3 files changed, 19 insertions, 0 deletions

diff --git a/designate/central/service.py b/designate/central/service.py
index fa7be5f3..1a87db73 100644
--- a/designate/central/service.py
+++ b/designate/central/service.py
@@ -1209,6 +1209,10 @@ class Service(service.RPCService):
 
         policy.check('share_zone', context, target)
 
+        if zone.tenant_id == shared_zone.target_project_id:
+            raise exceptions.BadRequest(
+                'Cannot share the zone with the zone owner.')
+
         shared_zone['project_id'] = context.project_id
         shared_zone['zone_id'] = zone_id
 
diff --git a/designate/tests/test_central/test_service.py b/designate/tests/test_central/test_service.py
index 5e6c3dff..df2834b7 100644
--- a/designate/tests/test_central/test_service.py
+++ b/designate/tests/test_central/test_service.py
@@ -3789,6 +3789,17 @@ class CentralServiceTest(CentralTestCase):
         self.assertEqual(context.project_id, shared_zone.project_id)
         self.assertEqual(zone.id, shared_zone.zone_id)
 
+    def test_share_zone_with_zone_owner(self):
+        # Create a Shared Zone
+        context = self.get_context(project_id='1')
+        zone = self.create_zone(context=context)
+        exc = self.assertRaises(
+            rpc_dispatcher.ExpectedException, self.share_zone,
+            context=context, zone_id=zone.id,
+            target_project_id=zone.tenant_id)
+
+        self.assertEqual(exceptions.BadRequest, exc.exc_info[0])
+
     def test_unshare_zone(self):
         context = self.get_context(project_id='1')
         zone = self.create_zone(context=context)
diff --git a/releasenotes/notes/Fix-share-zone-with-zone-owner-31a20c57a65c0cc4.yaml b/releasenotes/notes/Fix-share-zone-with-zone-owner-31a20c57a65c0cc4.yaml
new file mode 100644
index 00000000..8ddebaa6
--- /dev/null
+++ b/releasenotes/notes/Fix-share-zone-with-zone-owner-31a20c57a65c0cc4.yaml
@@ -0,0 +1,4 @@
+---
+fixes:
+  - |
+    Fixed a bug that allowed users to create a zone share for the zone owner.