diff --git a/src/controller/projects.ts b/src/controller/projects.ts
index 5f76fbb..3514a83 100644
--- a/src/controller/projects.ts
+++ b/src/controller/projects.ts
@@ -2,8 +2,9 @@ import { IProject, Project } from "@models/Project";
 import { encryptClearField } from "@utils/decryption";
 import { Types } from "mongoose";
 import crypto from "crypto";
+import { IKeyRole } from "@models/AccessKey";
 
-export const checkProjectAccess = async (userId: string, projectId: string) => {
+export const checkProjectAccess = (requiredPermission: IKeyRole) => async (userId: string, projectId: string) => {
     if (!Types.ObjectId.isValid(projectId))
         return { code: 3, message: "Invalid object id provided" };
 
@@ -29,7 +30,7 @@ export const listProjects = async (userId?: string) => {
 };
 
 export const getProject = async (projectId: string, userId: string) => {
-    const project = await checkProjectAccess(userId, projectId);
+    const project = await checkProjectAccess(IKeyRole.VIEW)(userId, projectId);
     if ("code" in project) return project;
 
     return projectMapper(project);
@@ -43,7 +44,7 @@ export const createProject = async (name: string, userId: string) => {
 };
 
 export const deleteProject = async (id: string, userId: string) => {
-    const project = await checkProjectAccess(userId, id);
+    const project = await checkProjectAccess(IKeyRole.ADMIN)(userId, id);
     if ("code" in project) return project;
 
     // TODO: Delete all licenses, groups, permissions, ..
@@ -54,7 +55,7 @@ export const deleteProject = async (id: string, userId: string) => {
 export const patchProject = async (id: string, userId: string, config: {
     name: string, defaults: { licenseKey: string, groups: [], permissions: [], expirationDate: Date }
 }) => {
-    const project = await checkProjectAccess(userId, id);
+    const project = await checkProjectAccess(IKeyRole.MANAGE)(userId, id);
     if ("code" in project) return project;
 
     // TODO: Check if groups & permissions exist
@@ -63,7 +64,7 @@ export const patchProject = async (id: string, userId: string, config: {
 };
 
 export const regenerateKey = async (id: string, userId: string) => {
-    const project = await checkProjectAccess(userId, id);
+    const project = await checkProjectAccess(IKeyRole.MANAGE)(userId, id);
     if ("code" in project) return project;
 
     await project.updateOne({ validationKey: crypto.randomBytes(24).toString("hex") });