[add] 임시어드민 로그인 차단 (#141)

* [refact] 에러 이름 변경 #140

* [refact] 에러 이름 변경 #140

* [refact] url 변경 #140

* [add] 권한 확인 메서드 추가 #140

src/main/java/ceos/backend/domain/admin/helper/AdminHelper.java

@@ -1,5 +1,6 @@
 package ceos.backend.domain.admin.helper;
 
+import static ceos.backend.domain.admin.domain.AdminRole.ROLE_ANONYMOUS;
 
 import ceos.backend.domain.admin.domain.Admin;
 import ceos.backend.domain.admin.domain.AdminRole;
@@ -14,6 +15,7 @@
 import ceos.backend.global.common.dto.AwsSESPasswordMail;
 import ceos.backend.global.common.event.Event;
 import ceos.backend.global.config.user.AdminDetailsService;
+import ceos.backend.global.error.exception.ForbiddenAdmin;
 import lombok.RequiredArgsConstructor;
 import org.apache.commons.lang3.RandomStringUtils;
 import org.springframework.data.redis.core.RedisTemplate;
@@ -161,6 +163,12 @@ public Admin findAdmin(Long adminId) {
                         });
     }
 
+    public void checkRole(Admin admin) {
+        if (admin.getRole().equals(ROLE_ANONYMOUS)) {
+            throw ForbiddenAdmin.EXCEPTION;
+        }
+    }
+
     public void changeRole(Admin admin, AdminRole adminRole) {
         admin.updateRole(adminRole);
     }

src/main/java/ceos/backend/domain/admin/service/AdminService.java

@@ -56,6 +56,8 @@ public TokenResponse signIn(SignInRequest signInRequest) {
         final Admin admin = adminHelper.findForSignIn(signInRequest);
         final Authentication authentication = adminHelper.adminAuthorizationInput(admin);
 
+        adminHelper.checkRole(admin);
+
         // 토큰 발급
         final String accessToken = tokenProvider.createAccessToken(admin.getId(), authentication);
         final String refreshToken = tokenProvider.createRefreshToken(admin.getId(), authentication);

src/main/java/ceos/backend/global/config/WebSecurityConfig.java

@@ -50,7 +50,7 @@ public class WebSecurityConfig {
     };
 
     private final String[] AdminPatterns = {
-        "/admin/login",
+        "/admin/signin",
         "/admin/newpassword",
         "/admin/logout",
         "/applications/**",

src/main/java/ceos/backend/global/config/jwt/JwtAccessDeniedHandler.java

@@ -3,7 +3,7 @@
 
 import ceos.backend.global.error.BaseErrorCode;
 import ceos.backend.global.error.ErrorResponse;
-import ceos.backend.global.error.exception.ForbiddenAdminException;
+import ceos.backend.global.error.exception.ForbiddenAdmin;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
@@ -26,8 +26,7 @@ public void handle(
             HttpServletResponse response,
             AccessDeniedException accessDeniedException)
             throws IOException {
-        responseToClient(
-                response, getErrorResponse(ForbiddenAdminException.EXCEPTION.getErrorCode()));
+        responseToClient(response, getErrorResponse(ForbiddenAdmin.EXCEPTION.getErrorCode()));
     }
 
     private ErrorResponse getErrorResponse(BaseErrorCode errorCode) {

src/main/java/ceos/backend/global/error/exception/ForbiddenAdminException.java → src/main/java/ceos/backend/global/error/exception/ForbiddenAdmin.java

@@ -4,11 +4,11 @@
 import ceos.backend.global.error.BaseErrorException;
 import ceos.backend.global.error.GlobalErrorCode;
 
-public class ForbiddenAdminException extends BaseErrorException {
+public class ForbiddenAdmin extends BaseErrorException {
 
-    public static final BaseErrorException EXCEPTION = new ForbiddenAdminException();
+    public static final BaseErrorException EXCEPTION = new ForbiddenAdmin();
 
-    private ForbiddenAdminException() {
+    private ForbiddenAdmin() {
         super(GlobalErrorCode.FORBIDDEN_ADMIN);
     }
 }