@Test(groups = "slow") public void testUserPermission() throws KillBillClientException { final String roleDefinition = "notEnoughToAddUserAndRoles"; final List<String> permissions = new ArrayList<String>(); for (Permission cur : Permission.values()) { if (!cur.getGroup().equals("user")) { permissions.add(cur.toString()); } } Response response = killBillClient.addRoleDefinition( new RoleDefinition(roleDefinition, permissions), createdBy, reason, comment); Assert.assertEquals(response.getStatusCode(), 201); final String username = "******"; final String password = "******"; response = killBillClient.addUserRoles( new UserRoles(username, password, ImmutableList.of(roleDefinition)), createdBy, reason, comment); Assert.assertEquals(response.getStatusCode(), 201); // Now 'login' as new user (along with roles to make an API call requiring permissions), and // check behavior logout(); login(username, password); boolean success = false; try { killBillClient.addRoleDefinition( new RoleDefinition("dsfdsfds", ImmutableList.of("*")), createdBy, reason, comment); success = true; } catch (final Exception e) { } finally { Assert.assertFalse(success); } success = false; try { killBillClient.addUserRoles( new UserRoles("sdsd", "sdsdsd", ImmutableList.of(roleDefinition)), createdBy, reason, comment); success = true; } catch (final Exception e) { } finally { Assert.assertFalse(success); } }