diff --git a/01-TestCase/tsg_adc/multi_step/a_Deny_Dns_Tests.robot b/01-TestCase/tsg_adc/multi_step/a_Deny_Dns_Tests.robot new file mode 100644 index 0000000..3eeb0fc --- /dev/null +++ b/01-TestCase/tsg_adc/multi_step/a_Deny_Dns_Tests.robot @@ -0,0 +1,57 @@ +*** Settings *** +Force Tags tsg_adc_wp adc_api security_policy +Library OperatingSystem +Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../02-Keyword/tsg_adc/FileOperation.robot +Resource ../../../02-Keyword/tsg_adc/FileOperation.robot + +*** Test Cases *** +SecurityPolicy-Deny-Dns-00001 + [Tags] fqdn + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.facebook.com,*ok.ru + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Dns-00001 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"drop"} referenceObject=${objectId}|TSG_FIELD_DNS_QNAME isValid=${1} appObjectIdArray=4 + log ${policyDict} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + insert_policyId_to_file1 deny_dns_objectId ${objectId} + insert_policyId_to_file1 deny_dns_policyId ${policyId} + +SecurityPolicy-Deny-Dns-00002 + [Tags] cat + Comment 创建cat + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*yhd.com,$www.vk.com + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Dns-00002 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"A","answer":[{"atype":"CNAME","value":"www.jd.com","ttl":{"min":500,"max":500}},{"atype":"A","value":"192.168.41.186","ttl":{"min":300,"max":300}}]}]} referenceObject=${objectId}|TSG_FIELD_DNS_QNAME isValid=${1} appObjectIdArray=4 + log ${policyDict} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + insert_policyId_to_file1 deny_dns_objectId1 ${objectId} + insert_policyId_to_file1 deny_dns_policyId1 ${policyId} + +SecurityPolicy-Deny-Dns-00003 + [Tags] cat + Comment 创建cat + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*ya.ru + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Dns-00003 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"AAAA","answer":[{"atype":"AAAA","value":"fc00::2:11","ttl":{"min":400,"max":400}},{"atype":"CNAME","value":"www.taobao.com","ttl":{"min":600,"max":600}}]}]} referenceObject=${objectId}|TSG_FIELD_DNS_QNAME isValid=${1} appObjectIdArray=4 + log ${policyDict} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + insert_policyId_to_file1 deny_dns_objectId2 ${objectId} + insert_policyId_to_file1 deny_dns_policyId2 ${policyId} + +SecurityPolicy-Deny-Dns-00004 + [Tags] 最大重定向 + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*youtube.com + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Dns-00004 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"redirect","resolution":[{"answer":[{"atype":"AAAA","value":"fc00::2:22","ttl":{"min":400,"max":400}},{"atype":"CNAME","value":"www.facebook.com","ttl":{"min":400,"max":400}}],"qtype":"AAAA"},{"qtype":"A","answer":[{"atype":"CNAME","value":"www.ok.ru","ttl":{"min":400,"max":400}},{"atype":"A","value":"192.168.40.110","ttl":{"min":400,"max":400}}]}]} referenceObject=${objectId}|TSG_FIELD_DNS_QNAME isValid=${1} appObjectIdArray=4 + log ${policyDict} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + insert_policyId_to_file1 deny_dns_objectId3 ${objectId} + insert_policyId_to_file1 deny_dns_policyId3 ${policyId} diff --git a/01-TestCase/tsg_adc/multi_step/a_Deny_Http_Tests.robot b/01-TestCase/tsg_adc/multi_step/a_Deny_Http_Tests.robot new file mode 100644 index 0000000..56ed859 --- /dev/null +++ b/01-TestCase/tsg_adc/multi_step/a_Deny_Http_Tests.robot @@ -0,0 +1,220 @@ +*** Settings *** +Force Tags tsg_adc_wp adc_api security_policy +Library OperatingSystem +Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../02-Keyword/tsg_adc/FileOperation.robot +Resource ../../../02-Keyword/tsg_adc/FileOperation.robot + +*** Variables *** +${url} /v1/policy/profile/responsepages + +*** Test Cases *** +SecurityPolicy-Deny-Http-00001 + [Tags] fqdn + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$webalta.ru + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00001 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"drop"} referenceObject=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 + log ${policyDict} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + insert_policyId_to_file1 deny_http_objectId ${objectId} + insert_policyId_to_file1 deny_http_policyId ${policyId} + +SecurityPolicy-Deny-Http-00002 + [Tags] cat + Comment 创建cat + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*nymbler.com + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00002 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"rst"} referenceObject=${objectId}|TSG_FIELD_HTTP_HOST isValid=${1} appObjectIdArray=2 + log ${policyDict} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + insert_policyId_to_file1 deny_http_objectId1 ${objectId} + insert_policyId_to_file1 deny_http_policyId1 ${policyId} + +SecurityPolicy-Deny-Http-00003 + [Tags] url + Comment 创建url + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList=*/news/,$http://www.icbc.com.cn/icbc/,www.gotohoroscope*,indexv + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + #创建引用文件 + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00003 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"block","code":403,"html_profile":${profiledId}} referenceObject=${objectId}|TSG_FIELD_HTTP_URL isValid=${1} appObjectIdArray=2 + log ${policyDict} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + insert_policyId_to_file1 deny_http_objectId2 ${objectId} + insert_policyId_to_file1 deny_http_policyId2 ${policyId} + insert_policyId_to_file1 deny_http_profiledId ${profiledId} + +SecurityPolicy-Deny-Http-00004 + [Tags] 请求头 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=Mozilla/5.0*|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00004 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"block","code":404,"message":"yyyyy"} referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 + log ${policyDict} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + insert_policyId_to_file1 deny_http_objectId3 ${objectId} + insert_policyId_to_file1 deny_http_policyId3 ${policyId} + +SecurityPolicy-Deny-Http-00005 + [Tags] 请求头 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00005 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"drop"} referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 + log ${policyDict} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + insert_policyId_to_file1 deny_http_objectId4 ${objectId} + insert_policyId_to_file1 deny_http_policyId4 ${policyId} + +SecurityPolicy-Deny-Http-00006 + [Tags] 请求头 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=AppleWebKit|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00006 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"alert","code":200,"message":"网站被阻断"} referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 + log ${policyDict} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + insert_policyId_to_file1 deny_http_objectId5 ${objectId} + insert_policyId_to_file1 deny_http_policyId5 ${policyId} + +SecurityPolicy-Deny-Http-00007 + [Tags] 请求头 + Comment 创建请求头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*Safari/537.36|User-Agent + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + #创建引用文件 + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00007 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"alert","code":200,"html_profile":${profiledId}} referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 + log ${policyDict} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + insert_policyId_to_file1 deny_http_objectId6 ${objectId} + insert_policyId_to_file1 deny_http_policyId6 ${policyId} + insert_policyId_to_file1 deny_http_profiledId1 ${profiledId} + +SecurityPolicy-Deny-Http-00008 + [Tags] 应答头 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=*utf-8|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00008 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"rst"} referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + log ${policyDict} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + insert_policyId_to_file1 deny_http_objectId7 ${objectId} + insert_policyId_to_file1 deny_http_policyId7 ${policyId} + +SecurityPolicy-Deny-Http-00009 + [Tags] 应答头 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$text/html; charset=utf-8|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00009 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"alert","code":204,"message":"123456"} referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + log ${policyDict} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + insert_policyId_to_file1 deny_http_objectId8 ${objectId} + insert_policyId_to_file1 deny_http_policyId8 ${policyId} + +SecurityPolicy-Deny-Http-00010 + [Tags] 应答头 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=html|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + #创建引用文件 + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00010 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"alert","code":204,"html_profile":${profiledId}} referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + log ${policyDict} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + insert_policyId_to_file1 deny_http_objectId9 ${objectId} + insert_policyId_to_file1 deny_http_policyId9 ${policyId} + insert_policyId_to_file1 deny_http_profiledId2 ${profiledId} + +SecurityPolicy-Deny-Http-00011 + [Tags] 应答头 + Comment 创建应答头 + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=text*|Content-Type + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + #创建引用文件 + ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages + ${profiledId} Get From Dictionary ${response} profileId + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00011 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"block","code":404,"html_profile":${profiledId}} referenceObject=${objectId}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appObjectIdArray=2 + log ${policyDict} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + insert_policyId_to_file1 deny_http_objectId10 ${objectId} + insert_policyId_to_file1 deny_http_policyId10 ${policyId} + insert_policyId_to_file1 deny_http_profiledId3 ${profiledId} + +SecurityPolicy-Deny-Http-00012 + [Tags] cookie + Comment 创建cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=_ym_isad=2|Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00012 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"block","code":404,"message":"马上到周末"} referenceObject=${objectId}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appObjectIdArray=2 + log ${policyDict} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + insert_policyId_to_file1 deny_http_objectId11 ${objectId} + insert_policyId_to_file1 deny_http_policyId11 ${policyId} + +SecurityPolicy-Deny-Http-00013 + [Tags] set-cookie + Comment 创建set-cookie + ${objectDict} Create Dictionary objectType=http_signature isValid=${1} addItemList=$startDate=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.xiaozhu.com|Set-Cookie,*httponly|Set-Cookie,domain=.kiss.ru|Set-Cookie,*oKD0_802a|Set-Cookie + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00013 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"HTTP","method":"alert","code":200,"message":"Главная страница"} referenceObject=${objectId}|TSG_FIELD_SSL_SAN,${objectId}|TSG_FIELD_SSL_SNI,${objectId}|TSG_FIELD_SSL_CN isValid=${1} appObjectIdArray=2 + log ${policyDict} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + insert_policyId_to_file1 deny_http_objectId12 ${objectId} + insert_policyId_to_file1 deny_http_policyId12 ${policyId} + +SecurityPolicy-Deny-Http-00014 + [Tags] 请求体 + Comment 创建请求体 + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*mail.ru + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00014 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"SSL","method":"drop"} referenceObject=${objectId}|TSG_FIELD_SSL_SAN,${objectId}|TSG_FIELD_SSL_SNI,${objectId}|TSG_FIELD_SSL_CN isValid=${1} appObjectIdArray=2 + log ${policyDict} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + insert_policyId_to_file1 deny_http_objectId13 ${objectId} + insert_policyId_to_file1 deny_http_policyId13 ${policyId} + +SecurityPolicy-Deny-Http-00015 + [Tags] 应答体 + Comment 创建应答体 + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*mail.ru + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00015 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"SSL","method":"drop"} referenceObject=${objectId}|TSG_FIELD_SSL_SAN,${objectId}|TSG_FIELD_SSL_SNI,${objectId}|TSG_FIELD_SSL_CN isValid=${1} appObjectIdArray=2 + log ${policyDict} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + insert_policyId_to_file1 deny_http_objectId14 ${objectId} + insert_policyId_to_file1 deny_http_policyId14 ${policyId} + +SecurityPolicy-Deny-Http-00016 + [Tags] 最大组合 + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*mail.ru + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Http-00016 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"SSL","method":"drop"} referenceObject=${objectId}|TSG_FIELD_SSL_SAN,${objectId}|TSG_FIELD_SSL_SNI,${objectId}|TSG_FIELD_SSL_CN isValid=${1} appObjectIdArray=2 + log ${policyDict} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + insert_policyId_to_file1 deny_http_objectId15 ${objectId} + insert_policyId_to_file1 deny_http_policyId15 ${policyId} diff --git a/01-TestCase/tsg_adc/multi_step/a_Deny_Ssl_Tests.robot b/01-TestCase/tsg_adc/multi_step/a_Deny_Ssl_Tests.robot new file mode 100644 index 0000000..59da0e8 --- /dev/null +++ b/01-TestCase/tsg_adc/multi_step/a_Deny_Ssl_Tests.robot @@ -0,0 +1,57 @@ +*** Settings *** +Force Tags tsg_adc_wp adc_api security_policy +Library OperatingSystem +Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../02-Keyword/tsg_adc/FileOperation.robot +Resource ../../../02-Keyword/tsg_adc/FileOperation.robot + +*** Test Cases *** +SecurityPolicy-Deny-Ssl-00001 + [Tags] sni fqdn + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.cxwl.com,*freestockimages.ru + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Ssl-00001 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"SSL","method":"rst"} referenceObject=${objectId}|TSG_FIELD_SSL_SNI isValid=${1} appObjectIdArray=3 + log ${policyDict} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + insert_policyId_to_file1 deny_ssl_objectId ${objectId} + insert_policyId_to_file1 deny_ssl_policyId ${policyId} + +SecurityPolicy-Deny-Ssl-00002 + [Tags] cn cat + Comment 创建cat + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*vip.com,*berkeleygroup.co.uk + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Ssl-00002 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"SSL","method":"rst"} referenceObject=${objectId}|TSG_FIELD_SSL_CN isValid=${1} appObjectIdArray=3 + log ${policyDict} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + insert_policyId_to_file1 deny_ssl_objectId1 ${objectId} + insert_policyId_to_file1 deny_ssl_policyId1 ${policyId} + +SecurityPolicy-Deny-Ssl-00003 + [Tags] san cat + Comment 创建cat + ${objectDict} Create Dictionary objectType=fqdn_category isValid=${1} addItemList=*pulitzer.org,*nastol.com.ua + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Ssl-00003 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"SSL","method":"drop"} referenceObject=${objectId}|TSG_FIELD_SSL_SAN isValid=${1} appObjectIdArray=3 + log ${policyDict} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + insert_policyId_to_file1 deny_ssl_objectId2 ${objectId} + insert_policyId_to_file1 deny_ssl_policyId2 ${policyId} + +SecurityPolicy-Deny-Ssl-00004 + [Tags] 最大组合 + Comment 创建fqdn + ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*mail.ru + ${rescode} ${objectId} AddObject2 ${1} ${objectDict} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Ssl-00004 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"SSL","method":"drop"} referenceObject=${objectId}|TSG_FIELD_SSL_SAN,${objectId}|TSG_FIELD_SSL_SNI,${objectId}|TSG_FIELD_SSL_CN isValid=${1} appObjectIdArray=3 + log ${policyDict} + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + insert_policyId_to_file1 deny_ssl_objectId3 ${objectId} + insert_policyId_to_file1 deny_ssl_policyId3 ${policyId} diff --git a/01-TestCase/tsg_adc/multi_step/b-Deny_Dns_Tests.robot b/01-TestCase/tsg_adc/multi_step/b-Deny_Dns_Tests.robot new file mode 100644 index 0000000..6ecc724 --- /dev/null +++ b/01-TestCase/tsg_adc/multi_step/b-Deny_Dns_Tests.robot @@ -0,0 +1,101 @@ +*** Settings *** +Force Tags tsg_adc_wp security_policy adc_verify +Library OperatingSystem +Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../02-Keyword/tsg_adc/FileOperation.robot + +*** Test Cases *** +SecurityPolicy-Deny-Dns-00001 + [Tags] fqdn + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.facebook.com + ... ELSE set variable nslookup www.facebook.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 超时 + ... ELSE Create List canonical name = www.facebook.com + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + insert_time_to_file1 deny_dns_starttime ${starttime} deny_dns_endtime ${endtime} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d ok.ru + ... ELSE set variable nslookup ok.ru + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 超时 + ... ELSE Create List canonical name = ok.ru + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + insert_time_to_file1 deny_dns_starttime1 ${starttime} deny_dns_endtime1 ${endtime} + +SecurityPolicy-Deny-Dns-00002 + [Tags] cat + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.yhd.com + ... ELSE set variable nslookup -debug -query=A \ www.yhd.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 192.168.41.186 www.jd.com ttl = 500 + ... ELSE Create List 192.168.41.186 www.jd.com ttl = 500 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + insert_time_to_file1 deny_dns_starttime2 ${starttime} deny_dns_endtime2 ${endtime} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.vk.com + ... ELSE set variable nslookup -debug -query=A \ www.vk.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 192.168.41.186 www.jd.com ttl = 500 + ... ELSE Create List 192.168.41.186 www.jd.com ttl = 500 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + insert_time_to_file1 deny_dns_starttime3 ${starttime} deny_dns_endtime3 ${endtime} + +SecurityPolicy-Deny-Dns-00003 + [Tags] cat + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d ya.ru + ... ELSE set variable nslookup -debug -query=AAAA ya.ru + ${stringlist} run keyword if '${systemType}'=='Windows' Create List fc00::2:11 www.taobao.com ttl = 400 + ... ELSE Create List fc00::2:11 www.taobao.com ttl = 400 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + insert_time_to_file1 deny_dns_starttime4 ${starttime} deny_dns_endtime4 ${endtime} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d ya.ru + ... ELSE set variable nslookup -debug -query=AAAA ya.ru + ${stringlist} run keyword if '${systemType}'=='Windows' Create List fc00::2:11 www.taobao.com ttl = 400 + ... ELSE Create List fc00::2:11 www.taobao.com ttl = 400 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + insert_time_to_file1 deny_dns_starttime5 ${starttime} deny_dns_endtime5 ${endtime} + +SecurityPolicy-Deny-Dns-00004 + [Tags] 最大重定向 + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.youtube.com + ... ELSE set variable nslookup -debug -query=A www.youtube.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 192.168.40.110 www.facebook.com ttl = 400 www.ok.ru fc00::2:22 + ... ELSE Create List 192.168.40.110 www.ok.ru ttl = 400 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.youtube.com + ... ELSE set variable nslookup -debug -query=AAAA www.youtube.com + ${stringlist} run keyword if '${systemType}'=='Windows' Create List fc00::2:22 www.facebook.com ttl = 400 www.ok.ru 192.168.40.110 + ... ELSE Create List ttl = 400 www.facebook.com fc00::2:22 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + insert_time_to_file1 deny_dns_starttime6 ${starttime} deny_dns_endtime6 ${endtime} diff --git a/01-TestCase/tsg_adc/multi_step/b_Deny_Http_Tests.robot b/01-TestCase/tsg_adc/multi_step/b_Deny_Http_Tests.robot new file mode 100644 index 0000000..bec0781 --- /dev/null +++ b/01-TestCase/tsg_adc/multi_step/b_Deny_Http_Tests.robot @@ -0,0 +1,195 @@ +*** Settings *** +Force Tags tsg_adc_wp security_policy adc_verify +Library OperatingSystem +Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../02-Keyword/tsg_adc/FileOperation.robot + +*** Test Cases *** +SecurityPolicy-Deny-Http-00001 + [Tags] fqdn + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00001.bat + ... ELSE set variable curl http://webalta.ru/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + insert_time_to_file1 deny_http_starttime ${starttime} deny_http_endtime ${endtime} + +SecurityPolicy-Deny-Http-00002 + [Tags] cat + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00002.bat + ... ELSE set variable curl http://www.nymbler.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + insert_time_to_file1 deny_http_starttime1 ${starttime} deny_http_endtime1 ${endtime} + +SecurityPolicy-Deny-Http-00003 + [Tags] url + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00003.bat + ... ELSE set variable curl http://www.icbc.com.cn/icbc/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable + ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + insert_time_to_file1 deny_http_starttime2 ${starttime} deny_http_endtime2 ${endtime} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00003_1.bat + ... ELSE set variable curl http://www.ccb.com/cn/home/indexv3.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable + ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + insert_time_to_file1 deny_http_starttime3 ${starttime} deny_http_endtime3 ${endtime} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00003_2.bat + ... ELSE set variable curl http://www.gotohoroscope.com/daily-horoscope.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable + ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + insert_time_to_file1 deny_http_starttime4 ${starttime} deny_http_endtime4 ${endtime} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00003_3.bat + ... ELSE set variable curl http://government.ru/news/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable + ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + insert_time_to_file1 deny_http_starttime5 ${starttime} deny_http_endtime5 ${endtime} + +SecurityPolicy-Deny-Http-00004 + [Tags] 请求头 + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00004.bat + ... ELSE set variable curl http://www.tsutmb.ru/sveden + ${stringlist} run keyword if '${systemType}'=='Windows' Create List yyyyy + ... ELSE Create List yyyyy + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + insert_time_to_file1 deny_http_starttime6 ${starttime} deny_http_endtime6 ${endtime} + +SecurityPolicy-Deny-Http-00005 + [Tags] 请求头 + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00005.bat + ... ELSE set variable curl http://www.abchina.com/cn/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + insert_time_to_file1 deny_http_starttime7 ${starttime} deny_http_endtime7 ${endtime} + +SecurityPolicy-Deny-Http-00006 + [Tags] 请求头 + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00006.bat + ... ELSE set variable curl http://egypt.travel/ru + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 网站被阻断 + ... ELSE Create List 网站被阻断 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + insert_time_to_file1 deny_http_starttime8 ${starttime} deny_http_endtime8 ${endtime} + +SecurityPolicy-Deny-Http-00007 + [Tags] 请求头 + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00007.bat + ... ELSE set variable curl http://www.destination360.com/travel/destinations + ${stringlist} run keyword if '${systemType}'=='Windows' Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 + ... ELSE Create List 对不起,您请求的页面不存在、或已被删除、或暂时不可用 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + insert_time_to_file1 deny_http_starttime9 ${starttime} deny_http_endtime9 ${endtime} + +SecurityPolicy-Deny-Http-00008 + [Tags] 应答头 + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_SSL_00001.bat + ... ELSE set variable curl http://www.cmbchina.com/CmbQuesInfo/index.aspx + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + insert_time_to_file1 deny_http_starttime10 ${starttime} deny_http_endtime10 ${endtime} + +SecurityPolicy-Deny-Http-00009 + [Tags] 应答头 + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_SSL_00001.bat + ... ELSE set variable curl http://www.bankcomm.com/BankCommSite/default.shtml + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + insert_time_to_file1 deny_http_starttime11 ${starttime} deny_http_endtime11 ${endtime} + +SecurityPolicy-Deny-Http-00010 + [Tags] 应答头 + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_SSL_00001.bat + ... ELSE set variable curl http://www.thg.ru/technews/hot_news.html + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + insert_time_to_file1 deny_http_starttime12 ${starttime} deny_http_endtime12 ${endtime} + +SecurityPolicy-Deny-Http-00011 + [Tags] 应答头 + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_SSL_00001.bat + ... ELSE set variable curl http://www.hitlistapp.com/about/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + insert_time_to_file1 deny_http_starttime13 ${starttime} deny_http_endtime13 ${endtime} diff --git a/01-TestCase/tsg_adc/multi_step/b_Deny_Ssl_Tests.robot b/01-TestCase/tsg_adc/multi_step/b_Deny_Ssl_Tests.robot new file mode 100644 index 0000000..b461418 --- /dev/null +++ b/01-TestCase/tsg_adc/multi_step/b_Deny_Ssl_Tests.robot @@ -0,0 +1,97 @@ +*** Settings *** +Force Tags tsg_adc_wp security_policy adc_verify +Library OperatingSystem +Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../02-Keyword/tsg_adc/FileOperation.robot + +*** Test Cases *** +SecurityPolicy-Deny-Ssl-00001 + [Tags] sni + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_SSL_00001.bat + ... ELSE set variable curl https://www.freestockimages.ru/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + insert_time_to_file1 deny_ssl_starttime ${starttime} deny_ssl_endtime ${endtime} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_SSL_00001_1.bat + ... ELSE set variable curl \ \ \ https://www.cxwl.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + insert_time_to_file1 deny_ssl_starttime1 ${starttime} deny_ssl_endtime1 ${endtime} + +SecurityPolicy-Deny-Ssl-00002 + [Tags] cn + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_SSL_00002.bat + ... ELSE set variable curl https://www.berkeleygroup.co.uk/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + insert_time_to_file1 deny_ssl_starttime2 ${starttime} deny_ssl_endtime2 ${endtime} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_SSL_00002_2.bat + ... ELSE set variable curl https://www.vip.com/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + insert_time_to_file1 deny_ssl_starttime3 ${starttime} deny_ssl_endtime3 ${endtime} + +SecurityPolicy-Deny-Ssl-00003 + [Tags] san + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_SSL_00003.bat + ... ELSE set variable curl https://www.nastol.com.ua/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + insert_time_to_file1 deny_ssl_starttime4 ${starttime} deny_ssl_endtime4 ${endtime} + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_SSL_00003_3.bat + ... ELSE set variable curl https://www.pulitzer.org/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + insert_time_to_file1 deny_ssl_starttime5 ${starttime} deny_ssl_endtime5 ${endtime} + +SecurityPolicy-Deny-Ssl-00004 + [Tags] 最大组合 + Comment 功能端验证HTTP验证 + ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_SSL_00004.bat + ... ELSE set variable curl https://mail.ru/ + ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset + ... ELSE Create List Connection reset by peer + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${rescode} SystemCommands ${commandstr} ${stringlist} + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + insert_time_to_file1 deny_ssl_starttime6 ${starttime} deny_ssl_endtime6 ${endtime} diff --git a/01-TestCase/tsg_adc/multi_step/c_Deny_Dns_Tests.robot b/01-TestCase/tsg_adc/multi_step/c_Deny_Dns_Tests.robot new file mode 100644 index 0000000..d3a84b8 --- /dev/null +++ b/01-TestCase/tsg_adc/multi_step/c_Deny_Dns_Tests.robot @@ -0,0 +1,53 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc_wp adc_log security_policy +Library OperatingSystem +Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../05-Other/AllFlowCaseVariable.txt +Resource ../../../02-Keyword/tsg_adc/FileOperation.robot +Resource ../../../05-Other/AllFlowCaseVariable1.txt + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} + +*** Test Cases *** +SecurityPolicy-Deny-Dns-00001 + [Tags] sni + #删除对象 + ${objectids} set Variable ${deny_dns_objectId} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_dns_policyId}]} + ${s} Convert to String ${deny_dns_policyId} + GetLogList security_event_log ${deny_dns_starttime} ${deny_dns_endtime} ${testClentIP} ${s} dns_qname facebook.com + GetLogList security_event_log ${deny_dns_starttime1} ${deny_dns_endtime1} ${testClentIP} ${s} dns_qname ok.ru + +SecurityPolicy-Deny-Dns-00002 + [Tags] cn + #删除对象 + ${objectids} set Variable ${deny_dns_objectId1} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_dns_policyId1}]} + ${s} Convert to String ${deny_dns_policyId1} + GetLogList security_event_log ${deny_dns_starttime2} ${deny_dns_endtime2} ${testClentIP} ${s} dns_qname yhd.com + GetLogList security_event_log ${deny_dns_starttime3} ${deny_dns_endtime3} ${testClentIP} ${s} dns_qname vk.com + +SecurityPolicy-Deny-Dns-00003 + [Tags] san + #删除对象 + ${objectids} set Variable ${deny_dns_objectId2} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_dns_policyId2}]} + ${s} Convert to String ${deny_dns_policyId2} + GetLogList security_event_log ${deny_dns_starttime4} ${deny_dns_endtime4} ${testClentIP} ${s} dns_qname ya.ru + +SecurityPolicy-Deny-Dns-00004 + [Tags] 最大组合 + #删除对象 + ${objectids} set Variable ${deny_dns_objectId3} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_dns_policyId3}]} + ${s} Convert to String ${deny_dns_policyId3} + GetLogList security_event_log ${deny_dns_starttime6} ${deny_dns_endtime6} ${testClentIP} ${s} dns_qname youtube.com diff --git a/01-TestCase/tsg_adc/multi_step/c_Deny_Http_Tests.robot b/01-TestCase/tsg_adc/multi_step/c_Deny_Http_Tests.robot new file mode 100644 index 0000000..f67acde --- /dev/null +++ b/01-TestCase/tsg_adc/multi_step/c_Deny_Http_Tests.robot @@ -0,0 +1,83 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject1 ${policyIds} ${objectids} ${url} ${profiledId} +Force Tags tsg_adc_wp adc_log security_policy +Library OperatingSystem +Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../05-Other/AllFlowCaseVariable.txt +Resource ../../../02-Keyword/tsg_adc/FileOperation.robot +Resource ../../../05-Other/AllFlowCaseVariable1.txt + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} +${url} /v1/policy/profile/responsepages +${profiledId} ${EMPTY} + +*** Test Cases *** +SecurityPolicy-Deny-Http-00001 + [Tags] fqdn + #删除对象 + ${objectids} set Variable ${deny_http_objectId} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_http_policyId}]} + ${s} Convert to String ${deny_http_policyId} + GetLogList security_event_log ${deny_http_starttime} ${deny_http_endtime} ${testClentIP} ${s} http_host webalta.ru + +SecurityPolicy-Deny-Http-00002 + [Tags] cat + #删除对象 + ${objectids} set Variable ${deny_http_objectId1} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_http_policyId1}]} + ${s} Convert to String ${deny_http_policyId1} + GetLogList security_event_log ${deny_http_starttime1} ${deny_http_endtime1} ${testClentIP} ${s} http_host nymbler.com + +SecurityPolicy-Deny-Http-00003 + [Tags] url + #删除对象 + ${objectids} set Variable ${deny_http_objectId2} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_http_policyId2}]} + ${s} Convert to String ${deny_http_policyId2} + GetLogList security_event_log ${deny_http_starttime3} ${deny_http_endtime3} ${testClentIP} ${s} http_host icbc.com.cn + GetLogList security_event_log ${deny_http_starttime4} ${deny_http_endtime4} ${testClentIP} ${s} http_host ccb.com + GetLogList security_event_log ${deny_http_starttime5} ${deny_http_endtime5} ${testClentIP} ${s} http_host gotohoroscope.com + GetLogList security_event_log ${deny_http_starttime6} ${deny_http_endtime6} ${testClentIP} ${s} http_host government.ru + +SecurityPolicy-Deny-Http-00004 + [Tags] 请求头 + #删除对象 + ${objectids} set Variable ${deny_http_objectId3} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_http_policyId3}]} + ${s} Convert to String ${deny_http_policyId3} + GetLogList security_event_log ${deny_http_starttime7} ${deny_http_endtime7} ${testClentIP} ${s} http_host tsutmb.ru + +SecurityPolicy-Deny-Http-00005 + [Tags] 请求头 + #删除对象 + ${objectids} set Variable ${deny_http_objectId4} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_http_policyId4}]} + ${s} Convert to String ${deny_http_policyId4} + GetLogList security_event_log ${deny_http_starttime8} ${deny_http_endtime8} ${testClentIP} ${s} http_host abchina.com + +SecurityPolicy-Deny-Http-00006 + [Tags] 请求头 + #删除对象 + ${objectids} set Variable ${deny_http_objectId5} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_http_policyId5}]} + ${s} Convert to String ${deny_http_policyId5} + GetLogList security_event_log ${deny_http_starttime9} ${deny_http_endtime9} ${testClentIP} ${s} http_host egypt.travel + +SecurityPolicy-Deny-Http-00007 + [Tags] 请求头 + #删除对象 + ${objectids} set Variable ${deny_http_objectId6} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_http_policyId6}]} + ${s} Convert to String ${deny_http_policyId6} + GetLogList security_event_log ${deny_http_starttime10} ${deny_http_endtime10} ${testClentIP} ${s} http_host destination360.com diff --git a/01-TestCase/tsg_adc/multi_step/c_Deny_Ssl_Tests.robot b/01-TestCase/tsg_adc/multi_step/c_Deny_Ssl_Tests.robot new file mode 100644 index 0000000..78831a5 --- /dev/null +++ b/01-TestCase/tsg_adc/multi_step/c_Deny_Ssl_Tests.robot @@ -0,0 +1,54 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc_wp adc_log security_policy +Library OperatingSystem +Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../05-Other/AllFlowCaseVariable.txt +Resource ../../../02-Keyword/tsg_adc/FileOperation.robot +Resource ../../../05-Other/AllFlowCaseVariable1.txt + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} + +*** Test Cases *** +SecurityPolicy-Deny-Ssl-00001 + [Tags] sni + #删除对象 + ${objectids} set Variable ${deny_ssl_objectId} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_ssl_policyId}]} + ${s} Convert to String ${deny_ssl_policyId} + GetLogList security_event_log ${deny_ssl_starttime} ${deny_ssl_endtime} ${testClentIP} ${s} ssl_sni freestockimages.ru + GetLogList security_event_log ${deny_ssl_starttime1} ${deny_ssl_endtime1} ${testClentIP} ${s} ssl_sni cxwl.com + +SecurityPolicy-Deny-Ssl-00002 + [Tags] cn + #删除对象 + ${objectids} set Variable ${deny_ssl_objectId1} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_ssl_policyId1}]} + ${s} Convert to String ${deny_ssl_policyId1} + GetLogList security_event_log ${deny_ssl_starttime2} ${deny_ssl_endtime2} ${testClentIP} ${s} ssl_sni berkeleygroup.co.uk + GetLogList security_event_log ${deny_ssl_starttime3} ${deny_ssl_endtime3} ${testClentIP} ${s} ssl_sni vip.com + +SecurityPolicy-Deny-Ssl-00003 + [Tags] san + #删除对象 + ${objectids} set Variable ${deny_ssl_objectId2} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_ssl_policyId2}]} + ${s} Convert to String ${deny_ssl_policyId2} + GetLogList security_event_log ${deny_ssl_starttime4} ${deny_ssl_endtime4} ${testClentIP} ${s} ssl_sni nastol.com.ua + GetLogList security_event_log ${deny_ssl_starttime5} ${deny_ssl_endtime5} ${testClentIP} ${s} ssl_sni pulitzer.org + +SecurityPolicy-Deny-Ssl-00004 + [Tags] 最大组合 + #删除对象 + ${objectids} set Variable ${deny_ssl_objectId3} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${deny_ssl_policyId3}]} + ${s} Convert to String ${deny_ssl_policyId3} + GetLogList security_event_log ${deny_ssl_starttime6} ${deny_ssl_endtime6} ${testClentIP} ${s} ssl_sni mail.ru diff --git a/01-TestCase/tsg_bfapi/policy_object/PolicyObjectTests.robot b/01-TestCase/tsg_bfapi/policy_object/PolicyObjectTests.robot index b63fdac..60b9b39 100644 --- a/01-TestCase/tsg_bfapi/policy_object/PolicyObjectTests.robot +++ b/01-TestCase/tsg_bfapi/policy_object/PolicyObjectTests.robot @@ -3,6 +3,7 @@ Test Teardown DeletePolicyAndObjectAndProfile ${policyIds} ${objectIds Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot Resource ../../../02-Keyword/tsg_bfapi/policy_object/Object.robot +Resource ../../../02-Keyword/tsg_bfapi/policy_object/Log.robot Resource ../../../02-Keyword/tsg_bfapi/Common.robot Library json *** Variables *** @@ -336,14 +337,12 @@ Policy-Post-v1-00013 ${rescode} ${itemIds} ${itemList} GetObjectItems ${params} Log To Console ${itemIds} Comment 更新IP - ${len} Get Length ${itemList} - FOR ${index} IN ${len} - ${index1} Evaluate int(${index})-1 - Set To Dictionary ${itemList}[${index1}] clientIp1 192.168.41.67 - Set To Dictionary ${itemList}[${index1}] clientIp2 192.168.41.67 - Remove From Dictionary ${itemList}[${index1}] isInitialize - Set To Dictionary ${itemList}[${index1}] serverIp1 192.168.41.68 - Set To Dictionary ${itemList}[${index1}] serverIp2 192.168.41.68 + FOR ${item} IN @{itemList} + Set To Dictionary ${item} clientIp1 192.168.41.67 + Set To Dictionary ${item} clientIp2 192.168.41.67 + Remove From Dictionary ${item} isInitialize + Set To Dictionary ${item} serverIp1 192.168.41.68 + Set To Dictionary ${item} serverIp2 192.168.41.68 END ${objectDict} Create Dictionary objectId=${objectId1} objectType=ip ... updateItemList=${itemList} @@ -395,7 +394,7 @@ Policy-Delete-v1-00016 ${rescode} ${policyIds} AddPolicies 1 ${policy} v2 Log ${rescode} Comment 删除安全策略 - ${rescode} WxDeletePolicy1 ${policyIds[0]['policyIds']} tsg_security + ${rescode} DeletePolicy1 ${policyIds[0]['policyIds']} tsg_security ${policyIds} Create List Log ${rescode} Policy-Delete-v1-00017 @@ -434,4 +433,113 @@ Policy-Export-v1-00019 Comment 导 出json ${objectIds} Set Variable ${EMPTY} ${response} ExportPolicy tsg_security ${EMPTY} ${EMPTY} - WriteFile downloads download.json ${response} \ No newline at end of file + WriteFile downloads download.json ${response} +Policy-Verify-v1-00020 + ${objectIds} Set Variable ${EMPTY} + Comment 创建对象 + ${ipValue} Create Dictionary clientIp=192.168.41.67 clientPort=${1} serverIp=192.168.41.67 serverPort=${1} + ... addrType=${4} protocol=${6} + ${ipObj} Create Dictionary attributeType=ip tableName=TSG_OBJ_IP_ADDR protocol=HTTP attributeName=ip + ... attributeValue=${ipValue} + ${stringValue} Create Dictionary string=*baidu.com + ${stringObj} Create Dictionary attributeType=string tableName=TSG_OBJ_URL protocol=HTTP attributeName=url + ... attributeValue=${stringValue} + ${appIdValue} Create Dictionary string=http. + ${appIdObj} Create Dictionary attributeType=string protocol=HTTP attributeName=app_id + ... attributeValue=${appIdValue} + ${attributes} Create List ${ipObj} ${stringObj} ${appIdObj} + ${verifySession} Create Dictionary attributes=${attributes} + ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession} + ${rescode} ${resData} VerifyPolicies ${verifyList} +Policy-Verify-v1-00021 + ${objectIds} Set Variable ${EMPTY} + Comment 创建对象 + ${ipObj} Create Dictionary attributeType=ip tableName=TSG_OBJ_IP_ADDR protocol=HTTP attributeName=ip + ... attributeValue={"clientIp":"192.168.41.67","clientPort":1,"serverIp":"192.168.41.67","serverPort":1,"addrType":4,"protocol":6} + ${stringValue} Create Dictionary string=*baidu.com + ${stringObj} Create Dictionary attributeType=string tableName=TSG_OBJ_URL protocol=HTTP attributeName=url + ... attributeValue=${stringValue} + ${appIdValue} Create Dictionary string=http. + ${appIdObj} Create Dictionary attributeType=string protocol=HTTP attributeName=app_id + ... attributeValue=${appIdValue} + ${attributes} Create List ${ipObj} ${stringObj} ${appIdObj} + ${verifySession} Create Dictionary attributes=${attributes} + ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession} + ${rescode} ${resData} VerifyPolicies ${verifyList} +Policy-Verify-v1-00022 + ${objectIds} Set Variable ${EMPTY} + Comment 创建对象 + ${ipObj} Create Dictionary attributeType=ip tableName=TSG_OBJ_IP_ADDR protocol=HTTP attributeName=ip + ... attributeValue={"clientIp":"192.168.41.67","clientPort":1,"serverIp":"192.168.41.67","serverPort":1,"addrType":4,"protocol":6} + ${stringObj} Create Dictionary attributeType=string tableName=TSG_OBJ_URL protocol=HTTP attributeName=url + ... attributeValue={'string':'*baidu.com'} + ${appIdValue} Create Dictionary string=http. + ${appIdObj} Create Dictionary attributeType=string protocol=HTTP attributeName=app_id + ... attributeValue=${appIdValue} + ${attributes} Create List ${ipObj} ${stringObj} ${appIdObj} + ${verifySession} Create Dictionary attributes=${attributes} + ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession} + ${rescode} ${resData} VerifyPolicies ${verifyList} + +Policy-Verify-v1-00023 + ${objectIds} Set Variable ${EMPTY} + Comment 创建对象 + ${ipObj} Create Dictionary attributeType=ip tableName=TSG_OBJ_IP_ADDR protocol=HTTP attributeName=ip + ... attributeValue=192.168.41.67|1|192.168.41.67|1|4|6 + ${stringObj} Create Dictionary attributeType=string tableName=TSG_OBJ_URL protocol=HTTP attributeName=url + ... attributeValue=*baidu.com + ${appIdObj} Create Dictionary attributeType=string protocol=HTTP attributeName=app_id + ... attributeValue=http. + ${signatureObj} Create Dictionary attributeType=signature protocol=HTTP attributeName=req_body + ... attributeValue=Content-Type|application/json + ${attributes} Create List ${ipObj} ${stringObj} ${appIdObj} ${signatureObj} + ${verifySession} Create Dictionary attributes=${attributes} + ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession} + ${rescode} ${resData} VerifyPolicies ${verifyList} +Policy-log-v1-00024 + ${objectIds} Set Variable ${EMPTY} + Comment 查询schema + ${schema_query} ${schema_type} ${default_columns} ${fields} GetLogSchema security_event_log + ${queryFieldList} Create List + FOR ${field} IN @{fields} + ${return} ${doc} Run Keyword And Ignore Error Get From Dictionary ${field} doc + Continue For Loop If "${return}"=="FAIL" + ${return} ${allow_query} Run Keyword And Ignore Error Get From Dictionary ${doc} allow_query + Continue For Loop If "${allow_query}"=="false" or "${return}"=="FAIL" + ${fieldDict} Create Dictionary name=${field['name']} type=${field['type']} + Append To List ${queryFieldList} ${fieldDict} + END + Log ${queryFieldList} +Policy-log-v1-00025 + ${objectIds} Set Variable ${EMPTY} + Comment 查询schema + ${schema_query} ${schema_type} ${default_columns} ${fields} GetLogSchema security_event_log + + ${filters} Get From Dictionary ${schema_query} filters + Log ${filters} +Policy-log-v1-00026 + ${objectIds} Set Variable ${EMPTY} + Comment 查询schema + ${schema_query} ${schema_type} ${default_columns} ${fields} GetLogSchema security_event_log + Comment 处理schema,构造查询条件 + ${params} Create Dictionary pageSize=${10} logType=security_event_log + ... start_common_recv_time=2020-06-01 00:00:00 + ... end_common_recv_time=2020-06-24 00:00:00 + ... fields=common_log_id|long,http_url|string,common_client_ip|string,common_client_port|int,common_server_ip|string,common_server_port|int + ... conditions=common_server_port|int|in|${80}^${8080} + ... orderBy=common_server_ip|true + ... common_log_ids=162273027957354498 + ${resData} QueryLogs ${params} list +Policy-log-v1-00027 + ${objectIds} Set Variable ${EMPTY} + Comment 查询schema + ${schema_query} ${schema_type} ${default_columns} ${fields} GetLogSchema security_event_log + Comment 处理schema,构造查询条件 + ${params} Create Dictionary pageSize=${10} logType=security_event_log + ... start_common_recv_time=2020-06-01 00:00:00 + ... end_common_recv_time=2020-06-24 00:00:00 + ... fields=common_log_id|long,http_url|string,common_client_ip|string,common_client_port|int,common_server_ip|string,common_server_port|int + ... conditions=common_server_port|int|in|${80}^${8080} + ... orderBy=common_server_ip|true + ... common_log_ids=162273027957354498 + ${resData} QueryLogs ${params} count \ No newline at end of file diff --git a/02-Keyword/tsg_adc/FileOperation.robot b/02-Keyword/tsg_adc/FileOperation.robot index ae91e96..c9a8d91 100644 --- a/02-Keyword/tsg_adc/FileOperation.robot +++ b/02-Keyword/tsg_adc/FileOperation.robot @@ -1,25 +1,33 @@ -*** Settings *** -Library String -Library json -Library OperatingSystem -Library RequestsLibrary -Library Selenium2Library -Library Collections -Library FileLibrary -Resource ../../02-Keyword/tsg_bfapi/Common.robot -Resource ../../03-Variable/BifangApiVariable.txt - - -*** Keywords *** -insert_policyId_to_file - [Arguments] ${key} ${policyId} ${objectids} - ${dict} Create Dictionary policyId=${policyId} objectId=${objectids} - ${json} json.Dumps ${dict} - Alter Dict ${path}/03-Variable/AllFlowCaseVariable.txt ${key} ${json} - -insert_time_to_file - [Arguments] ${key} ${starttime} ${endtime} - ${value} json.Loads ${${key}} - ${dict} Create Dictionary policyId=${value}[policyId] objectId=${value}[objectId] starttime=${starttime} endtime=${endtime} - ${json} json.Dumps ${dict} - Alter Dict ${path}/03-Variable/AllFlowCaseVariable.txt ${key} ${json} +*** Settings *** +Library String +Library json +Library OperatingSystem +Library RequestsLibrary +Library Selenium2Library +Library Collections +Library FileLibrary +Resource ../../02-Keyword/tsg_bfapi/Common.robot +Resource ../../03-Variable/BifangApiVariable.txt + + +*** Keywords *** +insert_policyId_to_file + [Arguments] ${key} ${policyId} ${objectids} + ${dict} Create Dictionary policyId=${policyId} objectId=${objectids} + ${json} json.Dumps ${dict} + Alter Dict ${path}/03-Variable/AllFlowCaseVariable.txt ${key} ${json} + +insert_time_to_file + [Arguments] ${key} ${starttime} ${endtime} + ${value} json.Loads ${${key}} + ${dict} Create Dictionary policyId=${value}[policyId] objectId=${value}[objectId] starttime=${starttime} endtime=${endtime} + ${json} json.Dumps ${dict} + Alter Dict ${path}/03-Variable/AllFlowCaseVariable.txt ${key} ${json} +insert_policyId_to_file1 + [Arguments] ${key} ${objectids} + Alter Dict ${path}/AllFlowCaseVariable.txt ${key} ${objectids} + +insert_time_to_file1 + [Arguments] ${key} ${starttime} ${key2} ${endtime} + Alter Dict ${path}/AllFlowCaseVariable1.txt ${key} ${starttime} + Alter Dict ${path}/AllFlowCaseVariable1.txt ${key2} ${endtime} diff --git a/02-Keyword/tsg_bfapi/policy_object/Log.robot b/02-Keyword/tsg_bfapi/policy_object/Log.robot new file mode 100644 index 0000000..0c206a4 --- /dev/null +++ b/02-Keyword/tsg_bfapi/policy_object/Log.robot @@ -0,0 +1,116 @@ +*** Settings *** +Library json +Library Collections +Library RequestsLibrary +Resource ../../../03-Variable/BifangApiVariable.txt +Resource ../../../02-Keyword/tsg_bfapi/policy_file_interface/FunctionalKeywords.robot +Resource ../Common.robot +*** Variables *** +${logUrl} /log +*** Keywords *** +GetLogSchema + [Documentation] + ... 日志schema查询 + ... logType 日志类型 + ... resData schema数据 + [Arguments] ${logType} + ${response} BaseFormRequest ${logUrl}/schema logType=${logType} ${version} + ${rescode} Set Variable ${response['code']} + Should Be Equal As Integers ${rescode} 200 + ${resData} Set Variable ${response['data']} + ${schema_query} Get From Dictionary ${resData['doc']} schema_query + ${schema_type} Get From Dictionary ${resData['doc']} schema_type + ${default_columns} Get From Dictionary ${resData['doc']} default_columns + [Return] ${schema_query} ${schema_type} ${default_columns} ${resData['fields']} +QueryLogs + [Documentation] + ... 日志列表查询 + ... params字典列表 + ... 注意如下字典字段格式 + ... orderBy=field名字1|true,field名字2|false + ... fields=name1|type,name2|type + ... conditions=field1|type|symbol|value1^value2,field2|type|symbol|value3^value4 + ... value1^value2是使用^分隔的字符串解析后为[value1,value2]格式的数组 + [Arguments] ${params} ${path} + Should Not Be Empty ${params} + ${return} ${pageSize} Run Keyword And Ignore Error Get From Dictionary ${params} pageSize + Run Keyword If "${return}"=="PASS" and "${pageSize}"=="${EMPTY}" Remove From Dictionary ${params} pageSize + ${return} ${pageNo} Run Keyword And Ignore Error Get From Dictionary ${params} pageNo + Run Keyword If "${return}"=="PASS" and "${pageNo}"=="${EMPTY}" Remove From Dictionary ${params} pageNo + Dictionary Should Contain Key ${params} logType + ${logType} Get From Dictionary ${params} logType + #处理排序 + ${return} ${orderBy} Run Keyword And Ignore Error Get From Dictionary ${params} orderBy + ${orderBy} Run Keyword If "${return}"=="FAIL" or "${orderBy}"=="${EMPTY}" Create List + ... ELSE IF "${path}"=="list" ManageOrderBy ${orderBy} ELSE IF "${path}"=="count" + ... Set Variable ${orderBy} + Run Keyword If "${path}"=="list" Set To Dictionary ${params} orderBy=${orderBy} + Run Keyword If "${path}"=="count" Remove From Dictionary ${params} orderBy + ${return} ${fields} Run Keyword And Ignore Error Get From Dictionary ${params} fields + Run Keyword If "${path}"=="list" Should Not Be Empty ${fields} + ${fields} Run Keyword If "${path}"=="list" ManageFields ${fields} + ... ELSE Create List + Run Keyword If "${path}"=="list" Set To Dictionary ${params} fields=${fields} + Run Keyword If "${path}"=="count" Remove From Dictionary ${params} fields + ${start_common_recv_time} Get From Dictionary ${params} start_common_recv_time + Should Not Be Empty ${start_common_recv_time} + ${end_common_recv_time} Get From Dictionary ${params} end_common_recv_time + Should Not Be Empty ${end_common_recv_time} + + ${return} ${userTags} Run Keyword And Ignore Error Get From Dictionary ${params} userTags + Run Keyword If "${return}"=="PASS" and "${userTags}"=="${EMPTY}" Remove From Dictionary ${params} userTags + ${return} ${conditions} Run Keyword And Ignore Error Get From Dictionary ${params} conditions + ${conditions} Run Keyword If "${return}"=="PASS" and "${conditions}"!="${EMPTY}" ManageConditions ${conditions} + ... ELSE Create List + Set To Dictionary ${params} conditions=${conditions} + ${bodyJson} json.Dumps ${params} ensure_ascii=False + ${response} BasePostRequestForV2 ${logUrl}/${path} ${bodyJson} ${version} + ${rescode} Set Variable ${response['code']} + Should Be Equal As Integers ${rescode} 200 + ${resData} Set Variable ${response['data']} + [Return] ${resData} + ManageOrderBy + [Documentation] + ... + [Arguments] ${orderBy} + ${orderByList} Create List + @{orderByArr} Split String ${orderBy} , + FOR ${order} IN @{orderByArr} + @{orderByArr} Split String ${order} | + ${dict} Create Dictionary field=${orderByArr}[0] asc=${orderByArr}[1] + Append To List ${orderByList} ${dict} + END + [Return] ${orderByList} + ManageFields + [Arguments] ${fields} + ${fieldsList} Create List + @{fieldsArr} Split String ${fields} , + FOR ${field} IN @{fieldsArr} + @{fieldsArr} Split String ${field} | + ${dict} Create Dictionary name=${fieldsArr}[0] type=${fieldsArr}[1] + Append To List ${fieldsList} ${dict} + END + [Return] ${fieldsList} + ManageConditions + [Arguments] ${conditions} + ${conditionsList} Create List + @{conditionsArr} Split String ${conditions} , + FOR ${condition} IN @{conditionsArr} + @{conditionArr} Split String ${condition} | + @{value} Split String ${conditionArr}[3] ^ + ${type} Set Variable ${conditionArr}[1] + ${value} Run Keyword If "${type}"=="int" or "${type}"=="long" toDigitList ${value} ${type} + ... ELSE Set Variable ${value} + ${dict} Create Dictionary field=${conditionArr}[0] type=${type} symbol=${conditionArr}[2] value=${value} + Append To List ${conditionsList} ${dict} + END + [Return] ${conditionsList} +toDigitList + [Arguments] ${values} ${type} + ${list} Create List + FOR ${var} IN @{values} + ${var} Run Keyword If "${type}"=="int" Evaluate int('${var}') + ... ELSE Evaluate long('${var}') + Append To List ${list} ${var} + END + [Return] ${list} \ No newline at end of file diff --git a/02-Keyword/tsg_bfapi/policy_object/Object.robot b/02-Keyword/tsg_bfapi/policy_object/Object.robot index e7bdb85..2139430 100644 --- a/02-Keyword/tsg_bfapi/policy_object/Object.robot +++ b/02-Keyword/tsg_bfapi/policy_object/Object.robot @@ -21,12 +21,12 @@ AddObjects #必选参数判定 Should Not Be Empty ${objectList} ${dictType} = Evaluate type(${objectList}) - ${body} Run Keyword If "${dictType}" == "" WxObjectListOperation ${returnData} ${objectList} add - ... ELSE IF "${dictType}" == "" WxObjectOperation ${returnData} ${objectList} add + ${body} Run Keyword If "${dictType}" == "" ObjectListOperation ${returnData} ${objectList} add + ... ELSE IF "${dictType}" == "" ObjectOperation ${returnData} ${objectList} add ... ELSE Set Variable ${EMPTY} ${response} BasePostRequestForV2 ${objectUrl} ${body} ${version} - ${objectIds} Run Keyword If "${returnData}" == "1" WxGet-ObjectIds ${response} + ${objectIds} Run Keyword If "${returnData}" == "1" Get-ObjectIds ${response} ... ELSE Create List ${rescode} Set Variable ${response['code']} Should Be Equal As Strings ${rescode} 200 @@ -44,8 +44,8 @@ UpdateObjects #必选参数判定 Should Not Be Empty ${objectList} ${dictType} = Evaluate type(${objectList}) - ${body} Run Keyword If "${dictType}" == "" WxObjectListOperation ${returnData} ${objectList} ${opAction} - ... ELSE IF "${dictType}" == "" WxObjectOperation ${returnData} ${objectList} ${opAction} + ${body} Run Keyword If "${dictType}" == "" ObjectListOperation ${returnData} ${objectList} ${opAction} + ... ELSE IF "${dictType}" == "" ObjectOperation ${returnData} ${objectList} ${opAction} ... ELSE Set Variable ${EMPTY} ${response} BaseEditRequestForV2 ${objectUrl} ${body} ${version} diff --git a/02-Keyword/tsg_bfapi/policy_object/Policy.robot b/02-Keyword/tsg_bfapi/policy_object/Policy.robot index e40c59b..ef9c028 100644 --- a/02-Keyword/tsg_bfapi/policy_object/Policy.robot +++ b/02-Keyword/tsg_bfapi/policy_object/Policy.robot @@ -51,12 +51,12 @@ AddPolicies #必选参数判定 Should Not Be Empty ${policyList} ${dictType} = Evaluate type(${policyList}) - ${body} Run Keyword If "${dictType}" == "" WxPolicyListOperation ${returnData} ${policyList} add ${version} - ... ELSE IF "${dictType}" == "" WxPolicyOperation ${returnData} ${policyList} add ${version} + ${body} Run Keyword If "${dictType}" == "" PolicyListDataOperation ${returnData} ${policyList} add ${version} + ... ELSE IF "${dictType}" == "" PolicyDataOperation ${returnData} ${policyList} add ${version} ... ELSE Set Variable ${EMPTY} #${body} Set Variable {"opAction":"add","policyList":{"policyName":"wx-test","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","method":"drop"},"source":[{"objectId":3101,"protocolField":"TSG_SECURITY_SOURCE_ADDR"}],"destination":[],"filterList":[{"filter":[{"objectId":3404,"protocolField":"TSG_FIELD_SSL_CN"}]}],"appIdObjects":[3],"isValid":0,"scheduleId":[]}} ${response} BasePostRequestForV2 ${policyUrl} ${body} ${version} - ${policyIds} Run Keyword If "${returnData}" == "1" WxGet-PolicyIds ${response} + ${policyIds} Run Keyword If "${returnData}" == "1" Get-PolicyIds ${response} ... ELSE Create List ${rescode} Set Variable ${response['code']} Should Be Equal As Strings ${rescode} 200 @@ -72,36 +72,32 @@ UpdatePolicies #必选参数判定 Should Not Be Empty ${policyList} ${dictType} = Evaluate type(${policyList}) - ${body} Run Keyword If "${dictType}" == "" WxPolicyListOperation ${returnData} ${policyList} ${opAction} ${version} - ... ELSE IF "${dictType}" == "" WxPolicyOperation ${returnData} ${policyList} ${opAction} ${version} + ${body} Run Keyword If "${dictType}" == "" PolicyListDataOperation ${returnData} ${policyList} ${opAction} ${version} + ... ELSE IF "${dictType}" == "" PolicyDataOperation ${returnData} ${policyList} ${opAction} ${version} ... ELSE Set Variable ${EMPTY} ${response} BaseEditRequestForV2 ${policyUrl} ${body} ${version} ${rescode} Set Variable ${response['code']} Should Be Equal As Strings ${rescode} 200 [Return] ${rescode} DeletePolicies - [Arguments] ${params} - ${paramsType} Evaluate type(${params}) - Run Keyword And Return If "${paramsType}" == "" DeletePoliciy ${params} - FOR ${param} IN @{params} - ${rescode} WxDeletePolicy ${param} - END - [Return] ${rescode} -WxDeletePolicy [Documentation] ... 删除策略 - ... params,传入的删除字典 - ... 结构为policyIds=${policyIds} (List) policyType=${policyType} (variable) - [Arguments] ${params} - ${response} BaseDeleteRequest /${version}${policyUrl} ${params} - ${rescode} Set Variable ${response['code']} - Should Be Equal As Strings ${rescode} 200 + ... params结构可为List或者dict + ... dict结构 + ... dict data:{'policyType':'tsg_security','policyIds':[1,2,3]} + ... list 结构 + ... list data:[{'policyType':'tsg_security','policyIds':[1,2,3]},{'policyType':'pxy_manipulation','policyIds':[4,5,6]}] + [Arguments] ${params} + ${paramsType} Evaluate type(${params}) + Run Keyword And Return If "${paramsType}" == "" DeletePolicyWithParamDict ${params} + FOR ${param} IN @{params} + ${rescode} DeletePolicyWithParamDict ${param} + END [Return] ${rescode} -WxDeletePolicy1 +DeletePolicy1 [Documentation] - ... 与DeletePoliciy类似,但是参数分开 - ... policyIds 策略id list - ... policyType 策略类型 + ... policyIds 策略id list [1,2,3] + ... policyType 策略类型 tsg_security等 [Arguments] ${policyIds} ${policyType} ${params} Create Dictionary policyIds=${policyIds} policyType=${policyType} ${response} BaseDeleteRequest /${version}${policyUrl} ${params} @@ -127,6 +123,9 @@ ImportPolicy ExportPolicy [Documentation] ... 策略导出 + ... policyType tsg_security等 + ... policyIds 1,2,3 + ... policyName 字符串 [Arguments] ${policyType} ${policyIds} ${policyName} Should Not Be Empty ${policyType} ${params} Create Dictionary policyType=${policyType} @@ -141,4 +140,30 @@ WriteFile ${type} Evaluate type(${content}) ${content} Run Keyword If "${type}" == "" json.Dumps ${content} ... ELSE Set Variable ${content} - Append To File ${path}/${filePath}/${fileName} ${content} \ No newline at end of file + Append To File ${path}/${filePath}/${fileName} ${content} +VerifyPolicies + [Documentation] + ... 策略验证 + ... 支持多个策略验证与单个策略验证 + ... 单个策略验证时verifyList 是一个dict + ... 多个策略验证时是一个list + ... atrributeValue字段可为三种格式 + ... 1:dict + ... 2:json + ... 3.字符串,ip的value对应格式为clientIp|clientPort|serverIp|serverPort|addrType|protocol,注意addrType,protocol为数字 + ... signature 的value对应格式为district|string + ... string的格式就是string + ... 以上三种方式可以混合搭配使用 + [Arguments] ${verifyList} + Log To Console Call VerifyPolicies + #必选参数判定 + Should Not Be Empty ${verifyList} + ${dictType} = Evaluate type(${verifyList}) + ${body} Run Keyword If "${dictType}" == "" VerifyPolicyList ${verifyList} + ... ELSE IF "${dictType}" == "" VerifyPolicyObj ${verifyList} + ... ELSE Set Variable ${EMPTY} + ${body} Set Variable {"verifyList":${body}} + ${response} BasePostRequestForV2 /policy/verify ${body} ${version} + ${rescode} Set Variable ${response['code']} + Should Be Equal As Strings ${rescode} 200 + [Return] ${rescode} ${response['data']} \ No newline at end of file diff --git a/02-Keyword/tsg_bfapi/policy_object/ProcessObjectBody.robot b/02-Keyword/tsg_bfapi/policy_object/ProcessObjectBody.robot index e7aab82..f34565d 100644 --- a/02-Keyword/tsg_bfapi/policy_object/ProcessObjectBody.robot +++ b/02-Keyword/tsg_bfapi/policy_object/ProcessObjectBody.robot @@ -5,7 +5,7 @@ Resource ../../../03-Variable/BifangApiVariable.txt Resource ../../../03-Variable/PolicyObjectDefault.txt Resource ../../tsg_common/ManageObjectBody.robot *** Keywords *** -WxObjectListOperation +ObjectListOperation [Documentation] ... 描述:入口,opAction参数可为'add','update','disable','enable' ... 参数:returnData: 必传,是否返回请求数据。可选${0}(不返回)/${1}(返回)。 @@ -14,10 +14,10 @@ WxObjectListOperation ... 多个对象处理 [Arguments] ${returnData} ${objectList} ${opAction} - Log To Console Call WxObjectListOperation + Log To Console Call ObjectListOperation ${objectListJson} Set Variable [ FOR ${object} IN @{objectList} - ${json} WxObjectOrganize ${object} ${opAction} + ${json} ObjectOrganize ${object} ${opAction} ${objectListJson} Set Variable ${objectListJson}${json}, END ${objectListJson}= Replace String Using Regexp ${objectListJson} ,$ ] @@ -28,7 +28,7 @@ WxObjectListOperation Log Object_Request_Body-${json} [Return] ${json} -WxObjectOperation +ObjectOperation [Documentation] ... 描述:入口,opAction参数可为'add','update','disable','enable' ... 参数:returnData: 必传,是否返回请求数据。可选${0}(不返回)/${1}(返回)。 @@ -37,8 +37,8 @@ WxObjectOperation ... 单个策略处理 [Arguments] ${returnData} ${object} ${opAction} - Log To Console Call WxPolicyOperation - ${json} WxObjectOrganize ${object} ${opAction} + Log To Console Call ObjectOperation + ${json} ObjectOrganize ${object} ${opAction} # 转为json结构并返回 ${dict} Create Dictionary opAction=${opAction} returnData=${returnData} objectList=replace:objectList ${bodyJson} json.Dumps ${dict} ensure_ascii=False @@ -47,14 +47,14 @@ WxObjectOperation Log Object_Request_Body-${json} [Return] ${json} -WxObjectOrganize +ObjectOrganize [Documentation] ... 描述:入口,opAction参数可为'add','update','disable','enable' ... object: 必传,字典类型。字典内可选参数信息: ... 其它参数默认值见../../03-Variable/PolicyObjectDefault.txt ... 单个策略转换为json [Arguments] ${object} ${opAction} - Log To Console Call WxObjectOrganize + Log To Console Call ObjectOrganize ${emptyList} Create List ${returnDict} Create Dictionary # 断言必传参数 @@ -144,11 +144,11 @@ ManageDeleteItemIds Append To List ${list1} ${var} END Set To Dictionary ${returnDict} deleteItemIds=${list1} -WxGet-ObjectIds +Get-ObjectIds [Documentation] ... 获取结果中的对象ID [Arguments] ${value} - Log Call WxGet-ObjectIds + Log Call Get-ObjectIds ${objectIds} Create List ${objectIdsTemp} Set Variable ${EMPTY} ${return} ${data} Run Keyword And Ignore Error Get From Dictionary ${value} data diff --git a/02-Keyword/tsg_bfapi/policy_object/ProcessPolicyBody.robot b/02-Keyword/tsg_bfapi/policy_object/ProcessPolicyBody.robot index a0069d2..cd2130a 100644 --- a/02-Keyword/tsg_bfapi/policy_object/ProcessPolicyBody.robot +++ b/02-Keyword/tsg_bfapi/policy_object/ProcessPolicyBody.robot @@ -31,7 +31,7 @@ Resource ../../tsg_common/ManagePolicyBody.robot # ... filterList= ${265}|${257}:TSG_FIELD_HTTP_HOST,${266}|${299}:TSG_FIELD_SSL_SNI&TSG_FIELD_SSL_SAN # ... filterList由多个数字用‘|’分隔,加上:对上对应的protocolFiled, # ... 一个filter中的protocolFiled是确定的,一个protocolFiled对应多个objectId -WxPolicyListOperation +PolicyListDataOperation [Documentation] ... 描述:入口,opAction参数可为'add','update','disable','enable' ... 参数:returnData: 必传,是否返回请求数据。可选${0}(不返回)/${1}(返回)。 @@ -41,7 +41,7 @@ WxPolicyListOperation ... 多个策略处理 [Arguments] ${returnData} ${policyList} ${opAction} ${policyObjectVersion} - Log To Console Call WxPolicyListOperation + Log To Console Call PolicyListDataOperation ${policyListJson} Set Variable [ FOR ${policy} IN @{policyList} ${json} WxPolicyOrganize ${policy} ${opAction} ${policyObjectVersion} @@ -55,7 +55,7 @@ WxPolicyListOperation Log Policy_Request_Body-${json} [Return] ${json} -WxPolicyOperation +PolicyDataOperation [Documentation] ... 描述:入口,opAction参数可为'add','update','disable','enable' ... 参数:returnData: 必传,是否返回请求数据。可选${0}(不返回)/${1}(返回)。 @@ -65,7 +65,7 @@ WxPolicyOperation ... 单个策略处理 [Arguments] ${returnData} ${policy} ${opAction} ${policyObjectVersion} - Log To Console Call WxPolicyOperation + Log To Console Call PolicyDataOperation ${json} WxPolicyOrganize ${policy} ${opAction} ${policyObjectVersion} # 转为json结构并返回 ${dict} Create Dictionary opAction=${opAction} returnData=${returnData} policyList=replace:policyList @@ -333,7 +333,7 @@ ManageFilter ${filterObject} Create Dictionary filter=${filterObjectList} [Return] ${filterObject} -WxGet-PolicyIds +Get-PolicyIds [Documentation] ... 获取结果中的策略ID [Arguments] ${value} @@ -348,4 +348,127 @@ WxGet-PolicyIds #Log To Console ${objectType} END - [Return] ${policyIds} \ No newline at end of file + [Return] ${policyIds} +DeletePolicyWithParamDict + [Documentation] + ... 删除策略 + ... params,传入的删除字典 + ... 结构为policyIds=${policyIds} (List) policyType=${policyType} (variable) + [Arguments] ${params} + ${response} BaseDeleteRequest /${version}${policyUrl} ${params} + ${rescode} Set Variable ${response['code']} + Should Be Equal As Strings ${rescode} 200 + [Return] ${rescode} +VerifyPolicyList + [Documentation] + ... 策略验证 + ... 多个策略验证 + [Arguments] ${verifyList} + Log To Console Call VerifyPolicyList + ${verifyListJson} Set Variable [ + FOR ${verifyObj} IN @{verifyList} + ${json} VerifyPolicyObj ${verifyObj} + ${verifyListJson} Set Variable ${verifyListJson}${json}, + END + ${verifyListJson}= Replace String Using Regexp ${verifyListJson} ,$ ] + Log Policy_Request_Body-${verifyListJson} + [Return] ${verifyListJson} +VerifyPolicyObj + [Documentation] + ... 策略验证 + ... 单个策略验证 + [Arguments] ${verifyObj} + Log To Console Call VerifyPolicyObj + ${emptyList} Create List + ${return} ${policyType} Run Keyword And Ignore Error Get From Dictionary ${verifyObj} policyType + #Should Not Be Empty ${policyType} + ${verifySession} Get From Dictionary ${verifyObj} verifySession + Should Not Be Empty ${verifySession} + ${attributes} Get From Dictionary ${verifySession} attributes + Should Not Be Empty ${attributes} + FOR ${attribute} IN @{attributes} + ${attributeType} Get From Dictionary ${attribute} attributeType + ${return} ${tableName} Run Keyword And Ignore Error Get From Dictionary ${attribute} tableName + ${return} ${protocol} Run Keyword And Ignore Error Get From Dictionary ${attribute} protocol + ${attributeName} Get From Dictionary ${attribute} attributeName + ${attributeValue} Get From Dictionary ${attribute} attributeValue + #将json转换为dict + ${attributeValue} Convert To String ${attributeValue} + ${start} Get Regexp Matches ${attributeValue} ^{\" + ${start1} Get Regexp Matches ${attributeValue} ^{\' + ${len} Get Length ${start} + ${len1} Get Length ${start1} + ${attributeValue} Run Keyword If ${len}>0 Evaluate eval('${attributeValue}') + ... ELSE IF ${len1}>0 Evaluate eval("${attributeValue}") + ... ELSE Set Variable ${attributeValue} + ${type} Run Keyword If ${len}>0 or ${len1}>0 Set Variable dict + ... ELSE Set Variable str + ${attributeValue} Run Keyword If "${attributeType}"=="ip" ManageIpAttributeValue ${attributeValue} ${attributeName} ${type} + ... ELSE IF "${attributeType}"=="signature" ManageSignatureAttributeValue ${attributeValue} ${type} + ... ELSE ManageStringAttributeValue ${attributeValue} ${type} + Set To Dictionary ${attribute} attributeValue=${attributeValue} + END + Set To Dictionary ${verifyObj} verifySession=${verifySession} + # 转为json结构并返回 + ${json} json.Dumps ${verifyObj} ensure_ascii=False + Log VerifyPolicy-${json} + [Return] ${json} +ManageIpAttributeValue + [Arguments] ${attributeValue} ${attributeName} ${type} + Run Keyword And Return If "${type}"=="str" ExtractIpAttributeValue ${attributeValue} + ${dict} Create Dictionary + ${return} ${clientIp} Run Keyword And Ignore Error Get From Dictionary ${attributeValue} clientIp + Run Keyword If "${clientIp}"=="${EMPTY}" and "${attributeName}"=="src_ip" Should Not Be Empty ${clientIp} + Set To Dictionary ${dict} clientIp=${clientIp} + ${return} ${clientPort} Run Keyword And Ignore Error Get From Dictionary ${attributeValue} clientPort + Run Keyword If "${clientPort}"=="${EMPTY}" and "${attributeName}"=="src_ip" Should Not Be Empty ${clientPort} + Set To Dictionary ${dict} clientPort=${clientPort} + ${return} ${serverIp} Run Keyword And Ignore Error Get From Dictionary ${attributeValue} serverIp + Run Keyword If "${serverIp}"=="${EMPTY}" and "${attributeName}"=="dest_ip" Should Not Be Empty ${serverIp} + Set To Dictionary ${dict} serverIp=${serverIp} + ${return} ${serverPort} Run Keyword And Ignore Error Get From Dictionary ${attributeValue} serverPort + Run Keyword If "${serverPort}"=="${EMPTY}" and "${attributeName}"=="dest_ip" Should Not Be Empty ${serverPort} + Set To Dictionary ${dict} serverPort=${serverPort} + ${return} ${addrType} Run Keyword And Ignore Error Get From Dictionary ${attributeValue} addrType + Should Be Equal As Strings ${return} PASS + Set To Dictionary ${dict} addrType=${addrType} + ${return} ${protocol} Run Keyword And Ignore Error Get From Dictionary ${attributeValue} protocol + Should Be Equal As Strings ${return} PASS + Set To Dictionary ${dict} protocol=${protocol} + [Return] ${dict} +ExtractIpAttributeValue + [Arguments] ${attributeValue} + ${list} Split String ${attributeValue} | + ${len} Get Length ${list} + Should Be Equal As Integers ${len} 6 + ${addrType} Evaluate int(${list}[4]) + ${protocol} Evaluate int(${list}[5]) + ${dict} Create Dictionary clientIp=${list}[0] clientPort=${list}[1] serverIp=${list}[2] + ... serverPort=${list}[3] addrType=${addrType} protocol=${protocol} + [Return] ${dict} +ManageSignatureAttributeValue + [Arguments] ${attributeValue} ${type} + Run Keyword And Return If "${type}"=="str" ExtractSignatureAttributeValue ${attributeValue} + ${dict} Create Dictionary + ${district} Get From Dictionary ${attributeValue} district + Should Not Be Empty ${district} + Set To Dictionary ${dict} district=${district} + ${string} Get From Dictionary ${attributeValue} string + Should Not Be Empty ${string} + Set To Dictionary ${dict} string=${string} + [Return] ${dict} +ExtractSignatureAttributeValue + [Arguments] ${attributeValue} + ${list} Split String ${attributeValue} | + ${len} Get Length ${list} + Should Be Equal As Integers ${len} 2 + ${dict} Create Dictionary district=${list}[0] string=${list}[1] + [Return] ${dict} +ManageStringAttributeValue + [Arguments] ${attributeValue} ${type} + ${dict} Create Dictionary + Run Keyword And Return If "${type}"=="str" Create Dictionary string=${attributeValue} + ${string} Get From Dictionary ${attributeValue} string + Should Not Be Empty ${string} + Set To Dictionary ${dict} string=${string} + [Return] ${dict} \ No newline at end of file diff --git a/05-Other/AllFlowCaseVariable.txt b/05-Other/AllFlowCaseVariable.txt new file mode 100644 index 0000000..e733c9e --- /dev/null +++ b/05-Other/AllFlowCaseVariable.txt @@ -0,0 +1,10 @@ +*** Variables *** + +${deny_ssl_objectId} 117553 +${deny_ssl_policyId} 74411 +${deny_ssl_objectId1} 117554 +${deny_ssl_policyId1} 74412 +${deny_ssl_objectId2} 117746 +${deny_ssl_policyId2} 74613 +${deny_ssl_objectId3} 117975 +${deny_ssl_policyId3} 74867 diff --git a/05-Other/AllFlowCaseVariable1.txt b/05-Other/AllFlowCaseVariable1.txt new file mode 100644 index 0000000..49cfc47 --- /dev/null +++ b/05-Other/AllFlowCaseVariable1.txt @@ -0,0 +1,15 @@ +*** Variables *** +${deny_ssl_starttime} 2020-06-22 19:41:40 +${deny_ssl_endtime} 2020-06-22 19:43:11 +${deny_ssl_starttime1} 2020-06-22 19:43:11 +${deny_ssl_endtime1} 2020-06-22 19:44:41 +${deny_ssl_starttime2} 2020-06-22 19:44:41 +${deny_ssl_endtime2} 2020-06-22 19:47:11 +${deny_ssl_starttime3} 2020-06-22 19:47:11 +${deny_ssl_endtime3} 2020-06-22 19:49:00 +${deny_ssl_starttime4} 2020-06-22 20:18:42 +${deny_ssl_endtime4} 2020-06-22 20:20:48 +${deny_ssl_starttime5} 2020-06-22 20:20:48 +${deny_ssl_endtime5} 2020-06-22 20:23:25 +${deny_ssl_starttime6} 2020-06-22 21:04:52 +${deny_ssl_endtime6} 2020-06-22 21:07:22 diff --git a/05-Other/curl/SecurityPolicy_Deny_SSL_00001.bat b/05-Other/curl/SecurityPolicy_Deny_SSL_00001.bat new file mode 100644 index 0000000..44d4477 --- /dev/null +++ b/05-Other/curl/SecurityPolicy_Deny_SSL_00001.bat @@ -0,0 +1 @@ +curl https://www.freestockimages.ru/ | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/SecurityPolicy_Deny_SSL_00001_1.bat b/05-Other/curl/SecurityPolicy_Deny_SSL_00001_1.bat new file mode 100644 index 0000000..a19bab2 --- /dev/null +++ b/05-Other/curl/SecurityPolicy_Deny_SSL_00001_1.bat @@ -0,0 +1 @@ +curl https://www.cxwl.com/ | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/SecurityPolicy_Deny_SSL_00002.bat b/05-Other/curl/SecurityPolicy_Deny_SSL_00002.bat new file mode 100644 index 0000000..80baf50 --- /dev/null +++ b/05-Other/curl/SecurityPolicy_Deny_SSL_00002.bat @@ -0,0 +1 @@ +curl https://www.berkeleygroup.co.uk/ | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/SecurityPolicy_Deny_SSL_00002_2.bat b/05-Other/curl/SecurityPolicy_Deny_SSL_00002_2.bat new file mode 100644 index 0000000..19c2b13 --- /dev/null +++ b/05-Other/curl/SecurityPolicy_Deny_SSL_00002_2.bat @@ -0,0 +1 @@ +curl https://www.vip.com/ | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/SecurityPolicy_Deny_SSL_00003.bat b/05-Other/curl/SecurityPolicy_Deny_SSL_00003.bat new file mode 100644 index 0000000..15281db --- /dev/null +++ b/05-Other/curl/SecurityPolicy_Deny_SSL_00003.bat @@ -0,0 +1 @@ +curl https://www.nastol.com.ua/ | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/SecurityPolicy_Deny_SSL_00003_3.bat b/05-Other/curl/SecurityPolicy_Deny_SSL_00003_3.bat new file mode 100644 index 0000000..bc87520 --- /dev/null +++ b/05-Other/curl/SecurityPolicy_Deny_SSL_00003_3.bat @@ -0,0 +1 @@ +curl https://www.pulitzer.org/ | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/SecurityPolicy_Deny_SSL_00004.bat b/05-Other/curl/SecurityPolicy_Deny_SSL_00004.bat new file mode 100644 index 0000000..5be9567 --- /dev/null +++ b/05-Other/curl/SecurityPolicy_Deny_SSL_00004.bat @@ -0,0 +1 @@ +curl https://mail.ru/ | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/command/.gitkeep b/05-Other/curl/command/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/05-Other/curl/command/SecurityPolicy_Deny_HTTP_00001.bat b/05-Other/curl/command/SecurityPolicy_Deny_HTTP_00001.bat new file mode 100644 index 0000000..54ad2c9 --- /dev/null +++ b/05-Other/curl/command/SecurityPolicy_Deny_HTTP_00001.bat @@ -0,0 +1 @@ +curl http://webalta.ru/ | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/command/SecurityPolicy_Deny_HTTP_00002.bat b/05-Other/curl/command/SecurityPolicy_Deny_HTTP_00002.bat new file mode 100644 index 0000000..77e3599 --- /dev/null +++ b/05-Other/curl/command/SecurityPolicy_Deny_HTTP_00002.bat @@ -0,0 +1 @@ +curl http://www.nymbler.com/ | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/command/SecurityPolicy_Deny_HTTP_00003.bat b/05-Other/curl/command/SecurityPolicy_Deny_HTTP_00003.bat new file mode 100644 index 0000000..600e4b1 --- /dev/null +++ b/05-Other/curl/command/SecurityPolicy_Deny_HTTP_00003.bat @@ -0,0 +1 @@ +curl http://www.icbc.com.cn/icbc/ | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/command/SecurityPolicy_Deny_HTTP_00003_1.bat b/05-Other/curl/command/SecurityPolicy_Deny_HTTP_00003_1.bat new file mode 100644 index 0000000..6430439 --- /dev/null +++ b/05-Other/curl/command/SecurityPolicy_Deny_HTTP_00003_1.bat @@ -0,0 +1 @@ +curl http://www.ccb.com/cn/home/indexv3.html | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/command/SecurityPolicy_Deny_HTTP_00003_2.bat b/05-Other/curl/command/SecurityPolicy_Deny_HTTP_00003_2.bat new file mode 100644 index 0000000..448461f --- /dev/null +++ b/05-Other/curl/command/SecurityPolicy_Deny_HTTP_00003_2.bat @@ -0,0 +1 @@ +curl http://www.gotohoroscope.com/daily-horoscope.html | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/command/SecurityPolicy_Deny_HTTP_00003_3.bat b/05-Other/curl/command/SecurityPolicy_Deny_HTTP_00003_3.bat new file mode 100644 index 0000000..43c3053 --- /dev/null +++ b/05-Other/curl/command/SecurityPolicy_Deny_HTTP_00003_3.bat @@ -0,0 +1 @@ +curl http://government.ru/news/ | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/command/SecurityPolicy_Deny_HTTP_00004.bat b/05-Other/curl/command/SecurityPolicy_Deny_HTTP_00004.bat new file mode 100644 index 0000000..74b8b01 --- /dev/null +++ b/05-Other/curl/command/SecurityPolicy_Deny_HTTP_00004.bat @@ -0,0 +1 @@ +curl -kv --user-agent "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36" --referer 'http://www.baidu.com/' \ curl http://www.tsutmb.ru/sveden | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/command/SecurityPolicy_Deny_HTTP_00005.bat b/05-Other/curl/command/SecurityPolicy_Deny_HTTP_00005.bat new file mode 100644 index 0000000..6180d14 --- /dev/null +++ b/05-Other/curl/command/SecurityPolicy_Deny_HTTP_00005.bat @@ -0,0 +1 @@ +curl -kv --user-agent "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36" --referer 'http://www.baidu.com/' \ curl http://www.abchina.com/cn/ | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/command/SecurityPolicy_Deny_HTTP_00006.bat b/05-Other/curl/command/SecurityPolicy_Deny_HTTP_00006.bat new file mode 100644 index 0000000..b9e3ce5 --- /dev/null +++ b/05-Other/curl/command/SecurityPolicy_Deny_HTTP_00006.bat @@ -0,0 +1 @@ +curl -kv --user-agent "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36" --referer 'http://www.baidu.com/' \ curl http://egypt.travel/ru | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/command/SecurityPolicy_Deny_HTTP_00007.bat b/05-Other/curl/command/SecurityPolicy_Deny_HTTP_00007.bat new file mode 100644 index 0000000..0790784 --- /dev/null +++ b/05-Other/curl/command/SecurityPolicy_Deny_HTTP_00007.bat @@ -0,0 +1 @@ +curl -kv --user-agent "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36" --referer 'http://www.baidu.com/' \ curl http://www.destination360.com/travel/destinations | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/command/SecurityPolicy_Deny_SSL_00001.bat b/05-Other/curl/command/SecurityPolicy_Deny_SSL_00001.bat new file mode 100644 index 0000000..44d4477 --- /dev/null +++ b/05-Other/curl/command/SecurityPolicy_Deny_SSL_00001.bat @@ -0,0 +1 @@ +curl https://www.freestockimages.ru/ | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/command/SecurityPolicy_Deny_SSL_00001_1.bat b/05-Other/curl/command/SecurityPolicy_Deny_SSL_00001_1.bat new file mode 100644 index 0000000..a19bab2 --- /dev/null +++ b/05-Other/curl/command/SecurityPolicy_Deny_SSL_00001_1.bat @@ -0,0 +1 @@ +curl https://www.cxwl.com/ | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/command/SecurityPolicy_Deny_SSL_00002.bat b/05-Other/curl/command/SecurityPolicy_Deny_SSL_00002.bat new file mode 100644 index 0000000..80baf50 --- /dev/null +++ b/05-Other/curl/command/SecurityPolicy_Deny_SSL_00002.bat @@ -0,0 +1 @@ +curl https://www.berkeleygroup.co.uk/ | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/command/SecurityPolicy_Deny_SSL_00002_2.bat b/05-Other/curl/command/SecurityPolicy_Deny_SSL_00002_2.bat new file mode 100644 index 0000000..19c2b13 --- /dev/null +++ b/05-Other/curl/command/SecurityPolicy_Deny_SSL_00002_2.bat @@ -0,0 +1 @@ +curl https://www.vip.com/ | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/command/SecurityPolicy_Deny_SSL_00003.bat b/05-Other/curl/command/SecurityPolicy_Deny_SSL_00003.bat new file mode 100644 index 0000000..15281db --- /dev/null +++ b/05-Other/curl/command/SecurityPolicy_Deny_SSL_00003.bat @@ -0,0 +1 @@ +curl https://www.nastol.com.ua/ | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/command/SecurityPolicy_Deny_SSL_00003_3.bat b/05-Other/curl/command/SecurityPolicy_Deny_SSL_00003_3.bat new file mode 100644 index 0000000..bc87520 --- /dev/null +++ b/05-Other/curl/command/SecurityPolicy_Deny_SSL_00003_3.bat @@ -0,0 +1 @@ +curl https://www.pulitzer.org/ | iconv -f utf-8 -t gbk \ No newline at end of file diff --git a/05-Other/curl/command/SecurityPolicy_Deny_SSL_00004.bat b/05-Other/curl/command/SecurityPolicy_Deny_SSL_00004.bat new file mode 100644 index 0000000..5be9567 --- /dev/null +++ b/05-Other/curl/command/SecurityPolicy_Deny_SSL_00004.bat @@ -0,0 +1 @@ +curl https://mail.ru/ | iconv -f utf-8 -t gbk \ No newline at end of file