--- a/pkg/controllers/importconfig.go	Thu Jun 24 15:53:42 2021 +0200
+++ b/pkg/controllers/importconfig.go	Thu Jun 24 16:13:35 2021 +0200
@@ -253,6 +253,18 @@
 
 	kind := imports.JobKind(cfg.Kind)
 
+	session, _ := auth.GetSession(req)
+
+	// TODO: Find a more general way to prevent this.
+	if kind == imports.ReportJobKind && !session.Roles.Has("sys_admin") {
+		err = mw.JSONError{
+			Code: http.StatusUnauthorized,
+			Message: fmt.Sprintf(
+				"Not allowed to add config for kind %s", string(cfg.Kind)),
+		}
+		return
+	}
+
 	ctor := imports.ImportModelForJobKind(kind)
 	if ctor == nil {
 		err = mw.JSONError{
@@ -266,8 +278,6 @@
 		return
 	}
 
-	session, _ := auth.GetSession(req)
-
 	pc := imports.PersistentConfig{
 		User:       session.User,
 		Kind:       string(cfg.Kind),