gfwleak/dongxiaoyan-tsg-autotest
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-09-14. You can view files and clone it, but cannot push or open issues or pull requests.
Files
6bf28973ab1be1fa4751f8f3ea0a5c202c417e89
dongxiaoyan-tsg-autotest/01-TestCase/tsg_adc/api_security/AllowHttpTests.robot

277 lines
17 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

*** Settings ***
Test Teardown DeletePolicyAndObjectAndApplicationAndSignature ${policyIds} ${objectids}
Force Tags tsg_adc tsg_security
Library OperatingSystem
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource ../../../02-Keyword/tsg_adc/FileOperation.robot
Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot
Resource ../../../03-Variable/ApplicationID.txt
Resource ../../../03-Variable/BifangApiVariable.txt
Resource ../../../02-Keyword/tsg_bfapi/policy_object/Application.robot
Resource ../../../02-Keyword/tsg_bfapi/policy_object/ProcessPolicyBody.robot
Library ../../../04-CustomLibrary/Library/VerifyPolicy.py
*** Variables ***
${policyIds} ${EMPTY}
${objectids} ${EMPTY}
*** Test Cases ***
SecurityPolicy-Allow-Http-00001
[Tags] Allow IP HTTP
Comment 创建IP
${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
${addItemLists} Create list ${addItemList1}
${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId} AddObjects ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建Allow策略
${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=allow source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP"} isValid=${1} appIdObjects=${HTTP_ID}
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
${policyIds} set Variable ${policyId}[0][policyIds][0]
${starttime} Get Time
#功能端验证
Sleep ${policyVerificationSleepSeconds}s
Comment 策略验证
#新增策略验证
#创建attributes中的字典
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"}
${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
# 合成attributes字典集
${attributes} Create List ${app_id} ${ipsource} ${ipdestination}
${verifySession} Create Dictionary attributes=${attributes}
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
log ${verifyList}
${rescode} ${resData} VerifyPolicies ${verifyList}
# 打印检查结果
${objectid_verify} Set Variable ${objectids}
${objectid_verify} Catenate SEPARATOR=, ${policyIds} ${objectid_verify}
# # 调用关键字 提取应答json获取其中所有的id值并判断新下发的id值是否在应答json的id中
log ${objectid_verify}
${testType} Evaluate type($objectid_verify)
${testType} Evaluate type($resData)
log ${resData}
sleep 5
${ok} VerifyProxy ${resData} ${objectid_verify}
Should Be Equal As Strings ${ok} true
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Allow_HTTP_00001_1.bat
... ELSE set variable ${curlbatpath}/command/SecurityPolicy_Allow_HTTP_00001_1_L.bat
${stringlist} run keyword if '${systemType}'=='Windows' Create List 首页 - 橙光
... ELSE Create List 首页 - 橙光
${rescode} SystemCommands ${commandstr} ${stringlist}
Comment 日志验证
#日志验证
${s} Convert to String ${policyIds}
${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host www.66rpg.com
Should Be Equal As Strings ${returnvalue} true
SecurityPolicy-Allow-Http-00002
[Tags] Allow IP HTTP FQDN
Comment 创建IP
${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
${addItemLists} Create list ${addItemList1}
${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId} AddObjects ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建fqdn
${addItemList1} Create Dictionary keywordArray=$www.66rpg.com isHexbin=${0}
${addItemLists} Create list ${addItemList1}
${objectDict1} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObjects ${1} ${objectDict1}
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
Comment 创建Allow策略
${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=allow source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID}
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
${policyIds} set Variable ${policyId}[0][policyIds][0]
${starttime} Get Time
#功能端验证
Sleep ${policyVerificationSleepSeconds}s
Comment 策略验证
#新增策略验证
#创建attributes中的字典
${qname_fqdn_id} Create Dictionary attributeType=string attributeName=host appId=67 appName=http protocol=http attributeValue={"string": "www.66rpg.com"}
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"}
${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
# 合成attributes字典集
${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${qname_fqdn_id}
${verifySession} Create Dictionary attributes=${attributes}
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
log ${verifyList}
${rescode} ${resData} VerifyPolicies ${verifyList}
# 打印检查结果
${objectid_verify} Set Variable ${objectids}
${objectid_verify} Catenate SEPARATOR=, ${policyIds} ${objectid_verify}
# # 调用关键字 提取应答json获取其中所有的id值并判断新下发的id值是否在应答json的id中
log ${objectid_verify}
${testType} Evaluate type($objectid_verify)
${testType} Evaluate type($resData)
log ${resData}
sleep 5
${ok} VerifyProxy ${resData} ${objectid_verify}
Should Be Equal As Strings ${ok} true
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Allow_HTTP_00001_1.bat
... ELSE set variable ${curlbatpath}/command/SecurityPolicy_Allow_HTTP_00001_1_L.bat
${stringlist} run keyword if '${systemType}'=='Windows' Create List 首页 - 橙光
... ELSE Create List 首页 - 橙光
${rescode} SystemCommands ${commandstr} ${stringlist}
Comment 日志验证
#日志验证
${s} Convert to String ${policyIds}
${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host www.66rpg.com
Should Be Equal As Strings ${returnvalue} true
SecurityPolicy-Allow-Http-00003
[Tags] Allow IP HTTP URL
Comment 创建IP
${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
${addItemLists} Create list ${addItemList1}
${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId} AddObjects ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建url
${addItemList1} Create Dictionary keywordArray=clintonairport.com/airlines-flights/covid/ isHexbin=${0}
${addItemLists} Create list ${addItemList1}
${objectDict1} Create Dictionary objectType=url objectSubType=url isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObjects ${1} ${objectDict1}
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
Comment 创建Allow策略
${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=allow source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID}
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
${policyIds} set Variable ${policyId}[0][policyIds][0]
${starttime} Get Time
#功能端验证
Sleep ${policyVerificationSleepSeconds}s
Comment 策略验证
#新增策略验证
#创建attributes中的字典
${url} Create Dictionary attributeType=string attributeName=url appId=67 appName=http protocol=http attributeValue={"string": "clintonairport.com/airlines-flights/covid/"}
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"}
${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
# 合成attributes字典集
${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${url}
${verifySession} Create Dictionary attributes=${attributes}
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
log ${verifyList}
${rescode} ${resData} VerifyPolicies ${verifyList}
# 打印检查结果
${objectid_verify} Set Variable ${objectids}
${objectid_verify} Catenate SEPARATOR=, ${policyIds} ${objectid_verify}
# # 调用关键字 提取应答json获取其中所有的id值并判断新下发的id值是否在应答json的id中
log ${objectid_verify}
${testType} Evaluate type($objectid_verify)
${testType} Evaluate type($resData)
log ${resData}
sleep 5
${ok} VerifyProxy ${resData} ${objectid_verify}
Should Be Equal As Strings ${ok} true
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Allow_HTTP_00001.bat
... ELSE set variable ${curlbatpath}/command/SecurityPolicy_Allow_HTTP_00001_L.bat
${stringlist} run keyword if '${systemType}'=='Windows' Create List clintonairport.com
... ELSE Create List clintonairport.com
${rescode} SystemCommands ${commandstr} ${stringlist}
Comment 日志验证
#日志验证
${s} Convert to String ${policyIds}
${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host clintonairport.com
Should Be Equal As Strings ${returnvalue} true
SecurityPolicy-Allow-Http-00004
[Tags] Allow IP HTTP FQDN+URL
Comment 创建IP
${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
${addItemLists} Create list ${addItemList1}
${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId} AddObjects ${1} ${objectDict}
${objectids} set Variable ${objectId}
Comment 创建fqdn
${addItemList1} Create Dictionary keywordArray=*clintonairport.com isHexbin=${0}
${addItemLists} Create list ${addItemList1}
${objectDict} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId1} AddObjects ${1} ${objectDict}
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
Comment 创建url
${addItemList1} Create Dictionary keywordArray=clintonairport.com/airlines-flights/covid/ isHexbin=${0}
${addItemLists} Create list ${addItemList1}
${objectDict1} Create Dictionary objectType=url objectSubType=url isValid=${1} addItemList=${addItemLists}
${rescode} ${objectId2} AddObjects ${1} ${objectDict1}
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId2}
Comment 创建Allow策略
${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=allow source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP"} filterList=${objectId1}|TSG_FIELD_HTTP_HOST,${objectId2}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID}
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
${policyIds} set Variable ${policyId}[0][policyIds][0]
${starttime} Get Time
#功能端验证
Sleep ${policyVerificationSleepSeconds}s
Comment 策略验证
#新增策略验证
#创建attributes中的字典
${url} Create Dictionary attributeType=string attributeName=url appId=67 appName=http protocol=http attributeValue={"string": "clintonairport.com/airlines-flights/covid/"}
${qname_fqdn_id} Create Dictionary attributeType=string attributeName=host appId=67 appName=http protocol=http attributeValue={"string": "clintonairport.com"}
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "67"}
${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
# 合成attributes字典集
${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${url} ${qname_fqdn_id}
${verifySession} Create Dictionary attributes=${attributes}
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
log ${verifyList}
${rescode} ${resData} VerifyPolicies ${verifyList}
# 打印检查结果
${objectid_verify} Set Variable ${objectids}
${objectid_verify} Catenate SEPARATOR=, ${policyIds} ${objectid_verify}
# # 调用关键字 提取应答json获取其中所有的id值并判断新下发的id值是否在应答json的id中
log ${objectid_verify}
${testType} Evaluate type($objectid_verify)
${testType} Evaluate type($resData)
log ${resData}
sleep 5
${ok} VerifyProxy ${resData} ${objectid_verify}
Should Be Equal As Strings ${ok} true
Comment 功能端验证HTTP验证
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Allow_HTTP_00001.bat
... ELSE set variable ${curlbatpath}/command/SecurityPolicy_Allow_HTTP_00001_L.bat
${stringlist} run keyword if '${systemType}'=='Windows' Create List COVID
... ELSE Create List COVID
${rescode} SystemCommands ${commandstr} ${stringlist}
Comment 日志验证
#日志验证
${s} Convert to String ${policyIds}
${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host clintonairport.com
Should Be Equal As Strings ${returnvalue} true
Reference in New Issue View Git Blame Copy Permalink