Tell us about the problem you're trying to solve
The method is the same. Essentially there is just a permission list supplier that is different. We could inject that and then reuse the rest. I think this might be helpful since it would be easy to make a change to permissioning in one API and forget to do it in the other. It's the sort of logic we don't want to get wrong.

Jared Rhizor (@jrhizor) what do you think?
Tell us about the problem you're trying to solve
The method is the same. Essentially there is just a permission list supplier that is different. We could inject that and then reuse the rest. I think this might be helpful since it would be easy to make a change to permissioning in one API and forget to do it in the other. It's the sort of logic we don't want to get wrong.
Jared Rhizor (@jrhizor) what do you think?