*** Settings *** #Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} Force Tags zjj tsg_proxy replace Library OperatingSystem Resource ../../02-Keyword/tsg_adc/SystemCommand.robot Resource ../../02-Keyword/tsg_bfapi/PolicyObject.robot Resource ../../02-Keyword/tsg_bfapi/LogVariable.robot Resource ../../03-Variable/PolicyObjectDefault.txt Resource ../../02-Keyword/tsg_common/StmpHandle.robot Resource ../../03-Variable/BifangApiVariable.txt Resource ../../02-Keyword/tsg_bfapi/policy_file_interface/FunctionalKeywords.robot Library Custometest Library json *** Variables *** ${policyIds} ${EMPTY} ${objectids} ${EMPTY} ${url} /policy/profile/responsepages ${profiledId} ${EMPTY} *** Test Cases *** ZJJ_SecurityPolicy-Deny-Http-Alert00001 [Tags] ZJJ HttpAlert ${caseName} set variable ZJJ_SecurityPolicy-Deny-Http-Alert00001 #创建url ${objectDict} Create Dictionary ... objectType=url ... isValid=${1} ... objectSubType=${Default_ObjectSubType} ... isInitialize=${Default_IsInitialize} ... isExclusion=${Default_IsExclusion} ... objectName=${caseName}_URLobject ... objectDesc=${Default_ObjectDesc} ... subObjectIds=${Default_SubObjectIds} ... addItemList=open.node.com/action ${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict} #${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id} ${objectids} set Variable ${object_URL_Id} #创建url ${objectDict} Create Dictionary ... objectType=fqdn ... isValid=${1} ... objectSubType=${Default_ObjectSubType} ... isInitialize=${Default_IsInitialize} ... isExclusion=${Default_IsExclusion} ... objectName=${caseName}_fqdnobject ... objectDesc=${Default_ObjectDesc} ... subObjectIds=${Default_SubObjectIds} ... addItemList=$open.node.com ${rescode} ${object_FQDN_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_FQDN_Id} #创建Resheader ${objectDict} Create Dictionary ... objectType=http_signature ... isValid=${1} ... objectSubType=${Default_ObjectSubType} ... isInitialize=${Default_IsInitialize} ... isExclusion=${Default_IsExclusion} ... objectName=${caseName}_http_signatureheaderobject ... objectDesc=${Default_ObjectDesc} ... subObjectIds=${Default_SubObjectIds} ... addItemList=JSESSIONID=976F28F6C1A5B803B0CDF5FF3E1D2725|Set-Cookie ${rescode} ${object_ResH_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_ResH_Id} #创建ReqHeader ${objectDict} Create Dictionary ... objectType=http_signature ... isValid=${1} ... objectSubType=${Default_ObjectSubType} ... isInitialize=${Default_IsInitialize} ... isExclusion=${Default_IsExclusion} ... objectName=${caseName}_http_signatureheaderobject ... objectDesc=${Default_ObjectDesc} ... subObjectIds=${Default_SubObjectIds} ... addItemList=$JSESSIONID=976F28F6C1A5B803B0CDF5FF3E1D2725|Cookie ${rescode} ${object_ReqH_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_ReqH_Id} #创建ResBocy ${objectDict} Create Dictionary ... objectType=keywords ... isValid=${1} ... objectSubType=${Default_ObjectSubType} ... isInitialize=${Default_IsInitialize} ... isExclusion=${Default_IsExclusion} ... objectName=${caseName}_http_keywordsobject ... objectDesc=${Default_ObjectDesc} ... subObjectIds=${Default_SubObjectIds} ... addItemList=创建ResBocy* ${rescode} ${object_ResB_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_ResB_Id} #创建ReqBody ${objectDict} Create Dictionary ... objectType=keywords ... isValid=${1} ... objectSubType=${Default_ObjectSubType} ... isInitialize=${Default_IsInitialize} ... isExclusion=${Default_IsExclusion} ... objectName=${caseName}_http_keywordsobject ... objectDesc=${Default_ObjectDesc} ... subObjectIds=${Default_SubObjectIds} ... addItemList=*创建ReqBocy ${rescode} ${object_ReqB_Id} AddObject2 ${1} ${objectDict} ${objectids} Catenate SEPARATOR=, ${objectids} ${object_ReqB_Id} # 新增 ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages ${profiledId} Get From Dictionary ${response} profileId Comment 创建Deny策略 ${policyDict} Create Dictionary ... policyName=${caseName} ... policyType=tsg_security ... policyDesc=${caseName} ... action=deny ... effectiveRange=${Default_EffectiveRange} ... userRegion={"protocol": "HTTP","method":"alert","code":200,"html_profile":${profiledId}} ... referenceObject=${object_URL_Id}|TSG_FIELD_HTTP_URL,${object_FQDN_Id}|TSG_FIELD_HTTP_HOST,${object_ReqH_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_ResH_Id}|TSG_FIELD_HTTP_RES_HDR,${object_ReqB_Id}|TSG_FIELD_HTTP_REQ_CONTENT,${object_ResB_Id}|TSG_FIELD_HTTP_RES_CONTENT ... appObjectIdArray=${2} ... userTags=${Default_UserTags} ... doLog=${Default_DoLog} ... scheduleId=${Default_ScheduleId} ${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict} ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} Comment 功能端验证HTTP验证 ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat ... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset ... ELSE Create List Connection reset by peer ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${rescode} SystemCommands ${commandstr} ${stringlist} Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com ZJJ_SecurityPolicy-Deny-Http-Alert00002 [Tags] ZJJ HttpAlert ${caseName} set variable ZJJ_SecurityPolicy-Deny-Http-Alert00002 #创建url ${objectDict} Create Dictionary ... objectType=url ... isValid=${1} ... objectSubType=${Default_ObjectSubType} ... isInitialize=${Default_IsInitialize} ... isExclusion=${Default_IsExclusion} ... objectName=${caseName}_URLobject ... objectDesc=${Default_ObjectDesc} ... subObjectIds=${Default_SubObjectIds} ... addItemList=open.node.com ${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict} #${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id} ${objectids} set Variable ${object_URL_Id} # 新增 ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages ${profiledId} Get From Dictionary ${response} profileId Comment 创建Deny策略 ${policyDict} Create Dictionary ... policyName=${caseName} ... policyType=tsg_security ... policyDesc=${caseName} ... action=deny ... effectiveRange=${Default_EffectiveRange} ... userRegion={"protocol": "HTTP","method":"alert","code":200,"html_profile":${profiledId}} ... referenceObject=${object_URL_Id}|TSG_FIELD_HTTP_URL ... appObjectIdArray=${2} ... userTags=${Default_UserTags} ... doLog=${Default_DoLog} ... scheduleId=${Default_ScheduleId} ${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict} ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} ZJJ_SecurityPolicy-Deny-Http-Alert00003 [Tags] ZJJ HttpAlert ${caseName} set variable ZJJ_SecurityPolicy-Deny-Http-Alert00003 #创建url ${objectDict} Create Dictionary ... objectType=url ... isValid=${1} ... objectSubType=${Default_ObjectSubType} ... isInitialize=${Default_IsInitialize} ... isExclusion=${Default_IsExclusion} ... objectName=${caseName}_URLobject ... objectDesc=${Default_ObjectDesc} ... subObjectIds=${Default_SubObjectIds} ... addItemList=www.icbc.com.cn ${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict} #${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id} ${objectids} set Variable ${object_URL_Id} # 新增 ${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages ${profiledId} Get From Dictionary ${response} profileId Comment 创建Deny策略 ${policyDict} Create Dictionary ... policyName=${caseName} ... policyType=tsg_security ... policyDesc=${caseName} ... action=deny ... effectiveRange=${Default_EffectiveRange} ... userRegion={"protocol": "HTTP","method":"alert","code":204,"html_profile":${profiledId}} ... referenceObject=${object_URL_Id}|TSG_FIELD_HTTP_URL ... appObjectIdArray=${2} ... userTags=${Default_UserTags} ... doLog=${Default_DoLog} ... scheduleId=${Default_ScheduleId} ${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict} ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} ZJJ_SecurityPolicy-Deny-Http-Alert00004 [Tags] ZJJ HttpAlert ${caseName} set variable ZJJ_SecurityPolicy-Deny-Http-Alert00004 #创建url ${objectDict} Create Dictionary ... objectType=url ... isValid=${1} ... objectSubType=${Default_ObjectSubType} ... isInitialize=${Default_IsInitialize} ... isExclusion=${Default_IsExclusion} ... objectName=${caseName}_URLobject ... objectDesc=${Default_ObjectDesc} ... subObjectIds=${Default_SubObjectIds} ... addItemList=www.xiaozhu.com ${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict} #${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id} ${objectids} set Variable ${object_URL_Id} Comment 创建Deny策略 ${policyDict} Create Dictionary ... policyName=${caseName} ... policyType=tsg_security ... policyDesc=${caseName} ... action=deny ... effectiveRange=${Default_EffectiveRange} ... userRegion={"protocol": "HTTP","method":"alert","code":200,"message":"alerttest200"} ... referenceObject=${object_URL_Id}|TSG_FIELD_HTTP_URL ... appObjectIdArray=${2} ... userTags=${Default_UserTags} ... doLog=${Default_DoLog} ... scheduleId=${Default_ScheduleId} ${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict} ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]} ZJJ_SecurityPolicy-Deny-Http-Alert00005 [Tags] ZJJ HttpAlert ${caseName} set variable ZJJ_SecurityPolicy-Deny-Http-Alert00005 #创建url ${objectDict} Create Dictionary ... objectType=url ... isValid=${1} ... objectSubType=${Default_ObjectSubType} ... isInitialize=${Default_IsInitialize} ... isExclusion=${Default_IsExclusion} ... objectName=${caseName}_URLobject ... objectDesc=${Default_ObjectDesc} ... subObjectIds=${Default_SubObjectIds} ... addItemList=www.sinovision.net ${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict} #${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id} ${objectids} set Variable ${object_URL_Id} Comment 创建Deny策略 ${policyDict} Create Dictionary ... policyName=${caseName} ... policyType=tsg_security ... policyDesc=${caseName} ... action=deny ... effectiveRange=${Default_EffectiveRange} ... userRegion={"protocol": "HTTP","method":"alert","code":204,"message":"alerttest204"} ... referenceObject=${object_URL_Id}|TSG_FIELD_HTTP_URL ... appObjectIdArray=${2} ... userTags=${Default_UserTags} ... doLog=${Default_DoLog} ... scheduleId=${Default_ScheduleId} ${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict} ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]}