Context("when reading tasks from BBS succeeds", func() {
			BeforeEach(func() {
				fakeBBS.DesiredLRPByProcessGuidReturns(&models.DesiredLRP{
					ProcessGuid: "process-guid-0",
					Domain:      "domain-1",
					Action: models.WrapAction(&models.RunAction{
						User: "******",
						Path: "the-path",
					}),
				}, nil)
			})

			It("calls DesiredLRPByProcessGuid on the BBS", func() {
				Expect(fakeBBS.DesiredLRPByProcessGuidCallCount()).To(Equal(1))
				actualProcessGuid := fakeBBS.DesiredLRPByProcessGuidArgsForCall(0)
				Expect(actualProcessGuid).To(Equal("process-guid-0"))
			})

			It("responds with 200 Status OK", func() {
				Expect(responseRecorder.Code).To(Equal(http.StatusOK))
			})

			It("returns a desired lrp response", func() {
				response := receptor.DesiredLRPResponse{}
				err := json.Unmarshal(responseRecorder.Body.Bytes(), &response)
				Expect(err).NotTo(HaveOccurred())
				Expect(response.ProcessGuid).To(Equal("process-guid-0"))
			})
		})
			remoteAddr, err := net.ResolveIPAddr("ip", "1.1.1.1")
			Expect(err).NotTo(HaveOccurred())
			metadata = &fake_ssh.FakeConnMetadata{}
			metadata.RemoteAddrReturns(remoteAddr)

			processGuid = "some-guid"
			index = 1
		})

		JustBeforeEach(func() {
			permissions, buildErr = permissionsBuilder.Build(processGuid, index, metadata)
		})

		It("gets information about the desired lrp referenced in the username", func() {
			Expect(bbsClient.DesiredLRPByProcessGuidCallCount()).To(Equal(1))
			Expect(bbsClient.DesiredLRPByProcessGuidArgsForCall(0)).To(Equal("some-guid"))
		})

		It("gets information about the the actual lrp from the username", func() {
			Expect(bbsClient.ActualLRPGroupByProcessGuidAndIndexCallCount()).To(Equal(1))

			guid, index := bbsClient.ActualLRPGroupByProcessGuidAndIndexArgsForCall(0)
			Expect(guid).To(Equal("some-guid"))
			Expect(index).To(Equal(1))
		})

		It("saves container information in the critical options of the permissions", func() {
			expectedConfig := `{
				"address": "1.2.3.4:3333",
				"host_fingerprint": "host-fingerprint",
				"private_key": "pem-encoded-key",