diff --git a/xline/src/request_validation.rs b/xline/src/request_validation.rs
index 966712b07..825a3cfe2 100644
--- a/xline/src/request_validation.rs
+++ b/xline/src/request_validation.rs
@@ -292,7 +292,7 @@ impl From<ValidationError> for ExecuteError {
 #[cfg(test)]
 mod test {
     use super::*;
-    use crate::rpc::{Request, RequestOp};
+    use crate::rpc::{Request, RequestOp, UserAddOptions};
 
     #[test]
     fn txn_check() {
@@ -460,4 +460,60 @@ mod test {
             .to_string();
         assert_eq!(message, expected_err_message);
     }
+
+    #[test]
+    fn test_user_add_invalid() {
+        let user_add_request_with_empty_name = AuthUserAddRequest {
+            name: String::new(),
+            password: "pwd".to_owned(),
+            ..Default::default()
+        };
+        let expected_err_message = ValidationError::new("User name is empty").to_string();
+        let message = user_add_request_with_empty_name
+            .validation(())
+            .unwrap_err()
+            .to_string();
+        assert_eq!(message, expected_err_message);
+
+        let user_add_request_with_no_password = AuthUserAddRequest {
+            name: "user".to_owned(),
+            password: String::new(),
+            options: Some(UserAddOptions { no_password: false }),
+            ..Default::default()
+        };
+        let expected_err_message =
+            ValidationError::new("Password is required but not provided").to_string();
+        let message = user_add_request_with_no_password
+            .validation(())
+            .unwrap_err()
+            .to_string();
+        assert_eq!(message, expected_err_message);
+    }
+
+    #[test]
+    fn test_role_add_invalid() {
+        let role_add_request_with_empty_name = AuthRoleAddRequest {
+            name: String::new(),
+        };
+        let expected_err_message = ValidationError::new("Role name is empty").to_string();
+        let message = role_add_request_with_empty_name
+            .validation(())
+            .unwrap_err()
+            .to_string();
+        assert_eq!(message, expected_err_message);
+    }
+
+    #[test]
+    fn test_role_grant_perm_invalid() {
+        let role_grant_perm_without_perm = AuthRoleGrantPermissionRequest {
+            name: "role".to_owned(),
+            perm: None,
+        };
+        let expected_err_message = ValidationError::new("Permission not given").to_string();
+        let message = role_grant_perm_without_perm
+            .validation(())
+            .unwrap_err()
+            .to_string();
+        assert_eq!(message, expected_err_message);
+    }
 }