拦截http,ssl用例补充,ip_geo,修改策略中的对象
This commit is contained in:
hebingning
@@ -22,7 +22,7 @@ SecurityPolicy-Intercept-Http-00001
|
||||
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.yumi.com
|
||||
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
|
||||
Comment 创建安全策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-Http-00001 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"HTTP"} filterList=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID}
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-Http-00001 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID}
|
||||
log ${policyDict}
|
||||
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
||||
insert_policyId_to_file1 intercept_http_objectId ${objectId}
|
||||
|
||||
@@ -13,15 +13,21 @@ Resource ../../../03-Variable/ApplicationID.txt
|
||||
|
||||
*** Test Cases ***
|
||||
SecurityPolicy-Intercept-Ssl-00001
|
||||
[Tags] fqdn完整匹配
|
||||
[Tags] fqdn完整匹配 update policy:source geo
|
||||
Comment 创建fqdn
|
||||
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.reviewpro.com
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
Comment 创建ip geo
|
||||
${addItemList1} Create Dictionary keywordArray=XXG地区.*
|
||||
${addItemLists} Create list ${addItemList1}
|
||||
${objectDict} Create Dictionary objectType=ip objectSubType=geo_location isValid=${1} addItemList=${addItemLists}
|
||||
${rescode} ${objectId1} AddObjects ${1} ${objectDict}
|
||||
Comment 创建安全策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-Ssl-00001 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${objectId}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=${SSL_ID}
|
||||
log ${policyDict}
|
||||
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
||||
insert_policyId_to_file1 intercept_ssl_objectId ${objectId}
|
||||
insert_policyId_to_file1 intercept_ssl_objectId2 ${objectId1}
|
||||
insert_policyId_to_file1 intercept_ssl_policyId ${policyId}
|
||||
|
||||
SecurityPolicy-Intercept-Ssl-00002
|
||||
@@ -36,14 +42,19 @@ SecurityPolicy-Intercept-Ssl-00002
|
||||
insert_policyId_to_file1 intercept_ssl_policyId1 ${policyId}
|
||||
|
||||
SecurityPolicy-Intercept-Ssl-00003
|
||||
[Tags] fqdn other
|
||||
Comment fqdn Certificate
|
||||
[Tags] fqdn other Certificate update policy:fqdn
|
||||
Comment 创建fqdn
|
||||
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.xs8.cn
|
||||
${rescode} ${objectId} AddObject2 ${1} ${objectDict}
|
||||
Comment 创建fqdn2
|
||||
${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*xs8.cn
|
||||
${rescode} ${objectId1} AddObject2 ${1} ${objectDict}
|
||||
Comment 创建安全策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-Ssl-00003 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1727,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${objectId}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=${SSL_ID}
|
||||
log ${policyDict}
|
||||
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
||||
insert_policyId_to_file1 intercept_ssl_objectId1 ${objectId}
|
||||
insert_policyId_to_file1 intercept_ssl_objectId3 ${objectId1}
|
||||
insert_policyId_to_file1 intercept_ssl_policyId2 ${policyId}
|
||||
|
||||
SecurityPolicy-Intercept-Ssl-00004
|
||||
|
||||
@@ -18,7 +18,7 @@ SecurityPolicy-Intercept-Http-00001
|
||||
... ELSE Create List 玉米
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
Comment 修改policy的source
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-Http-00001-1 policyId=${intercept_http_policyId} policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"HTTP"} source=${intercept_http_objectId}|TSG_SECURITY_SOURCE_LOCATION filterList=${intercept_http_objectId1}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID}
|
||||
${policyDict} Create Dictionary policyId=${intercept_http_policyId} policyName=SecurityPolicy-Intercept-Http-00001_1 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"HTTP"} filterList=${intercept_http_objectId1}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID} source=${intercept_http_objectId}|TSG_SECURITY_SOURCE_LOCATION
|
||||
log ${policyDict}
|
||||
${rescode} UpdatePolicies 1 ${policyDict} v2 update
|
||||
Comment 功能端验证HTTP验证
|
||||
|
||||
@@ -5,6 +5,9 @@ Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
|
||||
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
|
||||
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
|
||||
Resource ../../../02-Keyword/tsg_adc/FileOperation.robot
|
||||
Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot
|
||||
Resource ../../../03-Variable/ApplicationID.txt
|
||||
Resource ../../../05-Other/AllFlowCaseVariable.txt
|
||||
|
||||
*** Test Cases ***
|
||||
SecurityPolicy-Intercept-Ssl-00001
|
||||
@@ -14,7 +17,17 @@ SecurityPolicy-Intercept-Ssl-00001
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List reviewpro Tango Secure Gateway CA
|
||||
... ELSE Create List reviewpro Tango Secure Gateway CA
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
|
||||
Comment 改变安全策略
|
||||
${policyDict} Create Dictionary policyId=${intercept_ssl_policyId} policyName=SecurityPolicy-Intercept-Ssl-00001_1 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} source=${intercept_ssl_objectId2}|TSG_SECURITY_SOURCE_LOCATION filterList=${intercept_ssl_objectId}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=${SSL_ID}
|
||||
log ${policyDict}
|
||||
${rescode} UpdatePolicies 1 ${policyDict} v2 update
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Intercept_SSL_00001.bat
|
||||
... ELSE set variable curl -kv https://www.reviewpro.com/
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List reviewpro Tango Secure Gateway CA
|
||||
... ELSE Create List reviewpro Tango Secure Gateway CA
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
|
||||
SecurityPolicy-Intercept-Ssl-00002
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Intercept_SSL_00002.bat
|
||||
@@ -30,7 +43,13 @@ SecurityPolicy-Intercept-Http-00003
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List 言情小说吧 CA TRUST
|
||||
... ELSE Create List Book
|
||||
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||
|
||||
Comment 改变安全策略
|
||||
${policyDict} Create Dictionary policyName=SecurityPolicy-Intercept-Ssl-00003_1 policyType=tsg_security policyDesc=autotest action=intercept userRegion={"protocol":"SSL","keyring":1727,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} filterList=${intercept_ssl_objectId3}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=${SSL_ID}
|
||||
log ${policyDict}
|
||||
${rescode} UpdatePolicies 1 ${policyDict} v2 update
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Intercept_SSL_00002_2.bat
|
||||
... ELSE set variable curl -kv https://www.xs8.cn/
|
||||
${stringlist} run keyword if '${systemType}'=='Windows' Create List 言情小说吧 CA TRUST
|
||||
SecurityPolicy-Intercept-Ssl-00004
|
||||
Comment 功能端验证HTTP验证
|
||||
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Intercept_SSL_00002_3.bat
|
||||
|
||||
@@ -17,6 +17,7 @@ ${objectids} ${EMPTY}
|
||||
SecurityPolicy-Intercept-Http-00001
|
||||
#删除对象
|
||||
${objectids} set Variable ${intercept_http_objectId}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${intercept_http_objectId1}
|
||||
#删除策略
|
||||
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${intercept_http_policyId}]}
|
||||
${s} Convert to String ${intercept_http_policyId}
|
||||
@@ -32,7 +33,8 @@ SecurityPolicy-Intercept-Http-00002
|
||||
|
||||
SecurityPolicy-Intercept-Http-00003
|
||||
#删除对象
|
||||
#${objectids} set Variable ${intercept_http_objectId1}
|
||||
${objectids} set Variable ${intercept_http_objectId2}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${intercept_http_objectId3}
|
||||
#删除策略
|
||||
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${intercept_http_policyId1}]}
|
||||
${s} Convert to String ${intercept_http_policyId1}
|
||||
@@ -40,7 +42,8 @@ SecurityPolicy-Intercept-Http-00003
|
||||
|
||||
SecurityPolicy-Intercept-Http-00004
|
||||
#删除对象
|
||||
${objectids} set Variable ${intercept_http_objectId2}
|
||||
${objectids} set Variable ${intercept_http_objectId4}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${intercept_http_objectId5}
|
||||
#删除策略
|
||||
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${intercept_http_policyId3}]}
|
||||
${s} Convert to String ${intercept_http_policyId1}
|
||||
|
||||
@@ -17,6 +17,7 @@ ${objectids} ${EMPTY}
|
||||
SecurityPolicy-Intercept-Ssl-00001
|
||||
#删除对象
|
||||
${objectids} set Variable ${intercept_ssl_objectId}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${intercept_ssl_objectId2}
|
||||
#删除策略
|
||||
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${intercept_ssl_policyId}]}
|
||||
${s} Convert to String ${intercept_ssl_policyId}
|
||||
@@ -33,6 +34,7 @@ SecurityPolicy-Intercept-Ssl-00002
|
||||
SecurityPolicy-Intercept-Ssl-00003
|
||||
#删除对象
|
||||
${objectids} set Variable ${intercept_ssl_objectId1}
|
||||
${objectids} Catenate SEPARATOR=, ${objectids} ${intercept_ssl_objectId3}
|
||||
#删除策略
|
||||
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${intercept_ssl_policyId2}]}
|
||||
${s} Convert to String ${intercept_ssl_policyId2}
|
||||
|
||||
Reference in New Issue
Block a user