From d5028fb02c305a46230b07e4a4515be869d2244b Mon Sep 17 00:00:00 2001
From: Thomas Lathuiliere <thomas@checkmarble.com>
Date: Wed, 7 Feb 2024 11:09:04 +0100
Subject: [PATCH] fix(apikeys): add role validation

---
 usecases/api_key_usecase.go | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/usecases/api_key_usecase.go b/usecases/api_key_usecase.go
index 37bd65400..d090154dd 100644
--- a/usecases/api_key_usecase.go
+++ b/usecases/api_key_usecase.go
@@ -11,6 +11,7 @@ import (
 	"github.com/checkmarble/marble-backend/usecases/analytics"
 	"github.com/checkmarble/marble-backend/usecases/transaction"
 	"github.com/google/uuid"
+	"github.com/pkg/errors"
 )
 
 type ApiKeyRepository interface {
@@ -72,6 +73,10 @@ func (usecase *ApiKeyUseCase) CreateApiKey(ctx context.Context, input models.Cre
 				return models.CreatedApiKey{}, err
 			}
 
+			if input.Role != models.API_CLIENT {
+				return models.CreatedApiKey{}, errors.Wrap(models.BadParameterError, fmt.Sprintf("role %s is not supported", input.Role))
+			}
+
 			apiKeyId := uuid.NewString()
 			key := generateAPiKey()
 			if err := usecase.apiKeyRepository.CreateApiKey(ctx, tx, models.CreateApiKey{