diff --git a/app/Constants.php b/app/Constants.php
index d5d88a153b95..8ed02d2f1332 100644
--- a/app/Constants.php
+++ b/app/Constants.php
@@ -49,20 +49,20 @@ if (! defined('APP_NAME')) {
     define('ENTITY_PROPOSAL_INVITATION', 'proposal_invitation');
 
     $permissionEntities = [
-        ENTITY_PROPOSAL,
-        ENTITY_EXPENSE,
-        ENTITY_PROJECT,
-        ENTITY_VENDOR,
-        ENTITY_PRODUCT,
-        ENTITY_TASK,
-        ENTITY_QUOTE,
-        ENTITY_CREDIT,
-        ENTITY_PAYMENT,
-        ENTITY_CONTACT,
-        ENTITY_INVOICE,
         ENTITY_CLIENT,
-        ENTITY_RECURRING_INVOICE,
+        //ENTITY_CONTACT,
+        ENTITY_CREDIT,
+        ENTITY_EXPENSE,
+        ENTITY_INVOICE,
+        ENTITY_PAYMENT,
+        ENTITY_PRODUCT,
+        ENTITY_PROJECT,
+        ENTITY_PROPOSAL,
+        ENTITY_QUOTE,
         'reports',
+        ENTITY_TASK,
+        ENTITY_VENDOR,
+        ENTITY_RECURRING_INVOICE,
     ];
 
     define('PERMISSION_ENTITIES', json_encode($permissionEntities));
diff --git a/app/Policies/GenericEntityPolicy.php b/app/Policies/GenericEntityPolicy.php
index 24cfad36178d..c8a7750bbecf 100644
--- a/app/Policies/GenericEntityPolicy.php
+++ b/app/Policies/GenericEntityPolicy.php
@@ -81,6 +81,37 @@ class GenericEntityPolicy
         return false;
     }
 
+    /**
+     * @param User $user
+     * @param $item - entity name or object
+     *
+     * @return bool
+     */
+
+    public static function edit(User $user, $item)
+    {
+        if (! static::checkModuleEnabled($user, $item))
+            return false;
+
+
+        $entityType = is_string($item) ? $item : $item->getEntityType();
+        return $user->hasPermission('edit_' . $entityType) || $user->owns($item);
+    }
+
+    /**
+     * @param User $user
+     * @param $item - entity name or object
+     * @return bool
+     */
+
+    private static function checkModuleEnabled(User $user, $item)
+    {
+        $entityType = is_string($item) ? $item : $item->getEntityType();
+        return $user->account->isModuleEnabled($entityType);
+    }
+
+
+
     private static function className($entityType)
     {
         if (! Utils::isNinjaProd()) {
diff --git a/resources/views/users/edit.blade.php b/resources/views/users/edit.blade.php
index c7f94c012152..b532168f77ab 100644
--- a/resources/views/users/edit.blade.php
+++ b/resources/views/users/edit.blade.php
@@ -102,6 +102,9 @@
                                   ->check(is_array($permissions) && in_array('edit_' . $permissionEntity, $permissions, FALSE) ? true : false) !!}</td>
                         </tr>
                     @endforeach
+                    <tr><td><input type="checkbox" id="view_contact" value="view_contact" name="permissions[view_contact]" style="display:none">
+                            <input type="checkbox" id="edit_contact" value="edit_contact" name="permissions[edit_contact]" style="display:none">
+                            <input type="checkbox" id="create_contact" value="create_contact" name="permissions[create_contact]" style="display:none"></td></tr>
                     </tbody>
                 </table>
             </div>
@@ -148,10 +151,12 @@
                             .replace(']',"")
         .replace('[',""); //get entity name
 
-        $('#edit_' + entity).prop('disabled', !$('#view_' + entity).is(':checked')); //set state of edit checkbox
+        setCheckboxEditValue(entity);
+        setContactPermission();
 
     });
 
+
     /*
     *
     * Checks state of View/Edit checkbox, will enable/disable check/uncheck
@@ -168,10 +173,27 @@
                             .replace(']',"")
                             .replace('[',""); //get entity name
 
-    $('#edit_' + entity).prop('disabled', !$('#view_' + entity).is(':checked')); //set state of edit checkbox
+        setCheckboxEditValue(entity);
+        setContactPermission();
 
-        if(!$('#view_' + entity).is(':checked')) {
-            $('#edit_' + entity).prop('checked', false); //remove checkbox value from edit dependant on View state.
+    });
+
+    $('#edit_client, #view_client, #create_client').change(function() {
+        switch($(this).val()) {
+            case 'create_client':
+                $('#create_contact').prop('disabled', false); //set state of edit checkbox
+                $('#create_contact').prop('checked', $('#create_client').is(':checked') );
+            break;
+
+            case 'view_client':
+                $('#view_contact').prop('disabled', false); //set state of edit checkbox
+                $('#view_contact').prop('checked', $('#view_client').is(':checked') );
+            break;
+
+            case 'edit_client':
+                $('#edit_contact').prop('disabled', false); //set state of edit checkbox
+                $('#edit_contact').prop('checked', $('#edit_client').is(':checked') );
+            break;
         }
 
     });
@@ -192,17 +214,28 @@
 
             $('#' + permission_type + entity).prop('checked', checked); //set state of edit checkbox
 
-            if(!$('#view_' + entity).is(':checked')) {
-                $('#edit_' + entity).prop('checked', false); //remove checkbox value from edit dependant on View state.
-            }
-
-            $('#edit_' + entity).prop('disabled', !$('#view_' + entity).is(':checked')); //set state of edit checkbox
-
+            setCheckboxEditValue(entity);
+            setContactPermission();
 
         });
 
-
     });
 
+    function setCheckboxEditValue(entity) {
 
+        if(!$('#view_' + entity).is(':checked')) {
+            $('#edit_' + entity).prop('checked', false); //remove checkbox value from edit dependant on View state.
+        }
+
+        $('#edit_' + entity).prop('disabled', !$('#view_' + entity).is(':checked')); //set state of edit checkbox
+
+    }
+
+    function setContactPermission() {
+
+        $('#view_contact').prop('checked', $('#view_client').is(':checked') );
+        $('#edit_contact').prop('checked', $('#edit_client').is(':checked') );
+        $('#create_contact').prop('checked', $('#create_client').is(':checked') );
+
+    }
 @stop