From f0fcf4c00fb478f5de0b1bc23eec53677b27e5e7 Mon Sep 17 00:00:00 2001 From: Luke Couzens Date: Tue, 27 Sep 2022 19:13:11 +0100 Subject: [PATCH] security fix (#3900) --- koku/api/provider/serializers.py | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/koku/api/provider/serializers.py b/koku/api/provider/serializers.py index d6a7476c53..010f517f49 100644 --- a/koku/api/provider/serializers.py +++ b/koku/api/provider/serializers.py @@ -349,10 +349,9 @@ def create(self, validated_data): # We can re-use a billing source or a auth, but not the same combination. dup_queryset = Provider.objects.filter(authentication=auth).filter(billing_source=bill) if dup_queryset.count() != 0: - conflict_provider = dup_queryset.first() message = ( - f"Cost management does not allow duplicate accounts. " - f"{conflict_provider.name} already exists. Edit source settings to configure a new source." + "Cost management does not allow duplicate accounts. " + "A source already exists with these details. Edit source settings to configure a new source." ) LOG.warn(message) raise serializers.ValidationError(error_obj(ProviderErrors.DUPLICATE_AUTH, message)) @@ -402,10 +401,9 @@ def update(self, instance, validated_data): if instance.billing_source != bill or instance.authentication != auth: dup_queryset = Provider.objects.filter(authentication=auth).filter(billing_source=bill) if dup_queryset.count() != 0: - conflict_provder = dup_queryset.first() message = ( - f"Cost management does not allow duplicate accounts. " - f"{conflict_provder.name} already exists. Edit source settings to configure a new source." + "Cost management does not allow duplicate accounts. " + "A source already exists with these details. Edit source settings to configure a new source." ) LOG.warn(message) raise serializers.ValidationError(error_obj(ProviderErrors.DUPLICATE_AUTH, message))