diff --git a/app/controllers/admin/users_new_interface_controller.rb b/app/controllers/admin/users_new_interface_controller.rb
index 8190f5df..5aa44861 100644
--- a/app/controllers/admin/users_new_interface_controller.rb
+++ b/app/controllers/admin/users_new_interface_controller.rb
@@ -181,6 +181,16 @@ class Admin::UsersNewInterfaceController < OrbitMemberController
def edit_passwd
# @disable_all_field = false
@user = User.find(params[:users_new_interface_id])
+ if current_user.id == @user.id
+ redirect_to :action => :index
+ end
+ end
+
+ def edit_privilege
+ @user = User.find(params[:users_new_interface_id])
+ if current_user.id == @user.id
+ redirect_to :action => :index
+ end
end
def update
@@ -203,6 +213,20 @@ class Admin::UsersNewInterfaceController < OrbitMemberController
render :action => :edit_passwd, :notice => flash.now[:error]
end
+ elsif params[:edit_type] == 'edit_privilege'
+
+ @checkuser = User.where(:user_id => params[:user][:user_id]).first
+
+ if @user.admin && current_user.id == @user.id
+ flash.now[:error] = t("users.admin_change_password")
+ end
+
+ if !flash.now[:error] && @user.update_attributes(params[:user])
+ redirect_to :action => :show
+ else
+ render :action => :edit_privilege, :notice => flash.now[:error]
+ end
+
else
@user.update_attributes(params[:user])
diff --git a/app/views/admin/users_new_interface/_user_basic_passwd.html.erb b/app/views/admin/users_new_interface/_user_basic_passwd.html.erb
index 302c7889..898b1a4b 100644
--- a/app/views/admin/users_new_interface/_user_basic_passwd.html.erb
+++ b/app/views/admin/users_new_interface/_user_basic_passwd.html.erb
@@ -39,16 +39,5 @@
-
-
-
-
-
-
-
-
\ No newline at end of file
diff --git a/app/views/admin/users_new_interface/_user_basic_privilege.html.erb b/app/views/admin/users_new_interface/_user_basic_privilege.html.erb
new file mode 100644
index 00000000..1be4f1d0
--- /dev/null
+++ b/app/views/admin/users_new_interface/_user_basic_privilege.html.erb
@@ -0,0 +1,32 @@
+ <%#= devise_error_messages! %>
+ <%= flash_messages %>
+
+
+
+
<%=t("users.setting_privilege")%>
+
+
+
+
+
+
+
+ <%= @user.user_id %>
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/app/views/admin/users_new_interface/_user_for_listing.html.erb b/app/views/admin/users_new_interface/_user_for_listing.html.erb
index 12b983c2..987d1b57 100644
--- a/app/views/admin/users_new_interface/_user_for_listing.html.erb
+++ b/app/views/admin/users_new_interface/_user_for_listing.html.erb
@@ -20,7 +20,7 @@
<%= content_tag(:li, link_to(t(:edit),edit_admin_users_new_interface_path(user_for_listing))) if is_admin? %>
- <%= content_tag(:li, link_to(t(:Permissions),'#')) if is_admin? %>
+ <%= content_tag(:li, link_to(t("users.setting_privilege"),admin_users_new_interface_edit_privilege_path(user_for_listing))) if is_admin? and current_user.id != user_for_listing.id %>
<%= content_tag(:li, link_to(t(:delete),admin_users_new_interface_path(user_for_listing, :at=>params[:at]), :confirm => t(:sure?), :method => :delete, :class=>"text-error", :remote => true)) if is_admin? %>