# HG changeset patch # User dellsystem # Date 1345840642 14400 # Node ID 96ad476f52df2d2574a22d368f8c90c06f26ada7 # Parent d416b81988895a183fb21edc56d78e46222ae1e4 Tailor editprofile view to work only for the logged-in user It makes more sense than first identifying the user and checking that the user is the same as the logged-in user. Now there's no need to pass the authenticated user's username to the {% url %} tag. diff -r d416b8198889 -r 96ad476f52df apps/profile/views.py --- a/apps/profile/views.py Fri Aug 24 16:32:17 2012 -0400 +++ b/apps/profile/views.py Fri Aug 24 16:37:22 2012 -0400 @@ -50,12 +50,8 @@ ) @login_required -def editprofile(request, user): - [u,p] = getprofile(user) - - #Make sure user can only edit own profile - if request.user != u: - raise Http403 +def editprofile(request): + [u,p] = getprofile(request.user) if request.method=='POST': u.first_name = request.POST['first-name']