From e515eb9dace9999097c47ab60599a5ec5d684d9f Mon Sep 17 00:00:00 2001
From: Jorran de Wit <jorrandewit@outlook.com>
Date: Thu, 9 Mar 2017 21:06:06 +0100
Subject: [PATCH] Fix dissapearing surenames after updating personal data

Due to a security fix visitors are not allowed to change their surenames.
 However, this was only fixed by appending HTML-tag 'readonly':
 1) It's still really easy to this change your surename by just removing
    this HTML-tag in your browser.
 2) The surename data wasn't sent so the processing form (due to a not required
    field) return the surename as an empty string.

Eventually this views should entirely be processed by a modelform ONLY. So no more
 assigning cleaned data to specific fields of the request.user.contributor!
---
 scipost/views.py | 1 -
 1 file changed, 1 deletion(-)

diff --git a/scipost/views.py b/scipost/views.py
index 78635541d..940eb79e1 100644
--- a/scipost/views.py
+++ b/scipost/views.py
@@ -1121,7 +1121,6 @@ def update_personal_data(request):
         if user_form.is_valid() and cont_form.is_valid():
             request.user.email = user_form.cleaned_data['email']
             request.user.first_name = user_form.cleaned_data['first_name']
-            request.user.last_name = user_form.cleaned_data['last_name']
             request.user.contributor.title = cont_form.cleaned_data['title']
             request.user.contributor.discipline = cont_form.cleaned_data['discipline']
             request.user.contributor.expertises = cont_form.cleaned_data['expertises']
-- 
GitLab