diff --git a/apps/assets/templates/assets/asset_list.html b/apps/assets/templates/assets/asset_list.html
index d849d0748..18dc31645 100644
--- a/apps/assets/templates/assets/asset_list.html
+++ b/apps/assets/templates/assets/asset_list.html
@@ -41,9 +41,9 @@
 {% block content %}
 <div class="wrapper wrapper-content">
    <div class="row">
-       <div class="col-lg-3" id="split-left">
+       <div class="col-lg-3" id="split-left" style="padding-left: 3px">
            <div class="ibox float-e-margins">
-               <div class="ibox-content mailbox-content" style="padding-top: 0">
+               <div class="ibox-content mailbox-content" style="padding-top: 0;padding-left: 1px">
                    <div class="file-manager ">
                        <div id="assetTree" class="ztree">
                        </div>
diff --git a/apps/assets/templates/assets/user_asset_list.html b/apps/assets/templates/assets/user_asset_list.html
index 5c9fa2633..649418aed 100644
--- a/apps/assets/templates/assets/user_asset_list.html
+++ b/apps/assets/templates/assets/user_asset_list.html
@@ -1,81 +1,171 @@
-{% extends '_base_list.html' %}
-{% load i18n %}
+{% extends 'base.html' %}
 {% load static %}
+{% load i18n %}
+
 {% block custom_head_css_js %}
-<link href="{% static 'css/plugins/select2/select2.min.css' %}" rel="stylesheet">
-<script src="{% static 'js/plugins/select2/select2.full.min.js' %}"></script>
-
-{% endblock %}
-{% block content_left_head %}{% endblock %}
-
-{% block table_search %}
+    <link href="{% static 'css/plugins/ztree/awesomeStyle/awesome.css' %}" rel="stylesheet">
+    <script type="text/javascript" src="{% static 'js/plugins/ztree/jquery.ztree.all.min.js' %}"></script>
+    <script src="{% static 'js/jquery.form.min.js' %}"></script>
 {% endblock %}
 
-{% block table_container %}
-<table class="table table-striped table-bordered table-hover " id="asset_list_table" >
-    <thead>
-        <tr>
-            <th class="text-center"><input type="checkbox" class="ipt_check_all"></th>
-            <th class="text-center">{% trans 'Hostname' %}</th>
-            <th class="text-center">{% trans 'IP' %}</th>
-            <th class="text-center">{% trans 'Port' %}</th>
-            <th class="text-center">{% trans 'Hardware' %}</th>
-            <th class="text-center">{% trans 'Active' %}</th>
-            <th class="text-center">{% trans 'Connective' %}</th>
-        </tr>
-    </thead>
-    <tbody>
-    </tbody>
-</table>
+{% block content %}
+<div class="wrapper wrapper-content">
+   <div class="row">
+       <div class="col-lg-3" id="split-left" style="padding-left: 3px">
+           <div class="ibox float-e-margins">
+               <div class="ibox-content mailbox-content" style="padding-top: 0;padding-left: 1px">
+                   <div class="file-manager ">
+                       <div id="assetTree" class="ztree">
+                       </div>
+
+                       <div class="clearfix"></div>
+                   </div>
+               </div>
+           </div>
+       </div>
+       <div class="col-lg-9 animated fadeInRight" id="split-right">
+           <div class="tree-toggle">
+               <div class="btn btn-sm btn-primary tree-toggle-btn" onclick="toggle()">
+                   <i class="fa fa-angle-left fa-x" id="toggle-icon"></i>
+               </div>
+           </div>
+           <div class="mail-box-header">
+               <div class="btn-group" style="float: right">
+                   <button data-toggle="dropdown" class="btn btn-default btn-sm dropdown-toggle">{% trans 'Label' %} <span class="caret"></span></button>
+                   <ul class="dropdown-menu labels">
+                       {% for label in labels %}
+                           <li><a style="font-weight: bolder">{{ label.name }}:{{ label.value }}</a></li>
+                       {% endfor %}
+                   </ul>
+               </div>
+               <table class="table table-striped table-bordered table-hover " id="user_assets_table" style="width: 100%">
+                   <thead>
+                       <tr>
+                           <th class="text-center"><input type="checkbox" class="ipt_check_all"></th>
+                           <th class="text-center">{% trans 'Hostname' %}</th>
+                           <th class="text-center">{% trans 'IP' %}</th>
+                           <th class="text-center">{% trans 'Active' %}</th>
+                           <th class="text-center">{% trans 'System users' %}</th>
+                       </tr>
+                   </thead>
+                   <tbody>
+                   </tbody>
+               </table>
+           </div>
+       </div>
+   </div>
+</div>
 {% endblock %}
 
 {% block custom_foot_js %}
-<script src="{% static 'js/jquery.form.min.js' %}"></script>
-<script type="text/javascript">
-
+<script>
+var zTree, rMenu, asset_table;
+var inited = false;
+var url;
 function initTable() {
+    if (inited){
+        return
+    } else {
+        inited = true;
+    }
     var options = {
-        ele: $('#asset_list_table'),
+        ele: $('#user_assets_table'),
         columnDefs: [
             {targets: 1, createdCell: function (td, cellData, rowData) {
                 {% url 'assets:asset-detail' pk=DEFAULT_PK as the_url  %}
                 var detail_btn = '<a href="{{ the_url }}">' + cellData + '</a>';
                 $(td).html(detail_btn.replace('{{ DEFAULT_PK }}', rowData.id));
             }},
-            {targets: 5, createdCell: function (td, cellData) {
+            {targets: 3, createdCell: function (td, cellData) {
                 if (!cellData) {
                     $(td).html('<i class="fa fa-times text-danger"></i>')
                 } else {
                     $(td).html('<i class="fa fa-check text-navy"></i>')
                 }
             }},
-            {targets: 6, createdCell: function (td, cellData) {
-                if (cellData == 'Unknown'){
-                    $(td).html('<i class="fa fa-circle text-warning"></i>')
-                } else if (!cellData) {
-                    $(td).html('<i class="fa fa-circle text-danger"></i>')
-                } else {
-                    $(td).html('<i class="fa fa-circle text-navy"></i>')
-                }
-            }},
-{#            {targets: 9, createdCell: function (td, cellData, rowData) {#}
-{#                var conn_btn = '<a href="{% url "terminal:web-terminal" %}?id={{ DEFAULT_PK }}" class="btn btn-xs btn-info">{% trans "Connect" %}</a>'.replace("{{ DEFAULT_PK }}", cellData);#}
-{#                $(td).html(conn_btn)#}
-{#            }}#}
+            {targets: 4, createdCell: function (td, cellData) {
+                var users = [];
+                $.each(cellData, function (id, data) {
+                    users.push(data.name);
+                });
+                $(td).html(users.join(', '))
+            }}
         ],
-        ajax_url: '{% url "api-assets:user-asset-list" %}',
+        ajax_url: url,
         columns: [
-            {data: "id"}, {data: "hostname" }, {data: "ip" }, {data: "port" },
-            {data: "hardware_info"}, {data: "is_active" }, {data: "is_connective"}
-        ],
-        op_html: $('#actions').html()
+            {data: "id"}, {data: "hostname" }, {data: "ip" },
+            {data: "is_active", orderable: false },
+            {data: "system_users_granted", orderable: false}
+        ]
     };
-    return jumpserver.initDataTable(options);
+    asset_table = jumpserver.initDataTable(options);
+    return asset_table
 }
 
-$(document).ready(function(){
+function onSelected(event, treeNode) {
+    console.log("select");
+    url = '{% url "api-perms:my-node-assets" node_id=DEFAULT_PK %}';
+    url = url.replace("{{ DEFAULT_PK }}", treeNode.id);
     initTable();
-});
+    setCookie('node_selected', treeNode.id);
+    asset_table.ajax.url(url);
+    asset_table.ajax.reload();
+}
 
+function selectQueryNode() {
+    var query_node_id = $.getUrlParam("node");
+    var cookie_node_id = getCookie('node_selected');
+    var node;
+    var node_id;
+
+    if (query_node_id !== null) {
+        node_id = query_node_id
+    } else if (cookie_node_id !== null) {
+        node_id = cookie_node_id;
+    }
+
+    node = zTree.getNodesByParam("id", node_id, null);
+    if (node){
+        zTree.selectNode(node[0]);
+    }
+}
+
+function initTree() {
+    var setting = {
+        view: {
+            dblClickExpand: false,
+            showLine: true
+        },
+        data: {
+            simpleData: {
+                enable: true
+            }
+        },
+        callback: {
+            onSelected: onSelected
+        }
+    };
+
+    var zNodes = [];
+    $.get("{% url 'api-perms:my-nodes' %}", function(data, status){
+        $.each(data, function (index, value) {
+            value["pId"] = value["parent"];
+            if (value["key"] === "0") {
+                value["open"] = true;
+            }
+            value["name"] = value["value"]
+        });
+        zNodes = data;
+        $.fn.zTree.init($("#assetTree"), setting, zNodes);
+        zTree = $.fn.zTree.getZTreeObj("assetTree");
+		rMenu = $("#rMenu");
+		selectQueryNode();
+    });
+}
+
+$(document).ready(function () {
+    initTree();
+});
 </script>
-{% endblock %}
+
+{% endblock %}
\ No newline at end of file
diff --git a/apps/perms/api.py b/apps/perms/api.py
index 148d366db..4f4fa3145 100644
--- a/apps/perms/api.py
+++ b/apps/perms/api.py
@@ -100,33 +100,6 @@ class UserGrantedNodesApi(ListAPIView):
 
 
 class UserGrantedNodesWithAssetsApi(ListAPIView):
-    """
-    授权用户的资产组，注：这里的资产组并非是授权列表中授权的，
-    而是把所有资产取出来，然后反查出所有节点，然后合并得到，
-    结果里也包含资产组下授权的资产
-    数据结构如下：
-    [
-      {
-        "id": 1,
-        "value": "node",
-        ... 其它属性
-        "assets_granted": [
-          {
-            "id": 1,
-            "hostname": "testserver",
-            "ip": "192.168.1.1",
-            "port": 22,
-            "system_users_granted": [
-              "id": 1,
-              "name": "web",
-              "username": "web",
-              "protocol": "ssh",
-            ]
-          }
-        ]
-      }
-    ]
-    """
     permission_classes = (IsSuperUserOrAppUser,)
     serializer_class = NodeGrantedSerializer
 
@@ -172,6 +145,11 @@ class UserGrantedNodeAssetsApi(ListAPIView):
             asset.system_users_granted = system_users
         return assets
 
+    def get_permissions(self):
+        if self.kwargs.get('pk') is None:
+            self.permission_classes = (IsValidUser,)
+        return super().get_permissions()
+
 
 class UserGroupGrantedAssetsApi(ListAPIView):
     permission_classes = (IsSuperUser,)
diff --git a/apps/users/models/user.py b/apps/users/models/user.py
index 347848b7b..06761a5df 100644
--- a/apps/users/models/user.py
+++ b/apps/users/models/user.py
@@ -241,7 +241,7 @@ class User(AbstractUser):
     def create_app_user(cls, name, comment):
         app = cls.objects.create(
             username=name, name=name, email='{}@local.domain'.format(name),
-            is_active=False, role='App', enable_otp=False, comment=comment,
+            is_active=False, role='App', comment=comment,
             is_first_login=False, created_by='System'
         )
         access_key = app.create_access_key()
diff --git a/apps/users/templates/users/user_profile.html b/apps/users/templates/users/user_profile.html
index 88d963595..f29e1427e 100644
--- a/apps/users/templates/users/user_profile.html
+++ b/apps/users/templates/users/user_profile.html
@@ -65,7 +65,7 @@
                                             </tr>
                                             <tr>
                                                 <td class="text-navy">{% trans 'OTP' %}</td>
-                                                <td>{{ user.enable_otp|yesno:"Yes,No,Unkown" }}</td>
+                                                <td>{{ user.otp_enabled|yesno:"Yes,No,Unkown" }}</td>
                                             </tr>
                                             <tr>
                                                 <td class="text-navy">{% trans 'Public key' %}</td>
diff --git a/apps/users/views/login.py b/apps/users/views/login.py
index 21c63f889..cd8ce8fca 100644
--- a/apps/users/views/login.py
+++ b/apps/users/views/login.py
@@ -192,8 +192,6 @@ class UserFirstLoginView(LoginRequiredMixin, SessionWizardView):
             for field in form:
                 if field.value():
                     setattr(user, field.name, field.value())
-                if field.name == 'enable_otp':
-                    user.enable_otp = field.value()
         user.is_first_login = False
         user.is_public_key_valid = True
         user.save()