System user must be able to change the password

The #25 (closed) introduced the ability to manage the users by an administrator, but the users should be able to change their own passwords. At the same time, we should introduce some authorization mechanisms, so as only selected users can manage the users and others should only be able to apply modifications in their own profiles.