diff --git a/Sources/App/Configuration/configure.swift b/Sources/App/Configuration/configure.swift
index e9e1d17..fccf88d 100644
--- a/Sources/App/Configuration/configure.swift
+++ b/Sources/App/Configuration/configure.swift
@@ -67,8 +67,7 @@ public func configure(
     else {
         throw MySQLError(
             identifier: "missingEnvVars",
-            reason: "One or more expected environment variables are missing: DATABASE_HOSTNAME, DATABASE_USER, DATABASE_DB",
-            source: .capture()
+            reason: "One or more expected environment variables are missing: DATABASE_HOSTNAME, DATABASE_USER, DATABASE_DB"
         )
     }
     let config = MySQLDatabaseConfig(
diff --git a/Sources/App/Controllers/AdminController.swift b/Sources/App/Controllers/AdminController.swift
index f41b50a..557fcff 100644
--- a/Sources/App/Controllers/AdminController.swift
+++ b/Sources/App/Controllers/AdminController.swift
@@ -14,14 +14,7 @@ final class AdminController: RouteCollection {
         // Create a route-group that only allows
         // admin users to access the endpoint.
         let admin = router.grouped(
-            RouteRestrictionMiddleware<UserStatus, Payload, User>(
-                restrictions: [
-                    RouteRestriction.init(.GET, at: "users", allowed: [.admin]),
-                    RouteRestriction.init(at: "users", User.parameter, allowed: [.admin]),
-                    RouteRestriction.init(.PATCH, at: "attributes", Attribute.parameter, allowed: [.admin])
-                ],
-                parameters: [User.routingSlug: User.resolveParameter, Attribute.routingSlug: Attribute.resolveParameter]
-            ),
+            PermissionsMiddleware<UserStatus, Payload>(allowed: [.admin]),
             JWTVerificationMiddleware()
         )
         
diff --git a/Sources/App/Controllers/AuthController.swift b/Sources/App/Controllers/AuthController.swift
index 00ec95f..502a6a1 100644
--- a/Sources/App/Controllers/AuthController.swift
+++ b/Sources/App/Controllers/AuthController.swift
@@ -11,20 +11,16 @@ import JWT
 /// A route controller that handles user authentication with JWT.
 final class AuthController: RouteCollection {
     func boot(router: Router) throws {
-        let restrictions = openRegistration ? [] : [RouteRestriction<UserStatus>(.POST, at: any, "users", "register", allowed: [.admin])]
         
-        let auth = router.grouped(any, "users").grouped(
-            RouteRestrictionMiddleware<UserStatus, Payload, User>(
-                restrictions: restrictions,
-                parameters: [User.routingSlug: User.resolveParameter]
-            )
-        )
+        let auth = router.grouped(any, "users")
+        let restricted = auth.grouped(PermissionsMiddleware<UserStatus, Payload>(allowed: [.admin]))
         let protected = auth.grouped(JWTAuthenticatableMiddleware<User>())
         
-        auth.post(User.self, at: "register", use: register)
         auth.post("newPassword", use: newPassword)
         auth.post("accessToken", use: refreshAccessToken)
         
+        restricted.post(User.self, at: "register", use: register)
+        
         protected.post("login", use: login)
         protected.get("status", use: status)