*** Settings *** Resource ../../03-Variable/BifangApiVariable.txt # Resource ../../03-Variable/ApplicationID.txt Library REST http://${host}:${port} Library Collections Library SSHLibrary Resource PolicyObject.robot Resource ../tsg_ui/logout/Logout.robot Resource ../tsg_ui/login/Login.robot #Resource ../../02-Keyword/tsg_bfapi/PolicyObject.robot Resource ../../02-Keyword/tsg_bfapi/policy_object/Policy.robot Resource Tag.robot *** Keywords *** InitPotocol ${appDict} Create Dictionary ${appVDict} Create Dictionary Connect To Database Using Custom Params pymysql ${mysqlHost} ${app_id} query SELECT group_id,low_boundary,region_name FROM tsg_obj_app_id WHERE is_valid=1 ${app_length} Get Length ${app_id} FOR ${n} IN RANGE ${app_length} log ${n} Set To Dictionary ${appDict} ${app_id}[${n}][2]=${app_id}[${n}][0] Set To Dictionary ${appVDict} ${app_id}[${n}][2]=${app_id}[${n}][1] log ${appDict} log ${appVDict} END Disconnect From Database #供策略创建使用的appid SET GLOBAL VARIABLE ${objprotol} ${appDict} #供策略验证使用的appid SET GLOBAL VARIABLE ${appportol} ${appVDict} Login [Tags] tsg_adc tsg_bf_api #[Arguments] ${username} ${password} ${authmode} ${authCode} ${ldapId} # 毕方接口用户名密码 GET /${version}/user/encryptpwd?password=${password} Object response body #OUTPUT response body #${rescode} Integer $.code Integer $.code 200 #log ${rescode} ${pwd} String $.data.encryptpwd #log ${pwd} ${pwdstr} Get From List ${pwd} 0 #log aaaaaaa log ${pwdstr} #log bbb SET GLOBAL VARIABLE ${encodePassword} ${pwdstr} #log aaaaaaa log ${encodePassword} #log aaaaaaa #log ${host}:${port} #getToken################################################################################## #log ${username} #log ${pwdstr} POST /${version}/user/login?username=${username}&password=${encodePassword}&authMode=${authmode} Object response body #OUTPUT response body Integer $.code 200 #${rescodelist} Integer $.code #${rescode} Get From List ${rescodelist} 0 ${rescode} Integer $.code log ${rescode} ${tokenGlobal} String $.data.token ${tokenStr} Get From List ${tokenGlobal} 0 log ${tokenStr} SET GLOBAL VARIABLE ${token} ${tokenStr} log ${token} SET GLOBAL VARIABLE ${headers} {"Contest-Type":"application/json","Authorization":"${token}"} #初始化接口中策略中引用协议和策略校验协议 InitPotocol #Return ${rescode} Logout [Tags] tsg_adc tsg_bf_api POST /${version}/user/logout headers=${headers} Object response body Integer $.code 200 ${rescode} Integer $.code #[Return] ${rescode} ApiLoginAndAddLocalIP [Tags] tsg_adc tsg_bf_api log ApiLoginAndAddLocalIP loginlogout.Login #log ********** Run Keyword If ${addTestClentIPFlag}==1 AddLocalIPObject log ApiLoginAndAddLocalIP #ApiAddAutoTagsCase #[Return] ${rescode} #添加tsgUIAPI Run Keyword If ${addTsgUIAPIFlag}==1 SecurityPolicy-Allow-TSGUIAPI-Add ApiLogoutAndDelLocalIP [Tags] tsg_adc tsg_bf_api log ApiLogoutAndDelLocalIP log to_LogoutAndDelLocalIP_LogoutAndDelLocalIP #删除tsgUIAPI 先删除白名单,是因为此策略也引用了本机IP Run Keyword If ${addTsgUIAPIFlag}==1 SecurityPolicy-Allow-TSGUIAPI-DEL Run Keyword If ${addTestClentIPFlag}==1 DelLocalIPObject #ApiDeleteAutoTagsCase loginlogout.Logout #[Return] ${rescode} CliLogin [Tags] tsg_cli cli_login Open Connection ${cliHost} SSHLibrary.Login ${cliUsername} ${cliPassword} CliLogout [Tags] tsg_cli cli_logout Close Connection Log Close CLI Connection SecurityPolicy-Allow-TSGUIAPI-Add [Tags] uiallow log toAddTSGUIAPI ${addItemList1} Create Dictionary isSession=endpoint ip=${host}/32 port=0-0 direction=0 protocol=0 isInitialize=0 #可以添加多个 ${addItemLists} Create list ${addItemList1} #objectList对象 ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists} ${rescode} ${objectId} AddObjects ${1} ${objectDict} SET GLOBAL VARIABLE ${testBifangIP} ${objectId} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Allow-TSGUIAPI policyType=tsg_security policyDesc=autotest action=allow destination=${objectId}|TSG_SECURITY_DESTINATION_ADDR userRegion={} isValid=${1} appIdObjects=${HTTP_ID},${SSL_ID} log ${policyDict} ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2 SET GLOBAL VARIABLE ${testBifangPolicy} ${policyId} log addTSGUIAPISucess SecurityPolicy-Allow-TSGUIAPI-DEL [Tags] uiallow log toDelTSGUIAPI #${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${testBifangPolicy}]} #${policyIds} Create List ${testBifangPolicy} ${objectIds} Create List ${testBifangIP} DeletePolicyAndGroupObject ${testBifangPolicy} ${objectIds} log delTSGUIAPISucess