Merge pull request #1283 from jumpserver/dev

更改版本号
[Update] 修改版本号 (#1282 )
2025-12-15 16:42:34 +00:00 · 2018-05-02 10:54:38 +08:00 · 2018-05-02 10:52:57 +08:00 · 2018-04-27 21:23:18 +08:00 · 2018-04-27 15:38:13 +08:00 · 2018-04-27 12:44:00 +08:00
475 changed files with 27819 additions and 16930 deletions
--- a/.dockerignore
+++ b/.dockerignore
@@ -0,0 +1,7 @@
+.git
+logs/*
+data/*
+.github
+tmp/*
+django.db
+celerybeat.pid
--- a/.github/ISSUE_TEMPLATE.md
+++ b/.github/ISSUE_TEMPLATE.md
@@ -1,7 +1,7 @@
 [简述你的问题]

 ##### 使用版本
-[请提供你使用的Jumpserver版本 0.3.2 或 0.4.0]
+[请提供你使用的Jumpserver版本 0.3.2 或 0.5.0]

 ##### 问题复现步骤
 1. [步骤1]
--- a/.gitignore
+++ b/.gitignore
@@ -5,6 +5,7 @@
 .env
 env
 env*
+venv
 dist
 build
 *.egg
@@ -24,3 +25,10 @@ tags
 jumpserver.iml
 .python-version
 tmp/*
+sessions/*
+media
+celerybeat.pid
+django.db
+celerybeat-schedule.db
+data/static
+docs/_build/
--- a/.python-version
+++ b/.python-version
@@ -1 +0,0 @@
-system
--- a/22
+++ b/22
@@ -1,22 +0,0 @@
-FROM jumpserver/python:v3.6.1
-LABEL MAINTAINER Jumpserver Team <ibuler@qq.com>
-
-
-COPY . /opt/jumpserver
-WORKDIR /opt/jumpserver
-
-RUN yum -y install epel-release && yum clean all -y
-RUN cd requirements && yum -y install $(cat rpm_requirements.txt) && yum clean all -y
-RUN cd requirements && pip install -r requirements.txt 
-
-RUN rm -f data/db.sqlite3
-RUN rm -r .git
-RUN rm -f config.py
-
-VOLUME /opt/jumpserver/data
-VOLUME /opt/jumpserver/logs
-
-RUN cp config_docker.py config.py
-
-EXPOSE 8080
-CMD cd utils && sh make_migrations.sh && sh init_db.sh && cd .. && python run_server.py
--- a/16
+++ b/16
@@ -1,16 +0,0 @@
-FROM centos:centos6
-LABEL MAINTAINER Jumpserver Team <ibuler@qq.com>
-
-WORKDIR /tmp
-
-RUN yum -y install wget sqlite-devel xz gcc automake zlib-devel openssl-devel; yum clean all
-
-# Install Python
-RUN wget https://www.python.org/ftp/python/3.6.1/Python-3.6.1.tar.xz && \
-    tar xvf Python-3.6.1.tar.xz  && cd Python-3.6.1 && ./configure && make && make install &&  \
-    rm -rf /tmp/{Python-3.6.1.tar.xz,Python-3.6.1}
-
-RUN mv /usr/bin/python /usr/bin/python2
-RUN ln -s /usr/local/bin/python3 /usr/bin/python && ln -s /usr/local/bin/pip3 /usr/bin/pip
-RUN sed -i 's@/usr/bin/python@/usr/bin/python2@g' /usr/bin/yum
-
--- a/README.md
+++ b/README.md
@@ -5,106 +5,54 @@
 [![Ansible](https://img.shields.io/badge/ansible-2.2.2.0-blue.svg?style=plastic)](https://www.ansible.com/)
 [![Paramiko](https://img.shields.io/badge/paramiko-2.1.2-green.svg?style=plastic)](http://www.paramiko.org/)

-Jumpserver is a open source proxy server, developed by `Python` and `Django`, aim to help 
-companies to efficiently user, assets, authority and audit management

-Jumpserver是一款使用Python, Django开发的开源跳板机系统, 助力互联网企业高效 用户、资产、权限、审计 管理
+----

-### Feature 功能
-  - Auth 统一认证
-  - CMDB 资产管理
-  - Perm 统一授权
-  - Audit 审计
-  - LDAP AUTH 支持LDAP认证
+Jumpserver是全球首款完全开源的堡垒机，使用GNU GPL v2.0开源协议，是符合 4A 的专业运维审计系统。
+
+Jumpserver使用Python / Django 进行开发，遵循 Web 2.0 规范，配备了业界领先的 Web Terminal 解决方案，交互界面美观、用户体验好。
+
+Jumpserver采纳分布式架构，支持多机房跨区域部署，中心节点提供 API，各机房部署登录节点，可横向扩展、无并发限制。
+
+改变世界，从一点点开始。
+
+----
+
+### 功能
+  - 统一认证
+  - 资产管理
+  - 统一授权
+  - 审计
+  - 支持LDAP认证
  - Web terminal
  - SSH Server
+  - 支持Windows RDP

+### 开始使用

-### Environment 环境
-   * Python 3.6  
-   * Django 1.11
+快速开始文档  [Docker安装](http://docs.jumpserver.org/zh/latest/quickstart.html)

-### Install 安装 
-Using docker compose to setup it
+一步一步安装文档 [详细部署](http://docs.jumpserver.org/zh/latest/step_by_step.html)

-使用docker compose 安装，一键完成，docker compose 安装见 docker官方
+也可以查看我们完整文档包括了使用和开发 [文档](http://docs.jumpserver.org)

-   $ docker-compose up
+### Demo 和 截图 

-### Usage 使用
-   1. Visit http://$HOST:8080 (访问 http://你的主机IP:8080 来访问 Jumpserver)
+我们提供了DEMO和截图可以让你快速了解Jumpserver

-   2. Click left navigation visit Applications-Terminal and accept coco and luna register
-      (点击左侧 应用程序接受 Coco和Luna的注册)
+[DEMO](http://demo.jumpserver.org)
+[截图](http://docs.jumpserver.org/zh/docs/snapshot.html)

-   3. Click Assets-Admin user, Create admin user
-      (添加 管理用户)
+### SDK 

-   4. Click Assets-System user, Create system user
-      (添加 系统用户)
+我们还编写了一些SDK，供你其它系统快速和Jumpserver APi交互，

-   5. Click Assets-Asset, Add a asset
-      (添加 资产)
+- [python](https://github.com/jumpserver/jumpserver-python-sdk) Jumpserver其它组件使用这个SDK完成交互
+- [java](https://github.com/KaiJunYan/jumpserver-java-sdk.git) 恺珺同学提供的Java版本的SDK

-   6. Click Perms-Asset permission, Add a perm rule
-      (添加授权规则，授权给admin)
-   
-   7. Connect ssh server coco (连接 ssh server coco)
-      
-      ssh -p2222 $USER@$Host
- 
-   8. Visit web terminal server Luna, click server test connection
-      (访问 访问Luna，点击左侧服务器连接测试)
-      
-      http://$HOST:5000
-   
-   
-### Snapshot 截图
-
-    https://github.com/jumpserver/jumpserver/issues/438
-
-
-### Demo
-
-demo使用了开发者模式，并发只能为1 
-
- Jumpserver: [访问](http://demo.jumpserver.org:8080)  账号: admin 密码: admin
-
- Luna: [访问](http://demo.jumpserver.org:5000) 同Jumpserver认证
-
- Coco: ssh -p 2222 admin@demo.jumpserver.org 密码: admin
-
-### ROADMAP
-
-参见 https://github.com/jumpserver/jumpserver/milestone/2
-
-### Docs 开发者文档
-
-
-   * [Project structure 项目结构描述](https://github.com/jumpserver/jumpserver/blob/dev/docs/project_structure.md)
-   * [Code style Python代码规范](https://github.com/jumpserver/jumpserver/blob/dev/docs/python_style_guide.md)
-   * [Api style API设计规范](https://github.com/jumpserver/jumpserver/blob/dev/docs/api_style_guide.md)
-
-### Contributor 贡献者
-#### 0.4.0
- ibuler <广宏伟>
- 小彧 <李磊> Django资深开发者，为users模块贡献了很多代码
- sofia <周小侠> 资深前端工程师, luna前端代码贡献者和现在维护者
- liuz <刘正> 全栈工程师, 编写了luna大部分代码
- jiaxiangkong <陈尚委> Jumpserver测试运营
-
-#### 0.3.2 
- halcyon <王墉> DevOps 资深开发者, 0.3.2 核心开发者之一
- yumaojun03 <喻茂峻> DevOps 资深开发者，jperm开发者，擅长Python, Go以及PAAS平台开发
- kelianchun <柯连春> DevOps 资产开发者，fix了很多connect.py bug
-
-### 开发者群
-如果你为Jumpserver贡献过代码，请加一下群 （需要验证一下你的github id）
-
-群号: 489385245

 ### License & Copyright
-Copyright (c) 2014-2017 Beijing Duizhan Tech, Inc., All rights reserved.
+Copyright (c) 2014-2018 Beijing Duizhan Tech, Inc., All rights reserved.

 Licensed under The GNU General Public License version 2 (GPLv2)  (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

--- a/apps/init.py
+++ b/apps/init.py
@@ -2,6 +2,4 @@
 # -*- coding: utf-8 -*-
 #

-
-if __name__ == '__main__':
-    pass
+__version__ = "1.3.0"
--- a/apps/applications/api.py
+++ b/apps/applications/api.py
@@ -1,103 +0,0 @@
-# -*- coding: utf-8 -*-
-# 
-
-from collections import OrderedDict
-import copy
-from rest_framework.generics import ListCreateAPIView
-from rest_framework import viewsets
-from rest_framework.views import APIView, Response
-from rest_framework.permissions import AllowAny
-from django.shortcuts import get_object_or_404
-from rest_framework.decorators import api_view
-
-from .models import Terminal, TerminalHeatbeat
-from .serializers import TerminalSerializer, TerminalHeatbeatSerializer
-from .hands import IsSuperUserOrAppUser, IsAppUser, ProxyLog, \
-    IsSuperUserOrAppUserOrUserReadonly
-from common.utils import get_object_or_none
-
-
-class TerminalRegisterView(ListCreateAPIView):
-    queryset = Terminal.objects.all()
-    serializer_class = TerminalSerializer
-    permission_classes = (AllowAny,)
-
-    def create(self, request, *args, **kwargs):
-        name = request.data.get('name', '')
-        remote_addr = request.META.get('X-Real-IP') or \
-                      request.META.get('REMOTE_ADDR')
-        serializer = self.serializer_class(
-            data={'name': name, 'remote_addr': remote_addr})
-
-        if get_object_or_none(Terminal, name=name):
-            return Response({'msg': 'Already register, Need '
-                                    'administrator active it'}, status=200)
-
-        if serializer.is_valid():
-            terminal = serializer.save()
-            app_user, access_key = terminal.create_related_app_user()
-            data = OrderedDict()
-            data['terminal'] = copy.deepcopy(serializer.data)
-            data['user'] = app_user.to_json()
-            data['access_key_id'] = access_key.id
-            data['access_key_secret'] = access_key.secret
-            return Response(data, status=201)
-        else:
-            data = {'msg': 'Not valid', 'detail': ';'.join(serializer.errors)}
-            return Response(data, status=400)
-
-    def list(self, request, *args, **kwargs):
-        return Response('', status=404)
-
-
-class TerminalViewSet(viewsets.ModelViewSet):
-    queryset = Terminal.objects.all()
-    serializer_class = TerminalSerializer
-    permission_classes = (IsSuperUserOrAppUserOrUserReadonly,)
-
-    def create(self, request, *args, **kwargs):
-        return Response({'msg': 'Use register view except that'}, status=404)
-
-    # def destroy(self, request, *args, **kwargs):
-        # instance = self.get_object()
-        # if instance.user is not None:
-        #     instance.user.delete()
-        # return super(TerminalViewSet, self).destroy(request, *args, **kwargs)
-
-tasks = OrderedDict()
-# tasks = {1: [{'name': 'kill_proxy', 'proxy_log_id': 23}]}
-
-
-class TerminalHeatbeatViewSet(viewsets.ModelViewSet):
-    queryset = TerminalHeatbeat.objects.all()
-    serializer_class = TerminalHeatbeatSerializer
-    permission_classes = (IsAppUser,)
-
-    def create(self, request, *args, **kwargs):
-        terminal = request.user.terminal
-        TerminalHeatbeat.objects.create(terminal=terminal)
-        task = tasks.get(terminal.name)
-        tasks[terminal.name] = []
-        return Response({'msg': 'Success',
-                         'tasks': task},
-                        status=201)
-
-
-class TerminateConnectionView(APIView):
-    def post(self, request, *args, **kwargs):
-        if isinstance(request.data, dict):
-            data = [request.data]
-        else:
-            data = request.data
-        for d in data:
-            proxy_log_id = d.get('proxy_log_id')
-            proxy_log = get_object_or_404(ProxyLog, id=proxy_log_id)
-            terminal_id = proxy_log.terminal
-            if terminal_id in tasks:
-                tasks[terminal_id].append({'name': 'kill_proxy',
-                                           'proxy_log_id': proxy_log_id})
-            else:
-                tasks[terminal_id] = [{'name': 'kill_proxy',
-                                       'proxy_log_id': proxy_log_id}]
-
-        return Response({'msg': 'get it'})
--- a/apps/applications/apps.py
+++ b/apps/applications/apps.py
@@ -1,7 +0,0 @@
-from __future__ import unicode_literals
-
-from django.apps import AppConfig
-
-
-class ApplicationsConfig(AppConfig):
-    name = 'applications'
--- a/apps/applications/forms.py
+++ b/apps/applications/forms.py
@@ -1,18 +0,0 @@
-# ~*~ coding: utf-8 ~*~
-#
-
-from django import forms
-
-from .models import Terminal
-
-
-class TerminalForm(forms.ModelForm):
-    class Meta:
-        model = Terminal
-        fields = ['name', 'remote_addr', 'type', 'url', 'comment']
-        help_texts = {
-            'url': 'Example: ssh://192.168.1.1:22 or http://jms.jumpserver.org, that user login'
-        }
-        widgets = {
-            'name': forms.TextInput(attrs={'readonly': 'readonly'})
-        }
--- a/apps/applications/models.py
+++ b/apps/applications/models.py
@@ -1,62 +0,0 @@
-from __future__ import unicode_literals
-
-from django.db import models
-from django.utils.translation import ugettext_lazy as _
-
-from users.models import User
-
-
-class Terminal(models.Model):
-    TYPE_CHOICES = (
-        ('SSH', 'SSH Terminal'),
-        ('Web', 'Web Terminal')
-    )
-    name = models.CharField(max_length=30, unique=True, verbose_name=_('Name'))
-    remote_addr = models.GenericIPAddressField(verbose_name=_('Remote address'), blank=True, null=True)
-    type = models.CharField(choices=TYPE_CHOICES, max_length=3, blank=True, verbose_name=_('Terminal type'))
-    user = models.OneToOneField(User, related_name='terminal', verbose_name='Application user',
-                                null=True, on_delete=models.CASCADE)
-    url = models.CharField(max_length=100, blank=True, verbose_name=_('URL to login'))
-    is_accepted = models.BooleanField(default=False, verbose_name='Is Accepted')
-    date_created = models.DateTimeField(auto_now_add=True)
-    comment = models.TextField(blank=True, verbose_name=_('Comment'))
-
-    @property
-    def is_active(self):
-        if self.user and self.user.is_active:
-            return True
-        return False
-
-    @is_active.setter
-    def is_active(self, active):
-        if self.user:
-            self.user.is_active = active
-            self.user.save()
-
-    def create_related_app_user(self):
-        user, access_key = User.create_app_user(name=self.name, comment=self.comment)
-        self.user = user
-        self.save()
-        return user, access_key
-
-    def delete(self, using=None, keep_parents=False):
-        if self.user:
-            self.user.delete()
-        return super(Terminal, self).delete(using=using, keep_parents=keep_parents)
-
-    def __unicode__(self):
-        active = 'Active' if self.user and self.user.is_active else 'Disabled'
-        return '%s: %s' % (self.name, active)
-
-    __str__ = __unicode__
-
-    class Meta:
-        ordering = ('is_accepted',)
-
-
-class TerminalHeatbeat(models.Model):
-    terminal = models.ForeignKey(Terminal, on_delete=models.CASCADE)
-    date_created = models.DateTimeField(auto_now_add=True)
-
-    class Meta:
-        db_table = 'terminal_heatbeat'
--- a/apps/applications/serializers.py
+++ b/apps/applications/serializers.py
@@ -1,41 +0,0 @@
-# -*- coding: utf-8 -*-
-#
-
-from django.utils import timezone
-from rest_framework import serializers
-
-from .models import Terminal, TerminalHeatbeat
-from .hands import ProxyLog
-
-
-class TerminalSerializer(serializers.ModelSerializer):
-    proxy_online = serializers.SerializerMethodField()
-    is_alive = serializers.SerializerMethodField()
-
-    class Meta:
-        model = Terminal
-        fields = ['id', 'name', 'remote_addr', 'type', 'url', 'comment',
-                  'is_accepted', 'is_active', 'get_type_display',
-                  'proxy_online', 'is_alive']
-
-    @staticmethod
-    def get_proxy_online(obj):
-        return ProxyLog.objects.filter(terminal=obj.name, is_finished=False).count()
-
-    @staticmethod
-    def get_is_alive(obj):
-        log = obj.terminalheatbeat_set.last()
-        if log and timezone.now() - log.date_created < timezone.timedelta(seconds=600):
-            return True
-        else:
-            return False
-
-
-class TerminalHeatbeatSerializer(serializers.ModelSerializer):
-    date_start = serializers.DateTimeField
-    class Meta:
-        model = TerminalHeatbeat
-
-
-if __name__ == '__main__':
-    pass
--- a/apps/applications/urls/api_urls.py
+++ b/apps/applications/urls/api_urls.py
@@ -1,24 +0,0 @@
-#!/usr/bin/env python
-# -*- coding: utf-8 -*-
-#
-
-from django.conf.urls import url
-from rest_framework import routers
-
-from .. import api
-
-app_name = 'applications'
-
-router = routers.DefaultRouter()
-router.register(r'v1/terminal/heatbeat', api.TerminalHeatbeatViewSet, 'terminal-heatbeat')
-router.register(r'v1/terminal', api.TerminalViewSet, 'terminal')
-
-urlpatterns = [
-    url(r'^v1/terminal/register/$', api.TerminalRegisterView.as_view(),
-        name='terminal-register'),
-    url(r'^v1/terminate/connection/$', api.TerminateConnectionView.as_view(),
-        name='terminate-connection')
-    # url(r'^v1/terminal/heatbeat/$', api.TestHeatbeat.as_view())
-]
-
-urlpatterns += router.urls
--- a/apps/applications/urls/views_urls.py
+++ b/apps/applications/urls/views_urls.py
@@ -1,21 +0,0 @@
-#!/usr/bin/env python
-# -*- coding: utf-8 -*-
-#
-
-from django.conf.urls import url
-
-from .. import views
-
-app_name = 'applications'
-
-urlpatterns = [
-    url(r'^terminal/$', views.TerminalListView.as_view(), name='terminal-list'),
-    url(r'^terminal/(?P<pk>\d+)/$', views.TerminalDetailView.as_view(),
-        name='terminal-detail'),
-    url(r'^terminal/(?P<pk>\d+)/connect/$', views.TerminalConnectView.as_view(),
-        name='terminal-connect'),
-    url(r'^terminal/(?P<pk>\d+)/update$', views.TerminalUpdateView.as_view(),
-        name='terminal-update'),
-    url(r'^terminal/(?P<pk>\d+)/modal/accept$', views.TerminalModelAccept.as_view(),
-        name='terminal-modal-accept'),
-]
--- a/apps/assets/api.py
+++ b/apps/assets/api.py
@@ -1,220 +0,0 @@
-# ~*~ coding: utf-8 ~*~
-
-# Copyright (C) 2014-2017 Beijing DuiZhan Technology Co.,Ltd. All Rights Reserved.
-#
-# Licensed under the GNU General Public License v2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#    http://www.gnu.org/licenses/gpl-2.0.html
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-from rest_framework import generics
-from rest_framework.response import Response
-from rest_framework_bulk import BulkModelViewSet
-from rest_framework_bulk import ListBulkCreateUpdateDestroyAPIView
-from django.shortcuts import get_object_or_404
-
-from common.mixins import IDInFilterMixin
-from common.utils import get_object_or_none
-from .hands import IsSuperUser, IsAppUser, IsValidUser, \
-    get_user_granted_assets, push_users
-from .models import AssetGroup, Asset, IDC, SystemUser, AdminUser
-from . import serializers
-from .tasks import update_assets_hardware_info
-from .utils import test_admin_user_connective_manual
-
-
-class AssetViewSet(IDInFilterMixin, BulkModelViewSet):
-    """API endpoint that allows Asset to be viewed or edited."""
-    queryset = Asset.objects.all()
-    serializer_class = serializers.AssetSerializer
-    permission_classes = (IsValidUser,)
-
-    def get_queryset(self):
-        if self.request.user.is_superuser:
-            queryset = super(AssetViewSet, self).get_queryset()
-        else:
-            queryset = get_user_granted_assets(self.request.user)
-        idc_id = self.request.query_params.get('idc_id', '')
-        system_users_id = self.request.query_params.get('system_user_id', '')
-        asset_group_id = self.request.query_params.get('asset_group_id', '')
-        admin_user_id = self.request.query_params.get('admin_user_id', '')
-        if idc_id:
-            queryset = queryset.filter(idc__id=idc_id)
-        if system_users_id:
-            queryset = queryset.filter(system_users__id=system_users_id)
-        if admin_user_id:
-            queryset = queryset.filter(admin_user__id=admin_user_id)
-        if asset_group_id:
-            queryset = queryset.filter(groups__id=asset_group_id)
-        return queryset
-
-
-class AssetGroupViewSet(IDInFilterMixin, BulkModelViewSet):
-    """Asset group api set, for add,delete,update,list,retrieve resource"""
-    queryset = AssetGroup.objects.all()
-    serializer_class = serializers.AssetGroupSerializer
-    permission_classes = (IsSuperUser,)
-
-
-class AssetUpdateGroupApi(generics.RetrieveUpdateAPIView):
-    """Asset update it's group api"""
-    queryset = Asset.objects.all()
-    serializer_class = serializers.AssetUpdateGroupSerializer
-    permission_classes = (IsSuperUser,)
-
-
-class AssetGroupUpdateApi(generics.RetrieveUpdateAPIView):
-    """Asset group, update it's asset member"""
-    queryset = AssetGroup.objects.all()
-    serializer_class = serializers.AssetGroupUpdateSerializer
-    permission_classes = (IsSuperUser,)
-
-
-class AssetGroupUpdateSystemUserApi(generics.RetrieveUpdateAPIView):
-    """Asset group push system user"""
-    queryset = AssetGroup.objects.all()
-    serializer_class = serializers.AssetGroupUpdateSystemUserSerializer
-    permission_classes = (IsSuperUser,)
-
-
-class IDCUpdateAssetsApi(generics.RetrieveUpdateAPIView):
-    """IDC update asset member"""
-    queryset = IDC.objects.all()
-    serializer_class = serializers.IDCUpdateAssetsSerializer
-    permission_classes = (IsSuperUser,)
-
-
-class IDCViewSet(IDInFilterMixin, BulkModelViewSet):
-    """IDC api set, for add,delete,update,list,retrieve resource"""
-    queryset = IDC.objects.all()
-    serializer_class = serializers.IDCSerializer
-    permission_classes = (IsSuperUser,)
-
-
-class AdminUserViewSet(IDInFilterMixin, BulkModelViewSet):
-    """Admin user api set, for add,delete,update,list,retrieve resource"""
-    queryset = AdminUser.objects.all()
-    serializer_class = serializers.AdminUserSerializer
-    permission_classes = (IsSuperUser,)
-
-
-class SystemUserViewSet(IDInFilterMixin, BulkModelViewSet):
-    """System user api set, for add,delete,update,list,retrieve resource"""
-    queryset = SystemUser.objects.all()
-    serializer_class = serializers.SystemUserSerializer
-    permission_classes = (IsSuperUser,)
-
-
-class SystemUserUpdateApi(generics.RetrieveUpdateAPIView):
-    """Asset update it's system user
-
-    when update then push system user to asset.
-    """
-    queryset = Asset.objects.all()
-    serializer_class = serializers.AssetUpdateSystemUserSerializer
-    permission_classes = (IsSuperUser,)
-
-    def patch(self, request, *args, **kwargs):
-        asset = self.get_object()
-        old_system_users = set(asset.system_users.all())
-        response = super(SystemUserUpdateApi, self).patch(request, *args, **kwargs)
-        system_users_new = set(asset.system_users.all())
-        system_users = system_users_new - old_system_users
-        system_users = [system_user._to_secret_json() for system_user in system_users]
-        push_users.delay([asset._to_secret_json()], system_users)
-        return response
-
-
-class SystemUserUpdateAssetsApi(generics.RetrieveUpdateAPIView):
-    """System user update it's assets"""
-    queryset = SystemUser.objects.all()
-    serializer_class = serializers.SystemUserUpdateAssetsSerializer
-    permission_classes = (IsSuperUser,)
-
-
-class SystemUserUpdateAssetGroupApi(generics.RetrieveUpdateAPIView):
-    """System user update asset group"""
-    queryset = SystemUser.objects.all()
-    serializer_class = serializers.SystemUserUpdateAssetGroupSerializer
-    permission_classes = (IsSuperUser,)
-
-
-class AssetListUpdateApi(IDInFilterMixin, ListBulkCreateUpdateDestroyAPIView):
-    """Asset bulk update api"""
-    queryset = Asset.objects.all()
-    serializer_class = serializers.AssetSerializer
-    permission_classes = (IsSuperUser,)
-
-
-class SystemUserAuthInfoApi(generics.RetrieveAPIView):
-    """Get system user auth info"""
-    queryset = SystemUser.objects.all()
-    permission_classes = (IsAppUser,)
-
-    def retrieve(self, request, *args, **kwargs):
-        system_user = self.get_object()
-        data = {
-            'id': system_user.id,
-            'name': system_user.name,
-            'username': system_user.username,
-            'password': system_user.password,
-            'private_key': system_user.private_key,
-            'auth_method': system_user.auth_method,
-        }
-        return Response(data)
-
-
-class AssetRefreshHardwareView(generics.RetrieveAPIView):
-    """Refresh asset hardware info"""
-    queryset = Asset.objects.all()
-    serializer_class = serializers.AssetSerializer
-    permission_classes = (IsSuperUser,)
-
-    def retrieve(self, request, *args, **kwargs):
-        asset_id = kwargs.get('pk')
-        asset = get_object_or_404(Asset, pk=asset_id)
-        summary = update_assets_hardware_info([asset])
-        if len(summary['failed']) == 0:
-            return super(AssetRefreshHardwareView, self).retrieve(request, *args, **kwargs)
-        else:
-            return Response('', status=502)
-
-
-class AssetAdminUserTestView(AssetRefreshHardwareView):
-    """Test asset admin user connectivity"""
-    queryset = Asset.objects.all()
-    permission_classes = (IsSuperUser,)
-
-    def retrieve(self, request, *args, **kwargs):
-        asset_id = kwargs.get('pk')
-        asset = get_object_or_404(Asset, pk=asset_id)
-        result = test_admin_user_connective_manual([asset])
-        if result:
-            return Response('1')
-        else:
-            return Response('0', status=502)
-
-
-class AssetGroupPushSystemUserView(generics.UpdateAPIView):
-    """Asset group push system user api"""
-    queryset = AssetGroup.objects.all()
-    permission_classes = (IsSuperUser,)
-    serializer_class = serializers.AssetSerializer
-
-    def patch(self, request, *args, **kwargs):
-        asset_group = self.get_object()
-        assets = asset_group.assets.all()
-        system_user_id = self.request.data['system_user']
-        system_user = get_object_or_none(SystemUser, id=system_user_id)
-        if not assets or not system_user:
-            return Response('Invalid system user id or asset group id', status=404)
-        task = push_users.delay([asset._to_secret_json() for asset in assets],
-                                system_user._to_secret_json())
-        return Response(task.id)
--- a/apps/assets/api/init.py
+++ b/apps/assets/api/init.py
@@ -0,0 +1,6 @@
+from .admin_user import *
+from .asset import *
+from .label import *
+from .system_user import *
+from .node import *
+from .domain import *
--- a/apps/assets/api/admin_user.py
+++ b/apps/assets/api/admin_user.py
@@ -0,0 +1,83 @@
+# ~*~ coding: utf-8 ~*~
+# Copyright (C) 2014-2018 Beijing DuiZhan Technology Co.,Ltd. All Rights Reserved.
+#
+# Licensed under the GNU General Public License v2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.gnu.org/licenses/gpl-2.0.html
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from django.db import transaction
+from rest_framework import generics
+from rest_framework.response import Response
+from rest_framework_bulk import BulkModelViewSet
+
+from common.mixins import IDInFilterMixin
+from common.utils import get_logger
+from ..hands import IsSuperUser
+from ..models import AdminUser, Asset
+from .. import serializers
+from ..tasks import test_admin_user_connectability_manual
+
+
+logger = get_logger(__file__)
+__all__ = [
+    'AdminUserViewSet', 'ReplaceNodesAdminUserApi',
+    'AdminUserTestConnectiveApi', 'AdminUserAuthApi',
+]
+
+
+class AdminUserViewSet(IDInFilterMixin, BulkModelViewSet):
+    """
+    Admin user api set, for add,delete,update,list,retrieve resource
+    """
+    queryset = AdminUser.objects.all()
+    serializer_class = serializers.AdminUserSerializer
+    permission_classes = (IsSuperUser,)
+
+
+class AdminUserAuthApi(generics.UpdateAPIView):
+    queryset = AdminUser.objects.all()
+    serializer_class = serializers.AdminUserAuthSerializer
+    permission_classes = (IsSuperUser,)
+
+
+class ReplaceNodesAdminUserApi(generics.UpdateAPIView):
+    queryset = AdminUser.objects.all()
+    serializer_class = serializers.ReplaceNodeAdminUserSerializer
+    permission_classes = (IsSuperUser,)
+
+    def update(self, request, *args, **kwargs):
+        admin_user = self.get_object()
+        serializer = self.serializer_class(data=request.data)
+        if serializer.is_valid():
+            nodes = serializer.validated_data['nodes']
+            assets = []
+            for node in nodes:
+                assets.extend([asset.id for asset in node.get_all_assets()])
+
+            with transaction.atomic():
+                Asset.objects.filter(id__in=assets).update(admin_user=admin_user)
+
+            return Response({"msg": "ok"})
+        else:
+            return Response({'error': serializer.errors}, status=400)
+
+
+class AdminUserTestConnectiveApi(generics.RetrieveAPIView):
+    """
+    Test asset admin user connectivity
+    """
+    queryset = AdminUser.objects.all()
+    permission_classes = (IsSuperUser,)
+
+    def retrieve(self, request, *args, **kwargs):
+        admin_user = self.get_object()
+        task = test_admin_user_connectability_manual.delay(admin_user)
+        return Response({"task": task.id})
--- a/apps/assets/api/asset.py
+++ b/apps/assets/api/asset.py
@@ -0,0 +1,107 @@
+# -*- coding: utf-8 -*-
+#
+
+from rest_framework import generics
+from rest_framework.response import Response
+from rest_framework_bulk import BulkModelViewSet
+from rest_framework_bulk import ListBulkCreateUpdateDestroyAPIView
+from rest_framework.pagination import LimitOffsetPagination
+from django.shortcuts import get_object_or_404
+from django.db.models import Q
+
+from common.mixins import IDInFilterMixin
+from common.utils import get_logger
+from ..hands import IsSuperUser, IsValidUser, IsSuperUserOrAppUser, \
+    NodePermissionUtil
+from ..models import  Asset, SystemUser, AdminUser, Node
+from .. import serializers
+from ..tasks import update_asset_hardware_info_manual, \
+    test_asset_connectability_manual
+from ..utils import LabelFilter
+
+
+logger = get_logger(__file__)
+__all__ = [
+    'AssetViewSet', 'UserAssetListView', 'AssetListUpdateApi',
+    'AssetRefreshHardwareApi', 'AssetAdminUserTestApi'
+]
+
+
+class AssetViewSet(IDInFilterMixin, LabelFilter, BulkModelViewSet):
+    """
+    API endpoint that allows Asset to be viewed or edited.
+    """
+    filter_fields = ("hostname", "ip")
+    search_fields = filter_fields
+    ordering_fields = ("hostname", "ip", "port", "cpu_cores")
+    queryset = Asset.objects.all()
+    serializer_class = serializers.AssetSerializer
+    pagination_class = LimitOffsetPagination
+    permission_classes = (IsSuperUserOrAppUser,)
+
+    def get_queryset(self):
+        queryset = super().get_queryset()
+        admin_user_id = self.request.query_params.get('admin_user_id')
+        node_id = self.request.query_params.get("node_id")
+
+        if admin_user_id:
+            admin_user = get_object_or_404(AdminUser, id=admin_user_id)
+            queryset = queryset.filter(admin_user=admin_user)
+        if node_id:
+            node = get_object_or_404(Node, id=node_id)
+            if not node.is_root():
+                queryset = queryset.filter(
+                    nodes__key__regex='{}(:[0-9]+)*$'.format(node.key),
+                ).distinct()
+        return queryset
+
+
+class UserAssetListView(generics.ListAPIView):
+    queryset = Asset.objects.all()
+    serializer_class = serializers.AssetSerializer
+    permission_classes = (IsValidUser,)
+
+    def get_queryset(self):
+        assets_granted = NodePermissionUtil.get_user_assets(self.request.user).keys()
+        queryset = self.queryset.filter(
+            id__in=[asset.id for asset in assets_granted]
+        )
+        return queryset
+
+
+class AssetListUpdateApi(IDInFilterMixin, ListBulkCreateUpdateDestroyAPIView):
+    """
+    Asset bulk update api
+    """
+    queryset = Asset.objects.all()
+    serializer_class = serializers.AssetSerializer
+    permission_classes = (IsSuperUser,)
+
+
+class AssetRefreshHardwareApi(generics.RetrieveAPIView):
+    """
+    Refresh asset hardware info
+    """
+    queryset = Asset.objects.all()
+    serializer_class = serializers.AssetSerializer
+    permission_classes = (IsSuperUser,)
+
+    def retrieve(self, request, *args, **kwargs):
+        asset_id = kwargs.get('pk')
+        asset = get_object_or_404(Asset, pk=asset_id)
+        task = update_asset_hardware_info_manual.delay(asset)
+        return Response({"task": task.id})
+
+
+class AssetAdminUserTestApi(generics.RetrieveAPIView):
+    """
+    Test asset admin user connectivity
+    """
+    queryset = Asset.objects.all()
+    permission_classes = (IsSuperUser,)
+
+    def retrieve(self, request, *args, **kwargs):
+        asset_id = kwargs.get('pk')
+        asset = get_object_or_404(Asset, pk=asset_id)
+        task = test_asset_connectability_manual.delay(asset)
+        return Response({"task": task.id})
--- a/apps/assets/api/domain.py
+++ b/apps/assets/api/domain.py
@@ -0,0 +1,55 @@
+# ~*~ coding: utf-8 ~*~
+
+from rest_framework_bulk import BulkModelViewSet
+from rest_framework.views import APIView, Response
+from rest_framework.generics import RetrieveAPIView
+
+from django.views.generic.detail import SingleObjectMixin
+
+from common.utils import get_logger
+from ..hands import IsSuperUser, IsSuperUserOrAppUser
+from ..models import Domain, Gateway
+from ..utils import test_gateway_connectability
+from .. import serializers
+
+
+logger = get_logger(__file__)
+__all__ = ['DomainViewSet', 'GatewayViewSet', "GatewayTestConnectionApi"]
+
+
+class DomainViewSet(BulkModelViewSet):
+    queryset = Domain.objects.all()
+    permission_classes = (IsSuperUser,)
+    serializer_class = serializers.DomainSerializer
+
+    def get_serializer_class(self):
+        if self.request.query_params.get('gateway'):
+            return serializers.DomainWithGatewaySerializer
+        return super().get_serializer_class()
+
+    def get_permissions(self):
+        if self.request.query_params.get('gateway'):
+            self.permission_classes = (IsSuperUserOrAppUser,)
+        return super().get_permissions()
+
+
+class GatewayViewSet(BulkModelViewSet):
+    filter_fields = ("domain",)
+    search_fields = filter_fields
+    queryset = Gateway.objects.all()
+    permission_classes = (IsSuperUser,)
+    serializer_class = serializers.GatewaySerializer
+
+
+class GatewayTestConnectionApi(SingleObjectMixin, APIView):
+    permission_classes = (IsSuperUser,)
+    model = Gateway
+    object = None
+
+    def get(self, request, *args, **kwargs):
+        self.object = self.get_object(Gateway.objects.all())
+        ok, e = test_gateway_connectability(self.object)
+        if ok:
+            return Response("ok")
+        else:
+            return Response({"failed": e}, status=404)
--- a/apps/assets/api/label.py
+++ b/apps/assets/api/label.py
@@ -0,0 +1,38 @@
+# ~*~ coding: utf-8 ~*~
+# Copyright (C) 2014-2018 Beijing DuiZhan Technology Co.,Ltd. All Rights Reserved.
+#
+# Licensed under the GNU General Public License v2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.gnu.org/licenses/gpl-2.0.html
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from rest_framework_bulk import BulkModelViewSet
+from django.db.models import Count
+
+from common.utils import get_logger
+from ..hands import IsSuperUser
+from ..models import Label
+from .. import serializers
+
+
+logger = get_logger(__file__)
+__all__ = ['LabelViewSet']
+
+
+class LabelViewSet(BulkModelViewSet):
+    queryset = Label.objects.annotate(asset_count=Count("assets"))
+    permission_classes = (IsSuperUser,)
+    serializer_class = serializers.LabelSerializer
+
+    def list(self, request, *args, **kwargs):
+        if request.query_params.get("distinct"):
+            self.serializer_class = serializers.LabelDistinctSerializer
+            self.queryset = self.queryset.values("name").distinct()
+        return super().list(request, *args, **kwargs)
--- a/apps/assets/api/node.py
+++ b/apps/assets/api/node.py
@@ -0,0 +1,232 @@
+# ~*~ coding: utf-8 ~*~
+# Copyright (C) 2014-2018 Beijing DuiZhan Technology Co.,Ltd. All Rights Reserved.
+#
+# Licensed under the GNU General Public License v2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.gnu.org/licenses/gpl-2.0.html
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from rest_framework import generics, mixins
+from rest_framework.views import APIView
+from rest_framework.response import Response
+from rest_framework_bulk import BulkModelViewSet
+from django.utils.translation import ugettext_lazy as _
+from django.shortcuts import get_object_or_404
+
+from common.utils import get_logger, get_object_or_none
+from ..hands import IsSuperUser
+from ..models import Node
+from ..tasks import update_assets_hardware_info_util, test_asset_connectability_util
+from .. import serializers
+
+
+logger = get_logger(__file__)
+__all__ = [
+    'NodeViewSet', 'NodeChildrenApi',
+    'NodeAssetsApi', 'NodeWithAssetsApi',
+    'NodeAddAssetsApi', 'NodeRemoveAssetsApi',
+    'NodeReplaceAssetsApi',
+    'NodeAddChildrenApi', 'RefreshNodeHardwareInfoApi',
+    'TestNodeConnectiveApi'
+]
+
+
+class NodeViewSet(BulkModelViewSet):
+    queryset = Node.objects.all()
+    permission_classes = (IsSuperUser,)
+    serializer_class = serializers.NodeSerializer
+
+    def perform_create(self, serializer):
+        child_key = Node.root().get_next_child_key()
+        serializer.validated_data["key"] = child_key
+        serializer.save()
+
+
+class NodeWithAssetsApi(generics.ListAPIView):
+    permission_classes = (IsSuperUser,)
+    serializers = serializers.NodeSerializer
+
+    def get_node(self):
+        pk = self.kwargs.get('pk') or self.request.query_params.get('node')
+        if not pk:
+            node = Node.root()
+        else:
+            node = get_object_or_404(Node, pk)
+        return node
+
+    def get_queryset(self):
+        queryset = []
+        node = self.get_node()
+        children = node.get_children()
+        assets = node.get_assets()
+        queryset.extend(list(children))
+
+        for asset in assets:
+            node = Node()
+            node.id = asset.id
+            node.parent = node.id
+            node.value = asset.hostname
+            queryset.append(node)
+        return queryset
+
+
+class NodeChildrenApi(mixins.ListModelMixin, generics.CreateAPIView):
+    queryset = Node.objects.all()
+    permission_classes = (IsSuperUser,)
+    serializer_class = serializers.NodeSerializer
+    instance = None
+
+    def post(self, request, *args, **kwargs):
+        if not request.data.get("value"):
+            request.data["value"] = _("New node {}").format(
+                Node.root().get_next_child_key().split(":")[-1]
+            )
+        return super().post(request, *args, **kwargs)
+
+    def create(self, request, *args, **kwargs):
+        instance = self.get_object()
+        value = request.data.get("value")
+        node = instance.create_child(value=value)
+        return Response(
+            {"id": node.id, "key": node.key, "value": node.value},
+            status=201,
+        )
+
+    def get_object(self):
+        pk = self.kwargs.get('pk') or self.request.query_params.get('id')
+        if not pk:
+            node = Node.root()
+        else:
+            node = get_object_or_404(Node, pk=pk)
+        return node
+
+    def get_queryset(self):
+        queryset = []
+        query_all = self.request.query_params.get("all")
+        query_assets = self.request.query_params.get('assets')
+        node = self.get_object()
+        if node == Node.root():
+            queryset.append(node)
+        if query_all:
+            children = node.get_all_children()
+        else:
+            children = node.get_children()
+
+        queryset.extend(list(children))
+        if query_assets:
+            assets = node.get_assets()
+            for asset in assets:
+                node_fake = Node()
+                node_fake.id = asset.id
+                node_fake.parent = node
+                node_fake.value = asset.hostname
+                node_fake.is_node = False
+                queryset.append(node_fake)
+        queryset = sorted(queryset, key=lambda x: x.is_node, reverse=True)
+        return queryset
+
+    def get(self, request, *args, **kwargs):
+        return super().list(request, *args, **kwargs)
+
+
+class NodeAssetsApi(generics.ListAPIView):
+    permission_classes = (IsSuperUser,)
+    serializer_class = serializers.AssetSerializer
+
+    def get_queryset(self):
+        node_id = self.kwargs.get('pk')
+        query_all = self.request.query_params.get('all')
+        instance = get_object_or_404(Node, pk=node_id)
+        if query_all:
+            return instance.get_all_assets()
+        else:
+            return instance.get_assets()
+
+
+class NodeAddChildrenApi(generics.UpdateAPIView):
+    queryset = Node.objects.all()
+    permission_classes = (IsSuperUser,)
+    serializer_class = serializers.NodeAddChildrenSerializer
+    instance = None
+
+    def put(self, request, *args, **kwargs):
+        instance = self.get_object()
+        nodes_id = request.data.get("nodes")
+        children = [get_object_or_none(Node, id=pk) for pk in nodes_id]
+        for node in children:
+            if not node:
+                continue
+            node.parent = instance
+            node.save()
+        return Response("OK")
+
+
+class NodeAddAssetsApi(generics.UpdateAPIView):
+    serializer_class = serializers.NodeAssetsSerializer
+    queryset = Node.objects.all()
+    permission_classes = (IsSuperUser,)
+    instance = None
+
+    def perform_update(self, serializer):
+        assets = serializer.validated_data.get('assets')
+        instance = self.get_object()
+        instance.assets.add(*tuple(assets))
+
+
+class NodeRemoveAssetsApi(generics.UpdateAPIView):
+    serializer_class = serializers.NodeAssetsSerializer
+    queryset = Node.objects.all()
+    permission_classes = (IsSuperUser,)
+    instance = None
+
+    def perform_update(self, serializer):
+        assets = serializer.validated_data.get('assets')
+        instance = self.get_object()
+        if instance != Node.root():
+            instance.assets.remove(*tuple(assets))
+
+
+class NodeReplaceAssetsApi(generics.UpdateAPIView):
+    serializer_class = serializers.NodeAssetsSerializer
+    queryset = Node.objects.all()
+    permission_classes = (IsSuperUser,)
+    instance = None
+
+    def perform_update(self, serializer):
+        assets = serializer.validated_data.get('assets')
+        instance = self.get_object()
+        for asset in assets:
+            asset.nodes.set([instance])
+
+
+class RefreshNodeHardwareInfoApi(APIView):
+    permission_classes = (IsSuperUser,)
+    model = Node
+
+    def get(self, request, *args, **kwargs):
+        node_id = kwargs.get('pk')
+        node = get_object_or_404(self.model, id=node_id)
+        assets = node.assets.all()
+        task_name = _("更新节点资产硬件信息: {}".format(node.name))
+        task = update_assets_hardware_info_util.delay(assets, task_name=task_name)
+        return Response({"task": task.id})
+
+
+class TestNodeConnectiveApi(APIView):
+    permission_classes = (IsSuperUser,)
+    model = Node
+
+    def get(self, request, *args, **kwargs):
+        node_id = kwargs.get('pk')
+        node = get_object_or_404(self.model, id=node_id)
+        assets = node.assets.all()
+        task_name = _("测试节点下资产是否可连接: {}".format(node.name))
+        task = test_asset_connectability_util.delay(assets, task_name=task_name)
+        return Response({"task": task.id})
--- a/apps/assets/api/system_user.py
+++ b/apps/assets/api/system_user.py
@@ -0,0 +1,75 @@
+# ~*~ coding: utf-8 ~*~
+# Copyright (C) 2014-2018 Beijing DuiZhan Technology Co.,Ltd. All Rights Reserved.
+#
+# Licensed under the GNU General Public License v2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.gnu.org/licenses/gpl-2.0.html
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from rest_framework import generics
+from rest_framework.response import Response
+from rest_framework_bulk import BulkModelViewSet
+from common.utils import get_logger
+from ..hands import IsSuperUser, IsSuperUserOrAppUser
+from ..models import SystemUser
+from .. import serializers
+from ..tasks import push_system_user_to_assets_manual, \
+    test_system_user_connectability_manual
+
+
+logger = get_logger(__file__)
+__all__ = [
+    'SystemUserViewSet', 'SystemUserAuthInfoApi',
+    'SystemUserPushApi', 'SystemUserTestConnectiveApi'
+]
+
+
+class SystemUserViewSet(BulkModelViewSet):
+    """
+    System user api set, for add,delete,update,list,retrieve resource
+    """
+    queryset = SystemUser.objects.all()
+    serializer_class = serializers.SystemUserSerializer
+    permission_classes = (IsSuperUserOrAppUser,)
+
+
+class SystemUserAuthInfoApi(generics.RetrieveUpdateAPIView):
+    """
+    Get system user auth info
+    """
+    queryset = SystemUser.objects.all()
+    permission_classes = (IsSuperUserOrAppUser,)
+    serializer_class = serializers.SystemUserAuthSerializer
+
+
+class SystemUserPushApi(generics.RetrieveAPIView):
+    """
+    Push system user to cluster assets api
+    """
+    queryset = SystemUser.objects.all()
+    permission_classes = (IsSuperUser,)
+
+    def retrieve(self, request, *args, **kwargs):
+        system_user = self.get_object()
+        task = push_system_user_to_assets_manual.delay(system_user)
+        return Response({"task": task.id})
+
+
+class SystemUserTestConnectiveApi(generics.RetrieveAPIView):
+    """
+    Push system user to cluster assets api
+    """
+    queryset = SystemUser.objects.all()
+    permission_classes = (IsSuperUser,)
+
+    def retrieve(self, request, *args, **kwargs):
+        system_user = self.get_object()
+        task = test_system_user_connectability_manual.delay(system_user)
+        return Response({"task": task.id})
--- a/apps/assets/apps.py
+++ b/apps/assets/apps.py
@@ -5,3 +5,7 @@ from django.apps import AppConfig

 class AssetsConfig(AppConfig):
    name = 'assets'
+
+    def ready(self):
+        from . import signals_handler
+        super().ready()
--- a/apps/assets/const.py
+++ b/apps/assets/const.py
@@ -0,0 +1,38 @@
+# -*- coding: utf-8 -*-
+#
+
+UPDATE_ASSETS_HARDWARE_TASKS = [
+   {
+       'name': "setup",
+       'action': {
+           'module': 'setup'
+       }
+   }
+]
+
+ADMIN_USER_CONN_CACHE_KEY = "ADMIN_USER_CONN_{}"
+TEST_ADMIN_USER_CONN_TASKS = [
+    {
+        "name": "ping",
+        "action": {
+            "module": "ping",
+        }
+    }
+]
+
+ASSET_ADMIN_CONN_CACHE_KEY = "ASSET_ADMIN_USER_CONN_{}"
+
+SYSTEM_USER_CONN_CACHE_KEY = "SYSTEM_USER_CONN_{}"
+TEST_SYSTEM_USER_CONN_TASKS = [
+   {
+       "name": "ping",
+       "action": {
+           "module": "ping",
+       }
+   }
+]
+
+TASK_OPTIONS = {
+    'timeout': 10,
+    'forks': 10,
+}
--- a/apps/assets/forms.py
+++ b/apps/assets/forms.py
@@ -1,361 +0,0 @@
-# coding:utf-8
-from django import forms
-from django.utils.translation import gettext_lazy as _
-
-from .models import IDC, Asset, AssetGroup, AdminUser, SystemUser
-from common.utils import validate_ssh_private_key, ssh_pubkey_gen, ssh_key_gen, get_logger
-
-
-logger = get_logger(__file__)
-
-
-class AssetCreateForm(forms.ModelForm):
-    class Meta:
-        model = Asset
-        fields = [
-            'hostname', 'ip', 'public_ip', 'port', 'type', 'comment',
-            'admin_user', 'idc', 'groups', 'status', 'env', 'is_active'
-        ]
-        widgets = {
-            'groups': forms.SelectMultiple(
-                attrs={'class': 'select2',
-                       'data-placeholder': _('Select asset groups')}),
-            'admin_user': forms.Select(
-                attrs={'class': 'select2',
-                       'data-placeholder': _('Select asset admin user')}),
-        }
-        help_texts = {
-            'hostname': '* required',
-            'ip': '* required',
-            'system_users': _('System user will be granted for user to login '
-                              'assets (using ansible create automatic)'),
-            'admin_user': _('Admin user should be exist on asset already, '
-                            'And have sudo ALL permission'),
-        }
-
-    def clean_admin_user(self):
-        if not self.cleaned_data['admin_user']:
-            raise forms.ValidationError(_('Select admin user'))
-        return self.cleaned_data['admin_user']
-
-
-class AssetUpdateForm(forms.ModelForm):
-    class Meta:
-        model = Asset
-        fields = [
-            'hostname', 'ip', 'port', 'groups', 'admin_user', 'idc', 'is_active',
-            'type', 'env', 'status', 'public_ip', 'remote_card_ip', 'cabinet_no',
-            'cabinet_pos', 'number', 'comment'
-        ]
-        widgets = {
-            'groups': forms.SelectMultiple(
-                attrs={'class': 'select2',
-                       'data-placeholder': _('Select asset groups')}),
-            'admin_user': forms.Select(
-                attrs={'class': 'select2',
-                       'data-placeholder': _('Select asset admin user')}),
-        }
-        help_texts = {
-            'hostname': '* required',
-            'ip': '* required',
-            'system_users': _('System user will be granted for user '
-                              'to login assets (using ansible create automatic)'),
-            'admin_user': _('Admin user should be exist on asset '
-                            'already, And have sudo ALL permission'),
-        }
-
-
-class AssetBulkUpdateForm(forms.ModelForm):
-    assets = forms.MultipleChoiceField(
-        required=True,
-        help_text='* required',
-        label=_('Select assets'),
-        widget=forms.SelectMultiple(
-            attrs={
-                'class': 'select2',
-                'data-placeholder': _('Select assets')
-            }
-        )
-    )
-    port = forms.IntegerField(min_value=1, max_value=65535,
-                              required=False, label=_('Port'))
-
-    class Meta:
-        model = Asset
-        fields = [
-            'assets', 'port', 'groups', 'admin_user', 'idc',
-            'type', 'env', 'status',
-        ]
-        widgets = {
-            'groups': forms.SelectMultiple(
-                attrs={'class': 'select2',
-                       'data-placeholder': _('Select asset groups')}),
-            'admin_user': forms.Select(
-                attrs={'class': 'select2',
-                       'data-placeholder': _('Select asset admin user')}),
-        }
-
-    def save(self, commit=True):
-        cleaned_data = {k: v for k, v in self.cleaned_data.items() if v is not None}
-        assets_id = cleaned_data.pop('assets')
-        groups = cleaned_data.pop('groups')
-        assets = Asset.objects.filter(id__in=assets_id)
-        assets.update(**cleaned_data)
-        if groups:
-            for asset in assets:
-                asset.groups.set(groups)
-        return assets
-
-
-class AssetGroupForm(forms.ModelForm):
-    # See AdminUserForm comment same it
-    assets = forms.ModelMultipleChoiceField(
-        queryset=Asset.objects.all(),
-        label=_('Asset'),
-        required=False,
-        widget=forms.SelectMultiple(
-            attrs={'class': 'select2', 'data-placeholder': _('Select assets')})
-        )
-
-    def __init__(self, *args, **kwargs):
-        if kwargs.get('instance', None):
-            initial = kwargs.get('initial', {})
-            initial['assets'] = kwargs['instance'].assets.all()
-        super(AssetGroupForm, self).__init__(*args, **kwargs)
-
-    def _save_m2m(self):
-        super(AssetGroupForm, self)._save_m2m()
-        assets = self.cleaned_data['assets']
-        self.instance.assets.clear()
-        self.instance.assets.add(*tuple(assets))
-
-    class Meta:
-        model = AssetGroup
-        fields = [
-            "name", "comment",
-        ]
-        help_texts = {
-            'name': '* required',
-        }
-
-
-class IDCForm(forms.ModelForm):
-    # See AdminUserForm comment same it
-    assets = forms.ModelMultipleChoiceField(
-        queryset=Asset.objects.all(),
-        label=_('Asset'),
-        required=False,
-        widget=forms.SelectMultiple(
-            attrs={'class': 'select2', 'data-placeholder': _('Select assets')})
-        )
-
-    def __init__(self, *args, **kwargs):
-        if kwargs.get('instance'):
-            initial = kwargs.get('initial', {})
-            initial['assets'] = kwargs['instance'].assets.all()
-        super(IDCForm, self).__init__(*args, **kwargs)
-
-    def _save_m2m(self):
-        super(IDCForm, self)._save_m2m()
-        assets = self.cleaned_data['assets']
-        self.instance.assets.clear()
-        self.instance.assets.add(*tuple(assets))
-
-    class Meta:
-        model = IDC
-        fields = ['name', "bandwidth", "operator", 'contact',
-                  'phone', 'address', 'intranet', 'extranet', 'comment']
-        widgets = {
-            'name': forms.TextInput(attrs={'placeholder': _('Name')}),
-            'intranet': forms.Textarea(
-                attrs={'placeholder': 'IP段之间用逗号隔开，如：192.168.1.0/24,192.168.1.0/24'}),
-            'extranet': forms.Textarea(
-                attrs={'placeholder': 'IP段之间用逗号隔开，如：201.1.32.1/24,202.2.32.1/24'})
-        }
-        help_texts = {
-            'name': '* required'
-        }
-
-
-class AdminUserForm(forms.ModelForm):
-    # Form field name can not start with `_`, so redefine it,
-    password = forms.CharField(
-        widget=forms.PasswordInput, max_length=100,
-        strip=True, required=False,
-        help_text=_('If also set private key, use that first'),
-    )
-    # Need use upload private key file except paste private key content
-    private_key_file = forms.FileField(required=False)
-
-    def save(self, commit=True):
-        # Because we define custom field, so we need rewrite :method: `save`
-        admin_user = super(AdminUserForm, self).save(commit=commit)
-        password = self.cleaned_data['password']
-        private_key = self.cleaned_data['private_key_file']
-
-        if password:
-            admin_user.password = password
-        if private_key:
-            public_key = ssh_pubkey_gen(private_key)
-            admin_user.private_key = private_key
-            admin_user.public_key = public_key
-        admin_user.save()
-        return admin_user
-
-    def clean_private_key_file(self):
-        private_key_file = self.cleaned_data['private_key_file']
-        if private_key_file:
-            private_key = private_key_file.read()
-            if not validate_ssh_private_key(private_key):
-                raise forms.ValidationError(_('Invalid private key'))
-            return private_key
-        return private_key_file
-
-    def clean(self):
-        password = self.cleaned_data['password']
-        private_key_file = self.cleaned_data.get('private_key_file', '')
-
-        if not self.instance and not (password or private_key_file):
-            raise forms.ValidationError(
-                _('Password and private key file must be input one'))
-
-    class Meta:
-        model = AdminUser
-        fields = ['name', 'username', 'password',
-                  'private_key_file', 'comment']
-        widgets = {
-            'name': forms.TextInput(attrs={'placeholder': _('Name')}),
-            'username': forms.TextInput(attrs={'placeholder': _('Username')}),
-        }
-        help_texts = {
-            'name': '* required',
-            'username': '* required',
-        }
-
-
-class SystemUserForm(forms.ModelForm):
-    # Admin user assets define, let user select, save it in form not in view
-    auto_generate_key = forms.BooleanField(initial=True, required=False)
-    # Form field name can not start with `_`, so redefine it,
-    password = forms.CharField(widget=forms.PasswordInput, required=False,
-                               max_length=100, strip=True)
-    # Need use upload private key file except paste private key content
-    private_key_file = forms.FileField(required=False)
-
-    def __init__(self, *args, **kwargs):
-        super(SystemUserForm, self).__init__(*args, **kwargs)
-
-    def save(self, commit=True):
-        # Because we define custom field, so we need rewrite :method: `save`
-        system_user = super(SystemUserForm, self).save(commit=commit)
-        password = self.cleaned_data['password']
-        private_key_file = self.cleaned_data.get('private_key_file')
-
-        if system_user.auth_method == 'P':
-            if password:
-                system_user.password = password
-        elif system_user.auth_method == 'K':
-            if self.cleaned_data['auto_generate_key']:
-                private_key, public_key = ssh_key_gen(username=system_user.name)
-                logger.info('Generate private key and public key')
-            else:
-                private_key = private_key_file.read().strip()
-                public_key = ssh_pubkey_gen(private_key=private_key)
-            system_user.private_key = private_key
-            system_user.public_key = public_key
-        system_user.save()
-        return self.instance
-
-    def clean_private_key_file(self):
-        if self.data['auth_method'] == 'K' and \
-                not self.cleaned_data['auto_generate_key']:
-            if not self.cleaned_data['private_key_file']:
-                raise forms.ValidationError(_('Private key required'))
-            else:
-                key_string = self.cleaned_data['private_key_file'].read()
-                self.cleaned_data['private_key_file'].seek(0)
-                if not validate_ssh_private_key(key_string):
-                    raise forms.ValidationError(_('Invalid private key'))
-        return self.cleaned_data['private_key_file']
-
-    def clean_password(self):
-        if self.data['auth_method'] == 'P':
-            if not self.cleaned_data.get('password'):
-                raise forms.ValidationError(_('Password required'))
-        return self.cleaned_data['password']
-
-    class Meta:
-        model = SystemUser
-        fields = [
-            'name', 'username', 'protocol', 'auto_generate_key', 'password',
-            'private_key_file', 'auth_method', 'auto_push', 'sudo',
-            'comment', 'shell'
-        ]
-        widgets = {
-            'name': forms.TextInput(attrs={'placeholder': _('Name')}),
-            'username': forms.TextInput(attrs={'placeholder': _('Username')}),
-        }
-        help_texts = {
-            'name': '* required',
-            'username': '* required',
-            'auto_push': 'Auto push system user to asset',
-        }
-
-
-class SystemUserUpdateForm(forms.ModelForm):
-    # Admin user assets define, let user select, save it in form not in view
-    auto_generate_key = forms.BooleanField(initial=False, required=False)
-    # Form field name can not start with `_`, so redefine it,
-    password = forms.CharField(widget=forms.PasswordInput, required=False,
-                               max_length=100, strip=True)
-    # Need use upload private key file except paste private key content
-    private_key_file = forms.FileField(required=False)
-
-    def __init__(self, *args, **kwargs):
-        super(SystemUserUpdateForm, self).__init__(*args, **kwargs)
-
-    def save(self, commit=True):
-        # Because we define custom field, so we need rewrite :method: `save`
-        system_user = super(SystemUserUpdateForm, self).save(commit=commit)
-        password = self.cleaned_data['password']
-        private_key_file = self.cleaned_data.get('private_key_file')
-
-        if system_user.auth_method == 'P' and password:
-            system_user.password = password
-        elif system_user.auth_method == 'K' and private_key_file:
-            private_key = private_key_file.read().strip()
-            public_key = ssh_pubkey_gen(private_key=private_key)
-            system_user.private_key = private_key
-            system_user.public_key = public_key
-        system_user.save()
-        return self.instance
-
-    def clean_private_key_file(self):
-        if self.data['auth_method'] == 'K' and self.cleaned_data['private_key_file']:
-            key_string = self.cleaned_data['private_key_file'].read()
-            self.cleaned_data['private_key_file'].seek(0)
-            if not validate_ssh_private_key(key_string):
-                raise forms.ValidationError(_('Invalid private key'))
-        return self.cleaned_data['private_key_file']
-
-    class Meta:
-        model = SystemUser
-        fields = [
-            'name', 'username', 'protocol', 'auto_generate_key', 'password',
-            'private_key_file', 'auth_method', 'auto_push', 'sudo',
-            'comment', 'shell'
-        ]
-        widgets = {
-            'name': forms.TextInput(attrs={'placeholder': _('Name')}),
-            'username': forms.TextInput(attrs={'placeholder': _('Username')}),
-        }
-        help_texts = {
-            'name': '* required',
-            'username': '* required',
-            'auto_push': 'Auto push system user to asset',
-        }
-
-
-
-class FileForm(forms.Form):
-    file = forms.FileField()
--- a/apps/assets/forms/init.py
+++ b/apps/assets/forms/init.py
@@ -0,0 +1,6 @@
+# -*- coding: utf-8 -*-
+#
+from .asset import *
+from .label import *
+from .user import *
+from .domain import *
--- a/apps/assets/forms/asset.py
+++ b/apps/assets/forms/asset.py
@@ -0,0 +1,152 @@
+# -*- coding: utf-8 -*-
+#
+from django import forms
+from django.utils.translation import gettext_lazy as _
+
+from ..models import Asset, AdminUser
+from common.utils import get_logger
+
+logger = get_logger(__file__)
+__all__ = ['AssetCreateForm', 'AssetUpdateForm', 'AssetBulkUpdateForm']
+
+
+class AssetCreateForm(forms.ModelForm):
+    class Meta:
+        model = Asset
+        fields = [
+            'hostname', 'ip', 'public_ip', 'port',  'comment',
+            'nodes', 'is_active', 'admin_user', 'labels', 'platform',
+            'domain',
+
+        ]
+        widgets = {
+            'nodes': forms.SelectMultiple(attrs={
+                'class': 'select2', 'data-placeholder': _('Nodes')
+            }),
+            'admin_user': forms.Select(attrs={
+                'class': 'select2', 'data-placeholder': _('Admin user')
+            }),
+            'labels': forms.SelectMultiple(attrs={
+                'class': 'select2', 'data-placeholder': _('Label')
+            }),
+            'port': forms.TextInput(),
+            'domain': forms.Select(attrs={
+                'class': 'select2', 'data-placeholder': _('Domain')
+            }),
+        }
+        labels = {
+            'nodes': _("Node"),
+        }
+        help_texts = {
+            'hostname': '* required',
+            'ip': '* required',
+            'port': '* required',
+            'admin_user': _(
+                'root or other NOPASSWD sudo privilege user existed in asset,'
+                'If asset is windows or other set any one, more see admin user left menu'
+            ),
+            'platform': _("* required Must set exact system platform, Windows, Linux ..."),
+            'domain': _("If your have some network not connect with each other, you can set domain")
+        }
+
+
+class AssetUpdateForm(forms.ModelForm):
+    class Meta:
+        model = Asset
+        fields = [
+            'hostname', 'ip', 'port', 'nodes',  'is_active', 'platform',
+            'public_ip', 'number', 'comment', 'admin_user', 'labels',
+            'domain',
+        ]
+        widgets = {
+            'nodes': forms.SelectMultiple(attrs={
+                'class': 'select2', 'data-placeholder': _('Node')
+            }),
+            'admin_user': forms.Select(attrs={
+                'class': 'select2', 'data-placeholder': _('Admin user')
+            }),
+            'labels': forms.SelectMultiple(attrs={
+                'class': 'select2', 'data-placeholder': _('Label')
+            }),
+            'port': forms.TextInput(),
+            'domain': forms.Select(attrs={
+                'class': 'select2', 'data-placeholder': _('Domain')
+            }),
+        }
+        labels = {
+            'nodes': _("Node"),
+        }
+        help_texts = {
+            'hostname': '* required',
+            'ip': '* required',
+            'port': '* required',
+            'cluster': '* required',
+            'admin_user': _(
+                'root or other NOPASSWD sudo privilege user existed in asset,'
+                'If asset is windows or other set any one, more see admin user left menu'
+            ),
+            'platform': _("* required Must set exact system platform, Windows, Linux ..."),
+            'domain': _("If your have some network not connect with each other, you can set domain")
+        }
+
+
+class AssetBulkUpdateForm(forms.ModelForm):
+    assets = forms.ModelMultipleChoiceField(
+        required=True, help_text='* required',
+        label=_('Select assets'), queryset=Asset.objects.all(),
+        widget=forms.SelectMultiple(
+            attrs={
+                'class': 'select2',
+                'data-placeholder': _('Select assets')
+            }
+        )
+    )
+    port = forms.IntegerField(
+        label=_('Port'), required=False, min_value=1, max_value=65535,
+    )
+    admin_user = forms.ModelChoiceField(
+        required=False, queryset=AdminUser.objects.all(),
+        label=_("Admin user"),
+        widget=forms.Select(
+            attrs={
+                'class': 'select2',
+                'data-placeholder': _('Admin user')
+            }
+        )
+    )
+
+    class Meta:
+        model = Asset
+        fields = [
+            'assets', 'port',  'admin_user', 'labels', 'nodes', 'platform'
+        ]
+        widgets = {
+            'labels': forms.SelectMultiple(
+                attrs={'class': 'select2', 'data-placeholder': _('Label')}
+            ),
+            'nodes': forms.SelectMultiple(
+                attrs={'class': 'select2', 'data-placeholder': _('Node')}
+            ),
+        }
+
+    def save(self, commit=True):
+        changed_fields = []
+        for field in self._meta.fields:
+            if self.data.get(field) not in [None, '']:
+                changed_fields.append(field)
+
+        cleaned_data = {k: v for k, v in self.cleaned_data.items()
+                        if k in changed_fields}
+        assets = cleaned_data.pop('assets')
+        labels = cleaned_data.pop('labels', [])
+        nodes = cleaned_data.pop('nodes')
+        assets = Asset.objects.filter(id__in=[asset.id for asset in assets])
+        assets.update(**cleaned_data)
+
+        if labels:
+            for label in labels:
+                label.assets.add(*tuple(assets))
+        if nodes:
+            for node in nodes:
+                node.assets.add(*tuple(assets))
+        return assets
--- a/apps/assets/forms/domain.py
+++ b/apps/assets/forms/domain.py
@@ -0,0 +1,60 @@
+# -*- coding: utf-8 -*-
+#
+from django import forms
+from django.utils.translation import gettext_lazy as _
+
+from ..models import Domain, Asset, Gateway
+from .user import PasswordAndKeyAuthForm
+
+__all__ = ['DomainForm', 'GatewayForm']
+
+
+class DomainForm(forms.ModelForm):
+    assets = forms.ModelMultipleChoiceField(
+        queryset=Asset.objects.all(), label=_('Asset'), required=False,
+        widget=forms.SelectMultiple(
+            attrs={'class': 'select2', 'data-placeholder': _('Select assets')}
+        )
+    )
+
+    class Meta:
+        model = Domain
+        fields = ['name', 'comment', 'assets']
+
+    def __init__(self, *args, **kwargs):
+        if kwargs.get('instance', None):
+            initial = kwargs.get('initial', {})
+            initial['assets'] = kwargs['instance'].assets.all()
+        super().__init__(*args, **kwargs)
+
+    def save(self, commit=True):
+        instance = super().save(commit=commit)
+        assets = self.cleaned_data['assets']
+        instance.assets.set(assets)
+        return instance
+
+
+class GatewayForm(PasswordAndKeyAuthForm):
+
+    def save(self, commit=True):
+        # Because we define custom field, so we need rewrite :method: `save`
+        instance = super().save()
+        password = self.cleaned_data.get('password')
+        private_key, public_key = super().gen_keys()
+        instance.set_auth(password=password, private_key=private_key)
+        return instance
+
+    class Meta:
+        model = Gateway
+        fields = [
+            'name', 'ip', 'port', 'username', 'protocol', 'domain', 'password',
+            'private_key_file',  'is_active', 'comment',
+        ]
+        widgets = {
+            'name': forms.TextInput(attrs={'placeholder': _('Name')}),
+            'username': forms.TextInput(attrs={'placeholder': _('Username')}),
+        }
+        help_texts = {
+            'name': '* required',
+            'username': '* required',
+        }
--- a/apps/assets/forms/label.py
+++ b/apps/assets/forms/label.py
@@ -0,0 +1,33 @@
+# -*- coding: utf-8 -*-
+#
+from django import forms
+from django.utils.translation import gettext_lazy as _
+
+from ..models import Label, Asset
+
+__all__ = ['LabelForm']
+
+
+class LabelForm(forms.ModelForm):
+    assets = forms.ModelMultipleChoiceField(
+        queryset=Asset.objects.all(), label=_('Asset'), required=False,
+        widget=forms.SelectMultiple(
+            attrs={'class': 'select2', 'data-placeholder': _('Select assets')}
+        )
+    )
+
+    class Meta:
+        model = Label
+        fields = ['name', 'value', 'assets']
+
+    def __init__(self, *args, **kwargs):
+        if kwargs.get('instance', None):
+            initial = kwargs.get('initial', {})
+            initial['assets'] = kwargs['instance'].assets.all()
+        super().__init__(*args, **kwargs)
+
+    def save(self, commit=True):
+        label = super().save(commit=commit)
+        assets = self.cleaned_data['assets']
+        label.assets.set(assets)
+        return label
--- a/apps/assets/forms/user.py
+++ b/apps/assets/forms/user.py
@@ -0,0 +1,128 @@
+# -*- coding: utf-8 -*-
+#
+from django import forms
+from django.utils.translation import gettext_lazy as _
+
+from ..models import AdminUser, SystemUser
+from common.utils import validate_ssh_private_key, ssh_pubkey_gen, get_logger
+
+logger = get_logger(__file__)
+__all__ = [
+    'FileForm', 'SystemUserForm', 'AdminUserForm', 'PasswordAndKeyAuthForm',
+]
+
+
+class FileForm(forms.Form):
+    file = forms.FileField()
+
+
+class PasswordAndKeyAuthForm(forms.ModelForm):
+    # Form field name can not start with `_`, so redefine it,
+    password = forms.CharField(
+        widget=forms.PasswordInput, max_length=128,
+        strip=True, required=False,
+        help_text=_('Password or private key passphrase'),
+        label=_("Password"),
+    )
+    # Need use upload private key file except paste private key content
+    private_key_file = forms.FileField(required=False, label=_("Private key"))
+
+    def clean_private_key_file(self):
+        private_key_file = self.cleaned_data['private_key_file']
+        password = self.cleaned_data['password']
+
+        if private_key_file:
+            key_string = private_key_file.read()
+            private_key_file.seek(0)
+            if not validate_ssh_private_key(key_string, password):
+                raise forms.ValidationError(_('Invalid private key'))
+        return private_key_file
+
+    def validate_password_key(self):
+        password = self.cleaned_data['password']
+        private_key_file = self.cleaned_data.get('private_key_file', '')
+
+        if not password and not private_key_file:
+            raise forms.ValidationError(_(
+                'Password and private key file must be input one'
+            ))
+
+    def gen_keys(self):
+        password = self.cleaned_data.get('password', '') or None
+        private_key_file = self.cleaned_data['private_key_file']
+        public_key = private_key = None
+
+        if private_key_file:
+            private_key = private_key_file.read().strip().decode('utf-8')
+            public_key = ssh_pubkey_gen(private_key=private_key, password=password)
+        return private_key, public_key
+
+
+class AdminUserForm(PasswordAndKeyAuthForm):
+    def save(self, commit=True):
+        # Because we define custom field, so we need rewrite :method: `save`
+        admin_user = super().save(commit=commit)
+        password = self.cleaned_data.get('password', '') or None
+        private_key, public_key = super().gen_keys()
+        admin_user.set_auth(password=password, public_key=public_key, private_key=private_key)
+        return admin_user
+
+    def clean(self):
+        super().clean()
+        if not self.instance:
+            super().validate_password_key()
+
+    class Meta:
+        model = AdminUser
+        fields = ['name', 'username', 'password', 'private_key_file', 'comment']
+        widgets = {
+            'name': forms.TextInput(attrs={'placeholder': _('Name')}),
+            'username': forms.TextInput(attrs={'placeholder': _('Username')}),
+        }
+        help_texts = {
+            'name': '* required',
+            'username': '* required',
+        }
+
+
+class SystemUserForm(PasswordAndKeyAuthForm):
+    # Admin user assets define, let user select, save it in form not in view
+    auto_generate_key = forms.BooleanField(initial=True, required=False)
+
+    def save(self, commit=True):
+        # Because we define custom field, so we need rewrite :method: `save`
+        system_user = super().save()
+        password = self.cleaned_data.get('password', '') or None
+        auto_generate_key = self.cleaned_data.get('auto_generate_key', False)
+        private_key, public_key = super().gen_keys()
+
+        if auto_generate_key:
+            logger.info('Auto generate key and set system user auth')
+            system_user.auto_gen_auth()
+        else:
+            system_user.set_auth(password=password, private_key=private_key, public_key=public_key)
+        return system_user
+
+    def clean(self):
+        super().clean()
+        auto_generate = self.cleaned_data.get('auto_generate_key')
+        if not self.instance and not auto_generate:
+            super().validate_password_key()
+
+    class Meta:
+        model = SystemUser
+        fields = [
+            'name', 'username', 'protocol', 'auto_generate_key',
+            'password', 'private_key_file', 'auto_push', 'sudo',
+            'comment', 'shell', 'priority',
+        ]
+        widgets = {
+            'name': forms.TextInput(attrs={'placeholder': _('Name')}),
+            'username': forms.TextInput(attrs={'placeholder': _('Username')}),
+        }
+        help_texts = {
+            'name': '* required',
+            'username': '* required',
+            'auto_push': _('Auto push system user to asset'),
+            'priority': _('High level will be using login asset as default, if user was granted more than 2 system user'),
+        }
--- a/apps/assets/hands.py
+++ b/apps/assets/hands.py
@@ -6,13 +6,12 @@

    Other module of this app shouldn't connect with other app.

-    :copyright: (c) 2014-2017 by Jumpserver Team.
+    :copyright: (c) 2014-2018 by Jumpserver Team.
    :license: GPL v2, see LICENSE for more details.
 """


-from users.utils import AdminUserRequiredMixin
-from users.permissions import IsAppUser, IsSuperUser, IsValidUser
+from common.mixins import AdminUserRequiredMixin
+from common.permissions import IsAppUser, IsSuperUser, IsValidUser, IsSuperUserOrAppUser
 from users.models import User, UserGroup
-from perms.utils import get_user_granted_assets
-from perms.tasks import push_users
+from perms.utils import NodePermissionUtil
--- a/apps/assets/migrations/0001_initial.py
+++ b/apps/assets/migrations/0001_initial.py
@@ -0,0 +1,168 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.11 on 2017-12-21 16:06
+from __future__ import unicode_literals
+
+import assets.models.utils
+from django.db import migrations, models
+import django.db.models.deletion
+import uuid
+
+
+def add_default_group(apps, schema_editor):
+    group_model = apps.get_model("assets", "AssetGroup")
+    db_alias = schema_editor.connection.alias
+    group_model.objects.using(db_alias).create(
+        name="Default"
+    )
+
+
+def add_default_cluster(apps, schema_editor):
+    cluster_model = apps.get_model("assets", "Cluster")
+    db_alias = schema_editor.connection.alias
+    cluster_model.objects.using(db_alias).create(
+        name="Default"
+    )
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = [
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='AdminUser',
+            fields=[
+                ('id', models.UUIDField(default=uuid.uuid4, primary_key=True, serialize=False)),
+                ('name', models.CharField(max_length=128, unique=True, verbose_name='Name')),
+                ('username', models.CharField(max_length=16, verbose_name='Username')),
+                ('_password', models.CharField(blank=True, max_length=256, null=True, verbose_name='Password')),
+                ('_private_key', models.TextField(blank=True, max_length=4096, null=True, validators=[assets.models.utils.private_key_validator], verbose_name='SSH private key')),
+                ('_public_key', models.TextField(blank=True, max_length=4096, verbose_name='SSH public key')),
+                ('comment', models.TextField(blank=True, verbose_name='Comment')),
+                ('date_created', models.DateTimeField(auto_now_add=True)),
+                ('date_updated', models.DateTimeField(auto_now=True)),
+                ('created_by', models.CharField(max_length=32, null=True, verbose_name='Created by')),
+                ('become', models.BooleanField(default=True)),
+                ('become_method', models.CharField(choices=[('sudo', 'sudo'), ('su', 'su')], default='sudo', max_length=4)),
+                ('become_user', models.CharField(default='root', max_length=64)),
+                ('_become_pass', models.CharField(default='', max_length=128)),
+            ],
+            options={
+                'ordering': ['name'],
+            },
+        ),
+        migrations.CreateModel(
+            name='Asset',
+            fields=[
+                ('id', models.UUIDField(default=uuid.uuid4, primary_key=True, serialize=False)),
+                ('ip', models.GenericIPAddressField(db_index=True, verbose_name='IP')),
+                ('hostname', models.CharField(max_length=128, unique=True, verbose_name='Hostname')),
+                ('port', models.IntegerField(default=22, verbose_name='Port')),
+                ('is_active', models.BooleanField(default=True, verbose_name='Is active')),
+                ('type', models.CharField(blank=True, choices=[('Server', 'Server'), ('VM', 'VM'), ('Switch', 'Switch'), ('Router', 'Router'), ('Firewall', 'Firewall'), ('Storage', 'Storage')], default='Server', max_length=16, null=True, verbose_name='Asset type')),
+                ('env', models.CharField(blank=True, choices=[('Prod', 'Production'), ('Dev', 'Development'), ('Test', 'Testing')], default='Prod', max_length=8, null=True, verbose_name='Asset environment')),
+                ('status', models.CharField(blank=True, choices=[('In use', 'In use'), ('Out of use', 'Out of use')], default='In use', max_length=12, null=True, verbose_name='Asset status')),
+                ('public_ip', models.GenericIPAddressField(blank=True, null=True, verbose_name='Public IP')),
+                ('remote_card_ip', models.CharField(blank=True, max_length=16, null=True, verbose_name='Remote control card IP')),
+                ('cabinet_no', models.CharField(blank=True, max_length=32, null=True, verbose_name='Cabinet number')),
+                ('cabinet_pos', models.IntegerField(blank=True, null=True, verbose_name='Cabinet position')),
+                ('number', models.CharField(blank=True, max_length=32, null=True, verbose_name='Asset number')),
+                ('vendor', models.CharField(blank=True, max_length=64, null=True, verbose_name='Vendor')),
+                ('model', models.CharField(blank=True, max_length=54, null=True, verbose_name='Model')),
+                ('sn', models.CharField(blank=True, max_length=128, null=True, verbose_name='Serial number')),
+                ('cpu_model', models.CharField(blank=True, max_length=64, null=True, verbose_name='CPU model')),
+                ('cpu_count', models.IntegerField(null=True, verbose_name='CPU count')),
+                ('cpu_cores', models.IntegerField(null=True, verbose_name='CPU cores')),
+                ('memory', models.CharField(blank=True, max_length=64, null=True, verbose_name='Memory')),
+                ('disk_total', models.CharField(blank=True, max_length=1024, null=True, verbose_name='Disk total')),
+                ('disk_info', models.CharField(blank=True, max_length=1024, null=True, verbose_name='Disk info')),
+                ('platform', models.CharField(blank=True, max_length=128, null=True, verbose_name='Platform')),
+                ('os', models.CharField(blank=True, max_length=128, null=True, verbose_name='OS')),
+                ('os_version', models.CharField(blank=True, max_length=16, null=True, verbose_name='OS version')),
+                ('os_arch', models.CharField(blank=True, max_length=16, null=True, verbose_name='OS arch')),
+                ('hostname_raw', models.CharField(blank=True, max_length=128, null=True, verbose_name='Hostname raw')),
+                ('created_by', models.CharField(blank=True, max_length=32, null=True, verbose_name='Created by')),
+                ('date_created', models.DateTimeField(auto_now_add=True, null=True, verbose_name='Date created')),
+                ('comment', models.TextField(blank=True, default='', max_length=128, verbose_name='Comment')),
+                ('admin_user', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, to='assets.AdminUser', verbose_name='Admin user')),
+            ],
+        ),
+        migrations.CreateModel(
+            name='AssetGroup',
+            fields=[
+                ('id', models.UUIDField(default=uuid.uuid4, primary_key=True, serialize=False)),
+                ('name', models.CharField(max_length=64, unique=True, verbose_name='Name')),
+                ('created_by', models.CharField(blank=True, max_length=32, verbose_name='Created by')),
+                ('date_created', models.DateTimeField(auto_now_add=True, null=True, verbose_name='Date created')),
+                ('comment', models.TextField(blank=True, verbose_name='Comment')),
+            ],
+            options={
+                'ordering': ['name'],
+            },
+        ),
+        migrations.CreateModel(
+            name='Cluster',
+            fields=[
+                ('id', models.UUIDField(default=uuid.uuid4, primary_key=True, serialize=False)),
+                ('name', models.CharField(max_length=32, verbose_name='Name')),
+                ('bandwidth', models.CharField(blank=True, max_length=32, verbose_name='Bandwidth')),
+                ('contact', models.CharField(blank=True, max_length=128, verbose_name='Contact')),
+                ('phone', models.CharField(blank=True, max_length=32, verbose_name='Phone')),
+                ('address', models.CharField(blank=True, max_length=128, verbose_name='Address')),
+                ('intranet', models.TextField(blank=True, verbose_name='Intranet')),
+                ('extranet', models.TextField(blank=True, verbose_name='Extranet')),
+                ('date_created', models.DateTimeField(auto_now_add=True, null=True, verbose_name='Date created')),
+                ('operator', models.CharField(blank=True, max_length=32, verbose_name='Operator')),
+                ('created_by', models.CharField(blank=True, max_length=32, verbose_name='Created by')),
+                ('comment', models.TextField(blank=True, verbose_name='Comment')),
+                ('admin_user', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, to='assets.AdminUser', verbose_name='Admin user')),
+            ],
+            options={
+                'ordering': ['name'],
+            },
+        ),
+        migrations.CreateModel(
+            name='SystemUser',
+            fields=[
+                ('id', models.UUIDField(default=uuid.uuid4, primary_key=True, serialize=False)),
+                ('name', models.CharField(max_length=128, unique=True, verbose_name='Name')),
+                ('username', models.CharField(max_length=16, verbose_name='Username')),
+                ('_password', models.CharField(blank=True, max_length=256, null=True, verbose_name='Password')),
+                ('_private_key', models.TextField(blank=True, max_length=4096, null=True, validators=[assets.models.utils.private_key_validator], verbose_name='SSH private key')),
+                ('_public_key', models.TextField(blank=True, max_length=4096, verbose_name='SSH public key')),
+                ('comment', models.TextField(blank=True, verbose_name='Comment')),
+                ('date_created', models.DateTimeField(auto_now_add=True)),
+                ('date_updated', models.DateTimeField(auto_now=True)),
+                ('created_by', models.CharField(max_length=32, null=True, verbose_name='Created by')),
+                ('priority', models.IntegerField(default=10, verbose_name='Priority')),
+                ('protocol', models.CharField(choices=[('ssh', 'ssh')], default='ssh', max_length=16, verbose_name='Protocol')),
+                ('auto_push', models.BooleanField(default=True, verbose_name='Auto push')),
+                ('sudo', models.TextField(default='/sbin/ifconfig', verbose_name='Sudo')),
+                ('shell', models.CharField(default='/bin/bash', max_length=64, verbose_name='Shell')),
+                ('cluster', models.ManyToManyField(blank=True, to='assets.Cluster', verbose_name='Cluster')),
+            ],
+            options={
+                'ordering': ['name'],
+            },
+        ),
+        migrations.AddField(
+            model_name='asset',
+            name='cluster',
+            field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='assets', to='assets.Cluster', verbose_name='Cluster'),
+        ),
+        migrations.AddField(
+            model_name='asset',
+            name='groups',
+            field=models.ManyToManyField(blank=True, related_name='assets', to='assets.AssetGroup', verbose_name='Asset groups'),
+        ),
+        migrations.AlterUniqueTogether(
+            name='asset',
+            unique_together=set([('ip', 'port')]),
+        ),
+
+        migrations.RunPython(add_default_cluster),
+        migrations.RunPython(add_default_group),
+    ]
--- a/apps/assets/models/init.py
+++ b/apps/assets/models/init.py
@@ -1,9 +1,11 @@
 #!/usr/bin/env python
 # -*- coding: utf-8 -*-
 #
-
-from .idc import *
-from .user import *
+from .user import AdminUser, SystemUser
+from .label import Label
+from .cluster import *
 from .group import *
+from .domain import *
+from .node import *
 from .asset import *
 from .utils import *
--- a/apps/assets/models/asset.py
+++ b/apps/assets/models/asset.py
@@ -2,69 +2,75 @@
 # -*- coding: utf-8 -*-
 # 

-from __future__ import unicode_literals
+import uuid
+import logging

 from django.db import models
-import logging
 from django.utils.translation import ugettext_lazy as _
+from django.core.cache import cache

-from . import IDC, AssetGroup, AdminUser, SystemUser
+from ..const import ASSET_ADMIN_CONN_CACHE_KEY
+from .user import AdminUser, SystemUser

 __all__ = ['Asset']
 logger = logging.getLogger(__name__)


-def get_default_idc():
-    return IDC.initial()
+def default_cluster():
+    from .cluster import Cluster
+    name = "Default"
+    defaults = {"name": name}
+    cluster, created = Cluster.objects.get_or_create(
+        defaults=defaults, name=name
+    )
+    return cluster.id
+
+
+def default_node():
+    try:
+        from .node import Node
+        return Node.root()
+    except:
+        return None
+
+
+class AssetQuerySet(models.QuerySet):
+    def active(self):
+        return self.filter(is_active=True)
+
+    def valid(self):
+        return self.active()
+
+
+class AssetManager(models.Manager):
+    def get_queryset(self):
+        return AssetQuerySet(self.model, using=self._db)


 class Asset(models.Model):
-    STATUS_CHOICES = (
-        ('In use', _('In use')),
-        ('Out of use', _('Out of use')),
-    )
-    TYPE_CHOICES = (
-        ('Server', _('Server')),
-        ('VM', _('VM')),
-        ('Switch', _('Switch')),
-        ('Router', _('Router')),
-        ('Firewall', _('Firewall')),
-        ('Storage', _("Storage")),
-    )
-    ENV_CHOICES = (
-        ('Prod', 'Production'),
-        ('Dev', 'Development'),
-        ('Test', 'Testing'),
-    )
-
    # Important
+    PLATFORM_CHOICES = (
+        ('Linux', 'Linux'),
+        ('Unix', 'Unix'),
+        ('MacOS', 'MacOS'),
+        ('BSD', 'BSD'),
+        ('Windows', 'Windows'),
+        ('Other', 'Other'),
+    )
+    id = models.UUIDField(default=uuid.uuid4, primary_key=True)
    ip = models.GenericIPAddressField(max_length=32, verbose_name=_('IP'), db_index=True)
    hostname = models.CharField(max_length=128, unique=True, verbose_name=_('Hostname'))
    port = models.IntegerField(default=22, verbose_name=_('Port'))
-    groups = models.ManyToManyField(AssetGroup, blank=True, related_name='assets',
-                                    verbose_name=_('Asset groups'))
-    admin_user = models.ForeignKey(AdminUser, null=True, blank=True, related_name='assets',
-                                   on_delete=models.SET_NULL, verbose_name=_("Admin user"))
-    system_users = models.ManyToManyField(SystemUser, blank=True,
-                                          related_name='assets',
-                                          verbose_name=_("System User"))
-    idc = models.ForeignKey(IDC, blank=True, null=True, related_name='assets',
-                            on_delete=models.SET_NULL, verbose_name=_('IDC'),)
+    platform = models.CharField(max_length=128, choices=PLATFORM_CHOICES, default='Linux', verbose_name=_('Platform'))
+    domain = models.ForeignKey("assets.Domain", null=True, blank=True, related_name='assets', verbose_name=_("Domain"), on_delete=models.SET_NULL)
+    nodes = models.ManyToManyField('assets.Node', default=default_node, related_name='assets', verbose_name=_("Nodes"))
    is_active = models.BooleanField(default=True, verbose_name=_('Is active'))
-    type = models.CharField(choices=TYPE_CHOICES, max_length=16, blank=True, null=True,
-                            default='Server', verbose_name=_('Asset type'),)
-    env = models.CharField(choices=ENV_CHOICES, max_length=8, blank=True, null=True,
-                           default='Prod', verbose_name=_('Asset environment'),)
-    status = models.CharField(choices=STATUS_CHOICES, max_length=12, null=True, blank=True,
-                              default='In use', verbose_name=_('Asset status'))
+
+    # Auth
+    admin_user = models.ForeignKey('assets.AdminUser', on_delete=models.PROTECT, null=True, verbose_name=_("Admin user"))

    # Some information
-    public_ip = models.GenericIPAddressField(max_length=32, blank=True,
-                                             null=True, verbose_name=_('Public IP'))
-    remote_card_ip = models.CharField(max_length=16, null=True, blank=True,
-                                      verbose_name=_('Remote control card IP'))
-    cabinet_no = models.CharField(max_length=32, null=True, blank=True, verbose_name=_('Cabinet number'))
-    cabinet_pos = models.IntegerField(null=True, blank=True, verbose_name=_('Cabinet position'))
+    public_ip = models.GenericIPAddressField(max_length=32, blank=True, null=True, verbose_name=_('Public IP'))
    number = models.CharField(max_length=32, null=True, blank=True, verbose_name=_('Asset number'))

    # Collect
@@ -79,19 +85,20 @@ class Asset(models.Model):
    disk_total = models.CharField(max_length=1024, null=True, blank=True, verbose_name=_('Disk total'))
    disk_info = models.CharField(max_length=1024, null=True, blank=True, verbose_name=_('Disk info'))

-    platform = models.CharField(max_length=128, null=True, blank=True, verbose_name=_('Platform'))
    os = models.CharField(max_length=128, null=True, blank=True, verbose_name=_('OS'))
    os_version = models.CharField(max_length=16, null=True, blank=True, verbose_name=_('OS version'))
    os_arch = models.CharField(max_length=16, blank=True, null=True, verbose_name=_('OS arch'))
    hostname_raw = models.CharField(max_length=128, blank=True, null=True, verbose_name=_('Hostname raw'))

+    labels = models.ManyToManyField('assets.Label', blank=True, related_name='assets', verbose_name=_("Labels"))
    created_by = models.CharField(max_length=32, null=True, blank=True, verbose_name=_('Created by'))
    date_created = models.DateTimeField(auto_now_add=True, null=True, blank=True, verbose_name=_('Date created'))
    comment = models.TextField(max_length=128, default='', blank=True, verbose_name=_('Comment'))

-    def __unicode__(self):
-        return '%s <%s: %s>' % (self.hostname, self.ip, self.port)
-    __str__ = __unicode__
+    objects = AssetManager()
+
+    def __str__(self):
+        return '{0.hostname}({0.ip})'.format(self)

    @property
    def is_valid(self):
@@ -102,34 +109,78 @@ class Asset(models.Model):
            return True, ''
        return False, warning

+    def is_unixlike(self):
+        if self.platform not in ("Windows",):
+            return True
+        else:
+            return False
+
+    def get_nodes(self):
+        from .node import Node
+        return self.nodes.all() or [Node.root()]
+
+    @property
+    def hardware_info(self):
+        if self.cpu_count:
+            return '{} Core {} {}'.format(
+                self.cpu_count * self.cpu_cores,
+                self.memory, self.disk_total
+            )
+        else:
+            return ''
+
+    @property
+    def is_connective(self):
+        if not self.is_unixlike():
+            return True
+        val = cache.get(ASSET_ADMIN_CONN_CACHE_KEY.format(self.hostname))
+        if val == 1:
+            return True
+        else:
+            return False
+
    def to_json(self):
-        return {
+        info = {
            'id': self.id,
            'hostname': self.hostname,
            'ip': self.ip,
            'port': self.port,
        }
+        if self.domain and self.domain.gateway_set.all():
+            info["gateways"] = [d.id for d in self.domain.gateway_set.all()]
+        return info
+
+    def get_auth_info(self):
+        if self.admin_user:
+            return {
+                'username': self.admin_user.username,
+                'password': self.admin_user.password,
+                'private_key': self.admin_user.private_key_file,
+                'become': self.admin_user.become_info,
+            }

    def _to_secret_json(self):
-        """Ansible use it create inventory"""
-        return {
-            'id': self.id,
-            'hostname': self.hostname,
-            'ip': self.ip,
-            'port': self.port,
-            'groups': [group.name for group in self.groups.all()],
-            'username': self.admin_user.username if self.admin_user else '',
-            'password': self.admin_user.password if self.admin_user else '',
-            'private_key': self.admin_user.private_key_file if self.admin_user else None,
-            'become': {
-                'method': self.admin_user.become_method,
-                'user': self.admin_user.become_user,
-                'pass': self.admin_user.become_pass,
-            } if self.admin_user and self.admin_user.become else {},
-        }
+        """
+        Ansible use it create inventory, First using asset user,
+        otherwise using cluster admin user
+
+        Todo: May be move to ops implements it
+        """
+        data = self.to_json()
+        if self.admin_user:
+            admin_user = self.admin_user
+            data.update({
+                'username': admin_user.username,
+                'password': admin_user.password,
+                'private_key': admin_user.private_key_file,
+                'become': admin_user.become_info,
+                'groups': [node.value for node in self.nodes.all()],
+            })
+        return data

    class Meta:
        unique_together = ('ip', 'port')
+        verbose_name = _("Asset")

    @classmethod
    def generate_fake(cls, count=100):
@@ -142,15 +193,12 @@ class Asset(models.Model):
            asset = cls(ip='%s.%s.%s.%s' % (i, i, i, i),
                        hostname=forgery_py.internet.user_name(True),
                        admin_user=choice(AdminUser.objects.all()),
-                        idc=choice(IDC.objects.all()),
                        port=22,
                        created_by='Fake')
            try:
                asset.save()
                asset.system_users = [choice(SystemUser.objects.all()) for i in range(3)]
-                asset.groups = [choice(AssetGroup.objects.all()) for i in range(3)]
                logger.debug('Generate fake asset : %s' % asset.ip)
            except IntegrityError:
                print('Error continue')
                continue
-
--- a/apps/assets/models/base.py
+++ b/apps/assets/models/base.py
@@ -0,0 +1,127 @@
+# -*- coding: utf-8 -*-
+#
+import os
+import uuid
+from hashlib import md5
+
+import sshpubkeys
+from django.db import models
+from django.utils.translation import ugettext_lazy as _
+from django.conf import settings
+
+from common.utils import get_signer, ssh_key_string_to_obj, ssh_key_gen
+from common.validators import alphanumeric
+from .utils import private_key_validator
+
+signer = get_signer()
+
+
+class AssetUser(models.Model):
+    id = models.UUIDField(default=uuid.uuid4, primary_key=True)
+    name = models.CharField(max_length=128, unique=True, verbose_name=_('Name'))
+    username = models.CharField(max_length=32, verbose_name=_('Username'), validators=[alphanumeric])
+    _password = models.CharField(max_length=256, blank=True, null=True, verbose_name=_('Password'))
+    _private_key = models.TextField(max_length=4096, blank=True, null=True, verbose_name=_('SSH private key'), validators=[private_key_validator, ])
+    _public_key = models.TextField(max_length=4096, blank=True, verbose_name=_('SSH public key'))
+    comment = models.TextField(blank=True, verbose_name=_('Comment'))
+    date_created = models.DateTimeField(auto_now_add=True)
+    date_updated = models.DateTimeField(auto_now=True)
+    created_by = models.CharField(max_length=128, null=True, verbose_name=_('Created by'))
+
+    @property
+    def password(self):
+        if self._password:
+            return signer.unsign(self._password)
+        else:
+            return None
+
+    @password.setter
+    def password(self, password_raw):
+        raise AttributeError("Using set_auth do that")
+        # self._password = signer.sign(password_raw)
+
+    @property
+    def private_key(self):
+        if self._private_key:
+            return signer.unsign(self._private_key)
+
+    @private_key.setter
+    def private_key(self, private_key_raw):
+        raise AttributeError("Using set_auth do that")
+        # self._private_key = signer.sign(private_key_raw)
+
+    @property
+    def private_key_obj(self):
+        if self._private_key:
+            key_str = signer.unsign(self._private_key)
+            return ssh_key_string_to_obj(key_str, password=self.password)
+        else:
+            return None
+
+    @property
+    def private_key_file(self):
+        if not self.private_key_obj:
+            return None
+        project_dir = settings.PROJECT_DIR
+        tmp_dir = os.path.join(project_dir, 'tmp')
+        key_str = signer.unsign(self._private_key)
+        key_name = '.' + md5(key_str.encode('utf-8')).hexdigest()
+        key_path = os.path.join(tmp_dir, key_name)
+        if not os.path.exists(key_path):
+            self.private_key_obj.write_private_key_file(key_path)
+            os.chmod(key_path, 0o400)
+        return key_path
+
+    @property
+    def public_key(self):
+        key = signer.unsign(self._public_key)
+        if key:
+            return key
+        else:
+            return None
+
+    @property
+    def public_key_obj(self):
+        if self.public_key:
+            try:
+                return sshpubkeys.SSHKey(self.public_key)
+            except TabError:
+                pass
+        return None
+
+    def set_auth(self, password=None, private_key=None, public_key=None):
+        update_fields = []
+        if password:
+            self._password = signer.sign(password)
+            update_fields.append('_password')
+        if private_key:
+            self._private_key = signer.sign(private_key)
+            update_fields.append('_private_key')
+        if public_key:
+            self._public_key = signer.sign(public_key)
+            update_fields.append('_public_key')
+
+        if update_fields:
+            self.save(update_fields=update_fields)
+
+    def auto_gen_auth(self):
+        password = str(uuid.uuid4())
+        private_key, public_key = ssh_key_gen(
+            username=self.username, password=password
+        )
+        self.set_auth(password=password,
+                      private_key=private_key,
+                      public_key=public_key)
+
+    def _to_secret_json(self):
+        """Push system user use it"""
+        return {
+            'name': self.name,
+            'username': self.username,
+            'password': self.password,
+            'public_key': self.public_key,
+            'private_key': self.private_key_file,
+        }
+
+    class Meta:
+        abstract = True
--- a/apps/assets/models/cluster.py
+++ b/apps/assets/models/cluster.py
@@ -0,0 +1,63 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+#
+
+import logging
+import uuid
+
+from django.db import models
+from django.utils.translation import ugettext_lazy as _
+
+
+__all__ = ['Cluster']
+logger = logging.getLogger(__name__)
+
+
+class Cluster(models.Model):
+    id = models.UUIDField(default=uuid.uuid4, primary_key=True)
+    name = models.CharField(max_length=32, verbose_name=_('Name'))
+    admin_user = models.ForeignKey('assets.AdminUser', null=True, blank=True, on_delete=models.SET_NULL, verbose_name=_("Admin user"))
+    bandwidth = models.CharField(max_length=32, blank=True, verbose_name=_('Bandwidth'))
+    contact = models.CharField(max_length=128, blank=True, verbose_name=_('Contact'))
+    phone = models.CharField(max_length=32, blank=True, verbose_name=_('Phone'))
+    address = models.CharField(max_length=128, blank=True, verbose_name=_("Address"))
+    intranet = models.TextField(blank=True, verbose_name=_('Intranet'))
+    extranet = models.TextField(blank=True, verbose_name=_('Extranet'))
+    date_created = models.DateTimeField(auto_now_add=True, null=True, verbose_name=_('Date created'))
+    operator = models.CharField(max_length=32, blank=True, verbose_name=_('Operator'))
+    created_by = models.CharField(max_length=32, blank=True, verbose_name=_('Created by'))
+    comment = models.TextField(blank=True, verbose_name=_('Comment'))
+
+    def __str__(self):
+        return self.name
+
+    @classmethod
+    def initial(cls):
+        return cls.objects.get_or_create(name=_('Default'), created_by=_('System'), comment=_('Default Cluster'))[0]
+
+    class Meta:
+        ordering = ['name']
+        verbose_name = _("Cluster")
+
+    @classmethod
+    def generate_fake(cls, count=5):
+        from random import seed, choice
+        import forgery_py
+        from django.db import IntegrityError
+
+        seed()
+        for i in range(count):
+            cluster = cls(name=forgery_py.name.full_name(),
+                          bandwidth='200M',
+                          contact=forgery_py.name.full_name(),
+                          phone=forgery_py.address.phone(),
+                          address=forgery_py.address.city() + forgery_py.address.street_address(),
+                          operator=choice(['北京联通', '北京电信', 'BGP全网通']),
+                          comment=forgery_py.lorem_ipsum.sentence(),
+                          created_by='Fake')
+            try:
+                cluster.save()
+                logger.debug('Generate fake asset group: %s' % cluster.name)
+            except IntegrityError:
+                print('Error continue')
+                continue
--- a/apps/assets/models/domain.py
+++ b/apps/assets/models/domain.py
@@ -0,0 +1,52 @@
+# -*- coding: utf-8 -*-
+#
+
+import uuid
+import random
+
+from django.db import models
+from django.utils.translation import ugettext_lazy as _
+
+from .base import AssetUser
+
+__all__ = ['Domain', 'Gateway']
+
+
+class Domain(models.Model):
+    id = models.UUIDField(default=uuid.uuid4, primary_key=True)
+    name = models.CharField(max_length=128, unique=True, verbose_name=_('Name'))
+    comment = models.TextField(blank=True, verbose_name=_('Comment'))
+    date_created = models.DateTimeField(auto_now_add=True, null=True,
+                                        verbose_name=_('Date created'))
+
+    def __str__(self):
+        return self.name
+
+    def has_gateway(self):
+        return self.gateway_set.filter(is_active=True).exists()
+
+    @property
+    def gateways(self):
+        return self.gateway_set.filter(is_active=True)
+
+    def random_gateway(self):
+        return random.choice(self.gateways)
+
+
+class Gateway(AssetUser):
+    SSH_PROTOCOL = 'ssh'
+    RDP_PROTOCOL = 'rdp'
+    PROTOCOL_CHOICES = (
+        (SSH_PROTOCOL, 'ssh'),
+        (RDP_PROTOCOL, 'rdp'),
+    )
+    ip = models.GenericIPAddressField(max_length=32, verbose_name=_('IP'), db_index=True)
+    port = models.IntegerField(default=22, verbose_name=_('Port'))
+    protocol = models.CharField(choices=PROTOCOL_CHOICES, max_length=16, default=SSH_PROTOCOL, verbose_name=_("Protocol"))
+    domain = models.ForeignKey(Domain, verbose_name=_("Domain"))
+    comment = models.CharField(max_length=128, blank=True, null=True, verbose_name=_("Comment"))
+    is_active = models.BooleanField(default=True, verbose_name=_("Is active"))
+
+    def __str__(self):
+        return self.name
+
--- a/apps/assets/models/group.py
+++ b/apps/assets/models/group.py
@@ -4,29 +4,30 @@

 from __future__ import unicode_literals

+import uuid
+
 from django.db import models
 import logging
 from django.utils.translation import ugettext_lazy as _

-from . import SystemUser

 __all__ = ['AssetGroup']
 logger = logging.getLogger(__name__)


 class AssetGroup(models.Model):
+    id = models.UUIDField(default=uuid.uuid4, primary_key=True)
    name = models.CharField(max_length=64, unique=True, verbose_name=_('Name'))
-    system_users = models.ManyToManyField(SystemUser, related_name='asset_groups', blank=True)
-    created_by = models.CharField(max_length=32, blank=True, verbose_name=_('Created by'))
+    created_by = models.CharField(max_length=32, null=True, blank=True, verbose_name=_('Created by'))
    date_created = models.DateTimeField(auto_now_add=True, null=True, verbose_name=_('Date created'))
    comment = models.TextField(blank=True, verbose_name=_('Comment'))

-    def __unicode__(self):
+    def __str__(self):
        return self.name
-    __str__ = __unicode__

    class Meta:
        ordering = ['name']
+        verbose_name = _("Asset group")

    @classmethod
    def initial(cls):
--- a/apps/assets/models/idc.py
+++ b/apps/assets/models/idc.py
@@ -1,69 +0,0 @@
-#!/usr/bin/env python
-# -*- coding: utf-8 -*-
-#
-
-from __future__ import unicode_literals
-
-import logging
-
-from django.db import models
-from django.utils.translation import ugettext_lazy as _
-
-
-__all__ = ['IDC']
-logger = logging.getLogger(__name__)
-
-
-class IDC(models.Model):
-    name = models.CharField(max_length=32, verbose_name=_('Name'))
-    bandwidth = models.CharField(
-        max_length=32, blank=True, verbose_name=_('Bandwidth'))
-    contact = models.CharField(
-        max_length=128, blank=True, verbose_name=_('Contact'))
-    phone = models.CharField(max_length=32, blank=True,
-                             verbose_name=_('Phone'))
-    address = models.CharField(
-        max_length=128, blank=True, verbose_name=_("Address"))
-    intranet = models.TextField(blank=True, verbose_name=_('Intranet'))
-    extranet = models.TextField(blank=True, verbose_name=_('Extranet'))
-    date_created = models.DateTimeField(
-        auto_now_add=True, null=True, verbose_name=_('Date created'))
-    operator = models.CharField(
-        max_length=32, blank=True, verbose_name=_('Operator'))
-    created_by = models.CharField(
-        max_length=32, blank=True, verbose_name=_('Created by'))
-    comment = models.TextField(blank=True, verbose_name=_('Comment'))
-
-    def __unicode__(self):
-        return self.name
-    __str__ = __unicode__
-
-    @classmethod
-    def initial(cls):
-        return cls.objects.get_or_create(name=_('Default'), created_by=_('System'), comment=_('Default IDC'))[0]
-
-    class Meta:
-        ordering = ['name']
-
-    @classmethod
-    def generate_fake(cls, count=5):
-        from random import seed, choice
-        import forgery_py
-        from django.db import IntegrityError
-
-        seed()
-        for i in range(count):
-            idc = cls(name=forgery_py.name.full_name(),
-                      bandwidth='200M',
-                      contact=forgery_py.name.full_name(),
-                      phone=forgery_py.address.phone(),
-                      address=forgery_py.address.city() + forgery_py.address.street_address(),
-                      operator=choice(['北京联通', '北京电信', 'BGP全网通']),
-                      comment=forgery_py.lorem_ipsum.sentence(),
-                      created_by='Fake')
-            try:
-                idc.save()
-                logger.debug('Generate fake asset group: %s' % idc.name)
-            except IntegrityError:
-                print('Error continue')
-                continue
--- a/apps/assets/models/label.py
+++ b/apps/assets/models/label.py
@@ -0,0 +1,37 @@
+# -*- coding: utf-8 -*-
+#
+
+import uuid
+from django.db import models
+from django.utils.translation import ugettext_lazy as _
+
+
+class Label(models.Model):
+    SYSTEM_CATEGORY = "S"
+    USER_CATEGORY = "U"
+    CATEGORY_CHOICES = (
+        ("S", _("System")),
+        ("U", _("User"))
+    )
+    id = models.UUIDField(default=uuid.uuid4, primary_key=True)
+    name = models.CharField(max_length=128, verbose_name=_("Name"))
+    value = models.CharField(max_length=128, verbose_name=_("Value"))
+    category = models.CharField(max_length=128, choices=CATEGORY_CHOICES, default=USER_CATEGORY, verbose_name=_("Category"))
+    is_active = models.BooleanField(default=True, verbose_name=_("Is active"))
+    comment = models.TextField(blank=True, null=True, verbose_name=_("Comment"))
+    date_created = models.DateTimeField(
+        auto_now_add=True, null=True, blank=True, verbose_name=_('Date created')
+    )
+
+    @classmethod
+    def get_queryset_group_by_name(cls):
+        names = cls.objects.values_list('name', flat=True)
+        for name in names:
+            yield name, cls.objects.filter(name=name)
+
+    def __str__(self):
+        return "{}:{}".format(self.name, self.value)
+
+    class Meta:
+        db_table = "assets_label"
+        unique_together = ('name', 'value')
--- a/apps/assets/models/node.py
+++ b/apps/assets/models/node.py
@@ -0,0 +1,124 @@
+# -*- coding: utf-8 -*-
+#
+import uuid
+
+from django.db import models
+from django.utils.translation import ugettext_lazy as _
+
+
+__all__ = ['Node']
+
+
+class Node(models.Model):
+    id = models.UUIDField(default=uuid.uuid4, primary_key=True)
+    key = models.CharField(unique=True, max_length=64, verbose_name=_("Key"))  # '1:1:1:1'
+    value = models.CharField(max_length=128, unique=True, verbose_name=_("Value"))
+    child_mark = models.IntegerField(default=0)
+    date_create = models.DateTimeField(auto_now_add=True)
+
+    is_node = True
+
+    def __str__(self):
+        return self.full_value
+
+    @property
+    def name(self):
+        return self.value
+
+    @property
+    def full_value(self):
+        if self == self.__class__.root():
+            return self.value
+        else:
+            return '{} / {}'.format(self.parent.full_value, self.value)
+
+    @property
+    def level(self):
+        return len(self.key.split(':'))
+
+    def get_next_child_key(self):
+        mark = self.child_mark
+        self.child_mark += 1
+        self.save()
+        return "{}:{}".format(self.key, mark)
+
+    def create_child(self, value):
+        child_key = self.get_next_child_key()
+        child = self.__class__.objects.create(key=child_key, value=value)
+        return child
+
+    def get_children(self):
+        return self.__class__.objects.filter(key__regex=r'{}:[0-9]+$'.format(self.key))
+
+    def get_all_children(self):
+        return self.__class__.objects.filter(key__startswith='{}:'.format(self.key))
+
+    def get_family(self):
+        children = list(self.get_all_children())
+        children.append(self)
+        return children
+
+    def get_assets(self):
+        from .asset import Asset
+        assets = Asset.objects.filter(nodes__id=self.id)
+        return assets
+
+    def get_valid_assets(self):
+        return self.get_assets().valid()
+
+    def get_all_assets(self):
+        from .asset import Asset
+        if self.is_root():
+            assets = Asset.objects.all()
+        else:
+            nodes = self.get_family()
+            assets = Asset.objects.filter(nodes__in=nodes).distinct()
+        return assets
+
+    def has_assets(self):
+        return self.get_all_assets()
+
+    def get_all_valid_assets(self):
+        return self.get_all_assets().valid()
+
+    def is_root(self):
+        return self.key == '0'
+
+    @property
+    def parent(self):
+        if self.key == "0":
+            return self.__class__.root()
+        elif not self.key.startswith("0"):
+            return self.__class__.root()
+
+        parent_key = ":".join(self.key.split(":")[:-1])
+        try:
+            parent = self.__class__.objects.get(key=parent_key)
+        except Node.DoesNotExist:
+            return self.__class__.root()
+        else:
+            return parent
+
+    @parent.setter
+    def parent(self, parent):
+        self.key = parent.get_next_child_key()
+
+    @property
+    def ancestor(self):
+        if self.parent == self.__class__.root():
+            return [self.__class__.root()]
+        else:
+            return [self.parent, *tuple(self.parent.ancestor)]
+
+    @property
+    def ancestor_with_node(self):
+        ancestor = self.ancestor
+        ancestor.insert(0, self)
+        return ancestor
+
+    @classmethod
+    def root(cls):
+        obj, created = cls.objects.get_or_create(
+            key='0', defaults={"key": '0', 'value': "ROOT"}
+        )
+        return obj
--- a/apps/assets/models/user.py
+++ b/apps/assets/models/user.py
@@ -2,105 +2,74 @@
 # -*- coding: utf-8 -*-
 #

-from __future__ import unicode_literals
-import os
 import logging
-from hashlib import md5
+import uuid

-from django.core.exceptions import ValidationError
+from django.core.cache import cache
 from django.db import models
 from django.utils.translation import ugettext_lazy as _
-from django.conf import settings

-from common.utils import signer, validate_ssh_private_key, ssh_key_string_to_obj
+from common.utils import get_signer
+from ..const import SYSTEM_USER_CONN_CACHE_KEY
+from .base import AssetUser

-__all__ = ['AdminUser', 'SystemUser', 'private_key_validator']
+
+__all__ = ['AdminUser', 'SystemUser',]
 logger = logging.getLogger(__name__)
+signer = get_signer()


-def private_key_validator(value):
-    if not validate_ssh_private_key(value):
-        raise ValidationError(
-            _('%(value)s is not an even number'),
-            params={'value': value},
-        )
-
-
-class AdminUser(models.Model):
+class AdminUser(AssetUser):
+    """
+    A privileged user that ansible can use it to push system user and so on
+    """
    BECOME_METHOD_CHOICES = (
        ('sudo', 'sudo'),
        ('su', 'su'),
    )
-    name = models.CharField(max_length=128, unique=True, verbose_name=_('Name'))
-    username = models.CharField(max_length=16, verbose_name=_('Username'))
-    _password = models.CharField(
-        max_length=256, blank=True, null=True, verbose_name=_('Password'))
-    _private_key = models.TextField(max_length=4096, blank=True, null=True, verbose_name=_('SSH private key'),
-                                    validators=[private_key_validator,])
    become = models.BooleanField(default=True)
    become_method = models.CharField(choices=BECOME_METHOD_CHOICES, default='sudo', max_length=4)
    become_user = models.CharField(default='root', max_length=64)
-    become_pass = models.CharField(default='', max_length=128)
-    _public_key = models.TextField(
-        max_length=4096, blank=True, verbose_name=_('SSH public key'))
-    comment = models.TextField(blank=True, verbose_name=_('Comment'))
-    date_created = models.DateTimeField(auto_now_add=True, null=True)
-    created_by = models.CharField(
-        max_length=32, null=True, verbose_name=_('Created by'))
+    _become_pass = models.CharField(default='', max_length=128)

-    def __unicode__(self):
+    def __str__(self):
        return self.name
-    __str__ = __unicode__

    @property
-    def password(self):
-        if self._password:
-            return signer.unsign(self._password)
+    def become_pass(self):
+        password = signer.unsign(self._become_pass)
+        if password:
+            return password
        else:
-            return ''
+            return ""

-    @password.setter
-    def password(self, password_raw):
-        self._password = signer.sign(password_raw)
+    @become_pass.setter
+    def become_pass(self, password):
+        self._become_pass = signer.sign(password)

    @property
-    def private_key(self):
-        if self._private_key:
-            key_str = signer.unsign(self._private_key)
-            return ssh_key_string_to_obj(key_str)
+    def become_info(self):
+        if self.become:
+            info = {
+                "method": self.become_method,
+                "user": self.become_user,
+                "pass": self.become_pass,
+            }
        else:
-            return None
+            info = None
+        return info

-    @private_key.setter
-    def private_key(self, private_key_raw):
-        self._private_key = signer.sign(private_key_raw)
-
-    @property
-    def private_key_file(self):
-        if not self.private_key:
-            return None
-        project_dir = settings.PROJECT_DIR
-        tmp_dir = os.path.join(project_dir, 'tmp')
-        key_name = md5(self._private_key.encode()).hexdigest()
-        key_path = os.path.join(tmp_dir, key_name)
-        if not os.path.exists(key_path):
-            self.private_key.write_private_key_file(key_path)
-        return key_path
-
-    @property
-    def public_key(self):
-        return signer.unsign(self._public_key)
-
-    @public_key.setter
-    def public_key(self, public_key_raw):
-        self._public_key = signer.sign(public_key_raw)
+    def get_related_assets(self):
+        assets = self.asset_set.all()
+        return assets

    @property
    def assets_amount(self):
-        return self.assets.count()
+        return self.get_related_assets().count()

    class Meta:
        ordering = ['name']
+        verbose_name = _("Admin user")

    @classmethod
    def generate_fake(cls, count=10):
@@ -123,104 +92,24 @@ class AdminUser(models.Model):
                continue


-class SystemUser(models.Model):
+class SystemUser(AssetUser):
+    SSH_PROTOCOL = 'ssh'
+    RDP_PROTOCOL = 'rdp'
    PROTOCOL_CHOICES = (
-        ('ssh', 'ssh'),
+        (SSH_PROTOCOL, 'ssh'),
+        (RDP_PROTOCOL, 'rdp'),
    )
-    AUTH_METHOD_CHOICES = (
-        ('P', 'Password'),
-        ('K', 'Public key'),
-    )
-    name = models.CharField(max_length=128, unique=True,
-                            verbose_name=_('Name'))
-    username = models.CharField(max_length=16, verbose_name=_('Username'))
-    _password = models.CharField(
-        max_length=256, blank=True, verbose_name=_('Password'))
-    protocol = models.CharField(
-        max_length=16, choices=PROTOCOL_CHOICES, default='ssh', verbose_name=_('Protocol'))
-    _private_key = models.TextField(
-        max_length=8192, blank=True, verbose_name=_('SSH private key'))
-    _public_key = models.TextField(
-        max_length=8192, blank=True, verbose_name=_('SSH public key'))
-    auth_method = models.CharField(choices=AUTH_METHOD_CHOICES, default='K',
-                                   max_length=1, verbose_name=_('Auth method'))
+
+    nodes = models.ManyToManyField('assets.Node', blank=True, verbose_name=_("Nodes"))
+    assets = models.ManyToManyField('assets.Asset', blank=True, verbose_name=_("Assets"))
+    priority = models.IntegerField(default=10, verbose_name=_("Priority"))
+    protocol = models.CharField(max_length=16, choices=PROTOCOL_CHOICES, default='ssh', verbose_name=_('Protocol'))
    auto_push = models.BooleanField(default=True, verbose_name=_('Auto push'))
-    sudo = models.TextField(
-        max_length=4096, default='/sbin/ifconfig', verbose_name=_('Sudo'))
-    shell = models.CharField(
-        max_length=64,  default='/bin/bash', verbose_name=_('Shell'))
-    date_created = models.DateTimeField(auto_now_add=True)
-    created_by = models.CharField(
-        max_length=32, blank=True, verbose_name=_('Created by'))
-    comment = models.TextField(
-        max_length=128, blank=True, verbose_name=_('Comment'))
+    sudo = models.TextField(default='/bin/whoami', verbose_name=_('Sudo'))
+    shell = models.CharField(max_length=64,  default='/bin/bash', verbose_name=_('Shell'))

-    def __unicode__(self):
-        return self.name
-    __str__ = __unicode__
-
-    @property
-    def password(self):
-        if self._password:
-            return signer.unsign(self._password)
-        return None
-
-    @password.setter
-    def password(self, password_raw):
-        self._password = signer.sign(password_raw)
-
-    @property
-    def private_key(self):
-        if self._private_key:
-            return signer.unsign(self._private_key)
-        return None
-
-    @private_key.setter
-    def private_key(self, private_key_raw):
-        self._private_key = signer.sign(private_key_raw)
-
-    @property
-    def public_key(self):
-        return signer.unsign(self._public_key)
-
-    @public_key.setter
-    def public_key(self, public_key_raw):
-        self._public_key = signer.sign(public_key_raw)
-
-    def get_assets_inherit_from_asset_groups(self):
-        assets = set()
-        asset_groups = self.asset_groups.all()
-        for asset_group in asset_groups:
-            for asset in asset_group.assets.all():
-                setattr(asset, 'is_inherit_from_asset_groups', True)
-                setattr(asset, 'inherit_from_asset_groups',
-                        getattr(asset, 'inherit_from_asset_groups', set()).add(asset_group))
-                assets.add(asset)
-        return assets
-
-    def get_assets(self):
-        assets = set(self.assets.all()
-                     ) | self.get_assets_inherit_from_asset_groups()
-        return list(assets)
-
-    def _to_secret_json(self):
-        """Push system user use it"""
-        return {
-            'name': self.name,
-            'username': self.username,
-            'shell': self.shell,
-            'sudo': self.sudo,
-            'password': self.password,
-            'public_key': self.public_key
-        }
-
-    @property
-    def assets_amount(self):
-        return self.assets.count()
-
-    @property
-    def asset_group_amount(self):
-        return self.asset_groups.count()
+    def __str__(self):
+        return '{0.name}({0.username})'.format(self)

    def to_json(self):
        return {
@@ -228,12 +117,36 @@ class SystemUser(models.Model):
            'name': self.name,
            'username': self.username,
            'protocol': self.protocol,
-            'auth_method': self.auth_method,
+            'priority': self.priority,
            'auto_push': self.auto_push,
        }

+    def get_assets(self):
+        assets = set(self.assets.all())
+        return assets
+
+    @property
+    def assets_connective(self):
+        _result = cache.get(SYSTEM_USER_CONN_CACHE_KEY.format(self.name), {})
+        return _result
+
+    @property
+    def unreachable_assets(self):
+        return list(self.assets_connective.get('dark', {}).keys())
+
+    @property
+    def reachable_assets(self):
+        return self.assets_connective.get('contacted', [])
+
+    def is_need_push(self):
+        if self.auto_push and self.protocol == self.__class__.SSH_PROTOCOL:
+            return True
+        else:
+            return False
+
    class Meta:
        ordering = ['name']
+        verbose_name = _("System user")

    @classmethod
    def generate_fake(cls, count=10):
@@ -254,6 +167,3 @@ class SystemUser(models.Model):
            except IntegrityError:
                print('Error continue')
                continue
-
-
-
--- a/apps/assets/models/utils.py
+++ b/apps/assets/models/utils.py
@@ -2,22 +2,34 @@
 # -*- coding: utf-8 -*-
 #

-from . import IDC, SystemUser, AdminUser, AssetGroup, Asset
+from django.core.exceptions import ValidationError
+from common.utils import validate_ssh_private_key
+

 __all__ = ['init_model', 'generate_fake']


 def init_model():
-    for cls in [IDC, SystemUser, AdminUser, AssetGroup, Asset]:
+    from . import SystemUser, AdminUser, Asset
+    for cls in [SystemUser, AdminUser, Asset]:
        if hasattr(cls, 'initial'):
            cls.initial()


 def generate_fake():
-    for cls in [IDC, SystemUser, AdminUser, AssetGroup, Asset]:
+    from . import SystemUser, AdminUser,  Asset
+    for cls in [SystemUser, AdminUser, Asset]:
        if hasattr(cls, 'generate_fake'):
            cls.generate_fake()


+def private_key_validator(value):
+    if not validate_ssh_private_key(value):
+        raise ValidationError(
+            _('%(value)s is not an even number'),
+            params={'value': value},
+        )
+
+
 if __name__ == '__main__':
    pass
--- a/apps/assets/serializers.py
+++ b/apps/assets/serializers.py
@@ -1,189 +0,0 @@
-# -*- coding: utf-8 -*-
-from django.utils.translation import ugettext_lazy as _
-from django.core.cache import cache
-from rest_framework import viewsets, serializers, generics
-from .models import AssetGroup, Asset, IDC, AdminUser, SystemUser
-from common.mixins import IDInFilterMixin
-from rest_framework_bulk import BulkListSerializer, BulkSerializerMixin
-
-
-class AssetGroupSerializer(BulkSerializerMixin, serializers.ModelSerializer):
-    assets_amount = serializers.SerializerMethodField()
-    assets = serializers.PrimaryKeyRelatedField(many=True, queryset=Asset.objects.all())
-
-    class Meta:
-        model = AssetGroup
-        list_serializer_class = BulkListSerializer
-        fields = ['id', 'name', 'comment', 'assets_amount', 'assets']
-
-    @staticmethod
-    def get_assets_amount(obj):
-        return obj.assets.count()
-
-
-class AssetUpdateGroupSerializer(serializers.ModelSerializer):
-    groups = serializers.PrimaryKeyRelatedField(many=True, queryset=AssetGroup.objects.all())
-
-    class Meta:
-        model = Asset
-        fields = ['id', 'groups']
-
-
-class AssetUpdateSystemUserSerializer(serializers.ModelSerializer):
-    system_users = serializers.PrimaryKeyRelatedField(many=True, queryset=SystemUser.objects.all())
-
-    class Meta:
-        model = Asset
-        fields = ['id', 'system_users']
-
-
-class AssetGroupUpdateSerializer(serializers.ModelSerializer):
-    """update the asset group, and add or delete the asset to the group"""
-    assets = serializers.PrimaryKeyRelatedField(many=True, queryset=Asset.objects.all())
-
-    class Meta:
-        model = AssetGroup
-        fields = ['id', 'assets']
-
-
-class AssetGroupUpdateSystemUserSerializer(serializers.ModelSerializer):
-    system_users = serializers.PrimaryKeyRelatedField(many=True, queryset=SystemUser.objects.all())
-
-    class Meta:
-        model = AssetGroup
-        fields = ['id', 'system_users']
-
-
-class IDCUpdateAssetsSerializer(serializers.ModelSerializer):
-    assets = serializers.PrimaryKeyRelatedField(many=True, queryset=Asset.objects.all())
-
-    class Meta:
-        model = IDC
-        fields = ['id', 'assets']
-
-
-class AdminUserSerializer(serializers.ModelSerializer):
-    assets = serializers.PrimaryKeyRelatedField(many=True, queryset=Asset.objects.all())
-
-    class Meta:
-        model = AdminUser
-        fields = '__all__'
-
-    def get_field_names(self, declared_fields, info):
-        fields = super(AdminUserSerializer, self).get_field_names(declared_fields, info)
-        fields.append('assets_amount')
-        return fields
-
-
-class SystemUserSerializer(serializers.ModelSerializer):
-    class Meta:
-        model = SystemUser
-        exclude = ('_password', '_private_key', '_public_key')
-
-    def get_field_names(self, declared_fields, info):
-        fields = super(SystemUserSerializer, self).get_field_names(declared_fields, info)
-        fields.extend(['assets_amount'])
-        return fields
-
-
-class AssetSystemUserSerializer(serializers.ModelSerializer):
-    class Meta:
-        model = SystemUser
-        fields = ('id', 'name', 'username', 'protocol', 'auth_method', 'comment')
-
-
-class SystemUserUpdateAssetsSerializer(serializers.ModelSerializer):
-    assets = serializers.PrimaryKeyRelatedField(many=True, queryset=Asset.objects.all())
-
-    class Meta:
-        model = SystemUser
-        fields = ['id', 'assets']
-
-
-class SystemUserUpdateAssetGroupSerializer(serializers.ModelSerializer):
-    asset_groups = serializers.PrimaryKeyRelatedField(many=True, queryset=AssetGroup.objects.all())
-
-    class Meta:
-        model = SystemUser
-        fields = ['id', 'asset_groups']
-
-
-class SystemUserSimpleSerializer(serializers.ModelSerializer):
-    class Meta:
-        model = SystemUser
-        fields = ('id', 'name', 'username')
-
-
-class AssetSerializer(BulkSerializerMixin, serializers.ModelSerializer):
-    # system_users = SystemUserSerializer(many=True, read_only=True)
-    # admin_user = AdminUserSerializer(many=False, read_only=True)
-    hardware = serializers.SerializerMethodField()
-    is_online = serializers.SerializerMethodField()
-
-    class Meta(object):
-        model = Asset
-        list_serializer_class = BulkListSerializer
-        fields = '__all__'
-
-    @staticmethod
-    def get_hardware(obj):
-        if obj.cpu_count:
-            return '{} Core {} {}'.format(obj.cpu_count*obj.cpu_cores, obj.memory, obj.disk_total)
-        else:
-            return ''
-
-    @staticmethod
-    def get_is_online(obj):
-        hostname = obj.hostname
-        if cache.get(hostname) == '1':
-            return True
-        elif cache.get(hostname) == '0':
-            return False
-        else:
-            return 'Unknown'
-
-    def get_field_names(self, declared_fields, info):
-        fields = super(AssetSerializer, self).get_field_names(declared_fields, info)
-        fields.extend(['get_type_display', 'get_env_display'])
-        return fields
-
-
-class AssetGrantedSerializer(serializers.ModelSerializer):
-    system_users_granted = AssetSystemUserSerializer(many=True, read_only=True)
-    is_inherited = serializers.SerializerMethodField()
-    system_users_join = serializers.SerializerMethodField()
-
-    class Meta(object):
-        model = Asset
-        fields = ("id", "hostname", "ip", "port", "system_users_granted", "is_inherited",
-                  "is_active", "system_users_join", "comment")
-
-    @staticmethod
-    def get_is_inherited(obj):
-        if getattr(obj, 'inherited', ''):
-            return True
-        else:
-            return False
-
-    @staticmethod
-    def get_system_users_join(obj):
-        return ', '.join([system_user.username for system_user in obj.system_users_granted])
-
-
-class IDCSerializer(BulkSerializerMixin, serializers.ModelSerializer):
-    assets_amount = serializers.SerializerMethodField()
-    assets = serializers.PrimaryKeyRelatedField(many=True, queryset=Asset.objects.all())
-
-    class Meta:
-        model = IDC
-        fields = '__all__'
-
-    @staticmethod
-    def get_assets_amount(obj):
-        return obj.assets.count()
-
-    def get_field_names(self, declared_fields, info):
-        fields = super(IDCSerializer, self).get_field_names(declared_fields, info)
-        fields.append('assets_amount')
-        return fields
-
--- a/apps/assets/serializers/init.py
+++ b/apps/assets/serializers/init.py
@@ -0,0 +1,9 @@
+# -*- coding: utf-8 -*-
+#
+
+from .asset import *
+from .admin_user import *
+from .label import *
+from .system_user import *
+from .node import *
+from .domain import *
--- a/apps/assets/serializers/admin_user.py
+++ b/apps/assets/serializers/admin_user.py
@@ -0,0 +1,69 @@
+# -*- coding: utf-8 -*-
+#
+from django.core.cache import cache
+from rest_framework import serializers
+
+from ..models import Node, AdminUser
+from ..const import ADMIN_USER_CONN_CACHE_KEY
+
+from .base import AuthSerializer
+
+
+class AdminUserSerializer(serializers.ModelSerializer):
+    """
+    管理用户
+    """
+    assets_amount = serializers.SerializerMethodField()
+    unreachable_amount = serializers.SerializerMethodField()
+    reachable_amount = serializers.SerializerMethodField()
+
+    class Meta:
+        model = AdminUser
+        fields = '__all__'
+
+    def get_field_names(self, declared_fields, info):
+        fields = super().get_field_names(declared_fields, info)
+        return [f for f in fields if not f.startswith('_')]
+
+    @staticmethod
+    def get_unreachable_amount(obj):
+        data = cache.get(ADMIN_USER_CONN_CACHE_KEY.format(obj.name))
+        if data:
+            return len(data.get('dark'))
+        else:
+            return 0
+
+    @staticmethod
+    def get_reachable_amount(obj):
+        data = cache.get(ADMIN_USER_CONN_CACHE_KEY.format(obj.name))
+        if data:
+            return len(data.get('contacted'))
+        else:
+            return 0
+
+    @staticmethod
+    def get_assets_amount(obj):
+        return obj.assets_amount
+
+
+class AdminUserAuthSerializer(AuthSerializer):
+
+    class Meta:
+        model = AdminUser
+        fields = ['password', 'private_key']
+
+
+class ReplaceNodeAdminUserSerializer(serializers.ModelSerializer):
+    """
+    管理用户更新关联到的集群
+    """
+    nodes = serializers.PrimaryKeyRelatedField(
+        many=True, queryset=Node.objects.all()
+    )
+
+    class Meta:
+        model = AdminUser
+        fields = ['id', 'nodes']
+
+
+
--- a/apps/assets/serializers/asset.py
+++ b/apps/assets/serializers/asset.py
@@ -0,0 +1,91 @@
+# -*- coding: utf-8 -*-
+#
+from rest_framework import serializers
+from rest_framework_bulk.serializers import BulkListSerializer
+
+from common.mixins import BulkSerializerMixin
+from ..models import Asset, Node
+from .system_user import AssetSystemUserSerializer
+
+__all__ = [
+    'AssetSerializer', 'AssetGrantedSerializer', 'MyAssetGrantedSerializer',
+]
+
+
+class NodeTMPSerializer(serializers.ModelSerializer):
+    parent = serializers.SerializerMethodField()
+    assets_amount = serializers.SerializerMethodField()
+
+    class Meta:
+        model = Node
+        fields = ['id', 'key', 'value', 'parent', 'assets_amount', 'is_node']
+        list_serializer_class = BulkListSerializer
+
+    @staticmethod
+    def get_parent(obj):
+        return obj.parent.id
+
+    @staticmethod
+    def get_assets_amount(obj):
+        return obj.get_all_assets().count()
+
+    def get_fields(self):
+        fields = super().get_fields()
+        field = fields["key"]
+        field.required = False
+        return fields
+
+
+class AssetSerializer(BulkSerializerMixin, serializers.ModelSerializer):
+    """
+    资产的数据结构
+    """
+
+    class Meta:
+        model = Asset
+        list_serializer_class = BulkListSerializer
+        fields = '__all__'
+        validators = []  # If not set to [], partial bulk update will be error
+
+    def get_field_names(self, declared_fields, info):
+        fields = super().get_field_names(declared_fields, info)
+        fields.extend([
+            'hardware_info', 'is_connective',
+        ])
+        return fields
+
+
+class AssetGrantedSerializer(serializers.ModelSerializer):
+    """
+    被授权资产的数据结构
+    """
+    system_users_granted = AssetSystemUserSerializer(many=True, read_only=True)
+    system_users_join = serializers.SerializerMethodField()
+    nodes = NodeTMPSerializer(many=True, read_only=True)
+
+    class Meta:
+        model = Asset
+        fields = (
+            "id", "hostname", "ip", "port", "system_users_granted",
+            "is_active", "system_users_join", "os", 'domain', "nodes",
+            "platform", "comment"
+        )
+
+    @staticmethod
+    def get_system_users_join(obj):
+        system_users = [s.username for s in obj.system_users_granted]
+        return ', '.join(system_users)
+
+
+class MyAssetGrantedSerializer(AssetGrantedSerializer):
+    """
+    普通用户获取授权的资产定义的数据结构
+    """
+
+    class Meta:
+        model = Asset
+        fields = (
+            "id", "hostname", "system_users_granted",
+            "is_active", "system_users_join",
+            "os", "platform", "comment",
+        )
--- a/apps/assets/serializers/base.py
+++ b/apps/assets/serializers/base.py
@@ -0,0 +1,26 @@
+# -*- coding: utf-8 -*-
+#
+
+from rest_framework import serializers
+from common.utils import ssh_pubkey_gen
+
+
+class AuthSerializer(serializers.ModelSerializer):
+    password = serializers.CharField(required=False, allow_blank=True, allow_null=True, max_length=1024)
+    private_key = serializers.CharField(required=False, allow_blank=True, allow_null=True, max_length=4096)
+
+    def gen_keys(self, private_key=None, password=None):
+        if private_key is None:
+            return None, None
+        public_key = ssh_pubkey_gen(private_key=private_key, password=password)
+        return private_key, public_key
+
+    def save(self, **kwargs):
+        password = self.validated_data.pop('password', None) or None
+        private_key = self.validated_data.pop('private_key', None) or None
+        self.instance = super().save(**kwargs)
+        if password or private_key:
+            private_key, public_key = self.gen_keys(private_key, password)
+            self.instance.set_auth(password=password, private_key=private_key,
+                                   public_key=public_key)
+        return self.instance
--- a/apps/assets/serializers/domain.py
+++ b/apps/assets/serializers/domain.py
@@ -0,0 +1,50 @@
+# -*- coding: utf-8 -*-
+#
+from rest_framework import serializers
+
+from ..models import Domain, Gateway
+
+
+class DomainSerializer(serializers.ModelSerializer):
+    asset_count = serializers.SerializerMethodField()
+    gateway_count = serializers.SerializerMethodField()
+
+    class Meta:
+        model = Domain
+        fields = '__all__'
+
+    @staticmethod
+    def get_asset_count(obj):
+        return obj.assets.count()
+
+    @staticmethod
+    def get_gateway_count(obj):
+        return obj.gateway_set.all().count()
+
+
+class GatewaySerializer(serializers.ModelSerializer):
+
+    class Meta:
+        model = Gateway
+        fields = [
+            'id', 'name', 'ip', 'port', 'protocol', 'username',
+            'domain', 'is_active', 'date_created', 'date_updated',
+            'created_by', 'comment',
+        ]
+
+
+class GatewayWithAuthSerializer(GatewaySerializer):
+    def get_field_names(self, declared_fields, info):
+        fields = super().get_field_names(declared_fields, info)
+        fields.extend(
+            ['password', 'private_key']
+        )
+        return fields
+
+
+class DomainWithGatewaySerializer(serializers.ModelSerializer):
+    gateways = GatewayWithAuthSerializer(many=True, read_only=True)
+
+    class Meta:
+        model = Domain
+        fields = '__all__'
--- a/apps/assets/serializers/label.py
+++ b/apps/assets/serializers/label.py
@@ -0,0 +1,37 @@
+# -*- coding: utf-8 -*-
+#
+from rest_framework import serializers
+from rest_framework_bulk.serializers import BulkListSerializer
+
+from ..models import Label
+
+
+class LabelSerializer(serializers.ModelSerializer):
+    asset_count = serializers.SerializerMethodField()
+
+    class Meta:
+        model = Label
+        fields = '__all__'
+        list_serializer_class = BulkListSerializer
+
+    @staticmethod
+    def get_asset_count(obj):
+        return obj.assets.count()
+
+    def get_field_names(self, declared_fields, info):
+        fields = super().get_field_names(declared_fields, info)
+        fields.extend(['get_category_display'])
+        return fields
+
+
+class LabelDistinctSerializer(serializers.ModelSerializer):
+    value = serializers.SerializerMethodField()
+
+    class Meta:
+        model = Label
+        fields = ("name", "value")
+
+    @staticmethod
+    def get_value(obj):
+        labels = Label.objects.filter(name=obj["name"])
+        return ', '.join([label.value for label in labels])
--- a/apps/assets/serializers/node.py
+++ b/apps/assets/serializers/node.py
@@ -0,0 +1,78 @@
+# -*- coding: utf-8 -*-
+from rest_framework import serializers
+from rest_framework_bulk.serializers import BulkListSerializer
+
+from common.mixins import BulkSerializerMixin
+from ..models import Asset, Node
+from .asset import AssetGrantedSerializer
+
+
+__all__ = [
+    'NodeSerializer', "NodeGrantedSerializer", "NodeAddChildrenSerializer",
+    "NodeAssetsSerializer",
+]
+
+
+class NodeGrantedSerializer(BulkSerializerMixin, serializers.ModelSerializer):
+    """
+    授权资产组
+    """
+    assets_granted = AssetGrantedSerializer(many=True, read_only=True)
+    assets_amount = serializers.SerializerMethodField()
+    parent = serializers.SerializerMethodField()
+    name = serializers.SerializerMethodField()
+
+    class Meta:
+        model = Node
+        fields = [
+            'id', 'key', 'name', 'value', 'parent',
+            'assets_granted', 'assets_amount',
+        ]
+
+    @staticmethod
+    def get_assets_amount(obj):
+        return len(obj.assets_granted)
+
+    @staticmethod
+    def get_name(obj):
+        return obj.name
+
+    @staticmethod
+    def get_parent(obj):
+        return obj.parent.id
+
+
+class NodeSerializer(serializers.ModelSerializer):
+    parent = serializers.SerializerMethodField()
+    assets_amount = serializers.SerializerMethodField()
+
+    class Meta:
+        model = Node
+        fields = ['id', 'key', 'value', 'parent', 'assets_amount', 'is_node']
+        list_serializer_class = BulkListSerializer
+
+    @staticmethod
+    def get_parent(obj):
+        return obj.parent.id
+
+    @staticmethod
+    def get_assets_amount(obj):
+        return obj.get_all_assets().count()
+
+    def get_fields(self):
+        fields = super().get_fields()
+        field = fields["key"]
+        field.required = False
+        return fields
+
+
+class NodeAssetsSerializer(serializers.ModelSerializer):
+    assets = serializers.PrimaryKeyRelatedField(many=True, queryset=Asset.objects.all())
+
+    class Meta:
+        model = Node
+        fields = ['assets']
+
+
+class NodeAddChildrenSerializer(serializers.Serializer):
+    nodes = serializers.ListField()
--- a/apps/assets/serializers/system_user.py
+++ b/apps/assets/serializers/system_user.py
@@ -0,0 +1,68 @@
+from rest_framework import serializers
+
+from ..models import SystemUser
+from .base import AuthSerializer
+
+
+class SystemUserSerializer(serializers.ModelSerializer):
+    """
+    系统用户
+    """
+    unreachable_amount = serializers.SerializerMethodField()
+    reachable_amount = serializers.SerializerMethodField()
+    unreachable_assets = serializers.SerializerMethodField()
+    reachable_assets = serializers.SerializerMethodField()
+    assets_amount = serializers.SerializerMethodField()
+
+    class Meta:
+        model = SystemUser
+        exclude = ('_password', '_private_key', '_public_key')
+
+    @staticmethod
+    def get_unreachable_assets(obj):
+        return obj.unreachable_assets
+
+    @staticmethod
+    def get_reachable_assets(obj):
+        return obj.reachable_assets
+
+    def get_unreachable_amount(self, obj):
+        return len(self.get_unreachable_assets(obj))
+
+    def get_reachable_amount(self, obj):
+        return len(self.get_reachable_assets(obj))
+
+    @staticmethod
+    def get_assets_amount(obj):
+        return len(obj.get_assets())
+
+
+class SystemUserAuthSerializer(AuthSerializer):
+    """
+    系统用户认证信息
+    """
+
+    class Meta:
+        model = SystemUser
+        fields = [
+            "id", "name", "username", "protocol",
+            "password", "private_key",
+        ]
+
+
+class AssetSystemUserSerializer(serializers.ModelSerializer):
+    """
+    查看授权的资产系统用户的数据结构，这个和AssetSerializer不同，字段少
+    """
+    class Meta:
+        model = SystemUser
+        fields = ('id', 'name', 'username', 'priority', 'protocol',  'comment',)
+
+
+class SystemUserSimpleSerializer(serializers.ModelSerializer):
+    """
+    系统用户最基本信息的数据结构
+    """
+    class Meta:
+        model = SystemUser
+        fields = ('id', 'name', 'username')
--- a/apps/assets/signals.py
+++ b/apps/assets/signals.py
@@ -0,0 +1,5 @@
+# -*- coding: utf-8 -*-
+#
+from django.dispatch import Signal
+
+on_app_ready = Signal()
--- a/apps/assets/signals_handler.py
+++ b/apps/assets/signals_handler.py
@@ -0,0 +1,84 @@
+# -*- coding: utf-8 -*-
+#
+from collections import defaultdict
+from django.db.models.signals import post_save, m2m_changed
+from django.dispatch import receiver
+
+from common.utils import get_logger
+from .models import Asset, SystemUser, Node
+from .tasks import update_assets_hardware_info_util, \
+    test_asset_connectability_util, push_system_user_to_assets
+
+
+logger = get_logger(__file__)
+
+
+def update_asset_hardware_info_on_created(asset):
+    logger.debug("Update asset `{}` hardware info".format(asset))
+    update_assets_hardware_info_util.delay([asset])
+
+
+def test_asset_conn_on_created(asset):
+    logger.debug("Test asset `{}` connectability".format(asset))
+    test_asset_connectability_util.delay([asset])
+
+
+def set_asset_root_node(asset):
+    logger.debug("Set asset default node: {}".format(Node.root()))
+    asset.nodes.add(Node.root())
+
+
+@receiver(post_save, sender=Asset, dispatch_uid="my_unique_identifier")
+def on_asset_created_or_update(sender, instance=None, created=False, **kwargs):
+    if created:
+        logger.info("Asset `{}` create signal received".format(instance))
+        update_asset_hardware_info_on_created(instance)
+        test_asset_conn_on_created(instance)
+
+
+@receiver(post_save, sender=SystemUser, dispatch_uid="my_unique_identifier")
+def on_system_user_update(sender, instance=None, created=True, **kwargs):
+    if instance and not created:
+        logger.info("System user `{}` update signal received".format(instance))
+        assets = instance.assets.all()
+        push_system_user_to_assets.delay(instance, assets)
+
+
+@receiver(m2m_changed, sender=SystemUser.nodes.through)
+def on_system_user_nodes_change(sender, instance=None, **kwargs):
+    if instance and kwargs["action"] == "post_add":
+        assets = set()
+        nodes = kwargs['model'].objects.filter(pk__in=kwargs['pk_set'])
+        for node in nodes:
+            assets.update(set(node.get_all_assets()))
+        instance.assets.add(*tuple(assets))
+
+
+@receiver(m2m_changed, sender=SystemUser.assets.through)
+def on_system_user_assets_change(sender, instance=None, **kwargs):
+    if instance and kwargs["action"] == "post_add":
+        assets = kwargs['model'].objects.filter(pk__in=kwargs['pk_set'])
+        push_system_user_to_assets(instance, assets)
+
+
+@receiver(m2m_changed, sender=Asset.nodes.through)
+def on_asset_node_changed(sender, instance=None, **kwargs):
+    if isinstance(instance, Asset) and kwargs['action'] == 'post_add':
+        logger.debug("Asset node change signal received")
+        nodes = kwargs['model'].objects.filter(pk__in=kwargs['pk_set'])
+        system_users_assets = defaultdict(set)
+        system_users = SystemUser.objects.filter(nodes__in=nodes)
+        for system_user in system_users:
+            system_users_assets[system_user].update({instance})
+        for system_user, assets in system_users_assets.items():
+            system_user.assets.add(*tuple(assets))
+
+
+@receiver(m2m_changed, sender=Asset.nodes.through)
+def on_node_assets_changed(sender, instance=None, **kwargs):
+    if isinstance(instance, Node) and kwargs['action'] == 'post_add':
+        logger.debug("Node assets change signal received")
+        assets = kwargs['model'].objects.filter(pk__in=kwargs['pk_set'])
+        system_users = SystemUser.objects.filter(nodes=instance)
+        for system_user in system_users:
+            system_user.assets.add(*tuple(assets))
--- a/apps/assets/tasks.py
+++ b/apps/assets/tasks.py
@@ -1,80 +1,415 @@
 # ~*~ coding: utf-8 ~*~
-from celery import shared_task
 import json
+import re
+import os

+from celery import shared_task
 from django.core.cache import cache
+from django.utils.translation import ugettext as _

-from ops.tasks import run_AdHoc
-from common.utils import get_object_or_none, capacity_convert, sum_capacity
-from .models import Asset
+from common.utils import get_object_or_none, capacity_convert, \
+    sum_capacity, encrypt_password, get_logger
+from ops.celery.utils import register_as_period_task, after_app_shutdown_clean, \
+    after_app_ready_start
+from ops.celery import app as celery_app
+
+from .models import SystemUser, AdminUser, Asset
+from . import const
+
+
+FORKS = 10
+TIMEOUT = 60
+logger = get_logger(__file__)
+CACHE_MAX_TIME = 60*60*60
+disk_pattern = re.compile(r'^hd|sd|xvd|vd')
+PERIOD_TASK = os.environ.get("PERIOD_TASK", "on")


@shared_task
-def update_assets_hardware_info(assets):
-    task_tuple = (
-        ('setup', ''),
-    )
-    summary, result = run_AdHoc(task_tuple, assets, record=False)
-    for hostname, info in result['contacted'].items():
-        if info:
-            info = info[0]['ansible_facts']
-        else:
+def set_assets_hardware_info(result, **kwargs):
+    """
+    Using ops task run result, to update asset info
+
+    @shared_task must be exit, because we using it as a task callback, is must
+    be a celery task also
+    :param result:
+    :param kwargs: {task_name: ""}
+    :return:
+    """
+    result_raw = result[0]
+    assets_updated = []
+    for hostname, info in result_raw.get('ok', {}).items():
+        info = info.get('setup', {}).get('ansible_facts', {})
+        if not info:
+            logger.error("Get asset info failed: {}".format(hostname))
            continue
+
        asset = get_object_or_none(Asset, hostname=hostname)
        if not asset:
            continue

-        ___vendor = info['ansible_system_vendor']
-        ___model = info['ansible_product_version']
-        ___sn = info['ansible_product_serial']
+        ___vendor = info.get('ansible_system_vendor', 'Unknown')
+        ___model = info.get('ansible_product_name', 'Unknown')
+        ___sn = info.get('ansible_product_serial', 'Unknown')

-        for ___cpu_model in info['ansible_processor']:
-            if ___cpu_model.endswith('GHz'):
+        for ___cpu_model in info.get('ansible_processor', []):
+            if ___cpu_model.endswith('GHz') or ___cpu_model.startswith("Intel"):
                break
        else:
            ___cpu_model = 'Unknown'
-        ___cpu_count = info['ansible_processor_count']
-        ___cpu_cores = info['ansible_processor_cores']
-        ___memory = '%s %s' % capacity_convert('{} MB'.format(info['ansible_memtotal_mb']))
+        ___cpu_model = ___cpu_model[:64]
+        ___cpu_count = info.get('ansible_processor_count', 0)
+        ___cpu_cores = info.get('ansible_processor_cores', None) or len(info.get('ansible_processor', []))
+        ___memory = '%s %s' % capacity_convert('{} MB'.format(info.get('ansible_memtotal_mb')))
        disk_info = {}
-        for dev, dev_info in info['ansible_devices'].items():
-            if dev_info['removable'] == '0':
+        for dev, dev_info in info.get('ansible_devices', {}).items():
+            if disk_pattern.match(dev) and dev_info['removable'] == '0':
                disk_info[dev] = dev_info['size']
        ___disk_total = '%s %s' % sum_capacity(disk_info.values())
        ___disk_info = json.dumps(disk_info)

-        ___platform = info['ansible_system']
-        ___os = info['ansible_distribution']
-        ___os_version = info['ansible_distribution_version']
-        ___os_arch = info['ansible_architecture']
-        ___hostname_raw = info['ansible_hostname']
+        ___platform = info.get('ansible_system', 'Unknown')
+        ___os = info.get('ansible_distribution', 'Unknown')
+        ___os_version = info.get('ansible_distribution_version', 'Unknown')
+        ___os_arch = info.get('ansible_architecture', 'Unknown')
+        ___hostname_raw = info.get('ansible_hostname', 'Unknown')

        for k, v in locals().items():
            if k.startswith('___'):
                setattr(asset, k.strip('_'), v)
        asset.save()
-    return summary
+        assets_updated.append(asset)
+    return assets_updated


@shared_task
-def update_assets_hardware_period():
-    assets = Asset.objects.filter(type__in=['Server', 'VM'])
-    update_assets_hardware_info(assets)
-
-
-@shared_task
-def test_admin_user_connective_period():
-    assets = Asset.objects.filter(type__in=['Server', 'VM'])
-    task_tuple = (
-        ('ping', ''),
+def update_assets_hardware_info_util(assets, task_name=None):
+    """
+    Using ansible api to update asset hardware info
+    :param assets:  asset seq
+    :param task_name: task_name running
+    :return: result summary ['contacted': {}, 'dark': {}]
+    """
+    from ops.utils import update_or_create_ansible_task
+    if task_name is None:
+        # task_name = _("Update some assets hardware info")
+        task_name = _("更新资产硬件信息")
+    tasks = const.UPDATE_ASSETS_HARDWARE_TASKS
+    hostname_list = [asset.hostname for asset in assets if asset.is_active and asset.is_unixlike()]
+    if not hostname_list:
+        logger.info("Not hosts get, may be asset is not active or not unixlike platform")
+        return {}
+    task, created = update_or_create_ansible_task(
+        task_name, hosts=hostname_list, tasks=tasks, pattern='all',
+        options=const.TASK_OPTIONS, run_as_admin=True, created_by='System',
    )
-    summary, _ = run_AdHoc(task_tuple, assets, record=False)
-    for i in summary['success']:
-        cache.set(i, '1', 2*60*60*60)
+    result = task.run()
+    # Todo: may be somewhere using
+    # Manual run callback function
+    set_assets_hardware_info(result)
+    return result

-    for i, msg in summary['failed']:
-        cache.set(i, '0', 60*60*60)
+
+@shared_task
+def update_asset_hardware_info_manual(asset):
+    # task_name = _("Update asset hardware info")
+    task_name = _("更新资产硬件信息")
+    return update_assets_hardware_info_util([asset], task_name=task_name)
+
+
+@celery_app.task
+@register_as_period_task(interval=3600)
+@after_app_ready_start
+@after_app_shutdown_clean
+def update_assets_hardware_info_period():
+    """
+    Update asset hardware period task
+    :return:
+    """
+    if PERIOD_TASK != "on":
+        logger.debug("Period task disabled, update assets hardware info pass")
+        return
+
+    from ops.utils import update_or_create_ansible_task
+    # task_name = _("Update assets hardware info period")
+    task_name = _("定期更新资产硬件信息")
+    hostname_list = [
+        asset.hostname for asset in Asset.objects.all()
+        if asset.is_active and asset.is_unixlike()
+    ]
+    tasks = const.UPDATE_ASSETS_HARDWARE_TASKS
+
+    # Only create, schedule by celery beat
+    update_or_create_ansible_task(
+        task_name, hosts=hostname_list, tasks=tasks, pattern='all',
+        options=const.TASK_OPTIONS, run_as_admin=True, created_by='System',
+        interval=60*60*24, is_periodic=True, callback=set_assets_hardware_info.name,
+    )
+
+
+##  ADMIN USER CONNECTIVE  ##
+
+@shared_task
+def set_admin_user_connectability_info(result, **kwargs):
+    admin_user = kwargs.get("admin_user")
+    task_name = kwargs.get("task_name")
+    if admin_user is None and task_name is not None:
+        admin_user = task_name.split(":")[-1]
+
+    raw, summary = result
+    cache_key = const.ADMIN_USER_CONN_CACHE_KEY.format(admin_user)
+    cache.set(cache_key, summary, CACHE_MAX_TIME)
+
+    for i in summary.get('contacted', []):
+        asset_conn_cache_key = const.ASSET_ADMIN_CONN_CACHE_KEY.format(i)
+        cache.set(asset_conn_cache_key, 1, CACHE_MAX_TIME)
+
+    for i, msg in summary.get('dark', {}).items():
+        asset_conn_cache_key = const.ASSET_ADMIN_CONN_CACHE_KEY.format(i)
+        cache.set(asset_conn_cache_key, 0, CACHE_MAX_TIME)
+        logger.error(msg)
+
+
+@shared_task
+def test_admin_user_connectability_util(admin_user, task_name):
+    """
+    Test asset admin user can connect or not. Using ansible api do that
+    :param admin_user:
+    :param task_name:
+    :return:
+    """
+    from ops.utils import update_or_create_ansible_task
+
+    assets = admin_user.get_related_assets()
+    hosts = [asset.hostname for asset in assets
+             if asset.is_active and asset.is_unixlike()]
+    if not hosts:
+        return
+    tasks = const.TEST_ADMIN_USER_CONN_TASKS
+    task, created = update_or_create_ansible_task(
+        task_name=task_name, hosts=hosts, tasks=tasks, pattern='all',
+        options=const.TASK_OPTIONS, run_as_admin=True, created_by='System',
+    )
+    result = task.run()
+    set_admin_user_connectability_info(result, admin_user=admin_user.name)
+    return result
+
+
+@celery_app.task
+@register_as_period_task(interval=3600)
+@after_app_ready_start
+@after_app_shutdown_clean
+def test_admin_user_connectability_period():
+    """
+    A period task that update the ansible task period
+    """
+    if PERIOD_TASK != "on":
+        logger.debug("Period task disabled, test admin user connectability pass")
+        return
+
+    admin_users = AdminUser.objects.all()
+    for admin_user in admin_users:
+        # task_name = _("Test admin user connectability period: {}".format(admin_user.name))
+        task_name = _("定期测试管理账号可连接性: {}".format(admin_user.name))
+        test_admin_user_connectability_util(admin_user, task_name)
+
+
+@shared_task
+def test_admin_user_connectability_manual(admin_user):
+    # task_name = _("Test admin user connectability: {}").format(admin_user.name)
+    task_name = _("测试管理行号可连接性: {}").format(admin_user.name)
+    return test_admin_user_connectability_util(admin_user, task_name)
+
+
+@shared_task
+def test_asset_connectability_util(assets, task_name=None):
+    from ops.utils import update_or_create_ansible_task
+
+    if task_name is None:
+        # task_name = _("Test assets connectability")
+        task_name = _("测试资产可连接性")
+    hosts = [asset.hostname for asset in assets if asset.is_active and asset.is_unixlike()]
+    if not hosts:
+        logger.info("No hosts, passed")
+        return {}
+    tasks = const.TEST_ADMIN_USER_CONN_TASKS
+    task, created = update_or_create_ansible_task(
+        task_name=task_name, hosts=hosts, tasks=tasks, pattern='all',
+        options=const.TASK_OPTIONS, run_as_admin=True, created_by='System',
+    )
+    result = task.run()
+    summary = result[1]
+    for k in summary.get('dark'):
+        cache.set(const.ASSET_ADMIN_CONN_CACHE_KEY.format(k), 0, CACHE_MAX_TIME)
+
+    for k in summary.get('contacted'):
+        cache.set(const.ASSET_ADMIN_CONN_CACHE_KEY.format(k), 1, CACHE_MAX_TIME)
    return summary


+@shared_task
+def test_asset_connectability_manual(asset):
+    summary = test_asset_connectability_util([asset])
+
+    if summary.get('dark'):
+        return False, summary['dark']
+    else:
+        return True, ""
+
+
+##  System user connective ##
+
+@shared_task
+def set_system_user_connectablity_info(result, **kwargs):
+    summary = result[1]
+    task_name = kwargs.get("task_name")
+    system_user = kwargs.get("system_user")
+    if system_user is None:
+        system_user = task_name.split(":")[-1]
+    cache_key = const.SYSTEM_USER_CONN_CACHE_KEY.format(system_user)
+    cache.set(cache_key, summary, CACHE_MAX_TIME)
+
+
+@shared_task
+def test_system_user_connectability_util(system_user, task_name):
+    """
+    Test system cant connect his assets or not.
+    :param system_user:
+    :param task_name:
+    :return:
+    """
+    from ops.utils import update_or_create_ansible_task
+    assets = system_user.get_assets()
+    hosts = [asset.hostname for asset in assets if asset.is_active and asset.is_unixlike()]
+    tasks = const.TEST_SYSTEM_USER_CONN_TASKS
+    if not hosts:
+        logger.info("No hosts, passed")
+        return {}
+    task, created = update_or_create_ansible_task(
+        task_name, hosts=hosts, tasks=tasks, pattern='all',
+        options=const.TASK_OPTIONS,
+        run_as=system_user.name, created_by="System",
+    )
+    result = task.run()
+    set_system_user_connectablity_info(result, system_user=system_user.name)
+    return result
+
+
+@shared_task
+def test_system_user_connectability_manual(system_user):
+    task_name = _("Test system user connectability: {}").format(system_user)
+    return test_system_user_connectability_util(system_user, task_name)
+
+
+@shared_task
+@register_as_period_task(interval=3600)
+@after_app_ready_start
+@after_app_shutdown_clean
+def test_system_user_connectability_period():
+    if PERIOD_TASK != "on":
+        logger.debug("Period task disabled, test system user connectability pass")
+        return
+
+    system_users = SystemUser.objects.all()
+    for system_user in system_users:
+        # task_name = _("Test system user connectability period: {}".format(system_user))
+        task_name = _("定期测试系统用户可连接性: {}".format(system_user))
+        test_system_user_connectability_util(system_user, task_name)
+
+
+####  Push system user tasks ####
+
+def get_push_system_user_tasks(system_user):
+    # Set root as system user is dangerous
+    if system_user.username == "root":
+        return []
+
+    tasks = []
+    if system_user.password:
+        tasks.append({
+            'name': 'Add user {}'.format(system_user.username),
+            'action': {
+                'module': 'user',
+                'args': 'name={} shell={} state=present password={}'.format(
+                    system_user.username, system_user.shell,
+                    encrypt_password(system_user.password, salt="K3mIlKK"),
+                ),
+            }
+        })
+    if system_user.public_key:
+        tasks.append({
+            'name': 'Set {} authorized key'.format(system_user.username),
+            'action': {
+                'module': 'authorized_key',
+                'args': "user={} state=present key='{}'".format(
+                    system_user.username, system_user.public_key
+                )
+            }
+        })
+    if system_user.sudo:
+        tasks.append({
+            'name': 'Set {} sudo setting'.format(system_user.username),
+            'action': {
+                'module': 'lineinfile',
+                'args': "dest=/etc/sudoers state=present regexp='^{0} ALL=' "
+                        "line='{0} ALL=(ALL) NOPASSWD: {1}' "
+                        "validate='visudo -cf %s'".format(
+                    system_user.username,
+                    system_user.sudo,
+                )
+            }
+        })
+    return tasks
+
+
+@shared_task
+def push_system_user_util(system_users, assets, task_name):
+    from ops.utils import update_or_create_ansible_task
+    tasks = []
+    for system_user in system_users:
+        if not system_user.is_need_push():
+            msg = "push system user `{}` passed, may be not auto push or ssh " \
+                  "protocol is not ssh".format(system_user.name)
+            logger.info(msg)
+            continue
+        tasks.extend(get_push_system_user_tasks(system_user))
+
+    if not tasks:
+        logger.info("Not tasks, passed")
+        return {}
+
+    hosts = [asset.hostname for asset in assets if asset.is_active and asset.is_unixlike()]
+    if not hosts:
+        logger.info("Not hosts, passed")
+        return {}
+    task, created = update_or_create_ansible_task(
+        task_name=task_name, hosts=hosts, tasks=tasks, pattern='all',
+        options=const.TASK_OPTIONS, run_as_admin=True, created_by='System'
+    )
+    return task.run()
+
+
+@shared_task
+def push_system_user_to_assets_manual(system_user):
+    assets = system_user.get_assets()
+    task_name = "推送系统用户到入资产: {}".format(system_user.name)
+    return push_system_user_util([system_user], assets, task_name=task_name)
+
+
+@shared_task
+def push_system_user_to_assets(system_user, assets):
+    task_name = _("推送系统用户到入资产: {}").format(system_user.name)
+    return push_system_user_util.delay([system_user], assets, task_name)
+
+
+# @shared_task
+# @register_as_period_task(interval=3600)
+# @after_app_ready_start
+# # @after_app_shutdown_clean
+# def push_system_user_period():
+#     for system_user in SystemUser.objects.all():
+#         push_system_user_related_nodes(system_user)
+
+
+

--- a/apps/assets/templates/assets/_asset_group_bulk_update_modal.html
+++ b/apps/assets/templates/assets/_asset_group_bulk_update_modal.html
@@ -2,12 +2,11 @@
 {% load i18n %}
 {% block modal_id %}asset_group_bulk_update_modal{% endblock %}
 {% block modal_class %}modal-lg{% endblock %}
-{% block modal_title%}{% trans "Update Asset Group" %}{% endblock %}
+{% block modal_title%}{% trans "Update asset group" %}{% endblock %}
 {% block modal_body %}
 {% load bootstrap3 %}
 <p class="text-success text-center">{% trans "Hint: only change the field you want to update." %}</p>
 <form method="post" class="form-horizontal" action="" id="fm_asset_group_bulk_update">
-
    <div class="form-group">
        <label for="assets" class="col-sm-2 control-label">{% trans 'Assets' %}</label>
        <div class="col-sm-9" id="select2-container">
@@ -32,7 +31,7 @@
    <div class="form-group">
        <div class="col-sm-9 col-lg-9 col-sm-offset-2">
            <div class="checkbox checkbox-success">
-                <input type="checkbox" name="enable_otp" checked id="id_enable_otp"><label for="id_enable_otp">{% trans 'Enable-OTP' %}</label>
+                <input type="checkbox" name="enable_otp" checked id="id_enable_otp"><label for="id_enable_otp">{% trans 'Enable-MFA' %}</label>
            </div>
        </div>
    </div>
--- a/apps/assets/templates/assets/_asset_list_modal.html
+++ b/apps/assets/templates/assets/_asset_list_modal.html
@@ -0,0 +1,125 @@
+{% extends '_modal.html' %}
+{% load i18n %}
+{% load static %}
+
+{% block modal_class %}modal-lg{% endblock %}
+{% block modal_id %}asset_list_modal{% endblock %}
+{% block modal_title%}{% trans "Asset list" %}{% endblock %}
+{% block modal_body %}
+<link href="{% static 'css/plugins/ztree/awesomeStyle/awesome.css' %}" rel="stylesheet">
+<script type="text/javascript" src="{% static 'js/plugins/ztree/jquery.ztree.all.min.js' %}"></script>
+<script src="{% static 'js/jquery.form.min.js' %}"></script>
+<style>
+.inmodal .modal-header {
+    padding: 10px 10px;
+    text-align: center;
+}
+
+#assetTree2.ztree * {
+    background-color: #f8fafb;
+}
+#assetTree2.ztree {
+    background-color: #f8fafb;
+}
+</style>
+
+<div class="wrapper wrapper-content">
+   <div class="row">
+       <div class="col-lg-3" id="split-left" style="padding-left: 3px">
+           <div class="ibox float-e-margins">
+               <div class="ibox-content mailbox-content" style="padding-top: 0;padding-left: 1px">
+                   <div class="file-manager ">
+                       <div id="assetTree2" class="ztree">
+                       </div>
+                       <div class="clearfix"></div>
+                   </div>
+               </div>
+           </div>
+       </div>
+       <div class="col-lg-9 animated fadeInRight" id="split-right">
+           <div class="mail-box-header">
+               <table class="table table-striped table-bordered table-hover " id="asset_list_modal_table" style="width: 100%">
+                   <thead>
+                       <tr>
+                           <th class="text-center"><input type="checkbox" class="ipt_check_all"></th>
+                           <th class="text-center">{% trans 'Hostname' %}</th>
+                           <th class="text-center">{% trans 'IP' %}</th>
+                       </tr>
+                   </thead>
+                   <tbody>
+                   </tbody>
+               </table>
+           </div>
+       </div>
+   </div>
+</div>
+
+<script>
+var zTree2, asset_table2 = 0;
+function initTable2() {
+    var options = {
+        ele: $('#asset_list_modal_table'),
+        ajax_url: '{% url "api-assets:asset-list" %}',
+        columns: [
+            {data: "id"}, {data: "hostname" }, {data: "ip" }
+        ],
+        pageLength: 10
+    };
+    asset_table2 = jumpserver.initServerSideDataTable(options);
+    return asset_table2
+}
+
+function onSelected2(event, treeNode) {
+    var url = asset_table2.ajax.url();
+    url = setUrlParam(url, "node_id", treeNode.id);
+    setCookie('node_selected', treeNode.id);
+    asset_table2.ajax.url(url);
+    asset_table2.ajax.reload();
+}
+
+
+function initTree2() {
+    var setting = {
+        view: {
+            dblClickExpand: false,
+            showLine: true
+        },
+        data: {
+            simpleData: {
+                enable: true
+            }
+        },
+        callback: {
+            onSelected: onSelected2
+        }
+    };
+
+    var zNodes = [];
+    $.get("{% url 'api-assets:node-list' %}", function(data, status){
+        $.each(data, function (index, value) {
+            value["pId"] = value["parent"];
+            value["open"] = true;
+            value["name"] = value["value"] + ' (' + value['assets_amount'] + ')';
+            value['value'] = value['value'];
+        });
+        zNodes = data;
+        $.fn.zTree.init($("#assetTree2"), setting, zNodes);
+        zTree2 = $.fn.zTree.getZTreeObj("assetTree2");
+    });
+}
+
+
+$(document).ready(function(){
+    initTable2();
+    initTree2();
+})
+</script>
+{% endblock %}
+
+{% block modal_button %}
+    {{ block.super }}
+{% endblock %}
+{% block modal_confirm_id %}btn_asset_modal_confirm{% endblock %}
+
+
+
--- a/apps/assets/templates/assets/_system_user.html
+++ b/apps/assets/templates/assets/_system_user.html
@@ -3,8 +3,8 @@
 {% load static %}
 {% load bootstrap3 %}
 {% block custom_head_css_js %}
-    <link href="{% static "css/plugins/select2/select2.min.css" %}" rel="stylesheet">
-    <script src="{% static "js/plugins/select2/select2.full.min.js" %}"></script>
+    <link href="{% static 'css/plugins/select2/select2.min.css' %}" rel="stylesheet">
+    <script src="{% static 'js/plugins/select2/select2.full.min.js' %}"></script>
 {% endblock %}

 {% block content %}
@@ -13,7 +13,7 @@
            <div class="col-sm-12">
                <div class="ibox float-e-margins">
                    <div class="ibox-title">
-                        <h5>{% trans 'Create system user' %}</h5>
+                        <h5>{{ action }}</h5>
                        <div class="ibox-tools">
                            <a class="collapse-link">
                                <i class="fa fa-chevron-up"></i>
@@ -37,31 +37,30 @@
                            <h3>{% trans 'Basic' %}</h3>
                            {% bootstrap_field form.name layout="horizontal" %}
                            {% bootstrap_field form.username layout="horizontal" %}
+                            {% bootstrap_field form.priority layout="horizontal" %}
                            {% bootstrap_field form.protocol layout="horizontal" %}
-                            <h3>{% trans 'Auth' %}</h3>
-                            {% bootstrap_field form.auth_method layout="horizontal" %}
+
                            {% block auth %}
-                            <div class="password-auth hidden">
-                            {% bootstrap_field form.password layout="horizontal" %}
-                            </div>
-                            <div class="public-key-auth">
+                            <h3>{% trans 'Auth' %}</h3>
+                            <div class="auto-generate">
                                <div class="form-group">
                                    <label for="{{ form.auto_generate_key.id_for_label }}" class="col-sm-2 control-label">{% trans 'Auto generate key' %}</label>
                                    <div class="col-sm-8">
                                        {{ form.auto_generate_key}}
                                    </div>
                                </div>
-                                <div>
+                            </div>
+                            <div class="auth-fields">
+                                {% bootstrap_field form.password layout="horizontal" %}
                                {% bootstrap_field form.private_key_file layout="horizontal" %}
                            </div>
-                            </div>
-                            {% endblock %}
                            <div class="form-group">
                                <label for="{{ form.as_push.id_for_label }}" class="col-sm-2 control-label">{% trans 'Auto push' %}</label>
                                <div class="col-sm-8">
                                    {{ form.auto_push}}
                                </div>
                            </div>
+                            {% endblock %}
                            <h3>{% trans 'Other' %}</h3>
                            {% bootstrap_field form.sudo layout="horizontal" %}
                            {% bootstrap_field form.shell layout="horizontal" %}
@@ -81,41 +80,42 @@
 {% endblock %}
 {% block custom_foot_js %}
    <script>
-        var auth_method = '#'+'{{ form.auth_method.id_for_label }}';
        var auto_generate_key = '#'+'{{ form.auto_generate_key.id_for_label }}';
-        function authMethodDisplay() {
-            if ($(auth_method).val() == 'P') {
-                $('.password-auth').removeClass('hidden');
-                $('.public-key-auth').addClass('hidden');
-                $('#'+'{{ form.password.id_for_label }}').attr('required', 'required');
-                $('#'+'{{ form.password.id_for_label }}').removeAttr('disabled');
-                $('#'+'{{ form.private_key_file.id_for_label }}').removeAttr('required');
+        var protocol_id = '#' + '{{ form.protocol.id_for_label }}';
+        var password_id = '#' + '{{ form.password.id_for_label }}';
+        var private_key_id = '#' + '{{ form.private_key_file.id_for_label }}';
+        var sudo_id = '#' + '{{ form.sudo.id_for_label }}';
+        var shell_id = '#' + '{{ form.shell.id_for_label }}';

-            } else if ($(auth_method).val() == 'K') {
-                $('.password-auth').addClass('hidden');
-                $('.public-key-auth').removeClass('hidden');
-                $('#'+'{{ form.password.id_for_label }}').removeAttr('required');
-                $('#'+'{{ form.password.id_for_label }}').attr('disabled', 'disabled');
+        var need_change_field = [auto_generate_key, private_key_id, sudo_id, shell_id] ;

-                if ($(auto_generate_key).prop('checked')){
-                    $('#'+'{{ form.private_key_file.id_for_label }}').closest('.form-group').addClass('hidden');
+        function authFieldsDisplay() {
+            if ($(auto_generate_key).prop('checked')) {
+                $('.auth-fields').addClass('hidden');
            } else {
-                    $('#'+'{{ form.private_key_file.id_for_label }}').closest('.form-group').removeClass('hidden');
-                    $('#'+'{{ form.private_key_file.id_for_label }}').closest('.form-group input').attr('required', 'required');
+                $('.auth-fields').removeClass('hidden');
            }
        }
+
+        function protocolChange() {
+            if ($(protocol_id).attr('value') === 'rdp') {
+                $.each(need_change_field, function (index, value) {
+                    $(value).addClass('hidden')
+                });
+                $(password_id).removeClass('hidden')
+            } else {
+                $.each(need_change_field, function (index, value) {
+                    $(value).removeClass('hidden')
+                });
+            }
        }
        $(document).ready(function () {
            $('.select2').select2();
-            authMethodDisplay();
-            $(auth_method).change(function () {
-                authMethodDisplay();
-            });
+            authFieldsDisplay();
+            protocolChange();
            $(auto_generate_key).change(function () {
-                authMethodDisplay();
+                authFieldsDisplay();
            });
        })
-
-
    </script>
 {% endblock %}
--- a/apps/assets/templates/assets/admin_user_assets.html
+++ b/apps/assets/templates/assets/admin_user_assets.html
@@ -0,0 +1,137 @@
+{% extends 'base.html' %}
+{% load static %}
+{% load i18n %}
+
+{% block custom_head_css_js %}
+    <link href="{% static 'css/plugins/select2/select2.min.css' %}" rel="stylesheet">
+    <script src="{% static 'js/plugins/select2/select2.full.min.js' %}"></script>
+{% endblock %}
+
+{% block content %}
+    <div class="wrapper wrapper-content animated fadeInRight">
+        <div class="row">
+            <div class="col-sm-12">
+                <div class="ibox float-e-margins">
+                    <div class="panel-options">
+                        <ul class="nav nav-tabs">
+                            <li>
+                                <a href="{% url 'assets:admin-user-detail' pk=admin_user.pk %}" class="text-center"><i class="fa fa-laptop"></i> {% trans 'Detail' %} </a>
+                            </li>
+                            <li class="active">
+                                <a href="{% url 'assets:admin-user-assets' pk=admin_user.pk %}" class="text-center"><i class="fa fa-laptop"></i> {% trans 'Assets list' %} </a>
+                            </li>
+                        </ul>
+                    </div>
+                    <div class="tab-content">
+                        <div class="col-sm-8" style="padding-left: 0;">
+                            <div class="ibox float-e-margins">
+                                <div class="ibox-title">
+                                    <span style="float: left">{% trans 'Asset list of ' %} <b>{{ admin_user.name }}</b></span>
+                                    <div class="ibox-tools">
+                                        <a class="collapse-link">
+                                            <i class="fa fa-chevron-up"></i>
+                                        </a>
+                                        <a class="dropdown-toggle" data-toggle="dropdown" href="#">
+                                            <i class="fa fa-wrench"></i>
+                                        </a>
+                                        <ul class="dropdown-menu dropdown-user">
+                                        </ul>
+                                        <a class="close-link">
+                                            <i class="fa fa-times"></i>
+                                        </a>
+                                    </div>
+                                </div>
+                                <div class="ibox-content">
+                                    <table class="table table-striped table-bordered table-hover" id="asset_list_table">
+                                        <thead>
+                                            <tr>
+                                                <th class="text-center">
+                                                    <input type="checkbox" id="check_all" class="ipt_check_all" >
+                                                </th>
+                                                <th>{% trans 'Hostname' %}</th>
+                                                <th>{% trans 'IP' %}</th>
+                                                <th>{% trans 'Port' %}</th>
+                                                <th>{% trans 'Reachable' %}</th>
+                                            </tr>
+                                        </thead>
+                                        <tbody>
+                                        </tbody>
+                                    </table>
+                                </div>
+                            </div>
+                        </div>
+                        <div class="col-sm-4" style="padding-left: 0;padding-right: 0">
+                            <div class="panel panel-primary">
+                                <div class="panel-heading">
+                                    <i class="fa fa-info-circle"></i> {% trans 'Quick update' %}
+                                </div>
+                                <div class="panel-body">
+                                    <table class="table">
+                                        <tbody>
+                                        <tr class="no-borders-tr">
+                                            <td width="50%">{% trans 'Test connective' %}:</td>
+                                            <td>
+                                                <span style="float: right">
+                                                    <button type="button" class="btn btn-primary btn-xs btn-test-connective" style="width: 54px">{% trans 'Test' %}</button>
+                                                </span>
+                                            </td>
+                                        </tr>
+                                        </tbody>
+                                    </table>
+                                </div>
+                            </div>
+                        </div>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+{% endblock %}
+{% block custom_foot_js %}
+<script>
+
+function initTable() {
+    var options = {
+		ele: $('#asset_list_table'),
+		buttons: [],
+		order: [],
+		columnDefs: [
+			{targets: 1, createdCell: function (td, cellData, rowData) {
+				var detail_btn = '<a href="{% url "assets:asset-detail" pk=DEFAULT_PK %}" data-aid="'+rowData.id+'">' + cellData + '</a>';
+				$(td).html(detail_btn.replace('{{ DEFAULT_PK }}', rowData.id));
+			}},
+			{targets: 4, createdCell: function (td, cellData) {
+				if (!cellData) {
+					$(td).html('<i class="fa fa-times text-danger"></i>')
+				} else {
+					$(td).html('<i class="fa fa-check text-navy"></i>')
+				}
+			}}],
+		ajax_url: '{% url "api-assets:asset-list" %}?admin_user_id={{ admin_user.id }}',
+		columns: [
+		    {data: function(){return ""}}, {data: "hostname" }, {data: "ip" },
+            {data: "port" },  {data: "is_connective" }],
+		op_html: $('#actions').html()
+	};
+	jumpserver.initServerSideDataTable(options);
+}
+
+$(document).ready(function () {
+	initTable();
+})
+.on('click', '.btn-test-connective', function () {
+    var the_url = "{% url 'api-assets:admin-user-connective' pk=admin_user.id %}";
+    var success = function (data) {
+        var task_id = data.task;
+        var url = '{% url "ops:celery-task-log" pk=DEFAULT_PK %}'.replace("{{ DEFAULT_PK }}", task_id);
+        window.open(url, '', 'width=800,height=600')
+    };
+    APIUpdateAttr({
+        url: the_url,
+        method: 'GET',
+        success: success,
+        flash_message: false
+    });
+})
+</script>
+{% endblock %}
--- a/apps/assets/templates/assets/admin_user_create_update.html
+++ b/apps/assets/templates/assets/admin_user_create_update.html
@@ -3,8 +3,8 @@
 {% load static %}
 {% load bootstrap3 %}
 {% block custom_head_css_js %}
-    <link href="{% static "css/plugins/select2/select2.min.css" %}" rel="stylesheet">
-    <script src="{% static "js/plugins/select2/select2.full.min.js" %}"></script>
+    <link href="{% static 'css/plugins/select2/select2.min.css' %}" rel="stylesheet">
+    <script src="{% static 'js/plugins/select2/select2.full.min.js' %}"></script>
 {% endblock %}

 {% block content %}
@@ -13,7 +13,7 @@
            <div class="col-sm-12">
                <div class="ibox float-e-margins">
                    <div class="ibox-title">
-                        <h5>{% trans 'Create admin user' %}</h5>
+                        <h5>{{ action }}</h5>
                        <div class="ibox-tools">
                            <a class="collapse-link">
                                <i class="fa fa-chevron-up"></i>
--- a/apps/assets/templates/assets/admin_user_detail.html
+++ b/apps/assets/templates/assets/admin_user_detail.html
@@ -15,20 +15,23 @@
                    <div class="panel-options">
                        <ul class="nav nav-tabs">
                            <li class="active">
-                                <a href="" class="text-center"><i class="fa fa-laptop"></i> {% trans 'Detail' %} </a>
+                                <a href="{% url 'assets:admin-user-detail' pk=admin_user.pk %}" class="text-center"><i class="fa fa-laptop"></i> {% trans 'Detail' %} </a>
+                            </li>
+                            <li>
+                                <a href="{% url 'assets:admin-user-assets' pk=admin_user.pk %}" class="text-center"><i class="fa fa-laptop"></i> {% trans 'Assets list' %} </a>
                            </li>
                            <li class="pull-right">
-                                <a class="btn btn-outline btn-default" href="{% url 'assets:admin-user-update' pk=admin_user.id %}"><i class="fa fa-edit"></i>Update</a>
+                                <a class="btn btn-outline btn-default" href="{% url 'assets:admin-user-update' pk=admin_user.id %}"><i class="fa fa-edit"></i>{% trans 'Update' %}</a>
                            </li>
                            <li class="pull-right">
                                <a class="btn btn-outline btn-danger btn-delete-admin-user">
-                                    <i class="fa fa-edit"></i>Delete
+                                    <i class="fa fa-trash-o"></i>{% trans 'Delete' %}
                                </a>
                            </li>
                        </ul>
                    </div>
                    <div class="tab-content">
-                        <div class="col-sm-7" style="padding-left: 0;">
+                        <div class="col-sm-8" style="padding-left: 0;">
                            <div class="ibox float-e-margins">
                                <div class="ibox-title">
                                    <span class="label"><b>{{ admin_user.name }}</b></span>
@@ -73,139 +76,28 @@
                                    </table>
                                </div>
                            </div>
-
-                            <div class="ibox float-e-margins">
-                                <div class="ibox-title">
-                                    <span style="float: left">{% trans 'Asset list of ' %} <b>{{ admin_user.name }}</b> <span class="badge"> {{ paginator.count }}</span></span>
-                                    <div class="ibox-tools">
-                                        <a class="collapse-link">
-                                            <i class="fa fa-chevron-up"></i>
-                                        </a>
-                                        <a class="dropdown-toggle" data-toggle="dropdown" href="#">
-                                            <i class="fa fa-wrench"></i>
-                                        </a>
-                                        <ul class="dropdown-menu dropdown-user">
-                                        </ul>
-                                        <a class="close-link">
-                                            <i class="fa fa-times"></i>
-                                        </a>
                        </div>
-                                </div>
-                                <div class="ibox-content">
-                                    <table class="table table-hover" id="system_user_assets_table">
-                                        <thead>
-                                            <tr>
-                                                <th>{% trans 'Hostname' %}</th>
-                                                <th>{% trans 'IP' %}</th>
-                                                <th>{% trans 'Port' %}</th>
-                                                <th>{% trans 'Alive' %}</th>
-	                                            <th>{% trans 'Action' %}</th>
-                                            </tr>
-                                        </thead>
-                                        <tbody>
-{#                                            {% for asset in page_obj %}#}
-{#                                            <tr>#}
-{#                                                <td>{{ asset.hostname }}</td>#}
-{#                                                <td>{{ asset.ip }}</td>#}
-{#                                                <td>{{ asset.port }}</td>#}
-{#                                                <td>Alive</td>#}
-{#                                            </tr>#}
-{#                                            {% endfor %}#}
-                                        </tbody>
-                                    </table>
-{#                                    <div class="row">#}
-{#                                        {% include '_pagination.html' %}#}
-{#                                    </div>#}
-                                </div>
-                            </div>
-                        </div>
-                        <div class="col-sm-5" style="padding-left: 0;padding-right: 0">
+                        <div class="col-sm-4" style="padding-left: 0;padding-right: 0">
                            <div class="panel panel-primary">
                                <div class="panel-heading">
-                                    <i class="fa fa-info-circle"></i> {% trans 'Quick update' %}
+                                    <i class="fa fa-info-circle"></i> {% trans 'Replace node assets admin user with this' %}
                                </div>
                                <div class="panel-body">
-                                    <table class="table">
-                                        <tbody>
-                                        <tr class="no-borders-tr">
-                                            <td width="50%">{% trans 'Get install script' %}:</td>
-                                            <td>
-                                                <span style="float: right">
-                                                    <button type="button" class="btn btn-primary btn-xs" style="width: 54px">{% trans 'Get' %}</button>
-                                                </span>
-                                            </td>
-                                        </tr>
-
-                                        <tr>
-                                            <td width="50%">{% trans 'Retest asset connectivity' %}:</td>
-                                            <td>
-                                                <span style="float: right">
-                                                    <button type="button" class="btn btn-primary btn-xs" style="width: 54px">{% trans 'Start' %}</button>
-                                                </span>
-                                            </td>
-                                        </tr>
-
-                                        <tr>
-                                            <td width="50%">{% trans 'Reset private key' %}:</td>
-                                            <td>
-                                                <span style="float: right">
-                                                    <button type="button" class="btn btn-primary btn-xs" style="width: 54px">{% trans 'Reset' %}</button>
-                                                </span>
-                                            </td>
-                                        </tr>
-                                        </tbody>
-                                    </table>
-                                </div>
-                            </div>
-
-                            <div class="panel panel-info">
-                                <div class="panel-heading">
-                                    <i class="fa fa-info-circle"></i> {% trans 'Replace asset admin user with this' %}
-                                </div>
-                                <div class="panel-body">
-                                    <table class="table">
+                                    <table class="table group_edit" id="table-clusters">
                                        <tbody>
                                        <form>
-                                            <tr class="no-borders-tr">
-                                                <td colspan="2">
-                                                    <select data-placeholder="{% trans 'Select asset' %}" class="select2" style="width: 100%" multiple="" tabindex="4">
-                                                        {% for asset in assets_remain %}
-                                                            <option value="{{ asset.id }}">{{ asset.ip }}:{{ asset.port }}</option>
+                                            <tr>
+                                                <td colspan="2" class="no-borders">
+                                                    <select data-placeholder="{% trans 'Select nodes' %}"  id="nodes_selected"  class="select2" style="width: 100%" multiple="" tabindex="4">
+                                                        {% for node in nodes %}
+                                                        <option value="{{ node.id }}" id="opt_{{ node.id }}" >{{ node.value }}</option>
                                                        {% endfor %}
                                                    </select>
                                                </td>
                                            </tr>
-                                            <tr class="no-borders-tr">
-                                                <td colspan="2">
-                                                    <button type="button" class="btn btn-info btn-sm btn-replace-asset-admin_user">{% trans 'Replace' %}</button>
-                                                </td>
-                                            </tr>
-                                        </form>
-                                        </tbody>
-                                    </table>
-                                </div>
-                            </div>
-
-                            <div class="panel panel-warning">
-                                <div class="panel-heading">
-                                    <i class="fa fa-info-circle"></i> {% trans 'Replace asset admin user with this admin user' %}
-                                </div>
-                                <div class="panel-body">
-                                    <table class="table">
-                                        <tbody>
-                                        <form>
-                                            <tr class="no-borders-tr">
-                                                <td colspan="2">
-                                                    <select data-placeholder="{% trans 'Select asset groups' %}" class="select2" style="width: 100%" multiple="" tabindex="4">
-                                                        {% for asset_group in asset_groups %}
-                                                            <option value="{{ asset_group.id }}">{{ asset_group.name }}</option>
-                                                        {% endfor %}
-                                                    </select>
-                                                </td>
-                                            </tr>
-                                            <tr class="no-borders-tr">
-                                                <td colspan="2">
-                                                    <button type="button" class="btn btn-warning btn-sm btn-replace-asset_groups-admin_user">{% trans 'Replace' %}</button>
+                                            <tr>
+                                                <td colspan="2" class="no-borders">
+                                                    <button type="button" class="btn btn-primary btn-sm" id="btn-change-admin-user">{% trans 'Confirm' %}</button>
                                                </td>
                                            </tr>
                                        </form>
@@ -224,218 +116,56 @@
 {% endblock %}
 {% block custom_foot_js %}
 <script>
-Array.prototype.remove = function(val) {
-	var index = this.indexOf(val);
-		if (index > -1) {
-		this.splice(index, 1);
-	}
-};
-Array.prototype.unique = function(){
-	var res = [];
-	var json = {};
- 	for(var i = 0; i < this.length; i++){
-  		if(!json[this[i]]){
-   			res.push(this[i]);
-   			json[this[i]] = 1;
-  		}
- 	}
- 	return res;
-};
-function objectRemove(obj, name, url, data) {
-    function doRemove() {
-        var body = data;
-        var success = function() {
-            swal('Remove!', "[ "+name+"]"+" has been deleted ", "success");
-            $(obj).parent().parent().remove();
+function replaceNodeAssetsAdminUser(nodes) {
+    var the_url = "{% url 'api-assets:replace-nodes-admin-user' pk=admin_user.id %}";
+    var body = {
+        nodes: nodes
    };
-        var fail = function() {
-            swal("Failed", "Remove"+"[ "+name+" ]"+"failed", "error");
+    var success = function(data) {
+        // remove all the selected groups from select > option and rendered ul element;
+        $('.select2-selection__rendered').empty();
+        $('#nodes_selected').val('');
+        $.map(jumpserver.nodes_selected, function(value, index) {
+            $('#opt_' + index).remove();
+        });
+        // clear jumpserver.groups_selected
+        jumpserver.nodes_selected = {};
    };
    APIUpdateAttr({
-            url: url,
+        url: the_url,
        body: JSON.stringify(body),
-            method: 'PATCH',
-            success: success,
-            error: fail
-        });
-    }
-    swal({
-        title: 'Are you sure remove ?',
-        text: " [" + name + "] ",
-        type: "warning",
-        showCancelButton: true,
-        cancelButtonText: 'Cancel',
-        confirmButtonColor: "#DD6B55",
-        confirmButtonText: 'Confirm',
-        closeOnConfirm: false
-    }, function () {
-        doRemove()
+        success: success
    });
 }
-jumpserver.assets_selected = {};
-jumpserver.asset_groups_selected = {};
+
+jumpserver.nodes_selected = {};
 $(document).ready(function () {
    $('.select2').select2()
-	.on("select2:select", function (evt) {
+    .on('select2:select', function(evt) {
        var data = evt.params.data;
-		jumpserver.assets_selected[data.id] = data.text;
-		jumpserver.asset_groups_selected[data.id] = data.text;
-	})
-	.on('select2:unselect', function(evt) {
+        jumpserver.nodes_selected[data.id] = data.text;
+    }).on('select2:unselect', function(evt) {
        var data = evt.params.data;
-		delete jumpserver.assets_selected[data.id];
-		delete jumpserver.asset_groups_selected[data.id]
-	});
-	var options = {
-		ele: $('#system_user_assets_table'),
-		buttons: [],
-		order: [],
-		columnDefs: [
-			{targets: 0, createdCell: function (td, cellData, rowData) {
-				var detail_btn = '<a href="{% url "assets:asset-detail" pk=99991937 %}" data-aid="'+rowData.id+'">' + cellData + '</a>';
-				$(td).html(detail_btn.replace('99991937', rowData.id));
-			}},
-			{targets: 3, createdCell: function (td, cellData) {
-				if (!cellData) {
-					$(td).html('<i class="fa fa-times text-danger"></i>')
-				} else {
-					$(td).html('<i class="fa fa-check text-navy"></i>')
-				}
-			}},
-			{targets: 4, createdCell: function (td, cellData, rowData) {
-				var update_btn = '<a href="{% url "assets:asset-update" pk=99991937 %}" class="btn btn-xs btn-info">{% trans "Update" %}</a>'.replace('99991937', rowData.id);
-				var del_btn = '<a class="btn btn-xs btn-danger m-l-xs btn_asset_remove" data-aid="99991937">{% trans "Remove" %}</a>'.replace('99991937', rowData.id);
-				$(td).html(update_btn + del_btn)
-			}}
-
-			],
-		ajax_url: '{% url "api-assets:asset-list" %}?admin_user_id={{ admin_user.id }}',
-		columns: [{data: "hostname" }, {data: "ip" }, {data: "port" },
-			{data: "is_active" }, {data: "id"}],
-		op_html: $('#actions').html()
-	};
-	jumpserver.initDataTable(options);
-
-    function adminUserDelete(name, url) {
-        function doDelete() {
-            var body = {};
-            var success = function() {
-                swal('Deleted!', "[ "+name+"]"+" has been deleted ", "success");
-	            window.location.href="{% url 'assets:idc-list' %}";
-            };
-            var fail = function() {
-                swal("Failed", "Delete"+"[ "+name+" ]"+"failed", "error");
-            };
-            APIUpdateAttr({
-                url: url,
-                body: JSON.stringify(body),
-                method: 'DELETE',
-                success: success,
-                error: fail
-            });
-        }
-        swal({
-            title: 'Are you sure delete ?',
-            text: " [" + name + "] ",
-            type: "warning",
-            showCancelButton: true,
-            cancelButtonText: 'Cancel',
-            confirmButtonColor: "#DD6B55",
-            confirmButtonText: 'Confirm',
-            closeOnConfirm: false
-        }, function () {
-            doDelete()
-        });
-    }
-})
-
-.on('click', '.btn-replace-asset-admin_user', function () {
-	if (Object.keys(jumpserver.assets_selected).length === 0) {
-		return false;
-	}
-	jumpserver.asset_groups_selected = {};
-	var $data_table = $("#system_user_assets_table").DataTable();
-	var assets = [];
-	$.map(jumpserver.assets_selected, function(value, index) {
-		assets.push(parseInt(index));
-	});
-	assets.unique();
-	var data = [];
-	var admin_user_id = {{ admin_user.id }};
-	var the_url = '{% url "api-assets:asset-list" %}';
-	for (var i=0; i<assets.length; i++) {
-		data.push({"id": assets[i], "admin_user": admin_user_id});
-	}
-	APIUpdateAttr({
-		url: the_url,
-		body: JSON.stringify(data),
-		method: 'PATCH'
-	});
-	$data_table.ajax.reload();
-})
-
-.on('click', '.btn-replace-asset_groups-admin_user', function () {
-	if (Object.keys(jumpserver.asset_groups_selected).length === 0) {
-		return false;
-	}
-	jumpserver.assets_selected = {};
-	var $data_table = $("#system_user_assets_table").DataTable();
-	var asset_groups = [];
-	var assets = [];
-	var data = [];
-	var the_url = '{% url "api-assets:asset-list" %}';
-	$.map(jumpserver.asset_groups_selected, function(value, index) {
-		asset_groups.push(parseInt(index));
-	});
-	$.ajax({
-		url: '{% url "api-assets:asset-group-list" %}?id__in=['+asset_groups.join(',')+']',
-		method: 'GET',
-		dataType: 'json',
-		success: function (result) {
-			for (var i=0; i<result.length; i++) {
-				for (var j=0; j<result[i]['assets'].length; j++) {
-					assets.push(result[i]['assets'][j])
-				}
-			}
-			for (var z=0; z<assets.length; z++) {
-				data.push({"id":assets[z], "admin_user":{{admin_user.id}} });
-			}
-			APIUpdateAttr({
-				url: the_url,
-				body: JSON.stringify(data),
-				method: 'PATCH'
-			});
-			$data_table.ajax.reload();
-		}
+        delete jumpserver.nodes_selected[data.id]
    });
 })
-	
-.on('click', '.btn_asset_remove', function () {
-	var $this = $(this);
-	var the_url = "{% url 'api-assets:admin-user-detail' pk=admin_user.id %}";
-	var name = $(this).closest("tr").find(":nth-child(1) > a").html();
-	var assets = [];
-	var delete_asset_id = $(this).data('aid');
-	$.ajax({
-		url: the_url,
-		method: 'GET',
-		dataType: 'json',
-		success: function (result) {
-			for (var i=0; i<result['assets'].length; i++) {
-				assets.push(result['assets'][i])
-			}
-			assets.remove(delete_asset_id);
-			var data = {"assets": assets};
-			objectRemove($this, name, the_url, data);
-		}
-	})
-}).on('click', '.btn-delete-admin-user', function () {
+.on('click', '.btn-delete-admin-user', function () {
    var $this = $(this);
    var name = "{{ admin_user.name }}";
    var uid = "{{ admin_user.id }}";
-    var the_url = '{% url "api-assets:admin-user-detail" pk=99991937 %}'.replace('99991937', uid);
+    var the_url = '{% url "api-assets:admin-user-detail" pk=DEFAULT_PK %}'.replace('{{ DEFAULT_PK }}', uid);
    var redirect_url = "{% url 'assets:admin-user-list' %}";
    objectDelete($this, name, the_url, redirect_url);
 })
+.on('click', '#btn-change-admin-user', function () {
+    if (Object.keys(jumpserver.nodes_selected).length === 0) {
+       return false;
+    }
+    var nodes = [];
+    $.map(jumpserver.nodes_selected, function(value, index) {
+        nodes.push(index);
+    });
+    replaceNodeAssetsAdminUser(nodes);
+})
 </script>
 {% endblock %}
--- a/apps/assets/templates/assets/admin_user_list.html
+++ b/apps/assets/templates/assets/admin_user_list.html
@@ -2,8 +2,16 @@
 {% load i18n static %}
 {% block table_search %}
 {% endblock %}
+
+{% block help_message %}
+    <div class="alert alert-info help-message">
+    管理用户是服务器的root，或拥有 NOPASSWD: ALL sudo权限的用户，Jumpserver使用该用户来 `推送系统用户`、`获取资产硬件信息`等。
+    Windows或其它硬件可以随意设置一个
+    </div>
+{% endblock %}
+
 {% block table_container %}
-<div class="uc pull-left m-l-5 m-r-5">
+<div class="uc pull-left m-r-5">
    <a href="{% url "assets:admin-user-create" %}" class="btn btn-sm btn-primary"> {% trans "Create admin user" %} </a>
 </div>
 <table class="table table-striped table-bordered table-hover " id="admin_user_list_table" >
@@ -14,7 +22,10 @@
        </th>
        <th class="text-center">{% trans 'Name' %}</th>
        <th class="text-center">{% trans 'Username' %}</th>
-        <th class="text-center">{% trans 'Asset num' %}</th>
+        <th class="text-center">{% trans 'Asset' %}</th>
+        <th class="text-center">{% trans 'Reachable' %}</th>
+        <th class="text-center">{% trans 'Unreachable' %}</th>
+        <th class="text-center">{% trans 'Ratio' %}</th>
        <th class="text-center">{% trans 'Comment' %}</th>
        <th class="text-center">{% trans 'Action' %}</th>
    </tr>
@@ -31,23 +42,53 @@ $(document).ready(function(){
        ele: $('#admin_user_list_table'),
        columnDefs: [
            {targets: 1, createdCell: function (td, cellData, rowData) {
-                var detail_btn = '<a href="{% url "assets:admin-user-detail" pk=99991937 %}">' + cellData + '</a>';
-                $(td).html(detail_btn.replace('99991937', rowData.id));
+                var detail_btn = '<a href="{% url "assets:admin-user-detail" pk=DEFAULT_PK %}">' + cellData + '</a>';
+                $(td).html(detail_btn.replace('{{ DEFAULT_PK }}', rowData.id));
            }},
            {targets: 4, createdCell: function (td, cellData) {
-                var innerHtml = cellData.length > 8 ? cellData.substring(0, 24) + '...': cellData;
-                $(td).html('<a href="javascript:void(0);" data-toggle="tooltip" title="' + cellData + '">' + innerHtml + '</a>');
+                var innerHtml = "";
+                if (cellData !== 0) {
+                    innerHtml = "<span class='text-navy'>" + cellData + "</span>";
+                } else {
+                    innerHtml = "<span>" + cellData + "</span>";
+                }
+                $(td).html('<span href="javascript:void(0);" data-toggle="tooltip" title="' + cellData +'">' + innerHtml + '</span>');
            }},
-            {targets: 5, createdCell: function (td, cellData, rowData) {
-{#                var script_btn = '<a href="{% url "assets:admin-user-update" pk=99991937 %}" class="btn btn-xs btn-primary">{% trans "Script" %}</a>'.replace('99991937', cellData);#}
-                var update_btn = '<a href="{% url "assets:admin-user-update" pk=99991937 %}" class="btn btn-xs m-l-xs btn-info">{% trans "Update" %}</a>'.replace('99991937', cellData);
-                var del_btn = '<a class="btn btn-xs btn-danger m-l-xs btn_admin_user_delete" data-uid="99991937">{% trans "Delete" %}</a>'.replace('99991937', cellData);
-{#                $(td).html(script_btn + update_btn + del_btn)#}
+            {targets: 5, createdCell: function (td, cellData) {
+                var innerHtml = "";
+                if (cellData !== 0) {
+                    innerHtml = "<span class='text-danger'>" + cellData + "</span>";
+                } else {
+                    innerHtml = "<span>" + cellData + "</span>";
+                }
+                $(td).html('<span href="javascript:void(0);" data-toggle="tooltip" title="' + cellData + '">' + innerHtml + '</span>');
+            }},
+            {targets: 6, createdCell: function (td, cellData, rowData) {
+                var val = 0;
+                var innerHtml = "";
+                var total = rowData.assets_amount;
+                var reachable = rowData.reachable_amount;
+                if (total !== 0) {
+                    val = reachable/total * 100;
+                }
+
+                if (val === 100) {
+                    innerHtml = "<span class='text-navy'>" + val + "% </span>";
+                } else {
+                    var num = new Number(val);
+                    innerHtml = "<span class='text-danger'>" + num.toFixed(1) + "% </span>";
+                }
+                $(td).html('<span href="javascript:void(0);" data-toggle="tooltip" title="' + cellData + '">' + innerHtml + '</span>');
+
+            }},
+            {targets: 8, createdCell: function (td, cellData, rowData) {
+                var update_btn = '<a href="{% url "assets:admin-user-update" pk=DEFAULT_PK %}" class="btn btn-xs m-l-xs btn-info">{% trans "Update" %}</a>'.replace('{{ DEFAULT_PK }}', cellData);
+                var del_btn = '<a class="btn btn-xs btn-danger m-l-xs btn_admin_user_delete" data-uid="{{ DEFAULT_PK }}">{% trans "Delete" %}</a>'.replace('{{ DEFAULT_PK }}', cellData);
                $(td).html(update_btn + del_btn)
             }}],
        ajax_url: '{% url "api-assets:admin-user-list" %}',
        columns: [{data: function(){return ""}}, {data: "name" }, {data: "username" }, {data: "assets_amount" },
-                  {data: "comment" }, {data: "id" }],
+                  {data: "reachable_amount"}, {data: "unreachable_amount"}, {data: "id"}, {data: "comment" }, {data: "id" }]
    };
    jumpserver.initDataTable(options);
 })
@@ -57,7 +98,7 @@ $(document).ready(function(){
 	var $data_table = $("#admin_user_list_table").DataTable();
 	var name = $(this).closest("tr").find(":nth-child(2)").children('a').html();
 	var uid = $this.data('uid');
-	var the_url = '{% url "api-assets:admin-user-detail" pk=99991937 %}'.replace('99991937', uid);
+	var the_url = '{% url "api-assets:admin-user-detail" pk=DEFAULT_PK %}'.replace('{{ DEFAULT_PK }}', uid);
 	objectDelete($this, name, the_url);
 	setTimeout( function () {
        $data_table.ajax.reload();
--- a/apps/assets/templates/assets/asset_create.html
+++ b/apps/assets/templates/assets/asset_create.html
@@ -2,6 +2,8 @@
 {% load static %}
 {% load bootstrap3 %}
 {% load i18n %}
+{% load asset_tags %}
+{% load common_tags %}

 {% block form %}
    <form action="" method="post" class="form-horizontal">
@@ -13,27 +15,51 @@
    {% csrf_token %}
    <h3>{% trans 'Basic' %}</h3>
    {% bootstrap_field form.hostname layout="horizontal" %}
+    {% bootstrap_field form.platform layout="horizontal" %}
    {% bootstrap_field form.ip layout="horizontal" %}
-    {% bootstrap_field form.public_ip layout="horizontal" %}
    {% bootstrap_field form.port layout="horizontal" %}
-    {% bootstrap_field form.type layout="horizontal" %}
-    {% bootstrap_field form.env layout="horizontal" %}
+    {% bootstrap_field form.public_ip layout="horizontal" %}
+    {% bootstrap_field form.domain layout="horizontal" %}

    <div class="hr-line-dashed"></div>
-    <h3>{% trans 'Group' %}</h3>
-    {% bootstrap_field form.idc layout="horizontal" %}
-    {% bootstrap_field form.groups layout="horizontal" %}
-
-    <div class="hr-line-dashed"></div>
-    <h3>{% trans 'Asset user' %}</h3>
+    <h3>{% trans 'Auth' %}</h3>
    {% bootstrap_field form.admin_user layout="horizontal" %}

+    <div class="hr-line-dashed"></div>
+    <h3>{% trans 'Node' %}</h3>
+    {% bootstrap_field form.nodes layout="horizontal" %}
+
+    <div class="hr-line-dashed"></div>
+    <h3>{% trans 'Labels' %}</h3>
+    <div class="form-group {% if form.errors.labels %} has-error {% endif %}">
+        <label for="{{ form.labels.id_for_label }}" class="col-md-2 control-label">{% trans 'Label' %}</label>
+        <div class="col-md-9">
+            <select name="labels" class="select2 labels" data-placeholder="{% trans 'Label' %}" style="width: 100%" multiple="" tabindex="4" id="{{ form.labels.id_for_label }}">
+                {% for name, labels in form.labels.field.queryset|group_labels %}
+                <optgroup label="{{ name }}">
+                    {% for label in labels %}
+                        {% if label in form.labels.initial %}
+                            <option value="{{ label.id }}" selected>{{ label.value }}</option>
+                        {% else %}
+                            <option value="{{ label.id }}">{{ label.value }}</option>
+                        {% endif %}
+                    {% endfor %}
+                </optgroup>
+                {% endfor %}
+            </select>
+            {% if form.errors.labels %}
+                {% for e in form.errors.labels %}
+                    <div class="help-block">{{ e }}</div>
+                {% endfor %}
+            {% endif %}
+        </div>
+    </div>
+
    <div class="hr-line-dashed"></div>
    <h3>{% trans 'Other' %}</h3>
    {% bootstrap_field form.comment layout="horizontal" %}
    {% bootstrap_field form.is_active layout="horizontal" %}

-
    <div class="hr-line-dashed"></div>
    <div class="form-group">
        <div class="col-sm-4 col-sm-offset-2">
@@ -45,14 +71,31 @@
 {% endblock %}

 {% block custom_foot_js %}
-    <script>
-        $(document).ready(function () {
-            $('.select2').select2();
-            $("#id_tags").select2({
-                tags: true,
-                maximumSelectionLength: 8  //最多能够选择的个数
-                //closeOnSelect: false
+<script>
+function format(item) {
+   var group = item.element.parentElement.label;
+   return group + ':' + item.text;
+}
+
+$(document).ready(function () {
+    $('.select2').select2({
+        allowClear: true
    });
-        })
-    </script>
+    $(".labels").select2({
+        allowClear: true,
+        templateSelection: format
+    });
+    $("#id_platform").change(function (){
+        var platform = $("#id_platform option:selected").text();
+        var port = 22;
+        if(platform === 'Windows'){
+            port = 3389;
+        }
+        if(platform === 'Other'){
+            port = null;
+        }
+        $("#id_port").val(port);
+    });
+})
+</script>
 {% endblock %}
--- a/apps/assets/templates/assets/asset_detail.html
+++ b/apps/assets/templates/assets/asset_detail.html
@@ -21,11 +21,11 @@
                            </li>
                            {% if user.is_superuser %}
                            <li class="pull-right">
-                                <a class="btn btn-outline btn-default" href="{% url 'assets:asset-update' pk=asset.id %}"><i class="fa fa-edit"></i>Update</a>
+                                <a class="btn btn-outline btn-default" href="{% url 'assets:asset-update' pk=asset.id %}"><i class="fa fa-edit"></i>{% trans 'Update' %}</a>
                            </li>
                            <li class="pull-right">
                                <a class="btn btn-outline btn-danger btn-delete-asset">
-                                    <i class="fa fa-edit"></i>Delete
+                                    <i class="fa fa-trash-o"></i>{% trans 'Delete' %}
                                </a>
                            </li>
                            {% endif %}
@@ -63,7 +63,7 @@
                                        </tr>
                                        <tr>
                                            <td>{% trans 'Public IP' %}:</td>
-                                            <td><b>{{ asset.public_ip }}</b></td>
+                                            <td><b>{{ asset.public_ip|default:"" }}</b></td>
                                        </tr>
                                        <tr>
                                            <td>{% trans 'Port' %}:</td>
@@ -71,79 +71,47 @@
                                        </tr>
                                        <tr>
                                            <td>{% trans 'Admin user' %}:</td>
-                                            {% if asset.admin_user %}
-                                            <td><b>{{ asset.admin_user.name }}</b></td>
-                                            {% else %}
-                                            <td><b>None</b></td>
-                                            {% endif %}
-                                        </tr>
-                                        <tr>
-                                            <td>{% trans 'Remote card IP' %}:</td>
-                                            <td><b>{{ asset.remote_card_ip }}</b></td>
-                                        </tr>
-                                        <tr>
-                                            <td>{% trans 'IDC' %}:</td>
-                                            <td><b>{{ asset.idc.name }}</b></td>
-                                        </tr>
-                                        <tr>
-                                            <td>{% trans 'Cabinet number' %}:</td>
-                                            <td><b>{{ asset.cabinet_no }}</b></td>
-                                        </tr>
-                                        <tr>
-                                            <td>{% trans 'Cabinet position' %}:</td>
-                                            <td><b>{{ asset.cabinet_pos }}</b></td>
+                                            <td><b>{{ asset.admin_user }}</b></td>
                                        </tr>
                                        <tr>
                                            <td>{% trans 'Vendor' %}:</td>
-                                            <td><b>{{ asset.vendor }}</b></td>
+                                            <td><b>{{ asset.vendor|default:"" }}</b></td>
                                        </tr>
                                        <tr>
                                            <td>{% trans 'Model' %}:</td>
-                                            <td><b>{{ asset.model }}</b></td>
+                                            <td><b>{{ asset.model|default:"" }}</b></td>
                                        </tr>
                                        <tr>
                                            <td>{% trans 'CPU' %}:</td>
-                                            <td><b>{{ asset.cpu_model }} {{ asset.cpu_count }}*{{ asset.cpu_cores }}</b></td>
+                                            <td><b>{{ asset.cpu_model|default:"" }} {{ asset.cpu_count|default:"" }}*{{ asset.cpu_cores|default:"" }}</b></td>
                                        </tr>
                                        <tr>
                                            <td>{% trans 'Memory' %}:</td>
-                                            <td><b>{{ asset.memory }}</b></td>
+                                            <td><b>{{ asset.memory|default:"" }}</b></td>
                                        </tr>
                                        <tr>
                                            <td>{% trans 'Disk' %}:</td>
-                                            <td><b>{{ asset.disk_total }}</b></td>
+                                            <td><b>{{ asset.disk_total|default:"" }}</b></td>
                                        </tr>
                                        <tr>
                                            <td>{% trans 'Platform' %}:</td>
-                                            <td><b>{{ asset.platform }}</b></td>
+                                            <td><b>{{ asset.platform|default:"" }}</b></td>
                                        </tr>
                                        <tr>
                                            <td>{% trans 'OS' %}:</td>
-                                            <td><b>{{ asset.os }} {{ asset.os_version }} {{ asset.os_arch }}</b></td>
-                                        </tr>
-                                        <tr>
-                                            <td>{% trans 'Asset status' %}:</td>
-                                            <td><b>{{ asset.status }}</b></td>
+                                            <td><b>{{ asset.os|default:"" }} {{ asset.os_version|default:"" }} {{ asset.os_arch|default:"" }}</b></td>
                                        </tr>
                                        <tr>
                                            <td>{% trans 'Is active' %}:</td>
-                                            <td><b>{{ asset.is_active }}</b></td>
-                                        </tr>
-                                        <tr>
-                                            <td>{% trans 'Asset type' %}:</td>
-                                            <td><b>{{ asset.type }}</b></td>
-                                        </tr>
-                                        <tr>
-                                            <td>{% trans 'Asset environment' %}:</td>
-                                            <td><b>{{ asset.env }}</b></td>
+                                            <td><b>{{ asset.is_active|yesno:"Yes,No" }}</b></td>
                                        </tr>
                                        <tr>
                                            <td>{% trans 'Serial number' %}:</td>
-                                            <td><b>{{ asset.sn }}</b></td>
+                                            <td><b>{{ asset.sn|default:"" }}</b></td>
                                        </tr>
                                        <tr>
                                            <td>{% trans 'Asset number' %}:</td>
-                                            <td><b>{{ asset.number }}</b></td>
+                                            <td><b>{{ asset.number|default:"" }}</b></td>
                                        </tr>
                                        <tr>
                                            <td>{% trans 'Created by' %}:</td>
@@ -173,7 +141,8 @@
                                        <tbody>
                                        <tr class="no-borders-tr">
                                          <td width="50%">{% trans 'Active' %}:</td>
-                                            <td><span class="pull-right">
+                                            <td>
+                                              <span class="pull-right">
                                                  <div class="switch">
                                                      <div class="onoffswitch">
                                                          <input type="checkbox" {% if asset.is_active %} checked {% endif %}  class="onoffswitch-checkbox" id="is_active">
@@ -183,8 +152,10 @@
                                                          </label>
                                                      </div>
                                                  </div>
-                                            </span></td>
+                                              </span>
+                                          </td>
                                        </tr>
+                                        {% if asset.is_unixlike %}
                                        <tr>
                                            <td>{% trans 'Refresh hardware' %}:</td>
                                            <td>
@@ -194,13 +165,14 @@
                                            </td>
                                        </tr>
                                        <tr>
-                                            <td>{% trans 'Test admin user' %}:</td>
+                                            <td>{% trans 'Test connective' %}:</td>
                                            <td>
                                                <span class="pull-right">
-                                                    <button type="button" class="btn btn-primary btn-xs" id="btn_test_admin_user" style="width: 54px;">{% trans 'Test' %}</button>
+                                                    <button type="button" class="btn btn-primary btn-xs" id="btn-test-is-alive" style="width: 54px">{% trans 'Test' %}</button>
                                                </span>
                                            </td>
                                        </tr>
+                                        {% endif %}
                                        </tbody>
                                    </table>
                                </div>
@@ -208,7 +180,7 @@

                            <div class="panel panel-info">
                                <div class="panel-heading">
-                                    <i class="fa fa-info-circle"></i> {% trans 'Asset groups' %}
+                                    <i class="fa fa-info-circle"></i> {% trans 'Nodes' %}
                                </div>
                                <div class="panel-body">
                                    <table class="table group_edit" id="add-asset2group">
@@ -216,25 +188,25 @@
                                        <form>
                                            <tr>
                                                <td colspan="2" class="no-borders">
-                                                    <select data-placeholder="{% trans 'Join asset groups' %}" id="groups_selected" class="select2 groups" style="width: 100%" multiple="" tabindex="4">
-                                                        {% for asset_group in asset_groups_remain %}
-                                                        <option value="{{ asset_group.id }}" id="opt_{{ asset_group.id }}" >{{ asset_group.name }}</option>
+                                                    <select data-placeholder="{% trans 'Nodes' %}" id="groups_selected" class="select2 groups" style="width: 100%" multiple="" tabindex="4">
+                                                        {% for node in nodes_remain %}
+                                                        <option value="{{ node.id }}" id="opt_{{ node.id }}" >{{ node.name }}</option>
                                                        {% endfor %}
                                                    </select>
                                                </td>
                                            </tr>
                                            <tr>
                                                <td colspan="2" class="no-borders">
-                                                    <button type="button" class="btn btn-info btn-sm" id="btn_add_user_group">{% trans 'Confirm' %}</button>
+                                                    <button type="button" class="btn btn-info btn-sm" id="btn-update-nodes">{% trans 'Confirm' %}</button>
                                                </td>
                                            </tr>
                                        </form>

-                                        {% for asset_group in asset_groups %}
+                                        {% for node in asset.nodes.all %}
                                        <tr>
-                                          <td ><b class="bdg_group" data-gid={{ asset_group.id }}>{{ asset_group.name }}</b></td>
+                                          <td ><b class="bdg_node" data-gid={{ node.id }}>{{ node.name }}</b></td>
                                          <td>
-                                              <button class="btn btn-danger pull-right btn-xs btn_leave_group" type="button"><i class="fa fa-minus"></i></button>
+                                              <button class="btn btn-danger pull-right btn-xs btn-leave-node" type="button"><i class="fa fa-minus"></i></button>
                                          </td>
                                        </tr>
                                        {% endfor %}
@@ -242,39 +214,17 @@
                                    </table>
                                </div>
                            </div>
+
                            <div class="panel panel-warning">
                                <div class="panel-heading">
-                                    <i class="fa fa-info-circle"></i> {% trans 'Push system users' %}
+                                    <i class="fa fa-info-circle"></i> {% trans 'Labels' %}
                                </div>
                                <div class="panel-body">
-                                    <table class="table group_edit" id="add-asset2systemuser">
-                                        <tbody>
-                                        <form>
-                                            <tr class="no-borders-tr">
-                                                <td colspan="2">
-                                                    <select data-placeholder="{% trans 'Select system users' %}" class="select2 system-user" style="width: 100%" multiple="" tabindex="4">
-                                                        {% for system_user in system_users_all %}
-                                                            <option value="{{ system_user.id }}" id="opt_{{ system_user.id }}">{{ system_user.name }}</option>
+                                    <ul class="tag-list" style="padding: 0">
+                                        {% for label in asset.labels.all %}
+                                            <li ><a href=""><i class="fa fa-tag"></i> {{ label.name }}:{{ label.value }}</a></li>
                                        {% endfor %}
-                                                    </select>
-                                                </td>
-                                            </tr>
-                                            <tr class="no-borders-tr">
-                                                <td colspan="2">
-                                                    <button type="button" class="btn btn-warning btn-sm btn-system-user">{% trans 'Confirm' %}</button>
-                                                </td>
-                                            </tr>
-                                        </form>
-                                        {% for system_user in system_users %}
-                                        <tr>
-                                            <td ><b class="bdg_group" data-sid={{ system_user.id }}>{{ system_user.name }}</b></td>
-                                            <td>
-                                                <button class="btn btn-danger btn-xs pull-right btn_leave_system" type="button" style="float: right;"><i class="fa fa-minus"></i></button>
-                                            </td>
-                                        </tr>
-                                        {% endfor %}
-                                        </tbody>
-                                    </table>
+                                    </ul>
                                </div>
                            </div>
                        {% endif %}
@@ -287,57 +237,28 @@
 {% endblock %}
 {% block custom_foot_js %}
 <script>
-jumpserver.groups_selected = {};
-jumpserver.system_user_selected = {};
-function updateAssetGroups(groups) {
-    var the_url = "{% url 'api-assets:asset-update-group' pk=asset.id %}";
+jumpserver.nodes_selected = {};
+function updateAssetNodes(nodes) {
+    var the_url = "{% url 'api-assets:asset-detail' pk=asset.id %}";
    var body = {
-        groups: Object.assign([], groups)
+        nodes: Object.assign([], nodes)
    };
    var success = function(data) {
        // remove all the selected groups from select > option and rendered ul element;
        $('.select2-selection__rendered').empty();
        $('#groups_selected').val('');
-        $.map(jumpserver.groups_selected, function(group_name, index) {
+        $.map(jumpserver.nodes_selected, function(group_name, index) {
            $('#opt_' + index).remove();
            // change tr html of user groups.
            $('#add-asset2group tbody').append(
                '<tr>' +
-                '<td><b class="bdg_group" data-gid="' + index + '">' + group_name + '</b></td>' +
-                '<td><button class="btn btn-danger btn-xs pull-right btn_leave_group" type="button"><i class="fa fa-minus"></i></button></td>' +
+                '<td><b class="bdg_node" data-gid="' + index + '">' + group_name + '</b></td>' +
+                '<td><button class="btn btn-danger btn-xs pull-right btn-leave-node" type="button"><i class="fa fa-minus"></i></button></td>' +
                '</tr>'
            )
        });
        // clear jumpserver.groups_selected
-        jumpserver.groups_selected = {};
-    };
-    APIUpdateAttr({
-        url: the_url,
-        body: JSON.stringify(body),
-        success: success
-    });
-}
-
-function updateAssetSystemUser(system_users) {
-    var the_url = "{% url 'api-assets:asset-update-system-users' pk=asset.id %}";
-    var body = {
-        system_users: Object.assign([], system_users)
-    };
-    var success = function(data) {
-        $('.select2-selection__rendered').empty();
-        $('#groups_selected').val('');
-        $.map(jumpserver.system_user_selected, function(name, index) {
-            $('#opt_' + index).remove();
-
-            $('#add-asset2systemuser tbody').append(
-                '<tr>' +
-                '<td><b class="bdg_group" data-sid="' + index + '">' + name + '</b></td>' +
-                '<td><button class="btn btn-danger btn-xs pull-right btn_leave_system" type="button"><i class="fa fa-minus"></i></button></td>' +
-                '</tr>'
-            )
-        });
-        // clear jumpserver.groups_selected
-        jumpserver.system_user_selected = {};
+        jumpserver.nodes_selected = {};
    };
    APIUpdateAttr({
        url: the_url,
@@ -348,32 +269,28 @@ function updateAssetSystemUser(system_users) {

 function refreshAssetHardware() {
    var the_url = "{% url 'api-assets:asset-refresh' pk=asset.id %}";
-    var success = function (data) {
-        location.reload();
+    var success = function(data) {
+        console.log(data);
+        var task_id = data.task;
+        var url = '{% url "ops:celery-task-log" pk=DEFAULT_PK %}'.replace("{{ DEFAULT_PK }}", task_id);
+        window.open(url, '', 'width=800,height=600')
    };
    APIUpdateAttr({
        url: the_url,
        success: success,
        method: 'GET'
-    })
+    });
 }


 $(document).ready(function () {
    $('.select2.groups').select2().on('select2:select', function(evt) {
        var data = evt.params.data;
-        jumpserver.groups_selected[data.id] = data.text;
+        jumpserver.nodes_selected[data.id] = data.text;
    }).on('select2:unselect', function(evt) {
        var data = evt.params.data;
-        delete jumpserver.groups_selected[data.id]
+        delete jumpserver.nodes_selected[data.id]
    });
-    $('.select2.system-user').select2().on('select2:select', function(evt) {
-        var data = evt.params.data;
-        jumpserver.system_user_selected[data.id] = data.text;
-    }).on('select2:unselect', function(evt) {
-        var data = evt.params.data;
-        delete jumpserver.system_user_selected[data.id]
-    })
 }).on('click', '#is_active', function () {
    var the_url = '{% url "api-assets:asset-detail" pk=asset.id %}';
    var checked = $(this).prop('checked');
@@ -387,85 +304,61 @@ $(document).ready(function () {
        body: JSON.stringify(body),
        success_message: success
    });
-    if (status == "False") {
+    if (status === "False") {
        $(".ibox-content > table > tbody > tr:nth-child(13) > td:last >b").html('True');
    }else{
        $(".ibox-content > table > tbody > tr:nth-child(13) > td:last >b").html('False');
    }
-}).on('click', '#btn_add_user_group', function () {
-    if (Object.keys(jumpserver.groups_selected).length === 0) {
+}).on('click', '#btn-update-nodes', function () {
+    if (Object.keys(jumpserver.nodes_selected).length === 0) {
       return false;
    }
-    var groups = $('.bdg_group').map(function() {
+    var nodes = $('.bdg_node').map(function() {
        return $(this).data('gid');
    }).get();
-    $.map(jumpserver.groups_selected, function(value, index) {
-        groups.push(parseInt(index));
+    $.map(jumpserver.nodes_selected, function(value, index) {
+        nodes.push(index);
        $('#opt_' + index).remove();
    });
-    updateAssetGroups(groups)
-}).on('click', '.btn_leave_group', function() {
+    updateAssetNodes(nodes)
+}).on('click', '.btn-leave-node', function() {
    var $this = $(this);
    var $tr = $this.closest('tr');
-    var $badge = $tr.find('.bdg_group');
+    var $badge = $tr.find('.bdg_node');
    var gid = $badge.data('gid');
    var group_name = $badge.html() || $badge.text();
    $('#groups_selected').append(
        '<option value="' + gid + '" id="opt_' + gid + '">' + group_name + '</option>'
    );
    $tr.remove();
-    var groups = $('.bdg_group').map(function () {
+    var groups = $('.bdg_node').map(function () {
        return $(this).data('gid');
    }).get();
-    updateAssetGroups(groups)
-}).on('click', '.btn-system-user', function () {
-    if (Object.keys(jumpserver.system_user_selected).length === 0) {
-        return false;
-    }
-    var system_users = $('.bdg_group').map(function() {
-            return $(this).data('sid');
-    }).get();
-    $.map(jumpserver.system_user_selected, function(value, index) {
-        system_users.push(parseInt(index));
-        $('#opt_' + index).remove();
-    });
-    updateAssetSystemUser(system_users)
-
-}).on('click', '.btn_leave_system', function () {
-    var $this = $(this);
-    var $tr = $this.closest('tr');
-    var $badge = $tr.find('.bdg_group');
-    var sid = $badge.data('sid');
-    var name = $badge.html() || $badge.text();
-    $('#groups_selected').append(
-        '<option value="' + sid + '" id="opt_' + sid + '">' + name + '</option>'
-    );
-    $tr.remove();
-    var system_users = $('.bdg_group').map(function () {
-            return $(this).data('sid');
-        }).get();
-    updateAssetSystemUser(system_users)
-
+    updateAssetNodes(groups)
 }).on('click', '.btn-delete-asset', function () {
    var $this = $(this);
    var name = "{{ asset.hostname }}";
    var uid = "{{ asset.id }}";
-    var the_url = '{% url "api-assets:asset-detail" pk=99991937 %}'.replace('99991937', uid);
+    var the_url = '{% url "api-assets:asset-detail" pk=DEFAULT_PK %}'.replace('{{ DEFAULT_PK }}', uid);
    var redirect_url = "{% url 'assets:asset-list' %}";
    objectDelete($this, name, the_url, redirect_url);
 }).on('click', '#btn_refresh_asset', function () {
-    alert('请等待几秒, 等待完成');
    refreshAssetHardware()
-}).on('click', '#btn_test_admin_user', function () {
-    $.ajax({
-        url: '{% url "api-assets:asset-admin-user-test" pk=asset.id %}'
-    }).done(function (data, textStatue, jqXHR) {
-        toastr.success('Success')
-    }).fail(function (data, textStaue, errorThrown) {
-        toastr.error('Error')
-    })
-})
+}).on('click', '#btn-test-is-alive', function () {
+    var the_url = "{% url 'api-assets:asset-alive-test' pk=asset.id %}";

+    var success = function(data) {
+        var task_id = data.task;
+        var url = '{% url "ops:celery-task-log" pk=DEFAULT_PK %}'.replace("{{ DEFAULT_PK }}", task_id);
+        window.open(url, '', 'width=800,height=600')
+    };
+
+    APIUpdateAttr({
+        url: the_url,
+        method: 'GET',
+        success: success
+    });
+})

 </script>
 {% endblock %}
--- a/apps/assets/templates/assets/asset_group_create.html
+++ b/apps/assets/templates/assets/asset_group_create.html
@@ -1,121 +0,0 @@
-{% extends 'base.html' %}
-{% load i18n %}
-{% load static %}
-{% load bootstrap3 %}
-{% block custom_head_css_js %}
-    <link href="{% static 'css/plugins/select2/select2.min.css' %}" rel="stylesheet">
-    <script src="{% static 'js/plugins/select2/select2.full.min.js' %}"></script>
-{% endblock %}
-{% block content %}
-<div class="wrapper wrapper-content animated fadeInRight">
-    <div class="row">
-        <div class="col-sm-10">
-            <div class="ibox float-e-margins">
-                <div id="ibox-content" class="ibox-title">
-                    <h5> {{ action }}</h5>
-                    <div class="ibox-tools">
-                        <a class="collapse-link">
-                            <i class="fa fa-chevron-up"></i>
-                        </a>
-                        <a class="dropdown-toggle" data-toggle="dropdown" href="#">
-                            <i class="fa fa-wrench"></i>
-                        </a>
-                        <a class="close-link">
-                            <i class="fa fa-times"></i>
-                        </a>
-                    </div>
-                </div>
-
-                <div class="ibox-content">
-                    <div class="panel blank-panel">
-                        <div class="panel-body">
-                            <div class="tab-content">
-                                <div id="tab-1" class="ibox float-e-margins tab-pane active"></div>
-                                    <form id="groupForm" method="post" class="form-horizontal">
-                                        {% csrf_token %}
-                                        <h3 class="widget-head-color-box">资产组信息</h3>
-                                        {% bootstrap_field form.name layout="horizontal" %}
-                                        {% bootstrap_field form.comment layout="horizontal" %}
-                                        <div class="hr-line-dashed"></div>
-                                        <h3 class="widget-head-color-box">用户选择的资产</h3>
-                                            <div class="form-group">
-                                                <label class="col-sm-2 control-label" id="asset_on_count">已选（{{ assets_count }}）</label>
-                                                <div class="col-sm-9" id="asset_sed">
-                                                    <div class="form-asset-on" id="add_asset">
-                                                        <p id="asset_on_p">
-                                                            {% for asset in assets_on_list %}
-                                                            <button name='asset_hostname' title='{{ asset.ip }}' type='button' class='btn btn-default btn-xs'>{{ asset.hostname }}</button>
-                                                           {% endfor %}
-                                                        </p>
-                                                    </div>
-                                                </div>
-                                            </div>
-                                        <div class="hr-line-dashed"></div>
-                                        <div class="form-group">
-                                            <div class="col-sm-4 col-sm-offset-5">
-                                                <button class="btn btn-white" type="reset"> 重置 </button>
-                                                <button class="btn btn-primary" type="submit"> 提交 </button>
-                                                <div id='box2'> </div>
-                                            </div>
-                                        </div>
-                                    </form>
-                                </div>
-                            </div>
-                        </div>
-                    </div>
-                </div>
-            </div>
-        </div>
-    </div>
-</div>
-
-<!-- 模态框（Modal） -->
-<div class="modal fade" id="modal" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
-   <div class="modal-dialog modal-lg">
-      <div class="modal-content" id="box">
-        <!--此部分为主体内容，将远程加载进来-->
-      </div>
-   </div>
-</div>
-
-{% endblock %}
-
-{% block custom_foot_js %}
-<script type="text/javascript">
-    $(document).ready(function () {
-        $('.select2').select2();
-        $('.select2-system-user').select2();
-    });
-
-    $('#add_asset').on('click',function(){
-        $('#modal').modal('show');
-    });
-
-    $('#modal').modal({
-        show: false,
-        backdrop: 'static',
-        keyboard: 'false',
-        remote:"{% url 'assets:asset-modal-list' %}?group_id={{ group_id }}"
-    });
-    $('#modal').on('show.bs.modal',function(){
-        //alert('当调用show方法时，立即触发；')
-    });
-
-    $('#modal').on('shown.bs.modal',function(){
-        //alert('当弹窗完全加载完后，再触发；')
-    });
-
-    $('#modal').on('hide.bs.modal',function(){
-        //alert('当关闭时，立即触发；')
-    });
-
-    $('#modal').on('hidden.bs.modal',function(){
-        //alert('当关完全关闭后，再触发；')
-    });
-
-    $('#modal').on('loaded.bs.modal',function(){
-        //alert('当远程数据加载完毕后，再触发；')
-    });
-
-</script>
-{% endblock %}
--- a/apps/assets/templates/assets/asset_group_detail.html
+++ b/apps/assets/templates/assets/asset_group_detail.html
@@ -1,271 +0,0 @@
-{% extends 'base.html' %}
-{% load static %}
-{% load i18n %}
-
-{% block custom_head_css_js %}
-    <link href="{% static "css/plugins/select2/select2.min.css" %}" rel="stylesheet">
-    <script src="{% static "js/plugins/select2/select2.full.min.js" %}"></script>
-{% endblock %}
-{% block content %}
-    <div class="wrapper wrapper-content animated fadeInRight">
-        <div class="row">
-            <div class="col-sm-12">
-                <div class="ibox float-e-margins">
-                    <div class="panel-options">
-                        <ul class="nav nav-tabs">
-                            <li class="active"><a href="" class="text-center"><i class="fa fa-laptop"></i> {% trans 'Detail' %} </a></li>
-                            <li class="pull-right">
-                                <a class="btn btn-outline btn-default" href="{% url 'assets:asset-group-update' pk=asset_group.id %}"><i class="fa fa-edit"></i>Update</a>
-                            </li>
-                        </ul>
-                    </div>
-                    <div class="tab-content">
-                        <div class="col-sm-7" style="padding-left: 0">
-                            <div class="ibox float-e-margins">
-                                <div class="ibox-title">
-                                    <span style="float: left"></span>{% trans 'Asset list of ' %} <b>{{ asset_group.name }}</b></span>
-                                    <div class="ibox-tools">
-                                        <a class="collapse-link">
-                                            <i class="fa fa-chevron-up"></i>
-                                        </a>
-                                        <a class="dropdown-toggle" data-toggle="dropdown" href="#">
-                                            <i class="fa fa-wrench"></i>
-                                        </a>
-                                        <ul class="dropdown-menu dropdown-user">
-                                        </ul>
-                                        <a class="close-link">
-                                            <i class="fa fa-times"></i>
-                                        </a>
-                                    </div>
-                                </div>
-                                <div class="ibox-content">
-                                    <table class="table table-hover " id="asset_list_table" >
-                                        <thead>
-                                            <tr>
-                                                <th>{% trans 'Hostname' %}</th>
-                                                <th>{% trans 'IP' %}</th>
-                                                <th>{% trans 'Port' %}</th>
-	                                              <th>{% trans 'Type' %}</th>
-                                                <th>{% trans 'Alive' %}</th>
-	                                              <th>{% trans 'Action' %}</th>
-                                            </tr>
-                                        </thead>
-                                        <tbody>
-                                        </tbody>
-                                    </table>
-                                </div>
-                            </div>
-                        </div>
-
-                        <div class="col-sm-5" style="padding-left: 0;padding-right: 0">
-                            <div class="panel panel-primary">
-                                <div class="panel-heading">
-                                    <i class="fa fa-info-circle"></i> {% trans 'Push system users' %}
-                                </div>
-                                <div class="panel-body">
-                                    <table class="table">
-                                        <tbody>
-                                        <form>
-                                            <tr class="no-borders-tr">
-                                                <td colspan="2">
-                                                    <select data-placeholder="{% trans 'Select system users' %}" class="select2 system-user-select" style="width: 100%" multiple="" tabindex="4">
-                                                        {% for system_user in system_users %}
-                                                            <option value="{{ system_user.id }}"> {{ system_user.name }} </option>
-                                                        {% endfor %}
-                                                    </select>
-                                                </td>
-                                            </tr>
-                                            <tr class="no-borders-tr">
-                                                <td colspan="2">
-                                                    <button type="button" class="btn btn-primary btn-sm btn-push-system-user">{% trans 'Push' %}</button>
-                                                </td>
-                                            </tr>
-                                        </form>
-                                        </tbody>
-                                    </table>
-                                </div>
-                            </div>
-                        </div>
-                    </div>
-                </div>
-            </div>
-        </div>
-    </div>
-{#    </div>#}
-
-{% endblock %}
-{% block custom_foot_js %}
-<script>
-  jumpserver.assets_selected = {};
-  function updateGroupAssets(assets) {
-    var the_url = "{}";
-    var body = {
-      assets: Object.assign([], assets)
-    };
-    var $data_table = $("#asset_list_table").DataTable();
-    var success = function(data) {
-      $('.select2-selection__rendered').empty();
-      $.map(jumpserver.assets_selected, function(asset_ip, index) {
-        $('#opt_' + index).remove();
-        $data_table.ajax.reload();
-      });
-      jumpserver.groups_selected = {};
-    };
-    APIUpdateAttr({
-      url: the_url,
-      body: JSON.stringify(body),
-      method: 'PUT',
-      success: success
-    });
-  }
-
-function leaveGroup(obj, name, url, data) {
-    function doDelete() {
-        var body = data;
-        var success = function() {
-            swal('Deleted!', "[ "+name+"]"+" has been deleted ", "success");
-            $(obj).parent().parent().remove();
-        };
-        var fail = function() {
-            swal("Failed", "Delete"+"[ "+name+" ]"+"failed", "error");
-        };
-        APIUpdateAttr({
-            url: url,
-            body: JSON.stringify(body),
-            method: 'PATCH',
-            success: success,
-            error: fail
-        });
-    }
-    swal({
-        title: 'Are you sure delete ?',
-        text: " [" + name + "] ",
-        type: "warning",
-        showCancelButton: true,
-        cancelButtonText: 'Cancel',
-        confirmButtonColor: "#DD6B55",
-        confirmButtonText: 'Confirm',
-        closeOnConfirm: false
-    }, function () {
-        doDelete()
-    });
-}
-
-function pushSystemUser(sysUserID) {
-	var the_url = "{% url 'api-assets:asset-group-push-system-user' pk=asset_group.id %}";
-    var body = {
-        system_user: sysUserID
-    };
-    var success = function(data) {
-        var url = "{% url 'ops:task-detail' pk=234234234 %}".replace("234234234", data);
-        setTimeout(function () {
-          location.href = url
-        }, 1000);
-    };
-    APIUpdateAttr({
-        url: the_url,
-        method: 'PATCH',
-        body: JSON.stringify(body),
-        success: success
-    });
-}
-
-Array.prototype.remove = function(val) {
-	var index = this.indexOf(val);
-		if (index > -1) {
-		this.splice(index, 1);
-	}
-};
-
-Array.prototype.unique = function(){
-	var res = [];
-	var json = {};
- 	for(var i = 0; i < this.length; i++){
-  		if(!json[this[i]]){
-   			res.push(this[i]);
-   			json[this[i]] = 1;
-  		}
- 	}
- 	return res;
-};
-
-$(document).ready(function () {
-	$('.select2').select2();
-
-  $('.select2.asset-select').select2()
-    .on('select2:select', function(evt) {
-      var data = evt.params.data;
-      jumpserver.assets_selected[data.id] = data.text;
-      console.log(jumpserver.assets_selected)
-    })
-    .on('select2:unselect', function(evt) {
-      var data = evt.params.data;
-      delete jumpserver.assets_selected[data.id]
-    });
-
-	var options = {
-		ele: $('#asset_list_table'),
-		buttons: [],
-		order: [],
-		columnDefs: [
-			{targets: 0, createdCell: function (td, cellData, rowData) {
-				var detail_btn = '<a href="{% url "assets:asset-detail" pk=99991937 %}" data-aid="'+rowData.id+'">' + cellData + '</a>';
-				$(td).html(detail_btn.replace('99991937', rowData.id));
-			}},
-			{targets: 4, createdCell: function (td, cellData) {
-				if (!cellData) {
-					$(td).html('<i class="fa fa-times text-danger"></i>')
-				} else {
-					$(td).html('<i class="fa fa-check text-navy"></i>')
-				}
-			}},
-			{targets: 5, createdCell: function (td, cellData, rowData) {
-				var update_btn = '<a href="{% url "assets:asset-update" pk=99991937 %}" class="btn btn-xs btn-info">{% trans "Update" %}</a>'.replace('99991937', rowData.id);
-				var del_btn = '<a class="btn btn-xs btn-danger m-l-xs btn_asset_delete" data-aid="99991937">{% trans "Remove" %}</a>'.replace('99991937', rowData.id);
-				$(td).html(update_btn + del_btn)
-			}}
-		],
-		ajax_url: '{% url "api-assets:asset-list" %}?asset_group_id={{ asset_group.id }}',
-		columns: [{data: "hostname" }, {data: "ip" }, {data: "port" },
-			{data: "type" }, {data: "is_active" }, {data: "id"}],
-		op_html: $('#actions').html()
-	};
-	jumpserver.initDataTable(options);
-})
-
-.on('click', ".btn-asset-group-add-asset", function () {
-  if (Object.keys(jumpserver.assets_selected).length === 0) {
-    return false;
-  }
-
-  updateGroupAssets(jumpserver.assets_selected);
-
-})
-
-.on('click', '.btn-push-system-user', function () {
-    var data = $('.system-user-select').select2();
-    var system_id = data.val()[0];
-    if (!system_id) {
-        return false
-    }
-    pushSystemUser(system_id)
-})
-
-.on('click', '.btn_asset_delete', function () {
-	var $this = $(this);
-	var the_url = "{% url 'api-assets:asset-groups-update' pk=asset_group.id %}";
-	var name = $(this).closest("tr").find(":nth-child(1) > a").html();
-	var assets = [];
-	$('#asset_list_table > tbody > tr').map(function () {
-		assets.push(parseInt($(this).closest("tr").find(":nth-child(1) > a").attr("data-aid")))
-	});
-	var delete_asset_id = $(this).data('aid');
-	assets.remove(delete_asset_id);
-	var data = {"assets": assets};
-	leaveGroup($this, name, the_url, data);
-})
-
-
-
-</script>
-{% endblock %}
--- a/apps/assets/templates/assets/asset_group_list.html
+++ b/apps/assets/templates/assets/asset_group_list.html
@@ -1,183 +0,0 @@
-{% extends '_base_list.html' %}
-{% load i18n static %}
-{% block table_search %}
-{% endblock %}
-{% block table_container %}
-<div class="uc pull-left m-l-5 m-r-5">
-    <a href="{% url "assets:asset-group-create" %}" class="btn btn-sm btn-primary"> {% trans "Create asset group" %} </a>
-</div>
-<table class="table table-striped table-bordered table-hover " id="asset_groups_list_table" >
-    <thead>
-    <tr>
-        <th class="text-center">
-            <input type="checkbox" id="check_all" class="ipt_check_all" >
-        </th>
-        <th class="text-center">{% trans 'Name' %}</th>
-        <th class="text-center">{% trans 'Asset' %}</th>
-        <th class="text-center">{% trans 'Comment' %}</th>
-        <th class="text-center">{% trans 'Action' %}</th>
-    </tr>
-    </thead>
-    <tbody>
-    </tbody>
-</table>
-<div id="actions" class="hide">
-    <div class="input-group">
-        <select class="form-control m-b" style="width: auto" id="slct_bulk_update">
-            <option value="delete">{% trans 'Delete selected' %}</option>
-            <option value="update">{% trans 'Update selected' %}</option>
-        </select>
-        <div class="input-group-btn pull-left" style="padding-left: 5px;">
-            <button id='btn_bulk_update' style="height: 32px;"  class="btn btn-sm btn-primary">
-             {% trans 'Submit' %}
-            </button>
-        </div>
-    </div>
-</div>
-{% include 'assets/_asset_group_bulk_update_modal.html' %}
-{% endblock %}
-{% block content_bottom_left %}{% endblock %}
-{% block custom_foot_js %}
-<script>
-$(document).ready(function(){
-    var options = {
-        ele: $('#asset_groups_list_table'),
-        columnDefs: [
-            {targets: 1, createdCell: function (td, cellData, rowData) {
-                var detail_btn = '<a href="{% url "assets:asset-group-detail" pk=99991937 %}">' + cellData + '</a>';
-                $(td).html(detail_btn.replace('99991937', rowData.id));
-             }},
-            {targets: 3, createdCell: function (td, cellData) {
-                var innerHtml = cellData.length > 30 ? cellData.substring(0, 30) + '...': cellData;
-                $(td).html('<a href="javascript:void(0);" data-toggle="tooltip" title="' + cellData + '">' + innerHtml + '</a>');
-             }},
-            {targets: 4, createdCell: function (td, cellData, rowData) {
-                var update_btn = '<a href="{% url "assets:asset-group-update" pk=99991937 %}" class="btn btn-xs m-l-xs btn-info">{% trans "Update" %}</a>'.replace('99991937', cellData);
-                var del_btn = '<a class="btn btn-xs btn-danger m-l-xs btn_asset_group_delete" data-uid="99991937">{% trans "Delete" %}</a>'.replace('99991937', cellData);
-                $(td).html(update_btn + del_btn)
-             }}],
-        ajax_url: '{% url "api-assets:asset-group-list" %}',
-        columns: [{data: "id"}, {data: "name" }, {data: "assets_amount" }, {data: "comment" }, {data: "id"}],
-	    op_html: $('#actions').html()
-    };
-    jumpserver.initDataTable(options);
-})
-
-.on('click', '.btn_asset_group_delete', function () {
-	var $this = $(this);
-	var $data_table = $('#asset_groups_list_table').DataTable();
-	var name = $(this).closest("tr").find(":nth-child(2)").children('a').html();
-	var uid = $this.data('uid');
-	var the_url = '{% url "api-assets:asset-group-detail" pk=99991937 %}'.replace('99991937', uid);
-	objectDelete($this, name, the_url);
-	setTimeout( function () {
-        $data_table.ajax.reload();
-    }, 3000);
-})
-
-.on('click', '#btn_bulk_update', function () {
-	var action = $('#slct_bulk_update').val();
-	var $data_table = $('#asset_groups_list_table').DataTable();
-	var id_list = [];
-    var plain_id_list = [];
-    $data_table.rows({selected: true}).every(function(){
-        id_list.push({id: this.data().id});
-        plain_id_list.push(this.data().id);
-    });
-    if (id_list === []) {
-        return false;
-    }
-    var the_url = '{% url "api-assets:asset-group-list" %}';
-    console.log(plain_id_list);
-    console.log(the_url);
-    function doDelete() {
-        swal({
-            title: "{% trans 'Are you sure?' %}",
-            text: "{% trans 'This will delete the selected groups !!!' %}",
-            type: "warning",
-            showCancelButton: true,
-            confirmButtonColor: "#DD6B55",
-            confirmButtonText: "{% trans 'Confirm' %}",
-            closeOnConfirm: false
-        }, function() {
-            var success = function() {
-                var msg = "{% trans 'Group deleted' %}";
-                swal("{% trans 'Group Delete' %}", msg, "success");
-                $('#asset_groups_list_table').DataTable().ajax.reload();
-            };
-            var fail = function() {
-                var msg = "{% trans 'Group deleting failed.' %}";
-                swal("{% trans 'Group Delete' %}", msg, "error");
-            };
-            var url_delete = the_url + '?id__in=' + JSON.stringify(plain_id_list);
-            APIUpdateAttr({url: url_delete, method: 'DELETE', success: success, error: fail});
-            $data_table.ajax.reload();
-            jumpserver.checked = false;
-        });
-    }
-	function doUpdate() {
-		$('#asset_group_bulk_update_modal').modal('show');
-	}
-    switch(action) {
-        case 'delete':
-            doDelete();
-            break;
-        case 'update':
-            doUpdate();
-            break;
-        default:
-            break;
-    }
-})
-
-.on('click', '#btn_asset_group_bulk_update', function () {
-	var json_data = $("#fm_asset_group_bulk_update").serializeObject();
-	var body = {};
-    body.enable_otp = (json_data.enable_otp === 'on')? true: false;
-    if (json_data.type != '') {
-        body.type = json_data.type;
-    }
-
-    if (json_data.assets != undefined) {
-        body.assets = json_data.assets;
-    }
-    if (typeof body.assets === 'string') {
-        body.assets = [parseInt(body.assets)]
-    } else if(typeof body.assets === 'array') {
-        var new_assets = body.assets.map(Number);
-        body.assets = new_assets;
-    }
-
-	if (json_data.system_users != undefined) {
-    	body.system_users = json_data.system_users;
-	}
-	if (typeof body.system_users === 'string') {
-    	body.system_users = [parseInt(body.system_users)];
-	} else if (typeof body.system_users === 'array') {
-    	var new_system_users = body.system_users.map(Number);
-    	body.system_users = new_system_users;
-	}
-
-	var post_list = [];
-    var $data_table = $('#asset_groups_list_table').DataTable()
-    $data_table.rows({selected: true}).every(function(){
-        var content = Object.assign({id: this.data().id}, body);
-        post_list.push(content);
-    });
-    if (post_list === []) {
-        return false
-    }
-    var the_url = '{% url "api-assets:asset-group-list" %}';
-    var success = function() {
-        var msg = "{% trans 'The selected asset groups has been updated successfully.' %}";
-        swal("{% trans 'AssetGroup Updated' %}", msg, "success");
-        $('#asset_groups_list_table').DataTable().ajax.reload();
-        jumpserver.checked = false;
-    };
-{#	console.log(JSON.stringify(post_list));#}
-    APIUpdateAttr({url: the_url, method: 'PATCH', body: JSON.stringify(post_list), success: success});
-    $('#asset_group_bulk_update_modal').modal('hide');
-});
-</script>
-{% endblock %}
-
--- a/apps/assets/templates/assets/asset_list.html
+++ b/apps/assets/templates/assets/asset_list.html
@@ -1,20 +1,66 @@
-{% extends '_base_list.html' %}
-{% load i18n %}
+{% extends 'base.html' %}
 {% load static %}
-{% block custom_head_css_js %}
-<link href="{% static 'css/plugins/select2/select2.min.css' %}" rel="stylesheet">
-<script src="{% static 'js/plugins/select2/select2.full.min.js' %}"></script>
+{% load i18n %}

-{#<style>#}
-{#    .custom{#}
-{#        margin-right:5px;#}
-{#        }#}
-{#    #modal .modal-body { max-height: 200px; }#}
-{#</style>#}
+{% block help_message %}
+    <div class="alert alert-info help-message">
+    左侧是资产树，右击可以新建、删除、更改树节点，授权资产也是以节点方式组织的，右侧是属于该节点下的资产
+    </div>
 {% endblock %}
-{% block content_left_head %}{% endblock %}

-{% block table_search %}
+{% block custom_head_css_js %}
+    <link href="{% static 'css/plugins/ztree/awesomeStyle/awesome.css' %}" rel="stylesheet">
+    <script type="text/javascript" src="{% static 'js/plugins/ztree/jquery.ztree.all.min.js' %}"></script>
+    <script src="{% static 'js/jquery.form.min.js' %}"></script>
+	<style type="text/css">
+        div#rMenu {
+            position:absolute;
+            visibility:hidden;
+            text-align: left;
+            top: 100%;
+            left: 0;
+            z-index: 1000;
+            float: left;
+            padding: 5px 0;
+            margin: 2px 0 0;
+            list-style: none;
+            background-clip: padding-box;
+        }
+        div#rMenu li{
+        	margin: 1px 0;
+        	cursor: pointer;
+        	{#list-style: none outside none;#}
+        }
+        .dropdown a:hover {
+            background-color: #f1f1f1
+        }
+	</style>
+
+{% endblock %}
+
+{% block content %}
+<div class="wrapper wrapper-content">
+   <div class="row">
+       <div class="col-lg-3" id="split-left" style="padding-left: 3px">
+           <div class="ibox float-e-margins">
+               <div class="ibox-content mailbox-content" style="padding-top: 0;padding-left: 1px">
+                   <div class="file-manager ">
+                       <div id="assetTree" class="ztree">
+                       </div>
+
+                       <div class="clearfix"></div>
+                   </div>
+               </div>
+           </div>
+       </div>
+       <div class="col-lg-9 animated fadeInRight" id="split-right">
+           <div class="tree-toggle">
+               <div class="btn btn-sm btn-primary tree-toggle-btn" onclick="toggle()">
+                   <i class="fa fa-angle-left fa-x" id="toggle-icon"></i>
+               </div>
+           </div>
+           <div class="mail-box-header">
+               <div class="uc pull-left m-r-5"><a class="btn btn-sm btn-primary btn-create-asset"> {% trans "Create asset" %} </a></div>
               <div class="html5buttons">
                   <div class="dt-buttons btn-group">
                       <a class="btn btn-default btn_import" data-toggle="modal" data-target="#asset_import_modal" tabindex="0">
@@ -25,36 +71,37 @@
                       </a>
                   </div>
               </div>
-{% endblock %}
-
-
-{% block table_container %}
-<div class="uc pull-left m-l-5 m-r-5"><a href="{% url "assets:asset-create" %}" class="btn btn-sm btn-primary"> {% trans "Create asset" %} </a></div>
-<table class="table table-striped table-bordered table-hover " id="asset_list_table" >
+               <div class="btn-group" style="float: right">
+                  <button data-toggle="dropdown" class="btn btn-default btn-sm dropdown-toggle">{% trans 'Label' %} <span class="caret"></span></button>
+                  <ul class="dropdown-menu labels">
+                      {% for label in labels %}
+                          <li><a style="font-weight: bolder">{{ label.name }}:{{ label.value }}</a></li>
+                      {% endfor %}
+                  </ul>
+               </div>
+               <table class="table table-striped table-bordered table-hover " id="asset_list_table" style="width: 100%">
                   <thead>
                       <tr>
                           <th class="text-center"><input type="checkbox" class="ipt_check_all"></th>
                           <th class="text-center">{% trans 'Hostname' %}</th>
                           <th class="text-center">{% trans 'IP' %}</th>
-            <th class="text-center">{% trans 'Port' %}</th>
-            <th class="text-center">{% trans 'Type' %}</th>
-            <th class="text-center">{% trans 'Env' %}</th>
                           <th class="text-center">{% trans 'Hardware' %}</th>
-            <th class="text-center">{% trans 'Valid' %}</th>
-            <th class="text-center">{% trans 'Alive' %}</th>
+                           <th class="text-center">{% trans 'Active' %}</th>
+                           <th class="text-center">{% trans 'Reachable' %}</th>
                           <th class="text-center">{% trans 'Action' %}</th>
                       </tr>
                   </thead>
                   <tbody>
                   </tbody>
-</table>
-<div id="actions" class="hide">
+               </table>
+               <div id="actions" class="hide">
                   <div class="input-group">
                       <select class="form-control m-b" style="width: auto" id="slct_bulk_update">
                           <option value="delete">{% trans 'Delete selected' %}</option>
                           <option value="update">{% trans 'Update selected' %}</option>
+                           <option value="remove">{% trans 'Remove from this node' %}</option>
                           <option value="deactive">{% trans 'Deactive selected' %}</option>
-            <option value="active">{% trans 'Active' %}</option>
+                           <option value="active">{% trans 'Active selected' %}</option>
                       </select>
                       <div class="input-group-btn pull-left" style="padding-left: 5px;">
                           <button id='btn_bulk_update' style="height: 32px;"  class="btn btn-sm btn-primary">
@@ -62,50 +109,56 @@
                           </button>
                       </div>
                   </div>
+               </div>
+           </div>
+       </div>
+   </div>
 </div>
+
+<div id="rMenu">
+    <ul class="dropdown-menu">
+        <li class="divider"></li>
+        <li id="m_create" tabindex="-1" onclick="addTreeNode();"><a><i class="fa fa-plus-square-o"></i> {% trans 'Add node' %}</a></li>
+        <li id="m_del" tabindex="-1" onclick="editTreeNode();"><a><i class="fa fa-pencil-square-o"></i> {% trans 'Rename node' %}</a></li>
+        <li id="m_del" tabindex="-1" onclick="removeTreeNode();"><a><i class="fa fa-minus-square"></i> {% trans 'Delete node' %}</a></li>
+        <li class="divider"></li>
+        <li id="menu_asset_add" class="btn-add-asset" data-toggle="modal" data-target="#asset_list_modal" tabindex="0"><a><i class="fa fa-copy"></i> {% trans 'Add assets to node' %}</a></li>
+        <li id="menu_asset_move" class="btn-move-asset" data-toggle="modal" data-target="#asset_list_modal" tabindex="0"><a><i class="fa fa-cut"></i> {% trans 'Move assets to node' %}</a></li>
+        <li class="divider"></li>
+        <li id="menu_refresh_hardware_info" class="btn-refresh-hardware" tabindex="-1"><a><i class="fa fa-refresh"></i> {% trans 'Refresh node hardware info' %}</a></li>
+        <li id="menu_test_connective" class="btn-test-connective" tabindex="-1"><a><i class="fa fa-chain"></i> {% trans 'Test node connective' %}</a></li>
+    </ul>
+</div>
+
 {% include 'assets/_asset_import_modal.html' %}
-{#{% include 'assets/_asset_bulk_update_modal.html' %}#}
+{% include 'assets/_asset_list_modal.html' %}
 {% endblock %}

 {% block custom_foot_js %}
-<script src="{% static 'js/jquery.form.min.js' %}"></script>
-<script type="text/javascript">
-window.onload = function (){
-        var tag_on = document.getElementsByName("tag_on");
-        var oDiv = document.getElementById("ydxbd");
-        if(tag_on.length > 0){
-            oDiv.style.display = "block";
-        }
-    };
-
-function tagShow() {
-    var oDiv = document.getElementById("ydxbd");
-    if (oDiv.style.display == 'none'){
-        oDiv.style.display = "block";
-    }else{
-        oDiv.style.display = "none";
-    }
-}  //onload;
-
-
-
-$(document).ready(function(){
+<script>
+var zTree, rMenu, asset_table, show = 0;
+var update_node_action = "";
+function initTable() {
    var options = {
        ele: $('#asset_list_table'),
        columnDefs: [
            {targets: 1, createdCell: function (td, cellData, rowData) {
-                var detail_btn = '<a href="{% url "assets:asset-detail" pk=99991937 %}">' + cellData + '</a>';
-                $(td).html(detail_btn.replace('99991937', rowData.id));
+                {% url 'assets:asset-detail' pk=DEFAULT_PK as the_url  %}
+                var detail_btn = '<a href="{{ the_url }}">' + cellData + '</a>';
+                $(td).html(detail_btn.replace('{{ DEFAULT_PK }}', rowData.id));
            }},
-            {targets: 7, createdCell: function (td, cellData) {
+            {targets: 3, createdCell: function (td, cellData, rowData) {
+                $(td).html(rowData.hardware_info)
+            }},
+            {targets: 4, createdCell: function (td, cellData) {
                if (!cellData) {
                    $(td).html('<i class="fa fa-times text-danger"></i>')
                } else {
                    $(td).html('<i class="fa fa-check text-navy"></i>')
                }
            }},
-            {targets: 8, createdCell: function (td, cellData) {
-                if (cellData == 'Unknown'){
+            {targets: 5, createdCell: function (td, cellData) {
+                if (cellData === 'Unknown'){
                    $(td).html('<i class="fa fa-circle text-warning"></i>')
                } else if (!cellData) {
                    $(td).html('<i class="fa fa-circle text-danger"></i>')
@@ -113,31 +166,279 @@ $(document).ready(function(){
                    $(td).html('<i class="fa fa-circle text-navy"></i>')
                }
            }},
-            {targets: 9, createdCell: function (td, cellData, rowData) {
-                var update_btn = '<a href="{% url "assets:asset-update" pk=99991937 %}" class="btn btn-xs btn-info">{% trans "Update" %}</a>'.replace('99991937', cellData);
-                var del_btn = '<a class="btn btn-xs btn-danger m-l-xs btn_asset_delete" data-uid="99991937">{% trans "Delete" %}</a>'.replace('99991937', cellData);
+            {targets: 6, createdCell: function (td, cellData, rowData) {
+                var update_btn = '<a href="{% url "assets:asset-update" pk=DEFAULT_PK %}" class="btn btn-xs btn-info">{% trans "Update" %}</a>'.replace("{{ DEFAULT_PK }}", cellData);
+                var del_btn = '<a class="btn btn-xs btn-danger m-l-xs btn_asset_delete" data-uid="{{ DEFAULT_PK }}">{% trans "Delete" %}</a>'.replace('{{ DEFAULT_PK }}', cellData);
                $(td).html(update_btn + del_btn)
            }}
        ],
        ajax_url: '{% url "api-assets:asset-list" %}',
-        columns: [{data: "id"}, {data: "hostname" }, {data: "ip" }, {data: "port" },
-            {data: "get_type_display" }, {data: "get_env_display"}, {data: "hardware"},
-            {data: "is_active" }, {data: "is_online"}, {data: "id" }],
+        columns: [
+            {data: "id"}, {data: "hostname" }, {data: "ip" },
+            {data: "cpu_cores"}, {data: "is_active", orderable: false },
+            {data: "is_connective", orderable: false}, {data: "id", orderable: false }
+        ],
        op_html: $('#actions').html()
    };
-    var table = jumpserver.initDataTable(options);
+    asset_table = jumpserver.initServerSideDataTable(options);
+    return asset_table
+}

-    $('.btn_export').click(function () {
+function addTreeNode() {
+	hideRMenu();
+	var parentNode = zTree.getSelectedNodes()[0];
+	if (!parentNode){
+	    return
+    }
+    var url = "{% url 'api-assets:node-children' pk=DEFAULT_PK %}".replace("{{ DEFAULT_PK }}", parentNode.id );
+    $.post(url,  {}, function (data, status){
+        if (status === "success") {
+            var newNode = {
+                name: data["value"],
+                id: data["id"],
+                pId: parentNode.id
+            };
+            newNode.checked = zTree.getSelectedNodes()[0].checked;
+            zTree.addNodes(parentNode, 0, newNode);
+        } else {
+            alert("{% trans 'Create node failed' %}")
+        }
+    });
+}
+
+function removeTreeNode() {
+	hideRMenu();
+	var current_node = zTree.getSelectedNodes()[0];
+	if (!current_node){
+	    return
+    }
+	if (current_node.children && current_node.children.length > 0) {
+		toastr.error("{% trans 'Have child node, cancel' %}");
+	 } else if (current_node.assets_amount !== 0) {
+        toastr.error("{% trans 'Have assets, cancel' %}");
+    } else {
+        var url = "{% url 'api-assets:node-detail' pk=DEFAULT_PK %}".replace("{{ DEFAULT_PK }}", current_node.id );
+		$.ajax({
+            url: url,
+            method: "DELETE",
+            success: function () {
+                zTree.removeNode(current_node);
+            }
+        });
+	}
+}
+
+function editTreeNode() {
+    hideRMenu();
+	var current_node = zTree.getSelectedNodes()[0];
+	if (!current_node){
+	    return
+    }
+    if (current_node.value) {
+        current_node.name = current_node.value;
+    }
+    zTree.editName(current_node);
+}
+
+function OnRightClick(event, treeId, treeNode) {
+    if (!treeNode && event.target.tagName.toLowerCase() !== "button" && $(event.target).parents("a").length === 0) {
+		zTree.cancelSelectedNode();
+		showRMenu("root", event.clientX, event.clientY);
+	} else if (treeNode && !treeNode.noR) {
+		zTree.selectNode(treeNode);
+		showRMenu("node", event.clientX, event.clientY);
+	}
+}
+
+function showRMenu(type, x, y) {
+	$("#rMenu ul").show();
+    x -= 220;
+    rMenu.css({"top":y+"px", "left":x+"px", "visibility":"visible"});
+
+	$("body").bind("mousedown", onBodyMouseDown);
+}
+
+function beforeClick(treeId, treeNode, clickFlag) {
+    return true;
+}
+
+function hideRMenu() {
+	if (rMenu) rMenu.css({"visibility": "hidden"});
+	$("body").unbind("mousedown", onBodyMouseDown);
+}
+
+function onBodyMouseDown(event){
+	if (!(event.target.id === "rMenu" || $(event.target).parents("#rMenu").length>0)) {
+		rMenu.css({"visibility" : "hidden"});
+	}
+}
+
+
+function onRename(event, treeId, treeNode, isCancel){
+    var url = "{% url 'api-assets:node-detail' pk=DEFAULT_PK %}".replace("{{ DEFAULT_PK }}", treeNode.id);
+    var data = {"value": treeNode.name};
+    if (isCancel){
+        return
+    }
+    APIUpdateAttr({
+        url: url,
+        body: JSON.stringify(data),
+        method: "PATCH"
+    })
+}
+
+function onSelected(event, treeNode) {
+    var url = asset_table.ajax.url();
+    url = setUrlParam(url, "node_id", treeNode.id);
+    setCookie('node_selected', treeNode.id);
+    asset_table.ajax.url(url);
+    asset_table.ajax.reload();
+}
+
+function selectQueryNode() {
+    var query_node_id = $.getUrlParam("node");
+    var cookie_node_id = getCookie('node_selected');
+    var node;
+    var node_id;
+
+    if (query_node_id !== null) {
+        node_id = query_node_id
+    } else if (cookie_node_id !== null) {
+        node_id = cookie_node_id;
+    }
+
+    node = zTree.getNodesByParam("id", node_id, null);
+    if (node){
+        zTree.selectNode(node[0]);
+    }
+}
+
+function beforeDrag() {
+    return true
+}
+
+function beforeDrop(treeId, treeNodes, targetNode, moveType) {
+    var treeNodesNames = [];
+    $.each(treeNodes, function (index, value) {
+        treeNodesNames.push(value.value);
+    });
+
+    var msg = "你想移动节点: `" + treeNodesNames.join(",") + "` 到 `" + targetNode.value + "` 下吗?";
+    if (confirm(msg)){
+        return true
+    } else {
+        return false
+    }
+}
+
+function onDrag(event, treeId, treeNodes) {
+}
+
+function onDrop(event, treeId, treeNodes, targetNode, moveType) {
+    var treeNodesIds = [];
+    $.each(treeNodes, function (index, value) {
+        treeNodesIds.push(value.id);
+    });
+
+    var the_url = "{% url 'api-assets:node-add-children' pk=DEFAULT_PK %}".replace("{{ DEFAULT_PK }}", targetNode.id);
+    var body = {nodes: treeNodesIds};
+    APIUpdateAttr({
+        url: the_url,
+        method: "PUT",
+        body: JSON.stringify(body)
+    })
+}
+
+function initTree() {
+    var setting = {
+        view: {
+            dblClickExpand: false,
+            showLine: true
+        },
+        data: {
+            simpleData: {
+                enable: true
+            }
+        },
+        edit: {
+            enable: true,
+			showRemoveBtn: false,
+			showRenameBtn: false,
+            drag: {
+                isCopy: true,
+                isMove: true
+            }
+        },
+        callback: {
+            onRightClick: OnRightClick,
+            beforeClick: beforeClick,
+            onRename: onRename,
+            onSelected: onSelected,
+            beforeDrag: beforeDrag,
+            onDrag: onDrag,
+            beforeDrop: beforeDrop,
+            onDrop: onDrop
+        }
+    };
+
+    var zNodes = [];
+    $.get("{% url 'api-assets:node-list' %}", function(data, status){
+        $.each(data, function (index, value) {
+            value["pId"] = value["parent"];
+            {#if (value["key"] === "0") {#}
+            value["open"] = true;
+            {# }#}
+            value["name"] = value["value"] + ' (' + value['assets_amount'] + ')';
+            value['value'] = value['value'];
+        });
+        zNodes = data;
+        $.fn.zTree.init($("#assetTree"), setting, zNodes);
+        zTree = $.fn.zTree.getZTreeObj("assetTree");
+		rMenu = $("#rMenu");
+		selectQueryNode();
+    });
+}
+
+function toggle() {
+    if (show === 0) {
+        $("#split-left").hide(500, function () {
+            $("#split-right").attr("class", "col-lg-12");
+            $("#toggle-icon").attr("class", "fa fa-angle-right fa-x");
+            show = 1;
+        });
+    } else {
+        $("#split-right").attr("class", "col-lg-9");
+        $("#toggle-icon").attr("class", "fa fa-angle-left fa-x");
+        $("#split-left").show(500);
+        show = 0;
+    }
+}
+
+$(document).ready(function(){
+    initTable();
+    initTree();
+})
+.on('click', '.labels li', function () {
+    var val = $(this).text();
+    $("#asset_list_table_filter input").val(val);
+    asset_table.search(val).draw();
+ })
+.on('click', '.btn_export', function () {
+    var $data_table = $('#asset_list_table').DataTable();
+    var rows = $data_table.rows('.selected').data();
+    var nodes = zTree.getSelectedNodes();
+    var current_node;
+    if (nodes && nodes.length === 1) {
+        current_node = nodes[0];
+    }
    var assets = [];
-        var rows = table.rows('.selected').data();
    $.each(rows, function (index, obj) {
        assets.push(obj.id)
    });
-        console.log(assets);
    $.ajax({
        url: "{% url "assets:asset-export" %}",
        method: 'POST',
-            data: JSON.stringify({assets_id: assets}),
+        data: JSON.stringify({assets_id: assets, node_id: current_node.id}),
        dataType: "json",
        success: function (data, textStatus) {
            window.open(data.redirect)
@@ -146,9 +447,18 @@ $(document).ready(function(){
            toastr.error('Export failed');
        }
    })
-    });
-     $('#btn_asset_import').click(function() {
+})
+.on('click', '#btn_asset_import', function () {
    var $form = $('#fm_asset_import');
+    var action = $form.attr("action");
+    var nodes = zTree.getSelectedNodes();
+    var current_node;
+    if (nodes && nodes.length ===1 ){
+        current_node = nodes[0];
+        action = setUrlParam(action, 'node_id', current_node.id);
+        {#action += "?node_id=" + current_node.id;#}
+        $form.attr("action", action)
+    }
    $form.find('.help-block').remove();
    function success (data) {
        if (data.valid === false) {
@@ -165,16 +475,72 @@ $(document).ready(function(){
        }
    }
    $form.ajaxSubmit({success: success});
-    })
 })
+.on('click', '.btn-create-asset', function () {
+    var url = "{% url 'assets:asset-create' %}";
+    var nodes = zTree.getSelectedNodes();
+    var current_node;
+    if (nodes && nodes.length ===1 ){
+        current_node = nodes[0];
+        url += "?node_id=" + current_node.id;
+    }
+    window.open(url, '_self');
+})
+.on('click', '.btn-refresh-hardware', function () {
+    var url = "{% url 'api-assets:node-refresh-hardware-info' pk=DEFAULT_PK %}";
+    var nodes = zTree.getSelectedNodes();
+    var current_node;
+    if (nodes && nodes.length ===1 ){
+        current_node = nodes[0];
+    } else {
+        return null;
+    }

+    var the_url = url.replace("{{ DEFAULT_PK }}", current_node.id);
+    function success(data) {
+        rMenu.css({"visibility" : "hidden"});
+        var task_id = data.task;
+        var url = '{% url "ops:celery-task-log" pk=DEFAULT_PK %}'.replace("{{ DEFAULT_PK }}", task_id);
+        window.open(url, '', 'width=800,height=600')
+    }
+    APIUpdateAttr({
+        url: the_url,
+        method: "GET",
+        success: success,
+        flash_message: false
+    });
+
+})
+.on('click', '.btn-test-connective', function () {
+    var url = "{% url 'api-assets:node-test-connective' pk=DEFAULT_PK %}";
+    var nodes = zTree.getSelectedNodes();
+    var current_node;
+    if (nodes && nodes.length ===1 ){
+        current_node = nodes[0];
+    } else {
+        return null;
+    }
+
+    var the_url = url.replace("{{ DEFAULT_PK }}", current_node.id);
+    function success(data) {
+        rMenu.css({"visibility" : "hidden"});
+        var task_id = data.task;
+        var url = '{% url "ops:celery-task-log" pk=DEFAULT_PK %}'.replace("{{ DEFAULT_PK }}", task_id);
+        window.open(url, '', 'width=800,height=600')
+    }
+    APIUpdateAttr({
+        url: the_url,
+        method: "GET",
+        success: success,
+        flash_message: false
+    });
+})
 .on('click', '.btn_asset_delete', function () {
    var $this = $(this);
    var $data_table = $("#asset_list_table").DataTable();
    var name = $(this).closest("tr").find(":nth-child(2)").children('a').html();
    var uid = $this.data('uid');
-    var the_url = '{% url "api-assets:asset-detail" pk=99991937 %}'.replace('99991937', uid);
-    console.log(the_url);
+    var the_url = '{% url "api-assets:asset-detail" pk=DEFAULT_PK %}'.replace("{{ DEFAULT_PK }}", uid);
    objectDelete($this, name, the_url);
    setTimeout( function () {
        $data_table.ajax.reload();
@@ -187,26 +553,42 @@ $(document).ready(function(){
    $data_table.rows({selected: true}).every(function(){
        id_list.push(this.data().id);
    });
-    if (id_list.length == 0) {
+    if (id_list.length === 0) {
        return false;
    }
    var the_url = "{% url 'api-assets:asset-list' %}";

    function doDeactive() {
-        var body = $.each(id_list, function(index, asset_object) {
-            asset_object['is_active'] = false;
+        var data = [];
+        $.each(id_list, function(index, object_id) {
+            var obj = {"pk": object_id, "is_active": false};
+            data.push(obj);
+        });
+        function success() {
+            asset_table.ajax.reload()
+        }
+        APIUpdateAttr({
+            url: the_url,
+            method: 'PATCH',
+            body: JSON.stringify(data),
+            success: success
        });
-        APIUpdateAttr({url: the_url, method: 'PATCH', body: JSON.stringify(body)});
-        $data_table.ajax.reload();
-        jumpserver.checked = false;
    }
    function doActive() {
-        var body = $.each(id_list, function(index, asset_object) {
-            asset_object['is_active'] = true;
+        var data = [];
+        $.each(id_list, function(index, object_id) {
+            var obj = {"pk": object_id, "is_active": true};
+            data.push(obj);
+        });
+        function success() {
+            asset_table.ajax.reload()
+        }
+        APIUpdateAttr({
+            url: the_url,
+            method: 'PATCH',
+            body: JSON.stringify(data),
+            success: success
        });
-        APIUpdateAttr({url: the_url, method: 'PATCH', body: JSON.stringify(body)});
-        $data_table.ajax.reload();
-        jumpserver.checked = false;
    }
    function doDelete() {
        swal({
@@ -227,8 +609,13 @@ $(document).ready(function(){
                var msg = "{% trans 'Asset Deleting failed.' %}";
                swal("{% trans 'Asset Delete' %}", msg, "error");
            };
-            var url_delete = the_url + '?id__in=' + JSON.stringify(plain_id_list);
-            APIUpdateAttr({url: url_delete, method: 'DELETE', success: success, error: fail});
+            var url_delete = the_url + '?id__in=' + JSON.stringify(id_list);
+            APIUpdateAttr({
+                url: url_delete,
+                method: 'DELETE',
+                success: success,
+                error: fail
+            });
            $data_table.ajax.reload();
            jumpserver.checked = false;
        });
@@ -238,6 +625,31 @@ $(document).ready(function(){
        var url = "{% url 'assets:asset-bulk-update' %}?assets_id=" + id_list_string;
        location.href = url
    }
+
+    function doRemove() {
+        var current_node;
+        var nodes = zTree.getSelectedNodes();
+        if (nodes && nodes.length === 1) {
+            current_node = nodes[0]
+        } else {
+            return
+        }
+
+        var data = {
+            'assets': id_list
+        };
+
+        var success = function () {
+            asset_table.ajax.reload()
+        };
+
+        APIUpdateAttr({
+            'url': '/api/assets/v1/nodes/' + current_node.id + '/assets/remove/',
+            'method': 'PUT',
+            'body': JSON.stringify(data),
+            'success': success
+        })
+    }
    switch(action) {
        case 'deactive':
            doDeactive();
@@ -251,69 +663,52 @@ $(document).ready(function(){
        case 'active':
            doActive();
            break;
+        case 'remove':
+            doRemove();
+            break;
        default:
            break;
    }
-});
-{##}
-{#.on('click', '#btn_asset_bulk_update', function () {#}
-{#    var json_data = $("#fm_asset_bulk_update").serializeObject();#}
-{#    var body = {};#}
-{#    body.enable_otp = (json_data.enable_otp === 'on')? true: false;#}
-{#    if (json_data.type != '') {#}
-{#        body.type = json_data.type;#}
-{#    }#}
-{#    if (json_data.groups != undefined) {#}
-{#        body.groups = json_data.groups;#}
-{#    }#}
-{#    if (typeof body.groups === 'string') {#}
-{#        body.groups = [parseInt(body.groups)]#}
-{#    } else if(typeof body.groups === 'array') {#}
-{#        var new_groups = body.groups.map(Number);#}
-{#        body.groups = new_groups;#}
-{#    }#}
-{##}
-{#    if (json_data.system_users != undefined) {#}
-{#        body.system_users = json_data.system_users;#}
-{#    }#}
-{#    if (typeof body.system_users === 'string') {#}
-{#        body.system_users = [parseInt(body.system_users)]#}
-{#    } else if(typeof body.system_users === 'array') {#}
-{#        var new_users = body.system_users.map(Number);#}
-{#        body.system_users = new_users;#}
-{#    }#}
-{##}
-{#    if (json_data.tags != undefined) {#}
-{#        body.tags = json_data.tags;#}
-{#    }#}
-{#    if (typeof body.tags == 'string') {#}
-{#        body.tags = [parseInt(body.tags)];#}
-{#    } else if (typeof body.tags === 'array') {#}
-{#        var new_tags = body.tags.map(Number);#}
-{#        body.tags = new_tags;#}
-{#    }#}
-{##}
-{#    var $data_table = $('#asset_list_table').DataTable();#}
-{#    var post_list = [];#}
-{#    $data_table.rows({selected: true}).every(function(){#}
-{#        var content = Object.assign({id: this.data().id}, body);#}
-{#        post_list.push(content);#}
-{#    });#}
-{#    if (post_list === []) {#}
-{#        return false#}
-{#    }#}
-{#    var the_url = "{% url 'api-assets:asset-list' %}";#}
-{#    var success = function() {#}
-{#        var msg = "{% trans 'The selected assets has been updated successfully.' %}";#}
-{#        swal("{% trans 'Asset Updated' %}", msg, "success");#}
-{#        $('#asset_list_table').DataTable().ajax.reload();#}
-{#        jumpserver.checked = false;#}
-{#    };#}
-{#    console.log(JSON.stringify(post_list));#}
-{#    console.log(the_url);#}
-{#    APIUpdateAttr({url: the_url, method: 'PATCH', body: JSON.stringify(post_list), success: success});#}
-{#    $('#asset_bulk_update_modal').modal('hide');#}
-{#})#}
+    $(".ipt_check_all").prop("checked", false)
+})
+.on('click', '#btn_asset_modal_confirm', function () {
+    var assets_selected = asset_table2.selected;
+    var current_node;
+    var nodes = zTree.getSelectedNodes();
+    if (nodes && nodes.length === 1) {
+        current_node = nodes[0]
+    } else {
+        return
+    }

+    var data = {
+        'assets': assets_selected
+    };
+    var success = function () {
+        asset_table2.selected = [];
+        asset_table2.ajax.reload()
+    };
+
+    var url = '';
+    if (update_node_action === "move") {
+        url = "{% url 'api-assets:node-replace-assets' pk=DEFAULT_PK %}".replace("{{ DEFAULT_PK }}", current_node.id);
+    } else {
+        url = "{% url 'api-assets:node-add-assets' pk=DEFAULT_PK %}".replace("{{ DEFAULT_PK }}", current_node.id);
+    }
+
+    APIUpdateAttr({
+        'url': url,
+        'method': 'PUT',
+        'body': JSON.stringify(data),
+        'success': success
+    })
+}).on('hidden.bs.modal', '#asset_list_modal', function () {
+    window.location.reload();
+}).on('click', '#menu_asset_add', function () {
+    update_node_action = "add"
+}).on('click', '#menu_asset_move', function () {
+    update_node_action = "move"
+})
 </script>
+
 {% endblock %}
--- a/apps/assets/templates/assets/asset_modal_list.html
+++ b/apps/assets/templates/assets/asset_modal_list.html
@@ -1,127 +0,0 @@
-
-<div class="modal-header">
-    <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
-    <h4 class="modal-title" id="myModalLabel">分配/回收资产</h4>
-</div>
-
-<div class="modal-body" style="padding-bottom: 0px;">
-    <table aria-describedby="editable_info" role="grid" class="table table-striped table-bordered table-hover  dataTable" id="editable">
-        <thead>
-            <tr>
-                <th class="text-center" style="background-color:white">
-                    <input type="checkbox" id="check_all" onclick="checkAll()">
-                </th>
-                <th id="th_no">id</th>
-                <th>资产名称</th>
-                <th>IP</th>
-                <th>类型</th>
-            </tr>
-        </thead>
-        <tbody>
-        {% for asset in assets %}
-            {% if asset.id in all_assets %}
-            <tr name="oAssets" class="odd selected text-center">
-                <td class="text-center" ><input type="checkbox" name="checked" value="{{ asset.id }}" checked="checked"></td>
-            {% else %}
-            <tr name="oAssets">
-                <td class="text-center"><input type="checkbox" name="checked" value="{{ asset.id }}" ></td>
-            {% endif %}
-                <td class="text-center">{{ asset.id }}</td>
-                <td class="text-center">{{ asset.hostname }}</td>
-                <td class="text-center">{{ asset.ip }}</td>
-                <td class="text-center">{{ asset.env }}-{{ asset.type }}</td>
-            </tr>
-        {% endfor %}
-        </tbody>
-    </table>
-</div>
-
-<div class="modal-footer">
-    <button type="button" class="btn btn-default" id="close-btn">取消</button>
-    <button type="button" class="btn btn-primary" id="save-btn">保存</button>
-</div>
-
-<script type="text/javascript">
-$(document).ready(function(){
-    var table = $('#editable').DataTable({
-        "aLengthMenu": [[10, 25, 50, -1], ["10", "25", "50", "all"]],
-        "iDisplayLength":25,
-        "aaSorting": [[2, "asc"]],
-        "aoColumnDefs": [ { "bSortable": false, "aTargets": [ 0 ] }],
-        "bAutoWidth": false,
-        "language": {
-            "url": "/static/js/plugins/dataTables/i18n/zh-hans.json"
-        },
-        columns: [
-            {data: "checkbox"},
-            {data: "id"},
-            {data: "hostname"},
-            {data: "ip"},
-            {data: "type"}
-        ]
-    });
-    //将ID列隐藏
-    table.column('1').visible(false);
-
-    $('#editable tbody').on( 'click', 'tr', function () {
-        //alert($(this).hasClass('selected'));
-        if($(this).hasClass('selected')){
-            $(this).removeClass('selected');
-            this.children[0].children[0].checked=0;
-        }else{
-            $(this).addClass('selected');
-            this.children[0].children[0].checked=1;
-        }
-    });
-
-    $('#close-btn').on('click',function(){
-        $('#modal').modal('hide');
-    });
-    var size_name = document.getElementById('asset_on_count').innerText;
-    $('#save-btn').on('click',function(){
-        //alert( table.rows('.selected').data().length +' row(s) selected' );
-        var d = table.rows('.selected').data();
-        var size = d.length;
-        var re = /\d+/;
-        document.getElementById('add_asset').value = size;
-        var str= size_name;
-        var re=/\d+/g;
-        document.getElementById('asset_on_count').innerText = str.replace(re, size);
-        var column2 = table.rows('.selected').data();
-        $("#asset_sed").find("input[name='assets']").remove();
-        $("#asset_sed").find("button[name='asset_hostname']").remove();
-        for(var i=0;i<column2.length;i++){
-            column2[i].checkbox='<input name="checked" value="1" checked="" type="checkbox">';
-            var value = column2[i].id;
-            var ip = column2[i].ip;
-            var hostname = column2[i].hostname;
-            $("#asset_sed").append("<input  type='hidden' name='assets' value='"+value+"'>");
-            $("#asset_on_p").append("<button name='asset_hostname' title='"+ip+"' type='button' class='btn btn-default btn-xs ss'>"+hostname+"</button> ");
-        }
-        $('#modal').modal('hide');
-    });
-
-}); //$(document).ready
-
-var bCheck = 1;
-function checkAll(){
-    if(bCheck){
-        $("tr[name='oAssets']").each(function(){
-            oCheckbox = this.children[0].children[0];
-            $(this).toggleClass('selected',true);
-            oCheckbox.checked=1;
-        });
-        document.getElementById('check_all').checked=1;
-        bCheck = 0;
-    }else{
-        $("tr[name='oAssets']").each(function(){
-            oCheckbox = this.children[0].children[0];
-            $(this).toggleClass('selected',false);
-            oCheckbox.checked=0;
-        });
-        document.getElementById('check_all').checked=0;
-        bCheck = 1;
-    }
-}
-
-</script>
--- a/apps/assets/templates/assets/asset_update.html
+++ b/apps/assets/templates/assets/asset_update.html
@@ -2,6 +2,8 @@
 {% load static %}
 {% load bootstrap3 %}
 {% load i18n %}
+{% load asset_tags %}
+{% load common_tags %}

 {% block custom_head_css_js_create %}
    <link href="{% static "css/plugins/inputTags.css" %}" rel="stylesheet">
@@ -19,33 +21,46 @@
    <h3>{% trans 'Basic' %}</h3>
    {% bootstrap_field form.hostname layout="horizontal" %}
    {% bootstrap_field form.ip layout="horizontal" %}
-    {% bootstrap_field form.public_ip layout="horizontal" %}
    {% bootstrap_field form.port layout="horizontal" %}
-    {% bootstrap_field form.type layout="horizontal" %}
+    {% bootstrap_field form.platform layout="horizontal" %}
+    {% bootstrap_field form.public_ip layout="horizontal" %}
+    {% bootstrap_field form.domain layout="horizontal" %}

    <div class="hr-line-dashed"></div>
-    <h3>{% trans 'Group' %}</h3>
-    {% bootstrap_field form.idc layout="horizontal" %}
-    {% bootstrap_field form.groups layout="horizontal" %}
-
-    <div class="hr-line-dashed"></div>
-    <h3>{% trans 'Asset user' %}</h3>
+    <h3>{% trans 'Auth' %}</h3>
    {% bootstrap_field form.admin_user layout="horizontal" %}

+    <div class="hr-line-dashed"></div>
+    <h3>{% trans 'Node' %}</h3>
+    {% bootstrap_field form.nodes layout="horizontal" %}
+
+    <div class="hr-line-dashed"></div>
+    <h3>{% trans 'Labels' %}</h3>
+    <div class="form-group">
+        <label for="{{ form.labels.id_for_label }}" class="col-md-2 control-label">{% trans 'Label' %}</label>
+        <div class="col-md-9">
+            <select name="labels" class="select2 labels" data-placeholder="{% trans 'Label'  %}" style="width: 100%" multiple="" tabindex="4" id="{{ form.labels.id_for_label }}">
+                {% for name, labels in form.labels.field.queryset|group_labels %}
+                <optgroup label="{{ name }}">
+                    {% for label in labels %}
+                        {% if label in form.labels.initial %}
+                            <option value="{{ label.id }}" selected>{{ label.value }}</option>
+                        {% else %}
+                            <option value="{{ label.id }}">{{ label.value }}</option>
+                        {% endif %}
+                    {% endfor %}
+                </optgroup>
+                {% endfor %}
+            </select>
+        </div>
+    </div>
+
    <div class="hr-line-dashed"></div>
    <h3>{% trans 'Configuration' %}</h3>
    {% bootstrap_field form.number layout="horizontal" %}
-    {% bootstrap_field form.remote_card_ip layout="horizontal" %}
-
-    <div class="hr-line-dashed"></div>
-    <h3>{% trans 'Location' %}</h3>
-    {% bootstrap_field form.cabinet_no layout="horizontal" %}
-    {% bootstrap_field form.cabinet_pos layout="horizontal" %}

    <div class="hr-line-dashed"></div>
    <h3>{% trans 'Other' %}</h3>
-    {% bootstrap_field form.status layout="horizontal" %}
-    {% bootstrap_field form.env layout="horizontal" %}
    {% bootstrap_field form.comment layout="horizontal" %}
    {% bootstrap_field form.is_active layout="horizontal" %}

@@ -62,11 +77,17 @@

 {% block custom_foot_js %}
    <script>
+    function format(item) {
+        var group = item.element.parentElement.label;
+        return group + ':' + item.text;
+    }
    $(document).ready(function () {
-            $('.select2').select2();
-            $("#tags").select2({
-                tags: true,
-                maximumSelectionLength: 8  //最多能够选择的个数
+        $('.select2').select2({
+            allowClear: true
+        });
+        $(".labels").select2({
+            allowClear: true,
+            templateSelection: format
        });
    })
    </script>
--- a/apps/assets/templates/assets/domain_create_update.html
+++ b/apps/assets/templates/assets/domain_create_update.html
@@ -0,0 +1,42 @@
+{% extends '_base_create_update.html' %}
+{% load static %}
+{% load bootstrap3 %}
+{% load i18n %}
+
+{% block form %}
+<form id="groupForm" method="post" class="form-horizontal">
+    {% csrf_token %}
+    {% bootstrap_field form.name layout="horizontal" %}
+    {% bootstrap_field form.assets layout="horizontal" %}
+    {% bootstrap_field form.comment layout="horizontal" %}
+
+    <div class="hr-line-dashed"></div>
+    <div class="form-group">
+        <div class="col-sm-4 col-sm-offset-2">
+            <button class="btn btn-default" type="reset"> {% trans 'Reset' %}</button>
+            <button id="submit_button" class="btn btn-primary" type="submit">{% trans 'Submit' %}</button>
+        </div>
+    </div>
+</form>
+{% include 'assets/_asset_list_modal.html' %}
+{% endblock %}
+
+{% block custom_foot_js %}
+<script type="text/javascript">
+$(document).ready(function () {
+    console.log($.fn.select2.defaults);
+    $('.select2').select2().off("select2:open");
+}).on('click', '.select2-selection__rendered', function (e) {
+    e.preventDefault();
+    $("#asset_list_modal").modal();
+})
+.on('click', '#btn_asset_modal_confirm', function () {
+    var assets = asset_table2.selected;
+    $.each(assets, function (id, data) {
+        $('.select2').val(assets).trigger('change');
+    });
+    $("#asset_list_modal").modal('hide');
+
+})
+</script>
+{% endblock %}
--- a/apps/assets/templates/assets/domain_detail.html
+++ b/apps/assets/templates/assets/domain_detail.html
@@ -0,0 +1,132 @@
+{% extends 'base.html' %}
+{% load static %}
+{% load i18n %}
+
+{% block custom_head_css_js %}
+    <link href='{% static "css/plugins/select2/select2.min.css" %}' rel="stylesheet">
+    <script src='{% static "js/plugins/select2/select2.full.min.js" %}'></script>
+{% endblock %}
+
+{% block content %}
+    <div class="wrapper wrapper-content animated fadeInRight">
+        <div class="row">
+            <div class="col-sm-12">
+                <div class="ibox float-e-margins">
+                    <div class="panel-options">
+                        <ul class="nav nav-tabs">
+                            <li class="active">
+                                <a href="{% url 'assets:domain-detail' pk=object.id %}" class="text-center"><i class="fa fa-laptop"></i> {% trans 'Detail' %} </a>
+                            </li>
+                            <li>
+                                <a href="{% url 'assets:domain-gateway-list' pk=object.id %}" class="text-center"><i class="fa fa-laptop"></i> {% trans 'Gateway' %} </a>
+                            </li>
+                            <li class="pull-right">
+                                <a class="btn btn-outline btn-default" href="{% url 'assets:domain-update' pk=object.id %}"><i class="fa fa-edit"></i>{% trans 'Update' %}</a>
+                            </li>
+                            <li class="pull-right">
+                                <a class="btn btn-outline btn-danger btn-del">
+                                    <i class="fa fa-trash-o"></i>{% trans 'Delete' %}
+                                </a>
+                            </li>
+                        </ul>
+                    </div>
+                    <div class="tab-content">
+                        <div class="col-sm-9" style="padding-left: 0;">
+                            <div class="ibox float-e-margins">
+                                <div class="ibox-title">
+                                    <span class="label"><b>{{ object.name }}</b></span>
+                                    <div class="ibox-tools">
+                                        <a class="collapse-link">
+                                            <i class="fa fa-chevron-up"></i>
+                                        </a>
+                                        <a class="dropdown-toggle" data-toggle="dropdown" href="#">
+                                            <i class="fa fa-wrench"></i>
+                                        </a>
+                                        <ul class="dropdown-menu dropdown-user">
+                                        </ul>
+                                        <a class="close-link">
+                                            <i class="fa fa-times"></i>
+                                        </a>
+                                    </div>
+                                </div>
+                                <div class="ibox-content">
+                                    <table class="table">
+                                        <tbody>
+                                        <tr class="no-borders-tr">
+                                            <td>{% trans 'Name' %}:</td>
+                                            <td><b>{{ object.name }}</b></td>
+                                        </tr>
+                                        <tr>
+                                            <td>{% trans 'Asset' %}:</td>
+                                            <td><b>{{ object.assets.count }}</b></td>
+                                        </tr>
+                                        <tr>
+                                            <td>{% trans 'Gateway' %}:</td>
+                                            <td><b>{{ object.gateway_set.count }}</b></td>
+                                        </tr>
+                                        <tr>
+                                            <td>{% trans 'Date created' %}:</td>
+                                            <td><b>{{ object.date_created }}</b></td>
+                                        </tr>
+                                        <tr>
+                                            <td>{% trans 'Created by' %}:</td>
+                                            <td><b>{{ object.created_by  }}</b></td>
+                                        </tr>
+                                        <tr>
+                                            <td>{% trans 'Comment' %}:</td>
+                                            <td><b>{{ object.comment }}</b></td>
+                                        </tr>
+                                        </tbody>
+                                    </table>
+                                </div>
+                            </div>
+                        </div>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+{% endblock %}
+{% block content_bottom_left %}{% endblock %}
+{% block custom_foot_js %}
+<script>
+function initTable() {
+    var options = {
+        ele: $('#domain_list_table'),
+        columnDefs: [
+            {targets: 1, createdCell: function (td, cellData, rowData) {
+                var detail_btn = '<a href="{% url "assets:domain-detail" pk=DEFAULT_PK %}">' + cellData + '</a>';
+                $(td).html(detail_btn.replace('{{ DEFAULT_PK }}', rowData.id));
+             }},
+
+            {targets: 5, createdCell: function (td, cellData, rowData) {
+                var update_btn = '<a href="{% url "assets:domain-update" pk=DEFAULT_PK %}" class="btn btn-xs btn-info">{% trans "Update" %}</a>'.replace('{{ DEFAULT_PK }}', cellData);
+                var del_btn = '<a class="btn btn-xs btn-danger m-l-xs btn-delete" data-uid="{{ DEFAULT_PK }}">{% trans "Delete" %}</a>'.replace('{{ DEFAULT_PK }}', cellData);
+                $(td).html(update_btn + del_btn)
+             }}
+        ],
+        ajax_url: '{% url "api-assets:domain-list" %}',
+        columns: [
+            {data: "id"}, {data: "name" }, {data: "asset_count" },
+            {data: "gateway_count" }, {data: "comment" }, {data: "id"}
+        ],
+        op_html: $('#actions').html()
+    };
+    jumpserver.initDataTable(options);
+}
+$(document).ready(function(){
+    initTable();
+})
+.on('click', '.btn-delete', function () {
+    var $this = $(this);
+    var $data_table = $('#domain_list_table').DataTable();
+    var name = $(this).closest("tr").find(":nth-child(2)").children('a').html();
+    var uid = $this.data('uid');
+    var the_url = '{% url "api-assets:domain-detail" pk=DEFAULT_PK %}'.replace('{{ DEFAULT_PK }}', uid);
+    objectDelete($this, name, the_url);
+    setTimeout( function () {
+        $data_table.ajax.reload();
+    }, 3000);
+});
+</script>
+{% endblock %}
--- a/apps/assets/templates/assets/domain_gateway_list.html
+++ b/apps/assets/templates/assets/domain_gateway_list.html
@@ -0,0 +1,126 @@
+{% extends 'base.html' %}
+{% load static %}
+{% load i18n %}
+
+{% block custom_head_css_js %}
+    <link href='{% static "css/plugins/select2/select2.min.css" %}' rel="stylesheet">
+    <script src='{% static "js/plugins/select2/select2.full.min.js" %}'></script>
+{% endblock %}
+
+{% block content %}
+    <div class="wrapper wrapper-content animated fadeInRight">
+        <div class="row">
+            <div class="col-sm-12">
+                <div class="ibox float-e-margins">
+                    <div class="panel-options">
+                        <ul class="nav nav-tabs">
+                            <li>
+                                <a href="{% url 'assets:domain-detail' pk=object.id %}" class="text-center"><i class="fa fa-laptop"></i> {% trans 'Detail' %} </a>
+                            </li>
+                            <li class="active">
+                                <a href="{% url 'assets:domain-detail' pk=object.id %}" class="text-center"><i class="fa fa-laptop"></i> {% trans 'Gateway' %} </a>
+                            </li>
+                        </ul>
+                    </div>
+                    <div class="tab-content">
+                        <div class="col-sm-12" style="padding-left: 0;">
+                            <div class="" id="content_start">
+                            </div>
+                            <div class="ibox float-e-margins">
+                                <div class="ibox-title">
+                                    <span style="float: left"><b>{% trans 'Gateway list' %}</b></span>
+                                    <div class="ibox-tools">
+                                        <a class="collapse-link">
+                                            <i class="fa fa-chevron-up"></i>
+                                        </a>
+                                        <a class="dropdown-toggle" data-toggle="dropdown" href="#">
+                                            <i class="fa fa-wrench"></i>
+                                        </a>
+                                        <ul class="dropdown-menu dropdown-user">
+                                        </ul>
+                                        <a class="close-link">
+                                            <i class="fa fa-times"></i>
+                                        </a>
+                                    </div>
+                                </div>
+                                <div class="ibox-content">
+                                    <div class="uc pull-left  m-r-5">
+                                        <a href="{% url 'assets:domain-gateway-create' pk=object.id %}" class="btn btn-sm btn-primary"> {% trans "Create gateway" %} </a>
+                                    </div>
+                                    <table class="table table-striped table-bordered table-hover " id="domain_list_table" >
+                                        <thead>
+                                        <tr>
+                                            <th class="text-center">
+                                                <input type="checkbox" id="check_all" class="ipt_check_all" >
+                                            </th>
+                                            <th class="text-center">{% trans 'Name' %}</th>
+                                            <th class="text-center">{% trans 'IP' %}</th>
+                                            <th class="text-center">{% trans 'Port' %}</th>
+                                            <th class="text-center">{% trans 'Protocol' %}</th>
+                                            <th class="text-center">{% trans 'Username' %}</th>
+                                            <th class="text-center">{% trans 'Comment' %}</th>
+                                            <th class="text-center">{% trans 'Action' %}</th>
+                                        </tr>
+                                        </thead>
+                                        <tbody>
+                                        </tbody>
+                                    </table>
+                                </div>
+                            </div>
+                        </div>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+{% endblock %}
+{% block content_bottom_left %}{% endblock %}
+{% block custom_foot_js %}
+<script>
+function initTable() {
+    var options = {
+        ele: $('#domain_list_table'),
+        columnDefs: [
+            {targets: 7, createdCell: function (td, cellData, rowData) {
+                var update_btn = '<a href="{% url "assets:domain-gateway-update" pk=DEFAULT_PK %}" class="btn btn-xs btn-info">{% trans "Update" %}</a>'.replace('{{ DEFAULT_PK }}', cellData);
+                var del_btn = '<a class="btn btn-xs btn-danger m-l-xs btn-delete" data-uid="{{ DEFAULT_PK }}">{% trans "Delete" %}</a>'.replace('{{ DEFAULT_PK }}', cellData);
+                var test_btn = '<a class="btn btn-xs btn-warning m-l-xs btn-test" data-uid="{{ DEFAULT_PK }}">{% trans "Test connection" %}</a>'.replace('{{ DEFAULT_PK }}', cellData);
+                $(td).html(update_btn + test_btn + del_btn)
+             }}
+        ],
+        ajax_url: '{% url "api-assets:gateway-list" %}?domain={{ object.id }}',
+        columns: [
+            {data: "id"}, {data: "name" }, {data: 'ip'}, {data: 'port'},
+            {data: "protocol"}, {data: "username" }, {data: "comment" }, {data: "id"}
+        ],
+        op_html: $('#actions').html()
+    };
+    jumpserver.initDataTable(options);
+}
+$(document).ready(function(){
+    initTable();
+})
+.on('click', '.btn-delete', function () {
+    var $this = $(this);
+    var $data_table = $('#domain_list_table').DataTable();
+    var name = $(this).closest("tr").find(":nth-child(2)").children('a').html();
+    var uid = $this.data('uid');
+    var the_url = '{% url "api-assets:gateway-detail" pk=DEFAULT_PK %}'.replace('{{ DEFAULT_PK }}', uid);
+    objectDelete($this, name, the_url);
+    setTimeout( function () {
+        $data_table.ajax.reload();
+    }, 3000);
+}).on('click', '.btn-test', function () {
+    var $this = $(this);
+    var uid = $this.data('uid');
+    var the_url = '{% url "api-assets:test-gateway-connective" pk=DEFAULT_PK %}'.replace('{{ DEFAULT_PK }}', uid);
+    APIUpdateAttr({
+        url: the_url,
+        method: "GET",
+        success_message: "可连接",
+        fail_message: "连接失败"
+    })
+
+})
+</script>
+{% endblock %}
--- a/apps/assets/templates/assets/domain_list.html
+++ b/apps/assets/templates/assets/domain_list.html
@@ -0,0 +1,74 @@
+{% extends '_base_list.html' %}
+{% load i18n static %}
+{% block table_search %}{% endblock %}
+{% block table_container %}
+<div class="uc pull-left  m-r-5">
+    <a href="{% url 'assets:domain-create' %}" class="btn btn-sm btn-primary"> {% trans "Create domain" %} </a>
+</div>
+<table class="table table-striped table-bordered table-hover " id="domain_list_table" >
+    <thead>
+    <tr>
+        <th class="text-center">
+            <input type="checkbox" id="check_all" class="ipt_check_all" >
+        </th>
+        <th class="text-center">{% trans 'Name' %}</th>
+        <th class="text-center">{% trans 'Asset' %}</th>
+        <th class="text-center">{% trans 'Gateway' %}</th>
+        <th class="text-center">{% trans 'Comment' %}</th>
+        <th class="text-center">{% trans 'Action' %}</th>
+    </tr>
+    </thead>
+    <tbody>
+    </tbody>
+</table>
+{% endblock %}
+{% block content_bottom_left %}{% endblock %}
+{% block custom_foot_js %}
+<script>
+function initTable() {
+    var options = {
+        ele: $('#domain_list_table'),
+        columnDefs: [
+            {targets: 1, createdCell: function (td, cellData, rowData) {
+                var detail_btn = '<a href="{% url "assets:domain-detail" pk=DEFAULT_PK %}">' + cellData + '</a>';
+                $(td).html(detail_btn.replace('{{ DEFAULT_PK }}', rowData.id));
+             }},
+            {targets: 3, createdCell: function (td, cellData, rowData) {
+                var gateway_list_btn = '<a href="{% url "assets:domain-gateway-list" pk=DEFAULT_PK %}">' + cellData + '</a>';
+                gateway_list_btn = gateway_list_btn.replace("{{ DEFAULT_PK }}", rowData.id);
+                $(td).html(gateway_list_btn);
+             }},
+            {targets: 5, createdCell: function (td, cellData, rowData) {
+                var update_btn = '<a href="{% url "assets:domain-update" pk=DEFAULT_PK %}" class="btn btn-xs btn-info">{% trans "Update" %}</a>'.replace('{{ DEFAULT_PK }}', cellData);
+                var del_btn = '<a class="btn btn-xs btn-danger m-l-xs btn-delete" data-uid="{{ DEFAULT_PK }}">{% trans "Delete" %}</a>'.replace('{{ DEFAULT_PK }}', cellData);
+                $(td).html(update_btn + del_btn)
+             }}
+        ],
+        ajax_url: '{% url "api-assets:domain-list" %}',
+        columns: [
+            {data: "id"}, {data: "name" }, {data: "asset_count" },
+            {data: "gateway_count" }, {data: "comment" }, {data: "id"}
+        ],
+        op_html: $('#actions').html()
+    };
+    jumpserver.initDataTable(options);
+}
+$(document).ready(function(){
+    initTable();
+})
+.on('click', '.btn-delete', function () {
+    var $this = $(this);
+    var $data_table = $('#domain_list_table').DataTable();
+    var name = $(this).closest("tr").find(":nth-child(2)").children('a').html();
+    var uid = $this.data('uid');
+    var the_url = '{% url "api-assets:domain-detail" pk=DEFAULT_PK %}'.replace('{{ DEFAULT_PK }}', uid);
+    objectDelete($this, name, the_url);
+    setTimeout( function () {
+        $data_table.ajax.reload();
+    }, 3000);
+});
+</script>
+{% endblock %}
+
+
+
--- a/apps/assets/templates/assets/gateway_create_update.html
+++ b/apps/assets/templates/assets/gateway_create_update.html
@@ -0,0 +1,68 @@
+{% extends 'base.html' %}
+{% load i18n %}
+{% load static %}
+{% load bootstrap3 %}
+{% block custom_head_css_js %}
+    <link href="{% static 'css/plugins/select2/select2.min.css' %}" rel="stylesheet">
+    <script src="{% static 'js/plugins/select2/select2.full.min.js' %}"></script>
+{% endblock %}
+
+{% block content %}
+    <div class="wrapper wrapper-content animated fadeInRight">
+        <div class="row">
+            <div class="col-sm-12">
+                <div class="ibox float-e-margins">
+                    <div class="ibox-title">
+                        <h5>{{ action }}</h5>
+                        <div class="ibox-tools">
+                            <a class="collapse-link">
+                                <i class="fa fa-chevron-up"></i>
+                            </a>
+                            <a class="dropdown-toggle" data-toggle="dropdown" href="#">
+                                <i class="fa fa-wrench"></i>
+                            </a>
+                            <a class="close-link">
+                                <i class="fa fa-times"></i>
+                            </a>
+                        </div>
+                    </div>
+                    <div class="ibox-content">
+                        <form enctype="multipart/form-data" method="post" class="form-horizontal" action="" >
+                            {% csrf_token %}
+                            {% if form.non_field_errors %}
+                                <div class="alert alert-danger">
+                                    {{ form.non_field_errors }}
+                                </div>
+                            {% endif %}
+                            <h3>{% trans 'Basic' %}</h3>
+                            {% bootstrap_field form.name layout="horizontal" %}
+                            {% bootstrap_field form.ip layout="horizontal" %}
+                            {% bootstrap_field form.port layout="horizontal" %}
+                            {% bootstrap_field form.protocol layout="horizontal" %}
+                            {% bootstrap_field form.domain layout="horizontal" %}
+
+                            {% block auth %}
+                            <h3>{% trans 'Auth' %}</h3>
+                            <div class="auth-fields">
+                                {% bootstrap_field form.username layout="horizontal" %}
+                                {% bootstrap_field form.password layout="horizontal" %}
+                                {% bootstrap_field form.private_key_file layout="horizontal" %}
+                            </div>
+                            {% endblock %}
+
+                            <h3>{% trans 'Other' %}</h3>
+                            {% bootstrap_field form.is_active layout="horizontal" %}
+                            {% bootstrap_field form.comment layout="horizontal" %}
+                            <div class="form-group">
+                                <div class="col-sm-4 col-sm-offset-2">
+                                    <button class="btn btn-white" type="reset">{% trans 'Reset' %}</button>
+                                    <button id="submit_button" class="btn btn-primary" type="submit">{% trans 'Submit' %}</button>
+                                </div>
+                            </div>
+                        </form>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+{% endblock %}
--- a/apps/assets/templates/assets/idc_assets.html
+++ b/apps/assets/templates/assets/idc_assets.html
@@ -1,364 +0,0 @@
-{% extends 'base.html' %}
-{% load static %}
-{% load i18n %}
-
-{% block custom_head_css_js %}
-    <link href="{% static "css/plugins/select2/select2.min.css" %}" rel="stylesheet">
-    <script src="{% static "js/plugins/select2/select2.full.min.js" %}"></script>
-	<style type="text/css">
-
-	</style>
-{% endblock %}
-{% block content %}
-    <div class="wrapper wrapper-content animated fadeInRight">
-        <div class="row">
-            <div class="col-sm-12">
-                <div class="ibox float-e-margins">
-                    <div class="panel-options">
-                        <ul class="nav nav-tabs">
-                            <li>
-                                <a href="{% url 'assets:idc-detail' pk=idc.id %}" class="text-center"><i class="fa fa-laptop"></i> {% trans 'Detail' %} </a>
-                            </li>
-                            <li class="active"><a href="{% url 'assets:idc-assets' pk=idc.id %}" class="text-center">
-                                <i class="fa fa-bar-chart-o"></i> {% trans 'IDC assets' %}</a>
-                            </li>
-                        </ul>
-                    </div>
-                    <div class="tab-content">
-                        <div class="col-sm-7" style="padding-left: 0;">
-                            <div class="ibox float-e-margins">
-                                <div class="ibox-title">
-                                    <span style="float: left">{% trans 'IDC assets' %} <b>{{ idc.name }} </b><span class="badge"></span></span>
-                                    <div class="ibox-tools">
-                                        <a class="collapse-link">
-                                            <i class="fa fa-chevron-up"></i>
-                                        </a>
-                                        <a class="dropdown-toggle" data-toggle="dropdown" href="#">
-                                            <i class="fa fa-wrench"></i>
-                                        </a>
-                                        <ul class="dropdown-menu dropdown-user">
-                                        </ul>
-                                        <a class="close-link">
-                                            <i class="fa fa-times"></i>
-                                        </a>
-                                    </div>
-                                </div>
-
-                                <div class="ibox-content">
-                                    <table class="table table-striped table-bordered table-hover " id="idc_assets_table" >
-                                        <thead>
-                                            <tr>
-                                                <th class="text-center">
-                                                    <input type="checkbox" id="check_all" class="ipt_check_all" >
-                                                </th>
-                                                <th>{% trans 'Hostname' %}</th>
-                                                <th>{% trans 'IP' %}</th>
-                                                <th>{% trans 'Port' %}</th>
-                                                <th>{% trans 'Type' %}</th>
-                                                <th>{% trans 'Valid' %}</th>
-                                            </tr>
-                                        </thead>
-                                        <tbody>
-                                        </tbody>
-                                    </table>
-
-	                                  <div id="actions" class="hide">
-									                      <div class="input-group">
-									                          <select class="form-control m-b" style="width: auto" id="slct_bulk_update">
-									                              <option value="delete">{% trans 'Remove selected' %}</option>
-									                          </select>
-									                          <div class="input-group-btn pull-left" style="padding-left: 5px;">
-									                              <button id='btn_bulk_update' style="height: 32px;"  class="btn btn-sm btn-warning">
-									                               {% trans 'Submit' %}
-									                              </button>
-									                          </div>
-									                      </div>
-									                  </div>
-                                </div>
-                            </div>
-                        </div>
-                        <div class="col-sm-5" style="padding-left: 0;padding-right: 0">
-                            <div class="panel panel-primary">
-                                <div class="panel-heading">
-                                    <i class="fa fa-info-circle"></i> {% trans 'Add assets to' %} {{ idc.name }}
-                                </div>
-                                <div class="panel-body">
-                                    <table class="table">
-                                        <tbody>
-                                        <form>
-                                            <tr class="no-borders-tr">
-                                                <td colspan="2">
-                                                    <select data-placeholder="{% trans 'Select asset' %}" class="select2" style="width: 100%" multiple="" tabindex="4">
-                                                        {% for asset in assets_remain %}
-                                                            <option value="{{ asset.id }}" id="opt_{{ asset.id }}">{{ asset.ip}}:{{ asset.port }}</option>
-                                                        {% endfor %}
-                                                    </select>
-                                                </td>
-                                            </tr>
-                                            <tr class="no-borders-tr">
-                                                <td colspan="2">
-                                                    <button type="button" class="btn btn-primary btn-sm btn-asset-attach">{% trans 'Confirm' %}</button>
-                                                </td>
-                                            </tr>
-                                        </form>
-                                        </tbody>
-                                    </table>
-                                </div>
-                            </div>
-                        </div>
-                    </div>
-                </div>
-            </div>
-        </div>
-    </div>
-{% endblock %}
-{% block custom_foot_js %}
-<script src="{% static 'js/jquery.form.min.js' %}"></script>
-<script>
-
-jumpserver.assets_selected = {};
-
-Array.prototype.remove = function(val) {
-	var index = this.indexOf(val);
-		if (index > -1) {
-		this.splice(index, 1);
-	}
-};
-
-function updateIDCAssets(assets) {
-    var the_url = "{% url 'api-assets:idc-update-assets' pk=idc.id %}";
-    var body = {
-        assets: Object.assign([], assets)
-    };
-	var $data_table = $("#idc_assets_table").DataTable();
-    var success = function(data) {
-        $('.select2-selection__rendered').empty();
-        $.map(jumpserver.assets_selected, function(asset_ip, index) {
-	        $('#opt_' + index).remove();
-			$data_table.ajax.reload();
-        });
-        jumpserver.groups_selected = {};
-    };
-    APIUpdateAttr({
-        url: the_url,
-        body: JSON.stringify(body),
-	    method: 'PUT',
-        success: success
-    });
-}
-
-function deleteIDCAssets(assets) {
-	var the_url = "{% url 'api-assets:idc-update-assets' pk=idc.id %}";
-    var body = {
-        assets: Object.assign([], assets)
-    };
-	var $data_table = $("#idc_assets_table").DataTable();
-	var success = function(data) {
-		$data_table.ajax.reload();
-    };
-    APIUpdateAttr({
-        url: the_url,
-        body: JSON.stringify(body),
-	    method: 'PUT',
-        success: success
-    });
-}
-
-$(document).ready(function () {
-	$('.select2').select2()
-	.on("select2:select", function (evt) {
-		var data = evt.params.data;
-		jumpserver.assets_selected[data.id] = data.text;
-	})
-	.on('select2:unselect', function(evt) {
-		var data = evt.params.data;
-		delete jumpserver.assets_selected[data.id];
-	});
-	var options = {
-		ele: $('#idc_assets_table'),
-		buttons: [],
-		order: [],
-		columnDefs: [
-			{targets: 1, createdCell: function (td, cellData, rowData) {
-				var detail_btn = '<a href="{% url "assets:asset-detail" pk=99991937 %}" data-aid="'+rowData.id+'">' + cellData + '</a>';
-				$(td).html(detail_btn.replace('99991937', rowData.id));
-			}},
-			{targets: 5, createdCell: function (td, cellData) {
-				if (!cellData) {
-					$(td).html('<i class="fa fa-times text-danger"></i>')
-				} else {
-					$(td).html('<i class="fa fa-check text-navy"></i>')
-				}
-			}}],
-		ajax_url: '{% url "api-assets:asset-list" %}?idc_id={{ idc.id }}',
-		columns: [{data: function(){return ""}}, {data: "hostname" }, {data: "ip" }, {data: "port" },
-			{data: "type" }, {data: "is_active" }],
-		op_html: $('#actions').html()
-	};
-	jumpserver.initDataTable(options);
-
-})
-
-.on('click', '.btn-asset-attach', function () {
-	if (Object.keys(jumpserver.assets_selected).length === 0) {
-		return false;
-	}
-	var assets=[];
-	var $data_table = $("#idc_assets_table").DataTable();
-	$.ajax({
-		url: '{% url "api-assets:asset-list" %}',
-		method: 'GET',
-		data: {"idc_id": {{ idc.id }}},
-		dataType: 'json',
-		success: function (result) {
-			for(var i in result){
-				if (!isNaN(parseInt(result[i]['id']))) {
-					assets.push(parseInt(result[i]['id']))
-				}
-			}
-			$.map(jumpserver.assets_selected, function(value, index) {
-				assets.push(parseInt(index));
-			});
-			updateIDCAssets(assets);
-
-		}
-	});
-})
-
-.on('click', '#btn_bulk_update', function () {
-	var action = $("#slct_bulk_update").val();
-	var $data_table = $("#idc_assets_table").DataTable();
-	var id_list = [];
-	var plain_id_list = [];
-	var assets = [];
-	$data_table.rows({selected: true}).every(function(){
-        id_list.push({id: this.data().id});
-        plain_id_list.push(this.data().id);
-    });
-    if (id_list === []) {
-        return false;
-    }
-    $.ajax({
-    	url: '{% url "api-assets:asset-list" %}',
-	    data: {"idc_id": {{ idc.id }}},
-	    dataType: 'json',
-	    method: 'GET',
-	    success: function (result) {
-		    for (var i in result) {
-		    	if (!isNaN(result[i]['id'])) {
-		    		assets.push(result[i]['id']);
-			    }
-		    }
-		    for (var j in plain_id_list) {
-		    	assets.remove(plain_id_list[j])
-		    }
-		    function doDelete() {
-				    swal({
-		                title: "{% trans 'Are you sure?' %}",
-		                text: "{% trans 'This will delete the selected assets !!!' %}",
-		                type: "warning",
-		                showCancelButton: true,
-		                confirmButtonColor: "#DD6B55",
-		                confirmButtonText: "{% trans 'Confirm' %}",
-		                closeOnConfirm: false
-		            }, function() {
-		                var success = function() {
-		                    var msg = "{% trans 'Asset Deleted.' %}";
-		                    swal("{% trans 'Asset Delete' %}", msg, "success");
-		                    $('#idc_assets_table').DataTable().ajax.reload();
-		                };
-		                var fail = function() {
-		                    var msg = "{% trans 'Asset Deleting failed.' %}";
-		                    swal("{% trans 'Asset Delete' %}", msg, "error");
-		                };
-		                var url_delete = "{% url 'api-assets:idc-update-assets' pk=idc.id %}";
-		                var body = {
-				            assets: Object.assign([], assets)
-				        };
-		            APIUpdateAttr({url: url_delete, body: JSON.stringify(body),  method: 'PUT', success: success, error: fail});
-		            jumpserver.checked = false;
-                });
-		    }
-		    function doUpdate() {
-				$('#asset_bulk_update_modal').modal('show');
-		    }
-		    switch (action) {
-		        case 'delete':
-		            doDelete();
-		            break;
-		        case 'update':
-		            doUpdate();
-		            break;
-		        default:
-		            break;
-		    }
-
-	    }
-    });
-})
-
-.on('click', '#btn_asset_bulk_update', function () {
-	var json_data = $("#fm_asset_bulk_update").serializeObject();
-	var body = {};
-    body.enable_otp = (json_data.enable_otp === 'on')? true: false;
-    if (json_data.type != '') {
-        body.type = json_data.type;
-    }
-
-    if (json_data.groups != undefined) {
-        body.groups = json_data.groups;
-    }
-    if (typeof body.groups === 'string') {
-        body.groups = [parseInt(body.groups)]
-    } else if(typeof body.groups === 'array') {
-        var new_groups = body.groups.map(Number);
-        body.groups = new_groups;
-    }
-
-    if (json_data.users != undefined) {
-    	body.users = json_data.users;
-    }
-    if (typeof body.users === 'string') {
-    	body.users = [parseInt(body.users)]
-    } else if(typeof body.users === 'array') {
-    	var new_users = body.users.map(Number);
-    	body.users = new_users;
-    }
-
-    if (json_data.tags != undefined) {
-    	body.tags = json_data.tags;
-    }
-    if (typeof body.tags == 'string') {
-    	body.tags = [parseInt(body.tags)];
-    } else if (typeof body.tags === 'array') {
-    	var new_tags = body.tags.map(Number);
-    	body.tags = new_tags;
-    }
-
-    var $data_table = $('#asset_list_table').DataTable();
-    var post_list = [];
-    $data_table.rows({selected: true}).every(function(){
-        var content = Object.assign({id: this.data().id}, body);
-        post_list.push(content);
-    });
-    if (post_list === []) {
-        return false
-    }
-    var the_url = "{% url 'api-assets:asset-list' %}";
-    var success = function() {
-        var msg = "{% trans 'The selected assets has been updated successfully.' %}";
-        swal("{% trans 'Asset Updated' %}", msg, "success");
-        $('#asset_list_table').DataTable().ajax.reload();
-        jumpserver.checked = false;
-    };
-    APIUpdateAttr({url: the_url, method: 'PATCH', body: JSON.stringify(post_list), success: success});
-    $('#asset_bulk_update_modal').modal('hide');
-});
-
-
-
-
-
-
-</script>
-{% endblock %}
--- a/apps/assets/templates/assets/idc_create_update.html
+++ b/apps/assets/templates/assets/idc_create_update.html
@@ -1,73 +0,0 @@
-{% extends 'base.html' %}
-{% load i18n %}
-{% load static %}
-{% load bootstrap3 %}
-{% block custom_head_css_js %}
-    <link href="{% static "css/plugins/select2/select2.min.css" %}" rel="stylesheet">
-    <script src="{% static "js/plugins/select2/select2.full.min.js" %}"></script>
-{% endblock %}
-{% block content %}
-<div class="wrapper wrapper-content animated fadeInRight">
-    <div class="row">
-        <div class="col-sm-10">
-            <div class="ibox float-e-margins">
-                <div id="ibox-content" class="ibox-title">
-                    <h5> {{ action }}</h5>
-                    <div class="ibox-tools">
-                        <a class="collapse-link">
-                            <i class="fa fa-chevron-up"></i>
-                        </a>
-                        <a class="dropdown-toggle" data-toggle="dropdown" href="#">
-                            <i class="fa fa-wrench"></i>
-                        </a>
-                        <a class="close-link">
-                            <i class="fa fa-times"></i>
-                        </a>
-                    </div>
-                </div>
-
-                <div class="ibox-content">
-                    <div class="panel blank-panel">
-                        <div class="panel-body">
-                            <div class="tab-content">
-                                <div id="tab-1" class="ibox float-e-margins tab-pane active"></div>
-                                    <form id="IDCForm" method="post" class="form-horizontal">
-                                        {% csrf_token %}
-                                        <h3 class="widget-head-color-box">基本信息</h3>
-                                        {% bootstrap_field form.name layout="horizontal" %}
-                                        {% bootstrap_field form.address layout="horizontal" %}
-                                        {% bootstrap_field form.contact layout="horizontal" %}
-                                        {% bootstrap_field form.phone layout="horizontal" %}
-
-                                        <div class="hr-line-dashed"></div>
-                                        <h3 class="widget-head-color-box">IP段</h3>
-                                        {% bootstrap_field form.operator layout="horizontal" %}
-                                        {% bootstrap_field form.intranet layout="horizontal" %}
-                                        {% bootstrap_field form.extranet layout="horizontal" %}
-
-                                        <div class="hr-line-dashed"></div>
-                                        <div class="form-group">
-                                            <div class="col-sm-4 col-sm-offset-2">
-                                                <button class="btn btn-default" type="reset"> {% trans 'Reset' %}</button>
-                                                <button id="submit_button" class="btn btn-primary" type="submit">{% trans 'Submit' %}</button>
-                                            </div>
-                                        </div>
-                                    </form>
-                                </div>
-                            </div>
-                        </div>
-                    </div>
-                </div>
-            </div>
-        </div>
-    </div>
-</div>
-{% endblock %}
-
-{% block custom_foot_js %}
-    <script>
-        $(document).ready(function () {
-            $('.select2').select2();
-        })
-    </script>
-{% endblock %}
--- a/apps/assets/templates/assets/idc_detail.html
+++ b/apps/assets/templates/assets/idc_detail.html
@@ -1,156 +0,0 @@
-{% extends 'base.html' %}
-{% load static %}
-{% load i18n %}
-
-{% block custom_head_css_js %}
-    <link href="{% static "css/plugins/select2/select2.min.css" %}" rel="stylesheet">
-    <script src="{% static "js/plugins/select2/select2.full.min.js" %}"></script>
-{% endblock %}
-{% block content %}
-    <div class="wrapper wrapper-content animated fadeInRight">
-        <div class="row">
-            <div class="col-sm-12">
-                <div class="ibox float-e-margins">
-                    <div class="panel-options">
-                        <ul class="nav nav-tabs">
-                            <li class="active">
-                                <a href="{% url 'assets:idc-detail' pk=idc.id %}" class="text-center"><i class="fa fa-laptop"></i> {% trans 'Detail' %} </a>
-                            </li>
-                            <li>
-                                <a href="{% url 'assets:idc-assets' pk=idc.id %}" class="text-center">
-                                <i class="fa fa-bar-chart-o"></i> {% trans 'IDC assets' %}
-                                </a>
-                            </li>
-                            <li class="pull-right">
-                                <a class="btn btn-outline btn-default" href="{% url 'assets:idc-update' pk=idc.id %}"><i class="fa fa-edit"></i>Update</a>
-                            </li>
-                            <li class="pull-right">
-                                <a class="btn btn-outline btn-danger btn-delete-idc">
-                                    <i class="fa fa-edit"></i>Delete
-                                </a>
-                            </li>
-                        </ul>
-                    </div>
-                    <div class="tab-content">
-                        <div class="col-sm-7" style="padding-left: 0;">
-                            <div class="ibox float-e-margins">
-                                <div class="ibox-title">
-                                    <span class="label"><b>{{ idc.name }}</b></span>
-                                    <div class="ibox-tools">
-                                        <a class="collapse-link">
-                                            <i class="fa fa-chevron-up"></i>
-                                        </a>
-                                        <a class="dropdown-toggle" data-toggle="dropdown" href="#">
-                                            <i class="fa fa-wrench"></i>
-                                        </a>
-                                        <ul class="dropdown-menu dropdown-user">
-                                        </ul>
-                                        <a class="close-link">
-                                            <i class="fa fa-times"></i>
-                                        </a>
-                                    </div>
-                                </div>
-                                <div class="ibox-content">
-                                    <table class="table">
-                                        <tbody>
-                                        <tr class="no-borders-tr">
-                                            <td width="20%">{% trans 'Name' %}:</td>
-                                            <td><b>{{ idc.name }}</b></td>
-                                        </tr>
-                                        <tr>
-                                            <td>{% trans 'Bandwidth' %}:</td>
-                                            <td><b>{{ idc.bandwidth }}</b></td>
-                                        </tr>
-                                        <tr>
-                                            <td>{% trans 'Contact' %}:</td>
-                                            <td><b>{{ idc.contact }}</b></td>
-                                        </tr>
-                                        <tr>
-                                            <td>{% trans 'Phone' %}:</td>
-                                            <td><b>{{ idc.phone }}</b></td>
-                                        </tr>
-                                        <tr>
-                                            <td>{% trans 'Address' %}:</td>
-                                            <td><b>{{ idc.address }}</b></td>
-                                        </tr>
-                                        <tr>
-                                            <td>{% trans 'Intranet' %}:</td>
-                                            <td><b>{{ idc.Intranet }}</b></td>
-                                        </tr>
-                                        <tr>
-                                            <td>{% trans 'Extranet' %}:</td>
-                                            <td><b>{{ idc.extranet }}</b></td>
-                                        </tr>
-                                        <tr>
-                                            <td>{% trans 'Operator' %}:</td>
-                                            <td><b>{{ idc.operator }}</b></td>
-                                        </tr>
-                                        <tr>
-                                            <td>{% trans 'Date created' %}:</td>
-                                            <td><b>{{ system_user.date_created }}</b></td>
-                                        </tr>
-                                        <tr>
-                                            <td>{% trans 'Created by' %}:</td>
-                                            <td><b>{{ asset_group.created_by  }}</b></td>
-                                        </tr>
-                                        <tr>
-                                            <td>{% trans 'Comment' %}:</td>
-                                            <td><b>{{ system_user.comment }}</b></td>
-                                        </tr>
-                                        </tbody>
-                                    </table>
-                                </div>
-                            </div>
-                        </div>
-                    </div>
-                </div>
-            </div>
-        </div>
-    </div>
-
-{% endblock %}
-{% block custom_foot_js %}
-<script>
-function idcDelete(name, url) {
-    function doDelete() {
-        var body = {};
-        var success = function() {
-            swal('Deleted!', "[ "+name+"]"+" has been deleted ", "success");
-	        window.location.href="{% url 'assets:idc-list' %}";
-        };
-        var fail = function() {
-            swal("Failed", "Delete"+"[ "+name+" ]"+"failed", "error");
-        };
-        APIUpdateAttr({
-            url: url,
-            body: JSON.stringify(body),
-            method: 'DELETE',
-            success: success,
-            error: fail
-        });
-    }
-    swal({
-        title: 'Are you sure delete ?',
-        text: " [" + name + "] ",
-        type: "warning",
-        showCancelButton: true,
-        cancelButtonText: 'Cancel',
-        confirmButtonColor: "#DD6B55",
-        confirmButtonText: 'Confirm',
-        closeOnConfirm: false
-    }, function () {
-        doDelete()
-    });
-}
-
-$(document).ready(function () {
-	$('.select2').select2();
-})
-.on('click', '.btn-delete-idc', function () {
-	var name = $('.idc-details > tbody > tr').attr("data-name");
-	var id = {{ idc.id }};
-	var the_url = '{% url "api-assets:idc-detail" pk=99991937 %}'.replace(99991937, id);
-	idcDelete(name, the_url);
-});
-</script>
-{% endblock %}
--- a/apps/assets/templates/assets/idc_list.html
+++ b/apps/assets/templates/assets/idc_list.html
@@ -1,129 +0,0 @@
-{% extends '_base_list.html' %}
-{% load i18n static %}
-{% block custom_head_css_js %}
-<link href="{% static 'css/plugins/select2/select2.min.css' %}" rel="stylesheet">
-<script src="{% static 'js/plugins/select2/select2.full.min.js' %}"></script>
-{% endblock %}
-{% block table_search %}{% endblock %}
-{% block table_container %}
-<div class="uc pull-left m-l-5 m-r-5">
-    <a href="{% url "assets:idc-create" %}" class="btn btn-sm btn-primary"> {% trans "Create IDC" %} </a>
-</div>
-<table class="table table-striped table-bordered table-hover " id="idc_list_table" >
-    <thead>
-    <tr>
-        <th class="text-center">
-            <input type="checkbox" id="check_all" class="ipt_check_all" >
-        </th>
-        <th class="text-center"><a href="{% url 'assets:idc-list' %}?sort=name">{% trans 'Name' %}</a></th>
-        <th class="text-center">{% trans 'Asset num' %}</th>
-        <th class="text-center">{% trans 'Contact' %}</th>
-        <th class="text-center">{% trans 'Phone' %}</th>
-        <th class="text-center">{% trans 'Operator' %}</th>
-        <th class="text-center">{% trans 'Action' %}</th>
-    </tr>
-    </thead>
-    <tbody>
-    </tbody>
-</table>
-<div id="actions" class="hide">
-    <div class="input-group">
-        <select class="form-control m-b" style="width: auto" id="slct_bulk_update">
-            <option value="delete">{% trans 'Delete selected' %}</option>
-        </select>
-        <div class="input-group-btn pull-left" style="padding-left: 5px;">
-            <button id='btn_bulk_update' style="height: 32px;"  class="btn btn-sm btn-primary">
-                {% trans 'Submit' %}
-            </button>
-        </div>
-    </div>
-</div>
-{% endblock %}
-{% block content_bottom_left %}{% endblock %}
-{% block custom_foot_js %}
-<script>
-$(document).ready(function(){
-    var options = {
-        ele: $('#idc_list_table'),
-        columnDefs: [
-            {targets: 1, createdCell: function (td, cellData, rowData) {
-                var detail_btn = '<a href="{% url "assets:idc-detail" pk=99991937 %}">' + cellData + '</a>';
-                $(td).html(detail_btn.replace('99991937', rowData.id));
-             }},
-
-            {targets: 6, createdCell: function (td, cellData, rowData) {
-                var update_btn = '<a href="{% url "assets:idc-update" pk=99991937 %}" class="btn btn-xs btn-info">{% trans "Update" %}</a>'.replace('99991937', cellData);
-                var del_btn = '<a class="btn btn-xs btn-danger m-l-xs btn_idc_delete" data-uid="99991937">{% trans "Delete" %}</a>'.replace('99991937', cellData);
-                $(td).html(update_btn + del_btn)
-             }}],
-        ajax_url: '{% url "api-assets:idc-list" %}',
-        columns: [{data: function(){return ""}}, {data: "name" }, {data: "assets_amount" }, {data: "contact" }, {data: "phone" },
-                  {data: "operator" }, {data: "id" }],
-        op_html: $('#actions').html()
-    };
-    jumpserver.initDataTable(options);
-})
-
-.on('click', '.btn_idc_delete', function () {
-    var $this = $(this);
-    var $data_table = $('#idc_list_table').DataTable();
-    var name = $(this).closest("tr").find(":nth-child(2)").children('a').html();
-    var uid = $this.data('uid');
-    var the_url = '{% url "api-assets:idc-detail" pk=99991937 %}'.replace('99991937', uid);
-    objectDelete($this, name, the_url);
-    setTimeout( function () {
-        $data_table.ajax.reload();
-    }, 3000);
-})
-
-.on('click', '#btn_bulk_update', function () {
-    var action = $('#slct_bulk_update').val();
-    var $data_table = $('#idc_list_table').DataTable();
-    var id_list = [];
-    var plain_id_list = [];
-    $data_table.rows({selected: true}).every(function(){
-        id_list.push({id: this.data().id});
-        plain_id_list.push(this.data().id);
-    });
-    if (id_list === []) {
-        return false;
-    }
-    var the_url = "{% url 'api-assets:idc-list' %}";
-    function doDelete() {
-        swal({
-            title: "{% trans 'Are you sure?' %}",
-            text: "{% trans 'This will delete the selected idc' %}",
-            type: "warning",
-            showCancelButton: true,
-            confirmButtonColor: "#DD6B55",
-            confirmButtonText: "{% trans 'Confirm' %}",
-            closeOnConfirm: false
-        }, function() {
-            var success = function() {
-                var msg = "{% trans 'IDC Deleted.' %}";
-                swal("{% trans 'IDC Delete' %}", msg, "success");
-                $('#idc_list_table').DataTable().ajax.reload();
-            };
-            var fail = function() {
-                var msg = "{% trans 'IDC Deleting failed.' %}";
-                swal("{% trans 'IDC Delete' %}", msg, "error");
-            };
-            var url_delete = the_url + '?id__in=' + JSON.stringify(plain_id_list);
-            APIUpdateAttr({url: url_delete, method: 'DELETE', success: success, error: fail});
-            $data_table.ajax.reload();
-            jumpserver.checked = false;
-        });
-    }
-    switch (action) {
-        case 'delete':
-            doDelete();
-            break;
-        default:
-            break;
-    }
-});
-</script>
-{% endblock %}
-
-
-
--- a/apps/assets/templates/assets/label_create_update.html
+++ b/apps/assets/templates/assets/label_create_update.html
@@ -0,0 +1,47 @@
+{% extends '_base_create_update.html' %}
+{% load static %}
+{% load bootstrap3 %}
+{% load i18n %}
+
+
+
+{% block form %}
+<form id="groupForm" method="post" class="form-horizontal">
+    {% csrf_token %}
+    {% bootstrap_field form.name layout="horizontal" %}
+    {% bootstrap_field form.value layout="horizontal" %}
+    {% bootstrap_field form.assets layout="horizontal" %}
+
+    <div class="hr-line-dashed"></div>
+    <div class="form-group">
+        <div class="col-sm-4 col-sm-offset-2">
+            <button class="btn btn-default" type="reset"> {% trans 'Reset' %}</button>
+            <button id="submit_button" class="btn btn-primary" type="submit">{% trans 'Submit' %}</button>
+        </div>
+    </div>
+</form>
+{% include 'assets/_asset_list_modal.html' %}
+{% endblock %}
+
+{% block custom_foot_js %}
+<script type="text/javascript">
+$(document).ready(function () {
+    $('.select2').select2({
+        closeOnSelect: false
+    })
+}).on('click', '.select2-selection__rendered', function (e) {
+    e.preventDefault();
+    $("#asset_list_modal").modal();
+})
+.on('click', '#btn_asset_modal_confirm', function () {
+    var assets = asset_table2.selected;
+    $('.select2 option:selected').each(function (i, data) {
+        assets.push($(data).attr('value'))
+    });
+    $.each(assets, function (id, data) {
+        $('.select2').val(assets).trigger('change');
+    });
+    $("#asset_list_modal").modal('hide');
+})
+</script>
+{% endblock %}
--- a/apps/assets/templates/assets/label_list.html
+++ b/apps/assets/templates/assets/label_list.html
@@ -0,0 +1,70 @@
+{% extends '_base_list.html' %}
+{% load i18n static %}
+{% block table_search %}{% endblock %}
+{% block table_container %}
+<div class="uc pull-left  m-r-5">
+    <a href="{% url 'assets:label-create' %}" class="btn btn-sm btn-primary"> {% trans "Create label" %} </a>
+</div>
+<table class="table table-striped table-bordered table-hover " id="label_list_table" >
+    <thead>
+    <tr>
+        <th class="text-center">
+            <input type="checkbox" id="check_all" class="ipt_check_all" >
+        </th>
+        <th class="text-center">{% trans 'Name' %}</th>
+        <th class="text-center">{% trans 'Value' %}</th>
+        <th class="text-center">{% trans 'Asset' %}</th>
+        <th class="text-center">{% trans 'Action' %}</th>
+    </tr>
+    </thead>
+    <tbody>
+    </tbody>
+</table>
+{% endblock %}
+{% block content_bottom_left %}{% endblock %}
+{% block custom_foot_js %}
+<script>
+function initTable() {
+    var options = {
+        ele: $('#label_list_table'),
+        columnDefs: [
+            {targets: 1, createdCell: function (td, cellData, rowData) {
+{#                var detail_btn = '<a href="{% url "assets:label-detail" pk=DEFAULT_PK %}">' + cellData + '</a>';#}
+                var detail_btn = '<a>' + cellData + '</a>';
+                $(td).html(detail_btn.replace('{{ DEFAULT_PK }}', rowData.id));
+             }},
+
+            {targets: 4, createdCell: function (td, cellData, rowData) {
+                var update_btn = '<a href="{% url "assets:label-update" pk=DEFAULT_PK %}" class="btn btn-xs btn-info">{% trans "Update" %}</a>'.replace('{{ DEFAULT_PK }}', cellData);
+                var del_btn = '<a class="btn btn-xs btn-danger m-l-xs btn-delete" data-uid="{{ DEFAULT_PK }}">{% trans "Delete" %}</a>'.replace('{{ DEFAULT_PK }}', cellData);
+                $(td).html(update_btn + del_btn)
+             }}
+        ],
+        ajax_url: '{% url "api-assets:label-list" %}?sort=name',
+        columns: [
+            {data: "id"}, {data: "name" }, {data: "value" },
+            {data: "asset_count" }, {data: "id"}
+        ],
+        op_html: $('#actions').html()
+    };
+    jumpserver.initDataTable(options);
+}
+$(document).ready(function(){
+    initTable();
+})
+.on('click', '.btn-delete', function () {
+    var $this = $(this);
+    var $data_table = $('#label_list_table').DataTable();
+    var name = $(this).closest("tr").find(":nth-child(2)").children('a').html();
+    var uid = $this.data('uid');
+    var the_url = '{% url "api-assets:label-detail" pk=DEFAULT_PK %}'.replace('{{ DEFAULT_PK }}', uid);
+    objectDelete($this, name, the_url);
+    setTimeout( function () {
+        $data_table.ajax.reload();
+    }, 3000);
+});
+</script>
+{% endblock %}
+
+
+
--- a/apps/assets/templates/assets/system_user_asset.html
+++ b/apps/assets/templates/assets/system_user_asset.html
@@ -3,8 +3,8 @@
 {% load i18n %}

 {% block custom_head_css_js %}
-    <link href="{% static "css/plugins/select2/select2.min.css" %}" rel="stylesheet">
-    <script src="{% static "js/plugins/select2/select2.full.min.js" %}"></script>
+    <link href="{% static 'css/plugins/select2/select2.min.css' %}" rel="stylesheet">
+    <script src="{% static 'js/plugins/select2/select2.full.min.js' %}"></script>
 {% endblock %}
 {% block content %}
    <div class="wrapper wrapper-content animated fadeInRight">
@@ -16,13 +16,15 @@
                            <li>
                                <a href="{% url 'assets:system-user-detail' pk=system_user.id %}" class="text-center"><i class="fa fa-laptop"></i> {% trans 'Detail' %} </a>
                            </li>
-                            <li class="active"><a href="{% url 'assets:system-user-asset' pk=system_user.id %}" class="text-center">
-                                <i class="fa fa-bar-chart-o"></i> {% trans 'Attached assets' %}</a>
+                            <li class="active">
+                                <a href="{% url 'assets:system-user-asset' pk=system_user.id %}" class="text-center">
+                                <i class="fa fa-bar-chart-o"></i> {% trans 'Assets' %}
+                                </a>
                            </li>
                        </ul>
                    </div>
                    <div class="tab-content">
-                        <div class="col-sm-7" style="padding-left: 0;">
+                        <div class="col-sm-8" style="padding-left: 0;">
                            <div class="ibox float-e-margins">
                                <div class="ibox-title">
                                    <span style="float: left">{% trans 'Assets of ' %} <b>{{ system_user.name }} </b><span class="badge">{{ paginator.count }}</span></span>
@@ -48,92 +50,38 @@
                                                <th>{% trans 'IP' %}</th>
                                                <th>{% trans 'Port' %}</th>
                                                <th>{% trans 'Reachable' %}</th>
-                                                <th>{% trans 'Action' %}</th>
                                            </tr>
                                        </thead>
                                        <tbody>
-                                            {% for asset in page_obj %}
-                                            <tr>
-                                                <td>{{ asset.hostname }}</td>
-                                                <td>{{ asset.ip }}</td>
-                                                <td>{{ asset.port }}</td>
-                                                <td>
-                                                    <i class="fa fa-check text-navy"></i>
-                                                </td>
-                                                <td>
-                                                    <button class="btn btn-danger pull-right btn-xs {% if asset.is_inherit_from_asset_groups %} disabled {% endif %}" type="button"><i class="fa fa-minus"></i></button>
-                                                </td>
-                                            </tr>
-                                            {% endfor %}
                                        </tbody>
                                    </table>
-{#                                    <div class="row">#}
-{#                                        {% include '_pagination.html' %}#}
-{#                                    </div>#}
                                </div>
                            </div>
                        </div>
-                        <div class="col-sm-5" style="padding-left: 0;padding-right: 0">
+                        <div class="col-sm-4" style="padding-left: 0;padding-right: 0">
                            <div class="panel panel-primary">
                                <div class="panel-heading">
-                                    <i class="fa fa-info-circle"></i> {% trans 'Attach to assets ' %}
+                                    <i class="fa fa-info-circle"></i> {% trans 'Quick update' %}
                                </div>
                                <div class="panel-body">
                                    <table class="table">
                                        <tbody>
-                                        <form>
                                        <tr class="no-borders-tr">
-                                                <td colspan="2">
-                                                    <select data-placeholder="{% trans 'Select asset' %}" class="select2" style="width: 100%" multiple="" tabindex="4">
-                                                        {% for asset in assets_remain %}
-                                                            <option value="{{ asset.id }}">{{ asset.ip}}:{{ asset.port }}</option>
-                                                        {% endfor %}
-                                                    </select>
-                                                </td>
-                                            </tr>
-                                            <tr class="no-borders-tr">
-                                                <td colspan="2">
-                                                    <button type="button" class="btn btn-primary btn-sm btn-add-asset2system-user">{% trans 'Confirm' %}</button>
-                                                </td>
-                                            </tr>
-                                        </form>
-                                        </tbody>
-                                    </table>
-                                </div>
-                            </div>
-
-                            <div class="panel panel-info">
-                                <div class="panel-heading">
-                                    <i class="fa fa-info-circle"></i> {% trans 'Attach to asset groups' %}
-                                </div>
-                                <div class="panel-body">
-                                    <table class="table group_edit">
-                                        <tbody>
-                                        <form>
-                                            <tr>
-                                                <td colspan="2" class="no-borders">
-                                                    <select data-placeholder="{% trans 'Add asset group' %}" class="select2" style="width: 100%" multiple="" tabindex="4">
-                                                        {% for asset_group in asset_groups_remain %}
-                                                        <option value="{{ asset_group.id }}">{{ asset_group.name }}</option>
-                                                        {% endfor %}
-                                                    </select>
-                                                </td>
-                                            </tr>
-                                            <tr>
-                                                <td colspan="2" class="no-borders">
-                                                    <button type="button" class="btn btn-info btn-sm" id="btn_add_user_group">{% trans 'Attach AssetGroup' %}</button>
-                                                </td>
-                                            </tr>
-                                        </form>
-
-                                        {% for asset_group in asset_groups %}
-                                        <tr>
-                                          <td ><b class="bdg_asset_groups" data-gid={{ asset_group.id }}>{{ asset_group.name }}</b></td>
+                                            <td width="50%">{% trans 'Push system user now' %}:</td>
                                            <td>
-                                              <button class="btn btn-danger pull-right btn-xs btn-leave-system_user" type="button"><i class="fa fa-minus"></i></button>
+                                                <span style="float: right">
+                                                    <button type="button" class="btn btn-primary btn-xs btn-push" style="width: 54px">{% trans 'Push' %}</button>
+                                                </span>
+                                            </td>
+                                        </tr>
+                                        <tr>
+                                            <td width="50%">{% trans 'Test assets connective' %}:</td>
+                                            <td>
+                                                <span style="float: right">
+                                                    <button type="button" class="btn btn-primary btn-xs btn-test-connective" style="width: 54px">{% trans 'Test' %}</button>
+                                                </span>
                                            </td>
                                        </tr>
-                                        {% endfor %}
                                        </tbody>
                                    </table>
                                </div>
@@ -144,86 +92,35 @@
            </div>
        </div>
    </div>
-    </div>
-
 {% endblock %}
 {% block custom_foot_js %}
 <script>
-jumpserver.assets_selected = {};
-jumpserver.asset_groups_selected = {};
-Array.prototype.remove = function(val) {
-	var index = this.indexOf(val);
-		if (index > -1) {
-		this.splice(index, 1);
+function initAssetsTable() {
+    var unreachable = {{ system_user.unreachable_assets|safe}};
+    var options = {
+		ele: $('#system_user_list'),
+		buttons: [],
+		order: [],
+		columnDefs: [
+			{targets: 0, createdCell: function (td, cellData, rowData) {
+				var detail_btn = '<a href="{% url "assets:asset-detail" pk=DEFAULT_PK %}" data-aid="'+rowData.id+'">' + cellData + '</a>';
+				$(td).html(detail_btn.replace('{{ DEFAULT_PK }}', rowData.id));
+			}},
+			{targets: 3, createdCell: function (td, cellData) {
+				if (unreachable.indexOf(cellData) >= 0) {
+					$(td).html('<i class="fa fa-times text-danger"></i>')
+				} else {
+					$(td).html('<i class="fa fa-check text-navy"></i>')
 				}
-};
-Array.prototype.unique = function(){
-	var res = [];
-	var json = {};
- 	for(var i = 0; i < this.length; i++){
-  		if(!json[this[i]]){
-   			res.push(this[i]);
-   			json[this[i]] = 1;
-  		}
- 	}
- 	return res;
-};
-function objectDelete(obj, name, url, data) {
-    function doDelete() {
-        var body = data;
-        var success = function() {
-            swal('Deleted!', "[ "+name+"]"+" has been deleted ", "success");
-            $(obj).parent().parent().remove();
+			}}
+		],
+		ajax_url: '{% url "api-assets:asset-list" %}?system_user_id={{ system_user.id }}',
+		columns: [{data: "hostname" }, {data: "ip" }, {data: "port" }, {data: "hostname" }],
+		op_html: $('#actions').html()
 	};
-        var fail = function() {
-            swal("Failed", "Delete"+"[ "+name+" ]"+"failed", "error");
-        };
-        APIUpdateAttr({
-            url: url,
-            body: JSON.stringify(body),
-            method: 'PATCH',
-            success: success,
-            error: fail
-        });
-    }
-    swal({
-        title: 'Are you sure delete ?',
-        text: " [" + name + "] ",
-        type: "warning",
-        showCancelButton: true,
-        cancelButtonText: 'Cancel',
-        confirmButtonColor: "#DD6B55",
-        confirmButtonText: 'Confirm',
-        closeOnConfirm: false
-    }, function () {
-        doDelete()
-    });
-}
-function updateSystemUserAssetGroup(asset_groups) {
-	var the_url = "{% url 'api-assets:systemuser-update-assetgroups' pk=system_user.id %}";
-    var body = {
-        asset_groups: Object.assign([], asset_groups)
-    };
-    var success = function(data) {
-        $('.select2-selection__rendered').empty();
-        $('#groups_selected').val('');
-        $.map(jumpserver.asset_groups_selected, function(asset_groups, index) {
-            $('#opt_' + index).remove();
-            $('.system-user-table tbody').append(
-                '<tr>' +
-                '<td><b class="bdg_asset_groups" data-sid="' + index + '">' + asset_groups + '</b></td>' +
-                '<td><button class="btn btn-danger btn-xs pull-right btn-leave-system_user" type="button"><i class="fa fa-minus"></i></button></td>' +
-                '</tr>'
-            )
-        });
-        jumpserver.assets_selected = {};
-    };
-    APIUpdateAttr({
-        url: the_url,
-        body: JSON.stringify(body),
-        success: success
-    });
+	jumpserver.initServerSideDataTable(options);
 }
+
 $(document).ready(function () {
 	$('.select2').select2()
 	.on("select2:select", function (evt) {
@@ -236,135 +133,33 @@ $(document).ready(function () {
 		delete jumpserver.assets_selected[data.id];
 		delete jumpserver.asset_groups_selected[data.id];
 	});
-	var options = {
-		ele: $('#system_user_list'),
-		buttons: [],
-		order: [],
-		columnDefs: [
-			{targets: 0, createdCell: function (td, cellData, rowData) {
-				var detail_btn = '<a href="{% url "assets:asset-detail" pk=99991937 %}" data-aid="'+rowData.id+'">' + cellData + '</a>';
-				$(td).html(detail_btn.replace('99991937', rowData.id));
-			}},
-			{targets: 3, createdCell: function (td, cellData) {
-				if (!cellData) {
-					$(td).html('<i class="fa fa-times text-danger"></i>')
-				} else {
-					$(td).html('<i class="fa fa-check text-navy"></i>')
-				}
-			}},
-			{targets: 4, createdCell: function (td, cellData, rowData) {
-				var update_btn = '<a href="{% url "assets:asset-update" pk=99991937 %}" class="btn btn-xs btn-info">{% trans "Update" %}</a>'.replace('99991937', rowData.id);
-				var del_btn = '<a class="btn btn-xs btn-danger m-l-xs btn_asset_delete" data-aid="99991937">{% trans "Delete" %}</a>'.replace('99991937', rowData.id);
-				$(td).html(update_btn + del_btn)
-			}}
-			],
-		ajax_url: '{% url "api-assets:asset-list" %}?system_user_id={{ system_user.id }}',
-		columns: [{data: "hostname" }, {data: "ip" }, {data: "port" }, {data: function () { return ""; } }, {data: "id"}],
-		op_html: $('#actions').html()
+	initAssetsTable();
+})
+.on('click', '.btn-push', function () {
+    var the_url = "{% url 'api-assets:system-user-push' pk=system_user.id %}";
+    var error = function (data) {
+        alert(data)
    };
-	jumpserver.initDataTable(options);
-})
-
-.on('click', '.btn-add-asset2system-user', function () {
-	if (Object.keys(jumpserver.assets_selected).length === 0) {
-		return false;
-	}
-	var $data_table = $("#system_user_list").DataTable();
-	var assets = [];
-	$.ajax({
-		url: '{% url "api-assets:asset-list" %}?system_user_id={{ system_user.id }}',
-		method: 'GET',
-		dataType: 'json',
-		success: function (result) {
-			for(var i in result){
-				if (!isNaN(parseInt(result[i]['id']))) {
-					assets.push(parseInt(result[i]['id']))
-				}
-			}
-			$.map(jumpserver.assets_selected, function(value, index) {
-				assets.push(parseInt(index));
-			});
-			assets.unique();
-			var the_url = "{% url 'api-assets:systemuser-update-assets' pk=system_user.id %}";
-			var body = {"assets": assets};
    APIUpdateAttr({
        url: the_url,
-	            body: JSON.stringify(body),
-	            method: 'PATCH'
-			});
-			$data_table.ajax.reload();
-		}
-	});
-})
-
-.on('click', '.btn_asset_delete', function () {
-	var $this = $(this);
-	var the_url = "{% url 'api-assets:systemuser-update-assets' pk=system_user.id %}";
-	var name = $(this).closest("tr").find(":nth-child(1) > a").html();
-	var $data_table = $("#system_user_list").DataTable();
-	var assets = [];
-	$('#system_user_list > tbody > tr').map(function () {
-		assets.push(parseInt($(this).closest("tr").find(":nth-child(1) > a").attr("data-aid")))
-	});
-	var delete_asset_id = $(this).data('aid');
-	assets.remove(delete_asset_id);
-	assets.unique();
-	var data = {"assets": assets};
-	objectDelete($this, name, the_url, data);
-	$data_table.ajax.reload();
-})
-	
-.on('click', '#btn_add_user_group', function () {
-	jumpserver.assets_selected = {};
-	if (Object.keys(jumpserver.asset_groups_selected).length === 0) {
-		return false;
-	}
-	asset_groups = [];
-	$.ajax({
-		url: '{% url "api-assets:systemuser-update-assetgroups" pk=system_user.id %}',
+        error: error,
        method: 'GET',
-		dataType: 'json',
-		success: function (result) {
-			for (var i in result['asset_groups']) {
-				if (!isNaN(result['asset_groups'][i])) {
-					asset_groups.push(parseInt(result['asset_groups'][i]));
-				}
-			}
-			$.map(jumpserver.asset_groups_selected, function(value, index) {
-				asset_groups.push(parseInt(index));
+        success_message: "{% trans "Task has been send, Go to ops task list seen result" %}"
    });
-			asset_groups.unique();
-			console.log(asset_groups);
-			var the_url = '{% url "api-assets:systemuser-update-assetgroups" pk=system_user.id %}';
-			var body = {"asset_groups": asset_groups};
+})
+.on('click', '.btn-test-connective', function () {
+    var the_url = "{% url 'api-assets:system-user-connective' pk=system_user.id %}";
+    var error = function (data) {
+        alert(data)
+    };
    APIUpdateAttr({
        url: the_url,
-	            body: JSON.stringify(body),
-	            method: 'PATCH'
-			});
-{#			TODO: reload the table #}
-{#			window.location.href="{% url 'assets:system-user-asset' pk=system_user.id %}"#}
-		}
+        error: error,
+        method: 'GET',
+        success_message: "{% trans "Task has been send, seen left assets status" %}"
    });
 })

-.on('click', '.btn-leave-system_user', function () {
-	var $this = $(this);
-	var $tr = $this.closest('tr');
-	var $badge = $tr.find('.bdg_asset_groups');
-	var sid = $badge.data('gid');
-	var name = $badge.html() || $badge.text();
-	$('system-user-table').append(
-		'<option value="' + sid + '" id="opt_' + sid + '">' + name + '</option>'
-	);
-	$tr.remove();
-	var asset_groups = $('.bdg_asset_groups').map(function () {
-		return $(this).data('gid');
-	}).get();
-	updateSystemUserAssetGroup(asset_groups);
-});
-
-


 </script>
--- a/apps/assets/templates/assets/system_user_detail.html
+++ b/apps/assets/templates/assets/system_user_detail.html
@@ -17,18 +17,23 @@
                            <li class="active">
                                <a href="{% url 'assets:system-user-detail' pk=system_user.id %}" class="text-center"><i class="fa fa-laptop"></i> {% trans 'Detail' %} </a>
                            </li>
-                            <li>
-                                <a href="{% url 'assets:system-user-asset' pk=system_user.id %}" class="text-center">
-                                <i class="fa fa-bar-chart-o"></i> {% trans 'Attached assets' %}
-                                </a>
+{#                            <li>#}
+{#                                <a href="{% url 'assets:system-user-asset' pk=system_user.id %}" class="text-center">#}
+{#                                <i class="fa fa-bar-chart-o"></i> {% trans 'Attached assets' %}#}
+{#                                </a>#}
+{#                            </li>#}
+                            <li class="pull-right">
+                                <a class="btn btn-outline btn-default" href="{% url 'assets:system-user-update' pk=system_user.id %}"><i class="fa fa-edit"></i>{% trans 'Update' %}</a>
                            </li>
                            <li class="pull-right">
-                                <a class="btn btn-outline btn-default" href="{% url 'assets:system-user-update' pk=system_user.id %}"><i class="fa fa-edit"></i>Update</a>
+                                <a class="btn btn-outline btn-danger btn-del">
+                                    <i class="fa fa-trash-o"></i>{% trans 'Delete' %}
+                                </a>
                            </li>
                        </ul>
                    </div>
                    <div class="tab-content">
-                        <div class="col-sm-7" style="padding-left: 0;">
+                        <div class="col-sm-8" style="padding-left: 0;">
                            <div class="ibox float-e-margins">
                                <div class="ibox-title">
                                    <span class="label"><b>{{ system_user.name }}</b></span>
@@ -61,10 +66,6 @@
                                            <td>{% trans 'Protocol' %}:</td>
                                            <td><b>{{ system_user.protocol }}</b></td>
                                        </tr>
-                                        <tr>
-                                            <td>{% trans 'Auto push' %}:</td>
-                                            <td><b>{{ system_user.auto_push|yesno:"Yes,No,Unknown" }}</b></td>
-                                        </tr>
                                        <tr>
                                            <td>{% trans 'Sudo' %}:</td>
                                            <td><b>{{ system_user.sudo }}</b></td>
@@ -105,7 +106,7 @@
                            </div>
                        </div>

-                        <div class="col-sm-5" style="padding-left: 0;padding-right: 0">
+                        <div class="col-sm-4" style="padding-left: 0;padding-right: 0">
                            <div class="panel panel-primary">
                                <div class="panel-heading">
                                    <i class="fa fa-info-circle"></i> {% trans 'Quick update' %}
@@ -114,31 +115,84 @@
                                    <table class="table">
                                        <tbody>
                                        <tr class="no-borders-tr">
-                                            <td width="50%">{% trans 'Get manual install script' %}:</td>
+                                            <td width="50%">{% trans 'Auto push' %}:</td>
+                                            <td>
+                                                <span class="pull-right">
+                                                    <div class="switch">
+                                                        <div class="onoffswitch">
+                                                            <input type="checkbox" {% if system_user.auto_push %} checked {% endif %} class="onoffswitch-checkbox" id="btn-auto-push">
+                                                            <label class="onoffswitch-label" for="btn-auto-push">
+                                                                <span class="onoffswitch-inner"></span>
+                                                                <span class="onoffswitch-switch"></span>
+                                                            </label>
+                                                        </div>
+                                                    </div>
+                                                </span>
+                                            </td>
+                                        </tr>
+                                        <tr class="no-borders-tr">
+                                        {% if system_user.auto_push %}
+                                            <td width="50%">{% trans 'Push system user now' %}:</td>
                                            <td>
                                                <span style="float: right">
-                                                    <button type="button" class="btn btn-primary btn-xs" style="width: 54px">{% trans 'Get' %}</button>
+                                                    <button type="button" class="btn btn-primary btn-xs btn-push" style="width: 54px">{% trans 'Push' %}</button>
+                                                </span>
+                                            </td>
+                                        </tr>
+                                        <tr>
+                                        {% endif %}
+                                            <td width="50%">{% trans 'Test assets connective' %}:</td>
+                                            <td>
+                                                <span style="float: right">
+                                                    <button type="button" class="btn btn-primary btn-xs btn-test-connective" style="width: 54px">{% trans 'Test' %}</button>
                                                </span>
                                            </td>
                                        </tr>

+{#                                        <tr>#}
+{#                                            <td width="50%">{% trans 'Change auth period' %}:</td>#}
+{#                                            <td>#}
+{#                                                <span style="float: right">#}
+{#                                                    <button type="button" class="btn btn-primary btn-xs" style="width: 54px">{% trans 'Reset' %}</button>#}
+{#                                                </span>#}
+{#                                            </td>#}
+{#                                        </tr>#}
+                                        </tbody>
+                                    </table>
+                                </div>
+                            </div>
+                            <div class="panel panel-info">
+                                <div class="panel-heading">
+                                    <i class="fa fa-info-circle"></i> {% trans 'Nodes' %}
+                                </div>
+                                <div class="panel-body">
+                                    <table class="table node_edit" id="add-asset2group">
+                                        <tbody>
+                                        <form>
                                            <tr>
-                                            <td width="50%">{% trans 'Retest asset connectivity' %}:</td>
-                                            <td>
-                                                <span style="float: right">
-                                                    <button type="button" class="btn btn-primary btn-xs" style="width: 54px">{% trans 'Start' %}</button>
-                                                </span>
+                                                <td colspan="2" class="no-borders">
+                                                    <select data-placeholder="{% trans 'Add to node' %}" id="node_selected" class="select2" style="width: 100%" multiple="" tabindex="4">
+                                                        {% for node in nodes_remain %}
+                                                        <option value="{{ node.id }}" id="opt_{{ node.id }}" >{{ node }}</option>
+                                                        {% endfor %}
+                                                    </select>
                                                </td>
                                            </tr>
+                                            <tr>
+                                                <td colspan="2" class="no-borders">
+                                                    <button type="button" class="btn btn-info btn-sm" id="btn-add-to-node">{% trans 'Confirm' %}</button>
+                                                </td>
+                                            </tr>
+                                        </form>

+                                        {% for node in system_user.nodes.all %}
                                        <tr>
-                                            <td width="50%">{% trans 'Reset private key' %}:</td>
+                                          <td ><b class="bdg_node" data-gid={{ node.id }}>{{ node }}</b></td>
                                          <td>
-                                                <span style="float: right">
-                                                    <button type="button" class="btn btn-primary btn-xs" style="width: 54px">{% trans 'Reset' %}</button>
-                                                </span>
+                                              <button class="btn btn-danger pull-right btn-xs btn-remove-from-node" type="button"><i class="fa fa-minus"></i></button>
                                          </td>
                                        </tr>
+                                        {% endfor %}
                                        </tbody>
                                    </table>
                                </div>
@@ -149,30 +203,121 @@
            </div>
        </div>
    </div>
-    </div>
-
 {% endblock %}
 {% block custom_foot_js %}
-    <script>
-{#        function switch_user_status(obj) {#}
-{#            var status = $(obj).prop('checked');#}
-{##}
-{#            $.ajax({#}
-{#                url: "{% url 'users:user-active-api' pk=user.id %}",#}
-{#                type: "PUT",#}
-{#                data: {#}
-{#                    'is_active': status#}
-{#                },#}
-{#                success: function (data, status) {#}
-{#                    console.log(data)#}
-{#                },#}
-{#                error: function () {#}
-{#                    console.log('error')#}
-{#                }#}
-{#            })#}
-{#        }#}
-        $(document).ready(function () {
-            $('.select2').select2();
+<script>
+function updateSystemUserNode(nodes) {
+    var the_url = "{% url 'api-assets:system-user-detail' pk=system_user.id %}";
+    var body = {
+        nodes: Object.assign([], nodes)
+    };
+    var success = function(data) {
+        // remove all the selected groups from select > option and rendered ul element;
+        $('.select2-selection__rendered').empty();
+        $('#node_selected').val('');
+        $.map(jumpserver.nodes_selected, function(node_name, index) {
+            $('#opt_' + index).remove();
+            // change tr html of user groups.
+            $('.node_edit tbody').append(
+                '<tr>' +
+                '<td><b class="bdg_node" data-gid="' + index + '">' + node_name + '</b></td>' +
+                '<td><button class="btn btn-danger btn-xs pull-right btn-remove-from-node" type="button"><i class="fa fa-minus"></i></button></td>' +
+                '</tr>'
+            )
        });
-    </script>
+        // clear jumpserver.groups_selected
+        jumpserver.nodes_selected = {};
+    };
+    APIUpdateAttr({
+        url: the_url,
+        body: JSON.stringify(body),
+        success: success
+    });
+}
+jumpserver.nodes_selected = {};
+$(document).ready(function () {
+    $('.select2').select2()
+    .on('select2:select', function(evt) {
+            var data = evt.params.data;
+            jumpserver.nodes_selected[data.id] = data.text;
+    })
+    .on('select2:unselect', function(evt) {
+        var data = evt.params.data;
+        delete jumpserver.nodes_selected[data.id];
+    });
+})
+.on('click', '#btn-auto-push', function () {
+    var checked = $(this).prop('checked');
+    var the_url = "{% url 'api-assets:system-user-detail' pk=system_user.id %}";
+    var body = {
+        'auto_push': checked
+    };
+    APIUpdateAttr({
+        url: the_url,
+        body: JSON.stringify(body)
+    });
+})
+.on('click', '#btn-add-to-node', function() {
+    if (Object.keys(jumpserver.nodes_selected).length === 0) {
+        return false;
+    }
+    var nodes = $('.bdg_node').map(function() {
+        return $(this).data('gid');
+    }).get();
+    $.map(jumpserver.nodes_selected, function(value, index) {
+        nodes.push(index);
+    });
+    updateSystemUserNode(nodes);
+})
+.on('click', '.btn-remove-from-node', function() {
+    var $this = $(this);
+    var $tr = $this.closest('tr');
+    var $badge = $tr.find('.bdg_node');
+    var gid = $badge.data('gid');
+    var node_name = $badge.html() || $badge.text();
+    $('#groups_selected').append(
+        '<option value="' + gid + '" id="opt_' + gid + '">' + node_name + '</option>'
+    );
+    $tr.remove();
+    var nodes = $('.bdg_node').map(function () {
+        return $(this).data('gid');
+    }).get();
+    updateSystemUserNode(nodes);
+}).on('click', '.btn-del', function () {
+    var $this = $(this);
+    var name = "{{ system_user.name}}";
+    var uid = "{{ system_user.id }}";
+    var the_url = '{% url "api-assets:system-user-detail" pk=DEFAULT_PK %}'.replace('{{ DEFAULT_PK }}', uid);
+    var redirect_url = "{% url 'assets:system-user-list' %}";
+    objectDelete($this, name, the_url, redirect_url);
+})
+.on('click', '.btn-push', function () {
+    var the_url = "{% url 'api-assets:system-user-push' pk=system_user.id %}";
+    var success = function (data) {
+        var task_id = data.task;
+        var url = '{% url "ops:celery-task-log" pk=DEFAULT_PK %}'.replace("{{ DEFAULT_PK }}", task_id);
+        window.open(url, '', 'width=800,height=600')
+    };
+    APIUpdateAttr({
+        url: the_url,
+        method: 'GET',
+        success: success,
+        flash_message: false
+    });
+})
+.on('click', '.btn-test-connective', function () {
+    var the_url = "{% url 'api-assets:system-user-connective' pk=system_user.id %}";
+    var success = function (data) {
+        var task_id = data.task;
+        var url = '{% url "ops:celery-task-log" pk=DEFAULT_PK %}'.replace("{{ DEFAULT_PK }}", task_id);
+        window.open(url, '', 'width=800,height=600')
+    };
+    APIUpdateAttr({
+        url: the_url,
+        method: 'GET',
+        success: success,
+        flash_message: false
+    });
+})
+</script>
 {% endblock %}
--- a/apps/assets/templates/assets/system_user_list.html
+++ b/apps/assets/templates/assets/system_user_list.html
@@ -1,11 +1,20 @@
 {% extends '_base_list.html' %}
 {% load i18n %}

+{% block help_message %}
+    <div class="alert alert-info help-message">
+    系统用户是 Jumpserver跳转登录资产时使用的用户，可以理解为登录资产用户，如 web, sa, dba(`ssh web@some-host`), 而不是使用某个用户的用户名跳转登录服务器(`ssh xiaoming@some-host`);
+    简单来说是 用户使用自己的用户名登录Jumpserver, Jumpserver使用系统用户登录资产。
+    系统用户创建时，如果选择了自动推送 Jumpserver会使用ansible自动推送系统用户到资产中，如果资产(交换机、windows)不支持ansible, 请手动填写账号密码。
+    目前还不支持Windows的自动推送
+    </div>
+{% endblock %}
+
 {% block table_search %}
 {% endblock %}

 {% block table_container %}
-<div class="uc pull-left m-l-5 m-r-5">
+<div class="uc pull-left m-r-5">
    <a href="{% url 'assets:system-user-create' %}" class="btn btn-sm btn-primary "> {% trans "Create system user" %} </a>
 </div>
 <table class="table table-striped table-bordered table-hover " id="system_user_list_table" >
@@ -16,8 +25,11 @@
        </th>
        <th class="text-center">{% trans 'Name' %}</th>
        <th class="text-center">{% trans 'Username' %}</th>
+        <th class="text-center">{% trans 'Protocol' %}</th>
        <th class="text-center">{% trans 'Asset' %}</th>
+        <th class="text-center">{% trans 'Reachable' %}</th>
        <th class="text-center">{% trans 'Unreachable' %}</th>
+        <th class="text-center">{% trans 'Ratio' %}</th>
        <th class="text-center">{% trans 'Comment' %}</th>
        <th class="text-center">{% trans 'Action' %}</th>
    </tr>
@@ -25,54 +37,78 @@
    <tbody>
    </tbody>
 </table>
-<div id="actions" class="hide">
-    <div class="input-group">
-        <select class="form-control m-b" style="width: auto" id="slct_bulk_update">
-            <option value="delete">{% trans 'Delete selected' %}</option>
-            <option value="update">{% trans 'Update selected' %}</option>
-        </select>
-        <div class="input-group-btn pull-left" style="padding-left: 5px;">
-            <button id='btn_bulk_update' style="height: 32px;"  class="btn btn-sm btn-primary">
-                {% trans 'Submit' %}
-            </button>
-        </div>
-    </div>
-</div>
 {% endblock %}
 {% block custom_foot_js %}
 <script>
-$(document).ready(function(){
+function initTable() {
    var options = {
        ele: $('#system_user_list_table'),
        columnDefs: [
            {targets: 1, createdCell: function (td, cellData, rowData) {
-                var detail_btn = '<a href="{% url "assets:system-user-detail" pk=99991937 %}">' + cellData + '</a>';
-                $(td).html(detail_btn.replace('99991937', rowData.id));
+                var detail_btn = '<a href="{% url "assets:system-user-detail" pk=DEFAULT_PK %}">' + cellData + '</a>';
+                $(td).html(detail_btn.replace('{{ DEFAULT_PK }}', rowData.id));
            }},
            {targets: 5, createdCell: function (td, cellData) {
-                var innerHtml = cellData.length > 30 ? cellData.substring(0, 30) + '...': cellData;
+                var innerHtml = "";
+                if (cellData !== 0) {
+                    innerHtml = "<span class='text-navy'>" + cellData + "</span>";
+                } else {
+                    innerHtml = "<span>" + cellData + "</span>";
+                }
+                $(td).html('<span href="javascript:void(0);" data-toggle="tooltip" title="' + cellData +'">' + innerHtml + '</span>');
+            }},
+            {targets: 6, createdCell: function (td, cellData) {
+                var innerHtml = "";
+                if (cellData !== 0) {
+                    innerHtml = "<span class='text-danger'>" + cellData + "</span>";
+                } else {
+                    innerHtml = "<span>" + cellData + "</span>";
+                }
                $(td).html('<span href="javascript:void(0);" data-toggle="tooltip" title="' + cellData + '">' + innerHtml + '</span>');
            }},
-            {targets: 6, createdCell: function (td, cellData, rowData) {
-{#                var script_btn = '<a href="{% url "assets:system-user-update" pk=99991937 %}" class="btn btn-xs btn-primary">{% trans "Script" %}</a>'.replace('99991937', cellData);#}
-                var update_btn = '<a href="{% url "assets:system-user-update" pk=99991937 %}" class="btn btn-xs m-l-xs btn-info">{% trans "Update" %}</a>'.replace('99991937', cellData);
-                var del_btn = '<a class="btn btn-xs btn-danger m-l-xs btn_admin_user_delete" data-uid="99991937">{% trans "Delete" %}</a>'.replace('99991937', cellData);
+            {targets: 7, createdCell: function (td, cellData, rowData) {
+                var val = 0;
+                var innerHtml = "";
+                var total = rowData.assets_amount;
+                var reachable = rowData.reachable_amount;
+                if (total !== 0) {
+                    val = reachable/total * 100;
+                }
+
+                if (val === 100) {
+                    innerHtml = "<span class='text-navy'>" + val + "% </span>";
+                } else {
+                    var num = new Number(val);
+                    innerHtml = "<span class='text-danger'>" + num.toFixed(1) + "% </span>";
+                }
+                $(td).html('<span href="javascript:void(0);" data-toggle="tooltip" title="' + cellData + '">' + innerHtml + '</span>');
+
+            }},
+            {targets: 9, createdCell: function (td, cellData, rowData) {
+                var update_btn = '<a href="{% url "assets:system-user-update" pk=DEFAULT_PK %}" class="btn btn-xs m-l-xs btn-info">{% trans "Update" %}</a>'.replace('{{ DEFAULT_PK }}', cellData);
+                var del_btn = '<a class="btn btn-xs btn-danger m-l-xs btn_admin_user_delete" data-uid="{{ DEFAULT_PK }}">{% trans "Delete" %}</a>'.replace('{{ DEFAULT_PK }}', cellData);
                $(td).html(update_btn + del_btn)
            }}],
        ajax_url: '{% url "api-assets:system-user-list" %}',
-        columns: [{data: "id" }, {data: "name" }, {data: "username" }, {data: "assets_amount" }, {data: function () { return "3"}},
-            {data: "comment" }, {data: "id" }],
+        columns: [
+            {data: "id" }, {data: "name" }, {data: "username" }, {data: "protocol"}, {data: "assets_amount" },
+            {data: "reachable_amount"}, {data: "unreachable_amount"}, {data: "id"}, {data: "comment" }, {data: "id" }
+        ],
        op_html: $('#actions').html()
        };
    jumpserver.initDataTable(options);
+}
+
+$(document).ready(function(){
+    initTable();
 })

 .on('click', '.btn_admin_user_delete', function () {
    var $this = $(this);
-    var $data_table = $('#idc_list_table').DataTable();
+    var $data_table = $('#cluster_list_table').DataTable();
    var name = $(this).closest("tr").find(":nth-child(2)").children('a').html();
    var uid = $this.data('uid');
-    var the_url = '{% url "api-assets:system-user-detail" pk=99991937 %}'.replace('99991937', uid);
+    var the_url = '{% url "api-assets:system-user-detail" pk=DEFAULT_PK %}'.replace('{{ DEFAULT_PK }}', uid);
    objectDelete($this, name, the_url);
    setTimeout( function () {
        $data_table.ajax.reload();
--- a/apps/assets/templates/assets/system_user_update.html
+++ b/apps/assets/templates/assets/system_user_update.html
@@ -4,50 +4,21 @@
 {% load bootstrap3 %}

 {% block auth %}
-<div class="password-auth hidden">
+    <h3>{% trans 'Auth' %}</h3>
    {% bootstrap_field form.password layout="horizontal" %}
-</div>
-<div class="public-key-auth">
-    <div>
    {% bootstrap_field form.private_key_file layout="horizontal" %}
+    <div class="form-group">
+        <label for="{{ form.as_push.id_for_label }}" class="col-sm-2 control-label">{% trans 'Auto push' %}</label>
+        <div class="col-sm-8">
+            {{ form.auto_push}}
+        </div>
    </div>
-</div>
 {% endblock %}

 {% block custom_foot_js %}
 	<script>
-    var auth_method = '#'+'{{ form.auth_method.id_for_label }}';
-    var auto_generate_key = '#'+'{{ form.auto_generate_key.id_for_label }}';
-    function authMethodDisplay() {
-      if ($(auth_method).val() == 'P') {
-        $('.password-auth').removeClass('hidden');
-        $('.public-key-auth').addClass('hidden');
-        $('#'+'{{ form.password.id_for_label }}').removeAttr('disabled');
-
-      } else if ($(auth_method).val() == 'K') {
-        $('.password-auth').addClass('hidden');
-        $('.public-key-auth').removeClass('hidden');
-        $('#'+'{{ form.password.id_for_label }}').removeAttr('required');
-        $('#'+'{{ form.password.id_for_label }}').attr('disabled', 'disabled');
-
-        if ($(auto_generate_key).prop('checked')){
-          $('#'+'{{ form.private_key_file.id_for_label }}').closest('.form-group').addClass('hidden');
-        } else {
-          $('#'+'{{ form.private_key_file.id_for_label }}').closest('.form-group').removeClass('hidden');
-        }
-      }
-    }
    $(document).ready(function () {
        $('.select2').select2();
-      authMethodDisplay();
-      $(auth_method).change(function () {
-        authMethodDisplay();
-      });
-      $(auto_generate_key).change(function () {
-        authMethodDisplay();
-      });
    })
-
-
 	</script>
 {% endblock %}
--- a/apps/assets/templates/assets/user_asset_list.html
+++ b/apps/assets/templates/assets/user_asset_list.html
@@ -1,264 +1,171 @@
-{% extends '_base_list.html' %}
-{% load i18n %}
+{% extends 'base.html' %}
 {% load static %}
+{% load i18n %}
+
 {% block custom_head_css_js %}
-<link href="{% static 'css/plugins/select2/select2.min.css' %}" rel="stylesheet">
-<script src="{% static 'js/plugins/select2/select2.full.min.js' %}"></script>
-
-<style>
-    .custom{
-        margin-right:5px;
-        }
-    #modal .modal-body { max-height: 200px; }
-</style>
-{% endblock %}
-{% block content_left_head %}{% endblock %}
-
-{% block table_search %}
-{#    <div class="html5buttons">#}
-{#        <div class="dt-buttons btn-group">#}
-{#            <a class="btn btn-default btn_export" tabindex="0">#}
-{#                <span>{% trans "Export" %}</span>#}
-{#            </a>#}
-{#        </div>#}
-{#    </div>#}
+    <link href="{% static 'css/plugins/ztree/awesomeStyle/awesome.css' %}" rel="stylesheet">
+    <script type="text/javascript" src="{% static 'js/plugins/ztree/jquery.ztree.all.min.js' %}"></script>
+    <script src="{% static 'js/jquery.form.min.js' %}"></script>
 {% endblock %}

+{% block content %}
+<div class="wrapper wrapper-content">
+   <div class="row">
+       <div class="col-lg-3" id="split-left" style="padding-left: 3px">
+           <div class="ibox float-e-margins">
+               <div class="ibox-content mailbox-content" style="padding-top: 0;padding-left: 1px">
+                   <div class="file-manager ">
+                       <div id="assetTree" class="ztree">
+                       </div>

-{% block table_container %}
-<table class="table table-striped table-bordered table-hover " id="asset_list_table" >
+                       <div class="clearfix"></div>
+                   </div>
+               </div>
+           </div>
+       </div>
+       <div class="col-lg-9 animated fadeInRight" id="split-right">
+           <div class="tree-toggle">
+               <div class="btn btn-sm btn-primary tree-toggle-btn" onclick="toggle()">
+                   <i class="fa fa-angle-left fa-x" id="toggle-icon"></i>
+               </div>
+           </div>
+           <div class="mail-box-header">
+               <div class="btn-group" style="float: right">
+                   <button data-toggle="dropdown" class="btn btn-default btn-sm dropdown-toggle">{% trans 'Label' %} <span class="caret"></span></button>
+                   <ul class="dropdown-menu labels">
+                       {% for label in labels %}
+                           <li><a style="font-weight: bolder">{{ label.name }}:{{ label.value }}</a></li>
+                       {% endfor %}
+                   </ul>
+               </div>
+               <table class="table table-striped table-bordered table-hover " id="user_assets_table" style="width: 100%">
                   <thead>
                       <tr>
                           <th class="text-center"><input type="checkbox" class="ipt_check_all"></th>
                           <th class="text-center">{% trans 'Hostname' %}</th>
                           <th class="text-center">{% trans 'IP' %}</th>
-            <th class="text-center">{% trans 'Port' %}</th>
-            <th class="text-center">{% trans 'Type' %}</th>
-            <th class="text-center">{% trans 'Env' %}</th>
-            <th class="text-center">{% trans 'Hardware' %}</th>
-            <th class="text-center">{% trans 'Valid' %}</th>
-            <th class="text-center">{% trans 'Alive' %}</th>
+                           <th class="text-center">{% trans 'Active' %}</th>
+                           <th class="text-center">{% trans 'System users' %}</th>
                       </tr>
                   </thead>
                   <tbody>
                   </tbody>
-</table>
+               </table>
+           </div>
+       </div>
+   </div>
+</div>
 {% endblock %}

 {% block custom_foot_js %}
-<script src="{% static 'js/jquery.form.min.js' %}"></script>
-<script type="text/javascript">
-$(document).ready(function(){
+<script>
+var zTree, rMenu, asset_table;
+var inited = false;
+var url;
+function initTable() {
+    if (inited){
+        return
+    } else {
+        inited = true;
+    }
    var options = {
-		ele: $('#asset_list_table'),
+        ele: $('#user_assets_table'),
        columnDefs: [
            {targets: 1, createdCell: function (td, cellData, rowData) {
-				var detail_btn = '<a href="{% url "assets:asset-detail" pk=99991937 %}">' + cellData + '</a>';
-				$(td).html(detail_btn.replace('99991937', rowData.id));
+                {% url 'assets:asset-detail' pk=DEFAULT_PK as the_url  %}
+                var detail_btn = '<a href="{{ the_url }}">' + cellData + '</a>';
+                $(td).html(detail_btn.replace('{{ DEFAULT_PK }}', rowData.id));
            }},
-			{targets: 7, createdCell: function (td, cellData) {
+            {targets: 3, createdCell: function (td, cellData) {
                if (!cellData) {
                    $(td).html('<i class="fa fa-times text-danger"></i>')
                } else {
                    $(td).html('<i class="fa fa-check text-navy"></i>')
                }
            }},
-			{targets: 8, createdCell: function (td, cellData) {
-				if (!cellData) {
-					$(td).html('<i class="fa fa-circle text-danger"></i>')
-				} else {
-					$(td).html('<i class="fa fa-circle text-navy"></i>')
-				}
+            {targets: 4, createdCell: function (td, cellData) {
+                var users = [];
+                $.each(cellData, function (id, data) {
+                    users.push(data.name);
+                });
+                $(td).html(users.join(', '))
            }}
        ],
-		ajax_url: '{% url "api-assets:asset-list" %}',
-		columns: [{data: "id"}, {data: "hostname" }, {data: "ip" }, {data: "port" },
-			{data: "get_type_display" }, {data: "get_env_display"}, {data: "hardware"},
-			{data: "is_active" }, {data: "is_active"}],
+        ajax_url: url,
+        columns: [
+            {data: "id"}, {data: "hostname" }, {data: "ip" },
+            {data: "is_active", orderable: false },
+            {data: "system_users_granted", orderable: false}
+        ]
    };
-	var table = jumpserver.initDataTable(options);
-	$('.btn_export').click(function () {
-		var assets = [];
-		var rows = table.rows('.selected').data();
-		$.each(rows, function (index, obj) {
-			assets.push(obj.id)
-		});
-		console.log(assets);
-		$.ajax({
-			url: "{% url "assets:asset-export" %}",
-			method: 'POST',
-			data: JSON.stringify({assets_id: assets}),
-			dataType: "json",
-			success: function (data, textStatus) {
-				window.open(data.redirect)
+    asset_table = jumpserver.initDataTable(options);
+    return asset_table
+}
+
+function onSelected(event, treeNode) {
+    console.log("select");
+    url = '{% url "api-perms:my-node-assets" node_id=DEFAULT_PK %}';
+    url = url.replace("{{ DEFAULT_PK }}", treeNode.id);
+    initTable();
+    setCookie('node_selected', treeNode.id);
+    asset_table.ajax.url(url);
+    asset_table.ajax.reload();
+}
+
+function selectQueryNode() {
+    var query_node_id = $.getUrlParam("node");
+    var cookie_node_id = getCookie('node_selected');
+    var node;
+    var node_id;
+
+    if (query_node_id !== null) {
+        node_id = query_node_id
+    } else if (cookie_node_id !== null) {
+        node_id = cookie_node_id;
+    }
+
+    node = zTree.getNodesByParam("id", node_id, null);
+    if (node){
+        zTree.selectNode(node[0]);
+    }
+}
+
+function initTree() {
+    var setting = {
+        view: {
+            dblClickExpand: false,
+            showLine: true
        },
-			error: function () {
-				toastr.error('Export failed');
+        data: {
+            simpleData: {
+                enable: true
            }
-		})
-	});
- 	$('#btn_asset_import').click(function() {
-		var $form = $('#fm_asset_import');
-		$form.find('.help-block').remove();
-		function success (data) {
-			if (data.valid === false) {
-				$('<span />', {class: 'help-block text-danger'}).html(data.msg).insertAfter($('#id_assets'));
-			} else {
-				$('#id_created').html(data.created_info);
-				$('#id_created_detail').html(data.created.join(', '));
-				$('#id_updated').html(data.updated_info);
-				$('#id_updated_detail').html(data.updated.join(', '));
-				$('#id_failed').html(data.failed_info);
-				$('#id_failed_detail').html(data.failed.join(', '));
-				var $data_table = $('#asset_list_table').DataTable();
-				$data_table.ajax.reload();
+        },
+        callback: {
+            onSelected: onSelected
        }
-		}
-		$form.ajaxSubmit({success: success});
-	})
-})
-
-.on('click', '.btn_asset_delete', function () {
-	var $this = $(this);
-	var name = $(this).closest("tr").find(":nth-child(2)").children('a').html();
-	var uid = $this.data('uid');
-	var the_url = '{% url "api-assets:asset-detail" pk=99991937 %}'.replace('99991937', uid);
-	objectDelete($this, name, the_url);
-})
-
-.on('click', '#btn_bulk_update', function () {
-	var action = $('#slct_bulk_update').val();
-	var $data_table = $('#asset_list_table').DataTable();
-	var id_list = [];
-    var plain_id_list = [];
-    $data_table.rows({selected: true}).every(function(){
-        id_list.push({id: this.data().id});
-        plain_id_list.push(this.data().id);
-    });
-    if (plain_id_list.length == 0) {
-        return false;
-    }
-    var the_url = "{% url 'api-assets:asset-list' %}";
-    function doDeactive() {
-        var body = $.each(id_list, function(index, asset_object) {
-            asset_object['is_active'] = false;
-        });
-        APIUpdateAttr({url: the_url, method: 'PATCH', body: JSON.stringify(body)});
-        $data_table.ajax.reload();
-        jumpserver.checked = false;
-    }
-    function doActive() {
-        var body = $.each(id_list, function(index, asset_object) {
-            asset_object['is_active'] = true;
-        });
-        APIUpdateAttr({url: the_url, method: 'PATCH', body: JSON.stringify(body)});
-        $data_table.ajax.reload();
-        jumpserver.checked = false;
-    }
-    function doDelete() {
-        swal({
-            title: "{% trans 'Are you sure?' %}",
-            text: "{% trans 'This will delete the selected assets !!!' %}",
-            type: "warning",
-            showCancelButton: true,
-            confirmButtonColor: "#DD6B55",
-            confirmButtonText: "{% trans 'Confirm' %}",
-            closeOnConfirm: false
-        }, function() {
-            var success = function() {
-                var msg = "{% trans 'Asset Deleted.' %}";
-                swal("{% trans 'Asset Delete' %}", msg, "success");
-                $('#asset_list_table').DataTable().ajax.reload();
    };
-            var fail = function() {
-                var msg = "{% trans 'Asset Deleting failed.' %}";
-                swal("{% trans 'Asset Delete' %}", msg, "error");
-            };
-            var url_delete = the_url + '?id__in=' + JSON.stringify(plain_id_list);
-            APIUpdateAttr({url: url_delete, method: 'DELETE', success: success, error: fail});
-            $data_table.ajax.reload();
-            jumpserver.checked = false;
+
+    var zNodes = [];
+    $.get("{% url 'api-perms:my-nodes' %}", function(data, status){
+        $.each(data, function (index, value) {
+            value["pId"] = value["parent"];
+            if (value["key"] === "0") {
+                value["open"] = true;
+            }
+            value["name"] = value["value"]
        });
-    }
-    function doUpdate() {
-        $('#asset_bulk_update_modal').modal('show');
-    }
-    switch(action) {
-        case 'deactive':
-            doDeactive();
-            break;
-        case 'delete':
-            doDelete();
-            break;
-        case 'update':
-            doUpdate();
-            break;
-        case 'active':
-            doActive();
-            break;
-        default:
-            break;
-    }
-})
-
-.on('click', '#btn_asset_bulk_update', function () {
-	var json_data = $("#fm_asset_bulk_update").serializeObject();
-	var body = {};
-    body.enable_otp = (json_data.enable_otp === 'on')? true: false;
-    if (json_data.type != '') {
-        body.type = json_data.type;
-    }
-    if (json_data.groups != undefined) {
-        body.groups = json_data.groups;
-    }
-    if (typeof body.groups === 'string') {
-        body.groups = [parseInt(body.groups)]
-    } else if(typeof body.groups === 'array') {
-        var new_groups = body.groups.map(Number);
-        body.groups = new_groups;
-    }
-
-    if (json_data.system_users != undefined) {
-    	body.system_users = json_data.system_users;
-    }
-    if (typeof body.system_users === 'string') {
-    	body.system_users = [parseInt(body.system_users)]
-    } else if(typeof body.system_users === 'array') {
-    	var new_users = body.system_users.map(Number);
-    	body.system_users = new_users;
-    }
-
-    if (json_data.tags != undefined) {
-    	body.tags = json_data.tags;
-    }
-    if (typeof body.tags == 'string') {
-    	body.tags = [parseInt(body.tags)];
-    } else if (typeof body.tags === 'array') {
-    	var new_tags = body.tags.map(Number);
-    	body.tags = new_tags;
-    }
-
-    var $data_table = $('#asset_list_table').DataTable();
-    var post_list = [];
-    $data_table.rows({selected: true}).every(function(){
-        var content = Object.assign({id: this.data().id}, body);
-        post_list.push(content);
+        zNodes = data;
+        $.fn.zTree.init($("#assetTree"), setting, zNodes);
+        zTree = $.fn.zTree.getZTreeObj("assetTree");
+		rMenu = $("#rMenu");
+		selectQueryNode();
    });
-    if (post_list === []) {
-        return false
-    }
-    var the_url = "{% url 'api-assets:asset-list' %}";
-    var success = function() {
-        var msg = "{% trans 'The selected assets has been updated successfully.' %}";
-        swal("{% trans 'Asset Updated' %}", msg, "success");
-        $('#asset_list_table').DataTable().ajax.reload();
-        jumpserver.checked = false;
-    };
-    console.log(JSON.stringify(post_list));
-    console.log(the_url);
-{#    APIUpdateAttr({url: the_url, method: 'PATCH', body: JSON.stringify(post_list), success: success});#}
-    $('#asset_bulk_update_modal').modal('hide');
+}
+
+$(document).ready(function () {
+    initTree();
 });
-
 </script>
+
 {% endblock %}
--- a/apps/assets/templatetags/init.py
+++ b/apps/assets/templatetags/init.py
@@ -0,0 +1,2 @@
+# -*- coding: utf-8 -*-
+#
--- a/apps/assets/templatetags/asset_tags.py
+++ b/apps/assets/templatetags/asset_tags.py
@@ -1,6 +1,12 @@
+from collections import defaultdict

 from django import template
-from django.utils import timezone
-from django.conf import settings
 register = template.Library()

+
+@register.filter
+def group_labels(queryset):
+    grouped = defaultdict(list)
+    for label in queryset:
+        grouped[label.name].append(label)
+    return [(name, labels) for name, labels in grouped.items()]
--- a/apps/assets/urls/api_urls.py
+++ b/apps/assets/urls/api_urls.py
@@ -1,56 +1,51 @@
 # coding:utf-8
 from django.conf.urls import url
 from .. import api
-from rest_framework import routers
 from rest_framework_bulk.routes import BulkRouter

 app_name = 'assets'


 router = BulkRouter()
-router.register(r'v1/groups', api.AssetGroupViewSet, 'asset-group')
 router.register(r'v1/assets', api.AssetViewSet, 'asset')
-router.register(r'v1/idc', api.IDCViewSet, 'idc')
 router.register(r'v1/admin-user', api.AdminUserViewSet, 'admin-user')
 router.register(r'v1/system-user', api.SystemUserViewSet, 'system-user')
+router.register(r'v1/labels', api.LabelViewSet, 'label')
+router.register(r'v1/nodes', api.NodeViewSet, 'node')
+router.register(r'v1/domain', api.DomainViewSet, 'domain')
+router.register(r'v1/gateway', api.GatewayViewSet, 'gateway')

 urlpatterns = [
    url(r'^v1/assets-bulk/$', api.AssetListUpdateApi.as_view(), name='asset-bulk-update'),
-    url(r'^v1/system-user/(?P<pk>[0-9]+)/auth-info/', api.SystemUserAuthInfoApi.as_view(),
+    url(r'^v1/system-user/(?P<pk>[0-9a-zA-Z\-]{36})/auth-info/', api.SystemUserAuthInfoApi.as_view(),
        name='system-user-auth-info'),
-    url(r'^v1/assets/(?P<pk>\d+)/groups/$',
-        api.AssetUpdateGroupApi.as_view(), name='asset-update-group'),
-
-    url(r'^v1/assets/(?P<pk>\d+)/refresh/$',
-        api.AssetRefreshHardwareView.as_view(), name='asset-refresh'),
-    url(r'^v1/assets/(?P<pk>\d+)/admin-user-test/$',
-        api.AssetAdminUserTestView.as_view(), name='asset-admin-user-test'),
-
-    url(r'^v1/assets/(?P<pk>\d+)/system-users/$',
-        api.SystemUserUpdateApi.as_view(), name='asset-update-system-users'),
-
-    url(r'^v1/groups/(?P<pk>\d+)/push-system-user/$',
-        api.AssetGroupPushSystemUserView.as_view(), name='asset-group-push-system-user'),
-
-    # update the system users, which add and delete the asset to the system user
-    url(r'^v1/system-user/(?P<pk>\d+)/assets/$',
-        api.SystemUserUpdateAssetsApi.as_view(), name='systemuser-update-assets'),
-
-    url(r'^v1/system-user/(?P<pk>\d+)/groups/$',
-        api.SystemUserUpdateAssetGroupApi.as_view(), name='systemuser-update-assetgroups'),
-
-    # update the asset group, which add or delete the asset to the group
-    url(r'^v1/groups/(?P<pk>\d+)/assets/$',
-        api.AssetGroupUpdateApi.as_view(), name='asset-groups-update'),
-
-    # update the asset group, and add or delete the system_user to the group
-    url(r'^v1/groups/(?P<pk>\d+)/system-users/$',
-        api.AssetGroupUpdateSystemUserApi.as_view(), name='asset-groups-update-systemusers'),
-
-    # update the IDC, and add or delete the assets to the IDC
-    url(r'^v1/idc/(?P<pk>\d+)/assets/$',
-        api.IDCUpdateAssetsApi.as_view(), name='idc-update-assets'),
+    url(r'^v1/assets/(?P<pk>[0-9a-zA-Z\-]{36})/refresh/$',
+        api.AssetRefreshHardwareApi.as_view(), name='asset-refresh'),
+    url(r'^v1/assets/(?P<pk>[0-9a-zA-Z\-]{36})/alive/$',
+        api.AssetAdminUserTestApi.as_view(), name='asset-alive-test'),
+    url(r'^v1/assets/user-assets/$',
+        api.UserAssetListView.as_view(), name='user-asset-list'),
+    url(r'^v1/admin-user/(?P<pk>[0-9a-zA-Z\-]{36})/nodes/$',
+        api.ReplaceNodesAdminUserApi.as_view(), name='replace-nodes-admin-user'),
+    url(r'^v1/admin-user/(?P<pk>[0-9a-zA-Z\-]{36})/auth/$',
+        api.AdminUserAuthApi.as_view(), name='admin-user-auth'),
+    url(r'^v1/admin-user/(?P<pk>[0-9a-zA-Z\-]{36})/connective/$',
+        api.AdminUserTestConnectiveApi.as_view(), name='admin-user-connective'),
+    url(r'^v1/system-user/(?P<pk>[0-9a-zA-Z\-]{36})/push/$',
+        api.SystemUserPushApi.as_view(), name='system-user-push'),
+    url(r'^v1/system-user/(?P<pk>[0-9a-zA-Z\-]{36})/connective/$',
+        api.SystemUserTestConnectiveApi.as_view(), name='system-user-connective'),
+    url(r'^v1/nodes/(?P<pk>[0-9a-zA-Z\-]{36})/children/$', api.NodeChildrenApi.as_view(), name='node-children'),
+    url(r'^v1/nodes/children/$', api.NodeChildrenApi.as_view(), name='node-children-2'),
+    url(r'^v1/nodes/(?P<pk>[0-9a-zA-Z\-]{36})/children/add/$', api.NodeAddChildrenApi.as_view(), name='node-add-children'),
+    url(r'^v1/nodes/(?P<pk>[0-9a-zA-Z\-]{36})/assets/$', api.NodeAssetsApi.as_view(), name='node-assets'),
+    url(r'^v1/nodes/(?P<pk>[0-9a-zA-Z\-]{36})/assets/add/$', api.NodeAddAssetsApi.as_view(), name='node-add-assets'),
+    url(r'^v1/nodes/(?P<pk>[0-9a-zA-Z\-]{36})/assets/replace/$', api.NodeReplaceAssetsApi.as_view(), name='node-replace-assets'),
+    url(r'^v1/nodes/(?P<pk>[0-9a-zA-Z\-]{36})/assets/remove/$', api.NodeRemoveAssetsApi.as_view(), name='node-remove-assets'),
+    url(r'^v1/nodes/(?P<pk>[0-9a-zA-Z\-]{36})/refresh-hardware-info/$', api.RefreshNodeHardwareInfoApi.as_view(), name='node-refresh-hardware-info'),
+    url(r'^v1/nodes/(?P<pk>[0-9a-zA-Z\-]{36})/test-connective/$', api.TestNodeConnectiveApi.as_view(), name='node-test-connective'),

+    url(r'^v1/gateway/(?P<pk>[0-9a-zA-Z\-]{36})/test-connective/$', api.GatewayTestConnectionApi.as_view(), name='test-gateway-connective'),
 ]

 urlpatterns += router.urls
--- a/apps/assets/urls/views_urls.py
+++ b/apps/assets/urls/views_urls.py
@@ -11,46 +11,43 @@ urlpatterns = [
    url(r'^asset/create/$', views.AssetCreateView.as_view(), name='asset-create'),
    url(r'^asset/export/$', views.AssetExportView.as_view(), name='asset-export'),
    url(r'^asset/import/$', views.BulkImportAssetView.as_view(), name='asset-import'),
-    url(r'^asset/(?P<pk>[0-9]+)/$', views.AssetDetailView.as_view(), name='asset-detail'),
-    url(r'^asset/(?P<pk>[0-9]+)/update/$', views.AssetUpdateView.as_view(), name='asset-update'),
-    url(r'^asset/(?P<pk>[0-9]+)/delete/$', views.AssetDeleteView.as_view(), name='asset-delete'),
-    url(r'^asset-modal$', views.AssetModalListView.as_view(), name='asset-modal-list'),
+    url(r'^asset/(?P<pk>[0-9a-zA-Z\-]{36})/$', views.AssetDetailView.as_view(), name='asset-detail'),
+    url(r'^asset/(?P<pk>[0-9a-zA-Z\-]{36})/update/$', views.AssetUpdateView.as_view(), name='asset-update'),
+    url(r'^asset/(?P<pk>[0-9a-zA-Z\-]{36})/delete/$', views.AssetDeleteView.as_view(), name='asset-delete'),
    url(r'^asset/update/$', views.AssetBulkUpdateView.as_view(), name='asset-bulk-update'),

    # User asset view
    url(r'^user-asset/$', views.UserAssetListView.as_view(), name='user-asset-list'),

-    # Resource asset group url
-    url(r'^asset-group/$', views.AssetGroupListView.as_view(), name='asset-group-list'),
-    url(r'^asset-group/create/$', views.AssetGroupCreateView.as_view(), name='asset-group-create'),
-    url(r'^asset-group/(?P<pk>[0-9]+)/$', views.AssetGroupDetailView.as_view(), name='asset-group-detail'),
-    url(r'^asset-group/(?P<pk>[0-9]+)/update/$', views.AssetGroupUpdateView.as_view(), name='asset-group-update'),
-    url(r'^asset-group/(?P<pk>[0-9]+)/delete/$', views.AssetGroupDeleteView.as_view(), name='asset-group-delete'),
-
-    # Resource idc url
-    url(r'^idc/$', views.IDCListView.as_view(), name='idc-list'),
-    url(r'^idc/create/$', views.IDCCreateView.as_view(), name='idc-create'),
-    url(r'^idc/(?P<pk>[0-9]+)/$', views.IDCDetailView.as_view(), name='idc-detail'),
-    url(r'^idc/(?P<pk>[0-9]+)/update/', views.IDCUpdateView.as_view(), name='idc-update'),
-    url(r'^idc/(?P<pk>[0-9]+)/delete/$', views.IDCDeleteView.as_view(), name='idc-delete'),
-    url(r'^idc/(?P<pk>[0-9]+)/assets/$', views.IDCAssetsView.as_view(), name='idc-assets'),
-
    # Resource admin user url
    url(r'^admin-user/$', views.AdminUserListView.as_view(), name='admin-user-list'),
    url(r'^admin-user/create/$', views.AdminUserCreateView.as_view(), name='admin-user-create'),
-    url(r'^admin-user/(?P<pk>[0-9]+)/$', views.AdminUserDetailView.as_view(), name='admin-user-detail'),
-    url(r'^admin-user/(?P<pk>[0-9]+)/update/$', views.AdminUserUpdateView.as_view(), name='admin-user-update'),
-    url(r'^admin-user/(?P<pk>[0-9]+)/delete/$', views.AdminUserDeleteView.as_view(), name='admin-user-delete'),
+    url(r'^admin-user/(?P<pk>[0-9a-zA-Z\-]{36})/$', views.AdminUserDetailView.as_view(), name='admin-user-detail'),
+    url(r'^admin-user/(?P<pk>[0-9a-zA-Z\-]{36})/update/$', views.AdminUserUpdateView.as_view(), name='admin-user-update'),
+    url(r'^admin-user/(?P<pk>[0-9a-zA-Z\-]{36})/delete/$', views.AdminUserDeleteView.as_view(), name='admin-user-delete'),
+    url(r'^admin-user/(?P<pk>[0-9a-zA-Z\-]{36})/assets/$', views.AdminUserAssetsView.as_view(), name='admin-user-assets'),

    # Resource system user url
    url(r'^system-user/$', views.SystemUserListView.as_view(), name='system-user-list'),
    url(r'^system-user/create/$', views.SystemUserCreateView.as_view(), name='system-user-create'),
-    url(r'^system-user/(?P<pk>[0-9]+)/$', views.SystemUserDetailView.as_view(), name='system-user-detail'),
-    url(r'^system-user/(?P<pk>[0-9]+)/update/$', views.SystemUserUpdateView.as_view(), name='system-user-update'),
-    url(r'^system-user/(?P<pk>[0-9]+)/delete/$', views.SystemUserDeleteView.as_view(), name='system-user-delete'),
-    url(r'^system-user/(?P<pk>[0-9]+)/asset/$', views.SystemUserAssetView.as_view(), name='system-user-asset'),
-    # url(r'^system-user/(?P<pk>[0-9]+)/asset-group$', views.SystemUserAssetGroupView.as_view(),
-    #     name='system-user-asset-group'),
+    url(r'^system-user/(?P<pk>[0-9a-zA-Z\-]{36})/$', views.SystemUserDetailView.as_view(), name='system-user-detail'),
+    url(r'^system-user/(?P<pk>[0-9a-zA-Z\-]{36})/update/$', views.SystemUserUpdateView.as_view(), name='system-user-update'),
+    url(r'^system-user/(?P<pk>[0-9a-zA-Z\-]{36})/delete/$', views.SystemUserDeleteView.as_view(), name='system-user-delete'),
+    url(r'^system-user/(?P<pk>[0-9a-zA-Z\-]{36})/asset/$', views.SystemUserAssetView.as_view(), name='system-user-asset'),

+    url(r'^label/$', views.LabelListView.as_view(), name='label-list'),
+    url(r'^label/create/$', views.LabelCreateView.as_view(), name='label-create'),
+    url(r'^label/(?P<pk>[0-9a-zA-Z\-]{36})/update/$', views.LabelUpdateView.as_view(), name='label-update'),
+    url(r'^label/(?P<pk>[0-9a-zA-Z\-]{36})/delete/$', views.LabelDeleteView.as_view(), name='label-delete'),
+
+    url(r'^domain/$', views.DomainListView.as_view(), name='domain-list'),
+    url(r'^domain/create/$', views.DomainCreateView.as_view(), name='domain-create'),
+    url(r'^domain/(?P<pk>[0-9a-zA-Z\-]{36})/$', views.DomainDetailView.as_view(), name='domain-detail'),
+    url(r'^domain/(?P<pk>[0-9a-zA-Z\-]{36})/update/$', views.DomainUpdateView.as_view(), name='domain-update'),
+    url(r'^domain/(?P<pk>[0-9a-zA-Z\-]{36})/delete/$', views.DomainDeleteView.as_view(), name='domain-delete'),
+    url(r'^domain/(?P<pk>[0-9a-zA-Z\-]{36})/gateway/$', views.DomainGatewayListView.as_view(), name='domain-gateway-list'),
+
+    url(r'^domain/(?P<pk>[0-9a-zA-Z\-]{36})/gateway/create/$', views.DomainGatewayCreateView.as_view(), name='domain-gateway-create'),
+    url(r'^domain/gateway/(?P<pk>[0-9a-zA-Z\-]{36})/update/$', views.DomainGatewayUpdateView.as_view(), name='domain-gateway-update'),
 ]

--- a/apps/assets/utils.py
+++ b/apps/assets/utils.py
@@ -1,17 +1,81 @@
 # ~*~ coding: utf-8 ~*~
 #
-from ops.utils import run_AdHoc
+
+import paramiko
+
+from common.utils import get_object_or_none
+from .models import Asset, SystemUser, Label


-def test_admin_user_connective_manual(asset):
-    if not isinstance(asset, list):
-        asset = [asset]
-    task_tuple = (
-        ('ping', ''),
+def get_assets_by_id_list(id_list):
+    return Asset.objects.filter(id__in=id_list)
+
+
+def get_assets_by_hostname_list(hostname_list):
+    return Asset.objects.filter(hostname__in=hostname_list)
+
+
+def get_system_user_by_name(name):
+    system_user = get_object_or_none(SystemUser, name=name)
+    return system_user
+
+
+class LabelFilter:
+    def filter_queryset(self, queryset):
+        queryset = super().filter_queryset(queryset)
+        query_keys = self.request.query_params.keys()
+        all_label_keys = Label.objects.values_list('name', flat=True)
+        valid_keys = set(all_label_keys) & set(query_keys)
+        labels_query = {}
+        for key in valid_keys:
+            labels_query[key] = self.request.query_params.get(key)
+
+        conditions = []
+        for k, v in labels_query.items():
+            query = {'labels__name': k, 'labels__value': v}
+            conditions.append(query)
+
+        if conditions:
+            for kwargs in conditions:
+                queryset = queryset.filter(**kwargs)
+        return queryset
+
+
+def test_gateway_connectability(gateway):
+    """
+    Test system cant connect his assets or not.
+    :param gateway:
+    :return:
+    """
+    client = paramiko.SSHClient()
+    client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
+
+    proxy_command = [
+        "ssh", "{}@{}".format(gateway.username, gateway.ip),
+        "-p", str(gateway.port), "-W", "127.0.0.1:{}".format(gateway.port),
+    ]
+
+    if gateway.password:
+        proxy_command.insert(0, "sshpass -p '{}'".format(gateway.password))
+    if gateway.private_key:
+        proxy_command.append("-i {}".format(gateway.private_key_file))
+
+    try:
+        sock = paramiko.ProxyCommand(" ".join(proxy_command))
+    except paramiko.ProxyCommandFailure as e:
+        return False, str(e)
+
+    try:
+        client.connect("127.0.0.1", port=gateway.port,
+                       username=gateway.username,
+                       password=gateway.password,
+                       key_filename=gateway.private_key_file,
+                       sock=sock,
+                       timeout=5
                       )
-    summary, _ = run_AdHoc(task_tuple, asset, record=False)
-    if len(summary['failed']) != 0:
-        return False
-    else:
-        return True
-
+    except (paramiko.SSHException, paramiko.ssh_exception.SSHException,
+            paramiko.AuthenticationException, TimeoutError) as e:
+        return False, str(e)
+    finally:
+        client.close()
+    return True, None
--- a/apps/assets/views/init.py
+++ b/apps/assets/views/init.py
@@ -1,7 +1,6 @@
 # coding:utf-8
 from .asset import *
-from .group import *
-from .idc import *
 from .system_user import *
 from .admin_user import *
-
+from .label import *
+from .domain import *
--- a/apps/assets/views/admin_user.py
+++ b/apps/assets/views/admin_user.py
@@ -2,20 +2,22 @@
 from __future__ import absolute_import, unicode_literals
 from django.utils.translation import ugettext as _
 from django.conf import settings
-from django.views.generic import TemplateView, ListView, View
-from django.views.generic.edit import CreateView, DeleteView, FormView, UpdateView
 from django.urls import reverse_lazy
+from django.views.generic import TemplateView, ListView
+from django.views.generic.edit import CreateView, DeleteView, UpdateView
 from django.contrib.messages.views import SuccessMessageMixin
 from django.views.generic.detail import DetailView, SingleObjectMixin

+from common.const import create_success_msg, update_success_msg
 from .. import forms
-from ..models import Asset, AssetGroup, AdminUser, IDC, SystemUser
+from ..models import AdminUser, Node
 from ..hands import AdminUserRequiredMixin

-__all__ = ['AdminUserCreateView', 'AdminUserDetailView',
+__all__ = [
+    'AdminUserCreateView', 'AdminUserDetailView',
    'AdminUserDeleteView', 'AdminUserListView',
-           'AdminUserUpdateView',
-           ]
+    'AdminUserUpdateView', 'AdminUserAssetsView',
+]


 class AdminUserListView(AdminUserRequiredMixin, TemplateView):
@@ -28,7 +30,7 @@ class AdminUserListView(AdminUserRequiredMixin, TemplateView):
            'action': _('Admin user list'),
        }
        kwargs.update(context)
-        return super(AdminUserListView, self).get_context_data(**kwargs)
+        return super().get_context_data(**kwargs)


 class AdminUserCreateView(AdminUserRequiredMixin,
@@ -38,75 +40,77 @@ class AdminUserCreateView(AdminUserRequiredMixin,
    form_class = forms.AdminUserForm
    template_name = 'assets/admin_user_create_update.html'
    success_url = reverse_lazy('assets:admin-user-list')
+    success_message = create_success_msg

    def get_context_data(self, **kwargs):
        context = {
-            'app': 'assets',
-            'action': 'Create admin user'
+            'app': _('Assets'),
+            'action': _('Create admin user')
        }
        kwargs.update(context)
-        return super(AdminUserCreateView, self).get_context_data(**kwargs)
-
-    def get_success_message(self, cleaned_data):
-        success_message = _(
-            'Create admin user <a href="{url}">{name}</a> successfully.'.format(
-                url=reverse_lazy('assets:admin-user-detail',
-                                 kwargs={'pk': self.object.pk}),
-                name=self.object.name,
-            ))
-        return success_message
-
-    def form_invalid(self, form):
-        return super(AdminUserCreateView, self).form_invalid(form)
+        return super().get_context_data(**kwargs)


-class AdminUserUpdateView(AdminUserRequiredMixin, UpdateView):
+class AdminUserUpdateView(AdminUserRequiredMixin, SuccessMessageMixin, UpdateView):
    model = AdminUser
    form_class = forms.AdminUserForm
    template_name = 'assets/admin_user_create_update.html'
+    success_url = reverse_lazy('assets:admin-user-list')
+    success_message = update_success_msg

    def get_context_data(self, **kwargs):
        context = {
-            'app': 'assets',
-            'action': 'Update admin user'
+            'app': _('Assets'),
+            'action': _('Update admin user'),
        }
        kwargs.update(context)
-        return super(AdminUserUpdateView, self).get_context_data(**kwargs)
-
-    def get_success_url(self):
-        success_url = reverse_lazy('assets:admin-user-detail',
-                                   kwargs={'pk': self.object.pk})
-        return success_url
+        return super().get_context_data(**kwargs)


-class AdminUserDetailView(AdminUserRequiredMixin, SingleObjectMixin, ListView):
-    paginate_by = settings.CONFIG.DISPLAY_PER_PAGE
+class AdminUserDetailView(AdminUserRequiredMixin, DetailView):
+    model = AdminUser
    template_name = 'assets/admin_user_detail.html'
    context_object_name = 'admin_user'
+    object = None
+
+    def get_context_data(self, **kwargs):
+        context = {
+            'app': _('Assets'),
+            'action': _('Admin user detail'),
+            'nodes': Node.objects.all()
+        }
+        kwargs.update(context)
+        return super().get_context_data(**kwargs)
+
+
+class AdminUserAssetsView(AdminUserRequiredMixin, SingleObjectMixin, ListView):
+    paginate_by = settings.DISPLAY_PER_PAGE
+    template_name = 'assets/admin_user_assets.html'
+    context_object_name = 'admin_user'
+    object = None

    def get(self, request, *args, **kwargs):
        self.object = self.get_object(queryset=AdminUser.objects.all())
-        return super(AdminUserDetailView, self).get(request, *args, **kwargs)
+        return super().get(request, *args, **kwargs)

    def get_queryset(self):
-        return self.object.assets.all()
+        self.queryset = self.object.asset_set.all()
+        return self.queryset

    def get_context_data(self, **kwargs):
-        asset_groups = AssetGroup.objects.all()
-        assets = self.get_queryset()
        context = {
-            'app': 'assets',
-            'action': 'Admin user detail',
-            'assets_remain': [asset for asset in Asset.objects.all() if asset not in assets],
-            'asset_groups': asset_groups,
+            'app': _('Assets'),
+            'action': _('Admin user detail'),
+            "total_amount": len(self.queryset),
+            'unreachable_amount': len([asset for asset in self.queryset if asset.is_connective is False])
        }
        kwargs.update(context)
-        return super(AdminUserDetailView, self).get_context_data(**kwargs)
+        return super().get_context_data(**kwargs)


 class AdminUserDeleteView(AdminUserRequiredMixin, DeleteView):
    model = AdminUser
-    template_name = 'assets/delete_confirm.html'
+    template_name = 'delete_confirm.html'
    success_url = reverse_lazy('assets:admin-user-list')


--- a/apps/assets/views/asset.py
+++ b/apps/assets/views/asset.py
@@ -7,50 +7,52 @@ import uuid
 import codecs
 import chardet
 from io import StringIO
-from collections import defaultdict

 from django.conf import settings
+from django.db import transaction
 from django.utils.translation import ugettext_lazy as _
 from django.views.generic import TemplateView, ListView, View
 from django.views.generic.edit import CreateView, DeleteView, FormView, UpdateView
 from django.urls import reverse_lazy
-from django.views.generic.detail import DetailView, SingleObjectMixin
-from django.http import HttpResponse, JsonResponse, HttpResponseRedirect
-from django.views.decorators.csrf import csrf_protect, csrf_exempt
+from django.views.generic.detail import DetailView
+from django.http import HttpResponse, JsonResponse
+from django.views.decorators.csrf import csrf_exempt
 from django.utils.decorators import method_decorator
 from django.core.cache import cache
 from django.utils import timezone
 from django.contrib.auth.mixins import LoginRequiredMixin
-from django.shortcuts import get_object_or_404, redirect, reverse
+from django.shortcuts import redirect
+from django.contrib.messages.views import SuccessMessageMixin

 from common.mixins import JSONResponseMixin
-from common.utils import get_object_or_none
+from common.utils import get_object_or_none, get_logger, is_uuid
+from common.const import create_success_msg, update_success_msg
 from .. import forms
-from ..models import Asset, AssetGroup, AdminUser, IDC, SystemUser
+from ..models import Asset, AdminUser, SystemUser, Label, Node, Domain
 from ..hands import AdminUserRequiredMixin
-from ..tasks import update_assets_hardware_info


-__all__ = ['AssetListView', 'AssetCreateView', 'AssetUpdateView',
+__all__ = [
+    'AssetListView', 'AssetCreateView', 'AssetUpdateView',
    'UserAssetListView', 'AssetBulkUpdateView', 'AssetDetailView',
-           'AssetModalListView', 'AssetDeleteView', 'AssetExportView',
-           'BulkImportAssetView',
-           ]
+    'AssetDeleteView', 'AssetExportView', 'BulkImportAssetView',
+]
+logger = get_logger(__file__)


 class AssetListView(AdminUserRequiredMixin, TemplateView):
    template_name = 'assets/asset_list.html'

    def get_context_data(self, **kwargs):
+        Node.root()
        context = {
-            'app': 'Assets',
-            'action': 'Asset list',
-            'groups': AssetGroup.objects.all(),
-            'system_users': SystemUser.objects.all(),
-            # 'form': forms.AssetBulkUpdateForm(),
+            'app': _('Assets'),
+            'action': _('Asset list'),
+            'labels': Label.objects.all().order_by('name'),
+            'nodes': Node.objects.all().order_by('-key'),
        }
        kwargs.update(context)
-        return super(AssetListView, self).get_context_data(**kwargs)
+        return super().get_context_data(**kwargs)


 class UserAssetListView(LoginRequiredMixin, TemplateView):
@@ -58,56 +60,65 @@ class UserAssetListView(LoginRequiredMixin, TemplateView):

    def get_context_data(self, **kwargs):
        context = {
-            'app': 'Assets',
-            'action': 'Asset list',
+            'action': _('My assets'),
            'system_users': SystemUser.objects.all(),
        }
        kwargs.update(context)
-        return super(UserAssetListView, self).get_context_data(**kwargs)
+        return super().get_context_data(**kwargs)


-class AssetCreateView(AdminUserRequiredMixin, CreateView):
+class AssetCreateView(AdminUserRequiredMixin, SuccessMessageMixin, CreateView):
    model = Asset
    form_class = forms.AssetCreateForm
    template_name = 'assets/asset_create.html'
    success_url = reverse_lazy('assets:asset-list')

-    def form_valid(self, form):
-        self.asset = asset = form.save()
-        asset.created_by = self.request.user.username or 'Admin'
-        asset.date_created = timezone.now()
-        asset.save()
-        return super(AssetCreateView, self).form_valid(form)
+    # def form_valid(self, form):
+    #     print("form valid")
+    #     asset = form.save()
+    #     asset.created_by = self.request.user.username or 'Admin'
+    #     asset.date_created = timezone.now()
+    #     asset.save()
+    #     return super().form_valid(form)
+
+    def get_form(self, form_class=None):
+        form = super().get_form(form_class=form_class)
+        node_id = self.request.GET.get("node_id")
+        if node_id:
+            node = get_object_or_none(Node, id=node_id)
+        else:
+            node = Node.root()
+        form["nodes"].initial = node
+        return form

    def get_context_data(self, **kwargs):
        context = {
-            'app': 'Assets',
-            'action': 'Create asset',
+            'app': _('Assets'),
+            'action': _('Create asset'),
        }
        kwargs.update(context)
-        return super(AssetCreateView, self).get_context_data(**kwargs)
+        return super().get_context_data(**kwargs)

-    def get_success_url(self):
-        update_assets_hardware_info.delay([self.asset._to_secret_json()])
-        return super(AssetCreateView, self).get_success_url()
+    def get_success_message(self, cleaned_data):
+        return create_success_msg % ({"name": cleaned_data["hostname"]})


-class AssetModalListView(AdminUserRequiredMixin, ListView):
-    paginate_by = settings.CONFIG.DISPLAY_PER_PAGE
-    model = Asset
-    context_object_name = 'asset_modal_list'
-    template_name = 'assets/asset_modal_list.html'
-
-    def get_context_data(self, **kwargs):
-        assets = Asset.objects.all()
-        assets_id = self.request.GET.get('assets_id', '')
-        assets_id_list = [i for i in assets_id.split(',') if i.isdigit()]
-        context = {
-            'all_assets': assets_id_list,
-            'assets': assets
-        }
-        kwargs.update(context)
-        return super(AssetModalListView, self).get_context_data(**kwargs)
+# class AssetModalListView(AdminUserRequiredMixin, ListView):
+#     paginate_by = settings.DISPLAY_PER_PAGE
+#     model = Asset
+#     context_object_name = 'asset_modal_list'
+#     template_name = 'assets/_asset_list_modal.html'
+#
+#     def get_context_data(self, **kwargs):
+#         assets = Asset.objects.all()
+#         assets_id = self.request.GET.get('assets_id', '')
+#         assets_id_list = [i for i in assets_id.split(',') if i.isdigit()]
+#         context = {
+#             'all_assets': assets_id_list,
+#             'assets': assets
+#         }
+#         kwargs.update(context)
+#         return super().get_context_data(**kwargs)


 class AssetBulkUpdateView(AdminUserRequiredMixin, ListView):
@@ -115,20 +126,22 @@ class AssetBulkUpdateView(AdminUserRequiredMixin, ListView):
    form_class = forms.AssetBulkUpdateForm
    template_name = 'assets/asset_bulk_update.html'
    success_url = reverse_lazy('assets:asset-list')
+    id_list = None
+    form = None

    def get(self, request, *args, **kwargs):
        assets_id = self.request.GET.get('assets_id', '')
-        self.assets_id_list = [int(i) for i in assets_id.split(',') if i.isdigit()]
+        self.id_list = [i for i in assets_id.split(',')]

        if kwargs.get('form'):
            self.form = kwargs['form']
        elif assets_id:
            self.form = self.form_class(
-                initial={'assets': self.assets_id_list}
+                initial={'assets': self.id_list}
            )
        else:
            self.form = self.form_class()
-        return super(AssetBulkUpdateView, self).get(request, *args, **kwargs)
+        return super().get(request, *args, **kwargs)

    def post(self, request, *args, **kwargs):
        form = self.form_class(request.POST)
@@ -139,19 +152,17 @@ class AssetBulkUpdateView(AdminUserRequiredMixin, ListView):
            return self.get(request, form=form, *args, **kwargs)

    def get_context_data(self, **kwargs):
-        # assets_list = Asset.objects.filter(id__in=self.assets_id_list)
        context = {
-            'app': 'Assets',
-            'action': 'Bulk update asset',
+            'app': _('Assets'),
+            'action': _('Bulk update asset'),
            'form': self.form,
-            'assets_selected': self.assets_id_list,
-            'assets': Asset.objects.all(),
+            'assets_selected': self.id_list,
        }
        kwargs.update(context)
-        return super(AssetBulkUpdateView, self).get_context_data(**kwargs)
+        return super().get_context_data(**kwargs)


-class AssetUpdateView(AdminUserRequiredMixin, UpdateView):
+class AssetUpdateView(AdminUserRequiredMixin, SuccessMessageMixin, UpdateView):
    model = Asset
    form_class = forms.AssetUpdateForm
    template_name = 'assets/asset_update.html'
@@ -159,20 +170,19 @@ class AssetUpdateView(AdminUserRequiredMixin, UpdateView):

    def get_context_data(self, **kwargs):
        context = {
-            'app': 'Assets',
-            'action': 'Update asset',
+            'app': _('Assets'),
+            'action': _('Update asset'),
        }
        kwargs.update(context)
-        return super(AssetUpdateView, self).get_context_data(**kwargs)
+        return super().get_context_data(**kwargs)

-    def form_invalid(self, form):
-        print(form.errors)
-        return super(AssetUpdateView, self).form_invalid(form)
+    def get_success_message(self, cleaned_data):
+        return update_success_msg % ({"name": cleaned_data["hostname"]})


 class AssetDeleteView(AdminUserRequiredMixin, DeleteView):
    model = Asset
-    template_name = 'assets/delete_confirm.html'
+    template_name = 'delete_confirm.html'
    success_url = reverse_lazy('assets:asset-list')


@@ -182,26 +192,21 @@ class AssetDetailView(DetailView):
    template_name = 'assets/asset_detail.html'

    def get_context_data(self, **kwargs):
-        asset_groups = self.object.groups.all()
-        system_users = self.object.system_users.all()
+        nodes_remain = Node.objects.exclude(assets=self.object)
        context = {
-            'app': 'Assets',
-            'action': 'Asset detail',
-            'asset_groups_remain': [asset_group for asset_group in AssetGroup.objects.all()
-                                    if asset_group not in asset_groups],
-            'asset_groups': asset_groups,
-            'system_users_all': SystemUser.objects.all(),
-            'system_users': system_users,
+            'app': _('Assets'),
+            'action': _('Asset detail'),
+            'nodes_remain': nodes_remain,
        }
        kwargs.update(context)
-        return super(AssetDetailView, self).get_context_data(**kwargs)
+        return super().get_context_data(**kwargs)


@method_decorator(csrf_exempt, name='dispatch')
 class AssetExportView(View):
    def get(self, request):
        spm = request.GET.get('spm', '')
-        assets_id_default = [Asset.objects.first().id] if Asset.objects.first() else [1]
+        assets_id_default = [Asset.objects.first().id] if Asset.objects.first() else []
        assets_id = cache.get(spm, assets_id_default)
        fields = [
            field for field in Asset._meta.fields
@@ -210,30 +215,35 @@ class AssetExportView(View):
            ]
        ]
        filename = 'assets-{}.csv'.format(
-            timezone.localtime(timezone.now()).strftime('%Y-%m-%d_%H-%M-%S'))
+            timezone.localtime(timezone.now()).strftime('%Y-%m-%d_%H-%M-%S')
+        )
        response = HttpResponse(content_type='text/csv')
        response['Content-Disposition'] = 'attachment; filename="%s"' % filename
        response.write(codecs.BOM_UTF8)
        assets = Asset.objects.filter(id__in=assets_id)
-        writer = csv.writer(response, dialect='excel',
-                            quoting=csv.QUOTE_MINIMAL)
+        writer = csv.writer(response, dialect='excel', quoting=csv.QUOTE_MINIMAL)

        header = [field.verbose_name for field in fields]
-        header.append(_('Asset groups'))
        writer.writerow(header)

        for asset in assets:
-            groups = ','.join([group.name for group in asset.groups.all()])
            data = [getattr(asset, field.name) for field in fields]
-            data.append(groups)
            writer.writerow(data)
        return response

    def post(self, request, *args, **kwargs):
        try:
            assets_id = json.loads(request.body).get('assets_id', [])
+            assets_node_id = json.loads(request.body).get('node_id', None)
        except ValueError:
            return HttpResponse('Json object not valid', status=400)
+
+        if not assets_id and assets_node_id:
+            assets_node = get_object_or_none(Node, id=assets_node_id)
+            assets = assets_node.get_all_assets()
+            for asset in assets:
+                assets_id.append(asset.id)
+
        spm = uuid.uuid4().hex
        cache.set(spm, assets_id, 300)
        url = reverse_lazy('assets:asset-export') + '?spm=%s' % spm
@@ -244,9 +254,12 @@ class BulkImportAssetView(AdminUserRequiredMixin, JSONResponseMixin, FormView):
    form_class = forms.FileForm

    def form_valid(self, form):
+        node_id = self.request.GET.get("node_id")
+        node = get_object_or_none(Node, id=node_id) if node_id else Node.root()
        f = form.cleaned_data['file']
        det_result = chardet.detect(f.read())
        f.seek(0)  # reset file seek index
+
        file_data = f.read().decode(det_result['encoding']).strip(codecs.BOM_UTF8.decode())
        csv_file = StringIO(file_data)
        reader = csv.reader(csv_file)
@@ -259,7 +272,6 @@ class BulkImportAssetView(AdminUserRequiredMixin, JSONResponseMixin, FormView):
        ]
        header_ = csv_data[0]
        mapping_reverse = {field.verbose_name: field.name for field in fields}
-        mapping_reverse[_('Asset groups')] = 'groups'
        attr = [mapping_reverse.get(n, None) for n in header_]
        if None in attr:
            data = {'valid': False,
@@ -273,51 +285,44 @@ class BulkImportAssetView(AdminUserRequiredMixin, JSONResponseMixin, FormView):
            if set(row) == {''}:
                continue

-            asset_dict = dict(zip(attr, row))
-            id_ = asset_dict.pop('id', 0)
-
-            try:
-                id_ = int(id_)
-            except ValueError:
-                id_ = 0
-
-            asset = get_object_or_none(Asset, id=id_)
-            for k, v in asset_dict.items():
-                if k == 'idc':
-                    v = get_object_or_none(IDC, name=v)
-                elif k == 'is_active':
-                    v = bool(v)
+            asset_dict_raw = dict(zip(attr, row))
+            asset_dict = dict()
+            for k, v in asset_dict_raw.items():
+                v = v.strip()
+                if k == 'is_active':
+                    v = False if v in ['False', 0, 'false'] else True
                elif k == 'admin_user':
                    v = get_object_or_none(AdminUser, name=v)
-                elif k in ['port', 'cabinet_pos', 'cpu_count', 'cpu_cores']:
+                elif k in ['port', 'cpu_count', 'cpu_cores']:
                    try:
                        v = int(v)
                    except ValueError:
-                        v = 0
-                elif k == 'groups':
-                    groups_name = v.split(',')
-                    v = AssetGroup.objects.filter(name__in=groups_name)
-                else:
-                    continue
+                        v = ''
+                elif k == 'domain':
+                    v = get_object_or_none(Domain, name=v)
+
+                if v != '':
                    asset_dict[k] = v

+            asset = None
+            asset_id = asset_dict.pop('id', None)
+            if asset_id:
+                asset = get_object_or_none(Asset, id=asset_id)
            if not asset:
                try:
-                    groups = asset_dict.pop('groups')
                    if len(Asset.objects.filter(hostname=asset_dict.get('hostname'))):
                        raise Exception(_('already exists'))
+                    with transaction.atomic():
                        asset = Asset.objects.create(**asset_dict)
-                    asset.groups.set(groups)
+                        if node:
+                            asset.nodes.set([node])
                        created.append(asset_dict['hostname'])
                        assets.append(asset)
                except Exception as e:
                    failed.append('%s: %s' % (asset_dict['hostname'], str(e)))
            else:
                for k, v in asset_dict.items():
-                    if k == 'groups':
-                        asset.groups.set(v)
-                        continue
-                    if v:
+                    if v != '':
                        setattr(asset, k, v)
                try:
                    asset.save()
@@ -325,10 +330,6 @@ class BulkImportAssetView(AdminUserRequiredMixin, JSONResponseMixin, FormView):
                except Exception as e:
                    failed.append('%s: %s' % (asset_dict['hostname'], str(e)))

-        if assets:
-            update_assets_hardware_info.delay([asset._to_secret_json() for asset in assets])
-
-
        data = {
            'created': created,
            'created_info': 'Created {}'.format(len(created)),
@@ -342,4 +343,3 @@ class BulkImportAssetView(AdminUserRequiredMixin, JSONResponseMixin, FormView):
        }
        return self.render_json_response(data)

-
--- a/apps/assets/views/domain.py
+++ b/apps/assets/views/domain.py
@@ -0,0 +1,154 @@
+# -*- coding: utf-8 -*-
+#
+
+from django.views.generic import TemplateView, CreateView, \
+    UpdateView, DeleteView, DetailView
+from django.views.generic.detail import SingleObjectMixin
+from django.utils.translation import ugettext_lazy as _
+from django.urls import reverse_lazy, reverse
+
+from common.mixins import AdminUserRequiredMixin
+from common.const import create_success_msg, update_success_msg
+from common.utils import get_object_or_none
+from ..models import Domain, Gateway
+from ..forms import DomainForm, GatewayForm
+
+
+__all__ = (
+    "DomainListView", "DomainCreateView", "DomainUpdateView",
+    "DomainDetailView", "DomainDeleteView", "DomainGatewayListView",
+    "DomainGatewayCreateView", 'DomainGatewayUpdateView',
+)
+
+
+class DomainListView(AdminUserRequiredMixin, TemplateView):
+    template_name = 'assets/domain_list.html'
+
+    def get_context_data(self, **kwargs):
+        context = {
+            'app': _('Assets'),
+            'action': _('Domain list'),
+        }
+        kwargs.update(context)
+        return super().get_context_data(**kwargs)
+
+
+class DomainCreateView(AdminUserRequiredMixin, CreateView):
+    model = Domain
+    template_name = 'assets/domain_create_update.html'
+    form_class = DomainForm
+    success_url = reverse_lazy('assets:domain-list')
+    success_message = create_success_msg
+
+    def get_context_data(self, **kwargs):
+        context = {
+            'app': _('Assets'),
+            'action': _('Create domain'),
+        }
+        kwargs.update(context)
+        return super().get_context_data(**kwargs)
+
+
+class DomainUpdateView(AdminUserRequiredMixin, UpdateView):
+    model = Domain
+    template_name = 'assets/domain_create_update.html'
+    form_class = DomainForm
+    success_url = reverse_lazy('assets:domain-list')
+    success_message = update_success_msg
+
+    def get_context_data(self, **kwargs):
+        context = {
+            'app': _('Assets'),
+            'action': _('Update domain'),
+        }
+        kwargs.update(context)
+        return super().get_context_data(**kwargs)
+
+
+class DomainDetailView(AdminUserRequiredMixin, DetailView):
+    model = Domain
+    template_name = 'assets/domain_detail.html'
+
+    def get_context_data(self, **kwargs):
+        context = {
+            'app': _('Assets'),
+            'action': _('Domain detail'),
+        }
+        kwargs.update(context)
+        return super().get_context_data(**kwargs)
+
+
+class DomainDeleteView(AdminUserRequiredMixin, DeleteView):
+    model = Domain
+    template_name = 'delete_confirm.html'
+    success_url = reverse_lazy('assets:domain-list')
+
+
+class DomainGatewayListView(AdminUserRequiredMixin, SingleObjectMixin, TemplateView):
+    template_name = 'assets/domain_gateway_list.html'
+    model = Domain
+    object = None
+
+    def get(self, request, *args, **kwargs):
+        self.object = self.get_object(queryset=self.model.objects.all())
+        return super().get(request, *args, **kwargs)
+
+    def get_context_data(self, **kwargs):
+        context = {
+            'app': _('Assets'),
+            'action': _('Domain gateway list'),
+            'object': self.get_object()
+        }
+        kwargs.update(context)
+        return super().get_context_data(**kwargs)
+
+
+class DomainGatewayCreateView(AdminUserRequiredMixin, CreateView):
+    model = Gateway
+    template_name = 'assets/gateway_create_update.html'
+    form_class = GatewayForm
+    success_message = create_success_msg
+
+    def get_success_url(self):
+        domain = self.object.domain
+        return reverse('assets:domain-gateway-list', kwargs={"pk": domain.id})
+
+    def get_form(self, form_class=None):
+        form = super().get_form(form_class=form_class)
+        domain_id = self.kwargs.get("pk")
+        domain = get_object_or_none(Domain, id=domain_id)
+        if domain:
+            form['domain'].initial = domain
+        return form
+
+    def get_context_data(self, **kwargs):
+        context = {
+            'app': _('Assets'),
+            'action': _('Create gateway'),
+        }
+        kwargs.update(context)
+        return super().get_context_data(**kwargs)
+
+
+class DomainGatewayUpdateView(AdminUserRequiredMixin, UpdateView):
+    model = Gateway
+    template_name = 'assets/gateway_create_update.html'
+    form_class = GatewayForm
+    success_message = update_success_msg
+
+    def get_success_url(self):
+        domain = self.object.domain
+        return reverse('assets:domain-gateway-list', kwargs={"pk": domain.id})
+
+    def form_valid(self, form):
+        response = super().form_valid(form)
+        print(form.cleaned_data)
+        return response
+
+    def get_context_data(self, **kwargs):
+        context = {
+            'app': _('Assets'),
+            'action': _('Update gateway'),
+        }
+        kwargs.update(context)
+        return super().get_context_data(**kwargs)
--- a/apps/assets/views/group.py
+++ b/apps/assets/views/group.py
@@ -1,111 +0,0 @@
-# coding:utf-8
-from __future__ import absolute_import, unicode_literals
-
-from django.utils.translation import ugettext as _
-from django.views.generic import TemplateView, ListView, View
-from django.views.generic.edit import CreateView, DeleteView, FormView, UpdateView
-from django.urls import reverse_lazy
-from django.views.generic.detail import DetailView, SingleObjectMixin
-from django.shortcuts import get_object_or_404, reverse, redirect
-
-from .. import forms
-from ..models import Asset, AssetGroup, AdminUser, IDC, SystemUser
-from ..hands import AdminUserRequiredMixin
-
-
-__all__ = ['AssetGroupCreateView', 'AssetGroupDetailView',
-           'AssetGroupUpdateView', 'AssetGroupListView',
-           'AssetGroupDeleteView',
-           ]
-
-
-class AssetGroupCreateView(AdminUserRequiredMixin, CreateView):
-    model = AssetGroup
-    form_class = forms.AssetGroupForm
-    template_name = 'assets/asset_group_create.html'
-    success_url = reverse_lazy('assets:asset-group-list')
-
-    def get_context_data(self, **kwargs):
-        context = {
-            'app': _('Assets'),
-            'action': _('Create asset group'),
-            'assets_count': 0,
-        }
-        kwargs.update(context)
-        return super(AssetGroupCreateView, self).get_context_data(**kwargs)
-
-    def form_valid(self, form):
-        asset_group = form.save()
-        assets_id_list = self.request.POST.getlist('assets', [])
-        assets = [get_object_or_404(Asset, id=int(asset_id))
-                  for asset_id in assets_id_list]
-        asset_group.created_by = self.request.user.username or 'Admin'
-        asset_group.assets.add(*tuple(assets))
-        asset_group.save()
-        return super(AssetGroupCreateView, self).form_valid(form)
-
-
-class AssetGroupListView(AdminUserRequiredMixin, TemplateView):
-    template_name = 'assets/asset_group_list.html'
-
-    def get_context_data(self, **kwargs):
-        context = {
-            'app': _('Assets'),
-            'action': _('Asset group list'),
-            'assets': Asset.objects.all(),
-            'system_users': SystemUser.objects.all(),
-            'keyword': self.request.GET.get('keyword', '')
-        }
-        kwargs.update(context)
-        return super(AssetGroupListView, self).get_context_data(**kwargs)
-
-
-class AssetGroupDetailView(AdminUserRequiredMixin, DetailView):
-    model = AssetGroup
-    template_name = 'assets/asset_group_detail.html'
-    context_object_name = 'asset_group'
-
-    def get_context_data(self, **kwargs):
-        assets_remain = Asset.objects.exclude(id__in=self.object.assets.all())
-        system_users = SystemUser.objects.all()
-        system_users_remain = SystemUser.objects.exclude(id__in=system_users)
-        context = {
-            'app': _('Assets'),
-            'action': _('Asset group detail'),
-            'assets_remain': assets_remain,
-            'assets': [asset for asset in Asset.objects.all()
-                       if asset not in assets_remain],
-            'system_users': system_users,
-            'system_users_remain': system_users_remain,
-        }
-        kwargs.update(context)
-        return super(AssetGroupDetailView, self).get_context_data(**kwargs)
-
-
-class AssetGroupUpdateView(AdminUserRequiredMixin, UpdateView):
-    model = AssetGroup
-    form_class = forms.AssetGroupForm
-    template_name = 'assets/asset_group_create.html'
-    success_url = reverse_lazy('assets:asset-group-list')
-
-    def get(self, request, *args, **kwargs):
-        self.object = self.get_object(queryset=AssetGroup.objects.all())
-        return super(AssetGroupUpdateView, self).get(request, *args, **kwargs)
-
-    def get_context_data(self, **kwargs):
-        assets_all = self.object.assets.all()
-        context = {
-            'app': _('Assets'),
-            'action': _('Create asset group'),
-            'assets_on_list': assets_all,
-            'assets_count': len(assets_all),
-            'group_id': self.object.id,
-        }
-        kwargs.update(context)
-        return super(AssetGroupUpdateView, self).get_context_data(**kwargs)
-
-
-class AssetGroupDeleteView(AdminUserRequiredMixin, DeleteView):
-    template_name = 'assets/delete_confirm.html'
-    model = AssetGroup
-    success_url = reverse_lazy('assets:asset-group-list')
--- a/apps/assets/views/idc.py
+++ b/apps/assets/views/idc.py
@@ -1,101 +0,0 @@
-# coding:utf-8
-from __future__ import absolute_import, unicode_literals
-from django.utils.translation import ugettext as _
-from django.views.generic import TemplateView, ListView, View
-from django.views.generic.edit import CreateView, DeleteView, FormView, UpdateView
-from django.urls import reverse_lazy
-from django.views.generic.detail import DetailView, SingleObjectMixin
-from .. import forms
-from ..models import Asset, AssetGroup, AdminUser, IDC, SystemUser
-from ..hands import AdminUserRequiredMixin
-
-
-__all__ = ['IDCListView', 'IDCCreateView', 'IDCUpdateView',
-           'IDCDetailView', 'IDCDeleteView', 'IDCAssetsView']
-
-
-class IDCListView(AdminUserRequiredMixin, TemplateView):
-    template_name = 'assets/idc_list.html'
-
-    def get_context_data(self, **kwargs):
-        context = {
-            'app': _('Assets'),
-            'action': _('IDC list'),
-            # 'keyword': self.request.GET.get('keyword', '')
-        }
-        kwargs.update(context)
-        return super(IDCListView, self).get_context_data(**kwargs)
-
-
-class IDCCreateView(AdminUserRequiredMixin, CreateView):
-    model = IDC
-    form_class = forms.IDCForm
-    template_name = 'assets/idc_create_update.html'
-    success_url = reverse_lazy('assets:idc-list')
-
-    def get_context_data(self, **kwargs):
-        context = {
-            'app': _('assets'),
-            'action': _('Create IDC'),
-        }
-        kwargs.update(context)
-        return super(IDCCreateView, self).get_context_data(**kwargs)
-
-    def form_valid(self, form):
-        idc = form.save(commit=False)
-        idc.created_by = self.request.user.username or 'System'
-        idc.save()
-        return super(IDCCreateView, self).form_valid(form)
-
-
-class IDCUpdateView(AdminUserRequiredMixin, UpdateView):
-    model = IDC
-    form_class = forms.IDCForm
-    template_name = 'assets/idc_create_update.html'
-    context_object_name = 'idc'
-    success_url = reverse_lazy('assets:idc-list')
-
-    def form_valid(self, form):
-        idc = form.save(commit=False)
-        idc.save()
-        return super(IDCUpdateView, self).form_valid(form)
-
-    def get_context_data(self, **kwargs):
-        context = {
-            'app': _('assets'),
-            'action': _('Update IDC'),
-        }
-        kwargs.update(context)
-        return super(IDCUpdateView, self).get_context_data(**kwargs)
-
-
-class IDCDetailView(AdminUserRequiredMixin, DetailView):
-    model = IDC
-    template_name = 'assets/idc_detail.html'
-    context_object_name = 'idc'
-
-
-class IDCAssetsView(AdminUserRequiredMixin, DetailView):
-    model = IDC
-    template_name = 'assets/idc_assets.html'
-    context_object_name = 'idc'
-
-    def get_context_data(self, **kwargs):
-        assets_remain = Asset.objects.exclude(id__in=self.object.assets.all())
-
-        context = {
-            'app': _('Assets'),
-            'action': _('Asset detail'),
-            'groups': AssetGroup.objects.all(),
-            'system_users': SystemUser.objects.all(),
-            'assets_remain': assets_remain,
-            'assets': [asset for asset in Asset.objects.all() if asset not in assets_remain],
-        }
-        kwargs.update(context)
-        return super(IDCAssetsView, self).get_context_data(**kwargs)
-
-
-class IDCDeleteView(AdminUserRequiredMixin, DeleteView):
-    model = IDC
-    template_name = 'assets/delete_confirm.html'
-    success_url = reverse_lazy('assets:idc-list')
--- a/apps/assets/views/label.py
+++ b/apps/assets/views/label.py
@@ -0,0 +1,72 @@
+# -*- coding: utf-8 -*-
+#
+
+from django.views.generic import TemplateView, CreateView, \
+    UpdateView, DeleteView, DetailView
+from django.utils.translation import ugettext_lazy as _
+from django.urls import reverse_lazy
+
+from common.mixins import AdminUserRequiredMixin
+from common.const import create_success_msg, update_success_msg
+from ..models import Label
+from ..forms import LabelForm
+
+
+__all__ = (
+    "LabelListView", "LabelCreateView", "LabelUpdateView",
+    "LabelDetailView", "LabelDeleteView",
+)
+
+
+class LabelListView(AdminUserRequiredMixin, TemplateView):
+    template_name = 'assets/label_list.html'
+
+    def get_context_data(self, **kwargs):
+        context = {
+            'app': _('Assets'),
+            'action': _('Label list'),
+        }
+        kwargs.update(context)
+        return super().get_context_data(**kwargs)
+
+
+class LabelCreateView(AdminUserRequiredMixin, CreateView):
+    model = Label
+    template_name = 'assets/label_create_update.html'
+    form_class = LabelForm
+    success_url = reverse_lazy('assets:label-list')
+    success_message = create_success_msg
+
+    def get_context_data(self, **kwargs):
+        context = {
+            'app': _('Assets'),
+            'action': _('Create label'),
+        }
+        kwargs.update(context)
+        return super().get_context_data(**kwargs)
+
+
+class LabelUpdateView(AdminUserRequiredMixin, UpdateView):
+    model = Label
+    template_name = 'assets/label_create_update.html'
+    form_class = LabelForm
+    success_url = reverse_lazy('assets:label-list')
+    success_message = update_success_msg
+
+    def get_context_data(self, **kwargs):
+        context = {
+            'app': _('Assets'),
+            'action': _('Update label'),
+        }
+        kwargs.update(context)
+        return super().get_context_data(**kwargs)
+
+
+class LabelDetailView(AdminUserRequiredMixin, DetailView):
+    pass
+
+
+class LabelDeleteView(AdminUserRequiredMixin, DeleteView):
+    model = Label
+    template_name = 'delete_confirm.html'
+    success_url = reverse_lazy('assets:label-list')
--- a/apps/assets/views/system_user.py
+++ b/apps/assets/views/system_user.py
@@ -1,25 +1,23 @@
 # ~*~ coding: utf-8 ~*~

-from __future__ import absolute_import, unicode_literals
 from django.utils.translation import ugettext as _
-from django.conf import settings
-from django.db import transaction
-from django.views.generic import TemplateView, ListView
+from django.views.generic import TemplateView
 from django.views.generic.edit import CreateView, DeleteView, UpdateView
 from django.urls import reverse_lazy
 from django.contrib.messages.views import SuccessMessageMixin
-from django.views.generic.detail import DetailView, SingleObjectMixin
+from django.views.generic.detail import DetailView

-from .. import forms
-from ..models import Asset, AssetGroup, SystemUser
+from common.const import create_success_msg, update_success_msg
+from ..forms import SystemUserForm
+from ..models import SystemUser, Node
 from ..hands import AdminUserRequiredMixin
-from perms.utils import associate_system_users_and_assets


-__all__ = ['SystemUserCreateView', 'SystemUserUpdateView',
+__all__ = [
+    'SystemUserCreateView', 'SystemUserUpdateView',
    'SystemUserDetailView', 'SystemUserDeleteView',
    'SystemUserAssetView', 'SystemUserListView',
-           ]
+]


 class SystemUserListView(AdminUserRequiredMixin, TemplateView):
@@ -31,18 +29,15 @@ class SystemUserListView(AdminUserRequiredMixin, TemplateView):
            'action': _('System user list'),
        }
        kwargs.update(context)
-        return super(SystemUserListView, self).get_context_data(**kwargs)
+        return super().get_context_data(**kwargs)


 class SystemUserCreateView(AdminUserRequiredMixin, SuccessMessageMixin, CreateView):
    model = SystemUser
-    form_class = forms.SystemUserForm
+    form_class = SystemUserForm
    template_name = 'assets/system_user_create.html'
    success_url = reverse_lazy('assets:system-user-list')
-
-    @transaction.atomic
-    def post(self, request, *args, **kwargs):
-        return super(SystemUserCreateView, self).post(request, *args, **kwargs)
+    success_message = create_success_msg

    def get_context_data(self, **kwargs):
        context = {
@@ -50,23 +45,15 @@ class SystemUserCreateView(AdminUserRequiredMixin, SuccessMessageMixin, CreateVi
            'action': _('Create system user'),
        }
        kwargs.update(context)
-        return super(SystemUserCreateView, self).get_context_data(**kwargs)
-
-    def get_success_message(self, cleaned_data):
-        url = reverse_lazy('assets:system-user-detail',
-                           kwargs={'pk': self.object.pk}),
-        success_message = _(
-            'Create system user <a href="{url}">{name}</a> '
-            'successfully.'.format(url=url, name=self.object.name)
-        )
-
-        return success_message
+        return super().get_context_data(**kwargs)


-class SystemUserUpdateView(AdminUserRequiredMixin, UpdateView):
+class SystemUserUpdateView(AdminUserRequiredMixin, SuccessMessageMixin, UpdateView):
    model = SystemUser
-    form_class = forms.SystemUserUpdateForm
+    form_class = SystemUserForm
    template_name = 'assets/system_user_update.html'
+    success_url = reverse_lazy('assets:system-user-list')
+    success_message = update_success_msg

    def get_context_data(self, **kwargs):
        context = {
@@ -74,20 +61,7 @@ class SystemUserUpdateView(AdminUserRequiredMixin, UpdateView):
            'action': _('Update system user')
        }
        kwargs.update(context)
-        return super(SystemUserUpdateView, self).get_context_data(**kwargs)
-
-    def form_valid(self, form):
-        response = super(SystemUserUpdateView, self).form_valid(form)
-        system_user = self.object
-        assets = system_user.assets.all()
-        asset_groups = system_user.asset_groups.all()
-        associate_system_users_and_assets([system_user], assets, asset_groups, force=True)
-        return response
-
-    def get_success_url(self):
-        success_url = reverse_lazy('assets:system-user-detail',
-                                   kwargs={'pk': self.object.pk})
-        return success_url
+        return super().get_context_data(**kwargs)


 class SystemUserDetailView(AdminUserRequiredMixin, DetailView):
@@ -98,50 +72,28 @@ class SystemUserDetailView(AdminUserRequiredMixin, DetailView):
    def get_context_data(self, **kwargs):
        context = {
            'app': _('Assets'),
-            'action': _('System user detail')
+            'action': _('System user detail'),
+            'nodes_remain': Node.objects.exclude(systemuser=self.object)
        }
        kwargs.update(context)
-        return super(SystemUserDetailView, self).get_context_data(**kwargs)
+        return super().get_context_data(**kwargs)


 class SystemUserDeleteView(AdminUserRequiredMixin, DeleteView):
    model = SystemUser
-    template_name = 'assets/delete_confirm.html'
+    template_name = 'delete_confirm.html'
    success_url = reverse_lazy('assets:system-user-list')


-class SystemUserAssetView(AdminUserRequiredMixin, SingleObjectMixin, ListView):
-    paginate_by = settings.CONFIG.DISPLAY_PER_PAGE
+class SystemUserAssetView(AdminUserRequiredMixin, DetailView):
+    model = SystemUser
    template_name = 'assets/system_user_asset.html'
    context_object_name = 'system_user'

-    def get(self, request, *args, **kwargs):
-        self.object = self.get_object(queryset=SystemUser.objects.all())
-        return super(SystemUserAssetView, self).get(request, *args, **kwargs)
-
-    def get_asset_groups(self):
-        return self.object.asset_groups.all()
-
-    # Todo: queryset default order by connectivity, need ops support
-    def get_queryset(self):
-        return list(self.object.get_assets())
-
    def get_context_data(self, **kwargs):
-        asset_groups = self.get_asset_groups()
-        assets = self.get_queryset()
        context = {
-            'app': 'assets',
-            'action': 'System user asset',
-            'assets_remain': [asset for asset in Asset.objects.all() if asset not in assets],
-            'asset_groups': asset_groups,
-            'asset_groups_remain': [asset_group for asset_group in AssetGroup.objects.all()
-                                    if asset_group not in asset_groups]
+            'app': _('assets'),
+            'action': _('System user asset'),
        }
        kwargs.update(context)
-        return super(SystemUserAssetView, self).get_context_data(**kwargs)
-
-
-
-
-
-
+        return super().get_context_data(**kwargs)
--- a/Show More
+++ b/Show More