Merge commit '39110d1d0af5e3d9cf452ae47496a52797249fd0' into glitch-soc/merge-upstream

2023-06-18 10:36:14 +02:00
parent fefdc3244c 39110d1d0a
commit 65cbcce997
76 changed files with 2108 additions and 1483 deletions
--- a/spec/controllers/api/v1/accounts/relationships_controller_spec.rb
+++ b/spec/controllers/api/v1/accounts/relationships_controller_spec.rb
@@ -48,25 +48,32 @@ describe Api::V1::Accounts::RelationshipsController do
        expect(response).to have_http_status(200)
      end

-      it 'returns JSON with correct data' do
-        json = body_as_json
+      context 'when there is returned JSON data' do
+        let(:json) { body_as_json }

-        expect(json).to be_a Enumerable
-        expect(json.first[:id]).to eq simon.id.to_s
-        expect(json.first[:following]).to be true
-        expect(json.first[:showing_reblogs]).to be true
-        expect(json.first[:followed_by]).to be false
-        expect(json.first[:muting]).to be false
-        expect(json.first[:requested]).to be false
-        expect(json.first[:domain_blocking]).to be false
+        it 'returns an enumerable json' do
+          expect(json).to be_a Enumerable
+        end

-        expect(json.second[:id]).to eq lewis.id.to_s
-        expect(json.second[:following]).to be false
-        expect(json.second[:showing_reblogs]).to be false
-        expect(json.second[:followed_by]).to be true
-        expect(json.second[:muting]).to be false
-        expect(json.second[:requested]).to be false
-        expect(json.second[:domain_blocking]).to be false
+        it 'returns a correct first element' do
+          expect(json.first[:id]).to eq simon.id.to_s
+          expect(json.first[:following]).to be true
+          expect(json.first[:showing_reblogs]).to be true
+          expect(json.first[:followed_by]).to be false
+          expect(json.first[:muting]).to be false
+          expect(json.first[:requested]).to be false
+          expect(json.first[:domain_blocking]).to be false
+        end
+
+        it 'returns a correct second element' do
+          expect(json.second[:id]).to eq lewis.id.to_s
+          expect(json.second[:following]).to be false
+          expect(json.second[:showing_reblogs]).to be false
+          expect(json.second[:followed_by]).to be true
+          expect(json.second[:muting]).to be false
+          expect(json.second[:requested]).to be false
+          expect(json.second[:domain_blocking]).to be false
+        end
      end

      it 'returns JSON with correct data on cached requests too' do
--- a/spec/controllers/api/v1/accounts_controller_spec.rb
+++ b/spec/controllers/api/v1/accounts_controller_spec.rb
@@ -55,20 +55,6 @@ RSpec.describe Api::V1::AccountsController do
    end
  end

-  describe 'GET #show' do
-    let(:scopes) { 'read:accounts' }
-
-    before do
-      get :show, params: { id: user.account.id }
-    end
-
-    it 'returns http success' do
-      expect(response).to have_http_status(200)
-    end
-
-    it_behaves_like 'forbidden for wrong scope', 'write:statuses'
-  end
-
  describe 'POST #follow' do
    let(:scopes) { 'write:follows' }
    let(:other_account) { Fabricate(:account, username: 'bob', locked: locked) }
--- a/spec/controllers/api/v1/admin/canonical_email_blocks_controller_spec.rb
+++ b/spec/controllers/api/v1/admin/canonical_email_blocks_controller_spec.rb
@@ -1,358 +0,0 @@
-# frozen_string_literal: true
-
-require 'rails_helper'
-
-describe Api::V1::Admin::CanonicalEmailBlocksController do
-  render_views
-
-  let(:role)    { UserRole.find_by(name: 'Admin') }
-  let(:user)    { Fabricate(:user, role: role) }
-  let(:token)   { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: scopes) }
-  let(:scopes)  { 'admin:read:canonical_email_blocks admin:write:canonical_email_blocks' }
-
-  before do
-    allow(controller).to receive(:doorkeeper_token) { token }
-  end
-
-  shared_examples 'forbidden for wrong scope' do |wrong_scope|
-    let(:scopes) { wrong_scope }
-
-    it 'returns http forbidden' do
-      expect(response).to have_http_status(403)
-    end
-  end
-
-  shared_examples 'forbidden for wrong role' do |wrong_role|
-    let(:role) { UserRole.find_by(name: wrong_role) }
-
-    it 'returns http forbidden' do
-      expect(response).to have_http_status(403)
-    end
-  end
-
-  describe 'GET #index' do
-    context 'with wrong scope' do
-      before do
-        get :index
-      end
-
-      it_behaves_like 'forbidden for wrong scope', 'read:statuses'
-    end
-
-    context 'with wrong role' do
-      before do
-        get :index
-      end
-
-      it_behaves_like 'forbidden for wrong role', ''
-      it_behaves_like 'forbidden for wrong role', 'Moderator'
-    end
-
-    it 'returns http success' do
-      get :index
-
-      expect(response).to have_http_status(200)
-    end
-
-    context 'when there is no canonical email block' do
-      it 'returns an empty list' do
-        get :index
-
-        body = body_as_json
-
-        expect(body).to be_empty
-      end
-    end
-
-    context 'when there are canonical email blocks' do
-      let!(:canonical_email_blocks) { Fabricate.times(5, :canonical_email_block) }
-      let(:expected_email_hashes) { canonical_email_blocks.pluck(:canonical_email_hash) }
-
-      it 'returns the correct canonical email hashes' do
-        get :index
-
-        json = body_as_json
-
-        expect(json.pluck(:canonical_email_hash)).to match_array(expected_email_hashes)
-      end
-
-      context 'with limit param' do
-        let(:params) { { limit: 2 } }
-
-        it 'returns only the requested number of canonical email blocks' do
-          get :index, params: params
-
-          json = body_as_json
-
-          expect(json.size).to eq(params[:limit])
-        end
-      end
-
-      context 'with since_id param' do
-        let(:params) { { since_id: canonical_email_blocks[1].id } }
-
-        it 'returns only the canonical email blocks after since_id' do
-          get :index, params: params
-
-          canonical_email_blocks_ids = canonical_email_blocks.pluck(:id).map(&:to_s)
-          json = body_as_json
-
-          expect(json.pluck(:id)).to match_array(canonical_email_blocks_ids[2..])
-        end
-      end
-
-      context 'with max_id param' do
-        let(:params) { { max_id: canonical_email_blocks[3].id } }
-
-        it 'returns only the canonical email blocks before max_id' do
-          get :index, params: params
-
-          canonical_email_blocks_ids = canonical_email_blocks.pluck(:id).map(&:to_s)
-          json = body_as_json
-
-          expect(json.pluck(:id)).to match_array(canonical_email_blocks_ids[..2])
-        end
-      end
-    end
-  end
-
-  describe 'GET #show' do
-    let!(:canonical_email_block) { Fabricate(:canonical_email_block) }
-    let(:params) { { id: canonical_email_block.id } }
-
-    context 'with wrong scope' do
-      before do
-        get :show, params: params
-      end
-
-      it_behaves_like 'forbidden for wrong scope', 'read:statuses'
-    end
-
-    context 'with wrong role' do
-      before do
-        get :show, params: params
-      end
-
-      it_behaves_like 'forbidden for wrong role', ''
-      it_behaves_like 'forbidden for wrong role', 'Moderator'
-    end
-
-    context 'when canonical email block exists' do
-      it 'returns http success' do
-        get :show, params: params
-
-        expect(response).to have_http_status(200)
-      end
-
-      it 'returns canonical email block data correctly' do
-        get :show, params: params
-
-        json = body_as_json
-
-        expect(json[:id]).to eq(canonical_email_block.id.to_s)
-        expect(json[:canonical_email_hash]).to eq(canonical_email_block.canonical_email_hash)
-      end
-    end
-
-    context 'when canonical block does not exist' do
-      it 'returns http not found' do
-        get :show, params: { id: 0 }
-
-        expect(response).to have_http_status(404)
-      end
-    end
-  end
-
-  describe 'POST #test' do
-    context 'with wrong scope' do
-      before do
-        post :test
-      end
-
-      it_behaves_like 'forbidden for wrong scope', 'read:statuses'
-    end
-
-    context 'with wrong role' do
-      before do
-        post :test, params: { email: 'whatever@email.com' }
-      end
-
-      it_behaves_like 'forbidden for wrong role', ''
-      it_behaves_like 'forbidden for wrong role', 'Moderator'
-    end
-
-    context 'when required email is not provided' do
-      it 'returns http bad request' do
-        post :test
-
-        expect(response).to have_http_status(400)
-      end
-    end
-
-    context 'when required email is provided' do
-      let(:params) { { email: 'example@email.com' } }
-
-      context 'when there is a matching canonical email block' do
-        let!(:canonical_email_block) { CanonicalEmailBlock.create(params) }
-
-        it 'returns http success' do
-          post :test, params: params
-
-          expect(response).to have_http_status(200)
-        end
-
-        it 'returns expected canonical email hash' do
-          post :test, params: params
-
-          json = body_as_json
-
-          expect(json[0][:canonical_email_hash]).to eq(canonical_email_block.canonical_email_hash)
-        end
-      end
-
-      context 'when there is no matching canonical email block' do
-        it 'returns http success' do
-          post :test, params: params
-
-          expect(response).to have_http_status(200)
-        end
-
-        it 'returns an empty list' do
-          post :test, params: params
-
-          json = body_as_json
-
-          expect(json).to be_empty
-        end
-      end
-    end
-  end
-
-  describe 'POST #create' do
-    let(:params) { { email: 'example@email.com' } }
-    let(:canonical_email_block) { CanonicalEmailBlock.new(email: params[:email]) }
-
-    context 'with wrong scope' do
-      before do
-        post :create, params: params
-      end
-
-      it_behaves_like 'forbidden for wrong scope', 'read:statuses'
-    end
-
-    context 'with wrong role' do
-      before do
-        post :create, params: params
-      end
-
-      it_behaves_like 'forbidden for wrong role', ''
-      it_behaves_like 'forbidden for wrong role', 'Moderator'
-    end
-
-    it 'returns http success' do
-      post :create, params: params
-
-      expect(response).to have_http_status(200)
-    end
-
-    it 'returns canonical_email_hash correctly' do
-      post :create, params: params
-
-      json = body_as_json
-
-      expect(json[:canonical_email_hash]).to eq(canonical_email_block.canonical_email_hash)
-    end
-
-    context 'when required email param is not provided' do
-      it 'returns http unprocessable entity' do
-        post :create
-
-        expect(response).to have_http_status(422)
-      end
-    end
-
-    context 'when canonical_email_hash param is provided instead of email' do
-      let(:params) { { canonical_email_hash: 'dd501ce4e6b08698f19df96f2f15737e48a75660b1fa79b6ff58ea25ee4851a4' } }
-
-      it 'returns http success' do
-        post :create, params: params
-
-        expect(response).to have_http_status(200)
-      end
-
-      it 'returns correct canonical_email_hash' do
-        post :create, params: params
-
-        json = body_as_json
-
-        expect(json[:canonical_email_hash]).to eq(params[:canonical_email_hash])
-      end
-    end
-
-    context 'when both email and canonical_email_hash params are provided' do
-      let(:params) { { email: 'example@email.com', canonical_email_hash: 'dd501ce4e6b08698f19df96f2f15737e48a75660b1fa79b6ff58ea25ee4851a4' } }
-
-      it 'returns http success' do
-        post :create, params: params
-
-        expect(response).to have_http_status(200)
-      end
-
-      it 'ignores canonical_email_hash param' do
-        post :create, params: params
-
-        json = body_as_json
-
-        expect(json[:canonical_email_hash]).to eq(canonical_email_block.canonical_email_hash)
-      end
-    end
-
-    context 'when canonical email was already blocked' do
-      before do
-        canonical_email_block.save
-      end
-
-      it 'returns http unprocessable entity' do
-        post :create, params: params
-
-        expect(response).to have_http_status(422)
-      end
-    end
-  end
-
-  describe 'DELETE #destroy' do
-    let!(:canonical_email_block) { Fabricate(:canonical_email_block) }
-    let(:params) { { id: canonical_email_block.id } }
-
-    context 'with wrong scope' do
-      before do
-        delete :destroy, params: params
-      end
-
-      it_behaves_like 'forbidden for wrong scope', 'read:statuses'
-    end
-
-    context 'with wrong role' do
-      before do
-        delete :destroy, params: params
-      end
-
-      it_behaves_like 'forbidden for wrong role', ''
-      it_behaves_like 'forbidden for wrong role', 'Moderator'
-    end
-
-    it 'returns http success' do
-      delete :destroy, params: params
-
-      expect(response).to have_http_status(200)
-    end
-
-    context 'when canonical email block is not found' do
-      it 'returns http not found' do
-        delete :destroy, params: { id: 0 }
-
-        expect(response).to have_http_status(404)
-      end
-    end
-  end
-end
--- a/spec/controllers/api/v1/admin/domain_allows_controller_spec.rb
+++ b/spec/controllers/api/v1/admin/domain_allows_controller_spec.rb
@@ -1,140 +0,0 @@
-# frozen_string_literal: true
-
-require 'rails_helper'
-
-RSpec.describe Api::V1::Admin::DomainAllowsController do
-  render_views
-
-  let(:role)   { UserRole.find_by(name: 'Admin') }
-  let(:user)   { Fabricate(:user, role: role) }
-  let(:scopes) { 'admin:read admin:write' }
-  let(:token)  { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: scopes) }
-
-  before do
-    allow(controller).to receive(:doorkeeper_token) { token }
-  end
-
-  shared_examples 'forbidden for wrong scope' do |wrong_scope|
-    let(:scopes) { wrong_scope }
-
-    it 'returns http forbidden' do
-      expect(response).to have_http_status(403)
-    end
-  end
-
-  shared_examples 'forbidden for wrong role' do |wrong_role|
-    let(:role) { UserRole.find_by(name: wrong_role) }
-
-    it 'returns http forbidden' do
-      expect(response).to have_http_status(403)
-    end
-  end
-
-  describe 'GET #index' do
-    let!(:domain_allow) { Fabricate(:domain_allow) }
-
-    before do
-      get :index
-    end
-
-    it_behaves_like 'forbidden for wrong scope', 'write:statuses'
-    it_behaves_like 'forbidden for wrong role', ''
-    it_behaves_like 'forbidden for wrong role', 'Moderator'
-
-    it 'returns http success' do
-      expect(response).to have_http_status(200)
-    end
-
-    it 'returns the expected domain allows' do
-      json = body_as_json
-      expect(json.length).to eq 1
-      expect(json[0][:id].to_i).to eq domain_allow.id
-    end
-  end
-
-  describe 'GET #show' do
-    let!(:domain_allow) { Fabricate(:domain_allow) }
-
-    before do
-      get :show, params: { id: domain_allow.id }
-    end
-
-    it_behaves_like 'forbidden for wrong scope', 'write:statuses'
-    it_behaves_like 'forbidden for wrong role', ''
-    it_behaves_like 'forbidden for wrong role', 'Moderator'
-
-    it 'returns http success' do
-      expect(response).to have_http_status(200)
-    end
-
-    it 'returns expected domain name' do
-      json = body_as_json
-      expect(json[:domain]).to eq domain_allow.domain
-    end
-  end
-
-  describe 'DELETE #destroy' do
-    let!(:domain_allow) { Fabricate(:domain_allow) }
-
-    before do
-      delete :destroy, params: { id: domain_allow.id }
-    end
-
-    it_behaves_like 'forbidden for wrong scope', 'write:statuses'
-    it_behaves_like 'forbidden for wrong role', ''
-    it_behaves_like 'forbidden for wrong role', 'Moderator'
-
-    it 'returns http success' do
-      expect(response).to have_http_status(200)
-    end
-
-    it 'deletes the block' do
-      expect(DomainAllow.find_by(id: domain_allow.id)).to be_nil
-    end
-  end
-
-  describe 'POST #create' do
-    let!(:domain_allow) { Fabricate(:domain_allow, domain: 'example.com') }
-
-    context 'with a valid domain' do
-      before do
-        post :create, params: { domain: 'foo.bar.com' }
-      end
-
-      it_behaves_like 'forbidden for wrong scope', 'write:statuses'
-      it_behaves_like 'forbidden for wrong role', ''
-      it_behaves_like 'forbidden for wrong role', 'Moderator'
-
-      it 'returns http success' do
-        expect(response).to have_http_status(200)
-      end
-
-      it 'returns expected domain name' do
-        json = body_as_json
-        expect(json[:domain]).to eq 'foo.bar.com'
-      end
-
-      it 'creates a domain block' do
-        expect(DomainAllow.find_by(domain: 'foo.bar.com')).to_not be_nil
-      end
-    end
-
-    context 'with invalid domain name' do
-      before do
-        post :create, params: { domain: 'foo bar' }
-      end
-
-      it 'returns http unprocessable entity' do
-        expect(response).to have_http_status(422)
-      end
-    end
-
-    context 'when domain name is not specified' do
-      it 'returns http unprocessable entity' do
-        post :create
-
-        expect(response).to have_http_status(422)
-      end
-    end
-  end
-end
--- a/spec/controllers/api/v1/admin/domain_blocks_controller_spec.rb
+++ b/spec/controllers/api/v1/admin/domain_blocks_controller_spec.rb
@@ -1,180 +0,0 @@
-# frozen_string_literal: true
-
-require 'rails_helper'
-
-RSpec.describe Api::V1::Admin::DomainBlocksController do
-  render_views
-
-  let(:role)   { UserRole.find_by(name: 'Admin') }
-  let(:user)   { Fabricate(:user, role: role) }
-  let(:scopes) { 'admin:read admin:write' }
-  let(:token)  { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: scopes) }
-
-  before do
-    allow(controller).to receive(:doorkeeper_token) { token }
-  end
-
-  shared_examples 'forbidden for wrong scope' do |wrong_scope|
-    let(:scopes) { wrong_scope }
-
-    it 'returns http forbidden' do
-      expect(response).to have_http_status(403)
-    end
-  end
-
-  shared_examples 'forbidden for wrong role' do |wrong_role|
-    let(:role) { UserRole.find_by(name: wrong_role) }
-
-    it 'returns http forbidden' do
-      expect(response).to have_http_status(403)
-    end
-  end
-
-  describe 'GET #index' do
-    let!(:block) { Fabricate(:domain_block) }
-
-    before do
-      get :index
-    end
-
-    it_behaves_like 'forbidden for wrong scope', 'write:statuses'
-    it_behaves_like 'forbidden for wrong role', ''
-    it_behaves_like 'forbidden for wrong role', 'Moderator'
-
-    it 'returns http success' do
-      expect(response).to have_http_status(200)
-    end
-
-    it 'returns the expected domain blocks' do
-      json = body_as_json
-      expect(json.length).to eq 1
-      expect(json[0][:id].to_i).to eq block.id
-    end
-  end
-
-  describe 'GET #show' do
-    let!(:block) { Fabricate(:domain_block) }
-
-    before do
-      get :show, params: { id: block.id }
-    end
-
-    it_behaves_like 'forbidden for wrong scope', 'write:statuses'
-    it_behaves_like 'forbidden for wrong role', ''
-    it_behaves_like 'forbidden for wrong role', 'Moderator'
-
-    it 'returns http success' do
-      expect(response).to have_http_status(200)
-    end
-
-    it 'returns expected domain name' do
-      json = body_as_json
-      expect(json[:domain]).to eq block.domain
-    end
-  end
-
-  describe 'PUT #update' do
-    let!(:remote_account) { Fabricate(:account, domain: 'example.com') }
-    let(:subject) do
-      post :update, params: { id: domain_block.id, domain: 'example.com', severity: new_severity }
-    end
-    let(:domain_block) { Fabricate(:domain_block, domain: 'example.com', severity: original_severity) }
-
-    before do
-      BlockDomainService.new.call(domain_block)
-    end
-
-    context 'when downgrading a domain suspension to silence' do
-      let(:original_severity) { 'suspend' }
-      let(:new_severity)      { 'silence' }
-
-      it 'changes the block severity' do
-        expect { subject }.to change { domain_block.reload.severity }.from('suspend').to('silence')
-      end
-
-      it 'undoes individual suspensions' do
-        expect { subject }.to change { remote_account.reload.suspended? }.from(true).to(false)
-      end
-
-      it 'performs individual silences' do
-        expect { subject }.to change { remote_account.reload.silenced? }.from(false).to(true)
-      end
-    end
-
-    context 'when upgrading a domain silence to suspend' do
-      let(:original_severity) { 'silence' }
-      let(:new_severity)      { 'suspend' }
-
-      it 'changes the block severity' do
-        expect { subject }.to change { domain_block.reload.severity }.from('silence').to('suspend')
-      end
-
-      it 'undoes individual silences' do
-        expect { subject }.to change { remote_account.reload.silenced? }.from(true).to(false)
-      end
-
-      it 'performs individual suspends' do
-        expect { subject }.to change { remote_account.reload.suspended? }.from(false).to(true)
-      end
-    end
-  end
-
-  describe 'DELETE #destroy' do
-    let!(:block) { Fabricate(:domain_block) }
-
-    before do
-      delete :destroy, params: { id: block.id }
-    end
-
-    it_behaves_like 'forbidden for wrong scope', 'write:statuses'
-    it_behaves_like 'forbidden for wrong role', ''
-    it_behaves_like 'forbidden for wrong role', 'Moderator'
-
-    it 'returns http success' do
-      expect(response).to have_http_status(200)
-    end
-
-    it 'deletes the block' do
-      expect(DomainBlock.find_by(id: block.id)).to be_nil
-    end
-  end
-
-  describe 'POST #create' do
-    let(:existing_block_domain) { 'example.com' }
-    let!(:block) { Fabricate(:domain_block, domain: existing_block_domain, severity: :suspend) }
-
-    before do
-      post :create, params: { domain: 'foo.bar.com', severity: :silence }
-    end
-
-    it_behaves_like 'forbidden for wrong scope', 'write:statuses'
-    it_behaves_like 'forbidden for wrong role', ''
-    it_behaves_like 'forbidden for wrong role', 'Moderator'
-
-    it 'returns http success' do
-      expect(response).to have_http_status(200)
-    end
-
-    it 'returns expected domain name' do
-      json = body_as_json
-      expect(json[:domain]).to eq 'foo.bar.com'
-    end
-
-    it 'creates a domain block' do
-      expect(DomainBlock.find_by(domain: 'foo.bar.com')).to_not be_nil
-    end
-
-    context 'when a stricter domain block already exists' do
-      let(:existing_block_domain) { 'bar.com' }
-
-      it 'returns http unprocessable entity' do
-        expect(response).to have_http_status(422)
-      end
-
-      it 'renders existing domain block in error' do
-        json = body_as_json
-        expect(json[:existing_domain_block][:domain]).to eq existing_block_domain
-      end
-    end
-  end
-end
--- a/spec/controllers/api/v1/admin/ip_blocks_controller_spec.rb
+++ b/spec/controllers/api/v1/admin/ip_blocks_controller_spec.rb
@@ -1,309 +0,0 @@
-# frozen_string_literal: true
-
-require 'rails_helper'
-
-describe Api::V1::Admin::IpBlocksController do
-  render_views
-
-  let(:role)    { UserRole.find_by(name: 'Admin') }
-  let(:user)    { Fabricate(:user, role: role) }
-  let(:token)   { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: scopes) }
-  let(:scopes)  { 'admin:read:ip_blocks admin:write:ip_blocks' }
-
-  before do
-    allow(controller).to receive(:doorkeeper_token) { token }
-  end
-
-  shared_examples 'forbidden for wrong scope' do |wrong_scope|
-    let(:scopes) { wrong_scope }
-
-    it 'returns http forbidden' do
-      expect(response).to have_http_status(403)
-    end
-  end
-
-  shared_examples 'forbidden for wrong role' do |wrong_role|
-    let(:role) { UserRole.find_by(name: wrong_role) }
-
-    it 'returns http forbidden' do
-      expect(response).to have_http_status(403)
-    end
-  end
-
-  describe 'GET #index' do
-    context 'with wrong scope' do
-      before do
-        get :index
-      end
-
-      it_behaves_like 'forbidden for wrong scope', 'admin:write:ip_blocks'
-    end
-
-    context 'with wrong role' do
-      before do
-        get :index
-      end
-
-      it_behaves_like 'forbidden for wrong role', ''
-      it_behaves_like 'forbidden for wrong role', 'Moderator'
-    end
-
-    it 'returns http success' do
-      get :index
-
-      expect(response).to have_http_status(200)
-    end
-
-    context 'when there is no ip block' do
-      it 'returns an empty body' do
-        get :index
-
-        json = body_as_json
-
-        expect(json).to be_empty
-      end
-    end
-
-    context 'when there are ip blocks' do
-      let!(:ip_blocks) do
-        [
-          IpBlock.create(ip: '192.0.2.0/24', severity: :no_access),
-          IpBlock.create(ip: '172.16.0.1', severity: :sign_up_requires_approval, comment: 'Spam'),
-          IpBlock.create(ip: '2001:0db8::/32', severity: :sign_up_block, expires_in: 10.days),
-        ]
-      end
-      let(:expected_response) do
-        ip_blocks.map do |ip_block|
-          {
-            id: ip_block.id.to_s,
-            ip: ip_block.ip,
-            severity: ip_block.severity.to_s,
-            comment: ip_block.comment,
-            created_at: ip_block.created_at.strftime('%Y-%m-%dT%H:%M:%S.%LZ'),
-            expires_at: ip_block.expires_at&.strftime('%Y-%m-%dT%H:%M:%S.%LZ'),
-          }
-        end
-      end
-
-      it 'returns the correct blocked ips' do
-        get :index
-
-        json = body_as_json
-
-        expect(json).to match_array(expected_response)
-      end
-
-      context 'with limit param' do
-        let(:params) { { limit: 2 } }
-
-        it 'returns only the requested number of ip blocks' do
-          get :index, params: params
-
-          json = body_as_json
-
-          expect(json.size).to eq(params[:limit])
-        end
-      end
-    end
-  end
-
-  describe 'GET #show' do
-    let!(:ip_block) { IpBlock.create(ip: '192.0.2.0/24', severity: :no_access) }
-    let(:params) { { id: ip_block.id } }
-
-    context 'with wrong scope' do
-      before do
-        get :show, params: params
-      end
-
-      it_behaves_like 'forbidden for wrong scope', 'admin:write:ip_blocks'
-    end
-
-    context 'with wrong role' do
-      before do
-        get :show, params: params
-      end
-
-      it_behaves_like 'forbidden for wrong role', ''
-      it_behaves_like 'forbidden for wrong role', 'Moderator'
-    end
-
-    it 'returns http success' do
-      get :show, params: params
-
-      expect(response).to have_http_status(200)
-    end
-
-    it 'returns the correct ip block' do
-      get :show, params: params
-
-      json = body_as_json
-
-      expect(json[:ip]).to eq("#{ip_block.ip}/#{ip_block.ip.prefix}")
-      expect(json[:severity]).to eq(ip_block.severity.to_s)
-    end
-
-    context 'when ip block does not exist' do
-      it 'returns http not found' do
-        get :show, params: { id: 0 }
-
-        expect(response).to have_http_status(404)
-      end
-    end
-  end
-
-  describe 'POST #create' do
-    let(:params) { { ip: '151.0.32.55', severity: 'no_access', comment: 'Spam' } }
-
-    context 'with wrong scope' do
-      before do
-        post :create, params: params
-      end
-
-      it_behaves_like 'forbidden for wrong scope', 'admin:read:ip_blocks'
-    end
-
-    context 'with wrong role' do
-      before do
-        post :create, params: params
-      end
-
-      it_behaves_like 'forbidden for wrong role', ''
-      it_behaves_like 'forbidden for wrong role', 'Moderator'
-    end
-
-    it 'returns http success' do
-      post :create, params: params
-
-      expect(response).to have_http_status(200)
-    end
-
-    it 'returns the correct ip block' do
-      post :create, params: params
-
-      json = body_as_json
-
-      expect(json[:ip]).to eq("#{params[:ip]}/32")
-      expect(json[:severity]).to eq(params[:severity])
-      expect(json[:comment]).to eq(params[:comment])
-    end
-
-    context 'when ip is not provided' do
-      let(:params) { { ip: '', severity: 'no_access' } }
-
-      it 'returns http unprocessable entity' do
-        post :create, params: params
-
-        expect(response).to have_http_status(422)
-      end
-    end
-
-    context 'when severity is not provided' do
-      let(:params) { { ip: '173.65.23.1', severity: '' } }
-
-      it 'returns http unprocessable entity' do
-        post :create, params: params
-
-        expect(response).to have_http_status(422)
-      end
-    end
-
-    context 'when provided ip is already blocked' do
-      before do
-        IpBlock.create(params)
-      end
-
-      it 'returns http unprocessable entity' do
-        post :create, params: params
-
-        expect(response).to have_http_status(422)
-      end
-    end
-
-    context 'when provided ip address is invalid' do
-      let(:params) { { ip: '520.13.54.120', severity: 'no_access' } }
-
-      it 'returns http unprocessable entity' do
-        post :create, params: params
-
-        expect(response).to have_http_status(422)
-      end
-    end
-  end
-
-  describe 'PUT #update' do
-    context 'when ip block exists' do
-      let!(:ip_block) { IpBlock.create(ip: '185.200.13.3', severity: 'no_access', comment: 'Spam', expires_in: 48.hours) }
-      let(:params) { { id: ip_block.id, severity: 'sign_up_requires_approval', comment: 'Decreasing severity' } }
-
-      it 'returns http success' do
-        put :update, params: params
-
-        expect(response).to have_http_status(200)
-      end
-
-      it 'returns the correct ip block' do
-        put :update, params: params
-
-        json = body_as_json
-
-        expect(json).to match(hash_including({
-          ip: "#{ip_block.ip}/#{ip_block.ip.prefix}",
-          severity: 'sign_up_requires_approval',
-          comment: 'Decreasing severity',
-        }))
-      end
-
-      it 'updates the severity correctly' do
-        expect { put :update, params: params }.to change { ip_block.reload.severity }.from('no_access').to('sign_up_requires_approval')
-      end
-
-      it 'updates the comment correctly' do
-        expect { put :update, params: params }.to change { ip_block.reload.comment }.from('Spam').to('Decreasing severity')
-      end
-    end
-
-    context 'when ip block does not exist' do
-      it 'returns http not found' do
-        put :update, params: { id: 0 }
-
-        expect(response).to have_http_status(404)
-      end
-    end
-  end
-
-  describe 'DELETE #destroy' do
-    context 'when ip block exists' do
-      let!(:ip_block) { IpBlock.create(ip: '185.200.13.3', severity: 'no_access') }
-      let(:params) { { id: ip_block.id } }
-
-      it 'returns http success' do
-        delete :destroy, params: params
-
-        expect(response).to have_http_status(200)
-      end
-
-      it 'returns an empty body' do
-        delete :destroy, params: params
-
-        json = body_as_json
-
-        expect(json).to be_empty
-      end
-
-      it 'deletes the ip block' do
-        delete :destroy, params: params
-
-        expect(IpBlock.find_by(id: ip_block.id)).to be_nil
-      end
-    end
-
-    context 'when ip block does not exist' do
-      it 'returns http not found' do
-        delete :destroy, params: { id: 0 }
-
-        expect(response).to have_http_status(404)
-      end
-    end
-  end
-end
--- a/spec/controllers/api/v1/admin/reports_controller_spec.rb
+++ b/spec/controllers/api/v1/admin/reports_controller_spec.rb
@@ -1,111 +0,0 @@
-# frozen_string_literal: true
-
-require 'rails_helper'
-
-RSpec.describe Api::V1::Admin::ReportsController do
-  render_views
-
-  let(:role)   { UserRole.find_by(name: 'Moderator') }
-  let(:user)   { Fabricate(:user, role: role) }
-  let(:scopes) { 'admin:read admin:write' }
-  let(:token)  { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: scopes) }
-  let(:report) { Fabricate(:report) }
-
-  before do
-    allow(controller).to receive(:doorkeeper_token) { token }
-  end
-
-  shared_examples 'forbidden for wrong scope' do |wrong_scope|
-    let(:scopes) { wrong_scope }
-
-    it 'returns http forbidden' do
-      expect(response).to have_http_status(403)
-    end
-  end
-
-  shared_examples 'forbidden for wrong role' do |wrong_role|
-    let(:role) { UserRole.find_by(name: wrong_role) }
-
-    it 'returns http forbidden' do
-      expect(response).to have_http_status(403)
-    end
-  end
-
-  describe 'GET #index' do
-    before do
-      get :index
-    end
-
-    it_behaves_like 'forbidden for wrong scope', 'write:statuses'
-    it_behaves_like 'forbidden for wrong role', ''
-
-    it 'returns http success' do
-      expect(response).to have_http_status(200)
-    end
-  end
-
-  describe 'GET #show' do
-    before do
-      get :show, params: { id: report.id }
-    end
-
-    it_behaves_like 'forbidden for wrong scope', 'write:statuses'
-    it_behaves_like 'forbidden for wrong role', ''
-
-    it 'returns http success' do
-      expect(response).to have_http_status(200)
-    end
-  end
-
-  describe 'POST #resolve' do
-    before do
-      post :resolve, params: { id: report.id }
-    end
-
-    it_behaves_like 'forbidden for wrong scope', 'write:statuses'
-    it_behaves_like 'forbidden for wrong role', ''
-
-    it 'returns http success' do
-      expect(response).to have_http_status(200)
-    end
-  end
-
-  describe 'POST #reopen' do
-    before do
-      post :reopen, params: { id: report.id }
-    end
-
-    it_behaves_like 'forbidden for wrong scope', 'write:statuses'
-    it_behaves_like 'forbidden for wrong role', ''
-
-    it 'returns http success' do
-      expect(response).to have_http_status(200)
-    end
-  end
-
-  describe 'POST #assign_to_self' do
-    before do
-      post :assign_to_self, params: { id: report.id }
-    end
-
-    it_behaves_like 'forbidden for wrong scope', 'write:statuses'
-    it_behaves_like 'forbidden for wrong role', ''
-
-    it 'returns http success' do
-      expect(response).to have_http_status(200)
-    end
-  end
-
-  describe 'POST #unassign' do
-    before do
-      post :unassign, params: { id: report.id }
-    end
-
-    it_behaves_like 'forbidden for wrong scope', 'write:statuses'
-    it_behaves_like 'forbidden for wrong role', ''
-
-    it 'returns http success' do
-      expect(response).to have_http_status(200)
-    end
-  end
-end
--- a/spec/controllers/settings/two_factor_authentication/confirmations_controller_spec.rb
+++ b/spec/controllers/settings/two_factor_authentication/confirmations_controller_spec.rb
@@ -56,18 +56,11 @@ describe Settings::TwoFactorAuthentication::ConfirmationsController do
        end

        describe 'when creation succeeds' do
+          let!(:otp_backup_codes) { user.generate_otp_backup_codes! }
+
          it 'renders page with success' do
-            otp_backup_codes = user.generate_otp_backup_codes!
-            expect_any_instance_of(User).to receive(:generate_otp_backup_codes!) do |value|
-              expect(value).to eq user
-              otp_backup_codes
-            end
-            expect_any_instance_of(User).to receive(:validate_and_consume_otp!) do |value, code, options|
-              expect(value).to eq user
-              expect(code).to eq '123456'
-              expect(options).to eq({ otp_secret: 'thisisasecretforthespecofnewview' })
-              true
-            end
+            prepare_user_otp_generation
+            prepare_user_otp_consumption

            expect do
              post :create,
@@ -80,6 +73,22 @@ describe Settings::TwoFactorAuthentication::ConfirmationsController do
            expect(response).to have_http_status(200)
            expect(response).to render_template('settings/two_factor_authentication/recovery_codes/index')
          end
+
+          def prepare_user_otp_generation
+            expect_any_instance_of(User).to receive(:generate_otp_backup_codes!) do |value|
+              expect(value).to eq user
+              otp_backup_codes
+            end
+          end
+
+          def prepare_user_otp_consumption
+            expect_any_instance_of(User).to receive(:validate_and_consume_otp!) do |value, code, options|
+              expect(value).to eq user
+              expect(code).to eq '123456'
+              expect(options).to eq({ otp_secret: 'thisisasecretforthespecofnewview' })
+              true
+            end
+          end
        end

        describe 'when creation fails' do
--- a/spec/fabricators/domain_allow_fabricator.rb
+++ b/spec/fabricators/domain_allow_fabricator.rb
@@ -1,5 +1,5 @@
 # frozen_string_literal: true

 Fabricator(:domain_allow) do
-  domain 'MyString'
+  domain { sequence(:domain) { |i| "example#{i}.com" } }
 end
--- a/spec/fabricators/status_stat_fabricator.rb
+++ b/spec/fabricators/status_stat_fabricator.rb
@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+Fabricator(:status_stat) do
+  status
+  replies_count '123'
+  reblogs_count '456'
+  favourites_count '789'
+end
--- a/spec/lib/mastodon/cli/cache_spec.rb
+++ b/spec/lib/mastodon/cli/cache_spec.rb
@@ -4,9 +4,68 @@ require 'rails_helper'
 require 'mastodon/cli/cache'

 describe Mastodon::CLI::Cache do
+  let(:cli) { described_class.new }
+
  describe '.exit_on_failure?' do
    it 'returns true' do
      expect(described_class.exit_on_failure?).to be true
    end
  end
+
+  describe '#clear' do
+    before { allow(Rails.cache).to receive(:clear) }
+
+    it 'clears the Rails cache' do
+      expect { cli.invoke(:clear) }.to output(
+        a_string_including('OK')
+      ).to_stdout
+      expect(Rails.cache).to have_received(:clear)
+    end
+  end
+
+  describe '#recount' do
+    context 'with the `accounts` argument' do
+      let(:arguments) { ['accounts'] }
+      let(:account_stat) { Fabricate(:account_stat) }
+
+      before do
+        account_stat.update(statuses_count: 123)
+      end
+
+      it 're-calculates account records in the cache' do
+        expect { cli.invoke(:recount, arguments) }.to output(
+          a_string_including('OK')
+        ).to_stdout
+
+        expect(account_stat.reload.statuses_count).to be_zero
+      end
+    end
+
+    context 'with the `statuses` argument' do
+      let(:arguments) { ['statuses'] }
+      let(:status_stat) { Fabricate(:status_stat) }
+
+      before do
+        status_stat.update(replies_count: 123)
+      end
+
+      it 're-calculates account records in the cache' do
+        expect { cli.invoke(:recount, arguments) }.to output(
+          a_string_including('OK')
+        ).to_stdout
+
+        expect(status_stat.reload.replies_count).to be_zero
+      end
+    end
+
+    context 'with an unknown type' do
+      let(:arguments) { ['other-type'] }
+
+      it 'Exits with an error message' do
+        expect { cli.invoke(:recount, arguments) }.to output(
+          a_string_including('Unknown')
+        ).to_stdout.and raise_error(SystemExit)
+      end
+    end
+  end
 end
--- a/spec/lib/mastodon/cli/feeds_spec.rb
+++ b/spec/lib/mastodon/cli/feeds_spec.rb
@@ -4,9 +4,65 @@ require 'rails_helper'
 require 'mastodon/cli/feeds'

 describe Mastodon::CLI::Feeds do
+  let(:cli) { described_class.new }
+
  describe '.exit_on_failure?' do
    it 'returns true' do
      expect(described_class.exit_on_failure?).to be true
    end
  end
+
+  describe '#build' do
+    before { Fabricate(:account) }
+
+    context 'with --all option' do
+      let(:options) { { all: true } }
+
+      it 'regenerates feeds for all accounts' do
+        expect { cli.invoke(:build, [], options) }.to output(
+          a_string_including('Regenerated feeds')
+        ).to_stdout
+      end
+    end
+
+    context 'with a username' do
+      before { Fabricate(:account, username: 'alice') }
+
+      let(:arguments) { ['alice'] }
+
+      it 'regenerates feeds for the account' do
+        expect { cli.invoke(:build, arguments) }.to output(
+          a_string_including('OK')
+        ).to_stdout
+      end
+    end
+
+    context 'with invalid username' do
+      let(:arguments) { ['invalid-username'] }
+
+      it 'displays an error and exits' do
+        expect { cli.invoke(:build, arguments) }.to output(
+          a_string_including('No such account')
+        ).to_stdout.and raise_error(SystemExit)
+      end
+    end
+  end
+
+  describe '#clear' do
+    before do
+      allow(redis).to receive(:del).with(key_namespace)
+    end
+
+    it 'clears the redis `feed:*` namespace' do
+      expect { cli.invoke(:clear) }.to output(
+        a_string_including('OK')
+      ).to_stdout
+
+      expect(redis).to have_received(:del).with(key_namespace).once
+    end
+
+    def key_namespace
+      redis.keys('feed:*')
+    end
+  end
 end
--- a/spec/models/form/import_spec.rb
+++ b/spec/models/form/import_spec.rb
@@ -245,17 +245,44 @@ RSpec.describe Form::Import do
        expect(account.bulk_imports.first.rows.pluck(:data)).to match_array(expected_rows)
      end

-      it 'creates a BulkImport with expected attributes' do
-        bulk_import = account.bulk_imports.first
-        expect(bulk_import).to_not be_nil
-        expect(bulk_import.type.to_sym).to eq subject.type.to_sym
-        expect(bulk_import.original_filename).to eq subject.data.original_filename
-        expect(bulk_import.likely_mismatched?).to eq subject.likely_mismatched?
-        expect(bulk_import.overwrite?).to eq !!subject.overwrite # rubocop:disable Style/DoubleNegation
-        expect(bulk_import.processed_items).to eq 0
-        expect(bulk_import.imported_items).to eq 0
-        expect(bulk_import.total_items).to eq bulk_import.rows.count
-        expect(bulk_import.unconfirmed?).to be true
+      context 'with a BulkImport' do
+        let(:bulk_import) { account.bulk_imports.first }
+
+        it 'creates a non-nil bulk import' do
+          expect(bulk_import).to_not be_nil
+        end
+
+        it 'matches the subjects type' do
+          expect(bulk_import.type.to_sym).to eq subject.type.to_sym
+        end
+
+        it 'matches the subjects original filename' do
+          expect(bulk_import.original_filename).to eq subject.data.original_filename
+        end
+
+        it 'matches the subjects likely_mismatched? value' do
+          expect(bulk_import.likely_mismatched?).to eq subject.likely_mismatched?
+        end
+
+        it 'matches the subject overwrite value' do
+          expect(bulk_import.overwrite?).to eq !!subject.overwrite # rubocop:disable Style/DoubleNegation
+        end
+
+        it 'has zero processed items' do
+          expect(bulk_import.processed_items).to eq 0
+        end
+
+        it 'has zero imported items' do
+          expect(bulk_import.imported_items).to eq 0
+        end
+
+        it 'has a correct total_items value' do
+          expect(bulk_import.total_items).to eq bulk_import.rows.count
+        end
+
+        it 'defaults to unconfirmed true' do
+          expect(bulk_import.unconfirmed?).to be true
+        end
      end
    end

--- a/spec/models/notification_spec.rb
+++ b/spec/models/notification_spec.rb
@@ -99,73 +99,87 @@ RSpec.describe Notification do
        ]
      end

-      it 'preloads target status' do
-        # mention
-        expect(subject[0].type).to eq :mention
-        expect(subject[0].association(:mention)).to be_loaded
-        expect(subject[0].mention.association(:status)).to be_loaded
+      context 'with a preloaded target status' do
+        it 'preloads mention' do
+          expect(subject[0].type).to eq :mention
+          expect(subject[0].association(:mention)).to be_loaded
+          expect(subject[0].mention.association(:status)).to be_loaded
+        end

-        # status
-        expect(subject[1].type).to eq :status
-        expect(subject[1].association(:status)).to be_loaded
+        it 'preloads status' do
+          expect(subject[1].type).to eq :status
+          expect(subject[1].association(:status)).to be_loaded
+        end

-        # reblog
-        expect(subject[2].type).to eq :reblog
-        expect(subject[2].association(:status)).to be_loaded
-        expect(subject[2].status.association(:reblog)).to be_loaded
+        it 'preloads reblog' do
+          expect(subject[2].type).to eq :reblog
+          expect(subject[2].association(:status)).to be_loaded
+          expect(subject[2].status.association(:reblog)).to be_loaded
+        end

-        # follow: nothing
-        expect(subject[3].type).to eq :follow
-        expect(subject[3].target_status).to be_nil
+        it 'preloads follow as nil' do
+          expect(subject[3].type).to eq :follow
+          expect(subject[3].target_status).to be_nil
+        end

-        # follow_request: nothing
-        expect(subject[4].type).to eq :follow_request
-        expect(subject[4].target_status).to be_nil
+        it 'preloads follow_request as nill' do
+          expect(subject[4].type).to eq :follow_request
+          expect(subject[4].target_status).to be_nil
+        end

-        # favourite
-        expect(subject[5].type).to eq :favourite
-        expect(subject[5].association(:favourite)).to be_loaded
-        expect(subject[5].favourite.association(:status)).to be_loaded
+        it 'preloads favourite' do
+          expect(subject[5].type).to eq :favourite
+          expect(subject[5].association(:favourite)).to be_loaded
+          expect(subject[5].favourite.association(:status)).to be_loaded
+        end

-        # poll
-        expect(subject[6].type).to eq :poll
-        expect(subject[6].association(:poll)).to be_loaded
-        expect(subject[6].poll.association(:status)).to be_loaded
+        it 'preloads poll' do
+          expect(subject[6].type).to eq :poll
+          expect(subject[6].association(:poll)).to be_loaded
+          expect(subject[6].poll.association(:status)).to be_loaded
+        end
      end

-      it 'replaces to cached status' do
-        # mention
-        expect(subject[0].type).to eq :mention
-        expect(subject[0].target_status.association(:account)).to be_loaded
-        expect(subject[0].target_status).to eq mention.status
+      context 'with a cached status' do
+        it 'replaces mention' do
+          expect(subject[0].type).to eq :mention
+          expect(subject[0].target_status.association(:account)).to be_loaded
+          expect(subject[0].target_status).to eq mention.status
+        end

-        # status
-        expect(subject[1].type).to eq :status
-        expect(subject[1].target_status.association(:account)).to be_loaded
-        expect(subject[1].target_status).to eq status
+        it 'replaces status' do
+          expect(subject[1].type).to eq :status
+          expect(subject[1].target_status.association(:account)).to be_loaded
+          expect(subject[1].target_status).to eq status
+        end

-        # reblog
-        expect(subject[2].type).to eq :reblog
-        expect(subject[2].target_status.association(:account)).to be_loaded
-        expect(subject[2].target_status).to eq reblog.reblog
+        it 'replaces reblog' do
+          expect(subject[2].type).to eq :reblog
+          expect(subject[2].target_status.association(:account)).to be_loaded
+          expect(subject[2].target_status).to eq reblog.reblog
+        end

-        # follow: nothing
-        expect(subject[3].type).to eq :follow
-        expect(subject[3].target_status).to be_nil
+        it 'replaces follow' do
+          expect(subject[3].type).to eq :follow
+          expect(subject[3].target_status).to be_nil
+        end

-        # follow_request: nothing
-        expect(subject[4].type).to eq :follow_request
-        expect(subject[4].target_status).to be_nil
+        it 'replaces follow_request' do
+          expect(subject[4].type).to eq :follow_request
+          expect(subject[4].target_status).to be_nil
+        end

-        # favourite
-        expect(subject[5].type).to eq :favourite
-        expect(subject[5].target_status.association(:account)).to be_loaded
-        expect(subject[5].target_status).to eq favourite.status
+        it 'replaces favourite' do
+          expect(subject[5].type).to eq :favourite
+          expect(subject[5].target_status.association(:account)).to be_loaded
+          expect(subject[5].target_status).to eq favourite.status
+        end

-        # poll
-        expect(subject[6].type).to eq :poll
-        expect(subject[6].target_status.association(:account)).to be_loaded
-        expect(subject[6].target_status).to eq poll.status
+        it 'replaces poll' do
+          expect(subject[6].type).to eq :poll
+          expect(subject[6].target_status.association(:account)).to be_loaded
+          expect(subject[6].target_status).to eq poll.status
+        end
      end
    end
  end
--- a/spec/rails_helper.rb
+++ b/spec/rails_helper.rb
@@ -79,6 +79,7 @@ RSpec.configure do |config|

  config.before :each, type: :cli do
    stub_stdout
+    stub_reset_connection_pools
  end

  config.before :each, type: :feature do
@@ -121,9 +122,20 @@ def attachment_fixture(name)
 end

 def stub_stdout
+  # TODO: Is there a bettery way to:
+  # - Avoid CLI command output being printed out
+  # - Allow rspec to assert things against STDOUT
+  # - Avoid disabling stdout for other desirable output (deprecation warnings, for example)
  allow($stdout).to receive(:write)
 end

+def stub_reset_connection_pools
+  # TODO: Is there a better way to correctly run specs without stubbing this?
+  # (Avoids reset_connection_pools! in test env)
+  allow(ActiveRecord::Base).to receive(:establish_connection)
+  allow(RedisConfiguration).to receive(:establish_pool)
+end
+
 def stub_jsonld_contexts!
  stub_request(:get, 'https://www.w3.org/ns/activitystreams').to_return(request_fixture('json-ld.activitystreams.txt'))
  stub_request(:get, 'https://w3id.org/identity/v1').to_return(request_fixture('json-ld.identity.txt'))
--- a/spec/requests/api/v1/accounts_show_spec.rb
+++ b/spec/requests/api/v1/accounts_show_spec.rb
@@ -0,0 +1,53 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+describe 'GET /api/v1/accounts/{account_id}' do
+  it 'returns account entity as 200 OK' do
+    account = Fabricate(:account)
+
+    get "/api/v1/accounts/#{account.id}"
+
+    aggregate_failures do
+      expect(response).to have_http_status(200)
+      expect(body_as_json[:id]).to eq(account.id.to_s)
+    end
+  end
+
+  it 'returns 404 if account not found' do
+    get '/api/v1/accounts/1'
+
+    aggregate_failures do
+      expect(response).to have_http_status(404)
+      expect(body_as_json[:error]).to eq('Record not found')
+    end
+  end
+
+  context 'when with token' do
+    it 'returns account entity as 200 OK if token is valid' do
+      account = Fabricate(:account)
+      user = Fabricate(:user, account: account)
+      token = Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'read:accounts').token
+
+      get "/api/v1/accounts/#{account.id}", headers: { Authorization: "Bearer #{token}" }
+
+      aggregate_failures do
+        expect(response).to have_http_status(200)
+        expect(body_as_json[:id]).to eq(account.id.to_s)
+      end
+    end
+
+    it 'returns 403 if scope of token is invalid' do
+      account = Fabricate(:account)
+      user = Fabricate(:user, account: account)
+      token = Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'write:statuses').token
+
+      get "/api/v1/accounts/#{account.id}", headers: { Authorization: "Bearer #{token}" }
+
+      aggregate_failures do
+        expect(response).to have_http_status(403)
+        expect(body_as_json[:error]).to eq('This action is outside the authorized scopes')
+      end
+    end
+  end
+end
--- a/spec/requests/api/v1/admin/canonical_email_blocks_spec.rb
+++ b/spec/requests/api/v1/admin/canonical_email_blocks_spec.rb
@@ -0,0 +1,305 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+RSpec.describe 'Canonical Email Blocks' do
+  let(:role)    { UserRole.find_by(name: 'Admin') }
+  let(:user)    { Fabricate(:user, role: role) }
+  let(:token)   { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: scopes) }
+  let(:scopes)  { 'admin:read:canonical_email_blocks admin:write:canonical_email_blocks' }
+  let(:headers) { { 'Authorization' => "Bearer #{token.token}" } }
+
+  shared_examples 'forbidden for wrong scope' do |wrong_scope|
+    let(:scopes) { wrong_scope }
+
+    it 'returns http forbidden' do
+      subject
+
+      expect(response).to have_http_status(403)
+    end
+  end
+
+  shared_examples 'forbidden for wrong role' do |wrong_role|
+    let(:role) { UserRole.find_by(name: wrong_role) }
+
+    it 'returns http forbidden' do
+      subject
+
+      expect(response).to have_http_status(403)
+    end
+  end
+
+  describe 'GET /api/v1/admin/canonical_email_blocks' do
+    subject do
+      get '/api/v1/admin/canonical_email_blocks', headers: headers, params: params
+    end
+
+    let(:params) { {} }
+
+    it_behaves_like 'forbidden for wrong scope', 'read:statuses'
+    it_behaves_like 'forbidden for wrong role', ''
+    it_behaves_like 'forbidden for wrong role', 'Moderator'
+
+    it 'returns http success' do
+      subject
+
+      expect(response).to have_http_status(200)
+    end
+
+    context 'when there is no canonical email block' do
+      it 'returns an empty list' do
+        subject
+
+        expect(body_as_json).to be_empty
+      end
+    end
+
+    context 'when there are canonical email blocks' do
+      let!(:canonical_email_blocks) { Fabricate.times(5, :canonical_email_block) }
+      let(:expected_email_hashes)   { canonical_email_blocks.pluck(:canonical_email_hash) }
+
+      it 'returns the correct canonical email hashes' do
+        subject
+
+        expect(body_as_json.pluck(:canonical_email_hash)).to match_array(expected_email_hashes)
+      end
+
+      context 'with limit param' do
+        let(:params) { { limit: 2 } }
+
+        it 'returns only the requested number of canonical email blocks' do
+          subject
+
+          expect(body_as_json.size).to eq(params[:limit])
+        end
+      end
+
+      context 'with since_id param' do
+        let(:params) { { since_id: canonical_email_blocks[1].id } }
+
+        it 'returns only the canonical email blocks after since_id' do
+          subject
+
+          canonical_email_blocks_ids = canonical_email_blocks.pluck(:id).map(&:to_s)
+
+          expect(body_as_json.pluck(:id)).to match_array(canonical_email_blocks_ids[2..])
+        end
+      end
+
+      context 'with max_id param' do
+        let(:params) { { max_id: canonical_email_blocks[3].id } }
+
+        it 'returns only the canonical email blocks before max_id' do
+          subject
+
+          canonical_email_blocks_ids = canonical_email_blocks.pluck(:id).map(&:to_s)
+
+          expect(body_as_json.pluck(:id)).to match_array(canonical_email_blocks_ids[..2])
+        end
+      end
+    end
+  end
+
+  describe 'GET /api/v1/admin/canonical_email_blocks/:id' do
+    subject do
+      get "/api/v1/admin/canonical_email_blocks/#{canonical_email_block.id}", headers: headers
+    end
+
+    let!(:canonical_email_block) { Fabricate(:canonical_email_block) }
+
+    it_behaves_like 'forbidden for wrong scope', 'read:statuses'
+    it_behaves_like 'forbidden for wrong role', ''
+    it_behaves_like 'forbidden for wrong role', 'Moderator'
+
+    context 'when the requested canonical email block exists' do
+      it 'returns http success' do
+        subject
+
+        expect(response).to have_http_status(200)
+      end
+
+      it 'returns the requested canonical email block data correctly' do
+        subject
+
+        json = body_as_json
+
+        expect(json[:id]).to eq(canonical_email_block.id.to_s)
+        expect(json[:canonical_email_hash]).to eq(canonical_email_block.canonical_email_hash)
+      end
+    end
+
+    context 'when the requested canonical block does not exist' do
+      it 'returns http not found' do
+        get '/api/v1/admin/canonical_email_blocks/-1', headers: headers
+
+        expect(response).to have_http_status(404)
+      end
+    end
+  end
+
+  describe 'POST /api/v1/admin/canonical_email_blocks/test' do
+    subject do
+      post '/api/v1/admin/canonical_email_blocks/test', headers: headers, params: params
+    end
+
+    let(:params) { { email: 'email@example.com' } }
+
+    it_behaves_like 'forbidden for wrong scope', 'read:statuses'
+    it_behaves_like 'forbidden for wrong role', ''
+    it_behaves_like 'forbidden for wrong role', 'Moderator'
+
+    context 'when the required email param is not provided' do
+      let(:params) { {} }
+
+      it 'returns http bad request' do
+        subject
+
+        expect(response).to have_http_status(400)
+      end
+    end
+
+    context 'when the required email param is provided' do
+      context 'when there is a matching canonical email block' do
+        let!(:canonical_email_block) { CanonicalEmailBlock.create(params) }
+
+        it 'returns http success' do
+          subject
+
+          expect(response).to have_http_status(200)
+        end
+
+        it 'returns the expected canonical email hash' do
+          subject
+
+          expect(body_as_json[0][:canonical_email_hash]).to eq(canonical_email_block.canonical_email_hash)
+        end
+      end
+
+      context 'when there is no matching canonical email block' do
+        it 'returns http success' do
+          subject
+
+          expect(response).to have_http_status(200)
+        end
+
+        it 'returns an empty list' do
+          subject
+
+          expect(body_as_json).to be_empty
+        end
+      end
+    end
+  end
+
+  describe 'POST /api/v1/admin/canonical_email_blocks' do
+    subject do
+      post '/api/v1/admin/canonical_email_blocks', headers: headers, params: params
+    end
+
+    let(:params)                { { email: 'example@email.com' } }
+    let(:canonical_email_block) { CanonicalEmailBlock.new(email: params[:email]) }
+
+    it_behaves_like 'forbidden for wrong scope', 'read:statuses'
+    it_behaves_like 'forbidden for wrong role', ''
+    it_behaves_like 'forbidden for wrong role', 'Moderator'
+
+    it 'returns http success' do
+      subject
+
+      expect(response).to have_http_status(200)
+    end
+
+    it 'returns the canonical_email_hash correctly' do
+      subject
+
+      expect(body_as_json[:canonical_email_hash]).to eq(canonical_email_block.canonical_email_hash)
+    end
+
+    context 'when the required email param is not provided' do
+      let(:params) { {} }
+
+      it 'returns http unprocessable entity' do
+        subject
+
+        expect(response).to have_http_status(422)
+      end
+    end
+
+    context 'when the canonical_email_hash param is provided instead of email' do
+      let(:params) { { canonical_email_hash: 'dd501ce4e6b08698f19df96f2f15737e48a75660b1fa79b6ff58ea25ee4851a4' } }
+
+      it 'returns http success' do
+        subject
+
+        expect(response).to have_http_status(200)
+      end
+
+      it 'returns the correct canonical_email_hash' do
+        subject
+
+        expect(body_as_json[:canonical_email_hash]).to eq(params[:canonical_email_hash])
+      end
+    end
+
+    context 'when both email and canonical_email_hash params are provided' do
+      let(:params) { { email: 'example@email.com', canonical_email_hash: 'dd501ce4e6b08698f19df96f2f15737e48a75660b1fa79b6ff58ea25ee4851a4' } }
+
+      it 'returns http success' do
+        subject
+
+        expect(response).to have_http_status(200)
+      end
+
+      it 'ignores the canonical_email_hash param' do
+        subject
+
+        expect(body_as_json[:canonical_email_hash]).to eq(canonical_email_block.canonical_email_hash)
+      end
+    end
+
+    context 'when the given canonical email was already blocked' do
+      before do
+        canonical_email_block.save
+      end
+
+      it 'returns http unprocessable entity' do
+        subject
+
+        expect(response).to have_http_status(422)
+      end
+    end
+  end
+
+  describe 'DELETE /api/v1/admin/canonical_email_blocks/:id' do
+    subject do
+      delete "/api/v1/admin/canonical_email_blocks/#{canonical_email_block.id}", headers: headers
+    end
+
+    let!(:canonical_email_block) { Fabricate(:canonical_email_block) }
+
+    it_behaves_like 'forbidden for wrong scope', 'read:statuses'
+
+    it_behaves_like 'forbidden for wrong role', ''
+    it_behaves_like 'forbidden for wrong role', 'Moderator'
+
+    it 'returns http success' do
+      subject
+
+      expect(response).to have_http_status(200)
+    end
+
+    it 'deletes the canonical email block' do
+      subject
+
+      expect(CanonicalEmailBlock.find_by(id: canonical_email_block.id)).to be_nil
+    end
+
+    context 'when the canonical email block is not found' do
+      it 'returns http not found' do
+        delete '/api/v1/admin/canonical_email_blocks/0', headers: headers
+
+        expect(response).to have_http_status(404)
+      end
+    end
+  end
+end
--- a/spec/requests/api/v1/admin/domain_allows_spec.rb
+++ b/spec/requests/api/v1/admin/domain_allows_spec.rb
@@ -0,0 +1,214 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+RSpec.describe 'Domain Allows' do
+  let(:role)    { UserRole.find_by(name: 'Admin') }
+  let(:user)    { Fabricate(:user, role: role) }
+  let(:scopes)  { 'admin:read admin:write' }
+  let(:token)   { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: scopes) }
+  let(:headers) { { 'Authorization' => "Bearer #{token.token}" } }
+
+  shared_examples 'forbidden for wrong scope' do |wrong_scope|
+    let(:scopes) { wrong_scope }
+
+    it 'returns http forbidden' do
+      subject
+
+      expect(response).to have_http_status(403)
+    end
+  end
+
+  shared_examples 'forbidden for wrong role' do |wrong_role|
+    let(:role) { UserRole.find_by(name: wrong_role) }
+
+    it 'returns http forbidden' do
+      subject
+
+      expect(response).to have_http_status(403)
+    end
+  end
+
+  describe 'GET /api/v1/admin/domain_allows' do
+    subject do
+      get '/api/v1/admin/domain_allows', headers: headers, params: params
+    end
+
+    let(:params) { {} }
+
+    it_behaves_like 'forbidden for wrong scope', 'write:statuses'
+    it_behaves_like 'forbidden for wrong role', ''
+    it_behaves_like 'forbidden for wrong role', 'Moderator'
+
+    it 'returns http success' do
+      subject
+
+      expect(response).to have_http_status(200)
+    end
+
+    context 'when there is no allowed domains' do
+      it 'returns an empty body' do
+        subject
+
+        expect(body_as_json).to be_empty
+      end
+    end
+
+    context 'when there are allowed domains' do
+      let!(:domain_allows) { Fabricate.times(5, :domain_allow) }
+      let(:expected_response) do
+        domain_allows.map do |domain_allow|
+          {
+            id: domain_allow.id.to_s,
+            domain: domain_allow.domain,
+            created_at: domain_allow.created_at.strftime('%Y-%m-%dT%H:%M:%S.%LZ'),
+          }
+        end
+      end
+
+      it 'returns the correct allowed domains' do
+        subject
+
+        expect(body_as_json).to match_array(expected_response)
+      end
+
+      context 'with limit param' do
+        let(:params) { { limit: 2 } }
+
+        it 'returns only the requested number of allowed domains' do
+          subject
+
+          expect(body_as_json.size).to eq(params[:limit])
+        end
+      end
+    end
+  end
+
+  describe 'GET /api/v1/admin/domain_allows/:id' do
+    subject do
+      get "/api/v1/admin/domain_allows/#{domain_allow.id}", headers: headers
+    end
+
+    let!(:domain_allow) { Fabricate(:domain_allow) }
+
+    it_behaves_like 'forbidden for wrong scope', 'write:statuses'
+    it_behaves_like 'forbidden for wrong role', ''
+    it_behaves_like 'forbidden for wrong role', 'Moderator'
+
+    it 'returns http success' do
+      subject
+
+      expect(response).to have_http_status(200)
+    end
+
+    it 'returns the expected allowed domain name' do
+      subject
+
+      expect(body_as_json[:domain]).to eq domain_allow.domain
+    end
+
+    context 'when the requested allowed domain does not exist' do
+      it 'returns http not found' do
+        get '/api/v1/admin/domain_allows/-1', headers: headers
+
+        expect(response).to have_http_status(404)
+      end
+    end
+  end
+
+  describe 'POST /api/v1/admin/domain_allows' do
+    subject do
+      post '/api/v1/admin/domain_allows', headers: headers, params: params
+    end
+
+    let(:params) { { domain: 'foo.bar.com' } }
+
+    it_behaves_like 'forbidden for wrong scope', 'write:statuses'
+    it_behaves_like 'forbidden for wrong role', ''
+    it_behaves_like 'forbidden for wrong role', 'Moderator'
+
+    context 'with a valid domain name' do
+      it 'returns http success' do
+        subject
+
+        expect(response).to have_http_status(200)
+      end
+
+      it 'returns the expected domain name' do
+        subject
+
+        expect(body_as_json[:domain]).to eq 'foo.bar.com'
+      end
+
+      it 'creates a domain allow' do
+        subject
+
+        expect(DomainAllow.find_by(domain: 'foo.bar.com')).to be_present
+      end
+    end
+
+    context 'with invalid domain name' do
+      let(:params) { 'foo bar' }
+
+      it 'returns http unprocessable entity' do
+        subject
+
+        expect(response).to have_http_status(422)
+      end
+    end
+
+    context 'when domain name is not specified' do
+      let(:params) { {} }
+
+      it 'returns http unprocessable entity' do
+        subject
+
+        expect(response).to have_http_status(422)
+      end
+    end
+
+    context 'when the domain is already allowed' do
+      before do
+        DomainAllow.create(params)
+      end
+
+      it 'returns the existing allowed domain name' do
+        subject
+
+        expect(body_as_json[:domain]).to eq(params[:domain])
+      end
+    end
+  end
+
+  describe 'DELETE /api/v1/admin/domain_allows/:id' do
+    subject do
+      delete "/api/v1/admin/domain_allows/#{domain_allow.id}", headers: headers
+    end
+
+    let!(:domain_allow) { Fabricate(:domain_allow) }
+
+    it_behaves_like 'forbidden for wrong scope', 'write:statuses'
+    it_behaves_like 'forbidden for wrong role', ''
+    it_behaves_like 'forbidden for wrong role', 'Moderator'
+
+    it 'returns http success' do
+      subject
+
+      expect(response).to have_http_status(200)
+    end
+
+    it 'deletes the allowed domain' do
+      subject
+
+      expect(DomainAllow.find_by(id: domain_allow.id)).to be_nil
+    end
+
+    context 'when the allowed domain does not exist' do
+      it 'returns http not found' do
+        delete '/api/v1/admin/domain_allows/-1', headers: headers
+
+        expect(response).to have_http_status(404)
+      end
+    end
+  end
+end
--- a/spec/requests/api/v1/admin/domain_blocks_spec.rb
+++ b/spec/requests/api/v1/admin/domain_blocks_spec.rb
@@ -0,0 +1,284 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+RSpec.describe 'Domain Blocks' do
+  let(:role)    { UserRole.find_by(name: 'Admin') }
+  let(:user)    { Fabricate(:user, role: role) }
+  let(:scopes)  { 'admin:read:domain_blocks admin:write:domain_blocks' }
+  let(:token)   { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: scopes) }
+  let(:headers) { { 'Authorization' => "Bearer #{token.token}" } }
+
+  shared_examples 'forbidden for wrong scope' do |wrong_scope|
+    let(:scopes) { wrong_scope }
+
+    it 'returns http forbidden' do
+      subject
+
+      expect(response).to have_http_status(403)
+    end
+  end
+
+  shared_examples 'forbidden for wrong role' do |wrong_role|
+    let(:role) { UserRole.find_by(name: wrong_role) }
+
+    it 'returns http forbidden' do
+      subject
+
+      expect(response).to have_http_status(403)
+    end
+  end
+
+  describe 'GET /api/v1/admin/domain_blocks' do
+    subject do
+      get '/api/v1/admin/domain_blocks', headers: headers, params: params
+    end
+
+    let(:params) { {} }
+
+    it_behaves_like 'forbidden for wrong scope', 'write:statuses'
+    it_behaves_like 'forbidden for wrong role', ''
+    it_behaves_like 'forbidden for wrong role', 'Moderator'
+
+    it 'returns http success' do
+      subject
+
+      expect(response).to have_http_status(200)
+    end
+
+    context 'when there are no domain blocks' do
+      it 'returns an empty list' do
+        subject
+
+        expect(body_as_json).to be_empty
+      end
+    end
+
+    context 'when there are domain blocks' do
+      let!(:domain_blocks) do
+        [
+          Fabricate(:domain_block, severity: :silence, reject_media: true),
+          Fabricate(:domain_block, severity: :suspend, obfuscate: true),
+          Fabricate(:domain_block, severity: :noop, reject_reports: true),
+          Fabricate(:domain_block, public_comment: 'Spam'),
+          Fabricate(:domain_block, private_comment: 'Spam'),
+        ]
+      end
+      let(:expected_responde) do
+        domain_blocks.map do |domain_block|
+          {
+            id: domain_block.id.to_s,
+            domain: domain_block.domain,
+            created_at: domain_block.created_at.strftime('%Y-%m-%dT%H:%M:%S.%LZ'),
+            severity: domain_block.severity.to_s,
+            reject_media: domain_block.reject_media,
+            reject_reports: domain_block.reject_reports,
+            private_comment: domain_block.private_comment,
+            public_comment: domain_block.public_comment,
+            obfuscate: domain_block.obfuscate,
+          }
+        end
+      end
+
+      it 'returns the expected domain blocks' do
+        subject
+
+        expect(body_as_json).to match_array(expected_responde)
+      end
+
+      context 'with limit param' do
+        let(:params) { { limit: 2 } }
+
+        it 'returns only the requested number of domain blocks' do
+          subject
+
+          expect(body_as_json.size).to eq(params[:limit])
+        end
+      end
+    end
+  end
+
+  describe 'GET /api/v1/admin/domain_blocks/:id' do
+    subject do
+      get "/api/v1/admin/domain_blocks/#{domain_block.id}", headers: headers
+    end
+
+    let!(:domain_block) { Fabricate(:domain_block) }
+
+    it_behaves_like 'forbidden for wrong scope', 'write:statuses'
+    it_behaves_like 'forbidden for wrong role', ''
+    it_behaves_like 'forbidden for wrong role', 'Moderator'
+
+    it 'returns http success' do
+      subject
+
+      expect(response).to have_http_status(200)
+    end
+
+    it 'returns the expected domain block content' do
+      subject
+
+      expect(body_as_json).to eq(
+        {
+          id: domain_block.id.to_s,
+          domain: domain_block.domain,
+          created_at: domain_block.created_at.strftime('%Y-%m-%dT%H:%M:%S.%LZ'),
+          severity: domain_block.severity.to_s,
+          reject_media: domain_block.reject_media,
+          reject_reports: domain_block.reject_reports,
+          private_comment: domain_block.private_comment,
+          public_comment: domain_block.public_comment,
+          obfuscate: domain_block.obfuscate,
+        }
+      )
+    end
+
+    context 'when the requested domain block does not exist' do
+      it 'returns http not found' do
+        get '/api/v1/admin/domain_blocks/-1', headers: headers
+
+        expect(response).to have_http_status(404)
+      end
+    end
+  end
+
+  describe 'POST /api/v1/admin/domain_blocks' do
+    subject do
+      post '/api/v1/admin/domain_blocks', headers: headers, params: params
+    end
+
+    let(:params) { { domain: 'foo.bar.com', severity: :silence } }
+
+    it_behaves_like 'forbidden for wrong scope', 'write:statuses'
+    it_behaves_like 'forbidden for wrong role', ''
+    it_behaves_like 'forbidden for wrong role', 'Moderator'
+
+    it 'returns http success' do
+      subject
+
+      expect(response).to have_http_status(200)
+    end
+
+    it 'returns expected domain name and severity' do
+      subject
+
+      body = body_as_json
+
+      expect(body).to match a_hash_including(
+        {
+          domain: 'foo.bar.com',
+          severity: 'silence',
+        }
+      )
+    end
+
+    it 'creates a domain block' do
+      subject
+
+      expect(DomainBlock.find_by(domain: 'foo.bar.com')).to be_present
+    end
+
+    context 'when a stricter domain block already exists' do
+      before do
+        Fabricate(:domain_block, domain: 'bar.com', severity: :suspend)
+      end
+
+      it 'returns http unprocessable entity' do
+        subject
+
+        expect(response).to have_http_status(422)
+      end
+
+      it 'returns existing domain block in error' do
+        subject
+
+        expect(body_as_json[:existing_domain_block][:domain]).to eq('bar.com')
+      end
+    end
+
+    context 'when given domain name is invalid' do
+      let(:params) { { domain: 'foo bar', severity: :silence } }
+
+      it 'returns http unprocessable entity' do
+        subject
+
+        expect(response).to have_http_status(422)
+      end
+    end
+  end
+
+  describe 'PUT /api/v1/admin/domain_blocks/:id' do
+    subject do
+      put "/api/v1/admin/domain_blocks/#{domain_block.id}", headers: headers, params: params
+    end
+
+    let!(:domain_block)   { Fabricate(:domain_block, domain: 'example.com', severity: :silence) }
+    let(:params)          { { domain: 'example.com', severity: 'suspend' } }
+
+    it_behaves_like 'forbidden for wrong scope', 'write:statuses'
+    it_behaves_like 'forbidden for wrong role', ''
+    it_behaves_like 'forbidden for wrong role', 'Moderator'
+
+    it 'returns http success' do
+      subject
+
+      expect(response).to have_http_status(200)
+    end
+
+    it 'returns the updated domain block' do
+      subject
+
+      expect(body_as_json).to match a_hash_including(
+        {
+          id: domain_block.id.to_s,
+          domain: domain_block.domain,
+          severity: 'suspend',
+        }
+      )
+    end
+
+    it 'updates the block severity' do
+      expect { subject }.to change { domain_block.reload.severity }.from('silence').to('suspend')
+    end
+
+    context 'when domain block does not exist' do
+      it 'returns http not found' do
+        put '/api/v1/admin/domain_blocks/-1', headers: headers
+
+        expect(response).to have_http_status(404)
+      end
+    end
+  end
+
+  describe 'DELETE /api/v1/admin/domain_blocks/:id' do
+    subject do
+      delete "/api/v1/admin/domain_blocks/#{domain_block.id}", headers: headers
+    end
+
+    let!(:domain_block) { Fabricate(:domain_block) }
+
+    it_behaves_like 'forbidden for wrong scope', 'write:statuses'
+    it_behaves_like 'forbidden for wrong role', ''
+    it_behaves_like 'forbidden for wrong role', 'Moderator'
+
+    it 'returns http success' do
+      subject
+
+      expect(response).to have_http_status(200)
+    end
+
+    it 'deletes the domain block' do
+      subject
+
+      expect(DomainBlock.find_by(id: domain_block.id)).to be_nil
+    end
+
+    context 'when domain block does not exist' do
+      it 'returns http not found' do
+        delete '/api/v1/admin/domain_blocks/-1', headers: headers
+
+        expect(response).to have_http_status(404)
+      end
+    end
+  end
+end
--- a/spec/requests/api/v1/admin/ip_blocks_spec.rb
+++ b/spec/requests/api/v1/admin/ip_blocks_spec.rb
@@ -0,0 +1,275 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+RSpec.describe 'IP Blocks' do
+  let(:role)    { UserRole.find_by(name: 'Admin') }
+  let(:user)    { Fabricate(:user, role: role) }
+  let(:token)   { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: scopes) }
+  let(:scopes)  { 'admin:read:ip_blocks admin:write:ip_blocks' }
+  let(:headers) { { 'Authorization' => "Bearer #{token.token}" } }
+
+  shared_examples 'forbidden for wrong scope' do |wrong_scope|
+    let(:scopes) { wrong_scope }
+
+    it 'returns http forbidden' do
+      subject
+
+      expect(response).to have_http_status(403)
+    end
+  end
+
+  shared_examples 'forbidden for wrong role' do |wrong_role|
+    let(:role) { UserRole.find_by(name: wrong_role) }
+
+    it 'returns http forbidden' do
+      subject
+
+      expect(response).to have_http_status(403)
+    end
+  end
+
+  describe 'GET /api/v1/admin/ip_blocks' do
+    subject do
+      get '/api/v1/admin/ip_blocks', headers: headers, params: params
+    end
+
+    let(:params) { {} }
+
+    it_behaves_like 'forbidden for wrong scope', 'admin:write:ip_blocks'
+    it_behaves_like 'forbidden for wrong role', ''
+    it_behaves_like 'forbidden for wrong role', 'Moderator'
+
+    it 'returns http success' do
+      subject
+
+      expect(response).to have_http_status(200)
+    end
+
+    context 'when there is no ip block' do
+      it 'returns an empty body' do
+        subject
+
+        expect(body_as_json).to be_empty
+      end
+    end
+
+    context 'when there are ip blocks' do
+      let!(:ip_blocks) do
+        [
+          IpBlock.create(ip: '192.0.2.0/24', severity: :no_access),
+          IpBlock.create(ip: '172.16.0.1', severity: :sign_up_requires_approval, comment: 'Spam'),
+          IpBlock.create(ip: '2001:0db8::/32', severity: :sign_up_block, expires_in: 10.days),
+        ]
+      end
+      let(:expected_response) do
+        ip_blocks.map do |ip_block|
+          {
+            id: ip_block.id.to_s,
+            ip: ip_block.ip,
+            severity: ip_block.severity.to_s,
+            comment: ip_block.comment,
+            created_at: ip_block.created_at.strftime('%Y-%m-%dT%H:%M:%S.%LZ'),
+            expires_at: ip_block.expires_at&.strftime('%Y-%m-%dT%H:%M:%S.%LZ'),
+          }
+        end
+      end
+
+      it 'returns the correct blocked ips' do
+        subject
+
+        expect(body_as_json).to match_array(expected_response)
+      end
+
+      context 'with limit param' do
+        let(:params) { { limit: 2 } }
+
+        it 'returns only the requested number of ip blocks' do
+          subject
+
+          expect(body_as_json.size).to eq(params[:limit])
+        end
+      end
+    end
+  end
+
+  describe 'GET /api/v1/admin/ip_blocks/:id' do
+    subject do
+      get "/api/v1/admin/ip_blocks/#{ip_block.id}", headers: headers
+    end
+
+    let!(:ip_block) { IpBlock.create(ip: '192.0.2.0/24', severity: :no_access) }
+
+    it_behaves_like 'forbidden for wrong scope', 'admin:write:ip_blocks'
+    it_behaves_like 'forbidden for wrong role', ''
+    it_behaves_like 'forbidden for wrong role', 'Moderator'
+
+    it 'returns http success' do
+      subject
+
+      expect(response).to have_http_status(200)
+    end
+
+    it 'returns the correct ip block' do
+      subject
+
+      json = body_as_json
+
+      expect(json[:ip]).to eq("#{ip_block.ip}/#{ip_block.ip.prefix}")
+      expect(json[:severity]).to eq(ip_block.severity.to_s)
+    end
+
+    context 'when ip block does not exist' do
+      it 'returns http not found' do
+        get '/api/v1/admin/ip_blocks/-1', headers: headers
+
+        expect(response).to have_http_status(404)
+      end
+    end
+  end
+
+  describe 'POST /api/v1/admin/ip_blocks' do
+    subject do
+      post '/api/v1/admin/ip_blocks', headers: headers, params: params
+    end
+
+    let(:params) { { ip: '151.0.32.55', severity: 'no_access', comment: 'Spam' } }
+
+    it_behaves_like 'forbidden for wrong scope', 'admin:read:ip_blocks'
+    it_behaves_like 'forbidden for wrong role', ''
+    it_behaves_like 'forbidden for wrong role', 'Moderator'
+
+    it 'returns http success' do
+      subject
+
+      expect(response).to have_http_status(200)
+    end
+
+    it 'returns the correct ip block' do
+      subject
+
+      json = body_as_json
+
+      expect(json[:ip]).to eq("#{params[:ip]}/32")
+      expect(json[:severity]).to eq(params[:severity])
+      expect(json[:comment]).to eq(params[:comment])
+    end
+
+    context 'when the required ip param is not provided' do
+      let(:params) { { ip: '', severity: 'no_access' } }
+
+      it 'returns http unprocessable entity' do
+        subject
+
+        expect(response).to have_http_status(422)
+      end
+    end
+
+    context 'when the required severity param is not provided' do
+      let(:params) { { ip: '173.65.23.1', severity: '' } }
+
+      it 'returns http unprocessable entity' do
+        subject
+
+        expect(response).to have_http_status(422)
+      end
+    end
+
+    context 'when the given ip address is already blocked' do
+      before do
+        IpBlock.create(params)
+      end
+
+      it 'returns http unprocessable entity' do
+        subject
+
+        expect(response).to have_http_status(422)
+      end
+    end
+
+    context 'when the given ip address is invalid' do
+      let(:params) { { ip: '520.13.54.120', severity: 'no_access' } }
+
+      it 'returns http unprocessable entity' do
+        subject
+
+        expect(response).to have_http_status(422)
+      end
+    end
+  end
+
+  describe 'PUT /api/v1/admin/ip_blocks/:id' do
+    subject do
+      put "/api/v1/admin/ip_blocks/#{ip_block.id}", headers: headers, params: params
+    end
+
+    let!(:ip_block) { IpBlock.create(ip: '185.200.13.3', severity: 'no_access', comment: 'Spam', expires_in: 48.hours) }
+    let(:params)    { { severity: 'sign_up_requires_approval', comment: 'Decreasing severity' } }
+
+    it 'returns http success' do
+      subject
+
+      expect(response).to have_http_status(200)
+    end
+
+    it 'returns the correct ip block' do
+      subject
+
+      expect(body_as_json).to match(hash_including({
+        ip: "#{ip_block.ip}/#{ip_block.ip.prefix}",
+        severity: 'sign_up_requires_approval',
+        comment: 'Decreasing severity',
+      }))
+    end
+
+    it 'updates the severity correctly' do
+      expect { subject }.to change { ip_block.reload.severity }.from('no_access').to('sign_up_requires_approval')
+    end
+
+    it 'updates the comment correctly' do
+      expect { subject }.to change { ip_block.reload.comment }.from('Spam').to('Decreasing severity')
+    end
+
+    context 'when ip block does not exist' do
+      it 'returns http not found' do
+        put '/api/v1/admin/ip_blocks/-1', headers: headers, params: params
+
+        expect(response).to have_http_status(404)
+      end
+    end
+  end
+
+  describe 'DELETE /api/v1/admin/ip_blocks/:id' do
+    subject do
+      delete "/api/v1/admin/ip_blocks/#{ip_block.id}", headers: headers
+    end
+
+    let!(:ip_block) { IpBlock.create(ip: '185.200.13.3', severity: 'no_access') }
+
+    it 'returns http success' do
+      subject
+
+      expect(response).to have_http_status(200)
+    end
+
+    it 'returns an empty body' do
+      subject
+
+      expect(body_as_json).to be_empty
+    end
+
+    it 'deletes the ip block' do
+      subject
+
+      expect(IpBlock.find_by(id: ip_block.id)).to be_nil
+    end
+
+    context 'when ip block does not exist' do
+      it 'returns http not found' do
+        delete '/api/v1/admin/ip_blocks/-1', headers: headers
+
+        expect(response).to have_http_status(404)
+      end
+    end
+  end
+end
--- a/spec/requests/api/v1/admin/reports_spec.rb
+++ b/spec/requests/api/v1/admin/reports_spec.rb
@@ -0,0 +1,292 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+RSpec.describe 'Reports' do
+  let(:role)    { UserRole.find_by(name: 'Admin') }
+  let(:user)    { Fabricate(:user, role: role) }
+  let(:scopes)  { 'admin:read:reports admin:write:reports' }
+  let(:token)   { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: scopes) }
+  let(:headers) { { 'Authorization' => "Bearer #{token.token}" } }
+
+  shared_examples 'forbidden for wrong scope' do |wrong_scope|
+    let(:scopes) { wrong_scope }
+
+    it 'returns http forbidden' do
+      subject
+
+      expect(response).to have_http_status(403)
+    end
+  end
+
+  shared_examples 'forbidden for wrong role' do |wrong_role|
+    let(:role) { UserRole.find_by(name: wrong_role) }
+
+    it 'returns http forbidden' do
+      subject
+
+      expect(response).to have_http_status(403)
+    end
+  end
+
+  describe 'GET /api/v1/admin/reports' do
+    subject do
+      get '/api/v1/admin/reports', headers: headers, params: params
+    end
+
+    let(:params) { {} }
+
+    it_behaves_like 'forbidden for wrong scope', 'write:statuses'
+    it_behaves_like 'forbidden for wrong role', ''
+
+    it 'returns http success' do
+      subject
+
+      expect(response).to have_http_status(200)
+    end
+
+    context 'when there are no reports' do
+      it 'returns an empty list' do
+        subject
+
+        expect(body_as_json).to be_empty
+      end
+    end
+
+    context 'when there are reports' do
+      let!(:reporter) { Fabricate(:account) }
+      let!(:spammer)  { Fabricate(:account) }
+      let(:expected_response) do
+        scope.map do |report|
+          hash_including({
+            id: report.id.to_s,
+            action_taken: report.action_taken?,
+            category: report.category,
+            comment: report.comment,
+            account: hash_including(id: report.account.id.to_s),
+            target_account: hash_including(id: report.target_account.id.to_s),
+            statuses: report.statuses,
+            rules: report.rules,
+            forwarded: report.forwarded,
+          })
+        end
+      end
+      let(:scope) { Report.unresolved }
+
+      before do
+        Fabricate(:report)
+        Fabricate(:report, target_account: spammer)
+        Fabricate(:report, account: reporter, target_account: spammer)
+        Fabricate(:report, action_taken_at: 4.days.ago, account: reporter)
+        Fabricate(:report, action_taken_at: 20.days.ago)
+      end
+
+      it 'returns all unresolved reports' do
+        subject
+
+        expect(body_as_json).to match_array(expected_response)
+      end
+
+      context 'with resolved param' do
+        let(:params) { { resolved: true } }
+        let(:scope)  { Report.resolved }
+
+        it 'returns only the resolved reports' do
+          subject
+
+          expect(body_as_json).to match_array(expected_response)
+        end
+      end
+
+      context 'with account_id param' do
+        let(:params) { { account_id: reporter.id } }
+        let(:scope)  { Report.unresolved.where(account: reporter) }
+
+        it 'returns all unresolved reports filed by the specified account' do
+          subject
+
+          expect(body_as_json).to match_array(expected_response)
+        end
+      end
+
+      context 'with target_account_id param' do
+        let(:params) { { target_account_id: spammer.id } }
+        let(:scope)  { Report.unresolved.where(target_account: spammer) }
+
+        it 'returns all unresolved reports targeting the specified account' do
+          subject
+
+          expect(body_as_json).to match_array(expected_response)
+        end
+      end
+
+      context 'with limit param' do
+        let(:params) { { limit: 1 } }
+
+        it 'returns only the requested number of reports' do
+          subject
+
+          expect(body_as_json.size).to eq(1)
+        end
+      end
+    end
+  end
+
+  describe 'GET /api/v1/admin/reports/:id' do
+    subject do
+      get "/api/v1/admin/reports/#{report.id}", headers: headers
+    end
+
+    let(:report) { Fabricate(:report) }
+
+    it_behaves_like 'forbidden for wrong scope', 'write:statuses'
+    it_behaves_like 'forbidden for wrong role', ''
+
+    it 'returns http success' do
+      subject
+
+      expect(response).to have_http_status(200)
+    end
+
+    it 'returns the requested report content' do
+      subject
+
+      expect(body_as_json).to include(
+        {
+          id: report.id.to_s,
+          action_taken: report.action_taken?,
+          category: report.category,
+          comment: report.comment,
+          account: a_hash_including(id: report.account.id.to_s),
+          target_account: a_hash_including(id: report.target_account.id.to_s),
+          statuses: report.statuses,
+          rules: report.rules,
+          forwarded: report.forwarded,
+        }
+      )
+    end
+  end
+
+  describe 'PUT /api/v1/admin/reports/:id' do
+    subject do
+      put "/api/v1/admin/reports/#{report.id}", headers: headers, params: params
+    end
+
+    let!(:report) { Fabricate(:report, category: :other) }
+    let(:params)  { { category: 'spam' } }
+
+    it 'returns http success' do
+      subject
+
+      expect(response).to have_http_status(200)
+    end
+
+    it 'updates the report category' do
+      expect { subject }.to change { report.reload.category }.from('other').to('spam')
+    end
+
+    it 'returns the updated report content' do
+      subject
+
+      report.reload
+
+      expect(body_as_json).to include(
+        {
+          id: report.id.to_s,
+          action_taken: report.action_taken?,
+          category: report.category,
+          comment: report.comment,
+          account: a_hash_including(id: report.account.id.to_s),
+          target_account: a_hash_including(id: report.target_account.id.to_s),
+          statuses: report.statuses,
+          rules: report.rules,
+          forwarded: report.forwarded,
+        }
+      )
+    end
+  end
+
+  describe 'POST #resolve' do
+    subject do
+      post "/api/v1/admin/reports/#{report.id}/resolve", headers: headers
+    end
+
+    let(:report) { Fabricate(:report, action_taken_at: nil) }
+
+    it_behaves_like 'forbidden for wrong scope', 'write:statuses'
+    it_behaves_like 'forbidden for wrong role', ''
+
+    it 'returns http success' do
+      subject
+
+      expect(response).to have_http_status(200)
+    end
+
+    it 'marks report as resolved' do
+      expect { subject }.to change { report.reload.unresolved? }.from(true).to(false)
+    end
+  end
+
+  describe 'POST #reopen' do
+    subject do
+      post "/api/v1/admin/reports/#{report.id}/reopen", headers: headers
+    end
+
+    let(:report) { Fabricate(:report, action_taken_at: 10.days.ago) }
+
+    it_behaves_like 'forbidden for wrong scope', 'write:statuses'
+    it_behaves_like 'forbidden for wrong role', ''
+
+    it 'returns http success' do
+      subject
+
+      expect(response).to have_http_status(200)
+    end
+
+    it 'marks report as unresolved' do
+      expect { subject }.to change { report.reload.unresolved? }.from(false).to(true)
+    end
+  end
+
+  describe 'POST #assign_to_self' do
+    subject do
+      post "/api/v1/admin/reports/#{report.id}/assign_to_self", headers: headers
+    end
+
+    let(:report) { Fabricate(:report) }
+
+    it_behaves_like 'forbidden for wrong scope', 'write:statuses'
+    it_behaves_like 'forbidden for wrong role', ''
+
+    it 'returns http success' do
+      subject
+
+      expect(response).to have_http_status(200)
+    end
+
+    it 'assigns report to the requesting user' do
+      expect { subject }.to change { report.reload.assigned_account_id }.from(nil).to(user.account.id)
+    end
+  end
+
+  describe 'POST #unassign' do
+    subject do
+      post "/api/v1/admin/reports/#{report.id}/unassign", headers: headers
+    end
+
+    let(:report) { Fabricate(:report, assigned_account_id: user.account.id) }
+
+    it_behaves_like 'forbidden for wrong scope', 'write:statuses'
+    it_behaves_like 'forbidden for wrong role', ''
+
+    it 'returns http success' do
+      subject
+
+      expect(response).to have_http_status(200)
+    end
+
+    it 'unassigns report from assignee' do
+      expect { subject }.to change { report.reload.assigned_account_id }.from(user.account.id).to(nil)
+    end
+  end
+end
--- a/spec/services/translate_status_service_spec.rb
+++ b/spec/services/translate_status_service_spec.rb
@@ -152,22 +152,31 @@ RSpec.describe TranslateStatusService, type: :service do
    describe 'status has poll' do
      let(:poll) { Fabricate(:poll, options: %w(Blue Green)) }

-      it 'returns formatted poll options' do
-        source_texts = service.send(:source_texts)
-        expect(source_texts.size).to eq 3
-        expect(source_texts.values).to eq %w(<p>Hello</p> Blue Green)
+      context 'with source texts from the service' do
+        let!(:source_texts) { service.send(:source_texts) }

-        expect(source_texts.keys.first).to eq :content
+        it 'returns formatted poll options' do
+          expect(source_texts.size).to eq 3
+          expect(source_texts.values).to eq %w(<p>Hello</p> Blue Green)
+        end

-        option1 = source_texts.keys.second
-        expect(option1).to be_a Poll::Option
-        expect(option1.id).to eq '0'
-        expect(option1.title).to eq 'Blue'
+        it 'has a first key with content' do
+          expect(source_texts.keys.first).to eq :content
+        end

-        option2 = source_texts.keys.third
-        expect(option2).to be_a Poll::Option
-        expect(option2.id).to eq '1'
-        expect(option2.title).to eq 'Green'
+        it 'has the first option in the second key with correct options' do
+          option1 = source_texts.keys.second
+          expect(option1).to be_a Poll::Option
+          expect(option1.id).to eq '0'
+          expect(option1.title).to eq 'Blue'
+        end
+
+        it 'has the second option in the third key with correct options' do
+          option2 = source_texts.keys.third
+          expect(option2).to be_a Poll::Option
+          expect(option2.id).to eq '1'
+          expect(option2.title).to eq 'Green'
+        end
      end
    end

--- a/spec/support/examples/lib/settings/scoped_settings.rb
+++ b/spec/support/examples/lib/settings/scoped_settings.rb
@@ -1,74 +0,0 @@
-# frozen_string_literal: true
-
-shared_examples 'ScopedSettings' do
-  describe '[]' do
-    it 'inherits default settings' do
-      expect(Setting.boost_modal).to be false
-      expect(Setting.interactions['must_be_follower']).to be false
-
-      settings = create!
-
-      expect(settings['boost_modal']).to be false
-      expect(settings['interactions']['must_be_follower']).to be false
-    end
-  end
-
-  describe 'all_as_records' do
-    # expecting [] and []= works
-
-    it 'returns records merged with default values except hashes' do
-      expect(Setting.boost_modal).to be false
-      expect(Setting.delete_modal).to be true
-
-      settings = create!
-      settings['boost_modal'] = true
-
-      records = settings.all_as_records
-
-      expect(records['boost_modal'].value).to be true
-      expect(records['delete_modal'].value).to be true
-    end
-  end
-
-  describe 'missing methods' do
-    # expecting [] and []= works.
-
-    it 'reads settings' do
-      expect(Setting.boost_modal).to be false
-      settings = create!
-      expect(settings.boost_modal).to be false
-    end
-
-    it 'updates settings' do
-      settings = fabricate
-      settings.boost_modal = true
-      expect(settings['boost_modal']).to be true
-    end
-  end
-
-  it 'can update settings with [] and can read with []=' do
-    settings = fabricate
-
-    settings['boost_modal'] = true
-    settings['interactions'] = settings['interactions'].merge('must_be_follower' => true)
-
-    Setting.save!
-
-    expect(settings['boost_modal']).to be true
-    expect(settings['interactions']['must_be_follower']).to be true
-
-    Rails.cache.clear
-
-    expect(settings['boost_modal']).to be true
-    expect(settings['interactions']['must_be_follower']).to be true
-  end
-
-  xit 'does not mutate defaults via the cache' do
-    fabricate['interactions']['must_be_follower'] = true
-    # TODO
-    # This mutates the global settings default such that future
-    # instances will inherit the incorrect starting values
-
-    expect(fabricate.settings['interactions']['must_be_follower']).to be false
-  end
-end
--- a/spec/support/examples/lib/settings/settings_extended.rb
+++ b/spec/support/examples/lib/settings/settings_extended.rb
@@ -1,15 +0,0 @@
-# frozen_string_literal: true
-
-shared_examples 'Settings-extended' do
-  describe 'settings' do
-    def fabricate
-      super.settings
-    end
-
-    def create!
-      super.settings
-    end
-
-    it_behaves_like 'ScopedSettings'
-  end
-end
--- a/spec/support/examples/models/concerns/account_avatar.rb
+++ b/spec/support/examples/models/concerns/account_avatar.rb
@@ -1,7 +1,7 @@
 # frozen_string_literal: true

 shared_examples 'AccountAvatar' do |fabricator|
-  describe 'static avatars' do
+  describe 'static avatars', paperclip_processing: true do
    describe 'when GIF' do
      it 'creates a png static style' do
        account = Fabricate(fabricator, avatar: attachment_fixture('avatar.gif'))