Require role for certain verbs, not for others

Hi. Apologies for many questions lately.

We can’t understand why SearchFormDefinitions is not available for a regular “non admin” user in SS UI.

  1. The DTO requires authenticated user.
    Logged in: Check
  2. The services requires the Admin role, but only for Post or Put. This is a GET.

[Route("/formdefinitions", Verbs = "GET")]
public class SearchFormDefinitions : QueryDb<FormDefinition> {
   // some properties

[RequiredRole(ApplyTo.Post | ApplyTo.Put, "Admin") ]
public class FormDefinitionServices : Service {
    public FormDefinitionsResponse Get(SearchFormDefinitions request)
       // implementation 

You’re adding multiple Authentications filters adding duplicate validation and unnecessary overhead, just stick to using either Validation Attributes on Request DTOs or Request Fitler attributes on Services classes.