diff --git a/app/controllers/admin/authorizations_controller.rb b/app/controllers/admin/authorizations_controller.rb
index 37a995d..0eb56d2 100644
--- a/app/controllers/admin/authorizations_controller.rb
+++ b/app/controllers/admin/authorizations_controller.rb
@@ -23,7 +23,7 @@ class Admin::AuthorizationsController < OrbitAdminController
           @error = t(:no_data)
         end
       else
-        @authorizations = @module_app.module_managers rescue nil
+        @authorizations = @module_app.module_managers rescue []
       end
     elsif @module_apps
       @module_app = @module_apps.first
diff --git a/app/controllers/admin/members_controller.rb b/app/controllers/admin/members_controller.rb
index 06298cc..4162f67 100644
--- a/app/controllers/admin/members_controller.rb
+++ b/app/controllers/admin/members_controller.rb
@@ -81,6 +81,7 @@ class Admin::MembersController < OrbitMemberController
 
   def edit
     @form_index = 0
+    get_info_and_roles
     if @member.user.present?
       @user = @member.user
     else
@@ -102,6 +103,7 @@ class Admin::MembersController < OrbitMemberController
   end
 
   def update
+    Rails.logger.info"@@@@@@@@@@@"+member_profile_params.inspect
     respond_to do |format|
       if @member.update(member_profile_params)
         if @member.user.present?
@@ -133,6 +135,23 @@ class Admin::MembersController < OrbitMemberController
     render action: "index"
   end
 
+  def edit_passwd
+    @member = MemberProfile.find(params[:member_id])
+    @user = @member.user
+    if current_user.id == @user.id
+      redirect_to :action => :index
+    end
+  end
+
+  def edit_privilege
+    @member = MemberProfile.find(params[:member_id])
+    @user = @member.user
+    @workgroup = Workgroup.find_by(key: 'admin')
+    if current_user.id == @user.id
+      redirect_to :action => :index
+    end
+  end
+
   private
 
   # Use callbacks to share common setup or constraints between actions.
diff --git a/app/models/member_profile.rb b/app/models/member_profile.rb
index c39b2c3..66f7924 100644
--- a/app/models/member_profile.rb
+++ b/app/models/member_profile.rb
@@ -18,6 +18,7 @@ class MemberProfile
 
   has_one :user
   has_and_belongs_to_many :roles
+  has_and_belongs_to_many :role_statuses
 
   mount_uploader :avatar, AvatarUploader
   paginates_per 10
diff --git a/app/views/admin/members/_member_for_listing.html.erb b/app/views/admin/members/_member_for_listing.html.erb
index 2435608..a83c548 100644
--- a/app/views/admin/members/_member_for_listing.html.erb
+++ b/app/views/admin/members/_member_for_listing.html.erb
@@ -22,7 +22,7 @@
         <div class="quick-edit">
           <ul class="nav nav-pills">
             <%= content_tag(:li, link_to(t(:edit),edit_admin_member_path(member_for_listing))) if current_user.is_admin? %>
-            <%= content_tag(:li, link_to(t("users.setting_privilege"))) if current_user.is_admin? and current_user.id != (member_for_listing.user.id if member_for_listing.user.present? ) %>
+            <%= content_tag(:li, link_to(t("users.setting_privilege"),admin_member_edit_privilege_path(member_for_listing))) if current_user.is_admin? and current_user.id != (member_for_listing.user.id if member_for_listing.user.present? ) %>
             <%= content_tag(:li, link_to(t(:delete_),admin_member_path(member_for_listing, :at=>params[:at]), :confirm => t(:sure?), :method => :delete, :class=>"text-error", :remote => true)) if current_user.is_admin? %>
           </ul>
         </div>
diff --git a/app/views/admin/members/_role.html.erb b/app/views/admin/members/_role.html.erb
index 8fd98c8..41d5d63 100644
--- a/app/views/admin/members/_role.html.erb
+++ b/app/views/admin/members/_role.html.erb
@@ -1,7 +1,7 @@
 <% role_disable = @member.roles.include?(role) ?   false : true    %> 
-
   <div class="attributes <%= role_disable ? 'disabled' : '' %>">
   <div class="attributes-header clearfix">
+    <%= hidden_field_tag("member_profile[disable_role][id][#{role.id}]",role_disable,:for=>@form_index,"data-deploy"=>"right",:class=>"toggle-check",:value=>role_disable)%>
     <h4><%= role.title %><%= t(:role_info)%></h4>
   </div>
 
@@ -12,11 +12,18 @@
       <div class="control-group">
         <%= label_tag t(:status), nil, {:func=>"field_label", :for=>"1", :class=>"control-label muted"} %>
         <div class="controls">
-        <% role.role_statuses.where(disable: false).each_with_index do |rrs, i|%>
+        <% role.role_statuses.where(disable: false).each_with_index  do |rrs, i| %>
+          <label class="checkbox inline">
+            <%= check_box_tag 'member_profile[role_status_ids][]', rrs.id, @member.role_statuses.include?(rrs) ? true: false %> <%= rrs.title %>
+          </label>
         <% end %>
+
         </div>
       </div>
 
-    </div>
+  </div>
+
+</div>
+
+
 
-  </div>
\ No newline at end of file
diff --git a/app/views/admin/members/_show_roles.html.erb b/app/views/admin/members/_show_roles.html.erb
new file mode 100644
index 0000000..4d52b5e
--- /dev/null
+++ b/app/views/admin/members/_show_roles.html.erb
@@ -0,0 +1,8 @@
+
+                <div class="roles">
+                  <h4><span><%= show_roles.title %><%= t(:role_info)%></span></h4>
+                  <dl>
+                    <dt><%= t('status') %></dt>
+                    <dd><%= show_attribute_value(@user.role_statuses.where(:role_id=>show_roles.id).map{|t|t.title.to_s}.join(',')) rescue '' %></dd>
+                  </dl>
+                </div>
diff --git a/app/views/admin/members/_user_basic_privilege.html.erb b/app/views/admin/members/_user_basic_privilege.html.erb
new file mode 100644
index 0000000..d7f0899
--- /dev/null
+++ b/app/views/admin/members/_user_basic_privilege.html.erb
@@ -0,0 +1,29 @@
+  <div class="attributes">
+    <div class="attributes-header clearfix">
+      <h4><%=t("users.setting_privilege")%></h4>
+    </div>
+    <div class="attributes-body">
+
+      <!-- Account -->
+      <div class="control-group">
+        <label class="control-label muted" for="account">
+          <%= f.label t("users.name"),:class=>"control-label" %>
+        </label>
+        <div class="controls add-input">
+          <%= @member.name %>
+        </div>
+      </div>
+    <%= form_for @user, :html => { :class=>"form-horizontal main-forms", :id=>"user-forms"} do |m| %>
+      <!-- Chec Admin -->
+      <div class="control-group">
+        <label class="control-label muted" for="">Administrator</label>
+        <div class="controls">
+          <label class="checkbox inline">
+            <%= m.check_box :workgroup_id,{},@workgroup.id%>  
+            <%= t("admin") %>
+          </label>
+        </div>
+      </div>
+   <% end %>
+    </div>
+  </div>
\ No newline at end of file
diff --git a/app/views/admin/members/_user_profile.html.erb b/app/views/admin/members/_user_profile.html.erb
new file mode 100644
index 0000000..91657c5
--- /dev/null
+++ b/app/views/admin/members/_user_profile.html.erb
@@ -0,0 +1,20 @@
+<div class="roles">
+                  <h4><span><%= t(i18n)%></span></h4>
+                  <dl>
+                    <dt><%= t('users.first_name')%></dt>
+                    <dd><%= @member.first_name %></dd>
+                    <dt><%= t('users.last_name')%></dt>
+                    <dd><%= @member.last_name %></dd>
+                    <dt><%= t('users.email')%></dt>
+                    <dd><%= @member.email %></dd>
+                    <% if !@member.sid.blank? %>
+                    <dt><%= t('users.sid')%></dt>
+                    <dd><%= @member.sid %></dd>
+                    <dt><%= t('users.office_tel')%></dt>
+                    <dd><%= @member.office_tel %></dd>
+                    <% end %>
+                    <dt><%= t('users.sex')%></dt>
+                    <dd><%= t("users.#{@member.sex}") %></dd>
+                    
+                  </dl>
+                </div>
\ No newline at end of file
diff --git a/app/views/admin/members/edit.html.erb b/app/views/admin/members/edit.html.erb
index d67a493..afa2305 100644
--- a/app/views/admin/members/edit.html.erb
+++ b/app/views/admin/members/edit.html.erb
@@ -26,9 +26,9 @@
   <fieldset>
     <div id="basic-area" class="input-area">
 
-    <%= render :partial => 'user_basic_passwd'%>
-    <%= render :partial => 'member_basic', :locals => {:f => f}%>
-    <%= render :partial => 'form', :locals => { :f => f } %>
+    <%= render partial: 'user_basic_passwd'%>
+    <%= render partial: 'member_basic', locals: {f: f}%>
+    <%= render partial: 'roles', locals: {f: f} %>
 
     </div>
 
diff --git a/app/views/admin/members/edit_passwd.html.erb b/app/views/admin/members/edit_passwd.html.erb
new file mode 100644
index 0000000..5fcdadd
--- /dev/null
+++ b/app/views/admin/members/edit_passwd.html.erb
@@ -0,0 +1,36 @@
+<% content_for :side_bar do %>
+  <%= render :partial => 'admin/members/side_bar' %>
+<% end %>
+
+<% content_for :page_specific_css do -%>
+    <%= stylesheet_link_tag "lib/wrap-nav.css" %>
+    <%= stylesheet_link_tag "lib/pageslide.css" %>
+    <%= stylesheet_link_tag "lib/main-forms.css" %>
+    <%= stylesheet_link_tag "lib/fileupload.css" %>
+    <%= stylesheet_link_tag "lib/togglebox.css" %>
+<% end -%>
+<% content_for :page_specific_javascript do -%>
+    <%= javascript_include_tag "lib/jquery.tmpl.min.js" %>
+    <%= javascript_include_tag "lib/bootstrap-fileupload.js" %>
+    <%= javascript_include_tag "lib/member/role-forms.js" %>
+    <%= javascript_include_tag "lib/member/textarea-lang-btn.js" %>
+<% end -%>
+
+
+<%= form_for @member, :url => admin_member_path(@member), :html => { :multipart => true , :class=>"form-horizontal main-forms", :id=>"user-forms"} do |f| %>
+
+  <fieldset>
+    <div id="basic-area" class="input-area">
+      <%= render :partial => 'user_basic_passwd', :locals => {:f => f}%>
+    </div>
+    
+
+    <div class="form-actions">
+      <%= link_back('btn') %>
+      <%= hidden_field_tag 'edit_type', 'edit_passwd' %>
+      <%= link_to t(:update_), "#", :class=>"btn btn-primary returnDecide", :onclick=>"$('#edit_user_#{@user.id}').submit()" %>
+    </div>
+
+  </fieldset>  
+
+<% end -%>
diff --git a/app/views/admin/members/edit_privilege.html.erb b/app/views/admin/members/edit_privilege.html.erb
new file mode 100644
index 0000000..d45df46
--- /dev/null
+++ b/app/views/admin/members/edit_privilege.html.erb
@@ -0,0 +1,36 @@
+<% content_for :side_bar do %>
+  <%= render :partial => 'admin/members/side_bar' %>
+<% end %>
+
+<% content_for :page_specific_css do -%>
+    <%= stylesheet_link_tag "lib/wrap-nav.css" %>
+    <%= stylesheet_link_tag "lib/pageslide.css" %>
+    <%= stylesheet_link_tag "lib/main-forms.css" %>
+    <%= stylesheet_link_tag "lib/fileupload.css" %>
+    <%= stylesheet_link_tag "lib/togglebox.css" %>
+<% end -%>
+<% content_for :page_specific_javascript do -%>
+    <%= javascript_include_tag "lib/jquery.tmpl.min.js" %>
+    <%= javascript_include_tag "lib/bootstrap-fileupload.js" %>
+    <%= javascript_include_tag "lib/member/role-forms.js" %>
+    <%= javascript_include_tag "lib/member/textarea-lang-btn.js" %>
+<% end -%>
+
+
+<%= form_for @member, :url => admin_member_path(@member), :html => { :multipart => true , :class=>"form-horizontal main-forms", :id=>"user-forms"} do |f| %>
+
+  <fieldset>
+    <div id="basic-area" class="input-area">
+      <%= render :partial => 'user_basic_privilege', :locals => {:f => f}%>
+    </div>
+    
+
+    <div class="form-actions">
+      <%= link_back('btn') %>
+      <%= hidden_field_tag 'edit_type', 'edit_privilege' %>
+      <%= link_to t(:update_), "#", :class=>"btn btn-primary returnDecide", :onclick=>"$('#edit_user_#{@user.id}').submit()" %>
+    </div>
+
+  </fieldset>  
+
+<% end -%>
diff --git a/app/views/admin/members/new.html.erb b/app/views/admin/members/new.html.erb
index 8bbac39..00a186f 100644
--- a/app/views/admin/members/new.html.erb
+++ b/app/views/admin/members/new.html.erb
@@ -24,9 +24,9 @@
 
   <fieldset>
     <div id="basic-area" class="input-area">
-    <%= render :partial => 'user_basic_passwd'%>
-    <%= render :partial => 'member_basic', :locals => {:f => f}%>
-    <%= render :partial => 'form', :locals => { :f => f } %>
+    <%= render partial: 'user_basic_passwd'%>
+    <%= render partial: 'member_basic', locals: {f: f}%>
+    <%= render partial: 'roles', locals: { f: f } %>
 
     </div>
 
diff --git a/app/views/admin/members/show.html.erb b/app/views/admin/members/show.html.erb
index 56ce349..e79b7ce 100644
--- a/app/views/admin/members/show.html.erb
+++ b/app/views/admin/members/show.html.erb
@@ -17,18 +17,18 @@
             </div>
             <div class="basic-profile">
               <h4><%= @member.name%></h4>
-              <small class="muted"><%= @member.user.email %></small>
+              <small class="muted"><%= @member.email %></small>
               <div class="btn-group">
                   <%= link_to("<i class='icon-edit'></i> #{t(:edit)}".html_safe,edit_admin_member_path(@member.id),:class=>"btn btn-mini" ) if current_user.is_admin?%>
-                  <%= link_to("<i class='icons-cycle'></i> #{t("users.change_passwd")}".html_safe,:class=>"btn btn-mini" ) if current_user.is_admin? and current_user.id != @member.user.id %>
-                  <%= link_to("<i class='icons-lock-open'></i> #{t("users.setting_privilege")}".html_safe,:class=>"btn btn-mini" ) if current_user.is_admin? and current_user.id != @member.user.id %>
+                  <%= link_to("<i class='icons-cycle'></i> #{t("users.change_passwd")}".html_safe,admin_member_edit_passwd_path(@member),:class=>"btn btn-mini" ) if current_user.is_admin? and current_user.id != @member.user.id %>
+                  <%= link_to("<i class='icons-lock-open'></i> #{t("users.setting_privilege")}".html_safe,admin_member_edit_privilege_path(@member),:class=>"btn btn-mini" ) if current_user.is_admin? and current_user.id != @member.user.id %>
               </div>
             </div>
 
             <div id="member-roles" class="nano">
               <div class="content">
-
-                
+                <%= render :partial=> "user_profile",:locals=>{:role_class=>"basic",:i18n=>"profile"} %>
+                <%= render :partial=> "show_roles",collection: @member.roles %>
               </div>
             </div>
           </div>
diff --git a/config/routes.rb b/config/routes.rb
index 606d195..96d7a38 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -80,7 +80,10 @@ Orbit::Application.routes.draw do
           get 'get_month_traffic'
         end
       end
-      resources :members
+      resources :members do
+        match "edit_passwd" => "members#edit_passwd" ,:as => :edit_passwd, via: [:get, :post]
+        match "edit_privilege" => "members#edit_privilege" ,:as => :edit_privilege, via: [:get, :post]
+      end
       resources :roles do
         get 'role_field'
         post 'toggle'