GET cases can be acessed by all users

[HeitorMatt]

GET /cases should only be acessible to admin role, since it show every single case in the DB. GET /user/cases should be used for the other roles.