From f04815c32f5ba7239ef83be16afe10b55f7cdfa6 Mon Sep 17 00:00:00 2001
From: Denis Kirillov <denis@nspcc.ru>
Date: Tue, 15 Feb 2022 12:06:00 +0300
Subject: [PATCH] [#354] Check container owner if bucket exists

Signed-off-by: Denis Kirillov <denis@nspcc.ru>
---
 api/layer/layer.go | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/api/layer/layer.go b/api/layer/layer.go
index 8336237ef..c88339d73 100644
--- a/api/layer/layer.go
+++ b/api/layer/layer.go
@@ -643,7 +643,7 @@ func (n *layer) DeleteObjects(ctx context.Context, bucket string, objects []*Ver
 }
 
 func (n *layer) CreateBucket(ctx context.Context, p *CreateBucketParams) (*cid.ID, error) {
-	_, err := n.GetBucketInfo(ctx, p.Name)
+	bktInfo, err := n.GetBucketInfo(ctx, p.Name)
 	if err != nil {
 		if errors.IsS3Error(err, errors.ErrNoSuchBucket) {
 			return n.createContainer(ctx, p)
@@ -651,6 +651,10 @@ func (n *layer) CreateBucket(ctx context.Context, p *CreateBucketParams) (*cid.I
 		return nil, err
 	}
 
+	if p.SessionToken != nil && bktInfo.Owner.Equal(p.SessionToken.OwnerID()) {
+		return nil, errors.GetAPIError(errors.ErrBucketAlreadyOwnedByYou)
+	}
+
 	return nil, errors.GetAPIError(errors.ErrBucketAlreadyExists)
 }