修改接口的地址前缀全部使用配置文件版本
This commit is contained in:
dongxiaoyan
@@ -17,7 +17,7 @@ ${policyIds} ${EMPTY}
|
||||
${objectids} ${EMPTY}
|
||||
${url} /policy/profile/responsepages
|
||||
${profiledId} ${EMPTY}
|
||||
${target_ip} 10.3.22.199
|
||||
${target_ip} 10.3.22.129
|
||||
# 无DHCP,需要手动设置IP,可用地址段: 10.3.22.[129-254], 掩码: 255.255.255.0, DNS服务器: 10.3.22.11。
|
||||
*** Test Cases ***
|
||||
ZDFY_ActiveDefencePolicy-Flood-00001
|
||||
@@ -25,7 +25,7 @@ ZDFY_ActiveDefencePolicy-Flood-00001
|
||||
|
||||
${caseName} set variable ZDFY_ActiveDefencePolicy-Flood-00001
|
||||
Comment claimed_src_ip_profile_id
|
||||
${response} BasePostRequest /v1/policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":"autotest"}]}
|
||||
${response} BasePostRequest /policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":"autotest"}]}
|
||||
${claimed_src_ip_profile_id} Set Variable ${response['data']['list'][0]['profileId']}
|
||||
|
||||
Comment 创建带主动策略Flood
|
||||
@@ -46,15 +46,55 @@ ZDFY_ActiveDefencePolicy-Flood-00001
|
||||
${s} Convert to String ${policyId}
|
||||
${policyIds} Create List {"policyType":"active_defence","policyIds":[${policyId}]}
|
||||
|
||||
|
||||
ZDFY_ActiveDefencePolicy-Flood-00002
|
||||
[Tags] flood TwoPolicyOneprofile
|
||||
|
||||
${caseName} set variable ZDFY_ActiveDefencePolicy-Flood-00002
|
||||
Comment claimed_src_ip_profile_id
|
||||
${response} BasePostRequest /policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":"autotest"}]}
|
||||
${claimed_src_ip_profile_id} Set Variable ${response['data']['list'][0]['profileId']}
|
||||
|
||||
Comment 创建带主动策略Flood
|
||||
${policyDict} Create Dictionary
|
||||
... policyName=${caseName}
|
||||
... policyType=active_defence
|
||||
... policyDesc=${caseName}
|
||||
... action=activeDefence
|
||||
... effectiveRange=${Default_EffectiveRange}
|
||||
... userRegion={"method":"flood","l4_protocol":"TCP","target_ip":"${target_ip}","target_port":1234,"rate_pps":1,"claimed_src_ip_profile_id":${claimed_src_ip_profile_id}}
|
||||
... referenceObject=
|
||||
... isValid=1
|
||||
... appObjectIdArray=${2}
|
||||
... userTags=${Default_UserTags}
|
||||
... doLog=${Default_DoLog}
|
||||
... scheduleId=${Default_ScheduleId}
|
||||
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
||||
Comment 创建带主动策略Flood
|
||||
${policyDict2} Create Dictionary
|
||||
... policyName=${caseName}
|
||||
... policyType=active_defence
|
||||
... policyDesc=${caseName}
|
||||
... action=activeDefence
|
||||
... effectiveRange=${Default_EffectiveRange}
|
||||
... userRegion={"method":"flood","l4_protocol":"TCP","target_ip":"${target_ip}","target_port":1234,"rate_pps":1,"claimed_src_ip_profile_id":${claimed_src_ip_profile_id}}
|
||||
... referenceObject=
|
||||
... isValid=1
|
||||
... appObjectIdArray=${2}
|
||||
... userTags=${Default_UserTags}
|
||||
... doLog=${Default_DoLog}
|
||||
... scheduleId=${Default_ScheduleId}
|
||||
${rescode} ${policyId2} AddPolicy2 ${1} ${policyDict2}
|
||||
${policyIds} Create List {"policyType":"active_defence","policyIds":[${policyId},${policyId2} ]}
|
||||
|
||||
|
||||
ZDFY_ActiveDefencePolicy-Reflection-00001
|
||||
[Tags] reflection
|
||||
${caseName} set variable ZDFY_ActiveDefencePolicy-Reflection-00001
|
||||
Comment claimed_src_ip_profile_id
|
||||
${response} BasePostRequest /v1/policy/profile/reflector body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.11"],"isValid":1,"profileDesc":"autotest"}]}
|
||||
${response} BasePostRequest /policy/profile/reflector body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.11"],"reflectorType":"dns","isValid":1,"profileDesc":"autotest"}]}
|
||||
${reflector_profile_id} Set Variable ${response['data']['list'][0]['profileId']}
|
||||
${response} BasePostRequest /v1/policy/profile/reflector/payload body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","reflectorType":"dns","payload":"zasBAAABAAAAAAAABHRlc3QDY29tAAD/AAE=","isValid":1,"profileDesc":""}]}
|
||||
#${response} BasePostRequest /v1/policy/profile/reflector/payload body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","reflectorPayload":"dns","payload":"zasBAAABAAAAAAAABHRlc3QDY29tAAD/AAE=","isValid":1,"profileDesc":""}]}
|
||||
${response} BasePostRequest /policy/profile/reflector/payload body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","reflectorType":"dns","payload":"zasBAAABAAAAAAAABHRlc3QDY29tAAD/AAE=","isValid":1,"profileDesc":""}]}
|
||||
#${response} BasePostRequest /policy/profile/reflector/payload body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","reflectorPayload":"dns","payload":"zasBAAABAAAAAAAABHRlc3QDY29tAAD/AAE=","isValid":1,"profileDesc":""}]}
|
||||
${payload_profile_id} Set Variable ${response['data']['list'][0]['profileId']}
|
||||
Comment 创建策略reflection
|
||||
${policyDict} Create Dictionary
|
||||
@@ -77,7 +117,7 @@ ZDFY_ActiveDefencePolicy-CC-00001
|
||||
[Tags] CC
|
||||
${caseName} set variable ZDFY_ActiveDefencePolicy-CC-00001
|
||||
Comment claimed_src_ip_profile_id
|
||||
${response} BasePostRequest /v1/policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":""}]}
|
||||
${response} BasePostRequest /policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":""}]}
|
||||
${claimed_src_ip_profile_id} Set Variable ${response['data']['list'][0]['profileId']}
|
||||
Comment 创建带主动策略CC
|
||||
${policyDict} Create Dictionary
|
||||
@@ -102,7 +142,7 @@ ZDFY_ActiveDefencePolicy-CC-00002
|
||||
[Tags] CC
|
||||
${caseName} set variable ZDFY_ActiveDefencePolicy-CC-00002
|
||||
Comment claimed_src_ip_profile_id
|
||||
${response} BasePostRequest /v1/policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":"autotest"}]}
|
||||
${response} BasePostRequest /policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":"autotest"}]}
|
||||
${claimed_src_ip_profile_id} Set Variable ${response['data']['list'][0]['profileId']}
|
||||
Comment 创建带主动策略CC
|
||||
${policyDict} Create Dictionary
|
||||
|
||||
@@ -90,6 +90,123 @@ ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00001
|
||||
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]}
|
||||
|
||||
|
||||
Comment 创建带有比例的替换策略
|
||||
${policyDict} Create Dictionary
|
||||
... policyName=${caseName}
|
||||
... policyType=pxy_manipulation
|
||||
... policyDesc=${Default_PolicyDesc}
|
||||
... action=manipulation
|
||||
... effectiveRange=${Default_EffectiveRange}
|
||||
... userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"find","replace_with":"replace"},{"search_in":"http_res_body","find":"replace","replace_with":"replacetest"}],"enforcement_ratio":0.0001,"protocol":"HTTP"}
|
||||
... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_URL_Id}|TSG_FIELD_HTTP_URL
|
||||
... isValid=1
|
||||
... appObjectIdArray=${2}
|
||||
... userTags=${Default_UserTags}
|
||||
... doLog=${Default_DoLog}
|
||||
... scheduleId=${Default_ScheduleId}
|
||||
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
||||
${s} Convert to String ${policyId}
|
||||
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} {"policyType":"pxy_manipulation","policyIds":[${policyId}]}
|
||||
#{"objectId":5668,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":7732,"protocolFields":["TSG_FIELD_HTTP_URL"]}]}
|
||||
#
|
||||
#${disablePolciy} set variable {"opAction":"enable","policyList":[{"policyType":"pxy_manipulation","policyId":[${policyId}]}]}
|
||||
#EditPolicy ${disablePolciy}
|
||||
Comment 功能端验证SSL验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${path}/zjj/ZJJ_ProxyPolicy-Replace-00001.bat
|
||||
... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=find&setCookie=set-cookie&contentType=text/html;charset=UTF-8&resBody=Response Body" https://open.node.com/action
|
||||
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List Tango Secure Gateway CA
|
||||
#OpenSSL SSL_connect: Connection was reset in connection toX-TG-Construct-By: tfe
|
||||
#Send failure: Connection was reset Tango Secure Gateway CA
|
||||
... ELSE Create List Tango Secure Gateway CA
|
||||
|
||||
${starttime} Get Time
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
:FOR ${n} IN RANGE 1000
|
||||
SystemCommands ${commandstr} ${stringlist}
|
||||
END
|
||||
log endfor
|
||||
Sleep ${policyLogVerificationSleepSeconds}s
|
||||
${endtime} Get Time
|
||||
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni open.node.com
|
||||
log 22${logsize}
|
||||
${logsize} Convert to String ${logsize}
|
||||
Append To File ${path}/enforcement_ratio.txt ${starttime}
|
||||
Append To File ${path}/enforcement_ratio.txt ${logsize}
|
||||
Append To File ${path}/enforcement_ratio.txt ${s}
|
||||
Append To File ${path}/enforcement_ratio.txt ${endtime}
|
||||
ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00002
|
||||
[Tags] selfserver SIP+DIP+URL
|
||||
${caseName} set variable ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00002
|
||||
Comment 创建目标IP
|
||||
${objectDict} Create Dictionary
|
||||
... objectType=ip
|
||||
... isValid=1
|
||||
... objectSubType=${Default_ObjectSubType}
|
||||
... isInitialize=${Default_IsInitialize}
|
||||
... isExclusion=${Default_IsExclusion}
|
||||
... objectName=${caseName}_IPobject
|
||||
... objectDesc=${Default_ObjectDesc}
|
||||
... subObjectIds=${Default_SubObjectIds}
|
||||
... addItemList=CIDR|192.168.100.5|32|0/0&${Default_AddItem_ServerIpFormat}|${Default_AddItem_ServerIp1}|${Default_AddItem_ServerIp2}|${Default_AddItem_ServerPort}|${Default_AddItem_IsInitialize}|${Default_AddItem_ItemName}|${Default_AddItem_ItemDesc}
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
|
||||
#创建url
|
||||
${objectDict} Create Dictionary
|
||||
... objectType=url
|
||||
... isValid=${1}
|
||||
... objectSubType=${Default_ObjectSubType}
|
||||
... isInitialize=${Default_IsInitialize}
|
||||
... isExclusion=${Default_IsExclusion}
|
||||
... objectName=${caseName}_URLobject
|
||||
... objectDesc=${Default_ObjectDesc}
|
||||
... subObjectIds=${Default_SubObjectIds}
|
||||
... addItemList=open.node.com/action
|
||||
${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id}
|
||||
|
||||
#创建url
|
||||
${objectDict} Create Dictionary
|
||||
... objectType=fqdn
|
||||
... isValid=${1}
|
||||
... objectSubType=${Default_ObjectSubType}
|
||||
... isInitialize=${Default_IsInitialize}
|
||||
... isExclusion=${Default_IsExclusion}
|
||||
... objectName=${caseName}_fqdnobject
|
||||
... objectDesc=${Default_ObjectDesc}
|
||||
... subObjectIds=${Default_SubObjectIds}
|
||||
... addItemList=$open.node.com
|
||||
${rescode} ${object_FQDN_Id} AddObject2 ${1} ${objectDict}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${object_FQDN_Id}
|
||||
|
||||
#${dynamic_bypass} set variable "dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1}
|
||||
#${protocol_version} set variable "protocol_version":{"min":"","max":"","mirror_client":1,"allow_http2":1}
|
||||
#${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"}
|
||||
#${requestbody} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]}
|
||||
#${data} Create List ${requestbody}
|
||||
#${response} CreatePolicyFileNoFile ${url} ${data}
|
||||
#${mirror_profile} Get From Dictionary ${response} profileId
|
||||
Comment 创建拦截策略
|
||||
${policyDict} Create Dictionary
|
||||
... policyName=${caseName}
|
||||
... policyType=tsg_security
|
||||
... policyDesc=${caseName}
|
||||
... action=intercept
|
||||
... effectiveRange=${Default_EffectiveRange}
|
||||
... userRegion={"protocol":"SSL","protocol_version":{"allow_http2":1,"min":"ssl3","max":"tls13","mirror_client":1},"dynamic_bypass":{"mutual_authentication":1,"cert_pinning":1,"cert_transparency":0,"protocol_errors":1,"ev_cert":0},"decrypt_mirror":{"enable":0},"certificate_checks":{"fail_action":"pass-through","approach":{"self-signed":1,"expiration":1,"cn":1,"issuer":1}},"keyring":1}
|
||||
#... userRegion={"protocol":"SSL","keyring":123,"decryption",1,"decrypt_mirror":{"enable":1,"mirror_profile":${mirror_profile}}
|
||||
... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_FQDN_Id}|TSG_FIELD_SSL_SNI
|
||||
... isValid=1
|
||||
... appObjectIdArray=${3}
|
||||
... userTags=${Default_UserTags}
|
||||
... doLog=${Default_DoLog}
|
||||
... scheduleId=${Default_ScheduleId}
|
||||
|
||||
${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict}
|
||||
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]}
|
||||
|
||||
|
||||
Comment 创建带有比例的替换策略
|
||||
${policyDict} Create Dictionary
|
||||
... policyName=${caseName}
|
||||
@@ -115,10 +232,10 @@ ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00001
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${path}/zjj/ZJJ_ProxyPolicy-Replace-00001.bat
|
||||
... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=find&setCookie=set-cookie&contentType=text/html;charset=UTF-8&resBody=Response Body" https://open.node.com/action
|
||||
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List schannel
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List Tango Secure Gateway CA
|
||||
#OpenSSL SSL_connect: Connection was reset in connection toX-TG-Construct-By: tfe
|
||||
#Send failure: Connection was reset Tango Secure Gateway CA
|
||||
... ELSE Create List schannel
|
||||
... ELSE Create List Tango Secure Gateway CA
|
||||
|
||||
${starttime} Get Time
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
@@ -130,14 +247,365 @@ ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00001
|
||||
${endtime} Get Time
|
||||
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni open.node.com
|
||||
log 22${logsize}
|
||||
TestLogSize
|
||||
${logsize} Convert to String ${logsize}
|
||||
Append To File ${path}/enforcement_ratio.txt ${starttime}
|
||||
Append To File ${path}/enforcement_ratio.txt ${logsize}
|
||||
Append To File ${path}/enforcement_ratio.txt ${s}
|
||||
Append To File ${path}/enforcement_ratio.txt ${endtime}
|
||||
ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00003
|
||||
[Tags] selfserver SIP+DIP+URL
|
||||
${caseName} set variable ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00003
|
||||
Comment 创建目标IP
|
||||
${objectDict} Create Dictionary
|
||||
... objectType=ip
|
||||
... isValid=1
|
||||
... objectSubType=${Default_ObjectSubType}
|
||||
... isInitialize=${Default_IsInitialize}
|
||||
... isExclusion=${Default_IsExclusion}
|
||||
... objectName=${caseName}_IPobject
|
||||
... objectDesc=${Default_ObjectDesc}
|
||||
... subObjectIds=${Default_SubObjectIds}
|
||||
... addItemList=CIDR|192.168.100.5|32|0/0&${Default_AddItem_ServerIpFormat}|${Default_AddItem_ServerIp1}|${Default_AddItem_ServerIp2}|${Default_AddItem_ServerPort}|${Default_AddItem_IsInitialize}|${Default_AddItem_ItemName}|${Default_AddItem_ItemDesc}
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
|
||||
#创建url
|
||||
${objectDict} Create Dictionary
|
||||
... objectType=url
|
||||
... isValid=${1}
|
||||
... objectSubType=${Default_ObjectSubType}
|
||||
... isInitialize=${Default_IsInitialize}
|
||||
... isExclusion=${Default_IsExclusion}
|
||||
... objectName=${caseName}_URLobject
|
||||
... objectDesc=${Default_ObjectDesc}
|
||||
... subObjectIds=${Default_SubObjectIds}
|
||||
... addItemList=open.node.com/action
|
||||
${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id}
|
||||
|
||||
#创建url
|
||||
${objectDict} Create Dictionary
|
||||
... objectType=fqdn
|
||||
... isValid=${1}
|
||||
... objectSubType=${Default_ObjectSubType}
|
||||
... isInitialize=${Default_IsInitialize}
|
||||
... isExclusion=${Default_IsExclusion}
|
||||
... objectName=${caseName}_fqdnobject
|
||||
... objectDesc=${Default_ObjectDesc}
|
||||
... subObjectIds=${Default_SubObjectIds}
|
||||
... addItemList=$open.node.com
|
||||
${rescode} ${object_FQDN_Id} AddObject2 ${1} ${objectDict}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${object_FQDN_Id}
|
||||
|
||||
#${dynamic_bypass} set variable "dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1}
|
||||
#${protocol_version} set variable "protocol_version":{"min":"","max":"","mirror_client":1,"allow_http2":1}
|
||||
#${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"}
|
||||
#${requestbody} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]}
|
||||
#${data} Create List ${requestbody}
|
||||
#${response} CreatePolicyFileNoFile ${url} ${data}
|
||||
#${mirror_profile} Get From Dictionary ${response} profileId
|
||||
Comment 创建拦截策略
|
||||
${policyDict} Create Dictionary
|
||||
... policyName=${caseName}
|
||||
... policyType=tsg_security
|
||||
... policyDesc=${caseName}
|
||||
... action=intercept
|
||||
... effectiveRange=${Default_EffectiveRange}
|
||||
... userRegion={"protocol":"SSL","protocol_version":{"allow_http2":1,"min":"ssl3","max":"tls13","mirror_client":1},"dynamic_bypass":{"mutual_authentication":1,"cert_pinning":1,"cert_transparency":0,"protocol_errors":1,"ev_cert":0},"decrypt_mirror":{"enable":0},"certificate_checks":{"fail_action":"pass-through","approach":{"self-signed":1,"expiration":1,"cn":1,"issuer":1}},"keyring":1}
|
||||
#... userRegion={"protocol":"SSL","keyring":123,"decryption",1,"decrypt_mirror":{"enable":1,"mirror_profile":${mirror_profile}}
|
||||
... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_FQDN_Id}|TSG_FIELD_SSL_SNI
|
||||
... isValid=1
|
||||
... appObjectIdArray=${3}
|
||||
... userTags=${Default_UserTags}
|
||||
... doLog=${Default_DoLog}
|
||||
... scheduleId=${Default_ScheduleId}
|
||||
|
||||
${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict}
|
||||
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]}
|
||||
|
||||
|
||||
Comment 创建带有比例的替换策略
|
||||
${policyDict} Create Dictionary
|
||||
... policyName=${caseName}
|
||||
... policyType=pxy_manipulation
|
||||
... policyDesc=${Default_PolicyDesc}
|
||||
... action=manipulation
|
||||
... effectiveRange=${Default_EffectiveRange}
|
||||
... userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"find","replace_with":"replace"},{"search_in":"http_res_body","find":"replace","replace_with":"replacetest"}],"enforcement_ratio":0.9,"protocol":"HTTP"}
|
||||
... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_URL_Id}|TSG_FIELD_HTTP_URL
|
||||
... isValid=1
|
||||
... appObjectIdArray=${2}
|
||||
... userTags=${Default_UserTags}
|
||||
... doLog=${Default_DoLog}
|
||||
... scheduleId=${Default_ScheduleId}
|
||||
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
||||
${s} Convert to String ${policyId}
|
||||
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} {"policyType":"pxy_manipulation","policyIds":[${policyId}]}
|
||||
#{"objectId":5668,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":7732,"protocolFields":["TSG_FIELD_HTTP_URL"]}]}
|
||||
#
|
||||
#${disablePolciy} set variable {"opAction":"enable","policyList":[{"policyType":"pxy_manipulation","policyId":[${policyId}]}]}
|
||||
#EditPolicy ${disablePolciy}
|
||||
Comment 功能端验证SSL验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${path}/zjj/ZJJ_ProxyPolicy-Replace-00001.bat
|
||||
... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=find&setCookie=set-cookie&contentType=text/html;charset=UTF-8&resBody=Response Body" https://open.node.com/action
|
||||
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List Tango Secure Gateway CA
|
||||
#OpenSSL SSL_connect: Connection was reset in connection toX-TG-Construct-By: tfe
|
||||
#Send failure: Connection was reset Tango Secure Gateway CA
|
||||
... ELSE Create List Tango Secure Gateway CA
|
||||
|
||||
${starttime} Get Time
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
:FOR ${n} IN RANGE 1000
|
||||
SystemCommands ${commandstr} ${stringlist}
|
||||
END
|
||||
log endfor
|
||||
Sleep ${policyLogVerificationSleepSeconds}s
|
||||
${endtime} Get Time
|
||||
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni open.node.com
|
||||
log 22${logsize}
|
||||
${logsize} Convert to String ${logsize}
|
||||
Append To File ${path}/enforcement_ratio.txt ${starttime}
|
||||
Append To File ${path}/enforcement_ratio.txt ${logsize}
|
||||
Append To File ${path}/enforcement_ratio.txt ${s}
|
||||
Append To File ${path}/enforcement_ratio.txt ${endtime}
|
||||
ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00004
|
||||
[Tags] selfserver SIP+DIP+URL
|
||||
${caseName} set variable ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00004
|
||||
Comment 创建目标IP
|
||||
${objectDict} Create Dictionary
|
||||
... objectType=ip
|
||||
... isValid=1
|
||||
... objectSubType=${Default_ObjectSubType}
|
||||
... isInitialize=${Default_IsInitialize}
|
||||
... isExclusion=${Default_IsExclusion}
|
||||
... objectName=${caseName}_IPobject
|
||||
... objectDesc=${Default_ObjectDesc}
|
||||
... subObjectIds=${Default_SubObjectIds}
|
||||
... addItemList=CIDR|192.168.100.5|32|0/0&${Default_AddItem_ServerIpFormat}|${Default_AddItem_ServerIp1}|${Default_AddItem_ServerIp2}|${Default_AddItem_ServerPort}|${Default_AddItem_IsInitialize}|${Default_AddItem_ItemName}|${Default_AddItem_ItemDesc}
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
|
||||
#创建url
|
||||
${objectDict} Create Dictionary
|
||||
... objectType=url
|
||||
... isValid=${1}
|
||||
... objectSubType=${Default_ObjectSubType}
|
||||
... isInitialize=${Default_IsInitialize}
|
||||
... isExclusion=${Default_IsExclusion}
|
||||
... objectName=${caseName}_URLobject
|
||||
... objectDesc=${Default_ObjectDesc}
|
||||
... subObjectIds=${Default_SubObjectIds}
|
||||
... addItemList=open.node.com/action
|
||||
${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id}
|
||||
|
||||
#创建url
|
||||
${objectDict} Create Dictionary
|
||||
... objectType=fqdn
|
||||
... isValid=${1}
|
||||
... objectSubType=${Default_ObjectSubType}
|
||||
... isInitialize=${Default_IsInitialize}
|
||||
... isExclusion=${Default_IsExclusion}
|
||||
... objectName=${caseName}_fqdnobject
|
||||
... objectDesc=${Default_ObjectDesc}
|
||||
... subObjectIds=${Default_SubObjectIds}
|
||||
... addItemList=$open.node.com
|
||||
${rescode} ${object_FQDN_Id} AddObject2 ${1} ${objectDict}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${object_FQDN_Id}
|
||||
|
||||
#${dynamic_bypass} set variable "dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1}
|
||||
#${protocol_version} set variable "protocol_version":{"min":"","max":"","mirror_client":1,"allow_http2":1}
|
||||
#${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"}
|
||||
#${requestbody} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]}
|
||||
#${data} Create List ${requestbody}
|
||||
#${response} CreatePolicyFileNoFile ${url} ${data}
|
||||
#${mirror_profile} Get From Dictionary ${response} profileId
|
||||
Comment 创建拦截策略
|
||||
${policyDict} Create Dictionary
|
||||
... policyName=${caseName}
|
||||
... policyType=tsg_security
|
||||
... policyDesc=${caseName}
|
||||
... action=intercept
|
||||
... effectiveRange=${Default_EffectiveRange}
|
||||
... userRegion={"protocol":"SSL","protocol_version":{"allow_http2":1,"min":"ssl3","max":"tls13","mirror_client":1},"dynamic_bypass":{"mutual_authentication":1,"cert_pinning":1,"cert_transparency":0,"protocol_errors":0,"ev_cert":0},"decrypt_mirror":{"enable":0},"certificate_checks":{"fail_action":"pass-through","approach":{"self-signed":1,"expiration":1,"cn":1,"issuer":1}},"keyring":1}
|
||||
#... userRegion={"protocol":"SSL","keyring":123,"decryption",1,"decrypt_mirror":{"enable":1,"mirror_profile":${mirror_profile}}
|
||||
... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_FQDN_Id}|TSG_FIELD_SSL_SNI
|
||||
... isValid=1
|
||||
... appObjectIdArray=${3}
|
||||
... userTags=${Default_UserTags}
|
||||
... doLog=${Default_DoLog}
|
||||
... scheduleId=${Default_ScheduleId}
|
||||
|
||||
${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict}
|
||||
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]}
|
||||
|
||||
|
||||
Comment 创建带有比例的替换策略
|
||||
${policyDict} Create Dictionary
|
||||
... policyName=${caseName}
|
||||
... policyType=pxy_manipulation
|
||||
... policyDesc=${Default_PolicyDesc}
|
||||
... action=manipulation
|
||||
... effectiveRange=${Default_EffectiveRange}
|
||||
... userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"find","replace_with":"replace"},{"search_in":"http_res_body","find":"replace","replace_with":"replacetest"}],"enforcement_ratio":0.9999,"protocol":"HTTP"}
|
||||
... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_URL_Id}|TSG_FIELD_HTTP_URL
|
||||
... isValid=1
|
||||
... appObjectIdArray=${2}
|
||||
... userTags=${Default_UserTags}
|
||||
... doLog=${Default_DoLog}
|
||||
... scheduleId=${Default_ScheduleId}
|
||||
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
||||
${s} Convert to String ${policyId}
|
||||
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} {"policyType":"pxy_manipulation","policyIds":[${policyId}]}
|
||||
#{"objectId":5668,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":7732,"protocolFields":["TSG_FIELD_HTTP_URL"]}]}
|
||||
#
|
||||
#${disablePolciy} set variable {"opAction":"enable","policyList":[{"policyType":"pxy_manipulation","policyId":[${policyId}]}]}
|
||||
#EditPolicy ${disablePolciy}
|
||||
Comment 功能端验证SSL验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${path}/zjj/ZJJ_ProxyPolicy-Replace-00001.bat
|
||||
... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=find&setCookie=set-cookie&contentType=text/html;charset=UTF-8&resBody=Response Body" https://open.node.com/action
|
||||
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List Tango Secure Gateway CA
|
||||
#OpenSSL SSL_connect: Connection was reset in connection toX-TG-Construct-By: tfe
|
||||
#Send failure: Connection was reset Tango Secure Gateway CA
|
||||
... ELSE Create List Tango Secure Gateway CA
|
||||
|
||||
${starttime} Get Time
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
:FOR ${n} IN RANGE 1000
|
||||
SystemCommands ${commandstr} ${stringlist}
|
||||
END
|
||||
log endfor
|
||||
Sleep ${policyLogVerificationSleepSeconds}s
|
||||
${endtime} Get Time
|
||||
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni open.node.com
|
||||
log 22${logsize}
|
||||
ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00005
|
||||
[Tags] selfserver SIP+DIP+URL
|
||||
${caseName} set variable ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00005
|
||||
Comment 创建目标IP
|
||||
${objectDict} Create Dictionary
|
||||
... objectType=ip
|
||||
... isValid=1
|
||||
... objectSubType=${Default_ObjectSubType}
|
||||
... isInitialize=${Default_IsInitialize}
|
||||
... isExclusion=${Default_IsExclusion}
|
||||
... objectName=${caseName}_IPobject
|
||||
... objectDesc=${Default_ObjectDesc}
|
||||
... subObjectIds=${Default_SubObjectIds}
|
||||
... addItemList=CIDR|192.168.100.5|32|0/0&${Default_AddItem_ServerIpFormat}|${Default_AddItem_ServerIp1}|${Default_AddItem_ServerIp2}|${Default_AddItem_ServerPort}|${Default_AddItem_IsInitialize}|${Default_AddItem_ItemName}|${Default_AddItem_ItemDesc}
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
${objectids} set Variable ${objectId}
|
||||
|
||||
#创建url
|
||||
${objectDict} Create Dictionary
|
||||
... objectType=url
|
||||
... isValid=${1}
|
||||
... objectSubType=${Default_ObjectSubType}
|
||||
... isInitialize=${Default_IsInitialize}
|
||||
... isExclusion=${Default_IsExclusion}
|
||||
... objectName=${caseName}_URLobject
|
||||
... objectDesc=${Default_ObjectDesc}
|
||||
... subObjectIds=${Default_SubObjectIds}
|
||||
... addItemList=open.node.com/action
|
||||
${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id}
|
||||
|
||||
#创建url
|
||||
${objectDict} Create Dictionary
|
||||
... objectType=fqdn
|
||||
... isValid=${1}
|
||||
... objectSubType=${Default_ObjectSubType}
|
||||
... isInitialize=${Default_IsInitialize}
|
||||
... isExclusion=${Default_IsExclusion}
|
||||
... objectName=${caseName}_fqdnobject
|
||||
... objectDesc=${Default_ObjectDesc}
|
||||
... subObjectIds=${Default_SubObjectIds}
|
||||
... addItemList=$open.node.com
|
||||
${rescode} ${object_FQDN_Id} AddObject2 ${1} ${objectDict}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${object_FQDN_Id}
|
||||
|
||||
#${dynamic_bypass} set variable "dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1}
|
||||
#${protocol_version} set variable "protocol_version":{"min":"","max":"","mirror_client":1,"allow_http2":1}
|
||||
#${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"}
|
||||
#${requestbody} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]}
|
||||
#${data} Create List ${requestbody}
|
||||
#${response} CreatePolicyFileNoFile ${url} ${data}
|
||||
#${mirror_profile} Get From Dictionary ${response} profileId
|
||||
Comment 创建拦截策略
|
||||
${policyDict} Create Dictionary
|
||||
... policyName=${caseName}
|
||||
... policyType=tsg_security
|
||||
... policyDesc=${caseName}
|
||||
... action=intercept
|
||||
... effectiveRange=${Default_EffectiveRange}
|
||||
... userRegion={"protocol":"SSL","protocol_version":{"allow_http2":1,"min":"ssl3","max":"tls13","mirror_client":1},"dynamic_bypass":{"mutual_authentication":1,"cert_pinning":1,"cert_transparency":0,"protocol_errors":0.5,"ev_cert":0},"decrypt_mirror":{"enable":0},"certificate_checks":{"fail_action":"pass-through","approach":{"self-signed":1,"expiration":1,"cn":1,"issuer":1}},"keyring":1}
|
||||
#... userRegion={"protocol":"SSL","keyring":123,"decryption",1,"decrypt_mirror":{"enable":1,"mirror_profile":${mirror_profile}}
|
||||
... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_FQDN_Id}|TSG_FIELD_SSL_SNI
|
||||
... isValid=1
|
||||
... appObjectIdArray=${3}
|
||||
... userTags=${Default_UserTags}
|
||||
... doLog=${Default_DoLog}
|
||||
... scheduleId=${Default_ScheduleId}
|
||||
|
||||
${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict}
|
||||
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]}
|
||||
|
||||
|
||||
Comment 创建带有比例的替换策略
|
||||
${policyDict} Create Dictionary
|
||||
... policyName=${caseName}
|
||||
... policyType=pxy_manipulation
|
||||
... policyDesc=${Default_PolicyDesc}
|
||||
... action=manipulation
|
||||
... effectiveRange=${Default_EffectiveRange}
|
||||
... userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"find","replace_with":"replace"},{"search_in":"http_res_body","find":"replace","replace_with":"replacetest"}],"enforcement_ratio":0.9,"protocol":"HTTP"}
|
||||
... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_URL_Id}|TSG_FIELD_HTTP_URL
|
||||
... isValid=1
|
||||
... appObjectIdArray=${2}
|
||||
... userTags=${Default_UserTags}
|
||||
... doLog=${Default_DoLog}
|
||||
... scheduleId=${Default_ScheduleId}
|
||||
${rescode} ${policyId} AddPolicy2 ${1} ${policyDict}
|
||||
${s} Convert to String ${policyId}
|
||||
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} {"policyType":"pxy_manipulation","policyIds":[${policyId}]}
|
||||
#{"objectId":5668,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":7732,"protocolFields":["TSG_FIELD_HTTP_URL"]}]}
|
||||
#
|
||||
#${disablePolciy} set variable {"opAction":"enable","policyList":[{"policyType":"pxy_manipulation","policyId":[${policyId}]}]}
|
||||
#EditPolicy ${disablePolciy}
|
||||
Comment 功能端验证SSL验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${path}/zjj/ZJJ_ProxyPolicy-Replace-00001.bat
|
||||
... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=find&setCookie=set-cookie&contentType=text/html;charset=UTF-8&resBody=Response Body" https://open.node.com/action
|
||||
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List Tango Secure Gateway CA
|
||||
#OpenSSL SSL_connect: Connection was reset in connection toX-TG-Construct-By: tfe
|
||||
#Send failure: Connection was reset Tango Secure Gateway CA
|
||||
... ELSE Create List Tango Secure Gateway CA
|
||||
|
||||
${starttime} Get Time
|
||||
Sleep ${policyVerificationSleepSeconds}s
|
||||
:FOR ${n} IN RANGE 1000
|
||||
SystemCommands ${commandstr} ${stringlist}
|
||||
END
|
||||
log endfor
|
||||
Sleep ${policyLogVerificationSleepSeconds}s
|
||||
${endtime} Get Time
|
||||
${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni open.node.com
|
||||
log 22${logsize}
|
||||
${logsize} Convert to String ${logsize}
|
||||
Append To File ${path}/enforcement_ratio.txt ${starttime}
|
||||
Append To File ${path}/enforcement_ratio.txt ${logsize}
|
||||
Append To File ${path}/enforcement_ratio.txt ${s}
|
||||
Append To File ${path}/enforcement_ratio.txt ${endtime}
|
||||
#TestLogSize
|
||||
#日志验证security_event_log
|
||||
#GetLogListSize proxy_event_log 2020-04-28 09:40:00 2020-04-28 10:00:00 192.168.50.6 4837 ssl_sni httpdns.n.netease.co
|
||||
${logsize} GetLogListSize security_event_log 2020-04-28 09:40:00 2020-04-28 10:00:00 192.168.50.6 4837 ssl_sni httpdns.n.netease.co
|
||||
log 11${logsize}
|
||||
${logsize} GetLogCount security_event_log 2020-04-28 09:40:00 2020-04-28 10:00:00 192.168.50.6 4837 ssl_sni httpdns.n.netease.co
|
||||
log 22${logsize}
|
||||
ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00002
|
||||
#${logsize} GetLogListSize security_event_log 2020-04-28 09:40:00 2020-04-28 10:00:00 192.168.50.6 4837 ssl_sni httpdns.n.netease.co
|
||||
#log 11${logsize}
|
||||
#${logsize} GetLogCount security_event_log 2020-04-28 09:40:00 2020-04-28 10:00:00 192.168.50.6 4837 ssl_sni httpdns.n.netease.co
|
||||
#log 22${logsize}
|
||||
ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-000012
|
||||
[Tags] selfserver SIP+DIP+URL+ResHeader+ReqHeader
|
||||
|
||||
${caseName} set variable ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00002
|
||||
@@ -254,4 +722,9 @@ ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00002
|
||||
${endtime} Get Time
|
||||
#日志验证
|
||||
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni open.node.com
|
||||
#{"opAction":"add","policyList":{"policyId":"","policyName":"dxytest","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"阿斯蒂","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"replace","rules":[{"search_in":"http_req_uri","find":"find","replace_with":"replace"}],"protocol":"HTTP"},"isValid":0,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":10103,"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":8337,"protocolFields":["TSG_SECURITY_DESTINATION_ADDR"]},{"objectId":5668,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":7732,"protocolFields":["TSG_FIELD_HTTP_URL"]}]}}
|
||||
${logsize} Convert to String ${logsize}
|
||||
Append To File ${path}/enforcement_ratio.txt ${starttime}
|
||||
Append To File ${path}/enforcement_ratio.txt ${logsize}
|
||||
Append To File ${path}/enforcement_ratio.txt ${s}
|
||||
Append To File ${path}/enforcement_ratio.txt ${endtime}
|
||||
|
||||
@@ -36,7 +36,7 @@ PolicyVertify
|
||||
${resultObj} Create Dictionary verifyList=${verifyList}
|
||||
|
||||
${json} json.Dumps ${resultObj} ensure_ascii=False
|
||||
${response} BasePostRequest /v1/policy/verify body=${json}
|
||||
${response} BasePostRequest /policy/verify body=${json}
|
||||
Log REQ = ${json}
|
||||
Log RES = ${response}
|
||||
Should Be True ${response['code']} == 200
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
*** Settings ***
|
||||
Resource ../../03-Variable/BifangApiVariable.txt
|
||||
Library REST http://${host}:${port}
|
||||
Library REST http://${host}:${port}/${version}
|
||||
Library Collections
|
||||
Library RequestsLibrary
|
||||
|
||||
@@ -19,7 +19,7 @@ BasePostRequest
|
||||
BaseDeleteRequest
|
||||
[Arguments] ${requestUri} ${data}
|
||||
${headers} set variable {"Authorization":"${token}","Content-Type":"application/json"}
|
||||
create session api http://${host}:${port} ${headers}
|
||||
create session api http://${host}:${port}/${version} ${headers}
|
||||
${response}= Delete Request api ${requestUri} data=${data}
|
||||
log return data =${response}
|
||||
Should Be Equal As Strings ${response.status_code} 200
|
||||
@@ -29,7 +29,7 @@ BaseDeleteRequest
|
||||
BaseEditRequest
|
||||
[Arguments] ${requestUri} ${data}
|
||||
${headers} set variable {"Authorization":"${token}","Content-Type":"application/json"}
|
||||
create session api http://${host}:${port} ${headers}
|
||||
create session api http://${host}:${port}/${version} ${headers}
|
||||
${response}= Put Request api ${requestUri} data=${data}
|
||||
log return data =${response}
|
||||
Should Be Equal As Strings ${response.status_code} 200
|
||||
|
||||
@@ -4,13 +4,13 @@ Library RequestsLibrary
|
||||
Library OperatingSystem
|
||||
Library Collections
|
||||
Library string
|
||||
Library REST http://${host}:${port}
|
||||
Library REST http://${host}:${port}/${version}
|
||||
|
||||
*** Keywords ***
|
||||
GetLogCondition
|
||||
[Arguments] ${logname} ${startTime} ${endTime} ${client_ip} ${policy_id}
|
||||
Set Headers {"Content-Type":"application/x-www-form-urlencoded","Authorization":"${token}"}
|
||||
&{LogSchemaResponse}= GET /v1/log/schema?logType=${logname}
|
||||
&{LogSchemaResponse}= GET /log/schema?logType=${logname}
|
||||
log ${logname}
|
||||
#Output Schema response body
|
||||
Object response body
|
||||
@@ -35,7 +35,7 @@ PostRemoteData
|
||||
GetALLLogCondition
|
||||
[Arguments] ${logname} ${startTime} ${endTime} ${client_ip} ${policy_id} ${pageSize} ${pageNo}
|
||||
Set Headers {"Content-Type":"application/x-www-form-urlencoded","Authorization":"${token}"}
|
||||
&{LogSchemaResponse}= GET /v1/log/schema?logType=${logname}
|
||||
&{LogSchemaResponse}= GET /log/schema?logType=${logname}
|
||||
log ${logname}
|
||||
#Output Schema response body
|
||||
Object response body
|
||||
@@ -53,7 +53,7 @@ GetALLLogCondition
|
||||
GetLogCountConditon
|
||||
[Arguments] ${logname} ${startTime} ${endTime} ${client_ip} ${policy_id} ${pageSize} ${pageNo}
|
||||
Set Headers {"Content-Type":"application/x-www-form-urlencoded","Authorization":"${token}"}
|
||||
&{LogSchemaResponse}= GET /v1/log/schema?logType=${logname}
|
||||
&{LogSchemaResponse}= GET /log/schema?logType=${logname}
|
||||
log ${logname}
|
||||
#Output Schema response body
|
||||
Object response body
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
*** Settings ***
|
||||
Resource ../../03-Variable/BifangApiVariable.txt
|
||||
Library REST http://${host}:${port}
|
||||
Library REST http://${host}:${port}/${version}
|
||||
Library Collections
|
||||
Library SSHLibrary
|
||||
Resource PolicyObject.robot
|
||||
@@ -13,7 +13,7 @@ Login
|
||||
[Tags] tsg_adc tsg_bf_api
|
||||
#[Arguments] ${username} ${password} ${authmode} ${authCode} ${ldapId}
|
||||
# 毕方接口用户名密码
|
||||
GET /v1/user/encryptpwd?password=${password}
|
||||
GET /user/encryptpwd?password=${password}
|
||||
Object response body
|
||||
#OUTPUT response body
|
||||
#${rescode} Integer $.code
|
||||
@@ -33,7 +33,7 @@ Login
|
||||
#getToken##################################################################################
|
||||
#log ${username}
|
||||
#log ${pwdstr}
|
||||
POST /v1/user/login?username=${username}&password=${encodePassword}&authMode=${authmode}
|
||||
POST /user/login?username=${username}&password=${encodePassword}&authMode=${authmode}
|
||||
Object response body
|
||||
#OUTPUT response body
|
||||
Integer $.code 200
|
||||
@@ -51,7 +51,7 @@ Login
|
||||
|
||||
Logout
|
||||
[Tags] tsg_adc tsg_bf_api
|
||||
POST /v1/user/logout headers=${headers}
|
||||
POST /user/logout headers=${headers}
|
||||
Object response body
|
||||
Integer $.code 200
|
||||
${rescode} Integer $.code
|
||||
|
||||
@@ -3,7 +3,7 @@ Resource ../../03-Variable/BifangApiVariable.txt
|
||||
Resource ../tsg_common/ManagePolicyBody.robot
|
||||
Resource ../tsg_common/ManageObjectBody.robot
|
||||
Resource ../../02-Keyword/tsg_bfapi/policy_file_interface/FunctionalKeywords.robot
|
||||
Library REST http://${host}:${port}
|
||||
Library REST http://${host}:${port}/${version}
|
||||
Library Collections
|
||||
Library RequestsLibrary
|
||||
Resource Common.robot
|
||||
@@ -52,17 +52,17 @@ AddLocalIPObject
|
||||
|
||||
DelLocalIPObject
|
||||
log to_DelLocalIPObject
|
||||
${response} BaseDeleteRequest /v1/policy/object {"objectIds":[${testClentID}]}
|
||||
${response} BaseDeleteRequest /policy/object {"objectIds":[${testClentID}]}
|
||||
#${response_code} Get From Dictionary ${response} code
|
||||
#Should Be Equal As Strings ${response} {'code': 200, 'msg': 'Success', 'success': True}
|
||||
SET GLOBAL VARIABLE ${testClentID} ${EMPTY}
|
||||
${response} BaseDeleteRequest /v1/policy/object {"objectIds":[${testClentSubID}]}
|
||||
${response} BaseDeleteRequest /policy/object {"objectIds":[${testClentSubID}]}
|
||||
SET GLOBAL VARIABLE ${testClentSubID} ${EMPTY}
|
||||
|
||||
AddObject
|
||||
[Arguments] ${body}
|
||||
#addIPobject#################################################################################
|
||||
${response} BasePostRequest /v1/policy/object body=${body}
|
||||
${response} BasePostRequest /policy/object body=${body}
|
||||
#log ${response}
|
||||
${objectId} Set Variable ${response['data']['objectList'][0]['objectId']}
|
||||
${rescodeReturn} Set Variable ${response['code']}
|
||||
@@ -72,7 +72,7 @@ AddObject2
|
||||
[Arguments] ${returnData} ${policyList}
|
||||
${body} ObjectParamsOpertion ${returnData} ${policyList}
|
||||
|
||||
${response} BasePostRequest /v1/policy/object body=${body}
|
||||
${response} BasePostRequest /policy/object body=${body}
|
||||
${objectId} Set Variable ${response['data']['objectList'][0]['objectId']}
|
||||
${rescodeReturn} Set Variable ${response['code']}
|
||||
[Return] ${rescodeReturn} ${objectId}
|
||||
@@ -84,7 +84,7 @@ EditObject
|
||||
DeleteObjectbak
|
||||
[Arguments] ${objectids}
|
||||
${body} String {"objectIds":[${objectids}]}
|
||||
DELETE /v1/policy/object body=${body} headers=${headers}
|
||||
DELETE /policy/object body=${body} headers=${headers}
|
||||
Object response body
|
||||
log DeleteObject
|
||||
log dxytestOUtputstart
|
||||
@@ -96,7 +96,7 @@ DeleteObjectbak
|
||||
|
||||
AddPolicy
|
||||
[Arguments] ${body}
|
||||
${response} BasePostRequest /v1/policy/compile body=${body}
|
||||
${response} BasePostRequest /policy/compile body=${body}
|
||||
#log ${response}
|
||||
${policyId} Set Variable ${response['data']['policyList'][0]['policyId']}
|
||||
${rescode} Set Variable ${response['code']}
|
||||
@@ -104,22 +104,23 @@ AddPolicy
|
||||
|
||||
AddPolicy2
|
||||
[Arguments] ${returnData} ${policyList}
|
||||
${body} PolicyParamsOpertion ${returnData} ${policyList}
|
||||
${body} PolicyParamsOpertion ${returnData} ${policyList} add
|
||||
|
||||
${response} BasePostRequest /v1/policy/compile body=${body}
|
||||
${response} BasePostRequest /policy/compile body=${body}
|
||||
${policyId} Set Variable ${response['data']['policyList'][0]['policyId']}
|
||||
${rescode} Set Variable ${response['code']}
|
||||
[Return] ${rescode} ${policyId}
|
||||
|
||||
EditPolicy
|
||||
[Arguments] ${body}
|
||||
${response} BaseEditRequest /v1/policy/compile ${body}
|
||||
[Arguments] ${policyList} ${opAction}
|
||||
${body} PolicyParamsOpertion ${1} ${policyList} ${opAction}
|
||||
${response} BaseEditRequest /policy/compile ${body}
|
||||
[Return] ${rescode}
|
||||
|
||||
DeletePolicybak
|
||||
[Arguments] ${policyids}
|
||||
${body} String {"policyType":"tsg_security","policyIds":[${policyids}]}
|
||||
DELETE /v1/policy/compile body=${body} headers=${headers}
|
||||
DELETE /policy/compile body=${body} headers=${headers}
|
||||
Object response body
|
||||
log DeletePolicy
|
||||
Output response body
|
||||
@@ -131,7 +132,7 @@ DeletePolicy
|
||||
[Arguments] ${body}
|
||||
#删除策略
|
||||
log toDeletePolicy_DeletePolicyDeletePolicy
|
||||
${response} BaseDeleteRequest /v1/policy/compile ${body}
|
||||
${response} BaseDeleteRequest /policy/compile ${body}
|
||||
#{"policyType":"tsg_security","policyIds":[${policyids}]}
|
||||
${response_code} Get From Dictionary ${response} code
|
||||
Should Be Equal As Strings ${response_code} 200
|
||||
@@ -143,7 +144,7 @@ DeleteObject
|
||||
[Arguments] ${objectids}
|
||||
#删除对象
|
||||
log todeleteobj
|
||||
${response} BaseDeleteRequest /v1/policy/object {"objectIds":[${objectids}]}
|
||||
${response} BaseDeleteRequest /policy/object {"objectIds":[${objectids}]}
|
||||
${response_code} Get From Dictionary ${response} code
|
||||
#log aaaaaaaaaa:${response_code}
|
||||
Should Be Equal As Strings ${response_code} 200
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
*** Settings ***
|
||||
Resource ../../03-Variable/BifangApiVariable.txt
|
||||
Library REST http://${host}:${port}
|
||||
Library REST http://${host}:${port}/${version}
|
||||
Library Collections
|
||||
Library RequestsLibrary
|
||||
Resource Common.robot
|
||||
@@ -9,7 +9,7 @@ Resource Common.robot
|
||||
ApiAddTags
|
||||
[Arguments] ${body}
|
||||
#ApiAddTags#################################################################################
|
||||
${response} BasePostRequest /v1/customize/tags body=${body}
|
||||
${response} BasePostRequest /customize/tags body=${body}
|
||||
#log ${response}
|
||||
${tagId} Set Variable ${response['data']['tagList'][0]['id']}
|
||||
${rescodeReturn} Set Variable ${response['code']}
|
||||
@@ -23,7 +23,7 @@ ApiDeleteTags
|
||||
[Arguments] ${body}
|
||||
#删除策略
|
||||
log toApiDeleteTags
|
||||
${response} BaseDeleteRequest /v1/customize/tags ${body}
|
||||
${response} BaseDeleteRequest /customize/tags ${body}
|
||||
${response_code} Get From Dictionary ${response} code
|
||||
Should Be Equal As Strings ${response_code} 200
|
||||
${response} Convert to String ${response}
|
||||
|
||||
@@ -18,7 +18,7 @@ ${Tsg_Passwd} tsg_passwd
|
||||
# tsg_help指令返回值对比文件路径
|
||||
${Tsg_Help_file_Path} cli_files/tsg_help.txt
|
||||
# tsg_show指令查询时附加sql条件
|
||||
${Tsg_Show_Added_Sql} "order by time desc limit 20 "
|
||||
${Tsg_Show_Added_Sql} "order by time desc limit 1"
|
||||
${Tsg_Show_Added_Sql_Query} --query
|
||||
# tsg_show指令返回数据flowType和sled参数值
|
||||
${Tsg_Show_FlowType_Values} inline|intercomm|mirror
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
*** Settings ***
|
||||
Resource ../../03-Variable/BifangApiVariable.txt
|
||||
Library REST http://${host}:${port}
|
||||
Library REST http://${host}:${port}/${version}
|
||||
Library Collections
|
||||
Library ExtensionLibrary
|
||||
Resource ../tsg_bfapi/LoginLogout.robot
|
||||
|
||||
@@ -33,7 +33,7 @@ PolicyParamsOpertion
|
||||
... policyList: 必传,字典类型。字典内可选参数信息:
|
||||
... 其它参数默认值见../../03-Variable/PolicyObjectDefault.txt
|
||||
|
||||
[Arguments] ${returnData} ${policyList}
|
||||
[Arguments] ${returnData} ${policyList} ${opAction}
|
||||
${emptyList} Create List
|
||||
# 断言必传参数
|
||||
# Should Not Be Empty ${policyList}[policyType]
|
||||
@@ -79,7 +79,7 @@ PolicyParamsOpertion
|
||||
Run Keyword If "${policyType}"=="active_defence" Set To Dictionary ${policyList} referenceObject=${active_defence_emptyList}
|
||||
Run Keyword If "${policyType}"=="active_defence" Set To Dictionary ${policyList} appObjectIdArray=${active_defence_emptyList}
|
||||
# 转为json结构并返回
|
||||
${dict} Create Dictionary opAction=add returnData=${returnData} policyList=${policyList}
|
||||
${dict} Create Dictionary opAction=${opAction} returnData=${returnData} policyList=${policyList}
|
||||
${json} json.Dumps ${dict} ensure_ascii=False
|
||||
${json} Replace String ${json} "method:rst" ${userRegion}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user