diff --git a/spec/services/emails/create_service_spec.rb b/spec/services/emails/create_service_spec.rb
index c1f477f551eef8c95dbc66f588f4f00e384a32e6..7874da8866538c338f66b5f7b9d04e504dff9653 100644
--- a/spec/services/emails/create_service_spec.rb
+++ b/spec/services/emails/create_service_spec.rb
@@ -4,7 +4,7 @@ describe Emails::CreateService, services: true do
   let(:user) { create(:user) }
   let(:opts) { { email: 'new@email.com' } }
 
-  subject(:service) { described_class.new(user, opts) }
+  subject(:service) { described_class.new(user, user, opts) }
 
   describe '#execute' do
     it 'creates an email with valid attributes' do
@@ -17,5 +17,15 @@ describe Emails::CreateService, services: true do
 
       expect(user.emails).to eq(Email.where(opts))
     end
+
+    it 'does not create an email if the user has no permissions' do
+      expect { described_class.new(create(:user), user, opts).execute }.not_to change { Email.count }
+    end
+
+    it 'creates an email if we skip authorization' do
+      expect do
+        described_class.new(create(:user), user, opts).execute(skip_authorization: true)
+      end.to change { Email.count }.by(1)
+    end
   end
 end
diff --git a/spec/services/emails/destroy_service_spec.rb b/spec/services/emails/destroy_service_spec.rb
index 0778b3f50da6c534947e6f9536a201899cff0e93..186726951f9d0af074730e51207bbd259ae2d78d 100644
--- a/spec/services/emails/destroy_service_spec.rb
+++ b/spec/services/emails/destroy_service_spec.rb
@@ -4,11 +4,21 @@ describe Emails::DestroyService, services: true do
   let!(:user) { create(:user) }
   let!(:email) { create(:email, user: user) }
 
-  subject(:service) { described_class.new(user, opts) }
+  subject(:service) { described_class.new(user, user, email: email.email) }
 
   describe '#execute' do
-    it 'creates an email with valid attributes' do
+    it 'removes an email' do
       expect { service.execute }.to change { user.emails.count }.by(-1)
     end
+
+    it 'does not remove an email if the user has no permissions' do
+      expect { described_class.new(create(:user), user, opts).execute }.not_to change { Email.count }
+    end
+
+    it 'removes an email if we skip authorization' do
+      expect do
+        described_class.new(create(:user), user, opts).execute(skip_authorization: true)
+      end.to change { Email.count }.by(-1)
+    end
   end
 end