添加修改策略

2020-05-15 19:00:43 +08:00
parent 725af89b5e
commit e28834faea
1 changed files with 53 additions and 0 deletions
--- a/01-TestCase/tsg_adc/selfserver/Api_Proxy/Allow_Ssl_Tests.robot
+++ b/01-TestCase/tsg_adc/selfserver/Api_Proxy/Allow_Ssl_Tests.robot
@@ -759,3 +759,56 @@ ProxyPolicy-Allow-Ssl-00021
    #日志验证
    ${s}    Convert to String    ${policyId3}
    GetLogList    proxy_event_log    ${starttime}    ${endtime}    ${testClentIP}    ${s}    http_host    open.node.com
+ProxyPolicy-Allow-Ssl-00022
+    [Tags]    selfserver    ssl    allow    修改
+    Comment    创建目标IP
+    ${objectDict}    Create Dictionary    objectType=ip    isValid=${1}    addItemList=CIDR|192.168.100.5|32|0/0
+    ${rescode}    ${objectId}    AddObject2    ${1}    ${objectDict}
+    ${objectids}    set Variable    ${objectId}
+    Comment    创建url
+    ${objectDict}    Create Dictionary    objectType=url    isValid=${1}    addItemList=test
+    ${rescode}    ${object_url_Id}    AddObject2    ${1}    ${objectDict}
+    ${objectids}    Catenate    SEPARATOR=,    ${objectids}    ${object_url_Id}
+    Comment    创建应答头
+    ${objectDict}    Create Dictionary    objectType=http_signature    isValid=${1}    addItemList=html|Content-Type
+    ${rescode}    ${object_re_Id}    AddObject2    ${1}    ${objectDict}
+    ${objectids}    Catenate    SEPARATOR=,    ${objectids}    ${object_re_Id}
+    Comment    创建安全策略
+    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Intercept-HTTP-00001    policyType=tsg_security    policyDesc=autotest    userTags=    action=intercept    effectiveRange=    userRegion={"protocol":"SSL","keyring":1,"decryption":109,"decrypt_mirror":{"enable":0,"mirror_profile":null}}    referenceObject=    isValid=${1}    appObjectIdArray=3
+    ${rescode}    ${policyId}    AddPolicy2    ${1}    ${policyDict}
+    #删除策略
+    ${policyId1}    set Variable    {"policyType":"tsg_security","policyIds":[${policyId}]}
+    ${policyIds}    Create List    ${policyId1}
+    Comment    创建管控策略
+    ${policyDict}    Create Dictionary    policyName=proxyPolicy-Allow-SSL-00022    policyType=pxy_manipulation    policyDesc=autotest    userTags=    action=allow    effectiveRange=    userRegion={"protocol":"HTTP"}    isValid=${1}    appObjectIdArray=2    referenceObject=${object_url_Id}|TSG_FIELD_HTTP_URL,${objectId}|TSG_SECURITY_DESTINATION_ADDR
+    ${rescode}    ${policyId3}    AddPolicy2    ${1}    ${policyDict}
+    #删除策略
+    ${policyId2}    set Variable    {"policyType":"pxy_manipulation","policyIds":[${policyId3}]}
+    ${policyIds}    Create List    ${policyId1}    ${policyId2}
+    Comment    功能端验证HTTP验证
+    ${commandstr}    run keyword if    '${systemType}'=='Windows'    set variable    ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0002.bat
+    ...    ELSE    set variable    curl \ -kv \ https://open.node.com/test/twitter/twitter.html
+    @{stringlist}    run keyword if    '${systemType}'=='Windows'    Create List    twitter    Tango Secure Gateway CA
+    ...    ELSE    Create List    twitter    Tango Secure Gateway CA
+    ${starttime}    Get Time
+    Sleep    ${policyVerificationSleepSeconds}s
+    ${rescode}    SystemCommand    ${commandstr}    @{stringlist}
+    Sleep    ${policyLogVerificationSleepSeconds}s
+    ${endtime}    Get Time
+    #日志验证
+    ${s}    Convert to String    ${policyId3}
+    GetLogList    proxy_event_log    ${starttime}    ${endtime}    ${testClentIP}    ${s}    http_host    open.node.com
+    Comment    修改策略
+    ${policyDict}    Create Dictionary    policyName=proxyPolicy-Allow-SSL-00022    policyType=pxy_manipulation    policyDesc=autotest    userTags=    action=allow    effectiveRange=    userRegion={"protocol":"HTTP"}    isValid=${1}    appObjectIdArray=2    referenceObject=${object_re_Id}|TSG_FIELD_HTTP_RES_HDR,${objectId}|TSG_SECURITY_DESTINATION_ADDR    policyId=${policyId3}
+    ${rescode}    ${policyId3}    EditPolicy    ${policyDict}    update
+    Comment    功能端验证HTTP验证
+    ${commandstr}    run keyword if    '${systemType}'=='Windows'    set variable    ${curlbatpath}/selfserver/SecurityPolicy-Intercept-SSL-0001.bat
+    ...    ELSE    set variable    curl \ -kv \ https://open.node.com/test/rutube/rutube.html
+    @{stringlist}    run keyword if    '${systemType}'=='Windows'    Create List    трейлеры    Tango Secure Gateway CA
+    ...    ELSE    Create List    трейлеры    Tango Secure Gateway CA
+    ${starttime}    Get Time
+    Sleep    ${policyVerificationSleepSeconds}s
+    ${rescode}    SystemCommand    ${commandstr}    @{stringlist}
+    Sleep    ${policyLogVerificationSleepSeconds}s
+    ${endtime}    Get Time
+    GetLogList    proxy_event_log    ${starttime}    ${endtime}    ${testClentIP}    ${s}    http_host    open.node.com