gfwleak/dongxiaoyan-tsg-autotest
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

删除结果作为整个json串判断,更改分步骤支持的策略删除

Browse Source
This commit is contained in:
dongxiaoyan
2020-04-02 19:50:46 +08:00
parent e1e04798ad
commit 71f7287b64
3 changed files with 46 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
01-TestCase/tsg_adc/test_demo/AllFlowDemo.robot
View File

@@ -10,6 +10,10 @@ Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../03-Variable/BifangApiVariable.txt
Resource ../../../03-Variable/AllFlowCaseVariable.txt
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Keywords ***
create-object-policy
[Arguments] @{flag}
@@ -18,10 +22,10 @@ create-object-policy
log ${objectId}
${objectids} set Variable ${objectId}
#创建策略
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-DNS-Deny-Redrict-Demo001","policyType":"tsg_security","action":"intercept","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${objectId},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
#${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable { \ \ \ \ "opAction":"add", \ \ \ \ "returnData":1, \ \ \ \ "policyList":[ \ \ \ \ \ \ \ \ { \ \ \ \ \ \ \ \ \ \ \ \ "policyId":"", \ \ \ \ \ \ \ \ \ \ \ \ "isValid":1, \ \ \ \ \ \ \ \ \ \ \ \ "policyName":"SecurityPolicy-HTTPS-Intecept-Demo001", \ \ \ \ \ \ \ \ \ \ \ \ "policyType":"tsg_security", \ \ \ \ \ \ \ \ \ \ \ \ "action":"intercept", \ \ \ \ \ \ \ \ \ \ \ \ "userTags":"", \ \ \ \ \ \ \ \ \ \ \ \ "doBlacklist":0, \ \ \ \ \ \ \ \ \ \ \ \ "doLog":1, \ \ \ \ \ \ \ \ \ \ \ \ "userRegion":{ \ \ \ \ \ \ \ \ \ \ \ \ \ "protocol":"SSL", \ \ \ \ "protocol_version":{"allow_http2":1, \ \ \ \ \ \ \ \ \ \ "min":"ssl3", \ \ \ \ \ \ \ \ \ "max":"tls13", \ \ \ \ \ \ \ \ \ "mirror_client":1}, \ \ \ \ "dynamic_bypass":{"mutual_authentication":1, \ \ \ \ "cert_pinning":1,"cert_transparency":0, \ \ \ \ "protocol_errors":1,"ev_cert":0}, \ \ \ \ "decrypt_mirror":{"enable":0}, \ \ \ \ "certificate_checks":{"fail_action":"pass-through", \ \ \ \ "approach":{"self-signed":1, \ \ \ \ "expiration":1, \ \ \ \ "cn":1, \ \ \ \ "issuer":1}}, \ \ \ \ "keyring":1}, \ \ \ \ \ \ \ \ \ \ \ \ "referenceObject":[{"objectId":${testClentID},"protocolFields":[]},{"objectId":${objectId}, \ \ \ \ \ \ \ \ "protocolFields":["TSG_FIELD_SSL_SNI"]}], \ \ \ \ \ \ \ \ \ \ \ \ "scheduleId":[ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ ] \ \ \ \ \ \ \ \ } \ \ \ \ ] }
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-DNS-Deny-Redrict-Demo001","policyType":"tsg_security","action":"intercept","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":0},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${objectId},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-SSL-Intecept-Demo001","policyType":"tsg_security","action":"intercept","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${objectId},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-SSL-Intecept-Demo001","policyType":"tsg_security","action":"intercept","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":0,"protocol_errors":0,"cert_pinning":0},"certificate_checks":{"approach":{"cn":0,"issuer":0,"self-signed":0,"expiration":0},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":0},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${objectId},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
${rescode} ${policyId} AddPolicy ${addPolicyStr}
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
log ${rescode}
log ${policyId}
# 区分执行方式
@@ -54,8 +58,8 @@ log-test
${s} Convert to String ${policyId}
GetLogList security_event_log ${obj}[starttime] ${obj}[endtime] ${testClentIP} ${s} ssl_sni baidu.com
# 清理测试数据
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
DeletePolicyAndObject ${policyIds} ${obj}[objectId]
#${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}
# DeletePolicyAndObject ${policyIds} ${obj}[objectId]
*** Test Cases ***
SecurityPolicy-DNS-Deny-Redrict-Demo001
@@ -100,3 +104,34 @@ SecurityPolicy-SSL-Intecept-Demo001
... ELSE IF ${testPart}==1 Run Keyword create-object-policy
... ELSE IF ${testPart}==2 Run Keyword function-test
... ELSE IF ${testPart}==3 Run Keyword log-test
SecurityPolicy-SSL-Intecept-Demo002
[Tags] SecurityPolciy SSL Intercept HTTPS HTTP-SSL
#因为只选择app协议时要求选择IP所有如果测试机IP不是默认对象时需要添加测试机ip作为条件
${localIP} set variable {"opAction":"add","returnData":1,"objectList":{"objectType":"ip","objectSubType":"endpoint","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"autotestLocalIPObject_SecurityPolicy-SSL-Intecept-Demo002","objectDesc":"LocalIPObject_SecurityPolicy-SSL-Intecept-Demo002自动化测试机IP","subObjectIds":[],"addItemList":[{"addrType":4,"protocol":0,"direction":0,"isSession":"endpoint","clientIp1":"${testClentIP}","clientIp2":"${testClentIP}","clientIpFormat":"range","clientPortFormat":"range","clientPort1":0,"clientPort2":0,"serverIpFormat":"range","serverIp1":"","serverIp2":"","serverPortFormat":"range","serverPort1":0,"serverPort2":0}],"updateItemList":[],"deleteItemIds":[]}}
${rescodeip} ${objidip} AddObject ${localIP}
${objectids} set Variable ${objidip}
#创建策略
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-SSL-Intecept-Demo002","policyType":"tsg_security","action":"intercept","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":1,"protocol_errors":1,"cert_pinning":1},"certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${objidip},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2,3]}}
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-SSL-Intecept-Demo002","policyType":"tsg_security","action":"intercept","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1,"dynamic_bypass":{"ev_cert":0,"cert_transparency":0,"mutual_authentication":1,"protocol_errors":1,"cert_pinning":1},"certificate_checks":{"approach":{"cn":1,"issuer":1,"self-signed":1,"expiration":1},"fail_action":"pass-through"},"protocol_version":{"min":"ssl3","max":"tls13","mirror_client":1,"allow_http2":1},"decrypt_mirror":{"enable":0,"mirror_profile":null}},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2,3]}}
${rescode} ${policyId} AddPolicy ${addPolicyStr}
#功能端验证
# 区分执行方式
@{stringlist} set variable CN=Tango Secure Gateway CA Content-Type: text/html value=百度一下
${starttime} Get Time
Sleep ${policyVerificationSleepSeconds}s
${commandreturn} OperatingSystem.Run ${curlbatpath}/SecurityPolicy-SSL-Intecept-Demo001.bat
FOR ${var} IN @{stringlist}
log ${var}
Should Contain ${commandreturn} ${var}
END
Sleep ${policyLogVerificationSleepSeconds}s
${endtime} Get Time
# 区分执行方式
# 日志验证
${s} Convert to String ${policyId}
GetLogList security_event_log ${obj}[starttime] ${obj}[endtime] ${testClentIP} ${s} ssl_sni baidu.com
# 清理测试数据
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]}

8
02-Keyword/tsg_bfapi/PolicyObject.robot
View File

@@ -19,7 +19,7 @@ DelLocalIPObject
log to_DelLocalIPObject
${response} BaseDeleteRequest /v1/policy/object {"objectIds":[${testClentID}]}
#${response_code} Get From Dictionary ${response} code
Should Be Equal As Strings ${response} {'code': 200, 'msg': 'Success', 'success': True}
#Should Be Equal As Strings ${response} {'code': 200, 'msg': 'Success', 'success': True}
SET GLOBAL VARIABLE ${testClentID} ${EMPTY}
AddObject
@@ -80,7 +80,8 @@ DeletePolicy
${response_code} Get From Dictionary ${response} code
Should Be Equal As Strings ${response_code} 200
${response} Convert to String ${response}
Should Be Equal As Strings ${response} {'code': 200, 'msg': 'Success', 'success': True}
log ${response}
#Should Be Equal As Strings ${response} {'code': 200, 'msg': 'Success', 'success': True}
DeleteObject
[Arguments] ${objectids}
@@ -92,7 +93,8 @@ DeleteObject
Should Be Equal As Strings ${response_code} 200
#Integer ${response_code} 200
${response} Convert to String ${response}
Should Be Equal As Strings ${response} {'code': 200, 'msg': 'Success', 'success': True}
log ${response}
#Should Be Equal As Strings ${response} {'code': 200, 'msg': 'Success', 'success': True}
DeletePolicyAndObject
[Arguments] ${policyids} ${objectids}

2
02-Keyword/tsg_bfapi/Tag.robot
View File

@@ -27,7 +27,7 @@ ApiDeleteTags
${response_code} Get From Dictionary ${response} code
Should Be Equal As Strings ${response_code} 200
${response} Convert to String ${response}
Should Be Equal As Strings ${response} {'code': 200, 'msg': 'Success', 'success': True}
#Should Be Equal As Strings ${response} {'code': 200, 'msg': 'Success', 'success': True}
ApiAddAutoTagsCase
#ApiAddTags#################################################################################