diff --git a/.gitignore b/.gitignore
index 5246fc09f..9f5ded8b2 100644
--- a/.gitignore
+++ b/.gitignore
@@ -20,3 +20,4 @@ migrations/
 *.log
 host_rsa_key
 *.bat
+tags
diff --git a/apps/templates/base.html b/apps/templates/base.html
index fea042061..2cead306e 100644
--- a/apps/templates/base.html
+++ b/apps/templates/base.html
@@ -24,9 +24,9 @@
         {% block first_login_message %}
             {% if user.is_authenticated and user.is_first_login %}
             <div class="alert alert-danger" style="margin: 20px auto 0px">
-                {% url 'users:user-first-login' as the_url %}
+                {% url 'users:user-first-login' as first_login_url %}
                 {% blocktrans %}
-                Your information was incomplete. Please click <a href="{{ the_url }}"> this link </a>to complete your information.
+                Your information was incomplete. Please click <a href="{{ first_login_url }}"> this link </a>to complete your information.
                 {% endblocktrans %}
             </div>
             {% endif %}
@@ -34,8 +34,9 @@
         {% block update_public_key_message %}
             {% if user.is_authenticated and not user.is_public_key_valid %}
             <div class="alert alert-danger" style="margin: 20px auto 0px">
+                {% url 'users:user-profile' as profile_url %}
                 {% blocktrans %}
-                Your ssh-public-key has been expired. Please click <a href="#"> this link </a>to  update your ssh-public-key.
+                Your ssh-public-key has been expired. Please click <a href="{{ profile_url }}"> this link </a>to update your ssh-public-key.
                 {% endblocktrans %}
             </div>
             {% endif %}
diff --git a/apps/users/api.py b/apps/users/api.py
index dd2e6e0c0..895cba9fa 100644
--- a/apps/users/api.py
+++ b/apps/users/api.py
@@ -1,21 +1,18 @@
 # ~*~ coding: utf-8 ~*~
-#
 
-from rest_framework import generics, viewsets
+from rest_framework import generics
+from rest_framework.permissions import AllowAny
 from rest_framework.response import Response
 from rest_framework.views import APIView
-from rest_framework.permissions import AllowAny
 from rest_framework_bulk import BulkModelViewSet
-# from django_filters.rest_framework import DjangoFilterBackend
 
+from . import serializers
+from .hands import write_login_log_async
+from .models import User, UserGroup
+from .permissions import IsSuperUser, IsValidUser, IsCurrentUserOrReadOnly
+from .utils import check_user_valid, generate_token
 from common.mixins import IDInFilterMixin
 from common.utils import get_logger
-from .utils import check_user_valid, generate_token
-from .models import User, UserGroup
-from .hands import write_login_log_async
-from .permissions import (
-    IsSuperUser, IsAppUser, IsValidUser)
-from . import serializers
 
 
 logger = get_logger(__name__)
@@ -41,7 +38,7 @@ class UserResetPasswordApi(generics.UpdateAPIView):
 
     def perform_update(self, serializer):
         # Note: we are not updating the user object here.
-        # We just do the reset-password staff.
+        # We just do the reset-password stuff.
         import uuid
         from .utils import send_reset_password_mail
         user = self.get_object()
@@ -65,6 +62,7 @@ class UserResetPKApi(generics.UpdateAPIView):
 class UserUpdatePKApi(generics.UpdateAPIView):
     queryset = User.objects.all()
     serializer_class = serializers.UserPKUpdateSerializer
+    permission_classes = (IsCurrentUserOrReadOnly,)
 
     def perform_update(self, serializer):
         user = self.get_object()
diff --git a/apps/users/permissions.py b/apps/users/permissions.py
index 4b2047951..d543b9a45 100644
--- a/apps/users/permissions.py
+++ b/apps/users/permissions.py
@@ -1,18 +1,7 @@
 #!/usr/bin/env python
 # -*- coding: utf-8 -*-
-#
 
-import base64
-
-from django.core.cache import cache
-from django.conf import settings
-from django.utils.translation import ugettext as _
-from rest_framework import authentication, exceptions, permissions
-from rest_framework.compat import is_authenticated
-
-from common.utils import signer, get_object_or_none
-from .hands import Terminal
-from .models import User
+from rest_framework import permissions
 
 
 class IsValidUser(permissions.IsAuthenticated, permissions.BasePermission):
@@ -20,7 +9,7 @@ class IsValidUser(permissions.IsAuthenticated, permissions.BasePermission):
 
     def has_permission(self, request, view):
         return super(IsValidUser, self).has_permission(request, view) \
-               and request.user.is_valid
+            and request.user.is_valid
 
 
 class IsAppUser(IsValidUser, permissions.BasePermission):
@@ -28,7 +17,7 @@ class IsAppUser(IsValidUser, permissions.BasePermission):
 
     def has_permission(self, request, view):
         return super(IsAppUser, self).has_permission(request, view) \
-               and request.user.is_app
+            and request.user.is_app
 
 
 class IsSuperUser(IsValidUser, permissions.BasePermission):
@@ -36,7 +25,7 @@ class IsSuperUser(IsValidUser, permissions.BasePermission):
 
     def has_permission(self, request, view):
         return super(IsSuperUser, self).has_permission(request, view) \
-               and request.user.is_superuser
+            and request.user.is_superuser
 
 
 class IsSuperUserOrAppUser(IsValidUser, permissions.BasePermission):
@@ -44,8 +33,12 @@ class IsSuperUserOrAppUser(IsValidUser, permissions.BasePermission):
 
     def has_permission(self, request, view):
         return super(IsSuperUserOrAppUser, self).has_permission(request, view) \
-               and (request.user.is_superuser or request.user.is_app)
+            and (request.user.is_superuser or request.user.is_app)
 
 
-if __name__ == '__main__':
-    pass
+class IsCurrentUserOrReadOnly(permissions.BasePermission):
+
+    def has_object_permission(self, request, view, obj):
+        if request.method in permissions.SAFE_METHODS:
+            return True
+        return obj == request.user
diff --git a/apps/users/templates/users/user_profile.html b/apps/users/templates/users/user_profile.html
index fecce3f9e..8591c9078 100644
--- a/apps/users/templates/users/user_profile.html
+++ b/apps/users/templates/users/user_profile.html
@@ -17,95 +17,132 @@
                             <a class="collapse-link">
                                 <i class="fa fa-chevron-up"></i>
                             </a>
-                            <a class="dropdown-toggle" data-toggle="dropdown" href="#">
-                                <i class="fa fa-wrench"></i>
-                            </a>
-                            <ul class="dropdown-menu dropdown-user">
-                                <li><a href="#"></a>
-                                </li>
-                                <li><a href="#"></a>
-                                </li>
-                            </ul>
                             <a class="close-link">
                                 <i class="fa fa-times"></i>
                             </a>
                         </div>
                     </div>
                     <div class="ibox-content">
-                        <div>
-                            <div class="text-left">
-                                <table class="table">
-                                    <tr>
-                                        <td class="text-navy">用户名</td>
-                                        <td>{{ user.username }}</td>
-                                    </tr>
-                                    <tr>
-                                        <td class="text-navy">姓名</td>
-                                        <td>{{ user.name }}</td>
-                                    </tr>
-                                    <tr>
-                                        <td class="text-navy">权限</td>
-                                        <td>{{ user.get_role_display }}</td>
-                                    </tr>
-                                    <tr>
-                                        <td class="text-navy">Email</td>
-                                        <td>{{ user.email }}</td>
-                                    </tr>
-                                    <tr>
-                                        <td class="text-navy">激活</td>
-                                        <td>{{ user.is_active }}</td>
-                                    </tr>
-                                    <tr>
-                                        <td class="text-navy">添加日期</td>
-                                        <td>{{ user.date_joined|date:"Y-m-d H:i:s" }}</td>
-                                    </tr>
-                                    <tr>
-                                        <td class="text-navy">最后登录</td>
-                                        <td>{{ user.last_login|date:"Y-m-d H:i:s" }}</td>
-                                    </tr>
-                                    <tr>
-                                        <td class="text-navy">所在用户组</td>
-                                        <td>
-                                            {% for group in user.groups.all %}
-                                            <span class="simple-tag with-link">
-                                                <a href="{% url 'users:user-group-detail' group.id %}">{{ group.name }}</a>
-                                            </span>
-                                            {% endfor %}
-                                        </td>
-                                    </tr>
-                                    <tr>
-                                        <td class="text-navy">授权主机数量</td>
-                                        <td>{{ assets | length }}</td>
-                                    </tr>
-                                    <tr>
-                                        <td class="text-navy">授权主机组</td>
-                                        <td>
-                                            {% for group in asset_groups %}
-                                            <span class="simple-tag with-link">
-                                                <a href="{% url 'assets:asset-group-detail' group.id %}">{{ group.name }}</a>
-                                            </span>
-                                            {% endfor %}
-                                        </td>
-                                    </tr>
-                                    <tr>
-                                        <td class="text-navy">授权规则</td>
-                                        <td>
-                                            {% for perm in permissions %}
-                                            <span class="simple-tag with-link">
-                                                <a href="{% url 'perms:asset-permission-detail' perm.id %}">{{ perm.name }}</a>
-                                            </span>
-                                            {% endfor %}
-                                        </td>
-                                    </tr>
-                                </table>
-                            </div>
+                        <div class="text-left">
+                            <table class="table">
+                                <tr>
+                                    <td class="text-navy">用户名</td>
+                                    <td>{{ user.username }}</td>
+                                </tr>
+                                <tr>
+                                    <td class="text-navy">姓名</td>
+                                    <td>{{ user.name }}</td>
+                                </tr>
+                                <tr>
+                                    <td class="text-navy">权限</td>
+                                    <td>{{ user.get_role_display }}</td>
+                                </tr>
+                                <tr>
+                                    <td class="text-navy">Email</td>
+                                    <td>{{ user.email }}</td>
+                                </tr>
+                                <tr>
+                                    <td class="text-navy">激活</td>
+                                    <td>{{ user.is_active }}</td>
+                                </tr>
+                                <tr>
+                                    <td class="text-navy">添加日期</td>
+                                    <td>{{ user.date_joined|date:"Y-m-d H:i:s" }}</td>
+                                </tr>
+                                <tr>
+                                    <td class="text-navy">最后登录</td>
+                                    <td>{{ user.last_login|date:"Y-m-d H:i:s" }}</td>
+                                </tr>
+                                <tr>
+                                    <td class="text-navy">所在用户组</td>
+                                    <td>
+                                        {% for group in user.groups.all %}
+                                        <span class="simple-tag with-link">
+                                            <a href="{% url 'users:user-group-detail' group.id %}">{{ group.name }}</a>
+                                        </span>
+                                        {% endfor %}
+                                    </td>
+                                </tr>
+                                <tr>
+                                    <td class="text-navy">授权主机数量</td>
+                                    <td>{{ assets | length }}</td>
+                                </tr>
+                                <tr>
+                                    <td class="text-navy">授权主机组</td>
+                                    <td>
+                                        {% for group in asset_groups %}
+                                        <span class="simple-tag with-link">
+                                            <a href="{% url 'assets:asset-group-detail' group.id %}">{{ group.name }}</a>
+                                        </span>
+                                        {% endfor %}
+                                    </td>
+                                </tr>
+                                <tr>
+                                    <td class="text-navy">授权规则</td>
+                                    <td>
+                                        {% for perm in permissions %}
+                                        <span class="simple-tag with-link">
+                                            <a href="{% url 'perms:asset-permission-detail' perm.id %}">{{ perm.name }}</a>
+                                        </span>
+                                        {% endfor %}
+                                    </td>
+                                </tr>
+                            </table>
                         </div>
                     </div>
                 </div>
             </div>
-            <div class="col-sm-6"></div>
+            <div class="col-sm-6">
+                <div class="ibox float-e-margins">
+                    <div class="ibox-title">
+                        <span class="label label-primary"><b>{% trans "Update Public Key" %}</b></span>
+                        <div class="ibox-tools">
+                            <a class="collapse-link">
+                                <i class="fa fa-chevron-up"></i>
+                            </a>
+                            <a class="close-link">
+                                <i class="fa fa-times"></i>
+                            </a>
+                        </div>
+                    </div>
+                    <div class="ibox-content">
+                        <p>{% trans "Paste your SSH Public Key here" %}</p>
+                        <textarea id="txt_pk" class="form-control" cols="30" rows="10" placeholder="ssh-rsa AAAAB3NzaC1yc2EAA....."></textarea>
+                        <button id="btn_update_pk" class="btn btn-primary m-t-15">{% trans 'Update' %}</button>
+                    </div>
+                </div>
+            </div>
         </div>
     </div>
 {% endblock %}
 {% block custom_foot_js %}
+<script>
+$(document).on('click', '#btn_update_pk', function() {
+    var $this = $(this);
+    var pk = $('#txt_pk').val();
+    var the_url = '{% url "api-users:user-public-key-update" pk=user.id %}';
+    var body = {'_public_key': pk};
+    var success = function() {
+        $('#txt_pk').val('');
+        var msg = "{% trans 'Successfully updated the SSH public key.' %}";
+        swal("{% trans 'User SSH Public Key Update' %}", msg, "success");
+    };
+    var fail = function() {
+        var msg = "{% trans 'Failed to update SSH public key.' %}";
+        swal({
+            title: "{% trans 'User SSH Public Key Update' %}",
+            text: msg,
+            type: "error",
+            showCancelButton: false,
+            confirmButtonColor: "#DD6B55",
+            confirmButtonText: "{% trans 'Confirm' %}",
+            closeOnConfirm: true
+            }, function () {
+              $('#txt_pk').focus();
+            }
+        );
+    }
+    APIUpdateAttr({ url: the_url, body: JSON.stringify(body), success: success, error: fail});
+})
+</script>
 {% endblock %}

用户名	{{ user.username }}
姓名	{{ user.name }}
权限	{{ user.get_role_display }}
Email	{{ user.email }}
激活	{{ user.is_active }}
添加日期	{{ user.date_joined\|date:"Y-m-d H:i:s" }}
最后登录	{{ user.last_login\|date:"Y-m-d H:i:s" }}
所在用户组	- {% for group in user.groups.all %} - - {{ group.name }} - - {% endfor %} -
授权主机数量	{{ assets \| length }}
授权主机组	- {% for group in asset_groups %} - - {{ group.name }} - - {% endfor %} -
授权规则	- {% for perm in permissions %} - - {{ perm.name }} - - {% endfor %} -