diff --git a/seahub/role_permissions/settings.py b/seahub/role_permissions/settings.py
index 94219cae5f..9252fd7c64 100644
--- a/seahub/role_permissions/settings.py
+++ b/seahub/role_permissions/settings.py
@@ -3,7 +3,7 @@ import logging
 
 from django.conf import settings
 
-from seahub.constants import DEFAULT_USER
+from seahub.constants import DEFAULT_USER, GUEST_USER
 
 # Get an instance of a logger
 logger = logging.getLogger(__name__)
@@ -17,31 +17,43 @@ DEFAULT_ENABLED_ROLE_PERMISSIONS = {
         'can_generate_share_link': True,
         'can_generate_upload_link': True,
         'can_invite_guest': False,
-        # followings are not implemented yet
         'can_drag_drop_folder_to_sync': True,
         'can_connect_with_android_clients': True,
         'can_connect_with_ios_clients': True,
         'can_connect_with_desktop_clients': True,
         'can_export_files_via_mobile_client': True,
     },
+    GUEST_USER: {
+        'can_add_repo': False,
+        'can_add_group': False,
+        'can_view_org': False,
+        'can_use_global_address_book': False,
+        'can_generate_share_link': False,
+        'can_generate_upload_link': False,
+        'can_invite_guest': False,
+        'can_drag_drop_folder_to_sync': False,
+        'can_connect_with_android_clients': False,
+        'can_connect_with_ios_clients': False,
+        'can_connect_with_desktop_clients': False,
+        'can_export_files_via_mobile_client': False,
+    },
 }
 
 _default_role_perms = DEFAULT_ENABLED_ROLE_PERMISSIONS.copy()
-_default_role_perms.update(settings.ENABLED_ROLE_PERMISSIONS)  # merge outter dict
+
+try:
+    _default_role_perms.update(settings.ENABLED_ROLE_PERMISSIONS)  # merge outter dict
+except AttributeError:
+    pass  # ignore error if ENABLED_ROLE_PERMISSONS is not set in settings.py
 
 def get_enabled_role_permissions():
-    ret = {}
     for role, perms in _default_role_perms.iteritems():
-        default_perms = _default_role_perms['default'].copy()
-        default_perms.update(perms)      # merge inner dict
-        ret[role] = default_perms
-
         # check role permission syntax
-        for k in default_perms.keys():
+        for k in perms.keys():
             if k not in DEFAULT_ENABLED_ROLE_PERMISSIONS[DEFAULT_USER].keys():
-                print '"%s" is not valid permission, please review the ENABLED_ROLE_PERMISSIONS setting.' % k
                 logger.warn('"%s" is not valid permission, please review the ENABLED_ROLE_PERMISSIONS setting.' % k)
+                assert False, '"%s" is not valid permission, please review the ENABLED_ROLE_PERMISSIONS setting.' % k
 
-    return ret
+    return _default_role_perms
 
 ENABLED_ROLE_PERMISSIONS = get_enabled_role_permissions()
diff --git a/seahub/settings.py b/seahub/settings.py
index a8f98f033d..e37d3b6fb7 100644
--- a/seahub/settings.py
+++ b/seahub/settings.py
@@ -515,24 +515,8 @@ ENABLE_GLOBAL_ADDRESSBOOK = True
 ENABLE_FOLDER_PERM = False
 
 ####################
-# Role permissions #
+# Guest Invite     #
 ####################
-from seahub.constants import GUEST_USER
-ENABLED_ROLE_PERMISSIONS = {
-    GUEST_USER: {
-        'can_add_repo': False,
-        'can_add_group': False,
-        'can_view_org': False,
-        'can_use_global_address_book': False,
-        'can_generate_share_link': False,
-        'can_generate_upload_link': False,
-        'can_invite_guest': False,
-        'can_connect_with_android_clients': False,
-        'can_connect_with_ios_clients': False,
-        'can_connect_with_desktop_clients': False,
-    },
-}
-
 ENABLE_GUEST_INVITATION = False
 
 #####################
diff --git a/tests/seahub/role_permissions/test_utils.py b/tests/seahub/role_permissions/test_utils.py
new file mode 100644
index 0000000000..bc8553d5a7
--- /dev/null
+++ b/tests/seahub/role_permissions/test_utils.py
@@ -0,0 +1,14 @@
+from seahub.constants import GUEST_USER, DEFAULT_USER
+from seahub.role_permissions.utils import (
+    get_available_roles, get_enabled_role_permissions_by_role)
+from seahub.test_utils import BaseTestCase
+
+
+class UtilsTest(BaseTestCase):
+    def test_get_available_role(self):
+        assert len(get_available_roles()) == 2
+        assert GUEST_USER in get_available_roles()
+        assert DEFAULT_USER in get_available_roles()
+
+    def test_get_enabled_role_permissions_by_role(self):
+        assert len(get_enabled_role_permissions_by_role(DEFAULT_USER).keys()) == 12
diff --git a/tests/seahub/utils/test_user_permissions.py b/tests/seahub/utils/test_user_permissions.py
new file mode 100644
index 0000000000..4543d81b3b
--- /dev/null
+++ b/tests/seahub/utils/test_user_permissions.py
@@ -0,0 +1,20 @@
+from seahub.base.accounts import User
+from seahub.constants import DEFAULT_USER
+from seahub.test_utils import BaseTestCase
+from seahub.utils.user_permissions import get_user_role
+
+
+class UserPermissionsTest(BaseTestCase):
+    def setUp(self):
+        self.user = self.create_user()
+
+    def tearDown(self):
+        self.remove_user(self.user.email)
+
+    def test_get_user_role(self):
+        assert self.user.role is None
+        assert get_user_role(self.user) == DEFAULT_USER
+
+        User.objects.update_role(self.user.email, 'test_role')
+        u = User.objects.get(self.user.email)
+        assert get_user_role(u) == 'test_role'