url" => [
-                   %{
-                     "href" =>
-                       "https://peertube.moe/static/webseed/df5f464b-be8d-46fb-ad81-2d4c2d1630e3-480.mp4",
-                     "mediaType" => "video/mp4",
-                     "type" => "Link"
-                   }
-                 ]
-               }
-             ]
-
-      {:ok, object} =
-        Fetcher.fetch_object_from_id(
-          "https://framatube.org/videos/watch/6050732a-8a7a-43d4-a6cd-809525a1d206"
-        )
-
-      assert object.data["attachment"] == [
-               %{
-                 "type" => "Link",
-                 "mediaType" => "video/mp4",
-                 "url" => [
-                   %{
-                     "href" =>
-                       "https://framatube.org/static/webseed/6050732a-8a7a-43d4-a6cd-809525a1d206-1080.mp4",
-                     "mediaType" => "video/mp4",
-                     "type" => "Link"
-                   }
-                 ]
-               }
-             ]
-
-      assert object.data["url"] ==
-               "https://framatube.org/videos/watch/6050732a-8a7a-43d4-a6cd-809525a1d206"
-    end
-
    test "it accepts Flag activities" do
      user = insert(:user)
      other_user = insert(:user)
@ -1133,75 +1046,7 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do
             }
    end

-    test "fixes data for video object" do
-      object = %{
-        "type" => "Video",
-        "url" => [
-          %{
-            "type" => "Link",
-            "mimeType" => "video/mp4",
-            "href" => "https://peede8d-46fb-ad81-2d4c2d1630e3-480.mp4"
-          },
-          %{
-            "type" => "Link",
-            "mimeType" => "video/mp4",
-            "href" => "https://peertube46fb-ad81-2d4c2d1630e3-240.mp4"
-          },
-          %{
-            "type" => "Link",
-            "mimeType" => "text/html",
-            "href" => "https://peertube.-2d4c2d1630e3"
-          },
-          %{
-            "type" => "Link",
-            "mimeType" => "text/html",
-            "href" => "https://peertube.-2d4c2d16377-42"
-          }
-        ]
-      }
-
-      assert Transmogrifier.fix_url(object) == %{
-               "attachment" => [
-                 %{
-                   "href" => "https://peede8d-46fb-ad81-2d4c2d1630e3-480.mp4",
-                   "mimeType" => "video/mp4",
-                   "type" => "Link"
-                 }
-               ],
-               "type" => "Video",
-               "url" => "https://peertube.-2d4c2d1630e3"
-             }
-    end
-
-    test "fixes url for not Video object" do
-      object = %{
-        "type" => "Text",
-        "url" => [
-          %{
-            "type" => "Link",
-            "mimeType" => "text/html",
-            "href" => "https://peertube.-2d4c2d1630e3"
-          },
-          %{
-            "type" => "Link",
-            "mimeType" => "text/html",
-            "href" => "https://peertube.-2d4c2d16377-42"
-          }
-        ]
-      }
-
-      assert Transmogrifier.fix_url(object) == %{
-               "type" => "Text",
-               "url" => "https://peertube.-2d4c2d1630e3"
-             }
-
-      assert Transmogrifier.fix_url(%{"type" => "Text", "url" => []}) == %{
-               "type" => "Text",
-               "url" => ""
-             }
-    end
-
-    test "retunrs not modified object" do
+    test "returns non-modified object" do
      assert Transmogrifier.fix_url(%{"type" => "Text"}) == %{"type" => "Text"}
    end
  end
--- a/test/web/admin_api/controllers/admin_api_controller_test.exs
+++ b/test/web/admin_api/controllers/admin_api_controller_test.exs
@ -1510,6 +1510,56 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
    end
  end

+  describe "GET /api/pleroma/admin/users/:nickname/chats" do
+    setup do
+      user = insert(:user)
+      recipients = insert_list(3, :user)
+
+      Enum.each(recipients, fn recipient ->
+        CommonAPI.post_chat_message(user, recipient, "yo")
+      end)
+
+      %{user: user}
+    end
+
+    test "renders user's chats", %{conn: conn, user: user} do
+      conn = get(conn, "/api/pleroma/admin/users/#{user.nickname}/chats")
+
+      assert json_response(conn, 200) |> length() == 3
+    end
+  end
+
+  describe "GET /api/pleroma/admin/users/:nickname/chats unauthorized" do
+    setup do
+      user = insert(:user)
+      recipient = insert(:user)
+      CommonAPI.post_chat_message(user, recipient, "yo")
+      %{conn: conn} = oauth_access(["read:chats"])
+      %{conn: conn, user: user}
+    end
+
+    test "returns 403", %{conn: conn, user: user} do
+      conn
+      |> get("/api/pleroma/admin/users/#{user.nickname}/chats")
+      |> json_response(403)
+    end
+  end
+
+  describe "GET /api/pleroma/admin/users/:nickname/chats unauthenticated" do
+    setup do
+      user = insert(:user)
+      recipient = insert(:user)
+      CommonAPI.post_chat_message(user, recipient, "yo")
+      %{conn: build_conn(), user: user}
+    end
+
+    test "returns 403", %{conn: conn, user: user} do
+      conn
+      |> get("/api/pleroma/admin/users/#{user.nickname}/chats")
+      |> json_response(403)
+    end
+  end
+
  describe "GET /api/pleroma/admin/moderation_log" do
    setup do
      moderator = insert(:user, is_moderator: true)
@ -1927,7 +1977,12 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
               }"

      ObanHelpers.perform_all()
-      assert_email_sent(Pleroma.Emails.UserEmail.account_confirmation_email(first_user))
+
+      Pleroma.Emails.UserEmail.account_confirmation_email(first_user)
+      # temporary hackney fix until hackney max_connections bug is fixed
+      # https://git.pleroma.social/pleroma/pleroma/-/issues/2101
+      |> Swoosh.Email.put_private(:hackney_options, ssl_options: [versions: [:"tlsv1.2"]])
+      |> assert_email_sent()
    end
  end

--- a/test/web/admin_api/controllers/chat_controller_test.exs
+++ b/test/web/admin_api/controllers/chat_controller_test.exs
@ -0,0 +1,219 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.AdminAPI.ChatControllerTest do
+  use Pleroma.Web.ConnCase
+
+  import Pleroma.Factory
+
+  alias Pleroma.Chat
+  alias Pleroma.Chat.MessageReference
+  alias Pleroma.Config
+  alias Pleroma.ModerationLog
+  alias Pleroma.Object
+  alias Pleroma.Repo
+  alias Pleroma.Web.CommonAPI
+
+  defp admin_setup do
+    admin = insert(:user, is_admin: true)
+    token = insert(:oauth_admin_token, user: admin)
+
+    conn =
+      build_conn()
+      |> assign(:user, admin)
+      |> assign(:token, token)
+
+    {:ok, %{admin: admin, token: token, conn: conn}}
+  end
+
+  describe "DELETE /api/pleroma/admin/chats/:id/messages/:message_id" do
+    setup do: admin_setup()
+
+    test "it deletes a message from the chat", %{conn: conn, admin: admin} do
+      user = insert(:user)
+      recipient = insert(:user)
+
+      {:ok, message} =
+        CommonAPI.post_chat_message(user, recipient, "Hello darkness my old friend")
+
+      object = Object.normalize(message, false)
+
+      chat = Chat.get(user.id, recipient.ap_id)
+      recipient_chat = Chat.get(recipient.id, user.ap_id)
+
+      cm_ref = MessageReference.for_chat_and_object(chat, object)
+      recipient_cm_ref = MessageReference.for_chat_and_object(recipient_chat, object)
+
+      result =
+        conn
+        |> put_req_header("content-type", "application/json")
+        |> delete("/api/pleroma/admin/chats/#{chat.id}/messages/#{cm_ref.id}")
+        |> json_response_and_validate_schema(200)
+
+      log_entry = Repo.one(ModerationLog)
+
+      assert ModerationLog.get_log_entry_message(log_entry) ==
+               "@#{admin.nickname} deleted chat message ##{cm_ref.id}"
+
+      assert result["id"] == cm_ref.id
+      refute MessageReference.get_by_id(cm_ref.id)
+      refute MessageReference.get_by_id(recipient_cm_ref.id)
+      assert %{data: %{"type" => "Tombstone"}} = Object.get_by_id(object.id)
+    end
+  end
+
+  describe "GET /api/pleroma/admin/chats/:id/messages" do
+    setup do: admin_setup()
+
+    test "it paginates", %{conn: conn} do
+      user = insert(:user)
+      recipient = insert(:user)
+
+      Enum.each(1..30, fn _ ->
+        {:ok, _} = CommonAPI.post_chat_message(user, recipient, "hey")
+      end)
+
+      chat = Chat.get(user.id, recipient.ap_id)
+
+      result =
+        conn
+        |> get("/api/pleroma/admin/chats/#{chat.id}/messages")
+        |> json_response_and_validate_schema(200)
+
+      assert length(result) == 20
+
+      result =
+        conn
+        |> get("/api/pleroma/admin/chats/#{chat.id}/messages?max_id=#{List.last(result)["id"]}")
+        |> json_response_and_validate_schema(200)
+
+      assert length(result) == 10
+    end
+
+    test "it returns the messages for a given chat", %{conn: conn} do
+      user = insert(:user)
+      other_user = insert(:user)
+      third_user = insert(:user)
+
+      {:ok, _} = CommonAPI.post_chat_message(user, other_user, "hey")
+      {:ok, _} = CommonAPI.post_chat_message(user, third_user, "hey")
+      {:ok, _} = CommonAPI.post_chat_message(user, other_user, "how are you?")
+      {:ok, _} = CommonAPI.post_chat_message(other_user, user, "fine, how about you?")
+
+      chat = Chat.get(user.id, other_user.ap_id)
+
+      result =
+        conn
+        |> get("/api/pleroma/admin/chats/#{chat.id}/messages")
+        |> json_response_and_validate_schema(200)
+
+      result
+      |> Enum.each(fn message ->
+        assert message["chat_id"] == chat.id |> to_string()
+      end)
+
+      assert length(result) == 3
+    end
+  end
+
+  describe "GET /api/pleroma/admin/chats/:id" do
+    setup do: admin_setup()
+
+    test "it returns a chat", %{conn: conn} do
+      user = insert(:user)
+      other_user = insert(:user)
+
+      {:ok, chat} = Chat.get_or_create(user.id, other_user.ap_id)
+
+      result =
+        conn
+        |> get("/api/pleroma/admin/chats/#{chat.id}")
+        |> json_response_and_validate_schema(200)
+
+      assert result["id"] == to_string(chat.id)
+      assert %{} = result["sender"]
+      assert %{} = result["receiver"]
+      refute result["account"]
+    end
+  end
+
+  describe "unauthorized chat moderation" do
+    setup do
+      user = insert(:user)
+      recipient = insert(:user)
+
+      {:ok, message} = CommonAPI.post_chat_message(user, recipient, "Yo")
+      object = Object.normalize(message, false)
+      chat = Chat.get(user.id, recipient.ap_id)
+      cm_ref = MessageReference.for_chat_and_object(chat, object)
+
+      %{conn: conn} = oauth_access(["read:chats", "write:chats"])
+      %{conn: conn, chat: chat, cm_ref: cm_ref}
+    end
+
+    test "DELETE /api/pleroma/admin/chats/:id/messages/:message_id", %{
+      conn: conn,
+      chat: chat,
+      cm_ref: cm_ref
+    } do
+      conn
+      |> put_req_header("content-type", "application/json")
+      |> delete("/api/pleroma/admin/chats/#{chat.id}/messages/#{cm_ref.id}")
+      |> json_response(403)
+
+      assert MessageReference.get_by_id(cm_ref.id) == cm_ref
+    end
+
+    test "GET /api/pleroma/admin/chats/:id/messages", %{conn: conn, chat: chat} do
+      conn
+      |> get("/api/pleroma/admin/chats/#{chat.id}/messages")
+      |> json_response(403)
+    end
+
+    test "GET /api/pleroma/admin/chats/:id", %{conn: conn, chat: chat} do
+      conn
+      |> get("/api/pleroma/admin/chats/#{chat.id}")
+      |> json_response(403)
+    end
+  end
+
+  describe "unauthenticated chat moderation" do
+    setup do
+      user = insert(:user)
+      recipient = insert(:user)
+
+      {:ok, message} = CommonAPI.post_chat_message(user, recipient, "Yo")
+      object = Object.normalize(message, false)
+      chat = Chat.get(user.id, recipient.ap_id)
+      cm_ref = MessageReference.for_chat_and_object(chat, object)
+
+      %{conn: build_conn(), chat: chat, cm_ref: cm_ref}
+    end
+
+    test "DELETE /api/pleroma/admin/chats/:id/messages/:message_id", %{
+      conn: conn,
+      chat: chat,
+      cm_ref: cm_ref
+    } do
+      conn
+      |> put_req_header("content-type", "application/json")
+      |> delete("/api/pleroma/admin/chats/#{chat.id}/messages/#{cm_ref.id}")
+      |> json_response(403)
+
+      assert MessageReference.get_by_id(cm_ref.id) == cm_ref
+    end
+
+    test "GET /api/pleroma/admin/chats/:id/messages", %{conn: conn, chat: chat} do
+      conn
+      |> get("/api/pleroma/admin/chats/#{chat.id}/messages")
+      |> json_response(403)
+    end
+
+    test "GET /api/pleroma/admin/chats/:id", %{conn: conn, chat: chat} do
+      conn
+      |> get("/api/pleroma/admin/chats/#{chat.id}")
+      |> json_response(403)
+    end
+  end
+end
--- a/test/web/admin_api/controllers/instance_document_controller_test.exs
+++ b/test/web/admin_api/controllers/instance_document_controller_test.exs
@ -0,0 +1,106 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.AdminAPI.InstanceDocumentControllerTest do
+  use Pleroma.Web.ConnCase, async: true
+  import Pleroma.Factory
+  alias Pleroma.Config
+
+  @dir "test/tmp/instance_static"
+  @default_instance_panel ~s(<p>Welcome to <a href="https://pleroma.social" target="_blank">Pleroma!</a></p>)
+
+  setup do
+    File.mkdir_p!(@dir)
+    on_exit(fn -> File.rm_rf(@dir) end)
+  end
+
+  setup do: clear_config([:instance, :static_dir], @dir)
+
+  setup do
+    admin = insert(:user, is_admin: true)
+    token = insert(:oauth_admin_token, user: admin)
+
+    conn =
+      build_conn()
+      |> assign(:user, admin)
+      |> assign(:token, token)
+
+    {:ok, %{admin: admin, token: token, conn: conn}}
+  end
+
+  describe "GET /api/pleroma/admin/instance_document/:name" do
+    test "return the instance document url", %{conn: conn} do
+      conn = get(conn, "/api/pleroma/admin/instance_document/instance-panel")
+
+      assert content = html_response(conn, 200)
+      assert String.contains?(content, @default_instance_panel)
+    end
+
+    test "it returns 403 if requested by a non-admin" do
+      non_admin_user = insert(:user)
+      token = insert(:oauth_token, user: non_admin_user)
+
+      conn =
+        build_conn()
+        |> assign(:user, non_admin_user)
+        |> assign(:token, token)
+        |> get("/api/pleroma/admin/instance_document/instance-panel")
+
+      assert json_response(conn, :forbidden)
+    end
+
+    test "it returns 404 if the instance document with the given name doesn't exist", %{
+      conn: conn
+    } do
+      conn = get(conn, "/api/pleroma/admin/instance_document/1234")
+
+      assert json_response_and_validate_schema(conn, 404)
+    end
+  end
+
+  describe "PATCH /api/pleroma/admin/instance_document/:name" do
+    test "uploads the instance document", %{conn: conn} do
+      image = %Plug.Upload{
+        content_type: "text/html",
+        path: Path.absname("test/fixtures/custom_instance_panel.html"),
+        filename: "custom_instance_panel.html"
+      }
+
+      conn =
+        conn
+        |> put_req_header("content-type", "multipart/form-data")
+        |> patch("/api/pleroma/admin/instance_document/instance-panel", %{
+          "file" => image
+        })
+
+      assert %{"url" => url} = json_response_and_validate_schema(conn, 200)
+      index = get(build_conn(), url)
+      assert html_response(index, 200) == "<h2>Custom instance panel</h2>"
+    end
+  end
+
+  describe "DELETE /api/pleroma/admin/instance_document/:name" do
+    test "deletes the instance document", %{conn: conn} do
+      File.mkdir!(@dir <> "/instance/")
+      File.write!(@dir <> "/instance/panel.html", "Custom instance panel")
+
+      conn_resp =
+        conn
+        |> get("/api/pleroma/admin/instance_document/instance-panel")
+
+      assert html_response(conn_resp, 200) == "Custom instance panel"
+
+      conn
+      |> delete("/api/pleroma/admin/instance_document/instance-panel")
+      |> json_response_and_validate_schema(200)
+
+      conn_resp =
+        conn
+        |> get("/api/pleroma/admin/instance_document/instance-panel")
+
+      assert content = html_response(conn_resp, 200)
+      assert String.contains?(content, @default_instance_panel)
+    end
+  end
+end
--- a/test/web/admin_api/search_test.exs
+++ b/test/web/admin_api/search_test.exs
@ -177,5 +177,14 @@ defmodule Pleroma.Web.AdminAPI.SearchTest do
      assert total == 3
      assert count == 1
    end
+
+    test "it returns non-discoverable users" do
+      insert(:user)
+      insert(:user, discoverable: false)
+
+      {:ok, _results, total} = Search.user()
+
+      assert total == 2
+    end
  end
 end
--- a/test/web/common_api/common_api_test.exs
+++ b/test/web/common_api/common_api_test.exs
@ -29,6 +29,23 @@ defmodule Pleroma.Web.CommonAPITest do
  setup do: clear_config([:instance, :limit])
  setup do: clear_config([:instance, :max_pinned_statuses])

+  describe "posting polls" do
+    test "it posts a poll" do
+      user = insert(:user)
+
+      {:ok, activity} =
+        CommonAPI.post(user, %{
+          status: "who is the best",
+          poll: %{expires_in: 600, options: ["reimu", "marisa"]}
+        })
+
+      object = Object.normalize(activity)
+
+      assert object.data["type"] == "Question"
+      assert object.data["oneOf"] |> length() == 2
+    end
+  end
+
  describe "blocking" do
    setup do
      blocker = insert(:user)
@ -217,6 +234,17 @@ defmodule Pleroma.Web.CommonAPITest do

      assert message == :content_too_long
    end
+
+    test "it reject messages via MRF" do
+      clear_config([:mrf_keyword, :reject], ["GNO"])
+      clear_config([:mrf, :policies], [Pleroma.Web.ActivityPub.MRF.KeywordPolicy])
+
+      author = insert(:user)
+      recipient = insert(:user)
+
+      assert {:reject, "[KeywordPolicy] Matches with rejected keyword"} ==
+               CommonAPI.post_chat_message(author, recipient, "GNO/Linux")
+    end
  end

  describe "unblocking" do
@ -1193,4 +1221,24 @@ defmodule Pleroma.Web.CommonAPITest do
      assert Visibility.get_visibility(activity) == "private"
    end
  end
+
+  describe "get_user/1" do
+    test "gets user by ap_id" do
+      user = insert(:user)
+      assert CommonAPI.get_user(user.ap_id) == user
+    end
+
+    test "gets user by guessed nickname" do
+      user = insert(:user, ap_id: "", nickname: "mario@mushroom.kingdom")
+      assert CommonAPI.get_user("https://mushroom.kingdom/users/mario") == user
+    end
+
+    test "fallback" do
+      assert %User{
+               name: "",
+               ap_id: "",
+               nickname: "erroruser@example.com"
+             } = CommonAPI.get_user("")
+    end
+  end
 end
--- a/test/web/fed_sockets/fed_registry_test.exs
+++ b/test/web/fed_sockets/fed_registry_test.exs
@ -0,0 +1,124 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.FedSockets.FedRegistryTest do
+  use ExUnit.Case
+
+  alias Pleroma.Web.FedSockets
+  alias Pleroma.Web.FedSockets.FedRegistry
+  alias Pleroma.Web.FedSockets.SocketInfo
+
+  @good_domain "http://good.domain"
+  @good_domain_origin "good.domain:80"
+
+  setup do
+    start_supervised({Pleroma.Web.FedSockets.Supervisor, []})
+    build_test_socket(@good_domain)
+    Process.sleep(10)
+
+    :ok
+  end
+
+  describe "add_fed_socket/1 without conflicting sockets" do
+    test "can be added" do
+      Process.sleep(10)
+      assert {:ok, %SocketInfo{origin: origin}} = FedRegistry.get_fed_socket(@good_domain_origin)
+      assert origin == "good.domain:80"
+    end
+
+    test "multiple origins can be added" do
+      build_test_socket("http://anothergood.domain")
+      Process.sleep(10)
+
+      assert {:ok, %SocketInfo{origin: origin_1}} =
+               FedRegistry.get_fed_socket(@good_domain_origin)
+
+      assert {:ok, %SocketInfo{origin: origin_2}} =
+               FedRegistry.get_fed_socket("anothergood.domain:80")
+
+      assert origin_1 == "good.domain:80"
+      assert origin_2 == "anothergood.domain:80"
+      assert FedRegistry.list_all() |> Enum.count() == 2
+    end
+  end
+
+  describe "add_fed_socket/1 when duplicate sockets conflict" do
+    setup do
+      build_test_socket(@good_domain)
+      build_test_socket(@good_domain)
+      Process.sleep(10)
+      :ok
+    end
+
+    test "will be ignored" do
+      assert {:ok, %SocketInfo{origin: origin, pid: pid_one}} =
+               FedRegistry.get_fed_socket(@good_domain_origin)
+
+      assert origin == "good.domain:80"
+
+      assert FedRegistry.list_all() |> Enum.count() == 1
+    end
+
+    test "the newer process will be closed" do
+      pid_two = build_test_socket(@good_domain)
+
+      assert {:ok, %SocketInfo{origin: origin, pid: pid_one}} =
+               FedRegistry.get_fed_socket(@good_domain_origin)
+
+      assert origin == "good.domain:80"
+      Process.sleep(10)
+
+      refute Process.alive?(pid_two)
+
+      assert FedRegistry.list_all() |> Enum.count() == 1
+    end
+  end
+
+  describe "get_fed_socket/1" do
+    test "returns missing for unknown hosts" do
+      assert {:error, :missing} = FedRegistry.get_fed_socket("not_a_dmoain")
+    end
+
+    test "returns rejected for hosts previously rejected" do
+      "rejected.domain:80"
+      |> FedSockets.uri_for_origin()
+      |> FedRegistry.set_host_rejected()
+
+      assert {:error, :rejected} = FedRegistry.get_fed_socket("rejected.domain:80")
+    end
+
+    test "can retrieve a previously added SocketInfo" do
+      build_test_socket(@good_domain)
+      Process.sleep(10)
+      assert {:ok, %SocketInfo{origin: origin}} = FedRegistry.get_fed_socket(@good_domain_origin)
+      assert origin == "good.domain:80"
+    end
+
+    test "removes references to SocketInfos when the process crashes" do
+      assert {:ok, %SocketInfo{origin: origin, pid: pid}} =
+               FedRegistry.get_fed_socket(@good_domain_origin)
+
+      assert origin == "good.domain:80"
+
+      Process.exit(pid, :testing)
+      Process.sleep(100)
+      assert {:error, :missing} = FedRegistry.get_fed_socket(@good_domain_origin)
+    end
+  end
+
+  def build_test_socket(uri) do
+    Kernel.spawn(fn -> fed_socket_almost(uri) end)
+  end
+
+  def fed_socket_almost(origin) do
+    FedRegistry.add_fed_socket(origin)
+
+    receive do
+      :close ->
+        :ok
+    after
+      5_000 -> :timeout
+    end
+  end
+end
--- a/test/web/fed_sockets/fetch_registry_test.exs
+++ b/test/web/fed_sockets/fetch_registry_test.exs
@ -0,0 +1,67 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.FedSockets.FetchRegistryTest do
+  use ExUnit.Case
+
+  alias Pleroma.Web.FedSockets.FetchRegistry
+  alias Pleroma.Web.FedSockets.FetchRegistry.FetchRegistryData
+
+  @json_message "hello"
+  @json_reply "hello back"
+
+  setup do
+    start_supervised(
+      {Pleroma.Web.FedSockets.Supervisor,
+       [
+         ping_interval: 8,
+         connection_duration: 15,
+         rejection_duration: 5,
+         fed_socket_fetches: [default: 10, interval: 10]
+       ]}
+    )
+
+    :ok
+  end
+
+  test "fetches can be stored" do
+    uuid = FetchRegistry.register_fetch(@json_message)
+
+    assert {:error, :waiting} = FetchRegistry.check_fetch(uuid)
+  end
+
+  test "fetches can return" do
+    uuid = FetchRegistry.register_fetch(@json_message)
+    task = Task.async(fn -> FetchRegistry.register_fetch_received(uuid, @json_reply) end)
+
+    assert {:error, :waiting} = FetchRegistry.check_fetch(uuid)
+    Task.await(task)
+
+    assert {:ok, %FetchRegistryData{received_json: received_json}} =
+             FetchRegistry.check_fetch(uuid)
+
+    assert received_json == @json_reply
+  end
+
+  test "fetches are deleted once popped from stack" do
+    uuid = FetchRegistry.register_fetch(@json_message)
+    task = Task.async(fn -> FetchRegistry.register_fetch_received(uuid, @json_reply) end)
+    Task.await(task)
+
+    assert {:ok, %FetchRegistryData{received_json: received_json}} =
+             FetchRegistry.check_fetch(uuid)
+
+    assert received_json == @json_reply
+    assert {:ok, @json_reply} = FetchRegistry.pop_fetch(uuid)
+
+    assert {:error, :missing} = FetchRegistry.check_fetch(uuid)
+  end
+
+  test "fetches can time out" do
+    uuid = FetchRegistry.register_fetch(@json_message)
+    assert {:error, :waiting} = FetchRegistry.check_fetch(uuid)
+    Process.sleep(500)
+    assert {:error, :missing} = FetchRegistry.check_fetch(uuid)
+  end
+end
--- a/test/web/fed_sockets/socket_info_test.exs
+++ b/test/web/fed_sockets/socket_info_test.exs
@ -0,0 +1,118 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.FedSockets.SocketInfoTest do
+  use ExUnit.Case
+
+  alias Pleroma.Web.FedSockets
+  alias Pleroma.Web.FedSockets.SocketInfo
+
+  describe "uri_for_origin" do
+    test "provides the fed_socket URL given the origin information" do
+      endpoint = "example.com:4000"
+      assert FedSockets.uri_for_origin(endpoint) =~ "ws://"
+      assert FedSockets.uri_for_origin(endpoint) =~ endpoint
+    end
+  end
+
+  describe "origin" do
+    test "will provide the origin field given a url" do
+      endpoint = "example.com:4000"
+      assert SocketInfo.origin("ws://#{endpoint}") == endpoint
+      assert SocketInfo.origin("http://#{endpoint}") == endpoint
+      assert SocketInfo.origin("https://#{endpoint}") == endpoint
+    end
+
+    test "will proide the origin field given a uri" do
+      endpoint = "example.com:4000"
+      uri = URI.parse("http://#{endpoint}")
+
+      assert SocketInfo.origin(uri) == endpoint
+    end
+  end
+
+  describe "touch" do
+    test "will update the TTL" do
+      endpoint = "example.com:4000"
+      socket = SocketInfo.build("ws://#{endpoint}")
+      Process.sleep(2)
+      touched_socket = SocketInfo.touch(socket)
+
+      assert socket.connected_until < touched_socket.connected_until
+    end
+  end
+
+  describe "expired?" do
+    setup do
+      start_supervised(
+        {Pleroma.Web.FedSockets.Supervisor,
+         [
+           ping_interval: 8,
+           connection_duration: 5,
+           rejection_duration: 5,
+           fed_socket_rejections: [lazy: true]
+         ]}
+      )
+
+      :ok
+    end
+
+    test "tests if the TTL is exceeded" do
+      endpoint = "example.com:4000"
+      socket = SocketInfo.build("ws://#{endpoint}")
+      refute SocketInfo.expired?(socket)
+      Process.sleep(10)
+
+      assert SocketInfo.expired?(socket)
+    end
+  end
+
+  describe "creating outgoing connection records" do
+    test "can be passed a string" do
+      assert %{conn_pid: :pid, origin: _origin} = SocketInfo.build("example.com:4000", :pid)
+    end
+
+    test "can be passed a URI" do
+      uri = URI.parse("http://example.com:4000")
+      assert %{conn_pid: :pid, origin: origin} = SocketInfo.build(uri, :pid)
+      assert origin =~ "example.com:4000"
+    end
+
+    test "will include the port number" do
+      assert %{conn_pid: :pid, origin: origin} = SocketInfo.build("http://example.com:4000", :pid)
+
+      assert origin =~ ":4000"
+    end
+
+    test "will provide the port if missing" do
+      assert %{conn_pid: :pid, origin: "example.com:80"} =
+               SocketInfo.build("http://example.com", :pid)
+
+      assert %{conn_pid: :pid, origin: "example.com:443"} =
+               SocketInfo.build("https://example.com", :pid)
+    end
+  end
+
+  describe "creating incoming connection records" do
+    test "can be passed a string" do
+      assert %{pid: _, origin: _origin} = SocketInfo.build("example.com:4000")
+    end
+
+    test "can be passed a URI" do
+      uri = URI.parse("example.com:4000")
+      assert %{pid: _, origin: _origin} = SocketInfo.build(uri)
+    end
+
+    test "will include the port number" do
+      assert %{pid: _, origin: origin} = SocketInfo.build("http://example.com:4000")
+
+      assert origin =~ ":4000"
+    end
+
+    test "will provide the port if missing" do
+      assert %{pid: _, origin: "example.com:80"} = SocketInfo.build("http://example.com")
+      assert %{pid: _, origin: "example.com:443"} = SocketInfo.build("https://example.com")
+    end
+  end
+end
--- a/test/web/instances/instance_test.exs
+++ b/test/web/instances/instance_test.exs
@ -99,35 +99,54 @@ defmodule Pleroma.Instances.InstanceTest do
    end
  end

-  test "Scrapes favicon URLs" do
-    Tesla.Mock.mock(fn %{url: "https://favicon.example.org/"} ->
-      %Tesla.Env{
-        status: 200,
-        body: ~s[<html><head><link rel="icon" href="/favicon.png"></head></html>]
-      }
-    end)
+  describe "get_or_update_favicon/1" do
+    test "Scrapes favicon URLs" do
+      Tesla.Mock.mock(fn %{url: "https://favicon.example.org/"} ->
+        %Tesla.Env{
+          status: 200,
+          body: ~s[<html><head><link rel="icon" href="/favicon.png"></head></html>]
+        }
+      end)

-    assert "https://favicon.example.org/favicon.png" ==
-             Instance.get_or_update_favicon(URI.parse("https://favicon.example.org/"))
-  end
+      assert "https://favicon.example.org/favicon.png" ==
+               Instance.get_or_update_favicon(URI.parse("https://favicon.example.org/"))
+    end

-  test "Returns nil on too long favicon URLs" do
-    long_favicon_url =
-      "https://Lorem.ipsum.dolor.sit.amet/consecteturadipiscingelit/Praesentpharetrapurusutaliquamtempus/Mauriseulaoreetarcu/atfacilisisorci/Nullamporttitor/nequesedfeugiatmollis/dolormagnaefficiturlorem/nonpretiumsapienorcieurisus/Nullamveleratsem/Maecenassedaccumsanexnam/favicon.png"
+    test "Returns nil on too long favicon URLs" do
+      long_favicon_url =
+        "https://Lorem.ipsum.dolor.sit.amet/consecteturadipiscingelit/Praesentpharetrapurusutaliquamtempus/Mauriseulaoreetarcu/atfacilisisorci/Nullamporttitor/nequesedfeugiatmollis/dolormagnaefficiturlorem/nonpretiumsapienorcieurisus/Nullamveleratsem/Maecenassedaccumsanexnam/favicon.png"

-    Tesla.Mock.mock(fn %{url: "https://long-favicon.example.org/"} ->
-      %Tesla.Env{
-        status: 200,
-        body: ~s[<html><head><link rel="icon" href="] <> long_favicon_url <> ~s["></head></html>]
-      }
-    end)
+      Tesla.Mock.mock(fn %{url: "https://long-favicon.example.org/"} ->
+        %Tesla.Env{
+          status: 200,
+          body:
+            ~s[<html><head><link rel="icon" href="] <> long_favicon_url <> ~s["></head></html>]
+        }
+      end)

-    assert capture_log(fn ->
-             assert nil ==
-                      Instance.get_or_update_favicon(
-                        URI.parse("https://long-favicon.example.org/")
-                      )
-           end) =~
-             "Instance.get_or_update_favicon(\"long-favicon.example.org\") error: %Postgrex.Error{"
+      assert capture_log(fn ->
+               assert nil ==
+                        Instance.get_or_update_favicon(
+                          URI.parse("https://long-favicon.example.org/")
+                        )
+             end) =~
+               "Instance.get_or_update_favicon(\"long-favicon.example.org\") error: %Postgrex.Error{"
+    end
+
+    test "Handles not getting a favicon URL properly" do
+      Tesla.Mock.mock(fn %{url: "https://no-favicon.example.org/"} ->
+        %Tesla.Env{
+          status: 200,
+          body: ~s[<html><head><h1>I wil look down and whisper "GNO.."</h1></head></html>]
+        }
+      end)
+
+      refute capture_log(fn ->
+               assert nil ==
+                        Instance.get_or_update_favicon(
+                          URI.parse("https://no-favicon.example.org/")
+                        )
+             end) =~ "Instance.scrape_favicon(\"https://no-favicon.example.org/\") error: "
+    end
  end
 end
--- a/test/web/mastodon_api/controllers/account_controller_test.exs
+++ b/test/web/mastodon_api/controllers/account_controller_test.exs
@ -1442,7 +1442,10 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
  describe "verify_credentials" do
    test "verify_credentials" do
      %{user: user, conn: conn} = oauth_access(["read:accounts"])
-      [notification | _] = insert_list(7, :notification, user: user)
+
+      [notification | _] =
+        insert_list(7, :notification, user: user, activity: insert(:note_activity))
+
      Pleroma.Notification.set_read_up_to(user, notification.id)
      conn = get(conn, "/api/v1/accounts/verify_credentials")

--- a/test/web/mastodon_api/controllers/auth_controller_test.exs
+++ b/test/web/mastodon_api/controllers/auth_controller_test.exs
@ -61,7 +61,7 @@ defmodule Pleroma.Web.MastodonAPI.AuthControllerTest do
    end

    test "it returns 204", %{conn: conn} do
-      assert json_response(conn, :no_content)
+      assert empty_json_response(conn)
    end

    test "it creates a PasswordResetToken record for user", %{user: user} do
@ -91,7 +91,7 @@ defmodule Pleroma.Web.MastodonAPI.AuthControllerTest do

      assert conn
             |> post("/auth/password?nickname=#{user.nickname}")
-             |> json_response(:no_content)
+             |> empty_json_response()

      ObanHelpers.perform_all()
      token_record = Repo.get_by(Pleroma.PasswordResetToken, user_id: user.id)
@ -112,7 +112,7 @@ defmodule Pleroma.Web.MastodonAPI.AuthControllerTest do

      assert conn
             |> post("/auth/password?nickname=#{user.nickname}")
-             |> json_response(:no_content)
+             |> empty_json_response()
    end
  end

@ -125,24 +125,21 @@ defmodule Pleroma.Web.MastodonAPI.AuthControllerTest do
    test "it returns 204 when user is not found", %{conn: conn, user: user} do
      conn = post(conn, "/auth/password?email=nonexisting_#{user.email}")

-      assert conn
-             |> json_response(:no_content)
+      assert empty_json_response(conn)
    end

    test "it returns 204 when user is not local", %{conn: conn, user: user} do
      {:ok, user} = Repo.update(Ecto.Changeset.change(user, local: false))
      conn = post(conn, "/auth/password?email=#{user.email}")

-      assert conn
-             |> json_response(:no_content)
+      assert empty_json_response(conn)
    end

    test "it returns 204 when user is deactivated", %{conn: conn, user: user} do
      {:ok, user} = Repo.update(Ecto.Changeset.change(user, deactivated: true, local: true))
      conn = post(conn, "/auth/password?email=#{user.email}")

-      assert conn
-             |> json_response(:no_content)
+      assert empty_json_response(conn)
    end
  end

--- a/test/web/mastodon_api/controllers/marker_controller_test.exs
+++ b/test/web/mastodon_api/controllers/marker_controller_test.exs
@ -11,7 +11,7 @@ defmodule Pleroma.Web.MastodonAPI.MarkerControllerTest do
    test "gets markers with correct scopes", %{conn: conn} do
      user = insert(:user)
      token = insert(:oauth_token, user: user, scopes: ["read:statuses"])
-      insert_list(7, :notification, user: user)
+      insert_list(7, :notification, user: user, activity: insert(:note_activity))

      {:ok, %{"notifications" => marker}} =
        Pleroma.Marker.upsert(
--- a/test/web/mastodon_api/controllers/timeline_controller_test.exs
+++ b/test/web/mastodon_api/controllers/timeline_controller_test.exs
@ -114,8 +114,16 @@ defmodule Pleroma.Web.MastodonAPI.TimelineControllerTest do
      {:ok, _reply_from_friend} =
        CommonAPI.post(friend, %{status: "status", in_reply_to_status_id: reply_from_blockee})

-      res_conn = get(conn, "/api/v1/timelines/public")
-      [%{"id" => ^activity_id}] = json_response_and_validate_schema(res_conn, 200)
+      # Still shows replies from yourself
+      {:ok, %{id: reply_from_me}} =
+        CommonAPI.post(blocker, %{status: "status", in_reply_to_status_id: reply_from_blockee})
+
+      response =
+        get(conn, "/api/v1/timelines/public")
+        |> json_response_and_validate_schema(200)
+
+      assert length(response) == 2
+      [%{"id" => ^reply_from_me}, %{"id" => ^activity_id}] = response
    end

    test "doesn't return replies if follow is posting with users from blocked domain" do
--- a/test/web/mastodon_api/views/account_view_test.exs
+++ b/test/web/mastodon_api/views/account_view_test.exs
@ -5,6 +5,7 @@
 defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
  use Pleroma.DataCase

+  alias Pleroma.Config
  alias Pleroma.User
  alias Pleroma.UserRelationship
  alias Pleroma.Web.CommonAPI
@ -68,7 +69,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
        sensitive: false,
        pleroma: %{
          actor_type: "Person",
-          discoverable: false
+          discoverable: true
        },
        fields: []
      },
@ -166,7 +167,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
        sensitive: false,
        pleroma: %{
          actor_type: "Service",
-          discoverable: false
+          discoverable: true
        },
        fields: []
      },
@ -448,7 +449,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do

    test "shows unread_count only to the account owner" do
      user = insert(:user)
-      insert_list(7, :notification, user: user)
+      insert_list(7, :notification, user: user, activity: insert(:note_activity))
      other_user = insert(:user)

      user = User.get_cached_by_ap_id(user.ap_id)
@ -540,8 +541,9 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
    end
  end

-  test "uses mediaproxy urls when it's enabled" do
+  test "uses mediaproxy urls when it's enabled (regardless of media preview proxy state)" do
    clear_config([:media_proxy, :enabled], true)
+    clear_config([:media_preview_proxy, :enabled])

    user =
      insert(:user,
@ -550,20 +552,24 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
        emoji: %{"joker_smile" => "https://evil.website/society.png"}
      )

-    AccountView.render("show.json", %{user: user, skip_visibility_check: true})
-    |> Enum.all?(fn
-      {key, url} when key in [:avatar, :avatar_static, :header, :header_static] ->
-        String.starts_with?(url, Pleroma.Web.base_url())
+    with media_preview_enabled <- [false, true] do
+      Config.put([:media_preview_proxy, :enabled], media_preview_enabled)

-      {:emojis, emojis} ->
-        Enum.all?(emojis, fn %{url: url, static_url: static_url} ->
-          String.starts_with?(url, Pleroma.Web.base_url()) &&
-            String.starts_with?(static_url, Pleroma.Web.base_url())
-        end)
+      AccountView.render("show.json", %{user: user, skip_visibility_check: true})
+      |> Enum.all?(fn
+        {key, url} when key in [:avatar, :avatar_static, :header, :header_static] ->
+          String.starts_with?(url, Pleroma.Web.base_url())

-      _ ->
-        true
-    end)
-    |> assert()
+        {:emojis, emojis} ->
+          Enum.all?(emojis, fn %{url: url, static_url: static_url} ->
+            String.starts_with?(url, Pleroma.Web.base_url()) &&
+              String.starts_with?(static_url, Pleroma.Web.base_url())
+          end)
+
+        _ ->
+          true
+      end)
+      |> assert()
+    end
  end
 end
--- a/test/web/media_proxy/media_proxy_controller_test.exs
+++ b/test/web/media_proxy/media_proxy_controller_test.exs
@ -8,34 +8,34 @@ defmodule Pleroma.Web.MediaProxy.MediaProxyControllerTest do
  import Mock

  alias Pleroma.Web.MediaProxy
-  alias Pleroma.Web.MediaProxy.MediaProxyController
  alias Plug.Conn

  setup do
    on_exit(fn -> Cachex.clear(:banned_urls_cache) end)
  end

-  test "it returns 404 when MediaProxy disabled", %{conn: conn} do
-    clear_config([:media_proxy, :enabled], false)
-
-    assert %Conn{
-             status: 404,
-             resp_body: "Not Found"
-           } = get(conn, "/proxy/hhgfh/eeeee")
-
-    assert %Conn{
-             status: 404,
-             resp_body: "Not Found"
-           } = get(conn, "/proxy/hhgfh/eeee/fff")
-  end
-
-  describe "" do
+  describe "Media Proxy" do
    setup do
      clear_config([:media_proxy, :enabled], true)
      clear_config([Pleroma.Web.Endpoint, :secret_key_base], "00000000000")
+
      [url: MediaProxy.encode_url("https://google.fn/test.png")]
    end

+    test "it returns 404 when disabled", %{conn: conn} do
+      clear_config([:media_proxy, :enabled], false)
+
+      assert %Conn{
+               status: 404,
+               resp_body: "Not Found"
+             } = get(conn, "/proxy/hhgfh/eeeee")
+
+      assert %Conn{
+               status: 404,
+               resp_body: "Not Found"
+             } = get(conn, "/proxy/hhgfh/eeee/fff")
+    end
+
    test "it returns 403 for invalid signature", %{conn: conn, url: url} do
      Pleroma.Config.put([Pleroma.Web.Endpoint, :secret_key_base], "000")
      %{path: path} = URI.parse(url)
@ -56,7 +56,7 @@ defmodule Pleroma.Web.MediaProxy.MediaProxyControllerTest do
             } = get(conn, "/proxy/hhgfh/eeee/fff")
    end

-    test "redirects on valid url when filename is invalidated", %{conn: conn, url: url} do
+    test "redirects to valid url when filename is invalidated", %{conn: conn, url: url} do
      invalid_url = String.replace(url, "test.png", "test-file.png")
      response = get(conn, invalid_url)
      assert response.status == 302
@ -80,42 +80,263 @@ defmodule Pleroma.Web.MediaProxy.MediaProxyControllerTest do
    end
  end

-  describe "filename_matches/3" do
-    test "preserves the encoded or decoded path" do
-      assert MediaProxyController.filename_matches(
-               %{"filename" => "/Hello world.jpg"},
-               "/Hello world.jpg",
-               "http://pleroma.social/Hello world.jpg"
-             ) == :ok
+  describe "Media Preview Proxy" do
+    def assert_dependencies_installed do
+      missing_dependencies = Pleroma.Helpers.MediaHelper.missing_dependencies()

-      assert MediaProxyController.filename_matches(
-               %{"filename" => "/Hello%20world.jpg"},
-               "/Hello%20world.jpg",
-               "http://pleroma.social/Hello%20world.jpg"
-             ) == :ok
-
-      assert MediaProxyController.filename_matches(
-               %{"filename" => "/my%2Flong%2Furl%2F2019%2F07%2FS.jpg"},
-               "/my%2Flong%2Furl%2F2019%2F07%2FS.jpg",
-               "http://pleroma.social/my%2Flong%2Furl%2F2019%2F07%2FS.jpg"
-             ) == :ok
-
-      assert MediaProxyController.filename_matches(
-               %{"filename" => "/my%2Flong%2Furl%2F2019%2F07%2FS.jp"},
-               "/my%2Flong%2Furl%2F2019%2F07%2FS.jp",
-               "http://pleroma.social/my%2Flong%2Furl%2F2019%2F07%2FS.jpg"
-             ) == {:wrong_filename, "my%2Flong%2Furl%2F2019%2F07%2FS.jpg"}
+      assert missing_dependencies == [],
+             "Error: missing dependencies (please refer to `docs/installation`): #{
+               inspect(missing_dependencies)
+             }"
    end

-    test "encoded url are tried to match for proxy as `conn.request_path` encodes the url" do
-      # conn.request_path will return encoded url
-      request_path = "/ANALYSE-DAI-_-LE-STABLECOIN-100-D%C3%89CENTRALIS%C3%89-BQ.jpg"
+    setup do
+      clear_config([:media_proxy, :enabled], true)
+      clear_config([:media_preview_proxy, :enabled], true)
+      clear_config([Pleroma.Web.Endpoint, :secret_key_base], "00000000000")

-      assert MediaProxyController.filename_matches(
-               true,
-               request_path,
-               "https://mydomain.com/uploads/2019/07/ANALYSE-DAI-_-LE-STABLECOIN-100-DÉCENTRALISÉ-BQ.jpg"
-             ) == :ok
+      original_url = "https://google.fn/test.png"
+
+      [
+        url: MediaProxy.encode_preview_url(original_url),
+        media_proxy_url: MediaProxy.encode_url(original_url)
+      ]
+    end
+
+    test "returns 404 when media proxy is disabled", %{conn: conn} do
+      clear_config([:media_proxy, :enabled], false)
+
+      assert %Conn{
+               status: 404,
+               resp_body: "Not Found"
+             } = get(conn, "/proxy/preview/hhgfh/eeeee")
+
+      assert %Conn{
+               status: 404,
+               resp_body: "Not Found"
+             } = get(conn, "/proxy/preview/hhgfh/fff")
+    end
+
+    test "returns 404 when disabled", %{conn: conn} do
+      clear_config([:media_preview_proxy, :enabled], false)
+
+      assert %Conn{
+               status: 404,
+               resp_body: "Not Found"
+             } = get(conn, "/proxy/preview/hhgfh/eeeee")
+
+      assert %Conn{
+               status: 404,
+               resp_body: "Not Found"
+             } = get(conn, "/proxy/preview/hhgfh/fff")
+    end
+
+    test "it returns 403 for invalid signature", %{conn: conn, url: url} do
+      Pleroma.Config.put([Pleroma.Web.Endpoint, :secret_key_base], "000")
+      %{path: path} = URI.parse(url)
+
+      assert %Conn{
+               status: 403,
+               resp_body: "Forbidden"
+             } = get(conn, path)
+
+      assert %Conn{
+               status: 403,
+               resp_body: "Forbidden"
+             } = get(conn, "/proxy/preview/hhgfh/eeee")
+
+      assert %Conn{
+               status: 403,
+               resp_body: "Forbidden"
+             } = get(conn, "/proxy/preview/hhgfh/eeee/fff")
+    end
+
+    test "redirects to valid url when filename is invalidated", %{conn: conn, url: url} do
+      invalid_url = String.replace(url, "test.png", "test-file.png")
+      response = get(conn, invalid_url)
+      assert response.status == 302
+      assert redirected_to(response) == url
+    end
+
+    test "responds with 424 Failed Dependency if HEAD request to media proxy fails", %{
+      conn: conn,
+      url: url,
+      media_proxy_url: media_proxy_url
+    } do
+      Tesla.Mock.mock(fn
+        %{method: "head", url: ^media_proxy_url} ->
+          %Tesla.Env{status: 500, body: ""}
+      end)
+
+      response = get(conn, url)
+      assert response.status == 424
+      assert response.resp_body == "Can't fetch HTTP headers (HTTP 500)."
+    end
+
+    test "redirects to media proxy URI on unsupported content type", %{
+      conn: conn,
+      url: url,
+      media_proxy_url: media_proxy_url
+    } do
+      Tesla.Mock.mock(fn
+        %{method: "head", url: ^media_proxy_url} ->
+          %Tesla.Env{status: 200, body: "", headers: [{"content-type", "application/pdf"}]}
+      end)
+
+      response = get(conn, url)
+      assert response.status == 302
+      assert redirected_to(response) == media_proxy_url
+    end
+
+    test "with `static=true` and GIF image preview requested, responds with JPEG image", %{
+      conn: conn,
+      url: url,
+      media_proxy_url: media_proxy_url
+    } do
+      assert_dependencies_installed()
+
+      # Setting a high :min_content_length to ensure this scenario is not affected by its logic
+      clear_config([:media_preview_proxy, :min_content_length], 1_000_000_000)
+
+      Tesla.Mock.mock(fn
+        %{method: "head", url: ^media_proxy_url} ->
+          %Tesla.Env{
+            status: 200,
+            body: "",
+            headers: [{"content-type", "image/gif"}, {"content-length", "1001718"}]
+          }
+
+        %{method: :get, url: ^media_proxy_url} ->
+          %Tesla.Env{status: 200, body: File.read!("test/fixtures/image.gif")}
+      end)
+
+      response = get(conn, url <> "?static=true")
+
+      assert response.status == 200
+      assert Conn.get_resp_header(response, "content-type") == ["image/jpeg"]
+      assert response.resp_body != ""
+    end
+
+    test "with GIF image preview requested and no `static` param, redirects to media proxy URI",
+         %{
+           conn: conn,
+           url: url,
+           media_proxy_url: media_proxy_url
+         } do
+      Tesla.Mock.mock(fn
+        %{method: "head", url: ^media_proxy_url} ->
+          %Tesla.Env{status: 200, body: "", headers: [{"content-type", "image/gif"}]}
+      end)
+
+      response = get(conn, url)
+
+      assert response.status == 302
+      assert redirected_to(response) == media_proxy_url
+    end
+
+    test "with `static` param and non-GIF image preview requested, " <>
+           "redirects to media preview proxy URI without `static` param",
+         %{
+           conn: conn,
+           url: url,
+           media_proxy_url: media_proxy_url
+         } do
+      Tesla.Mock.mock(fn
+        %{method: "head", url: ^media_proxy_url} ->
+          %Tesla.Env{status: 200, body: "", headers: [{"content-type", "image/jpeg"}]}
+      end)
+
+      response = get(conn, url <> "?static=true")
+
+      assert response.status == 302
+      assert redirected_to(response) == url
+    end
+
+    test "with :min_content_length setting not matched by Content-Length header, " <>
+           "redirects to media proxy URI",
+         %{
+           conn: conn,
+           url: url,
+           media_proxy_url: media_proxy_url
+         } do
+      clear_config([:media_preview_proxy, :min_content_length], 100_000)
+
+      Tesla.Mock.mock(fn
+        %{method: "head", url: ^media_proxy_url} ->
+          %Tesla.Env{
+            status: 200,
+            body: "",
+            headers: [{"content-type", "image/gif"}, {"content-length", "5000"}]
+          }
+      end)
+
+      response = get(conn, url)
+
+      assert response.status == 302
+      assert redirected_to(response) == media_proxy_url
+    end
+
+    test "thumbnails PNG images into PNG", %{
+      conn: conn,
+      url: url,
+      media_proxy_url: media_proxy_url
+    } do
+      assert_dependencies_installed()
+
+      Tesla.Mock.mock(fn
+        %{method: "head", url: ^media_proxy_url} ->
+          %Tesla.Env{status: 200, body: "", headers: [{"content-type", "image/png"}]}
+
+        %{method: :get, url: ^media_proxy_url} ->
+          %Tesla.Env{status: 200, body: File.read!("test/fixtures/image.png")}
+      end)
+
+      response = get(conn, url)
+
+      assert response.status == 200
+      assert Conn.get_resp_header(response, "content-type") == ["image/png"]
+      assert response.resp_body != ""
+    end
+
+    test "thumbnails JPEG images into JPEG", %{
+      conn: conn,
+      url: url,
+      media_proxy_url: media_proxy_url
+    } do
+      assert_dependencies_installed()
+
+      Tesla.Mock.mock(fn
+        %{method: "head", url: ^media_proxy_url} ->
+          %Tesla.Env{status: 200, body: "", headers: [{"content-type", "image/jpeg"}]}
+
+        %{method: :get, url: ^media_proxy_url} ->
+          %Tesla.Env{status: 200, body: File.read!("test/fixtures/image.jpg")}
+      end)
+
+      response = get(conn, url)
+
+      assert response.status == 200
+      assert Conn.get_resp_header(response, "content-type") == ["image/jpeg"]
+      assert response.resp_body != ""
+    end
+
+    test "redirects to media proxy URI in case of thumbnailing error", %{
+      conn: conn,
+      url: url,
+      media_proxy_url: media_proxy_url
+    } do
+      Tesla.Mock.mock(fn
+        %{method: "head", url: ^media_proxy_url} ->
+          %Tesla.Env{status: 200, body: "", headers: [{"content-type", "image/jpeg"}]}
+
+        %{method: :get, url: ^media_proxy_url} ->
+          %Tesla.Env{status: 200, body: "<html><body>error</body></html>"}
+      end)
+
+      response = get(conn, url)
+
+      assert response.status == 302
+      assert redirected_to(response) == media_proxy_url
    end
  end
 end
--- a/test/web/media_proxy/media_proxy_test.exs
+++ b/test/web/media_proxy/media_proxy_test.exs
@ -6,9 +6,16 @@ defmodule Pleroma.Web.MediaProxyTest do
  use ExUnit.Case
  use Pleroma.Tests.Helpers

+  alias Pleroma.Config
  alias Pleroma.Web.Endpoint
  alias Pleroma.Web.MediaProxy

+  defp decode_result(encoded) do
+    [_, "proxy", sig, base64 | _] = URI.parse(encoded).path |> String.split("/")
+    {:ok, decoded} = MediaProxy.decode_url(sig, base64)
+    decoded
+  end
+
  describe "when enabled" do
    setup do: clear_config([:media_proxy, :enabled], true)

@ -35,7 +42,7 @@ defmodule Pleroma.Web.MediaProxyTest do

      assert String.starts_with?(
               encoded,
-               Pleroma.Config.get([:media_proxy, :base_url], Pleroma.Web.base_url())
+               Config.get([:media_proxy, :base_url], Pleroma.Web.base_url())
             )

      assert String.ends_with?(encoded, "/logo.png")
@ -75,6 +82,64 @@ defmodule Pleroma.Web.MediaProxyTest do
      assert MediaProxy.decode_url(sig, base64) == {:error, :invalid_signature}
    end

+    def test_verify_request_path_and_url(request_path, url, expected_result) do
+      assert MediaProxy.verify_request_path_and_url(request_path, url) == expected_result
+
+      assert MediaProxy.verify_request_path_and_url(
+               %Plug.Conn{
+                 params: %{"filename" => Path.basename(request_path)},
+                 request_path: request_path
+               },
+               url
+             ) == expected_result
+    end
+
+    test "if first arg of `verify_request_path_and_url/2` is a Plug.Conn without \"filename\" " <>
+           "parameter, `verify_request_path_and_url/2` returns :ok " do
+      assert MediaProxy.verify_request_path_and_url(
+               %Plug.Conn{params: %{}, request_path: "/some/path"},
+               "https://instance.com/file.jpg"
+             ) == :ok
+
+      assert MediaProxy.verify_request_path_and_url(
+               %Plug.Conn{params: %{}, request_path: "/path/to/file.jpg"},
+               "https://instance.com/file.jpg"
+             ) == :ok
+    end
+
+    test "`verify_request_path_and_url/2` preserves the encoded or decoded path" do
+      test_verify_request_path_and_url(
+        "/Hello world.jpg",
+        "http://pleroma.social/Hello world.jpg",
+        :ok
+      )
+
+      test_verify_request_path_and_url(
+        "/Hello%20world.jpg",
+        "http://pleroma.social/Hello%20world.jpg",
+        :ok
+      )
+
+      test_verify_request_path_and_url(
+        "/my%2Flong%2Furl%2F2019%2F07%2FS.jpg",
+        "http://pleroma.social/my%2Flong%2Furl%2F2019%2F07%2FS.jpg",
+        :ok
+      )
+
+      test_verify_request_path_and_url(
+        # Note: `conn.request_path` returns encoded url
+        "/ANALYSE-DAI-_-LE-STABLECOIN-100-D%C3%89CENTRALIS%C3%89-BQ.jpg",
+        "https://mydomain.com/uploads/2019/07/ANALYSE-DAI-_-LE-STABLECOIN-100-DÉCENTRALISÉ-BQ.jpg",
+        :ok
+      )
+
+      test_verify_request_path_and_url(
+        "/my%2Flong%2Furl%2F2019%2F07%2FS",
+        "http://pleroma.social/my%2Flong%2Furl%2F2019%2F07%2FS.jpg",
+        {:wrong_filename, "my%2Flong%2Furl%2F2019%2F07%2FS.jpg"}
+      )
+    end
+
    test "uses the configured base_url" do
      base_url = "https://cache.pleroma.social"
      clear_config([:media_proxy, :base_url], base_url)
@ -124,12 +189,6 @@ defmodule Pleroma.Web.MediaProxyTest do
    end
  end

-  defp decode_result(encoded) do
-    [_, "proxy", sig, base64 | _] = URI.parse(encoded).path |> String.split("/")
-    {:ok, decoded} = MediaProxy.decode_url(sig, base64)
-    decoded
-  end
-
  describe "whitelist" do
    setup do: clear_config([:media_proxy, :enabled], true)

--- a/test/web/metadata/metadata_test.exs
+++ b/test/web/metadata/metadata_test.exs
@ -16,7 +16,14 @@ defmodule Pleroma.Web.MetadataTest do
    end

    test "for local user" do
-      user = insert(:user)
+      user = insert(:user, discoverable: false)
+
+      assert Pleroma.Web.Metadata.build_tags(%{user: user}) =~
+               "<meta content=\"noindex, noarchive\" name=\"robots\">"
+    end
+
+    test "for local user set to discoverable" do
+      user = insert(:user, discoverable: true)

      refute Pleroma.Web.Metadata.build_tags(%{user: user}) =~
               "<meta content=\"noindex, noarchive\" name=\"robots\">"
@ -24,11 +31,19 @@ defmodule Pleroma.Web.MetadataTest do
  end

  describe "no metadata for private instances" do
-    test "for local user" do
+    test "for local user set to discoverable" do
      clear_config([:instance, :public], false)
-      user = insert(:user, bio: "This is my secret fedi account bio")
+      user = insert(:user, bio: "This is my secret fedi account bio", discoverable: true)

      assert "" = Pleroma.Web.Metadata.build_tags(%{user: user})
    end
+
+    test "search exclusion metadata is included" do
+      clear_config([:instance, :public], false)
+      user = insert(:user, bio: "This is my secret fedi account bio", discoverable: false)
+
+      assert ~s(<meta content="noindex, noarchive" name="robots">) ==
+               Pleroma.Web.Metadata.build_tags(%{user: user})
+    end
  end
 end
--- a/test/web/metadata/restrict_indexing_test.exs
+++ b/test/web/metadata/restrict_indexing_test.exs
@ -14,8 +14,14 @@ defmodule Pleroma.Web.Metadata.Providers.RestrictIndexingTest do

    test "for local user" do
      assert Pleroma.Web.Metadata.Providers.RestrictIndexing.build_tags(%{
-               user: %Pleroma.User{local: true}
+               user: %Pleroma.User{local: true, discoverable: true}
             }) == []
    end
+
+    test "for local user when discoverable is false" do
+      assert Pleroma.Web.Metadata.Providers.RestrictIndexing.build_tags(%{
+               user: %Pleroma.User{local: true, discoverable: false}
+             }) == [{:meta, [name: "robots", content: "noindex, noarchive"], []}]
+    end
  end
 end
--- a/test/web/pleroma_api/controllers/chat_controller_test.exs
+++ b/test/web/pleroma_api/controllers/chat_controller_test.exs
@ -2,7 +2,7 @@
 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
 # SPDX-License-Identifier: AGPL-3.0-only
 defmodule Pleroma.Web.PleromaAPI.ChatControllerTest do
-  use Pleroma.Web.ConnCase, async: true
+  use Pleroma.Web.ConnCase

  alias Pleroma.Chat
  alias Pleroma.Chat.MessageReference
@ -100,7 +100,7 @@ defmodule Pleroma.Web.PleromaAPI.ChatControllerTest do
        |> post("/api/v1/pleroma/chats/#{chat.id}/messages")
        |> json_response_and_validate_schema(400)

-      assert result
+      assert %{"error" => "no_content"} == result
    end

    test "it works with an attachment", %{conn: conn, user: user} do
@ -126,6 +126,23 @@ defmodule Pleroma.Web.PleromaAPI.ChatControllerTest do

      assert result["attachment"]
    end
+
+    test "gets MRF reason when rejected", %{conn: conn, user: user} do
+      clear_config([:mrf_keyword, :reject], ["GNO"])
+      clear_config([:mrf, :policies], [Pleroma.Web.ActivityPub.MRF.KeywordPolicy])
+
+      other_user = insert(:user)
+
+      {:ok, chat} = Chat.get_or_create(user.id, other_user.ap_id)
+
+      result =
+        conn
+        |> put_req_header("content-type", "application/json")
+        |> post("/api/v1/pleroma/chats/#{chat.id}/messages", %{"content" => "GNO/Linux"})
+        |> json_response_and_validate_schema(422)
+
+      assert %{"error" => "[KeywordPolicy] Matches with rejected keyword"} == result
+    end
  end

  describe "DELETE /api/v1/pleroma/chats/:id/messages/:message_id" do
@ -184,17 +201,39 @@ defmodule Pleroma.Web.PleromaAPI.ChatControllerTest do

      chat = Chat.get(user.id, recipient.ap_id)

-      result =
-        conn
-        |> get("/api/v1/pleroma/chats/#{chat.id}/messages")
-        |> json_response_and_validate_schema(200)
+      response = get(conn, "/api/v1/pleroma/chats/#{chat.id}/messages")
+      result = json_response_and_validate_schema(response, 200)
+
+      [next, prev] = get_resp_header(response, "link") |> hd() |> String.split(", ")
+      api_endpoint = "/api/v1/pleroma/chats/"
+
+      assert String.match?(
+               next,
+               ~r(#{api_endpoint}.*/messages\?id=.*&limit=\d+&max_id=.*; rel=\"next\"$)
+             )
+
+      assert String.match?(
+               prev,
+               ~r(#{api_endpoint}.*/messages\?id=.*&limit=\d+&min_id=.*; rel=\"prev\"$)
+             )

      assert length(result) == 20

-      result =
-        conn
-        |> get("/api/v1/pleroma/chats/#{chat.id}/messages?max_id=#{List.last(result)["id"]}")
-        |> json_response_and_validate_schema(200)
+      response =
+        get(conn, "/api/v1/pleroma/chats/#{chat.id}/messages?max_id=#{List.last(result)["id"]}")
+
+      result = json_response_and_validate_schema(response, 200)
+      [next, prev] = get_resp_header(response, "link") |> hd() |> String.split(", ")
+
+      assert String.match?(
+               next,
+               ~r(#{api_endpoint}.*/messages\?id=.*&limit=\d+&max_id=.*; rel=\"next\"$)
+             )
+
+      assert String.match?(
+               prev,
+               ~r(#{api_endpoint}.*/messages\?id=.*&limit=\d+&max_id=.*&min_id=.*; rel=\"prev\"$)
+             )

      assert length(result) == 10
    end
@ -223,12 +262,10 @@ defmodule Pleroma.Web.PleromaAPI.ChatControllerTest do
      assert length(result) == 3

      # Trying to get the chat of a different user
-      result =
-        conn
-        |> assign(:user, other_user)
-        |> get("/api/v1/pleroma/chats/#{chat.id}/messages")
-
-      assert result |> json_response(404)
+      conn
+      |> assign(:user, other_user)
+      |> get("/api/v1/pleroma/chats/#{chat.id}/messages")
+      |> json_response_and_validate_schema(404)
    end
  end

--- a/test/web/pleroma_api/controllers/emoji_file_controller_test.exs
+++ b/test/web/pleroma_api/controllers/emoji_file_controller_test.exs
@ -0,0 +1,357 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.PleromaAPI.EmojiFileControllerTest do
+  use Pleroma.Web.ConnCase
+
+  import Tesla.Mock
+  import Pleroma.Factory
+
+  @emoji_path Path.join(
+                Pleroma.Config.get!([:instance, :static_dir]),
+                "emoji"
+              )
+  setup do: clear_config([:auth, :enforce_oauth_admin_scope_usage], false)
+
+  setup do: clear_config([:instance, :public], true)
+
+  setup do
+    admin = insert(:user, is_admin: true)
+    token = insert(:oauth_admin_token, user: admin)
+
+    admin_conn =
+      build_conn()
+      |> assign(:user, admin)
+      |> assign(:token, token)
+
+    Pleroma.Emoji.reload()
+    {:ok, %{admin_conn: admin_conn}}
+  end
+
+  describe "POST/PATCH/DELETE /api/pleroma/emoji/packs/files?name=:name" do
+    setup do
+      pack_file = "#{@emoji_path}/test_pack/pack.json"
+      original_content = File.read!(pack_file)
+
+      on_exit(fn ->
+        File.write!(pack_file, original_content)
+      end)
+
+      :ok
+    end
+
+    test "upload zip file with emojies", %{admin_conn: admin_conn} do
+      on_exit(fn ->
+        [
+          "128px/a_trusted_friend-128.png",
+          "auroraborealis.png",
+          "1000px/baby_in_a_box.png",
+          "1000px/bear.png",
+          "128px/bear-128.png"
+        ]
+        |> Enum.each(fn path -> File.rm_rf!("#{@emoji_path}/test_pack/#{path}") end)
+      end)
+
+      resp =
+        admin_conn
+        |> put_req_header("content-type", "multipart/form-data")
+        |> post("/api/pleroma/emoji/packs/files?name=test_pack", %{
+          file: %Plug.Upload{
+            content_type: "application/zip",
+            filename: "emojis.zip",
+            path: Path.absname("test/fixtures/emojis.zip")
+          }
+        })
+        |> json_response_and_validate_schema(200)
+
+      assert resp == %{
+               "a_trusted_friend-128" => "128px/a_trusted_friend-128.png",
+               "auroraborealis" => "auroraborealis.png",
+               "baby_in_a_box" => "1000px/baby_in_a_box.png",
+               "bear" => "1000px/bear.png",
+               "bear-128" => "128px/bear-128.png",
+               "blank" => "blank.png",
+               "blank2" => "blank2.png"
+             }
+
+      Enum.each(Map.values(resp), fn path ->
+        assert File.exists?("#{@emoji_path}/test_pack/#{path}")
+      end)
+    end
+
+    test "create shortcode exists", %{admin_conn: admin_conn} do
+      assert admin_conn
+             |> put_req_header("content-type", "multipart/form-data")
+             |> post("/api/pleroma/emoji/packs/files?name=test_pack", %{
+               shortcode: "blank",
+               filename: "dir/blank.png",
+               file: %Plug.Upload{
+                 filename: "blank.png",
+                 path: "#{@emoji_path}/test_pack/blank.png"
+               }
+             })
+             |> json_response_and_validate_schema(:conflict) == %{
+               "error" => "An emoji with the \"blank\" shortcode already exists"
+             }
+    end
+
+    test "don't rewrite old emoji", %{admin_conn: admin_conn} do
+      on_exit(fn -> File.rm_rf!("#{@emoji_path}/test_pack/dir/") end)
+
+      assert admin_conn
+             |> put_req_header("content-type", "multipart/form-data")
+             |> post("/api/pleroma/emoji/packs/files?name=test_pack", %{
+               shortcode: "blank3",
+               filename: "dir/blank.png",
+               file: %Plug.Upload{
+                 filename: "blank.png",
+                 path: "#{@emoji_path}/test_pack/blank.png"
+               }
+             })
+             |> json_response_and_validate_schema(200) == %{
+               "blank" => "blank.png",
+               "blank2" => "blank2.png",
+               "blank3" => "dir/blank.png"
+             }
+
+      assert File.exists?("#{@emoji_path}/test_pack/dir/blank.png")
+
+      assert admin_conn
+             |> put_req_header("content-type", "multipart/form-data")
+             |> patch("/api/pleroma/emoji/packs/files?name=test_pack", %{
+               shortcode: "blank",
+               new_shortcode: "blank2",
+               new_filename: "dir_2/blank_3.png"
+             })
+             |> json_response_and_validate_schema(:conflict) == %{
+               "error" =>
+                 "New shortcode \"blank2\" is already used. If you want to override emoji use 'force' option"
+             }
+    end
+
+    test "rewrite old emoji with force option", %{admin_conn: admin_conn} do
+      on_exit(fn -> File.rm_rf!("#{@emoji_path}/test_pack/dir_2/") end)
+
+      assert admin_conn
+             |> put_req_header("content-type", "multipart/form-data")
+             |> post("/api/pleroma/emoji/packs/files?name=test_pack", %{
+               shortcode: "blank3",
+               filename: "dir/blank.png",
+               file: %Plug.Upload{
+                 filename: "blank.png",
+                 path: "#{@emoji_path}/test_pack/blank.png"
+               }
+             })
+             |> json_response_and_validate_schema(200) == %{
+               "blank" => "blank.png",
+               "blank2" => "blank2.png",
+               "blank3" => "dir/blank.png"
+             }
+
+      assert File.exists?("#{@emoji_path}/test_pack/dir/blank.png")
+
+      assert admin_conn
+             |> put_req_header("content-type", "multipart/form-data")
+             |> patch("/api/pleroma/emoji/packs/files?name=test_pack", %{
+               shortcode: "blank3",
+               new_shortcode: "blank4",
+               new_filename: "dir_2/blank_3.png",
+               force: true
+             })
+             |> json_response_and_validate_schema(200) == %{
+               "blank" => "blank.png",
+               "blank2" => "blank2.png",
+               "blank4" => "dir_2/blank_3.png"
+             }
+
+      assert File.exists?("#{@emoji_path}/test_pack/dir_2/blank_3.png")
+    end
+
+    test "with empty filename", %{admin_conn: admin_conn} do
+      assert admin_conn
+             |> put_req_header("content-type", "multipart/form-data")
+             |> post("/api/pleroma/emoji/packs/files?name=test_pack", %{
+               shortcode: "blank2",
+               filename: "",
+               file: %Plug.Upload{
+                 filename: "blank.png",
+                 path: "#{@emoji_path}/test_pack/blank.png"
+               }
+             })
+             |> json_response_and_validate_schema(422) == %{
+               "error" => "pack name, shortcode or filename cannot be empty"
+             }
+    end
+
+    test "add file with not loaded pack", %{admin_conn: admin_conn} do
+      assert admin_conn
+             |> put_req_header("content-type", "multipart/form-data")
+             |> post("/api/pleroma/emoji/packs/files?name=not_loaded", %{
+               shortcode: "blank3",
+               filename: "dir/blank.png",
+               file: %Plug.Upload{
+                 filename: "blank.png",
+                 path: "#{@emoji_path}/test_pack/blank.png"
+               }
+             })
+             |> json_response_and_validate_schema(:not_found) == %{
+               "error" => "pack \"not_loaded\" is not found"
+             }
+    end
+
+    test "remove file with not loaded pack", %{admin_conn: admin_conn} do
+      assert admin_conn
+             |> delete("/api/pleroma/emoji/packs/files?name=not_loaded&shortcode=blank3")
+             |> json_response_and_validate_schema(:not_found) == %{
+               "error" => "pack \"not_loaded\" is not found"
+             }
+    end
+
+    test "remove file with empty shortcode", %{admin_conn: admin_conn} do
+      assert admin_conn
+             |> delete("/api/pleroma/emoji/packs/files?name=not_loaded&shortcode=")
+             |> json_response_and_validate_schema(:not_found) == %{
+               "error" => "pack \"not_loaded\" is not found"
+             }
+    end
+
+    test "update file with not loaded pack", %{admin_conn: admin_conn} do
+      assert admin_conn
+             |> put_req_header("content-type", "multipart/form-data")
+             |> patch("/api/pleroma/emoji/packs/files?name=not_loaded", %{
+               shortcode: "blank4",
+               new_shortcode: "blank3",
+               new_filename: "dir_2/blank_3.png"
+             })
+             |> json_response_and_validate_schema(:not_found) == %{
+               "error" => "pack \"not_loaded\" is not found"
+             }
+    end
+
+    test "new with shortcode as file with update", %{admin_conn: admin_conn} do
+      assert admin_conn
+             |> put_req_header("content-type", "multipart/form-data")
+             |> post("/api/pleroma/emoji/packs/files?name=test_pack", %{
+               shortcode: "blank4",
+               filename: "dir/blank.png",
+               file: %Plug.Upload{
+                 filename: "blank.png",
+                 path: "#{@emoji_path}/test_pack/blank.png"
+               }
+             })
+             |> json_response_and_validate_schema(200) == %{
+               "blank" => "blank.png",
+               "blank4" => "dir/blank.png",
+               "blank2" => "blank2.png"
+             }
+
+      assert File.exists?("#{@emoji_path}/test_pack/dir/blank.png")
+
+      assert admin_conn
+             |> put_req_header("content-type", "multipart/form-data")
+             |> patch("/api/pleroma/emoji/packs/files?name=test_pack", %{
+               shortcode: "blank4",
+               new_shortcode: "blank3",
+               new_filename: "dir_2/blank_3.png"
+             })
+             |> json_response_and_validate_schema(200) == %{
+               "blank3" => "dir_2/blank_3.png",
+               "blank" => "blank.png",
+               "blank2" => "blank2.png"
+             }
+
+      refute File.exists?("#{@emoji_path}/test_pack/dir/")
+      assert File.exists?("#{@emoji_path}/test_pack/dir_2/blank_3.png")
+
+      assert admin_conn
+             |> delete("/api/pleroma/emoji/packs/files?name=test_pack&shortcode=blank3")
+             |> json_response_and_validate_schema(200) == %{
+               "blank" => "blank.png",
+               "blank2" => "blank2.png"
+             }
+
+      refute File.exists?("#{@emoji_path}/test_pack/dir_2/")
+
+      on_exit(fn -> File.rm_rf!("#{@emoji_path}/test_pack/dir") end)
+    end
+
+    test "new with shortcode from url", %{admin_conn: admin_conn} do
+      mock(fn
+        %{
+          method: :get,
+          url: "https://test-blank/blank_url.png"
+        } ->
+          text(File.read!("#{@emoji_path}/test_pack/blank.png"))
+      end)
+
+      assert admin_conn
+             |> put_req_header("content-type", "multipart/form-data")
+             |> post("/api/pleroma/emoji/packs/files?name=test_pack", %{
+               shortcode: "blank_url",
+               file: "https://test-blank/blank_url.png"
+             })
+             |> json_response_and_validate_schema(200) == %{
+               "blank_url" => "blank_url.png",
+               "blank" => "blank.png",
+               "blank2" => "blank2.png"
+             }
+
+      assert File.exists?("#{@emoji_path}/test_pack/blank_url.png")
+
+      on_exit(fn -> File.rm_rf!("#{@emoji_path}/test_pack/blank_url.png") end)
+    end
+
+    test "new without shortcode", %{admin_conn: admin_conn} do
+      on_exit(fn -> File.rm_rf!("#{@emoji_path}/test_pack/shortcode.png") end)
+
+      assert admin_conn
+             |> put_req_header("content-type", "multipart/form-data")
+             |> post("/api/pleroma/emoji/packs/files?name=test_pack", %{
+               file: %Plug.Upload{
+                 filename: "shortcode.png",
+                 path: "#{Pleroma.Config.get([:instance, :static_dir])}/add/shortcode.png"
+               }
+             })
+             |> json_response_and_validate_schema(200) == %{
+               "shortcode" => "shortcode.png",
+               "blank" => "blank.png",
+               "blank2" => "blank2.png"
+             }
+    end
+
+    test "remove non existing shortcode in pack.json", %{admin_conn: admin_conn} do
+      assert admin_conn
+             |> delete("/api/pleroma/emoji/packs/files?name=test_pack&shortcode=blank3")
+             |> json_response_and_validate_schema(:bad_request) == %{
+               "error" => "Emoji \"blank3\" does not exist"
+             }
+    end
+
+    test "update non existing emoji", %{admin_conn: admin_conn} do
+      assert admin_conn
+             |> put_req_header("content-type", "multipart/form-data")
+             |> patch("/api/pleroma/emoji/packs/files?name=test_pack", %{
+               shortcode: "blank3",
+               new_shortcode: "blank4",
+               new_filename: "dir_2/blank_3.png"
+             })
+             |> json_response_and_validate_schema(:bad_request) == %{
+               "error" => "Emoji \"blank3\" does not exist"
+             }
+    end
+
+    test "update with empty shortcode", %{admin_conn: admin_conn} do
+      assert %{
+               "error" => "Missing field: new_shortcode."
+             } =
+               admin_conn
+               |> put_req_header("content-type", "multipart/form-data")
+               |> patch("/api/pleroma/emoji/packs/files?name=test_pack", %{
+                 shortcode: "blank",
+                 new_filename: "dir_2/blank_3.png"
+               })
+               |> json_response_and_validate_schema(:bad_request)
+    end
+  end
+end
--- a/test/web/pleroma_api/controllers/emoji_pack_controller_test.exs
+++ b/test/web/pleroma_api/controllers/emoji_pack_controller_test.exs
@ -37,11 +37,11 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackControllerTest do
  test "GET /api/pleroma/emoji/packs", %{conn: conn} do
    resp = conn |> get("/api/pleroma/emoji/packs") |> json_response_and_validate_schema(200)

-    assert resp["count"] == 3
+    assert resp["count"] == 4

    assert resp["packs"]
           |> Map.keys()
-           |> length() == 3
+           |> length() == 4

    shared = resp["packs"]["test_pack"]
    assert shared["files"] == %{"blank" => "blank.png", "blank2" => "blank2.png"}
@ -58,7 +58,7 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackControllerTest do
      |> get("/api/pleroma/emoji/packs?page_size=1")
      |> json_response_and_validate_schema(200)

-    assert resp["count"] == 3
+    assert resp["count"] == 4

    packs = Map.keys(resp["packs"])

@ -71,7 +71,7 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackControllerTest do
      |> get("/api/pleroma/emoji/packs?page_size=1&page=2")
      |> json_response_and_validate_schema(200)

-    assert resp["count"] == 3
+    assert resp["count"] == 4
    packs = Map.keys(resp["packs"])
    assert length(packs) == 1
    [pack2] = packs
@ -81,18 +81,28 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackControllerTest do
      |> get("/api/pleroma/emoji/packs?page_size=1&page=3")
      |> json_response_and_validate_schema(200)

-    assert resp["count"] == 3
+    assert resp["count"] == 4
    packs = Map.keys(resp["packs"])
    assert length(packs) == 1
    [pack3] = packs
-    assert [pack1, pack2, pack3] |> Enum.uniq() |> length() == 3
+
+    resp =
+      conn
+      |> get("/api/pleroma/emoji/packs?page_size=1&page=4")
+      |> json_response_and_validate_schema(200)
+
+    assert resp["count"] == 4
+    packs = Map.keys(resp["packs"])
+    assert length(packs) == 1
+    [pack4] = packs
+    assert [pack1, pack2, pack3, pack4] |> Enum.uniq() |> length() == 4
  end

  describe "GET /api/pleroma/emoji/packs/remote" do
    test "shareable instance", %{admin_conn: admin_conn, conn: conn} do
      resp =
        conn
-        |> get("/api/pleroma/emoji/packs")
+        |> get("/api/pleroma/emoji/packs?page=2&page_size=1")
        |> json_response_and_validate_schema(200)

      mock(fn
@ -102,12 +112,12 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackControllerTest do
        %{method: :get, url: "https://example.com/nodeinfo/2.1.json"} ->
          json(%{metadata: %{features: ["shareable_emoji_packs"]}})

-        %{method: :get, url: "https://example.com/api/pleroma/emoji/packs"} ->
+        %{method: :get, url: "https://example.com/api/pleroma/emoji/packs?page=2&page_size=1"} ->
          json(resp)
      end)

      assert admin_conn
-             |> get("/api/pleroma/emoji/packs/remote?url=https://example.com")
+             |> get("/api/pleroma/emoji/packs/remote?url=https://example.com&page=2&page_size=1")
             |> json_response_and_validate_schema(200) == resp
    end

@ -128,11 +138,11 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackControllerTest do
    end
  end

-  describe "GET /api/pleroma/emoji/packs/:name/archive" do
+  describe "GET /api/pleroma/emoji/packs/archive?name=:name" do
    test "download shared pack", %{conn: conn} do
      resp =
        conn
-        |> get("/api/pleroma/emoji/packs/test_pack/archive")
+        |> get("/api/pleroma/emoji/packs/archive?name=test_pack")
        |> response(200)

      {:ok, arch} = :zip.unzip(resp, [:memory])
@ -143,7 +153,7 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackControllerTest do

    test "non existing pack", %{conn: conn} do
      assert conn
-             |> get("/api/pleroma/emoji/packs/test_pack_for_import/archive")
+             |> get("/api/pleroma/emoji/packs/archive?name=test_pack_for_import")
             |> json_response_and_validate_schema(:not_found) == %{
               "error" => "Pack test_pack_for_import does not exist"
             }
@ -151,7 +161,7 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackControllerTest do

    test "non downloadable pack", %{conn: conn} do
      assert conn
-             |> get("/api/pleroma/emoji/packs/test_pack_nonshared/archive")
+             |> get("/api/pleroma/emoji/packs/archive?name=test_pack_nonshared")
             |> json_response_and_validate_schema(:forbidden) == %{
               "error" =>
                 "Pack test_pack_nonshared cannot be downloaded from this instance, either pack sharing was disabled for this pack or some files are missing"
@ -173,28 +183,28 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackControllerTest do

        %{
          method: :get,
-          url: "https://example.com/api/pleroma/emoji/packs/test_pack"
+          url: "https://example.com/api/pleroma/emoji/pack?name=test_pack"
        } ->
          conn
-          |> get("/api/pleroma/emoji/packs/test_pack")
+          |> get("/api/pleroma/emoji/pack?name=test_pack")
          |> json_response_and_validate_schema(200)
          |> json()

        %{
          method: :get,
-          url: "https://example.com/api/pleroma/emoji/packs/test_pack/archive"
+          url: "https://example.com/api/pleroma/emoji/packs/archive?name=test_pack"
        } ->
          conn
-          |> get("/api/pleroma/emoji/packs/test_pack/archive")
+          |> get("/api/pleroma/emoji/packs/archive?name=test_pack")
          |> response(200)
          |> text()

        %{
          method: :get,
-          url: "https://example.com/api/pleroma/emoji/packs/test_pack_nonshared"
+          url: "https://example.com/api/pleroma/emoji/pack?name=test_pack_nonshared"
        } ->
          conn
-          |> get("/api/pleroma/emoji/packs/test_pack_nonshared")
+          |> get("/api/pleroma/emoji/pack?name=test_pack_nonshared")
          |> json_response_and_validate_schema(200)
          |> json()

@ -218,7 +228,7 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackControllerTest do
      assert File.exists?("#{@emoji_path}/test_pack2/blank.png")

      assert admin_conn
-             |> delete("/api/pleroma/emoji/packs/test_pack2")
+             |> delete("/api/pleroma/emoji/pack?name=test_pack2")
             |> json_response_and_validate_schema(200) == "ok"

      refute File.exists?("#{@emoji_path}/test_pack2")
@ -239,7 +249,7 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackControllerTest do
      assert File.exists?("#{@emoji_path}/test_pack_nonshared2/blank.png")

      assert admin_conn
-             |> delete("/api/pleroma/emoji/packs/test_pack_nonshared2")
+             |> delete("/api/pleroma/emoji/pack?name=test_pack_nonshared2")
             |> json_response_and_validate_schema(200) == "ok"

      refute File.exists?("#{@emoji_path}/test_pack_nonshared2")
@ -279,14 +289,14 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackControllerTest do

        %{
          method: :get,
-          url: "https://example.com/api/pleroma/emoji/packs/pack_bad_sha"
+          url: "https://example.com/api/pleroma/emoji/pack?name=pack_bad_sha"
        } ->
          {:ok, pack} = Pleroma.Emoji.Pack.load_pack("pack_bad_sha")
          %Tesla.Env{status: 200, body: Jason.encode!(pack)}

        %{
          method: :get,
-          url: "https://example.com/api/pleroma/emoji/packs/pack_bad_sha/archive"
+          url: "https://example.com/api/pleroma/emoji/packs/archive?name=pack_bad_sha"
        } ->
          %Tesla.Env{
            status: 200,
@ -316,7 +326,7 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackControllerTest do

        %{
          method: :get,
-          url: "https://example.com/api/pleroma/emoji/packs/test_pack"
+          url: "https://example.com/api/pleroma/emoji/pack?name=test_pack"
        } ->
          {:ok, pack} = Pleroma.Emoji.Pack.load_pack("test_pack")
          %Tesla.Env{status: 200, body: Jason.encode!(pack)}
@ -336,7 +346,7 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackControllerTest do
    end
  end

-  describe "PATCH /api/pleroma/emoji/packs/:name" do
+  describe "PATCH /api/pleroma/emoji/pack?name=:name" do
    setup do
      pack_file = "#{@emoji_path}/test_pack/pack.json"
      original_content = File.read!(pack_file)
@ -358,7 +368,9 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackControllerTest do
    test "for a pack without a fallback source", ctx do
      assert ctx[:admin_conn]
             |> put_req_header("content-type", "multipart/form-data")
-             |> patch("/api/pleroma/emoji/packs/test_pack", %{"metadata" => ctx[:new_data]})
+             |> patch("/api/pleroma/emoji/pack?name=test_pack", %{
+               "metadata" => ctx[:new_data]
+             })
             |> json_response_and_validate_schema(200) == ctx[:new_data]

      assert Jason.decode!(File.read!(ctx[:pack_file]))["pack"] == ctx[:new_data]
@ -384,7 +396,7 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackControllerTest do

      assert ctx[:admin_conn]
             |> put_req_header("content-type", "multipart/form-data")
-             |> patch("/api/pleroma/emoji/packs/test_pack", %{metadata: new_data})
+             |> patch("/api/pleroma/emoji/pack?name=test_pack", %{metadata: new_data})
             |> json_response_and_validate_schema(200) == new_data_with_sha

      assert Jason.decode!(File.read!(ctx[:pack_file]))["pack"] == new_data_with_sha
@ -404,304 +416,17 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackControllerTest do

      assert ctx[:admin_conn]
             |> put_req_header("content-type", "multipart/form-data")
-             |> patch("/api/pleroma/emoji/packs/test_pack", %{metadata: new_data})
+             |> patch("/api/pleroma/emoji/pack?name=test_pack", %{metadata: new_data})
             |> json_response_and_validate_schema(:bad_request) == %{
               "error" => "The fallback archive does not have all files specified in pack.json"
             }
    end
  end

-  describe "POST/PATCH/DELETE /api/pleroma/emoji/packs/:name/files" do
-    setup do
-      pack_file = "#{@emoji_path}/test_pack/pack.json"
-      original_content = File.read!(pack_file)
-
-      on_exit(fn ->
-        File.write!(pack_file, original_content)
-      end)
-
-      :ok
-    end
-
-    test "create shortcode exists", %{admin_conn: admin_conn} do
-      assert admin_conn
-             |> put_req_header("content-type", "multipart/form-data")
-             |> post("/api/pleroma/emoji/packs/test_pack/files", %{
-               shortcode: "blank",
-               filename: "dir/blank.png",
-               file: %Plug.Upload{
-                 filename: "blank.png",
-                 path: "#{@emoji_path}/test_pack/blank.png"
-               }
-             })
-             |> json_response_and_validate_schema(:conflict) == %{
-               "error" => "An emoji with the \"blank\" shortcode already exists"
-             }
-    end
-
-    test "don't rewrite old emoji", %{admin_conn: admin_conn} do
-      on_exit(fn -> File.rm_rf!("#{@emoji_path}/test_pack/dir/") end)
-
-      assert admin_conn
-             |> put_req_header("content-type", "multipart/form-data")
-             |> post("/api/pleroma/emoji/packs/test_pack/files", %{
-               shortcode: "blank3",
-               filename: "dir/blank.png",
-               file: %Plug.Upload{
-                 filename: "blank.png",
-                 path: "#{@emoji_path}/test_pack/blank.png"
-               }
-             })
-             |> json_response_and_validate_schema(200) == %{
-               "blank" => "blank.png",
-               "blank2" => "blank2.png",
-               "blank3" => "dir/blank.png"
-             }
-
-      assert File.exists?("#{@emoji_path}/test_pack/dir/blank.png")
-
-      assert admin_conn
-             |> put_req_header("content-type", "multipart/form-data")
-             |> patch("/api/pleroma/emoji/packs/test_pack/files", %{
-               shortcode: "blank",
-               new_shortcode: "blank2",
-               new_filename: "dir_2/blank_3.png"
-             })
-             |> json_response_and_validate_schema(:conflict) == %{
-               "error" =>
-                 "New shortcode \"blank2\" is already used. If you want to override emoji use 'force' option"
-             }
-    end
-
-    test "rewrite old emoji with force option", %{admin_conn: admin_conn} do
-      on_exit(fn -> File.rm_rf!("#{@emoji_path}/test_pack/dir_2/") end)
-
-      assert admin_conn
-             |> put_req_header("content-type", "multipart/form-data")
-             |> post("/api/pleroma/emoji/packs/test_pack/files", %{
-               shortcode: "blank3",
-               filename: "dir/blank.png",
-               file: %Plug.Upload{
-                 filename: "blank.png",
-                 path: "#{@emoji_path}/test_pack/blank.png"
-               }
-             })
-             |> json_response_and_validate_schema(200) == %{
-               "blank" => "blank.png",
-               "blank2" => "blank2.png",
-               "blank3" => "dir/blank.png"
-             }
-
-      assert File.exists?("#{@emoji_path}/test_pack/dir/blank.png")
-
-      assert admin_conn
-             |> put_req_header("content-type", "multipart/form-data")
-             |> patch("/api/pleroma/emoji/packs/test_pack/files", %{
-               shortcode: "blank3",
-               new_shortcode: "blank4",
-               new_filename: "dir_2/blank_3.png",
-               force: true
-             })
-             |> json_response_and_validate_schema(200) == %{
-               "blank" => "blank.png",
-               "blank2" => "blank2.png",
-               "blank4" => "dir_2/blank_3.png"
-             }
-
-      assert File.exists?("#{@emoji_path}/test_pack/dir_2/blank_3.png")
-    end
-
-    test "with empty filename", %{admin_conn: admin_conn} do
-      assert admin_conn
-             |> put_req_header("content-type", "multipart/form-data")
-             |> post("/api/pleroma/emoji/packs/test_pack/files", %{
-               shortcode: "blank2",
-               filename: "",
-               file: %Plug.Upload{
-                 filename: "blank.png",
-                 path: "#{@emoji_path}/test_pack/blank.png"
-               }
-             })
-             |> json_response_and_validate_schema(:bad_request) == %{
-               "error" => "pack name, shortcode or filename cannot be empty"
-             }
-    end
-
-    test "add file with not loaded pack", %{admin_conn: admin_conn} do
-      assert admin_conn
-             |> put_req_header("content-type", "multipart/form-data")
-             |> post("/api/pleroma/emoji/packs/not_loaded/files", %{
-               shortcode: "blank3",
-               filename: "dir/blank.png",
-               file: %Plug.Upload{
-                 filename: "blank.png",
-                 path: "#{@emoji_path}/test_pack/blank.png"
-               }
-             })
-             |> json_response_and_validate_schema(:bad_request) == %{
-               "error" => "pack \"not_loaded\" is not found"
-             }
-    end
-
-    test "remove file with not loaded pack", %{admin_conn: admin_conn} do
-      assert admin_conn
-             |> delete("/api/pleroma/emoji/packs/not_loaded/files?shortcode=blank3")
-             |> json_response_and_validate_schema(:bad_request) == %{
-               "error" => "pack \"not_loaded\" is not found"
-             }
-    end
-
-    test "remove file with empty shortcode", %{admin_conn: admin_conn} do
-      assert admin_conn
-             |> delete("/api/pleroma/emoji/packs/not_loaded/files?shortcode=")
-             |> json_response_and_validate_schema(:bad_request) == %{
-               "error" => "pack name or shortcode cannot be empty"
-             }
-    end
-
-    test "update file with not loaded pack", %{admin_conn: admin_conn} do
-      assert admin_conn
-             |> put_req_header("content-type", "multipart/form-data")
-             |> patch("/api/pleroma/emoji/packs/not_loaded/files", %{
-               shortcode: "blank4",
-               new_shortcode: "blank3",
-               new_filename: "dir_2/blank_3.png"
-             })
-             |> json_response_and_validate_schema(:bad_request) == %{
-               "error" => "pack \"not_loaded\" is not found"
-             }
-    end
-
-    test "new with shortcode as file with update", %{admin_conn: admin_conn} do
-      assert admin_conn
-             |> put_req_header("content-type", "multipart/form-data")
-             |> post("/api/pleroma/emoji/packs/test_pack/files", %{
-               shortcode: "blank4",
-               filename: "dir/blank.png",
-               file: %Plug.Upload{
-                 filename: "blank.png",
-                 path: "#{@emoji_path}/test_pack/blank.png"
-               }
-             })
-             |> json_response_and_validate_schema(200) == %{
-               "blank" => "blank.png",
-               "blank4" => "dir/blank.png",
-               "blank2" => "blank2.png"
-             }
-
-      assert File.exists?("#{@emoji_path}/test_pack/dir/blank.png")
-
-      assert admin_conn
-             |> put_req_header("content-type", "multipart/form-data")
-             |> patch("/api/pleroma/emoji/packs/test_pack/files", %{
-               shortcode: "blank4",
-               new_shortcode: "blank3",
-               new_filename: "dir_2/blank_3.png"
-             })
-             |> json_response_and_validate_schema(200) == %{
-               "blank3" => "dir_2/blank_3.png",
-               "blank" => "blank.png",
-               "blank2" => "blank2.png"
-             }
-
-      refute File.exists?("#{@emoji_path}/test_pack/dir/")
-      assert File.exists?("#{@emoji_path}/test_pack/dir_2/blank_3.png")
-
-      assert admin_conn
-             |> delete("/api/pleroma/emoji/packs/test_pack/files?shortcode=blank3")
-             |> json_response_and_validate_schema(200) == %{
-               "blank" => "blank.png",
-               "blank2" => "blank2.png"
-             }
-
-      refute File.exists?("#{@emoji_path}/test_pack/dir_2/")
-
-      on_exit(fn -> File.rm_rf!("#{@emoji_path}/test_pack/dir") end)
-    end
-
-    test "new with shortcode from url", %{admin_conn: admin_conn} do
-      mock(fn
-        %{
-          method: :get,
-          url: "https://test-blank/blank_url.png"
-        } ->
-          text(File.read!("#{@emoji_path}/test_pack/blank.png"))
-      end)
-
-      assert admin_conn
-             |> put_req_header("content-type", "multipart/form-data")
-             |> post("/api/pleroma/emoji/packs/test_pack/files", %{
-               shortcode: "blank_url",
-               file: "https://test-blank/blank_url.png"
-             })
-             |> json_response_and_validate_schema(200) == %{
-               "blank_url" => "blank_url.png",
-               "blank" => "blank.png",
-               "blank2" => "blank2.png"
-             }
-
-      assert File.exists?("#{@emoji_path}/test_pack/blank_url.png")
-
-      on_exit(fn -> File.rm_rf!("#{@emoji_path}/test_pack/blank_url.png") end)
-    end
-
-    test "new without shortcode", %{admin_conn: admin_conn} do
-      on_exit(fn -> File.rm_rf!("#{@emoji_path}/test_pack/shortcode.png") end)
-
-      assert admin_conn
-             |> put_req_header("content-type", "multipart/form-data")
-             |> post("/api/pleroma/emoji/packs/test_pack/files", %{
-               file: %Plug.Upload{
-                 filename: "shortcode.png",
-                 path: "#{Pleroma.Config.get([:instance, :static_dir])}/add/shortcode.png"
-               }
-             })
-             |> json_response_and_validate_schema(200) == %{
-               "shortcode" => "shortcode.png",
-               "blank" => "blank.png",
-               "blank2" => "blank2.png"
-             }
-    end
-
-    test "remove non existing shortcode in pack.json", %{admin_conn: admin_conn} do
-      assert admin_conn
-             |> delete("/api/pleroma/emoji/packs/test_pack/files?shortcode=blank3")
-             |> json_response_and_validate_schema(:bad_request) == %{
-               "error" => "Emoji \"blank3\" does not exist"
-             }
-    end
-
-    test "update non existing emoji", %{admin_conn: admin_conn} do
-      assert admin_conn
-             |> put_req_header("content-type", "multipart/form-data")
-             |> patch("/api/pleroma/emoji/packs/test_pack/files", %{
-               shortcode: "blank3",
-               new_shortcode: "blank4",
-               new_filename: "dir_2/blank_3.png"
-             })
-             |> json_response_and_validate_schema(:bad_request) == %{
-               "error" => "Emoji \"blank3\" does not exist"
-             }
-    end
-
-    test "update with empty shortcode", %{admin_conn: admin_conn} do
-      assert %{
-               "error" => "Missing field: new_shortcode."
-             } =
-               admin_conn
-               |> put_req_header("content-type", "multipart/form-data")
-               |> patch("/api/pleroma/emoji/packs/test_pack/files", %{
-                 shortcode: "blank",
-                 new_filename: "dir_2/blank_3.png"
-               })
-               |> json_response_and_validate_schema(:bad_request)
-    end
-  end
-
-  describe "POST/DELETE /api/pleroma/emoji/packs/:name" do
+  describe "POST/DELETE /api/pleroma/emoji/pack?name=:name" do
    test "creating and deleting a pack", %{admin_conn: admin_conn} do
      assert admin_conn
-             |> post("/api/pleroma/emoji/packs/test_created")
+             |> post("/api/pleroma/emoji/pack?name=test_created")
             |> json_response_and_validate_schema(200) == "ok"

      assert File.exists?("#{@emoji_path}/test_created/pack.json")
@ -713,7 +438,7 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackControllerTest do
             }

      assert admin_conn
-             |> delete("/api/pleroma/emoji/packs/test_created")
+             |> delete("/api/pleroma/emoji/pack?name=test_created")
             |> json_response_and_validate_schema(200) == "ok"

      refute File.exists?("#{@emoji_path}/test_created/pack.json")
@ -726,7 +451,7 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackControllerTest do
      File.write!(Path.join(path, "pack.json"), pack_file)

      assert admin_conn
-             |> post("/api/pleroma/emoji/packs/test_created")
+             |> post("/api/pleroma/emoji/pack?name=test_created")
             |> json_response_and_validate_schema(:conflict) == %{
               "error" => "A pack named \"test_created\" already exists"
             }
@ -736,7 +461,7 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackControllerTest do

    test "with empty name", %{admin_conn: admin_conn} do
      assert admin_conn
-             |> post("/api/pleroma/emoji/packs/ ")
+             |> post("/api/pleroma/emoji/pack?name= ")
             |> json_response_and_validate_schema(:bad_request) == %{
               "error" => "pack name cannot be empty"
             }
@ -745,7 +470,7 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackControllerTest do

  test "deleting nonexisting pack", %{admin_conn: admin_conn} do
    assert admin_conn
-           |> delete("/api/pleroma/emoji/packs/non_existing")
+           |> delete("/api/pleroma/emoji/pack?name=non_existing")
           |> json_response_and_validate_schema(:not_found) == %{
             "error" => "Pack non_existing does not exist"
           }
@ -753,7 +478,7 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackControllerTest do

  test "deleting with empty name", %{admin_conn: admin_conn} do
    assert admin_conn
-           |> delete("/api/pleroma/emoji/packs/ ")
+           |> delete("/api/pleroma/emoji/pack?name= ")
           |> json_response_and_validate_schema(:bad_request) == %{
             "error" => "pack name cannot be empty"
           }
@ -801,7 +526,7 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackControllerTest do
           }
  end

-  describe "GET /api/pleroma/emoji/packs/:name" do
+  describe "GET /api/pleroma/emoji/pack?name=:name" do
    test "shows pack.json", %{conn: conn} do
      assert %{
               "files" => files,
@ -816,7 +541,7 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackControllerTest do
               }
             } =
               conn
-               |> get("/api/pleroma/emoji/packs/test_pack")
+               |> get("/api/pleroma/emoji/pack?name=test_pack")
               |> json_response_and_validate_schema(200)

      assert files == %{"blank" => "blank.png", "blank2" => "blank2.png"}
@ -826,7 +551,7 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackControllerTest do
               "files_count" => 2
             } =
               conn
-               |> get("/api/pleroma/emoji/packs/test_pack?page_size=1")
+               |> get("/api/pleroma/emoji/pack?name=test_pack&page_size=1")
               |> json_response_and_validate_schema(200)

      assert files |> Map.keys() |> length() == 1
@ -836,15 +561,33 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackControllerTest do
               "files_count" => 2
             } =
               conn
-               |> get("/api/pleroma/emoji/packs/test_pack?page_size=1&page=2")
+               |> get("/api/pleroma/emoji/pack?name=test_pack&page_size=1&page=2")
               |> json_response_and_validate_schema(200)

      assert files |> Map.keys() |> length() == 1
    end

+    test "for pack name with special chars", %{conn: conn} do
+      assert %{
+               "files" => files,
+               "files_count" => 1,
+               "pack" => %{
+                 "can-download" => true,
+                 "description" => "Test description",
+                 "download-sha256" => _,
+                 "homepage" => "https://pleroma.social",
+                 "license" => "Test license",
+                 "share-files" => true
+               }
+             } =
+               conn
+               |> get("/api/pleroma/emoji/pack?name=blobs.gg")
+               |> json_response_and_validate_schema(200)
+    end
+
    test "non existing pack", %{conn: conn} do
      assert conn
-             |> get("/api/pleroma/emoji/packs/non_existing")
+             |> get("/api/pleroma/emoji/pack?name=non_existing")
             |> json_response_and_validate_schema(:not_found) == %{
               "error" => "Pack non_existing does not exist"
             }
@ -852,7 +595,7 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackControllerTest do

    test "error name", %{conn: conn} do
      assert conn
-             |> get("/api/pleroma/emoji/packs/ ")
+             |> get("/api/pleroma/emoji/pack?name= ")
             |> json_response_and_validate_schema(:bad_request) == %{
               "error" => "pack name cannot be empty"
             }
--- a/test/web/pleroma_api/controllers/user_import_controller_test.exs
+++ b/test/web/pleroma_api/controllers/user_import_controller_test.exs
@ -0,0 +1,235 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.PleromaAPI.UserImportControllerTest do
+  use Pleroma.Web.ConnCase
+  use Oban.Testing, repo: Pleroma.Repo
+
+  alias Pleroma.Config
+  alias Pleroma.Tests.ObanHelpers
+
+  import Pleroma.Factory
+  import Mock
+
+  setup do
+    Tesla.Mock.mock(fn env -> apply(HttpRequestMock, :request, [env]) end)
+    :ok
+  end
+
+  describe "POST /api/pleroma/follow_import" do
+    setup do: oauth_access(["follow"])
+
+    test "it returns HTTP 200", %{conn: conn} do
+      user2 = insert(:user)
+
+      assert "job started" ==
+               conn
+               |> put_req_header("content-type", "application/json")
+               |> post("/api/pleroma/follow_import", %{"list" => "#{user2.ap_id}"})
+               |> json_response_and_validate_schema(200)
+    end
+
+    test "it imports follow lists from file", %{conn: conn} do
+      user2 = insert(:user)
+
+      with_mocks([
+        {File, [],
+         read!: fn "follow_list.txt" ->
+           "Account address,Show boosts\n#{user2.ap_id},true"
+         end}
+      ]) do
+        assert "job started" ==
+                 conn
+                 |> put_req_header("content-type", "application/json")
+                 |> post("/api/pleroma/follow_import", %{
+                   "list" => %Plug.Upload{path: "follow_list.txt"}
+                 })
+                 |> json_response_and_validate_schema(200)
+
+        assert [{:ok, job_result}] = ObanHelpers.perform_all()
+        assert job_result == [user2]
+      end
+    end
+
+    test "it imports new-style mastodon follow lists", %{conn: conn} do
+      user2 = insert(:user)
+
+      response =
+        conn
+        |> put_req_header("content-type", "application/json")
+        |> post("/api/pleroma/follow_import", %{
+          "list" => "Account address,Show boosts\n#{user2.ap_id},true"
+        })
+        |> json_response_and_validate_schema(200)
+
+      assert response == "job started"
+    end
+
+    test "requires 'follow' or 'write:follows' permissions" do
+      token1 = insert(:oauth_token, scopes: ["read", "write"])
+      token2 = insert(:oauth_token, scopes: ["follow"])
+      token3 = insert(:oauth_token, scopes: ["something"])
+      another_user = insert(:user)
+
+      for token <- [token1, token2, token3] do
+        conn =
+          build_conn()
+          |> put_req_header("authorization", "Bearer #{token.token}")
+          |> put_req_header("content-type", "application/json")
+          |> post("/api/pleroma/follow_import", %{"list" => "#{another_user.ap_id}"})
+
+        if token == token3 do
+          assert %{"error" => "Insufficient permissions: follow | write:follows."} ==
+                   json_response(conn, 403)
+        else
+          assert json_response(conn, 200)
+        end
+      end
+    end
+
+    test "it imports follows with different nickname variations", %{conn: conn} do
+      users = [user2, user3, user4, user5, user6] = insert_list(5, :user)
+
+      identifiers =
+        [
+          user2.ap_id,
+          user3.nickname,
+          "  ",
+          "@" <> user4.nickname,
+          user5.nickname <> "@localhost",
+          "@" <> user6.nickname <> "@localhost"
+        ]
+        |> Enum.join("\n")
+
+      assert "job started" ==
+               conn
+               |> put_req_header("content-type", "application/json")
+               |> post("/api/pleroma/follow_import", %{"list" => identifiers})
+               |> json_response_and_validate_schema(200)
+
+      assert [{:ok, job_result}] = ObanHelpers.perform_all()
+      assert job_result == users
+    end
+  end
+
+  describe "POST /api/pleroma/blocks_import" do
+    # Note: "follow" or "write:blocks" permission is required
+    setup do: oauth_access(["write:blocks"])
+
+    test "it returns HTTP 200", %{conn: conn} do
+      user2 = insert(:user)
+
+      assert "job started" ==
+               conn
+               |> put_req_header("content-type", "application/json")
+               |> post("/api/pleroma/blocks_import", %{"list" => "#{user2.ap_id}"})
+               |> json_response_and_validate_schema(200)
+    end
+
+    test "it imports blocks users from file", %{conn: conn} do
+      users = [user2, user3] = insert_list(2, :user)
+
+      with_mocks([
+        {File, [], read!: fn "blocks_list.txt" -> "#{user2.ap_id} #{user3.ap_id}" end}
+      ]) do
+        assert "job started" ==
+                 conn
+                 |> put_req_header("content-type", "application/json")
+                 |> post("/api/pleroma/blocks_import", %{
+                   "list" => %Plug.Upload{path: "blocks_list.txt"}
+                 })
+                 |> json_response_and_validate_schema(200)
+
+        assert [{:ok, job_result}] = ObanHelpers.perform_all()
+        assert job_result == users
+      end
+    end
+
+    test "it imports blocks with different nickname variations", %{conn: conn} do
+      users = [user2, user3, user4, user5, user6] = insert_list(5, :user)
+
+      identifiers =
+        [
+          user2.ap_id,
+          user3.nickname,
+          "@" <> user4.nickname,
+          user5.nickname <> "@localhost",
+          "@" <> user6.nickname <> "@localhost"
+        ]
+        |> Enum.join(" ")
+
+      assert "job started" ==
+               conn
+               |> put_req_header("content-type", "application/json")
+               |> post("/api/pleroma/blocks_import", %{"list" => identifiers})
+               |> json_response_and_validate_schema(200)
+
+      assert [{:ok, job_result}] = ObanHelpers.perform_all()
+      assert job_result == users
+    end
+  end
+
+  describe "POST /api/pleroma/mutes_import" do
+    # Note: "follow" or "write:mutes" permission is required
+    setup do: oauth_access(["write:mutes"])
+
+    test "it returns HTTP 200", %{user: user, conn: conn} do
+      user2 = insert(:user)
+
+      assert "job started" ==
+               conn
+               |> put_req_header("content-type", "application/json")
+               |> post("/api/pleroma/mutes_import", %{"list" => "#{user2.ap_id}"})
+               |> json_response_and_validate_schema(200)
+
+      assert [{:ok, job_result}] = ObanHelpers.perform_all()
+      assert job_result == [user2]
+      assert Pleroma.User.mutes?(user, user2)
+    end
+
+    test "it imports mutes users from file", %{user: user, conn: conn} do
+      users = [user2, user3] = insert_list(2, :user)
+
+      with_mocks([
+        {File, [], read!: fn "mutes_list.txt" -> "#{user2.ap_id} #{user3.ap_id}" end}
+      ]) do
+        assert "job started" ==
+                 conn
+                 |> put_req_header("content-type", "application/json")
+                 |> post("/api/pleroma/mutes_import", %{
+                   "list" => %Plug.Upload{path: "mutes_list.txt"}
+                 })
+                 |> json_response_and_validate_schema(200)
+
+        assert [{:ok, job_result}] = ObanHelpers.perform_all()
+        assert job_result == users
+        assert Enum.all?(users, &Pleroma.User.mutes?(user, &1))
+      end
+    end
+
+    test "it imports mutes with different nickname variations", %{user: user, conn: conn} do
+      users = [user2, user3, user4, user5, user6] = insert_list(5, :user)
+
+      identifiers =
+        [
+          user2.ap_id,
+          user3.nickname,
+          "@" <> user4.nickname,
+          user5.nickname <> "@localhost",
+          "@" <> user6.nickname <> "@localhost"
+        ]
+        |> Enum.join(" ")
+
+      assert "job started" ==
+               conn
+               |> put_req_header("content-type", "application/json")
+               |> post("/api/pleroma/mutes_import", %{"list" => identifiers})
+               |> json_response_and_validate_schema(200)
+
+      assert [{:ok, job_result}] = ObanHelpers.perform_all()
+      assert job_result == users
+      assert Enum.all?(users, &Pleroma.User.mutes?(user, &1))
+    end
+  end
+end
--- a/test/web/push/impl_test.exs
+++ b/test/web/push/impl_test.exs
@ -5,6 +5,8 @@
 defmodule Pleroma.Web.Push.ImplTest do
  use Pleroma.DataCase

+  import Pleroma.Factory
+
  alias Pleroma.Notification
  alias Pleroma.Object
  alias Pleroma.User
@ -13,8 +15,6 @@ defmodule Pleroma.Web.Push.ImplTest do
  alias Pleroma.Web.Push.Impl
  alias Pleroma.Web.Push.Subscription

-  import Pleroma.Factory
-
  setup do
    Tesla.Mock.mock(fn
      %{method: :post, url: "https://example.com/example/1234"} ->
--- a/test/web/rich_media/helpers_test.exs
+++ b/test/web/rich_media/helpers_test.exs
@ -64,41 +64,6 @@ defmodule Pleroma.Web.RichMedia.HelpersTest do
             Pleroma.Web.RichMedia.Helpers.fetch_data_for_activity(activity)
  end

-  test "refuses to crawl URLs from posts marked sensitive" do
-    user = insert(:user)
-
-    {:ok, activity} =
-      CommonAPI.post(user, %{
-        status: "http://example.com/ogp",
-        sensitive: true
-      })
-
-    %Object{} = object = Object.normalize(activity)
-
-    assert object.data["sensitive"]
-
-    Config.put([:rich_media, :enabled], true)
-
-    assert %{} = Pleroma.Web.RichMedia.Helpers.fetch_data_for_activity(activity)
-  end
-
-  test "refuses to crawl URLs from posts tagged NSFW" do
-    user = insert(:user)
-
-    {:ok, activity} =
-      CommonAPI.post(user, %{
-        status: "http://example.com/ogp #nsfw"
-      })
-
-    %Object{} = object = Object.normalize(activity)
-
-    assert object.data["sensitive"]
-
-    Config.put([:rich_media, :enabled], true)
-
-    assert %{} = Pleroma.Web.RichMedia.Helpers.fetch_data_for_activity(activity)
-  end
-
  test "refuses to crawl URLs of private network from posts" do
    user = insert(:user)

--- a/test/web/rich_media/parser_test.exs
+++ b/test/web/rich_media/parser_test.exs
@ -56,6 +56,27 @@ defmodule Pleroma.Web.RichMedia.ParserTest do

      %{method: :get, url: "http://example.com/error"} ->
        {:error, :overload}
+
+      %{
+        method: :head,
+        url: "http://example.com/huge-page"
+      } ->
+        %Tesla.Env{
+          status: 200,
+          headers: [{"content-length", "2000001"}, {"content-type", "text/html"}]
+        }
+
+      %{
+        method: :head,
+        url: "http://example.com/pdf-file"
+      } ->
+        %Tesla.Env{
+          status: 200,
+          headers: [{"content-length", "1000000"}, {"content-type", "application/pdf"}]
+        }
+
+      %{method: :head} ->
+        %Tesla.Env{status: 404, body: "", headers: []}
    end)

    :ok
@ -144,4 +165,12 @@ defmodule Pleroma.Web.RichMedia.ParserTest do
  test "returns error if getting page was not successful" do
    assert {:error, :overload} = Parser.parse("http://example.com/error")
  end
+
+  test "does a HEAD request to check if the body is too large" do
+    assert {:error, :body_too_large} = Parser.parse("http://example.com/huge-page")
+  end
+
+  test "does a HEAD request to check if the body is html" do
+    assert {:error, {:content_type, _}} = Parser.parse("http://example.com/pdf-file")
+  end
 end
--- a/test/web/streamer/streamer_test.exs
+++ b/test/web/streamer/streamer_test.exs
@ -21,92 +21,148 @@ defmodule Pleroma.Web.StreamerTest do

  setup do: clear_config([:instance, :skip_thread_containment])

-  describe "get_topic without an user" do
+  describe "get_topic/_ (unauthenticated)" do
    test "allows public" do
-      assert {:ok, "public"} = Streamer.get_topic("public", nil)
-      assert {:ok, "public:local"} = Streamer.get_topic("public:local", nil)
-      assert {:ok, "public:media"} = Streamer.get_topic("public:media", nil)
-      assert {:ok, "public:local:media"} = Streamer.get_topic("public:local:media", nil)
+      assert {:ok, "public"} = Streamer.get_topic("public", nil, nil)
+      assert {:ok, "public:local"} = Streamer.get_topic("public:local", nil, nil)
+      assert {:ok, "public:media"} = Streamer.get_topic("public:media", nil, nil)
+      assert {:ok, "public:local:media"} = Streamer.get_topic("public:local:media", nil, nil)
    end

    test "allows hashtag streams" do
-      assert {:ok, "hashtag:cofe"} = Streamer.get_topic("hashtag", nil, %{"tag" => "cofe"})
+      assert {:ok, "hashtag:cofe"} = Streamer.get_topic("hashtag", nil, nil, %{"tag" => "cofe"})
    end

    test "disallows user streams" do
-      assert {:error, _} = Streamer.get_topic("user", nil)
-      assert {:error, _} = Streamer.get_topic("user:notification", nil)
-      assert {:error, _} = Streamer.get_topic("direct", nil)
+      assert {:error, _} = Streamer.get_topic("user", nil, nil)
+      assert {:error, _} = Streamer.get_topic("user:notification", nil, nil)
+      assert {:error, _} = Streamer.get_topic("direct", nil, nil)
    end

    test "disallows list streams" do
-      assert {:error, _} = Streamer.get_topic("list", nil, %{"list" => 42})
+      assert {:error, _} = Streamer.get_topic("list", nil, nil, %{"list" => 42})
    end
  end

-  describe "get_topic with an user" do
-    setup do
-      user = insert(:user)
-      {:ok, %{user: user}}
+  describe "get_topic/_ (authenticated)" do
+    setup do: oauth_access(["read"])
+
+    test "allows public streams (regardless of OAuth token scopes)", %{
+      user: user,
+      token: read_oauth_token
+    } do
+      with oauth_token <- [nil, read_oauth_token] do
+        assert {:ok, "public"} = Streamer.get_topic("public", user, oauth_token)
+        assert {:ok, "public:local"} = Streamer.get_topic("public:local", user, oauth_token)
+        assert {:ok, "public:media"} = Streamer.get_topic("public:media", user, oauth_token)
+
+        assert {:ok, "public:local:media"} =
+                 Streamer.get_topic("public:local:media", user, oauth_token)
+      end
    end

-    test "allows public streams", %{user: user} do
-      assert {:ok, "public"} = Streamer.get_topic("public", user)
-      assert {:ok, "public:local"} = Streamer.get_topic("public:local", user)
-      assert {:ok, "public:media"} = Streamer.get_topic("public:media", user)
-      assert {:ok, "public:local:media"} = Streamer.get_topic("public:local:media", user)
-    end
+    test "allows user streams (with proper OAuth token scopes)", %{
+      user: user,
+      token: read_oauth_token
+    } do
+      %{token: read_notifications_token} = oauth_access(["read:notifications"], user: user)
+      %{token: read_statuses_token} = oauth_access(["read:statuses"], user: user)
+      %{token: badly_scoped_token} = oauth_access(["irrelevant:scope"], user: user)

-    test "allows user streams", %{user: user} do
      expected_user_topic = "user:#{user.id}"
-      expected_notif_topic = "user:notification:#{user.id}"
+      expected_notification_topic = "user:notification:#{user.id}"
      expected_direct_topic = "direct:#{user.id}"
-      assert {:ok, ^expected_user_topic} = Streamer.get_topic("user", user)
-      assert {:ok, ^expected_notif_topic} = Streamer.get_topic("user:notification", user)
-      assert {:ok, ^expected_direct_topic} = Streamer.get_topic("direct", user)
+      expected_pleroma_chat_topic = "user:pleroma_chat:#{user.id}"
+
+      for valid_user_token <- [read_oauth_token, read_statuses_token] do
+        assert {:ok, ^expected_user_topic} = Streamer.get_topic("user", user, valid_user_token)
+
+        assert {:ok, ^expected_direct_topic} =
+                 Streamer.get_topic("direct", user, valid_user_token)
+
+        assert {:ok, ^expected_pleroma_chat_topic} =
+                 Streamer.get_topic("user:pleroma_chat", user, valid_user_token)
+      end
+
+      for invalid_user_token <- [read_notifications_token, badly_scoped_token],
+          user_topic <- ["user", "direct", "user:pleroma_chat"] do
+        assert {:error, :unauthorized} = Streamer.get_topic(user_topic, user, invalid_user_token)
+      end
+
+      for valid_notification_token <- [read_oauth_token, read_notifications_token] do
+        assert {:ok, ^expected_notification_topic} =
+                 Streamer.get_topic("user:notification", user, valid_notification_token)
+      end
+
+      for invalid_notification_token <- [read_statuses_token, badly_scoped_token] do
+        assert {:error, :unauthorized} =
+                 Streamer.get_topic("user:notification", user, invalid_notification_token)
+      end
    end

-    test "allows hashtag streams", %{user: user} do
-      assert {:ok, "hashtag:cofe"} = Streamer.get_topic("hashtag", user, %{"tag" => "cofe"})
+    test "allows hashtag streams (regardless of OAuth token scopes)", %{
+      user: user,
+      token: read_oauth_token
+    } do
+      for oauth_token <- [nil, read_oauth_token] do
+        assert {:ok, "hashtag:cofe"} =
+                 Streamer.get_topic("hashtag", user, oauth_token, %{"tag" => "cofe"})
+      end
    end

-    test "disallows registering to an user stream", %{user: user} do
+    test "disallows registering to another user's stream", %{user: user, token: read_oauth_token} do
      another_user = insert(:user)
-      assert {:error, _} = Streamer.get_topic("user:#{another_user.id}", user)
-      assert {:error, _} = Streamer.get_topic("user:notification:#{another_user.id}", user)
-      assert {:error, _} = Streamer.get_topic("direct:#{another_user.id}", user)
+      assert {:error, _} = Streamer.get_topic("user:#{another_user.id}", user, read_oauth_token)
+
+      assert {:error, _} =
+               Streamer.get_topic("user:notification:#{another_user.id}", user, read_oauth_token)
+
+      assert {:error, _} = Streamer.get_topic("direct:#{another_user.id}", user, read_oauth_token)
    end

-    test "allows list stream that are owned by the user", %{user: user} do
+    test "allows list stream that are owned by the user (with `read` or `read:lists` scopes)", %{
+      user: user,
+      token: read_oauth_token
+    } do
+      %{token: read_lists_token} = oauth_access(["read:lists"], user: user)
+      %{token: invalid_token} = oauth_access(["irrelevant:scope"], user: user)
      {:ok, list} = List.create("Test", user)
-      assert {:error, _} = Streamer.get_topic("list:#{list.id}", user)
-      assert {:ok, _} = Streamer.get_topic("list", user, %{"list" => list.id})
+
+      assert {:error, _} = Streamer.get_topic("list:#{list.id}", user, read_oauth_token)
+
+      for valid_token <- [read_oauth_token, read_lists_token] do
+        assert {:ok, _} = Streamer.get_topic("list", user, valid_token, %{"list" => list.id})
+      end
+
+      assert {:error, _} = Streamer.get_topic("list", user, invalid_token, %{"list" => list.id})
    end

-    test "disallows list stream that are not owned by the user", %{user: user} do
+    test "disallows list stream that are not owned by the user", %{user: user, token: oauth_token} do
      another_user = insert(:user)
      {:ok, list} = List.create("Test", another_user)
-      assert {:error, _} = Streamer.get_topic("list:#{list.id}", user)
-      assert {:error, _} = Streamer.get_topic("list", user, %{"list" => list.id})
+
+      assert {:error, _} = Streamer.get_topic("list:#{list.id}", user, oauth_token)
+      assert {:error, _} = Streamer.get_topic("list", user, oauth_token, %{"list" => list.id})
    end
  end

  describe "user streams" do
    setup do
-      user = insert(:user)
+      %{user: user, token: token} = oauth_access(["read"])
      notify = insert(:notification, user: user, activity: build(:note_activity))
-      {:ok, %{user: user, notify: notify}}
+      {:ok, %{user: user, notify: notify, token: token}}
    end

-    test "it streams the user's post in the 'user' stream", %{user: user} do
-      Streamer.get_topic_and_add_socket("user", user)
+    test "it streams the user's post in the 'user' stream", %{user: user, token: oauth_token} do
+      Streamer.get_topic_and_add_socket("user", user, oauth_token)
      {:ok, activity} = CommonAPI.post(user, %{status: "hey"})
+
      assert_receive {:render_with_user, _, _, ^activity}
      refute Streamer.filtered_by_user?(user, activity)
    end

-    test "it streams boosts of the user in the 'user' stream", %{user: user} do
-      Streamer.get_topic_and_add_socket("user", user)
+    test "it streams boosts of the user in the 'user' stream", %{user: user, token: oauth_token} do
+      Streamer.get_topic_and_add_socket("user", user, oauth_token)

      other_user = insert(:user)
      {:ok, activity} = CommonAPI.post(other_user, %{status: "hey"})
@ -117,9 +173,10 @@ defmodule Pleroma.Web.StreamerTest do
    end

    test "it does not stream announces of the user's own posts in the 'user' stream", %{
-      user: user
+      user: user,
+      token: oauth_token
    } do
-      Streamer.get_topic_and_add_socket("user", user)
+      Streamer.get_topic_and_add_socket("user", user, oauth_token)

      other_user = insert(:user)
      {:ok, activity} = CommonAPI.post(user, %{status: "hey"})
@ -129,9 +186,10 @@ defmodule Pleroma.Web.StreamerTest do
    end

    test "it does stream notifications announces of the user's own posts in the 'user' stream", %{
-      user: user
+      user: user,
+      token: oauth_token
    } do
-      Streamer.get_topic_and_add_socket("user", user)
+      Streamer.get_topic_and_add_socket("user", user, oauth_token)

      other_user = insert(:user)
      {:ok, activity} = CommonAPI.post(user, %{status: "hey"})
@ -145,8 +203,11 @@ defmodule Pleroma.Web.StreamerTest do
      refute Streamer.filtered_by_user?(user, notification)
    end

-    test "it streams boosts of mastodon user in the 'user' stream", %{user: user} do
-      Streamer.get_topic_and_add_socket("user", user)
+    test "it streams boosts of mastodon user in the 'user' stream", %{
+      user: user,
+      token: oauth_token
+    } do
+      Streamer.get_topic_and_add_socket("user", user, oauth_token)

      other_user = insert(:user)
      {:ok, activity} = CommonAPI.post(other_user, %{status: "hey"})
@ -164,21 +225,34 @@ defmodule Pleroma.Web.StreamerTest do
      refute Streamer.filtered_by_user?(user, announce)
    end

-    test "it sends notify to in the 'user' stream", %{user: user, notify: notify} do
-      Streamer.get_topic_and_add_socket("user", user)
+    test "it sends notify to in the 'user' stream", %{
+      user: user,
+      token: oauth_token,
+      notify: notify
+    } do
+      Streamer.get_topic_and_add_socket("user", user, oauth_token)
      Streamer.stream("user", notify)
+
      assert_receive {:render_with_user, _, _, ^notify}
      refute Streamer.filtered_by_user?(user, notify)
    end

-    test "it sends notify to in the 'user:notification' stream", %{user: user, notify: notify} do
-      Streamer.get_topic_and_add_socket("user:notification", user)
+    test "it sends notify to in the 'user:notification' stream", %{
+      user: user,
+      token: oauth_token,
+      notify: notify
+    } do
+      Streamer.get_topic_and_add_socket("user:notification", user, oauth_token)
      Streamer.stream("user:notification", notify)
+
      assert_receive {:render_with_user, _, _, ^notify}
      refute Streamer.filtered_by_user?(user, notify)
    end

-    test "it sends chat messages to the 'user:pleroma_chat' stream", %{user: user} do
+    test "it sends chat messages to the 'user:pleroma_chat' stream", %{
+      user: user,
+      token: oauth_token
+    } do
      other_user = insert(:user)

      {:ok, create_activity} = CommonAPI.post_chat_message(other_user, user, "hey cirno")
@ -187,7 +261,7 @@ defmodule Pleroma.Web.StreamerTest do
      cm_ref = MessageReference.for_chat_and_object(chat, object)
      cm_ref = %{cm_ref | chat: chat, object: object}

-      Streamer.get_topic_and_add_socket("user:pleroma_chat", user)
+      Streamer.get_topic_and_add_socket("user:pleroma_chat", user, oauth_token)
      Streamer.stream("user:pleroma_chat", {user, cm_ref})

      text = StreamerView.render("chat_update.json", %{chat_message_reference: cm_ref})
@ -196,7 +270,7 @@ defmodule Pleroma.Web.StreamerTest do
      assert_receive {:text, ^text}
    end

-    test "it sends chat messages to the 'user' stream", %{user: user} do
+    test "it sends chat messages to the 'user' stream", %{user: user, token: oauth_token} do
      other_user = insert(:user)

      {:ok, create_activity} = CommonAPI.post_chat_message(other_user, user, "hey cirno")
@ -205,7 +279,7 @@ defmodule Pleroma.Web.StreamerTest do
      cm_ref = MessageReference.for_chat_and_object(chat, object)
      cm_ref = %{cm_ref | chat: chat, object: object}

-      Streamer.get_topic_and_add_socket("user", user)
+      Streamer.get_topic_and_add_socket("user", user, oauth_token)
      Streamer.stream("user", {user, cm_ref})

      text = StreamerView.render("chat_update.json", %{chat_message_reference: cm_ref})
@ -214,7 +288,10 @@ defmodule Pleroma.Web.StreamerTest do
      assert_receive {:text, ^text}
    end

-    test "it sends chat message notifications to the 'user:notification' stream", %{user: user} do
+    test "it sends chat message notifications to the 'user:notification' stream", %{
+      user: user,
+      token: oauth_token
+    } do
      other_user = insert(:user)

      {:ok, create_activity} = CommonAPI.post_chat_message(other_user, user, "hey")
@ -223,19 +300,21 @@ defmodule Pleroma.Web.StreamerTest do
        Repo.get_by(Pleroma.Notification, user_id: user.id, activity_id: create_activity.id)
        |> Repo.preload(:activity)

-      Streamer.get_topic_and_add_socket("user:notification", user)
+      Streamer.get_topic_and_add_socket("user:notification", user, oauth_token)
      Streamer.stream("user:notification", notify)
+
      assert_receive {:render_with_user, _, _, ^notify}
      refute Streamer.filtered_by_user?(user, notify)
    end

    test "it doesn't send notify to the 'user:notification' stream when a user is blocked", %{
-      user: user
+      user: user,
+      token: oauth_token
    } do
      blocked = insert(:user)
      {:ok, _user_relationship} = User.block(user, blocked)

-      Streamer.get_topic_and_add_socket("user:notification", user)
+      Streamer.get_topic_and_add_socket("user:notification", user, oauth_token)

      {:ok, activity} = CommonAPI.post(user, %{status: ":("})
      {:ok, _} = CommonAPI.favorite(blocked, activity.id)
@ -244,14 +323,15 @@ defmodule Pleroma.Web.StreamerTest do
    end

    test "it doesn't send notify to the 'user:notification' stream when a thread is muted", %{
-      user: user
+      user: user,
+      token: oauth_token
    } do
      user2 = insert(:user)

      {:ok, activity} = CommonAPI.post(user, %{status: "super hot take"})
      {:ok, _} = CommonAPI.add_mute(user, activity)

-      Streamer.get_topic_and_add_socket("user:notification", user)
+      Streamer.get_topic_and_add_socket("user:notification", user, oauth_token)

      {:ok, favorite_activity} = CommonAPI.favorite(user2, activity.id)

@ -260,12 +340,13 @@ defmodule Pleroma.Web.StreamerTest do
    end

    test "it sends favorite to 'user:notification' stream'", %{
-      user: user
+      user: user,
+      token: oauth_token
    } do
      user2 = insert(:user, %{ap_id: "https://hecking-lewd-place.com/user/meanie"})

      {:ok, activity} = CommonAPI.post(user, %{status: "super hot take"})
-      Streamer.get_topic_and_add_socket("user:notification", user)
+      Streamer.get_topic_and_add_socket("user:notification", user, oauth_token)
      {:ok, favorite_activity} = CommonAPI.favorite(user2, activity.id)

      assert_receive {:render_with_user, _, "notification.json", notif}
@ -274,13 +355,14 @@ defmodule Pleroma.Web.StreamerTest do
    end

    test "it doesn't send the 'user:notification' stream' when a domain is blocked", %{
-      user: user
+      user: user,
+      token: oauth_token
    } do
      user2 = insert(:user, %{ap_id: "https://hecking-lewd-place.com/user/meanie"})

      {:ok, user} = User.block_domain(user, "hecking-lewd-place.com")
      {:ok, activity} = CommonAPI.post(user, %{status: "super hot take"})
-      Streamer.get_topic_and_add_socket("user:notification", user)
+      Streamer.get_topic_and_add_socket("user:notification", user, oauth_token)
      {:ok, favorite_activity} = CommonAPI.favorite(user2, activity.id)

      refute_receive _
@ -288,7 +370,8 @@ defmodule Pleroma.Web.StreamerTest do
    end

    test "it sends follow activities to the 'user:notification' stream", %{
-      user: user
+      user: user,
+      token: oauth_token
    } do
      user_url = user.ap_id
      user2 = insert(:user)
@ -303,7 +386,7 @@ defmodule Pleroma.Web.StreamerTest do
          %Tesla.Env{status: 200, body: body}
      end)

-      Streamer.get_topic_and_add_socket("user:notification", user)
+      Streamer.get_topic_and_add_socket("user:notification", user, oauth_token)
      {:ok, _follower, _followed, follow_activity} = CommonAPI.follow(user2, user)

      assert_receive {:render_with_user, _, "notification.json", notif}
@ -312,51 +395,53 @@ defmodule Pleroma.Web.StreamerTest do
    end
  end

-  test "it sends to public authenticated" do
-    user = insert(:user)
-    other_user = insert(:user)
+  describe "public streams" do
+    test "it sends to public (authenticated)" do
+      %{user: user, token: oauth_token} = oauth_access(["read"])
+      other_user = insert(:user)

-    Streamer.get_topic_and_add_socket("public", other_user)
+      Streamer.get_topic_and_add_socket("public", user, oauth_token)

-    {:ok, activity} = CommonAPI.post(user, %{status: "Test"})
-    assert_receive {:render_with_user, _, _, ^activity}
-    refute Streamer.filtered_by_user?(user, activity)
+      {:ok, activity} = CommonAPI.post(other_user, %{status: "Test"})
+      assert_receive {:render_with_user, _, _, ^activity}
+      refute Streamer.filtered_by_user?(other_user, activity)
+    end
+
+    test "it sends to public (unauthenticated)" do
+      user = insert(:user)
+
+      Streamer.get_topic_and_add_socket("public", nil, nil)
+
+      {:ok, activity} = CommonAPI.post(user, %{status: "Test"})
+      activity_id = activity.id
+      assert_receive {:text, event}
+      assert %{"event" => "update", "payload" => payload} = Jason.decode!(event)
+      assert %{"id" => ^activity_id} = Jason.decode!(payload)
+
+      {:ok, _} = CommonAPI.delete(activity.id, user)
+      assert_receive {:text, event}
+      assert %{"event" => "delete", "payload" => ^activity_id} = Jason.decode!(event)
+    end
+
+    test "handles deletions" do
+      %{user: user, token: oauth_token} = oauth_access(["read"])
+      other_user = insert(:user)
+      {:ok, activity} = CommonAPI.post(other_user, %{status: "Test"})
+
+      Streamer.get_topic_and_add_socket("public", user, oauth_token)
+
+      {:ok, _} = CommonAPI.delete(activity.id, other_user)
+      activity_id = activity.id
+      assert_receive {:text, event}
+      assert %{"event" => "delete", "payload" => ^activity_id} = Jason.decode!(event)
+    end
  end

-  test "works for deletions" do
-    user = insert(:user)
-    other_user = insert(:user)
-    {:ok, activity} = CommonAPI.post(other_user, %{status: "Test"})
-
-    Streamer.get_topic_and_add_socket("public", user)
-
-    {:ok, _} = CommonAPI.delete(activity.id, other_user)
-    activity_id = activity.id
-    assert_receive {:text, event}
-    assert %{"event" => "delete", "payload" => ^activity_id} = Jason.decode!(event)
-  end
-
-  test "it sends to public unauthenticated" do
-    user = insert(:user)
-
-    Streamer.get_topic_and_add_socket("public", nil)
-
-    {:ok, activity} = CommonAPI.post(user, %{status: "Test"})
-    activity_id = activity.id
-    assert_receive {:text, event}
-    assert %{"event" => "update", "payload" => payload} = Jason.decode!(event)
-    assert %{"id" => ^activity_id} = Jason.decode!(payload)
-
-    {:ok, _} = CommonAPI.delete(activity.id, user)
-    assert_receive {:text, event}
-    assert %{"event" => "delete", "payload" => ^activity_id} = Jason.decode!(event)
-  end
-
-  describe "thread_containment" do
+  describe "thread_containment/2" do
    test "it filters to user if recipients invalid and thread containment is enabled" do
      Pleroma.Config.put([:instance, :skip_thread_containment], false)
      author = insert(:user)
-      user = insert(:user)
+      %{user: user, token: oauth_token} = oauth_access(["read"])
      User.follow(user, author, :follow_accept)

      activity =
@ -368,7 +453,7 @@ defmodule Pleroma.Web.StreamerTest do
            )
        )

-      Streamer.get_topic_and_add_socket("public", user)
+      Streamer.get_topic_and_add_socket("public", user, oauth_token)
      Streamer.stream("public", activity)
      assert_receive {:render_with_user, _, _, ^activity}
      assert Streamer.filtered_by_user?(user, activity)
@ -377,7 +462,7 @@ defmodule Pleroma.Web.StreamerTest do
    test "it sends message if recipients invalid and thread containment is disabled" do
      Pleroma.Config.put([:instance, :skip_thread_containment], true)
      author = insert(:user)
-      user = insert(:user)
+      %{user: user, token: oauth_token} = oauth_access(["read"])
      User.follow(user, author, :follow_accept)

      activity =
@ -389,7 +474,7 @@ defmodule Pleroma.Web.StreamerTest do
            )
        )

-      Streamer.get_topic_and_add_socket("public", user)
+      Streamer.get_topic_and_add_socket("public", user, oauth_token)
      Streamer.stream("public", activity)

      assert_receive {:render_with_user, _, _, ^activity}
@ -400,6 +485,7 @@ defmodule Pleroma.Web.StreamerTest do
      Pleroma.Config.put([:instance, :skip_thread_containment], false)
      author = insert(:user)
      user = insert(:user, skip_thread_containment: true)
+      %{token: oauth_token} = oauth_access(["read"], user: user)
      User.follow(user, author, :follow_accept)

      activity =
@ -411,7 +497,7 @@ defmodule Pleroma.Web.StreamerTest do
            )
        )

-      Streamer.get_topic_and_add_socket("public", user)
+      Streamer.get_topic_and_add_socket("public", user, oauth_token)
      Streamer.stream("public", activity)

      assert_receive {:render_with_user, _, _, ^activity}
@ -420,23 +506,26 @@ defmodule Pleroma.Web.StreamerTest do
  end

  describe "blocks" do
-    test "it filters messages involving blocked users" do
-      user = insert(:user)
+    setup do: oauth_access(["read"])
+
+    test "it filters messages involving blocked users", %{user: user, token: oauth_token} do
      blocked_user = insert(:user)
      {:ok, _user_relationship} = User.block(user, blocked_user)

-      Streamer.get_topic_and_add_socket("public", user)
+      Streamer.get_topic_and_add_socket("public", user, oauth_token)
      {:ok, activity} = CommonAPI.post(blocked_user, %{status: "Test"})
      assert_receive {:render_with_user, _, _, ^activity}
      assert Streamer.filtered_by_user?(user, activity)
    end

-    test "it filters messages transitively involving blocked users" do
-      blocker = insert(:user)
+    test "it filters messages transitively involving blocked users", %{
+      user: blocker,
+      token: blocker_token
+    } do
      blockee = insert(:user)
      friend = insert(:user)

-      Streamer.get_topic_and_add_socket("public", blocker)
+      Streamer.get_topic_and_add_socket("public", blocker, blocker_token)

      {:ok, _user_relationship} = User.block(blocker, blockee)

@ -458,8 +547,9 @@ defmodule Pleroma.Web.StreamerTest do
  end

  describe "lists" do
-    test "it doesn't send unwanted DMs to list" do
-      user_a = insert(:user)
+    setup do: oauth_access(["read"])
+
+    test "it doesn't send unwanted DMs to list", %{user: user_a, token: user_a_token} do
      user_b = insert(:user)
      user_c = insert(:user)

@ -468,7 +558,7 @@ defmodule Pleroma.Web.StreamerTest do
      {:ok, list} = List.create("Test", user_a)
      {:ok, list} = List.follow(list, user_b)

-      Streamer.get_topic_and_add_socket("list", user_a, %{"list" => list.id})
+      Streamer.get_topic_and_add_socket("list", user_a, user_a_token, %{"list" => list.id})

      {:ok, _activity} =
        CommonAPI.post(user_b, %{
@ -479,14 +569,13 @@ defmodule Pleroma.Web.StreamerTest do
      refute_receive _
    end

-    test "it doesn't send unwanted private posts to list" do
-      user_a = insert(:user)
+    test "it doesn't send unwanted private posts to list", %{user: user_a, token: user_a_token} do
      user_b = insert(:user)

      {:ok, list} = List.create("Test", user_a)
      {:ok, list} = List.follow(list, user_b)

-      Streamer.get_topic_and_add_socket("list", user_a, %{"list" => list.id})
+      Streamer.get_topic_and_add_socket("list", user_a, user_a_token, %{"list" => list.id})

      {:ok, _activity} =
        CommonAPI.post(user_b, %{
@ -497,8 +586,7 @@ defmodule Pleroma.Web.StreamerTest do
      refute_receive _
    end

-    test "it sends wanted private posts to list" do
-      user_a = insert(:user)
+    test "it sends wanted private posts to list", %{user: user_a, token: user_a_token} do
      user_b = insert(:user)

      {:ok, user_a} = User.follow(user_a, user_b)
@ -506,7 +594,7 @@ defmodule Pleroma.Web.StreamerTest do
      {:ok, list} = List.create("Test", user_a)
      {:ok, list} = List.follow(list, user_b)

-      Streamer.get_topic_and_add_socket("list", user_a, %{"list" => list.id})
+      Streamer.get_topic_and_add_socket("list", user_a, user_a_token, %{"list" => list.id})

      {:ok, activity} =
        CommonAPI.post(user_b, %{
@ -520,8 +608,9 @@ defmodule Pleroma.Web.StreamerTest do
  end

  describe "muted reblogs" do
-    test "it filters muted reblogs" do
-      user1 = insert(:user)
+    setup do: oauth_access(["read"])
+
+    test "it filters muted reblogs", %{user: user1, token: user1_token} do
      user2 = insert(:user)
      user3 = insert(:user)
      CommonAPI.follow(user1, user2)
@ -529,34 +618,38 @@ defmodule Pleroma.Web.StreamerTest do

      {:ok, create_activity} = CommonAPI.post(user3, %{status: "I'm kawen"})

-      Streamer.get_topic_and_add_socket("user", user1)
+      Streamer.get_topic_and_add_socket("user", user1, user1_token)
      {:ok, announce_activity} = CommonAPI.repeat(create_activity.id, user2)
      assert_receive {:render_with_user, _, _, ^announce_activity}
      assert Streamer.filtered_by_user?(user1, announce_activity)
    end

-    test "it filters reblog notification for reblog-muted actors" do
-      user1 = insert(:user)
+    test "it filters reblog notification for reblog-muted actors", %{
+      user: user1,
+      token: user1_token
+    } do
      user2 = insert(:user)
      CommonAPI.follow(user1, user2)
      CommonAPI.hide_reblogs(user1, user2)

      {:ok, create_activity} = CommonAPI.post(user1, %{status: "I'm kawen"})
-      Streamer.get_topic_and_add_socket("user", user1)
+      Streamer.get_topic_and_add_socket("user", user1, user1_token)
      {:ok, _announce_activity} = CommonAPI.repeat(create_activity.id, user2)

      assert_receive {:render_with_user, _, "notification.json", notif}
      assert Streamer.filtered_by_user?(user1, notif)
    end

-    test "it send non-reblog notification for reblog-muted actors" do
-      user1 = insert(:user)
+    test "it send non-reblog notification for reblog-muted actors", %{
+      user: user1,
+      token: user1_token
+    } do
      user2 = insert(:user)
      CommonAPI.follow(user1, user2)
      CommonAPI.hide_reblogs(user1, user2)

      {:ok, create_activity} = CommonAPI.post(user1, %{status: "I'm kawen"})
-      Streamer.get_topic_and_add_socket("user", user1)
+      Streamer.get_topic_and_add_socket("user", user1, user1_token)
      {:ok, _favorite_activity} = CommonAPI.favorite(user2, create_activity.id)

      assert_receive {:render_with_user, _, "notification.json", notif}
@ -564,27 +657,28 @@ defmodule Pleroma.Web.StreamerTest do
    end
  end

-  test "it filters posts from muted threads" do
-    user = insert(:user)
-    user2 = insert(:user)
-    Streamer.get_topic_and_add_socket("user", user2)
-    {:ok, user2, user, _activity} = CommonAPI.follow(user2, user)
-    {:ok, activity} = CommonAPI.post(user, %{status: "super hot take"})
-    {:ok, _} = CommonAPI.add_mute(user2, activity)
-    assert_receive {:render_with_user, _, _, ^activity}
-    assert Streamer.filtered_by_user?(user2, activity)
+  describe "muted threads" do
+    test "it filters posts from muted threads" do
+      user = insert(:user)
+      %{user: user2, token: user2_token} = oauth_access(["read"])
+      Streamer.get_topic_and_add_socket("user", user2, user2_token)
+
+      {:ok, user2, user, _activity} = CommonAPI.follow(user2, user)
+      {:ok, activity} = CommonAPI.post(user, %{status: "super hot take"})
+      {:ok, _} = CommonAPI.add_mute(user2, activity)
+
+      assert_receive {:render_with_user, _, _, ^activity}
+      assert Streamer.filtered_by_user?(user2, activity)
+    end
  end

  describe "direct streams" do
-    setup do
-      :ok
-    end
+    setup do: oauth_access(["read"])

-    test "it sends conversation update to the 'direct' stream", %{} do
-      user = insert(:user)
+    test "it sends conversation update to the 'direct' stream", %{user: user, token: oauth_token} do
      another_user = insert(:user)

-      Streamer.get_topic_and_add_socket("direct", user)
+      Streamer.get_topic_and_add_socket("direct", user, oauth_token)

      {:ok, _create_activity} =
        CommonAPI.post(another_user, %{
@ -602,11 +696,11 @@ defmodule Pleroma.Web.StreamerTest do
      assert last_status["pleroma"]["direct_conversation_id"] == participation.id
    end

-    test "it doesn't send conversation update to the 'direct' stream when the last message in the conversation is deleted" do
-      user = insert(:user)
+    test "it doesn't send conversation update to the 'direct' stream when the last message in the conversation is deleted",
+         %{user: user, token: oauth_token} do
      another_user = insert(:user)

-      Streamer.get_topic_and_add_socket("direct", user)
+      Streamer.get_topic_and_add_socket("direct", user, oauth_token)

      {:ok, create_activity} =
        CommonAPI.post(another_user, %{
@ -629,10 +723,12 @@ defmodule Pleroma.Web.StreamerTest do
      refute_receive _
    end

-    test "it sends conversation update to the 'direct' stream when a message is deleted" do
-      user = insert(:user)
+    test "it sends conversation update to the 'direct' stream when a message is deleted", %{
+      user: user,
+      token: oauth_token
+    } do
      another_user = insert(:user)
-      Streamer.get_topic_and_add_socket("direct", user)
+      Streamer.get_topic_and_add_socket("direct", user, oauth_token)

      {:ok, create_activity} =
        CommonAPI.post(another_user, %{
--- a/test/web/twitter_api/util_controller_test.exs
+++ b/test/web/twitter_api/util_controller_test.exs
@ -21,170 +21,6 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do
  setup do: clear_config([:instance])
  setup do: clear_config([:frontend_configurations, :pleroma_fe])

-  describe "POST /api/pleroma/follow_import" do
-    setup do: oauth_access(["follow"])
-
-    test "it returns HTTP 200", %{conn: conn} do
-      user2 = insert(:user)
-
-      response =
-        conn
-        |> post("/api/pleroma/follow_import", %{"list" => "#{user2.ap_id}"})
-        |> json_response(:ok)
-
-      assert response == "job started"
-    end
-
-    test "it imports follow lists from file", %{user: user1, conn: conn} do
-      user2 = insert(:user)
-
-      with_mocks([
-        {File, [],
-         read!: fn "follow_list.txt" ->
-           "Account address,Show boosts\n#{user2.ap_id},true"
-         end}
-      ]) do
-        response =
-          conn
-          |> post("/api/pleroma/follow_import", %{"list" => %Plug.Upload{path: "follow_list.txt"}})
-          |> json_response(:ok)
-
-        assert response == "job started"
-
-        assert ObanHelpers.member?(
-                 %{
-                   "op" => "follow_import",
-                   "follower_id" => user1.id,
-                   "followed_identifiers" => [user2.ap_id]
-                 },
-                 all_enqueued(worker: Pleroma.Workers.BackgroundWorker)
-               )
-      end
-    end
-
-    test "it imports new-style mastodon follow lists", %{conn: conn} do
-      user2 = insert(:user)
-
-      response =
-        conn
-        |> post("/api/pleroma/follow_import", %{
-          "list" => "Account address,Show boosts\n#{user2.ap_id},true"
-        })
-        |> json_response(:ok)
-
-      assert response == "job started"
-    end
-
-    test "requires 'follow' or 'write:follows' permissions" do
-      token1 = insert(:oauth_token, scopes: ["read", "write"])
-      token2 = insert(:oauth_token, scopes: ["follow"])
-      token3 = insert(:oauth_token, scopes: ["something"])
-      another_user = insert(:user)
-
-      for token <- [token1, token2, token3] do
-        conn =
-          build_conn()
-          |> put_req_header("authorization", "Bearer #{token.token}")
-          |> post("/api/pleroma/follow_import", %{"list" => "#{another_user.ap_id}"})
-
-        if token == token3 do
-          assert %{"error" => "Insufficient permissions: follow | write:follows."} ==
-                   json_response(conn, 403)
-        else
-          assert json_response(conn, 200)
-        end
-      end
-    end
-
-    test "it imports follows with different nickname variations", %{conn: conn} do
-      [user2, user3, user4, user5, user6] = insert_list(5, :user)
-
-      identifiers =
-        [
-          user2.ap_id,
-          user3.nickname,
-          "  ",
-          "@" <> user4.nickname,
-          user5.nickname <> "@localhost",
-          "@" <> user6.nickname <> "@localhost"
-        ]
-        |> Enum.join("\n")
-
-      response =
-        conn
-        |> post("/api/pleroma/follow_import", %{"list" => identifiers})
-        |> json_response(:ok)
-
-      assert response == "job started"
-      assert [{:ok, job_result}] = ObanHelpers.perform_all()
-      assert job_result == [user2, user3, user4, user5, user6]
-    end
-  end
-
-  describe "POST /api/pleroma/blocks_import" do
-    # Note: "follow" or "write:blocks" permission is required
-    setup do: oauth_access(["write:blocks"])
-
-    test "it returns HTTP 200", %{conn: conn} do
-      user2 = insert(:user)
-
-      response =
-        conn
-        |> post("/api/pleroma/blocks_import", %{"list" => "#{user2.ap_id}"})
-        |> json_response(:ok)
-
-      assert response == "job started"
-    end
-
-    test "it imports blocks users from file", %{user: user1, conn: conn} do
-      user2 = insert(:user)
-      user3 = insert(:user)
-
-      with_mocks([
-        {File, [], read!: fn "blocks_list.txt" -> "#{user2.ap_id} #{user3.ap_id}" end}
-      ]) do
-        response =
-          conn
-          |> post("/api/pleroma/blocks_import", %{"list" => %Plug.Upload{path: "blocks_list.txt"}})
-          |> json_response(:ok)
-
-        assert response == "job started"
-
-        assert ObanHelpers.member?(
-                 %{
-                   "op" => "blocks_import",
-                   "blocker_id" => user1.id,
-                   "blocked_identifiers" => [user2.ap_id, user3.ap_id]
-                 },
-                 all_enqueued(worker: Pleroma.Workers.BackgroundWorker)
-               )
-      end
-    end
-
-    test "it imports blocks with different nickname variations", %{conn: conn} do
-      [user2, user3, user4, user5, user6] = insert_list(5, :user)
-
-      identifiers =
-        [
-          user2.ap_id,
-          user3.nickname,
-          "@" <> user4.nickname,
-          user5.nickname <> "@localhost",
-          "@" <> user6.nickname <> "@localhost"
-        ]
-        |> Enum.join(" ")
-
-      response =
-        conn
-        |> post("/api/pleroma/blocks_import", %{"list" => identifiers})
-        |> json_response(:ok)
-
-      assert response == "job started"
-      assert [{:ok, job_result}] = ObanHelpers.perform_all()
-      assert job_result == [user2, user3, user4, user5, user6]
-    end
-  end
-
  describe "PUT /api/pleroma/notification_settings" do
    setup do: oauth_access(["write:accounts"])