diff --git a/server/AyaNova/Controllers/DataListColumnViewController.cs b/server/AyaNova/Controllers/DataListColumnViewController.cs
index f537a349..05a66da9 100644
--- a/server/AyaNova/Controllers/DataListColumnViewController.cs
+++ b/server/AyaNova/Controllers/DataListColumnViewController.cs
@@ -51,8 +51,7 @@ namespace AyaNova.Api.Controllers
             if (!serverState.IsOpen)
                 return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
             DataListColumnViewBiz biz = DataListColumnViewBiz.GetBiz(ct, HttpContext);
-            if (!Authorized.HasReadFullRole(HttpContext.Items, biz.BizType))
-                return StatusCode(403, new ApiNotAuthorizedResponse());
+
             if (!ModelState.IsValid)
                 return BadRequest(new ApiErrorResponse(ModelState));
             var o = await biz.GetAsync(biz.UserId, listKey, true);
@@ -74,8 +73,7 @@ namespace AyaNova.Api.Controllers
             if (!serverState.IsOpen)
                 return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
             DataListColumnViewBiz biz = DataListColumnViewBiz.GetBiz(ct, HttpContext);
-            if (!Authorized.HasCreateRole(HttpContext.Items, biz.BizType))
-                return StatusCode(403, new ApiNotAuthorizedResponse());
+
             if (!ModelState.IsValid)
                 return BadRequest(new ApiErrorResponse(ModelState));
             DataListColumnView o = await biz.CreateAsync(newObject);