릴리스: v1.4.33 가입 검증과 테마 기본값 정리

backend/src/routes/admin.js

@@ -7,6 +7,8 @@ const { z } = require('zod')
 const { nanoid } = require('nanoid')
 const {
   findUserById,
+  findUserByEmail,
+  findUserByNickname,
   findTopicById,
   findTopicItemById,
   listTopicItems,
@@ -52,6 +54,7 @@ const {
 } = require('../db')
 const { requireAdmin } = require('../middleware/auth')
 const { createMemoryUpload, writeOptimizedImage, getImageOptimizationQueueState } = require('../lib/image-storage')
+const { isReservedNickname } = require('../lib/user-validation')
 
 const router = express.Router()
 
@@ -962,6 +965,18 @@ router.patch('/users/:userId', requireAdmin, async (req, res) => {
     return res.status(403).json({ error: 'primary_admin_only' })
   }
 
+  if (isReservedNickname(parsed.data.nickname)) {
+    return res.status(400).json({ error: 'nickname_reserved' })
+  }
+  const duplicateEmail = await findUserByEmail(parsed.data.email)
+  if (duplicateEmail && duplicateEmail.id !== targetUser.id) {
+    return res.status(409).json({ error: 'email_taken' })
+  }
+  const duplicateNickname = await findUserByNickname(parsed.data.nickname, targetUser.id)
+  if (duplicateNickname) {
+    return res.status(409).json({ error: 'nickname_taken' })
+  }
+
   try {
     const updated = await adminUpdateUser({
       id: targetUser.id,