From 46b0b38dc88b2c1a3cd255246a8c588c87472248 Mon Sep 17 00:00:00 2001
From: Benjamin Dauvergne <bdauvergne@entrouvert.com>
Date: Mon, 20 Mar 2017 14:18:37 +0100
Subject: [PATCH] api: do not set allow_blank=True on all attribute fields
 (fixes #15621)

---
 src/authentic2/api_views.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/authentic2/api_views.py b/src/authentic2/api_views.py
index 62be607..971f61f 100644
--- a/src/authentic2/api_views.py
+++ b/src/authentic2/api_views.py
@@ -283,7 +283,7 @@ class BaseUserSerializer(serializers.ModelSerializer):
             kind = attribute_kinds.get_kind(at.kind)
             field_class = kind['rest_framework_field_class']
             self.fields[at.name] = field_class(source='attributes.%s' % at.name,
-                                               required=at.required, allow_blank=True)
+                                               required=at.required)
 
     def check_perm(self, perm, ou):
         self.context['view'].check_perm(perm, ou)
-- 
2.1.4