diff --git a/test/vitest/__tests__/composables/useAcl.spec.js b/test/vitest/__tests__/composables/useAcl.spec.js
index d468720e5..a2b44b5e7 100644
--- a/test/vitest/__tests__/composables/useAcl.spec.js
+++ b/test/vitest/__tests__/composables/useAcl.spec.js
@@ -1,4 +1,4 @@
-import { vi, describe, expect, it, beforeAll, afterEach, beforeEach } from 'vitest';
+import { vi, describe, expect, it, beforeAll, afterAll } from 'vitest';
 import { axios, flushPromises } from 'app/test/vitest/helper';
 import { useAcl } from 'src/composables/useAcl';
 
@@ -12,7 +12,6 @@ describe('useAcl', () => {
             permission: 'ALLOW',
             principalType: 'ROLE',
             principalId: 'employee',
-            id: 3,
         },
         {
             model: 'Worker',
@@ -21,37 +20,69 @@ describe('useAcl', () => {
             permission: 'ALLOW',
             principalType: 'ROLE',
             principalId: 'employee',
-            id: 13,
+        },
+        {
+            model: 'Url',
+            property: 'getByUser',
+            accessType: 'READ',
+            permission: 'ALLOW',
+            principalType: 'ROLE',
+            principalId: '$everyone',
+        },
+        {
+            model: 'TpvTransaction',
+            property: 'start',
+            accessType: 'WRITE',
+            permission: 'ALLOW',
+            principalType: 'ROLE',
+            principalId: '$authenticated',
         },
     ];
-    const expectedAcls = {
-        Address: { '*': { '*': true } },
-        Worker: { holidays: { READ: true } },
-    };
-    beforeAll(() => {
+
+    beforeAll(async () => {
         vi.spyOn(axios, 'get').mockResolvedValue({ data: mockAcls });
-        vi.spyOn(acl.state, 'setAcls');
+        await acl.fetch();
     });
 
-    beforeEach(async () => await acl.fetch());
-
-    afterEach(async () => {
-        await flushPromises();
-        acl.state.setAcls([]);
-    });
-
-    describe('fetch', () => {
-        it('should call setUser and setRoles of the state with the expected data', async () => {
-            expect(acl.state.setAcls).toHaveBeenCalledWith(expectedAcls);
-        });
-    });
+    afterAll(async () => await flushPromises());
 
     describe('hasAny', () => {
-        it('should return true if a role matched', async () =>
-            expect(acl.hasAny('Address', '*', 'WRITE')).toBeTruthy());
+        it('should return false if no roles matched', async () => {
+            expect(acl.hasAny('Worker', 'updateAttributes', 'WRITE')).toBeFalsy();
+        });
 
         it('should return false if no roles matched', async () => {
-            expect(acl.hasAny('Worker', '*', 'WRITE')).toBeFalsy();
+            expect(acl.hasAny('Worker', 'holidays', 'READ')).toBeTruthy();
+        });
+
+        describe('*', () => {
+            it('should return true if an acl matched', async () => {
+                expect(acl.hasAny('Address', '*', 'WRITE')).toBeTruthy();
+            });
+
+            it('should return false if no acls matched', async () => {
+                expect(acl.hasAny('Worker', '*', 'READ')).toBeFalsy();
+            });
+        });
+
+        describe('$authenticated', () => {
+            it('should return false if no acls matched', async () => {
+                expect(acl.hasAny('Url', 'getByUser', '*')).toBeFalsy();
+            });
+
+            it('should return true if an acl matched', async () => {
+                expect(acl.hasAny('Url', 'getByUser', 'READ')).toBeTruthy();
+            });
+        });
+
+        describe('$everyone', () => {
+            it('should return false if no acls matched', async () => {
+                expect(acl.hasAny('TpvTransaction', 'start', 'READ')).toBeFalsy();
+            });
+
+            it('should return false if an acl matched', async () => {
+                expect(acl.hasAny('TpvTransaction', 'start', 'WRITE')).toBeTruthy();
+            });
         });
     });
 });