From dbf6c9efef5882482be3c355f137d79e170d914f Mon Sep 17 00:00:00 2001
From: Alex Vanin <alexey@nspcc.ru>
Date: Thu, 19 Nov 2020 17:26:04 +0300
Subject: [PATCH] [#190] Use request sender owner in sticky bit check

Sticky bit checks if object owner and request owner are the
same. Container owner should not used in this check.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
---
 pkg/services/object/acl/acl.go | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/pkg/services/object/acl/acl.go b/pkg/services/object/acl/acl.go
index 06db03cb..200b037b 100644
--- a/pkg/services/object/acl/acl.go
+++ b/pkg/services/object/acl/acl.go
@@ -508,7 +508,7 @@ func basicACLCheck(info requestInfo) bool {
 }
 
 func stickyBitCheck(info requestInfo, owner *owner.ID) bool {
-	if owner == nil || info.cnrOwner == nil {
+	if owner == nil || len(info.senderKey) == 0 {
 		return false
 	}
 
@@ -516,7 +516,9 @@ func stickyBitCheck(info requestInfo, owner *owner.ID) bool {
 		return true
 	}
 
-	return bytes.Equal(owner.ToV2().GetValue(), info.cnrOwner.ToV2().GetValue())
+	requestSenderKey := crypto.UnmarshalPublicKey(info.senderKey)
+
+	return isOwnerFromKey(owner, requestSenderKey)
 }
 
 func eACLCheck(msg interface{}, reqInfo requestInfo, cfg *eACLCfg) bool {