Fix broken access control in Kiosk Manager API endpoints

Add AdminRoleAuthMiddleware to the /kiosks API route group to restrict
access to admin users only. This fixes a broken access control
vulnerability where any authenticated user could:
- Allow kiosk registrations (/api/kiosks/allowRegistration)
- Accept kiosk devices (/api/kiosks/{id}/acceptKiosk)
- Reload kiosk devices (/api/kiosks/{id}/reloadKiosk)
- Identify kiosk devices (/api/kiosks/{id}/identifyKiosk)
- Set kiosk assignments (/api/kiosks/{id}/setAssignment)

These operations are now properly restricted to administrators only.

Author: DawoudIO

src/api/routes/kiosks.php

@@ -2,6 +2,7 @@
 
 use ChurchCRM\dto\SystemConfig;
 use ChurchCRM\model\ChurchCRM\KioskDeviceQuery;
+use ChurchCRM\Slim\Middleware\Request\Auth\AdminRoleAuthMiddleware;
 use ChurchCRM\Slim\SlimUtils;
 use ChurchCRM\Utils\LoggerUtils;
 use Propel\Runtime\ActiveQuery\Criteria;
@@ -79,4 +80,4 @@
 
         return SlimUtils::renderSuccessJSON($response);
     });
-});
+})->add(AdminRoleAuthMiddleware::class);