diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index e745e9e89..dbaf33d57 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -50,6 +50,7 @@ class UsersController < ApplicationController
     @user = User.find(params[:id])
     check_privilege(@user)
     sanitize_params!
+    handle_promotion!
     @user.update_attributes(params[:user].except(:name), :as => CurrentUser.role)
     cookies.delete(:favorite_tags)
     cookies.delete(:favorite_tags_with_categories)
@@ -76,6 +77,12 @@ private
     end
   end
 
+  def handle_promotion!
+    if params[:user] && params[:user][:level]
+      UserPromotion.new(@user, CurrentUser.user, params[:user].delete(:level)).promote!
+    end
+  end
+
   def check_privilege(user)
     raise User::PrivilegeError unless (user.id == CurrentUser.id || CurrentUser.is_admin?)
   end
diff --git a/app/logical/user_promotion.rb b/app/logical/user_promotion.rb
index d7c80aee8..20861ee8f 100644
--- a/app/logical/user_promotion.rb
+++ b/app/logical/user_promotion.rb
@@ -23,6 +23,22 @@ class UserPromotion
     user.save
   end
 
+  def create_user_feedback
+    if user.level > user.level_was
+      body_prefix = "Promoted"
+    elsif user.level < user.level_was
+      body_prefix = "Demoted"
+    else
+      body_prefix = "Updated"
+    end
+
+    user.feedback.create(
+      :category => "neutral",
+      :body => "#{body_prefix} from #{user.level_string_was} to #{user.level_string}",
+      :disable_dmail_notification => true
+    )
+  end
+
 private
   
   def validate
@@ -40,22 +56,6 @@ private
     TransactionLogItem.record_account_upgrade(user)
   end
 
-  def create_user_feedback
-    if user.level > user.level_was
-      body_prefix = "Promoted"
-    elsif user.level < user.level_was
-      body_prefix = "Demoted"
-    else
-      body_prefix = "Updated"
-    end
-
-    user.feedback.create(
-      :category => "neutral",
-      :body => "#{body_prefix} from #{user.level_string_was} to #{user.level_string}",
-      :disable_dmail_notification => true
-    )
-  end
-
   def create_dmail
     if user.level >= user.level_was || user.bit_prefs_changed?
       create_promotion_dmail
diff --git a/test/functional/users_controller_test.rb b/test/functional/users_controller_test.rb
index f6c4fa105..a1e6cfaa8 100644
--- a/test/functional/users_controller_test.rb
+++ b/test/functional/users_controller_test.rb
@@ -70,6 +70,32 @@ class UsersControllerTest < ActionController::TestCase
         @user.reload
         assert_equal("xyz", @user.favorite_tags)
       end
+
+      context "changing the level" do
+        setup do
+          @cuser = FactoryGirl.create(:user)
+        end
+
+        should "not work if the current user is not an admin" do
+          post :update, {:id => @user.id, :user => {:level => 40}}, {:user_id => @cuser.id}
+          @user.reload
+          assert_equal(20, @user.level)
+        end
+
+        context "where the current user is an admin" do
+          setup do
+            @admin = FactoryGirl.create(:admin_user)
+          end
+
+          should "create a user feedback" do
+            assert_difference("UserFeedback.count") do
+              post :update, {:id => @user.id, :user => {:level => 40}}, {:user_id => @admin.id}
+            end
+            @user.reload
+            assert_equal(40, @user.level)
+          end
+        end
+      end
     end
   end
 end