[feat] admin 회원가입 기능 추가

Author: LeeMinwoo115

backend/src/main/java/com/back/api/auth/dto/request/SignupRequest.java

@@ -2,9 +2,12 @@
 
 import java.time.LocalDate;
 
+import com.back.domain.user.entity.UserRole;
+
 import io.swagger.v3.oas.annotations.media.Schema;
 import jakarta.validation.constraints.Email;
 import jakarta.validation.constraints.NotBlank;
+import jakarta.validation.constraints.NotNull;
 import jakarta.validation.constraints.Pattern;
 import jakarta.validation.constraints.Size;
 
@@ -35,6 +38,13 @@ public record SignupRequest(
 	@Size(min = 3, max = 10, message = "닉네임은 3~10 글자여야 합니다.")
 	String nickname,
 
+	@NotNull(message = "사용자 권한 설정은 필수입니다.")
+	@Schema(
+		description = "사용자 권한",
+		example = "NORMAL | ADMIN"
+	)
+	UserRole role,
+
 	@Schema(
 		description = "생년월일 중 연도",
 		example = "2002"
@@ -57,7 +67,13 @@ public record SignupRequest(
 	)
 	@NotBlank(message = "생년월일은 필수입니다.")
 	@Pattern(regexp = "\\d{1,2}", message = "일은 숫자여야합니다.")
-	String day
+	String day,
+
+	@Schema(
+		description = "사업자 등록 번호",
+		example = "000-00-00000"
+	)
+	String registrationNumber
 ) {
 	public LocalDate toBirthDate() {
 		return LocalDate.of(

backend/src/main/java/com/back/api/auth/service/AuthService.java

@@ -15,13 +15,14 @@
 import com.back.api.auth.dto.response.TokenResponse;
 import com.back.api.auth.dto.response.UserResponse;
 import com.back.api.auth.store.AuthStore;
+import com.back.api.store.service.StoreService;
 import com.back.domain.auth.entity.ActiveSession;
 import com.back.domain.auth.entity.RefreshToken;
 import com.back.domain.auth.repository.ActiveSessionRepository;
 import com.back.domain.auth.repository.RefreshTokenRepository;
+import com.back.domain.store.entity.Store;
 import com.back.domain.user.entity.User;
 import com.back.domain.user.entity.UserActiveStatus;
-import com.back.domain.user.entity.UserRole;
 import com.back.domain.user.repository.UserRepository;
 import com.back.global.error.code.AuthErrorCode;
 import com.back.global.error.exception.ErrorException;
@@ -44,6 +45,7 @@ public class AuthService {
 	private final ActiveSessionCache activeSessionCache;
 	private final ActiveSessionRepository activeSessionRepository;
 	private final AuthStore authStore;
+	private final StoreService storeService;
 
 	@Transactional
 	public AuthResponse signup(SignupRequest request) {
@@ -58,14 +60,25 @@ public AuthResponse signup(SignupRequest request) {
 		String encoded = passwordEncoder.encode(request.password());
 		LocalDate birthDate = request.toBirthDate();
 
+		Store store = null;
+
+		if (
+			request.registrationNumber() != null
+				&& !request.registrationNumber().isBlank()
+				&& !request.registrationNumber().isEmpty()
+		) {
+			store = storeService.getStoreByRegistrationNumber(request.registrationNumber());
+		}
+
 		User user = User.builder()
 			.email(request.email())
 			.password(encoded)
 			.fullName(request.fullName())
 			.nickname(request.nickname())
-			.role(UserRole.NORMAL)
+			.role(request.role())
 			.activeStatus(UserActiveStatus.ACTIVE)
 			.birthDate(birthDate)
+			.store(store)
 			.build();
 
 		User savedUser = userRepository.save(user);

backend/src/main/java/com/back/api/store/service/StoreService.java

@@ -22,4 +22,10 @@ public Store getStoreById(long storeId) {
 			() -> new ErrorException(StoreErrorCode.NOT_FOUND)
 		);
 	}
+
+	public Store getStoreByRegistrationNumber(String number) {
+		return storeRepository.findByRegistrationNumber(number).orElseThrow(
+			() -> new ErrorException(StoreErrorCode.NOT_FOUND)
+		);
+	}
 }

backend/src/main/java/com/back/api/user/controller/UserController.java

@@ -21,7 +21,7 @@
 @RequestMapping("/api/v1/users")
 @RequiredArgsConstructor
 @Validated
-@PreAuthorize("hasRole('NORMAL')")
+@PreAuthorize("hasAnyRole('NORMAL', 'ADMIN')")
 public class UserController implements UserApi {
 
 	private final UserService userService;

backend/src/main/java/com/back/domain/store/repository/StoreRepository.java

@@ -1,8 +1,11 @@
 package com.back.domain.store.repository;
 
+import java.util.Optional;
+
 import org.springframework.data.jpa.repository.JpaRepository;
 
 import com.back.domain.store.entity.Store;
 
 public interface StoreRepository extends JpaRepository<Store, Long> {
+	Optional<Store> findByRegistrationNumber(String number);
 }

backend/src/main/java/com/back/global/config/SecurityConfig.java

@@ -83,7 +83,6 @@ SecurityFilterChain filterChain(HttpSecurity http, RequestIdFilter requestIdFilt
 				.requestMatchers("/.well-known/**").permitAll()
 				.requestMatchers("/api/v1/auth/signup").permitAll()
 				.requestMatchers("/api/v1/auth/login").permitAll()
-				.requestMatchers("/api/v1/admin/auth/**").permitAll()
 				.requestMatchers("/api/v1/events/**").permitAll()
 				.requestMatchers("/ws/**").permitAll()  // WebSocket 핸드셰이크 허용
 				.requestMatchers("/api/v1/admin/**").hasRole("ADMIN")

backend/src/test/java/com/back/api/auth/controller/AuthControllerTest.java

@@ -87,15 +87,18 @@ class SignupTest {
 		@DisplayName("Success Sign up")
 		void signup_success() throws Exception {
 
-			String requestJson = mapper.writeValueAsString(Map.of(
-				"email", user.getEmail(),
-				"password", testUser.rawPassword(),
-				"fullName", user.getFullName(),
-				"nickname", user.getNickname(),
-				"year", "2002",
-				"month", "2",
-				"day", "11"
-			));
+			Map<String, Object> body = new java.util.HashMap<>();
+			body.put("email", user.getEmail());
+			body.put("password", testUser.rawPassword());
+			body.put("fullName", user.getFullName());
+			body.put("nickname", user.getNickname());
+			body.put("role", UserRole.NORMAL.name());
+			body.put("year", "2002");
+			body.put("month", "2");
+			body.put("day", "11");
+			body.put("registrationNumber", null);
+
+			String requestJson = mapper.writeValueAsString(body);
 
 			ResultActions actions = mvc
 				.perform(
@@ -123,7 +126,8 @@ void signup_failed_by_missing_params() throws Exception {
 
 			String requestJson = mapper.writeValueAsString(Map.of(
 				"email", user.getEmail(),
-				"password", user.getPassword(),
+				"password", testUser.rawPassword(),
+				"role", UserRole.NORMAL.name(),
 				"year", "2002",
 				"month", "2",
 				"day", "11"
@@ -152,6 +156,7 @@ void signup_failed_by_existing_email() throws Exception {
 				"email", existedUser.user().getEmail(),
 				"password", existedUser.rawPassword(),
 				"fullName", user.getFullName(),
+				"role", UserRole.NORMAL.name(),
 				"nickname", "A" + existedUser.user().getNickname(),
 				"year", "2002",
 				"month", "2",
@@ -185,6 +190,7 @@ void signup_failed_by_existing_nickname() throws Exception {
 				"password", existedUser.rawPassword(),
 				"fullName", user.getFullName(),
 				"nickname", existedUser.user().getNickname(),
+				"role", UserRole.NORMAL.name(),
 				"year", "2002",
 				"month", "2",
 				"day", "11"

backend/src/test/rest/auth.http

@@ -1,4 +1,29 @@
-### 회원가입
+### 상점 관리자 회원가입
+POST {{BASE_URL}}/api/v1/auth/signup
+Content-Type: application/json
+
+{
+  "email": "admin1234@test.com",
+  "password": "qwer1234",
+  "fullName": "Admin User",
+  "nickname": "Admin1234",
+  "role": "ADMIN",
+  "year": "2002",
+  "month": "2",
+  "day": "11",
+  "registrationNumber": "123-45-67890"
+}
+
+### 상점 관리자 로그인
+POST {{BASE_URL}}/api/v1/auth/login
+Content-Type: application/json
+
+{
+  "email": "admin1234@test.com",
+  "password": "qwer1234"
+}
+
+### 일반 사용자 회원가입
 POST {{BASE_URL}}/api/v1/auth/signup
 Content-Type: application/json
 
@@ -7,12 +32,14 @@ Content-Type: application/json
   "password": "qwer1234",
   "fullName": "Test User",
   "nickname": "테스트유저",
+  "role": "NORMAL",
   "year": "2002",
   "month": "2",
-  "day": "11"
+  "day": "11",
+  "registrationNumber": ""
 }
 
-### 로그인
+### 일반 사용자 로그인
 POST {{BASE_URL}}/api/v1/auth/login
 Content-Type: application/json