use assert_status instead of checking response.status directly

since it's not a string in rails 3 Change-Id: Ib1859a3ca241bd64ca0c43b4ccfec94ba801eab6 Reviewed-on: https://gerrit.instructure.com/29780 Tested-by: Jenkins <jenkins@instructure.com> Reviewed-by: Cody Cutrer <cody@instructure.com> Product-Review: Cody Cutrer <cody@instructure.com> QA-Review: Cody Cutrer <cody@instructure.com>
2014-02-06 18:48:15 -07:00 · 2014-02-06 18:48:15 -07:00 · cd7b02df17
parent 1286381f50
commit cd7b02df17
52 changed files with 253 additions and 255 deletions
--- a/spec/apis/api_spec_helper.rb
+++ b/spec/apis/api_spec_helper.rb
@ -44,7 +44,7 @@ end
 def api_call(method, path, params, body_params = {}, headers = {}, opts = {})
  raw_api_call(method, path, params, body_params, headers, opts)
  if opts[:expected_status]
-    response.status.to_i.should == opts[:expected_status]
+    assert_status(opts[:expected_status])
  else
    response.should be_success, response.body
  end
@ -55,7 +55,7 @@ def api_call(method, path, params, body_params = {}, headers = {}, opts = {})
  end

  if jsonapi_call?(headers) && method == :delete
-    response.status.should == '204 No Content'
+    assert_status(204)
    return
  end

--- a/spec/apis/auth_spec.rb
+++ b/spec/apis/auth_spec.rb
@ -506,18 +506,18 @@ describe "API Authentication", type: :request do

    it "should error if the access token is expired or non-existent" do
      get "/api/v1/courses", nil, { 'Authorization' => "Bearer blahblah" }
-      response.status.to_i.should == 401
+      assert_status(401)
      response['WWW-Authenticate'].should == %{Bearer realm="canvas-lms"}
      @token.update_attribute(:expires_at, 1.hour.ago)
      get "/api/v1/courses", nil, { 'Authorization' => "Bearer #{@token.full_token}" }
-      response.status.to_i.should == 401
+      assert_status(401)
      response['WWW-Authenticate'].should == %{Bearer realm="canvas-lms"}
    end

    it "should require an active pseudonym for the access token user" do
      @user.pseudonym.destroy
      get "/api/v1/courses", nil, { 'Authorization' => "Bearer #{@token.full_token}" }
-      response.status.to_i.should == 401
+      assert_status(401)
      response['WWW-Authenticate'].should == %{Bearer realm="canvas-lms"}
      json = JSON.parse(response.body)
      json['message'].should == "Invalid access token."
@ -525,7 +525,7 @@ describe "API Authentication", type: :request do

    it "should error if no access token is given and authorization is required" do
      get "/api/v1/courses"
-      response.status.to_i.should == 401
+      assert_status(401)
      response['WWW-Authenticate'].should == %{Bearer realm="canvas-lms"}
      json = json_parse
      json["errors"]["message"].should == "user authorization required"
@ -539,7 +539,7 @@ describe "API Authentication", type: :request do
      response.should be_success

      get "/api/v1/courses?access_token=#{@token.full_token}"
-      response.status.to_i.should == 401
+      assert_status(401)
    end

    context "sharding" do
@ -666,7 +666,7 @@ describe "API Authentication", type: :request do

      raw_api_call(:get, "/api/v1/users/self/profile?as_user_id=sis_user_id:bogus",
                   :controller => "profile", :action => "settings", :user_id => 'self', :format => 'json', :as_user_id => "sis_user_id:bogus")
-      response.status.should == '401 Unauthorized'
+      assert_status(401)
      JSON.parse(response.body).should == { 'errors' => 'Invalid as_user_id' }
    end

@ -676,7 +676,7 @@ describe "API Authentication", type: :request do
      @user = @student
      raw_api_call(:get, "/api/v1/users/self/profile?as_user_id=#{@admin.id}",
                   :controller => "profile", :action => "settings", :user_id => 'self', :format => 'json', :as_user_id => @admin.id.to_param)
-      response.status.should == '401 Unauthorized'
+      assert_status(401)
      JSON.parse(response.body).should == { 'errors' => 'Invalid as_user_id' }
    end
  end
--- a/spec/apis/lti/grade_passback_spec.rb
+++ b/spec/apis/lti/grade_passback_spec.rb
@ -51,12 +51,12 @@ describe LtiApiController, type: :request do

  it "should require a content-type of application/xml" do
    make_call('content-type' => 'application/other')
-    response.status.should == "415 Unsupported Media Type"
+    assert_status(415)
  end

  it "should require the correct shared secret" do
    make_call('secret' => 'bad secret is bad')
-    response.status.should == "401 Unauthorized"
+    assert_status(401)
  end

  def replace_result(score=nil, sourceid = nil, result_data=nil)
@ -399,9 +399,9 @@ to because the assignment has no points possible.
  if Canvas.redis_enabled?
    it "should not allow the same nonce to be used more than once" do
      make_call('nonce' => 'not_so_random', 'content-type' => 'none')
-      response.status.should == "415 Unsupported Media Type"
+      assert_status(415)
      make_call('nonce' => 'not_so_random', 'content-type' => 'none')
-      response.status.should == "401 Unauthorized"
+      assert_status(401)
      response.body.should match(/nonce/i)
    end
  end
@ -409,7 +409,7 @@ to because the assignment has no points possible.
  it "should block timestamps more than 90 minutes old" do
    # the 90 minutes value is suggested by the LTI spec
    make_call('timestamp' => 2.hours.ago.utc.to_i, 'content-type' => 'none')
-    response.status.should == "401 Unauthorized"
+    assert_status(401)
    response.body.should match(/expired/i)
  end

@ -427,7 +427,7 @@ to because the assignment has no points possible.

    it "should require the correct shared secret" do
      make_call('secret' => 'bad secret is bad')
-      response.status.should == "401 Unauthorized"
+      assert_status(401)
    end

    def sourceid
--- a/spec/apis/v1/account_reports_api_spec.rb
+++ b/spec/apis/v1/account_reports_api_spec.rb
@ -68,7 +68,7 @@ describe 'Account Reports API', type: :request do
    it 'should 404 for non existing reports' do
      raw_api_call(:post, "/api/v1/accounts/#{@admin.account.id}/reports/bad_report_csv",
                   { :report=> 'bad_report_csv', :controller => 'account_reports', :action => 'create', :format => 'json', :account_id => @admin.account.id.to_s })
-      response.status.should == '404 Not Found'
+      assert_status(404)
    end
  end

--- a/spec/apis/v1/accounts_api_spec.rb
+++ b/spec/apis/v1/accounts_api_spec.rb
@ -337,7 +337,7 @@ describe "Accounts API", type: :request do
    other_sub.update_attribute(:sis_source_id, 'sis2')
    raw_api_call(:get, "/api/v1/accounts/sis_account_id:sis1",
                    { :controller => 'accounts', :action => 'show', :id => "sis_account_id:sis1", :format => 'json' })
-    response.status.should == "404 Not Found"
+    assert_status(404)
  end

  context "courses_api" do
--- a/spec/apis/v1/assignment_groups_api_spec.rb
+++ b/spec/apis/v1/assignment_groups_api_spec.rb
@ -324,7 +324,7 @@ describe AssignmentGroupsApiController, type: :request do
        :format => 'json',
        :course_id => @course.id.to_s,
        :assignment_group_id => not_exist.to_s)
-      response.status.to_i.should == 404
+      assert_status(404)
    end

    it 'should include assignments' do
--- a/spec/apis/v1/assignment_overrides_spec.rb
+++ b/spec/apis/v1/assignment_overrides_spec.rb
@ -63,7 +63,7 @@ describe AssignmentOverridesController, type: :request do
  end

  def expect_errors(errors)
-    response.status.should == '400 Bad Request'
+    assert_status(400)
    json = JSON.parse(response.body)
    json.should == {"errors" => errors}
  end
@ -158,7 +158,7 @@ describe AssignmentOverridesController, type: :request do
      @override.save!

      raw_api_show_override(@course, @assignment, @override)
-      response.status.should == '404 Not Found'
+      assert_status(404)
    end

    it "should exclude due_at/all_day/all_day_date/lock_at/unlock_at when not overridden" do
@ -251,7 +251,7 @@ describe AssignmentOverridesController, type: :request do
                   :controller => 'assignment_overrides', :action => 'group_alias', :format => 'json',
                   :group_id => @other_group.id.to_s,
                   :assignment_id => @assignment.id.to_s)
-      response.status.should == '404 Not Found'
+      assert_status(404)
    end

    it "should 404 for unconnected group/assignment" do
@ -262,7 +262,7 @@ describe AssignmentOverridesController, type: :request do
                   :controller => 'assignment_overrides', :action => 'group_alias', :format => 'json',
                   :group_id => @other_group.id.to_s,
                   :assignment_id => @assignment.id.to_s)
-      response.status.should == '404 Not Found'
+      assert_status(404)
    end
  end

@ -292,7 +292,7 @@ describe AssignmentOverridesController, type: :request do
                   :controller => 'assignment_overrides', :action => 'section_alias', :format => 'json',
                   :course_section_id => @section.id.to_s,
                   :assignment_id => @assignment.id.to_s)
-      response.status.should == '404 Not Found'
+      assert_status(404)
    end

    it "should 404 for unconnected section/assignment" do
@ -302,7 +302,7 @@ describe AssignmentOverridesController, type: :request do
                   :controller => 'assignment_overrides', :action => 'section_alias', :format => 'json',
                   :course_section_id => @course.default_section.id.to_s,
                   :assignment_id => @assignment.id.to_s)
-      response.status.should == '404 Not Found'
+      assert_status(404)
    end
  end

@ -944,7 +944,7 @@ describe AssignmentOverridesController, type: :request do
      raw_api_call(:delete, "/api/v1/courses/#{@course.id}/assignments/#{@assignment.id}/overrides/#{@override.id}.json",
                   :controller => 'assignment_overrides', :action => 'destroy', :format => 'json',
                   :course_id => @course.id.to_s, :assignment_id => @assignment.id.to_s, :id => @override.id.to_s)
-      response.status.should == '404 Not Found'
+      assert_status(404)
    end
  end
 end
--- a/spec/apis/v1/assignments_api_spec.rb
+++ b/spec/apis/v1/assignments_api_spec.rb
@ -483,7 +483,7 @@ describe AssignmentsApiController, type: :request do
          },
          {:assignment => { 'name' => name_too_long} }
        )
-        response.status.to_i.should == 400
+        assert_status(400)
      }.should_not change(Assignment, :count)
    end

@ -508,7 +508,7 @@ describe AssignmentsApiController, type: :request do
        },
        { :assignment => { 'name' => name_too_long} }
      )
-      response.status.to_i.should == 400
+      assert_status(400)
      @assignment.reload
      @assignment.name.should == 'some name'
    end
--- a/spec/apis/v1/authentication_audit_api_spec.rb
+++ b/spec/apis/v1/authentication_audit_api_spec.rb
@ -28,7 +28,7 @@ describe "AuthenticationAudit API", type: :request do

    it "should 404" do
      raw_api_call(:get, "/api/v1/audit/authentication/logins/#{@pseudonym.id}", controller: 'authentication_audit_api', action: "for_login", :login_id => @pseudonym.id.to_s, format: 'json')
-      response.status.should == '404 Not Found'
+      assert_status(404)
    end
  end

--- a/spec/apis/v1/calendar_events_api_spec.rb
+++ b/spec/apis/v1/calendar_events_api_spec.rb
@ -621,7 +621,7 @@ describe CalendarEventsApiController, type: :request do
      json = api_call(:post, "/api/v1/calendar_events",
                      {:controller => 'calendar_events_api', :action => 'create', :format => 'json'},
                      {:calendar_event => {:context_code => @course.asset_string, :title => "ohai"}})
-      response.status.should =~ /201/
+      assert_status(201)
      json.keys.sort.should eql expected_fields
      json['title'].should eql 'ohai'
    end
@ -707,7 +707,7 @@ describe CalendarEventsApiController, type: :request do
        json = api_call(:post, "/api/v1/calendar_events",
                        {:controller => 'calendar_events_api', :action => 'create', :format => 'json'},
                        {:calendar_event => {:context_code => @course.asset_string, :title => "ohai", :child_event_data => {"0" => {:start_at => "2012-01-01 12:00:00", :end_at => "2012-01-01 13:00:00", :context_code => @course.default_section.asset_string}}}})
-        response.status.should =~ /201/
+        assert_status(201)
        json.keys.sort.should eql expected_fields
        json['title'].should eql 'ohai'
        json['child_events'].size.should eql 1
@ -980,7 +980,7 @@ describe CalendarEventsApiController, type: :request do
      assignment = @course.assignments.create(:title => 'undated')
      raw_api_call(:delete, "/api/v1/calendar_events/assignment_#{assignment.id}", {
        :controller => 'calendar_events_api', :action => 'destroy', :id => "assignment_#{assignment.id}", :format => 'json'})
-      response.status.should == "404 Not Found"
+      assert_status(404)
    end

    context 'date overrides' do
--- a/spec/apis/v1/conversations_api_spec.rb
+++ b/spec/apis/v1/conversations_api_spec.rb
@ -512,7 +512,7 @@ describe ConversationsController, type: :request do
          raw_api_call(:post, "/api/v1/conversations",
                  { :controller => 'conversations', :action => 'create', :format => 'json' },
                  { :recipients => [@bob.id], :body => "test", :context_code => "account_#{Account.default.id}" })
-          response.status.to_i.should == 400
+          assert_status(400)
        end

        it "should allow site admin to set any account context" do
@ -546,7 +546,7 @@ describe ConversationsController, type: :request do
            raw_api_call(:post, "/api/v1/conversations",
                    { :controller => 'conversations', :action => 'create', :format => 'json' },
                    { :recipients => [@bob.id], :body => "test", :context_code => "account_#{@sub_account.id}" })
-            response.status.to_i.should == 400
+            assert_status(400)
          end
        end
      end
@ -1885,7 +1885,7 @@ describe ConversationsController, type: :request do
      json = raw_api_call(:delete, "/api/v1/conversations/#{conv.id}/delete_for_all",
        {:controller => 'conversations', :action => 'delete_for_all', :format => 'json', :id => conv.id.to_s},
        {:domain_root_account => Account.site_admin})
-      response.status.should eql "401 Unauthorized"
+      assert_status(401)

      account_admin_user
      p = Account.default.pseudonyms.create!(:unique_id => 'admin', :user => @user)
@ -1893,13 +1893,13 @@ describe ConversationsController, type: :request do
      json = raw_api_call(:delete, "/api/v1/conversations/#{conv.id}/delete_for_all",
        {:controller => 'conversations', :action => 'delete_for_all', :format => 'json', :id => conv.id.to_s},
        {})
-      response.status.should eql "401 Unauthorized"
+      assert_status(401)

      user_session(@me)
      json = raw_api_call(:delete, "/api/v1/conversations/#{conv.id}/delete_for_all",
        {:controller => 'conversations', :action => 'delete_for_all', :format => 'json', :id => conv.id.to_s},
        {})
-      response.status.should eql "401 Unauthorized"
+      assert_status(401)

      @me.all_conversations.size.should eql 1
      @joe.conversations.size.should eql 1
@ -1910,7 +1910,7 @@ describe ConversationsController, type: :request do
      json = raw_api_call(:delete, "/api/v1/conversations/0/delete_for_all",
        {:controller => 'conversations', :action => 'delete_for_all', :format => 'json', :id => "0"},
        {})
-      response.status.should eql "404 Not Found"
+      assert_status(404)
    end

    it "should delete the conversation for all participants" do
--- a/spec/apis/v1/course_audit_api_spec.rb
+++ b/spec/apis/v1/course_audit_api_spec.rb
@ -28,7 +28,7 @@ describe "CourseAudit API", type: :request do

    it "should 404" do
      raw_api_call(:get, "/api/v1/audit/course/courses/#{@course.id}", controller: 'course_audit_api', action: "for_course", course_id: @course.id.to_s, format: 'json')
-      response.status.should == '404 Not Found'
+      assert_status(404)
    end
  end

--- a/spec/apis/v1/courses_api_spec.rb
+++ b/spec/apis/v1/courses_api_spec.rb
@ -354,7 +354,7 @@ describe CoursesController, type: :request do
            }
          }
        )
-        response.status.should eql '401 Unauthorized'
+        assert_status(401)
      end
    end
  end
@ -1211,7 +1211,7 @@ describe CoursesController, type: :request do
          course_id: @course1.id.to_s,
          page: 'invalid',
          format: 'json')
-        response.status.should == "404 Not Found"
+        assert_status(404)
      end

      it "returns a list of users" do
@ -1629,7 +1629,7 @@ describe CoursesController, type: :request do
      @course.update_attribute('sis_source_id', 'OTHER-SIS')
      raw_api_call(:get, "/api/v1/courses/sis_course_id:OTHER-SIS",
                   :controller => "courses", :action => "show", :id => "sis_course_id:OTHER-SIS", :format => "json")
-      response.status.should == "404 Not Found"
+      assert_status(404)
    end

    it 'should include permissions' do
@ -1951,7 +1951,7 @@ describe ContentImportsController, type: :request do
    status = raw_api_call(:post, "/api/v1/courses/#{to_id}/course_copy",
            { :controller => 'content_imports', :action => 'copy_course_content', :course_id => to_id, :format => 'json' },
    {:source_course => from_id})
-    response.status.should == "404 Not Found"
+    assert_status(404)
  end

  def run_only_copy(option)
@ -2001,14 +2001,14 @@ describe ContentImportsController, type: :request do
  it "should return 404 for an import that isn't found" do
    raw_api_call(:get, "/api/v1/courses/#{@copy_to.id}/course_copy/444",
                 { :controller => 'content_imports', :action => 'copy_course_status', :course_id => @copy_to.to_param, :id => '444', :format => 'json' })
-    response.status.should == "404 Not Found"
+    assert_status(404)
  end

  it "shouldn't allow both only and except options" do
    raw_api_call(:post, "/api/v1/courses/#{@copy_to.id}/course_copy",
            { :controller => 'content_imports', :action => 'copy_course_content', :course_id => @copy_to.to_param, :format => 'json' },
    {:source_course => @copy_from.to_param, :only => [:topics], :except => [:assignments]})
-    response.status.to_i.should == 400
+    assert_status(400)
    json = JSON.parse(response.body)
    json['errors'].should == 'You can not use "only" and "except" options at the same time.'
  end
--- a/spec/apis/v1/custom_gradebook_column_data_api_spec.rb
+++ b/spec/apis/v1/custom_gradebook_column_data_api_spec.rb
@ -57,7 +57,7 @@ describe CustomGradebookColumnDataApiController, type: :request do
        "/api/v1/courses/#{@course.id}/custom_gradebook_columns/#{@col.id}/data",
        course_id: @course.to_param, id: @col.to_param, action: "index",
        controller: "custom_gradebook_column_data_api", format: "json"
-      response.status.should == "401 Unauthorized"
+      assert_status(401)
    end

    it 'only shows students you have permission for' do
@ -112,7 +112,7 @@ describe CustomGradebookColumnDataApiController, type: :request do
         controller: "custom_gradebook_column_data_api", format: "json"},
        "column_data[content]" => "haha"

-      response.status.should == '401 Unauthorized'
+      assert_status(401)
    end

    it 'only lets you make notes for students you can see' do
@ -127,7 +127,7 @@ describe CustomGradebookColumnDataApiController, type: :request do
         user_id: @student1.to_param, action: "update",
         controller: "custom_gradebook_column_data_api", format: "json"},
        "column_data[content]" => "jkl;"
-      response.status.should == "404 Not Found"
+      assert_status(404)
    end

    it 'works' do
--- a/spec/apis/v1/custom_gradebook_columns_api_spec.rb
+++ b/spec/apis/v1/custom_gradebook_columns_api_spec.rb
@ -49,7 +49,7 @@ describe CustomGradebookColumnsApiController, type: :request do
        "/api/v1/courses/#{@course.id}/custom_gradebook_columns",
        course_id: @course.to_param, action: "index",
        controller: "custom_gradebook_columns_api", format: "json"
-      response.status.should == "401 Unauthorized"
+      assert_status(401)
    end

    it 'should return the custom columns' do
@ -88,7 +88,7 @@ describe CustomGradebookColumnsApiController, type: :request do
        "/api/v1/courses/#{@course.id}/custom_gradebook_columns",
        course_id: @course.to_param, action: "create",
        controller: "custom_gradebook_columns_api", format: "json"
-      response.status.should == '401 Unauthorized'
+      assert_status(401)
    end

    it 'creates a column' do
@ -112,7 +112,7 @@ describe CustomGradebookColumnsApiController, type: :request do
        {course_id: @course.to_param, id: @col.to_param, action: "update",
         controller: "custom_gradebook_columns_api", format: "json"},
        "column[title]" => "Bar"
-      response.status.should == '401 Unauthorized'
+      assert_status(401)
      @col.reload.title.should == "Foo"
    end

@ -139,7 +139,7 @@ describe CustomGradebookColumnsApiController, type: :request do
        "/api/v1/courses/#{@course.id}/custom_gradebook_columns/#{@col.id}",
        course_id: @course.to_param, id: @col.to_param, action: "destroy",
        controller: "custom_gradebook_columns_api", format: "json"
-      response.status.should == '401 Unauthorized'
+      assert_status(401)
    end

    it 'works' do
--- a/spec/apis/v1/discussion_topics_api_spec.rb
+++ b/spec/apis/v1/discussion_topics_api_spec.rb
@ -1514,13 +1514,13 @@ describe DiscussionTopicsController, type: :request do
    it "should set the read state for a topic" do
      student_in_course(:active_all => true)
      call_mark_topic_read(@course, @topic)
-      response.status.should == '204 No Content'
+      assert_status(204)
      @topic.reload
      @topic.read?(@user).should be_true
      @topic.unread_count(@user).should == 2

      call_mark_topic_unread(@course, @topic)
-      response.status.should == '204 No Content'
+      assert_status(204)
      @topic.reload
      @topic.read?(@user).should be_false
      @topic.unread_count(@user).should == 2
@ -1529,13 +1529,13 @@ describe DiscussionTopicsController, type: :request do
    it "should be idempotent for setting topic read state" do
      student_in_course(:active_all => true)
      call_mark_topic_read(@course, @topic)
-      response.status.should == '204 No Content'
+      assert_status(204)
      @topic.reload
      @topic.read?(@user).should be_true
      @topic.unread_count(@user).should == 2

      call_mark_topic_read(@course, @topic)
-      response.status.should == '204 No Content'
+      assert_status(204)
      @topic.reload
      @topic.read?(@user).should be_true
      @topic.unread_count(@user).should == 2
@ -1556,19 +1556,19 @@ describe DiscussionTopicsController, type: :request do
    it "should set the read state for a entry" do
      student_in_course(:active_all => true)
      call_mark_entry_read(@course, @topic, @entry)
-      response.status.should == '204 No Content'
+      assert_status(204)
      @entry.read?(@user).should be_true
      @entry.find_existing_participant(@user).should_not be_forced_read_state
      @topic.unread_count(@user).should == 1

      call_mark_entry_unread(@course, @topic, @entry)
-      response.status.should == '204 No Content'
+      assert_status(204)
      @entry.read?(@user).should be_false
      @entry.find_existing_participant(@user).should be_forced_read_state
      @topic.unread_count(@user).should == 2

      call_mark_entry_read(@course, @topic, @entry)
-      response.status.should == '204 No Content'
+      assert_status(204)
      @entry.read?(@user).should be_true
      @entry.find_existing_participant(@user).should be_forced_read_state
      @topic.unread_count(@user).should == 1
@ -1577,12 +1577,12 @@ describe DiscussionTopicsController, type: :request do
    it "should be idempotent for setting entry read state" do
      student_in_course(:active_all => true)
      call_mark_entry_read(@course, @topic, @entry)
-      response.status.should == '204 No Content'
+      assert_status(204)
      @entry.read?(@user).should be_true
      @topic.unread_count(@user).should == 1

      call_mark_entry_read(@course, @topic, @entry)
-      response.status.should == '204 No Content'
+      assert_status(204)
      @entry.read?(@user).should be_true
      @topic.unread_count(@user).should == 1
    end
@ -1604,7 +1604,7 @@ describe DiscussionTopicsController, type: :request do
      @entry.change_read_state('read', @user, :forced => true)

      call_mark_all_as_read_state('read')
-      response.status.should == '204 No Content'
+      assert_status(204)
      @topic.reload
      @topic.read?(@user).should be_true

@ -1621,7 +1621,7 @@ describe DiscussionTopicsController, type: :request do
      [@topic, @entry].each { |e| e.change_read_state('read', @user) }

      call_mark_all_as_read_state('unread', :forced => true)
-      response.status.should == '204 No Content'
+      assert_status(204)
      @topic.reload
      @topic.read?(@user).should be_false

@ -1646,14 +1646,12 @@ describe DiscussionTopicsController, type: :request do
      @user = user
      raw_api_call(:put, "/api/v1/courses/#{course.id}/discussion_topics/#{topic.id}/subscribed",
                   { :controller => "discussion_topics_api", :action => "subscribe_topic", :format => "json", :course_id => course.id.to_s, :topic_id => topic.id.to_s})
-      response.status.to_i
    end

    def call_unsubscribe(topic, user, course=@course)
      @user = user
      raw_api_call(:delete, "/api/v1/courses/#{course.id}/discussion_topics/#{topic.id}/subscribed",
                   { :controller => "discussion_topics_api", :action => "unsubscribe_topic", :format => "json", :course_id => course.id.to_s, :topic_id => topic.id.to_s})
-      response.status.to_i
    end

    it "should allow subscription" do
--- a/spec/apis/v1/external_tools_api_spec.rb
+++ b/spec/apis/v1/external_tools_api_spec.rb
@ -140,7 +140,7 @@ describe ExternalToolsController, type: :request do
    raw_api_call(:get, "/api/v1/#{type}s/#{context.id}/external_tools/0.json",
                 {:controller => 'external_tools', :action => 'show', :format => 'json',
                  :"#{type}_id" => context.id.to_s, :external_tool_id => "0"})
-    response.status.should == "404 Not Found"
+    assert_status(404)
  end

  def index_call(context, type="course")
--- a/spec/apis/v1/files_controller_api_spec.rb
+++ b/spec/apis/v1/files_controller_api_spec.rb
@ -130,7 +130,7 @@ describe "Files API", type: :request do
      upload_data
      raw_api_call(:post, "/api/v1/files/#{@attachment.id}/create_success?uuid=abcde",
                   { :controller => "files", :action => "api_create_success", :format => "json", :id => @attachment.to_param, :uuid => "abcde" })
-      response.status.to_i.should == 400
+      assert_status(400)
    end

    it "should fail if the attachment is already available" do
@ -138,7 +138,7 @@ describe "Files API", type: :request do
      @attachment.update_attribute(:file_state, 'available')
      raw_api_call(:post, "/api/v1/files/#{@attachment.id}/create_success?uuid=#{@attachment.uuid}",
                   { :controller => "files", :action => "api_create_success", :format => "json", :id => @attachment.to_param, :uuid => @attachment.uuid })
-      response.status.to_i.should == 400
+      assert_status(400)
    end

    context "upload success context callback" do
--- a/spec/apis/v1/grade_change_audit_api_spec.rb
+++ b/spec/apis/v1/grade_change_audit_api_spec.rb
@ -29,7 +29,7 @@ describe "GradeChangeAudit API", type: :request do

    it "should 404" do
      raw_api_call(:get, "/api/v1/audit/grade_change/students/#{@user.id}", controller: 'grade_change_audit_api', action: "for_student", student_id: @user.id.to_s, format: 'json')
-      response.status.should == '404 Not Found'
+      assert_status(404)
    end
  end

--- a/spec/apis/v1/group_categories_api_spec.rb
+++ b/spec/apis/v1/group_categories_api_spec.rb
@ -398,7 +398,7 @@ describe "Group Categories API", type: :request do
                     @category_path_options.merge(:action => 'assign_unassigned_members',
                                                  :group_category_id => category.to_param),
                     {'sync' => true}
-        response.status.should == '401 Unauthorized'
+        assert_status(401)
      end

      it "should require valid group :category_id" do
@ -409,7 +409,7 @@ describe "Group Categories API", type: :request do
                     @category_path_options.merge(:action => 'assign_unassigned_members',
                                                  :group_category_id => (category.id + 1).to_param),
                     {'sync' => true}
-        response.status.should == '404 Not Found'
+        assert_status(404)
      end

      it "should fail for student organized groups" do
@ -420,7 +420,7 @@ describe "Group Categories API", type: :request do
                     @category_path_options.merge(:action => 'assign_unassigned_members',
                                                  :group_category_id => category.to_param),
                     {'sync' => true}
-        response.status.should == '400 Bad Request'
+        assert_status(400)
      end

      it "should fail for restricted self signup groups" do
@ -433,7 +433,7 @@ describe "Group Categories API", type: :request do
                     @category_path_options.merge(:action => 'assign_unassigned_members',
                                                  :group_category_id => category.to_param),
                     {'sync' => true}
-        response.status.should == '400 Bad Request'
+        assert_status(400)

        category.configure_self_signup(true, false)
        category.save
--- a/spec/apis/v1/outcome_groups_api_spec.rb
+++ b/spec/apis/v1/outcome_groups_api_spec.rb
@ -48,7 +48,7 @@ describe "Outcome Groups API", type: :request do
                     :controller => 'outcome_groups_api',
                     :action => 'redirect',
                     :format => 'json')
-        response.status.to_i.should == 302
+        assert_status(302)
      end

      it "should require a user" do
@ -57,7 +57,7 @@ describe "Outcome Groups API", type: :request do
                     :controller => 'outcome_groups_api',
                     :action => 'redirect',
                     :format => 'json')
-        response.status.to_i.should == 401
+        assert_status(401)
      end

      it "should redirect to the root global group" do
@ -66,7 +66,7 @@ describe "Outcome Groups API", type: :request do
                     :controller => 'outcome_groups_api',
                     :action => 'redirect',
                     :format => 'json')
-        response.status.to_i.should == 302
+        assert_status(302)
        response.location.should == polymorphic_url([:api_v1, :global, :outcome_group], :id => root.id)
      end

@ -96,7 +96,7 @@ describe "Outcome Groups API", type: :request do
                     :action => 'redirect',
                     :account_id => @account.id.to_s,
                     :format => 'json')
-        response.status.to_i.should == 302
+        assert_status(302)
      end

      it "should require read permission to read" do
@ -107,7 +107,7 @@ describe "Outcome Groups API", type: :request do
                     :action => 'redirect',
                     :account_id => @account.id.to_s,
                     :format => 'json')
-        response.status.to_i.should == 401
+        assert_status(401)
      end

      it "should redirect to the root group" do
@ -117,7 +117,7 @@ describe "Outcome Groups API", type: :request do
                     :action => 'redirect',
                     :account_id => @account.id.to_s,
                     :format => 'json')
-        response.status.to_i.should == 302
+        assert_status(302)
        response.location.should == polymorphic_url([:api_v1, @account, :outcome_group], :id => root.id)
      end

@ -144,7 +144,7 @@ describe "Outcome Groups API", type: :request do
                     :action => 'redirect',
                     :course_id => @course.id.to_s,
                     :format => 'json')
-        response.status.to_i.should == 302
+        assert_status(302)
        response.location.should == polymorphic_url([:api_v1, @course, :outcome_group], :id => root.id)
      end
    end
@ -217,7 +217,7 @@ describe "Outcome Groups API", type: :request do
                     :action => 'show',
                     :id => group.id.to_s,
                     :format => 'json')
-        response.status.to_i.should == 404
+        assert_status(404)
      end

      it "should 404 for deleted groups" do
@ -228,7 +228,7 @@ describe "Outcome Groups API", type: :request do
                     :action => 'show',
                     :id => group.id.to_s,
                     :format => 'json')
-        response.status.to_i.should == 404
+        assert_status(404)
      end

      it "should return the group json" do
@ -306,7 +306,7 @@ describe "Outcome Groups API", type: :request do
                     :account_id => @account.id.to_s,
                     :id => group.id.to_s,
                     :format => 'json')
-        response.status.to_i.should == 404
+        assert_status(404)
      end

      it "should include the account in the group json" do
@ -352,7 +352,7 @@ describe "Outcome Groups API", type: :request do
                   :account_id => @account.id.to_s,
                   :id => @group.id.to_s,
                   :format => 'json')
-      response.status.to_i.should == 401
+      assert_status(401)
    end

    it "should require manage_global_outcomes permission for global outcomes" do
@ -365,7 +365,7 @@ describe "Outcome Groups API", type: :request do
                   :action => 'update',
                   :id => @group.id.to_s,
                   :format => 'json')
-      response.status.to_i.should == 401
+      assert_status(401)
    end

    it "should fail for root groups" do
@ -376,7 +376,7 @@ describe "Outcome Groups API", type: :request do
                   :account_id => @account.id.to_s,
                   :id => @group.id.to_s,
                   :format => 'json')
-      response.status.to_i.should == 400
+      assert_status(400)
    end

    it "should allow setting title and description" do
@ -436,7 +436,7 @@ describe "Outcome Groups API", type: :request do
                     :id => @group.id.to_s,
                     :format => 'json' },
                   { :parent_outcome_group_id => child_group.id })
-      response.status.to_i.should == 400
+      assert_status(400)
    end

    it "should fail (400) if the update is invalid" do
@ -449,7 +449,7 @@ describe "Outcome Groups API", type: :request do
                 :format => 'json' },
               { :title => "New Title",
                 :description => too_long_description })
-      response.status.to_i.should == 400
+      assert_status(400)
    end

    it "should return the updated group json" do
@ -505,7 +505,7 @@ describe "Outcome Groups API", type: :request do
                   :account_id => @account.id.to_s,
                   :id => @group.id.to_s,
                   :format => 'json')
-      response.status.to_i.should == 401
+      assert_status(401)
    end

    it "should require manage_global_outcomes permission for global outcomes" do
@ -518,7 +518,7 @@ describe "Outcome Groups API", type: :request do
                   :action => 'destroy',
                   :id => @group.id.to_s,
                   :format => 'json')
-      response.status.to_i.should == 401
+      assert_status(401)
    end

    it "should fail for root groups" do
@ -529,7 +529,7 @@ describe "Outcome Groups API", type: :request do
                   :account_id => @account.id.to_s,
                   :id => @group.id.to_s,
                   :format => 'json')
-      response.status.to_i.should == 400
+      assert_status(400)
    end

    it "should delete the group" do
@ -592,7 +592,7 @@ describe "Outcome Groups API", type: :request do
                   :account_id => @account.id.to_s,
                   :id => @group.id.to_s,
                   :format => 'json')
-      response.status.to_i.should == 200
+      response.should be_success
    end

    it "should return the outcomes linked into the group" do
@ -703,7 +703,7 @@ describe "Outcome Groups API", type: :request do
                   :id => @group.id.to_s,
                   :outcome_id => @outcome.id.to_s,
                   :format => 'json')
-      response.status.to_i.should == 401
+      assert_status(401)
    end

    it "should require manage_global_outcomes permission for global groups" do
@ -716,7 +716,7 @@ describe "Outcome Groups API", type: :request do
                   :id => @group.id.to_s,
                   :outcome_id => @outcome.id.to_s,
                   :format => 'json')
-      response.status.to_i.should == 401
+      assert_status(401)
    end

    it "should fail if the outcome isn't available to the context" do
@ -729,7 +729,7 @@ describe "Outcome Groups API", type: :request do
                   :id => @group.id.to_s,
                   :outcome_id => @outcome.id.to_s,
                   :format => 'json')
-      response.status.to_i.should == 400
+      assert_status(400)
    end

    it "should link the outcome into the group" do
@ -803,7 +803,7 @@ describe "Outcome Groups API", type: :request do
                   { :points => 0, :description => "Does Not Meet Expectations" }
                 ]
               })
-      response.status.to_i.should == 400
+      assert_status(400)
    end

    it "should create a new outcome" do
@ -873,7 +873,7 @@ describe "Outcome Groups API", type: :request do
                   :id => @group.id.to_s,
                   :outcome_id => @outcome.id.to_s,
                   :format => 'json')
-      response.status.to_i.should == 401
+      assert_status(401)
    end

    it "should require manage_global_outcomes permission for global groups" do
@ -887,7 +887,7 @@ describe "Outcome Groups API", type: :request do
                   :id => @group.id.to_s,
                   :outcome_id => @outcome.id.to_s,
                   :format => 'json')
-      response.status.to_i.should == 401
+      assert_status(401)
    end

    it "should 404 if the outcome isn't linked in the group" do
@ -899,7 +899,7 @@ describe "Outcome Groups API", type: :request do
                   :id => @group.id.to_s,
                   :outcome_id => @outcome.id.to_s,
                   :format => 'json')
-      response.status.to_i.should == 404
+      assert_status(404)
    end

    it "should fail (400) if this is the last link for an aligned outcome" do
@ -912,7 +912,7 @@ describe "Outcome Groups API", type: :request do
                   :id => @group.id.to_s,
                   :outcome_id => @outcome.id.to_s,
                   :format => 'json')
-      response.status.to_i.should == 400
+      assert_status(400)
      parsed_body = JSON.parse( response.body )
      parsed_body[ 'message' ].should =~ /link is the last link/i
    end
@ -978,7 +978,7 @@ describe "Outcome Groups API", type: :request do
                   :account_id => @account.id.to_s,
                   :id => @group.id.to_s,
                   :format => 'json')
-      response.status.to_i.should == 200
+      response.should be_success
    end

    def create_subgroup(opts={})
@ -1076,7 +1076,7 @@ describe "Outcome Groups API", type: :request do
                   :account_id => @account.id.to_s,
                   :id => @group.id.to_s,
                   :format => 'json')
-      response.status.to_i.should == 401
+      assert_status(401)
    end

    it "should require manage_global_outcomes permission for global groups" do
@ -1088,7 +1088,7 @@ describe "Outcome Groups API", type: :request do
                   :action => 'create',
                   :id => @group.id.to_s,
                   :format => 'json')
-      response.status.to_i.should == 401
+      assert_status(401)
    end

    it "should create a new outcome group" do
@ -1165,7 +1165,7 @@ describe "Outcome Groups API", type: :request do
                     :id => @target_group.id.to_s,
                     :format => 'json' },
                   { :source_outcome_group_id => @source_group.id.to_s })
-      response.status.to_i.should == 401
+      assert_status(401)
    end

    it "should require manage_global_outcomes permission for global groups" do
@ -1178,7 +1178,7 @@ describe "Outcome Groups API", type: :request do
                     :id => @target_group.id.to_s,
                     :format => 'json' },
                   { :source_outcome_group_id => @source_group.id.to_s })
-      response.status.to_i.should == 401
+      assert_status(401)
    end

    it "should fail if the source group doesn't exist (or is deleted)" do
@ -1191,7 +1191,7 @@ describe "Outcome Groups API", type: :request do
                     :id => @target_group.id.to_s,
                     :format => 'json' },
                   { :source_outcome_group_id => @source_group.id.to_s })
-      response.status.to_i.should == 400
+      assert_status(400)
    end

    it "should fail if the source group isn't available to the context" do
@ -1204,7 +1204,7 @@ describe "Outcome Groups API", type: :request do
                     :id => @target_group.id.to_s,
                     :format => 'json' },
                   { :source_outcome_group_id => @source_group.id.to_s })
-      response.status.to_i.should == 400
+      assert_status(400)
    end

    it "should create a new outcome group" do
--- a/spec/apis/v1/outcome_results_api_spec.rb
+++ b/spec/apis/v1/outcome_results_api_spec.rb
@ -167,7 +167,7 @@ describe "Outcome Results API", type: :request do
        course_with_student_logged_in
        raw_api_call(:get, outcome_rollups_url(outcome_course),
          controller: 'outcome_results', action: 'rollups', format: 'json', course_id: outcome_course.id.to_s)
-        response.status.to_i.should == 401
+        assert_status(401)
      end

      it "requires an existing context" do
@ -176,7 +176,7 @@ describe "Outcome Results API", type: :request do
        bogus_course = Course.new { |c| c.id = -1 }
        raw_api_call(:get, outcome_rollups_url(bogus_course),
          controller: 'outcome_results', action: 'rollups', format: 'json', course_id: bogus_course.id.to_s)
-        response.status.to_i.should == 404
+        assert_status(404)
      end

      it "verifies the aggregate parameter" do
@ -185,7 +185,7 @@ describe "Outcome Results API", type: :request do
        raw_api_call(:get, outcome_rollups_url(@course, aggregate: 'invalid'),
          controller: 'outcome_results', action: 'rollups', format: 'json',
          course_id: @course.id.to_s, aggregate: 'invalid')
-        response.status.to_i.should == 400
+        assert_status(400)
      end

      it "requires user ids to be students in the context" do
@ -194,7 +194,7 @@ describe "Outcome Results API", type: :request do
        raw_api_call(:get, outcome_rollups_url(@course, user_ids: "#{@teacher.id}"),
          controller: 'outcome_results', action: 'rollups', format: 'json',
          course_id: @course.id.to_s, user_ids: @teacher.id)
-        response.status.to_i.should == 400
+        assert_status(400)
      end

      it "requires section id to be a section in the context" do
@ -204,7 +204,7 @@ describe "Outcome Results API", type: :request do
        raw_api_call(:get, outcome_rollups_url(outcome_course, section_id: bogus_section.id),
          controller: 'outcome_results', action: 'rollups', format: 'json',
          course_id: @course.id.to_s, section_id: bogus_section.id.to_s)
-        response.status.to_i.should == 400
+        assert_status(400)
      end

      it "verifies the include[] parameter" do
@ -213,7 +213,7 @@ describe "Outcome Results API", type: :request do
        raw_api_call(:get, outcome_rollups_url(@course, include: ['invalid']),
          controller: 'outcome_results', action: 'rollups', format: 'json',
          course_id: @course.id.to_s, include: ['invalid'])
-        response.status.to_i.should == 400
+        assert_status(400)
      end
    end

--- a/spec/apis/v1/outcomes_api_spec.rb
+++ b/spec/apis/v1/outcomes_api_spec.rb
@ -47,7 +47,7 @@ describe "Outcomes API", type: :request do
                   :action => 'show',
                   :id => @outcome.id.to_s,
                   :format => 'json')
-      response.status.to_i.should == 200
+      response.should be_success
    end

    it "should require read permission" do
@ -58,7 +58,7 @@ describe "Outcomes API", type: :request do
                   :action => 'show',
                   :id => @outcome.id.to_s,
                   :format => 'json')
-      response.status.to_i.should == 401
+      assert_status(401)
    end

    it "should not require any permission for global outcomes" do
@ -69,7 +69,7 @@ describe "Outcomes API", type: :request do
                   :action => 'show',
                   :id => @outcome.id.to_s,
                   :format => 'json')
-      response.status.to_i.should == 200
+      response.should be_success
    end

    it "should still require a user for global outcomes" do
@ -80,7 +80,7 @@ describe "Outcomes API", type: :request do
                   :action => 'show',
                   :id => @outcome.id.to_s,
                   :format => 'json')
-      response.status.to_i.should == 401
+      assert_status(401)
    end

    it "should 404 for deleted outcomes" do
@ -90,7 +90,7 @@ describe "Outcomes API", type: :request do
                   :action => 'show',
                   :id => @outcome.id.to_s,
                   :format => 'json')
-      response.status.to_i.should == 404
+      assert_status(404)
    end

    it "should return the outcome json" do
@ -157,7 +157,7 @@ describe "Outcomes API", type: :request do
                   :action => 'update',
                   :id => @outcome.id.to_s,
                   :format => 'json')
-      response.status.to_i.should == 401
+      assert_status(401)
    end

    it "should require manage_global_outcomes permission for global outcomes" do
@ -169,7 +169,7 @@ describe "Outcomes API", type: :request do
                   :action => 'update',
                   :id => @outcome.id.to_s,
                   :format => 'json')
-      response.status.to_i.should == 401
+      assert_status(401)
    end

    it "should fail (400) if the outcome is invalid" do
@ -188,7 +188,7 @@ describe "Outcomes API", type: :request do
                   { :points => 0, :description => "Does Not Meet Expectations" }
                 ]
               })
-      response.status.to_i.should == 400
+      assert_status(400)
    end

    it "should update the outcome" do
--- a/spec/apis/v1/quiz_ip_filters_api_spec.rb
+++ b/spec/apis/v1/quiz_ip_filters_api_spec.rb
@ -68,7 +68,7 @@ describe QuizIpFiltersController, type: :request do
      student_in_course

      json = get_index(true)
-      response.status.to_i.should == 401
+      assert_status(401)
    end

    context 'Pagination' do
@ -96,7 +96,7 @@ describe QuizIpFiltersController, type: :request do

      it 'should bail out on an invalid cursor' do
        get_index true, { page: 'invalid' }
-        response.status.to_i.should == 404
+        assert_status(404)
      end
    end

--- a/spec/apis/v1/quiz_submission_questions_api_spec.rb
+++ b/spec/apis/v1/quiz_submission_questions_api_spec.rb
@ -147,7 +147,7 @@ describe QuizSubmissionQuestionsController, :type => :request do
    it 'should restrict access to itself' do
      student_in_course
      json = api_index({}, { raw: true })
-      response.status.to_i.should == 401
+      assert_status(401)
    end
  end

@ -166,7 +166,7 @@ describe QuizSubmissionQuestionsController, :type => :request do
    it 'should deny access by other students' do
      student_in_course
      api_show({}, { raw: true })
-      response.status.to_i.should == 401
+      assert_status(401)
    end

    context 'Output' do
@ -400,7 +400,7 @@ describe QuizSubmissionQuestionsController, :type => :request do

      api_update({ answer: 1658 }, { raw: true })

-      response.status.to_i.should == 400
+      assert_status(400)
      response.body.should match(/unknown answer '1658'/i)

      json = api_update({ answer: 1659 })
@ -415,7 +415,7 @@ describe QuizSubmissionQuestionsController, :type => :request do

      api_update({ answer: 'asdf' }, { raw: true })

-      response.status.to_i.should == 400
+      assert_status(400)
      response.body.should match(/must be of type integer/i)
    end

@ -439,7 +439,7 @@ describe QuizSubmissionQuestionsController, :type => :request do

      api_update({}, { raw: true })

-      response.status.to_i.should == 403
+      assert_status(403)
      response.body.should match(/requires the lockdown browser/i)
    end
  end
--- a/spec/apis/v1/quiz_submissions_api_spec.rb
+++ b/spec/apis/v1/quiz_submissions_api_spec.rb
@ -36,7 +36,7 @@ shared_examples_for 'Quiz Submissions API Restricted Endpoints' do
      attempt: 1
    }

-    response.status.to_i.should == 403
+    assert_status(403)
    response.body.should match(/requires the lockdown browser/i)
  end
 end
@ -171,7 +171,7 @@ describe QuizSubmissionsApiController, type: :request do
    it 'should restrict access to itself' do
      student_in_course
      json = qs_api_index(true)
-      response.status.to_i.should == 401
+      assert_status(401)
    end
  end

@ -199,7 +199,7 @@ describe QuizSubmissionsApiController, type: :request do
    it 'should deny access by other students' do
      student_in_course
      qs_api_show(true)
-      response.status.to_i.should == 401
+      assert_status(401)
    end

    context 'Output' do
@ -372,14 +372,14 @@ describe QuizSubmissionsApiController, type: :request do
          attempt: 1
        }

-        response.status.to_i.should == 400
+        assert_status(400)
        response.body.should match(/already complete/)
      end

      it 'should require the attempt index' do
        json = qs_api_complete true

-        response.status.to_i.should == 400
+        assert_status(400)
        response.body.should match(/invalid attempt/)
      end

@ -388,7 +388,7 @@ describe QuizSubmissionsApiController, type: :request do
          attempt: 123123123
        }

-        response.status.to_i.should == 400
+        assert_status(400)
        response.body.should match(/attempt.*can not be modified/)
      end

@ -397,7 +397,7 @@ describe QuizSubmissionsApiController, type: :request do
          validation_token: 'aaaooeeeee'
        }

-        response.status.to_i.should == 403
+        assert_status(403)
        response.body.should match(/invalid token/)
      end
    end
--- a/spec/apis/v1/quizzes_api_spec.rb
+++ b/spec/apis/v1/quizzes_api_spec.rb
@ -73,7 +73,7 @@ describe QuizzesApiController, type: :request do
                   :action => "index",
                   :format => "json",
                   :course_id => "#{@course.id}")
-      response.status.to_i.should == 404
+      assert_status(404)
    end

    context "jsonapi style" do
--- a/spec/apis/v1/roles_api_spec.rb
+++ b/spec/apis/v1/roles_api_spec.rb
@ -277,7 +277,7 @@ describe "Roles API", type: :request do
      raw_api_call(:post, "/api/v1/accounts/#{@admin.account.id}/roles",
        { :controller => 'role_overrides', :action => 'add_role', :format => 'json', :account_id => @admin.account.id.to_s },
        { :permissions => { @permission => { :explicit => '1', :enabled => '1' } } })
-      response.status.should == '400 Bad Request'
+      assert_status(400)
      JSON.parse(response.body).should == {"message" => "missing required parameter 'role'"}
    end

@ -290,7 +290,7 @@ describe "Roles API", type: :request do
      raw_api_call(:post, "/api/v1/accounts/#{@admin.account.id}/roles",
        { :controller => 'role_overrides', :action => 'add_role', :format => 'json', :account_id => @admin.account.id.to_s },
        { :role => @role })
-      response.status.should == '400 Bad Request'
+      assert_status(400)
      JSON.parse(response.body).should == {"message" => "role already exists"}
    end

@ -301,7 +301,7 @@ describe "Roles API", type: :request do
      raw_api_call(:post, "/api/v1/accounts/#{@admin.account.id}/roles",
        { :controller => 'role_overrides', :action => 'add_role', :format => 'json', :account_id => @admin.account.id.to_s },
        { :role => @role })
-      response.status.should == '400 Bad Request'
+      assert_status(400)
      JSON.parse(response.body).should == {"message" => "role already exists"}
    end

@ -320,7 +320,7 @@ describe "Roles API", type: :request do
      raw_api_call(:post, "/api/v1/accounts/#{@admin.account.id}/roles",
        { :controller => 'role_overrides', :action => 'add_role', :format => 'json', :account_id => @admin.account.id.to_s },
        { :role => @role, :base_role_type => "notagoodbaserole" })
-      response.status.should == '400 Bad Request'
+      assert_status(400)
      JSON.parse(response.body).should == {"message" => "Base role type is invalid"}
    end

@ -328,7 +328,7 @@ describe "Roles API", type: :request do
      raw_api_call(:post, "/api/v1/accounts/#{@admin.account.id}/roles",
                   { :controller => 'role_overrides', :action => 'add_role', :format => 'json', :account_id => @admin.account.id.to_s },
                   { :role => 'student', :base_role_type => "StudentEnrollment" })
-      response.status.should == '400 Bad Request'
+      assert_status(400)
      JSON.parse(response.body).should == {"message" => "Name is reserved"}
    end

--- a/spec/apis/v1/services_api_spec.rb
+++ b/spec/apis/v1/services_api_spec.rb
@ -32,7 +32,7 @@ describe "Services API", type: :request do
  
  it "should check for auth" do
    get("/api/v1/services/kaltura")
-    response.status.should == '401 Unauthorized'
+    assert_status(401)
  end
  
  it "should return the config information for kaltura" do
--- a/spec/apis/v1/sis_imports_api_spec.rb
+++ b/spec/apis/v1/sis_imports_api_spec.rb
@ -434,7 +434,7 @@ describe SisImportsApiController, type: :request do
            :import_type => 'instructure_csv' },
          {},
          { 'content-type' => 'text/csv; charset=ISO-8859-1-Windows-3.0-Latin-1' })
-    response.status.should match(/400/)
+    assert_status(400)
    SisBatch.count.should == 0
  end

--- a/spec/apis/v1/stream_items_api_spec.rb
+++ b/spec/apis/v1/stream_items_api_spec.rb
@ -28,12 +28,12 @@ describe UsersController, type: :request do

  it "should check for auth" do
    get("/api/v1/users/self/activity_stream")
-    response.status.should == '401 Unauthorized'
+    assert_status(401)

    @course = factory_with_protected_attributes(Course, course_valid_attributes)
    raw_api_call(:get, "/api/v1/courses/#{@course.id}/activity_stream",
                :controller => "courses", :action => "activity_stream", :format => "json", :course_id => @course.to_param)
-    response.status.should == '401 Unauthorized'
+    assert_status(401)
  end

  it "should return the activity stream" do
--- a/spec/apis/v1/submissions_api_spec.rb
+++ b/spec/apis/v1/submissions_api_spec.rb
@ -128,7 +128,7 @@ describe 'Submissions API', type: :request do
        :format => 'json', :section_id => @default_section.id.to_s,
        :assignment_id => @a1.id.to_s, :user_id => @student1.id.to_s },
        { :submission => { :posted_grade => '75%' } })
-      response.status.should == "404 Not Found"
+      assert_status(404)

      expect {
      json = api_call(:put,
@ -221,7 +221,7 @@ describe 'Submissions API', type: :request do
            { :controller => 'submissions_api', :action => 'index',
              :format => 'json', :section_id => 'sis_section_id:section-2',
              :assignment_id => @a1.id.to_s })
-      response.status.should == "404 Not Found" # rather than 401 unauthorized
+      assert_status(404) # rather than 401 unauthorized
    end

    context 'submission comment attachments' do
@ -247,7 +247,7 @@ describe 'Submissions API', type: :request do
      it "doesn't let you attach files you don't have permission for" do
        course_with_student_logged_in(course: @course, active_all: true)
        put_comment_attachment
-        response.status.should == '401 Unauthorized'
+        assert_status(401)
      end

      it 'works' do
@ -519,7 +519,7 @@ describe 'Submissions API', type: :request do
                      :format => "json", :course_id => @course.id.to_s,
                      :assignment_id => a1.id.to_s, :user_id => student1.id.to_s },
                    { :include => %w(submission_comments) })
-    response.status.should =~ /401/
+    assert_status(401)
  end

  it "should return grading information for observers" do
@ -1389,7 +1389,7 @@ describe 'Submissions API', type: :request do
            :assignment_id => a1.id.to_s, :user_id => student.id.to_s },
          { :comment => { :text_comment => 'witty remark' },
            :submission => { :posted_grade => 'B' } })
-    response.status.should == '401 Unauthorized'
+    assert_status(401)
  end

  it "should not allow rubricking by a student" do
@ -1407,7 +1407,7 @@ describe 'Submissions API', type: :request do
            :assignment_id => a1.id.to_s, :user_id => student.id.to_s },
          { :comment => { :text_comment => 'witty remark' },
            :rubric_assessment => { :criteria => { :points => 5 } } })
-    response.status.should == '401 Unauthorized'
+    assert_status(401)
  end

  it "should not return submissions for no-longer-enrolled students" do
@ -1837,7 +1837,7 @@ describe 'Submissions API', type: :request do
          { :controller => 'submissions_api', :action => 'show',
            :format => 'json', :course_id => @course.id.to_s,
            :assignment_id => @assignment.id.to_s, :user_id => s2.user_id.to_s })
-    response.status.should == "404 Not Found"
+    assert_status(404)

    # try querying the other section directly
    raw_api_call(:get,
@ -1845,7 +1845,7 @@ describe 'Submissions API', type: :request do
          { :controller => 'submissions_api', :action => 'show',
            :format => 'json', :section_id => section2.id.to_s,
            :assignment_id => @assignment.id.to_s, :user_id => s2.user_id.to_s })
-    response.status.should == "404 Not Found"
+    assert_status(404)

    json = api_call(:get,
          "/api/v1/courses/#{@course.id}/students/submissions",
@ -1880,7 +1880,7 @@ describe 'Submissions API', type: :request do
            :format => 'json', :course_id => @course.id.to_s,
            :assignment_id => @assignment.id.to_s, :user_id => s2.user_id.to_s },
          { :submission => { :posted_grade => '10' } })
-    response.status.should == "404 Not Found"
+    assert_status(404)

    # try querying the other section directly
    raw_api_call(:put,
@ -1889,7 +1889,7 @@ describe 'Submissions API', type: :request do
            :format => 'json', :section_id => section2.id.to_s,
            :assignment_id => @assignment.id.to_s, :user_id => s2.user_id.to_s },
          { :submission => { :posted_grade => '10' } })
-    response.status.should == "404 Not Found"
+    assert_status(404)
  end

  context 'map_user_ids' do
@ -2152,7 +2152,7 @@ describe 'Submissions API', type: :request do
                :user_id => @student.id.to_s
              },
              opts)
-      response.status.should == "401 Unauthorized"
+      assert_status(401)
    end
  end

--- a/spec/apis/v1/todo_items_api_spec.rb
+++ b/spec/apis/v1/todo_items_api_spec.rb
@ -79,12 +79,12 @@ describe UsersController, type: :request do

  it "should check for auth" do
    get("/api/v1/users/self/todo")
-    response.status.should == '401 Unauthorized'
+    assert_status(401)

    @course = factory_with_protected_attributes(Course, course_valid_attributes)
    raw_api_call(:get, "/api/v1/courses/#{@course.id}/todo",
                :controller => "courses", :action => "todo_items", :format => "json", :course_id => @course.to_param)
-    response.status.should == '401 Unauthorized'
+    assert_status(401)
  end

  it "should return a global user todo list" do
--- a/spec/apis/v1/upcoming_events_api_spec.rb
+++ b/spec/apis/v1/upcoming_events_api_spec.rb
@ -25,7 +25,7 @@ describe UsersController, type: :request do
  context "without current_user" do
    it "should check for auth" do
      get("/api/v1/users/self/upcoming_events")
-      response.status.should == '401 Unauthorized'
+      assert_status(401)
    end
  end

--- a/spec/apis/v1/user_profiles_api_spec.rb
+++ b/spec/apis/v1/user_profiles_api_spec.rb
@ -118,7 +118,7 @@ describe "User Profile API", type: :request do
    @user = @student
    raw_api_call(:get, "/api/v1/users/#{@admin.id}/profile",
             :controller => "profile", :action => "settings", :user_id => @admin.to_param, :format => 'json')
-    response.status.should == "401 Unauthorized"
+    assert_status(401)
  end

  context "user_services" do
--- a/spec/apis/v1/users_api_spec.rb
+++ b/spec/apis/v1/users_api_spec.rb
@ -222,7 +222,7 @@ describe "Users API", type: :request do
    @user = @student
    raw_api_call(:get, "/api/v1/users/#{@admin.id}/avatars",
                 :controller => "profile", :action => "profile_pics", :user_id => @admin.to_param, :format => 'json')
-    response.status.should == "401 Unauthorized"
+    assert_status(401)
  end

  shared_examples_for "page view api" do
@ -292,7 +292,7 @@ describe "Users API", type: :request do
    @user = @me
    raw_api_call(:get, "/api/v1/users/sis_user_id:other-sis/page_views",
                       { :controller => "page_views", :action => "index", :user_id => 'sis_user_id:other-sis', :format => 'json' })
-    response.status.should == "404 Not Found"
+    assert_status(404)
  end

  it "should allow id of 'self'" do
@ -431,7 +431,7 @@ describe "Users API", type: :request do
            :pseudonym => { :unique_id => "test@example.com" }
          }
        )
-        response.status.should eql "403 Forbidden"
+        assert_status(403)
      end

      it "should require an email pseudonym" do
@ -444,7 +444,7 @@ describe "Users API", type: :request do
            :pseudonym => { :unique_id => "invalid" }
          }
        )
-        response.status.should eql "400 Bad Request"
+        assert_status(400)
      end

      it "should require acceptance of the terms" do
@ -457,7 +457,7 @@ describe "Users API", type: :request do
            :pseudonym => { :unique_id => "test@example.com" }
          }
        )
-        response.status.should eql "400 Bad Request"
+        assert_status(400)
      end

      it "should let you create a user if you pass all the validations" do
@ -499,7 +499,7 @@ describe "Users API", type: :request do
          :pseudonym => { :password => "password123" }
        }
      )
-      response.status.should eql "400 Bad Request"
+      assert_status(400)
      errors = JSON.parse(response.body)['errors']
      errors['pseudonym'].should be_present
      errors['pseudonym']['unique_id'].should be_present
@ -525,7 +525,7 @@ describe "Users API", type: :request do
          }
        }
      )
-      response.status.should eql "200 OK"
+      response.should be_success
      users = User.find_all_by_name "Test User"
      users.size.should == 1
      users.first.pseudonyms.first.unique_id.should == "test"
@ -842,7 +842,7 @@ describe "Users API", type: :request do
        { controller: 'users', action: 'merge_into', format: 'json',
          id: @user2.to_param, destination_user_id: @user1.to_param}
      )
-      response.status.should == '401 Unauthorized'
+      assert_status(401)
    end
  end
 end
--- a/spec/controllers/assignments_controller_spec.rb
+++ b/spec/controllers/assignments_controller_spec.rb
@ -132,7 +132,7 @@ describe AssignmentsController do
      course_with_student_logged_in(:active_all => true)

      get 'show', :course_id => @course.id, :id => 5
-      response.status.should eql('404 Not Found')
+      assert_status(404)
    end

    it "should return unauthorized if not enrolled" do
--- a/spec/controllers/communication_channels_controller_spec.rb
+++ b/spec/controllers/communication_channels_controller_spec.rb
@ -147,7 +147,7 @@ describe CommunicationChannelsController do
        u2 = user_with_pseudonym(:username => 'asdf@qwerty.com', :active_user => true)

        post 'confirm', :nonce => cc1.confirmation_code, :register => 1, :pseudonym => {:password => 'asdfasdf', :password_confirmation => 'asdfasdf'}
-        response.status.should =~ /400 Bad Request/
+        assert_status(400)
        u1.reload
        u1.should_not be_registered
      end
@ -432,7 +432,7 @@ describe CommunicationChannelsController do
        @enrollment.should be_invited

        post 'confirm', :nonce => @cc.confirmation_code, :enrollment => @enrollment.uuid, :register => 1, :pseudonym => {:password => 'asdfasdf', :password_confirmation => 'asdfasdf'}
-        response.status.should =~ /400 Bad Request/
+        assert_status(400)
      end
    end

--- a/spec/controllers/context_controller_spec.rb
+++ b/spec/controllers/context_controller_spec.rb
@ -93,7 +93,7 @@ describe ContextController do

    it "should require a valid HMAC" do
      post 'object_snippet', :object_data => @data, :s => 'DENIED'
-      response.status.should == '400 Bad Request'
+      assert_status(400)
    end

    it "should render given a correct HMAC" do
--- a/spec/controllers/courses_controller_spec.rb
+++ b/spec/controllers/courses_controller_spec.rb
@ -114,7 +114,7 @@ describe CoursesController do
      @course.workflow_state = 'claimed'
      @course.save!
      get 'settings', :course_id => @course.id
-      response.status.should == '401 Unauthorized'
+      assert_status(401)
      assigns[:unauthorized_reason].should == :unpublished
      assigns[:unauthorized_message].should_not be_nil

@ -124,7 +124,7 @@ describe CoursesController do
      @enrollment.end_at = 4.days.from_now
      @enrollment.save!
      get 'settings', :course_id => @course.id
-      response.status.should == '401 Unauthorized'
+      assert_status(401)
      assigns[:unauthorized_reason].should == :unpublished
      assigns[:unauthorized_message].should_not be_nil
    end
@ -260,7 +260,7 @@ describe CoursesController do
      @course.workflow_state = 'claimed'
      @course.save!
      get 'show', :id => @course.id
-      response.status.should == '401 Unauthorized'
+      assert_status(401)
      assigns[:unauthorized_reason].should == :unpublished
      assigns[:unauthorized_message].should_not be_nil

@ -270,7 +270,7 @@ describe CoursesController do
      @enrollment.end_at = 4.days.from_now
      @enrollment.save!
      get 'show', :id => @course.id
-      response.status.should == '401 Unauthorized'
+      assert_status(401)
      assigns[:unauthorized_reason].should == :unpublished
      assigns[:unauthorized_message].should_not be_nil
    end
@ -310,7 +310,7 @@ describe CoursesController do
      @course.save!

      get 'show', :id => @course.id
-      response.status.should == '401 Unauthorized'
+      assert_status(401)
      assigns[:unauthorized_message].should_not be_nil

      a.settings[:restrict_student_future_view] = false
@ -437,7 +437,7 @@ describe CoursesController do
        @course.save!

        get 'show', :id => @course.id, :invitation => @enrollment.uuid
-        response.status.should == '401 Unauthorized'
+        assert_status(401)
        assigns[:unauthorized_message].should_not be_nil

        # unpublished course with invited student in account that disallows previews
@ -447,7 +447,7 @@ describe CoursesController do
        @course.save!

        get 'show', :id => @course.id, :invitation => @enrollment.uuid
-        response.status.should == '401 Unauthorized'
+        assert_status(401)
        assigns[:unauthorized_message].should_not be_nil
      end

@ -486,7 +486,7 @@ describe CoursesController do
      it "should ignore invitations that have been accepted (not logged in)" do
        course_with_student(:active_course => 1, :active_enrollment => 1)
        get 'show', :id => @course.id, :invitation => @enrollment.uuid
-        response.status.should == '401 Unauthorized'
+        assert_status(401)
      end

      it "should ignore invitations that have been accepted (logged in)" do
@ -583,7 +583,7 @@ describe CoursesController do
      user_session(@user)

      get 'show', :id => @course.id
-      response.status.should == '302 Found'
+      response.should be_redirect
      response.location.should match(%r{/courses/#{@course.id}/settings})
    end

@ -594,7 +594,7 @@ describe CoursesController do
      user_session(@user)

      xhr :get, 'show', :id => @course.id
-      response.status.should == '200 OK'
+      response.should be_success
    end

    it "should redirect to the xlisted course" do
@ -906,7 +906,7 @@ describe CoursesController do
      @enrollment.update_attribute(:self_enrolled, true)

      post 'self_unenrollment', :course_id => @course.id, :self_unenrollment => 'abc'
-      response.status.should =~ /400 Bad Request/
+      assert_status(400)
      @enrollment.reload
      @enrollment.should be_active
    end
@ -915,7 +915,7 @@ describe CoursesController do
      course_with_student_logged_in(:active_all => true)

      post 'self_unenrollment', :course_id => @course.id, :self_unenrollment => @enrollment.uuid
-      response.status.should =~ /400 Bad Request/
+      assert_status(400)
      @enrollment.reload
      @enrollment.should be_active
    end
@ -925,7 +925,7 @@ describe CoursesController do
    it 'should check for authorization' do
      course_with_student_logged_in :active_all => true
      get 'sis_publish_status', :course_id => @course.id
-      response.status.should =~ /401 Unauthorized/
+      assert_status(401)
    end

    it 'should not try and publish grades' do
@ -1089,7 +1089,7 @@ describe CoursesController do
      course_with_ta(:active_all => true)
      user_session(@user)
      post 'reset_content', :course_id => @course.id
-      response.status.to_i.should == 401
+      assert_status(401)
      @course.reload.should be_available
    end
  end
--- a/spec/controllers/crocodoc_sessions_controller_spec.rb
+++ b/spec/controllers/crocodoc_sessions_controller_spec.rb
@ -70,7 +70,7 @@ describe CrocodocSessionsController do

    it "should not create a session for others" do
      post :create, :attachment_id => @attachment.id
-      response.status.should == '401 Unauthorized'
+      assert_status(401)
    end
  end

--- a/spec/controllers/files_controller_spec.rb
+++ b/spec/controllers/files_controller_spec.rb
@ -701,20 +701,20 @@ describe FilesController do

    it "should reject a blank policy" do
      post "api_create", { :file => @content }
-      response.status.to_i.should == 400
+      assert_status(400)
    end

    it "should reject an expired policy" do
      params = @attachment.ajax_upload_params(@user.pseudonym, "", "", :expiration => -60)
      post "api_create", params[:upload_params].merge({ :file => @content })
-      response.status.to_i.should == 400
+      assert_status(400)
    end

    it "should reject a modified policy" do
      params = @attachment.ajax_upload_params(@user.pseudonym, "", "")
      params[:upload_params]['Policy'] << 'a'
      post "api_create", params[:upload_params].merge({ :file => @content })
-      response.status.to_i.should == 400
+      assert_status(400)
    end

    it "should reject a good policy if the attachment data is already uploaded" do
@ -722,7 +722,7 @@ describe FilesController do
      @attachment.uploaded_data = @content
      @attachment.save!
      post "api_create", params[:upload_params].merge(:file => @content)
-      response.status.to_i.should == 400
+      assert_status(400)
    end
  end

--- a/spec/controllers/gradebooks_controller_spec.rb
+++ b/spec/controllers/gradebooks_controller_spec.rb
@ -454,7 +454,7 @@ describe GradebooksController do

      it 'should not render gb1 json' do
        get 'show', :course_id => @course.id, :format => :json
-        response.status.to_i.should == 404
+        assert_status(404)
      end

      it 'should not prevent you from getting gradebook.csv' do
--- a/spec/controllers/pseudonym_sessions_controller_spec.rb
+++ b/spec/controllers/pseudonym_sessions_controller_spec.rb
@ -57,21 +57,21 @@ describe PseudonymSessionsController do

  it "should re-render if no user" do
    post 'create'
-    response.status.should == '400 Bad Request'
+    assert_status(400)
    response.should render_template('new')
  end

  it "should re-render if incorrect password" do
    user_with_pseudonym(:username => 'jt@instructure.com', :active_all => 1, :password => 'qwerty')
    post 'create', :pseudonym_session => { :unique_id => 'jt@instructure.com', :password => 'dvorak'}
-    response.status.should == '400 Bad Request'
+    assert_status(400)
    response.should render_template('new')
  end

  it "should re-render if no password given" do
    user_with_pseudonym(:username => 'jt@instructure.com', :active_all => 1, :password => 'qwerty')
    post 'create', :pseudonym_session => { :unique_id => 'jt@instructure.com', :password => ''}
-    response.status.should == '400 Bad Request'
+    assert_status(400)
    response.should render_template('new')
    flash[:error].should match(/no password/i)
  end
@ -117,7 +117,7 @@ describe PseudonymSessionsController do
      aac = Account.default.account_authorization_configs.create!(:auth_type => 'ldap', :identifier_format => 'uid')
      aac.any_instantiation.expects(:ldap_bind_result).once.with('username', 'password').returns(nil)
      post 'create', :pseudonym_session => { :unique_id => 'username', :password => 'password'}
-      response.status.should == '400 Bad Request'
+      assert_status(400)
      response.should render_template('new')
    end

@ -1066,13 +1066,13 @@ describe PseudonymSessionsController do

    it 'renders a 400 when there is no client_id' do
      get :oauth2_auth
-      response.status.should == '400 Bad Request'
+      assert_status(400)
      response.body.should =~ /invalid client_id/
    end

    it 'renders 400 on a bad redirect_uri' do
      get :oauth2_auth, :client_id => key.id
-      response.status.should == '400 Bad Request'
+      assert_status(400)
      response.body.should =~ /invalid redirect_uri/
    end

@ -1102,20 +1102,20 @@ describe PseudonymSessionsController do

    it 'renders a 400 if theres no client_id' do
      get :oauth2_token
-      response.status.should == '400 Bad Request'
+      assert_status(400)
      response.body.should =~ /invalid client_id/
    end

    it 'renders a 400 if the secret is invalid' do
      get :oauth2_token, :client_id => key.id, :client_secret => key.api_key + "123"
-      response.status.should == '400 Bad Request'
+      assert_status(400)
      response.body.should =~ /invalid client_secret/
    end

    it 'renders a 400 if the provided code does not match a token' do
      Canvas.stubs(:redis => redis)
      get :oauth2_token, :client_id => key.id, :client_secret => key.api_key, :code => "NotALegitCode"
-      response.status.should == '400 Bad Request'
+      assert_status(400)
      response.body.should =~ /invalid code/
    end

--- a/spec/controllers/pseudonyms_controller_spec.rb
+++ b/spec/controllers/pseudonyms_controller_spec.rb
@ -64,7 +64,7 @@ describe PseudonymsController do
      pword = @pseudonym.crypted_password
      code = @cc.confirmation_code
      post 'change_password', :pseudonym_id => @pseudonym.id, :nonce => @cc.confirmation_code + 'a', :pseudonym => {:password => '12341234', :password_confirmation => '12341234'}
-      response.status.should =~ /400 Bad Request/
+      assert_status(400)
      assigns[:pseudonym].should eql(@pseudonym)
      assigns[:pseudonym].crypted_password.should eql(pword)
      assigns[:pseudonym].user.should_not be_registered
--- a/spec/controllers/quiz_submissions_controller_spec.rb
+++ b/spec/controllers/quiz_submissions_controller_spec.rb
@ -104,7 +104,7 @@ describe QuizSubmissionsController do
      QuizSubmission.where(:id => @qs).update_all(:updated_at => 1.hour.ago)

      put 'backup', :quiz_id => @quiz.id, :course_id => @course.id, :a => 'test', :validation_token => @qs.validation_token
-      response.status.to_i.should == 401
+      assert_status(401)

      @qs.reload.submission_data[:a].should be_nil
    end
@ -145,7 +145,7 @@ describe QuizSubmissionsController do

    it "should require authentication" do
      post 'record_answer', :quiz_id => @quiz.id, :course_id => @course.id, :id => @qsub.id, :a => 'test'
-      response.status.to_i.should == 401
+      assert_status(401)

      @qsub.reload.submission_data[:a].should be_nil
    end
@ -154,7 +154,7 @@ describe QuizSubmissionsController do
      user_session(@student)

      post 'record_answer', :quiz_id => @quiz.id, :course_id => @course.id, :id => @qsub.id, :a => 'test'
-      response.status.to_i.should == 401
+      assert_status(401)

      @qsub.reload.submission_data[:a].should be_nil
    end
--- a/spec/controllers/users_controller_spec.rb
+++ b/spec/controllers/users_controller_spec.rb
@ -88,7 +88,7 @@ describe UsersController do
      course_with_teacher_logged_in
      student_in_course :course => @course
      get 'delete', :user_id => @student.id
-      response.status.should =~ /401 Unauthorized/
+      assert_status(401)
    end

    it "should succeed when the current user has the :manage permission and is not deleting any system-generated pseudonyms" do
@ -131,7 +131,7 @@ describe UsersController do
      student_in_course :course => @course
      PseudonymSession.find(1).stubs(:destroy).returns(nil)
      post 'destroy', :id => @student.id
-      response.status.should =~ /401 Unauthorized/
+      assert_status(401)
      @student.reload.workflow_state.should_not == 'deleted'
    end

@ -203,7 +203,7 @@ describe UsersController do

        it "should not allow teachers to self register" do
          post 'create', :pseudonym => { :unique_id => 'jane@example.com' }, :user => { :name => 'Jane Teacher', :terms_of_use => '1', :initial_enrollment_type => 'teacher' }, :format => 'json'
-          response.status.should match /403 Forbidden/
+          assert_status(403)
        end

        it "should not allow students to self register" do
@ -211,7 +211,7 @@ describe UsersController do
          @course.update_attribute(:self_enrollment, true)

          post 'create', :pseudonym => { :unique_id => 'jane@example.com', :password => 'lolwut', :password_confirmation => 'lolwut' }, :user => { :name => 'Jane Student', :terms_of_use => '1', :self_enrollment_code => @course.self_enrollment_code, :initial_enrollment_type => 'student' }, :pseudonym_type => 'username', :self_enrollment => '1', :format => 'json'
-          response.status.should match /403 Forbidden/
+          assert_status(403)
        end

        it "should allow observers to self register" do
@ -245,7 +245,7 @@ describe UsersController do
        u = User.create! { |u| u.workflow_state = 'registered' }
        p = u.pseudonyms.create!(:unique_id => 'jacob@instructure.com')
        post 'create', :pseudonym => { :unique_id => 'jacob@instructure.com' }, :user => { :name => 'Jacob Fugal', :terms_of_use => '1' }
-        response.status.should =~ /400 Bad Request/
+        assert_status(400)
        json = JSON.parse(response.body)
        json["errors"]["pseudonym"]["unique_id"].should be_present
        Pseudonym.find_all_by_unique_id('jacob@instructure.com').should == [p]
@ -291,7 +291,7 @@ describe UsersController do

      it "should validate acceptance of the terms" do
        post 'create', :pseudonym => { :unique_id => 'jacob@instructure.com' }, :user => { :name => 'Jacob Fugal' }
-        response.status.should =~ /400 Bad Request/
+        assert_status(400)
        json = JSON.parse(response.body)
        json["errors"]["user"]["terms_of_use"].should be_present
      end
@ -304,21 +304,21 @@ describe UsersController do

      it "should require email pseudonyms by default" do
        post 'create', :pseudonym => { :unique_id => 'jacob' }, :user => { :name => 'Jacob Fugal', :terms_of_use => '1' }
-        response.status.should =~ /400 Bad Request/
+        assert_status(400)
        json = JSON.parse(response.body)
        json["errors"]["pseudonym"]["unique_id"].should be_present
      end

      it "should require email pseudonyms if not self enrolling" do
        post 'create', :pseudonym => { :unique_id => 'jacob' }, :user => { :name => 'Jacob Fugal', :terms_of_use => '1' }, :pseudonym_type => 'username'
-        response.status.should =~ /400 Bad Request/
+        assert_status(400)
        json = JSON.parse(response.body)
        json["errors"]["pseudonym"]["unique_id"].should be_present
      end

      it "should validate the self enrollment code" do
        post 'create', :pseudonym => { :unique_id => 'jacob@instructure.com', :password => 'asdfasdf', :password_confirmation => 'asdfasdf' }, :user => { :name => 'Jacob Fugal', :terms_of_use => '1', :self_enrollment_code => 'omg ... not valid', :initial_enrollment_type => 'student' }, :self_enrollment => '1'
-        response.status.should =~ /400 Bad Request/
+        assert_status(400)
        json = JSON.parse(response.body)
        json["errors"]["user"]["self_enrollment_code"].should be_present
      end
@ -347,7 +347,7 @@ describe UsersController do
        @course.update_attribute(:self_enrollment, true)

        post 'create', :pseudonym => { :unique_id => 'jacob' }, :user => { :name => 'Jacob Fugal', :terms_of_use => '1', :self_enrollment_code => @course.self_enrollment_code, :initial_enrollment_type => 'student' }, :pseudonym_type => 'username', :self_enrollment => '1'
-        response.status.should =~ /400 Bad Request/
+        assert_status(400)
        json = JSON.parse(response.body)
        json["errors"]["pseudonym"]["password"].should be_present
        json["errors"]["pseudonym"]["password_confirmation"].should be_present
@ -369,7 +369,7 @@ describe UsersController do
        user_with_pseudonym(:active_all => true, :password => 'lolwut')

        post 'create', :pseudonym => { :unique_id => 'jacob@instructure.com' }, :observee => { :unique_id => @pseudonym.unique_id, :password => 'not it' }, :user => { :name => 'Jacob Fugal', :terms_of_use => '1', :initial_enrollment_type => 'observer' }
-        response.status.should =~ /400 Bad Request/
+        assert_status(400)
        json = JSON.parse(response.body)
        json["errors"]["observee"]["unique_id"].should be_present
      end
--- a/spec/integration/application_spec.rb
+++ b/spec/integration/application_spec.rb
@ -32,7 +32,7 @@ describe "site-wide" do
    expect {
      get "/dashbo"
    }.to change(ErrorReport, :count).by +1
-    response.status.should == "404 Not Found"
+    assert_status(404)
    ErrorReport.last.category.should == "404"
  end

--- a/spec/integration/pseudonym_sessions_controller_spec.rb
+++ b/spec/integration/pseudonym_sessions_controller_spec.rb
@ -141,7 +141,7 @@ describe PseudonymSessionsController do
 <samlp:SessionIndex>ST-abcd</samlp:SessionIndex>
 </samlp:LogoutRequest>
        SAML
-        back_channel.response.status.should == '404 Not Found'
+        back_channel.response.status.to_i.should == 404

        # this should refresh it
        get dashboard_url
@ -150,10 +150,10 @@ describe PseudonymSessionsController do

        # unrelated logout should have no effect
        back_channel.post cas_logout_url :garbage => 1
-        back_channel.response.status.should == '404 Not Found'
+        back_channel.response.status.to_i.should == 404

        back_channel.post cas_logout_url :logoutRequest => "garbage"
-        back_channel.response.status.should == '404 Not Found'
+        back_channel.response.status.to_i.should == 404

        back_channel.post cas_logout_url :logoutRequest => <<-SAML
 <samlp:LogoutRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="1371236167rDkbdl8FGzbqwBhICvi" Version="2.0" IssueInstant="Fri, 14 Jun 2013 12:56:07 -0600">
@ -161,7 +161,7 @@ describe PseudonymSessionsController do
 <samlp:SessionIndex>ST-abc</samlp:SessionIndex>
 </samlp:LogoutRequest>
        SAML
-        back_channel.response.status.should == '404 Not Found'
+        back_channel.response.status.to_i.should == 404

        # still logged in
        get dashboard_url
--- a/spec/integration/security_spec.rb
+++ b/spec/integration/security_spec.rb
@ -658,7 +658,7 @@ describe "security" do
        response.body.should_not match /Permissions/

        get "/accounts/#{Account.site_admin.id}/role_overrides"
-        response.status.should == "401 Unauthorized"
+        assert_status(401)

        add_permission :manage_role_overrides

@ -676,7 +676,7 @@ describe "security" do
        add_permission :view_statistics

        get "/accounts/#{Account.default.id}/users"
-        response.status.should == "401 Unauthorized"
+        assert_status(401)

        get "/accounts/#{Account.default.id}/settings"
        response.should be_success
@ -733,7 +733,7 @@ describe "security" do

      it "view_statistics" do
        get "/accounts/#{Account.default.id}/statistics"
-        response.status.should == "401 Unauthorized"
+        assert_status(401)

        get "/accounts/#{Account.default.id}/settings"
        response.should be_success
@ -757,23 +757,23 @@ describe "security" do
        @user_note = UserNote.create!(:creator => @teacher, :user => @student)

        get "/accounts/#{Account.default.id}/user_notes"
-        response.status.should == "401 Unauthorized"
+        assert_status(401)

        get "/accounts/#{Account.default.id}/settings"
        response.should be_success
        response.body.should_not match /Faculty Journal/

        get "/users/#{@student.id}/user_notes"
-        response.status.should == "401 Unauthorized"
+        assert_status(401)

        post "/users/#{@student.id}/user_notes"
-        response.status.should == "401 Unauthorized"
+        assert_status(401)

        get "/users/#{@student.id}/user_notes/#{@user_note.id}"
-        response.status.should == "401 Unauthorized"
+        assert_status(401)

        delete "/users/#{@student.id}/user_notes/#{@user_note.id}"
-        response.status.should == "401 Unauthorized"
+        assert_status(401)

        add_permission :manage_user_notes

@ -840,13 +840,13 @@ describe "security" do

      it 'read_roster' do
        get "/courses/#{@course.id}/users"
-        response.status.should == "401 Unauthorized"
+        assert_status(401)

        get "/courses/#{@course.id}/users/prior"
-        response.status.should == "401 Unauthorized"
+        assert_status(401)

        get "/courses/#{@course.id}/groups"
-        response.status.should == "401 Unauthorized"
+        assert_status(401)

        get "/courses/#{@course.id}/details"
        response.should be_success
@ -875,13 +875,13 @@ describe "security" do

      it "manage_students" do
        get "/courses/#{@course.id}/users"
-        response.status.should == "401 Unauthorized"
+        assert_status(401)

        get "/courses/#{@course.id}/users/prior"
-        response.status.should == "401 Unauthorized"
+        assert_status(401)

        get "/courses/#{@course.id}/groups"
-        response.status.should == "401 Unauthorized"
+        assert_status(401)

        get "/courses/#{@course.id}/details"
        response.should be_success
@ -898,7 +898,7 @@ describe "security" do
        response.should be_success

        get "/courses/#{@course.id}/groups"
-        response.status.should == "401 Unauthorized"
+        assert_status(401)

        get "/courses/#{@course.id}/details"
        response.should be_success
@ -916,10 +916,10 @@ describe "security" do

      it 'view_all_grades' do
        get "/courses/#{@course.id}/grades"
-        response.status.should == '401 Unauthorized'
+        assert_status(401)

        get "/courses/#{@course.id}/gradebook"
-        response.status.should == '401 Unauthorized'
+        assert_status(401)

        add_permission :view_all_grades

@ -940,10 +940,10 @@ describe "security" do
        response.should be_redirect

        get "/courses/#{@course.id}/assignments"
-        response.status.should == '401 Unauthorized'
+        assert_status(401)

        get "/courses/#{@course.id}/assignments/syllabus"
-        response.status.should == '401 Unauthorized'
+        assert_status(401)

        get "/courses/#{@course.id}/wiki"
        response.should be_redirect
@ -951,19 +951,19 @@ describe "security" do
        response.should be_redirect

        get "/courses/#{@course.id}/quizzes"
-        response.status.should == '401 Unauthorized'
+        assert_status(401)

        get "/courses/#{@course.id}/discussion_topics"
-        response.status.should == '401 Unauthorized'
+        assert_status(401)

        get "/courses/#{@course.id}/files"
-        response.status.should == '401 Unauthorized'
+        assert_status(401)

        get "/courses/#{@course.id}/copy"
-        response.status.should == '401 Unauthorized'
+        assert_status(401)

        get "/courses/#{@course.id}/content_exports"
-        response.status.should == '401 Unauthorized'
+        assert_status(401)

        get "/courses/#{@course.id}/details"
        response.should be_success
@ -1012,7 +1012,7 @@ describe "security" do
        response.should be_success

        get "/courses/#{@course.id}/copy"
-        response.status.should == '401 Unauthorized'
+        assert_status(401)

        get "/courses/#{@course.id}/content_exports"
        response.should be_success
@ -1035,10 +1035,10 @@ describe "security" do
        html.css('#course_enrollment_term_id').should be_empty

        delete "/courses/#{@course.id}"
-        response.status.should == '401 Unauthorized'
+        assert_status(401)

        delete "/courses/#{@course.id}", :event => 'delete'
-        response.status.should == '401 Unauthorized'
+        assert_status(401)

        add_permission :manage_courses

@ -1067,7 +1067,7 @@ describe "security" do
        response.body.should_not match /Import Content into this Course/

        get "/courses/#{@course.id}/content_migrations"
-        response.status.should == '401 Unauthorized'
+        assert_status(401)

        add_permission :manage_content

@ -1088,7 +1088,7 @@ describe "security" do
        response.body.should_not match "Access Report"

        get "/courses/#{@course.id}/users/#{@student.id}/usage"
-        response.status.should == '401 Unauthorized'
+        assert_status(401)

        add_permission :read_reports

@ -1109,13 +1109,13 @@ describe "security" do
        response.body.should_not match 'Add Section'

        post "/courses/#{@course.id}/sections"
-        response.status.should == '401 Unauthorized'
+        assert_status(401)

        get "/courses/#{@course.id}/sections/#{@course.default_section.id}"
        response.should be_success

        put "/courses/#{@course.id}/sections/#{@course.default_section.id}"
-        response.status.should == '401 Unauthorized'
+        assert_status(401)
      end

      it 'change_course_state' do
@ -1127,7 +1127,7 @@ describe "security" do
        response.body.should_not match 'End this Course'

        delete "/courses/#{@course.id}", :event => 'conclude'
-        response.status.should == '401 Unauthorized'
+        assert_status(401)
      end

      it 'view_statistics' do
@ -1143,7 +1143,7 @@ describe "security" do
        response.should be_success

        get "/users/#{@student.id}"
-        response.status.should == '401 Unauthorized'
+        assert_status(401)

        admin = account_admin_user :account => Account.site_admin
        user_session(admin)
--- a/spec/integration/user_content_spec.rb
+++ b/spec/integration/user_content_spec.rb
@ -33,7 +33,7 @@ describe "User Content" do
      response.body.should be_include(obj_data)

      post "http://canvas.example.com/object_snippet", :object_data => snippet, :s => sig
-      response.status.to_i.should == 400
+      assert_status(400)
      response.body.should be_blank
    end

--- a/spec/integration/users_controller_spec.rb
+++ b/spec/integration/users_controller_spec.rb
@ -150,7 +150,7 @@ describe UsersController do
      course(:account => account_model)
      student_in_course(:course => @course)
      get "/users/#{@student.id}"
-      response.status.should == "401 Unauthorized"
+      assert_status(401)
    end

    it "should show user to account users that have the view_statistics permission" do