diff --git a/test/mv/authorization/role_test.exs b/test/mv/authorization/role_test.exs
index be297f2..b263455 100644
--- a/test/mv/authorization/role_test.exs
+++ b/test/mv/authorization/role_test.exs
@@ -43,12 +43,16 @@ defmodule Mv.Authorization.RoleTest do
 
   describe "system role deletion protection" do
     test "prevents deletion of system roles" do
-      {:ok, system_role} =
-        Authorization.create_role(%{
+      # is_system_role is not settable via public API, so we use Ash.Changeset directly
+      changeset =
+        Mv.Authorization.Role
+        |> Ash.Changeset.for_create(:create_role, %{
           name: "System Role",
-          permission_set_name: "own_data",
-          is_system_role: true
+          permission_set_name: "own_data"
         })
+        |> Ash.Changeset.force_change_attribute(:is_system_role, true)
+
+      {:ok, system_role} = Ash.create(changeset)
 
       assert {:error, %Ash.Error.Invalid{errors: errors}} =
                Authorization.destroy_role(system_role)
@@ -58,11 +62,11 @@ defmodule Mv.Authorization.RoleTest do
     end
 
     test "allows deletion of non-system roles" do
+      # is_system_role defaults to false, so regular create works
       {:ok, regular_role} =
         Authorization.create_role(%{
           name: "Regular Role",
-          permission_set_name: "read_only",
-          is_system_role: false
+          permission_set_name: "read_only"
         })
 
       assert :ok = Authorization.destroy_role(regular_role)
@@ -84,14 +88,6 @@ defmodule Mv.Authorization.RoleTest do
   end
 
   # Helper function for error evaluation
-  # When field is nil, returns first error message for errors without specific field
-  defp error_message(errors, nil) do
-    errors
-    |> Enum.reject(fn err -> Map.has_key?(err, :field) end)
-    |> Enum.map(&Map.get(&1, :message, ""))
-    |> List.first() || ""
-  end
-
   defp error_message(errors, field) when is_atom(field) do
     errors
     |> Enum.filter(fn err -> Map.get(err, :field) == field end)