diff --git a/src/documents/serialisers.py b/src/documents/serialisers.py
index e18ac52ac..79cef7a17 100644
--- a/src/documents/serialisers.py
+++ b/src/documents/serialisers.py
@@ -2523,6 +2523,7 @@ class TaskSerializerV9(serializers.ModelSerializer):
             "duplicate_documents",
             "owner",
         )
+        read_only_fields = fields
 
     def get_task_file_name(self, obj: PaperlessTask) -> str | None:
         if not obj.input_data:
diff --git a/src/documents/views.py b/src/documents/views.py
index a08ce1f5b..9d236ab0d 100644
--- a/src/documents/views.py
+++ b/src/documents/views.py
@@ -93,6 +93,7 @@ from rest_framework.mixins import DestroyModelMixin
 from rest_framework.mixins import ListModelMixin
 from rest_framework.mixins import RetrieveModelMixin
 from rest_framework.mixins import UpdateModelMixin
+from rest_framework.permissions import IsAdminUser
 from rest_framework.permissions import IsAuthenticated
 from rest_framework.request import Request
 from rest_framework.response import Response
@@ -3901,16 +3902,13 @@ class TasksViewSet(ReadOnlyModelViewSet[PaperlessTask]):
         serializer = self.get_serializer(queryset, many=True)
         return Response(serializer.data)
 
-    @action(methods=["post"], detail=False)
+    @action(methods=["post"], detail=False, permission_classes=[IsAdminUser])
     def run(self, request):
-        """Manually dispatch a background task. Superuser only."""
+        """Manually dispatch a background task. Superuser (admin) only."""
         serializer = RunTaskSerializer(data=request.data)
         serializer.is_valid(raise_exception=True)
         task_type = serializer.validated_data.get("task_type")
 
-        if not request.user.is_superuser:
-            return HttpResponseForbidden("Insufficient permissions")
-
         task_func_map = {
             PaperlessTask.TaskType.INDEX_OPTIMIZE: (index_optimize, {}),
             PaperlessTask.TaskType.TRAIN_CLASSIFIER: (train_classifier, {}),