No OneTemporary
Actions

Size

97 KB

Referenced Files

None

Subscribers

None

View Options

	diff --git a/CHANGELOG.md b/CHANGELOG.md
	index 8264688d6d..40f4580f72 100644
	--- a/CHANGELOG.md
	+++ b/CHANGELOG.md
	@@ -1,290 +1,291 @@
	# Changelog
	All notable changes to this project will be documented in this file.

	The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).

	## [Unreleased]
	### Security
	- OStatus: eliminate the possibility of a protocol downgrade attack.
	- OStatus: prevent following locked accounts, bypassing the approval process.

	### Changed
	- Breaking: Configuration: A setting to explicitly disable the mailer was added, defaulting to true, if you are using a mailer add `config :pleroma, Pleroma.Emails.Mailer, enabled: true` to your config
	- Breaking: Configuration: `/media/` is now removed when `base_url` is configured, append `/media/` to your `base_url` config to keep the old behaviour if desired
	+- Breaking: `/api/pleroma/notifications/read` is moved to `/api/v1/pleroma/notifications/read` and now supports `max_id` and responds with Mastodon API entities.
	- Configuration: OpenGraph and TwitterCard providers enabled by default
	- Configuration: Filter.AnonymizeFilename added ability to retain file extension with custom text
	- Federation: Return 403 errors when trying to request pages from a user's follower/following collections if they have `hide_followers`/`hide_follows` set
	- NodeInfo: Return `skipThreadContainment` in `metadata` for the `skip_thread_containment` option
	- NodeInfo: Return `mailerEnabled` in `metadata`
	- Mastodon API: Unsubscribe followers when they unfollow a user
	- AdminAPI: Add "godmode" while fetching user statuses (i.e. admin can see private statuses)
	- Improve digest email template
	– Pagination: (optional) return `total` alongside with `items` when paginating

	### Fixed
	- Following from Osada
	- Not being able to pin unlisted posts
	- Objects being re-embedded to activities after being updated (e.g faved/reposted). Running 'mix pleroma.database prune_objects' again is advised.
	- Favorites timeline doing database-intensive queries
	- Metadata rendering errors resulting in the entire page being inaccessible
	- `federation_incoming_replies_max_depth` option being ignored in certain cases
	- Federation/MediaProxy not working with instances that have wrong certificate order
	- Mastodon API: Handling of search timeouts (`/api/v1/search` and `/api/v2/search`)
	- Mastodon API: Embedded relationships not being properly rendered in the Account entity of Status entity
	- Mastodon API: follower/following counters not being nullified, when `hide_follows`/`hide_followers` is set
	- Mastodon API: `muted` in the Status entity, using author's account to determine if the tread was muted
	- Mastodon API: Add `account_id`, `type`, `offset`, and `limit` to search API (`/api/v1/search` and `/api/v2/search`)
	- Mastodon API, streaming: Fix filtering of notifications based on blocks/mutes/thread mutes
	- ActivityPub C2S: follower/following collection pages being inaccessible even when authentifucated if `hide_followers`/ `hide_follows` was set
	- Existing user id not being preserved on insert conflict
	- Rich Media: Parser failing when no TTL can be found by image TTL setters
	- Rich Media: The crawled URL is now spliced into the rich media data.
	- ActivityPub S2S: sharedInbox usage has been mostly aligned with the rules in the AP specification.
	- ActivityPub S2S: remote user deletions now work the same as local user deletions.
	- ActivityPub S2S: POST requests are now signed with `(request-target)` pseudo-header.
	- Not being able to access the Mastodon FE login page on private instances
	- Invalid SemVer version generation, when the current branch does not have commits ahead of tag/checked out on a tag
	- Pleroma.Upload base_url was not automatically whitelisted by MediaProxy. Now your custom CDN or file hosting will be accessed directly as expected.
	- Report email not being sent to admins when the reporter is a remote user
	- MRF: ensure that subdomain_match calls are case-insensitive
	- Reverse Proxy limiting `max_body_length` was incorrectly defined and only checked `Content-Length` headers which may not be sufficient in some circumstances
	- MRF: fix use of unserializable keyword lists in describe() implementations
	- ActivityPub: Deactivated user deletion
	- MRF: fix ability to follow a relay when AntiFollowbotPolicy was enabled

	### Added
	- Expiring/ephemeral activites. All activities can have expires_at value set, which controls when they should be deleted automatically.
	- Mastodon API: in post_status, the expires_in parameter lets you set the number of seconds until an activity expires. It must be at least one hour.
	- Mastodon API: all status JSON responses contain a `pleroma.expires_at` item which states when an activity will expire. The value is only shown to the user who created the activity. To everyone else it's empty.
	- Configuration: `ActivityExpiration.enabled` controls whether expired activites will get deleted at the appropriate time. Enabled by default.
	- Conversations: Add Pleroma-specific conversation endpoints and status posting extensions. Run the `bump_all_conversations` task again to create the necessary data.
	- Breaking: MRF describe API, which adds support for exposing configuration information about MRF policies to NodeInfo.
	Custom modules will need to be updated by adding, at the very least, `def describe, do: {:ok, %{}}` to the MRF policy modules.
	- MRF: Support for priming the mediaproxy cache (`Pleroma.Web.ActivityPub.MRF.MediaProxyWarmingPolicy`)
	- MRF: Support for excluding specific domains from Transparency.
	- MRF: Support for filtering posts based on who they mention (`Pleroma.Web.ActivityPub.MRF.MentionPolicy`)
	- MRF: Support for filtering posts based on ActivityStreams vocabulary (`Pleroma.Web.ActivityPub.MRF.VocabularyPolicy`)
	- MRF (Simple Policy): Support for wildcard domains.
	- Support for wildcard domains in user domain blocks setting.
	- Configuration: `quarantined_instances` support wildcard domains.
	- Configuration: `federation_incoming_replies_max_depth` option
	- Mastodon API: Support for the [`tagged` filter](https://github.com/tootsuite/mastodon/pull/9755) in [`GET /api/v1/accounts/:id/statuses`](https://docs.joinmastodon.org/api/rest/accounts/#get-api-v1-accounts-id-statuses)
	- Mastodon API, streaming: Add support for passing the token in the `Sec-WebSocket-Protocol` header
	- Mastodon API, extension: Ability to reset avatar, profile banner, and background
	- Mastodon API: Add support for categories for custom emojis by reusing the group feature. <https://github.com/tootsuite/mastodon/pull/11196>
	- Mastodon API: Add support for muting/unmuting notifications
	- Mastodon API: Add support for the `blocked_by` attribute in the relationship API (`GET /api/v1/accounts/relationships`). <https://github.com/tootsuite/mastodon/pull/10373>
	- Mastodon API: Add support for the `domain_blocking` attribute in the relationship API (`GET /api/v1/accounts/relationships`).
	- Mastodon API: Add `pleroma.deactivated` to the Account entity
	- Mastodon API: added `/auth/password` endpoint for password reset with rate limit.
	- Mastodon API: /api/v1/accounts/:id/statuses now supports nicknames or user id
	- Mastodon API: Improve support for the user profile custom fields
	- Admin API: Return users' tags when querying reports
	- Admin API: Return avatar and display name when querying users
	- Admin API: Allow querying user by ID
	- Admin API: Added support for `tuples`.
	- Admin API: Added endpoints to run mix tasks pleroma.config migrate_to_db & pleroma.config migrate_from_db
	- Added synchronization of following/followers counters for external users
	- Configuration: `enabled` option for `Pleroma.Emails.Mailer`, defaulting to `false`.
	- Configuration: Pleroma.Plugs.RateLimiter `bucket_name`, `params` options.
	- Configuration: `user_bio_length` and `user_name_length` options.
	- Addressable lists
	- Twitter API: added rate limit for `/api/account/password_reset` endpoint.
	- ActivityPub: Add an internal service actor for fetching ActivityPub objects.
	- ActivityPub: Optional signing of ActivityPub object fetches.
	- Admin API: Endpoint for fetching latest user's statuses
	- Pleroma API: Add `/api/v1/pleroma/accounts/confirmation_resend?email=<email>` for resending account confirmation.
	- Relays: Added a task to list relay subscriptions.
	- Mix Tasks: `mix pleroma.database fix_likes_collections`
	- Federation: Remove `likes` from objects.
	- Admin API: Added moderation log

	### Changed
	- Configuration: Filter.AnonymizeFilename added ability to retain file extension with custom text
	- Admin API: changed json structure for saving config settings.
	- RichMedia: parsers and their order are configured in `rich_media` config.
	- RichMedia: add the rich media ttl based on image expiration time.

	### Removed
	- Emoji: Remove longfox emojis.
	- Remove `Reply-To` header from report emails for admins.
	- ActivityPub: The `accept_blocks` configuration setting.

	## [1.0.1] - 2019-07-14
	### Security
	- OStatus: fix an object spoofing vulnerability.

	## [1.0.0] - 2019-06-29
	### Security
	- Mastodon API: Fix display names not being sanitized
	- Rich media: Do not crawl private IP ranges

	### Added
	- Digest email for inactive users
	- Add a generic settings store for frontends / clients to use.
	- Explicit addressing option for posting.
	- Optional SSH access mode. (Needs `erlang-ssh` package on some distributions).
	- [MongooseIM](https://github.com/esl/MongooseIM) http authentication support.
	- LDAP authentication
	- External OAuth provider authentication
	- Support for building a release using [`mix release`](https://hexdocs.pm/mix/master/Mix.Tasks.Release.html)
	- A [job queue](https://git.pleroma.social/pleroma/pleroma_job_queue) for federation, emails, web push, etc.
	- [Prometheus](https://prometheus.io/) metrics
	- Support for Mastodon's remote interaction
	- Mix Tasks: `mix pleroma.database bump_all_conversations`
	- Mix Tasks: `mix pleroma.database remove_embedded_objects`
	- Mix Tasks: `mix pleroma.database update_users_following_followers_counts`
	- Mix Tasks: `mix pleroma.user toggle_confirmed`
	- Mix Tasks: `mix pleroma.config migrate_to_db`
	- Mix Tasks: `mix pleroma.config migrate_from_db`
	- Federation: Support for `Question` and `Answer` objects
	- Federation: Support for reports
	- Configuration: `poll_limits` option
	- Configuration: `pack_extensions` option
	- Configuration: `safe_dm_mentions` option
	- Configuration: `link_name` option
	- Configuration: `fetch_initial_posts` option
	- Configuration: `notify_email` option
	- Configuration: Media proxy `whitelist` option
	- Configuration: `report_uri` option
	- Configuration: `email_notifications` option
	- Configuration: `limit_to_local_content` option
	- Pleroma API: User subscriptions
	- Pleroma API: Healthcheck endpoint
	- Pleroma API: `/api/v1/pleroma/mascot` per-user frontend mascot configuration endpoints
	- Admin API: Endpoints for listing/revoking invite tokens
	- Admin API: Endpoints for making users follow/unfollow each other
	- Admin API: added filters (role, tags, email, name) for users endpoint
	- Admin API: Endpoints for managing reports
	- Admin API: Endpoints for deleting and changing the scope of individual reported statuses
	- Admin API: Endpoints to view and change config settings.
	- AdminFE: initial release with basic user management accessible at /pleroma/admin/
	- Mastodon API: Add chat token to `verify_credentials` response
	- Mastodon API: Add background image setting to `update_credentials`
	- Mastodon API: [Scheduled statuses](https://docs.joinmastodon.org/api/rest/scheduled-statuses/)
	- Mastodon API: `/api/v1/notifications/destroy_multiple` (glitch-soc extension)
	- Mastodon API: `/api/v1/pleroma/accounts/:id/favourites` (API extension)
	- Mastodon API: [Reports](https://docs.joinmastodon.org/api/rest/reports/)
	- Mastodon API: `POST /api/v1/accounts` (account creation API)
	- Mastodon API: [Polls](https://docs.joinmastodon.org/api/rest/polls/)
	- ActivityPub C2S: OAuth endpoints
	- Metadata: RelMe provider
	- OAuth: added support for refresh tokens
	- Emoji packs and emoji pack manager
	- Object pruning (`mix pleroma.database prune_objects`)
	- OAuth: added job to clean expired access tokens
	- MRF: Support for rejecting reports from specific instances (`mrf_simple`)
	- MRF: Support for stripping avatars and banner images from specific instances (`mrf_simple`)
	- MRF: Support for running subchains.
	- Configuration: `skip_thread_containment` option
	- Configuration: `rate_limit` option. See `Pleroma.Plugs.RateLimiter` documentation for details.
	- MRF: Support for filtering out likely spam messages by rejecting posts from new users that contain links.
	- Configuration: `ignore_hosts` option
	- Configuration: `ignore_tld` option
	- Configuration: default syslog tag "Pleroma" is now lowercased to "pleroma"

	### Changed
	- Breaking: bind to 127.0.0.1 instead of 0.0.0.0 by default
	- Breaking: Configuration: move from Pleroma.Mailer to Pleroma.Emails.Mailer
	- Thread containment / test for complete visibility will be skipped by default.
	- Enforcement of OAuth scopes
	- Add multiple use/time expiring invite token
	- Restyled OAuth pages to fit with Pleroma's default theme
	- Link/mention/hashtag detection is now handled by [auto_linker](https://git.pleroma.social/pleroma/auto_linker)
	- NodeInfo: Return `safe_dm_mentions` feature flag
	- Federation: Expand the audience of delete activities to all recipients of the deleted object
	- Federation: Removed `inReplyToStatusId` from objects
	- Configuration: Dedupe enabled by default
	- Configuration: Default log level in `prod` environment is now set to `warn`
	- Configuration: Added `extra_cookie_attrs` for setting non-standard cookie attributes. Defaults to ["SameSite=Lax"] so that remote follows work.
	- Timelines: Messages involving people you have blocked will be excluded from the timeline in all cases instead of just repeats.
	- Admin API: Move the user related API to `api/pleroma/admin/users`
	- Admin API: `POST /api/pleroma/admin/users` will take list of users
	- Pleroma API: Support for emoji tags in `/api/pleroma/emoji` resulting in a breaking API change
	- Mastodon API: Support for `exclude_types`, `limit` and `min_id` in `/api/v1/notifications`
	- Mastodon API: Add `languages` and `registrations` to `/api/v1/instance`
	- Mastodon API: Provide plaintext versions of cw/content in the Status entity
	- Mastodon API: Add `pleroma.conversation_id`, `pleroma.in_reply_to_account_acct` fields to the Status entity
	- Mastodon API: Add `pleroma.tags`, `pleroma.relationship{}`, `pleroma.is_moderator`, `pleroma.is_admin`, `pleroma.confirmation_pending`, `pleroma.hide_followers`, `pleroma.hide_follows`, `pleroma.hide_favorites` fields to the User entity
	- Mastodon API: Add `pleroma.show_role`, `pleroma.no_rich_text` fields to the Source subentity
	- Mastodon API: Add support for updating `no_rich_text`, `hide_followers`, `hide_follows`, `hide_favorites`, `show_role` in `PATCH /api/v1/update_credentials`
	- Mastodon API: Add `pleroma.is_seen` to the Notification entity
	- Mastodon API: Add `pleroma.local` to the Status entity
	- Mastodon API: Add `preview` parameter to `POST /api/v1/statuses`
	- Mastodon API: Add `with_muted` parameter to timeline endpoints
	- Mastodon API: Actual reblog hiding instead of a dummy
	- Mastodon API: Remove attachment limit in the Status entity
	- Mastodon API: Added support max_id & since_id for bookmark timeline endpoints.
	- Deps: Updated Cowboy to 2.6
	- Deps: Updated Ecto to 3.0.7
	- Don't ship finmoji by default, they can be installed as an emoji pack
	- Hide deactivated users and their statuses
	- Posts which are marked sensitive or tagged nsfw no longer have link previews.
	- HTTP connection timeout is now set to 10 seconds.
	- Respond with a 404 Not implemented JSON error message when requested API is not implemented
	- Rich Media: crawl only https URLs.

	### Fixed
	- Follow requests don't get 'stuck' anymore.
	- Added an FTS index on objects. Running `vacuum analyze` and setting a larger `work_mem` is recommended.
	- Followers counter not being updated when a follower is blocked
	- Deactivated users being able to request an access token
	- Limit on request body in rich media/relme parsers being ignored resulting in a possible memory leak
	- Proper Twitter Card generation instead of a dummy
	- Deletions failing for users with a large number of posts
	- NodeInfo: Include admins in `staffAccounts`
	- ActivityPub: Crashing when requesting empty local user's outbox
	- Federation: Handling of objects without `summary` property
	- Federation: Add a language tag to activities as required by ActivityStreams 2.0
	- Federation: Do not federate avatar/banner if set to default allowing other servers/clients to use their defaults
	- Federation: Cope with missing or explicitly nulled address lists
	- Federation: Explicitly ensure activities addressed to `as:Public` become addressed to the followers collection
	- Federation: Better cope with actors which do not declare a followers collection and use `as:Public` with these semantics
	- Federation: Follow requests from remote users who have been blocked will be automatically rejected if appropriate
	- MediaProxy: Parse name from content disposition headers even for non-whitelisted types
	- MediaProxy: S3 link encoding
	- Rich Media: Reject any data which cannot be explicitly encoded into JSON
	- Pleroma API: Importing follows from Mastodon 2.8+
	- Twitter API: Exposing default scope, `no_rich_text` of the user to anyone
	- Twitter API: Returning the `role` object in user entity despite `show_role = false`
	- Mastodon API: `/api/v1/favourites` serving only public activities
	- Mastodon API: Reblogs having `in_reply_to_id` - `null` even when they are replies
	- Mastodon API: Streaming API broadcasting wrong activity id
	- Mastodon API: 500 errors when requesting a card for a private conversation
	- Mastodon API: Handling of `reblogs` in `/api/v1/accounts/:id/follow`
	- Mastodon API: Correct `reblogged`, `favourited`, and `bookmarked` values in the reblog status JSON
	- Mastodon API: Exposing default scope of the user to anyone
	- Mastodon API: Make `irreversible` field default to `false` [`POST /api/v1/filters`]
	- Mastodon API: Replace missing non-nullable Card attributes with empty strings
	- User-Agent is now sent correctly for all HTTP requests.
	- MRF: Simple policy now properly delists imported or relayed statuses

	## Removed
	- Configuration: `config :pleroma, :fe` in favor of the more flexible `config :pleroma, :frontend_configurations`

	## [0.9.99999] - 2019-05-31
	### Security
	- Mastodon API: Fix lists leaking private posts

	## [0.9.9999] - 2019-04-05
	### Security
	- Mastodon API: Fix content warnings skipping HTML sanitization

	## [0.9.999] - 2019-03-13
	Frontend changes only.
	### Added
	- Added floating action button for posting status on mobile
	### Changed
	- Changed user-settings icon to a pencil
	### Fixed
	- Keyboard shortcuts activating when typing a message
	- Gaps when scrolling down on a timeline after showing new

	## [0.9.99] - 2019-03-08
	### Changed
	- Update the frontend to the 0.9.99 tag
	### Fixed
	- Sign the date header in federation to fix Mastodon federation.

	## [0.9.9] - 2019-02-22
	This is our first stable release.
	diff --git a/docs/api/pleroma_api.md b/docs/api/pleroma_api.md
	index b134b31a84..e76a35b3b1 100644
	--- a/docs/api/pleroma_api.md
	+++ b/docs/api/pleroma_api.md
	@@ -1,356 +1,357 @@
	# Pleroma API

	Requests that require it can be authenticated with [an OAuth token](https://tools.ietf.org/html/rfc6749), the `_pleroma_key` cookie, or [HTTP Basic Authentication](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Authorization).

	Request parameters can be passed via [query strings](https://en.wikipedia.org/wiki/Query_string) or as [form data](https://www.w3.org/TR/html401/interact/forms.html). Files must be uploaded as `multipart/form-data`.

	## `/api/pleroma/emoji`
	### Lists the custom emoji on that server.
	* Method: `GET`
	* Authentication: not required
	* Params: none
	* Response: JSON
	* Example response:
	```json
	{
	"girlpower": {
	"tags": [
	"Finmoji"
	],
	"image_url": "/finmoji/128px/girlpower-128.png"
	},
	"education": {
	"tags": [
	"Finmoji"
	],
	"image_url": "/finmoji/128px/education-128.png"
	},
	"finnishlove": {
	"tags": [
	"Finmoji"
	],
	"image_url": "/finmoji/128px/finnishlove-128.png"
	}
	}
	```
	* Note: Same data as Mastodon API’s `/api/v1/custom_emojis` but in a different format

	## `/api/pleroma/follow_import`
	### Imports your follows, for example from a Mastodon CSV file.
	* Method: `POST`
	* Authentication: required
	* Params:
	* `list`: STRING or FILE containing a whitespace-separated list of accounts to follow
	* Response: HTTP 200 on success, 500 on error
	* Note: Users that can't be followed are silently skipped.

	## `/api/pleroma/captcha`
	### Get a new captcha
	* Method: `GET`
	* Authentication: not required
	* Params: none
	* Response: Provider specific JSON, the only guaranteed parameter is `type`
	* Example response: `{"type": "kocaptcha", "token": "whatever", "url": "https://captcha.kotobank.ch/endpoint"}`

	## `/api/pleroma/delete_account`
	### Delete an account
	* Method `POST`
	* Authentication: required
	* Params:
	* `password`: user's password
	* Response: JSON. Returns `{"status": "success"}` if the deletion was successful, `{"error": "[error message]"}` otherwise
	* Example response: `{"error": "Invalid password."}`

	## `/api/pleroma/disable_account`
	### Disable an account
	* Method `POST`
	* Authentication: required
	* Params:
	* `password`: user's password
	* Response: JSON. Returns `{"status": "success"}` if the account was successfully disabled, `{"error": "[error message]"}` otherwise
	* Example response: `{"error": "Invalid password."}`

	## `/api/account/register`
	### Register a new user
	* Method `POST`
	* Authentication: not required
	* Params:
	* `nickname`
	* `fullname`
	* `bio`
	* `email`
	* `password`
	* `confirm`
	* `captcha_solution`: optional, contains provider-specific captcha solution,
	* `captcha_token`: optional, contains provider-specific captcha token
	* `token`: invite token required when the registrations aren't public.
	* Response: JSON. Returns a user object on success, otherwise returns `{"error": "error_msg"}`
	* Example response:
	```json
	{
	"background_image": null,
	"cover_photo": "https://pleroma.soykaf.com/images/banner.png",
	"created_at": "Tue Dec 18 16:55:56 +0000 2018",
	"default_scope": "public",
	"description": "blushy-crushy fediverse idol + pleroma dev\nlet's be friends \nぷれろまの生徒会長。謎の外人。日本語OK. \n公主病.",
	"description_html": "blushy-crushy fediverse idol + pleroma dev.<br />let's be friends <br />ぷれろまの生徒会長。謎の外人。日本語OK. <br />公主病.",
	"favourites_count": 0,
	"fields": [],
	"followers_count": 0,
	"following": false,
	"follows_you": false,
	"friends_count": 0,
	"id": 6,
	"is_local": true,
	"locked": false,
	"name": "lain",
	"name_html": "lain",
	"no_rich_text": false,
	"pleroma": {
	"tags": []
	},
	"profile_image_url": "https://pleroma.soykaf.com/images/avi.png",
	"profile_image_url_https": "https://pleroma.soykaf.com/images/avi.png",
	"profile_image_url_original": "https://pleroma.soykaf.com/images/avi.png",
	"profile_image_url_profile_size": "https://pleroma.soykaf.com/images/avi.png",
	"rights": {
	"delete_others_notice": false
	},
	"screen_name": "lain",
	"statuses_count": 0,
	"statusnet_blocking": false,
	"statusnet_profile_url": "https://pleroma.soykaf.com/users/lain"
	}
	```

	## `/api/pleroma/admin/`…
	See [Admin-API](Admin-API.md)

	-## `/api/pleroma/notifications/read`
	-### Mark a single notification as read
	+## `/api/pleroma/v1/notifications/read`
	+### Mark notifications as read
	* Method `POST`
	* Authentication: required
	-* Params:
	- * `id`: notification's id
	-* Response: JSON. Returns `{"status": "success"}` if the reading was successful, otherwise returns `{"error": "error_msg"}`
	+* Params (mutually exclusive):
	+ * `id`: a single notification id to read
	+ * `max_id`: read all notifications up to this id
	+* Response: Notification entity/Array of Notification entities. In case of `max_id`, only the first 80 notifications will be returned.

	## `/api/v1/pleroma/accounts/:id/subscribe`
	### Subscribe to receive notifications for all statuses posted by a user
	* Method `POST`
	* Authentication: required
	* Params:
	* `id`: account id to subscribe to
	* Response: JSON, returns a mastodon relationship object on success, otherwise returns `{"error": "error_msg"}`
	* Example response:
	```json
	{
	"id": "abcdefg",
	"following": true,
	"followed_by": false,
	"blocking": false,
	"muting": false,
	"muting_notifications": false,
	"subscribing": true,
	"requested": false,
	"domain_blocking": false,
	"showing_reblogs": true,
	"endorsed": false
	}
	```

	## `/api/v1/pleroma/accounts/:id/unsubscribe`
	### Unsubscribe to stop receiving notifications from user statuses
	* Method `POST`
	* Authentication: required
	* Params:
	* `id`: account id to unsubscribe from
	* Response: JSON, returns a mastodon relationship object on success, otherwise returns `{"error": "error_msg"}`
	* Example response:
	```json
	{
	"id": "abcdefg",
	"following": true,
	"followed_by": false,
	"blocking": false,
	"muting": false,
	"muting_notifications": false,
	"subscribing": false,
	"requested": false,
	"domain_blocking": false,
	"showing_reblogs": true,
	"endorsed": false
	}
	```

	## `/api/v1/pleroma/accounts/:id/favourites`
	### Returns favorites timeline of any user
	* Method `GET`
	* Authentication: not required
	* Params:
	* `id`: the id of the account for whom to return results
	* `limit`: optional, the number of records to retrieve
	* `since_id`: optional, returns results that are more recent than the specified id
	* `max_id`: optional, returns results that are older than the specified id
	* Response: JSON, returns a list of Mastodon Status entities on success, otherwise returns `{"error": "error_msg"}`
	* Example response:
	```json
	[
	{
	"account": {
	"id": "9hptFmUF3ztxYh3Svg",
	"url": "https://pleroma.example.org/users/nick2",
	"username": "nick2",
	...
	},
	"application": {"name": "Web", "website": null},
	"bookmarked": false,
	"card": null,
	"content": "This is :moominmamma: note 0",
	"created_at": "2019-04-15T15:42:15.000Z",
	"emojis": [],
	"favourited": false,
	"favourites_count": 1,
	"id": "9hptFmVJ02khbzYJaS",
	"in_reply_to_account_id": null,
	"in_reply_to_id": null,
	"language": null,
	"media_attachments": [],
	"mentions": [],
	"muted": false,
	"pinned": false,
	"pleroma": {
	"content": {"text/plain": "This is :moominmamma: note 0"},
	"conversation_id": 13679,
	"local": true,
	"spoiler_text": {"text/plain": "2hu"}
	},
	"reblog": null,
	"reblogged": false,
	"reblogs_count": 0,
	"replies_count": 0,
	"sensitive": false,
	"spoiler_text": "2hu",
	"tags": [{"name": "2hu", "url": "/tag/2hu"}],
	"uri": "https://pleroma.example.org/objects/198ed2a1-7912-4482-b559-244a0369e984",
	"url": "https://pleroma.example.org/notice/9hptFmVJ02khbzYJaS",
	"visibility": "public"
	}
	]
	```

	## `/api/v1/pleroma/accounts/update_*`
	### Set and clear account avatar, banner, and background

	- PATCH `/api/v1/pleroma/accounts/update_avatar`: Set/clear user avatar image
	- PATCH `/api/v1/pleroma/accounts/update_banner`: Set/clear user banner image
	- PATCH `/api/v1/pleroma/accounts/update_background`: Set/clear user background image

	## `/api/v1/pleroma/accounts/confirmation_resend`
	### Resend confirmation email
	* Method `POST`
	* Params:
	* `email`: email of that needs to be verified
	* Authentication: not required
	* Response: 204 No Content

	## `/api/v1/pleroma/mascot`
	### Gets user mascot image
	* Method `GET`
	* Authentication: required

	* Response: JSON. Returns a mastodon media attachment entity.
	* Example response:
	```json
	{
	"id": "abcdefg",
	"url": "https://pleroma.example.org/media/abcdefg.png",
	"type": "image",
	"pleroma": {
	"mime_type": "image/png"
	}
	}
	```

	### Updates user mascot image
	* Method `PUT`
	* Authentication: required
	* Params:
	* `image`: Multipart image
	* Response: JSON. Returns a mastodon media attachment entity
	when successful, otherwise returns HTTP 415 `{"error": "error_msg"}`
	* Example response:
	```json
	{
	"id": "abcdefg",
	"url": "https://pleroma.example.org/media/abcdefg.png",
	"type": "image",
	"pleroma": {
	"mime_type": "image/png"
	}
	}
	```
	* Note: Behaves exactly the same as `POST /api/v1/upload`.
	Can only accept images - any attempt to upload non-image files will be met with `HTTP 415 Unsupported Media Type`.

	## `/api/pleroma/notification_settings`
	### Updates user notification settings
	* Method `PUT`
	* Authentication: required
	* Params:
	* `followers`: BOOLEAN field, receives notifications from followers
	* `follows`: BOOLEAN field, receives notifications from people the user follows
	* `remote`: BOOLEAN field, receives notifications from people on remote instances
	* `local`: BOOLEAN field, receives notifications from people on the local instance
	* Response: JSON. Returns `{"status": "success"}` if the update was successful, otherwise returns `{"error": "error_msg"}`

	## `/api/pleroma/healthcheck`
	### Healthcheck endpoint with additional system data.
	* Method `GET`
	* Authentication: not required
	* Params: none
	* Response: JSON, statuses (200 - healthy, 503 unhealthy).
	* Example response:
	```json
	{
	"pool_size": 0, # database connection pool
	"active": 0, # active processes
	"idle": 0, # idle processes
	"memory_used": 0.00, # Memory used
	"healthy": true # Instance state
	}
	```

	# Pleroma Conversations

	Pleroma Conversations have the same general structure that Mastodon Conversations have. The behavior differs in the following ways when using these endpoints:

	1. Pleroma Conversations never add or remove recipients, unless explicitly changed by the user.
	2. Pleroma Conversations statuses can be requested by Conversation id.
	3. Pleroma Conversations can be replied to.

	Conversations have the additional field "recipients" under the "pleroma" key. This holds a list of all the accounts that will receive a message in this conversation.

	The status posting endpoint takes an additional parameter, `in_reply_to_conversation_id`, which, when set, will set the visiblity to direct and address only the people who are the recipients of that Conversation.


	## `GET /api/v1/pleroma/conversations/:id/statuses`
	### Timeline for a given conversation
	* Method `GET`
	* Authentication: required
	* Params: Like other timelines
	* Response: JSON, statuses (200 - healthy, 503 unhealthy).

	## `GET /api/v1/pleroma/conversations/:id`
	### The conversation with the given ID.
	* Method `GET`
	* Authentication: required
	* Params: None
	* Response: JSON, statuses (200 - healthy, 503 unhealthy).

	## `PATCH /api/v1/pleroma/conversations/:id`
	### Update a conversation. Used to change the set of recipients.
	* Method `PATCH`
	* Authentication: required
	* Params:
	* `recipients`: A list of ids of users that should receive posts to this conversation. This will replace the current list of recipients, so submit the full list. The owner of owner of the conversation will always be part of the set of recipients, though.
	* Response: JSON, statuses (200 - healthy, 503 unhealthy)
	diff --git a/lib/pleroma/notification.ex b/lib/pleroma/notification.ex
	index 5d29af8536..d7e2329922 100644
	--- a/lib/pleroma/notification.ex
	+++ b/lib/pleroma/notification.ex
	@@ -1,286 +1,303 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.Notification do
	use Ecto.Schema

	alias Pleroma.Activity
	alias Pleroma.Notification
	alias Pleroma.Object
	alias Pleroma.Pagination
	alias Pleroma.Repo
	alias Pleroma.User
	alias Pleroma.Web.CommonAPI.Utils
	alias Pleroma.Web.Push
	alias Pleroma.Web.Streamer

	import Ecto.Query
	import Ecto.Changeset

	@type t :: %__MODULE__{}

	schema "notifications" do
	field(:seen, :boolean, default: false)
	belongs_to(:user, User, type: Pleroma.FlakeId)
	belongs_to(:activity, Activity, type: Pleroma.FlakeId)

	timestamps()
	end

	def changeset(%Notification{} = notification, attrs) do
	notification
	\|> cast(attrs, [:seen])
	end

	def for_user_query(user, opts \\ []) do
	query =
	Notification
	\|> where(user_id: ^user.id)
	\|> where(
	[n, a],
	fragment(
	"? not in (SELECT ap_id FROM users WHERE info->'deactivated' @> 'true')",
	a.actor
	)
	)
	\|> join(:inner, [n], activity in assoc(n, :activity))
	\|> join(:left, [n, a], object in Object,
	on:
	fragment(
	"(?->>'id') = COALESCE((? -> 'object'::text) ->> 'id'::text)",
	object.data,
	a.data
	)
	)
	\|> preload([n, a, o], activity: {a, object: o})

	if opts[:with_muted] do
	query
	else
	where(query, [n, a], a.actor not in ^user.info.muted_notifications)
	\|> where([n, a], a.actor not in ^user.info.blocks)
	\|> where(
	[n, a],
	fragment("substring(? from '.://([^/])')", a.actor) not in ^user.info.domain_blocks
	)
	\|> join(:left, [n, a], tm in Pleroma.ThreadMute,
	on: tm.user_id == ^user.id and tm.context == fragment("?->>'context'", a.data)
	)
	\|> where([n, a, o, tm], is_nil(tm.user_id))
	end
	end

	def for_user(user, opts \\ %{}) do
	user
	\|> for_user_query(opts)
	\|> Pagination.fetch_paginated(opts)
	end

	@doc """
	Returns notifications for user received since given date.

	## Examples

	iex> Pleroma.Notification.for_user_since(%Pleroma.User{}, ~N[2019-04-13 11:22:33])
	[%Pleroma.Notification{}, %Pleroma.Notification{}]

	iex> Pleroma.Notification.for_user_since(%Pleroma.User{}, ~N[2019-04-15 11:22:33])
	[]
	"""
	@spec for_user_since(Pleroma.User.t(), NaiveDateTime.t()) :: [t()]
	def for_user_since(user, date) do
	from(n in for_user_query(user),
	where: n.updated_at > ^date
	)
	\|> Repo.all()
	end

	def set_read_up_to(%{id: user_id} = _user, id) do
	query =
	from(
	n in Notification,
	where: n.user_id == ^user_id,
	where: n.id <= ^id,
	+ where: n.seen == false,
	update: [
	set: [
	seen: true,
	updated_at: ^NaiveDateTime.utc_now()
	]
	- ]
	+ ],
	+ # Ideally we would preload object and activities here
	+ # but Ecto does not support preloads in update_all
	+ select: n.id
	)

	- Repo.update_all(query, [])
	+ {_, notification_ids} = Repo.update_all(query, [])
	+
	+ from(n in Notification, where: n.id in ^notification_ids)
	+ \|> join(:inner, [n], activity in assoc(n, :activity))
	+ \|> join(:left, [n, a], object in Object,
	+ on:
	+ fragment(
	+ "(?->>'id') = COALESCE((? -> 'object'::text) ->> 'id'::text)",
	+ object.data,
	+ a.data
	+ )
	+ )
	+ \|> preload([n, a, o], activity: {a, object: o})
	+ \|> Repo.all()
	end

	def read_one(%User{} = user, notification_id) do
	with {:ok, %Notification{} = notification} <- get(user, notification_id) do
	notification
	\|> changeset(%{seen: true})
	\|> Repo.update()
	end
	end

	def get(%{id: user_id} = _user, id) do
	query =
	from(
	n in Notification,
	where: n.id == ^id,
	join: activity in assoc(n, :activity),
	preload: [activity: activity]
	)

	notification = Repo.one(query)

	case notification do
	%{user_id: ^user_id} ->
	{:ok, notification}

	_ ->
	{:error, "Cannot get notification"}
	end
	end

	def clear(user) do
	from(n in Notification, where: n.user_id == ^user.id)
	\|> Repo.delete_all()
	end

	def destroy_multiple(%{id: user_id} = _user, ids) do
	from(n in Notification,
	where: n.id in ^ids,
	where: n.user_id == ^user_id
	)
	\|> Repo.delete_all()
	end

	def dismiss(%{id: user_id} = _user, id) do
	notification = Repo.get(Notification, id)

	case notification do
	%{user_id: ^user_id} ->
	Repo.delete(notification)

	_ ->
	{:error, "Cannot dismiss notification"}
	end
	end

	def create_notifications(%Activity{data: %{"to" => _, "type" => "Create"}} = activity) do
	object = Object.normalize(activity)

	unless object && object.data["type"] == "Answer" do
	users = get_notified_from_activity(activity)
	notifications = Enum.map(users, fn user -> create_notification(activity, user) end)
	{:ok, notifications}
	else
	{:ok, []}
	end
	end

	def create_notifications(%Activity{data: %{"to" => _, "type" => type}} = activity)
	when type in ["Like", "Announce", "Follow"] do
	users = get_notified_from_activity(activity)
	notifications = Enum.map(users, fn user -> create_notification(activity, user) end)
	{:ok, notifications}
	end

	def create_notifications(_), do: {:ok, []}

	# TODO move to sql, too.
	def create_notification(%Activity{} = activity, %User{} = user) do
	unless skip?(activity, user) do
	notification = %Notification{user_id: user.id, activity: activity}
	{:ok, notification} = Repo.insert(notification)
	Streamer.stream("user", notification)
	Streamer.stream("user:notification", notification)
	Push.send(notification)
	notification
	end
	end

	def get_notified_from_activity(activity, local_only \\ true)

	def get_notified_from_activity(
	%Activity{data: %{"to" => _, "type" => type} = _data} = activity,
	local_only
	)
	when type in ["Create", "Like", "Announce", "Follow"] do
	recipients =
	[]
	\|> Utils.maybe_notify_to_recipients(activity)
	\|> Utils.maybe_notify_mentioned_recipients(activity)
	\|> Utils.maybe_notify_subscribers(activity)
	\|> Enum.uniq()

	User.get_users_from_set(recipients, local_only)
	end

	def get_notified_from_activity(_, _local_only), do: []

	@spec skip?(Activity.t(), User.t()) :: boolean()
	def skip?(activity, user) do
	[
	:self,
	:followers,
	:follows,
	:non_followers,
	:non_follows,
	:recently_followed
	]
	\|> Enum.any?(&skip?(&1, activity, user))
	end

	@spec skip?(atom(), Activity.t(), User.t()) :: boolean()
	def skip?(:self, activity, user) do
	activity.data["actor"] == user.ap_id
	end

	def skip?(
	:followers,
	activity,
	%{info: %{notification_settings: %{"followers" => false}}} = user
	) do
	actor = activity.data["actor"]
	follower = User.get_cached_by_ap_id(actor)
	User.following?(follower, user)
	end

	def skip?(
	:non_followers,
	activity,
	%{info: %{notification_settings: %{"non_followers" => false}}} = user
	) do
	actor = activity.data["actor"]
	follower = User.get_cached_by_ap_id(actor)
	!User.following?(follower, user)
	end

	def skip?(:follows, activity, %{info: %{notification_settings: %{"follows" => false}}} = user) do
	actor = activity.data["actor"]
	followed = User.get_cached_by_ap_id(actor)
	User.following?(user, followed)
	end

	def skip?(
	:non_follows,
	activity,
	%{info: %{notification_settings: %{"non_follows" => false}}} = user
	) do
	actor = activity.data["actor"]
	followed = User.get_cached_by_ap_id(actor)
	!User.following?(user, followed)
	end

	def skip?(:recently_followed, %{data: %{"type" => "Follow"}} = activity, user) do
	actor = activity.data["actor"]

	Notification.for_user(user)
	\|> Enum.any?(fn
	%{activity: %{data: %{"type" => "Follow", "actor" => ^actor}}} -> true
	_ -> false
	end)
	end

	def skip?(_, _, _), do: false
	end
	diff --git a/lib/pleroma/web/pleroma_api/pleroma_api_controller.ex b/lib/pleroma/web/pleroma_api/pleroma_api_controller.ex
	index b6d2bf86bf..f4df3b024e 100644
	--- a/lib/pleroma/web/pleroma_api/pleroma_api_controller.ex
	+++ b/lib/pleroma/web/pleroma_api/pleroma_api_controller.ex
	@@ -1,73 +1,98 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.Web.PleromaAPI.PleromaAPIController do
	use Pleroma.Web, :controller

	import Pleroma.Web.ControllerHelper, only: [add_link_headers: 7]

	alias Pleroma.Conversation.Participation
	+ alias Pleroma.Notification
	alias Pleroma.Web.ActivityPub.ActivityPub
	alias Pleroma.Web.MastodonAPI.ConversationView
	+ alias Pleroma.Web.MastodonAPI.NotificationView
	alias Pleroma.Web.MastodonAPI.StatusView

	def conversation(%{assigns: %{user: user}} = conn, %{"id" => participation_id}) do
	with %Participation{} = participation <- Participation.get(participation_id),
	true <- user.id == participation.user_id do
	conn
	\|> put_view(ConversationView)
	\|> render("participation.json", %{participation: participation, for: user})
	end
	end

	def conversation_statuses(
	%{assigns: %{user: user}} = conn,
	%{"id" => participation_id} = params
	) do
	params =
	params
	\|> Map.put("blocking_user", user)
	\|> Map.put("muting_user", user)
	\|> Map.put("user", user)

	participation =
	participation_id
	\|> Participation.get(preload: [:conversation])

	if user.id == participation.user_id do
	activities =
	participation.conversation.ap_id
	\|> ActivityPub.fetch_activities_for_context(params)
	\|> Enum.reverse()

	conn
	\|> add_link_headers(
	:conversation_statuses,
	activities,
	participation_id,
	params,
	nil,
	&pleroma_api_url/4
	)
	\|> put_view(StatusView)
	\|> render("index.json", %{activities: activities, for: user, as: :activity})
	end
	end

	def update_conversation(
	%{assigns: %{user: user}} = conn,
	%{"id" => participation_id, "recipients" => recipients}
	) do
	participation =
	participation_id
	\|> Participation.get()

	with true <- user.id == participation.user_id,
	{:ok, participation} <- Participation.set_recipients(participation, recipients) do
	conn
	\|> put_view(ConversationView)
	\|> render("participation.json", %{participation: participation, for: user})
	end
	end
	+
	+ def read_notification(%{assigns: %{user: user}} = conn, %{"id" => notification_id}) do
	+ with {:ok, notification} <- Notification.read_one(user, notification_id) do
	+ conn
	+ \|> put_view(NotificationView)
	+ \|> render("show.json", %{notification: notification, for: user})
	+ else
	+ {:error, message} ->
	+ conn
	+ \|> put_status(:bad_request)
	+ \|> json(%{"error" => message})
	+ end
	+ end
	+
	+ def read_notification(%{assigns: %{user: user}} = conn, %{"max_id" => max_id}) do
	+ with notifications <- Notification.set_read_up_to(user, max_id) do
	+ notifications = Enum.take(notifications, 80)
	+
	+ conn
	+ \|> put_view(NotificationView)
	+ \|> render("index.json", %{notifications: notifications, for: user})
	+ end
	+ end
	end
	diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex
	index 969dc66fd2..44a4279f7f 100644
	--- a/lib/pleroma/web/router.ex
	+++ b/lib/pleroma/web/router.ex
	@@ -1,769 +1,764 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.Web.Router do
	use Pleroma.Web, :router

	pipeline :browser do
	plug(:accepts, ["html"])
	plug(:fetch_session)
	end

	pipeline :oauth do
	plug(:fetch_session)
	plug(Pleroma.Plugs.OAuthPlug)
	end

	pipeline :api do
	plug(:accepts, ["json"])
	plug(:fetch_session)
	plug(Pleroma.Plugs.OAuthPlug)
	plug(Pleroma.Plugs.BasicAuthDecoderPlug)
	plug(Pleroma.Plugs.UserFetcherPlug)
	plug(Pleroma.Plugs.SessionAuthenticationPlug)
	plug(Pleroma.Plugs.LegacyAuthenticationPlug)
	plug(Pleroma.Plugs.AuthenticationPlug)
	plug(Pleroma.Plugs.UserEnabledPlug)
	plug(Pleroma.Plugs.SetUserSessionIdPlug)
	plug(Pleroma.Plugs.EnsureUserKeyPlug)
	plug(Pleroma.Plugs.IdempotencyPlug)
	end

	pipeline :authenticated_api do
	plug(:accepts, ["json"])
	plug(:fetch_session)
	plug(Pleroma.Plugs.OAuthPlug)
	plug(Pleroma.Plugs.BasicAuthDecoderPlug)
	plug(Pleroma.Plugs.UserFetcherPlug)
	plug(Pleroma.Plugs.SessionAuthenticationPlug)
	plug(Pleroma.Plugs.LegacyAuthenticationPlug)
	plug(Pleroma.Plugs.AuthenticationPlug)
	plug(Pleroma.Plugs.UserEnabledPlug)
	plug(Pleroma.Plugs.SetUserSessionIdPlug)
	plug(Pleroma.Plugs.EnsureAuthenticatedPlug)
	plug(Pleroma.Plugs.IdempotencyPlug)
	end

	pipeline :admin_api do
	plug(:accepts, ["json"])
	plug(:fetch_session)
	plug(Pleroma.Plugs.OAuthPlug)
	plug(Pleroma.Plugs.BasicAuthDecoderPlug)
	plug(Pleroma.Plugs.UserFetcherPlug)
	plug(Pleroma.Plugs.SessionAuthenticationPlug)
	plug(Pleroma.Plugs.LegacyAuthenticationPlug)
	plug(Pleroma.Plugs.AuthenticationPlug)
	plug(Pleroma.Plugs.AdminSecretAuthenticationPlug)
	plug(Pleroma.Plugs.UserEnabledPlug)
	plug(Pleroma.Plugs.SetUserSessionIdPlug)
	plug(Pleroma.Plugs.EnsureAuthenticatedPlug)
	plug(Pleroma.Plugs.UserIsAdminPlug)
	plug(Pleroma.Plugs.IdempotencyPlug)
	end

	pipeline :mastodon_html do
	plug(:accepts, ["html"])
	plug(:fetch_session)
	plug(Pleroma.Plugs.OAuthPlug)
	plug(Pleroma.Plugs.BasicAuthDecoderPlug)
	plug(Pleroma.Plugs.UserFetcherPlug)
	plug(Pleroma.Plugs.SessionAuthenticationPlug)
	plug(Pleroma.Plugs.LegacyAuthenticationPlug)
	plug(Pleroma.Plugs.AuthenticationPlug)
	plug(Pleroma.Plugs.UserEnabledPlug)
	plug(Pleroma.Plugs.SetUserSessionIdPlug)
	plug(Pleroma.Plugs.EnsureUserKeyPlug)
	end

	pipeline :pleroma_html do
	plug(:accepts, ["html"])
	plug(:fetch_session)
	plug(Pleroma.Plugs.OAuthPlug)
	plug(Pleroma.Plugs.BasicAuthDecoderPlug)
	plug(Pleroma.Plugs.UserFetcherPlug)
	plug(Pleroma.Plugs.SessionAuthenticationPlug)
	plug(Pleroma.Plugs.AuthenticationPlug)
	plug(Pleroma.Plugs.EnsureUserKeyPlug)
	end

	pipeline :oauth_read_or_public do
	plug(Pleroma.Plugs.OAuthScopesPlug, %{
	scopes: ["read"],
	fallback: :proceed_unauthenticated
	})

	plug(Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug)
	end

	pipeline :oauth_read do
	plug(Pleroma.Plugs.OAuthScopesPlug, %{scopes: ["read"]})
	end

	pipeline :oauth_write do
	plug(Pleroma.Plugs.OAuthScopesPlug, %{scopes: ["write"]})
	end

	pipeline :oauth_follow do
	plug(Pleroma.Plugs.OAuthScopesPlug, %{scopes: ["follow"]})
	end

	pipeline :oauth_push do
	plug(Pleroma.Plugs.OAuthScopesPlug, %{scopes: ["push"]})
	end

	pipeline :well_known do
	plug(:accepts, ["json", "jrd+json", "xml", "xrd+xml"])
	end

	pipeline :config do
	plug(:accepts, ["json", "xml"])
	end

	pipeline :pleroma_api do
	plug(:accepts, ["html", "json"])
	end

	pipeline :mailbox_preview do
	plug(:accepts, ["html"])

	plug(:put_secure_browser_headers, %{
	"content-security-policy" =>
	"default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' 'unsafe-eval'"
	})
	end

	pipeline :http_signature do
	plug(Pleroma.Web.Plugs.HTTPSignaturePlug)
	end

	scope "/api/pleroma", Pleroma.Web.TwitterAPI do
	pipe_through(:pleroma_api)

	get("/password_reset/:token", PasswordController, :reset, as: :reset_password)
	post("/password_reset", PasswordController, :do_reset, as: :reset_password)
	get("/emoji", UtilController, :emoji)
	get("/captcha", UtilController, :captcha)
	get("/healthcheck", UtilController, :healthcheck)
	end

	scope "/api/pleroma", Pleroma.Web do
	pipe_through(:pleroma_api)
	post("/uploader_callback/:upload_path", UploaderController, :callback)
	end

	scope "/api/pleroma/admin", Pleroma.Web.AdminAPI do
	pipe_through([:admin_api, :oauth_write])

	post("/users/follow", AdminAPIController, :user_follow)
	post("/users/unfollow", AdminAPIController, :user_unfollow)

	delete("/users", AdminAPIController, :user_delete)
	post("/users", AdminAPIController, :users_create)
	patch("/users/:nickname/toggle_activation", AdminAPIController, :user_toggle_activation)
	put("/users/tag", AdminAPIController, :tag_users)
	delete("/users/tag", AdminAPIController, :untag_users)

	get("/users/:nickname/permission_group", AdminAPIController, :right_get)
	get("/users/:nickname/permission_group/:permission_group", AdminAPIController, :right_get)
	post("/users/:nickname/permission_group/:permission_group", AdminAPIController, :right_add)

	delete(
	"/users/:nickname/permission_group/:permission_group",
	AdminAPIController,
	:right_delete
	)

	put("/users/:nickname/activation_status", AdminAPIController, :set_activation_status)

	post("/relay", AdminAPIController, :relay_follow)
	delete("/relay", AdminAPIController, :relay_unfollow)

	get("/users/invite_token", AdminAPIController, :get_invite_token)
	get("/users/invites", AdminAPIController, :invites)
	post("/users/revoke_invite", AdminAPIController, :revoke_invite)
	post("/users/email_invite", AdminAPIController, :email_invite)

	get("/users/:nickname/password_reset", AdminAPIController, :get_password_reset)

	get("/users", AdminAPIController, :list_users)
	get("/users/:nickname", AdminAPIController, :user_show)
	get("/users/:nickname/statuses", AdminAPIController, :list_user_statuses)

	get("/reports", AdminAPIController, :list_reports)
	get("/reports/:id", AdminAPIController, :report_show)
	put("/reports/:id", AdminAPIController, :report_update_state)
	post("/reports/:id/respond", AdminAPIController, :report_respond)

	put("/statuses/:id", AdminAPIController, :status_update)
	delete("/statuses/:id", AdminAPIController, :status_delete)

	get("/config", AdminAPIController, :config_show)
	post("/config", AdminAPIController, :config_update)
	get("/config/migrate_to_db", AdminAPIController, :migrate_to_db)
	get("/config/migrate_from_db", AdminAPIController, :migrate_from_db)

	get("/moderation_log", AdminAPIController, :list_log)
	end

	scope "/", Pleroma.Web.TwitterAPI do
	pipe_through(:pleroma_html)

	post("/main/ostatus", UtilController, :remote_subscribe)
	get("/ostatus_subscribe", UtilController, :remote_follow)

	scope [] do
	pipe_through(:oauth_follow)
	post("/ostatus_subscribe", UtilController, :do_remote_follow)
	end
	end

	scope "/api/pleroma", Pleroma.Web.TwitterAPI do
	pipe_through(:authenticated_api)

	scope [] do
	pipe_through(:oauth_write)

	post("/change_password", UtilController, :change_password)
	post("/delete_account", UtilController, :delete_account)
	put("/notification_settings", UtilController, :update_notificaton_settings)
	post("/disable_account", UtilController, :disable_account)
	end

	scope [] do
	pipe_through(:oauth_follow)

	post("/blocks_import", UtilController, :blocks_import)
	post("/follow_import", UtilController, :follow_import)
	end
	-
	- scope [] do
	- pipe_through(:oauth_read)
	-
	- post("/notifications/read", UtilController, :notifications_read)
	- end
	end

	scope "/oauth", Pleroma.Web.OAuth do
	scope [] do
	pipe_through(:oauth)
	get("/authorize", OAuthController, :authorize)
	end

	post("/authorize", OAuthController, :create_authorization)
	post("/token", OAuthController, :token_exchange)
	post("/revoke", OAuthController, :token_revoke)
	get("/registration_details", OAuthController, :registration_details)

	scope [] do
	pipe_through(:browser)

	get("/prepare_request", OAuthController, :prepare_request)
	get("/:provider", OAuthController, :request)
	get("/:provider/callback", OAuthController, :callback)
	post("/register", OAuthController, :register)
	end
	end

	scope "/api/v1/pleroma", Pleroma.Web.PleromaAPI do
	pipe_through(:authenticated_api)

	scope [] do
	pipe_through(:oauth_read)
	get("/conversations/:id/statuses", PleromaAPIController, :conversation_statuses)
	get("/conversations/:id", PleromaAPIController, :conversation)
	end

	scope [] do
	pipe_through(:oauth_write)
	patch("/conversations/:id", PleromaAPIController, :update_conversation)
	+ post("/notifications/read", PleromaAPIController, :read_notification)
	end
	end

	scope "/api/v1", Pleroma.Web.MastodonAPI do
	pipe_through(:authenticated_api)

	scope [] do
	pipe_through(:oauth_read)

	get("/accounts/verify_credentials", MastodonAPIController, :verify_credentials)

	get("/accounts/relationships", MastodonAPIController, :relationships)

	get("/accounts/:id/lists", MastodonAPIController, :account_lists)
	get("/accounts/:id/identity_proofs", MastodonAPIController, :empty_array)

	get("/follow_requests", MastodonAPIController, :follow_requests)
	get("/blocks", MastodonAPIController, :blocks)
	get("/mutes", MastodonAPIController, :mutes)

	get("/timelines/home", MastodonAPIController, :home_timeline)
	get("/timelines/direct", MastodonAPIController, :dm_timeline)

	get("/favourites", MastodonAPIController, :favourites)
	get("/bookmarks", MastodonAPIController, :bookmarks)

	post("/notifications/clear", MastodonAPIController, :clear_notifications)
	post("/notifications/dismiss", MastodonAPIController, :dismiss_notification)
	get("/notifications", MastodonAPIController, :notifications)
	get("/notifications/:id", MastodonAPIController, :get_notification)
	delete("/notifications/destroy_multiple", MastodonAPIController, :destroy_multiple)

	get("/scheduled_statuses", MastodonAPIController, :scheduled_statuses)
	get("/scheduled_statuses/:id", MastodonAPIController, :show_scheduled_status)

	get("/lists", ListController, :index)
	get("/lists/:id", ListController, :show)
	get("/lists/:id/accounts", ListController, :list_accounts)

	get("/domain_blocks", MastodonAPIController, :domain_blocks)

	get("/filters", MastodonAPIController, :get_filters)

	get("/suggestions", MastodonAPIController, :suggestions)

	get("/conversations", MastodonAPIController, :conversations)
	post("/conversations/:id/read", MastodonAPIController, :conversation_read)

	get("/endorsements", MastodonAPIController, :empty_array)
	end

	scope [] do
	pipe_through(:oauth_write)

	patch("/accounts/update_credentials", MastodonAPIController, :update_credentials)

	post("/statuses", MastodonAPIController, :post_status)
	delete("/statuses/:id", MastodonAPIController, :delete_status)

	post("/statuses/:id/reblog", MastodonAPIController, :reblog_status)
	post("/statuses/:id/unreblog", MastodonAPIController, :unreblog_status)
	post("/statuses/:id/favourite", MastodonAPIController, :fav_status)
	post("/statuses/:id/unfavourite", MastodonAPIController, :unfav_status)
	post("/statuses/:id/pin", MastodonAPIController, :pin_status)
	post("/statuses/:id/unpin", MastodonAPIController, :unpin_status)
	post("/statuses/:id/bookmark", MastodonAPIController, :bookmark_status)
	post("/statuses/:id/unbookmark", MastodonAPIController, :unbookmark_status)
	post("/statuses/:id/mute", MastodonAPIController, :mute_conversation)
	post("/statuses/:id/unmute", MastodonAPIController, :unmute_conversation)

	put("/scheduled_statuses/:id", MastodonAPIController, :update_scheduled_status)
	delete("/scheduled_statuses/:id", MastodonAPIController, :delete_scheduled_status)

	post("/polls/:id/votes", MastodonAPIController, :poll_vote)

	post("/media", MastodonAPIController, :upload)
	put("/media/:id", MastodonAPIController, :update_media)

	delete("/lists/:id", ListController, :delete)
	post("/lists", ListController, :create)
	put("/lists/:id", ListController, :update)

	post("/lists/:id/accounts", ListController, :add_to_list)
	delete("/lists/:id/accounts", ListController, :remove_from_list)

	post("/filters", MastodonAPIController, :create_filter)
	get("/filters/:id", MastodonAPIController, :get_filter)
	put("/filters/:id", MastodonAPIController, :update_filter)
	delete("/filters/:id", MastodonAPIController, :delete_filter)

	patch("/pleroma/accounts/update_avatar", MastodonAPIController, :update_avatar)
	patch("/pleroma/accounts/update_banner", MastodonAPIController, :update_banner)
	patch("/pleroma/accounts/update_background", MastodonAPIController, :update_background)

	get("/pleroma/mascot", MastodonAPIController, :get_mascot)
	put("/pleroma/mascot", MastodonAPIController, :set_mascot)

	post("/reports", MastodonAPIController, :reports)
	end

	scope [] do
	pipe_through(:oauth_follow)

	post("/follows", MastodonAPIController, :follow)
	post("/accounts/:id/follow", MastodonAPIController, :follow)

	post("/accounts/:id/unfollow", MastodonAPIController, :unfollow)
	post("/accounts/:id/block", MastodonAPIController, :block)
	post("/accounts/:id/unblock", MastodonAPIController, :unblock)
	post("/accounts/:id/mute", MastodonAPIController, :mute)
	post("/accounts/:id/unmute", MastodonAPIController, :unmute)

	post("/follow_requests/:id/authorize", MastodonAPIController, :authorize_follow_request)
	post("/follow_requests/:id/reject", MastodonAPIController, :reject_follow_request)

	post("/domain_blocks", MastodonAPIController, :block_domain)
	delete("/domain_blocks", MastodonAPIController, :unblock_domain)

	post("/pleroma/accounts/:id/subscribe", MastodonAPIController, :subscribe)
	post("/pleroma/accounts/:id/unsubscribe", MastodonAPIController, :unsubscribe)
	end

	scope [] do
	pipe_through(:oauth_push)

	post("/push/subscription", SubscriptionController, :create)
	get("/push/subscription", SubscriptionController, :get)
	put("/push/subscription", SubscriptionController, :update)
	delete("/push/subscription", SubscriptionController, :delete)
	end
	end

	scope "/api/web", Pleroma.Web.MastodonAPI do
	pipe_through([:authenticated_api, :oauth_write])

	put("/settings", MastodonAPIController, :put_settings)
	end

	scope "/api/v1", Pleroma.Web.MastodonAPI do
	pipe_through(:api)

	post("/accounts", MastodonAPIController, :account_register)

	get("/instance", MastodonAPIController, :masto_instance)
	get("/instance/peers", MastodonAPIController, :peers)
	post("/apps", MastodonAPIController, :create_app)
	get("/apps/verify_credentials", MastodonAPIController, :verify_app_credentials)
	get("/custom_emojis", MastodonAPIController, :custom_emojis)

	get("/statuses/:id/card", MastodonAPIController, :status_card)

	get("/statuses/:id/favourited_by", MastodonAPIController, :favourited_by)
	get("/statuses/:id/reblogged_by", MastodonAPIController, :reblogged_by)

	get("/trends", MastodonAPIController, :empty_array)

	get("/accounts/search", SearchController, :account_search)

	post(
	"/pleroma/accounts/confirmation_resend",
	MastodonAPIController,
	:account_confirmation_resend
	)

	scope [] do
	pipe_through(:oauth_read_or_public)

	get("/timelines/public", MastodonAPIController, :public_timeline)
	get("/timelines/tag/:tag", MastodonAPIController, :hashtag_timeline)
	get("/timelines/list/:list_id", MastodonAPIController, :list_timeline)

	get("/statuses/:id", MastodonAPIController, :get_status)
	get("/statuses/:id/context", MastodonAPIController, :get_context)

	get("/polls/:id", MastodonAPIController, :get_poll)

	get("/accounts/:id/statuses", MastodonAPIController, :user_statuses)
	get("/accounts/:id/followers", MastodonAPIController, :followers)
	get("/accounts/:id/following", MastodonAPIController, :following)
	get("/accounts/:id", MastodonAPIController, :user)

	get("/search", SearchController, :search)

	get("/pleroma/accounts/:id/favourites", MastodonAPIController, :user_favourites)
	end
	end

	scope "/api/v2", Pleroma.Web.MastodonAPI do
	pipe_through([:api, :oauth_read_or_public])
	get("/search", SearchController, :search2)
	end

	scope "/api", Pleroma.Web do
	pipe_through(:config)

	get("/help/test", TwitterAPI.UtilController, :help_test)
	post("/help/test", TwitterAPI.UtilController, :help_test)
	get("/statusnet/config", TwitterAPI.UtilController, :config)
	get("/statusnet/version", TwitterAPI.UtilController, :version)
	get("/pleroma/frontend_configurations", TwitterAPI.UtilController, :frontend_configurations)
	end

	scope "/api", Pleroma.Web do
	pipe_through(:api)

	post("/account/register", TwitterAPI.Controller, :register)
	post("/account/password_reset", TwitterAPI.Controller, :password_reset)

	post("/account/resend_confirmation_email", TwitterAPI.Controller, :resend_confirmation_email)

	get(
	"/account/confirm_email/:user_id/:token",
	TwitterAPI.Controller,
	:confirm_email,
	as: :confirm_email
	)

	scope [] do
	pipe_through(:oauth_read_or_public)

	get("/statuses/user_timeline", TwitterAPI.Controller, :user_timeline)
	get("/qvitter/statuses/user_timeline", TwitterAPI.Controller, :user_timeline)
	get("/users/show", TwitterAPI.Controller, :show_user)

	get("/statuses/followers", TwitterAPI.Controller, :followers)
	get("/statuses/friends", TwitterAPI.Controller, :friends)
	get("/statuses/blocks", TwitterAPI.Controller, :blocks)
	get("/statuses/show/:id", TwitterAPI.Controller, :fetch_status)
	get("/statusnet/conversation/:id", TwitterAPI.Controller, :fetch_conversation)

	get("/search", TwitterAPI.Controller, :search)
	get("/statusnet/tags/timeline/:tag", TwitterAPI.Controller, :public_and_external_timeline)
	end
	end

	scope "/api", Pleroma.Web do
	pipe_through([:api, :oauth_read_or_public])

	get("/statuses/public_timeline", TwitterAPI.Controller, :public_timeline)

	get(
	"/statuses/public_and_external_timeline",
	TwitterAPI.Controller,
	:public_and_external_timeline
	)

	get("/statuses/networkpublic_timeline", TwitterAPI.Controller, :public_and_external_timeline)
	end

	scope "/api", Pleroma.Web, as: :twitter_api_search do
	pipe_through([:api, :oauth_read_or_public])
	get("/pleroma/search_user", TwitterAPI.Controller, :search_user)
	end

	scope "/api", Pleroma.Web, as: :authenticated_twitter_api do
	pipe_through(:authenticated_api)

	get("/oauth_tokens", TwitterAPI.Controller, :oauth_tokens)
	delete("/oauth_tokens/:id", TwitterAPI.Controller, :revoke_token)

	scope [] do
	pipe_through(:oauth_read)

	get("/account/verify_credentials", TwitterAPI.Controller, :verify_credentials)
	post("/account/verify_credentials", TwitterAPI.Controller, :verify_credentials)

	get("/statuses/home_timeline", TwitterAPI.Controller, :friends_timeline)
	get("/statuses/friends_timeline", TwitterAPI.Controller, :friends_timeline)
	get("/statuses/mentions", TwitterAPI.Controller, :mentions_timeline)
	get("/statuses/mentions_timeline", TwitterAPI.Controller, :mentions_timeline)
	get("/statuses/dm_timeline", TwitterAPI.Controller, :dm_timeline)
	get("/qvitter/statuses/notifications", TwitterAPI.Controller, :notifications)

	get("/pleroma/friend_requests", TwitterAPI.Controller, :friend_requests)

	get("/friends/ids", TwitterAPI.Controller, :friends_ids)
	get("/friendships/no_retweets/ids", TwitterAPI.Controller, :empty_array)

	get("/mutes/users/ids", TwitterAPI.Controller, :empty_array)
	get("/qvitter/mutes", TwitterAPI.Controller, :raw_empty_array)

	get("/externalprofile/show", TwitterAPI.Controller, :external_profile)

	post("/qvitter/statuses/notifications/read", TwitterAPI.Controller, :notifications_read)
	end

	scope [] do
	pipe_through(:oauth_write)

	post("/account/update_profile", TwitterAPI.Controller, :update_profile)
	post("/account/update_profile_banner", TwitterAPI.Controller, :update_banner)
	post("/qvitter/update_background_image", TwitterAPI.Controller, :update_background)

	post("/statuses/update", TwitterAPI.Controller, :status_update)
	post("/statuses/retweet/:id", TwitterAPI.Controller, :retweet)
	post("/statuses/unretweet/:id", TwitterAPI.Controller, :unretweet)
	post("/statuses/destroy/:id", TwitterAPI.Controller, :delete_post)

	post("/statuses/pin/:id", TwitterAPI.Controller, :pin)
	post("/statuses/unpin/:id", TwitterAPI.Controller, :unpin)

	post("/statusnet/media/upload", TwitterAPI.Controller, :upload)
	post("/media/upload", TwitterAPI.Controller, :upload_json)
	post("/media/metadata/create", TwitterAPI.Controller, :update_media)

	post("/favorites/create/:id", TwitterAPI.Controller, :favorite)
	post("/favorites/create", TwitterAPI.Controller, :favorite)
	post("/favorites/destroy/:id", TwitterAPI.Controller, :unfavorite)

	post("/qvitter/update_avatar", TwitterAPI.Controller, :update_avatar)
	end

	scope [] do
	pipe_through(:oauth_follow)

	post("/pleroma/friendships/approve", TwitterAPI.Controller, :approve_friend_request)
	post("/pleroma/friendships/deny", TwitterAPI.Controller, :deny_friend_request)

	post("/friendships/create", TwitterAPI.Controller, :follow)
	post("/friendships/destroy", TwitterAPI.Controller, :unfollow)

	post("/blocks/create", TwitterAPI.Controller, :block)
	post("/blocks/destroy", TwitterAPI.Controller, :unblock)
	end
	end

	pipeline :ap_service_actor do
	plug(:accepts, ["activity+json", "json"])
	end

	pipeline :ostatus do
	plug(:accepts, ["html", "xml", "atom", "activity+json", "json"])
	end

	pipeline :oembed do
	plug(:accepts, ["json", "xml"])
	end

	scope "/", Pleroma.Web do
	pipe_through(:ostatus)

	get("/objects/:uuid", OStatus.OStatusController, :object)
	get("/activities/:uuid", OStatus.OStatusController, :activity)
	get("/notice/:id", OStatus.OStatusController, :notice)
	get("/notice/:id/embed_player", OStatus.OStatusController, :notice_player)
	get("/users/:nickname/feed", OStatus.OStatusController, :feed)
	get("/users/:nickname", OStatus.OStatusController, :feed_redirect)

	post("/users/:nickname/salmon", OStatus.OStatusController, :salmon_incoming)
	post("/push/hub/:nickname", Websub.WebsubController, :websub_subscription_request)
	get("/push/subscriptions/:id", Websub.WebsubController, :websub_subscription_confirmation)
	post("/push/subscriptions/:id", Websub.WebsubController, :websub_incoming)

	get("/mailer/unsubscribe/:token", Mailer.SubscriptionController, :unsubscribe)
	end

	pipeline :activitypub do
	plug(:accepts, ["activity+json", "json"])
	plug(Pleroma.Web.Plugs.HTTPSignaturePlug)
	plug(Pleroma.Web.Plugs.MappedSignatureToIdentityPlug)
	end

	scope "/", Pleroma.Web.ActivityPub do
	# XXX: not really ostatus
	pipe_through(:ostatus)

	get("/users/:nickname/outbox", ActivityPubController, :outbox)
	get("/objects/:uuid/likes", ActivityPubController, :object_likes)
	end

	pipeline :activitypub_client do
	plug(:accepts, ["activity+json", "json"])
	plug(:fetch_session)
	plug(Pleroma.Plugs.OAuthPlug)
	plug(Pleroma.Plugs.BasicAuthDecoderPlug)
	plug(Pleroma.Plugs.UserFetcherPlug)
	plug(Pleroma.Plugs.SessionAuthenticationPlug)
	plug(Pleroma.Plugs.LegacyAuthenticationPlug)
	plug(Pleroma.Plugs.AuthenticationPlug)
	plug(Pleroma.Plugs.UserEnabledPlug)
	plug(Pleroma.Plugs.SetUserSessionIdPlug)
	plug(Pleroma.Plugs.EnsureUserKeyPlug)
	end

	scope "/", Pleroma.Web.ActivityPub do
	pipe_through([:activitypub_client])

	scope [] do
	pipe_through(:oauth_read)
	get("/api/ap/whoami", ActivityPubController, :whoami)
	get("/users/:nickname/inbox", ActivityPubController, :read_inbox)
	end

	scope [] do
	pipe_through(:oauth_write)
	post("/users/:nickname/outbox", ActivityPubController, :update_outbox)
	end

	scope [] do
	pipe_through(:oauth_read_or_public)
	get("/users/:nickname/followers", ActivityPubController, :followers)
	get("/users/:nickname/following", ActivityPubController, :following)
	end
	end

	scope "/", Pleroma.Web.ActivityPub do
	pipe_through(:activitypub)
	post("/inbox", ActivityPubController, :inbox)
	post("/users/:nickname/inbox", ActivityPubController, :inbox)
	end

	scope "/relay", Pleroma.Web.ActivityPub do
	pipe_through(:ap_service_actor)

	get("/", ActivityPubController, :relay)

	scope [] do
	pipe_through(:http_signature)
	post("/inbox", ActivityPubController, :inbox)
	end

	get("/following", ActivityPubController, :following, assigns: %{relay: true})
	get("/followers", ActivityPubController, :followers, assigns: %{relay: true})
	end

	scope "/internal/fetch", Pleroma.Web.ActivityPub do
	pipe_through(:ap_service_actor)

	get("/", ActivityPubController, :internal_fetch)
	post("/inbox", ActivityPubController, :inbox)
	end

	scope "/.well-known", Pleroma.Web do
	pipe_through(:well_known)

	get("/host-meta", WebFinger.WebFingerController, :host_meta)
	get("/webfinger", WebFinger.WebFingerController, :webfinger)
	get("/nodeinfo", Nodeinfo.NodeinfoController, :schemas)
	end

	scope "/nodeinfo", Pleroma.Web do
	get("/:version", Nodeinfo.NodeinfoController, :nodeinfo)
	end

	scope "/", Pleroma.Web.MastodonAPI do
	pipe_through(:mastodon_html)

	get("/web/login", MastodonAPIController, :login)
	delete("/auth/sign_out", MastodonAPIController, :logout)

	post("/auth/password", MastodonAPIController, :password_reset)

	scope [] do
	pipe_through(:oauth_read)
	get("/web/*path", MastodonAPIController, :index)
	end
	end

	pipeline :remote_media do
	end

	scope "/proxy/", Pleroma.Web.MediaProxy do
	pipe_through(:remote_media)

	get("/:sig/:url", MediaProxyController, :remote)
	get("/:sig/:url/:filename", MediaProxyController, :remote)
	end

	if Pleroma.Config.get(:env) == :dev do
	scope "/dev" do
	pipe_through([:mailbox_preview])

	forward("/mailbox", Plug.Swoosh.MailboxPreview, base_path: "/dev/mailbox")
	end
	end

	scope "/", Pleroma.Web.MongooseIM do
	get("/user_exists", MongooseIMController, :user_exists)
	get("/check_password", MongooseIMController, :check_password)
	end

	scope "/", Fallback do
	get("/registration/:token", RedirectController, :registration_page)
	get("/:maybe_nickname_or_id", RedirectController, :redirector_with_meta)
	get("/api*path", RedirectController, :api_not_implemented)
	get("/*path", RedirectController, :redirector)

	options("/*path", RedirectController, :empty)
	end
	end
	diff --git a/test/web/pleroma_api/pleroma_api_controller_test.exs b/test/web/pleroma_api/pleroma_api_controller_test.exs
	index ed6b797272..7eaeda4a02 100644
	--- a/test/web/pleroma_api/pleroma_api_controller_test.exs
	+++ b/test/web/pleroma_api/pleroma_api_controller_test.exs
	@@ -1,94 +1,150 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.Web.PleromaAPI.PleromaAPIControllerTest do
	use Pleroma.Web.ConnCase

	alias Pleroma.Conversation.Participation
	+ alias Pleroma.Notification
	alias Pleroma.Repo
	alias Pleroma.Web.CommonAPI

	import Pleroma.Factory

	test "/api/v1/pleroma/conversations/:id", %{conn: conn} do
	user = insert(:user)
	other_user = insert(:user)

	{:ok, _activity} =
	CommonAPI.post(user, %{"status" => "Hi @#{other_user.nickname}!", "visibility" => "direct"})

	[participation] = Participation.for_user(other_user)

	result =
	conn
	\|> assign(:user, other_user)
	\|> get("/api/v1/pleroma/conversations/#{participation.id}")
	\|> json_response(200)

	assert result["id"] == participation.id \|> to_string()
	end

	test "/api/v1/pleroma/conversations/:id/statuses", %{conn: conn} do
	user = insert(:user)
	other_user = insert(:user)
	third_user = insert(:user)

	{:ok, _activity} =
	CommonAPI.post(user, %{"status" => "Hi @#{third_user.nickname}!", "visibility" => "direct"})

	{:ok, activity} =
	CommonAPI.post(user, %{"status" => "Hi @#{other_user.nickname}!", "visibility" => "direct"})

	[participation] = Participation.for_user(other_user)

	{:ok, activity_two} =
	CommonAPI.post(other_user, %{
	"status" => "Hi!",
	"in_reply_to_status_id" => activity.id,
	"in_reply_to_conversation_id" => participation.id
	})

	result =
	conn
	\|> assign(:user, other_user)
	\|> get("/api/v1/pleroma/conversations/#{participation.id}/statuses")
	\|> json_response(200)

	assert length(result) == 2

	id_one = activity.id
	id_two = activity_two.id
	assert [%{"id" => ^id_one}, %{"id" => ^id_two}] = result
	end

	test "PATCH /api/v1/pleroma/conversations/:id", %{conn: conn} do
	user = insert(:user)
	other_user = insert(:user)

	{:ok, _activity} = CommonAPI.post(user, %{"status" => "Hi", "visibility" => "direct"})

	[participation] = Participation.for_user(user)

	participation = Repo.preload(participation, :recipients)

	assert [user] == participation.recipients
	assert other_user not in participation.recipients

	result =
	conn
	\|> assign(:user, user)
	\|> patch("/api/v1/pleroma/conversations/#{participation.id}", %{
	"recipients" => [user.id, other_user.id]
	})
	\|> json_response(200)

	assert result["id"] == participation.id \|> to_string

	[participation] = Participation.for_user(user)
	participation = Repo.preload(participation, :recipients)

	assert user in participation.recipients
	assert other_user in participation.recipients
	end
	+
	+ describe "POST /api/v1/pleroma/notifications/read" do
	+ test "it marks a single notification as read", %{conn: conn} do
	+ user1 = insert(:user)
	+ user2 = insert(:user)
	+ {:ok, activity1} = CommonAPI.post(user2, %{"status" => "hi @#{user1.nickname}"})
	+ {:ok, activity2} = CommonAPI.post(user2, %{"status" => "hi @#{user1.nickname}"})
	+ {:ok, [notification1]} = Notification.create_notifications(activity1)
	+ {:ok, [notification2]} = Notification.create_notifications(activity2)
	+
	+ response =
	+ conn
	+ \|> assign(:user, user1)
	+ \|> post("/api/v1/pleroma/notifications/read", %{"id" => "#{notification1.id}"})
	+ \|> json_response(:ok)
	+
	+ assert %{"pleroma" => %{"is_seen" => true}} = response
	+ assert Repo.get(Notification, notification1.id).seen
	+ refute Repo.get(Notification, notification2.id).seen
	+ end
	+
	+ test "it marks multiple notifications as read", %{conn: conn} do
	+ user1 = insert(:user)
	+ user2 = insert(:user)
	+ {:ok, _activity1} = CommonAPI.post(user2, %{"status" => "hi @#{user1.nickname}"})
	+ {:ok, _activity2} = CommonAPI.post(user2, %{"status" => "hi @#{user1.nickname}"})
	+ {:ok, _activity3} = CommonAPI.post(user2, %{"status" => "HIE @#{user1.nickname}"})
	+
	+ [notification3, notification2, notification1] = Notification.for_user(user1, %{limit: 3})
	+
	+ [response1, response2] =
	+ conn
	+ \|> assign(:user, user1)
	+ \|> post("/api/v1/pleroma/notifications/read", %{"max_id" => "#{notification2.id}"})
	+ \|> json_response(:ok)
	+
	+ assert %{"pleroma" => %{"is_seen" => true}} = response1
	+ assert %{"pleroma" => %{"is_seen" => true}} = response2
	+ assert Repo.get(Notification, notification1.id).seen
	+ assert Repo.get(Notification, notification2.id).seen
	+ refute Repo.get(Notification, notification3.id).seen
	+ end
	+
	+ test "it returns error when notification not found", %{conn: conn} do
	+ user1 = insert(:user)
	+
	+ response =
	+ conn
	+ \|> assign(:user, user1)
	+ \|> post("/api/v1/pleroma/notifications/read", %{"id" => "22222222222222"})
	+ \|> json_response(:bad_request)
	+
	+ assert response == %{"error" => "Cannot get notification"}
	+ end
	+ end
	end
	diff --git a/test/web/twitter_api/util_controller_test.exs b/test/web/twitter_api/util_controller_test.exs
	index fe4ffdb59d..cf8e69d2b4 100644
	--- a/test/web/twitter_api/util_controller_test.exs
	+++ b/test/web/twitter_api/util_controller_test.exs
	@@ -1,697 +1,665 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do
	use Pleroma.Web.ConnCase

	- alias Pleroma.Notification
	alias Pleroma.Repo
	alias Pleroma.User
	alias Pleroma.Web.CommonAPI
	import Pleroma.Factory
	import Mock

	setup do
	Tesla.Mock.mock(fn env -> apply(HttpRequestMock, :request, [env]) end)
	:ok
	end

	clear_config([:instance])
	clear_config([:frontend_configurations, :pleroma_fe])
	clear_config([:user, :deny_follow_blocked])

	describe "POST /api/pleroma/follow_import" do
	test "it returns HTTP 200", %{conn: conn} do
	user1 = insert(:user)
	user2 = insert(:user)

	response =
	conn
	\|> assign(:user, user1)
	\|> post("/api/pleroma/follow_import", %{"list" => "#{user2.ap_id}"})
	\|> json_response(:ok)

	assert response == "job started"
	end

	test "it imports follow lists from file", %{conn: conn} do
	user1 = insert(:user)
	user2 = insert(:user)

	with_mocks([
	{File, [],
	read!: fn "follow_list.txt" ->
	"Account address,Show boosts\n#{user2.ap_id},true"
	end},
	{PleromaJobQueue, [:passthrough], []}
	]) do
	response =
	conn
	\|> assign(:user, user1)
	\|> post("/api/pleroma/follow_import", %{"list" => %Plug.Upload{path: "follow_list.txt"}})
	\|> json_response(:ok)

	assert called(
	PleromaJobQueue.enqueue(
	:background,
	User,
	[:follow_import, user1, [user2.ap_id]]
	)
	)

	assert response == "job started"
	end
	end

	test "it imports new-style mastodon follow lists", %{conn: conn} do
	user1 = insert(:user)
	user2 = insert(:user)

	response =
	conn
	\|> assign(:user, user1)
	\|> post("/api/pleroma/follow_import", %{
	"list" => "Account address,Show boosts\n#{user2.ap_id},true"
	})
	\|> json_response(:ok)

	assert response == "job started"
	end

	test "requires 'follow' permission", %{conn: conn} do
	token1 = insert(:oauth_token, scopes: ["read", "write"])
	token2 = insert(:oauth_token, scopes: ["follow"])
	another_user = insert(:user)

	for token <- [token1, token2] do
	conn =
	conn
	\|> put_req_header("authorization", "Bearer #{token.token}")
	\|> post("/api/pleroma/follow_import", %{"list" => "#{another_user.ap_id}"})

	if token == token1 do
	assert %{"error" => "Insufficient permissions: follow."} == json_response(conn, 403)
	else
	assert json_response(conn, 200)
	end
	end
	end
	end

	describe "POST /api/pleroma/blocks_import" do
	test "it returns HTTP 200", %{conn: conn} do
	user1 = insert(:user)
	user2 = insert(:user)

	response =
	conn
	\|> assign(:user, user1)
	\|> post("/api/pleroma/blocks_import", %{"list" => "#{user2.ap_id}"})
	\|> json_response(:ok)

	assert response == "job started"
	end

	test "it imports blocks users from file", %{conn: conn} do
	user1 = insert(:user)
	user2 = insert(:user)
	user3 = insert(:user)

	with_mocks([
	{File, [], read!: fn "blocks_list.txt" -> "#{user2.ap_id} #{user3.ap_id}" end},
	{PleromaJobQueue, [:passthrough], []}
	]) do
	response =
	conn
	\|> assign(:user, user1)
	\|> post("/api/pleroma/blocks_import", %{"list" => %Plug.Upload{path: "blocks_list.txt"}})
	\|> json_response(:ok)

	assert called(
	PleromaJobQueue.enqueue(
	:background,
	User,
	[:blocks_import, user1, [user2.ap_id, user3.ap_id]]
	)
	)

	assert response == "job started"
	end
	end
	end

	- describe "POST /api/pleroma/notifications/read" do
	- test "it marks a single notification as read", %{conn: conn} do
	- user1 = insert(:user)
	- user2 = insert(:user)
	- {:ok, activity1} = CommonAPI.post(user2, %{"status" => "hi @#{user1.nickname}"})
	- {:ok, activity2} = CommonAPI.post(user2, %{"status" => "hi @#{user1.nickname}"})
	- {:ok, [notification1]} = Notification.create_notifications(activity1)
	- {:ok, [notification2]} = Notification.create_notifications(activity2)
	-
	- conn
	- \|> assign(:user, user1)
	- \|> post("/api/pleroma/notifications/read", %{"id" => "#{notification1.id}"})
	- \|> json_response(:ok)
	-
	- assert Repo.get(Notification, notification1.id).seen
	- refute Repo.get(Notification, notification2.id).seen
	- end
	-
	- test "it returns error when notification not found", %{conn: conn} do
	- user1 = insert(:user)
	-
	- response =
	- conn
	- \|> assign(:user, user1)
	- \|> post("/api/pleroma/notifications/read", %{"id" => "22222222222222"})
	- \|> json_response(403)
	-
	- assert response == %{"error" => "Cannot get notification"}
	- end
	- end
	-
	describe "PUT /api/pleroma/notification_settings" do
	test "it updates notification settings", %{conn: conn} do
	user = insert(:user)

	conn
	\|> assign(:user, user)
	\|> put("/api/pleroma/notification_settings", %{
	"followers" => false,
	"bar" => 1
	})
	\|> json_response(:ok)

	user = Repo.get(User, user.id)

	assert %{
	"followers" => false,
	"follows" => true,
	"non_follows" => true,
	"non_followers" => true
	} == user.info.notification_settings
	end
	end

	describe "GET /api/statusnet/config" do
	test "it returns config in xml format", %{conn: conn} do
	instance = Pleroma.Config.get(:instance)

	response =
	conn
	\|> put_req_header("accept", "application/xml")
	\|> get("/api/statusnet/config")
	\|> response(:ok)

	assert response ==
	"<config>\n<site>\n<name>#{Keyword.get(instance, :name)}</name>\n<site>#{
	Pleroma.Web.base_url()
	}</site>\n<textlimit>#{Keyword.get(instance, :limit)}</textlimit>\n<closed>#{
	!Keyword.get(instance, :registrations_open)
	}</closed>\n</site>\n</config>\n"
	end

	test "it returns config in json format", %{conn: conn} do
	instance = Pleroma.Config.get(:instance)
	Pleroma.Config.put([:instance, :managed_config], true)
	Pleroma.Config.put([:instance, :registrations_open], false)
	Pleroma.Config.put([:instance, :invites_enabled], true)
	Pleroma.Config.put([:instance, :public], false)
	Pleroma.Config.put([:frontend_configurations, :pleroma_fe], %{theme: "asuka-hospital"})

	response =
	conn
	\|> put_req_header("accept", "application/json")
	\|> get("/api/statusnet/config")
	\|> json_response(:ok)

	expected_data = %{
	"site" => %{
	"accountActivationRequired" => "0",
	"closed" => "1",
	"description" => Keyword.get(instance, :description),
	"invitesEnabled" => "1",
	"name" => Keyword.get(instance, :name),
	"pleromafe" => %{"theme" => "asuka-hospital"},
	"private" => "1",
	"safeDMMentionsEnabled" => "0",
	"server" => Pleroma.Web.base_url(),
	"textlimit" => to_string(Keyword.get(instance, :limit)),
	"uploadlimit" => %{
	"avatarlimit" => to_string(Keyword.get(instance, :avatar_upload_limit)),
	"backgroundlimit" => to_string(Keyword.get(instance, :background_upload_limit)),
	"bannerlimit" => to_string(Keyword.get(instance, :banner_upload_limit)),
	"uploadlimit" => to_string(Keyword.get(instance, :upload_limit))
	},
	"vapidPublicKey" => Keyword.get(Pleroma.Web.Push.vapid_config(), :public_key)
	}
	}

	assert response == expected_data
	end

	test "returns the state of safe_dm_mentions flag", %{conn: conn} do
	Pleroma.Config.put([:instance, :safe_dm_mentions], true)

	response =
	conn
	\|> get("/api/statusnet/config.json")
	\|> json_response(:ok)

	assert response["site"]["safeDMMentionsEnabled"] == "1"

	Pleroma.Config.put([:instance, :safe_dm_mentions], false)

	response =
	conn
	\|> get("/api/statusnet/config.json")
	\|> json_response(:ok)

	assert response["site"]["safeDMMentionsEnabled"] == "0"
	end

	test "it returns the managed config", %{conn: conn} do
	Pleroma.Config.put([:instance, :managed_config], false)
	Pleroma.Config.put([:frontend_configurations, :pleroma_fe], %{theme: "asuka-hospital"})

	response =
	conn
	\|> get("/api/statusnet/config.json")
	\|> json_response(:ok)

	refute response["site"]["pleromafe"]

	Pleroma.Config.put([:instance, :managed_config], true)

	response =
	conn
	\|> get("/api/statusnet/config.json")
	\|> json_response(:ok)

	assert response["site"]["pleromafe"] == %{"theme" => "asuka-hospital"}
	end
	end

	describe "GET /api/pleroma/frontend_configurations" do
	test "returns everything in :pleroma, :frontend_configurations", %{conn: conn} do
	config = [
	frontend_a: %{
	x: 1,
	y: 2
	},
	frontend_b: %{
	z: 3
	}
	]

	Pleroma.Config.put(:frontend_configurations, config)

	response =
	conn
	\|> get("/api/pleroma/frontend_configurations")
	\|> json_response(:ok)

	assert response == Jason.encode!(config \|> Enum.into(%{})) \|> Jason.decode!()
	end
	end

	describe "/api/pleroma/emoji" do
	test "returns json with custom emoji with tags", %{conn: conn} do
	emoji =
	conn
	\|> get("/api/pleroma/emoji")
	\|> json_response(200)

	assert Enum.all?(emoji, fn
	{_key,
	%{
	"image_url" => url,
	"tags" => tags
	}} ->
	is_binary(url) and is_list(tags)
	end)
	end
	end

	describe "GET /ostatus_subscribe - remote_follow/2" do
	test "adds status to pleroma instance if the `acct` is a status", %{conn: conn} do
	conn =
	get(
	conn,
	"/ostatus_subscribe?acct=https://mastodon.social/users/emelie/statuses/101849165031453009"
	)

	assert redirected_to(conn) =~ "/notice/"
	end

	test "show follow account page if the `acct` is a account link", %{conn: conn} do
	response =
	get(
	conn,
	"/ostatus_subscribe?acct=https://mastodon.social/users/emelie"
	)

	assert html_response(response, 200) =~ "Log in to follow"
	end

	test "show follow page if the `acct` is a account link", %{conn: conn} do
	user = insert(:user)

	response =
	conn
	\|> assign(:user, user)
	\|> get("/ostatus_subscribe?acct=https://mastodon.social/users/emelie")

	assert html_response(response, 200) =~ "Remote follow"
	end

	test "show follow page with error when user cannot fecth by `acct` link", %{conn: conn} do
	user = insert(:user)

	response =
	conn
	\|> assign(:user, user)
	\|> get("/ostatus_subscribe?acct=https://mastodon.social/users/not_found")

	assert html_response(response, 200) =~ "Error fetching user"
	end
	end

	describe "POST /ostatus_subscribe - do_remote_follow/2 with assigned user " do
	test "follows user", %{conn: conn} do
	user = insert(:user)
	user2 = insert(:user)

	response =
	conn
	\|> assign(:user, user)
	\|> post("/ostatus_subscribe", %{"user" => %{"id" => user2.id}})
	\|> response(200)

	assert response =~ "Account followed!"
	assert user2.follower_address in refresh_record(user).following
	end

	test "returns error when user is deactivated", %{conn: conn} do
	user = insert(:user, info: %{deactivated: true})
	user2 = insert(:user)

	response =
	conn
	\|> assign(:user, user)
	\|> post("/ostatus_subscribe", %{"user" => %{"id" => user2.id}})
	\|> response(200)

	assert response =~ "Error following account"
	end

	test "returns error when user is blocked", %{conn: conn} do
	Pleroma.Config.put([:user, :deny_follow_blocked], true)
	user = insert(:user)
	user2 = insert(:user)

	{:ok, _user} = Pleroma.User.block(user2, user)

	response =
	conn
	\|> assign(:user, user)
	\|> post("/ostatus_subscribe", %{"user" => %{"id" => user2.id}})
	\|> response(200)

	assert response =~ "Error following account"
	end

	test "returns error when followee not found", %{conn: conn} do
	user = insert(:user)

	response =
	conn
	\|> assign(:user, user)
	\|> post("/ostatus_subscribe", %{"user" => %{"id" => "jimm"}})
	\|> response(200)

	assert response =~ "Error following account"
	end

	test "returns success result when user already in followers", %{conn: conn} do
	user = insert(:user)
	user2 = insert(:user)
	{:ok, _, _, _} = CommonAPI.follow(user, user2)

	response =
	conn
	\|> assign(:user, refresh_record(user))
	\|> post("/ostatus_subscribe", %{"user" => %{"id" => user2.id}})
	\|> response(200)

	assert response =~ "Account followed!"
	end
	end

	describe "POST /ostatus_subscribe - do_remote_follow/2 without assigned user " do
	test "follows", %{conn: conn} do
	user = insert(:user)
	user2 = insert(:user)

	response =
	conn
	\|> post("/ostatus_subscribe", %{
	"authorization" => %{"name" => user.nickname, "password" => "test", "id" => user2.id}
	})
	\|> response(200)

	assert response =~ "Account followed!"
	assert user2.follower_address in refresh_record(user).following
	end

	test "returns error when followee not found", %{conn: conn} do
	user = insert(:user)

	response =
	conn
	\|> post("/ostatus_subscribe", %{
	"authorization" => %{"name" => user.nickname, "password" => "test", "id" => "jimm"}
	})
	\|> response(200)

	assert response =~ "Error following account"
	end

	test "returns error when login invalid", %{conn: conn} do
	user = insert(:user)

	response =
	conn
	\|> post("/ostatus_subscribe", %{
	"authorization" => %{"name" => "jimm", "password" => "test", "id" => user.id}
	})
	\|> response(200)

	assert response =~ "Wrong username or password"
	end

	test "returns error when password invalid", %{conn: conn} do
	user = insert(:user)
	user2 = insert(:user)

	response =
	conn
	\|> post("/ostatus_subscribe", %{
	"authorization" => %{"name" => user.nickname, "password" => "42", "id" => user2.id}
	})
	\|> response(200)

	assert response =~ "Wrong username or password"
	end

	test "returns error when user is blocked", %{conn: conn} do
	Pleroma.Config.put([:user, :deny_follow_blocked], true)
	user = insert(:user)
	user2 = insert(:user)
	{:ok, _user} = Pleroma.User.block(user2, user)

	response =
	conn
	\|> post("/ostatus_subscribe", %{
	"authorization" => %{"name" => user.nickname, "password" => "test", "id" => user2.id}
	})
	\|> response(200)

	assert response =~ "Error following account"
	end
	end

	describe "GET /api/pleroma/healthcheck" do
	clear_config([:instance, :healthcheck])

	test "returns 503 when healthcheck disabled", %{conn: conn} do
	Pleroma.Config.put([:instance, :healthcheck], false)

	response =
	conn
	\|> get("/api/pleroma/healthcheck")
	\|> json_response(503)

	assert response == %{}
	end

	test "returns 200 when healthcheck enabled and all ok", %{conn: conn} do
	Pleroma.Config.put([:instance, :healthcheck], true)

	with_mock Pleroma.Healthcheck,
	system_info: fn -> %Pleroma.Healthcheck{healthy: true} end do
	response =
	conn
	\|> get("/api/pleroma/healthcheck")
	\|> json_response(200)

	assert %{
	"active" => _,
	"healthy" => true,
	"idle" => _,
	"memory_used" => _,
	"pool_size" => _
	} = response
	end
	end

	test "returns 503 when healthcheck enabled and health is false", %{conn: conn} do
	Pleroma.Config.put([:instance, :healthcheck], true)

	with_mock Pleroma.Healthcheck,
	system_info: fn -> %Pleroma.Healthcheck{healthy: false} end do
	response =
	conn
	\|> get("/api/pleroma/healthcheck")
	\|> json_response(503)

	assert %{
	"active" => _,
	"healthy" => false,
	"idle" => _,
	"memory_used" => _,
	"pool_size" => _
	} = response
	end
	end
	end

	describe "POST /api/pleroma/disable_account" do
	test "it returns HTTP 200", %{conn: conn} do
	user = insert(:user)

	response =
	conn
	\|> assign(:user, user)
	\|> post("/api/pleroma/disable_account", %{"password" => "test"})
	\|> json_response(:ok)

	assert response == %{"status" => "success"}

	user = User.get_cached_by_id(user.id)

	assert user.info.deactivated == true
	end

	test "it returns returns when password invalid", %{conn: conn} do
	user = insert(:user)

	response =
	conn
	\|> assign(:user, user)
	\|> post("/api/pleroma/disable_account", %{"password" => "test1"})
	\|> json_response(:ok)

	assert response == %{"error" => "Invalid password."}
	user = User.get_cached_by_id(user.id)

	refute user.info.deactivated
	end
	end

	describe "GET /api/statusnet/version" do
	test "it returns version in xml format", %{conn: conn} do
	response =
	conn
	\|> put_req_header("accept", "application/xml")
	\|> get("/api/statusnet/version")
	\|> response(:ok)

	assert response == "<version>#{Pleroma.Application.named_version()}</version>"
	end

	test "it returns version in json format", %{conn: conn} do
	response =
	conn
	\|> put_req_header("accept", "application/json")
	\|> get("/api/statusnet/version")
	\|> json_response(:ok)

	assert response == "#{Pleroma.Application.named_version()}"
	end
	end

	describe "POST /main/ostatus - remote_subscribe/2" do
	test "renders subscribe form", %{conn: conn} do
	user = insert(:user)

	response =
	conn
	\|> post("/main/ostatus", %{"nickname" => user.nickname, "profile" => ""})
	\|> response(:ok)

	refute response =~ "Could not find user"
	assert response =~ "Remotely follow #{user.nickname}"
	end

	test "renders subscribe form with error when user not found", %{conn: conn} do
	response =
	conn
	\|> post("/main/ostatus", %{"nickname" => "nickname", "profile" => ""})
	\|> response(:ok)

	assert response =~ "Could not find user"
	refute response =~ "Remotely follow"
	end

	test "it redirect to webfinger url", %{conn: conn} do
	user = insert(:user)
	user2 = insert(:user, ap_id: "shp@social.heldscal.la")

	conn =
	conn
	\|> post("/main/ostatus", %{
	"user" => %{"nickname" => user.nickname, "profile" => user2.ap_id}
	})

	assert redirected_to(conn) ==
	"https://social.heldscal.la/main/ostatussub?profile=#{user.ap_id}"
	end

	test "it renders form with error when use not found", %{conn: conn} do
	user2 = insert(:user, ap_id: "shp@social.heldscal.la")

	response =
	conn
	\|> post("/main/ostatus", %{"user" => %{"nickname" => "jimm", "profile" => user2.ap_id}})
	\|> response(:ok)

	assert response =~ "Something went wrong."
	end
	end

	test "it returns new captcha", %{conn: conn} do
	with_mock Pleroma.Captcha,
	new: fn -> "test_captcha" end do
	resp =
	conn
	\|> get("/api/pleroma/captcha")
	\|> response(200)

	assert resp == "\"test_captcha\""
	assert called(Pleroma.Captcha.new())
	end
	end
	end

File Metadata

Mime Type: text/x-diff
Expires: Sat, Mar 7, 10:37 AM (1 d, 10 h)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 1165406
Default Alt Text: (97 KB)

No OneTemporaryActions

View Options

File Metadata

Event Timeline

No OneTemporary
Actions