分离http策略文件

2020-06-23 21:01:46 +08:00
parent 8acd8b435e
commit 7e734d1636
1 changed files with 220 additions and 0 deletions
--- a/01-TestCase/tsg_adc/multi_step/a_Deny_Http_Tests.robot
+++ b/01-TestCase/tsg_adc/multi_step/a_Deny_Http_Tests.robot
@@ -0,0 +1,220 @@
+*** Settings ***
+Force Tags        tsg_adc_wp    adc_api    security_policy
+Library           OperatingSystem
+Resource          ../../../02-Keyword/tsg_adc/SystemCommand.robot
+Resource          ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
+Resource          ../../../02-Keyword/tsg_bfapi/LogVariable.robot
+Resource          ../../../02-Keyword/tsg_adc/FileOperation.robot
+Resource          ../../../02-Keyword/tsg_adc/FileOperation.robot
+
+*** Variables ***
+${url}            /v1/policy/profile/responsepages
+
+*** Test Cases ***
+SecurityPolicy-Deny-Http-00001
+    [Tags]    fqdn
+    Comment    创建fqdn
+    ${objectDict}    Create Dictionary    objectType=fqdn    isValid=${1}    addItemList=$webalta.ru
+    ${rescode}    ${objectId}    AddObject2    ${1}    ${objectDict}
+    Comment    创建安全策略
+    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Deny-Http-00001    policyType=tsg_security    policyDesc=autotest    action=deny    userRegion={"protocol":"HTTP","method":"drop"}    referenceObject=${objectId}|TSG_FIELD_HTTP_HOST    isValid=${1}    appObjectIdArray=2
+    log    ${policyDict}
+    ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
+    insert_policyId_to_file1    deny_http_objectId    ${objectId}
+    insert_policyId_to_file1    deny_http_policyId    ${policyId}
+
+SecurityPolicy-Deny-Http-00002
+    [Tags]    cat
+    Comment    创建cat
+    ${objectDict}    Create Dictionary    objectType=fqdn_category    isValid=${1}    addItemList=*nymbler.com
+    ${rescode}    ${objectId}    AddObject2    ${1}    ${objectDict}
+    Comment    创建安全策略
+    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Deny-Http-00002    policyType=tsg_security    policyDesc=autotest    action=deny    userRegion={"protocol":"HTTP","method":"rst"}    referenceObject=${objectId}|TSG_FIELD_HTTP_HOST    isValid=${1}    appObjectIdArray=2
+    log    ${policyDict}
+    ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
+    insert_policyId_to_file1    deny_http_objectId1    ${objectId}
+    insert_policyId_to_file1    deny_http_policyId1    ${policyId}
+
+SecurityPolicy-Deny-Http-00003
+    [Tags]    url
+    Comment    创建url
+    ${objectDict}    Create Dictionary    objectType=url    isValid=${1}    addItemList=*/news/,$http://www.icbc.com.cn/icbc/,www.gotohoroscope*,indexv
+    ${rescode}    ${objectId}    AddObject2    ${1}    ${objectDict}
+    #创建引用文件
+    ${response}    CreatePolicyFile2    ${url}    ${responsePageFiles}    404english.html    resPages
+    ${profiledId}    Get From Dictionary    ${response}    profileId
+    Comment    创建安全策略
+    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Deny-Http-00003    policyType=tsg_security    policyDesc=autotest    action=deny    userRegion={"protocol":"HTTP","method":"block","code":403,"html_profile":${profiledId}}    referenceObject=${objectId}|TSG_FIELD_HTTP_URL    isValid=${1}    appObjectIdArray=2
+    log    ${policyDict}
+    ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
+    insert_policyId_to_file1    deny_http_objectId2    ${objectId}
+    insert_policyId_to_file1    deny_http_policyId2    ${policyId}
+    insert_policyId_to_file1    deny_http_profiledId    ${profiledId}
+
+SecurityPolicy-Deny-Http-00004
+    [Tags]    请求头
+    Comment    创建请求头
+    ${objectDict}    Create Dictionary    objectType=http_signature    isValid=${1}    addItemList=Mozilla/5.0*|User-Agent
+    ${rescode}    ${objectId}    AddObject2    ${1}    ${objectDict}
+    Comment    创建安全策略
+    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Deny-Http-00004    policyType=tsg_security    policyDesc=autotest    action=deny    userRegion={"protocol":"HTTP","method":"block","code":404,"message":"yyyyy"}    referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR    isValid=${1}    appObjectIdArray=2
+    log    ${policyDict}
+    ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
+    insert_policyId_to_file1    deny_http_objectId3    ${objectId}
+    insert_policyId_to_file1    deny_http_policyId3    ${policyId}
+
+SecurityPolicy-Deny-Http-00005
+    [Tags]    请求头
+    Comment    创建请求头
+    ${objectDict}    Create Dictionary    objectType=http_signature    isValid=${1}    addItemList=$Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36|User-Agent
+    ${rescode}    ${objectId}    AddObject2    ${1}    ${objectDict}
+    Comment    创建安全策略
+    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Deny-Http-00005    policyType=tsg_security    policyDesc=autotest    action=deny    userRegion={"protocol":"HTTP","method":"drop"}    referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR    isValid=${1}    appObjectIdArray=2
+    log    ${policyDict}
+    ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
+    insert_policyId_to_file1    deny_http_objectId4    ${objectId}
+    insert_policyId_to_file1    deny_http_policyId4    ${policyId}
+
+SecurityPolicy-Deny-Http-00006
+    [Tags]    请求头
+    Comment    创建请求头
+    ${objectDict}    Create Dictionary    objectType=http_signature    isValid=${1}    addItemList=AppleWebKit|User-Agent
+    ${rescode}    ${objectId}    AddObject2    ${1}    ${objectDict}
+    Comment    创建安全策略
+    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Deny-Http-00006    policyType=tsg_security    policyDesc=autotest    action=deny    userRegion={"protocol":"HTTP","method":"alert","code":200,"message":"网站被阻断"}    referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR    isValid=${1}    appObjectIdArray=2
+    log    ${policyDict}
+    ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
+    insert_policyId_to_file1    deny_http_objectId5    ${objectId}
+    insert_policyId_to_file1    deny_http_policyId5    ${policyId}
+
+SecurityPolicy-Deny-Http-00007
+    [Tags]    请求头
+    Comment    创建请求头
+    ${objectDict}    Create Dictionary    objectType=http_signature    isValid=${1}    addItemList=*Safari/537.36|User-Agent
+    ${rescode}    ${objectId}    AddObject2    ${1}    ${objectDict}
+    #创建引用文件
+    ${response}    CreatePolicyFile2    ${url}    ${responsePageFiles}    404china.html    resPages
+    ${profiledId}    Get From Dictionary    ${response}    profileId
+    Comment    创建安全策略
+    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Deny-Http-00007    policyType=tsg_security    policyDesc=autotest    action=deny    userRegion={"protocol":"HTTP","method":"alert","code":200,"html_profile":${profiledId}}    referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR    isValid=${1}    appObjectIdArray=2
+    log    ${policyDict}
+    ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
+    insert_policyId_to_file1    deny_http_objectId6    ${objectId}
+    insert_policyId_to_file1    deny_http_policyId6    ${policyId}
+    insert_policyId_to_file1    deny_http_profiledId1    ${profiledId}
+
+SecurityPolicy-Deny-Http-00008
+    [Tags]    应答头
+    Comment    创建应答头
+    ${objectDict}    Create Dictionary    objectType=http_signature    isValid=${1}    addItemList=*utf-8|Content-Type
+    ${rescode}    ${objectId}    AddObject2    ${1}    ${objectDict}
+    Comment    创建安全策略
+    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Deny-Http-00008    policyType=tsg_security    policyDesc=autotest    action=deny    userRegion={"protocol":"HTTP","method":"rst"}    referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR    isValid=${1}    appObjectIdArray=2
+    log    ${policyDict}
+    ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
+    insert_policyId_to_file1    deny_http_objectId7    ${objectId}
+    insert_policyId_to_file1    deny_http_policyId7    ${policyId}
+
+SecurityPolicy-Deny-Http-00009
+    [Tags]    应答头
+    Comment    创建应答头
+    ${objectDict}    Create Dictionary    objectType=http_signature    isValid=${1}    addItemList=$text/html; charset=utf-8|Content-Type
+    ${rescode}    ${objectId}    AddObject2    ${1}    ${objectDict}
+    Comment    创建安全策略
+    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Deny-Http-00009    policyType=tsg_security    policyDesc=autotest    action=deny    userRegion={"protocol":"HTTP","method":"alert","code":204,"message":"123456"}    referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR    isValid=${1}    appObjectIdArray=2
+    log    ${policyDict}
+    ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
+    insert_policyId_to_file1    deny_http_objectId8    ${objectId}
+    insert_policyId_to_file1    deny_http_policyId8    ${policyId}
+
+SecurityPolicy-Deny-Http-00010
+    [Tags]    应答头
+    Comment    创建应答头
+    ${objectDict}    Create Dictionary    objectType=http_signature    isValid=${1}    addItemList=html|Content-Type
+    ${rescode}    ${objectId}    AddObject2    ${1}    ${objectDict}
+    #创建引用文件
+    ${response}    CreatePolicyFile2    ${url}    ${responsePageFiles}    404english.html    resPages
+    ${profiledId}    Get From Dictionary    ${response}    profileId
+    Comment    创建安全策略
+    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Deny-Http-00010    policyType=tsg_security    policyDesc=autotest    action=deny    userRegion={"protocol":"HTTP","method":"alert","code":204,"html_profile":${profiledId}}    referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR    isValid=${1}    appObjectIdArray=2
+    log    ${policyDict}
+    ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
+    insert_policyId_to_file1    deny_http_objectId9    ${objectId}
+    insert_policyId_to_file1    deny_http_policyId9    ${policyId}
+    insert_policyId_to_file1    deny_http_profiledId2    ${profiledId}
+
+SecurityPolicy-Deny-Http-00011
+    [Tags]    应答头
+    Comment    创建应答头
+    ${objectDict}    Create Dictionary    objectType=http_signature    isValid=${1}    addItemList=text*|Content-Type
+    ${rescode}    ${objectId}    AddObject2    ${1}    ${objectDict}
+    #创建引用文件
+    ${response}    CreatePolicyFile2    ${url}    ${responsePageFiles}    404english.html    resPages
+    ${profiledId}    Get From Dictionary    ${response}    profileId
+    Comment    创建安全策略
+    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Deny-Http-00011    policyType=tsg_security    policyDesc=autotest    action=deny    userRegion={"protocol":"HTTP","method":"block","code":404,"html_profile":${profiledId}}    referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR    isValid=${1}    appObjectIdArray=2
+    log    ${policyDict}
+    ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
+    insert_policyId_to_file1    deny_http_objectId10    ${objectId}
+    insert_policyId_to_file1    deny_http_policyId10    ${policyId}
+    insert_policyId_to_file1    deny_http_profiledId3    ${profiledId}
+
+SecurityPolicy-Deny-Http-00012
+    [Tags]    cookie
+    Comment    创建cookie
+    ${objectDict}    Create Dictionary    objectType=http_signature    isValid=${1}    addItemList=_ym_isad=2|Cookie
+    ${rescode}    ${objectId}    AddObject2    ${1}    ${objectDict}
+    Comment    创建安全策略
+    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Deny-Http-00012    policyType=tsg_security    policyDesc=autotest    action=deny    userRegion={"protocol":"HTTP","method":"block","code":404,"message":"马上到周末"}    referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR    isValid=${1}    appObjectIdArray=2
+    log    ${policyDict}
+    ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
+    insert_policyId_to_file1    deny_http_objectId11    ${objectId}
+    insert_policyId_to_file1    deny_http_policyId11    ${policyId}
+
+SecurityPolicy-Deny-Http-00013
+    [Tags]    set-cookie
+    Comment    创建set-cookie
+    ${objectDict}    Create Dictionary    objectType=http_signature    isValid=${1}    addItemList=$startDate=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xiaozhu.com|Set-Cookie,*httponly|Set-Cookie,domain=.kiss.ru|Set-Cookie,*oKD0_802a|Set-Cookie
+    ${rescode}    ${objectId}    AddObject2    ${1}    ${objectDict}
+    Comment    创建安全策略
+    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Deny-Http-00013    policyType=tsg_security    policyDesc=autotest    action=deny    userRegion={"protocol":"HTTP","method":"alert","code":200,"message":"Главная страница"}    referenceObject=${objectId}|TSG_FIELD_SSL_SAN,${objectId}|TSG_FIELD_SSL_SNI,${objectId}|TSG_FIELD_SSL_CN    isValid=${1}    appObjectIdArray=2
+    log    ${policyDict}
+    ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
+    insert_policyId_to_file1    deny_http_objectId12    ${objectId}
+    insert_policyId_to_file1    deny_http_policyId12    ${policyId}
+
+SecurityPolicy-Deny-Http-00014
+    [Tags]    请求体
+    Comment    创建请求体
+    ${objectDict}    Create Dictionary    objectType=fqdn    isValid=${1}    addItemList=*mail.ru
+    ${rescode}    ${objectId}    AddObject2    ${1}    ${objectDict}
+    Comment    创建安全策略
+    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Deny-Http-00014    policyType=tsg_security    policyDesc=autotest    action=deny    userRegion={"protocol":"SSL","method":"drop"}    referenceObject=${objectId}|TSG_FIELD_SSL_SAN,${objectId}|TSG_FIELD_SSL_SNI,${objectId}|TSG_FIELD_SSL_CN    isValid=${1}    appObjectIdArray=2
+    log    ${policyDict}
+    ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
+    insert_policyId_to_file1    deny_http_objectId13    ${objectId}
+    insert_policyId_to_file1    deny_http_policyId13    ${policyId}
+
+SecurityPolicy-Deny-Http-00015
+    [Tags]    应答体
+    Comment    创建应答体
+    ${objectDict}    Create Dictionary    objectType=fqdn    isValid=${1}    addItemList=*mail.ru
+    ${rescode}    ${objectId}    AddObject2    ${1}    ${objectDict}
+    Comment    创建安全策略
+    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Deny-Http-00015    policyType=tsg_security    policyDesc=autotest    action=deny    userRegion={"protocol":"SSL","method":"drop"}    referenceObject=${objectId}|TSG_FIELD_SSL_SAN,${objectId}|TSG_FIELD_SSL_SNI,${objectId}|TSG_FIELD_SSL_CN    isValid=${1}    appObjectIdArray=2
+    log    ${policyDict}
+    ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
+    insert_policyId_to_file1    deny_http_objectId14    ${objectId}
+    insert_policyId_to_file1    deny_http_policyId14    ${policyId}
+
+SecurityPolicy-Deny-Http-00016
+    [Tags]    最大组合
+    Comment    创建fqdn
+    ${objectDict}    Create Dictionary    objectType=fqdn    isValid=${1}    addItemList=*mail.ru
+    ${rescode}    ${objectId}    AddObject2    ${1}    ${objectDict}
+    Comment    创建安全策略
+    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Deny-Http-00016    policyType=tsg_security    policyDesc=autotest    action=deny    userRegion={"protocol":"SSL","method":"drop"}    referenceObject=${objectId}|TSG_FIELD_SSL_SAN,${objectId}|TSG_FIELD_SSL_SNI,${objectId}|TSG_FIELD_SSL_CN    isValid=${1}    appObjectIdArray=2
+    log    ${policyDict}
+    ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
+    insert_policyId_to_file1    deny_http_objectId15    ${objectId}
+    insert_policyId_to_file1    deny_http_policyId15    ${policyId}