diff --git a/back/models/specs/notificationSubscription.spec.js b/back/models/specs/notificationSubscription.spec.js
new file mode 100644
index 000000000..bcb1db9d8
--- /dev/null
+++ b/back/models/specs/notificationSubscription.spec.js
@@ -0,0 +1,22 @@
+const app = require('vn-loopback/server/server');
+
+describe('loopback model NotificationSubscription', () => {
+    it('Should fail to delete a notification if the user is not editing itself or a subordinate', async() => {
+        const user = 9;
+        const notificationSubscriptionId = 2;
+        const ctx = {req: {accessToken: {userId: user}}};
+        const models = app.models;
+        const notification = await models.NotificationSubscription.findById(notificationSubscriptionId);
+
+        let error;
+
+        try {
+            await models.NotificationSubscription.deleteNotification(ctx, notification.id);
+        } catch (e) {
+            error = e;
+        }
+
+        expect(error.message).toContain('You dont have permission to modify this user');
+    });
+});
+