From cf132d22db5eb3fd7a8b47fe776243e25fced92d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=A7=AC=E5=B7=8D=E5=B7=9D?= <jiweichuan@zdjizhi.com>
Date: Fri, 24 Apr 2020 14:57:57 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=A0=B7=E5=BC=8F=E9=97=AE?=
 =?UTF-8?q?=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../Api_Security/Allow_Http_Tests.robot       | 35 +++++++++++++++++--
 1 file changed, 32 insertions(+), 3 deletions(-)

diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Http_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Http_Tests.robot
index 4b2f21c..f2f9bd4 100644
--- a/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Http_Tests.robot
+++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Allow_Http_Tests.robot
@@ -20,7 +20,7 @@ SecurityPolicy-Allow-Http-00001
     ${rescode}    ${objectId}    AddObject2    ${1}    ${objectDict}
     ${objectids}    set Variable    ${objectId}
     Comment    创建安全策略
-    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Allow-HTTP-00001    policyType=tsg_security    policyDesc=autotest    userTags=    action=allow    effectiveRange=    userRegion=protocol: HTTP    referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR    isValid=${1}    appObjectIdArray=2
+    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Allow-HTTP-00001    policyType=tsg_security    policyDesc=autotest    userTags=    action=allow    effectiveRange=    userRegion={"protocol": "HTTP"}    referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR    isValid=${1}    appObjectIdArray=2
     ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
     #删除策略
     ${policyIds}    Create List    {"policyType":"tsg_security","policyIds":[${policyId}]}
@@ -49,7 +49,7 @@ SecurityPolicy-Allow-Http-00002
     ${rescode}    ${object_fqdn_Id}    AddObject2    ${1}    ${objectDict}
     ${objectids}    set Variable    ${objectId},${object_fqdn_Id}
     Comment    创建安全策略
-    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Allow-HTTP-00002    policyType=tsg_security    policyDesc=autotest    userTags=    action=allow    effectiveRange=    userRegion=protocol:HTTP    referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST    isValid=${1}    appObjectIdArray=2
+    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Allow-HTTP-00002    policyType=tsg_security    policyDesc=autotest    userTags=    action=allow    effectiveRange=    userRegion={"protocol": "HTTP"}    referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST    isValid=${1}    appObjectIdArray=2
     ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
     #删除策略
     ${policyIds}    Create List    {"policyType":"tsg_security","policyIds":[${policyId}]}
@@ -78,7 +78,36 @@ SecurityPolicy-Allow-Http-00003
     ${rescode}    ${object_fqdn_Id}    AddObject2    ${1}    ${objectDict}
     ${objectids}    set Variable    ${objectId},${object_fqdn_Id}
     Comment    创建安全策略
-    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Allow-HTTP-00003    policyType=tsg_security    policyDesc=autotest    userTags=    action=allow    effectiveRange=    userRegion=protocol:HTTP    referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST    isValid=${1}    appObjectIdArray=2
+    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Allow-HTTP-00003    policyType=tsg_security    policyDesc=autotest    userTags=    action=allow    effectiveRange=    userRegion={"protocol": "HTTP"}    referenceObject=${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST    isValid=${1}    appObjectIdArray=2
+    ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
+    #删除策略
+    ${policyIds}    Create List    {"policyType":"tsg_security","policyIds":[${policyId}]}
+    Comment    功能端验证HTTP验证
+    ${commandstr}    run keyword if    '${systemType}'=='Windows'    set variable    ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0003.bat
+    ...    ELSE    set variable    curl http://open.node.com/test/nationalbank/nationalbank.html
+    ${stringlist}    run keyword if    '${systemType}'=='Windows'    Create List    nationalbank
+    ...    ELSE    Create List    nationalbank
+    ${starttime}    Get Time
+    Sleep    ${policyVerificationSleepSeconds}s
+    ${rescode}    SystemCommands    ${commandstr}    ${stringlist}
+    Sleep    ${policyLogVerificationSleepSeconds}s
+    ${endtime}    Get Time
+    #日志验证
+    ${s}    Convert to String    ${policyId}
+    GetLogList    security_event_log    ${starttime}    ${endtime}    ${testClentIP}    ${s}    http_host    open.node.com
+
+SecurityPolicy-Allow-Http-00004
+    [Tags]    Selfserver    Allow    HTTP    ip+fqdn完整匹配
+    Comment    创建目标IP
+    ${objectDict}    Create Dictionary    objectType=ip    isValid=${1}    addItemList=CIDR|192.168.100.5|32|0/0
+    ${rescode}    ${objectId}    AddObject2    ${1}    ${objectDict}
+    ${objectids}    set Variable    ${objectId}
+    Comment    FQDN
+    ${objectDict}    Create Dictionary    objectType=fqdn    isValid=${1}    addItemList=$open.node.com
+    ${rescode}    ${object_fqdn_Id}    AddObject2    ${1}    ${objectDict}
+    ${objectids}    set Variable    ${objectId},${object_fqdn_Id}
+    Comment    创建安全策略
+    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Allow-HTTP-00003    policyType=tsg_security    policyDesc=autotest    userTags=    action=allow    effectiveRange=    userRegion={"protocol": "HTTP"}    referenceObject=${testClentSubID}|[null],${objectId}|TSG_SECURITY_DESTINATION_ADDR,${object_fqdn_Id}|TSG_FIELD_HTTP_HOST    isValid=${1}    appObjectIdArray=2
     ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
     #删除策略
     ${policyIds}    Create List    {"policyType":"tsg_security","policyIds":[${policyId}]}