From 205f94203c734df1d0df9a2a80da61e4e27729a2 Mon Sep 17 00:00:00 2001
From: Evgenii Baidakov <evgenii@nspcc.io>
Date: Thu, 8 Feb 2024 12:14:52 +0400
Subject: [PATCH] api: Return correct error on invalid grantee type

Closes #908.

Signed-off-by: Evgenii Baidakov <evgenii@nspcc.io>
---
 api/handler/acl.go | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/api/handler/acl.go b/api/handler/acl.go
index 51ad8e358..bc1cd39e5 100644
--- a/api/handler/acl.go
+++ b/api/handler/acl.go
@@ -519,7 +519,7 @@ func addGrantees(list []*Grant, headers http.Header, hdr string) ([]*Grant, erro
 
 	for _, grantee := range grantees {
 		if grantee.Type == granteeAmazonCustomerByEmail || (grantee.Type == granteeGroup && grantee.URI != allUsersGroup) {
-			return nil, stderrors.New("unsupported grantee type")
+			return nil, s3errors.GetAPIError(s3errors.ErrNotSupported)
 		}
 
 		list = append(list, &Grant{
@@ -1186,7 +1186,7 @@ func aclToAst(acl *AccessControlPolicy, resInfo *resourceInfo) (*ast, error) {
 
 	for _, grant := range acl.AccessControlList {
 		if grant.Grantee.Type == granteeAmazonCustomerByEmail || (grant.Grantee.Type == granteeGroup && grant.Grantee.URI != allUsersGroup) {
-			return nil, stderrors.New("unsupported grantee type")
+			return nil, s3errors.GetAPIError(s3errors.ErrNotSupported)
 		}
 
 		var groupGrantee bool
@@ -1225,7 +1225,7 @@ func aclToPolicy(acl *AccessControlPolicy, resInfo *resourceInfo) (*bucketPolicy
 
 	for _, grant := range acl.AccessControlList {
 		if grant.Grantee.Type == granteeAmazonCustomerByEmail || (grant.Grantee.Type == granteeGroup && grant.Grantee.URI != allUsersGroup) {
-			return nil, stderrors.New("unsupported grantee type")
+			return nil, s3errors.GetAPIError(s3errors.ErrNotSupported)
 		}
 
 		user := grant.Grantee.ID