service/src/main/kotlin/com/sangdol/roomescape/auth/web/support/resolver/UserContextResolver.kt

@@ -6,7 +6,7 @@ import com.sangdol.roomescape.auth.exception.AuthException
 import com.sangdol.roomescape.auth.infrastructure.jwt.JwtUtils
 import com.sangdol.roomescape.auth.web.support.User
 import com.sangdol.roomescape.auth.web.support.accessToken
-import com.sangdol.roomescape.common.types.CurrentUserContext
+import com.sangdol.roomescape.user.business.UserService
 import io.github.oshai.kotlinlogging.KLogger
 import io.github.oshai.kotlinlogging.KotlinLogging
 import jakarta.servlet.http.HttpServletRequest
@@ -22,6 +22,7 @@ private val log: KLogger = KotlinLogging.logger {}
 @Component
 class UserContextResolver(
     private val jwtUtils: JwtUtils,
+    private val userService: UserService,
 ) : HandlerMethodArgumentResolver {
 
     override fun supportsParameter(parameter: MethodParameter): Boolean {
@@ -42,7 +43,7 @@ class UserContextResolver(
                 MdcPrincipalIdUtil.set(it)
             }.toLong()
 
-            return CurrentUserContext(id = id)
+            return userService.findContextById(id)
         } catch (e: Exception) {
             log.info { "[UserContextResolver] 회원 조회 실패. message=${e.message}" }
             throw AuthException(AuthErrorCode.MEMBER_NOT_FOUND)

service/src/main/kotlin/com/sangdol/roomescape/common/types/CurrentUserContext.kt

@@ -1,5 +1,6 @@
 package com.sangdol.roomescape.common.types
 
 data class CurrentUserContext(
-    val id: Long
+    val id: Long,
+    val name: String,
 )

service/src/main/kotlin/com/sangdol/roomescape/user/business/UserService.kt

@@ -1,6 +1,7 @@
 package com.sangdol.roomescape.user.business
 
 import com.sangdol.common.persistence.IDGenerator
+import com.sangdol.roomescape.common.types.CurrentUserContext
 import com.sangdol.roomescape.user.dto.UserContactResponse
 import com.sangdol.roomescape.user.dto.UserCreateRequest
 import com.sangdol.roomescape.user.dto.UserCreateResponse
@@ -27,6 +28,17 @@ class UserService(
     private val userValidator: UserValidator,
     private val idGenerator: IDGenerator
 ) {
+    @Transactional(readOnly = true)
+    fun findContextById(id: Long): CurrentUserContext {
+        log.info { "[findContextById] 현재 로그인된 회원 조회 시작: id=${id}" }
+        val user: UserEntity = findOrThrow(id)
+
+        return CurrentUserContext(user.id, user.name)
+            .also {
+                log.info { "[findContextById] 현재 로그인된 회원 조회 완료: id=${id}" }
+            }
+    }
+
     @Transactional(readOnly = true)
     fun findCredentialsByAccount(email: String): UserLoginCredentials {
         log.info { "[findCredentialsByAccount] 회원 조회 시작: email=${email}" }

service/src/test/kotlin/com/sangdol/roomescape/payment/PaymentAPITest.kt

@@ -43,6 +43,16 @@ class PaymentAPITest(
                         expectedErrorCode = AuthErrorCode.MEMBER_NOT_FOUND
                     )
                 }
+
+                test("관리자") {
+                    runExceptionTest(
+                        token = testAuthUtil.defaultHqAdminLogin().second,
+                        method = HttpMethod.POST,
+                        endpoint = endpoint,
+                        requestBody = PaymentFixture.cancelRequest,
+                        expectedErrorCode = AuthErrorCode.MEMBER_NOT_FOUND
+                    )
+                }
             }
 
             test("정상 취소") {

service/src/test/kotlin/com/sangdol/roomescape/reservation/ReservationApiTest.kt

@@ -49,6 +49,15 @@ class ReservationApiTest(
                         expectedErrorCode = AuthErrorCode.MEMBER_NOT_FOUND
                     )
                 }
+
+                test("관리자") {
+                    runExceptionTest(
+                        token = testAuthUtil.defaultHqAdminLogin().second,
+                        method = HttpMethod.POST,
+                        endpoint = endpoint,
+                        expectedErrorCode = AuthErrorCode.MEMBER_NOT_FOUND
+                    )
+                }
             }
 
 
@@ -176,6 +185,15 @@ class ReservationApiTest(
                         expectedErrorCode = AuthErrorCode.TOKEN_NOT_FOUND
                     )
                 }
+
+                test("관리자") {
+                    runExceptionTest(
+                        token = testAuthUtil.defaultHqAdminLogin().second,
+                        method = HttpMethod.POST,
+                        endpoint = endpoint,
+                        expectedErrorCode = AuthErrorCode.ACCESS_DENIED
+                    )
+                }
             }
 
             test("정상 응답") {
@@ -220,6 +238,15 @@ class ReservationApiTest(
                         expectedErrorCode = AuthErrorCode.TOKEN_NOT_FOUND
                     )
                 }
+
+                test("관리자") {
+                    runExceptionTest(
+                        token = testAuthUtil.defaultHqAdminLogin().second,
+                        method = HttpMethod.POST,
+                        endpoint = endpoint,
+                        expectedErrorCode = AuthErrorCode.ACCESS_DENIED
+                    )
+                }
             }
 
             test("정상 응답") {
@@ -288,6 +315,15 @@ class ReservationApiTest(
                         expectedErrorCode = AuthErrorCode.TOKEN_NOT_FOUND
                     )
                 }
+
+                test("관리자") {
+                    runExceptionTest(
+                        token = testAuthUtil.defaultHqAdminLogin().second,
+                        method = HttpMethod.POST,
+                        endpoint = endpoint,
+                        expectedErrorCode = AuthErrorCode.ACCESS_DENIED
+                    )
+                }
             }
 
             test("정상 응답") {
@@ -341,6 +377,15 @@ class ReservationApiTest(
                         expectedErrorCode = AuthErrorCode.TOKEN_NOT_FOUND
                     )
                 }
+
+                test("관리자") {
+                    runExceptionTest(
+                        token = testAuthUtil.defaultHqAdminLogin().second,
+                        method = HttpMethod.POST,
+                        endpoint = endpoint,
+                        expectedErrorCode = AuthErrorCode.ACCESS_DENIED
+                    )
+                }
             }
 
             context("정상 응답") {

service/src/test/kotlin/com/sangdol/roomescape/reservation/ReservationConcurrencyTest.kt

@@ -108,7 +108,7 @@ class ReservationConcurrencyTest(
 
     private fun createPendingReservation(user: UserEntity, schedule: ScheduleEntity): Long {
         return reservationService.createPendingReservation(
-            user = CurrentUserContext(id = user.id),
+            user = CurrentUserContext(id = user.id, name = user.name),
             request = PendingReservationCreateRequest(
                 scheduleId = schedule.id,
                 reserverName = user.name,

service/src/test/kotlin/com/sangdol/roomescape/user/UserApiTest.kt

@@ -148,6 +148,15 @@ class UserApiTest(
                         expectedErrorCode = AuthErrorCode.MEMBER_NOT_FOUND
                     )
                 }
+
+                test("관리자") {
+                    runExceptionTest(
+                        token = testAuthUtil.defaultStoreAdminLogin().second,
+                        method = HttpMethod.GET,
+                        endpoint = endpoint,
+                        expectedErrorCode = AuthErrorCode.MEMBER_NOT_FOUND
+                    )
+                }
             }
 
             test("정상 응답") {