Merge remote-tracking branch 'parent/main' into upstream-20241101

2024-11-01 08:04:03 +09:00 · 2024-11-01 08:04:03 +09:00 · 1c1f76697b
commit 1c1f76697b
parent 9c71b791e1 b06fd54c30
200 changed files with 1931 additions and 741 deletions
--- a/spec/controllers/admin/confirmations_controller_spec.rb
+++ b/spec/controllers/admin/confirmations_controller_spec.rb
@ -11,7 +11,7 @@ RSpec.describe Admin::ConfirmationsController do

  describe 'POST #create' do
    it 'confirms the user' do
-      user = Fabricate(:user, confirmed_at: false)
+      user = Fabricate(:user, confirmed_at: nil)
      post :create, params: { account_id: user.account.id }

      expect(response).to redirect_to(admin_accounts_path)
--- a/spec/controllers/auth/registrations_controller_spec.rb
+++ b/spec/controllers/auth/registrations_controller_spec.rb
@ -233,17 +233,7 @@ RSpec.describe Auth::RegistrationsController do
        Setting.registrations_mode = 'open'
        Fabricate(:email_domain_block, allow_with_approval: true, domain: 'mail.example.com')
        allow(User).to receive(:skip_mx_check?).and_return(false)
-
-        resolver = instance_double(Resolv::DNS, :timeouts= => nil)
-
-        allow(resolver).to receive(:getresources)
-          .with('example.com', Resolv::DNS::Resource::IN::MX)
-          .and_return([instance_double(Resolv::DNS::Resource::MX, exchange: 'mail.example.com')])
-        allow(resolver).to receive(:getresources).with('example.com', Resolv::DNS::Resource::IN::A).and_return([])
-        allow(resolver).to receive(:getresources).with('example.com', Resolv::DNS::Resource::IN::AAAA).and_return([])
-        allow(resolver).to receive(:getresources).with('mail.example.com', Resolv::DNS::Resource::IN::A).and_return([instance_double(Resolv::DNS::Resource::IN::A, address: '2.3.4.5')])
-        allow(resolver).to receive(:getresources).with('mail.example.com', Resolv::DNS::Resource::IN::AAAA).and_return([instance_double(Resolv::DNS::Resource::IN::AAAA, address: 'fd00::2')])
-        allow(Resolv::DNS).to receive(:open).and_yield(resolver)
+        configure_mx(domain: 'example.com', exchange: 'mail.example.com')
      end

      it 'creates unapproved user and redirects to setup' do
--- a/spec/fabricators/preview_card_trend_fabricator.rb
+++ b/spec/fabricators/preview_card_trend_fabricator.rb
@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+Fabricator(:preview_card_trend) do
+  preview_card
+end
--- a/spec/fabricators/status_trend_fabricator.rb
+++ b/spec/fabricators/status_trend_fabricator.rb
@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+Fabricator(:status_trend) do
+  status
+  account
+end
--- a/spec/fabricators/tombstone_fabricator.rb
+++ b/spec/fabricators/tombstone_fabricator.rb
@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+Fabricator(:tombstone) do
+  account
+  uri { sequence(:uri) { |i| "https://host.example/value/#{i}" } }
+end
--- a/spec/lib/activitypub/activity/create_spec.rb
+++ b/spec/lib/activitypub/activity/create_spec.rb
@ -2321,6 +2321,32 @@ RSpec.describe ActivityPub::Activity::Create do
          end
        end
      end
+
+      context 'with counts' do
+        let(:object_json) do
+          {
+            id: [ActivityPub::TagManager.instance.uri_for(sender), '#bar'].join,
+            type: 'Note',
+            content: 'Lorem ipsum',
+            likes: {
+              id: [ActivityPub::TagManager.instance.uri_for(sender), '#bar', '/likes'].join,
+              type: 'Collection',
+              totalItems: 50,
+            },
+            shares: {
+              id: [ActivityPub::TagManager.instance.uri_for(sender), '#bar', '/shares'].join,
+              type: 'Collection',
+              totalItems: 100,
+            },
+          }
+        end
+
+        it 'uses the counts from the created object' do
+          status = sender.statuses.first
+          expect(status.untrusted_favourites_count).to eq 50
+          expect(status.untrusted_reblogs_count).to eq 100
+        end
+      end
    end

    context 'when object URI uses bearcaps' do
--- a/spec/lib/activitypub/activity/update_spec.rb
+++ b/spec/lib/activitypub/activity/update_spec.rb
@ -177,5 +177,69 @@ RSpec.describe ActivityPub::Activity::Update do
        }))).to have_been_made.once
      end
    end
+
+    context 'with a Note object' do
+      let(:updated) { nil }
+      let(:favourites) { 50 }
+      let(:reblogs) { 100 }
+
+      let!(:status) { Fabricate(:status, uri: 'https://example.com/statuses/poll', account: sender) }
+      let(:json) do
+        {
+          '@context': 'https://www.w3.org/ns/activitystreams',
+          id: 'foo',
+          type: 'Update',
+          actor: sender.uri,
+          object: {
+            type: 'Note',
+            id: status.uri,
+            content: 'Foo',
+            updated: updated,
+            likes: {
+              id: "#{status.uri}/likes",
+              type: 'Collection',
+              totalItems: favourites,
+            },
+            shares: {
+              id: "#{status.uri}/shares",
+              type: 'Collection',
+              totalItems: reblogs,
+            },
+          },
+        }.with_indifferent_access
+      end
+
+      shared_examples 'updates counts' do
+        it 'updates the reblog count' do
+          expect(status.untrusted_reblogs_count).to eq reblogs
+        end
+
+        it 'updates the favourites count' do
+          expect(status.untrusted_favourites_count).to eq favourites
+        end
+      end
+
+      context 'with an implicit update' do
+        before do
+          status.update!(uri: ActivityPub::TagManager.instance.uri_for(status))
+          subject.perform
+        end
+
+        it_behaves_like 'updates counts'
+      end
+
+      context 'with an explicit update' do
+        let(:favourites) { 150 }
+        let(:reblogs) { 200 }
+        let(:updated) { Time.now.utc.iso8601 }
+
+        before do
+          status.update!(uri: ActivityPub::TagManager.instance.uri_for(status))
+          subject.perform
+        end
+
+        it_behaves_like 'updates counts'
+      end
+    end
  end
 end
--- a/spec/lib/annual_report/commonly_interacted_with_accounts_spec.rb
+++ b/spec/lib/annual_report/commonly_interacted_with_accounts_spec.rb
@ -32,7 +32,7 @@ RSpec.describe AnnualReport::CommonlyInteractedWithAccounts do
        expect(subject.generate)
          .to include(
            commonly_interacted_with_accounts: contain_exactly(
-              include(account_id: other_account.id, count: 2)
+              include(account_id: other_account.id.to_s, count: 2)
            )
          )
      end
--- a/spec/lib/annual_report/most_reblogged_accounts_spec.rb
+++ b/spec/lib/annual_report/most_reblogged_accounts_spec.rb
@ -32,7 +32,7 @@ RSpec.describe AnnualReport::MostRebloggedAccounts do
        expect(subject.generate)
          .to include(
            most_reblogged_accounts: contain_exactly(
-              include(account_id: other_account.id, count: 2)
+              include(account_id: other_account.id.to_s, count: 2)
            )
          )
      end
--- a/spec/lib/annual_report/top_statuses_spec.rb
+++ b/spec/lib/annual_report/top_statuses_spec.rb
@ -39,9 +39,9 @@ RSpec.describe AnnualReport::TopStatuses do
        expect(subject.generate)
          .to include(
            top_statuses: include(
-              by_reblogs: reblogged_status.id,
-              by_favourites: favourited_status.id,
-              by_replies: replied_status.id
+              by_reblogs: reblogged_status.id.to_s,
+              by_favourites: favourited_status.id.to_s,
+              by_replies: replied_status.id.to_s
            )
          )
      end
--- a/spec/models/preview_card_trend_spec.rb
+++ b/spec/models/preview_card_trend_spec.rb
@ -0,0 +1,22 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+RSpec.describe PreviewCardTrend do
+  describe 'Associations' do
+    it { is_expected.to belong_to(:preview_card).required }
+  end
+
+  describe '.locales' do
+    before do
+      Fabricate :preview_card_trend, language: 'en'
+      Fabricate :preview_card_trend, language: 'en'
+      Fabricate :preview_card_trend, language: 'es'
+    end
+
+    it 'returns unique set of languages' do
+      expect(described_class.locales)
+        .to eq(['en', 'es'])
+    end
+  end
+end
--- a/spec/models/status_pin_spec.rb
+++ b/spec/models/status_pin_spec.rb
@ -3,70 +3,100 @@
 require 'rails_helper'

 RSpec.describe StatusPin do
-  describe 'validations' do
-    it 'allows pins of own statuses' do
-      account = Fabricate(:account)
-      status  = Fabricate(:status, account: account)
+  describe 'Validations' do
+    subject { Fabricate.build :status_pin }

-      expect(described_class.new(account: account, status: status).save).to be true
-    end
+    context 'with an account pinning statuses' do
+      subject { Fabricate.build :status_pin, account: account }

-    it 'does not allow pins of statuses by someone else' do
-      account = Fabricate(:account)
-      status  = Fabricate(:status)
+      let(:account) { Fabricate(:account) }

-      expect(described_class.new(account: account, status: status).save).to be false
-    end
+      context 'with a self-owned status' do
+        let(:status) { Fabricate(:status, account: account) }

-    it 'does not allow pins of reblogs' do
-      account = Fabricate(:account)
-      status  = Fabricate(:status, account: account)
-      reblog  = Fabricate(:status, reblog: status)
-
-      expect(described_class.new(account: account, status: reblog).save).to be false
-    end
-
-    it 'does allow pins of direct statuses' do
-      account = Fabricate(:account)
-      status  = Fabricate(:status, account: account, visibility: :private)
-
-      expect(described_class.new(account: account, status: status).save).to be true
-    end
-
-    it 'does not allow pins of direct statuses' do
-      account = Fabricate(:account)
-      status  = Fabricate(:status, account: account, visibility: :direct)
-
-      expect(described_class.new(account: account, status: status).save).to be false
-    end
-
-    context 'with a pin limit' do
-      before { stub_const('StatusPinValidator::PIN_LIMIT', 2) }
-
-      it 'does not allow pins above the max' do
-        account = Fabricate(:account)
-
-        Fabricate.times(StatusPinValidator::PIN_LIMIT, :status_pin, account: account)
-
-        pin = described_class.new(account: account, status: Fabricate(:status, account: account))
-        expect(pin.save)
-          .to be(false)
-
-        expect(pin.errors[:base])
-          .to contain_exactly(I18n.t('statuses.pin_errors.limit'))
+        it { is_expected.to allow_value(status).for(:status) }
      end

-      it 'allows pins above the max for remote accounts' do
-        account = Fabricate(:account, domain: 'remote.test', username: 'bob', url: 'https://remote.test/')
+      context 'with a status from someone else' do
+        let(:status) { Fabricate(:status) }

-        Fabricate.times(StatusPinValidator::PIN_LIMIT, :status_pin, account: account)
+        it { is_expected.to_not allow_value(status).for(:status).against(:base) }
+      end

-        pin = described_class.new(account: account, status: Fabricate(:status, account: account))
-        expect(pin.save)
-          .to be(true)
+      context 'with a reblog status' do
+        let(:status) { Fabricate(:status, reblog: Fabricate(:status, account: account)) }

-        expect(pin.errors[:base])
-          .to be_empty
+        it { is_expected.to_not allow_value(status).for(:status).against(:base) }
+      end
+
+      context 'with a private status' do
+        let(:status) { Fabricate(:status, account: account, visibility: :private) }
+
+        it { is_expected.to allow_value(status).for(:status).against(:base) }
+      end
+
+      context 'with a direct status' do
+        let(:status) { Fabricate(:status, account: account, visibility: :direct) }
+
+        it { is_expected.to_not allow_value(status).for(:status).against(:base) }
+      end
+    end
+
+    context 'with a validator pin limit' do
+      before { stub_const('StatusPinValidator::PIN_LIMIT', 2) }
+
+      context 'with a local account at the limit' do
+        let(:account) { Fabricate :account }
+
+        before { Fabricate.times(StatusPinValidator::PIN_LIMIT, :status_pin, account: account) }
+
+        it { is_expected.to_not allow_value(account).for(:account).against(:base).with_message(I18n.t('statuses.pin_errors.limit')) }
+      end
+
+      context 'with a remote account at the limit' do
+        let(:account) { Fabricate :account, domain: 'remote.test' }
+
+        before { Fabricate.times(StatusPinValidator::PIN_LIMIT, :status_pin, account: account) }
+
+        it { is_expected.to allow_value(account).for(:account) }
+      end
+    end
+  end
+
+  describe 'Callbacks' do
+    describe 'Invalidating status via policy' do
+      subject { Fabricate :status_pin, status: Fabricate(:status, account: account), account: account }
+
+      context 'with a local account that owns the status and has a policy' do
+        let(:account) { Fabricate :account, domain: nil }
+
+        before do
+          Fabricate :account_statuses_cleanup_policy, account: account
+          account.statuses_cleanup_policy.record_last_inspected(subject.status.id + 1_024)
+        end
+
+        it 'calls the invalidator on destroy' do
+          expect { subject.destroy }
+            .to change(account.statuses_cleanup_policy, :last_inspected)
+        end
+      end
+
+      context 'with a local account that owns the status and does not have a policy' do
+        let(:account) { Fabricate :account, domain: nil }
+
+        it 'does not call the invalidator on destroy' do
+          expect { subject.destroy }
+            .to_not change(account, :updated_at)
+        end
+      end
+
+      context 'with a remote account' do
+        let(:account) { Fabricate :account, domain: 'host.example' }
+
+        it 'does not call the invalidator on destroy' do
+          expect { subject.destroy }
+            .to_not change(account, :updated_at)
+        end
      end
    end
  end
--- a/spec/models/status_spec.rb
+++ b/spec/models/status_spec.rb
@ -339,6 +339,31 @@ RSpec.describe Status do
    end
  end

+  describe '#untrusted_reblogs_count' do
+    before do
+      alice.update(domain: 'example.com')
+      subject.status_stat.tap do |status_stat|
+        status_stat.untrusted_reblogs_count = 0
+        status_stat.save
+      end
+      subject.save
+    end
+
+    it 'is incremented by the number of reblogs' do
+      Fabricate(:status, account: bob, reblog: subject)
+      Fabricate(:status, account: alice, reblog: subject)
+
+      expect(subject.untrusted_reblogs_count).to eq 2
+    end
+
+    it 'is decremented when reblog is removed' do
+      reblog = Fabricate(:status, account: bob, reblog: subject)
+      expect(subject.untrusted_reblogs_count).to eq 1
+      reblog.destroy
+      expect(subject.untrusted_reblogs_count).to eq 0
+    end
+  end
+
  describe '#replies_count' do
    it 'is the number of replies' do
      Fabricate(:status, account: bob, thread: subject)
@ -369,6 +394,31 @@ RSpec.describe Status do
    end
  end

+  describe '#untrusted_favourites_count' do
+    before do
+      alice.update(domain: 'example.com')
+      subject.status_stat.tap do |status_stat|
+        status_stat.untrusted_favourites_count = 0
+        status_stat.save
+      end
+      subject.save
+    end
+
+    it 'is incremented by favorites' do
+      Fabricate(:favourite, account: bob, status: subject)
+      Fabricate(:favourite, account: alice, status: subject)
+
+      expect(subject.untrusted_favourites_count).to eq 2
+    end
+
+    it 'is decremented when favourite is removed' do
+      favourite = Fabricate(:favourite, account: bob, status: subject)
+      expect(subject.untrusted_favourites_count).to eq 1
+      favourite.destroy
+      expect(subject.untrusted_favourites_count).to eq 0
+    end
+  end
+
  describe '#proper' do
    it 'is itself for original statuses' do
      expect(subject.proper).to eq subject
--- a/spec/models/status_trend_spec.rb
+++ b/spec/models/status_trend_spec.rb
@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+RSpec.describe StatusTrend do
+  describe 'Associations' do
+    it { is_expected.to belong_to(:account).required }
+    it { is_expected.to belong_to(:status).required }
+  end
+
+  describe '.locales' do
+    before do
+      Fabricate :status_trend, language: 'en'
+      Fabricate :status_trend, language: 'en'
+      Fabricate :status_trend, language: 'es'
+    end
+
+    it 'returns unique set of languages' do
+      expect(described_class.locales)
+        .to eq(['en', 'es'])
+    end
+  end
+end
--- a/spec/models/tombstone_spec.rb
+++ b/spec/models/tombstone_spec.rb
@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+RSpec.describe Tombstone do
+  describe 'Associations' do
+    it { is_expected.to belong_to(:account).required }
+  end
+
+  describe 'Validations' do
+    subject { Fabricate.build :tombstone }
+
+    it { is_expected.to validate_presence_of(:uri) }
+  end
+end
--- a/spec/rails_helper.rb
+++ b/spec/rails_helper.rb
@ -113,6 +113,7 @@ RSpec.configure do |config|
  config.include ActiveSupport::Testing::TimeHelpers
  config.include Chewy::Rspec::Helpers
  config.include Redisable
+  config.include DomainHelpers
  config.include ThreadingHelpers
  config.include SignedRequestHelpers, type: :request
  config.include CommandLineHelpers, type: :cli
--- a/spec/requests/api/v1/trends/statuses_spec.rb
+++ b/spec/requests/api/v1/trends/statuses_spec.rb
@ -39,6 +39,42 @@ RSpec.describe 'API V1 Trends Statuses' do
        end
        Trends::Statuses.new(threshold: 1, decay_threshold: -1).refresh
      end
+
+      context 'with a comically inflated external interactions count' do
+        def prepare_fake_trends
+          fake_remote_account = Fabricate(:account, domain: 'other.com')
+          fake_status = Fabricate(:status, account: fake_remote_account, text: 'I am a big faker', trendable: true, language: 'en')
+          fake_status.status_stat.tap do |status_stat|
+            status_stat.reblogs_count = 0
+            status_stat.favourites_count = 0
+            status_stat.untrusted_reblogs_count = 1_000_000_000
+            status_stat.untrusted_favourites_count = 1_000_000_000
+            status_stat.save
+          end
+          real_remote_account = Fabricate(:account, domain: 'other.com')
+          real_status = Fabricate(:status, account: real_remote_account, text: 'I make real friends online', trendable: true, language: 'en')
+          real_status.status_stat.tap do |status_stat|
+            status_stat.reblogs_count = 10
+            status_stat.favourites_count = 10
+            status_stat.untrusted_reblogs_count = 10
+            status_stat.untrusted_favourites_count = 10
+            status_stat.save
+          end
+          Trends.statuses.add(fake_status, 100)
+          Trends.statuses.add(real_status, 101)
+          Trends::Statuses.new(threshold: 1, decay_threshold: 1).refresh
+        end
+
+        it 'ignores the feeble attempts at deception' do
+          prepare_fake_trends
+          stub_const('Api::BaseController::DEFAULT_STATUSES_LIMIT', 10)
+          get '/api/v1/trends/statuses'
+
+          expect(response).to have_http_status(200)
+          expect(response.parsed_body.length).to eq(1)
+          expect(response.parsed_body[0]['content']).to eq('I make real friends online')
+        end
+      end
    end
  end
 end
--- a/spec/requests/api/v2/media_spec.rb
+++ b/spec/requests/api/v2/media_spec.rb
@ -29,6 +29,22 @@ RSpec.describe 'Media API', :attachment_processing do
      end
    end

+    context 'when media description is too long' do
+      let(:params) do
+        {
+          file: fixture_file_upload('attachment-jpg.123456_abcd', 'image/jpeg'),
+          description: 'aa' * MediaAttachment::MAX_DESCRIPTION_LENGTH,
+        }
+      end
+
+      it 'returns http error' do
+        post '/api/v2/media', headers: headers, params: params
+
+        expect(response).to have_http_status(422)
+        expect(response.body).to include 'Description is too long'
+      end
+    end
+
    context 'when large format media attachment has not been processed' do
      let(:params) { { file: fixture_file_upload('attachment.webm', 'video/webm') } }

--- a/spec/requests/oauth/userinfo_spec.rb
+++ b/spec/requests/oauth/userinfo_spec.rb
@ -0,0 +1,51 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+RSpec.describe 'Oauth Userinfo Endpoint' do
+  include RoutingHelper
+
+  let(:user)     { Fabricate(:user) }
+  let(:account)  { user.account }
+  let(:token)    { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: scopes) }
+  let(:scopes)   { 'profile' }
+  let(:headers)  { { 'Authorization' => "Bearer #{token.token}" } }
+
+  shared_examples 'returns successfully' do
+    it 'returns http success' do
+      subject
+
+      expect(response).to have_http_status(:success)
+      expect(response.content_type).to start_with('application/json')
+      expect(response.parsed_body).to include({
+        iss: root_url,
+        sub: account_url(account),
+        name: account.display_name,
+        preferred_username: account.username,
+        profile: short_account_url(account),
+        picture: full_asset_url(account.avatar_original_url),
+      })
+    end
+  end
+
+  describe 'GET /oauth/userinfo' do
+    subject do
+      get '/oauth/userinfo', headers: headers
+    end
+
+    it_behaves_like 'forbidden for wrong scope', 'read:accounts'
+    it_behaves_like 'returns successfully'
+  end
+
+  # As this is borrowed from OpenID, the specification says we must also support
+  # POST for the userinfo endpoint:
+  # https://openid.net/specs/openid-connect-core-1_0.html#UserInfo
+  describe 'POST /oauth/userinfo' do
+    subject do
+      post '/oauth/userinfo', headers: headers
+    end
+
+    it_behaves_like 'forbidden for wrong scope', 'read:accounts'
+    it_behaves_like 'returns successfully'
+  end
+end
--- a/spec/requests/well_known/oauth_metadata_spec.rb
+++ b/spec/requests/well_known/oauth_metadata_spec.rb
@ -3,12 +3,6 @@
 require 'rails_helper'

 RSpec.describe 'The /.well-known/oauth-authorization-server request' do
-  let(:protocol) { ENV.fetch('LOCAL_HTTPS', true) ? :https : :http }
-
-  before do
-    host! Rails.configuration.x.local_domain
-  end
-
  it 'returns http success with valid JSON response' do
    get '/.well-known/oauth-authorization-server'

@ -22,11 +16,12 @@ RSpec.describe 'The /.well-known/oauth-authorization-server request' do
    grant_types_supported << 'refresh_token' if Doorkeeper.configuration.refresh_token_enabled?

    expect(response.parsed_body).to include(
-      issuer: root_url(protocol: protocol),
+      issuer: root_url,
      service_documentation: 'https://docs.joinmastodon.org/',
-      authorization_endpoint: oauth_authorization_url(protocol: protocol),
-      token_endpoint: oauth_token_url(protocol: protocol),
-      revocation_endpoint: oauth_revoke_url(protocol: protocol),
+      authorization_endpoint: oauth_authorization_url,
+      token_endpoint: oauth_token_url,
+      userinfo_endpoint: oauth_userinfo_url,
+      revocation_endpoint: oauth_revoke_url,
      scopes_supported: Doorkeeper.configuration.scopes.map(&:to_s),
      response_types_supported: Doorkeeper.configuration.authorization_response_types,
      response_modes_supported: Doorkeeper.configuration.authorization_response_flows.flat_map(&:response_mode_matches).uniq,
@ -34,7 +29,7 @@ RSpec.describe 'The /.well-known/oauth-authorization-server request' do
      grant_types_supported: grant_types_supported,
      code_challenge_methods_supported: ['S256'],
      # non-standard extension:
-      app_registration_endpoint: api_v1_apps_url(protocol: protocol)
+      app_registration_endpoint: api_v1_apps_url
    )
  end
 end
--- a/spec/serializers/rest/status_serializer_spec.rb
+++ b/spec/serializers/rest/status_serializer_spec.rb
@ -0,0 +1,55 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+RSpec.describe REST::StatusSerializer do
+  subject do
+    serialized_record_json(
+      status,
+      described_class,
+      options: {
+        scope: current_user,
+        scope_name: :current_user,
+      }
+    )
+  end
+
+  let(:current_user) { Fabricate(:user) }
+  let(:alice) { Fabricate(:account, username: 'alice') }
+  let(:bob)   { Fabricate(:account, username: 'bob', domain: 'other.com') }
+  let(:status) { Fabricate(:status, account: alice) }
+
+  context 'with a remote status' do
+    let(:status) { Fabricate(:status, account: bob) }
+
+    before do
+      status.status_stat.tap do |status_stat|
+        status_stat.reblogs_count = 10
+        status_stat.favourites_count = 20
+        status_stat.save
+      end
+    end
+
+    context 'with only trusted counts' do
+      it 'shows the trusted counts' do
+        expect(subject['reblogs_count']).to eq(10)
+        expect(subject['favourites_count']).to eq(20)
+      end
+    end
+
+    context 'with untrusted counts' do
+      before do
+        status.status_stat.tap do |status_stat|
+          status_stat.untrusted_reblogs_count = 30
+          status_stat.untrusted_favourites_count = 40
+          status_stat.save
+        end
+      end
+
+      it 'shows the untrusted counts' do
+        expect(subject['reblogs_count']).to eq(30)
+        expect(subject['favourites_count']).to eq(40)
+      end
+    end
+  end
+end
--- a/spec/services/app_sign_up_service_spec.rb
+++ b/spec/services/app_sign_up_service_spec.rb
@ -53,17 +53,7 @@ RSpec.describe AppSignUpService do
        Setting.registrations_mode = 'open'
        Fabricate(:email_domain_block, allow_with_approval: true, domain: 'smtp.email.com')
        allow(User).to receive(:skip_mx_check?).and_return(false)
-
-        resolver = instance_double(Resolv::DNS, :timeouts= => nil)
-
-        allow(resolver).to receive(:getresources)
-          .with('email.com', Resolv::DNS::Resource::IN::MX)
-          .and_return([instance_double(Resolv::DNS::Resource::MX, exchange: 'smtp.email.com')])
-        allow(resolver).to receive(:getresources).with('email.com', Resolv::DNS::Resource::IN::A).and_return([])
-        allow(resolver).to receive(:getresources).with('email.com', Resolv::DNS::Resource::IN::AAAA).and_return([])
-        allow(resolver).to receive(:getresources).with('smtp.email.com', Resolv::DNS::Resource::IN::A).and_return([instance_double(Resolv::DNS::Resource::IN::A, address: '2.3.4.5')])
-        allow(resolver).to receive(:getresources).with('smtp.email.com', Resolv::DNS::Resource::IN::AAAA).and_return([instance_double(Resolv::DNS::Resource::IN::AAAA, address: 'fd00::2')])
-        allow(Resolv::DNS).to receive(:open).and_yield(resolver)
+        configure_mx(domain: 'email.com', exchange: 'smtp.email.com')
      end

      it 'creates an unapproved user', :aggregate_failures do
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@ -34,8 +34,8 @@ RSpec.configure do |config|
  end
 end

-def serialized_record_json(record, serializer, adapter: nil)
-  options = { serializer: serializer }
+def serialized_record_json(record, serializer, adapter: nil, options: {})
+  options[:serializer] = serializer
  options[:adapter] = adapter if adapter.present?
  JSON.parse(
    ActiveModelSerializers::SerializableResource.new(
--- a/spec/support/command_line_helpers.rb
+++ b/spec/support/command_line_helpers.rb
@ -1,9 +1,9 @@
 # frozen_string_literal: true

 module CommandLineHelpers
-  def output_results(*args)
+  def output_results(*)
    output(
-      include(*args)
+      include(*)
    ).to_stdout
  end
 end
--- a/spec/support/domain_helpers.rb
+++ b/spec/support/domain_helpers.rb
@ -0,0 +1,44 @@
+# frozen_string_literal: true
+
+module DomainHelpers
+  def configure_mx(domain:, exchange:, ip_v4_addr: '2.3.4.5', ip_v6_addr: 'fd00::2')
+    resolver = instance_double(Resolv::DNS, :timeouts= => nil)
+
+    allow(resolver).to receive(:getresources)
+      .with(domain, Resolv::DNS::Resource::IN::MX)
+      .and_return([double_mx(exchange)])
+    allow(resolver)
+      .to receive(:getresources)
+      .with(domain, Resolv::DNS::Resource::IN::A)
+      .and_return([])
+    allow(resolver)
+      .to receive(:getresources)
+      .with(domain, Resolv::DNS::Resource::IN::AAAA)
+      .and_return([])
+    allow(resolver)
+      .to receive(:getresources)
+      .with(exchange, Resolv::DNS::Resource::IN::A)
+      .and_return([double_resource_v4(ip_v4_addr)])
+    allow(resolver)
+      .to receive(:getresources)
+      .with(exchange, Resolv::DNS::Resource::IN::AAAA)
+      .and_return([double_resource_v6(ip_v6_addr)])
+    allow(Resolv::DNS)
+      .to receive(:open)
+      .and_yield(resolver)
+  end
+
+  private
+
+  def double_mx(exchange)
+    instance_double(Resolv::DNS::Resource::MX, exchange: exchange)
+  end
+
+  def double_resource_v4(addr)
+    instance_double(Resolv::DNS::Resource::IN::A, address: addr)
+  end
+
+  def double_resource_v6(addr)
+    instance_double(Resolv::DNS::Resource::IN::AAAA, address: addr)
+  end
+end