We need to investigate the support for subscriptions with our current auth implementation, i.e. if we have a subscription with the @hasRole directive attached what happens?