Only admins should be able to create new users (#895)

API/Controllers/AccountController.cs

@@ -13,6 +13,7 @@ using API.Interfaces.Services;
 using API.Services;
 using AutoMapper;
 using Kavita.Common;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.EntityFrameworkCore;
@@ -78,6 +79,7 @@ namespace API.Controllers
         /// </summary>
         /// <param name="registerDto"></param>
         /// <returns></returns>
+        [Authorize(Policy = "RequireAdminRole")]
         [HttpPost("register")]
         public async Task<ActionResult<UserDto>> Register(RegisterDto registerDto)
         {

UI/Web/src/app/admin/admin-routing.module.ts

@@ -4,7 +4,7 @@ import { AdminGuard } from '../_guards/admin.guard';
 import { DashboardComponent } from './dashboard/dashboard.component';
 
 const routes: Routes = [
-  {path: '**', component: DashboardComponent, pathMatch: 'full'},
+  {path: '**', component: DashboardComponent, pathMatch: 'full', canActivate: [AdminGuard]},
   {
     runGuardsAndResolvers: 'always',
     canActivate: [AdminGuard],