diff --git a/packages/backend/test/e2e/endpoints.ts b/packages/backend/test/e2e/endpoints.ts
index b91d77c398..b52162a687 100644
--- a/packages/backend/test/e2e/endpoints.ts
+++ b/packages/backend/test/e2e/endpoints.ts
@@ -9,9 +9,9 @@ import * as assert from 'assert';
 // node-fetch only supports it's own Blob yet
 // https://github.com/node-fetch/node-fetch/pull/1664
 import { Blob } from 'node-fetch';
-import { MiUser } from '@/models/_.js';
 import { api, castAsError, initTestDb, post, signup, simpleGet, uploadFile } from '../utils.js';
 import type * as misskey from 'misskey-js';
+import { MiUser } from '@/models/_.js';
 
 describe('Endpoints', () => {
 	let alice: misskey.entities.SignupResponse;
@@ -572,19 +572,10 @@ describe('Endpoints', () => {
 
 	describe('drive', () => {
 		test('ドライブ情報を取得できる', async () => {
-			await uploadFile(alice, {
-				blob: new Blob([new Uint8Array(256)]),
-			});
-			await uploadFile(alice, {
-				blob: new Blob([new Uint8Array(512)]),
-			});
-			await uploadFile(alice, {
-				blob: new Blob([new Uint8Array(1024)]),
-			});
 			const res = await api('drive', {}, alice);
 			assert.strictEqual(res.status, 200);
 			assert.strictEqual(typeof res.body === 'object' && !Array.isArray(res.body), true);
-			expect(res.body).toHaveProperty('usage', 1792);
+			expect(res.body).toHaveProperty('usage', 0);
 		});
 	});
 
diff --git a/packages/backend/test/resources/hw.png b/packages/backend/test/resources/hw.png
new file mode 100644
index 0000000000..afe93faea6
Binary files /dev/null and b/packages/backend/test/resources/hw.png differ
diff --git a/packages/backend/test/unit/activitypub.ts b/packages/backend/test/unit/activitypub.ts
index 9df947982b..c6e09bdda2 100644
--- a/packages/backend/test/unit/activitypub.ts
+++ b/packages/backend/test/unit/activitypub.ts
@@ -6,9 +6,15 @@
 process.env.NODE_ENV = 'test';
 
 import * as assert from 'assert';
+import * as fs from 'node:fs';
+import { fileURLToPath } from 'node:url';
+import { dirname } from 'node:path';
 import { Test } from '@nestjs/testing';
 import { jest } from '@jest/globals';
 
+import { MockResolver } from '../misc/mock-resolver.js';
+import type { IActor, IApDocument, ICollection, IObject, IPost } from '@/core/activitypub/type.js';
+import type { MiRemoteUser } from '@/models/User.js';
 import { ApImageService } from '@/core/activitypub/models/ApImageService.js';
 import { ApNoteService } from '@/core/activitypub/models/ApNoteService.js';
 import { ApPersonService } from '@/core/activitypub/models/ApPersonService.js';
@@ -19,14 +25,14 @@ import { GlobalModule } from '@/GlobalModule.js';
 import { CoreModule } from '@/core/CoreModule.js';
 import { FederatedInstanceService } from '@/core/FederatedInstanceService.js';
 import { LoggerService } from '@/core/LoggerService.js';
-import type { IActor, IApDocument, ICollection, IObject, IPost } from '@/core/activitypub/type.js';
 import { MiMeta, MiNote, UserProfilesRepository } from '@/models/_.js';
 import { DI } from '@/di-symbols.js';
 import { secureRndstr } from '@/misc/secure-rndstr.js';
 import { DownloadService } from '@/core/DownloadService.js';
-import type { MiRemoteUser } from '@/models/User.js';
 import { genAidx } from '@/misc/id/aidx.js';
-import { MockResolver } from '../misc/mock-resolver.js';
+
+const _filename = fileURLToPath(import.meta.url);
+const _dirname = dirname(_filename);
 
 const host = 'https://host1.test';
 
@@ -120,7 +126,13 @@ describe('ActivityPub', () => {
 			imports: [GlobalModule, CoreModule],
 		})
 			.overrideProvider(DownloadService).useValue({
-				async downloadUrl(): Promise<{ filename: string }> {
+				async downloadUrl(url: string, path: string): Promise<{ filename: string }> {
+					if (url.endsWith('.png')) {
+						fs.copyFileSync(
+							_dirname + '/../resources/hw.png',
+							path,
+						);
+					}
 					return {
 						filename: 'dummy.tmp',
 					};
@@ -440,7 +452,7 @@ describe('ActivityPub', () => {
 		});
 	});
 
-	describe('JSON-LD', () =>{
+	describe('JSON-LD', () => {
 		test('Compaction', async () => {
 			const jsonLd = jsonLdService.use();
 
diff --git a/packages/backend/test/unit/server/api/drive/files/create.ts b/packages/backend/test/unit/server/api/drive/files/create.ts
index 723e399430..e86b818ca5 100644
--- a/packages/backend/test/unit/server/api/drive/files/create.ts
+++ b/packages/backend/test/unit/server/api/drive/files/create.ts
@@ -17,6 +17,8 @@ import { ServerModule } from '@/server/ServerModule.js';
 import { ServerService } from '@/server/ServerService.js';
 import { IdService } from '@/core/IdService.js';
 
+// TODO: uploadableFileTypes で許可されていないファイルが弾かれるかのテスト
+
 describe('/drive/files/create', () => {
 	let module: TestingModule;
 	let server: FastifyInstance;
@@ -25,6 +27,8 @@ describe('/drive/files/create', () => {
 
 	let root: MiUser;
 	let role_tinyAttachment: MiRole;
+	let role_imageOnly: MiRole;
+	let role_allowAllTypes: MiRole;
 
 	let folder: MiDriveFolder;
 
@@ -64,10 +68,34 @@ describe('/drive/files/create', () => {
 		});
 
 		roleService = module.get<RoleService>(RoleService);
-		role_tinyAttachment = await roleService.create({
+		role_imageOnly = await roleService.create({
 			name: 'test-role001',
 			description: 'Test role001 description',
 			target: 'manual',
+			policies: {
+				uploadableFileTypes: {
+					useDefault: false,
+					priority: 1,
+					value: ['image/png'],
+				},
+			},
+		});
+		role_allowAllTypes = await roleService.create({
+			name: 'test-role002',
+			description: 'Test role002 description',
+			target: 'manual',
+			policies: {
+				uploadableFileTypes: {
+					useDefault: false,
+					priority: 1,
+					value: ['*/*'],
+				},
+			},
+		});
+		role_tinyAttachment = await roleService.create({
+			name: 'test-role003',
+			description: 'Test role003 description',
+			target: 'manual',
 			policies: {
 				maxFileSizeMb: {
 					useDefault: false,
@@ -82,6 +110,10 @@ describe('/drive/files/create', () => {
 	beforeEach(async () => {
 		await roleService.unassign(root.id, role_tinyAttachment.id).catch(() => {
 		});
+		await roleService.unassign(root.id, role_imageOnly.id).catch(() => {
+		});
+		await roleService.unassign(root.id, role_allowAllTypes.id).catch(() => {
+		});
 	});
 
 	afterAll(async () => {
@@ -110,7 +142,9 @@ describe('/drive/files/create', () => {
 			.field('i', root.token ?? '');
 	}
 
-	test('200 ok', async () => {
+	test('200 ok (all types allowed)', async () => {
+		await roleService.assign(root.id, role_allowAllTypes.id);
+
 		const name = randomString();
 		const comment = randomString();
 		const result = await postFile({
@@ -127,7 +161,24 @@ describe('/drive/files/create', () => {
 		expect(result.body.folderId).toBe(folder.id);
 	});
 
-	test('200 ok(with role)', async () => {
+	test('400 when not allowed type', async () => {
+		await roleService.assign(root.id, role_imageOnly.id);
+
+		const name = randomString();
+		const comment = randomString();
+		const result = await postFile({
+			name: name,
+			comment: comment,
+			isSensitive: true,
+			force: true,
+			fileContent: Buffer.from('a'.repeat(10)),
+		});
+		expect(result.statusCode).toBe(400);
+		expect(result.body.error.code).toBe('UNALLOWED_FILE_TYPE');
+	});
+
+	test('200 ok (with size limited role)', async () => {
+		await roleService.assign(root.id, role_allowAllTypes.id);
 		await roleService.assign(root.id, role_tinyAttachment.id);
 
 		const name = randomString();
@@ -147,6 +198,7 @@ describe('/drive/files/create', () => {
 	});
 
 	test('413 too large', async () => {
+		await roleService.assign(root.id, role_allowAllTypes.id);
 		await roleService.assign(root.id, role_tinyAttachment.id);
 
 		const name = randomString();