diff --git a/lib/User.php b/lib/User.php
index d0d1351..2b3daa4 100644
--- a/lib/User.php
+++ b/lib/User.php
@@ -274,7 +274,7 @@ class User {
 
     public function propertiesSet(string $user, array $properties): array {
         // remove from the array any values which should be set specially
-        foreach(['password', 'rights'] as $key) {
+        foreach(['id', 'domain', 'password', 'rights'] as $key) {
             if(array_key_exists($key, $properties)) unset($properties[$key]);
         }
         $func = "userPropertiesSet";
@@ -363,7 +363,7 @@ class User {
         // create the user
         $out = $this->data->db->userAdd($user, $password);
         // set the user rights
-        $this->data->db->userRightsSet($user, $level);
+        $this->data->db->userRightsSet($user, $rights);
         // set the user properties...
         if($properties===null) {
             // if nothing is provided but the driver uses an external function, try to get the current values from the external source
@@ -374,6 +374,7 @@ class User {
             // otherwise if values are provided, use those
             $this->data->db->userPropertiesSet($user, $properties);
         }
+        // re-enable authorization and return
         $this->authorizationEnabled($authz);
         return $out;
     }
diff --git a/tests/User/TestUser.php b/tests/User/TestUser.php
index b51e008..c976c79 100644
--- a/tests/User/TestUser.php
+++ b/tests/User/TestUser.php
@@ -87,8 +87,44 @@ class TestUser extends \PHPUnit\Framework\TestCase {
 	function testGetThePropertiesOfAUser() {
 		$this->data->user->add(self::USER1, "secret");
 		$p = $this->data->user->propertiesGet(self::USER1);
+		$this->assertArrayHasKey('id', $p);
 		$this->assertArrayHasKey('name', $p);
+		$this->assertArrayHasKey('domain', $p);
+		$this->assertArrayHasKey('rights', $p);
 		$this->assertArrayNotHasKey('password', $p);
 		$this->assertEquals(self::USER1, $p['name']);
 	}
+
+	function testSetThePropertiesOfAUser() {
+		$pSet = [
+			'name' => 'John Doe',
+			'id'   => 'invalid',
+			'domain' => 'localhost',
+			'rights' => User\Driver::RIGHTS_GLOBAL_ADMIN,
+			'password' => 'superman',
+		];
+		$pGet = [
+			'name' => 'John Doe',
+			'id'   => self::USER1,
+			'domain' => 'example.com',
+			'rights' => User\Driver::RIGHTS_NONE,
+		];
+		$this->data->user->add(self::USER1, "secret");
+		$this->data->user->propertiesSet(self::USER1, $pSet);
+		$p = $this->data->user->propertiesGet(self::USER1);
+		$this->assertArraySubset($pGet, $p);
+		$this->assertArrayNotHasKey('password', $p);
+		$this->assertFalse($this->data->user->auth(self::USER1, "superman"));
+	}
+
+	function testGetTheRightsOfAUser() {
+		$this->data->user->add(self::USER1, "secret");
+		$this->assertEquals(User\Driver::RIGHTS_NONE, $this->data->user->rightsGet(self::USER1));
+	}
+
+	function testSetTheRightsOfAUser() {
+		$this->data->user->add(self::USER1, "secret");
+		$this->data->user->rightsSet(self::USER1, User\Driver::RIGHTS_GLOBAL_ADMIN);
+		$this->assertEquals(User\Driver::RIGHTS_GLOBAL_ADMIN, $this->data->user->rightsGet(self::USER1));
+	}
 }