diff --git a/src/test/java/org/alfresco/rest/api/tests/TestDownloads.java b/src/test/java/org/alfresco/rest/api/tests/TestDownloads.java
index d8f7fcc8c9..a114d1b01c 100644
--- a/src/test/java/org/alfresco/rest/api/tests/TestDownloads.java
+++ b/src/test/java/org/alfresco/rest/api/tests/TestDownloads.java
@@ -23,8 +23,8 @@
  * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
  * #L%
  */
-package org.alfresco.rest.api.tests;
-
+package org.alfresco.rest.api.tests;
+
 import static java.lang.String.format;
 import static java.util.Arrays.asList;
 import static javax.servlet.http.HttpServletResponse.SC_ACCEPTED;
@@ -61,6 +61,7 @@ import org.alfresco.rest.api.tests.util.RestApiUtil;
 import org.alfresco.rest.framework.core.exceptions.ApiException;
 import org.alfresco.service.cmr.download.DownloadStatus;
 import org.alfresco.service.cmr.site.SiteVisibility;
+import org.apache.commons.httpclient.HttpStatus;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.json.simple.JSONObject;
@@ -76,8 +77,8 @@ import org.junit.runners.MethodSorters;
  * @author cpopa
  *
  */
-@FixMethodOrder(MethodSorters.NAME_ASCENDING)
-public class TestDownloads extends AbstractBaseApiTest
+@FixMethodOrder(MethodSorters.NAME_ASCENDING)
+public class TestDownloads extends AbstractBaseApiTest
 {     
     private static Log logger = LogFactory.getLog(TestDownloads.class);
     
@@ -147,9 +148,9 @@ public class TestDownloads extends AbstractBaseApiTest
      * <p>POST:</p>
      * {@literal <host>:<port>/alfresco/api/-default-/private/alfresco/versions/1/downloads}
      *
-     */
-	@Test
-	public void test001CreateDownload() throws Exception
+     */
+	@Test
+	public void test001CreateDownload() throws Exception
 	{   
 	    //test creating a download with a single file
         Download download = createDownload(HttpServletResponse.SC_ACCEPTED, zippableDocId1);
@@ -194,7 +195,7 @@ public class TestDownloads extends AbstractBaseApiTest
         assertDoneDownload(download, 2, 26);
         
         //test creating an archive with two files, one of which user1 does not have permissions for
-        download = createDownload(HttpServletResponse.SC_FORBIDDEN, zippableDocId1, zippableDoc_user2);
+        download = createDownload(HttpServletResponse.SC_FORBIDDEN, zippableDocId1, zippableDoc_user2);
 	}   
 	
 	/**
@@ -368,8 +369,13 @@ public class TestDownloads extends AbstractBaseApiTest
         setRequestContext(user2);
         
         deleteNode(download.getId(), true, HttpServletResponse.SC_FORBIDDEN);
-        
+
+        setRequestContext(user1);
         assertDoneDownload(download, 1, 13);
+
+        // user2 should not be able to read information about downloads started by other users
+        setRequestContext(user2);
+        getDownload(download.getId(), HttpServletResponse.SC_FORBIDDEN);
     }
     
     protected ZipInputStream getZipStreamFromResponse(HttpResponse response)
@@ -569,5 +575,5 @@ public class TestDownloads extends AbstractBaseApiTest
     
     private interface CancelAction{
         void run() throws Exception;
-    }
-}
+    }
+}