Enable Rubocop HTTP status rules (#23717)

2023-02-19 21:16:40 -05:00 · 2023-02-19 21:16:40 -05:00 · aef0051fd0
parent bd1d57c230
commit aef0051fd0
32 changed files with 77 additions and 242 deletions
--- a/.rubocop.yml
+++ b/.rubocop.yml
@ -88,6 +88,9 @@ Metrics/ModuleLength:
 Metrics/PerceivedComplexity:
  Max: 16 # RuboCop default 8
 Rails/HttpStatus:
  EnforcedStyle: numeric
 Rails/Exit:
  Exclude:
    - 'lib/mastodon/*_cli.rb'
@ -97,6 +100,9 @@ Rails/Exit:
 RSpec/NotToNot:
  EnforcedStyle: to_not
 RSpec/Rails/HttpStatus:
  EnforcedStyle: numeric
 Style/HashSyntax:
  EnforcedStyle: ruby19_no_mixed_keys
--- a/.rubocop_todo.yml
+++ b/.rubocop_todo.yml
@ -1427,148 +1427,6 @@ RSpec/PredicateMatcher:
    - 'spec/models/user_spec.rb'
    - 'spec/services/post_status_service_spec.rb'
 # Offense count: 3
 # This cop supports unsafe autocorrection (--autocorrect-all).
 RSpec/Rails/HaveHttpStatus:
  Exclude:
    - 'spec/controllers/settings/applications_controller_spec.rb'
    - 'spec/requests/catch_all_route_request_spec.rb'
 # Offense count: 432
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle.
 # SupportedStyles: numeric, symbolic
 RSpec/Rails/HttpStatus:
  Exclude:
    - 'spec/controllers/about_controller_spec.rb'
    - 'spec/controllers/accounts_controller_spec.rb'
    - 'spec/controllers/activitypub/collections_controller_spec.rb'
    - 'spec/controllers/activitypub/followers_synchronizations_controller_spec.rb'
    - 'spec/controllers/activitypub/inboxes_controller_spec.rb'
    - 'spec/controllers/activitypub/outboxes_controller_spec.rb'
    - 'spec/controllers/activitypub/replies_controller_spec.rb'
    - 'spec/controllers/admin/accounts_controller_spec.rb'
    - 'spec/controllers/admin/action_logs_controller_spec.rb'
    - 'spec/controllers/admin/change_email_controller_spec.rb'
    - 'spec/controllers/admin/confirmations_controller_spec.rb'
    - 'spec/controllers/admin/custom_emojis_controller_spec.rb'
    - 'spec/controllers/admin/dashboard_controller_spec.rb'
    - 'spec/controllers/admin/domain_allows_controller_spec.rb'
    - 'spec/controllers/admin/domain_blocks_controller_spec.rb'
    - 'spec/controllers/admin/email_domain_blocks_controller_spec.rb'
    - 'spec/controllers/admin/export_domain_allows_controller_spec.rb'
    - 'spec/controllers/admin/export_domain_blocks_controller_spec.rb'
    - 'spec/controllers/admin/instances_controller_spec.rb'
    - 'spec/controllers/admin/reports/actions_controller_spec.rb'
    - 'spec/controllers/admin/reports_controller_spec.rb'
    - 'spec/controllers/admin/settings/branding_controller_spec.rb'
    - 'spec/controllers/admin/statuses_controller_spec.rb'
    - 'spec/controllers/admin/tags_controller_spec.rb'
    - 'spec/controllers/api/base_controller_spec.rb'
    - 'spec/controllers/api/oembed_controller_spec.rb'
    - 'spec/controllers/api/v1/accounts/credentials_controller_spec.rb'
    - 'spec/controllers/api/v1/accounts/follower_accounts_controller_spec.rb'
    - 'spec/controllers/api/v1/accounts/following_accounts_controller_spec.rb'
    - 'spec/controllers/api/v1/accounts/lists_controller_spec.rb'
    - 'spec/controllers/api/v1/accounts/notes_controller_spec.rb'
    - 'spec/controllers/api/v1/accounts/pins_controller_spec.rb'
    - 'spec/controllers/api/v1/accounts/relationships_controller_spec.rb'
    - 'spec/controllers/api/v1/accounts/search_controller_spec.rb'
    - 'spec/controllers/api/v1/accounts_controller_spec.rb'
    - 'spec/controllers/api/v1/admin/account_actions_controller_spec.rb'
    - 'spec/controllers/api/v1/admin/accounts_controller_spec.rb'
    - 'spec/controllers/api/v1/admin/domain_allows_controller_spec.rb'
    - 'spec/controllers/api/v1/admin/domain_blocks_controller_spec.rb'
    - 'spec/controllers/api/v1/admin/reports_controller_spec.rb'
    - 'spec/controllers/api/v1/announcements/reactions_controller_spec.rb'
    - 'spec/controllers/api/v1/announcements_controller_spec.rb'
    - 'spec/controllers/api/v1/apps/credentials_controller_spec.rb'
    - 'spec/controllers/api/v1/apps_controller_spec.rb'
    - 'spec/controllers/api/v1/blocks_controller_spec.rb'
    - 'spec/controllers/api/v1/conversations_controller_spec.rb'
    - 'spec/controllers/api/v1/custom_emojis_controller_spec.rb'
    - 'spec/controllers/api/v1/domain_blocks_controller_spec.rb'
    - 'spec/controllers/api/v1/endorsements_controller_spec.rb'
    - 'spec/controllers/api/v1/filters_controller_spec.rb'
    - 'spec/controllers/api/v1/follow_requests_controller_spec.rb'
    - 'spec/controllers/api/v1/instances/activity_controller_spec.rb'
    - 'spec/controllers/api/v1/instances/peers_controller_spec.rb'
    - 'spec/controllers/api/v1/instances_controller_spec.rb'
    - 'spec/controllers/api/v1/lists/accounts_controller_spec.rb'
    - 'spec/controllers/api/v1/lists_controller_spec.rb'
    - 'spec/controllers/api/v1/markers_controller_spec.rb'
    - 'spec/controllers/api/v1/media_controller_spec.rb'
    - 'spec/controllers/api/v1/mutes_controller_spec.rb'
    - 'spec/controllers/api/v1/notifications_controller_spec.rb'
    - 'spec/controllers/api/v1/polls/votes_controller_spec.rb'
    - 'spec/controllers/api/v1/polls_controller_spec.rb'
    - 'spec/controllers/api/v1/reports_controller_spec.rb'
    - 'spec/controllers/api/v1/statuses/bookmarks_controller_spec.rb'
    - 'spec/controllers/api/v1/statuses/favourited_by_accounts_controller_spec.rb'
    - 'spec/controllers/api/v1/statuses/favourites_controller_spec.rb'
    - 'spec/controllers/api/v1/statuses/histories_controller_spec.rb'
    - 'spec/controllers/api/v1/statuses/mutes_controller_spec.rb'
    - 'spec/controllers/api/v1/statuses/pins_controller_spec.rb'
    - 'spec/controllers/api/v1/statuses/reblogged_by_accounts_controller_spec.rb'
    - 'spec/controllers/api/v1/statuses/reblogs_controller_spec.rb'
    - 'spec/controllers/api/v1/statuses/sources_controller_spec.rb'
    - 'spec/controllers/api/v1/statuses_controller_spec.rb'
    - 'spec/controllers/api/v1/streaming_controller_spec.rb'
    - 'spec/controllers/api/v1/suggestions_controller_spec.rb'
    - 'spec/controllers/api/v1/timelines/home_controller_spec.rb'
    - 'spec/controllers/api/v1/timelines/list_controller_spec.rb'
    - 'spec/controllers/api/v1/timelines/public_controller_spec.rb'
    - 'spec/controllers/api/v1/timelines/tag_controller_spec.rb'
    - 'spec/controllers/api/v1/trends/tags_controller_spec.rb'
    - 'spec/controllers/api/v2/admin/accounts_controller_spec.rb'
    - 'spec/controllers/api/v2/filters/keywords_controller_spec.rb'
    - 'spec/controllers/api/v2/filters/statuses_controller_spec.rb'
    - 'spec/controllers/api/v2/filters_controller_spec.rb'
    - 'spec/controllers/api/v2/search_controller_spec.rb'
    - 'spec/controllers/api/web/settings_controller_spec.rb'
    - 'spec/controllers/application_controller_spec.rb'
    - 'spec/controllers/auth/confirmations_controller_spec.rb'
    - 'spec/controllers/auth/passwords_controller_spec.rb'
    - 'spec/controllers/auth/registrations_controller_spec.rb'
    - 'spec/controllers/auth/sessions_controller_spec.rb'
    - 'spec/controllers/authorize_interactions_controller_spec.rb'
    - 'spec/controllers/concerns/account_controller_concern_spec.rb'
    - 'spec/controllers/concerns/export_controller_concern_spec.rb'
    - 'spec/controllers/concerns/signature_verification_spec.rb'
    - 'spec/controllers/emojis_controller_spec.rb'
    - 'spec/controllers/follower_accounts_controller_spec.rb'
    - 'spec/controllers/following_accounts_controller_spec.rb'
    - 'spec/controllers/instance_actors_controller_spec.rb'
    - 'spec/controllers/intents_controller_spec.rb'
    - 'spec/controllers/invites_controller_spec.rb'
    - 'spec/controllers/manifests_controller_spec.rb'
    - 'spec/controllers/media_controller_spec.rb'
    - 'spec/controllers/media_proxy_controller_spec.rb'
    - 'spec/controllers/oauth/authorizations_controller_spec.rb'
    - 'spec/controllers/oauth/authorized_applications_controller_spec.rb'
    - 'spec/controllers/relationships_controller_spec.rb'
    - 'spec/controllers/settings/applications_controller_spec.rb'
    - 'spec/controllers/settings/deletes_controller_spec.rb'
    - 'spec/controllers/settings/exports_controller_spec.rb'
    - 'spec/controllers/settings/imports_controller_spec.rb'
    - 'spec/controllers/settings/migrations_controller_spec.rb'
    - 'spec/controllers/settings/preferences/notifications_controller_spec.rb'
    - 'spec/controllers/settings/preferences/other_controller_spec.rb'
    - 'spec/controllers/settings/profiles_controller_spec.rb'
    - 'spec/controllers/settings/two_factor_authentication/confirmations_controller_spec.rb'
    - 'spec/controllers/settings/two_factor_authentication/otp_authentication_controller_spec.rb'
    - 'spec/controllers/settings/two_factor_authentication/recovery_codes_controller_spec.rb'
    - 'spec/controllers/settings/two_factor_authentication/webauthn_credentials_controller_spec.rb'
    - 'spec/controllers/settings/two_factor_authentication_methods_controller_spec.rb'
    - 'spec/controllers/statuses_cleanup_controller_spec.rb'
    - 'spec/controllers/statuses_controller_spec.rb'
    - 'spec/controllers/tags_controller_spec.rb'
    - 'spec/controllers/well_known/host_meta_controller_spec.rb'
    - 'spec/controllers/well_known/nodeinfo_controller_spec.rb'
    - 'spec/controllers/well_known/webfinger_controller_spec.rb'
    - 'spec/requests/host_meta_request_spec.rb'
    - 'spec/requests/webfinger_request_spec.rb'
 # Offense count: 180
 # This cop supports unsafe autocorrection (--autocorrect-all).
 # Configuration parameters: Inferences.
@ -2159,35 +2017,6 @@ Rails/HttpPositionalArguments:
  Exclude:
    - 'spec/config/initializers/rack_attack_spec.rb'
 # Offense count: 49
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle.
 # SupportedStyles: numeric, symbolic
 Rails/HttpStatus:
  Exclude:
    - 'app/controllers/activitypub/inboxes_controller.rb'
    - 'app/controllers/api/base_controller.rb'
    - 'app/controllers/api/v1/admin/domain_blocks_controller.rb'
    - 'app/controllers/api/v1/instances/activity_controller.rb'
    - 'app/controllers/api/v1/instances/domain_blocks_controller.rb'
    - 'app/controllers/api/v1/instances/peers_controller.rb'
    - 'app/controllers/api/v1/lists_controller.rb'
    - 'app/controllers/api/v1/markers_controller.rb'
    - 'app/controllers/api/v1/media_controller.rb'
    - 'app/controllers/api/v1/statuses_controller.rb'
    - 'app/controllers/api/v1/streaming_controller.rb'
    - 'app/controllers/api/v2/media_controller.rb'
    - 'app/controllers/api/v2/search_controller.rb'
    - 'app/controllers/api/web/base_controller.rb'
    - 'app/controllers/settings/pictures_controller.rb'
    - 'app/controllers/well_known/webfinger_controller.rb'
    - 'spec/controllers/api/base_controller_spec.rb'
    - 'spec/controllers/application_controller_spec.rb'
    - 'spec/controllers/concerns/account_controller_concern_spec.rb'
    - 'spec/controllers/concerns/localized_spec.rb'
    - 'spec/controllers/concerns/rate_limit_headers_spec.rb'
    - 'spec/controllers/concerns/signature_verification_spec.rb'
 # Offense count: 7
 # Configuration parameters: Include.
 # Include: spec/**/*.rb, test/**/*.rb
--- a/app/controllers/api/v1/accounts_controller.rb
+++ b/app/controllers/api/v1/accounts_controller.rb
@ -30,7 +30,7 @@ class Api::V1::AccountsController < Api::BaseController
    self.response_body = Oj.dump(response.body)
    self.status        = response.status
  rescue ActiveRecord::RecordInvalid => e
-    render json: ValidationErrorFormatter.new(e, 'account.username': :username, 'invite_request.text': :reason).as_json, status: :unprocessable_entity
+    render json: ValidationErrorFormatter.new(e, 'account.username': :username, 'invite_request.text': :reason).as_json, status: 422
  end
  def follow
--- a/app/controllers/api/v1/emails/confirmations_controller.rb
+++ b/app/controllers/api/v1/emails/confirmations_controller.rb
@ -15,10 +15,10 @@ class Api::V1::Emails::ConfirmationsController < Api::BaseController
  private
  def require_user_owned_by_application!
-    render json: { error: 'This method is only available to the application the user originally signed-up with' }, status: :forbidden unless current_user && current_user.created_by_application_id == doorkeeper_token.application_id
+    render json: { error: 'This method is only available to the application the user originally signed-up with' }, status: 403 unless current_user && current_user.created_by_application_id == doorkeeper_token.application_id
  end
  def require_user_not_confirmed!
-    render json: { error: 'This method is only available while the e-mail is awaiting confirmation' }, status: :forbidden unless !current_user.confirmed? || current_user.unconfirmed_email.present?
+    render json: { error: 'This method is only available while the e-mail is awaiting confirmation' }, status: 403 unless !current_user.confirmed? || current_user.unconfirmed_email.present?
  end
 end
--- a/app/controllers/auth/sessions_controller.rb
+++ b/app/controllers/auth/sessions_controller.rb
@ -52,9 +52,9 @@ class Auth::SessionsController < Devise::SessionsController
      session[:webauthn_challenge] = options_for_get.challenge
-      render json: options_for_get, status: :ok
+      render json: options_for_get, status: 200
    else
-      render json: { error: t('webauthn_credentials.not_enabled') }, status: :unauthorized
+      render json: { error: t('webauthn_credentials.not_enabled') }, status: 401
    end
  end
--- a/app/controllers/concerns/two_factor_authentication_concern.rb
+++ b/app/controllers/concerns/two_factor_authentication_concern.rb
@ -57,10 +57,10 @@ module TwoFactorAuthenticationConcern
    if valid_webauthn_credential?(user, webauthn_credential)
      on_authentication_success(user, :webauthn)
-      render json: { redirect_path: after_sign_in_path_for(user) }, status: :ok
+      render json: { redirect_path: after_sign_in_path_for(user) }, status: 200
    else
      on_authentication_failure(user, :webauthn, :invalid_credential)
-      render json: { error: t('webauthn_credentials.invalid_credential') }, status: :unprocessable_entity
+      render json: { error: t('webauthn_credentials.invalid_credential') }, status: 422
    end
  end
--- a/app/controllers/settings/two_factor_authentication/webauthn_credentials_controller.rb
+++ b/app/controllers/settings/two_factor_authentication/webauthn_credentials_controller.rb
@ -27,7 +27,7 @@ module Settings
        session[:webauthn_challenge] = options_for_create.challenge
-        render json: options_for_create, status: :ok
+        render json: options_for_create, status: 200
      end
      def create
--- a/spec/controllers/admin/accounts_controller_spec.rb
+++ b/spec/controllers/admin/accounts_controller_spec.rb
@ -83,7 +83,7 @@ RSpec.describe Admin::AccountsController, type: :controller do
        let(:target_role) { UserRole.find_by(name: 'Admin') }
        it 'fails to memorialize account' do
-          is_expected.to have_http_status :forbidden
+          is_expected.to have_http_status 403
          expect(account.reload).to_not be_memorial
        end
      end
@ -105,7 +105,7 @@ RSpec.describe Admin::AccountsController, type: :controller do
        let(:target_role) { UserRole.find_by(name: 'Admin') }
        it 'fails to memorialize account' do
-          is_expected.to have_http_status :forbidden
+          is_expected.to have_http_status 403
          expect(account.reload).to_not be_memorial
        end
      end
@ -114,7 +114,7 @@ RSpec.describe Admin::AccountsController, type: :controller do
        let(:target_role) { UserRole.find_by(name: 'Moderator') }
        it 'fails to memorialize account' do
-          is_expected.to have_http_status :forbidden
+          is_expected.to have_http_status 403
          expect(account.reload).to_not be_memorial
        end
      end
@ -141,7 +141,7 @@ RSpec.describe Admin::AccountsController, type: :controller do
      let(:role) { UserRole.everyone }
      it 'fails to enable account' do
-        is_expected.to have_http_status :forbidden
+        is_expected.to have_http_status 403
        expect(user.reload).to be_disabled
      end
    end
@ -167,7 +167,7 @@ RSpec.describe Admin::AccountsController, type: :controller do
      end
      it 'logs action' do
-        is_expected.to have_http_status :found
+        is_expected.to have_http_status 302
        log_item = Admin::ActionLog.last
@ -182,7 +182,7 @@ RSpec.describe Admin::AccountsController, type: :controller do
      let(:role) { UserRole.everyone }
      it 'fails to approve account' do
-        is_expected.to have_http_status :forbidden
+        is_expected.to have_http_status 403
        expect(user.reload).to_not be_approved
      end
    end
@ -207,7 +207,7 @@ RSpec.describe Admin::AccountsController, type: :controller do
      end
      it 'logs action' do
-        is_expected.to have_http_status :found
+        is_expected.to have_http_status 302
        log_item = Admin::ActionLog.last
@ -222,7 +222,7 @@ RSpec.describe Admin::AccountsController, type: :controller do
      let(:role) { UserRole.everyone }
      it 'fails to reject account' do
-        is_expected.to have_http_status :forbidden
+        is_expected.to have_http_status 403
        expect(user.reload).to_not be_approved
      end
    end
@ -250,7 +250,7 @@ RSpec.describe Admin::AccountsController, type: :controller do
      let(:role) { UserRole.everyone }
      it 'fails to redownload' do
-        is_expected.to have_http_status :forbidden
+        is_expected.to have_http_status 403
      end
    end
  end
@ -273,7 +273,7 @@ RSpec.describe Admin::AccountsController, type: :controller do
      let(:role) { UserRole.everyone }
      it 'fails to remove avatar' do
-        is_expected.to have_http_status :forbidden
+        is_expected.to have_http_status 403
      end
    end
  end
@ -303,7 +303,7 @@ RSpec.describe Admin::AccountsController, type: :controller do
      it 'fails to remove avatar' do
        subject
-        expect(response).to have_http_status :forbidden
+        expect(response).to have_http_status 403
      end
    end
  end
--- a/spec/controllers/admin/base_controller_spec.rb
+++ b/spec/controllers/admin/base_controller_spec.rb
@ -15,7 +15,7 @@ describe Admin::BaseController, type: :controller do
    sign_in(Fabricate(:user))
    get :success
-    expect(response).to have_http_status(:forbidden)
+    expect(response).to have_http_status(403)
  end
  it 'renders admin layout as a moderator' do
--- a/spec/controllers/admin/instances_controller_spec.rb
+++ b/spec/controllers/admin/instances_controller_spec.rb
@ -50,7 +50,7 @@ RSpec.describe Admin::InstancesController, type: :controller do
      let(:role) { nil }
      it 'fails to purge instance' do
-        is_expected.to have_http_status :forbidden
+        is_expected.to have_http_status 403
      end
    end
  end
--- a/spec/controllers/admin/roles_controller_spec.rb
+++ b/spec/controllers/admin/roles_controller_spec.rb
@ -18,7 +18,7 @@ describe Admin::RolesController do
    context 'when user does not have permission to manage roles' do
      it 'returns http forbidden' do
-        expect(response).to have_http_status(:forbidden)
+        expect(response).to have_http_status(403)
      end
    end
@ -38,7 +38,7 @@ describe Admin::RolesController do
    context 'when user does not have permission to manage roles' do
      it 'returns http forbidden' do
-        expect(response).to have_http_status(:forbidden)
+        expect(response).to have_http_status(403)
      end
    end
@ -128,7 +128,7 @@ describe Admin::RolesController do
    context 'when user does not have permission to manage roles' do
      it 'returns http forbidden' do
-        expect(response).to have_http_status(:forbidden)
+        expect(response).to have_http_status(403)
      end
    end
@ -145,7 +145,7 @@ describe Admin::RolesController do
        let(:role_position) { current_role.position + 1 }
        it 'returns http forbidden' do
-          expect(response).to have_http_status(:forbidden)
+          expect(response).to have_http_status(403)
        end
      end
    end
@ -165,7 +165,7 @@ describe Admin::RolesController do
    context 'when user does not have permission to manage roles' do
      it 'returns http forbidden' do
-        expect(response).to have_http_status(:forbidden)
+        expect(response).to have_http_status(403)
      end
      it 'does not update the role' do
@ -203,7 +203,7 @@ describe Admin::RolesController do
          let(:role_position) { current_role.position + 1 }
          it 'returns http forbidden' do
-            expect(response).to have_http_status(:forbidden)
+            expect(response).to have_http_status(403)
          end
          it 'does not update the role' do
@ -224,7 +224,7 @@ describe Admin::RolesController do
    context 'when user does not have permission to manage roles' do
      it 'returns http forbidden' do
-        expect(response).to have_http_status(:forbidden)
+        expect(response).to have_http_status(403)
      end
    end
@ -241,7 +241,7 @@ describe Admin::RolesController do
        let(:role_position) { current_role.position + 1 }
        it 'returns http forbidden' do
-          expect(response).to have_http_status(:forbidden)
+          expect(response).to have_http_status(403)
        end
      end
    end
--- a/spec/controllers/admin/users/roles_controller.rb
+++ b/spec/controllers/admin/users/roles_controller.rb
@ -26,7 +26,7 @@ describe Admin::Users::RolesController do
      let(:previous_role) { UserRole.create(name: 'Baz', permissions: UserRole::FLAGS[:administrator], position: 100) }
      it 'returns http forbidden' do
-        expect(response).to have_http_status(:forbidden)
+        expect(response).to have_http_status(403)
      end
    end
  end
@ -74,7 +74,7 @@ describe Admin::Users::RolesController do
      end
      it 'returns http forbidden' do
-        expect(response).to have_http_status(:forbidden)
+        expect(response).to have_http_status(403)
      end
    end
  end
--- a/spec/controllers/api/v1/accounts/credentials_controller_spec.rb
+++ b/spec/controllers/api/v1/accounts/credentials_controller_spec.rb
@ -78,7 +78,7 @@ describe Api::V1::Accounts::CredentialsController do
        end
        it 'returns http unprocessable entity' do
-          expect(response).to have_http_status(:unprocessable_entity)
+          expect(response).to have_http_status(422)
        end
      end
    end
@ -92,14 +92,14 @@ describe Api::V1::Accounts::CredentialsController do
    describe 'GET #show' do
      it 'returns http unauthorized' do
        get :show
-        expect(response).to have_http_status(:unauthorized)
+        expect(response).to have_http_status(401)
      end
    end
    describe 'PATCH #update' do
      it 'returns http unauthorized' do
        patch :update, params: { note: 'Foo' }
-        expect(response).to have_http_status(:unauthorized)
+        expect(response).to have_http_status(401)
      end
    end
  end
--- a/spec/controllers/api/v1/accounts/statuses_controller_spec.rb
+++ b/spec/controllers/api/v1/accounts/statuses_controller_spec.rb
@ -16,7 +16,7 @@ describe Api::V1::Accounts::StatusesController do
    it 'returns http success' do
      get :index, params: { account_id: user.account.id, limit: 1 }
-      expect(response).to have_http_status(:ok)
+      expect(response).to have_http_status(200)
    end
    it 'returns expected headers' do
@ -29,7 +29,7 @@ describe Api::V1::Accounts::StatusesController do
      it 'returns http success' do
        get :index, params: { account_id: user.account.id, only_media: true }
-        expect(response).to have_http_status(:ok)
+        expect(response).to have_http_status(200)
      end
    end
@ -44,7 +44,7 @@ describe Api::V1::Accounts::StatusesController do
      end
      it 'returns http success' do
-        expect(response).to have_http_status(:ok)
+        expect(response).to have_http_status(200)
      end
      it 'returns posts along with self replies' do
@ -63,7 +63,7 @@ describe Api::V1::Accounts::StatusesController do
      it 'returns http success' do
        get :index, params: { account_id: user.account.id, pinned: true }
-        expect(response).to have_http_status(:ok)
+        expect(response).to have_http_status(200)
      end
    end
@ -79,7 +79,7 @@ describe Api::V1::Accounts::StatusesController do
      it 'returns http success' do
        get :index, params: { account_id: account.id, pinned: true }
-        expect(response).to have_http_status(:ok)
+        expect(response).to have_http_status(200)
      end
      context 'when user does not follow account' do
--- a/spec/controllers/api/v1/announcements/reactions_controller_spec.rb
+++ b/spec/controllers/api/v1/announcements/reactions_controller_spec.rb
@ -15,7 +15,7 @@ RSpec.describe Api::V1::Announcements::ReactionsController, type: :controller do
    context 'without token' do
      it 'returns http unauthorized' do
        put :update, params: { announcement_id: announcement.id, id: '😂' }
-        expect(response).to have_http_status :unauthorized
+        expect(response).to have_http_status 401
      end
    end
@ -43,7 +43,7 @@ RSpec.describe Api::V1::Announcements::ReactionsController, type: :controller do
    context 'without token' do
      it 'returns http unauthorized' do
        delete :destroy, params: { announcement_id: announcement.id, id: '😂' }
-        expect(response).to have_http_status :unauthorized
+        expect(response).to have_http_status 401
      end
    end
--- a/spec/controllers/api/v1/announcements_controller_spec.rb
+++ b/spec/controllers/api/v1/announcements_controller_spec.rb
@ -15,7 +15,7 @@ RSpec.describe Api::V1::AnnouncementsController, type: :controller do
    context 'without token' do
      it 'returns http unprocessable entity' do
        get :index
-        expect(response).to have_http_status :unprocessable_entity
+        expect(response).to have_http_status 422
      end
    end
@ -35,7 +35,7 @@ RSpec.describe Api::V1::AnnouncementsController, type: :controller do
    context 'without token' do
      it 'returns http unauthorized' do
        post :dismiss, params: { id: announcement.id }
-        expect(response).to have_http_status :unauthorized
+        expect(response).to have_http_status 401
      end
    end
--- a/spec/controllers/api/v1/apps/credentials_controller_spec.rb
+++ b/spec/controllers/api/v1/apps/credentials_controller_spec.rb
@ -36,7 +36,7 @@ describe Api::V1::Apps::CredentialsController do
    describe 'GET #show' do
      it 'returns http unauthorized' do
        get :show
-        expect(response).to have_http_status(:unauthorized)
+        expect(response).to have_http_status(401)
      end
    end
  end
--- a/spec/controllers/api/v1/bookmarks_controller_spec.rb
+++ b/spec/controllers/api/v1/bookmarks_controller_spec.rb
@ -10,7 +10,7 @@ RSpec.describe Api::V1::BookmarksController, type: :controller do
    context 'without token' do
      it 'returns http unauthorized' do
        get :index
-        expect(response).to have_http_status :unauthorized
+        expect(response).to have_http_status 401
      end
    end
@ -24,7 +24,7 @@ RSpec.describe Api::V1::BookmarksController, type: :controller do
        it 'returns http forbidden' do
          get :index
-          expect(response).to have_http_status :forbidden
+          expect(response).to have_http_status 403
        end
      end
@ -38,7 +38,7 @@ RSpec.describe Api::V1::BookmarksController, type: :controller do
        it 'returns http unprocessable entity' do
          get :index
-          expect(response).to have_http_status :unprocessable_entity
+          expect(response).to have_http_status 422
        end
      end
--- a/spec/controllers/api/v1/emails/confirmations_controller_spec.rb
+++ b/spec/controllers/api/v1/emails/confirmations_controller_spec.rb
@ -16,7 +16,7 @@ RSpec.describe Api::V1::Emails::ConfirmationsController, type: :controller do
      context 'from a random app' do
        it 'returns http forbidden' do
          post :create
-          expect(response).to have_http_status(:forbidden)
+          expect(response).to have_http_status(403)
        end
      end
@ -30,7 +30,7 @@ RSpec.describe Api::V1::Emails::ConfirmationsController, type: :controller do
          it 'returns http forbidden' do
            post :create
-            expect(response).to have_http_status(:forbidden)
+            expect(response).to have_http_status(403)
          end
          context 'but user changed e-mail and has not confirmed it' do
@ -57,7 +57,7 @@ RSpec.describe Api::V1::Emails::ConfirmationsController, type: :controller do
    context 'without an oauth token' do
      it 'returns http unauthorized' do
        post :create
-        expect(response).to have_http_status(:unauthorized)
+        expect(response).to have_http_status(401)
      end
    end
  end
--- a/spec/controllers/api/v1/favourites_controller_spec.rb
+++ b/spec/controllers/api/v1/favourites_controller_spec.rb
@ -10,7 +10,7 @@ RSpec.describe Api::V1::FavouritesController, type: :controller do
    context 'without token' do
      it 'returns http unauthorized' do
        get :index
-        expect(response).to have_http_status :unauthorized
+        expect(response).to have_http_status 401
      end
    end
@ -24,7 +24,7 @@ RSpec.describe Api::V1::FavouritesController, type: :controller do
        it 'returns http forbidden' do
          get :index
-          expect(response).to have_http_status :forbidden
+          expect(response).to have_http_status 403
        end
      end
@ -38,7 +38,7 @@ RSpec.describe Api::V1::FavouritesController, type: :controller do
        it 'returns http unprocessable entity' do
          get :index
-          expect(response).to have_http_status :unprocessable_entity
+          expect(response).to have_http_status 422
        end
      end
--- a/spec/controllers/api/v1/media_controller_spec.rb
+++ b/spec/controllers/api/v1/media_controller_spec.rb
@ -19,7 +19,7 @@ RSpec.describe Api::V1::MediaController, type: :controller do
        end
        it 'returns http 422' do
-          expect(response).to have_http_status(:unprocessable_entity)
+          expect(response).to have_http_status(422)
        end
      end
@ -106,7 +106,7 @@ RSpec.describe Api::V1::MediaController, type: :controller do
      it 'returns http not found' do
        put :update, params: { id: media.id, description: 'Lorem ipsum!!!' }
-        expect(response).to have_http_status(:not_found)
+        expect(response).to have_http_status(404)
      end
    end
@ -126,7 +126,7 @@ RSpec.describe Api::V1::MediaController, type: :controller do
        let(:status) { Fabricate(:status, account: user.account) }
        it 'returns http not found' do
-          expect(response).to have_http_status(:not_found)
+          expect(response).to have_http_status(404)
        end
      end
    end
--- a/spec/controllers/api/v1/timelines/home_controller_spec.rb
+++ b/spec/controllers/api/v1/timelines/home_controller_spec.rb
@ -36,7 +36,7 @@ describe Api::V1::Timelines::HomeController do
      it 'returns http unprocessable entity' do
        get :show
-        expect(response).to have_http_status(:unprocessable_entity)
+        expect(response).to have_http_status(422)
        expect(response.headers['Link']).to be_nil
      end
    end
--- a/spec/controllers/api/v1/timelines/list_controller_spec.rb
+++ b/spec/controllers/api/v1/timelines/list_controller_spec.rb
@ -36,7 +36,7 @@ describe Api::V1::Timelines::ListController do
    describe 'GET #show' do
      it 'returns http not found' do
        get :show, params: { id: list.id }
-        expect(response).to have_http_status(:not_found)
+        expect(response).to have_http_status(404)
      end
    end
  end
@ -48,7 +48,7 @@ describe Api::V1::Timelines::ListController do
      it 'returns http unprocessable entity' do
        get :show, params: { id: list.id }
-        expect(response).to have_http_status(:unprocessable_entity)
+        expect(response).to have_http_status(422)
        expect(response.headers['Link']).to be_nil
      end
    end
--- a/spec/controllers/api/web/embeds_controller_spec.rb
+++ b/spec/controllers/api/web/embeds_controller_spec.rb
@ -19,7 +19,7 @@ describe Api::Web::EmbedsController do
      let(:url) { "http://#{Rails.configuration.x.web_domain}/@#{status.account.username}/#{status.id}" }
      it 'returns a right response' do
-        expect(response).to have_http_status :ok
+        expect(response).to have_http_status 200
        expect(body[:author_name]).to eq status.account.username
      end
    end
@ -37,7 +37,7 @@ describe Api::Web::EmbedsController do
        let(:call_result) { { result: :ok } }
        it 'returns a right response' do
-          expect(response).to have_http_status :ok
+          expect(response).to have_http_status 200
          expect(body[:result]).to eq 'ok'
        end
      end
@ -46,7 +46,7 @@ describe Api::Web::EmbedsController do
        let(:call_result) { nil }
        it 'returns a right response' do
-          expect(response).to have_http_status :not_found
+          expect(response).to have_http_status 404
        end
      end
    end
--- a/spec/controllers/auth/registrations_controller_spec.rb
+++ b/spec/controllers/auth/registrations_controller_spec.rb
@ -245,7 +245,7 @@ RSpec.describe Auth::RegistrationsController, type: :controller do
    end
    it 'returns http not found' do
-      expect(response).to have_http_status(:not_found)
+      expect(response).to have_http_status(404)
    end
    it 'does not delete user' do
--- a/spec/controllers/auth/sessions_controller_spec.rb
+++ b/spec/controllers/auth/sessions_controller_spec.rb
@ -422,7 +422,7 @@ RSpec.describe Auth::SessionsController, type: :controller do
      it 'returns http success' do
        get :webauthn_options
-        expect(response).to have_http_status :ok
+        expect(response).to have_http_status 200
      end
    end
  end
--- a/spec/controllers/concerns/export_controller_concern_spec.rb
+++ b/spec/controllers/concerns/export_controller_concern_spec.rb
@ -29,7 +29,7 @@ describe ApplicationController, type: :controller do
    it 'returns unauthorized when not signed in' do
      get :index, format: :csv
-      expect(response).to have_http_status(:unauthorized)
+      expect(response).to have_http_status(401)
    end
  end
 end
--- a/spec/controllers/disputes/strikes_controller_spec.rb
+++ b/spec/controllers/disputes/strikes_controller_spec.rb
@ -23,7 +23,7 @@ RSpec.describe Disputes::StrikesController, type: :controller do
      let(:strike) { Fabricate(:account_warning) }
      it 'returns http forbidden' do
-        expect(response).to have_http_status(:forbidden)
+        expect(response).to have_http_status(403)
      end
    end
  end
--- a/spec/controllers/settings/applications_controller_spec.rb
+++ b/spec/controllers/settings/applications_controller_spec.rb
@ -32,7 +32,7 @@ describe Settings::ApplicationsController do
      app.update!(owner: nil)
      get :show, params: { id: app.id }
-      expect(response.status).to eq 404
+      expect(response).to have_http_status 404
    end
  end
--- a/spec/controllers/settings/sessions_controller_spec.rb
+++ b/spec/controllers/settings/sessions_controller_spec.rb
@ -24,7 +24,7 @@ describe Settings::SessionsController do
      let(:id) { session_activation.id + 1000 }
      it 'destroys session activation' do
-        is_expected.to have_http_status :not_found
+        is_expected.to have_http_status 404
      end
    end
  end
--- a/spec/controllers/shares_controller_spec.rb
+++ b/spec/controllers/shares_controller_spec.rb
@ -13,7 +13,7 @@ describe SharesController do
    before { get :show, params: { title: 'test title', text: 'test text', url: 'url1 url2' } }
    it 'returns http success' do
-      expect(response).to have_http_status :ok
+      expect(response).to have_http_status 200
      expect(body_classes).to eq 'modal-layout compose-standalone'
    end
  end
--- a/spec/requests/catch_all_route_request_spec.rb
+++ b/spec/requests/catch_all_route_request_spec.rb
@ -5,7 +5,7 @@ describe 'The catch all route' do
    it 'returns a 404 page as html' do
      get '/test'
-      expect(response.status).to eq 404
+      expect(response).to have_http_status 404
      expect(response.media_type).to eq 'text/html'
    end
  end
@ -14,7 +14,7 @@ describe 'The catch all route' do
    it 'returns a 404 page as html' do
      get '/test.test'
-      expect(response.status).to eq 404
+      expect(response).to have_http_status 404
      expect(response.media_type).to eq 'text/html'
    end
  end