not working for users-permissions plugin routes #28
Description
Hello,
unfortunately the plugin does not seem to protect routes from the built-in users-permissions plugin. For instance if I try to protect "GET /api/users-permissions/roles" ("content-type": "plugin::users-permissions.role") and do not give any permissions, the fields are still visible via the REST api.
Strapi v5.18.0 / Node v22.15.0
Is there a way to fix this?
Best
Timo