“demo

2020-04-01 16:34:13 +08:00
parent d4e2800f91
commit 7120606705
1 changed files with 102 additions and 0 deletions
--- a/01-TestCase/tsg_adc/test_demo/AllFlowDemo.robot
+++ b/01-TestCase/tsg_adc/test_demo/AllFlowDemo.robot
@@ -0,0 +1,102 @@
+*** Settings ***
+Test Teardown     DeletePolicyAndObject    ${policyIds}    ${objectids}
+Force Tags        tsg_adc    Demo
+Library           OperatingSystem    
+Library           json
+Library           Collections    
+Resource          ../../../02-Keyword/tsg_adc/SystemCommand.robot
+Resource          ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
+Resource          ../../../02-Keyword/tsg_bfapi/LogVariable.robot
+Resource          ../../../03-Variable/BifangApiVariable.txt
+Resource          ../../../03-Variable/AllFlowCaseVariable.txt
+
+*** Keywords ***   
+create-object-policy
+    [Arguments]    @{flag}
+    #创建对象
+    ${rescode}    ${objectId}    AddObject    { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"SecurityPolicy-HTTPS-Intecept-Demo001dxytest_fqdn_baidu", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"SecurityPolicy-HTTPS-Intecept-Demo001dxytest_fqdn_baidu", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*baidu.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
+    log    ${objectId}
+    ${objectids}    set Variable    ${objectId}    
+    #创建策略
+    ${addPolicyStr}    set variable    {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-DNS-Deny-Redrict-Demo001","policyType":"tsg_security","action":"intercept","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${objectId},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
+    #${addPolicyStr}    run keyword if    '${addTestClentIPFlag}'=='1'    set variable    { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-HTTPS-Intecept-Demo001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":[]},{"objectId":${objectId}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
+    ${addPolicyStr}    run keyword if    '${addTestClentIPFlag}'=='1'    set variable    {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-DNS-Deny-Redrict-Demo001","policyType":"tsg_security","action":"intercept","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":0},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${objectId},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
+    ${rescode}    ${policyId}    AddPolicy    ${addPolicyStr}    
+    log    ${rescode}
+    log    ${policyId}
+    # 区分执行方式
+    ${value}    Run Keyword If    ${flag}==[]    insert_policyId_to_file    SecurityPolicy-SSL-Intecept-Demo001    ${policyId}    ${objectids}            
+                ...    ELSE    Create Dictionary    policyId=${policyId}    objectId=${objectids}    
+    Set Test Variable    ${dict}    ${value}
+        
+function-test
+    # 功能端验证
+    @{stringlist}    set variable    CN=Tango Secure Gateway CA    Content-Type: text/html    value=百度一下
+    ${starttime}    Get Time
+    log    ${curlbatpath}/SecurityPolicy-SSL-Intecept-Demo001.bat
+    Sleep    ${policyVerificationSleepSeconds}s
+    ${commandreturn}    OperatingSystem.Run    ${curlbatpath}/SecurityPolicy-SSL-Intecept-Demo001.bat
+    FOR    ${var}    IN    @{stringlist}
+        log    ${var}
+        Should Contain    ${commandreturn}    ${var}
+    END
+    Sleep    ${policyLogVerificationSleepSeconds}s
+    ${endtime}    Get Time
+    # 区分执行方式    
+    Run Keyword If    ${dict}==${None}    insert_time_to_file    SecurityPolicy-SSL-Intecept-Demo001    ${starttime}    ${endtime}            
+    ...    ELSE    Run Keyword    Set To Dictionary    ${dict}    starttime=${starttime}    endtime=${endtime}
+    
+log-test
+    # 日志验证
+    ${obj}    Run Keyword If    ${dict}==${None}    json.Loads    ${SecurityPolicy-SSL-Intecept-Demo001}
+              ...    ELSE    Set Variable    ${dict}
+    ${policyId}    Set Variable    ${obj}[policyId]
+    ${s}    Convert to String    ${policyId}
+    GetLogList    security_event_log    ${obj}[starttime]    ${obj}[endtime]    ${testClentIP}    ${s}    ssl_sni    baidu.com
+    # 清理测试数据
+    ${policyIds}    Create List    {"policyType":"tsg_security","policyIds":[${policyId}]}
+    DeletePolicyAndObject    ${policyIds}    ${obj}[objectId]
+
+*** Test Cases ***
+SecurityPolicy-DNS-Deny-Redrict-Demo001
+    [Tags]    SecurityPolciy    DNS    DENY    Redirect
+    #登录 放到setup
+    #Login
+    #创建对象fqdn
+    ${rescode}    ${objectId}    AddObject    { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "objectList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "objectType":"fqdn", \ \ \ \ \ \ \ \ \ \ \ \ "objectName":"SecurityPolicy-DNS-Deny-Redrict-Demo001dxytest_fqdn_jd", \ \ \ \ \ \ \ \ \ \ \ \ "objectDesc":"dxytest_fqdn_jd", \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0, \ \ \ \ \ \ \ \ \ \ \ \ "isExclusion":0, \ \ \ \ \ \ \ \ \ \ \ \ "subObjectIds":[], \ \ \ \ \ \ \ \ \ \ \ \ "addItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemName":"item name", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "itemDesc":"item description", \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "keywordArray":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "*jd.com" \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isHexbin":0, \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ "isInitialize":0 \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ } \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "updateItemList":[ \ \ \ \ \ \ \ \ \ \ \ \ ], \ \ \ \ \ \ \ \ \ \ \ \ "deleteItemIds":[ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
+    log    ${objectId}
+    ${objectids}    set Variable    ${objectId}
+    #多个id拼接 
+    #${objectids}    Catenate    SEPARATOR=,	${objectids}	${objectId}    
+    #${objectids}    set Variable    ${objectId}
+    #Catenate    SEPARATOR=,
+    #添加策略
+    ${addPolicyStr}    set variable    {"opAction":"add","returnData":1,"policyList":[{"policyId":"","policyName":"SecurityPolicy-DNS-Deny-Redrict-Demo001","policyType":"tsg_security","action":"deny","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"autotest","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"DNS","method":"redirect","resolution":[{"qtype":"A","answer":[{"atype":"CNAME","value":"www.autotest1A.com","ttl":{"min":30,"max":30}},{"atype":"A","value":"1.1.1.1","ttl":{"min":30,"max":30}}]},{"qtype":"AAAA","answer":[{"atype":"CNAME","value":"www.autotest4A.com","ttl":{"min":40,"max":40}},{"atype":"AAAA","value":"f::a","ttl":{"min":40,"max":40}}]}]},"referenceObject":[{"objectId":112,"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${objectId},"protocolFields":["TSG_FIELD_DNS_QNAME"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[4]}]}
+    ${addPolicyStr}    run keyword if	'${addTestClentIPFlag}'=='1'    set variable    {"opAction":"add","returnData":1,"policyList":[{"policyId":"","policyName":"SecurityPolicy-DNS-Deny-Redrict-Demo001","policyType":"tsg_security","action":"deny","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"autotest","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"DNS","method":"redirect","resolution":[{"qtype":"A","answer":[{"atype":"CNAME","value":"www.autotest1A.com","ttl":{"min":30,"max":30}},{"atype":"A","value":"1.1.1.1","ttl":{"min":30,"max":30}}]},{"qtype":"AAAA","answer":[{"atype":"CNAME","value":"www.autotest4A.com","ttl":{"min":40,"max":40}},{"atype":"AAAA","value":"f::a","ttl":{"min":40,"max":40}}]}]},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${objectId},"protocolFields":["TSG_FIELD_DNS_QNAME"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[4]}]}
+    ${rescode}    ${policyId}    AddPolicy    ${addPolicyStr}
+    log    ${policyId}
+    #Integer    ${rescode}    200
+    #目前只有一个所以无拼接
+    ${policyIds}    Create List    {"policyType":"tsg_security","policyIds":[${policyId}]}
+    #注意如果时多个policyId或者多个ObjectID需要拼接成,号分割的串，或者拼在下面即可
+     #功能端验证
+    ${commandstr}    set variable    nslookup -d www.jd.com
+    @{stringlist}    set variable    canonical name = www.autotest1A.com    ttl = 30 (30 secs)    internet address = 1.1.1.1    canonical name = www.autotest4A.com    ttl = 40 (40 secs)    AAAA IPv6 address = f::a
+    ${starttime}    Get Time
+    Sleep    ${policyVerificationSleepSeconds}s
+    ${rescode}    SystemCommand    ${commandstr}    @{stringlist}
+    Sleep    ${policyLogVerificationSleepSeconds}s
+    ${endtime}    Get Time
+    log    ${rescode}
+    ${s}    Convert to String    ${policyId}
+    GetLogList    security_event_log    ${starttime}    ${endtime}    ${testClentIP}    ${s}    dns_qname    www.jd.com
+
+
+SecurityPolicy-SSL-Intecept-Demo001
+    [Tags]    SecurityPolciy    SSL    Intercept    HTTPS
+    Run Keyword If    '${testPart}'=='all'    Run Keywords    create-object-policy    True
+                                              ...    AND    function-test
+                                              ...    AND    log-test
+    ...    ELSE IF    ${testPart}==1    Run Keyword    create-object-policy
+    ...    ELSE IF    ${testPart}==2    Run Keyword    function-test
+    ...    ELSE IF    ${testPart}==3    Run Keyword    log-test