restrict user api back to admin only

Author: chene0

backend/app/routes/user.py

@@ -44,8 +44,7 @@ async def create_user(
 async def get_users(
     admin: Optional[bool] = Query(False, description="If true, returns admin users only"),
     user_service: UserService = Depends(get_user_service),
-    # authorized: bool = has_roles([UserRole.ADMIN]),
-    authorized: bool = True,
+    authorized: bool = has_roles([UserRole.ADMIN]),
 ):
     try:
         if admin: