--- a/schema/manage_users_tests.sql	Fri Jul 20 18:32:40 2018 +0200
+++ b/schema/manage_users_tests.sql	Fri Jul 20 17:28:16 2018 +0200
@@ -2,30 +2,36 @@
 --
 -- pgTAP test script for user management functions
 --
-SELECT plan(5); -- Give number of tests that have to be run
+SELECT plan(6); -- Give number of tests that have to be run
 
 SET search_path TO public, gemma, gemma_waterway, gemma_fairway;
 
---
--- Run tests as system_admin
---
+SET SESSION AUTHORIZATION waterway_admin;
+
+SELECT throws_ok($$
+    SELECT sys_admin.create_user(
+        'waterway_user', 'test0', 'secret', 'AT', NULL, 'test0')
+    $$,
+    42501, NULL,
+    'Less privileged user cannot call function in schema sys_admin');
+
 SET SESSION AUTHORIZATION sys_admin;
 
 SELECT lives_ok($$
-    SELECT create_user(
+    SELECT sys_admin.create_user(
         'waterway_user', 'test1', 'secret', 'AT', NULL, 'test1')
     $$,
     'New waterway user can be added');
 
 SELECT throws_ok($$
-    SELECT create_user(
+    SELECT sys_admin.create_user(
         'invalid', 'test2', 'secret', 'AT', NULL, 'test2')
     $$,
     42704, NULL,
     'Valid role name has to be provided');
 
 SELECT throws_ok($$
-    SELECT create_user(
+    SELECT sys_admin.create_user(
         'waterway_user', NULL, 'secret', 'AT', NULL, 'test3')
     $$,
     23502, NULL,
@@ -33,14 +39,14 @@
 -- Though other arguments are mandatory, too, there are no explicit tests
 
 SELECT throws_ok($$
-    SELECT create_user(
+    SELECT sys_admin.create_user(
         'waterway_user', 'waterway_user', 'secret', 'AT', NULL, 'test4')
     $$,
     23505, NULL,
     'No duplicate user name is allowed');
 
 SELECT throws_ok($$
-    SELECT create_user(
+    SELECT sys_admin.create_user(
         'waterway_user', 'test2', 'secret', 'AT', NULL, 'xxx')
     $$,
     23505, NULL,