diff --git a/01-TestCase/zjj/ZDFY_ActiveDefencePolicy.robot b/01-TestCase/zjj/ZDFY_ActiveDefencePolicy.robot new file mode 100644 index 0000000..a51887e --- /dev/null +++ b/01-TestCase/zjj/ZDFY_ActiveDefencePolicy.robot @@ -0,0 +1,123 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags zjj Security_Policy Active_Defence_Policy +Library OperatingSystem +Resource ../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../03-Variable/PolicyObjectDefault.txt +Resource ../../02-Keyword/tsg_common/StmpHandle.robot +Resource ../../03-Variable/BifangApiVariable.txt +Resource ../../02-Keyword/tsg_bfapi/Common.robot +Library Custometest +Library json + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} +${url} /policy/profile/responsepages +${profiledId} ${EMPTY} +${target_ip} 10.3.22.199 +# 无DHCP,需要手动设置IP,可用地址段: 10.3.22.[129-254], 掩码: 255.255.255.0, DNS服务器: 10.3.22.11。 +*** Test Cases *** +ZDFY_ActiveDefencePolicy-Flood-00001 + [Tags] flood + + ${caseName} set variable ZDFY_ActiveDefencePolicy-Flood-00001 + Comment claimed_src_ip_profile_id + ${response} BasePostRequest /v1/policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":"autotest"}]} + ${claimed_src_ip_profile_id} Set Variable ${response['data']['list'][0]['profileId']} + + Comment 创建带主动策略Flood + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=active_defence + ... policyDesc=${caseName} + ... action=activeDefence + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"flood","l4_protocol":"TCP","target_ip":"${target_ip}","target_port":1234,"rate_pps":1,"claimed_src_ip_profile_id":${claimed_src_ip_profile_id}} + ... referenceObject= + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${s} Convert to String ${policyId} + ${policyIds} Create List {"policyType":"active_defence","policyIds":[${policyId}]} + + +ZDFY_ActiveDefencePolicy-Reflection-00001 + [Tags] reflection + ${caseName} set variable ZDFY_ActiveDefencePolicy-Reflection-00001 + Comment claimed_src_ip_profile_id + ${response} BasePostRequest /v1/policy/profile/reflector body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.11"],"isValid":1,"profileDesc":"autotest"}]} + ${reflector_profile_id} Set Variable ${response['data']['list'][0]['profileId']} + ${response} BasePostRequest /v1/policy/profile/reflector/payload body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","reflectorType":"dns","payload":"zasBAAABAAAAAAAABHRlc3QDY29tAAD/AAE=","isValid":1,"profileDesc":""}]} + #${response} BasePostRequest /v1/policy/profile/reflector/payload body={"opAction":"add","returnData":1,"reflectorList":[{"profileName":"autotest","reflectorPayload":"dns","payload":"zasBAAABAAAAAAAABHRlc3QDY29tAAD/AAE=","isValid":1,"profileDesc":""}]} + ${payload_profile_id} Set Variable ${response['data']['list'][0]['profileId']} + Comment 创建策略reflection + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=active_defence + ... policyDesc=${caseName} + ... action=activeDefence + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"reflection","reflector_type":"DNS","target_ip":"${target_ip}","target_port":1234,"rate_pps":1,"payload_profile_id":${payload_profile_id},"reflector_profile_id":${reflector_profile_id}} + ... referenceObject= + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${s} Convert to String ${policyId} + ${policyIds} Create List {"policyType":"active_defence","policyIds":[${policyId}]} +ZDFY_ActiveDefencePolicy-CC-00001 + [Tags] CC + ${caseName} set variable ZDFY_ActiveDefencePolicy-CC-00001 + Comment claimed_src_ip_profile_id + ${response} BasePostRequest /v1/policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":""}]} + ${claimed_src_ip_profile_id} Set Variable ${response['data']['list'][0]['profileId']} + Comment 创建带主动策略CC + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=active_defence + ... policyDesc=${caseName} + ... action=activeDefence + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"cc","l7_protocol":"HTTP","target_url":"http://test.com","rate_cps":1,"claimed_src_ip_profile_id":${claimed_src_ip_profile_id}} + ... referenceObject= + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${s} Convert to String ${policyId} + ${policyIds} Create List {"policyType":"active_defence","policyIds":[${policyId}]} + + +ZDFY_ActiveDefencePolicy-CC-00002 + [Tags] CC + ${caseName} set variable ZDFY_ActiveDefencePolicy-CC-00002 + Comment claimed_src_ip_profile_id + ${response} BasePostRequest /v1/policy/profile/claimedsrcip body={"opAction":"add","returnData":1,"claimedSrcIpList":[{"profileName":"autotest","addrType":4,"ipList":["10.3.22.0/25"],"isValid":1,"profileDesc":"autotest"}]} + ${claimed_src_ip_profile_id} Set Variable ${response['data']['list'][0]['profileId']} + Comment 创建带主动策略CC + ${policyDict} Create Dictionary + ... policyName=${caseName} + ... policyType=active_defence + ... policyDesc=${caseName} + ... action=activeDefence + ... effectiveRange=${Default_EffectiveRange} + ... userRegion={"method":"cc","l7_protocol":"HTTPS","target_url":"https://test.com","rate_cps":1,"claimed_src_ip_profile_id":${claimed_src_ip_profile_id}} + ... referenceObject= + ... isValid=1 + ... appObjectIdArray=${2} + ... userTags=${Default_UserTags} + ... doLog=${Default_DoLog} + ... scheduleId=${Default_ScheduleId} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + ${s} Convert to String ${policyId} + ${policyIds} Create List {"policyType":"active_defence","policyIds":[${policyId}]} \ No newline at end of file diff --git a/02-Keyword/tsg_bfapi/PolicyObject.robot b/02-Keyword/tsg_bfapi/PolicyObject.robot index 1f9f4da..947e3f4 100644 --- a/02-Keyword/tsg_bfapi/PolicyObject.robot +++ b/02-Keyword/tsg_bfapi/PolicyObject.robot @@ -166,7 +166,8 @@ DeletePolicyAndObject END #删除对象 log todeleteobj_DeletePolicyAndObject - DeleteObject ${objectids} + Run Keyword If "${objectids}"=="${EMPTY}" log no obj to del + ... ELSE DeleteObject ${objectids} DeleteAfterCase [Arguments] ${policyids} ${objectids} diff --git a/02-Keyword/tsg_common/ManagePolicyBody.robot b/02-Keyword/tsg_common/ManagePolicyBody.robot index 3d6db02..579619f 100644 --- a/02-Keyword/tsg_common/ManagePolicyBody.robot +++ b/02-Keyword/tsg_common/ManagePolicyBody.robot @@ -72,13 +72,17 @@ PolicyParamsOpertion Set To Dictionary ${policyList} userRegion=${Default_UserRegion} ${userRegion} Run Keyword If "${return}"=="FAIL" or '${userRegion}'=="${EMPTY}" Set Variable "" ... ELSE Set Variable ${userRegion} + + #针对主动防御特殊处理,主动防御不应用对象 + ${active_defence_emptyList} Create List + ${return} ${policyType} Run Keyword And Ignore Error Set Variable ${policyList}[policyType] + Run Keyword If "${policyType}"=="active_defence" Set To Dictionary ${policyList} referenceObject=${active_defence_emptyList} + Run Keyword If "${policyType}"=="active_defence" Set To Dictionary ${policyList} appObjectIdArray=${active_defence_emptyList} # 转为json结构并返回 ${dict} Create Dictionary opAction=add returnData=${returnData} policyList=${policyList} ${json} json.Dumps ${dict} ensure_ascii=False ${json} Replace String ${json} "method:rst" ${userRegion} - #${json} Evaluate ${userRegion}.replace('"method"','${userRegion}') - #${json} Replace String ${json} "' { - #${json} Replace String ${json} \" " + Log Policy_Request_Body-${json} [Return] ${json}