From 5b680063685b52574cd1e3e85c4d3d974717e81d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20Czern=C3=BD?= <pczerny@opennebula.io>
Date: Mon, 25 Sep 2023 14:26:18 +0200
Subject: [PATCH] B #6331: Disable chown for Apps from public market (#2752)

---
 src/rm/RequestManagerChown.cc | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/src/rm/RequestManagerChown.cc b/src/rm/RequestManagerChown.cc
index 6e1100733d9..309f825c292 100644
--- a/src/rm/RequestManagerChown.cc
+++ b/src/rm/RequestManagerChown.cc
@@ -363,6 +363,25 @@ void RequestManagerChown::request_execute(xmlrpc_c::paramList const& paramList,
         {
             vms = static_cast<VirtualRouter *>(object.get())->get_vms();
         }
+        else if (auth_object == PoolObjectSQL::MARKETPLACEAPP)
+        {
+            auto app = static_cast<MarketPlaceApp*>(object.get());
+
+            auto market_id = app->get_market_id();
+
+            auto mpool = Nebula::instance().get_marketpool();
+
+            auto market = mpool->get_ro(market_id);
+
+            if (market && market->is_public())
+            {
+                att.resp_msg = "App " + to_string(oid) +
+                    ": Changing the ownership for an App from the public Marketplace is not permitted";
+                failure_response(INTERNAL, att);
+
+                return;
+            }
+        }
     }
 
     if ( object == nullptr )