From 18e7541f3b48772872a67c0b77d1b83bb1728a39 Mon Sep 17 00:00:00 2001
From: Matthew Jones <mat@matburt.net>
Date: Thu, 29 Jan 2015 11:55:29 -0500
Subject: [PATCH] More sanity checking on eula_accepted POST property

---
 awx/api/views.py | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/awx/api/views.py b/awx/api/views.py
index b506542833..bf6af4b23a 100644
--- a/awx/api/views.py
+++ b/awx/api/views.py
@@ -211,7 +211,12 @@ class ApiV1ConfigView(APIView):
             return Response({"error": "Invalid license data"}, status=status.HTTP_400_BAD_REQUEST)
         if "eula_accepted" not in request.DATA:
             return Response({"error": "Missing 'eula_accepted' property"}, status=status.HTTP_400_BAD_REQUEST)
-        if not request.DATA["eula_accepted"]:
+        try:
+            eula_accepted = to_python_boolean(request.DATA["eula_accepted"])
+        except ValueError, e:
+            return Response({"error": "'eula_accepted' value is invalid"}, status=status.HTTP_400_BAD_REQUEST)
+
+        if not eula_accepted:
             return Response({"error": "'eula_accepted' must be True"}, status=status.HTTP_400_BAD_REQUEST)
         request.DATA.pop("eula_accepted")
         try: