From c2c4158238e135ef87a245a83cf9765106dd8d0f Mon Sep 17 00:00:00 2001
From: "changlin.shi" <changlin.shi@ly.com>
Date: Fri, 2 Dec 2022 13:05:14 +0800
Subject: [PATCH] create bucket with ownership

Signed-off-by: changlin.shi <changlin.shi@ly.com>
---
 weed/s3api/s3api_acp.go             | 7 +++----
 weed/s3api/s3api_bucket_handlers.go | 7 ++++++-
 2 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/weed/s3api/s3api_acp.go b/weed/s3api/s3api_acp.go
index 7aa19babd..535bb3489 100644
--- a/weed/s3api/s3api_acp.go
+++ b/weed/s3api/s3api_acp.go
@@ -30,11 +30,10 @@ func (s3a *S3ApiServer) checkAccessByOwnership(r *http.Request, bucket string) s
 	return s3err.ErrAccessDenied
 }
 
-func (s3a *S3ApiServer) ExtractBucketAcp(r *http.Request) (owner string, grants []*s3.Grant, errCode s3err.ErrorCode) {
+func (s3a *S3ApiServer) ExtractBucketAcp(r *http.Request, objectOwnership string) (owner string, grants []*s3.Grant, errCode s3err.ErrorCode) {
 	accountId := s3acl.GetAccountId(r)
 
-	ownership := s3_constants.DefaultOwnershipForCreate
-	if ownership == s3_constants.OwnershipBucketOwnerEnforced {
+	if objectOwnership == s3_constants.OwnershipBucketOwnerEnforced {
 		return accountId, []*s3.Grant{
 			{
 				Permission: &s3_constants.PermissionFullControl,
@@ -45,6 +44,6 @@ func (s3a *S3ApiServer) ExtractBucketAcp(r *http.Request) (owner string, grants
 			},
 		}, s3err.ErrNone
 	} else {
-		return s3acl.ParseAndValidateAclHeadersOrElseDefault(r, s3a.accountManager, ownership, accountId, accountId, false)
+		return s3acl.ParseAndValidateAclHeadersOrElseDefault(r, s3a.accountManager, objectOwnership, accountId, accountId, false)
 	}
 }
diff --git a/weed/s3api/s3api_bucket_handlers.go b/weed/s3api/s3api_bucket_handlers.go
index efe069237..f1a747797 100644
--- a/weed/s3api/s3api_bucket_handlers.go
+++ b/weed/s3api/s3api_bucket_handlers.go
@@ -122,7 +122,11 @@ func (s3a *S3ApiServer) PutBucketHandler(w http.ResponseWriter, r *http.Request)
 		}
 	}
 
-	acpOwner, acpGrants, errCode := s3a.ExtractBucketAcp(r)
+	objectOwnership := r.Header.Get("ObjectOwnership")
+	if objectOwnership == "" {
+		objectOwnership = s3_constants.DefaultOwnershipForCreate
+	}
+	acpOwner, acpGrants, errCode := s3a.ExtractBucketAcp(r, objectOwnership)
 	if errCode != s3err.ErrNone {
 		s3err.WriteErrorResponse(w, r, errCode)
 		return
@@ -134,6 +138,7 @@ func (s3a *S3ApiServer) PutBucketHandler(w http.ResponseWriter, r *http.Request)
 				entry.Extended = make(map[string][]byte)
 			}
 			entry.Extended[s3_constants.AmzIdentityId] = []byte(identityId)
+			entry.Extended[s3_constants.ExtOwnershipKey] = []byte(objectOwnership)
 		}
 		s3acl.AssembleEntryWithAcp(entry, acpOwner, acpGrants)
 	}