diff --git a/lib/spree/api/testing_support/helpers_decorator.rb b/lib/spree/api/testing_support/helpers_decorator.rb
new file mode 100644
index 0000000000..0ade798960
--- /dev/null
+++ b/lib/spree/api/testing_support/helpers_decorator.rb
@@ -0,0 +1,7 @@
+require 'spree/api/testing_support/helpers'
+
+Spree::Api::TestingSupport::Helpers.class_eval do
+  def current_api_user
+    @current_api_user ||= stub_model(Spree::LegacyUser, :email => "spree@example.com", :enterprises => [])
+  end
+end
diff --git a/lib/spree/api/testing_support/setup.rb b/lib/spree/api/testing_support/setup.rb
index a54e45a46b..d7ee226b8f 100644
--- a/lib/spree/api/testing_support/setup.rb
+++ b/lib/spree/api/testing_support/setup.rb
@@ -5,7 +5,7 @@ module Spree
         def sign_in_as_admin!
           let!(:current_api_user) do
             user = stub_model(Spree::LegacyUser)
-            user.should_receive(:has_spree_role?).any_number_of_times.with("admin").and_return(true)
+            user.stub(:has_spree_role?).with("admin").and_return(true)
 
             # Stub enterprises, needed for cancan ability checks
             user.stub(:enterprises) { [] }
diff --git a/spec/controllers/spree/api/variants_controller_spec.rb b/spec/controllers/spree/api/variants_controller_spec.rb
index 6177344b7c..66ddf93c57 100644
--- a/spec/controllers/spree/api/variants_controller_spec.rb
+++ b/spec/controllers/spree/api/variants_controller_spec.rb
@@ -16,6 +16,13 @@ module Spree
     end
 
     context "as a normal user" do
+      let!(:current_api_user) do
+        user = stub_model(Spree::LegacyUser)
+        user.stub(:has_spree_role?).with("admin").and_return(false)
+        user.stub(:enterprises) { [] }
+        user
+      end
+
       it "retrieves a list of variants with appropriate attributes" do
         spree_get :index, { :template => 'bulk_index', :format => :json }
         keys = json_response.first.keys.map{ |key| key.to_sym }
@@ -28,6 +35,16 @@ module Spree
         unit_attributes.all?{ |attr| keys.include? attr }.should == true
       end
 
+      it "is denied access when trying to delete a variant" do
+        product = create(:product)
+        variant = product.master
+
+        spree_delete :soft_delete, {variant_id: variant.to_param, product_id: product.to_param, format: :json}
+        assert_unauthorized!
+        lambda { variant.reload }.should_not raise_error
+        variant.deleted_at.should be_nil
+      end
+
       #it "sorts variants in ascending id order" do
       #  spree_get :index, { :template => 'bulk_index', :format => :json }
       #  ids = json_response.map{ |variant| variant['id'] }
@@ -45,7 +62,7 @@ module Spree
 
         spree_delete :soft_delete, {variant_id: variant.to_param, product_id: product.to_param, format: :json}
         response.status.should == 204
-        lambda { variant.reload }.should_not raise_error(ActiveRecord::RecordNotFound)
+        lambda { variant.reload }.should_not raise_error
         variant.deleted_at.should_not be_nil
       end
     end
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
index 121e827169..6cf9229252 100644
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -25,6 +25,7 @@ require 'spree/core/testing_support/controller_requests'
 require 'spree/core/testing_support/capybara_ext'
 require 'spree/api/testing_support/setup'
 require 'spree/api/testing_support/helpers'
+require 'spree/api/testing_support/helpers_decorator'
 
 require 'active_record/fixtures'
 fixtures_dir = File.expand_path('../../db/default', __FILE__)