Require full authentication for the system settings, as some of the settings are quite critical

jbtronics · jbtronics · commit 5b86d6f65296 · 2026-04-15T00:04:52.000+02:00
diff --git a/src/Controller/SettingsController.php b/src/Controller/SettingsController.php
@@ -44,6 +44,7 @@ public function __construct(private readonly SettingsManagerInterface $settingsM
     public function systemSettings(Request $request, TagAwareCacheInterface $cache): Response
     {
         $this->denyAccessUnlessGranted('@config.change_system_settings');
+        $this->denyAccessUnlessGranted('IS_AUTHENTICATED_FULLY');
 
         //Create a clone of the settings object
         $settings = $this->settingsManager->createTemporaryCopy(AppSettings::class);

Original file line number	Diff line number	Diff line change
`@@ -44,6 +44,7 @@ public function __construct(private readonly SettingsManagerInterface $settingsM`
`44`	`44`	`public function systemSettings(Request $request, TagAwareCacheInterface $cache): Response`
`45`	`45`	`{`
`46`	`46`	`$this->denyAccessUnlessGranted('@config.change_system_settings');`
	`47`	`+ $this->denyAccessUnlessGranted('IS_AUTHENTICATED_FULLY');`
`47`	`48`
`48`	`49`	`//Create a clone of the settings object`
`49`	`50`	`$settings = $this->settingsManager->createTemporaryCopy(AppSettings::class);`