diff --git a/core/migrations/0016_auto_20151203_1514.py b/core/migrations/0016_auto_20151203_1514.py
new file mode 100644
index 00000000..7b5f4687
--- /dev/null
+++ b/core/migrations/0016_auto_20151203_1514.py
@@ -0,0 +1,44 @@
+# -*- coding: utf-8 -*-
+from __future__ import unicode_literals
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('core', '0015_remove_page_is_locked'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='user',
+            name='edit_group',
+            field=models.ManyToManyField(to='core.Group', related_name='editable_user'),
+        ),
+        migrations.AddField(
+            model_name='user',
+            name='owner_group',
+            field=models.ForeignKey(related_name='owned_user', to='core.Group', default=1),
+        ),
+        migrations.AddField(
+            model_name='user',
+            name='view_group',
+            field=models.ManyToManyField(to='core.Group', related_name='viewable_user'),
+        ),
+        migrations.AlterField(
+            model_name='page',
+            name='edit_group',
+            field=models.ManyToManyField(to='core.Group', related_name='editable_page'),
+        ),
+        migrations.AlterField(
+            model_name='page',
+            name='owner_group',
+            field=models.ForeignKey(related_name='owned_page', to='core.Group', default=1),
+        ),
+        migrations.AlterField(
+            model_name='page',
+            name='view_group',
+            field=models.ManyToManyField(to='core.Group', related_name='viewable_page'),
+        ),
+    ]
diff --git a/core/migrations/0017_auto_20151203_1530.py b/core/migrations/0017_auto_20151203_1530.py
new file mode 100644
index 00000000..4848a354
--- /dev/null
+++ b/core/migrations/0017_auto_20151203_1530.py
@@ -0,0 +1,34 @@
+# -*- coding: utf-8 -*-
+from __future__ import unicode_literals
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('core', '0016_auto_20151203_1514'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='page',
+            name='edit_group',
+            field=models.ManyToManyField(blank=True, related_name='editable_page', to='core.Group'),
+        ),
+        migrations.AlterField(
+            model_name='page',
+            name='view_group',
+            field=models.ManyToManyField(blank=True, related_name='viewable_page', to='core.Group'),
+        ),
+        migrations.AlterField(
+            model_name='user',
+            name='edit_group',
+            field=models.ManyToManyField(blank=True, related_name='editable_user', to='core.Group'),
+        ),
+        migrations.AlterField(
+            model_name='user',
+            name='view_group',
+            field=models.ManyToManyField(blank=True, related_name='viewable_user', to='core.Group'),
+        ),
+    ]
diff --git a/core/models.py b/core/models.py
index 50657968..d4bd1bce 100644
--- a/core/models.py
+++ b/core/models.py
@@ -7,6 +7,13 @@ from django.core.exceptions import ValidationError
 from django.core.urlresolvers import reverse
 from datetime import datetime, timedelta
 
+class Group(AuthGroup):
+    def get_absolute_url(self):
+        """
+        This is needed for black magic powered UpdateView's children
+        """
+        return reverse('core:group_edit', kwargs={'group_id': self.pk})
+
 class User(AbstractBaseUser, PermissionsMixin):
     """
     Defines the base user class, useable in every app
@@ -53,6 +60,9 @@ class User(AbstractBaseUser, PermissionsMixin):
         ),
     )
     date_joined = models.DateTimeField(_('date joined'), default=timezone.now)
+    owner_group = models.ForeignKey(Group, related_name="owned_user", default=1)
+    edit_group = models.ManyToManyField(Group, related_name="editable_user", blank=True)
+    view_group = models.ManyToManyField(Group, related_name="viewable_user", blank=True)
 
     objects = UserManager()
 
@@ -125,20 +135,6 @@ class User(AbstractBaseUser, PermissionsMixin):
         self.username = user_name
         return user_name
 
-class Group(AuthGroup):
-    def get_absolute_url(self):
-        """
-        This is needed for black magic powered UpdateView's children
-        """
-        return reverse('core:group_edit', kwargs={'group_id': self.pk})
-
-class GroupManagedObject(models.Model):
-    owner_group = models.ForeignKey(Group, related_name="owned_object", default=1)
-    edit_group = models.ManyToManyField(Group, related_name="editable_object")
-    view_group = models.ManyToManyField(Group, related_name="viewable_object")
-    class Meta:
-        abstract = True
-
 class LockError(Exception):
     """There was a lock error on the object"""
     pass
@@ -151,7 +147,7 @@ class NotLocked(LockError):
     """The object is not locked"""
     pass
 
-class Page(GroupManagedObject, models.Model):
+class Page(models.Model):
     """
     The page class to build a Wiki
     Each page may have a parent and it's URL is of the form my.site/page/<grd_pa>/<parent>/<mypage>
@@ -167,6 +163,9 @@ class Page(GroupManagedObject, models.Model):
     # Attention: this field may not be valid until you call save(). It's made for fast query, but don't rely on it when
     # playing with a Page object, use get_full_name() instead!
     full_name = models.CharField(_('page name'), max_length=255, blank=True)
+    owner_group = models.ForeignKey(Group, related_name="owned_page", default=1)
+    edit_group = models.ManyToManyField(Group, related_name="editable_page", blank=True)
+    view_group = models.ManyToManyField(Group, related_name="viewable_page", blank=True)
     lock_mutex = {}
 
 
diff --git a/core/views/__init__.py b/core/views/__init__.py
index 2acc162f..e5aaef90 100644
--- a/core/views/__init__.py
+++ b/core/views/__init__.py
@@ -37,6 +37,8 @@ class CanEditMixin(CanEditPropMixin):
         for g in obj.edit_group.all():
             if user.groups.filter(name=g.name).exists():
                 return super(CanEditPropMixin, self).dispatch(request, *arg, **kwargs)
+        if isinstance(obj, User) and obj == user:
+                return super(CanEditPropMixin, self).dispatch(request, *arg, **kwargs)
         return HttpResponseForbidden("403, Forbidden")
 
 class CanViewMixin(CanEditMixin):
diff --git a/core/views/user.py b/core/views/user.py
index 9daed52f..177e423a 100644
--- a/core/views/user.py
+++ b/core/views/user.py
@@ -6,6 +6,7 @@ from django.views.generic.edit import UpdateView
 from django.views.generic import ListView, DetailView
 import logging
 
+from core.views import CanViewMixin, CanEditMixin, CanEditPropMixin
 from core.views.forms import RegisteringForm, UserGroupsForm
 from core.models import User
 
@@ -87,7 +88,7 @@ def register(request):
     context['form'] = form.as_p()
     return render(request, "core/register.html", context)
 
-class UserView(DetailView):
+class UserView(CanViewMixin, DetailView):
     """
     Display a user's profile
     """
@@ -101,7 +102,7 @@ class UserListView(ListView):
     """
     model = User
 
-class UserUpdateProfileView(UpdateView):
+class UserUpdateProfileView(CanEditMixin, UpdateView):
     """
     Edit a user's profile
     """
@@ -110,7 +111,7 @@ class UserUpdateProfileView(UpdateView):
     template_name = "core/user_edit.html"
     fields = ('first_name', 'last_name', 'nick_name', 'email', 'date_of_birth', )
 
-class UserUpdateGroupsView(UpdateView):
+class UserUpdateGroupsView(CanEditPropMixin, UpdateView):
     """
     Edit a user's groups
     """