Resolve merge conflicts

2019-07-20 22:04:47 +03:00 · 2019-07-20 22:04:47 +03:00 · 196cad46f3
commit 196cad46f3
parent c3ecaea64d fe548f322e
114 changed files with 3178 additions and 914 deletions
--- a/test/web/activity_pub/activity_pub_controller_test.exs
+++ b/test/web/activity_pub/activity_pub_controller_test.exs
@ -48,6 +48,17 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
    end
  end

+  describe "/internal/fetch" do
+    test "it returns the internal fetch user", %{conn: conn} do
+      res =
+        conn
+        |> get(activity_pub_path(conn, :internal_fetch))
+        |> json_response(200)
+
+      assert res["id"] =~ "/fetch"
+    end
+  end
+
  describe "/users/:nickname" do
    test "it returns a json representation of the user with accept application/json", %{
      conn: conn
--- a/test/web/activity_pub/activity_pub_test.exs
+++ b/test/web/activity_pub/activity_pub_test.exs
@ -1190,6 +1190,21 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
    end
  end

+  test "fetch_activities/2 returns activities addressed to a list " do
+    user = insert(:user)
+    member = insert(:user)
+    {:ok, list} = Pleroma.List.create("foo", user)
+    {:ok, list} = Pleroma.List.follow(list, member)
+
+    {:ok, activity} =
+      CommonAPI.post(user, %{"status" => "foobar", "visibility" => "list:#{list.id}"})
+
+    activity = Repo.preload(activity, :bookmark)
+    activity = %Activity{activity | thread_muted?: !!activity.thread_muted?}
+
+    assert ActivityPub.fetch_activities([], %{"user" => user}) == [activity]
+  end
+
  def data_uri do
    File.read!("test/fixtures/avatar_data_uri")
  end
--- a/test/web/activity_pub/mrf/mention_policy_test.exs
+++ b/test/web/activity_pub/mrf/mention_policy_test.exs
@ -0,0 +1,92 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.ActivityPub.MRF.MentionPolicyTest do
+  use Pleroma.DataCase
+
+  alias Pleroma.Web.ActivityPub.MRF.MentionPolicy
+
+  test "pass filter if allow list is empty" do
+    Pleroma.Config.delete([:mrf_mention])
+
+    message = %{
+      "type" => "Create",
+      "to" => ["https://example.com/ok"],
+      "cc" => ["https://example.com/blocked"]
+    }
+
+    assert MentionPolicy.filter(message) == {:ok, message}
+  end
+
+  describe "allow" do
+    test "empty" do
+      Pleroma.Config.put([:mrf_mention], %{actors: ["https://example.com/blocked"]})
+
+      message = %{
+        "type" => "Create"
+      }
+
+      assert MentionPolicy.filter(message) == {:ok, message}
+    end
+
+    test "to" do
+      Pleroma.Config.put([:mrf_mention], %{actors: ["https://example.com/blocked"]})
+
+      message = %{
+        "type" => "Create",
+        "to" => ["https://example.com/ok"]
+      }
+
+      assert MentionPolicy.filter(message) == {:ok, message}
+    end
+
+    test "cc" do
+      Pleroma.Config.put([:mrf_mention], %{actors: ["https://example.com/blocked"]})
+
+      message = %{
+        "type" => "Create",
+        "cc" => ["https://example.com/ok"]
+      }
+
+      assert MentionPolicy.filter(message) == {:ok, message}
+    end
+
+    test "both" do
+      Pleroma.Config.put([:mrf_mention], %{actors: ["https://example.com/blocked"]})
+
+      message = %{
+        "type" => "Create",
+        "to" => ["https://example.com/ok"],
+        "cc" => ["https://example.com/ok2"]
+      }
+
+      assert MentionPolicy.filter(message) == {:ok, message}
+    end
+  end
+
+  describe "deny" do
+    test "to" do
+      Pleroma.Config.put([:mrf_mention], %{actors: ["https://example.com/blocked"]})
+
+      message = %{
+        "type" => "Create",
+        "to" => ["https://example.com/blocked"]
+      }
+
+      assert MentionPolicy.filter(message) == {:reject, nil}
+    end
+
+    test "cc" do
+      Pleroma.Config.put([:mrf_mention], %{actors: ["https://example.com/blocked"]})
+
+      message = %{
+        "type" => "Create",
+        "to" => ["https://example.com/ok"],
+        "cc" => ["https://example.com/blocked"]
+      }
+
+      assert MentionPolicy.filter(message) == {:reject, nil}
+    end
+  end
+end
--- a/test/web/activity_pub/transmogrifier_test.exs
+++ b/test/web/activity_pub/transmogrifier_test.exs
@ -416,6 +416,7 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do
        |> Map.put("attributedTo", user.ap_id)
        |> Map.put("to", ["https://www.w3.org/ns/activitystreams#Public"])
        |> Map.put("cc", [])
+        |> Map.put("id", user.ap_id <> "/activities/12345678")

      data = Map.put(data, "object", object)

@ -439,6 +440,7 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do
        |> Map.put("attributedTo", user.ap_id)
        |> Map.put("to", nil)
        |> Map.put("cc", nil)
+        |> Map.put("id", user.ap_id <> "/activities/12345678")

      data = Map.put(data, "object", object)

@ -1096,6 +1098,18 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do

      assert modified["directMessage"] == true
    end
+
+    test "it strips BCC field" do
+      user = insert(:user)
+      {:ok, list} = Pleroma.List.create("foo", user)
+
+      {:ok, activity} =
+        CommonAPI.post(user, %{"status" => "foobar", "visibility" => "list:#{list.id}"})
+
+      {:ok, modified} = Transmogrifier.prepare_outgoing(activity.data)
+
+      assert is_nil(modified["bcc"])
+    end
  end

  describe "user upgrade" do
--- a/test/web/activity_pub/visibilty_test.exs
+++ b/test/web/activity_pub/visibilty_test.exs
@ -16,6 +16,9 @@ defmodule Pleroma.Web.ActivityPub.VisibilityTest do
    following = insert(:user)
    unrelated = insert(:user)
    {:ok, following} = Pleroma.User.follow(following, user)
+    {:ok, list} = Pleroma.List.create("foo", user)
+
+    Pleroma.List.follow(list, unrelated)

    {:ok, public} =
      CommonAPI.post(user, %{"status" => "@#{mentioned.nickname}", "visibility" => "public"})
@ -29,6 +32,12 @@ defmodule Pleroma.Web.ActivityPub.VisibilityTest do
    {:ok, unlisted} =
      CommonAPI.post(user, %{"status" => "@#{mentioned.nickname}", "visibility" => "unlisted"})

+    {:ok, list} =
+      CommonAPI.post(user, %{
+        "status" => "@#{mentioned.nickname}",
+        "visibility" => "list:#{list.id}"
+      })
+
    %{
      public: public,
      private: private,
@ -37,29 +46,65 @@ defmodule Pleroma.Web.ActivityPub.VisibilityTest do
      user: user,
      mentioned: mentioned,
      following: following,
-      unrelated: unrelated
+      unrelated: unrelated,
+      list: list
    }
  end

-  test "is_direct?", %{public: public, private: private, direct: direct, unlisted: unlisted} do
+  test "is_direct?", %{
+    public: public,
+    private: private,
+    direct: direct,
+    unlisted: unlisted,
+    list: list
+  } do
    assert Visibility.is_direct?(direct)
    refute Visibility.is_direct?(public)
    refute Visibility.is_direct?(private)
    refute Visibility.is_direct?(unlisted)
+    assert Visibility.is_direct?(list)
  end

-  test "is_public?", %{public: public, private: private, direct: direct, unlisted: unlisted} do
+  test "is_public?", %{
+    public: public,
+    private: private,
+    direct: direct,
+    unlisted: unlisted,
+    list: list
+  } do
    refute Visibility.is_public?(direct)
    assert Visibility.is_public?(public)
    refute Visibility.is_public?(private)
    assert Visibility.is_public?(unlisted)
+    refute Visibility.is_public?(list)
  end

-  test "is_private?", %{public: public, private: private, direct: direct, unlisted: unlisted} do
+  test "is_private?", %{
+    public: public,
+    private: private,
+    direct: direct,
+    unlisted: unlisted,
+    list: list
+  } do
    refute Visibility.is_private?(direct)
    refute Visibility.is_private?(public)
    assert Visibility.is_private?(private)
    refute Visibility.is_private?(unlisted)
+    refute Visibility.is_private?(list)
+  end
+
+  test "is_list?", %{
+    public: public,
+    private: private,
+    direct: direct,
+    unlisted: unlisted,
+    list: list
+  } do
+    refute Visibility.is_list?(direct)
+    refute Visibility.is_list?(public)
+    refute Visibility.is_list?(private)
+    refute Visibility.is_list?(unlisted)
+    assert Visibility.is_list?(list)
  end

  test "visible_for_user?", %{
@ -70,7 +115,8 @@ defmodule Pleroma.Web.ActivityPub.VisibilityTest do
    user: user,
    mentioned: mentioned,
    following: following,
-    unrelated: unrelated
+    unrelated: unrelated,
+    list: list
  } do
    # All visible to author

@ -78,6 +124,7 @@ defmodule Pleroma.Web.ActivityPub.VisibilityTest do
    assert Visibility.visible_for_user?(private, user)
    assert Visibility.visible_for_user?(unlisted, user)
    assert Visibility.visible_for_user?(direct, user)
+    assert Visibility.visible_for_user?(list, user)

    # All visible to a mentioned user

@ -85,6 +132,7 @@ defmodule Pleroma.Web.ActivityPub.VisibilityTest do
    assert Visibility.visible_for_user?(private, mentioned)
    assert Visibility.visible_for_user?(unlisted, mentioned)
    assert Visibility.visible_for_user?(direct, mentioned)
+    assert Visibility.visible_for_user?(list, mentioned)

    # DM not visible for just follower

@ -92,6 +140,7 @@ defmodule Pleroma.Web.ActivityPub.VisibilityTest do
    assert Visibility.visible_for_user?(private, following)
    assert Visibility.visible_for_user?(unlisted, following)
    refute Visibility.visible_for_user?(direct, following)
+    refute Visibility.visible_for_user?(list, following)

    # Public and unlisted visible for unrelated user

@ -99,6 +148,9 @@ defmodule Pleroma.Web.ActivityPub.VisibilityTest do
    assert Visibility.visible_for_user?(unlisted, unrelated)
    refute Visibility.visible_for_user?(private, unrelated)
    refute Visibility.visible_for_user?(direct, unrelated)
+
+    # Visible for a list member
+    assert Visibility.visible_for_user?(list, unrelated)
  end

  test "doesn't die when the user doesn't exist",
@ -115,18 +167,24 @@ defmodule Pleroma.Web.ActivityPub.VisibilityTest do
    public: public,
    private: private,
    direct: direct,
-    unlisted: unlisted
+    unlisted: unlisted,
+    list: list
  } do
    assert Visibility.get_visibility(public) == "public"
    assert Visibility.get_visibility(private) == "private"
    assert Visibility.get_visibility(direct) == "direct"
    assert Visibility.get_visibility(unlisted) == "unlisted"
+    assert Visibility.get_visibility(list) == "list"
  end

  test "get_visibility with directMessage flag" do
    assert Visibility.get_visibility(%{data: %{"directMessage" => true}}) == "direct"
  end

+  test "get_visibility with listMessage flag" do
+    assert Visibility.get_visibility(%{data: %{"listMessage" => ""}}) == "list"
+  end
+
  describe "entire_thread_visible_for_user?/2" do
    test "returns false if not found activity", %{user: user} do
      refute Visibility.entire_thread_visible_for_user?(%Activity{}, user)
--- a/test/web/admin_api/admin_api_controller_test.exs
+++ b/test/web/admin_api/admin_api_controller_test.exs
@ -1720,7 +1720,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
          configs: [
            %{
              "group" => "pleroma",
-              "key" => "key1",
+              "key" => ":key1",
              "value" => [
                %{"tuple" => [":key2", "some_val"]},
                %{
@ -1750,7 +1750,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                 "configs" => [
                   %{
                     "group" => "pleroma",
-                     "key" => "key1",
+                     "key" => ":key1",
                     "value" => [
                       %{"tuple" => [":key2", "some_val"]},
                       %{
@ -1782,7 +1782,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
          configs: [
            %{
              "group" => "pleroma",
-              "key" => "key1",
+              "key" => ":key1",
              "value" => %{"key" => "some_val"}
            }
          ]
@ -1793,7 +1793,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                 "configs" => [
                   %{
                     "group" => "pleroma",
-                     "key" => "key1",
+                     "key" => ":key1",
                     "value" => %{"key" => "some_val"}
                   }
                 ]
@ -1862,6 +1862,45 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
               ]
             }
    end
+
+    test "queues key as atom", %{conn: conn} do
+      conn =
+        post(conn, "/api/pleroma/admin/config", %{
+          configs: [
+            %{
+              "group" => "pleroma_job_queue",
+              "key" => ":queues",
+              "value" => [
+                %{"tuple" => [":federator_incoming", 50]},
+                %{"tuple" => [":federator_outgoing", 50]},
+                %{"tuple" => [":web_push", 50]},
+                %{"tuple" => [":mailer", 10]},
+                %{"tuple" => [":transmogrifier", 20]},
+                %{"tuple" => [":scheduled_activities", 10]},
+                %{"tuple" => [":background", 5]}
+              ]
+            }
+          ]
+        })
+
+      assert json_response(conn, 200) == %{
+               "configs" => [
+                 %{
+                   "group" => "pleroma_job_queue",
+                   "key" => ":queues",
+                   "value" => [
+                     %{"tuple" => [":federator_incoming", 50]},
+                     %{"tuple" => [":federator_outgoing", 50]},
+                     %{"tuple" => [":web_push", 50]},
+                     %{"tuple" => [":mailer", 10]},
+                     %{"tuple" => [":transmogrifier", 20]},
+                     %{"tuple" => [":scheduled_activities", 10]},
+                     %{"tuple" => [":background", 5]}
+                   ]
+                 }
+               ]
+             }
+    end
  end
 end

--- a/test/web/common_api/common_api_test.exs
+++ b/test/web/common_api/common_api_test.exs
@ -129,6 +129,37 @@ defmodule Pleroma.Web.CommonAPITest do
                 })
      end)
    end
+
+    test "it allows to address a list" do
+      user = insert(:user)
+      {:ok, list} = Pleroma.List.create("foo", user)
+
+      {:ok, activity} =
+        CommonAPI.post(user, %{"status" => "foobar", "visibility" => "list:#{list.id}"})
+
+      assert activity.data["bcc"] == [list.ap_id]
+      assert activity.recipients == [list.ap_id, user.ap_id]
+      assert activity.data["listMessage"] == list.ap_id
+    end
+
+    test "it returns error when status is empty and no attachments" do
+      user = insert(:user)
+
+      assert {:error, "Cannot post an empty status without attachments"} =
+               CommonAPI.post(user, %{"status" => ""})
+    end
+
+    test "it returns error when character limit is exceeded" do
+      limit = Pleroma.Config.get([:instance, :limit])
+      Pleroma.Config.put([:instance, :limit], 5)
+
+      user = insert(:user)
+
+      assert {:error, "The status is over the character limit"} =
+               CommonAPI.post(user, %{"status" => "foobar"})
+
+      Pleroma.Config.put([:instance, :limit], limit)
+    end
  end

  describe "reactions" do
@ -346,6 +377,20 @@ defmodule Pleroma.Web.CommonAPITest do
    end
  end

+  describe "unfollow/2" do
+    test "also unsubscribes a user" do
+      [follower, followed] = insert_pair(:user)
+      {:ok, follower, followed, _} = CommonAPI.follow(follower, followed)
+      {:ok, followed} = User.subscribe(follower, followed)
+
+      assert User.subscribed_to?(follower, followed)
+
+      {:ok, follower} = CommonAPI.unfollow(follower, followed)
+
+      refute User.subscribed_to?(follower, followed)
+    end
+  end
+
  describe "accept_follow_request/2" do
    test "after acceptance, it sets all existing pending follow request states to 'accept'" do
      user = insert(:user, info: %{locked: true})
@ -387,4 +432,23 @@ defmodule Pleroma.Web.CommonAPITest do
      assert Repo.get(Activity, follow_activity_three.id).data["state"] == "pending"
    end
  end
+
+  describe "vote/3" do
+    test "does not allow to vote twice" do
+      user = insert(:user)
+      other_user = insert(:user)
+
+      {:ok, activity} =
+        CommonAPI.post(user, %{
+          "status" => "Am I cute?",
+          "poll" => %{"options" => ["Yes", "No"], "expires_in" => 20}
+        })
+
+      object = Object.normalize(activity)
+
+      {:ok, _, object} = CommonAPI.vote(other_user, object, [0])
+
+      assert {:error, "Already voted"} == CommonAPI.vote(other_user, object, [1])
+    end
+  end
 end
--- a/test/web/common_api/common_api_utils_test.exs
+++ b/test/web/common_api/common_api_utils_test.exs
@ -10,6 +10,7 @@ defmodule Pleroma.Web.CommonAPI.UtilsTest do
  alias Pleroma.Web.Endpoint
  use Pleroma.DataCase

+  import ExUnit.CaptureLog
  import Pleroma.Factory

  @public_address "https://www.w3.org/ns/activitystreams#Public"
@ -202,7 +203,9 @@ defmodule Pleroma.Web.CommonAPI.UtilsTest do

      expected = ""

-      assert Utils.date_to_asctime(date) == expected
+      assert capture_log(fn ->
+               assert Utils.date_to_asctime(date) == expected
+             end) =~ "[warn] Date #{date} in wrong format, must be ISO 8601"
    end

    test "when date is a Unix timestamp" do
@ -210,13 +213,23 @@ defmodule Pleroma.Web.CommonAPI.UtilsTest do

      expected = ""

-      assert Utils.date_to_asctime(date) == expected
+      assert capture_log(fn ->
+               assert Utils.date_to_asctime(date) == expected
+             end) =~ "[warn] Date #{date} in wrong format, must be ISO 8601"
    end

    test "when date is nil" do
      expected = ""

-      assert Utils.date_to_asctime(nil) == expected
+      assert capture_log(fn ->
+               assert Utils.date_to_asctime(nil) == expected
+             end) =~ "[warn] Date  in wrong format, must be ISO 8601"
+    end
+
+    test "when date is a random string" do
+      assert capture_log(fn ->
+               assert Utils.date_to_asctime("foo") == ""
+             end) =~ "[warn] Date foo in wrong format, must be ISO 8601"
    end
  end

--- a/test/web/mastodon_api/account_view_test.exs
+++ b/test/web/mastodon_api/account_view_test.exs
@ -6,6 +6,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
  use Pleroma.DataCase
  import Pleroma.Factory
  alias Pleroma.User
+  alias Pleroma.Web.CommonAPI
  alias Pleroma.Web.MastodonAPI.AccountView

  test "Represent a user account" do
@ -152,6 +153,13 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
    assert expected == AccountView.render("account.json", %{user: user})
  end

+  test "Represent a deactivated user for an admin" do
+    admin = insert(:user, %{info: %{is_admin: true}})
+    deactivated_user = insert(:user, %{info: %{deactivated: true}})
+    represented = AccountView.render("account.json", %{user: deactivated_user, for: admin})
+    assert represented[:pleroma][:deactivated] == true
+  end
+
  test "Represent a smaller mention" do
    user = insert(:user)

@ -165,28 +173,90 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
    assert expected == AccountView.render("mention.json", %{user: user})
  end

-  test "represent a relationship" do
-    user = insert(:user)
-    other_user = insert(:user)
+  describe "relationship" do
+    test "represent a relationship for the following and followed user" do
+      user = insert(:user)
+      other_user = insert(:user)

-    {:ok, user} = User.follow(user, other_user)
-    {:ok, user} = User.block(user, other_user)
+      {:ok, user} = User.follow(user, other_user)
+      {:ok, other_user} = User.follow(other_user, user)
+      {:ok, other_user} = User.subscribe(user, other_user)
+      {:ok, user} = User.mute(user, other_user, true)
+      {:ok, user} = CommonAPI.hide_reblogs(user, other_user)

-    expected = %{
-      id: to_string(other_user.id),
-      following: false,
-      followed_by: false,
-      blocking: true,
-      muting: false,
-      muting_notifications: false,
-      subscribing: false,
-      requested: false,
-      domain_blocking: false,
-      showing_reblogs: true,
-      endorsed: false
-    }
+      expected = %{
+        id: to_string(other_user.id),
+        following: true,
+        followed_by: true,
+        blocking: false,
+        blocked_by: false,
+        muting: true,
+        muting_notifications: true,
+        subscribing: true,
+        requested: false,
+        domain_blocking: false,
+        showing_reblogs: false,
+        endorsed: false
+      }

-    assert expected == AccountView.render("relationship.json", %{user: user, target: other_user})
+      assert expected ==
+               AccountView.render("relationship.json", %{user: user, target: other_user})
+    end
+
+    test "represent a relationship for the blocking and blocked user" do
+      user = insert(:user)
+      other_user = insert(:user)
+
+      {:ok, user} = User.follow(user, other_user)
+      {:ok, other_user} = User.subscribe(user, other_user)
+      {:ok, user} = User.block(user, other_user)
+      {:ok, other_user} = User.block(other_user, user)
+
+      expected = %{
+        id: to_string(other_user.id),
+        following: false,
+        followed_by: false,
+        blocking: true,
+        blocked_by: true,
+        muting: false,
+        muting_notifications: false,
+        subscribing: false,
+        requested: false,
+        domain_blocking: false,
+        showing_reblogs: true,
+        endorsed: false
+      }
+
+      assert expected ==
+               AccountView.render("relationship.json", %{user: user, target: other_user})
+    end
+
+    test "represent a relationship for the user with a pending follow request" do
+      user = insert(:user)
+      other_user = insert(:user, %{info: %User.Info{locked: true}})
+
+      {:ok, user, other_user, _} = CommonAPI.follow(user, other_user)
+      user = User.get_cached_by_id(user.id)
+      other_user = User.get_cached_by_id(other_user.id)
+
+      expected = %{
+        id: to_string(other_user.id),
+        following: false,
+        followed_by: false,
+        blocking: false,
+        blocked_by: false,
+        muting: false,
+        muting_notifications: false,
+        subscribing: false,
+        requested: true,
+        domain_blocking: false,
+        showing_reblogs: true,
+        endorsed: false
+      }
+
+      assert expected ==
+               AccountView.render("relationship.json", %{user: user, target: other_user})
+    end
  end

  test "represent an embedded relationship" do
@ -240,6 +310,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
          following: false,
          followed_by: false,
          blocking: true,
+          blocked_by: false,
          subscribing: false,
          muting: false,
          muting_notifications: false,
--- a/test/web/mastodon_api/mastodon_api_controller_test.exs
+++ b/test/web/mastodon_api/mastodon_api_controller_test.exs
@ -23,6 +23,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
  import Pleroma.Factory
  import ExUnit.CaptureLog
  import Tesla.Mock
+  import Swoosh.TestAssertions

  @image "data:image/gif;base64,R0lGODlhEAAQAMQAAORHHOVSKudfOulrSOp3WOyDZu6QdvCchPGolfO0o/XBs/fNwfjZ0frl3/zy7////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAkAABAALAAAAAAQABAAAAVVICSOZGlCQAosJ6mu7fiyZeKqNKToQGDsM8hBADgUXoGAiqhSvp5QAnQKGIgUhwFUYLCVDFCrKUE1lBavAViFIDlTImbKC5Gm2hB0SlBCBMQiB0UjIQA7"

@ -35,7 +36,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
    user = insert(:user)
    following = insert(:user)

-    {:ok, _activity} = TwitterAPI.create_status(following, %{"status" => "test"})
+    {:ok, _activity} = CommonAPI.post(following, %{"status" => "test"})

    conn =
      conn
@ -58,7 +59,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
    following = insert(:user)

    capture_log(fn ->
-      {:ok, _activity} = TwitterAPI.create_status(following, %{"status" => "test"})
+      {:ok, _activity} = CommonAPI.post(following, %{"status" => "test"})

      {:ok, [_activity]} =
        OStatus.fetch_activity_from_url("https://shitposter.club/notice/2827873")
@ -1004,8 +1005,8 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
    test "list timeline", %{conn: conn} do
      user = insert(:user)
      other_user = insert(:user)
-      {:ok, _activity_one} = TwitterAPI.create_status(user, %{"status" => "Marisa is cute."})
-      {:ok, activity_two} = TwitterAPI.create_status(other_user, %{"status" => "Marisa is cute."})
+      {:ok, _activity_one} = CommonAPI.post(user, %{"status" => "Marisa is cute."})
+      {:ok, activity_two} = CommonAPI.post(other_user, %{"status" => "Marisa is cute."})
      {:ok, list} = Pleroma.List.create("name", user)
      {:ok, list} = Pleroma.List.follow(list, other_user)

@ -1022,10 +1023,10 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
    test "list timeline does not leak non-public statuses for unfollowed users", %{conn: conn} do
      user = insert(:user)
      other_user = insert(:user)
-      {:ok, activity_one} = TwitterAPI.create_status(other_user, %{"status" => "Marisa is cute."})
+      {:ok, activity_one} = CommonAPI.post(other_user, %{"status" => "Marisa is cute."})

      {:ok, _activity_two} =
-        TwitterAPI.create_status(other_user, %{
+        CommonAPI.post(other_user, %{
          "status" => "Marisa is cute.",
          "visibility" => "private"
        })
@ -1049,8 +1050,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
      user = insert(:user)
      other_user = insert(:user)

-      {:ok, activity} =
-        TwitterAPI.create_status(other_user, %{"status" => "hi @#{user.nickname}"})
+      {:ok, activity} = CommonAPI.post(other_user, %{"status" => "hi @#{user.nickname}"})

      {:ok, [_notification]} = Notification.create_notifications(activity)

@ -1072,8 +1072,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
      user = insert(:user)
      other_user = insert(:user)

-      {:ok, activity} =
-        TwitterAPI.create_status(other_user, %{"status" => "hi @#{user.nickname}"})
+      {:ok, activity} = CommonAPI.post(other_user, %{"status" => "hi @#{user.nickname}"})

      {:ok, [notification]} = Notification.create_notifications(activity)

@ -1095,8 +1094,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
      user = insert(:user)
      other_user = insert(:user)

-      {:ok, activity} =
-        TwitterAPI.create_status(other_user, %{"status" => "hi @#{user.nickname}"})
+      {:ok, activity} = CommonAPI.post(other_user, %{"status" => "hi @#{user.nickname}"})

      {:ok, [notification]} = Notification.create_notifications(activity)

@ -1112,8 +1110,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
      user = insert(:user)
      other_user = insert(:user)

-      {:ok, activity} =
-        TwitterAPI.create_status(other_user, %{"status" => "hi @#{user.nickname}"})
+      {:ok, activity} = CommonAPI.post(other_user, %{"status" => "hi @#{user.nickname}"})

      {:ok, [_notification]} = Notification.create_notifications(activity)

@ -1274,6 +1271,71 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
      result = json_response(conn_res, 200)
      assert [%{"id" => ^notification4_id}, %{"id" => ^notification3_id}] = result
    end
+
+    test "doesn't see notifications after muting user with notifications", %{conn: conn} do
+      user = insert(:user)
+      user2 = insert(:user)
+
+      {:ok, _, _, _} = CommonAPI.follow(user, user2)
+      {:ok, _} = CommonAPI.post(user2, %{"status" => "hey @#{user.nickname}"})
+
+      conn = assign(conn, :user, user)
+
+      conn = get(conn, "/api/v1/notifications")
+
+      assert length(json_response(conn, 200)) == 1
+
+      {:ok, user} = User.mute(user, user2)
+
+      conn = assign(build_conn(), :user, user)
+      conn = get(conn, "/api/v1/notifications")
+
+      assert json_response(conn, 200) == []
+    end
+
+    test "see notifications after muting user without notifications", %{conn: conn} do
+      user = insert(:user)
+      user2 = insert(:user)
+
+      {:ok, _, _, _} = CommonAPI.follow(user, user2)
+      {:ok, _} = CommonAPI.post(user2, %{"status" => "hey @#{user.nickname}"})
+
+      conn = assign(conn, :user, user)
+
+      conn = get(conn, "/api/v1/notifications")
+
+      assert length(json_response(conn, 200)) == 1
+
+      {:ok, user} = User.mute(user, user2, false)
+
+      conn = assign(build_conn(), :user, user)
+      conn = get(conn, "/api/v1/notifications")
+
+      assert length(json_response(conn, 200)) == 1
+    end
+
+    test "see notifications after muting user with notifications and with_muted parameter", %{
+      conn: conn
+    } do
+      user = insert(:user)
+      user2 = insert(:user)
+
+      {:ok, _, _, _} = CommonAPI.follow(user, user2)
+      {:ok, _} = CommonAPI.post(user2, %{"status" => "hey @#{user.nickname}"})
+
+      conn = assign(conn, :user, user)
+
+      conn = get(conn, "/api/v1/notifications")
+
+      assert length(json_response(conn, 200)) == 1
+
+      {:ok, user} = User.mute(user, user2)
+
+      conn = assign(build_conn(), :user, user)
+      conn = get(conn, "/api/v1/notifications", %{"with_muted" => "true"})
+
+      assert length(json_response(conn, 200)) == 1
+    end
  end

  describe "reblogging" do
@ -1330,6 +1392,17 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do

      assert to_string(activity.id) == id
    end
+
+    test "returns 400 error when activity is not exist", %{conn: conn} do
+      user = insert(:user)
+
+      conn =
+        conn
+        |> assign(:user, user)
+        |> post("/api/v1/statuses/foo/reblog")
+
+      assert json_response(conn, 400) == %{"error" => "Could not repeat"}
+    end
  end

  describe "unreblogging" do
@ -1348,6 +1421,17 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do

      assert to_string(activity.id) == id
    end
+
+    test "returns 400 error when activity is not exist", %{conn: conn} do
+      user = insert(:user)
+
+      conn =
+        conn
+        |> assign(:user, user)
+        |> post("/api/v1/statuses/foo/unreblog")
+
+      assert json_response(conn, 400) == %{"error" => "Could not unrepeat"}
+    end
  end

  describe "favoriting" do
@ -1366,16 +1450,15 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
      assert to_string(activity.id) == id
    end

-    test "returns 500 for a wrong id", %{conn: conn} do
+    test "returns 400 error for a wrong id", %{conn: conn} do
      user = insert(:user)

-      resp =
+      conn =
        conn
        |> assign(:user, user)
        |> post("/api/v1/statuses/1/favourite")
-        |> json_response(500)

-      assert resp == "Something went wrong"
+      assert json_response(conn, 400) == %{"error" => "Could not favorite"}
    end
  end

@ -1396,6 +1479,17 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do

      assert to_string(activity.id) == id
    end
+
+    test "returns 400 error for a wrong id", %{conn: conn} do
+      user = insert(:user)
+
+      conn =
+        conn
+        |> assign(:user, user)
+        |> post("/api/v1/statuses/1/unfavourite")
+
+      assert json_response(conn, 400) == %{"error" => "Could not unfavorite"}
+    end
  end

  describe "user timelines" do
@ -1466,10 +1560,10 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do

      media =
        TwitterAPI.upload(file, user, "json")
-        |> Poison.decode!()
+        |> Jason.decode!()

      {:ok, image_post} =
-        TwitterAPI.create_status(user, %{"status" => "cofe", "media_ids" => [media["media_id"]]})
+        CommonAPI.post(user, %{"status" => "cofe", "media_ids" => [media["media_id"]]})

      conn =
        conn
@ -1792,7 +1886,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
    following = insert(:user)

    capture_log(fn ->
-      {:ok, activity} = TwitterAPI.create_status(following, %{"status" => "test #2hu"})
+      {:ok, activity} = CommonAPI.post(following, %{"status" => "test #2hu"})

      {:ok, [_activity]} =
        OStatus.fetch_activity_from_url("https://shitposter.club/notice/2827873")
@ -2105,25 +2199,52 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
    assert %{"error" => "Record not found"} = json_response(conn_res, 404)
  end

-  test "muting / unmuting a user", %{conn: conn} do
-    user = insert(:user)
-    other_user = insert(:user)
+  describe "mute/unmute" do
+    test "with notifications", %{conn: conn} do
+      user = insert(:user)
+      other_user = insert(:user)

-    conn =
-      conn
-      |> assign(:user, user)
-      |> post("/api/v1/accounts/#{other_user.id}/mute")
+      conn =
+        conn
+        |> assign(:user, user)
+        |> post("/api/v1/accounts/#{other_user.id}/mute")

-    assert %{"id" => _id, "muting" => true} = json_response(conn, 200)
+      response = json_response(conn, 200)

-    user = User.get_cached_by_id(user.id)
+      assert %{"id" => _id, "muting" => true, "muting_notifications" => true} = response
+      user = User.get_cached_by_id(user.id)

-    conn =
-      build_conn()
-      |> assign(:user, user)
-      |> post("/api/v1/accounts/#{other_user.id}/unmute")
+      conn =
+        build_conn()
+        |> assign(:user, user)
+        |> post("/api/v1/accounts/#{other_user.id}/unmute")

-    assert %{"id" => _id, "muting" => false} = json_response(conn, 200)
+      response = json_response(conn, 200)
+      assert %{"id" => _id, "muting" => false, "muting_notifications" => false} = response
+    end
+
+    test "without notifications", %{conn: conn} do
+      user = insert(:user)
+      other_user = insert(:user)
+
+      conn =
+        conn
+        |> assign(:user, user)
+        |> post("/api/v1/accounts/#{other_user.id}/mute", %{"notifications" => "false"})
+
+      response = json_response(conn, 200)
+
+      assert %{"id" => _id, "muting" => true, "muting_notifications" => false} = response
+      user = User.get_cached_by_id(user.id)
+
+      conn =
+        build_conn()
+        |> assign(:user, user)
+        |> post("/api/v1/accounts/#{other_user.id}/unmute")
+
+      response = json_response(conn, 200)
+      assert %{"id" => _id, "muting" => false, "muting_notifications" => false} = response
+    end
  end

  test "subscribing / unsubscribing to a user", %{conn: conn} do
@ -2524,7 +2645,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
    insert(:user, %{local: false, nickname: "u@peer1.com"})
    insert(:user, %{local: false, nickname: "u@peer2.com"})

-    {:ok, _} = TwitterAPI.create_status(user, %{"status" => "cofe"})
+    {:ok, _} = CommonAPI.post(user, %{"status" => "cofe"})

    # Stats should count users with missing or nil `info.deactivated` value
    user = User.get_cached_by_id(user.id)
@ -2617,6 +2738,17 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
               |> json_response(200)
    end

+    test "/pin: returns 400 error when activity is not public", %{conn: conn, user: user} do
+      {:ok, dm} = CommonAPI.post(user, %{"status" => "test", "visibility" => "direct"})
+
+      conn =
+        conn
+        |> assign(:user, user)
+        |> post("/api/v1/statuses/#{dm.id}/pin")
+
+      assert json_response(conn, 400) == %{"error" => "Could not pin"}
+    end
+
    test "unpin status", %{conn: conn, user: user, activity: activity} do
      {:ok, _} = CommonAPI.pin(activity.id, user)

@ -2636,6 +2768,15 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
               |> json_response(200)
    end

+    test "/unpin: returns 400 error when activity is not exist", %{conn: conn, user: user} do
+      conn =
+        conn
+        |> assign(:user, user)
+        |> post("/api/v1/statuses/1/unpin")
+
+      assert json_response(conn, 400) == %{"error" => "Could not unpin"}
+    end
+
    test "max pinned statuses", %{conn: conn, user: user, activity: activity_one} do
      {:ok, activity_two} = CommonAPI.post(user, %{"status" => "HI!!!"})

@ -2810,6 +2951,17 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
               |> json_response(200)
    end

+    test "cannot mute already muted conversation", %{conn: conn, user: user, activity: activity} do
+      {:ok, _} = CommonAPI.add_mute(user, activity)
+
+      conn =
+        conn
+        |> assign(:user, user)
+        |> post("/api/v1/statuses/#{activity.id}/mute")
+
+      assert json_response(conn, 400) == %{"error" => "conversation is already muted"}
+    end
+
    test "unmute conversation", %{conn: conn, user: user, activity: activity} do
      {:ok, _} = CommonAPI.add_mute(user, activity)

@ -2854,7 +3006,8 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
               |> post("/api/v1/reports", %{
                 "account_id" => target_user.id,
                 "status_ids" => [activity.id],
-                 "comment" => "bad status!"
+                 "comment" => "bad status!",
+                 "forward" => "false"
               })
               |> json_response(200)
    end
@ -2887,6 +3040,19 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
               |> post("/api/v1/reports", %{"account_id" => target_user.id, "comment" => comment})
               |> json_response(400)
    end
+
+    test "returns error when account is not exist", %{
+      conn: conn,
+      reporter: reporter,
+      activity: activity
+    } do
+      conn =
+        conn
+        |> assign(:user, reporter)
+        |> post("/api/v1/reports", %{"status_ids" => [activity.id], "account_id" => "foo"})
+
+      assert json_response(conn, 400) == %{"error" => "Account not found"}
+    end
  end

  describe "link headers" do
@ -3246,7 +3412,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
    user2 = insert(:user)
    user3 = insert(:user)

-    {:ok, replied_to} = TwitterAPI.create_status(user1, %{"status" => "cofe"})
+    {:ok, replied_to} = CommonAPI.post(user1, %{"status" => "cofe"})

    # Reply to status from another user
    conn1 =
@ -3411,7 +3577,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
        |> get("/api/v1/polls/#{object.id}")

      response = json_response(conn, 200)
-      id = object.id
+      id = to_string(object.id)
      assert %{"id" => ^id, "expired" => false, "multiple" => false} = response
    end

@ -3511,5 +3677,186 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
               total_items == 1
             end)
    end
+
+    test "does not allow choice index to be greater than options count", %{conn: conn} do
+      user = insert(:user)
+      other_user = insert(:user)
+
+      {:ok, activity} =
+        CommonAPI.post(user, %{
+          "status" => "Am I cute?",
+          "poll" => %{"options" => ["Yes", "No"], "expires_in" => 20}
+        })
+
+      object = Object.normalize(activity)
+
+      conn =
+        conn
+        |> assign(:user, other_user)
+        |> post("/api/v1/polls/#{object.id}/votes", %{"choices" => [2]})
+
+      assert json_response(conn, 422) == %{"error" => "Invalid indices"}
+    end
+
+    test "returns 404 error when object is not exist", %{conn: conn} do
+      user = insert(:user)
+
+      conn =
+        conn
+        |> assign(:user, user)
+        |> post("/api/v1/polls/1/votes", %{"choices" => [0]})
+
+      assert json_response(conn, 404) == %{"error" => "Record not found"}
+    end
+
+    test "returns 404 when poll is private and not available for user", %{conn: conn} do
+      user = insert(:user)
+      other_user = insert(:user)
+
+      {:ok, activity} =
+        CommonAPI.post(user, %{
+          "status" => "Am I cute?",
+          "poll" => %{"options" => ["Yes", "No"], "expires_in" => 20},
+          "visibility" => "private"
+        })
+
+      object = Object.normalize(activity)
+
+      conn =
+        conn
+        |> assign(:user, other_user)
+        |> post("/api/v1/polls/#{object.id}/votes", %{"choices" => [0]})
+
+      assert json_response(conn, 404) == %{"error" => "Record not found"}
+    end
+  end
+
+  describe "GET /api/v1/statuses/:id/favourited_by" do
+    setup do
+      user = insert(:user)
+      {:ok, activity} = CommonAPI.post(user, %{"status" => "test"})
+
+      conn =
+        build_conn()
+        |> assign(:user, user)
+
+      [conn: conn, activity: activity]
+    end
+
+    test "returns users who have favorited the status", %{conn: conn, activity: activity} do
+      other_user = insert(:user)
+      {:ok, _, _} = CommonAPI.favorite(activity.id, other_user)
+
+      response =
+        conn
+        |> get("/api/v1/statuses/#{activity.id}/favourited_by")
+        |> json_response(:ok)
+
+      [%{"id" => id}] = response
+
+      assert id == other_user.id
+    end
+
+    test "returns empty array when status has not been favorited yet", %{
+      conn: conn,
+      activity: activity
+    } do
+      response =
+        conn
+        |> get("/api/v1/statuses/#{activity.id}/favourited_by")
+        |> json_response(:ok)
+
+      assert Enum.empty?(response)
+    end
+  end
+
+  describe "GET /api/v1/statuses/:id/reblogged_by" do
+    setup do
+      user = insert(:user)
+      {:ok, activity} = CommonAPI.post(user, %{"status" => "test"})
+
+      conn =
+        build_conn()
+        |> assign(:user, user)
+
+      [conn: conn, activity: activity]
+    end
+
+    test "returns users who have reblogged the status", %{conn: conn, activity: activity} do
+      other_user = insert(:user)
+      {:ok, _, _} = CommonAPI.repeat(activity.id, other_user)
+
+      response =
+        conn
+        |> get("/api/v1/statuses/#{activity.id}/reblogged_by")
+        |> json_response(:ok)
+
+      [%{"id" => id}] = response
+
+      assert id == other_user.id
+    end
+
+    test "returns empty array when status has not been reblogged yet", %{
+      conn: conn,
+      activity: activity
+    } do
+      response =
+        conn
+        |> get("/api/v1/statuses/#{activity.id}/reblogged_by")
+        |> json_response(:ok)
+
+      assert Enum.empty?(response)
+    end
+  end
+
+  describe "POST /auth/password, with valid parameters" do
+    setup %{conn: conn} do
+      user = insert(:user)
+      conn = post(conn, "/auth/password?email=#{user.email}")
+      %{conn: conn, user: user}
+    end
+
+    test "it returns 204", %{conn: conn} do
+      assert json_response(conn, :no_content)
+    end
+
+    test "it creates a PasswordResetToken record for user", %{user: user} do
+      token_record = Repo.get_by(Pleroma.PasswordResetToken, user_id: user.id)
+      assert token_record
+    end
+
+    test "it sends an email to user", %{user: user} do
+      token_record = Repo.get_by(Pleroma.PasswordResetToken, user_id: user.id)
+
+      email = Pleroma.Emails.UserEmail.password_reset_email(user, token_record.token)
+      notify_email = Pleroma.Config.get([:instance, :notify_email])
+      instance_name = Pleroma.Config.get([:instance, :name])
+
+      assert_email_sent(
+        from: {instance_name, notify_email},
+        to: {user.name, user.email},
+        html_body: email.html_body
+      )
+    end
+  end
+
+  describe "POST /auth/password, with invalid parameters" do
+    setup do
+      user = insert(:user)
+      {:ok, user: user}
+    end
+
+    test "it returns 404 when user is not found", %{conn: conn, user: user} do
+      conn = post(conn, "/auth/password?email=nonexisting_#{user.email}")
+      assert conn.status == 404
+      assert conn.resp_body == ""
+    end
+
+    test "it returns 400 when user is not local", %{conn: conn, user: user} do
+      {:ok, user} = Repo.update(Changeset.change(user, local: false))
+      conn = post(conn, "/auth/password?email=#{user.email}")
+      assert conn.status == 400
+      assert conn.resp_body == ""
+    end
  end
 end
--- a/test/web/mastodon_api/search_controller_test.exs
+++ b/test/web/mastodon_api/search_controller_test.exs
@ -24,12 +24,16 @@ defmodule Pleroma.Web.MastodonAPI.SearchControllerTest do
        {Pleroma.User, [], [search: fn _q, _o -> raise "Oops" end]},
        {Pleroma.Activity, [], [search: fn _u, _q, _o -> raise "Oops" end]}
      ] do
-        conn = get(conn, "/api/v2/search", %{"q" => "2hu"})
+        capture_log(fn ->
+          results =
+            conn
+            |> get("/api/v2/search", %{"q" => "2hu"})
+            |> json_response(200)

-        assert results = json_response(conn, 200)
-
-        assert results["accounts"] == []
-        assert results["statuses"] == []
+          assert results["accounts"] == []
+          assert results["statuses"] == []
+        end) =~
+          "[error] Elixir.Pleroma.Web.MastodonAPI.SearchController search error: %RuntimeError{message: \"Oops\"}"
      end
    end

@ -99,14 +103,16 @@ defmodule Pleroma.Web.MastodonAPI.SearchControllerTest do
        {Pleroma.User, [], [search: fn _q, _o -> raise "Oops" end]},
        {Pleroma.Activity, [], [search: fn _u, _q, _o -> raise "Oops" end]}
      ] do
-        conn =
-          conn
-          |> get("/api/v1/search", %{"q" => "2hu"})
+        capture_log(fn ->
+          results =
+            conn
+            |> get("/api/v1/search", %{"q" => "2hu"})
+            |> json_response(200)

-        assert results = json_response(conn, 200)
-
-        assert results["accounts"] == []
-        assert results["statuses"] == []
+          assert results["accounts"] == []
+          assert results["statuses"] == []
+        end) =~
+          "[error] Elixir.Pleroma.Web.MastodonAPI.SearchController search error: %RuntimeError{message: \"Oops\"}"
      end
    end

--- a/test/web/mastodon_api/status_view_test.exs
+++ b/test/web/mastodon_api/status_view_test.exs
@ -423,7 +423,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do
      expected = %{
        emojis: [],
        expired: false,
-        id: object.id,
+        id: to_string(object.id),
        multiple: false,
        options: [
          %{title: "absolutely!", votes_count: 0},
@ -541,4 +541,17 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do
    assert result[:reblog][:account][:pleroma][:relationship] ==
             AccountView.render("relationship.json", %{user: user, target: user})
  end
+
+  test "visibility/list" do
+    user = insert(:user)
+
+    {:ok, list} = Pleroma.List.create("foo", user)
+
+    {:ok, activity} =
+      CommonAPI.post(user, %{"status" => "foobar", "visibility" => "list:#{list.id}"})
+
+    status = StatusView.render("status.json", activity: activity)
+
+    assert status.visibility == "list"
+  end
 end
--- a/test/web/media_proxy/media_proxy_controller_test.exs
+++ b/test/web/media_proxy/media_proxy_controller_test.exs
@ -0,0 +1,73 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.MediaProxy.MediaProxyControllerTest do
+  use Pleroma.Web.ConnCase
+  import Mock
+  alias Pleroma.Config
+
+  setup do
+    media_proxy_config = Config.get([:media_proxy]) || []
+    on_exit(fn -> Config.put([:media_proxy], media_proxy_config) end)
+    :ok
+  end
+
+  test "it returns 404 when MediaProxy disabled", %{conn: conn} do
+    Config.put([:media_proxy, :enabled], false)
+
+    assert %Plug.Conn{
+             status: 404,
+             resp_body: "Not Found"
+           } = get(conn, "/proxy/hhgfh/eeeee")
+
+    assert %Plug.Conn{
+             status: 404,
+             resp_body: "Not Found"
+           } = get(conn, "/proxy/hhgfh/eeee/fff")
+  end
+
+  test "it returns 403 when signature invalidated", %{conn: conn} do
+    Config.put([:media_proxy, :enabled], true)
+    Config.put([Pleroma.Web.Endpoint, :secret_key_base], "00000000000")
+    path = URI.parse(Pleroma.Web.MediaProxy.encode_url("https://google.fn")).path
+    Config.put([Pleroma.Web.Endpoint, :secret_key_base], "000")
+
+    assert %Plug.Conn{
+             status: 403,
+             resp_body: "Forbidden"
+           } = get(conn, path)
+
+    assert %Plug.Conn{
+             status: 403,
+             resp_body: "Forbidden"
+           } = get(conn, "/proxy/hhgfh/eeee")
+
+    assert %Plug.Conn{
+             status: 403,
+             resp_body: "Forbidden"
+           } = get(conn, "/proxy/hhgfh/eeee/fff")
+  end
+
+  test "redirects on valid url when filename invalidated", %{conn: conn} do
+    Config.put([:media_proxy, :enabled], true)
+    Config.put([Pleroma.Web.Endpoint, :secret_key_base], "00000000000")
+    url = Pleroma.Web.MediaProxy.encode_url("https://google.fn/test.png")
+    invalid_url = String.replace(url, "test.png", "test-file.png")
+    response = get(conn, invalid_url)
+    html = "<html><body>You are being <a href=\"#{url}\">redirected</a>.</body></html>"
+    assert response.status == 302
+    assert response.resp_body == html
+  end
+
+  test "it performs ReverseProxy.call when signature valid", %{conn: conn} do
+    Config.put([:media_proxy, :enabled], true)
+    Config.put([Pleroma.Web.Endpoint, :secret_key_base], "00000000000")
+    url = Pleroma.Web.MediaProxy.encode_url("https://google.fn/test.png")
+
+    with_mock Pleroma.ReverseProxy,
+      call: fn _conn, _url, _opts -> %Plug.Conn{status: :success} end do
+      assert %Plug.Conn{status: :success} = get(conn, url)
+    end
+  end
+end
--- a/test/web/media_proxy/media_proxy_test.exs
+++ b/test/web/media_proxy/media_proxy_test.exs
@ -0,0 +1,226 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.MediaProxyTest do
+  use ExUnit.Case
+  import Pleroma.Web.MediaProxy
+  alias Pleroma.Web.MediaProxy.MediaProxyController
+
+  setup do
+    enabled = Pleroma.Config.get([:media_proxy, :enabled])
+    on_exit(fn -> Pleroma.Config.put([:media_proxy, :enabled], enabled) end)
+    :ok
+  end
+
+  describe "when enabled" do
+    setup do
+      Pleroma.Config.put([:media_proxy, :enabled], true)
+      :ok
+    end
+
+    test "ignores invalid url" do
+      assert url(nil) == nil
+      assert url("") == nil
+    end
+
+    test "ignores relative url" do
+      assert url("/local") == "/local"
+      assert url("/") == "/"
+    end
+
+    test "ignores local url" do
+      local_url = Pleroma.Web.Endpoint.url() <> "/hello"
+      local_root = Pleroma.Web.Endpoint.url()
+      assert url(local_url) == local_url
+      assert url(local_root) == local_root
+    end
+
+    test "encodes and decodes URL" do
+      url = "https://pleroma.soykaf.com/static/logo.png"
+      encoded = url(url)
+
+      assert String.starts_with?(
+               encoded,
+               Pleroma.Config.get([:media_proxy, :base_url], Pleroma.Web.base_url())
+             )
+
+      assert String.ends_with?(encoded, "/logo.png")
+
+      assert decode_result(encoded) == url
+    end
+
+    test "encodes and decodes URL without a path" do
+      url = "https://pleroma.soykaf.com"
+      encoded = url(url)
+      assert decode_result(encoded) == url
+    end
+
+    test "encodes and decodes URL without an extension" do
+      url = "https://pleroma.soykaf.com/path/"
+      encoded = url(url)
+      assert String.ends_with?(encoded, "/path")
+      assert decode_result(encoded) == url
+    end
+
+    test "encodes and decodes URL and ignores query params for the path" do
+      url = "https://pleroma.soykaf.com/static/logo.png?93939393939&bunny=true"
+      encoded = url(url)
+      assert String.ends_with?(encoded, "/logo.png")
+      assert decode_result(encoded) == url
+    end
+
+    test "validates signature" do
+      secret_key_base = Pleroma.Config.get([Pleroma.Web.Endpoint, :secret_key_base])
+
+      on_exit(fn ->
+        Pleroma.Config.put([Pleroma.Web.Endpoint, :secret_key_base], secret_key_base)
+      end)
+
+      encoded = url("https://pleroma.social")
+
+      Pleroma.Config.put(
+        [Pleroma.Web.Endpoint, :secret_key_base],
+        "00000000000000000000000000000000000000000000000"
+      )
+
+      [_, "proxy", sig, base64 | _] = URI.parse(encoded).path |> String.split("/")
+      assert decode_url(sig, base64) == {:error, :invalid_signature}
+    end
+
+    test "filename_matches preserves the encoded or decoded path" do
+      assert MediaProxyController.filename_matches(
+               %{"filename" => "/Hello world.jpg"},
+               "/Hello world.jpg",
+               "http://pleroma.social/Hello world.jpg"
+             ) == :ok
+
+      assert MediaProxyController.filename_matches(
+               %{"filename" => "/Hello%20world.jpg"},
+               "/Hello%20world.jpg",
+               "http://pleroma.social/Hello%20world.jpg"
+             ) == :ok
+
+      assert MediaProxyController.filename_matches(
+               %{"filename" => "/my%2Flong%2Furl%2F2019%2F07%2FS.jpg"},
+               "/my%2Flong%2Furl%2F2019%2F07%2FS.jpg",
+               "http://pleroma.social/my%2Flong%2Furl%2F2019%2F07%2FS.jpg"
+             ) == :ok
+
+      assert MediaProxyController.filename_matches(
+               %{"filename" => "/my%2Flong%2Furl%2F2019%2F07%2FS.jp"},
+               "/my%2Flong%2Furl%2F2019%2F07%2FS.jp",
+               "http://pleroma.social/my%2Flong%2Furl%2F2019%2F07%2FS.jpg"
+             ) == {:wrong_filename, "my%2Flong%2Furl%2F2019%2F07%2FS.jpg"}
+    end
+
+    test "encoded url are tried to match for proxy as `conn.request_path` encodes the url" do
+      # conn.request_path will return encoded url
+      request_path = "/ANALYSE-DAI-_-LE-STABLECOIN-100-D%C3%89CENTRALIS%C3%89-BQ.jpg"
+
+      assert MediaProxyController.filename_matches(
+               true,
+               request_path,
+               "https://mydomain.com/uploads/2019/07/ANALYSE-DAI-_-LE-STABLECOIN-100-DÉCENTRALISÉ-BQ.jpg"
+             ) == :ok
+    end
+
+    test "uses the configured base_url" do
+      base_url = Pleroma.Config.get([:media_proxy, :base_url])
+
+      if base_url do
+        on_exit(fn ->
+          Pleroma.Config.put([:media_proxy, :base_url], base_url)
+        end)
+      end
+
+      Pleroma.Config.put([:media_proxy, :base_url], "https://cache.pleroma.social")
+
+      url = "https://pleroma.soykaf.com/static/logo.png"
+      encoded = url(url)
+
+      assert String.starts_with?(encoded, Pleroma.Config.get([:media_proxy, :base_url]))
+    end
+
+    # Some sites expect ASCII encoded characters in the URL to be preserved even if
+    # unnecessary.
+    # Issues: https://git.pleroma.social/pleroma/pleroma/issues/580
+    #         https://git.pleroma.social/pleroma/pleroma/issues/1055
+    test "preserve ASCII encoding" do
+      url =
+        "https://pleroma.com/%20/%21/%22/%23/%24/%25/%26/%27/%28/%29/%2A/%2B/%2C/%2D/%2E/%2F/%30/%31/%32/%33/%34/%35/%36/%37/%38/%39/%3A/%3B/%3C/%3D/%3E/%3F/%40/%41/%42/%43/%44/%45/%46/%47/%48/%49/%4A/%4B/%4C/%4D/%4E/%4F/%50/%51/%52/%53/%54/%55/%56/%57/%58/%59/%5A/%5B/%5C/%5D/%5E/%5F/%60/%61/%62/%63/%64/%65/%66/%67/%68/%69/%6A/%6B/%6C/%6D/%6E/%6F/%70/%71/%72/%73/%74/%75/%76/%77/%78/%79/%7A/%7B/%7C/%7D/%7E/%7F/%80/%81/%82/%83/%84/%85/%86/%87/%88/%89/%8A/%8B/%8C/%8D/%8E/%8F/%90/%91/%92/%93/%94/%95/%96/%97/%98/%99/%9A/%9B/%9C/%9D/%9E/%9F/%C2%A0/%A1/%A2/%A3/%A4/%A5/%A6/%A7/%A8/%A9/%AA/%AB/%AC/%C2%AD/%AE/%AF/%B0/%B1/%B2/%B3/%B4/%B5/%B6/%B7/%B8/%B9/%BA/%BB/%BC/%BD/%BE/%BF/%C0/%C1/%C2/%C3/%C4/%C5/%C6/%C7/%C8/%C9/%CA/%CB/%CC/%CD/%CE/%CF/%D0/%D1/%D2/%D3/%D4/%D5/%D6/%D7/%D8/%D9/%DA/%DB/%DC/%DD/%DE/%DF/%E0/%E1/%E2/%E3/%E4/%E5/%E6/%E7/%E8/%E9/%EA/%EB/%EC/%ED/%EE/%EF/%F0/%F1/%F2/%F3/%F4/%F5/%F6/%F7/%F8/%F9/%FA/%FB/%FC/%FD/%FE/%FF"
+
+      encoded = url(url)
+      assert decode_result(encoded) == url
+    end
+
+    # This includes unsafe/reserved characters which are not interpreted as part of the URL
+    # and would otherwise have to be ASCII encoded. It is our role to ensure the proxied URL
+    # is unmodified, so we are testing these characters anyway.
+    test "preserve non-unicode characters per RFC3986" do
+      url =
+        "https://pleroma.com/ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890-._~:/?#[]@!$&'()*+,;=|^`{}"
+
+      encoded = url(url)
+      assert decode_result(encoded) == url
+    end
+
+    test "preserve unicode characters" do
+      url = "https://ko.wikipedia.org/wiki/위키백과:대문"
+
+      encoded = url(url)
+      assert decode_result(encoded) == url
+    end
+
+    test "does not change whitelisted urls" do
+      upload_config = Pleroma.Config.get([Pleroma.Upload])
+      media_url = "https://media.pleroma.social"
+      Pleroma.Config.put([Pleroma.Upload, :base_url], media_url)
+      Pleroma.Config.put([:media_proxy, :whitelist], ["media.pleroma.social"])
+      Pleroma.Config.put([:media_proxy, :base_url], "https://cache.pleroma.social")
+
+      url = "#{media_url}/static/logo.png"
+      encoded = url(url)
+
+      assert String.starts_with?(encoded, media_url)
+
+      Pleroma.Config.put([Pleroma.Upload], upload_config)
+    end
+  end
+
+  describe "when disabled" do
+    setup do
+      enabled = Pleroma.Config.get([:media_proxy, :enabled])
+
+      if enabled do
+        Pleroma.Config.put([:media_proxy, :enabled], false)
+
+        on_exit(fn ->
+          Pleroma.Config.put([:media_proxy, :enabled], enabled)
+          :ok
+        end)
+      end
+
+      :ok
+    end
+
+    test "does not encode remote urls" do
+      assert url("https://google.fr") == "https://google.fr"
+    end
+  end
+
+  defp decode_result(encoded) do
+    [_, "proxy", sig, base64 | _] = URI.parse(encoded).path |> String.split("/")
+    {:ok, decoded} = decode_url(sig, base64)
+    decoded
+  end
+
+  test "mediaproxy whitelist" do
+    Pleroma.Config.put([:media_proxy, :enabled], true)
+    Pleroma.Config.put([:media_proxy, :whitelist], ["google.com", "feld.me"])
+    url = "https://feld.me/foo.png"
+
+    unencoded = url(url)
+    assert unencoded == url
+  end
+end
--- a/test/web/node_info_test.exs
+++ b/test/web/node_info_test.exs
@ -83,4 +83,47 @@ defmodule Pleroma.Web.NodeInfoTest do

    Pleroma.Config.put([:instance, :safe_dm_mentions], option)
  end
+
+  test "it shows MRF transparency data if enabled", %{conn: conn} do
+    option = Pleroma.Config.get([:instance, :mrf_transparency])
+    Pleroma.Config.put([:instance, :mrf_transparency], true)
+
+    simple_config = %{"reject" => ["example.com"]}
+    Pleroma.Config.put(:mrf_simple, simple_config)
+
+    response =
+      conn
+      |> get("/nodeinfo/2.1.json")
+      |> json_response(:ok)
+
+    assert response["metadata"]["federation"]["mrf_simple"] == simple_config
+
+    Pleroma.Config.put([:instance, :mrf_transparency], option)
+    Pleroma.Config.put(:mrf_simple, %{})
+  end
+
+  test "it performs exclusions from MRF transparency data if configured", %{conn: conn} do
+    option = Pleroma.Config.get([:instance, :mrf_transparency])
+    Pleroma.Config.put([:instance, :mrf_transparency], true)
+
+    exclusions = Pleroma.Config.get([:instance, :mrf_transparency_exclusions])
+    Pleroma.Config.put([:instance, :mrf_transparency_exclusions], ["other.site"])
+
+    simple_config = %{"reject" => ["example.com", "other.site"]}
+    expected_config = %{"reject" => ["example.com"]}
+
+    Pleroma.Config.put(:mrf_simple, simple_config)
+
+    response =
+      conn
+      |> get("/nodeinfo/2.1.json")
+      |> json_response(:ok)
+
+    assert response["metadata"]["federation"]["mrf_simple"] == expected_config
+    assert response["metadata"]["federation"]["exclusions"] == true
+
+    Pleroma.Config.put([:instance, :mrf_transparency], option)
+    Pleroma.Config.put([:instance, :mrf_transparency_exclusions], exclusions)
+    Pleroma.Config.put(:mrf_simple, %{})
+  end
 end
--- a/test/web/ostatus/ostatus_controller_test.exs
+++ b/test/web/ostatus/ostatus_controller_test.exs
@ -4,7 +4,10 @@

 defmodule Pleroma.Web.OStatus.OStatusControllerTest do
  use Pleroma.Web.ConnCase
+
+  import ExUnit.CaptureLog
  import Pleroma.Factory
+
  alias Pleroma.Object
  alias Pleroma.User
  alias Pleroma.Web.CommonAPI
@ -27,24 +30,28 @@ defmodule Pleroma.Web.OStatus.OStatusControllerTest do
      user = insert(:user)
      salmon = File.read!("test/fixtures/salmon.xml")

-      conn =
-        conn
-        |> put_req_header("content-type", "application/atom+xml")
-        |> post("/users/#{user.nickname}/salmon", salmon)
+      assert capture_log(fn ->
+               conn =
+                 conn
+                 |> put_req_header("content-type", "application/atom+xml")
+                 |> post("/users/#{user.nickname}/salmon", salmon)

-      assert response(conn, 200)
+               assert response(conn, 200)
+             end) =~ "[error]"
    end

    test "decodes a salmon with a changed magic key", %{conn: conn} do
      user = insert(:user)
      salmon = File.read!("test/fixtures/salmon.xml")

-      conn =
-        conn
-        |> put_req_header("content-type", "application/atom+xml")
-        |> post("/users/#{user.nickname}/salmon", salmon)
+      assert capture_log(fn ->
+               conn =
+                 conn
+                 |> put_req_header("content-type", "application/atom+xml")
+                 |> post("/users/#{user.nickname}/salmon", salmon)

-      assert response(conn, 200)
+               assert response(conn, 200)
+             end) =~ "[error]"

      # Set a wrong magic-key for a user so it has to refetch
      salmon_user = User.get_cached_by_ap_id("http://gs.example.org:4040/index.php/user/1")
@ -61,12 +68,14 @@ defmodule Pleroma.Web.OStatus.OStatusControllerTest do
      |> Ecto.Changeset.put_embed(:info, info_cng)
      |> User.update_and_set_cache()

-      conn =
-        build_conn()
-        |> put_req_header("content-type", "application/atom+xml")
-        |> post("/users/#{user.nickname}/salmon", salmon)
+      assert capture_log(fn ->
+               conn =
+                 build_conn()
+                 |> put_req_header("content-type", "application/atom+xml")
+                 |> post("/users/#{user.nickname}/salmon", salmon)

-      assert response(conn, 200)
+               assert response(conn, 200)
+             end) =~ "[error]"
    end
  end

--- a/test/web/rich_media/aws_signed_url_test.exs
+++ b/test/web/rich_media/aws_signed_url_test.exs
@ -0,0 +1,81 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.RichMedia.TTL.AwsSignedUrlTest do
+  use ExUnit.Case, async: true
+
+  test "s3 signed url is parsed correct for expiration time" do
+    url = "https://pleroma.social/amz"
+
+    {:ok, timestamp} =
+      Timex.now()
+      |> DateTime.truncate(:second)
+      |> Timex.format("{ISO:Basic:Z}")
+
+    # in seconds
+    valid_till = 30
+
+    metadata = construct_metadata(timestamp, valid_till, url)
+
+    expire_time =
+      Timex.parse!(timestamp, "{ISO:Basic:Z}") |> Timex.to_unix() |> Kernel.+(valid_till)
+
+    assert expire_time == Pleroma.Web.RichMedia.Parser.TTL.AwsSignedUrl.ttl(metadata, url)
+  end
+
+  test "s3 signed url is parsed and correct ttl is set for rich media" do
+    url = "https://pleroma.social/amz"
+
+    {:ok, timestamp} =
+      Timex.now()
+      |> DateTime.truncate(:second)
+      |> Timex.format("{ISO:Basic:Z}")
+
+    # in seconds
+    valid_till = 30
+
+    metadata = construct_metadata(timestamp, valid_till, url)
+
+    body = """
+    <meta name="twitter:card" content="Pleroma" />
+    <meta name="twitter:site" content="Pleroma" />
+    <meta name="twitter:title" content="Pleroma" />
+    <meta name="twitter:description" content="Pleroma" />
+    <meta name="twitter:image" content="#{Map.get(metadata, :image)}" />
+    """
+
+    Tesla.Mock.mock(fn
+      %{
+        method: :get,
+        url: "https://pleroma.social/amz"
+      } ->
+        %Tesla.Env{status: 200, body: body}
+    end)
+
+    Cachex.put(:rich_media_cache, url, metadata)
+
+    Pleroma.Web.RichMedia.Parser.set_ttl_based_on_image({:ok, metadata}, url)
+
+    {:ok, cache_ttl} = Cachex.ttl(:rich_media_cache, url)
+
+    # as there is delay in setting and pulling the data from cache we ignore 1 second
+    assert_in_delta(valid_till * 1000, cache_ttl, 1000)
+  end
+
+  defp construct_s3_url(timestamp, valid_till) do
+    "https://pleroma.s3.ap-southeast-1.amazonaws.com/sachin%20%281%29%20_a%20-%25%2Aasdasd%20BNN%20bnnn%20.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIBLWWK6RGDQXDLJQ%2F20190716%2Fap-southeast-1%2Fs3%2Faws4_request&X-Amz-Date=#{
+      timestamp
+    }&X-Amz-Expires=#{valid_till}&X-Amz-Signature=04ffd6b98634f4b1bbabc62e0fac4879093cd54a6eed24fe8eb38e8369526bbf&X-Amz-SignedHeaders=host"
+  end
+
+  defp construct_metadata(timestamp, valid_till, url) do
+    %{
+      image: construct_s3_url(timestamp, valid_till),
+      site: "Pleroma",
+      title: "Pleroma",
+      description: "Pleroma",
+      url: url
+    }
+  end
+end
--- a/test/web/twitter_api/twitter_api_controller_test.exs
+++ b/test/web/twitter_api/twitter_api_controller_test.exs
@ -521,6 +521,38 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do
                 for: current_user
               })
    end
+
+    test "muted user", %{conn: conn, user: current_user} do
+      other_user = insert(:user)
+
+      {:ok, current_user} = User.mute(current_user, other_user)
+
+      {:ok, _activity} =
+        ActivityBuilder.insert(%{"to" => [current_user.ap_id]}, %{user: other_user})
+
+      conn =
+        conn
+        |> with_credentials(current_user.nickname, "test")
+        |> get("/api/qvitter/statuses/notifications.json")
+
+      assert json_response(conn, 200) == []
+    end
+
+    test "muted user with with_muted parameter", %{conn: conn, user: current_user} do
+      other_user = insert(:user)
+
+      {:ok, current_user} = User.mute(current_user, other_user)
+
+      {:ok, _activity} =
+        ActivityBuilder.insert(%{"to" => [current_user.ap_id]}, %{user: other_user})
+
+      conn =
+        conn
+        |> with_credentials(current_user.nickname, "test")
+        |> get("/api/qvitter/statuses/notifications.json", %{"with_muted" => "true"})
+
+      assert length(json_response(conn, 200)) == 1
+    end
  end

  describe "POST /api/qvitter/statuses/notifications/read" do
@ -1084,15 +1116,17 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do
  describe "POST /api/account/password_reset, with invalid parameters" do
    setup [:valid_user]

-    test "it returns 500 when user is not found", %{conn: conn, user: user} do
+    test "it returns 404 when user is not found", %{conn: conn, user: user} do
      conn = post(conn, "/api/account/password_reset?email=nonexisting_#{user.email}")
-      assert json_response(conn, :internal_server_error)
+      assert conn.status == 404
+      assert conn.resp_body == ""
    end

-    test "it returns 500 when user is not local", %{conn: conn, user: user} do
+    test "it returns 400 when user is not local", %{conn: conn, user: user} do
      {:ok, user} = Repo.update(Changeset.change(user, local: false))
      conn = post(conn, "/api/account/password_reset?email=#{user.email}")
-      assert json_response(conn, :internal_server_error)
+      assert conn.status == 400
+      assert conn.resp_body == ""
    end
  end

--- a/test/web/twitter_api/util_controller_test.exs
+++ b/test/web/twitter_api/util_controller_test.exs
@ -10,6 +10,7 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do
  alias Pleroma.User
  alias Pleroma.Web.CommonAPI
  import Pleroma.Factory
+  import Mock

  setup do
    Tesla.Mock.mock(fn env -> apply(HttpRequestMock, :request, [env]) end)
@ -231,10 +232,67 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do
    end
  end

-  test "GET /api/pleroma/healthcheck", %{conn: conn} do
-    conn = get(conn, "/api/pleroma/healthcheck")
+  describe "GET /api/pleroma/healthcheck" do
+    setup do
+      config_healthcheck = Pleroma.Config.get([:instance, :healthcheck])

-    assert conn.status in [200, 503]
+      on_exit(fn ->
+        Pleroma.Config.put([:instance, :healthcheck], config_healthcheck)
+      end)
+
+      :ok
+    end
+
+    test "returns 503 when healthcheck disabled", %{conn: conn} do
+      Pleroma.Config.put([:instance, :healthcheck], false)
+
+      response =
+        conn
+        |> get("/api/pleroma/healthcheck")
+        |> json_response(503)
+
+      assert response == %{}
+    end
+
+    test "returns 200 when healthcheck enabled and all ok", %{conn: conn} do
+      Pleroma.Config.put([:instance, :healthcheck], true)
+
+      with_mock Pleroma.Healthcheck,
+        system_info: fn -> %Pleroma.Healthcheck{healthy: true} end do
+        response =
+          conn
+          |> get("/api/pleroma/healthcheck")
+          |> json_response(200)
+
+        assert %{
+                 "active" => _,
+                 "healthy" => true,
+                 "idle" => _,
+                 "memory_used" => _,
+                 "pool_size" => _
+               } = response
+      end
+    end
+
+    test "returns 503 when healthcheck enabled and  health is false", %{conn: conn} do
+      Pleroma.Config.put([:instance, :healthcheck], true)
+
+      with_mock Pleroma.Healthcheck,
+        system_info: fn -> %Pleroma.Healthcheck{healthy: false} end do
+        response =
+          conn
+          |> get("/api/pleroma/healthcheck")
+          |> json_response(503)
+
+        assert %{
+                 "active" => _,
+                 "healthy" => false,
+                 "idle" => _,
+                 "memory_used" => _,
+                 "pool_size" => _
+               } = response
+      end
+    end
  end

  describe "POST /api/pleroma/disable_account" do
--- a/test/web/uploader_controller_test.exs
+++ b/test/web/uploader_controller_test.exs
@ -0,0 +1,43 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.UploaderControllerTest do
+  use Pleroma.Web.ConnCase
+  alias Pleroma.Uploaders.Uploader
+
+  describe "callback/2" do
+    test "it returns 400 response when process callback isn't alive", %{conn: conn} do
+      res =
+        conn
+        |> post(uploader_path(conn, :callback, "test-path"))
+
+      assert res.status == 400
+      assert res.resp_body == "{\"error\":\"bad request\"}"
+    end
+
+    test "it returns success result", %{conn: conn} do
+      task =
+        Task.async(fn ->
+          receive do
+            {Uploader, pid, conn, _params} ->
+              conn =
+                conn
+                |> put_status(:ok)
+                |> Phoenix.Controller.json(%{upload_path: "test-path"})
+
+              send(pid, {Uploader, conn})
+          end
+        end)
+
+      :global.register_name({Uploader, "test-path"}, task.pid)
+
+      res =
+        conn
+        |> post(uploader_path(conn, :callback, "test-path"))
+        |> json_response(200)
+
+      assert res == %{"upload_path" => "test-path"}
+    end
+  end
+end