From 1fe7a001e506a953b510712d0ca4312647c2615c Mon Sep 17 00:00:00 2001
From: Gauthier Roebroeck <gauthier.roebroeck@gmail.com>
Date: Thu, 20 Feb 2025 12:03:08 +0800
Subject: [PATCH] fix(api): missing admin permission on global settings
 endpoint

---
 .../gotson/komga/interfaces/api/rest/ClientSettingsController.kt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/komga/src/main/kotlin/org/gotson/komga/interfaces/api/rest/ClientSettingsController.kt b/komga/src/main/kotlin/org/gotson/komga/interfaces/api/rest/ClientSettingsController.kt
index 5bf09b855..121fbc4f7 100644
--- a/komga/src/main/kotlin/org/gotson/komga/interfaces/api/rest/ClientSettingsController.kt
+++ b/komga/src/main/kotlin/org/gotson/komga/interfaces/api/rest/ClientSettingsController.kt
@@ -130,6 +130,7 @@ class ClientSettingsController(
 
   @DeleteMapping("global")
   @ResponseStatus(HttpStatus.NO_CONTENT)
+  @PreAuthorize("hasRole('ADMIN')")
   @Operation(summary = "Delete global settings", description = "Setting key should be a valid lowercase namespace string like 'application.domain.key'")
   @OASRequestBody(
     content = [