Require admin role for admin endpoints

src/main/java/com/litoralregas/backend_gateway/config/SecurityConfig.java

@@ -23,7 +23,7 @@ public class SecurityConfig {
                 .authorizeHttpRequests(auth -> auth
                         .requestMatchers("/auth/**").permitAll()
                         .requestMatchers("/debug/**").permitAll()
-                        .requestMatchers("/admin/**").permitAll()
+                        .requestMatchers("/admin/**").hasRole("ADMIN")
                         .requestMatchers("/api/backend/**").authenticated()
                         .anyRequest().permitAll()
                 )