From 1ace02da3c99db5ca669a8eae9c0b06e1015bd47 Mon Sep 17 00:00:00 2001 From: dongxiaoyan Date: Tue, 28 Apr 2020 17:03:28 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=8E=A5=E5=8F=A3=E7=9A=84?= =?UTF-8?q?=E5=9C=B0=E5=9D=80=E5=89=8D=E7=BC=80=E5=85=A8=E9=83=A8=E4=BD=BF?= =?UTF-8?q?=E7=94=A8=E9=85=8D=E7=BD=AE=E6=96=87=E4=BB=B6=E7=89=88=E6=9C=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../zjj/ZDFY_ActiveDefencePolicy.robot | 56 +- 01-TestCase/zjj/ZJJ_ProxyPolicy-Replace.robot | 491 +++++++++++++++++- 02-Keyword/tsg_adc/PolicyVertify.robot | 2 +- 02-Keyword/tsg_bfapi/Common.robot | 6 +- 02-Keyword/tsg_bfapi/LogSchema.robot | 8 +- 02-Keyword/tsg_bfapi/LoginLogout.robot | 8 +- 02-Keyword/tsg_bfapi/PolicyObject.robot | 29 +- 02-Keyword/tsg_bfapi/Tag.robot | 6 +- 02-Keyword/tsg_cli/Interface.robot | 2 +- .../tsg_common/LoginAndLogoutTypeSwitch.robot | 2 +- 02-Keyword/tsg_common/ManagePolicyBody.robot | 4 +- 11 files changed, 564 insertions(+), 50 deletions(-) diff --git a/01-TestCase/zjj/ZDFY_ActiveDefencePolicy.robot b/01-TestCase/zjj/ZDFY_ActiveDefencePolicy.robot index a51887e..5738c8b 100644 --- a/01-TestCase/zjj/ZDFY_ActiveDefencePolicy.robot +++ b/01-TestCase/zjj/ZDFY_ActiveDefencePolicy.robot @@ -17,7 +17,7 @@ ${policyIds} ${EMPTY} ${objectids} ${EMPTY} ${url} /policy/profile/responsepages ${profiledId} ${EMPTY} -${target_ip} 10.3.22.199 +${target_ip} 10.3.22.129 # 无DHCP,需要手动设置IP,可用地址段: 10.3.22.[129-254], 掩码: 255.255.255.0, DNS服务器: 10.3.22.11。 *** Test Cases *** ZDFY_ActiveDefencePolicy-Flood-00001 @@ -25,7 +25,7 @@ ZDFY_ActiveDefencePolicy-Flood-00001 ${caseName} set variable ZDFY_ActiveDefencePolicy-Flood-00001 Comment claimed_src_ip_profile_id - ${response} BasePostRequest /v1/policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":"autotest"}]} + ${response} BasePostRequest /policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":"autotest"}]} ${claimed_src_ip_profile_id} Set Variable ${response['data']['list'][0]['profileId']} Comment 创建带主动策略Flood @@ -46,15 +46,55 @@ ZDFY_ActiveDefencePolicy-Flood-00001 ${s} Convert to String ${policyId} ${policyIds} Create List {"policyType":"active_defence","policyIds":[${policyId}]} - +ZDFY_ActiveDefencePolicy-Flood-00002 + [Tags] flood TwoPolicyOneprofile + + ${caseName} set variable ZDFY_ActiveDefencePolicy-Flood-00002 + Comment claimed_src_ip_profile_id + ${response} BasePostRequest /policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":"autotest"}]} + ${claimed_src_ip_profile_id} Set Variable ${response['data']['list'][0]['profileId']} + + Comment 创建带主动策略Flood + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=active_defence + ... policyDesc=${caseName} + ... action=activeDefence + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"flood","l4_protocol":"TCP","target_ip":"${target_ip}","target_port":1234,"rate_pps":1,"claimed_src_ip_profile_id":${claimed_src_ip_profile_id}} + ... referenceObject= + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + Comment 创建带主动策略Flood + ${policyDict2} Create Dictionary + ... policyName=${caseName} + ... policyType=active_defence + ... policyDesc=${caseName} + ... action=activeDefence + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"flood","l4_protocol":"TCP","target_ip":"${target_ip}","target_port":1234,"rate_pps":1,"claimed_src_ip_profile_id":${claimed_src_ip_profile_id}} + ... referenceObject= + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId2} AddPolicy2 ${1} ${policyDict2} + ${policyIds} Create List {"policyType":"active_defence","policyIds":[${policyId},${policyId2} ]} + + ZDFY_ActiveDefencePolicy-Reflection-00001 [Tags] reflection ${caseName} set variable ZDFY_ActiveDefencePolicy-Reflection-00001 Comment claimed_src_ip_profile_id - ${response} BasePostRequest /v1/policy/profile/reflector body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.11"],"isValid":1,"profileDesc":"autotest"}]} + ${response} BasePostRequest /policy/profile/reflector body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.11"],"reflectorType":"dns","isValid":1,"profileDesc":"autotest"}]} ${reflector_profile_id} Set Variable ${response['data']['list'][0]['profileId']} - ${response} BasePostRequest /v1/policy/profile/reflector/payload body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","reflectorType":"dns","payload":"zasBAAABAAAAAAAABHRlc3QDY29tAAD/AAE=","isValid":1,"profileDesc":""}]} - #${response} BasePostRequest /v1/policy/profile/reflector/payload body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","reflectorPayload":"dns","payload":"zasBAAABAAAAAAAABHRlc3QDY29tAAD/AAE=","isValid":1,"profileDesc":""}]} + ${response} BasePostRequest /policy/profile/reflector/payload body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","reflectorType":"dns","payload":"zasBAAABAAAAAAAABHRlc3QDY29tAAD/AAE=","isValid":1,"profileDesc":""}]} + #${response} BasePostRequest /policy/profile/reflector/payload body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","reflectorPayload":"dns","payload":"zasBAAABAAAAAAAABHRlc3QDY29tAAD/AAE=","isValid":1,"profileDesc":""}]} ${payload_profile_id} Set Variable ${response['data']['list'][0]['profileId']} Comment 创建策略reflection ${policyDict} Create Dictionary @@ -77,7 +117,7 @@ ZDFY_ActiveDefencePolicy-CC-00001 [Tags] CC ${caseName} set variable ZDFY_ActiveDefencePolicy-CC-00001 Comment claimed_src_ip_profile_id - ${response} BasePostRequest /v1/policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":""}]} + ${response} BasePostRequest /policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":""}]} ${claimed_src_ip_profile_id} Set Variable ${response['data']['list'][0]['profileId']} Comment 创建带主动策略CC ${policyDict} Create Dictionary @@ -102,7 +142,7 @@ ZDFY_ActiveDefencePolicy-CC-00002 [Tags] CC ${caseName} set variable ZDFY_ActiveDefencePolicy-CC-00002 Comment claimed_src_ip_profile_id - ${response} BasePostRequest /v1/policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":"autotest"}]} + ${response} BasePostRequest /policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":"autotest"}]} ${claimed_src_ip_profile_id} Set Variable ${response['data']['list'][0]['profileId']} Comment 创建带主动策略CC ${policyDict} Create Dictionary diff --git a/01-TestCase/zjj/ZJJ_ProxyPolicy-Replace.robot b/01-TestCase/zjj/ZJJ_ProxyPolicy-Replace.robot index 09107d7..314ca73 100644 --- a/01-TestCase/zjj/ZJJ_ProxyPolicy-Replace.robot +++ b/01-TestCase/zjj/ZJJ_ProxyPolicy-Replace.robot @@ -90,6 +90,123 @@ ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00001 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} + Comment 创建带有比例的替换策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=pxy_manipulation + ... policyDesc=${Default_PolicyDesc} + ... action=manipulation + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"find","replace_with":"replace"},{"search_in":"http_res_body","find":"replace","replace_with":"replacetest"}],"enforcement_ratio":0.0001,"protocol":"HTTP"} + ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_URL_Id}|TSG_FIELD_HTTP_URL + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${s} Convert to String ${policyId} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} {"policyType":"pxy_manipulation","policyIds":[${policyId}]} + #{"objectId":5668,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":7732,"protocolFields":["TSG_FIELD_HTTP_URL"]}]} + # + #${disablePolciy} set variable {"opAction":"enable","policyList":[{"policyType":"pxy_manipulation","policyId":[${policyId}]}]} + #EditPolicy ${disablePolciy} + Comment 功能端验证SSL验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${path}/zjj/ZJJ_ProxyPolicy-Replace-00001.bat + ... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=find&setCookie=set-cookie&contentType=text/html;charset=UTF-8&resBody=Response Body" https://open.node.com/action + + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Tango Secure Gateway CA + #OpenSSL SSL_connect: Connection was reset in connection toX-TG-Construct-By: tfe + #Send failure: Connection was reset Tango Secure Gateway CA + ... ELSE Create List Tango Secure Gateway CA + + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + :FOR ${n} IN RANGE 1000 + SystemCommands ${commandstr} ${stringlist} + END + log endfor + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + ${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni open.node.com + log 22${logsize} + ${logsize} Convert to String ${logsize} + Append To File ${path}/enforcement_ratio.txt ${starttime} + Append To File ${path}/enforcement_ratio.txt ${logsize} + Append To File ${path}/enforcement_ratio.txt ${s} + Append To File ${path}/enforcement_ratio.txt ${endtime} +ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00002 + [Tags] selfserver SIP+DIP+URL + ${caseName} set variable ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00002 + Comment 创建目标IP + ${objectDict} Create Dictionary + ... objectType=ip + ... isValid=1 + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_IPobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=CIDR|192.168.100.5|32|0/0&${Default_AddItem_ServerIpFormat}|${Default_AddItem_ServerIp1}|${Default_AddItem_ServerIp2}|${Default_AddItem_ServerPort}|${Default_AddItem_IsInitialize}|${Default_AddItem_ItemName}|${Default_AddItem_ItemDesc} + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + + #创建url + ${objectDict} Create Dictionary + ... objectType=url + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_URLobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=open.node.com/action + ${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id} + + #创建url + ${objectDict} Create Dictionary + ... objectType=fqdn + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_fqdnobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=$open.node.com + ${rescode} ${object_FQDN_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_FQDN_Id} + + #${dynamic_bypass} set variable "dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1} + #${protocol_version} set variable "protocol_version":{"min":"","max":"","mirror_client":1,"allow_http2":1} + #${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"} + #${requestbody} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]} + #${data} Create List ${requestbody} + #${response} CreatePolicyFileNoFile ${url} ${data} + #${mirror_profile} Get From Dictionary ${response} profileId + Comment 创建拦截策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=tsg_security + ... policyDesc=${caseName} + ... action=intercept + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"protocol":"SSL","protocol_version":{"allow_http2":1,"min":"ssl3","max":"tls13","mirror_client":1},"dynamic_bypass":{"mutual_authentication":1,"cert_pinning":1,"cert_transparency":0,"protocol_errors":1,"ev_cert":0},"decrypt_mirror":{"enable":0},"certificate_checks":{"fail_action":"pass-through","approach":{"self-signed":1,"expiration":1,"cn":1,"issuer":1}},"keyring":1} + #... userRegion={"protocol":"SSL","keyring":123,"decryption",1,"decrypt_mirror":{"enable":1,"mirror_profile":${mirror_profile}} + ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_FQDN_Id}|TSG_FIELD_SSL_SNI + ... isValid=1 + ... appObjectIdArray=${3} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + + ${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} + + Comment 创建带有比例的替换策略 ${policyDict} Create Dictionary ... policyName=${caseName} @@ -115,10 +232,10 @@ ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00001 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${path}/zjj/ZJJ_ProxyPolicy-Replace-00001.bat ... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=find&setCookie=set-cookie&contentType=text/html;charset=UTF-8&resBody=Response Body" https://open.node.com/action - ${stringlist} run keyword if '${systemType}'=='Windows' Create List schannel + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Tango Secure Gateway CA #OpenSSL SSL_connect: Connection was reset in connection toX-TG-Construct-By: tfe #Send failure: Connection was reset Tango Secure Gateway CA - ... ELSE Create List schannel + ... ELSE Create List Tango Secure Gateway CA ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s @@ -130,14 +247,365 @@ ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00001 ${endtime} Get Time ${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni open.node.com log 22${logsize} -TestLogSize + ${logsize} Convert to String ${logsize} + Append To File ${path}/enforcement_ratio.txt ${starttime} + Append To File ${path}/enforcement_ratio.txt ${logsize} + Append To File ${path}/enforcement_ratio.txt ${s} + Append To File ${path}/enforcement_ratio.txt ${endtime} +ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00003 + [Tags] selfserver SIP+DIP+URL + ${caseName} set variable ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00003 + Comment 创建目标IP + ${objectDict} Create Dictionary + ... objectType=ip + ... isValid=1 + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_IPobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=CIDR|192.168.100.5|32|0/0&${Default_AddItem_ServerIpFormat}|${Default_AddItem_ServerIp1}|${Default_AddItem_ServerIp2}|${Default_AddItem_ServerPort}|${Default_AddItem_IsInitialize}|${Default_AddItem_ItemName}|${Default_AddItem_ItemDesc} + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + + #创建url + ${objectDict} Create Dictionary + ... objectType=url + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_URLobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=open.node.com/action + ${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id} + + #创建url + ${objectDict} Create Dictionary + ... objectType=fqdn + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_fqdnobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=$open.node.com + ${rescode} ${object_FQDN_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_FQDN_Id} + + #${dynamic_bypass} set variable "dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1} + #${protocol_version} set variable "protocol_version":{"min":"","max":"","mirror_client":1,"allow_http2":1} + #${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"} + #${requestbody} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]} + #${data} Create List ${requestbody} + #${response} CreatePolicyFileNoFile ${url} ${data} + #${mirror_profile} Get From Dictionary ${response} profileId + Comment 创建拦截策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=tsg_security + ... policyDesc=${caseName} + ... action=intercept + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"protocol":"SSL","protocol_version":{"allow_http2":1,"min":"ssl3","max":"tls13","mirror_client":1},"dynamic_bypass":{"mutual_authentication":1,"cert_pinning":1,"cert_transparency":0,"protocol_errors":1,"ev_cert":0},"decrypt_mirror":{"enable":0},"certificate_checks":{"fail_action":"pass-through","approach":{"self-signed":1,"expiration":1,"cn":1,"issuer":1}},"keyring":1} + #... userRegion={"protocol":"SSL","keyring":123,"decryption",1,"decrypt_mirror":{"enable":1,"mirror_profile":${mirror_profile}} + ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_FQDN_Id}|TSG_FIELD_SSL_SNI + ... isValid=1 + ... appObjectIdArray=${3} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + + ${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} + + + Comment 创建带有比例的替换策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=pxy_manipulation + ... policyDesc=${Default_PolicyDesc} + ... action=manipulation + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"find","replace_with":"replace"},{"search_in":"http_res_body","find":"replace","replace_with":"replacetest"}],"enforcement_ratio":0.9,"protocol":"HTTP"} + ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_URL_Id}|TSG_FIELD_HTTP_URL + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${s} Convert to String ${policyId} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} {"policyType":"pxy_manipulation","policyIds":[${policyId}]} + #{"objectId":5668,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":7732,"protocolFields":["TSG_FIELD_HTTP_URL"]}]} + # + #${disablePolciy} set variable {"opAction":"enable","policyList":[{"policyType":"pxy_manipulation","policyId":[${policyId}]}]} + #EditPolicy ${disablePolciy} + Comment 功能端验证SSL验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${path}/zjj/ZJJ_ProxyPolicy-Replace-00001.bat + ... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=find&setCookie=set-cookie&contentType=text/html;charset=UTF-8&resBody=Response Body" https://open.node.com/action + + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Tango Secure Gateway CA + #OpenSSL SSL_connect: Connection was reset in connection toX-TG-Construct-By: tfe + #Send failure: Connection was reset Tango Secure Gateway CA + ... ELSE Create List Tango Secure Gateway CA + + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + :FOR ${n} IN RANGE 1000 + SystemCommands ${commandstr} ${stringlist} + END + log endfor + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + ${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni open.node.com + log 22${logsize} + ${logsize} Convert to String ${logsize} + Append To File ${path}/enforcement_ratio.txt ${starttime} + Append To File ${path}/enforcement_ratio.txt ${logsize} + Append To File ${path}/enforcement_ratio.txt ${s} + Append To File ${path}/enforcement_ratio.txt ${endtime} +ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00004 + [Tags] selfserver SIP+DIP+URL + ${caseName} set variable ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00004 + Comment 创建目标IP + ${objectDict} Create Dictionary + ... objectType=ip + ... isValid=1 + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_IPobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=CIDR|192.168.100.5|32|0/0&${Default_AddItem_ServerIpFormat}|${Default_AddItem_ServerIp1}|${Default_AddItem_ServerIp2}|${Default_AddItem_ServerPort}|${Default_AddItem_IsInitialize}|${Default_AddItem_ItemName}|${Default_AddItem_ItemDesc} + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + + #创建url + ${objectDict} Create Dictionary + ... objectType=url + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_URLobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=open.node.com/action + ${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id} + + #创建url + ${objectDict} Create Dictionary + ... objectType=fqdn + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_fqdnobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=$open.node.com + ${rescode} ${object_FQDN_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_FQDN_Id} + + #${dynamic_bypass} set variable "dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1} + #${protocol_version} set variable "protocol_version":{"min":"","max":"","mirror_client":1,"allow_http2":1} + #${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"} + #${requestbody} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]} + #${data} Create List ${requestbody} + #${response} CreatePolicyFileNoFile ${url} ${data} + #${mirror_profile} Get From Dictionary ${response} profileId + Comment 创建拦截策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=tsg_security + ... policyDesc=${caseName} + ... action=intercept + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"protocol":"SSL","protocol_version":{"allow_http2":1,"min":"ssl3","max":"tls13","mirror_client":1},"dynamic_bypass":{"mutual_authentication":1,"cert_pinning":1,"cert_transparency":0,"protocol_errors":0,"ev_cert":0},"decrypt_mirror":{"enable":0},"certificate_checks":{"fail_action":"pass-through","approach":{"self-signed":1,"expiration":1,"cn":1,"issuer":1}},"keyring":1} + #... userRegion={"protocol":"SSL","keyring":123,"decryption",1,"decrypt_mirror":{"enable":1,"mirror_profile":${mirror_profile}} + ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_FQDN_Id}|TSG_FIELD_SSL_SNI + ... isValid=1 + ... appObjectIdArray=${3} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + + ${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} + + + Comment 创建带有比例的替换策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=pxy_manipulation + ... policyDesc=${Default_PolicyDesc} + ... action=manipulation + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"find","replace_with":"replace"},{"search_in":"http_res_body","find":"replace","replace_with":"replacetest"}],"enforcement_ratio":0.9999,"protocol":"HTTP"} + ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_URL_Id}|TSG_FIELD_HTTP_URL + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${s} Convert to String ${policyId} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} {"policyType":"pxy_manipulation","policyIds":[${policyId}]} + #{"objectId":5668,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":7732,"protocolFields":["TSG_FIELD_HTTP_URL"]}]} + # + #${disablePolciy} set variable {"opAction":"enable","policyList":[{"policyType":"pxy_manipulation","policyId":[${policyId}]}]} + #EditPolicy ${disablePolciy} + Comment 功能端验证SSL验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${path}/zjj/ZJJ_ProxyPolicy-Replace-00001.bat + ... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=find&setCookie=set-cookie&contentType=text/html;charset=UTF-8&resBody=Response Body" https://open.node.com/action + + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Tango Secure Gateway CA + #OpenSSL SSL_connect: Connection was reset in connection toX-TG-Construct-By: tfe + #Send failure: Connection was reset Tango Secure Gateway CA + ... ELSE Create List Tango Secure Gateway CA + + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + :FOR ${n} IN RANGE 1000 + SystemCommands ${commandstr} ${stringlist} + END + log endfor + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + ${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni open.node.com + log 22${logsize} +ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00005 + [Tags] selfserver SIP+DIP+URL + ${caseName} set variable ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00005 + Comment 创建目标IP + ${objectDict} Create Dictionary + ... objectType=ip + ... isValid=1 + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_IPobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=CIDR|192.168.100.5|32|0/0&${Default_AddItem_ServerIpFormat}|${Default_AddItem_ServerIp1}|${Default_AddItem_ServerIp2}|${Default_AddItem_ServerPort}|${Default_AddItem_IsInitialize}|${Default_AddItem_ItemName}|${Default_AddItem_ItemDesc} + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + + #创建url + ${objectDict} Create Dictionary + ... objectType=url + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_URLobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=open.node.com/action + ${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id} + + #创建url + ${objectDict} Create Dictionary + ... objectType=fqdn + ... isValid=${1} + ... objectSubType=${Default_ObjectSubType} + ... isInitialize=${Default_IsInitialize} + ... isExclusion=${Default_IsExclusion} + ... objectName=${caseName}_fqdnobject + ... objectDesc=${Default_ObjectDesc} + ... subObjectIds=${Default_SubObjectIds} + ... addItemList=$open.node.com + ${rescode} ${object_FQDN_Id} AddObject2 ${1} ${objectDict} + ${objectids} Catenate SEPARATOR=, ${objectids} ${object_FQDN_Id} + + #${dynamic_bypass} set variable "dynamic_bypass":{"ev_cert":1,"cert_transparency":1,"mutual_authentication":1,"cert_pinning":1,"protocol_errors":1} + #${protocol_version} set variable "protocol_version":{"min":"","max":"","mirror_client":1,"allow_http2":1} + #${certificate_checks} set variable "certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"fail-close"} + #${requestbody} set variable {"opAction":"add","returnData":1,"list":[{"profileName":"autotest_decryption_add","decryption":{${dynamic_bypass},${protocol_version},${certificate_checks}},"isValid":1,"isInitialize":0,"profileDesc":""}]} + #${data} Create List ${requestbody} + #${response} CreatePolicyFileNoFile ${url} ${data} + #${mirror_profile} Get From Dictionary ${response} profileId + Comment 创建拦截策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=tsg_security + ... policyDesc=${caseName} + ... action=intercept + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"protocol":"SSL","protocol_version":{"allow_http2":1,"min":"ssl3","max":"tls13","mirror_client":1},"dynamic_bypass":{"mutual_authentication":1,"cert_pinning":1,"cert_transparency":0,"protocol_errors":0.5,"ev_cert":0},"decrypt_mirror":{"enable":0},"certificate_checks":{"fail_action":"pass-through","approach":{"self-signed":1,"expiration":1,"cn":1,"issuer":1}},"keyring":1} + #... userRegion={"protocol":"SSL","keyring":123,"decryption",1,"decrypt_mirror":{"enable":1,"mirror_profile":${mirror_profile}} + ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_FQDN_Id}|TSG_FIELD_SSL_SNI + ... isValid=1 + ... appObjectIdArray=${3} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + + ${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} + + + Comment 创建带有比例的替换策略 + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=pxy_manipulation + ... policyDesc=${Default_PolicyDesc} + ... action=manipulation + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"replace","rules":[{"search_in":"http_req_body","find":"find","replace_with":"replace"},{"search_in":"http_res_body","find":"replace","replace_with":"replacetest"}],"enforcement_ratio":0.9,"protocol":"HTTP"} + ... referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_URL_Id}|TSG_FIELD_HTTP_URL + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${s} Convert to String ${policyId} + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} {"policyType":"pxy_manipulation","policyIds":[${policyId}]} + #{"objectId":5668,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":7732,"protocolFields":["TSG_FIELD_HTTP_URL"]}]} + # + #${disablePolciy} set variable {"opAction":"enable","policyList":[{"policyType":"pxy_manipulation","policyId":[${policyId}]}]} + #EditPolicy ${disablePolciy} + Comment 功能端验证SSL验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${path}/zjj/ZJJ_ProxyPolicy-Replace-00001.bat + ... ELSE set variable curl -kv -H "Content-Type:application/x-www-form-urlencoded" -X POST -d "reqBody=find&setCookie=set-cookie&contentType=text/html;charset=UTF-8&resBody=Response Body" https://open.node.com/action + + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Tango Secure Gateway CA + #OpenSSL SSL_connect: Connection was reset in connection toX-TG-Construct-By: tfe + #Send failure: Connection was reset Tango Secure Gateway CA + ... ELSE Create List Tango Secure Gateway CA + + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + :FOR ${n} IN RANGE 1000 + SystemCommands ${commandstr} ${stringlist} + END + log endfor + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + ${logsize} GetLogCount proxy_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni open.node.com + log 22${logsize} + ${logsize} Convert to String ${logsize} + Append To File ${path}/enforcement_ratio.txt ${starttime} + Append To File ${path}/enforcement_ratio.txt ${logsize} + Append To File ${path}/enforcement_ratio.txt ${s} + Append To File ${path}/enforcement_ratio.txt ${endtime} +#TestLogSize #日志验证security_event_log #GetLogListSize proxy_event_log 2020-04-28 09:40:00 2020-04-28 10:00:00 192.168.50.6 4837 ssl_sni httpdns.n.netease.co - ${logsize} GetLogListSize security_event_log 2020-04-28 09:40:00 2020-04-28 10:00:00 192.168.50.6 4837 ssl_sni httpdns.n.netease.co - log 11${logsize} - ${logsize} GetLogCount security_event_log 2020-04-28 09:40:00 2020-04-28 10:00:00 192.168.50.6 4837 ssl_sni httpdns.n.netease.co - log 22${logsize} -ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00002 + #${logsize} GetLogListSize security_event_log 2020-04-28 09:40:00 2020-04-28 10:00:00 192.168.50.6 4837 ssl_sni httpdns.n.netease.co + #log 11${logsize} + #${logsize} GetLogCount security_event_log 2020-04-28 09:40:00 2020-04-28 10:00:00 192.168.50.6 4837 ssl_sni httpdns.n.netease.co + #log 22${logsize} +ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-000012 [Tags] selfserver SIP+DIP+URL+ResHeader+ReqHeader ${caseName} set variable ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00002 @@ -254,4 +722,9 @@ ZJJ_ProxyPolicy-Replace-ResbodyReqbocy-00002 ${endtime} Get Time #日志验证 GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni open.node.com - #{"opAction":"add","policyList":{"policyId":"","policyName":"dxytest","policyType":"pxy_manipulation","action":"manipulation","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"阿斯蒂","effectiveRange":{"tag_sets":[[]]},"userRegion":{"method":"replace","rules":[{"search_in":"http_req_uri","find":"find","replace_with":"replace"}],"protocol":"HTTP"},"isValid":0,"scheduleId":[],"appObjectIdArray":[2],"referenceObject":[{"objectId":10103,"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":8337,"protocolFields":["TSG_SECURITY_DESTINATION_ADDR"]},{"objectId":5668,"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":7732,"protocolFields":["TSG_FIELD_HTTP_URL"]}]}} \ No newline at end of file + ${logsize} Convert to String ${logsize} + Append To File ${path}/enforcement_ratio.txt ${starttime} + Append To File ${path}/enforcement_ratio.txt ${logsize} + Append To File ${path}/enforcement_ratio.txt ${s} + Append To File ${path}/enforcement_ratio.txt ${endtime} + \ No newline at end of file diff --git a/02-Keyword/tsg_adc/PolicyVertify.robot b/02-Keyword/tsg_adc/PolicyVertify.robot index a8f2c0c..96422df 100644 --- a/02-Keyword/tsg_adc/PolicyVertify.robot +++ b/02-Keyword/tsg_adc/PolicyVertify.robot @@ -36,7 +36,7 @@ PolicyVertify ${resultObj} Create Dictionary verifyList=${verifyList} ${json} json.Dumps ${resultObj} ensure_ascii=False - ${response} BasePostRequest /v1/policy/verify body=${json} + ${response} BasePostRequest /policy/verify body=${json} Log REQ = ${json} Log RES = ${response} Should Be True ${response['code']} == 200 diff --git a/02-Keyword/tsg_bfapi/Common.robot b/02-Keyword/tsg_bfapi/Common.robot index f827db1..fa64e0c 100644 --- a/02-Keyword/tsg_bfapi/Common.robot +++ b/02-Keyword/tsg_bfapi/Common.robot @@ -1,6 +1,6 @@ *** Settings *** Resource ../../03-Variable/BifangApiVariable.txt -Library REST http://${host}:${port} +Library REST http://${host}:${port}/${version} Library Collections Library RequestsLibrary @@ -19,7 +19,7 @@ BasePostRequest BaseDeleteRequest [Arguments] ${requestUri} ${data} ${headers} set variable {"Authorization":"${token}","Content-Type":"application/json"} - create session api http://${host}:${port} ${headers} + create session api http://${host}:${port}/${version} ${headers} ${response}= Delete Request api ${requestUri} data=${data} log return data =${response} Should Be Equal As Strings ${response.status_code} 200 @@ -29,7 +29,7 @@ BaseDeleteRequest BaseEditRequest [Arguments] ${requestUri} ${data} ${headers} set variable {"Authorization":"${token}","Content-Type":"application/json"} - create session api http://${host}:${port} ${headers} + create session api http://${host}:${port}/${version} ${headers} ${response}= Put Request api ${requestUri} data=${data} log return data =${response} Should Be Equal As Strings ${response.status_code} 200 diff --git a/02-Keyword/tsg_bfapi/LogSchema.robot b/02-Keyword/tsg_bfapi/LogSchema.robot index c6a1143..7bda6a0 100644 --- a/02-Keyword/tsg_bfapi/LogSchema.robot +++ b/02-Keyword/tsg_bfapi/LogSchema.robot @@ -4,13 +4,13 @@ Library RequestsLibrary Library OperatingSystem Library Collections Library string -Library REST http://${host}:${port} +Library REST http://${host}:${port}/${version} *** Keywords *** GetLogCondition [Arguments] ${logname} ${startTime} ${endTime} ${client_ip} ${policy_id} Set Headers {"Content-Type":"application/x-www-form-urlencoded","Authorization":"${token}"} - &{LogSchemaResponse}= GET /v1/log/schema?logType=${logname} + &{LogSchemaResponse}= GET /log/schema?logType=${logname} log ${logname} #Output Schema response body Object response body @@ -35,7 +35,7 @@ PostRemoteData GetALLLogCondition [Arguments] ${logname} ${startTime} ${endTime} ${client_ip} ${policy_id} ${pageSize} ${pageNo} Set Headers {"Content-Type":"application/x-www-form-urlencoded","Authorization":"${token}"} - &{LogSchemaResponse}= GET /v1/log/schema?logType=${logname} + &{LogSchemaResponse}= GET /log/schema?logType=${logname} log ${logname} #Output Schema response body Object response body @@ -53,7 +53,7 @@ GetALLLogCondition GetLogCountConditon [Arguments] ${logname} ${startTime} ${endTime} ${client_ip} ${policy_id} ${pageSize} ${pageNo} Set Headers {"Content-Type":"application/x-www-form-urlencoded","Authorization":"${token}"} - &{LogSchemaResponse}= GET /v1/log/schema?logType=${logname} + &{LogSchemaResponse}= GET /log/schema?logType=${logname} log ${logname} #Output Schema response body Object response body diff --git a/02-Keyword/tsg_bfapi/LoginLogout.robot b/02-Keyword/tsg_bfapi/LoginLogout.robot index 46f8b18..ea37673 100644 --- a/02-Keyword/tsg_bfapi/LoginLogout.robot +++ b/02-Keyword/tsg_bfapi/LoginLogout.robot @@ -1,6 +1,6 @@ *** Settings *** Resource ../../03-Variable/BifangApiVariable.txt -Library REST http://${host}:${port} +Library REST http://${host}:${port}/${version} Library Collections Library SSHLibrary Resource PolicyObject.robot @@ -13,7 +13,7 @@ Login [Tags] tsg_adc tsg_bf_api #[Arguments] ${username} ${password} ${authmode} ${authCode} ${ldapId} # 毕方接口用户名密码 - GET /v1/user/encryptpwd?password=${password} + GET /user/encryptpwd?password=${password} Object response body #OUTPUT response body #${rescode} Integer $.code @@ -33,7 +33,7 @@ Login #getToken################################################################################## #log ${username} #log ${pwdstr} - POST /v1/user/login?username=${username}&password=${encodePassword}&authMode=${authmode} + POST /user/login?username=${username}&password=${encodePassword}&authMode=${authmode} Object response body #OUTPUT response body Integer $.code 200 @@ -51,7 +51,7 @@ Login Logout [Tags] tsg_adc tsg_bf_api - POST /v1/user/logout headers=${headers} + POST /user/logout headers=${headers} Object response body Integer $.code 200 ${rescode} Integer $.code diff --git a/02-Keyword/tsg_bfapi/PolicyObject.robot b/02-Keyword/tsg_bfapi/PolicyObject.robot index 947e3f4..4319673 100644 --- a/02-Keyword/tsg_bfapi/PolicyObject.robot +++ b/02-Keyword/tsg_bfapi/PolicyObject.robot @@ -3,7 +3,7 @@ Resource ../../03-Variable/BifangApiVariable.txt Resource ../tsg_common/ManagePolicyBody.robot Resource ../tsg_common/ManageObjectBody.robot Resource ../../02-Keyword/tsg_bfapi/policy_file_interface/FunctionalKeywords.robot -Library REST http://${host}:${port} +Library REST http://${host}:${port}/${version} Library Collections Library RequestsLibrary Resource Common.robot @@ -52,17 +52,17 @@ AddLocalIPObject DelLocalIPObject log to_DelLocalIPObject - ${response} BaseDeleteRequest /v1/policy/object {"objectIds":[${testClentID}]} + ${response} BaseDeleteRequest /policy/object {"objectIds":[${testClentID}]} #${response_code} Get From Dictionary ${response} code #Should Be Equal As Strings ${response} {'code': 200, 'msg': 'Success', 'success': True} SET GLOBAL VARIABLE ${testClentID} ${EMPTY} - ${response} BaseDeleteRequest /v1/policy/object {"objectIds":[${testClentSubID}]} + ${response} BaseDeleteRequest /policy/object {"objectIds":[${testClentSubID}]} SET GLOBAL VARIABLE ${testClentSubID} ${EMPTY} AddObject [Arguments] ${body} #addIPobject################################################################################# - ${response} BasePostRequest /v1/policy/object body=${body} + ${response} BasePostRequest /policy/object body=${body} #log ${response} ${objectId} Set Variable ${response['data']['objectList'][0]['objectId']} ${rescodeReturn} Set Variable ${response['code']} @@ -72,7 +72,7 @@ AddObject2 [Arguments] ${returnData} ${policyList} ${body} ObjectParamsOpertion ${returnData} ${policyList} - ${response} BasePostRequest /v1/policy/object body=${body} + ${response} BasePostRequest /policy/object body=${body} ${objectId} Set Variable ${response['data']['objectList'][0]['objectId']} ${rescodeReturn} Set Variable ${response['code']} [Return] ${rescodeReturn} ${objectId} @@ -84,7 +84,7 @@ EditObject DeleteObjectbak [Arguments] ${objectids} ${body} String {"objectIds":[${objectids}]} - DELETE /v1/policy/object body=${body} headers=${headers} + DELETE /policy/object body=${body} headers=${headers} Object response body log DeleteObject log dxytestOUtputstart @@ -96,7 +96,7 @@ DeleteObjectbak AddPolicy [Arguments] ${body} - ${response} BasePostRequest /v1/policy/compile body=${body} + ${response} BasePostRequest /policy/compile body=${body} #log ${response} ${policyId} Set Variable ${response['data']['policyList'][0]['policyId']} ${rescode} Set Variable ${response['code']} @@ -104,22 +104,23 @@ AddPolicy AddPolicy2 [Arguments] ${returnData} ${policyList} - ${body} PolicyParamsOpertion ${returnData} ${policyList} + ${body} PolicyParamsOpertion ${returnData} ${policyList} add - ${response} BasePostRequest /v1/policy/compile body=${body} + ${response} BasePostRequest /policy/compile body=${body} ${policyId} Set Variable ${response['data']['policyList'][0]['policyId']} ${rescode} Set Variable ${response['code']} [Return] ${rescode} ${policyId} EditPolicy - [Arguments] ${body} - ${response} BaseEditRequest /v1/policy/compile ${body} + [Arguments] ${policyList} ${opAction} + ${body} PolicyParamsOpertion ${1} ${policyList} ${opAction} + ${response} BaseEditRequest /policy/compile ${body} [Return] ${rescode} DeletePolicybak [Arguments] ${policyids} ${body} String {"policyType":"tsg_security","policyIds":[${policyids}]} - DELETE /v1/policy/compile body=${body} headers=${headers} + DELETE /policy/compile body=${body} headers=${headers} Object response body log DeletePolicy Output response body @@ -131,7 +132,7 @@ DeletePolicy [Arguments] ${body} #删除策略 log toDeletePolicy_DeletePolicyDeletePolicy - ${response} BaseDeleteRequest /v1/policy/compile ${body} + ${response} BaseDeleteRequest /policy/compile ${body} #{"policyType":"tsg_security","policyIds":[${policyids}]} ${response_code} Get From Dictionary ${response} code Should Be Equal As Strings ${response_code} 200 @@ -143,7 +144,7 @@ DeleteObject [Arguments] ${objectids} #删除对象 log todeleteobj - ${response} BaseDeleteRequest /v1/policy/object {"objectIds":[${objectids}]} + ${response} BaseDeleteRequest /policy/object {"objectIds":[${objectids}]} ${response_code} Get From Dictionary ${response} code #log aaaaaaaaaa:${response_code} Should Be Equal As Strings ${response_code} 200 diff --git a/02-Keyword/tsg_bfapi/Tag.robot b/02-Keyword/tsg_bfapi/Tag.robot index bf7643b..d84346d 100644 --- a/02-Keyword/tsg_bfapi/Tag.robot +++ b/02-Keyword/tsg_bfapi/Tag.robot @@ -1,6 +1,6 @@ *** Settings *** Resource ../../03-Variable/BifangApiVariable.txt -Library REST http://${host}:${port} +Library REST http://${host}:${port}/${version} Library Collections Library RequestsLibrary Resource Common.robot @@ -9,7 +9,7 @@ Resource Common.robot ApiAddTags [Arguments] ${body} #ApiAddTags################################################################################# - ${response} BasePostRequest /v1/customize/tags body=${body} + ${response} BasePostRequest /customize/tags body=${body} #log ${response} ${tagId} Set Variable ${response['data']['tagList'][0]['id']} ${rescodeReturn} Set Variable ${response['code']} @@ -23,7 +23,7 @@ ApiDeleteTags [Arguments] ${body} #删除策略 log toApiDeleteTags - ${response} BaseDeleteRequest /v1/customize/tags ${body} + ${response} BaseDeleteRequest /customize/tags ${body} ${response_code} Get From Dictionary ${response} code Should Be Equal As Strings ${response_code} 200 ${response} Convert to String ${response} diff --git a/02-Keyword/tsg_cli/Interface.robot b/02-Keyword/tsg_cli/Interface.robot index c9aabd2..656776d 100644 --- a/02-Keyword/tsg_cli/Interface.robot +++ b/02-Keyword/tsg_cli/Interface.robot @@ -18,7 +18,7 @@ ${Tsg_Passwd} tsg_passwd # tsg_help指令返回值对比文件路径 ${Tsg_Help_file_Path} cli_files/tsg_help.txt # tsg_show指令查询时附加sql条件 -${Tsg_Show_Added_Sql} "order by time desc limit 20 " +${Tsg_Show_Added_Sql} "order by time desc limit 1" ${Tsg_Show_Added_Sql_Query} --query # tsg_show指令返回数据flowType和sled参数值 ${Tsg_Show_FlowType_Values} inline|intercomm|mirror diff --git a/02-Keyword/tsg_common/LoginAndLogoutTypeSwitch.robot b/02-Keyword/tsg_common/LoginAndLogoutTypeSwitch.robot index 87073a4..170e720 100644 --- a/02-Keyword/tsg_common/LoginAndLogoutTypeSwitch.robot +++ b/02-Keyword/tsg_common/LoginAndLogoutTypeSwitch.robot @@ -1,6 +1,6 @@ *** Settings *** Resource ../../03-Variable/BifangApiVariable.txt -Library REST http://${host}:${port} +Library REST http://${host}:${port}/${version} Library Collections Library ExtensionLibrary Resource ../tsg_bfapi/LoginLogout.robot diff --git a/02-Keyword/tsg_common/ManagePolicyBody.robot b/02-Keyword/tsg_common/ManagePolicyBody.robot index 579619f..7512f04 100644 --- a/02-Keyword/tsg_common/ManagePolicyBody.robot +++ b/02-Keyword/tsg_common/ManagePolicyBody.robot @@ -33,7 +33,7 @@ PolicyParamsOpertion ... policyList: 必传,字典类型。字典内可选参数信息: ... 其它参数默认值见../../03-Variable/PolicyObjectDefault.txt - [Arguments] ${returnData} ${policyList} + [Arguments] ${returnData} ${policyList} ${opAction} ${emptyList} Create List # 断言必传参数 # Should Not Be Empty ${policyList}[policyType] @@ -79,7 +79,7 @@ PolicyParamsOpertion Run Keyword If "${policyType}"=="active_defence" Set To Dictionary ${policyList} referenceObject=${active_defence_emptyList} Run Keyword If "${policyType}"=="active_defence" Set To Dictionary ${policyList} appObjectIdArray=${active_defence_emptyList} # 转为json结构并返回 - ${dict} Create Dictionary opAction=add returnData=${returnData} policyList=${policyList} + ${dict} Create Dictionary opAction=${opAction} returnData=${returnData} policyList=${policyList} ${json} json.Dumps ${dict} ensure_ascii=False ${json} Replace String ${json} "method:rst" ${userRegion}