diff --git a/src/Controller/TypeaheadController.php b/src/Controller/TypeaheadController.php
index 39821f59..b84f3dc0 100644
--- a/src/Controller/TypeaheadController.php
+++ b/src/Controller/TypeaheadController.php
@@ -71,7 +71,10 @@ class TypeaheadController extends AbstractController
     #[Route(path: '/builtInResources/search', name: 'typeahead_builtInRessources')]
     public function builtInResources(Request $request, BuiltinAttachmentsFinder $finder): JsonResponse
     {
-        $query = $request->get('query');
+        //Ensure that the user can access Part-DB at all
+        $this->denyAccessUnlessGranted('HAS_ACCESS_PERMISSIONS');
+
+        $query = $request->query->getString('query');
         $array = $finder->find($query);
 
         $result = [];