fix(策略验证):策略验证修复,取消client,server的IP,Port区分,只有ip,port两个字段
This commit is contained in:
wangxin
@@ -438,9 +438,11 @@ Policy-Export-v1-00019
|
|||||||
Policy-Verify-v1-00020
|
Policy-Verify-v1-00020
|
||||||
${objectIds} Set Variable ${EMPTY}
|
${objectIds} Set Variable ${EMPTY}
|
||||||
Comment 创建对象
|
Comment 创建对象
|
||||||
${ipValue} Create Dictionary clientIp=192.168.41.67 clientPort=${1} serverIp=192.168.41.67 serverPort=${1}
|
${ipValue} Create Dictionary ip=192.168.41.67 port=${1}
|
||||||
... addrType=${4} protocol=${6}
|
... addrType=${4} protocol=${6}
|
||||||
${ipObj} Create Dictionary attributeType=ip tableName=TSG_OBJ_IP_ADDR protocol=HTTP attributeName=ip
|
${ipObj} Create Dictionary attributeType=ip tableName=TSG_OBJ_IP_ADDR protocol=HTTP attributeName=source
|
||||||
|
... attributeValue=${ipValue}
|
||||||
|
${ipObj1} Create Dictionary attributeType=ip tableName=TSG_OBJ_IP_ADDR protocol=HTTP attributeName=destination
|
||||||
... attributeValue=${ipValue}
|
... attributeValue=${ipValue}
|
||||||
${stringValue} Create Dictionary string=*baidu.com
|
${stringValue} Create Dictionary string=*baidu.com
|
||||||
${stringObj} Create Dictionary attributeType=string tableName=TSG_OBJ_URL protocol=HTTP attributeName=url
|
${stringObj} Create Dictionary attributeType=string tableName=TSG_OBJ_URL protocol=HTTP attributeName=url
|
||||||
@@ -448,36 +450,40 @@ Policy-Verify-v1-00020
|
|||||||
${appIdValue} Create Dictionary string=http.
|
${appIdValue} Create Dictionary string=http.
|
||||||
${appIdObj} Create Dictionary attributeType=string protocol=HTTP attributeName=app_id
|
${appIdObj} Create Dictionary attributeType=string protocol=HTTP attributeName=app_id
|
||||||
... attributeValue=${appIdValue}
|
... attributeValue=${appIdValue}
|
||||||
${attributes} Create List ${ipObj} ${stringObj} ${appIdObj}
|
${attributes} Create List ${ipObj} ${stringObj} ${appIdObj} ${ipObj1}
|
||||||
${verifySession} Create Dictionary attributes=${attributes}
|
${verifySession} Create Dictionary attributes=${attributes}
|
||||||
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
||||||
${rescode} ${resData} VerifyPolicies ${verifyList}
|
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||||
Policy-Verify-v1-00021
|
Policy-Verify-v1-00021
|
||||||
${objectIds} Set Variable ${EMPTY}
|
${objectIds} Set Variable ${EMPTY}
|
||||||
Comment 创建对象
|
Comment 创建对象
|
||||||
${ipObj} Create Dictionary attributeType=ip tableName=TSG_OBJ_IP_ADDR protocol=HTTP attributeName=ip
|
${ipObj} Create Dictionary attributeType=ip tableName=TSG_OBJ_IP_ADDR protocol=HTTP attributeName=source
|
||||||
... attributeValue={"clientIp":"192.168.41.67","clientPort":1,"serverIp":"192.168.41.67","serverPort":1,"addrType":4,"protocol":6}
|
... attributeValue={"ip":"192.168.41.67","port":1,"addrType":4,"protocol":6}
|
||||||
|
${ipObj1} Create Dictionary attributeType=ip tableName=TSG_OBJ_IP_ADDR protocol=HTTP attributeName=destination
|
||||||
|
... attributeValue={"ip":"192.168.41.67","port":1,"addrType":4,"protocol":6}
|
||||||
${stringValue} Create Dictionary string=*baidu.com
|
${stringValue} Create Dictionary string=*baidu.com
|
||||||
${stringObj} Create Dictionary attributeType=string tableName=TSG_OBJ_URL protocol=HTTP attributeName=url
|
${stringObj} Create Dictionary attributeType=string tableName=TSG_OBJ_URL protocol=HTTP attributeName=url
|
||||||
... attributeValue=${stringValue}
|
... attributeValue=${stringValue}
|
||||||
${appIdValue} Create Dictionary string=http.
|
${appIdValue} Create Dictionary string=http.
|
||||||
${appIdObj} Create Dictionary attributeType=string protocol=HTTP attributeName=app_id
|
${appIdObj} Create Dictionary attributeType=string protocol=HTTP attributeName=app_id
|
||||||
... attributeValue=${appIdValue}
|
... attributeValue=${appIdValue}
|
||||||
${attributes} Create List ${ipObj} ${stringObj} ${appIdObj}
|
${attributes} Create List ${ipObj} ${stringObj} ${appIdObj} ${ipObj1}
|
||||||
${verifySession} Create Dictionary attributes=${attributes}
|
${verifySession} Create Dictionary attributes=${attributes}
|
||||||
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
||||||
${rescode} ${resData} VerifyPolicies ${verifyList}
|
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||||
Policy-Verify-v1-00022
|
Policy-Verify-v1-00022
|
||||||
${objectIds} Set Variable ${EMPTY}
|
${objectIds} Set Variable ${EMPTY}
|
||||||
Comment 创建对象
|
Comment 创建对象
|
||||||
${ipObj} Create Dictionary attributeType=ip tableName=TSG_OBJ_IP_ADDR protocol=HTTP attributeName=ip
|
${ipObj} Create Dictionary attributeType=ip tableName=TSG_OBJ_IP_ADDR protocol=HTTP attributeName=destination
|
||||||
... attributeValue={"clientIp":"192.168.41.67","clientPort":1,"serverIp":"192.168.41.67","serverPort":1,"addrType":4,"protocol":6}
|
... attributeValue={"ip":"192.168.41.67","port":1,"addrType":4,"protocol":6}
|
||||||
|
${ipObj1} Create Dictionary attributeType=ip tableName=TSG_OBJ_IP_ADDR protocol=HTTP attributeName=source
|
||||||
|
... attributeValue={"ip":"192.168.41.67","port":1,"addrType":4,"protocol":6}
|
||||||
${stringObj} Create Dictionary attributeType=string tableName=TSG_OBJ_URL protocol=HTTP attributeName=url
|
${stringObj} Create Dictionary attributeType=string tableName=TSG_OBJ_URL protocol=HTTP attributeName=url
|
||||||
... attributeValue={'string':'*baidu.com'}
|
... attributeValue={'string':'*baidu.com'}
|
||||||
${appIdValue} Create Dictionary string=http.
|
${appIdValue} Create Dictionary string=http.
|
||||||
${appIdObj} Create Dictionary attributeType=string protocol=HTTP attributeName=app_id
|
${appIdObj} Create Dictionary attributeType=string protocol=HTTP attributeName=app_id
|
||||||
... attributeValue=${appIdValue}
|
... attributeValue=${appIdValue}
|
||||||
${attributes} Create List ${ipObj} ${stringObj} ${appIdObj}
|
${attributes} Create List ${ipObj} ${stringObj} ${appIdObj} ${ipObj1}
|
||||||
${verifySession} Create Dictionary attributes=${attributes}
|
${verifySession} Create Dictionary attributes=${attributes}
|
||||||
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
||||||
${rescode} ${resData} VerifyPolicies ${verifyList}
|
${rescode} ${resData} VerifyPolicies ${verifyList}
|
||||||
@@ -485,8 +491,8 @@ Policy-Verify-v1-00022
|
|||||||
Policy-Verify-v1-00023
|
Policy-Verify-v1-00023
|
||||||
${objectIds} Set Variable ${EMPTY}
|
${objectIds} Set Variable ${EMPTY}
|
||||||
Comment 创建对象
|
Comment 创建对象
|
||||||
${ipObj} Create Dictionary attributeType=ip tableName=TSG_OBJ_IP_ADDR protocol=HTTP attributeName=ip
|
${ipObj} Create Dictionary attributeType=ip tableName=TSG_OBJ_IP_ADDR protocol=HTTP attributeName=source
|
||||||
... attributeValue=192.168.41.67|1|192.168.41.67|1|4|6
|
... attributeValue=192.168.41.67|1|4|6
|
||||||
${stringObj} Create Dictionary attributeType=string tableName=TSG_OBJ_URL protocol=HTTP attributeName=url
|
${stringObj} Create Dictionary attributeType=string tableName=TSG_OBJ_URL protocol=HTTP attributeName=url
|
||||||
... attributeValue=*baidu.com
|
... attributeValue=*baidu.com
|
||||||
${appIdObj} Create Dictionary attributeType=string protocol=HTTP attributeName=app_id
|
${appIdObj} Create Dictionary attributeType=string protocol=HTTP attributeName=app_id
|
||||||
|
|||||||
@@ -161,7 +161,7 @@ VerifyPolicies
|
|||||||
... atrributeValue字段可为三种格式
|
... atrributeValue字段可为三种格式
|
||||||
... 1:dict
|
... 1:dict
|
||||||
... 2:json
|
... 2:json
|
||||||
... 3.字符串,ip的value对应格式为clientIp|clientPort|serverIp|serverPort|addrType|protocol,注意addrType,protocol为数字
|
... 3.字符串,ip的value对应格式为ip|port|addrType|protocol,注意addrType,protocol为数字
|
||||||
... signature 的value对应格式为district|string
|
... signature 的value对应格式为district|string
|
||||||
... string的格式就是string
|
... string的格式就是string
|
||||||
... 以上三种方式可以混合搭配使用
|
... 以上三种方式可以混合搭配使用
|
||||||
|
|||||||
@@ -390,7 +390,7 @@ VerifyPolicyObj
|
|||||||
[Arguments] ${verifyObj}
|
[Arguments] ${verifyObj}
|
||||||
Log To Console Call VerifyPolicyObj
|
Log To Console Call VerifyPolicyObj
|
||||||
${emptyList} Create List
|
${emptyList} Create List
|
||||||
${return} ${policyType} Run Keyword And Ignore Error Get From Dictionary ${verifyObj} policyType
|
${return} ${policyType} Run Keyword And Ignore Error Set Variable ${verifyObj['policyType']}
|
||||||
#Should Not Be Empty ${policyType}
|
#Should Not Be Empty ${policyType}
|
||||||
${verifySession} Get From Dictionary ${verifyObj} verifySession
|
${verifySession} Get From Dictionary ${verifyObj} verifySession
|
||||||
Should Not Be Empty ${verifySession}
|
Should Not Be Empty ${verifySession}
|
||||||
@@ -398,8 +398,8 @@ VerifyPolicyObj
|
|||||||
Should Not Be Empty ${attributes}
|
Should Not Be Empty ${attributes}
|
||||||
FOR ${attribute} IN @{attributes}
|
FOR ${attribute} IN @{attributes}
|
||||||
${attributeType} Get From Dictionary ${attribute} attributeType
|
${attributeType} Get From Dictionary ${attribute} attributeType
|
||||||
${return} ${tableName} Run Keyword And Ignore Error Get From Dictionary ${attribute} tableName
|
${return} ${tableName} Run Keyword And Ignore Error Set Variable ${attribute['tableName']}
|
||||||
${return} ${protocol} Run Keyword And Ignore Error Get From Dictionary ${attribute} protocol
|
${return} ${protocol} Run Keyword And Ignore Error Set Variable ${attribute['protocol']}
|
||||||
${attributeName} Get From Dictionary ${attribute} attributeName
|
${attributeName} Get From Dictionary ${attribute} attributeName
|
||||||
${attributeValue} Get From Dictionary ${attribute} attributeValue
|
${attributeValue} Get From Dictionary ${attribute} attributeValue
|
||||||
#将json转换为dict
|
#将json转换为dict
|
||||||
@@ -427,34 +427,32 @@ ManageIpAttributeValue
|
|||||||
[Arguments] ${attributeValue} ${attributeName} ${type}
|
[Arguments] ${attributeValue} ${attributeName} ${type}
|
||||||
Run Keyword And Return If "${type}"=="str" ExtractIpAttributeValue ${attributeValue}
|
Run Keyword And Return If "${type}"=="str" ExtractIpAttributeValue ${attributeValue}
|
||||||
${dict} Create Dictionary
|
${dict} Create Dictionary
|
||||||
${return} ${clientIp} Run Keyword And Ignore Error Get From Dictionary ${attributeValue} clientIp
|
${return} ${ip} Run Keyword And Ignore Error Set Variable ${attributeValue['ip']}
|
||||||
Run Keyword If "${clientIp}"=="${EMPTY}" and "${attributeName}"=="src_ip" Should Not Be Empty ${clientIp}
|
Run Keyword If "${ip}"=="${EMPTY}" and "${attributeName}"=="source" Should Not Be Empty ${ip}
|
||||||
Set To Dictionary ${dict} clientIp=${clientIp}
|
Run Keyword If "${ip}"=="${EMPTY}" and "${attributeName}"=="destination" Should Not Be Empty ${ip}
|
||||||
${return} ${clientPort} Run Keyword And Ignore Error Get From Dictionary ${attributeValue} clientPort
|
Set To Dictionary ${dict} ip=${ip}
|
||||||
Run Keyword If "${clientPort}"=="${EMPTY}" and "${attributeName}"=="src_ip" Should Not Be Empty ${clientPort}
|
${return} ${port} Run Keyword And Ignore Error Set Variable ${attributeValue['port']}
|
||||||
Set To Dictionary ${dict} clientPort=${clientPort}
|
Run Keyword If "${port}"=="${EMPTY}" and "${attributeName}"=="source" Should Not Be Empty ${port}
|
||||||
${return} ${serverIp} Run Keyword And Ignore Error Get From Dictionary ${attributeValue} serverIp
|
Run Keyword If "${port}"=="${EMPTY}" and "${attributeName}"=="destination" Should Not Be Empty ${port}
|
||||||
Run Keyword If "${serverIp}"=="${EMPTY}" and "${attributeName}"=="dest_ip" Should Not Be Empty ${serverIp}
|
Set To Dictionary ${dict} port=${port}
|
||||||
Set To Dictionary ${dict} serverIp=${serverIp}
|
${return} ${addrType} Run Keyword And Ignore Error Set Variable ${attributeValue['addrType']}
|
||||||
${return} ${serverPort} Run Keyword And Ignore Error Get From Dictionary ${attributeValue} serverPort
|
Run Keyword If "${port}"=="${EMPTY}" and "${attributeName}"=="source" Should Not Be Empty ${addrType}
|
||||||
Run Keyword If "${serverPort}"=="${EMPTY}" and "${attributeName}"=="dest_ip" Should Not Be Empty ${serverPort}
|
Run Keyword If "${port}"=="${EMPTY}" and "${attributeName}"=="destination" Should Not Be Empty ${addrType}
|
||||||
Set To Dictionary ${dict} serverPort=${serverPort}
|
|
||||||
${return} ${addrType} Run Keyword And Ignore Error Get From Dictionary ${attributeValue} addrType
|
|
||||||
Should Be Equal As Strings ${return} PASS
|
|
||||||
Set To Dictionary ${dict} addrType=${addrType}
|
Set To Dictionary ${dict} addrType=${addrType}
|
||||||
${return} ${protocol} Run Keyword And Ignore Error Get From Dictionary ${attributeValue} protocol
|
${return} ${protocol} Run Keyword And Ignore Error Set Variable ${attributeValue['protocol']}
|
||||||
Should Be Equal As Strings ${return} PASS
|
Run Keyword If "${port}"=="${EMPTY}" and "${attributeName}"=="source" Should Not Be Empty ${protocol}
|
||||||
|
Run Keyword If "${port}"=="${EMPTY}" and "${attributeName}"=="destination" Should Not Be Empty ${protocol}
|
||||||
Set To Dictionary ${dict} protocol=${protocol}
|
Set To Dictionary ${dict} protocol=${protocol}
|
||||||
[Return] ${dict}
|
[Return] ${dict}
|
||||||
ExtractIpAttributeValue
|
ExtractIpAttributeValue
|
||||||
[Arguments] ${attributeValue}
|
[Arguments] ${attributeValue}
|
||||||
${list} Split String ${attributeValue} |
|
${list} Split String ${attributeValue} |
|
||||||
${len} Get Length ${list}
|
${len} Get Length ${list}
|
||||||
Should Be Equal As Integers ${len} 6
|
Should Be Equal As Integers ${len} 4
|
||||||
${addrType} Evaluate int(${list}[4])
|
${addrType} Evaluate int(${list}[2])
|
||||||
${protocol} Evaluate int(${list}[5])
|
${protocol} Evaluate int(${list}[3])
|
||||||
${dict} Create Dictionary clientIp=${list}[0] clientPort=${list}[1] serverIp=${list}[2]
|
${dict} Create Dictionary ip=${list}[0] port=${list}[1]
|
||||||
... serverPort=${list}[3] addrType=${addrType} protocol=${protocol}
|
... addrType=${addrType} protocol=${protocol}
|
||||||
[Return] ${dict}
|
[Return] ${dict}
|
||||||
ManageSignatureAttributeValue
|
ManageSignatureAttributeValue
|
||||||
[Arguments] ${attributeValue} ${type}
|
[Arguments] ${attributeValue} ${type}
|
||||||
|
|||||||
Reference in New Issue
Block a user