diff --git a/apps/assets/api.py b/apps/assets/api.py
deleted file mode 100644
index 71399c78e..000000000
--- a/apps/assets/api.py
+++ /dev/null
@@ -1,359 +0,0 @@
-# ~*~ coding: utf-8 ~*~
-# Copyright (C) 2014-2018 Beijing DuiZhan Technology Co.,Ltd. All Rights Reserved.
-#
-# Licensed under the GNU General Public License v2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#    http://www.gnu.org/licenses/gpl-2.0.html
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-from rest_framework import generics, mixins
-from rest_framework.views import APIView
-from rest_framework.response import Response
-from rest_framework_bulk import BulkModelViewSet
-from rest_framework_bulk import ListBulkCreateUpdateDestroyAPIView
-from rest_framework.pagination import LimitOffsetPagination
-from django.shortcuts import get_object_or_404
-from django.db.models import Q, Count
-from django.utils.translation import ugettext_lazy as _
-
-from common.mixins import IDInFilterMixin
-from common.utils import get_logger
-from .hands import IsSuperUser, IsValidUser, IsSuperUserOrAppUser, \
-    get_user_granted_assets
-from .models import AssetGroup, Asset, Cluster, SystemUser, AdminUser, Label, Node
-from . import serializers
-from .tasks import update_asset_hardware_info_manual, test_admin_user_connectability_manual, \
-    test_asset_connectability_manual, push_system_user_to_cluster_assets_manual, \
-    test_system_user_connectability_manual
-from .utils import LabelFilter
-
-
-logger = get_logger(__file__)
-
-
-class AssetViewSet(IDInFilterMixin, LabelFilter, BulkModelViewSet):
-    """
-    API endpoint that allows Asset to be viewed or edited.
-    """
-    filter_fields = ("hostname", "ip")
-    search_fields = filter_fields
-    ordering_fields = ("hostname", "ip", "port", "cluster", "cpu_cores")
-    queryset = Asset.objects.all()
-    serializer_class = serializers.AssetSerializer
-    pagination_class = LimitOffsetPagination
-    permission_classes = (IsSuperUserOrAppUser,)
-
-    def get_queryset(self):
-        queryset = super().get_queryset()
-        cluster_id = self.request.query_params.get('cluster_id')
-        asset_group_id = self.request.query_params.get('asset_group_id')
-        admin_user_id = self.request.query_params.get('admin_user_id')
-        system_user_id = self.request.query_params.get('system_user_id')
-        node_id = self.request.query_params.get("node_id")
-
-        if cluster_id:
-            queryset = queryset.filter(cluster__id=cluster_id)
-        if asset_group_id:
-            queryset = queryset.filter(groups__id=asset_group_id)
-        if admin_user_id:
-            admin_user = get_object_or_404(AdminUser, id=admin_user_id)
-            assets_direct = [asset.id for asset in admin_user.asset_set.all()]
-            clusters = [cluster.id for cluster in admin_user.cluster_set.all()]
-            queryset = queryset.filter(Q(cluster__id__in=clusters)|Q(id__in=assets_direct))
-        if system_user_id:
-            system_user = get_object_or_404(SystemUser, id=system_user_id)
-            clusters = system_user.get_clusters()
-            queryset = queryset.filter(cluster__in=clusters)
-        if node_id:
-            node = get_object_or_404(Node, id=node_id)
-            queryset = queryset.filter(nodes__key__startswith=node.key)
-        return queryset
-
-
-class UserAssetListView(generics.ListAPIView):
-    queryset = Asset.objects.all()
-    serializer_class = serializers.AssetSerializer
-    permission_classes = (IsValidUser,)
-
-    def get_queryset(self):
-        assets_granted = get_user_granted_assets(self.request.user)
-        queryset = self.queryset.filter(
-            id__in=[asset.id for asset in assets_granted]
-        )
-        return queryset
-
-
-class AssetGroupViewSet(IDInFilterMixin, BulkModelViewSet):
-    """
-    Asset group api set, for add,delete,update,list,retrieve resource
-    """
-    queryset = AssetGroup.objects.all().annotate(asset_count=Count("assets"))
-    serializer_class = serializers.AssetGroupSerializer
-    permission_classes = (IsSuperUser,)
-
-
-class GroupUpdateAssetsApi(generics.RetrieveUpdateAPIView):
-    """
-    Asset group, update it's asset member
-    """
-    queryset = AssetGroup.objects.all()
-    serializer_class = serializers.GroupUpdateAssetsSerializer
-    permission_classes = (IsSuperUser,)
-
-
-class GroupAddAssetsApi(generics.UpdateAPIView):
-    queryset = AssetGroup.objects.all()
-    serializer_class = serializers.GroupUpdateAssetsSerializer
-    permission_classes = (IsSuperUser,)
-
-    def update(self, request, *args, **kwargs):
-        group = self.get_object()
-        serializer = self.serializer_class(data=request.data)
-        if serializer.is_valid():
-            assets = serializer.validated_data['assets']
-            group.assets.add(*tuple(assets))
-            return Response({"msg": "ok"})
-        else:
-            return Response({'error': serializer.errors}, status=400)
-
-
-class ClusterViewSet(IDInFilterMixin, BulkModelViewSet):
-    """
-    Cluster api set, for add,delete,update,list,retrieve resource
-    """
-    queryset = Cluster.objects.all()
-    serializer_class = serializers.ClusterSerializer
-    permission_classes = (IsSuperUser,)
-
-
-class ClusterTestAssetsAliveApi(generics.RetrieveAPIView):
-    """
-    Test cluster asset can connect using admin user or not
-    """
-    queryset = Cluster.objects.all()
-    permission_classes = (IsSuperUser,)
-
-    def retrieve(self, request, *args, **kwargs):
-        cluster = self.get_object()
-        admin_user = cluster.admin_user
-        test_admin_user_connectability_manual.delay(admin_user)
-        return Response("Task has been send, seen left assets status")
-
-
-class ClusterAddAssetsApi(generics.UpdateAPIView):
-    queryset = Cluster.objects.all()
-    serializer_class = serializers.ClusterUpdateAssetsSerializer
-    permission_classes = (IsSuperUser,)
-
-    def update(self, request, *args, **kwargs):
-        cluster = self.get_object()
-        serializer = self.serializer_class(data=request.data)
-        if serializer.is_valid():
-            assets = serializer.validated_data['assets']
-            for asset in assets:
-                asset.cluster = cluster
-                asset.save()
-            return Response({"msg": "ok"})
-        else:
-            return Response({'error': serializer.errors}, status=400)
-
-
-class AdminUserViewSet(IDInFilterMixin, BulkModelViewSet):
-    """
-    Admin user api set, for add,delete,update,list,retrieve resource
-    """
-    queryset = AdminUser.objects.all()
-    serializer_class = serializers.AdminUserSerializer
-    permission_classes = (IsSuperUser,)
-
-
-class AdminUserAddClustersApi(generics.UpdateAPIView):
-    queryset = AdminUser.objects.all()
-    serializer_class = serializers.AdminUserUpdateClusterSerializer
-    permission_classes = (IsSuperUser,)
-
-    def update(self, request, *args, **kwargs):
-        admin_user = self.get_object()
-        serializer = self.serializer_class(data=request.data)
-        if serializer.is_valid():
-            clusters = serializer.validated_data['clusters']
-            for cluster in clusters:
-                cluster.admin_user = admin_user
-                cluster.save()
-            return Response({"msg": "ok"})
-        else:
-            return Response({'error': serializer.errors}, status=400)
-
-
-class SystemUserViewSet(BulkModelViewSet):
-    """
-    System user api set, for add,delete,update,list,retrieve resource
-    """
-    queryset = SystemUser.objects.all()
-    serializer_class = serializers.SystemUserSerializer
-    permission_classes = (IsSuperUserOrAppUser,)
-
-
-class AssetListUpdateApi(IDInFilterMixin, ListBulkCreateUpdateDestroyAPIView):
-    """
-    Asset bulk update api
-    """
-    queryset = Asset.objects.all()
-    serializer_class = serializers.AssetSerializer
-    permission_classes = (IsSuperUser,)
-
-
-class SystemUserAuthInfoApi(generics.RetrieveAPIView):
-    """
-    Get system user auth info
-    """
-    queryset = SystemUser.objects.all()
-    permission_classes = (IsSuperUserOrAppUser,)
-
-    def retrieve(self, request, *args, **kwargs):
-        system_user = self.get_object()
-        data = {
-            'id': system_user.id,
-            'name': system_user.name,
-            'username': system_user.username,
-            'password': system_user.password,
-            'private_key': system_user.private_key,
-        }
-        return Response(data)
-
-
-class AssetRefreshHardwareApi(generics.RetrieveAPIView):
-    """
-    Refresh asset hardware info
-    """
-    queryset = Asset.objects.all()
-    serializer_class = serializers.AssetSerializer
-    permission_classes = (IsSuperUser,)
-
-    def retrieve(self, request, *args, **kwargs):
-        asset_id = kwargs.get('pk')
-        asset = get_object_or_404(Asset, pk=asset_id)
-        summary = update_asset_hardware_info_manual(asset)[1]
-        logger.debug("Refresh summary: {}".format(summary))
-        if summary.get('dark'):
-            return Response(summary['dark'].values(), status=501)
-        else:
-            return Response({"msg": "ok"})
-
-
-class AssetAdminUserTestApi(generics.RetrieveAPIView):
-    """
-    Test asset admin user connectivity
-    """
-    queryset = Asset.objects.all()
-    permission_classes = (IsSuperUser,)
-
-    def retrieve(self, request, *args, **kwargs):
-        asset_id = kwargs.get('pk')
-        asset = get_object_or_404(Asset, pk=asset_id)
-        ok, msg = test_asset_connectability_manual(asset)
-        if ok:
-            return Response({"msg": "pong"})
-        else:
-            return Response({"error": msg}, status=502)
-
-
-class AdminUserTestConnectiveApi(generics.RetrieveAPIView):
-    """
-    Test asset admin user connectivity
-    """
-    queryset = AdminUser.objects.all()
-    permission_classes = (IsSuperUser,)
-
-    def retrieve(self, request, *args, **kwargs):
-        admin_user = self.get_object()
-        test_admin_user_connectability_manual.delay(admin_user)
-        return Response({"msg": "Task created"})
-
-
-class SystemUserPushApi(generics.RetrieveAPIView):
-    """
-    Push system user to cluster assets api
-    """
-    queryset = SystemUser.objects.all()
-    permission_classes = (IsSuperUser,)
-
-    def retrieve(self, request, *args, **kwargs):
-        system_user = self.get_object()
-        push_system_user_to_cluster_assets_manual.delay(system_user)
-        return Response({"msg": "Task created"})
-
-
-class SystemUserTestConnectiveApi(generics.RetrieveAPIView):
-    """
-    Push system user to cluster assets api
-    """
-    queryset = SystemUser.objects.all()
-    permission_classes = (IsSuperUser,)
-
-    def retrieve(self, request, *args, **kwargs):
-        system_user = self.get_object()
-        test_system_user_connectability_manual.delay(system_user)
-        return Response({"msg": "Task created"})
-
-
-class LabelViewSet(BulkModelViewSet):
-    queryset = Label.objects.annotate(asset_count=Count("assets"))
-    permission_classes = (IsSuperUser,)
-    serializer_class = serializers.LabelSerializer
-
-    def list(self, request, *args, **kwargs):
-        if request.query_params.get("distinct"):
-            self.serializer_class = serializers.LabelDistinctSerializer
-            self.queryset = self.queryset.values("name").distinct()
-        return super().list(request, *args, **kwargs)
-
-
-class NodeViewSet(BulkModelViewSet):
-    queryset = Node.objects.all()
-    permission_classes = (IsSuperUser,)
-    serializer_class = serializers.NodeSerializer
-
-    def perform_create(self, serializer):
-        child_key = Node.root().get_next_child_key()
-        serializer.validated_data["key"] = child_key
-        serializer.save()
-
-
-class NodeChildrenApi(mixins.ListModelMixin, generics.CreateAPIView):
-    queryset = Node.objects.all()
-    permission_classes = (IsSuperUser,)
-    serializer_class = serializers.NodeSerializer
-    instance = None
-
-    def post(self, request, *args, **kwargs):
-        if not request.data.get("value"):
-            request.data["value"] = _("New node {}").format(
-                Node.root().get_next_child_key().split(":")[-1]
-            )
-        return super().post(request, *args, **kwargs)
-
-    def create(self, request, *args, **kwargs):
-        instance = self.get_object()
-        value = request.data.get("value")
-        node = instance.create_child(value=value)
-        return Response(
-            {"id": node.id, "key": node.key, "value": node.value},
-            status=201,
-        )
-
-    def get(self, request, *args, **kwargs):
-        instance = self.get_object()
-        if self.request.query_params.get("all"):
-            children = instance.get_all_children()
-        else:
-            children = instance.get_children()
-        response = [{"id": node.id, "key": node.key, "value": node.value} for node in children]
-        return Response(response, status=200)
diff --git a/apps/assets/api/__init__.py b/apps/assets/api/__init__.py
new file mode 100644
index 000000000..4aa9966b6
--- /dev/null
+++ b/apps/assets/api/__init__.py
@@ -0,0 +1,7 @@
+from .admin_user import *
+from .asset import *
+from .cluster import *
+from .group import *
+from .label import *
+from .system_user import *
+from .tree import *
\ No newline at end of file
diff --git a/apps/assets/api/admin_user.py b/apps/assets/api/admin_user.py
new file mode 100644
index 000000000..3960ab50c
--- /dev/null
+++ b/apps/assets/api/admin_user.py
@@ -0,0 +1,71 @@
+# ~*~ coding: utf-8 ~*~
+# Copyright (C) 2014-2018 Beijing DuiZhan Technology Co.,Ltd. All Rights Reserved.
+#
+# Licensed under the GNU General Public License v2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.gnu.org/licenses/gpl-2.0.html
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from rest_framework import generics
+from rest_framework.response import Response
+from rest_framework_bulk import BulkModelViewSet
+
+from common.mixins import IDInFilterMixin
+from common.utils import get_logger
+from ..hands import IsSuperUser
+from ..models import AdminUser
+from .. import serializers
+from ..tasks import test_admin_user_connectability_manual
+
+
+logger = get_logger(__file__)
+__all__ = [
+    'AdminUserViewSet', 'AdminUserAddClustersApi', 'AdminUserTestConnectiveApi'
+]
+
+
+class AdminUserViewSet(IDInFilterMixin, BulkModelViewSet):
+    """
+    Admin user api set, for add,delete,update,list,retrieve resource
+    """
+    queryset = AdminUser.objects.all()
+    serializer_class = serializers.AdminUserSerializer
+    permission_classes = (IsSuperUser,)
+
+
+class AdminUserAddClustersApi(generics.UpdateAPIView):
+    queryset = AdminUser.objects.all()
+    serializer_class = serializers.AdminUserUpdateClusterSerializer
+    permission_classes = (IsSuperUser,)
+
+    def update(self, request, *args, **kwargs):
+        admin_user = self.get_object()
+        serializer = self.serializer_class(data=request.data)
+        if serializer.is_valid():
+            clusters = serializer.validated_data['clusters']
+            for cluster in clusters:
+                cluster.admin_user = admin_user
+                cluster.save()
+            return Response({"msg": "ok"})
+        else:
+            return Response({'error': serializer.errors}, status=400)
+
+
+class AdminUserTestConnectiveApi(generics.RetrieveAPIView):
+    """
+    Test asset admin user connectivity
+    """
+    queryset = AdminUser.objects.all()
+    permission_classes = (IsSuperUser,)
+
+    def retrieve(self, request, *args, **kwargs):
+        admin_user = self.get_object()
+        test_admin_user_connectability_manual.delay(admin_user)
+        return Response({"msg": "Task created"})
\ No newline at end of file
diff --git a/apps/assets/api/asset.py b/apps/assets/api/asset.py
new file mode 100644
index 000000000..140981263
--- /dev/null
+++ b/apps/assets/api/asset.py
@@ -0,0 +1,124 @@
+# -*- coding: utf-8 -*-
+#
+
+from rest_framework import generics
+from rest_framework.response import Response
+from rest_framework_bulk import BulkModelViewSet
+from rest_framework_bulk import ListBulkCreateUpdateDestroyAPIView
+from rest_framework.pagination import LimitOffsetPagination
+from django.shortcuts import get_object_or_404
+from django.db.models import Q
+
+from common.mixins import IDInFilterMixin
+from common.utils import get_logger
+from ..hands import IsSuperUser, IsValidUser, IsSuperUserOrAppUser, \
+    get_user_granted_assets
+from ..models import  Asset, SystemUser, AdminUser, Node
+from .. import serializers
+from ..tasks import update_asset_hardware_info_manual, \
+    test_asset_connectability_manual
+from ..utils import LabelFilter
+
+
+logger = get_logger(__file__)
+__all__ = [
+    'AssetViewSet', 'UserAssetListView', 'AssetListUpdateApi',
+    'AssetRefreshHardwareApi', 'AssetAdminUserTestApi'
+]
+
+
+class AssetViewSet(IDInFilterMixin, LabelFilter, BulkModelViewSet):
+    """
+    API endpoint that allows Asset to be viewed or edited.
+    """
+    filter_fields = ("hostname", "ip")
+    search_fields = filter_fields
+    ordering_fields = ("hostname", "ip", "port", "cluster", "cpu_cores")
+    queryset = Asset.objects.all()
+    serializer_class = serializers.AssetSerializer
+    pagination_class = LimitOffsetPagination
+    permission_classes = (IsSuperUserOrAppUser,)
+
+    def get_queryset(self):
+        queryset = super().get_queryset()
+        cluster_id = self.request.query_params.get('cluster_id')
+        asset_group_id = self.request.query_params.get('asset_group_id')
+        admin_user_id = self.request.query_params.get('admin_user_id')
+        system_user_id = self.request.query_params.get('system_user_id')
+        node_id = self.request.query_params.get("node_id")
+
+        if cluster_id:
+            queryset = queryset.filter(cluster__id=cluster_id)
+        if asset_group_id:
+            queryset = queryset.filter(groups__id=asset_group_id)
+        if admin_user_id:
+            admin_user = get_object_or_404(AdminUser, id=admin_user_id)
+            assets_direct = [asset.id for asset in admin_user.asset_set.all()]
+            clusters = [cluster.id for cluster in admin_user.cluster_set.all()]
+            queryset = queryset.filter(Q(cluster__id__in=clusters)|Q(id__in=assets_direct))
+        if system_user_id:
+            system_user = get_object_or_404(SystemUser, id=system_user_id)
+            clusters = system_user.get_clusters()
+            queryset = queryset.filter(cluster__in=clusters)
+        if node_id:
+            node = get_object_or_404(Node, id=node_id)
+            queryset = queryset.filter(nodes__key__startswith=node.key)
+        return queryset
+
+
+class UserAssetListView(generics.ListAPIView):
+    queryset = Asset.objects.all()
+    serializer_class = serializers.AssetSerializer
+    permission_classes = (IsValidUser,)
+
+    def get_queryset(self):
+        assets_granted = get_user_granted_assets(self.request.user)
+        queryset = self.queryset.filter(
+            id__in=[asset.id for asset in assets_granted]
+        )
+        return queryset
+
+
+class AssetListUpdateApi(IDInFilterMixin, ListBulkCreateUpdateDestroyAPIView):
+    """
+    Asset bulk update api
+    """
+    queryset = Asset.objects.all()
+    serializer_class = serializers.AssetSerializer
+    permission_classes = (IsSuperUser,)
+
+
+class AssetRefreshHardwareApi(generics.RetrieveAPIView):
+    """
+    Refresh asset hardware info
+    """
+    queryset = Asset.objects.all()
+    serializer_class = serializers.AssetSerializer
+    permission_classes = (IsSuperUser,)
+
+    def retrieve(self, request, *args, **kwargs):
+        asset_id = kwargs.get('pk')
+        asset = get_object_or_404(Asset, pk=asset_id)
+        summary = update_asset_hardware_info_manual(asset)[1]
+        logger.debug("Refresh summary: {}".format(summary))
+        if summary.get('dark'):
+            return Response(summary['dark'].values(), status=501)
+        else:
+            return Response({"msg": "ok"})
+
+
+class AssetAdminUserTestApi(generics.RetrieveAPIView):
+    """
+    Test asset admin user connectivity
+    """
+    queryset = Asset.objects.all()
+    permission_classes = (IsSuperUser,)
+
+    def retrieve(self, request, *args, **kwargs):
+        asset_id = kwargs.get('pk')
+        asset = get_object_or_404(Asset, pk=asset_id)
+        ok, msg = test_asset_connectability_manual(asset)
+        if ok:
+            return Response({"msg": "pong"})
+        else:
+            return Response({"error": msg}, status=502)
\ No newline at end of file
diff --git a/apps/assets/api/cluster.py b/apps/assets/api/cluster.py
new file mode 100644
index 000000000..3f0cd1585
--- /dev/null
+++ b/apps/assets/api/cluster.py
@@ -0,0 +1,73 @@
+# ~*~ coding: utf-8 ~*~
+# Copyright (C) 2014-2018 Beijing DuiZhan Technology Co.,Ltd. All Rights Reserved.
+#
+# Licensed under the GNU General Public License v2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.gnu.org/licenses/gpl-2.0.html
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from rest_framework import generics
+from rest_framework.response import Response
+from rest_framework_bulk import BulkModelViewSet
+
+
+from common.mixins import IDInFilterMixin
+from common.utils import get_logger
+from ..hands import IsSuperUser
+from ..models import Cluster
+from .. import serializers
+from ..tasks import test_admin_user_connectability_manual
+
+
+logger = get_logger(__file__)
+__all__ = [
+    'ClusterViewSet', 'ClusterTestAssetsAliveApi', 'ClusterAddAssetsApi',
+]
+
+
+class ClusterViewSet(IDInFilterMixin, BulkModelViewSet):
+    """
+    Cluster api set, for add,delete,update,list,retrieve resource
+    """
+    queryset = Cluster.objects.all()
+    serializer_class = serializers.ClusterSerializer
+    permission_classes = (IsSuperUser,)
+
+
+class ClusterTestAssetsAliveApi(generics.RetrieveAPIView):
+    """
+    Test cluster asset can connect using admin user or not
+    """
+    queryset = Cluster.objects.all()
+    permission_classes = (IsSuperUser,)
+
+    def retrieve(self, request, *args, **kwargs):
+        cluster = self.get_object()
+        admin_user = cluster.admin_user
+        test_admin_user_connectability_manual.delay(admin_user)
+        return Response("Task has been send, seen left assets status")
+
+
+class ClusterAddAssetsApi(generics.UpdateAPIView):
+    queryset = Cluster.objects.all()
+    serializer_class = serializers.ClusterUpdateAssetsSerializer
+    permission_classes = (IsSuperUser,)
+
+    def update(self, request, *args, **kwargs):
+        cluster = self.get_object()
+        serializer = self.serializer_class(data=request.data)
+        if serializer.is_valid():
+            assets = serializer.validated_data['assets']
+            for asset in assets:
+                asset.cluster = cluster
+                asset.save()
+            return Response({"msg": "ok"})
+        else:
+            return Response({'error': serializer.errors}, status=400)
\ No newline at end of file
diff --git a/apps/assets/api/group.py b/apps/assets/api/group.py
new file mode 100644
index 000000000..eae848466
--- /dev/null
+++ b/apps/assets/api/group.py
@@ -0,0 +1,68 @@
+# -*- coding: utf-8 -*-
+#
+# ~*~ coding: utf-8 ~*~
+# Copyright (C) 2014-2018 Beijing DuiZhan Technology Co.,Ltd. All Rights Reserved.
+#
+# Licensed under the GNU General Public License v2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.gnu.org/licenses/gpl-2.0.html
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from rest_framework import generics
+from rest_framework.response import Response
+from rest_framework_bulk import BulkModelViewSet
+from django.db.models import Count
+
+from common.mixins import IDInFilterMixin
+from common.utils import get_logger
+from ..hands import IsSuperUser
+from ..models import AssetGroup
+from .. import serializers
+
+
+logger = get_logger(__file__)
+
+__all__ = [
+    'AssetGroupViewSet', 'GroupUpdateAssetsApi', 'GroupAddAssetsApi'
+]
+
+
+class AssetGroupViewSet(IDInFilterMixin, BulkModelViewSet):
+    """
+    Asset group api set, for add,delete,update,list,retrieve resource
+    """
+    queryset = AssetGroup.objects.all().annotate(asset_count=Count("assets"))
+    serializer_class = serializers.AssetGroupSerializer
+    permission_classes = (IsSuperUser,)
+
+
+class GroupUpdateAssetsApi(generics.RetrieveUpdateAPIView):
+    """
+    Asset group, update it's asset member
+    """
+    queryset = AssetGroup.objects.all()
+    serializer_class = serializers.GroupUpdateAssetsSerializer
+    permission_classes = (IsSuperUser,)
+
+
+class GroupAddAssetsApi(generics.UpdateAPIView):
+    queryset = AssetGroup.objects.all()
+    serializer_class = serializers.GroupUpdateAssetsSerializer
+    permission_classes = (IsSuperUser,)
+
+    def update(self, request, *args, **kwargs):
+        group = self.get_object()
+        serializer = self.serializer_class(data=request.data)
+        if serializer.is_valid():
+            assets = serializer.validated_data['assets']
+            group.assets.add(*tuple(assets))
+            return Response({"msg": "ok"})
+        else:
+            return Response({'error': serializer.errors}, status=400)
\ No newline at end of file
diff --git a/apps/assets/api/label.py b/apps/assets/api/label.py
new file mode 100644
index 000000000..858834d0a
--- /dev/null
+++ b/apps/assets/api/label.py
@@ -0,0 +1,38 @@
+# ~*~ coding: utf-8 ~*~
+# Copyright (C) 2014-2018 Beijing DuiZhan Technology Co.,Ltd. All Rights Reserved.
+#
+# Licensed under the GNU General Public License v2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.gnu.org/licenses/gpl-2.0.html
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from rest_framework_bulk import BulkModelViewSet
+from django.db.models import Count
+
+from common.utils import get_logger
+from ..hands import IsSuperUser
+from ..models import Label
+from .. import serializers
+
+
+logger = get_logger(__file__)
+__all__ = ['LabelViewSet']
+
+
+class LabelViewSet(BulkModelViewSet):
+    queryset = Label.objects.annotate(asset_count=Count("assets"))
+    permission_classes = (IsSuperUser,)
+    serializer_class = serializers.LabelSerializer
+
+    def list(self, request, *args, **kwargs):
+        if request.query_params.get("distinct"):
+            self.serializer_class = serializers.LabelDistinctSerializer
+            self.queryset = self.queryset.values("name").distinct()
+        return super().list(request, *args, **kwargs)
diff --git a/apps/assets/api/system_user.py b/apps/assets/api/system_user.py
new file mode 100644
index 000000000..d19cf152c
--- /dev/null
+++ b/apps/assets/api/system_user.py
@@ -0,0 +1,85 @@
+# ~*~ coding: utf-8 ~*~
+# Copyright (C) 2014-2018 Beijing DuiZhan Technology Co.,Ltd. All Rights Reserved.
+#
+# Licensed under the GNU General Public License v2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.gnu.org/licenses/gpl-2.0.html
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from rest_framework import generics
+from rest_framework.response import Response
+from rest_framework_bulk import BulkModelViewSet
+from common.utils import get_logger
+from ..hands import IsSuperUser, IsSuperUserOrAppUser
+from ..models import SystemUser
+from .. import serializers
+from ..tasks import push_system_user_to_cluster_assets_manual, \
+    test_system_user_connectability_manual
+
+
+logger = get_logger(__file__)
+__all__ = [
+    'SystemUserViewSet', 'SystemUserAuthInfoApi',
+    'SystemUserPushApi', 'SystemUserTestConnectiveApi'
+]
+
+
+class SystemUserViewSet(BulkModelViewSet):
+    """
+    System user api set, for add,delete,update,list,retrieve resource
+    """
+    queryset = SystemUser.objects.all()
+    serializer_class = serializers.SystemUserSerializer
+    permission_classes = (IsSuperUserOrAppUser,)
+
+
+class SystemUserAuthInfoApi(generics.RetrieveAPIView):
+    """
+    Get system user auth info
+    """
+    queryset = SystemUser.objects.all()
+    permission_classes = (IsSuperUserOrAppUser,)
+
+    def retrieve(self, request, *args, **kwargs):
+        system_user = self.get_object()
+        data = {
+            'id': system_user.id,
+            'name': system_user.name,
+            'username': system_user.username,
+            'password': system_user.password,
+            'private_key': system_user.private_key,
+        }
+        return Response(data)
+
+
+class SystemUserPushApi(generics.RetrieveAPIView):
+    """
+    Push system user to cluster assets api
+    """
+    queryset = SystemUser.objects.all()
+    permission_classes = (IsSuperUser,)
+
+    def retrieve(self, request, *args, **kwargs):
+        system_user = self.get_object()
+        push_system_user_to_cluster_assets_manual.delay(system_user)
+        return Response({"msg": "Task created"})
+
+
+class SystemUserTestConnectiveApi(generics.RetrieveAPIView):
+    """
+    Push system user to cluster assets api
+    """
+    queryset = SystemUser.objects.all()
+    permission_classes = (IsSuperUser,)
+
+    def retrieve(self, request, *args, **kwargs):
+        system_user = self.get_object()
+        test_system_user_connectability_manual.delay(system_user)
+        return Response({"msg": "Task created"})
\ No newline at end of file
diff --git a/apps/assets/api/tree.py b/apps/assets/api/tree.py
new file mode 100644
index 000000000..02bb555f3
--- /dev/null
+++ b/apps/assets/api/tree.py
@@ -0,0 +1,72 @@
+# ~*~ coding: utf-8 ~*~
+# Copyright (C) 2014-2018 Beijing DuiZhan Technology Co.,Ltd. All Rights Reserved.
+#
+# Licensed under the GNU General Public License v2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.gnu.org/licenses/gpl-2.0.html
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from rest_framework import generics, mixins
+from rest_framework.response import Response
+from rest_framework_bulk import BulkModelViewSet
+from django.utils.translation import ugettext_lazy as _
+
+from common.utils import get_logger
+from ..hands import IsSuperUser
+from ..models import Node
+from .. import serializers
+
+
+logger = get_logger(__file__)
+__all__ = ['NodeViewSet', 'NodeChildrenApi']
+
+
+class NodeViewSet(BulkModelViewSet):
+    queryset = Node.objects.all()
+    permission_classes = (IsSuperUser,)
+    serializer_class = serializers.NodeSerializer
+
+    def perform_create(self, serializer):
+        child_key = Node.root().get_next_child_key()
+        serializer.validated_data["key"] = child_key
+        serializer.save()
+
+
+class NodeChildrenApi(mixins.ListModelMixin, generics.CreateAPIView):
+    queryset = Node.objects.all()
+    permission_classes = (IsSuperUser,)
+    serializer_class = serializers.NodeSerializer
+    instance = None
+
+    def post(self, request, *args, **kwargs):
+        if not request.data.get("value"):
+            request.data["value"] = _("New node {}").format(
+                Node.root().get_next_child_key().split(":")[-1]
+            )
+        return super().post(request, *args, **kwargs)
+
+    def create(self, request, *args, **kwargs):
+        instance = self.get_object()
+        value = request.data.get("value")
+        node = instance.create_child(value=value)
+        return Response(
+            {"id": node.id, "key": node.key, "value": node.value},
+            status=201,
+        )
+
+    def get(self, request, *args, **kwargs):
+        instance = self.get_object()
+        if self.request.query_params.get("all"):
+            children = instance.get_all_children()
+        else:
+            children = instance.get_children()
+        response = [{"id": node.id, "key": node.key, "value": node.value} for node in children]
+        return Response(response, status=200)
+
diff --git a/apps/assets/templates/assets/_asset_group_bulk_update_modal.html b/apps/assets/templates/assets/_asset_group_bulk_update_modal.html
index c253c4d65..0e76ff923 100644
--- a/apps/assets/templates/assets/_asset_group_bulk_update_modal.html
+++ b/apps/assets/templates/assets/_asset_group_bulk_update_modal.html
@@ -7,7 +7,6 @@
 {% load bootstrap3 %}
 <p class="text-success text-center">{% trans "Hint: only change the field you want to update." %}</p>
 <form method="post" class="form-horizontal" action="" id="fm_asset_group_bulk_update">
-
     <div class="form-group">
         <label for="assets" class="col-sm-2 control-label">{% trans 'Assets' %}</label>
         <div class="col-sm-9" id="select2-container">
diff --git a/apps/assets/templates/assets/_asset_list_modal.html b/apps/assets/templates/assets/_asset_list_modal.html
new file mode 100644
index 000000000..3b9f8d136
--- /dev/null
+++ b/apps/assets/templates/assets/_asset_list_modal.html
@@ -0,0 +1,119 @@
+{% extends '_modal.html' %}
+{% load i18n %}
+
+{% block modal_class %}modal-lg{% endblock %}
+{% block modal_id %}asset_list_modal{% endblock %}
+{#{% block modal_title%}{% trans "Please select assets" %}{% endblock %}#}
+{% block modal_body %}
+{#<div class="btn-group" style="float: right">#}
+{#   <button data-toggle="dropdown" class="btn btn-default btn-sm dropdown-toggle">{% trans 'Label' %} <span class="caret"></span></button>#}
+{#   <ul class="dropdown-menu labels">#}
+{#       {% for label in labels %}#}
+{#           <li><a style="font-weight: bolder">{{ label.name }}:{{ label.value }}</a></li>#}
+{#       {% endfor %}#}
+{#   </ul>#}
+{#</div>#}
+<table class="table table-striped table-bordered table-hover " id="asset_modal_table" width="100%">
+   <thead>
+       <tr>
+           <th class="text-center"><input type="checkbox" class="ipt_check_all"></th>
+           <th class="text-center">{% trans 'Hostname' %}</th>
+           <th class="text-center">{% trans 'IP' %}</th>
+           <th class="text-center">{% trans 'Hardware' %}</th>
+           <th class="text-center">{% trans 'Active' %}</th>
+           <th class="text-center">{% trans 'Reachable' %}</th>
+           <th class="text-center">{% trans 'Action' %}</th>
+       </tr>
+   </thead>
+   <tbody>
+   </tbody>
+</table>
+<div id="actions" class="hide">
+   <div class="input-group">
+       <select class="form-control m-b" style="width: auto" id="slct_bulk_update">
+           <option value="delete">{% trans 'Delete selected' %}</option>
+           <option value="update">{% trans 'Update selected' %}</option>
+           <option value="deactive">{% trans 'Deactive selected' %}</option>
+           <option value="active">{% trans 'Active selected' %}</option>
+       </select>
+       <div class="input-group-btn pull-left" style="padding-left: 5px;">
+           <button id='btn_bulk_update' style="height: 32px;"  class="btn btn-sm btn-primary">
+            {% trans 'Submit' %}
+           </button>
+       </div>
+   </div>
+</div>
+<script>
+
+var modal_table;
+
+function initModalTable() {
+    var options = {
+        ele: $('#asset_modal_table'),
+        columnDefs: [
+            {targets: 1, createdCell: function (td, cellData, rowData) {
+                {% url 'assets:asset-detail' pk=DEFAULT_PK as the_url  %}
+                var detail_btn = '<a href="{{ the_url }}">' + cellData + '</a>';
+                $(td).html(detail_btn.replace('{{ DEFAULT_PK }}', rowData.id));
+            }},
+            {targets: 3, createdCell: function (td, cellData, rowData) {
+                $(td).html(rowData.hardware_info)
+            }},
+            {targets: 4, createdCell: function (td, cellData) {
+                if (!cellData) {
+                    $(td).html('<i class="fa fa-times text-danger"></i>')
+                } else {
+                    $(td).html('<i class="fa fa-check text-navy"></i>')
+                }
+            }},
+            {targets: 5, createdCell: function (td, cellData) {
+                if (cellData === 'Unknown'){
+                    $(td).html('<i class="fa fa-circle text-warning"></i>')
+                } else if (!cellData) {
+                    $(td).html('<i class="fa fa-circle text-danger"></i>')
+                } else {
+                    $(td).html('<i class="fa fa-circle text-navy"></i>')
+                }
+            }},
+            {targets: 6, createdCell: function (td, cellData, rowData) {
+                var update_btn = '<a href="{% url "assets:asset-update" pk=DEFAULT_PK %}" class="btn btn-xs btn-info">{% trans "Update" %}</a>'.replace("{{ DEFAULT_PK }}", cellData);
+                var del_btn = '<a class="btn btn-xs btn-danger m-l-xs btn_asset_delete" data-uid="{{ DEFAULT_PK }}">{% trans "Delete" %}</a>'.replace('{{ DEFAULT_PK }}', cellData);
+                $(td).html(update_btn + del_btn)
+            }}
+        ],
+        ajax_url: '{% url "api-assets:asset-list" %}',
+        columns: [
+            {data: "id"}, {data: "hostname" }, {data: "ip" },
+            {data: "cpu_cores"}, {data: "is_active", orderable: false },
+            {data: "is_connective", orderable: false}, {data: "id", orderable: false }
+        ],
+        op_html: $('#actions').html()
+    };
+    modal_table = jumpserver.initServerSideDataTable(options);
+    return modal_table;
+}
+
+$(document).ready(function(){
+   initModalTable();
+}).on('click', '#btn_select_assets', function () {
+    var data_table = $('#asset_modal_table').DataTable();
+    var id_list = [];
+    data_table.rows({selected: true}).every(function(){
+        id_list.push(this.data().id);
+    });
+    var current_node;
+    var nodes = zTree.getSelectedNodes();
+    if (nodes && nodes.length === 1) {
+        current_node = nodes[0]
+    } else {
+        return
+    }
+
+
+})
+</script>
+
+{% endblock %}
+{% block modal_confirm_id %}btn_select_assets{% endblock %}
+
+
diff --git a/apps/assets/templates/assets/asset_modal_list.html b/apps/assets/templates/assets/asset_modal_list.html
deleted file mode 100644
index ee418c435..000000000
--- a/apps/assets/templates/assets/asset_modal_list.html
+++ /dev/null
@@ -1,123 +0,0 @@
-
-<div class="modal-header">
-    <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
-    <h4 class="modal-title" id="myModalLabel">分配/回收资产</h4>
-</div>
-
-<div class="modal-body" style="padding-bottom: 0px;">
-    <table aria-describedby="editable_info" role="grid" class="table table-striped table-bordered table-hover  dataTable" id="editable">
-        <thead>
-            <tr>
-                <th class="text-center" style="background-color:white">
-                    <input type="checkbox" id="check_all" onclick="checkAll()">
-                </th>
-                <th id="th_no">id</th>
-                <th>资产名称</th>
-                <th>IP</th>
-                <th>类型</th>
-            </tr>
-        </thead>
-        <tbody>
-        {% for asset in assets %}
-            {% if asset.id in all_assets %}
-            <tr name="oAssets" class="odd selected text-center">
-                <td class="text-center" ><input type="checkbox" name="checked" value="{{ asset.id }}" checked="checked"></td>
-            {% else %}
-            <tr name="oAssets">
-                <td class="text-center"><input type="checkbox" name="checked" value="{{ asset.id }}" ></td>
-            {% endif %}
-                <td class="text-center">{{ asset.id }}</td>
-                <td class="text-center">{{ asset.hostname }}</td>
-                <td class="text-center">{{ asset.ip }}</td>
-            </tr>
-        {% endfor %}
-        </tbody>
-    </table>
-</div>
-
-<div class="modal-footer">
-    <button type="button" class="btn btn-default" id="close-btn">取消</button>
-    <button type="button" class="btn btn-primary" id="save-btn">保存</button>
-</div>
-
-<script type="text/javascript">
-$(document).ready(function(){
-    var table = $('#editable').DataTable({
-        "aLengthMenu": [[10, 25, 50, -1], ["10", "25", "50", "all"]],
-        "iDisplayLength":25,
-        "aaSorting": [[2, "asc"]],
-        "aoColumnDefs": [ { "bSortable": false, "aTargets": [ 0 ] }],
-        "bAutoWidth": false,
-        columns: [
-            {data: "checkbox"},
-            {data: "id"},
-            {data: "hostname"},
-            {data: "ip"},
-            {data: "type"}
-        ]
-    });
-    //将ID列隐藏
-    table.column('1').visible(false);
-
-    $('#editable tbody').on( 'click', 'tr', function () {
-        //alert($(this).hasClass('selected'));
-        if($(this).hasClass('selected')){
-            $(this).removeClass('selected');
-            this.children[0].children[0].checked=0;
-        }else{
-            $(this).addClass('selected');
-            this.children[0].children[0].checked=1;
-        }
-    });
-
-    $('#close-btn').on('click',function(){
-        $('#modal').modal('hide');
-    });
-    var size_name = document.getElementById('asset_on_count').innerText;
-    $('#save-btn').on('click',function(){
-        //alert( table.rows('.selected').data().length +' row(s) selected' );
-        var d = table.rows('.selected').data();
-        var size = d.length;
-        var re = /\d+/;
-        document.getElementById('add_asset').value = size;
-        var str= size_name;
-        var re=/\d+/g;
-        document.getElementById('asset_on_count').innerText = str.replace(re, size);
-        var column2 = table.rows('.selected').data();
-        $("#asset_sed").find("input[name='assets']").remove();
-        $("#asset_sed").find("button[name='asset_hostname']").remove();
-        for(var i=0;i<column2.length;i++){
-            column2[i].checkbox='<input name="checked" value="1" checked="" type="checkbox">';
-            var value = column2[i].id;
-            var ip = column2[i].ip;
-            var hostname = column2[i].hostname;
-            $("#asset_sed").append("<input  type='hidden' name='assets' value='"+value+"'>");
-            $("#asset_on_p").append("<button name='asset_hostname' title='"+ip+"' type='button' class='btn btn-default btn-xs ss'>"+hostname+"</button> ");
-        }
-        $('#modal').modal('hide');
-    });
-
-}); //$(document).ready
-
-var bCheck = 1;
-function checkAll(){
-    if(bCheck){
-        $("tr[name='oAssets']").each(function(){
-            oCheckbox = this.children[0].children[0];
-            $(this).toggleClass('selected',true);
-            oCheckbox.checked=1;
-        });
-        document.getElementById('check_all').checked=1;
-        bCheck = 0;
-    }else{
-        $("tr[name='oAssets']").each(function(){
-            oCheckbox = this.children[0].children[0];
-            $(this).toggleClass('selected',false);
-            oCheckbox.checked=0;
-        });
-        document.getElementById('check_all').checked=0;
-        bCheck = 1;
-    }
-}
-
-</script>
diff --git a/apps/assets/templates/assets/tree.html b/apps/assets/templates/assets/tree.html
index 1bf970ba3..dcbb6bec9 100644
--- a/apps/assets/templates/assets/tree.html
+++ b/apps/assets/templates/assets/tree.html
@@ -105,9 +105,10 @@
 
 <div id="rMenu">
     <ul class="dropdown-menu">
-        <li id="m_add" class="btn-create-asset" tabindex="-1" onclick="addTreeNode();"><a>{% trans 'Create asset' %}</a></li>
+        <li id="menu_asset_create" class="btn-create-asset" tabindex="-1"><a>{% trans 'Create asset' %}</a></li>
+        <li id="menu_asset_add" class="btn-add-asset" data-toggle="modal" data-target="#asset_list_modal" tabindex="0"><a>{% trans 'Add asset' %}</a></li>
         <li class="divider"></li>
-        <li id="m_add" tabindex="-1" onclick="addTreeNode();"><a>{% trans 'Add node' %}</a></li>
+        <li id="m_create" tabindex="-1" onclick="addTreeNode();"><a>{% trans 'Add node' %}</a></li>
         <li id="m_del" tabindex="-1" onclick="editTreeNode();"><a>{% trans 'Rename node' %}</a></li>
         <li class="divider"></li>
         <li id="m_del" tabindex="-1" onclick="removeTreeNode();"><a>{% trans 'Delete node' %}</a></li>
@@ -115,6 +116,7 @@
 </div>
 
 {% include 'assets/_asset_import_modal.html' %}
+{% include 'assets/_asset_list_modal.html' %}
 {% endblock %}
 
 {% block custom_foot_js %}
@@ -167,6 +169,8 @@ function initTable() {
 }
 
 
+
+
 function addTreeNode() {
 	hideRMenu();
 	var parentNode = zTree.getSelectedNodes()[0];
@@ -232,13 +236,13 @@ function OnRightClick(event, treeId, treeNode) {
 
 function showRMenu(type, x, y) {
 	$("#rMenu ul").show();
-	if (type === "root") {
-		return
-	} else {
-		$("#m_del").show();
-		$("#m_check").show();
-		$("#m_unCheck").show();
-	}
+	{#if (type === "root") {#}
+	{#	return#}
+	{# } else {#}
+	{#	$("#m_del").show();#}
+	{#	$("#m_check").show();#}
+	{#	$("#m_unCheck").show();#}
+	{# }#}
     x -= 220;
     rMenu.css({"top":y+"px", "left":x+"px", "visibility":"visible"});
 
diff --git a/apps/perms/utils.py b/apps/perms/utils.py
index e09186d86..0cd27dfd9 100644
--- a/apps/perms/utils.py
+++ b/apps/perms/utils.py
@@ -5,16 +5,43 @@ import collections
 from django.utils import timezone
 
 from common.utils import setattr_bulk, get_logger
+import copy
 from .tasks import push_users
 from .hands import AssetGroup
 
 logger = get_logger(__file__)
 
 
-def get_user_group_permissions(user_group):
-    return user_group.nodepermission_set.all() \
-        .filter(is_active=True) \
-        .filter(date_expired=timezone.now())
+class NodePermissionUtil:
+
+    @staticmethod
+    def get_user_group_permissions(user_group):
+        return user_group.nodepermission_set.all() \
+            .filter(is_active=True) \
+            .filter(date_expired__gt=timezone.now())
+
+    @classmethod
+    def get_user_group_nodes(cls, user_group):
+        """
+        获取用户组授权的node和系统用户
+        :param user_group:
+        :return: {"node": set(systemuser1, systemuser2), ..}
+        """
+        permissions = cls.get_user_group_permissions(user_group)
+        nodes_directed = collections.defaultdict(set)
+
+        for perm in permissions:
+            nodes_directed[perm.node].add(perm.system_user)
+
+        nodes = copy.deepcopy(nodes_directed)
+        for node, system_users in nodes_directed.items():
+            for child in node.get_all_children():
+                nodes[child].update(system_users)
+        return nodes
+
+    @classmethod
+    def get_user_group(cls):
+        pass
 
 
 def get_user_group_granted_asset_groups(user_group):
diff --git a/apps/static/js/jumpserver.js b/apps/static/js/jumpserver.js
index 00cf1f55c..eee1720c0 100644
--- a/apps/static/js/jumpserver.js
+++ b/apps/static/js/jumpserver.js
@@ -321,7 +321,7 @@ jumpserver.initDataTable = function (options) {
         });
     });
     $('.ipt_check_all').on('click', function() {
-      if (!jumpserver.checked) {
+      if ($(this).prop("checked")) {
           $(this).closest('table').find('.ipt_check').prop('checked', true);
           jumpserver.checked = true;
           table.rows({search:'applied', page:'current'}).select();
@@ -455,18 +455,16 @@ jumpserver.initServerSideDataTable = function (options) {
         $('#uc').html(options.uc_html || '');
     });
     $('.ipt_check_all').on('click', function() {
-      if (!jumpserver.checked) {
-          $(this).closest('table').find('.ipt_check').prop('checked', true);
-          jumpserver.checked = true;
-          table.rows({search:'applied', page:'current'}).select();
-      } else {
-          $(this).closest('table').find('.ipt_check').prop('checked', false);
-          jumpserver.checked = false;
-          table.rows({search:'applied', page:'current'}).deselect();
-      }
+        if ($(this).prop("checked")) {
+            $(this).closest('table').find('.ipt_check').prop('checked', true);
+            table.rows({search:'applied', page:'current'}).select();
+        } else {
+            $(this).closest('table').find('.ipt_check').prop('checked', false);
+            table.rows({search:'applied', page:'current'}).deselect();
+        }
     });
 
-    jumpserver.table = table;
+    // jumpserver.table = table;
     return table;
 };
 
diff --git a/apps/users/models/user.py b/apps/users/models/user.py
index 4ae0e62c4..8ef432108 100644
--- a/apps/users/models/user.py
+++ b/apps/users/models/user.py
@@ -49,6 +49,9 @@ class User(AbstractUser):
     date_expired = models.DateTimeField(default=date_expired_default, blank=True, null=True, verbose_name=_('Date expired'))
     created_by = models.CharField(max_length=30, default='', verbose_name=_('Created by'))
 
+    def __str__(self):
+        return self.username
+
     @property
     def password_raw(self):
         raise AttributeError('Password raw is not a readable attribute')