public async Task <ActionResult> GetRolesWithAccess(string org, string app)
        {
            if (string.IsNullOrWhiteSpace(org))
            {
                return(BadRequest("Organisation must be defined in the path"));
            }

            if (string.IsNullOrWhiteSpace(app))
            {
                return(BadRequest("App must be defined in the path"));
            }

            XacmlPolicy policy = await _prp.GetPolicyAsync(org, app);

            if (policy == null)
            {
                return(NotFound($"No valid policy found for org '{org}' and app '{app}'"));
            }

            return(Ok(PolicyHelper.GetRolesWithAccess(policy)));
        }