diff --git a/controllers/ConfigController.php b/controllers/ConfigController.php
index 260ce31a..a5f910c5 100644
--- a/controllers/ConfigController.php
+++ b/controllers/ConfigController.php
@@ -152,9 +152,15 @@ class ConfigController extends Controller {
                 'method' => "POST"
             ]
         ];
-        $apiConfig = json_decode(file_get_contents("http://localhost:4004/ReadAPIConfig", false, stream_context_create($options)), true);
+        $ip = "192.168.0.42";
+        $tempConfig = json_decode(file_get_contents("http://localhost:4004/ReadAPIConfig", false, stream_context_create($options)), true);
+        if ($tempConfig['status']) {
+            $t = json_decode($tempConfig['data'], true);
+            $temp = explode(":", $t['servermqtt']);
+            $ip = $temp[0];
+        }
         return $this->render('index', [
-                    "apiConfig" => $apiConfig
+                    "ip" => $ip
         ]);
     }
 
diff --git a/controllers/UserController.php b/controllers/UserController.php
index 1c3a22c2..266fb230 100644
--- a/controllers/UserController.php
+++ b/controllers/UserController.php
@@ -22,6 +22,9 @@ class UserController extends Controller {
         if (Yii::$app->user->isGuest) {
             return $this->redirect(['/site/login']);
         }
+        if (!Yii::$app->user->can("administrator")) {
+            return $this->redirect(["/dashboard"]);
+        }
     }
 
     /**
@@ -43,11 +46,16 @@ class UserController extends Controller {
      * @return mixed
      */
     public function actionIndex() {
+        $this->view->title = "Người dùng";
+        $this->view->params['breadcrumbs'][] = "Hệ thống";
+        $this->view->params['breadcrumbs'][] = $this->view->title;
+
         $searchModel = new UserSearch();
         $dataProvider = $searchModel->search(Yii::$app->request->queryParams);
-        return $this->renderAjax("index", [
+
+        return $this->render('index', [
                     'searchModel' => $searchModel,
-                    'dataProvider' => $dataProvider
+                    'dataProvider' => $dataProvider,
         ]);
     }
 
@@ -84,6 +92,14 @@ class UserController extends Controller {
      * @return mixed
      */
     public function actionCreate() {
+        if (!Yii::$app->user->can("administrator")) {
+            Yii::$app->response->format = "json";
+            return [
+                "title" => "403",
+                "form" => Yii::t("app", "Bạn không có quyền truy cập!")
+            ];
+        }
+
         $model = new User();
         if (Yii::$app->request->post()) {
             $post = Yii::$app->request->post();
@@ -111,8 +127,7 @@ class UserController extends Controller {
                 }
             }
             return [
-                'stt' => true,
-                'url' => Url::to(['/user'])
+                'stt' => true
             ];
         } else {
             Yii::$app->response->format = "json";
@@ -135,6 +150,14 @@ class UserController extends Controller {
      * @throws NotFoundHttpException if the model cannot be found
      */
     public function actionUpdate($id) {
+        if (!Yii::$app->user->can("administrator")) {
+            Yii::$app->response->format = "json";
+            return [
+                "title" => "403",
+                "form" => Yii::t("app", "Bạn không có quyền truy cập!")
+            ];
+        }
+
         $model = $this->findModel($id);
         if (Yii::$app->request->post()) {
             $post = Yii::$app->request->post();
@@ -150,6 +173,7 @@ class UserController extends Controller {
             $model->username = $post['Username'];
             $model->phone_number = $post['PhoneNumber'];
             $model->email = $post['Email'];
+            $model->quota = $post['Quota'];
             $model->save();
             AuthAssignment::deleteAll(['user_id' => $id]);
             $auth = Yii::$app->authManager;
@@ -159,11 +183,7 @@ class UserController extends Controller {
                     $auth->assign($role, $id);
                 }
             }
-            Yii::$app->response->format = "json";
-            return [
-                'stt' => true,
-                'url' => Url::to(['/user'])
-            ];
+            return true;
         } else {
             Yii::$app->response->format = "json";
             return [
@@ -185,12 +205,13 @@ class UserController extends Controller {
      * @throws NotFoundHttpException if the model cannot be found
      */
     public function actionDelete($id) {
-        if (Yii::$app->request->isAjax) {
-            $this->findModel($id)->delete();
-            AuthAssignment::deleteAll(['user_id' => $id]);
-            Yii::$app->response->format = "json";
-            return ["url" => Url::to(['/user'])];
+        if (!Yii::$app->user->can("administrator")) {
+            throw new \yii\web\ForbiddenHttpException(Yii::t("app", "Bạn không có quyền truy cập!"));
         }
+
+        $this->findModel($id)->delete();
+        AuthAssignment::deleteAll(['user_id' => $id]);
+        return $this->redirect(['index']);
     }
 
     /**
@@ -209,27 +230,27 @@ class UserController extends Controller {
     }
 
     public function actionProfiles() {
+        if (Yii::$app->user->isGuest) {
+            return $this->redirect(['/site/login']);
+        }
+
         $model = $this->findModel(Yii::$app->user->id);
+        $this->view->title = Yii::t("app", "Thông tin cá nhân");
+        $this->view->params['breadcrumbs'][] = $this->view->title;
+
+        return $this->render('profiles', [
+                    "model" => $model
+        ]);
+    }
+
+    public function actionInfo($id) {
         if (Yii::$app->request->post()) {
+            $model = $this->findModel($id);
             $post = Yii::$app->request->post();
             $model->first_name = $post['Name'];
             $model->phone_number = $post['PhoneNumber'];
             $model->email = $post['Email'];
             return $model->save();
-        } else {
-            Yii::$app->response->format = "json";
-            if (Yii::$app->user->isGuest) {
-                return [
-                    "title" => "Lỗi",
-                    "form" => "Bạn chưa đăng nhập hệ thống"
-                ];
-            }
-            return [
-                "title" => "Thông tin cá nhân",
-                "form" => $this->renderPartial('profiles', [
-                    "model" => $model
-                ])
-            ];
         }
     }
 
@@ -241,19 +262,15 @@ class UserController extends Controller {
             $model->save();
             return true;
         } else {
-            Yii::$app->response->format = "json";
             if (Yii::$app->user->isGuest) {
-                return [
-                    "title" => "Lỗi",
-                    "form" => "Bạn chưa đăng nhập hệ thống"
-                ];
+                return $this->redirect(['/site/login']);
             }
-            return [
-                "title" => "Đổi mật khẩu",
-                "form" => $this->renderPartial('password', [
-                    "model" => $model
-                ])
-            ];
+            $this->view->title = Yii::t("app", "Đổi mật khẩu");
+            $this->view->params['breadcrumbs'][] = $this->view->title;
+
+            return $this->render('password', [
+                        "model" => $model
+            ]);
         }
     }
 
diff --git a/db/app.db b/db/app.db
index c1dbe0d2..100c77b5 100644
Binary files a/db/app.db and b/db/app.db differ
diff --git a/views/config/cau-hinh-nhan-dien.tpl b/views/config/cau-hinh-nhan-dien.tpl
index 755857d9..e10bf6d6 100644
--- a/views/config/cau-hinh-nhan-dien.tpl
+++ b/views/config/cau-hinh-nhan-dien.tpl
@@ -166,8 +166,9 @@
         <br>
         <div class="row">
             <div class="col-md-6">
+                {$username=Yii::$app->user->identity->username}
                 <ul class="tree">
-                    <li>
+                    <li {if $username!='admin'}class='hidden'{/if}>
                         <input type="checkbox" checked="checked" id="c1" />
                         <label class="tree_label" for="c1">camera</label>
                         <ul>
@@ -360,7 +361,7 @@
                             </li>
                         </ul>
                     </li>
-                    <li>
+                    <li {if $username!='admin'}class='hidden'{/if}>
                         <input type="checkbox" checked="checked" id="c2" />
                         <label class="tree_label" for="c2">face_verify</label>
                         <ul>
@@ -449,7 +450,7 @@
                             </li>
                         </ul>
                     </li>
-                    <li>
+                    <li {if $username!='admin'}class='hidden'{/if}>
                         <input type="checkbox" checked="checked" id="c3" />
                         <label class="tree_label" for="c3">haarcascade</label>
                         <ul>
@@ -489,7 +490,7 @@
                         <input type="checkbox" checked="checked" id="c4" />
                         <label class="tree_label" for="c4">engine</label>
                         <ul>
-                            <li>
+                            <li {if $username!='admin'}class='hidden'{/if}>
                                 <input type="checkbox" checked="checked" id="c41" />
                                 <label class="tree_label" for="c41">max_fps</label>:
                                 <div contenteditable="" id="text-c41" class="editform">{$config_json.engine.max_fps}</div>
@@ -510,12 +511,12 @@
                         <input type="checkbox" checked="checked" id="c5" />
                         <label class="tree_label" for="c5">recognition</label>
                         <ul>
-                            <li>
+                            <li {if $username!='admin'}class='hidden'{/if}>
                                 <input type="checkbox" checked="checked" id="c51" />
                                 <label class="tree_label" for="c51">enable</label>:
                                 <div contenteditable="" id="text-c51" class="editform">{$config_json.recognition.enable}</div>
                             </li>
-                            <li>
+                            <li {if $username!='admin'}class='hidden'{/if}>
                                 <input type="checkbox" checked="checked" id="c52" />
                                 <label class="tree_label" for="c52">accuracy</label>:
                                 <div contenteditable="" id="text-c52" class="editform">{$config_json.recognition.accuracy}</div>
@@ -525,29 +526,29 @@
                                 <label class="tree_label" for="c53">server_recog</label>:
                                 <div contenteditable="" id="text-c53" class="editform">{$config_json.recognition.server_recog}</div>
                             </li>
-                            <li>
+                            <li {if $username!='admin'}class='hidden'{/if}>
                                 <input type="checkbox" checked="checked" id="c54" />
                                 <label class="tree_label" for="c54">request_timeout</label>:
                                 <div contenteditable="" id="text-c54" class="editform">{$config_json.recognition.request_timeout}</div>
                             </li>
-                            <li>
+                            <li {if $username!='admin'}class='hidden'{/if}>
                                 <input type="checkbox" checked="checked" id="c55" />
                                 <label class="tree_label" for="c55">num_face_recog</label>:
                                 <div contenteditable="" id="text-c55" class="editform">{$config_json.recognition.num_face_recog}</div>
                             </li>
-                            <li>
+                            <li {if $username!='admin'}class='hidden'{/if}>
                                 <input type="checkbox" checked="checked" id="c56" />
                                 <label class="tree_label" for="c56">first_time_recog</label>:
                                 <div contenteditable="" id="text-c56" class="editform">{$config_json.recognition.first_time_recog}</div>
                             </li>
-                            <li>
+                            <li {if $username!='admin'}class='hidden'{/if}>
                                 <input type="checkbox" checked="checked" id="c57" />
                                 <label class="tree_label" for="c57">next_time_recog</label>:
                                 <div contenteditable="" id="text-c57" class="editform">{$config_json.recognition.next_time_recog}</div>
                             </li>
                         </ul>
                     </li>
-                    <li>
+                    <li {if $username!='admin'}class='hidden'{/if}>
                         <input type="checkbox" checked="checked" id="c6" />
                         <label class="tree_label" for="c6">screen</label>
                         <ul>
@@ -573,12 +574,12 @@
                             </li>
                         </ul>
                     </li>
-                    <li>
+                    <li {if $username!='admin'}class='hidden'{/if}>
                         <input type="checkbox" checked="checked" id="c7" />
                         <label class="tree_label" for="c7">id_city</label>
                         <div contenteditable="" id="text-c7" class="editform">{$config_json.id_city}</div>
                     </li>
-                    <li>
+                    <li {if $username!='admin'}class='hidden'{/if}>
                         <input type="checkbox" checked="checked" id="c8" />
                         <label class="tree_label" for="c8">open_door</label>
                         <ul>
@@ -594,7 +595,7 @@
                             </li>
                         </ul>
                     </li>
-                    <li>
+                    <li {if $username!='admin'}class='hidden'{/if}>
                         <input type="checkbox" checked="checked" id="c9" />
                         <label class="tree_label" for="c9">log</label>
                         <ul>
diff --git a/views/config/index.tpl b/views/config/index.tpl
index ff921398..5e9251f0 100644
--- a/views/config/index.tpl
+++ b/views/config/index.tpl
@@ -43,8 +43,7 @@
                 <div class="form-group">
                     <div class="input-group">
                         <div class="input-group-addon">server IP</div>
-                        {$temp=explode(":",$apiConfig.servermqtt)}
-                        <input type="input" class="form-control" name="servermqtt" value="{$temp.0}">
+                        <input type="input" class="form-control" name="servermqtt" value="{$ip}">
                     </div> 
                 </div>
                 <div class="text-center">
diff --git a/views/user/index.tpl b/views/user/index.tpl
index 28c763b3..e396fc36 100644
--- a/views/user/index.tpl
+++ b/views/user/index.tpl
@@ -1,30 +1,23 @@
+{extends file=$smarty.current_dir|cat:'/../extends.tpl'}
 {use class="yii\helpers\Url"}
 {use class="yii\grid\GridView"}
-{use class="yii\widgets\Pjax" type="block"}
-<style>
-    .table-user thead tr:first-child{
-        background: #eaeaea;
-    }
-    .table-user thead tr .form-control{
-        height: 25px;
-        font-size: 12px;
-    }
-</style>
-<div class="text-left">
-    <button class="btn btn-primary btn-xs" onclick="user.form(this);" data-href="{Url::to(['/user/create'])}">
-        <i class="fa fa-plus"></i> Thêm mới
-    </button>
-</div>
-<br>
-<div style="font-size: 12px;">
-    {Pjax id="user-list-modal" enablePushState=false timeout=false enableReplaceState=false}
+{use class="app\assets\UserAsset"} 
+{UserAsset::register($this)|void}
+{block name='content'}
+    {if \Yii::$app->user->can("administrator")}
+        <div class="text-left">
+            <button class="btn btn-primary" onclick="user.form(this);" data-href="{Url::to(['/user/create'])}">
+                <i class="fa fa-plus"></i> Thêm mới
+            </button>
+        </div>
+    {/if}
+    <br>
     {GridView::widget([
-        'id' => 'user-list-gridview',
         'dataProvider' => $dataProvider,
         'filterModel' => $searchModel,
         'layout'=> \app\helpers\UserGrid::getLayout(),
         'tableOptions' => [
-            'class' => 'table table-striped table-bordered table-user',
+            'class' => 'table table-striped table-bordered',
             'style' => 'background:#fff;min-width:700px;'
         ],
         'columns' => [
@@ -51,5 +44,4 @@
             ]
         ]
     ])}
-    {/Pjax}
-</div>
\ No newline at end of file
+{/block}
\ No newline at end of file
diff --git a/views/user/password.tpl b/views/user/password.tpl
index 7e765788..23bca6df 100644
--- a/views/user/password.tpl
+++ b/views/user/password.tpl
@@ -1,24 +1,38 @@
-<input type="hidden" value="{$model->password}" name="password">
-<div class="form-group" id="old-password">
-    <label class="control-label">Mật khẩu cũ</label>
-    <input type="password" class="form-control" name="OldPassword">
-    <span class="help-block hidden"></span>
-</div>
-<div class="form-group" id="new-password">
-    <label class="control-label">Mật khẩu mới</label>
-    <input type="password" class="form-control" name="NewPassword">
-    <span class="help-block hidden"></span>
-</div>
-<div class="form-group" id="re-new-password">
-    <label class="control-label">Nhắc lại mật khẩu mới</label>
-    <input type="password" class="form-control" name="ReNewPassword">
-    <span class="help-block hidden"></span>
-</div>
-<div class="alert alert-success hidden" id='success' style="padding: 5px;">
-    <i class="fa fa-check"></i> Đổi mật khẩu thành công!
-</div>
-<div class="text-center">
-    <button class="btn btn-primary" onclick="user.changePassword(this);" data-href="{yii\helpers\Url::to(['/user/change-password','id'=>$model->id])}">
-        <i class="fa fa-lock"></i> Đổi mật khẩu
-    </button>
-</div>
\ No newline at end of file
+{extends file=$smarty.current_dir|cat:'/../extends.tpl'}
+{use class="yii\helpers\Url"}
+{use class="yii\grid\GridView"}
+{use class="app\assets\UserAsset"} 
+{UserAsset::register($this)|void}
+{block name='content'}
+    <br>
+    <div class="row">
+        <div class="col-md-4 col-md-push-4">
+            <input type="hidden" value="{$model->password}" name="password">
+            <div class="well" style="background: #fff;">
+                <div class="form-group" id="old-password">
+                    <label class="control-label">Mật khẩu cũ</label>
+                    <input type="password" class="form-control" name="OldPassword">
+                    <span class="help-block hidden"></span>
+                </div>
+                <div class="form-group" id="new-password">
+                    <label class="control-label">Mật khẩu mới</label>
+                    <input type="password" class="form-control" name="NewPassword">
+                    <span class="help-block hidden"></span>
+                </div>
+                <div class="form-group" id="re-new-password">
+                    <label class="control-label">Nhắc lại mật khẩu mới</label>
+                    <input type="password" class="form-control" name="ReNewPassword">
+                    <span class="help-block hidden"></span>
+                </div>
+                <div class="alert alert-success hidden" id='success' style="padding: 5px;">
+                    <i class="fa fa-check"></i> Đổi mật khẩu thành công!
+                </div>
+                <div class="text-center">
+                    <button class="btn btn-primary" onclick="user.password(this);" data-href="{Url::to(['/user/change-password','id'=>$model->id])}">
+                        <i class="fa fa-lock"></i> Đổi mật khẩu
+                    </button>
+                </div>
+            </div>
+        </div> 
+    </div>
+{/block}
\ No newline at end of file
diff --git a/views/user/profiles.tpl b/views/user/profiles.tpl
index f3208539..7bbc3936 100644
--- a/views/user/profiles.tpl
+++ b/views/user/profiles.tpl
@@ -1,51 +1,65 @@
-<div class="text-center">
-    {$directoryAsset=Yii::$app->assetManager->getPublishedUrl('@vendor/almasaeed2010/adminlte/dist')}
-    {if !Yii::$app->user->isGuest}
-        {$img=Yii::$app->user->identity->user_image}
-        {if $img==null}
-            {$img=$directoryAsset|cat:"/img/user2-160x160.jpg"}
-        {else}
-            {$img=Yii::getAlias("@images_folder")|cat:$img}
-        {/if}
-    {/if}
-    <img src="{$img}" id="avatar" class="img-thumbnail img-circle" style="width: 100px;height: 100px;cursor: pointer;" onclick="$('#image').trigger('click');">
-    <div class="hidden">
-        <input type="file" name="image" id="image">
-        <input type="hidden" name="url_upload_avatar" value="{yii\helpers\Url::to(['/user/avatar'])}">
-    </div>
-</div>
-<br>
-<div class="form-group" id="username">
-    <label class="control-label" for="user-username">Tên đăng nhập</label>
-    <input type="text" class="form-control" name="Username" readonly="" value="{$model->username}">
-    <span class="help-block hidden"></span>
-</div>
-<div class="form-group" id="name">
-    <label class="control-label" for="user-first-name">Họ tên</label>
-    <input type="text" class="form-control" name="Name" value="{$model->first_name}">
-    <span class="help-block hidden"></span>
-</div>
-<div class="form-group" id="phone">
-    <label class="control-label" for="user-phone-number">Điện thoại</label>
-    <input type="text" class="form-control" name="PhoneNumber" value="{$model->phone_number}">
-    <span class="help-block hidden"></span>
-</div>
-<div class="form-group" id="email">
-    <label class="control-label" for="user-email">Email</label>
-    <input type="text" class="form-control" name="Email" value="{$model->email}">
-    <span class="help-block hidden"></span>
-</div>
-<div class="form-group" id="roles">
-    <label class="control-label" for="user-role">Loại người dùng</label>
+{extends file=$smarty.current_dir|cat:'/../extends.tpl'}
+{use class="yii\helpers\Url"}
+{use class="yii\grid\GridView"}
+{use class="app\assets\UserAsset"} 
+{UserAsset::register($this)|void}
+{block name='content'}
     <br>
-    {$model->roleName}
-</div>
-<hr>
-<div class="alert alert-success hidden" id='success' style="padding: 5px;">
-    <i class="fa fa-check"></i> Thông tin đã được lưu lại!
-</div>
-<div class="text-center">
-    <button class="btn btn-primary" onclick="user.saveInfo(this);" data-href="{yii\helpers\Url::to(['/user/profiles','id'=>$model->id])}">
-        <i class="fa fa-floppy-o"></i> Lưu lại
-    </button>
-</div>
\ No newline at end of file
+    <div class="row">
+        <div class="col-md-4 col-md-push-4">
+            <div class="well" style="background: #fff;">
+                <div class="text-center">
+                    {$directoryAsset=Yii::$app->assetManager->getPublishedUrl('@vendor/almasaeed2010/adminlte/dist')}
+                    {if !Yii::$app->user->isGuest}
+                        {$img=Yii::$app->user->identity->user_image}
+                        {if $img==null}
+                            {$img=$directoryAsset|cat:"/img/user2-160x160.jpg"}
+                        {else}
+                            {$img=Yii::getAlias("@images_folder")|cat:$img}
+                        {/if}
+                    {/if}
+                    <img src="{$img}" id="avatar" class="img-thumbnail img-circle" style="width: 100px;height: 100px;cursor: pointer;" onclick="$('#image').trigger('click');">
+                    <div class="hidden">
+                        <input type="file" name="image" id="image">
+                        <input type="hidden" name="url_upload_avatar" value="{Url::to(['/user/avatar'])}">
+                    </div>
+                </div>
+                <br>
+                <div class="form-group" id="username">
+                    <label class="control-label" for="user-username">Tên đăng nhập</label>
+                    <input type="text" class="form-control" name="Username" readonly="" value="{$model->username}">
+                    <span class="help-block hidden"></span>
+                </div>
+                <div class="form-group" id="name">
+                    <label class="control-label" for="user-first-name">Họ tên</label>
+                    <input type="text" class="form-control" name="Name" value="{$model->first_name}">
+                    <span class="help-block hidden"></span>
+                </div>
+                <div class="form-group" id="phone">
+                    <label class="control-label" for="user-phone-number">Điện thoại</label>
+                    <input type="text" class="form-control" name="PhoneNumber" value="{$model->phone_number}">
+                    <span class="help-block hidden"></span>
+                </div>
+                <div class="form-group" id="email">
+                    <label class="control-label" for="user-email">Email</label>
+                    <input type="text" class="form-control" name="Email" value="{$model->email}">
+                    <span class="help-block hidden"></span>
+                </div>
+                <div class="form-group" id="roles">
+                    <label class="control-label" for="user-role">Loại người dùng</label>
+                    <br>
+                    {$model->roleName}
+                </div>
+                <hr>
+                <div class="alert alert-success hidden" id='success' style="padding: 5px;">
+                    <i class="fa fa-check"></i> Thông tin đã được lưu lại!
+                </div>
+                <div class="text-center">
+                    <button class="btn btn-primary" onclick="user.saveInfo(this);" data-href="{Url::to(['/user/info','id'=>$model->id])}">
+                        <i class="fa fa-floppy-o"></i> Lưu lại
+                    </button>
+                </div>
+            </div>
+        </div> 
+    </div>
+{/block}
\ No newline at end of file