添加修改策略

2020-05-15 18:32:50 +08:00
parent 011bd85d7c
commit a6a3150559
1 changed files with 57 additions and 0 deletions
--- a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Hijack_Ssl_Tests.robot
+++ b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Hijack_Ssl_Tests.robot
@@ -824,3 +824,60 @@ ProxyPolicy-Hijack-Ssl-00021
    #日志验证
    ${s}    Convert to String    ${policyId3}
    GetLogList    proxy_event_log    ${starttime}    ${endtime}    ${testClentIP}    ${s}    http_host    open.node.com
 ProxyPolicy-Hijack-Ssl-00022
    [Tags]    selfserver    ssl    hijack    修改
    Comment    创建set-cookie
    ${objectDict}    Create Dictionary    objectType=http_signature    isValid=${1}    addItemList=*HttpOnly|Set-Cookie
    ${rescode}    ${objectId}    AddObject2    ${1}    ${objectDict}
    ${objectids}    set Variable    ${objectId}
    Comment    创建url
    ${objectDict}    Create Dictionary    objectType=url    isValid=${1}    addItemList=open
    ${rescode}    ${object_url_Id}    AddObject2    ${1}    ${objectDict}
    ${objectids}    Catenate    SEPARATOR=,    ${objectids}    ${object_url_Id}
    Comment    创建hijack文件
    ${response}    CreatePolicyFile2    ${url}    ${path}/hijack_files/    Create-Hijack Files-test-3.html    hijack
    ${profiledId}    Get From Dictionary    ${response}    profileId
    Comment    创建请求头
    ${objectDict}    Create Dictionary    objectType=http_signature    isValid=${1}    addItemList=Chrome|User-Agent
    ${rescode}    ${object_rq_Id}    AddObject2    ${1}    ${objectDict}
    ${objectids}    Catenate    SEPARATOR=,    ${objectids}    ${object_rq_Id}
    Comment    创建安全策略
    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Intercept-HTTP-00001    policyType=tsg_security    policyDesc=autotest    userTags=    action=intercept    effectiveRange=    userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}}    referenceObject=    isValid=${1}    appObjectIdArray=3
    ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
    #删除策略
    ${policyId1}    set Variable    {"policyType":"tsg_security","policyIds":[${policyId}]}
    ${policyIds}    Create List    ${policyId1}
    Comment    创建管控策略
    ${policyDict}    Create Dictionary    policyName=proxyPolicy-Hijack-SSL-00022    policyType=pxy_manipulation    policyDesc=autotest    userTags=    action=manipulation    effectiveRange=    userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"}    isValid=${1}    appObjectIdArray=2    referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL
    ${rescode}    ${policyId3}    AddPolicy2    ${1}    ${policyDict}
    #删除策略
    ${policyId2}    set Variable    {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
    ${policyIds}    Create List    ${policyId1}    ${policyId2}
    Comment    功能端验证HTTP验证
    ${commandstr}    run keyword if    '${systemType}'=='Windows'    set variable    ${curlbatpath}/selfserver/proxyPolicy-Deny-SSL-00017.bat
    ...    ELSE    set variable    curl -kv https://open.node.com/
    @{stringlist}    run keyword if    '${systemType}'=='Windows'    Create List    控制小蛇在地图范围内移动    Tango Secure Gateway CA    X-TG-Construct-By
    ...    ELSE    Create List    控制小蛇在地图范围内移动    Tango Secure Gateway CA    X-TG-Construct-By
    ${starttime}    Get Time
    Sleep    ${policyVerificationSleepSeconds}s
    ${rescode}    SystemCommand    ${commandstr}    @{stringlist}
    Sleep    ${policyLogVerificationSleepSeconds}s
    ${endtime}    Get Time
    #日志验证
    ${s}    Convert to String    ${policyId3}
    GetLogList    proxy_event_log    ${starttime}    ${endtime}    ${testClentIP}    ${s}    http_host    open.node.com
    Comment    修改策略
    ${policyDict}    Create Dictionary    policyName=proxyPolicy-Hijack-SSL-00022    policyType=pxy_manipulation    policyDesc=autotest    userTags=    action=manipulation    effectiveRange=    userRegion={"method":"hijack","hijack_profile":${profiledId},"protocol":"HTTP"}    isValid=${1}    appObjectIdArray=2    referenceObject=${object_rq_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_url_Id}|TSG_FIELD_HTTP_URL    policyId=${policyId3}
    ${rescode}    ${policyId3}    EditPolicy    ${policyDict}    update
    ${commandstr}    run keyword if    '${systemType}'=='Windows'    set variable    ${curlbatpath}/selfserver/ProxyPolicy-Deny-SSL-0008.bat
    ...    ELSE    set variable    curl -kv --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'https://www.baidu.com/' \ https://open.node.com
    @{stringlist}    run keyword if    '${systemType}'=='Windows'    Create List    控制小蛇在地图范围内移动    Tango Secure Gateway CA    X-TG-Construct-By
    ...    ELSE    Create List    控制小蛇在地图范围内移动    Tango Secure Gateway CA    X-TG-Construct-By
    Sleep    ${policyVerificationSleepSeconds}s
    ${rescode}    SystemCommand    ${commandstr}    @{stringlist}
    Sleep    ${policyLogVerificationSleepSeconds}s
    ${endtime}    Get Time
    #日志验证
    GetLogList    proxy_event_log    ${starttime}    ${endtime}    ${testClentIP}    ${s}    http_host    open.node.com