diff --git a/src/main/kotlin/fr/dcproject/security/voter/CitizenVoter.kt b/src/main/kotlin/fr/dcproject/security/voter/CitizenVoter.kt
index fb38671..b27408f 100644
--- a/src/main/kotlin/fr/dcproject/security/voter/CitizenVoter.kt
+++ b/src/main/kotlin/fr/dcproject/security/voter/CitizenVoter.kt
@@ -17,7 +17,7 @@ class CitizenVoter : Voter {
 
     override fun supports(action: ActionI, call: ApplicationCall, subject: Any?): Boolean {
         return (action is Action)
-            .and(subject is List<*> || subject is CitizenBasicI?)
+            .and(subject is CitizenBasicI?)
     }
 
     override fun vote(action: ActionI, call: ApplicationCall, subject: Any?): Vote {
@@ -32,14 +32,6 @@ class CitizenVoter : Voter {
                 return if (subject.isDeleted()) Vote.DENIED
                 else Vote.GRANTED
             }
-            if (subject is List<*>) {
-                subject.forEach {
-                    if (it !is CitizenBasicI || it.isDeleted()) {
-                        return Vote.DENIED
-                    }
-                }
-                return Vote.GRANTED
-            }
             return Vote.DENIED
         }
 
diff --git a/src/test/kotlin/fr/dcproject/security/voter/CitizenVoterTest.kt b/src/test/kotlin/fr/dcproject/security/voter/CitizenVoterTest.kt
new file mode 100644
index 0000000..14e3cca
--- /dev/null
+++ b/src/test/kotlin/fr/dcproject/security/voter/CitizenVoterTest.kt
@@ -0,0 +1,123 @@
+package fr.dcproject.security.voter
+
+import fr.dcproject.entity.*
+import io.ktor.application.ApplicationCall
+import io.ktor.locations.KtorExperimentalLocationsAPI
+import io.mockk.every
+import io.mockk.mockk
+import io.mockk.mockkStatic
+import org.amshove.kluent.`should be`
+import org.joda.time.DateTime
+import org.junit.jupiter.api.Test
+import org.junit.jupiter.api.TestInstance
+
+@KtorExperimentalLocationsAPI
+@TestInstance(TestInstance.Lifecycle.PER_CLASS)
+internal class CitizenVoterTest {
+    private val tesla = CitizenBasic(
+        user = User(
+            username = "nicolas-tesla",
+            roles = listOf(UserI.Roles.ROLE_USER)
+        ),
+        birthday = DateTime.now(),
+        email = "tesla@best.com",
+        name = CitizenI.Name("Nicolas", "Tesla")
+    )
+    private val einstein = CitizenBasic(
+        user = User(
+            username = "albert-einstein",
+            roles = listOf(UserI.Roles.ROLE_USER)
+        ),
+        birthday = DateTime.now(),
+        email = "einstein@best.com",
+        name = CitizenI.Name("Albert", "Einstein")
+    )
+
+    private val curie = CitizenBasic(
+        user = User(
+            username = "marie-curie",
+            roles = listOf(UserI.Roles.ROLE_USER)
+        ),
+        birthday = DateTime.now(),
+        email = "curie@best.com",
+        name = CitizenI.Name("Marie", "Curie")
+    ).apply { deletedAt = DateTime.now() }
+
+    init {
+        mockkStatic("fr.dcproject.security.voter.VoterKt")
+    }
+
+    @Test
+    fun `support citizen`() = CitizenVoter().run {
+        val p = object : ActionI {}
+        mockk<ApplicationCall> {
+            every { user } returns tesla.user
+        }.let {
+            supports(CitizenVoter.Action.VIEW, it, einstein) `should be` true
+            supports(p, it, einstein) `should be` false
+        }
+    }
+
+    @Test
+    fun `can be view the citizen`() = listOf(CitizenVoter()).run {
+        mockk<ApplicationCall> {
+            every { user } returns tesla.user
+        }.let {
+            can(CitizenVoter.Action.VIEW, it, einstein) `should be` true
+        }
+    }
+
+    @Test
+    fun `can be view the citizen list`() = listOf(CitizenVoter()).run {
+        mockk<ApplicationCall> {
+            every { user } returns einstein.user
+        }.let {
+            can(CitizenVoter.Action.VIEW, it, listOf(einstein, tesla)) `should be` true
+        }
+    }
+
+    @Test
+    fun `can not view deleted citizen`() = listOf(CitizenVoter()).run {
+        mockk<ApplicationCall> {
+            every { user } returns tesla.user
+        }.let {
+            can(CitizenVoter.Action.VIEW, it, curie) `should be` false
+        }
+    }
+
+    @Test
+    fun `can be update itself`() = listOf(CitizenVoter()).run {
+        mockk<ApplicationCall> {
+            every { user } returns einstein.user
+        }.let {
+            can(CitizenVoter.Action.UPDATE, it, einstein) `should be` true
+        }
+    }
+
+    @Test
+    fun `can not be update other citizen`() = listOf(CitizenVoter()).run {
+        mockk<ApplicationCall> {
+            every { user } returns einstein.user
+        }.let {
+            can(CitizenVoter.Action.UPDATE, it, tesla) `should be` false
+        }
+    }
+
+    @Test
+    fun `can be change password of itself`() = listOf(CitizenVoter()).run {
+        mockk<ApplicationCall> {
+            every { user } returns einstein.user
+        }.let {
+            can(CitizenVoter.Action.CHANGE_PASSWORD, it, einstein) `should be` true
+        }
+    }
+
+    @Test
+    fun `can not be change password of other citizen`() = listOf(CitizenVoter()).run {
+        mockk<ApplicationCall> {
+            every { user } returns einstein.user
+        }.let {
+            can(CitizenVoter.Action.CHANGE_PASSWORD, it, tesla) `should be` false
+        }
+    }
+}
\ No newline at end of file