*** Settings *** Test Teardown DeletePolicyAndObjectAndApplicationAndSignature ${policyIds} ${objectids} policyids1=${policyIds1} Force Tags tsg_adc tsg_security Library OperatingSystem Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot Resource ../../../02-Keyword/tsg_adc/FileOperation.robot Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot Resource ../../../03-Variable/ApplicationID.txt Resource ../../../03-Variable/BifangApiVariable.txt Resource ../../../02-Keyword/tsg_bfapi/policy_object/Application.robot Resource ../../../02-Keyword/tsg_bfapi/policy_object/ProcessPolicyBody.robot Library ../../../04-CustomLibrary/Library/VerifyPolicy.py *** Variables *** ${policyIds} ${EMPTY} ${objectids} ${EMPTY} *** Test Cases *** ProxyPolicy-Allow-00001 [Tags] Allow IP HTTP Comment 创建IP ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0 ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId} AddObjects ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment 创建Intercept策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security policyDesc=autotest action=intercept source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} isValid=${1} appIdObjects=${SSL_ID} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyIds} set Variable ${policyId}[0][policyIds][0] Comment 创建allow策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=pxy_manipulation policyDesc=autotest action=allow source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"method":"allow","protocol":"HTTP"} isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyIds1} set Variable ${policyId1}[0][policyIds][0] ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s Comment 策略验证 #新增策略验证 #创建attributes中的字典 ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"} ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} # 合成attributes字典集 ${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${verifySession} Create Dictionary attributes=${attributes} ${verifyList} Create Dictionary policyType=pxy_manipulation verifySession=${verifySession} log ${verifyList} ${rescode} ${resData} VerifyPolicies ${verifyList} # 打印检查结果 ${objectid_verify} Set Variable ${objectids} ${objectid_verify} Catenate SEPARATOR=, ${policyIds1} ${objectid_verify} # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 log ${objectid_verify} ${testType} Evaluate type($objectid_verify) ${testType} Evaluate type($resData) log ${resData} sleep 5 ${ok} VerifyProxy ${resData} ${objectid_verify} Should Be Equal As Strings ${ok} true Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_allow_00001.bat ... ELSE set variable ${curlbatpath}/command/ProxyPolicy_allow_00001_L.bat ${stringlist} run keyword if '${systemType}'=='Windows' Create List 皮皮虾下载 Tango Secure Gateway CA ... ELSE Create List 皮皮虾下载 Tango Secure Gateway CA ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 日志验证 #日志验证 ${s} Convert to String ${policyIds1} ${returnvalue} GetLogList_new proxy_event_log ${starttime} ${testClentIP} ${s} http_host http_url Should Be Equal As Strings ${returnvalue} true ProxyPolicy-allow-00002 [Tags] Allow IP HTTP HOST Comment 创建IP ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0 ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId} AddObjects ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment 创建fqdn ${addItemList1} Create Dictionary keywordArray=$mp.pipix.com isHexbin=${0} ${addItemLists} Create list ${addItemList1} ${objectDict1} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObjects ${1} ${objectDict1} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1} Comment 创建Intercept策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security policyDesc=autotest action=intercept source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} isValid=${1} appIdObjects=${SSL_ID} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyIds} set Variable ${policyId}[0][policyIds][0] Comment 创建allow策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=pxy_manipulation policyDesc=autotest action=allow source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"method":"allow","protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyIds1} set Variable ${policyId1}[0][policyIds][0] ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s Comment 策略验证 #新增策略验证 #创建attributes中的字典 ${fqdn} Create Dictionary attributeType=string attributeName=host appId=67 appName=http protocol=http attributeValue={"string": "mp.pipix.com"} ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"} ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} # 合成attributes字典集 ${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${fqdn} ${verifySession} Create Dictionary attributes=${attributes} ${verifyList} Create Dictionary policyType=pxy_manipulation verifySession=${verifySession} log ${verifyList} ${rescode} ${resData} VerifyPolicies ${verifyList} # 打印检查结果 ${objectid_verify} Set Variable ${objectids} ${objectid_verify} Catenate SEPARATOR=, ${policyIds1} ${objectid_verify} # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 log ${objectid_verify} ${testType} Evaluate type($objectid_verify) ${testType} Evaluate type($resData) log ${resData} sleep 5 ${ok} VerifyProxy ${resData} ${objectid_verify} Should Be Equal As Strings ${ok} true Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_allow_00001.bat ... ELSE set variable ${curlbatpath}/command/ProxyPolicy_allow_00001_L.bat ${stringlist} run keyword if '${systemType}'=='Windows' Create List 皮皮虾下载 Tango Secure Gateway CA ... ELSE Create List 皮皮虾下载 Tango Secure Gateway CA ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 日志验证 #日志验证 ${s} Convert to String ${policyIds1} ${returnvalue} GetLogList_new proxy_event_log ${starttime} ${testClentIP} ${s} http_host mp.pipix.com Should Be Equal As Strings ${returnvalue} true ProxyPolicy-allow-00003 [Tags] Allow IP HTTP URL Comment 创建IP ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0 ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId} AddObjects ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment 创建url ${addItemList1} Create Dictionary keywordArray=$znakitaro.ru/ isHexbin=${0} ${addItemLists} Create list ${addItemList1} ${objectDict1} Create Dictionary objectType=url objectSubType=url isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObjects ${1} ${objectDict1} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1} Comment 创建Intercept策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security policyDesc=autotest action=intercept source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} isValid=${1} appIdObjects=${SSL_ID} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyIds} set Variable ${policyId}[0][policyIds][0] Comment 创建allow策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=pxy_manipulation policyDesc=autotest action=allow source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"method":"allow","protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyIds1} set Variable ${policyId1}[0][policyIds][0] ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s Comment 策略验证 #新增策略验证 #创建attributes中的字典 ${url} Create Dictionary attributeType=string attributeName=url appId=67 appName=http protocol=http attributeValue={"string": "znakitaro.ru/"} ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"} ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} # 合成attributes字典集 ${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${url} ${verifySession} Create Dictionary attributes=${attributes} ${verifyList} Create Dictionary policyType=pxy_manipulation verifySession=${verifySession} log ${verifyList} ${rescode} ${resData} VerifyPolicies ${verifyList} # 打印检查结果 ${objectid_verify} Set Variable ${objectids} ${objectid_verify} Catenate SEPARATOR=, ${policyIds1} ${objectid_verify} # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 log ${objectid_verify} ${testType} Evaluate type($objectid_verify) ${testType} Evaluate type($resData) log ${resData} sleep 5 ${ok} VerifyProxy ${resData} ${objectid_verify} Should Be Equal As Strings ${ok} true Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_allow_00003_1.bat ... ELSE set variable ${curlbatpath}/command/ProxyPolicy_allow_00003_1L.bat ${stringlist} run keyword if '${systemType}'=='Windows' Create List Тайные Tango Secure Gateway CA ... ELSE Create List Новости Tango Secure Gateway CA ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 日志验证 #日志验证 ${s} Convert to String ${policyIds1} ${returnvalue} GetLogList_new proxy_event_log ${starttime} ${testClentIP} ${s} http_host znakitaro.ru Should Be Equal As Strings ${returnvalue} true ProxyPolicy-Allow-00004 [Tags] Allow IP HTTP User-Agent Comment 创建IP ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0 ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId} AddObjects ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment User-Agent ${addItemList1} Create Dictionary keywordArray=Mozilla/5.0* isHexbin=${0} district=User-Agent ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObjects ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1} Comment 创建Intercept策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security policyDesc=autotest action=intercept source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} isValid=${1} appIdObjects=${SSL_ID} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyIds} set Variable ${policyId}[0][policyIds][0] Comment 创建allow策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=pxy_manipulation policyDesc=autotest action=allow source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"method":"allow","protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyIds1} set Variable ${policyId1}[0][policyIds][0] ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s Comment 策略验证 #新增策略验证 #创建attributes中的字典 ${req_hdr_ua} Create Dictionary attributeType=signature attributeName=req_hdr appId=67 appName=http protocol=http attributeValue={"string": "Mozilla/5.0","district": "User-Agent"} ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"} ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} # 合成attributes字典集 ${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${req_hdr_ua} ${verifySession} Create Dictionary attributes=${attributes} ${verifyList} Create Dictionary policyType=pxy_manipulation verifySession=${verifySession} log ${verifyList} ${rescode} ${resData} VerifyPolicies ${verifyList} # 打印检查结果 ${objectid_verify} Set Variable ${objectids} ${objectid_verify} Catenate SEPARATOR=, ${policyIds1} ${objectid_verify} # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 log ${objectid_verify} ${testType} Evaluate type($objectid_verify) ${testType} Evaluate type($resData) log ${resData} sleep 5 ${ok} VerifyProxy ${resData} ${objectid_verify} Should Be Equal As Strings ${ok} true Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_allow_00004.bat ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36" --referer 'https://www.baidu.com/' https://www.hao123.com ${stringlist} run keyword if '${systemType}'=='Windows' Create List 上网从这里开始 Tango Secure Gateway CA ... ELSE Create List 上网从这里开始 Tango Secure Gateway CA ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 日志验证 #日志验证 ${s} Convert to String ${policyIds1} ${returnvalue} GetLogList_new proxy_event_log ${starttime} ${testClentIP} ${s} http_host hao123 Should Be Equal As Strings ${returnvalue} true ProxyPolicy-Allow-00005 [Tags] Allow IP HTTP Content-Type Comment 创建IP ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0 ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId} AddObjects ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment Content-Type ${addItemList1} Create Dictionary keywordArray=*html isHexbin=${0} district=Content-Type ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObjects ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1} Comment 创建Intercept策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security policyDesc=autotest action=intercept source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP"} isValid=${1} appIdObjects=${HTTP_ID} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyIds} set Variable ${policyId}[0][policyIds][0] Comment 创建allow策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=pxy_manipulation policyDesc=autotest action=allow source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"method":"allow","protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyIds1} set Variable ${policyId1}[0][policyIds][0] ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s Comment 策略验证 #新增策略验证 #创建attributes中的字典 ${res_hdr_ct} Create Dictionary attributeType=signature attributeName=res_hdr appId=67 appName=http protocol=http attributeValue={"string": "html","district": "Content-Type"} ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"} ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} # 合成attributes字典集 ${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${res_hdr_ct} ${verifySession} Create Dictionary attributes=${attributes} ${verifyList} Create Dictionary policyType=pxy_manipulation verifySession=${verifySession} log ${verifyList} ${rescode} ${resData} VerifyPolicies ${verifyList} # 打印检查结果 ${objectid_verify} Set Variable ${objectids} ${objectid_verify} Catenate SEPARATOR=, ${policyIds1} ${objectid_verify} # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 log ${objectid_verify} ${testType} Evaluate type($objectid_verify) ${testType} Evaluate type($resData) log ${resData} sleep 5 ${ok} VerifyProxy ${resData} ${objectid_verify} Should Be Equal As Strings ${ok} true Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_allow_00008.bat ... ELSE set variable curl http://www.sse.com.cn/market/overview/ ${stringlist} run keyword if '${systemType}'=='Windows' Create List 上海证券交易所 ... ELSE Create List 上海证券交易所 ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 日志验证 #日志验证 ${s} Convert to String ${policyIds1} ${returnvalue} GetLogList_new proxy_event_log ${starttime} ${testClentIP} ${s} http_host sse.com.cn Should Be Equal As Strings ${returnvalue} true ProxyPolicy-Allow-00006 [Tags] Allow IP HTTP Cookie Comment 创建IP ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0 ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId} AddObjects ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment Cookie ${addItemList1} Create Dictionary keywordArray=lQfQ_2132 isHexbin=${0} district=Cookie ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObjects ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1} Comment 创建Intercept策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security policyDesc=autotest action=intercept source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} isValid=${1} appIdObjects=${SSL_ID} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyIds} set Variable ${policyId}[0][policyIds][0] Comment 创建allow策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=pxy_manipulation policyDesc=autotest action=allow source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"method":"allow","protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyIds1} set Variable ${policyId1}[0][policyIds][0] ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s Comment 策略验证 #新增策略验证 #创建attributes中的字典 ${req_hdr_ck1} Create Dictionary attributeType=signature attributeName=req_hdr appId=67 appName=http protocol=http attributeValue={"string": "lQfQ_2132","district": "Cookie"} ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"} ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} # 合成attributes字典集 ${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${req_hdr_ck1} ${verifySession} Create Dictionary attributes=${attributes} ${verifyList} Create Dictionary policyType=pxy_manipulation verifySession=${verifySession} log ${verifyList} ${rescode} ${resData} VerifyPolicies ${verifyList} # 打印检查结果 ${objectid_verify} Set Variable ${objectids} ${objectid_verify} Catenate SEPARATOR=, ${policyIds1} ${objectid_verify} # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 log ${objectid_verify} ${testType} Evaluate type($objectid_verify) ${testType} Evaluate type($resData) log ${resData} sleep 5 ${ok} VerifyProxy ${resData} ${objectid_verify} Should Be Equal As Strings ${ok} true Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_allow_00012.bat ... ELSE set variable ${curlbatpath}/command/ProxyPolicy_allow_00012_L.bat ${stringlist} run keyword if '${systemType}'=='Windows' Create List Object moved Tango Secure Gateway CA ... ELSE Create List Object moved Tango Secure Gateway CA ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 日志验证 #日志验证 ${s} Convert to String ${policyIds1} ${returnvalue} GetLogList_new proxy_event_log ${starttime} ${testClentIP} ${s} http_host www.virtuoso.com Should Be Equal As Strings ${returnvalue} true roxyPolicy-Allow-00007 [Tags] Allow IP HTTP Set-Cookie Comment 创建IP ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0 ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId} AddObjects ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment Set-Cookie ${addItemList1} Create Dictionary keywordArray=pll_language=ru* isHexbin=${0} district=Set-Cookie ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObjects ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1} Comment 创建Intercept策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security policyDesc=autotest action=intercept source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} isValid=${1} appIdObjects=${SSL_ID} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyIds} set Variable ${policyId}[0][policyIds][0] Comment 创建allow策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=pxy_manipulation policyDesc=autotest action=allow source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"method":"allow","protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyIds1} set Variable ${policyId1}[0][policyIds][0] ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s Comment 策略验证 #新增策略验证 #创建attributes中的字典 ${res_hdr_sc} Create Dictionary attributeType=signature attributeName=res_hdr appId=67 appName=http protocol=http attributeValue={"string": "pll_language=ru","district": "Set-Cookie"} ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"} ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} # 合成attributes字典集 ${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${res_hdr_sc} ${verifySession} Create Dictionary attributes=${attributes} ${verifyList} Create Dictionary policyType=pxy_manipulation verifySession=${verifySession} log ${verifyList} ${rescode} ${resData} VerifyPolicies ${verifyList} # 打印检查结果 ${objectid_verify} Set Variable ${objectids} ${objectid_verify} Catenate SEPARATOR=, ${policyIds1} ${objectid_verify} # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 log ${objectid_verify} ${testType} Evaluate type($objectid_verify) ${testType} Evaluate type($resData) log ${resData} sleep 5 ${ok} VerifyProxy ${resData} ${objectid_verify} Should Be Equal As Strings ${ok} true Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_allow_00013.bat ... ELSE set variable curl -kv https://russia.payu.com/orange-data/ Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_allow_00013.bat ... ELSE set variable curl -kv https://russia.payu.com/orange-data/ ${stringlist} run keyword if '${systemType}'=='Windows' Create List Интернет Tango Secure Gateway CA ... ELSE Create List Интернет Tango Secure Gateway CA ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 日志验证 #日志验证 ${s} Convert to String ${policyIds1} ${returnvalue} GetLogList_new proxy_event_log ${starttime} ${testClentIP} ${s} http_host russia.payu.com Should Be Equal As Strings ${returnvalue} true ProxyPolicy-Allow-00008 [Tags] Allow IP HTTP HOST+URL+User-Agent+Content-Type+Cookie+Set-Cookie Comment 创建IP ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0 ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId} AddObjects ${1} ${objectDict} ${objectids} set Variable ${objectId} Comment 创建fqdn ${addItemList1} Create Dictionary keywordArray=$www.orbitz.com isHexbin=${0} ${addItemLists} Create list ${addItemList1} ${objectDict1} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId1} AddObjects ${1} ${objectDict1} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1} Comment 创建url ${addItemList1} Create Dictionary keywordArray=*Flights isHexbin=${0} ${addItemLists} Create list ${addItemList1} ${objectDict1} Create Dictionary objectType=url objectSubType=url isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId2} AddObjects ${1} ${objectDict1} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId2} Comment User-Agent ${addItemList1} Create Dictionary keywordArray=Mozilla/5.0* isHexbin=${0} district=User-Agent ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId3} AddObjects ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId3} Comment Content-Type ${addItemList1} Create Dictionary keywordArray=charset isHexbin=${0} district=Content-Type ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId4} AddObjects ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId4} Comment Cookie ${addItemList1} Create Dictionary keywordArray=__stripe_sid isHexbin=${0} district=Cookie ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId5} AddObjects ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId5} Comment Set-Cookie ${addItemList1} Create Dictionary keywordArray=Domain=.orbitz.com isHexbin=${0} district=Set-Cookie ${addItemLists} Create list ${addItemList1} ${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId6} AddObjects ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId6} Comment 创建Intercept策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security policyDesc=autotest action=intercept source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"SSL","keyring":1,"decryption":1,"decrypt_mirror":{"enable":0,"mirror_profile":null}} isValid=${1} appIdObjects=${SSL_ID} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 ${policyIds} set Variable ${policyId}[0][policyIds][0] Comment 创建allow策略 ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=pxy_manipulation policyDesc=autotest action=allow userRegion={"method":"allow","protocol":"HTTP"} source=${objectId}|TSG_SECURITY_SOURCE_ADDR filterList=${objectId1}|TSG_FIELD_HTTP_HOST,${objectId2}|TSG_FIELD_HTTP_URL,${objectId3}|TSG_FIELD_HTTP_REQ_HDR,${objectId4}|TSG_FIELD_HTTP_RES_HDR,${objectId5}|TSG_FIELD_HTTP_REQ_HDR,${objectId6}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=${HTTP_ID} log ${policyDict} ${rescode} ${policyId1} AddPolicies 1 ${policyDict} v2 ${policyIds1} set Variable ${policyId1}[0][policyIds][0] ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s Comment 策略验证 #新增策略验证 #创建attributes中的字典 ${fqdn} Create Dictionary attributeType=string attributeName=host appId=67 appName=http protocol=http attributeValue={"string": "www.orbitz.com"} ${url} Create Dictionary attributeType=string attributeName=url appId=67 appName=http protocol=http attributeValue={"string": "www.orbitz.com/Flights"} ${res_hdr_ct} Create Dictionary attributeType=signature attributeName=res_hdr appId=67 appName=http protocol=http attributeValue={"string": "charset=text","district": "Content-Type"} ${req_hdr_ua} Create Dictionary attributeType=signature attributeName=req_hdr appId=67 appName=http protocol=http attributeValue={"string": "Mozilla/5.0fsfwhh","district": "User-Agent"} ${req_hdr_ck} Create Dictionary attributeType=signature attributeName=req_hdr appId=67 appName=http protocol=http attributeValue={"string": "__stripe_sidafdsvxvx","district": "Cookie"} ${res_hdr_sc} Create Dictionary attributeType=signature attributeName=res_hdr appId=67 appName=http protocol=http attributeValue={"string": "afsf123Domain=.orbitz.com","district": "Set-Cookie"} ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"} ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"} ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"} # 合成attributes字典集 ${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${fqdn} ${url} ${res_hdr_ct} ${req_hdr_ua} ${req_hdr_ck} ${res_hdr_sc} ${verifySession} Create Dictionary attributes=${attributes} ${verifyList} Create Dictionary policyType=pxy_manipulation verifySession=${verifySession} log ${verifyList} ${rescode} ${resData} VerifyPolicies ${verifyList} # 打印检查结果 ${objectid_verify} Set Variable ${objectids} ${objectid_verify} Catenate SEPARATOR=, ${policyIds1} ${objectid_verify} # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中 log ${objectid_verify} ${testType} Evaluate type($objectid_verify) ${testType} Evaluate type($resData) log ${resData} sleep 5 ${ok} VerifyProxy ${resData} ${objectid_verify} Should Be Equal As Strings ${ok} true Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/ProxyPolicy_allow_00014.bat ... ELSE set variable curl -kv \ --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/31.0.1650.63 Safari/537.36" \ --cookie "__cfduid=d5c21129d57e7124b729fd86dc82abdcd1596020306; __stripe_sid=2940d4d5-6822-4daf-8b38-9cd18d745beb; __stripe_mid=dd118cd8-845c-4b6e-98ce-81e8d5bdd52c" --referer 'https://www.baidu.com/' \ https://www.orbitz.com/Flights ${stringlist} run keyword if '${systemType}'=='Windows' Create List www.orbitz.com Tango Secure Gateway CA ... ELSE Create List www.orbitz.com Tango Secure Gateway CA ${rescode} SystemCommands ${commandstr} ${stringlist} Comment 日志验证 #日志验证 ${s} Convert to String ${policyIds1} ${returnvalue} GetLogList_new proxy_event_log ${starttime} ${testClentIP} ${s} http_host www.orbitz.com Should Be Equal As Strings ${returnvalue} true