diff --git a/web/includes/actions/user.php b/web/includes/actions/user.php
index a81bc14de..cdfc3b66f 100644
--- a/web/includes/actions/user.php
+++ b/web/includes/actions/user.php
@@ -76,20 +76,26 @@ if ($action == 'Save') {
         }
       }
     } # end if changes
+
     foreach (ZM\Group::find() as $g) {
       if (isset($_POST['group_permission'])) {
         $permission = $g->Group_Permission($dbUser->Id());
-        if (!$permission) {
-          $permission = new ZM\Group_Permission();
-          $permission->GroupId($g->Id());
-          $permission->UserId($dbUser->Id());
-        }
         if ($permission->Permission() != $_POST['group_permission'][$g->Id()]) {
           $permission->save(array('Permission'=>$_POST['group_permission'][$g->Id()]));
         }
       }
-      $g->Permissions(null); # reload
     }
+    $g->Permissions(null); # reload
+
+    foreach (ZM\Monitor::find() as $m) {
+      if (isset($_POST['monitor_permission'])) {
+        $permission = $dbUser->Monitor_Permission($m->Id());
+        if ($permission->Permission() != $_POST['monitor_permission'][$m->Id()]) {
+          $permission->save(array('Permission'=>$_POST['monitor_permission'][$m->Id()]));
+        }
+      }
+    }
+    $dbUser->Monitor_Permissions(null); # reload
   } else if (ZM_USER_SELF_EDIT and ($uid == $user['Id'])) {
     if (!empty($_REQUEST['user']['Password'])) {
       $_REQUEST['user']['Password'] = password_hash($_REQUEST['user']['Password'], PASSWORD_BCRYPT);