From 75f2f3c6a172934226c039b1c3a5f4059ea1ed69 Mon Sep 17 00:00:00 2001 From: Josh Hawkins <32435876+hawkeye217@users.noreply.github.com> Date: Tue, 31 Mar 2026 13:06:17 -0500 Subject: [PATCH] restrict review summary endpoint to admin role --- frigate/api/review.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/frigate/api/review.py b/frigate/api/review.py index d2e8063d53..06480dd8ce 100644 --- a/frigate/api/review.py +++ b/frigate/api/review.py @@ -742,7 +742,7 @@ async def set_not_reviewed( @router.post( "/review/summarize/start/{start_ts}/end/{end_ts}", - dependencies=[Depends(allow_any_authenticated())], + dependencies=[Depends(require_role(["admin"]))], description="Use GenAI to summarize review items over a period of time.", ) def generate_review_summary(request: Request, start_ts: float, end_ts: float):