fix #8925: and fix #8927 use role_admin for check whether user is admin and check for user_manager for right to edit pwd
fix #8925: and fix #8927 use role_admin for check whether user is admin and check for user_manager for right to edit pwd