diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_SSL_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_SSL_Tests.robot new file mode 100644 index 0000000..b26e6c2 --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_SSL_Tests.robot @@ -0,0 +1,97 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc Security_Policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Resource ../../../../03-Variable/AllFlowCaseVariable.txt + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} + +*** Test Cases *** +SecurityPolicy-Allow-SSL-00001 + [Tags] Selfserver SSL ip Allow + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00001 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion=protocol:SSL referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/rutube/rutube.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List видео + ... ELSE Create List рутуб + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Allow-SSL-00002 + [Tags] Selfserver SSL ip+cat完整匹配 Allow + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment FQDN + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=$open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId},${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00002 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion=protocol:SSL referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/twitter/twitter.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Twitter + ... ELSE Create List 新鲜事一网打尽 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com + +SecurityPolicy-Allow-SSL-00003 + [Tags] Selfserver SSL ip+fqdn右匹配 Allow + Comment 创建目标IP + ${objectDict} Create Dictionary objectType=ip isValid=${1} addItemList=CIDR|192.168.100.5|32|0/0 + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId} + Comment FQDN + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*open.node.com + ${rescode} ${object_fqdn_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${objectId},${object_fqdn_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-SSL-00003 policyType=tsg_security policyDesc=autotest userTags= action=allow effectiveRange= userRegion=protocol:SSL referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0003.bat + ... ELSE set variable curl \ -kv \ https://open.node.com/test/bytedance/bytedance.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 字节跳动 + ... ELSE Create List 字节跳动 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com