调整，以适应useregion灵活传值，注意，useregion非空为json串：{"method":"rst"}，空为userRegion=

2020-04-22 12:24:24 +08:00
parent c22164a3b3
commit 0dda3bfc7f
5 changed files with 118 additions and 6 deletions
--- a/01-TestCase/tsg_adc/selfserver/SelfServerDenyAllTests.robot
+++ b/01-TestCase/tsg_adc/selfserver/SelfServerDenyAllTests.robot
@@ -50,7 +50,7 @@ SelfServerSecurityPolicy-Deny-AllProtol-00001
               ...    policyDesc=${Default_PolicyDesc}   
           	   ...    action=deny
           	   ...    effectiveRange=${Default_EffectiveRange}
-           	   ...    userRegion=method:rst
+           	   ...    userRegion={"method":"rst"}
           	   ...    referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR
           	   ...    isValid=${Default_IsValid}
           	   ...    appObjectIdArray=${Default_AppObjectIdArray}
--- a/01-TestCase/zjj/ZJJ_ProxyPolicy-Replace.robot
+++ b/01-TestCase/zjj/ZJJ_ProxyPolicy-Replace.robot
@@ -0,0 +1,100 @@
+*** Settings ***
+Test Teardown     DeletePolicyAndObject    ${policyIds}    ${objectids}    
+Force Tags        zjj    tsg_proxy    replace
+Library           OperatingSystem
+Resource          ../../02-Keyword/tsg_adc/SystemCommand.robot
+Resource          ../../02-Keyword/tsg_bfapi/PolicyObject.robot
+Resource          ../../02-Keyword/tsg_bfapi/LogVariable.robot
+Resource          ../../03-Variable/PolicyObjectDefault.txt
+Resource          ../../02-Keyword/tsg_common/StmpHandle.robot
+Resource          ../../03-Variable/BifangApiVariable.txt
+Library           Custometest
+Library           json
+
+*** Variables ***
+${policyIds}      ${EMPTY}
+${objectids}      ${EMPTY}
+${url}            /policy/profile/responsepages
+${profiledId}     ${EMPTY}
+
+*** Test Cases ***
+ZJJ_ProxyPolicy-Replace-Uri-00001
+    [Tags]        selfserver  
+    
+    ${caseName}    set variable    ZJJ_ProxyPolicy-Replace-Uri-00001
+    # 创建对象-IP
+    # addItemList全参数：（为方便说明，将参数值拆分为几部分，其实际值为单条无空格/回车字符串，每部分内代表的各参数不可跳跃。）
+    #     [addrType]|[protocol]|[direction]|[isSession]#                        第一部分（可省略）
+    #     [clientIpFormat]|[clientIp1]|[clientIp2]|[clientPort1/clientPort2]&   第二部分（不可省略）
+    #     [serverIpFormat]|[serverIp1]|[serverIp2]|[serverPort1/serverPort2]|   第三部分（可省略）
+    #     [isInitialize]|[itemName]|[itemDesc],                                 第四部分（可省略）
+    #     ...
+    Comment    创建目标IP
+    ${objectDict}    Create Dictionary
+		   	   ...    objectType=ip
+           	   ...    isValid=1
+           	   ...    objectSubType=${Default_ObjectSubType}
+           	   ...    isInitialize=${Default_IsInitialize}
+           	   ...    isExclusion=${Default_IsExclusion}
+           	   ...    objectName=${caseName}_IPobject
+           	   ...    objectDesc=${Default_ObjectDesc}
+           	   ...    subObjectIds=${Default_SubObjectIds}
+           	   ...    addItemList=CIDR|192.168.100.5|32|0/0&${Default_AddItem_ServerIpFormat}|${Default_AddItem_ServerIp1}|${Default_AddItem_ServerIp2}|${Default_AddItem_ServerPort}|${Default_AddItem_IsInitialize}|${Default_AddItem_ItemName}|${Default_AddItem_ItemDesc}
+    ${rescode}    ${objectId}    AddObject2    ${1}    ${objectDict}    
+    ${objectids}    set Variable    ${objectId}
+    
+    #创建url 
+    ${objectDict}    Create Dictionary
+		   	   ...    objectType=url
+           	   ...    isValid=${1}
+           	   ...    objectSubType=${Default_ObjectSubType}
+           	   ...    isInitialize=${Default_IsInitialize}
+           	   ...    isExclusion=${Default_IsExclusion}
+           	   ...    objectName=${caseName}_URLobject
+           	   ...    objectDesc=${Default_ObjectDesc}
+           	   ...    subObjectIds=${Default_SubObjectIds}
+           	   ...    addItemList=open.node.com/action
+    ${rescode}    ${object_URL_Id}    AddObject2    ${1}    ${objectDict}      
+    ${objectids}    Catenate    SEPARATOR=,    ${objectids}    ${object_URL_Id}
+    
+    Comment    创建安全策略，针对所有协议，相当于BlackIP
+    ${policyDict}    Create Dictionary
+			   ...    policyName=${caseName}_IPobject
+		   	   ...    policyType=pxy_manipulation
+               ...    policyDesc=${Default_PolicyDesc}   
+           	   ...    action=manipulation
+           	   ...    effectiveRange=${Default_EffectiveRange}
+           	   ...    userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"find","replace_with":"replace"},{"search_in":"http_res_body","find":"replace","replace_with":"replacetest"}],"enforcement_ratio":0.1,"protocol":"HTTP"}
+           	   ...    referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_URL_Id}|TSG_FIELD_HTTP_URL
+           	   ...    isValid=1
+           	   ...    appObjectIdArray=${2}
+               ...    userTags=${Default_UserTags} 
+               ...    doLog=${Default_DoLog}
+               ...    scheduleId=${Default_ScheduleId}
+    #默认客户端条件类型：clientip or clientsubid    ${Default_Client_Type} 
+    #...    userRegion="'method':'replace','rules':[{'search_in':'http_req_uri','find':'find','replace_with':'replace'}],'enforcement_ratio':0.1,'protocol':'HTTP'"
+    ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
+    ${s}    Convert to String    ${policyId}
+    ${policyIds}    Create List    {"policyType":"pxy_manipulation","policyIds":[${policyId}]}   
+        #{"objectId":5668,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":7732,"protocolFields":["TSG_FIELD_HTTP_URL"]}]}    
+    #
+    ${disablePolciy}    set variable	{"opAction":"enable","policyList":[{"policyType":"pxy_manipulation","policyId":[${policyId}]}]}  
+    EditPolicy    ${disablePolciy}
+    Comment    功能端验证SSL验证
+    ${commandstr}    run keyword if    '${systemType}'=='Windows'    set variable    ${curlbatpath}/selfserver/SecurityPolicy-Deny-AllProtol-00001_SSL.bat
+    ...    ELSE    set variable    curl -kv https://open.node.com/
+   
+    ${stringlist}     run keyword if    '${systemType}'=='Windows'    Create List    Connection was reset
+    #OpenSSL SSL_connect: Connection was reset in connection to
+    #Send failure: Connection was reset
+    ...    ELSE    Create List    OpenSSL SSL_connect: Connection reset by peer in connection to
+    
+    ${starttime}    Get Time
+    Sleep    ${policyVerificationSleepSeconds}s
+    ${rescode}    SystemCommands    ${commandstr}    ${stringlist}
+    Sleep    ${policyLogVerificationSleepSeconds}s
+    ${endtime}    Get Time
+    #日志验证
+    GetLogList    security_event_log    ${starttime}    ${endtime}    ${testClentIP}    ${s}    ssl_sni	open.node.com
+    
+    #{"opAction":"add","policyList":{"policyId":"","policyName":"dxytest","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"阿斯蒂","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"replace","rules":[{"search_in":"http_req_uri","find":"find","replace_with":"replace"}],"protocol":"HTTP"},"isValid":0,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":10103,"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":8337,"protocolFields":["TSG_SECURITY_DESTINATION_ADDR"]},{"objectId":5668,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":7732,"protocolFields":["TSG_FIELD_HTTP_URL"]}]}}
--- a/02-Keyword/tsg_bfapi/PolicyObject.robot
+++ b/02-Keyword/tsg_bfapi/PolicyObject.robot
@@ -112,8 +112,9 @@ AddPolicy2
    [Return]    ${rescode}    ${policyId}
    
 EditPolicy
-    [Arguments]    @{body}
-    [Return]    ${rescode}    ${objectId}
+    [Arguments]    ${body}
+    ${response}    BaseEditRequest    /v1/policy/compile    ${body}    
+    [Return]    ${rescode}

 DeletePolicybak
    [Arguments]    ${policyids}
--- a/02-Keyword/tsg_common/ManagePolicyBody.robot
+++ b/02-Keyword/tsg_common/ManagePolicyBody.robot
@@ -65,11 +65,20 @@ PolicyParamsOpertion
    Set To Dictionary    ${policyList}    policyId=    doBlacklist=${0}
    # 分别处理EffectiveRange、UserRegion和ReferenceObject参数
    ManageEffectiveRange    ${policyList}
-    ManageUserRegion    ${policyList}    
+    #ManageUserRegion    ${policyList}    
    ManageReferenceObject    ${policyList}    
+    #先取出useragion 再放回json
+    ${return}    ${userRegion}    Run Keyword And Ignore Error    Set Variable    ${policyList}[userRegion]
+    Set To Dictionary    ${policyList}    userRegion=${Default_UserRegion} 
+    ${userRegion}    Run Keyword If    "${return}"=="FAIL" or '${userRegion}'=="${EMPTY}"    Set Variable    "" 
+    ...    ELSE   Set Variable    ${userRegion}
    # 转为json结构并返回
-    ${dict}    Create Dictionary    opAction=add    returnData=${returnData}    policyList=${policyList}    
-    ${json}    json.Dumps    ${dict}    ensure_ascii=False
+    ${dict}    Create Dictionary    opAction=add    returnData=${returnData}    policyList=${policyList}  
+    ${json}    json.Dumps    ${dict}    ensure_ascii=False   
+    ${json}    Replace String	${json}    "method:rst"    ${userRegion}  
+    #${json}     Evaluate     ${userRegion}.replace('"method"','${userRegion}') 
+    #${json}    Replace String	${json}    "'    {   
+    #${json}    Replace String	${json}    \"    "
    Log    Policy_Request_Body-${json}
    [Return]    ${json}

@@ -157,6 +166,7 @@ ManageUserRegion
    ${emptyObj}    Create Dictionary
    
    ${return}    ${userRegion}    Run Keyword And Ignore Error    Set Variable    ${policyList}[userRegion]
+    #${userRegion}	Replace String	${userRegion}	'    ${EMPTY} 
    ${userRegion}    Run Keyword If    "${return}"=="FAIL" or "${userRegion}"=="${EMPTY}"    Set Variable    ${Default_UserRegion}    
                     ...    ELSE    Set Variable    ${userRegion}        

--- a/05-Other/zjj/ZJJ_ProxyPolicy-Replace-Uri-00001.bat
+++ b/05-Other/zjj/ZJJ_ProxyPolicy-Replace-Uri-00001.bat
@@ -0,0 +1 @@
+curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=find&setCookie=set-cookie&contentType=content-type&resBody=Response Body" https://open.node.com/action | iconv -f utf-8 -t gbk
				`@@ -0,0 +1 @@`
				`curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=find&setCookie=set-cookie&contentType=content-type&resBody=Response Body" https://open.node.com/action \| iconv -f utf-8 -t gbk`