Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into remake-remodel-dms

2020-04-21 12:00:33 +02:00 · 2020-04-21 12:00:33 +02:00 · 5165287ff4
parent b5df4a98e4 e57c1b60e4
commit 5165287ff4
13 changed files with 211 additions and 133 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -14,6 +14,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 - New HTTP adapter [gun](https://github.com/ninenines/gun). Gun adapter requires minimum OTP version of 22.2 otherwise Pleroma won’t start. For hackney OTP update is not required.
 - Mix task to create trusted OAuth App.
 - Notifications: Added `follow_request` notification type (configurable, see `[:notifications, :enable_follow_request_notifications]` setting).
 - Added `:reject_deletes` group to SimplePolicy
 <details>
  <summary>API Changes</summary>
 - Mastodon API: Support for `include_types` in `/api/v1/notifications`.
@ -23,13 +24,16 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 ### Fixed
 - Support pagination in conversations API
 - **Breaking**: SimplePolicy `:reject` and `:accept` allow deletions again
 ## [unreleased-patch]
 ### Fixed
 - Logger configuration through AdminFE
 - HTTP Basic Authentication permissions issue
 - ObjectAgePolicy didn't filter out old messages
 ### Added
 - NodeInfo: ObjectAgePolicy settings to the `federation` list.
 <details>
  <summary>API Changes</summary>
 - Admin API: `GET /api/pleroma/admin/need_reboot`.
--- a/config/config.exs
+++ b/config/config.exs
@ -336,7 +336,8 @@
  reject: [],
  accept: [],
  avatar_removal: [],
-  banner_removal: []
+  banner_removal: [],
  reject_deletes: []
 config :pleroma, :mrf_keyword,
  reject: [],
--- a/config/description.exs
+++ b/config/description.exs
@ -1317,13 +1317,13 @@
      %{
        key: :reject,
        type: {:list, :string},
-        description: "List of instances to reject any activities from",
+        description: "List of instances to reject activities from (except deletes)",
        suggestions: ["example.com", "*.example.com"]
      },
      %{
        key: :accept,
        type: {:list, :string},
-        description: "List of instances to accept any activities from",
+        description: "List of instances to only accept activities from (except deletes)",
        suggestions: ["example.com", "*.example.com"]
      },
      %{
@ -1343,6 +1343,12 @@
        type: {:list, :string},
        description: "List of instances to strip banners from",
        suggestions: ["example.com", "*.example.com"]
      },
      %{
        key: :reject_deletes,
        type: {:list, :string},
        description: "List of instances to reject deletions from",
        suggestions: ["example.com", "*.example.com"]
      }
    ]
  },
--- a/docs/configuration/mrf.md
+++ b/docs/configuration/mrf.md
@ -41,11 +41,15 @@ config :pleroma, :instance,
 Once `SimplePolicy` is enabled, you can configure various groups in the `:mrf_simple` config object. These groups are:
 * `media_removal`: Servers in this group will have media stripped from incoming messages.
 * `media_nsfw`: Servers in this group will have the #nsfw tag and sensitive setting injected into incoming messages which contain media.
 * `reject`: Servers in this group will have their messages rejected.
-* `federated_timeline_removal`: Servers in this group will have their messages unlisted from the public timelines by flipping the `to` and `cc` fields.
+* `accept`: If not empty, only messages from these instances will be accepted (whitelist federation).
 * `media_nsfw`: Servers in this group will have the #nsfw tag and sensitive setting injected into incoming messages which contain media.
 * `media_removal`: Servers in this group will have media stripped from incoming messages.
 * `avatar_removal`: Avatars from these servers will be stripped from incoming messages.
 * `banner_removal`: Banner images from these servers will be stripped from incoming messages.
 * `report_removal`: Servers in this group will have their reports (flags) rejected.
 * `federated_timeline_removal`: Servers in this group will have their messages unlisted from the public timelines by flipping the `to` and `cc` fields.
 * `reject_deletes`: Deletion requests will be rejected from these servers.
 Servers should be configured as lists.
--- a/lib/pleroma/web/activity_pub/mrf/object_age_policy.ex
+++ b/lib/pleroma/web/activity_pub/mrf/object_age_policy.ex
@ -11,7 +11,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.ObjectAgePolicy do
  @moduledoc "Filter activities depending on their age"
  @behaviour Pleroma.Web.ActivityPub.MRF
-  defp check_date(%{"published" => published} = message) do
+  defp check_date(%{"object" => %{"published" => published}} = message) do
    with %DateTime{} = now <- DateTime.utc_now(),
         {:ok, %DateTime{} = then, _} <- DateTime.from_iso8601(published),
         max_ttl <- Config.get([:mrf_object_age, :threshold]),
@ -96,5 +96,11 @@ def filter(%{"type" => "Create", "published" => _} = message) do
  def filter(message), do: {:ok, message}
  @impl true
-  def describe, do: {:ok, %{}}
+  def describe do
    mrf_object_age =
      Pleroma.Config.get(:mrf_object_age)
      |> Enum.into(%{})
    {:ok, %{mrf_object_age: mrf_object_age}}
  end
 end
--- a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex
+++ b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex
@ -148,6 +148,21 @@ defp check_banner_removal(%{host: actor_host} = _actor_info, %{"image" => _image
  defp check_banner_removal(_actor_info, object), do: {:ok, object}
  @impl true
  def filter(%{"type" => "Delete", "actor" => actor} = object) do
    %{host: actor_host} = URI.parse(actor)
    reject_deletes =
      Pleroma.Config.get([:mrf_simple, :reject_deletes])
      |> MRF.subdomains_regex()
    if MRF.subdomain_match?(reject_deletes, actor_host) do
      {:reject, nil}
    else
      {:ok, object}
    end
  end
  @impl true
  def filter(%{"actor" => actor} = object) do
    actor_info = URI.parse(actor)
--- a/lib/pleroma/web/mastodon_api/controllers/subscription_controller.ex
+++ b/lib/pleroma/web/mastodon_api/controllers/subscription_controller.ex
@ -6,25 +6,22 @@ defmodule Pleroma.Web.MastodonAPI.SubscriptionController do
  @moduledoc "The module represents functions to manage user subscriptions."
  use Pleroma.Web, :controller
  alias Pleroma.Web.MastodonAPI.PushSubscriptionView, as: View
  alias Pleroma.Web.Push
  alias Pleroma.Web.Push.Subscription
  action_fallback(:errors)
  plug(Pleroma.Plugs.OAuthScopesPlug, %{scopes: ["push"]})
  plug(Pleroma.Plugs.EnsurePublicOrAuthenticatedPlug)
  plug(:restrict_push_enabled)
  # Creates PushSubscription
  # POST /api/v1/push/subscription
  #
  def create(%{assigns: %{user: user, token: token}} = conn, params) do
-    with true <- Push.enabled(),
+    with {:ok, _} <- Subscription.delete_if_exists(user, token),
         {:ok, _} <- Subscription.delete_if_exists(user, token),
         {:ok, subscription} <- Subscription.create(user, token, params) do
-      view = View.render("push_subscription.json", subscription: subscription)
+      render(conn, "show.json", subscription: subscription)
      json(conn, view)
    end
  end
@ -32,10 +29,8 @@ def create(%{assigns: %{user: user, token: token}} = conn, params) do
  # GET /api/v1/push/subscription
  #
  def get(%{assigns: %{user: user, token: token}} = conn, _params) do
-    with true <- Push.enabled(),
+    with {:ok, subscription} <- Subscription.get(user, token) do
-         {:ok, subscription} <- Subscription.get(user, token) do
+      render(conn, "show.json", subscription: subscription)
      view = View.render("push_subscription.json", subscription: subscription)
      json(conn, view)
    end
  end
@ -43,10 +38,8 @@ def get(%{assigns: %{user: user, token: token}} = conn, _params) do
  # PUT /api/v1/push/subscription
  #
  def update(%{assigns: %{user: user, token: token}} = conn, params) do
-    with true <- Push.enabled(),
+    with {:ok, subscription} <- Subscription.update(user, token, params) do
-         {:ok, subscription} <- Subscription.update(user, token, params) do
+      render(conn, "show.json", subscription: subscription)
      view = View.render("push_subscription.json", subscription: subscription)
      json(conn, view)
    end
  end
@ -54,11 +47,20 @@ def update(%{assigns: %{user: user, token: token}} = conn, params) do
  # DELETE /api/v1/push/subscription
  #
  def delete(%{assigns: %{user: user, token: token}} = conn, _params) do
-    with true <- Push.enabled(),
+    with {:ok, _response} <- Subscription.delete(user, token),
         {:ok, _response} <- Subscription.delete(user, token),
         do: json(conn, %{})
  end
  defp restrict_push_enabled(conn, _) do
    if Push.enabled() do
      conn
    else
      conn
      |> render_error(:forbidden, "Web push subscription is disabled on this Pleroma instance")
      |> halt()
    end
  end
  # fallback action
  #
  def errors(conn, {:error, :not_found}) do
--- a/lib/pleroma/web/mastodon_api/views/push_subscription_view.ex
+++ b/lib/pleroma/web/mastodon_api/views/push_subscription_view.ex
@ -2,11 +2,11 @@
 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
 # SPDX-License-Identifier: AGPL-3.0-only
-defmodule Pleroma.Web.MastodonAPI.PushSubscriptionView do
+defmodule Pleroma.Web.MastodonAPI.SubscriptionView do
  use Pleroma.Web, :view
  alias Pleroma.Web.Push
-  def render("push_subscription.json", %{subscription: subscription}) do
+  def render("show.json", %{subscription: subscription}) do
    %{
      id: to_string(subscription.id),
      endpoint: subscription.endpoint,
--- a/lib/pleroma/web/router.ex
+++ b/lib/pleroma/web/router.ex
@ -16,79 +16,60 @@ defmodule Pleroma.Web.Router do
    plug(Pleroma.Plugs.UserEnabledPlug)
  end
-  pipeline :api do
+  pipeline :authenticate do
    plug(:accepts, ["json"])
    plug(:fetch_session)
    plug(Pleroma.Plugs.OAuthPlug)
    plug(Pleroma.Plugs.BasicAuthDecoderPlug)
    plug(Pleroma.Plugs.UserFetcherPlug)
    plug(Pleroma.Plugs.SessionAuthenticationPlug)
    plug(Pleroma.Plugs.LegacyAuthenticationPlug)
    plug(Pleroma.Plugs.AuthenticationPlug)
  end
  pipeline :after_auth do
    plug(Pleroma.Plugs.UserEnabledPlug)
    plug(Pleroma.Plugs.SetUserSessionIdPlug)
    plug(Pleroma.Plugs.EnsureUserKeyPlug)
-    plug(Pleroma.Plugs.IdempotencyPlug)
+  end
  pipeline :base_api do
    plug(:accepts, ["json"])
    plug(:fetch_session)
    plug(:authenticate)
    plug(OpenApiSpex.Plug.PutApiSpec, module: Pleroma.Web.ApiSpec)
  end
  pipeline :api do
    plug(:base_api)
    plug(:after_auth)
    plug(Pleroma.Plugs.IdempotencyPlug)
  end
  pipeline :authenticated_api do
-    plug(:accepts, ["json"])
+    plug(:base_api)
    plug(:fetch_session)
    plug(Pleroma.Plugs.AuthExpectedPlug)
-    plug(Pleroma.Plugs.OAuthPlug)
+    plug(:after_auth)
    plug(Pleroma.Plugs.BasicAuthDecoderPlug)
    plug(Pleroma.Plugs.UserFetcherPlug)
    plug(Pleroma.Plugs.SessionAuthenticationPlug)
    plug(Pleroma.Plugs.LegacyAuthenticationPlug)
    plug(Pleroma.Plugs.AuthenticationPlug)
    plug(Pleroma.Plugs.UserEnabledPlug)
    plug(Pleroma.Plugs.SetUserSessionIdPlug)
    plug(Pleroma.Plugs.EnsureAuthenticatedPlug)
    plug(Pleroma.Plugs.IdempotencyPlug)
    plug(OpenApiSpex.Plug.PutApiSpec, module: Pleroma.Web.ApiSpec)
  end
  pipeline :admin_api do
-    plug(:accepts, ["json"])
+    plug(:base_api)
    plug(:fetch_session)
    plug(Pleroma.Plugs.OAuthPlug)
    plug(Pleroma.Plugs.BasicAuthDecoderPlug)
    plug(Pleroma.Plugs.UserFetcherPlug)
    plug(Pleroma.Plugs.SessionAuthenticationPlug)
    plug(Pleroma.Plugs.LegacyAuthenticationPlug)
    plug(Pleroma.Plugs.AuthenticationPlug)
    plug(Pleroma.Plugs.AdminSecretAuthenticationPlug)
-    plug(Pleroma.Plugs.UserEnabledPlug)
+    plug(:after_auth)
    plug(Pleroma.Plugs.SetUserSessionIdPlug)
    plug(Pleroma.Plugs.EnsureAuthenticatedPlug)
    plug(Pleroma.Plugs.UserIsAdminPlug)
    plug(Pleroma.Plugs.IdempotencyPlug)
    plug(OpenApiSpex.Plug.PutApiSpec, module: Pleroma.Web.ApiSpec)
  end
  pipeline :mastodon_html do
-    plug(:accepts, ["html"])
+    plug(:browser)
-    plug(:fetch_session)
+    plug(:authenticate)
-    plug(Pleroma.Plugs.OAuthPlug)
+    plug(:after_auth)
    plug(Pleroma.Plugs.BasicAuthDecoderPlug)
    plug(Pleroma.Plugs.UserFetcherPlug)
    plug(Pleroma.Plugs.SessionAuthenticationPlug)
    plug(Pleroma.Plugs.LegacyAuthenticationPlug)
    plug(Pleroma.Plugs.AuthenticationPlug)
    plug(Pleroma.Plugs.UserEnabledPlug)
    plug(Pleroma.Plugs.SetUserSessionIdPlug)
    plug(Pleroma.Plugs.EnsureUserKeyPlug)
  end
  pipeline :pleroma_html do
-    plug(:accepts, ["html"])
+    plug(:browser)
-    plug(:fetch_session)
+    plug(:authenticate)
    plug(Pleroma.Plugs.OAuthPlug)
    plug(Pleroma.Plugs.BasicAuthDecoderPlug)
    plug(Pleroma.Plugs.UserFetcherPlug)
    plug(Pleroma.Plugs.SessionAuthenticationPlug)
    plug(Pleroma.Plugs.AuthenticationPlug)
    plug(Pleroma.Plugs.EnsureUserKeyPlug)
  end
@ -524,7 +505,7 @@ defmodule Pleroma.Web.Router do
  end
  scope "/api" do
-    pipe_through(:api)
+    pipe_through(:base_api)
    get("/openapi", OpenApiSpex.Plug.RenderSpec, [])
  end
@ -538,10 +519,6 @@ defmodule Pleroma.Web.Router do
    post("/qvitter/statuses/notifications/read", TwitterAPI.Controller, :notifications_read)
  end
  pipeline :ap_service_actor do
    plug(:accepts, ["activity+json", "json"])
  end
  pipeline :ostatus do
    plug(:accepts, ["html", "xml", "rss", "atom", "activity+json", "json"])
    plug(Pleroma.Plugs.StaticFEPlug)
@ -552,8 +529,7 @@ defmodule Pleroma.Web.Router do
  end
  scope "/", Pleroma.Web do
-    pipe_through(:ostatus)
+    pipe_through([:ostatus, :http_signature])
    pipe_through(:http_signature)
    get("/objects/:uuid", OStatus.OStatusController, :object)
    get("/activities/:uuid", OStatus.OStatusController, :activity)
@ -571,13 +547,6 @@ defmodule Pleroma.Web.Router do
    get("/mailer/unsubscribe/:token", Mailer.SubscriptionController, :unsubscribe)
  end
  # Server to Server (S2S) AP interactions
  pipeline :activitypub do
    plug(:accepts, ["activity+json", "json"])
    plug(Pleroma.Web.Plugs.HTTPSignaturePlug)
    plug(Pleroma.Web.Plugs.MappedSignatureToIdentityPlug)
  end
  scope "/", Pleroma.Web.ActivityPub do
    # XXX: not really ostatus
    pipe_through(:ostatus)
@ -585,19 +554,22 @@ defmodule Pleroma.Web.Router do
    get("/users/:nickname/outbox", ActivityPubController, :outbox)
  end
  pipeline :ap_service_actor do
    plug(:accepts, ["activity+json", "json"])
  end
  # Server to Server (S2S) AP interactions
  pipeline :activitypub do
    plug(:ap_service_actor)
    plug(:http_signature)
  end
  # Client to Server (C2S) AP interactions
  pipeline :activitypub_client do
-    plug(:accepts, ["activity+json", "json"])
+    plug(:ap_service_actor)
    plug(:fetch_session)
-    plug(Pleroma.Plugs.OAuthPlug)
+    plug(:authenticate)
-    plug(Pleroma.Plugs.BasicAuthDecoderPlug)
+    plug(:after_auth)
    plug(Pleroma.Plugs.UserFetcherPlug)
    plug(Pleroma.Plugs.SessionAuthenticationPlug)
    plug(Pleroma.Plugs.LegacyAuthenticationPlug)
    plug(Pleroma.Plugs.AuthenticationPlug)
    plug(Pleroma.Plugs.UserEnabledPlug)
    plug(Pleroma.Plugs.SetUserSessionIdPlug)
    plug(Pleroma.Plugs.EnsureUserKeyPlug)
  end
  scope "/", Pleroma.Web.ActivityPub do
@ -669,12 +641,7 @@ defmodule Pleroma.Web.Router do
    get("/web/*path", MastoFEController, :index)
  end
  pipeline :remote_media do
  end
  scope "/proxy/", Pleroma.Web.MediaProxy do
    pipe_through(:remote_media)
    get("/:sig/:url", MediaProxyController, :remote)
    get("/:sig/:url/:filename", MediaProxyController, :remote)
  end
--- a/test/web/activity_pub/mrf/object_age_policy_test.exs
+++ b/test/web/activity_pub/mrf/object_age_policy_test.exs
@ -20,26 +20,38 @@ defmodule Pleroma.Web.ActivityPub.MRF.ObjectAgePolicyTest do
    :ok
  end
  defp get_old_message do
    File.read!("test/fixtures/mastodon-post-activity.json")
    |> Poison.decode!()
  end
  defp get_new_message do
    old_message = get_old_message()
    new_object =
      old_message
      |> Map.get("object")
      |> Map.put("published", DateTime.utc_now() |> DateTime.to_iso8601())
    old_message
    |> Map.put("object", new_object)
  end
  describe "with reject action" do
    test "it rejects an old post" do
      Config.put([:mrf_object_age, :actions], [:reject])
-      data =
+      data = get_old_message()
        File.read!("test/fixtures/mastodon-post-activity.json")
        |> Poison.decode!()
-      {:reject, _} = ObjectAgePolicy.filter(data)
+      assert match?({:reject, _}, ObjectAgePolicy.filter(data))
    end
    test "it allows a new post" do
      Config.put([:mrf_object_age, :actions], [:reject])
-      data =
+      data = get_new_message()
        File.read!("test/fixtures/mastodon-post-activity.json")
        |> Poison.decode!()
        |> Map.put("published", DateTime.utc_now() |> DateTime.to_iso8601())
-      {:ok, _} = ObjectAgePolicy.filter(data)
+      assert match?({:ok, _}, ObjectAgePolicy.filter(data))
    end
  end
@ -47,9 +59,7 @@ test "it allows a new post" do
    test "it delists an old post" do
      Config.put([:mrf_object_age, :actions], [:delist])
-      data =
+      data = get_old_message()
        File.read!("test/fixtures/mastodon-post-activity.json")
        |> Poison.decode!()
      {:ok, _u} = User.get_or_fetch_by_ap_id(data["actor"])
@ -61,14 +71,11 @@ test "it delists an old post" do
    test "it allows a new post" do
      Config.put([:mrf_object_age, :actions], [:delist])
-      data =
+      data = get_new_message()
        File.read!("test/fixtures/mastodon-post-activity.json")
        |> Poison.decode!()
        |> Map.put("published", DateTime.utc_now() |> DateTime.to_iso8601())
      {:ok, _user} = User.get_or_fetch_by_ap_id(data["actor"])
-      {:ok, ^data} = ObjectAgePolicy.filter(data)
+      assert match?({:ok, ^data}, ObjectAgePolicy.filter(data))
    end
  end
@ -76,9 +83,7 @@ test "it allows a new post" do
    test "it strips followers collections from an old post" do
      Config.put([:mrf_object_age, :actions], [:strip_followers])
-      data =
+      data = get_old_message()
        File.read!("test/fixtures/mastodon-post-activity.json")
        |> Poison.decode!()
      {:ok, user} = User.get_or_fetch_by_ap_id(data["actor"])
@ -91,14 +96,11 @@ test "it strips followers collections from an old post" do
    test "it allows a new post" do
      Config.put([:mrf_object_age, :actions], [:strip_followers])
-      data =
+      data = get_new_message()
        File.read!("test/fixtures/mastodon-post-activity.json")
        |> Poison.decode!()
        |> Map.put("published", DateTime.utc_now() |> DateTime.to_iso8601())
      {:ok, _u} = User.get_or_fetch_by_ap_id(data["actor"])
-      {:ok, ^data} = ObjectAgePolicy.filter(data)
+      assert match?({:ok, ^data}, ObjectAgePolicy.filter(data))
    end
  end
 end
--- a/test/web/activity_pub/mrf/simple_policy_test.exs
+++ b/test/web/activity_pub/mrf/simple_policy_test.exs
@ -17,7 +17,8 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
            reject: [],
            accept: [],
            avatar_removal: [],
-            banner_removal: []
+            banner_removal: [],
            reject_deletes: []
          )
  describe "when :media_removal" do
@ -382,6 +383,66 @@ test "match with wildcard domain" do
    end
  end
  describe "when :reject_deletes is empty" do
    setup do: Config.put([:mrf_simple, :reject_deletes], [])
    test "it accepts deletions even from rejected servers" do
      Config.put([:mrf_simple, :reject], ["remote.instance"])
      deletion_message = build_remote_deletion_message()
      assert SimplePolicy.filter(deletion_message) == {:ok, deletion_message}
    end
    test "it accepts deletions even from non-whitelisted servers" do
      Config.put([:mrf_simple, :accept], ["non.matching.remote"])
      deletion_message = build_remote_deletion_message()
      assert SimplePolicy.filter(deletion_message) == {:ok, deletion_message}
    end
  end
  describe "when :reject_deletes is not empty but it doesn't have a matching host" do
    setup do: Config.put([:mrf_simple, :reject_deletes], ["non.matching.remote"])
    test "it accepts deletions even from rejected servers" do
      Config.put([:mrf_simple, :reject], ["remote.instance"])
      deletion_message = build_remote_deletion_message()
      assert SimplePolicy.filter(deletion_message) == {:ok, deletion_message}
    end
    test "it accepts deletions even from non-whitelisted servers" do
      Config.put([:mrf_simple, :accept], ["non.matching.remote"])
      deletion_message = build_remote_deletion_message()
      assert SimplePolicy.filter(deletion_message) == {:ok, deletion_message}
    end
  end
  describe "when :reject_deletes has a matching host" do
    setup do: Config.put([:mrf_simple, :reject_deletes], ["remote.instance"])
    test "it rejects the deletion" do
      deletion_message = build_remote_deletion_message()
      assert SimplePolicy.filter(deletion_message) == {:reject, nil}
    end
  end
  describe "when :reject_deletes match with wildcard domain" do
    setup do: Config.put([:mrf_simple, :reject_deletes], ["*.remote.instance"])
    test "it rejects the deletion" do
      deletion_message = build_remote_deletion_message()
      assert SimplePolicy.filter(deletion_message) == {:reject, nil}
    end
  end
  defp build_local_message do
    %{
      "actor" => "#{Pleroma.Web.base_url()}/users/alice",
@ -408,4 +469,11 @@ defp build_remote_user do
      "type" => "Person"
    }
  end
  defp build_remote_deletion_message do
    %{
      "type" => "Delete",
      "actor" => "https://remote.instance/users/bob"
    }
  end
 end
--- a/test/web/mastodon_api/controllers/subscription_controller_test.exs
+++ b/test/web/mastodon_api/controllers/subscription_controller_test.exs
@ -35,7 +35,10 @@ defmacro assert_error_when_disable_push(do: yield) do
    quote do
      vapid_details = Application.get_env(:web_push_encryption, :vapid_details, [])
      Application.put_env(:web_push_encryption, :vapid_details, [])
-      assert "Something went wrong" == unquote(yield)
+
      assert %{"error" => "Web push subscription is disabled on this Pleroma instance"} ==
               unquote(yield)
      Application.put_env(:web_push_encryption, :vapid_details, vapid_details)
    end
  end
@ -45,7 +48,7 @@ test "returns error when push disabled ", %{conn: conn} do
      assert_error_when_disable_push do
        conn
        |> post("/api/v1/push/subscription", %{})
-        |> json_response(500)
+        |> json_response(403)
      end
    end
@ -74,7 +77,7 @@ test "returns error when push disabled ", %{conn: conn} do
      assert_error_when_disable_push do
        conn
        |> get("/api/v1/push/subscription", %{})
-        |> json_response(500)
+        |> json_response(403)
      end
    end
@ -127,7 +130,7 @@ test "returns error when push disabled ", %{conn: conn} do
      assert_error_when_disable_push do
        conn
        |> put("/api/v1/push/subscription", %{data: %{"alerts" => %{"mention" => false}}})
-        |> json_response(500)
+        |> json_response(403)
      end
    end
@ -155,7 +158,7 @@ test "returns error when push disabled ", %{conn: conn} do
      assert_error_when_disable_push do
        conn
        |> delete("/api/v1/push/subscription", %{})
-        |> json_response(500)
+        |> json_response(403)
      end
    end
--- a/test/web/mastodon_api/views/push_subscription_view_test.exs
+++ b/test/web/mastodon_api/views/push_subscription_view_test.exs
@ -2,10 +2,10 @@
 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
 # SPDX-License-Identifier: AGPL-3.0-only
-defmodule Pleroma.Web.MastodonAPI.PushSubscriptionViewTest do
+defmodule Pleroma.Web.MastodonAPI.SubscriptionViewTest do
  use Pleroma.DataCase
  import Pleroma.Factory
-  alias Pleroma.Web.MastodonAPI.PushSubscriptionView, as: View
+  alias Pleroma.Web.MastodonAPI.SubscriptionView, as: View
  alias Pleroma.Web.Push
  test "Represent a subscription" do
@ -18,6 +18,6 @@ test "Represent a subscription" do
      server_key: Keyword.get(Push.vapid_config(), :public_key)
    }
-    assert expected == View.render("push_subscription.json", %{subscription: subscription})
+    assert expected == View.render("show.json", %{subscription: subscription})
  end
 end