diff --git a/manifests/localauthority.pp b/manifests/localauthority.pp
index 8fcb883..a554034 100644
--- a/manifests/localauthority.pp
+++ b/manifests/localauthority.pp
@@ -24,6 +24,12 @@
   $result_active,
   $ensure = present
 ) {
+  validate_string($identity)
+  validate_string($action)
+  validate_string($result_any)
+  validate_string($result_inactive)
+  validate_string($result_active)
+  validate_re($ensure, ['^present$', '^absent'])
 
   File { owner => 'root', group => 'root' }
 
diff --git a/spec/defines/localauthority_spec.rb b/spec/defines/localauthority_spec.rb
new file mode 100644
index 0000000..e82f40b
--- /dev/null
+++ b/spec/defines/localauthority_spec.rb
@@ -0,0 +1,69 @@
+require 'spec_helper'
+
+describe 'policykit::localauthority', :type => :define do
+
+  describe 'simple case' do
+    let(:title) { 'foo' }
+    let :params do
+      { 
+        :identity        => 'bar',
+        :action          => 'baz',
+        :result_any      => 'no',
+        :result_inactive => 'no',
+        :result_active   => 'no',
+      }
+    end
+    
+    it do
+      should contain_file('/etc/polkit-1/localauthority/50-local.d/foo.pkla').
+        with({
+        :ensure => 'present',
+        :mode   => '0644',
+      })
+    end
+  end
+
+  describe 'title space to underscore conversion in file path' do
+    # example from https://wiki.archlinux.org/index.php/PolicyKit
+    let(:title) { 'Ban users jack and jill from using gparted' }
+    let :params do
+      { 
+        :identity        => 'unix-user:jack;unix-user:jill',
+        :action          => 'org.archlinux.pkexec.gparted',
+        :result_any      => 'no',
+        :result_inactive => 'no',
+        :result_active   => 'no',
+      }
+    end
+    
+    it do
+      should contain_file('/etc/polkit-1/localauthority/50-local.d/Ban_users_jack_and_jill_from_using_gparted.pkla').
+        with({
+        :ensure => 'present',
+        :mode   => '0644',
+      })
+    end
+  end
+
+  describe 'ensure => absent' do
+    let(:title) { 'foo' }
+    let :params do
+      { 
+        :identity        => 'bar',
+        :action          => 'baz',
+        :result_any      => 'no',
+        :result_inactive => 'no',
+        :result_active   => 'no',
+        :ensure          => 'absent',
+      }
+    end
+    
+    it do
+      should contain_file('/etc/polkit-1/localauthority/50-local.d/foo.pkla').
+        with({
+        :ensure => 'absent',
+      })
+    end
+  end
+
+end