调整策略拼接适应主动策略部分，主动策略部分为添加功能端验证尝试中

2020-04-24 18:44:07 +08:00
parent bc2db50a84
commit ae2ecc414d
3 changed files with 132 additions and 4 deletions
--- a/01-TestCase/zjj/ZDFY_ActiveDefencePolicy.robot
+++ b/01-TestCase/zjj/ZDFY_ActiveDefencePolicy.robot
@@ -0,0 +1,123 @@
+*** Settings ***
+Test Teardown     DeletePolicyAndObject    ${policyIds}    ${objectids}    
+Force Tags        zjj    Security_Policy    Active_Defence_Policy
+Library           OperatingSystem
+Resource          ../../02-Keyword/tsg_adc/SystemCommand.robot
+Resource          ../../02-Keyword/tsg_bfapi/PolicyObject.robot
+Resource          ../../02-Keyword/tsg_bfapi/LogVariable.robot
+Resource          ../../03-Variable/PolicyObjectDefault.txt
+Resource          ../../02-Keyword/tsg_common/StmpHandle.robot
+Resource          ../../03-Variable/BifangApiVariable.txt
+Resource          ../../02-Keyword/tsg_bfapi/Common.robot
+Library           Custometest
+Library           json
+
+*** Variables ***
+${policyIds}      ${EMPTY}
+${objectids}      ${EMPTY}
+${url}            /policy/profile/responsepages
+${profiledId}     ${EMPTY}
+${target_ip}    10.3.22.199    
+#  无DHCP，需要手动设置IP，可用地址段: 10.3.22.[129-254],  掩码: 255.255.255.0,  DNS服务器: 10.3.22.11。
+*** Test Cases ***
+ZDFY_ActiveDefencePolicy-Flood-00001   
+    [Tags]	flood	
+     
+    ${caseName}    set variable    ZDFY_ActiveDefencePolicy-Flood-00001 
+    Comment    claimed_src_ip_profile_id
+    ${response}    BasePostRequest    /v1/policy/profile/claimedsrcip   body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":"autotest"}]}
+    ${claimed_src_ip_profile_id}    Set Variable     ${response['data']['list'][0]['profileId']}
+    
+    Comment    创建带主动策略Flood
+    ${policyDict}    Create Dictionary
+			   ...    policyName=${caseName}
+		   	   ...    policyType=active_defence
+               ...    policyDesc=${caseName}   
+           	   ...    action=activeDefence
+           	   ...    effectiveRange=${Default_EffectiveRange}
+           	   ...    userRegion={"method":"flood","l4_protocol":"TCP","target_ip":"${target_ip}","target_port":1234,"rate_pps":1,"claimed_src_ip_profile_id":${claimed_src_ip_profile_id}}
+           	   ...    referenceObject=
+           	   ...    isValid=1
+           	   ...    appObjectIdArray=${2}
+               ...    userTags=${Default_UserTags} 
+               ...    doLog=${Default_DoLog}
+               ...    scheduleId=${Default_ScheduleId}
+    ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
+    ${s}    Convert to String    ${policyId}
+    ${policyIds}    Create List    {"policyType":"active_defence","policyIds":[${policyId}]}  
+       
+
+ZDFY_ActiveDefencePolicy-Reflection-00001
+    [Tags]	reflection    
+    ${caseName}    set variable    ZDFY_ActiveDefencePolicy-Reflection-00001   
+    Comment    claimed_src_ip_profile_id
+    ${response}    BasePostRequest    /v1/policy/profile/reflector   body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.11"],"isValid":1,"profileDesc":"autotest"}]}
+    ${reflector_profile_id}    Set Variable     ${response['data']['list'][0]['profileId']} 
+    ${response}    BasePostRequest    /v1/policy/profile/reflector/payload   body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","reflectorType":"dns","payload":"zasBAAABAAAAAAAABHRlc3QDY29tAAD/AAE=","isValid":1,"profileDesc":""}]}
+    #${response}    BasePostRequest    /v1/policy/profile/reflector/payload   body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","reflectorPayload":"dns","payload":"zasBAAABAAAAAAAABHRlc3QDY29tAAD/AAE=","isValid":1,"profileDesc":""}]}    
+    ${payload_profile_id}    Set Variable     ${response['data']['list'][0]['profileId']} 
+    Comment    创建策略reflection
+    ${policyDict}    Create Dictionary
+			   ...    policyName=${caseName}
+		   	   ...    policyType=active_defence
+               ...    policyDesc=${caseName}   
+           	   ...    action=activeDefence
+           	   ...    effectiveRange=${Default_EffectiveRange}
+           	   ...    userRegion={"method":"reflection","reflector_type":"DNS","target_ip":"${target_ip}","target_port":1234,"rate_pps":1,"payload_profile_id":${payload_profile_id},"reflector_profile_id":${reflector_profile_id}}
+           	   ...    referenceObject=
+           	   ...    isValid=1
+           	   ...    appObjectIdArray=${2}
+               ...    userTags=${Default_UserTags} 
+               ...    doLog=${Default_DoLog}
+               ...    scheduleId=${Default_ScheduleId}
+    ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
+    ${s}    Convert to String    ${policyId}
+    ${policyIds}    Create List    {"policyType":"active_defence","policyIds":[${policyId}]}  
+ZDFY_ActiveDefencePolicy-CC-00001
+    [Tags]	CC    
+    ${caseName}    set variable    ZDFY_ActiveDefencePolicy-CC-00001      
+    Comment    claimed_src_ip_profile_id
+    ${response}    BasePostRequest    /v1/policy/profile/claimedsrcip   body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":""}]}
+    ${claimed_src_ip_profile_id}    Set Variable     ${response['data']['list'][0]['profileId']}
+    Comment    创建带主动策略CC
+    ${policyDict}    Create Dictionary
+			   ...    policyName=${caseName}
+		   	   ...    policyType=active_defence
+               ...    policyDesc=${caseName}   
+           	   ...    action=activeDefence
+           	   ...    effectiveRange=${Default_EffectiveRange}
+           	   ...    userRegion={"method":"cc","l7_protocol":"HTTP","target_url":"http://test.com","rate_cps":1,"claimed_src_ip_profile_id":${claimed_src_ip_profile_id}}
+           	   ...    referenceObject=
+           	   ...    isValid=1
+           	   ...    appObjectIdArray=${2}
+               ...    userTags=${Default_UserTags} 
+               ...    doLog=${Default_DoLog}
+               ...    scheduleId=${Default_ScheduleId}
+    ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
+    ${s}    Convert to String    ${policyId}
+    ${policyIds}    Create List    {"policyType":"active_defence","policyIds":[${policyId}]}  
+
+
+ZDFY_ActiveDefencePolicy-CC-00002
+    [Tags]	CC    
+    ${caseName}    set variable    ZDFY_ActiveDefencePolicy-CC-00002   
+    Comment    claimed_src_ip_profile_id
+    ${response}    BasePostRequest    /v1/policy/profile/claimedsrcip   body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":"autotest"}]}
+    ${claimed_src_ip_profile_id}    Set Variable     ${response['data']['list'][0]['profileId']}
+    Comment    创建带主动策略CC
+    ${policyDict}    Create Dictionary
+			   ...    policyName=${caseName}
+		   	   ...    policyType=active_defence
+               ...    policyDesc=${caseName}   
+           	   ...    action=activeDefence
+           	   ...    effectiveRange=${Default_EffectiveRange}
+           	   ...    userRegion={"method":"cc","l7_protocol":"HTTPS","target_url":"https://test.com","rate_cps":1,"claimed_src_ip_profile_id":${claimed_src_ip_profile_id}}
+           	   ...    referenceObject=
+           	   ...    isValid=1
+           	   ...    appObjectIdArray=${2}
+               ...    userTags=${Default_UserTags} 
+               ...    doLog=${Default_DoLog}
+               ...    scheduleId=${Default_ScheduleId}
+    ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
+    ${s}    Convert to String    ${policyId}
+    ${policyIds}    Create List    {"policyType":"active_defence","policyIds":[${policyId}]}  
--- a/02-Keyword/tsg_bfapi/PolicyObject.robot
+++ b/02-Keyword/tsg_bfapi/PolicyObject.robot
@@ -166,7 +166,8 @@ DeletePolicyAndObject
    END
    #删除对象
    log    todeleteobj_DeletePolicyAndObject
-    DeleteObject    ${objectids}
+    Run Keyword If    "${objectids}"=="${EMPTY}"    log   no obj to del
+    ...    ELSE    DeleteObject    ${objectids} 
    
 DeleteAfterCase
    [Arguments]    ${policyids}    ${objectids}
--- a/02-Keyword/tsg_common/ManagePolicyBody.robot
+++ b/02-Keyword/tsg_common/ManagePolicyBody.robot
@@ -72,13 +72,17 @@ PolicyParamsOpertion
    Set To Dictionary    ${policyList}    userRegion=${Default_UserRegion} 
    ${userRegion}    Run Keyword If    "${return}"=="FAIL" or '${userRegion}'=="${EMPTY}"    Set Variable    "" 
    ...    ELSE   Set Variable    ${userRegion}
+    
+    #针对主动防御特殊处理，主动防御不应用对象
+    ${active_defence_emptyList}    Create List
+    ${return}    ${policyType}    Run Keyword And Ignore Error    Set Variable    ${policyList}[policyType]
+    Run Keyword If    "${policyType}"=="active_defence"    Set To Dictionary    ${policyList}    referenceObject=${active_defence_emptyList}
+    Run Keyword If    "${policyType}"=="active_defence"    Set To Dictionary    ${policyList}    appObjectIdArray=${active_defence_emptyList}  
    # 转为json结构并返回
    ${dict}    Create Dictionary    opAction=add    returnData=${returnData}    policyList=${policyList}  
    ${json}    json.Dumps    ${dict}    ensure_ascii=False   
    ${json}    Replace String	${json}    "method:rst"    ${userRegion}  
-    #${json}     Evaluate     ${userRegion}.replace('"method"','${userRegion}') 
-    #${json}    Replace String	${json}    "'    {   
-    #${json}    Replace String	${json}    \"    "
+    
    Log    Policy_Request_Body-${json}
    [Return]    ${json}