From 0dda3bfc7f40fe30fccd2cfe7245801945e78e1f Mon Sep 17 00:00:00 2001 From: dongxiaoyan Date: Wed, 22 Apr 2020 12:24:24 +0800 Subject: [PATCH] =?UTF-8?q?=E8=B0=83=E6=95=B4=EF=BC=8C=E4=BB=A5=E9=80=82?= =?UTF-8?q?=E5=BA=94useregion=E7=81=B5=E6=B4=BB=E4=BC=A0=E5=80=BC=EF=BC=8C?= =?UTF-8?q?=E6=B3=A8=E6=84=8F=EF=BC=8Cuseregion=E9=9D=9E=E7=A9=BA=E4=B8=BA?= =?UTF-8?q?json=E4=B8=B2=EF=BC=9A{"method":"rst"}=EF=BC=8C=E7=A9=BA?= =?UTF-8?q?=E4=B8=BAuserRegion=3D?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../selfserver/SelfServerDenyAllTests.robot | 2 +- 01-TestCase/zjj/ZJJ_ProxyPolicy-Replace.robot | 100 ++++++++++++++++++ 02-Keyword/tsg_bfapi/PolicyObject.robot | 5 +- 02-Keyword/tsg_common/ManagePolicyBody.robot | 16 ++- .../zjj/ZJJ_ProxyPolicy-Replace-Uri-00001.bat | 1 + 5 files changed, 118 insertions(+), 6 deletions(-) create mode 100644 01-TestCase/zjj/ZJJ_ProxyPolicy-Replace.robot create mode 100644 05-Other/zjj/ZJJ_ProxyPolicy-Replace-Uri-00001.bat diff --git a/01-TestCase/tsg_adc/selfserver/SelfServerDenyAllTests.robot b/01-TestCase/tsg_adc/selfserver/SelfServerDenyAllTests.robot index 2e673a4..823463f 100644 --- a/01-TestCase/tsg_adc/selfserver/SelfServerDenyAllTests.robot +++ b/01-TestCase/tsg_adc/selfserver/SelfServerDenyAllTests.robot @@ -50,7 +50,7 @@ SelfServerSecurityPolicy-Deny-AllProtol-00001 ... policyDesc=${Default_PolicyDesc} ... action=deny ... effectiveRange=${Default_EffectiveRange} - ... userRegion=method:rst + ... userRegion={"method":"rst"} ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR ... isValid=${Default_IsValid} ... appObjectIdArray=${Default_AppObjectIdArray} diff --git a/01-TestCase/zjj/ZJJ_ProxyPolicy-Replace.robot b/01-TestCase/zjj/ZJJ_ProxyPolicy-Replace.robot new file mode 100644 index 0000000..882a3ff --- /dev/null +++ b/01-TestCase/zjj/ZJJ_ProxyPolicy-Replace.robot @@ -0,0 +1,100 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags zjj tsg_proxy replace +Library OperatingSystem +Resource ../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../03-Variable/PolicyObjectDefault.txt +Resource ../../02-Keyword/tsg_common/StmpHandle.robot +Resource ../../03-Variable/BifangApiVariable.txt +Library Custometest +Library json + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} +${url} /policy/profile/responsepages +${profiledId} ${EMPTY} + +*** Test Cases *** +ZJJ_ProxyPolicy-Replace-Uri-00001 + [Tags] selfserver + + ${caseName} set variable ZJJ_ProxyPolicy-Replace-Uri-00001 + # 创建对象-IP + # addItemList全参数:(为方便说明,将参数值拆分为几部分,其实际值为单条无空格/回车字符串,每部分内代表的各参数不可跳跃。) + # [addrType]|[protocol]|[direction]|[isSession]# 第一部分(可省略) + # [clientIpFormat]|[clientIp1]|[clientIp2]|[clientPort1/clientPort2]& 第二部分(不可省略) + # [serverIpFormat]|[serverIp1]|[serverIp2]|[serverPort1/serverPort2]| 第三部分(可省略) + # [isInitialize]|[itemName]|[itemDesc], 第四部分(可省略) + # ... + Comment 创建目标IP + ${objectDict} Create Dictionary + ... objectType=ip + ... isValid=1 + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_IPobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=CIDR|192.168.100.5|32|0/0&${Default_AddItem_ServerIpFormat}|${Default_AddItem_ServerIp1}|${Default_AddItem_ServerIp2}|${Default_AddItem_ServerPort}|${Default_AddItem_IsInitialize}|${Default_AddItem_ItemName}|${Default_AddItem_ItemDesc} + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + + #创建url + ${objectDict} Create Dictionary + ... objectType=url + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_URLobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=open.node.com/action + ${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id} + + Comment 创建安全策略,针对所有协议,相当于BlackIP + ${policyDict} Create Dictionary + ... policyName=${caseName}_IPobject + ... policyType=pxy_manipulation + ... policyDesc=${Default_PolicyDesc} + ... action=manipulation + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"find","replace_with":"replace"},{"search_in":"http_res_body","find":"replace","replace_with":"replacetest"}],"enforcement_ratio":0.1,"protocol":"HTTP"} + ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_URL_Id}|TSG_FIELD_HTTP_URL + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + #默认客户端条件类型:clientip or clientsubid ${Default_Client_Type} + #... userRegion="'method':'replace','rules':[{'search_in':'http_req_uri','find':'find','replace_with':'replace'}],'enforcement_ratio':0.1,'protocol':'HTTP'" + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${s} Convert to String ${policyId} + ${policyIds} Create List {"policyType":"pxy_manipulation","policyIds":[${policyId}]} + #{"objectId":5668,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":7732,"protocolFields":["TSG_FIELD_HTTP_URL"]}]} + # + ${disablePolciy} set variable {"opAction":"enable","policyList":[{"policyType":"pxy_manipulation","policyId":[${policyId}]}]} + EditPolicy ${disablePolciy} + Comment 功能端验证SSL验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Deny-AllProtol-00001_SSL.bat + ... ELSE set variable curl -kv https://open.node.com/ + + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + #OpenSSL SSL_connect: Connection was reset in connection to + #Send failure: Connection was reset + ... ELSE Create List OpenSSL SSL_connect: Connection reset by peer in connection to + + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni open.node.com + + #{"opAction":"add","policyList":{"policyId":"","policyName":"dxytest","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"阿斯蒂","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"replace","rules":[{"search_in":"http_req_uri","find":"find","replace_with":"replace"}],"protocol":"HTTP"},"isValid":0,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":10103,"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":8337,"protocolFields":["TSG_SECURITY_DESTINATION_ADDR"]},{"objectId":5668,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":7732,"protocolFields":["TSG_FIELD_HTTP_URL"]}]}} \ No newline at end of file diff --git a/02-Keyword/tsg_bfapi/PolicyObject.robot b/02-Keyword/tsg_bfapi/PolicyObject.robot index f3c47b0..1f9f4da 100644 --- a/02-Keyword/tsg_bfapi/PolicyObject.robot +++ b/02-Keyword/tsg_bfapi/PolicyObject.robot @@ -112,8 +112,9 @@ AddPolicy2 [Return] ${rescode} ${policyId} EditPolicy - [Arguments] @{body} - [Return] ${rescode} ${objectId} + [Arguments] ${body} + ${response} BaseEditRequest /v1/policy/compile ${body} + [Return] ${rescode} DeletePolicybak [Arguments] ${policyids} diff --git a/02-Keyword/tsg_common/ManagePolicyBody.robot b/02-Keyword/tsg_common/ManagePolicyBody.robot index 24a53c9..3d6db02 100644 --- a/02-Keyword/tsg_common/ManagePolicyBody.robot +++ b/02-Keyword/tsg_common/ManagePolicyBody.robot @@ -65,11 +65,20 @@ PolicyParamsOpertion Set To Dictionary ${policyList} policyId= doBlacklist=${0} # 分别处理EffectiveRange、UserRegion和ReferenceObject参数 ManageEffectiveRange ${policyList} - ManageUserRegion ${policyList} + #ManageUserRegion ${policyList} ManageReferenceObject ${policyList} + #先取出useragion 再放回json + ${return} ${userRegion} Run Keyword And Ignore Error Set Variable ${policyList}[userRegion] + Set To Dictionary ${policyList} userRegion=${Default_UserRegion} + ${userRegion} Run Keyword If "${return}"=="FAIL" or '${userRegion}'=="${EMPTY}" Set Variable "" + ... ELSE Set Variable ${userRegion} # 转为json结构并返回 - ${dict} Create Dictionary opAction=add returnData=${returnData} policyList=${policyList} - ${json} json.Dumps ${dict} ensure_ascii=False + ${dict} Create Dictionary opAction=add returnData=${returnData} policyList=${policyList} + ${json} json.Dumps ${dict} ensure_ascii=False + ${json} Replace String ${json} "method:rst" ${userRegion} + #${json} Evaluate ${userRegion}.replace('"method"','${userRegion}') + #${json} Replace String ${json} "' { + #${json} Replace String ${json} \" " Log Policy_Request_Body-${json} [Return] ${json} @@ -157,6 +166,7 @@ ManageUserRegion ${emptyObj} Create Dictionary ${return} ${userRegion} Run Keyword And Ignore Error Set Variable ${policyList}[userRegion] + #${userRegion} Replace String ${userRegion} ' ${EMPTY} ${userRegion} Run Keyword If "${return}"=="FAIL" or "${userRegion}"=="${EMPTY}" Set Variable ${Default_UserRegion} ... ELSE Set Variable ${userRegion} diff --git a/05-Other/zjj/ZJJ_ProxyPolicy-Replace-Uri-00001.bat b/05-Other/zjj/ZJJ_ProxyPolicy-Replace-Uri-00001.bat new file mode 100644 index 0000000..7746c2c --- /dev/null +++ b/05-Other/zjj/ZJJ_ProxyPolicy-Replace-Uri-00001.bat @@ -0,0 +1 @@ +curl -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=find&setCookie=set-cookie&contentType=content-type&resBody=Response Body" https://open.node.com/action | iconv -f utf-8 -t gbk \ No newline at end of file