Lovable VDP: Improper Authorization Leads to Editor can toggle admin-only workspace features (Lovable AI)

The API endpoint /workspaces//tool-preferences/aigateway/enable did not enforce proper authorization checks. As a result, an account with the Editor role was able to disable the workspace-wide admin-only Lovable AI feature, which powers key AI functionalities across the workspace...