Add new permission
@csrf