From 89409bb6d6b478132afaaed7ae1402c650dfbbac Mon Sep 17 00:00:00 2001
From: Kishore Nallan <kishorenc@gmail.com>
Date: Thu, 20 May 2021 15:00:51 +0530
Subject: [PATCH] Validate API key description during creation.

---
 src/auth_manager.cpp       |  4 ++++
 test/auth_manager_test.cpp | 11 +++++++++++
 2 files changed, 15 insertions(+)

diff --git a/src/auth_manager.cpp b/src/auth_manager.cpp
index 8dae99ad..28017b3f 100644
--- a/src/auth_manager.cpp
+++ b/src/auth_manager.cpp
@@ -330,6 +330,10 @@ Option<uint32_t> api_key_t::validate(const nlohmann::json &key_obj) {
         return Option<uint32_t>(400, std::string("Key value must be a string."));
     }
 
+    if(key_obj.count("description") != 0 && !key_obj["description"].is_string()) {
+        return Option<uint32_t>(400, std::string("Key description must be a string."));
+    }
+
     if(!key_obj["actions"].is_array() || key_obj["actions"].empty()) {
         return Option<uint32_t>(400,"Wrong format for `actions`. It should be an array of string.");
     }
diff --git a/test/auth_manager_test.cpp b/test/auth_manager_test.cpp
index 95bb71fc..7be5147c 100644
--- a/test/auth_manager_test.cpp
+++ b/test/auth_manager_test.cpp
@@ -424,4 +424,15 @@ TEST_F(AuthManagerTest, ValidateBadKeyProperties) {
     validate_op = api_key_t::validate(key_obj3);
     ASSERT_FALSE(validate_op.ok());
     ASSERT_STREQ("Key value must be a string.", validate_op.error().c_str());
+
+    // check for valid description
+    nlohmann::json key_obj4;
+    key_obj4["description"] = 42;
+    key_obj4["actions"] = {"*"};
+    key_obj4["collections"] = {"foobar"};
+    key_obj4["value"] = "abcd";
+
+    validate_op = api_key_t::validate(key_obj4);
+    ASSERT_FALSE(validate_op.ok());
+    ASSERT_STREQ("Key description must be a string.", validate_op.error().c_str());
 }
\ No newline at end of file