1、公共文件添加日志查询次数变量${logfornumber}2、修改安全策略allow协议http和ssl全流程用例3、新建log验证关键字(循环验证)
This commit is contained in:
lyf
@@ -1,123 +1,276 @@
|
|||||||
*** Settings ***
|
*** Settings ***
|
||||||
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
|
Test Teardown DeletePolicyAndObjectAndApplicationAndSignature ${policyIds} ${objectids}
|
||||||
Force Tags tsg_adc tsg_security
|
Force Tags tsg_adc tsg_security
|
||||||
Library OperatingSystem
|
Library OperatingSystem
|
||||||
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
|
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
|
||||||
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
|
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
|
||||||
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
|
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
|
||||||
Resource ../../../03-Variable/BifangApiVariable.txt
|
Resource ../../../02-Keyword/tsg_adc/FileOperation.robot
|
||||||
|
Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot
|
||||||
|
Resource ../../../03-Variable/ApplicationID.txt
|
||||||
*** Test Cases ***
|
Resource ../../../03-Variable/BifangApiVariable.txt
|
||||||
SecurityPolicy-Allow-Http-00001
|
Resource ../../../02-Keyword/tsg_bfapi/policy_object/Application.robot
|
||||||
[Tags] Allow IP FQDN DENY HTTP
|
Resource ../../../02-Keyword/tsg_bfapi/policy_object/ProcessPolicyBody.robot
|
||||||
#创建对象IP
|
Library ../../../04-CustomLibrary/Library/VerifyPolicy.py
|
||||||
#${rescode} ${object_IP_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"ip","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_IP","objectDesc":"","subObjectIds":[],"addItemList":[{"addrType":4,"protocol":0,"direction":0,"clientIp1":"192.168.50.31","clientIp2":"192.168.50.31","clientIpFormat":"range","clientPortFormat":"","clientPort1":"","clientPort2":"","serverIpFormat":"","serverIp1":"","serverIp2":"","serverPortFormat":"","serverPort1":"","serverPort2":""}],"updateItemList":[],"deleteItemIds":[]}}
|
|
||||||
#log ${object_IP_Id}
|
*** Variables ***
|
||||||
#创建对象FQDN
|
${policyIds} ${EMPTY}
|
||||||
${rescodeip} ${object_FQDN_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","objectSubType":"","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"SecurityPolicy-Allow-Http-00001_FQDN_icbc","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["$www.icbc.com.cn"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
|
${objectids} ${EMPTY}
|
||||||
log ${object_FQDN_Id}
|
|
||||||
${objectids} set Variable ${object_FQDN_Id}
|
*** Test Cases ***
|
||||||
#创建 Deny 搭配Allow
|
SecurityPolicy-Allow-Http-00001
|
||||||
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00001_Deny","policyType":"tsg_security","action":"deny","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"drop"},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
|
[Tags] Allow IP HTTP
|
||||||
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00001_Deny","policyType":"tsg_security","action":"deny","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"autotest","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"drop"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
|
Comment 创建IP
|
||||||
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00001_Deny","policyType":"tsg_security","action":"deny","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"drop"},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
|
${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
|
||||||
log ${addPolicyStr}
|
${addItemLists} Create list ${addItemList1}
|
||||||
${rescode} ${policyId1} AddPolicy ${addPolicyStr}
|
${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
|
||||||
log ${policyId1}
|
${rescode} ${objectId} AddObjects ${1} ${objectDict}
|
||||||
${policyIds} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
|
${objectids} set Variable ${objectId}
|
||||||
#创建allow策略
|
|
||||||
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00001","policyType":"tsg_security","action":"allow","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"autotest","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
|
Comment 创建Allow策略
|
||||||
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00001","policyType":"tsg_security","action":"allow","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"autotest","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
|
${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=allow source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP"} isValid=${1} appIdObjects=${HTTP_ID}
|
||||||
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00001","policyType":"tsg_security","action":"allow","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"autotest","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
|
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
||||||
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
|
${policyIds} set Variable ${policyId}[0][policyIds][0]
|
||||||
log ${policyId2}
|
|
||||||
${policyIds2} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
|
${starttime} Get Time
|
||||||
${policyIds1} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
|
#功能端验证
|
||||||
${policyIds} Create List ${policyIds1} ${policyIds2}
|
Sleep ${policyVerificationSleepSeconds}s
|
||||||
#${rescode} ${policyId} AddPolicy {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-Http-00001","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","keyring":1},"referenceObject":[{"objectId":${object_IP_Id},"protocolFields":[]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
|
|
||||||
${starttime} Get Time
|
Comment 策略验证
|
||||||
#功能端验证
|
#新增策略验证
|
||||||
Sleep ${policyVerificationSleepSeconds}s
|
#创建attributes中的字典
|
||||||
${commandreturn} OperatingSystem.Run curl -I \ -m \ 10 \ -o \ /dev/null \ -s \ -w \ \ \%{http_code} \ \ http://www.icbc.com.cn
|
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "106"}
|
||||||
should contain ${commandreturn} 200
|
${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
|
||||||
Sleep ${policyLogVerificationSleepSeconds}s
|
${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
|
||||||
${endtime} Get Time
|
${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
|
||||||
#日志验证
|
# 合成attributes字典集
|
||||||
${s} Convert to String ${policyId2}
|
${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination}
|
||||||
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host icbc
|
${verifySession} Create Dictionary attributes=${attributes}
|
||||||
|
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
||||||
SecurityPolicy-Allow-Http-00002
|
log ${verifyList}
|
||||||
[Tags] Allow SubID Category DENY HTTP
|
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||||
# #创建对象Subid
|
# 打印检查结果
|
||||||
# ${rescode} ${object_Subid_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"subscriberid","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"SecurityPolicy-Allow-Http-00002_subid","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["$zmmtest"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
|
${objectid_verify} Set Variable ${objectids}
|
||||||
# log ${object_Subid_Id}
|
${objectid_verify} Catenate SEPARATOR=, ${policyIds}
|
||||||
# ${objectids} set Variable ${object_Subid_Id}
|
# # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
|
||||||
#创建对象Categry
|
log ${objectid_verify}
|
||||||
${rescodeip} ${object_Category_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","objectSubType":"","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"SecurityPolicy-Allow-Http-00002-Categry","objectDesc":"autotest","subObjectIds":[],"addItemList":[{"keywordArray":["*www.ccb.com"],"itemId":"","isValid":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[],"objectId":""}}
|
${testType} Evaluate type($objectid_verify)
|
||||||
|
${testType} Evaluate type($resData)
|
||||||
log ${object_Category_Id}
|
log ${resData}
|
||||||
${objectids} set Variable ${object_Category_Id}
|
sleep 5
|
||||||
#创建 Deny 搭配Allow
|
${ok} VerifyProxy ${resData} ${objectid_verify}
|
||||||
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-Http-00002_deny","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"drop","keyring":1},"referenceObject":[{"objectId":${testClentSubID} ,"protocolFields":[]},{"objectId":${object_Category_Id} ,"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
|
Should Be Equal As Strings ${ok} true
|
||||||
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00002_deny","policyType":"tsg_security","action":"deny","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"autotest","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"drop"},"referenceObject":[{"objectId":${testClentSubID},"protocolFields":[null]},{"objectId":${object_Category_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
|
|
||||||
log ${addPolicyStr}
|
Comment 功能端验证HTTP验证
|
||||||
${rescode} ${policyId1} AddPolicy ${addPolicyStr}
|
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Allow_HTTP_00001_1.bat
|
||||||
log ${policyId1}
|
... ELSE set variable ${curlbatpath}/command/SecurityPolicy_Allow_HTTP_00001_1_L.bat
|
||||||
${policyIds} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
|
${stringlist} run keyword if '${systemType}'=='Windows' Create List 首页 - 橙光
|
||||||
#创建策略
|
... ELSE Create List 首页 - 橙光
|
||||||
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-Http-00002","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","keyring":1},"referenceObject":[{"objectId":${testClentSubID},"protocolFields":[]},{"objectId":${object_Category_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
|
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||||
${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00002","policyType":"tsg_security","action":"allow","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"autotest","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[{"objectId":${testClentSubID},"protocolFields":[null]},{"objectId":${object_Category_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
|
|
||||||
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
|
|
||||||
log ${policyId2}
|
Comment 日志验证
|
||||||
${policyIds1} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
|
#日志验证
|
||||||
${policyIds2} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
|
${s} Convert to String ${policyIds}
|
||||||
${policyIds} Create List ${policyIds1} ${policyIds2}
|
${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host www.66rpg.com
|
||||||
#功能端验证
|
Should Be Equal As Strings ${returnvalue} true
|
||||||
Sleep ${policyVerificationSleepSeconds}s
|
|
||||||
${starttime} Get Time
|
SecurityPolicy-Allow-Http-00002
|
||||||
${commandreturn} OperatingSystem.Run curl -I \ -m \ 10 \ -o \ /dev/null \ -s \ -w \ \ \%{http_code} \ \ http://www.ccb.com
|
[Tags] Allow IP HTTP FQDN
|
||||||
should contain ${commandreturn} 200
|
Comment 创建IP
|
||||||
Sleep ${policyLogVerificationSleepSeconds}s
|
${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
|
||||||
${endtime} Get Time
|
${addItemLists} Create list ${addItemList1}
|
||||||
#日志验证
|
${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
|
||||||
${s} Convert to String ${policyId2}
|
${rescode} ${objectId} AddObjects ${1} ${objectDict}
|
||||||
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host ccb
|
${objectids} set Variable ${objectId}
|
||||||
|
|
||||||
SecurityPolicy-Allow-Http-00003
|
Comment 创建fqdn
|
||||||
[Tags] Allow IP FQDN DENY HTTP
|
${addItemList1} Create Dictionary keywordArray=$www.66rpg.com isHexbin=${0}
|
||||||
#创建对象IP
|
${addItemLists} Create list ${addItemList1}
|
||||||
#${rescode} ${object_IP_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"ip","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_IP","objectDesc":"","subObjectIds":[],"addItemList":[{"addrType":4,"protocol":0,"direction":0,"clientIp1":"192.168.50.31","clientIp2":"192.168.50.31","clientIpFormat":"range","clientPortFormat":"","clientPort1":"","clientPort2":"","serverIpFormat":"","serverIp1":"","serverIp2":"","serverPortFormat":"","serverPort1":"","serverPort2":""}],"updateItemList":[],"deleteItemIds":[]}}
|
${objectDict1} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists}
|
||||||
#log ${object_IP_Id}
|
${rescode} ${objectId1} AddObjects ${1} ${objectDict1}
|
||||||
#创建对象FQDN
|
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
|
||||||
${rescodeip} ${object_FQDN_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","objectSubType":"","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"SecurityPolicy-Allow-Http-00001_FQDN_xiaozhu","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*.xiaozhu.com"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
|
|
||||||
log ${object_FQDN_Id}
|
Comment 创建Allow策略
|
||||||
${objectids} set Variable ${object_FQDN_Id}
|
${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=allow source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID}
|
||||||
#创建 Deny 搭配Allow
|
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
||||||
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00003_Deny","policyType":"tsg_security","action":"deny","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"drop"},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
|
${policyIds} set Variable ${policyId}[0][policyIds][0]
|
||||||
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00001_Deny","policyType":"tsg_security","action":"deny","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"autotest","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"drop"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
|
|
||||||
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00003_Deny","policyType":"tsg_security","action":"deny","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"drop"},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
|
${starttime} Get Time
|
||||||
log ${addPolicyStr}
|
#功能端验证
|
||||||
${rescode} ${policyId1} AddPolicy ${addPolicyStr}
|
Sleep ${policyVerificationSleepSeconds}s
|
||||||
log ${policyId1}
|
|
||||||
${policyIds} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
|
Comment 策略验证
|
||||||
#创建allow策略
|
#新增策略验证
|
||||||
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00003","policyType":"tsg_security","action":"allow","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"autotest","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
|
#创建attributes中的字典
|
||||||
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00001","policyType":"tsg_security","action":"allow","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"autotest","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
|
${qname_fqdn_id} Create Dictionary attributeType=string attributeName=host appId=106 appName=http protocol=http attributeValue={"string": "www.66rpg.com"}
|
||||||
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Allow-Http-00003","policyType":"tsg_security","action":"allow","userTags":"${userTagIds}","doBlacklist":0,"doLog":1,"policyDesc":"autotest","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP"},"referenceObject":[],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}}
|
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "106"}
|
||||||
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
|
${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
|
||||||
log ${policyId2}
|
${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
|
||||||
${policyIds2} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
|
${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
|
||||||
${policyIds1} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
|
# 合成attributes字典集
|
||||||
${policyIds} Create List ${policyIds1} ${policyIds2}
|
${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${qname_fqdn_id}
|
||||||
#${rescode} ${policyId} AddPolicy {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-Http-00001","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","keyring":1},"referenceObject":[{"objectId":${object_IP_Id},"protocolFields":[]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
|
${verifySession} Create Dictionary attributes=${attributes}
|
||||||
${starttime} Get Time
|
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
||||||
#功能端验证
|
log ${verifyList}
|
||||||
Sleep ${policyVerificationSleepSeconds}s
|
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||||
${commandreturn} OperatingSystem.Run curl -I \ -m \ 10 \ -o \ /dev/null \ -s \ -w \ \ \%{http_code} \ \ http://www.xiaozhu.com/
|
# 打印检查结果
|
||||||
should contain ${commandreturn} 200
|
${objectid_verify} Set Variable ${objectids}
|
||||||
Sleep ${policyLogVerificationSleepSeconds}s
|
${objectid_verify} Catenate SEPARATOR=, ${policyIds} ${objectid_verify}
|
||||||
${endtime} Get Time
|
# # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
|
||||||
#日志验证
|
log ${objectid_verify}
|
||||||
${s} Convert to String ${policyId2}
|
${testType} Evaluate type($objectid_verify)
|
||||||
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host .xiaozhu.com
|
${testType} Evaluate type($resData)
|
||||||
|
log ${resData}
|
||||||
|
sleep 5
|
||||||
|
${ok} VerifyProxy ${resData} ${objectid_verify}
|
||||||
|
Should Be Equal As Strings ${ok} true
|
||||||
|
|
||||||
|
Comment 功能端验证HTTP验证
|
||||||
|
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Allow_HTTP_00001_1.bat
|
||||||
|
... ELSE set variable ${curlbatpath}/command/SecurityPolicy_Allow_HTTP_00001_1_L.bat
|
||||||
|
${stringlist} run keyword if '${systemType}'=='Windows' Create List 首页 - 橙光
|
||||||
|
... ELSE Create List 首页 - 橙光
|
||||||
|
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||||
|
|
||||||
|
Comment 日志验证
|
||||||
|
#日志验证
|
||||||
|
${s} Convert to String ${policyIds}
|
||||||
|
${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host www.66rpg.com
|
||||||
|
Should Be Equal As Strings ${returnvalue} true
|
||||||
|
|
||||||
|
SecurityPolicy-Allow-Http-00003
|
||||||
|
[Tags] Allow IP HTTP URL
|
||||||
|
Comment 创建IP
|
||||||
|
${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
|
||||||
|
${addItemLists} Create list ${addItemList1}
|
||||||
|
${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
|
||||||
|
${rescode} ${objectId} AddObjects ${1} ${objectDict}
|
||||||
|
${objectids} set Variable ${objectId}
|
||||||
|
|
||||||
|
Comment 创建url
|
||||||
|
${addItemList1} Create Dictionary keywordArray=$clintonairport.com/airlines-flights/covid/ isHexbin=${0}
|
||||||
|
${addItemLists} Create list ${addItemList1}
|
||||||
|
${objectDict1} Create Dictionary objectType=url objectSubType=url isValid=${1} addItemList=${addItemLists}
|
||||||
|
${rescode} ${objectId1} AddObjects ${1} ${objectDict1}
|
||||||
|
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
|
||||||
|
|
||||||
|
Comment 创建Allow策略
|
||||||
|
${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=allow source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID}
|
||||||
|
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
||||||
|
${policyIds} set Variable ${policyId}[0][policyIds][0]
|
||||||
|
|
||||||
|
${starttime} Get Time
|
||||||
|
#功能端验证
|
||||||
|
Sleep ${policyVerificationSleepSeconds}s
|
||||||
|
|
||||||
|
Comment 策略验证
|
||||||
|
#新增策略验证
|
||||||
|
#创建attributes中的字典
|
||||||
|
${url} Create Dictionary attributeType=string attributeName=url appId=106 appName=http protocol=http attributeValue={"string": "clintonairport.com/airlines-flights/covid/"}
|
||||||
|
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "106"}
|
||||||
|
${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
|
||||||
|
${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
|
||||||
|
${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
|
||||||
|
# 合成attributes字典集
|
||||||
|
${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${url}
|
||||||
|
${verifySession} Create Dictionary attributes=${attributes}
|
||||||
|
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
||||||
|
log ${verifyList}
|
||||||
|
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||||
|
# 打印检查结果
|
||||||
|
${objectid_verify} Set Variable ${objectids}
|
||||||
|
${objectid_verify} Catenate SEPARATOR=, ${policyIds} ${objectid_verify}
|
||||||
|
# # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
|
||||||
|
log ${objectid_verify}
|
||||||
|
${testType} Evaluate type($objectid_verify)
|
||||||
|
${testType} Evaluate type($resData)
|
||||||
|
log ${resData}
|
||||||
|
sleep 5
|
||||||
|
${ok} VerifyProxy ${resData} ${objectid_verify}
|
||||||
|
Should Be Equal As Strings ${ok} true
|
||||||
|
|
||||||
|
Comment 功能端验证HTTP验证
|
||||||
|
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Allow_HTTP_00001.bat
|
||||||
|
... ELSE set variable ${curlbatpath}/command/SecurityPolicy_Allow_HTTP_00001_L.bat
|
||||||
|
${stringlist} run keyword if '${systemType}'=='Windows' Create List COVID
|
||||||
|
... ELSE Create List COVID
|
||||||
|
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||||
|
|
||||||
|
Comment 日志验证
|
||||||
|
#日志验证
|
||||||
|
${s} Convert to String ${policyIds}
|
||||||
|
${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host clintonairport.com
|
||||||
|
Should Be Equal As Strings ${returnvalue} true
|
||||||
|
|
||||||
|
SecurityPolicy-Allow-Http-00004
|
||||||
|
[Tags] Allow IP HTTP FQDN+URL
|
||||||
|
Comment 创建IP
|
||||||
|
${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
|
||||||
|
${addItemLists} Create list ${addItemList1}
|
||||||
|
${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
|
||||||
|
${rescode} ${objectId} AddObjects ${1} ${objectDict}
|
||||||
|
${objectids} set Variable ${objectId}
|
||||||
|
|
||||||
|
Comment 创建fqdn
|
||||||
|
${addItemList1} Create Dictionary keywordArray=*clintonairport.com isHexbin=${0}
|
||||||
|
${addItemLists} Create list ${addItemList1}
|
||||||
|
${objectDict} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists}
|
||||||
|
${rescode} ${objectId1} AddObjects ${1} ${objectDict}
|
||||||
|
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
|
||||||
|
|
||||||
|
Comment 创建url
|
||||||
|
${addItemList1} Create Dictionary keywordArray=$clintonairport.com/airlines-flights/covid/ isHexbin=${0}
|
||||||
|
${addItemLists} Create list ${addItemList1}
|
||||||
|
${objectDict1} Create Dictionary objectType=url objectSubType=url isValid=${1} addItemList=${addItemLists}
|
||||||
|
${rescode} ${objectId2} AddObjects ${1} ${objectDict1}
|
||||||
|
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId2}
|
||||||
|
|
||||||
|
Comment 创建Allow策略
|
||||||
|
${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=allow source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_HOST,${objectId2}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID}
|
||||||
|
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
||||||
|
${policyIds} set Variable ${policyId}[0][policyIds][0]
|
||||||
|
|
||||||
|
${starttime} Get Time
|
||||||
|
#功能端验证
|
||||||
|
Sleep ${policyVerificationSleepSeconds}s
|
||||||
|
|
||||||
|
Comment 策略验证
|
||||||
|
#新增策略验证
|
||||||
|
#创建attributes中的字典
|
||||||
|
${url} Create Dictionary attributeType=string attributeName=url appId=106 appName=http protocol=http attributeValue={"string": "clintonairport.com/airlines-flights/covid/"}
|
||||||
|
${qname_fqdn_id} Create Dictionary attributeType=string attributeName=host appId=106 appName=http protocol=http attributeValue={"string": "clintonairport.com"}
|
||||||
|
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "106"}
|
||||||
|
${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
|
||||||
|
${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
|
||||||
|
${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
|
||||||
|
# 合成attributes字典集
|
||||||
|
${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${url} ${qname_fqdn_id}
|
||||||
|
${verifySession} Create Dictionary attributes=${attributes}
|
||||||
|
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
||||||
|
log ${verifyList}
|
||||||
|
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||||
|
# 打印检查结果
|
||||||
|
${objectid_verify} Set Variable ${objectids}
|
||||||
|
${objectid_verify} Catenate SEPARATOR=, ${policyIds} ${objectid_verify}
|
||||||
|
# # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
|
||||||
|
log ${objectid_verify}
|
||||||
|
${testType} Evaluate type($objectid_verify)
|
||||||
|
${testType} Evaluate type($resData)
|
||||||
|
log ${resData}
|
||||||
|
sleep 5
|
||||||
|
${ok} VerifyProxy ${resData} ${objectid_verify}
|
||||||
|
Should Be Equal As Strings ${ok} true
|
||||||
|
|
||||||
|
Comment 功能端验证HTTP验证
|
||||||
|
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Allow_HTTP_00001.bat
|
||||||
|
... ELSE set variable ${curlbatpath}/command/SecurityPolicy_Allow_HTTP_00001_L.bat
|
||||||
|
${stringlist} run keyword if '${systemType}'=='Windows' Create List COVID
|
||||||
|
... ELSE Create List COVID
|
||||||
|
${rescode} SystemCommands ${commandstr} ${stringlist}
|
||||||
|
|
||||||
|
Comment 日志验证
|
||||||
|
#日志验证
|
||||||
|
${s} Convert to String ${policyIds}
|
||||||
|
${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host clintonairport.com
|
||||||
|
Should Be Equal As Strings ${returnvalue} true
|
||||||
|
|||||||
@@ -1,91 +1,148 @@
|
|||||||
*** Settings ***
|
*** Settings ***
|
||||||
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
|
Test Teardown DeletePolicyAndObjectAndApplicationAndSignature ${policyIds} ${objectids}
|
||||||
Force Tags tsg_adc tsg_security
|
Force Tags tsg_adc tsg_security
|
||||||
Library OperatingSystem
|
Library OperatingSystem
|
||||||
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
|
Library Selenium2Library
|
||||||
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
|
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
|
||||||
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
|
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
|
||||||
|
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
|
||||||
*** Variables ***
|
Resource ../../../02-Keyword/tsg_adc/FileOperation.robot
|
||||||
${policyIds} ${EMPTY}
|
Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot
|
||||||
${objectids} ${EMPTY}
|
Resource ../../../03-Variable/ApplicationID.txt
|
||||||
|
Resource ../../../03-Variable/BifangApiVariable.txt
|
||||||
*** Test Cases ***
|
Resource ../../../02-Keyword/tsg_bfapi/policy_object/Application.robot
|
||||||
SecurityPolicy-Allow-SSL-00001
|
Resource ../../../02-Keyword/tsg_bfapi/policy_object/ProcessPolicyBody.robot
|
||||||
[Tags] Allow IP FQDN DENY HTTP
|
Library ../../../04-CustomLibrary/Library/VerifyPolicy.py
|
||||||
#创建对象 IP
|
*** Variables ***
|
||||||
#${rescode} ${object_IP_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"ip","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_IP","objectDesc":"","subObjectIds":[],"addItemList":[{"addrType":4,"protocol":0,"direction":0,"clientIp1":"192.168.50.31","clientIp2":"192.168.50.31","clientIpFormat":"range","clientPortFormat":"","clientPort1":"","clientPort2":"","serverIpFormat":"","serverIp1":"","serverIp2":"","serverPortFormat":"","serverPort1":"","serverPort2":""}],"updateItemList":[],"deleteItemIds":[]}}
|
${policyIds} ${EMPTY}
|
||||||
#log ${object_IP_Id}
|
${objectids} ${EMPTY}
|
||||||
#创建对象 FQDN
|
|
||||||
${rescodeip} ${object_FQDN_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_FQDN_icbc","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*ww.sogou.com"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
|
*** Test Cases ***
|
||||||
log ${object_FQDN_Id}
|
SecurityPolicy-Allow-SSL-00001
|
||||||
${objectids} set Variable ${object_FQDN_Id}
|
[Tags] Allow IP SNI SSL
|
||||||
#创建 Deny 搭配Allow
|
Comment 创建IP
|
||||||
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-SSL-00001_deny","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","method":"drop","keyring":1},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
|
${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
|
||||||
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-SSL-00001_deny","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","method":"drop"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
|
${addItemLists} Create list ${addItemList1}
|
||||||
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-SSL-00001_deny","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","method":"drop"},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
|
${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
|
||||||
log ${addPolicyStr}
|
${rescode} ${objectId} AddObjects ${1} ${objectDict}
|
||||||
${rescode} ${policyId1} AddPolicy ${addPolicyStr}
|
${objectids} set Variable ${objectId}
|
||||||
log ${policyId1}
|
|
||||||
${policyIds} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
|
Comment 创建fqdn
|
||||||
#创建策略
|
${addItemList1} Create Dictionary keywordArray=$www.facebook.com isHexbin=${0}
|
||||||
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-SSL-00001","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
|
${addItemLists} Create list ${addItemList1}
|
||||||
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-SSL-00001","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}} \
|
${objectDict1} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists}
|
||||||
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-SSL-00001","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL"},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
|
${rescode} ${objectId1} AddObjects ${1} ${objectDict1}
|
||||||
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
|
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
|
||||||
log ${policyId2}
|
|
||||||
${policyIds1} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
|
Comment 创建Allow策略
|
||||||
${policyIds2} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
|
${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=allow source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"SSL"} filterList=${objectId1}|TSG_FIELD_SSL_SNI isValid=${1} appIdObjects=${SSL_ID}
|
||||||
${policyIds} Create List ${policyIds1} ${policyIds2}
|
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
||||||
#${rescode} ${policyId} AddPolicy {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-Http-00001","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","keyring":1},"referenceObject":[{"objectId":${object_IP_Id},"protocolFields":[]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
|
${policyIds} set Variable ${policyId}[0][policyIds][0]
|
||||||
#功能端验证
|
|
||||||
Sleep ${policyVerificationSleepSeconds}s
|
${starttime} Get Time
|
||||||
${starttime} Get Time
|
#功能端验证
|
||||||
${commandreturn} OperatingSystem.Run curl -I \ -m \ 10 \ -o \ /dev/null \ -s \ -w \ \ \%{http_code} \ \ https://www.sogou.com
|
Sleep ${policyVerificationSleepSeconds}s
|
||||||
should contain ${commandreturn} 200
|
|
||||||
Sleep ${policyLogVerificationSleepSeconds}s
|
Comment 策略验证
|
||||||
${endtime} Get Time
|
#新增策略验证
|
||||||
#日志验证
|
#创建attributes中的字典
|
||||||
${s} Convert to String ${policyId2}
|
${sni} Create Dictionary attributeType=string attributeName=sni appId=126 appName=ssl protocol=ssl attributeValue={"string": "www.facebook.com"}
|
||||||
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni www.sogou.com
|
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "126"}
|
||||||
|
${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
|
||||||
SecurityPolicy-Allow-SSL-00002
|
${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
|
||||||
[Tags] Allow SubID Category DENY HTTP
|
${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
|
||||||
# #创建对象Subid
|
# 合成attributes字典集
|
||||||
# ${rescode} ${object_Subid_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"subscriberid","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_subid","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["$zmmtest"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
|
${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${sni}
|
||||||
# log ${object_Subid_Id}
|
${verifySession} Create Dictionary attributes=${attributes}
|
||||||
# ${objectids} set Variable ${object_Subid_Id}
|
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
||||||
#创建对象Categry
|
log ${verifyList}
|
||||||
${rescodeip} ${object_Category_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_category","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*jd.com"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}}
|
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||||
log ${object_Category_Id}
|
# 打印检查结果
|
||||||
${objectids} set Variable ${object_Category_Id}
|
${objectid_verify} Set Variable ${objectids}
|
||||||
#创建 Deny 搭配Allow
|
${objectid_verify} Catenate SEPARATOR=, ${objectid_verify} ${policyIds}
|
||||||
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-SSL-00001_deny","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","method":"drop","keyring":1},"referenceObject":[{"objectId":${testClentSubID} ,"protocolFields":[]},{"objectId":${object_Category_Id} ,"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
|
# # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
|
||||||
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-SSL-00001_deny","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","method":"drop"},"referenceObject":[{"objectId":${testClentSubID} ,"protocolFields":[null]},{"objectId":${object_Category_Id} ,"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
|
log ${objectid_verify}
|
||||||
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-SSL-00001_deny","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","method":"drop"},"referenceObject":[{"objectId":${testClentSubID} ,"protocolFields":[]},{"objectId":${object_Category_Id} ,"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
|
${testType} Evaluate type($objectid_verify)
|
||||||
log ${addPolicyStr}
|
${testType} Evaluate type($resData)
|
||||||
${rescode} ${policyId1} AddPolicy ${addPolicyStr}
|
log ${resData}
|
||||||
log ${policyId1}
|
sleep 5
|
||||||
${policyIds} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
|
${ok} VerifyProxy ${resData} ${objectid_verify}
|
||||||
#创建策略
|
Should Be Equal As Strings ${ok} true
|
||||||
#${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-SSL-00002","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL","keyring":1},"referenceObject":[{"objectId":${testClentSubID},"protocolFields":[]},{"objectId":${object_Category_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
|
|
||||||
${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-SSL-00002","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL"},"referenceObject":[{"objectId":${testClentSubID},"protocolFields":[null]},{"objectId":${object_Category_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[3]}}
|
Sleep ${policyLogVerificationSleepSeconds}s
|
||||||
... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-SSL-00002","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"SSL"},"referenceObject":[{"objectId":${testClentSubID},"protocolFields":[]},{"objectId":${object_Category_Id},"protocolFields":["TSG_FIELD_SSL_SNI"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
|
${endtime} Get Time
|
||||||
${rescode} ${policyId2} AddPolicy ${addPolicyStr}
|
|
||||||
log ${policyId2}
|
Comment 功能端验证HTTP验证
|
||||||
${policyIds1} set Variable {"policyType":"tsg_security","policyIds":[${policyId1}]}
|
Open Browser https://www.facebook.com ${browserType}
|
||||||
${policyIds2} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]}
|
sleep 2
|
||||||
${policyIds} Create List ${policyIds1} ${policyIds2}
|
${text} Get Text xpath=//*[@id="content"]/div/div/div/div[1]/h2
|
||||||
#${rescode} ${policyId} AddPolicy {"opAction":"add","returnData":1,"policyList":{"policyName":"SecurityPolicy-Allow-Http-00002","policyType":"tsg_security","action":"allow","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","keyring":1},"referenceObject":[{"objectId":${object_Subid_Id},"protocolFields":[]},{"objectId":${object_Category_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}}
|
Should Be Equal As Strings ${text} 联系你我,分享生活,尽在 Facebook
|
||||||
#log ${rescode}
|
|
||||||
#log ${policyId}
|
Comment 日志验证
|
||||||
#功能端验证
|
#日志验证
|
||||||
Sleep ${policyVerificationSleepSeconds}s
|
${s} Convert to String ${policyIds}
|
||||||
${starttime} Get Time
|
${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} ssl_sni www.facebook.com
|
||||||
${commandreturn} OperatingSystem.Run curl -I \ -m \ 10 \ -o \ /dev/null \ -s \ -w \ \ \%{http_code} \ \ https://www.jd.com/
|
Should Be Equal As Strings ${returnvalue} true
|
||||||
should contain ${commandreturn} 200
|
|
||||||
Sleep ${policyLogVerificationSleepSeconds}s
|
|
||||||
${endtime} Get Time
|
|
||||||
#日志验证
|
|
||||||
${s} Convert to String ${policyId2}
|
SecurityPolicy-Allow-SSL-00002
|
||||||
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ssl_sni www.jd.com
|
[Tags] Allow IP SSL
|
||||||
|
Comment 创建IP
|
||||||
|
${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
|
||||||
|
${addItemLists} Create list ${addItemList1}
|
||||||
|
${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
|
||||||
|
${rescode} ${objectId} AddObjects ${1} ${objectDict}
|
||||||
|
${objectids} set Variable ${objectId}
|
||||||
|
|
||||||
|
|
||||||
|
Comment 创建Allow策略
|
||||||
|
${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=allow source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"SSL"} isValid=${1} appIdObjects=${SSL_ID}
|
||||||
|
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
||||||
|
${policyIds} set Variable ${policyId}[0][policyIds][0]
|
||||||
|
|
||||||
|
${starttime} Get Time
|
||||||
|
#功能端验证
|
||||||
|
Sleep ${policyVerificationSleepSeconds}s
|
||||||
|
|
||||||
|
Comment 策略验证
|
||||||
|
#新增策略验证
|
||||||
|
#创建attributes中的字典
|
||||||
|
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "126"}
|
||||||
|
${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
|
||||||
|
${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
|
||||||
|
${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
|
||||||
|
# 合成attributes字典集
|
||||||
|
${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination}
|
||||||
|
${verifySession} Create Dictionary attributes=${attributes}
|
||||||
|
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
||||||
|
log ${verifyList}
|
||||||
|
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||||
|
# 打印检查结果
|
||||||
|
${objectid_verify} Set Variable ${objectids}
|
||||||
|
${objectid_verify} Catenate SEPARATOR=, ${objectid_verify} ${policyIds}
|
||||||
|
# # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
|
||||||
|
log ${objectid_verify}
|
||||||
|
${testType} Evaluate type($objectid_verify)
|
||||||
|
${testType} Evaluate type($resData)
|
||||||
|
log ${resData}
|
||||||
|
sleep 5
|
||||||
|
${ok} VerifyProxy ${resData} ${objectid_verify}
|
||||||
|
Should Be Equal As Strings ${ok} true
|
||||||
|
|
||||||
|
Sleep ${policyLogVerificationSleepSeconds}s
|
||||||
|
${endtime} Get Time
|
||||||
|
|
||||||
|
Comment 功能端验证HTTP验证
|
||||||
|
Open Browser https://www.facebook.com ${browserType}
|
||||||
|
sleep 2
|
||||||
|
${text} Get Text xpath=//*[@id="content"]/div/div/div/div[1]/h2
|
||||||
|
Should Be Equal As Strings ${text} 联系你我,分享生活,尽在 Facebook
|
||||||
|
|
||||||
|
Comment 日志验证
|
||||||
|
#日志验证
|
||||||
|
${s} Convert to String ${policyIds}
|
||||||
|
${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} ssl_sni www.facebook.com
|
||||||
|
Should Be Equal As Strings ${returnvalue} true
|
||||||
|
|
||||||
@@ -1,60 +1,93 @@
|
|||||||
*** Settings ***
|
*** Settings ***
|
||||||
Resource ../../03-Variable/BifangApiVariable.txt
|
Resource ../../03-Variable/BifangApiVariable.txt
|
||||||
Resource LogSchema.robot
|
Resource LogSchema.robot
|
||||||
Library REST http://${host}:${port}
|
Library REST http://${host}:${port}
|
||||||
Library RequestsLibrary
|
Library RequestsLibrary
|
||||||
Library OperatingSystem
|
Library OperatingSystem
|
||||||
Library Collections
|
Library Collections
|
||||||
Library string
|
Library string
|
||||||
|
Library ../../04-CustomLibrary/Custometest/log_contrast.py
|
||||||
*** Keywords ***
|
|
||||||
GetLogList
|
|
||||||
[Arguments] ${logType} ${startTime} ${endTime} ${client_ip} ${policy_id} ${parmkey} ${parmvalue}
|
*** Keywords ***
|
||||||
${logCondition} GetLogCondition ${logType} ${startTime} ${endTime} ${client_ip} ${policy_id}
|
GetLogList_new
|
||||||
log ${logCondition}
|
[Arguments] ${logType} ${startTime} ${client_ip} ${policy_id} ${parmkey} ${parmvalue}
|
||||||
${LogListResponse} PostRemoteData /${version}/log/list ${logCondition}
|
FOR ${i} IN RANGE ${logfornumber}
|
||||||
Should Be Equal As Strings ${LogListResponse.status_code} 200
|
Sleep ${policyLogVerificationSleepSeconds}s
|
||||||
${returnData} To Json ${LogListResponse.content}
|
${endtime} Get Time
|
||||||
${responseCode} Get From Dictionary ${returnData} code
|
${logs} GetLogList_new1 ${logType} ${startTime} ${endTime} ${client_ip} ${policy_id} ${parmkey} ${parmvalue}
|
||||||
Log ${responseCode}
|
${returnvalue} log_contrast ${logs} ${client_ip} ${policy_id} ${parmkey} ${parmvalue}
|
||||||
Should Be Equal ${responseCode} ${200} security_event_log \ \ test query list failed
|
${trueorfalse} Run Keyword If "${returnvalue}"=="true" set variable true
|
||||||
log this time request security_event_log \ table logRecord \ : ${LogListResponse.content}
|
... ELSE set variable false
|
||||||
${a} Set Variable this time request security_event_log \ table logRecord \ : ${LogListResponse.content}
|
Run Keyword If "${returnvalue}"=="true" Exit for loop
|
||||||
log ${a}
|
END
|
||||||
${log} Set Variable ${LogListResponse.json()}[data][list]
|
[Return] ${trueorfalse}
|
||||||
FOR ${logs} IN ${log}
|
|
||||||
log ${logs}
|
GetLogList_new1
|
||||||
END
|
[Arguments] ${logType} ${startTime} ${endTime} ${client_ip} ${policy_id} ${parmkey} ${parmvalue}
|
||||||
log %%%%%%%%%%%%%%%%%%%%%%%%${logs}
|
${logCondition} GetLogCondition ${logType} ${startTime} ${endTime} ${client_ip} ${policy_id}
|
||||||
Should Contain ${logs}"" ${client_ip}
|
log ${logCondition}
|
||||||
Should Contain ${logs}"" ${policy_id}
|
${LogListResponse} PostRemoteData /${version}/log/list ${logCondition}
|
||||||
Should Contain ${logs}"" ${parmkey}
|
Should Be Equal As Strings ${LogListResponse.status_code} 200
|
||||||
Should Contain ${logs}"${parmkey}" ${parmvalue}
|
${returnData} To Json ${LogListResponse.content}
|
||||||
|
${responseCode} Get From Dictionary ${returnData} code
|
||||||
|
Log ${responseCode}
|
||||||
|
Should Be Equal ${responseCode} ${200} security_event_log \ \ test query list failed
|
||||||
GetLogListSize
|
log this time request security_event_log \ table logRecord \ : ${LogListResponse.content}
|
||||||
[Documentation]
|
${a} Set Variable this time request security_event_log \ table logRecord \ : ${LogListResponse.content}
|
||||||
... 描述:ProxyPinning
|
log ${a}
|
||||||
...
|
${log} Set Variable ${LogListResponse.json()}[data][list]
|
||||||
[Arguments] ${logType} ${startTime} ${endTime} ${client_ip} ${policy_id} ${parmkey} ${parmvalue}
|
FOR ${logs} IN ${log}
|
||||||
${logCondition} GetALLLogCondition ${logType} ${startTime} ${endTime} ${client_ip} ${policy_id} 10000 1
|
log ${logs}
|
||||||
log ${logCondition}
|
END
|
||||||
${LogListResponse} PostRemoteData /${version}/log/list ${logCondition}
|
[Return] ${logs}
|
||||||
Should Be Equal As Strings ${LogListResponse.status_code} 200
|
GetLogList
|
||||||
${returnData} To Json ${LogListResponse.content}
|
[Arguments] ${logType} ${startTime} ${endTime} ${client_ip} ${policy_id} ${parmkey} ${parmvalue}
|
||||||
${data} Get From Dictionary ${returnData} data
|
${logCondition} GetLogCondition ${logType} ${startTime} ${endTime} ${client_ip} ${policy_id}
|
||||||
${len} Get Length ${data}[list]
|
log ${logCondition}
|
||||||
[Return] ${len}
|
${LogListResponse} PostRemoteData /${version}/log/list ${logCondition}
|
||||||
|
Should Be Equal As Strings ${LogListResponse.status_code} 200
|
||||||
|
${returnData} To Json ${LogListResponse.content}
|
||||||
GetLogCount
|
${responseCode} Get From Dictionary ${returnData} code
|
||||||
[Arguments] ${logType} ${startTime} ${endTime} ${client_ip} ${policy_id} ${parmkey} ${parmvalue}
|
Log ${responseCode}
|
||||||
${logCondition} GetALLLogCondition ${logType} ${startTime} ${endTime} ${client_ip} ${policy_id} 10000 1
|
Should Be Equal ${responseCode} ${200} security_event_log \ \ test query list failed
|
||||||
${LogListResponse} PostRemoteData /${version}/log/count ${logCondition}
|
log this time request security_event_log \ table logRecord \ : ${LogListResponse.content}
|
||||||
Should Be Equal As Strings ${LogListResponse.status_code} 200
|
${a} Set Variable this time request security_event_log \ table logRecord \ : ${LogListResponse.content}
|
||||||
${returnData} To Json ${LogListResponse.content}
|
log ${a}
|
||||||
${len} Set Variable ${LogListResponse.json()}[data][total]
|
${log} Set Variable ${LogListResponse.json()}[data][list]
|
||||||
#${len} Get From Dictionary ${returnData} total
|
FOR ${logs} IN ${log}
|
||||||
[Return] ${len}
|
log ${logs}
|
||||||
|
END
|
||||||
|
log %%%%%%%%%%%%%%%%%%%%%%%%${logs}
|
||||||
|
Should Contain ${logs}"" ${client_ip}
|
||||||
|
Should Contain ${logs}"" ${policy_id}
|
||||||
|
Should Contain ${logs}"" ${parmkey}
|
||||||
|
Should Contain ${logs}"${parmkey}" ${parmvalue}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
GetLogListSize
|
||||||
|
[Documentation]
|
||||||
|
... 描述:ProxyPinning
|
||||||
|
...
|
||||||
|
[Arguments] ${logType} ${startTime} ${endTime} ${client_ip} ${policy_id} ${parmkey} ${parmvalue}
|
||||||
|
${logCondition} GetALLLogCondition ${logType} ${startTime} ${endTime} ${client_ip} ${policy_id} 10000 1
|
||||||
|
log ${logCondition}
|
||||||
|
${LogListResponse} PostRemoteData /${version}/log/list ${logCondition}
|
||||||
|
Should Be Equal As Strings ${LogListResponse.status_code} 200
|
||||||
|
${returnData} To Json ${LogListResponse.content}
|
||||||
|
${data} Get From Dictionary ${returnData} data
|
||||||
|
${len} Get Length ${data}[list]
|
||||||
|
[Return] ${len}
|
||||||
|
|
||||||
|
|
||||||
|
GetLogCount
|
||||||
|
[Arguments] ${logType} ${startTime} ${endTime} ${client_ip} ${policy_id} ${parmkey} ${parmvalue}
|
||||||
|
${logCondition} GetALLLogCondition ${logType} ${startTime} ${endTime} ${client_ip} ${policy_id} 10000 1
|
||||||
|
${LogListResponse} PostRemoteData /${version}/log/count ${logCondition}
|
||||||
|
Should Be Equal As Strings ${LogListResponse.status_code} 200
|
||||||
|
${returnData} To Json ${LogListResponse.content}
|
||||||
|
${len} Set Variable ${LogListResponse.json()}[data][total]
|
||||||
|
#${len} Get From Dictionary ${returnData} total
|
||||||
|
[Return] ${len}
|
||||||
|
|
||||||
@@ -39,7 +39,7 @@ GetAppIdObjects
|
|||||||
[Return] ${appidobject}
|
[Return] ${appidobject}
|
||||||
|
|
||||||
DeletePolicyAndObjectAndApplicationAndSignature
|
DeletePolicyAndObjectAndApplicationAndSignature
|
||||||
[Arguments] ${policyids} ${objectids} ${appids} ${signatureId}
|
[Arguments] ${policyids} ${objectids} ${appids}=${EMPTY} ${signatureId}=${EMPTY}
|
||||||
#删除和对象
|
#删除和对象
|
||||||
#2020-09-01修改,引用DeletePolicyAndGroupObject,避免分别维护并兼容之前用例
|
#2020-09-01修改,引用DeletePolicyAndGroupObject,避免分别维护并兼容之前用例
|
||||||
Run Keyword If "${policyids}"=="${EMPTY}" log no policyids to del
|
Run Keyword If "${policyids}"=="${EMPTY}" log no policyids to del
|
||||||
|
|||||||
@@ -1,10 +1,10 @@
|
|||||||
*** Variables ***
|
*** Variables ***
|
||||||
#登录类型:api | cli | ${None}(tsg mib) | 未指定,默认为ui
|
#登录类型:api | cli | ${None}(tsg mib) | 未指定,默认为ui
|
||||||
${loginType} ui
|
${loginType} api
|
||||||
#执行环境是否Widonws
|
#执行环境是否Widonws
|
||||||
${systemType} api
|
${systemType} Windows
|
||||||
#API配置信息
|
#API配置信息
|
||||||
${host} 192.168.44.71
|
${host} 192.168.44.72
|
||||||
${port} 8080
|
${port} 8080
|
||||||
${authmode} 1
|
${authmode} 1
|
||||||
${authCode} ${EMPTY}
|
${authCode} ${EMPTY}
|
||||||
@@ -16,14 +16,14 @@ ${password} 1
|
|||||||
${encodePassword} ${EMPTY}
|
${encodePassword} ${EMPTY}
|
||||||
${token} ${EMPTY}
|
${token} ${EMPTY}
|
||||||
#[Documentation] 测试终端IP统一配置
|
#[Documentation] 测试终端IP统一配置
|
||||||
${testClentIP} 192.168.32.32
|
${testClentIP} 192.168.50.52
|
||||||
${testSubscriberID} $test57
|
${testSubscriberID} $test57
|
||||||
#自动化标签
|
#自动化标签
|
||||||
${userTagIds} ${EMPTY}
|
${userTagIds} ${EMPTY}
|
||||||
#Documentation] 是否添加测试终端IP到策略统一配置,0为不添加测试终端IP,1为添加测试终端IP,默认1
|
#Documentation] 是否添加测试终端IP到策略统一配置,0为不添加测试终端IP,1为添加测试终端IP,默认1
|
||||||
${addTestClentIPFlag} 0
|
${addTestClentIPFlag} 0
|
||||||
#测试环境是否需要把tsgui和api添加为SecurityPolicy-Allow 1为需要,默认1 ,
|
#测试环境是否需要把tsgui和api添加为SecurityPolicy-Allow 1为需要,默认1 ,
|
||||||
${addTsgUIAPIFlag} 1
|
${addTsgUIAPIFlag} 0
|
||||||
#执行需要暂停时间
|
#执行需要暂停时间
|
||||||
#策略下发后到验证需等待时间
|
#策略下发后到验证需等待时间
|
||||||
${policyVerificationSleepSeconds} 20
|
${policyVerificationSleepSeconds} 20
|
||||||
@@ -31,7 +31,7 @@ ${policyVerificationSleepSeconds} 20
|
|||||||
${policyLogVerificationSleepSeconds} 60
|
${policyLogVerificationSleepSeconds} 60
|
||||||
${path} F:/tsg-git/tsg_autotest/05-Other/
|
${path} F:/tsg-git/tsg_autotest/05-Other/
|
||||||
${Downloadpath} C:/Users/byb11/Downloads/
|
${Downloadpath} C:/Users/byb11/Downloads/
|
||||||
${curlbatpath} ${path}/curl/
|
${curlbatpath} ${path}curl/
|
||||||
${mailpath} ${path}/mail/
|
${mailpath} ${path}/mail/
|
||||||
${responsePageFiles} ${path}/response_pages_files/
|
${responsePageFiles} ${path}/response_pages_files/
|
||||||
#全流程分阶段测试参数
|
#全流程分阶段测试参数
|
||||||
@@ -74,4 +74,6 @@ ${sleep} 3
|
|||||||
# 隐式等待时间
|
# 隐式等待时间
|
||||||
${sleep_Wait} 20
|
${sleep_Wait} 20
|
||||||
#name个人标识
|
#name个人标识
|
||||||
${tag} lyf
|
${tag} lyf
|
||||||
|
#日志查询次数
|
||||||
|
${logfornumber} 3
|
||||||
8
04-CustomLibrary/Custometest/log_contrast.py
Normal file
8
04-CustomLibrary/Custometest/log_contrast.py
Normal file
@@ -0,0 +1,8 @@
|
|||||||
|
#!/user/bin/python
|
||||||
|
#-*-coding:utf-8-*-
|
||||||
|
def log_contrast(logs,client_ip,policy_id,parmkey,parmvalue):
|
||||||
|
if (str(client_ip) in str(logs))and (str(policy_id) in str(logs)) and (str(parmkey) in str(logs)) and (str(parmvalue) in str(logs)):
|
||||||
|
print(logs)
|
||||||
|
return "true"
|
||||||
|
else:
|
||||||
|
return "false"
|
||||||
Reference in New Issue
Block a user