298 lines
15 KiB
Plaintext
298 lines
15 KiB
Plaintext
*** Settings ***
|
|
Test Teardown DeletePolicyAndObject ${policyIds} ${objectids}
|
|
Force Tags zjj tsg_proxy replace
|
|
Library OperatingSystem
|
|
Resource ../../02-Keyword/tsg_adc/SystemCommand.robot
|
|
Resource ../../02-Keyword/tsg_bfapi/PolicyObject.robot
|
|
Resource ../../02-Keyword/tsg_bfapi/LogVariable.robot
|
|
Resource ../../03-Variable/PolicyObjectDefault.txt
|
|
Resource ../../02-Keyword/tsg_common/StmpHandle.robot
|
|
Resource ../../03-Variable/BifangApiVariable.txt
|
|
Resource ../../02-Keyword/tsg_bfapi/policy_file_interface/FunctionalKeywords.robot
|
|
Library Custometest
|
|
Library json
|
|
|
|
*** Variables ***
|
|
${policyIds} ${EMPTY}
|
|
${objectids} ${EMPTY}
|
|
${url} /policy/profile/responsepages
|
|
${profiledId} ${EMPTY}
|
|
|
|
*** Test Cases ***
|
|
ZJJ_SecurityPolicy-Deny-Http-Alert00001
|
|
[Tags] ZJJ HttpAlert
|
|
${caseName} set variable ZJJ_SecurityPolicy-Deny-Http-Alert00001
|
|
#创建url
|
|
${objectDict} Create Dictionary
|
|
... objectType=url
|
|
... isValid=${1}
|
|
... objectSubType=${Default_ObjectSubType}
|
|
... isInitialize=${Default_IsInitialize}
|
|
... isExclusion=${Default_IsExclusion}
|
|
... objectName=${caseName}_URLobject
|
|
... objectDesc=${Default_ObjectDesc}
|
|
... subObjectIds=${Default_SubObjectIds}
|
|
... addItemList=open.node.com/action
|
|
${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict}
|
|
#${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id}
|
|
${objectids} set Variable ${object_URL_Id}
|
|
|
|
#创建url
|
|
${objectDict} Create Dictionary
|
|
... objectType=fqdn
|
|
... isValid=${1}
|
|
... objectSubType=${Default_ObjectSubType}
|
|
... isInitialize=${Default_IsInitialize}
|
|
... isExclusion=${Default_IsExclusion}
|
|
... objectName=${caseName}_fqdnobject
|
|
... objectDesc=${Default_ObjectDesc}
|
|
... subObjectIds=${Default_SubObjectIds}
|
|
... addItemList=$open.node.com
|
|
${rescode} ${object_FQDN_Id} AddObject2 ${1} ${objectDict}
|
|
${objectids} Catenate SEPARATOR=, ${objectids} ${object_FQDN_Id}
|
|
|
|
#创建Resheader
|
|
${objectDict} Create Dictionary
|
|
... objectType=http_signature
|
|
... isValid=${1}
|
|
... objectSubType=${Default_ObjectSubType}
|
|
... isInitialize=${Default_IsInitialize}
|
|
... isExclusion=${Default_IsExclusion}
|
|
... objectName=${caseName}_http_signatureheaderobject
|
|
... objectDesc=${Default_ObjectDesc}
|
|
... subObjectIds=${Default_SubObjectIds}
|
|
... addItemList=JSESSIONID=976F28F6C1A5B803B0CDF5FF3E1D2725|Set-Cookie
|
|
${rescode} ${object_ResH_Id} AddObject2 ${1} ${objectDict}
|
|
${objectids} Catenate SEPARATOR=, ${objectids} ${object_ResH_Id}
|
|
|
|
#创建ReqHeader
|
|
${objectDict} Create Dictionary
|
|
... objectType=http_signature
|
|
... isValid=${1}
|
|
... objectSubType=${Default_ObjectSubType}
|
|
... isInitialize=${Default_IsInitialize}
|
|
... isExclusion=${Default_IsExclusion}
|
|
... objectName=${caseName}_http_signatureheaderobject
|
|
... objectDesc=${Default_ObjectDesc}
|
|
... subObjectIds=${Default_SubObjectIds}
|
|
... addItemList=$JSESSIONID=976F28F6C1A5B803B0CDF5FF3E1D2725|Cookie
|
|
${rescode} ${object_ReqH_Id} AddObject2 ${1} ${objectDict}
|
|
${objectids} Catenate SEPARATOR=, ${objectids} ${object_ReqH_Id}
|
|
|
|
#创建ResBocy
|
|
${objectDict} Create Dictionary
|
|
... objectType=keywords
|
|
... isValid=${1}
|
|
... objectSubType=${Default_ObjectSubType}
|
|
... isInitialize=${Default_IsInitialize}
|
|
... isExclusion=${Default_IsExclusion}
|
|
... objectName=${caseName}_http_keywordsobject
|
|
... objectDesc=${Default_ObjectDesc}
|
|
... subObjectIds=${Default_SubObjectIds}
|
|
... addItemList=创建ResBocy*
|
|
${rescode} ${object_ResB_Id} AddObject2 ${1} ${objectDict}
|
|
${objectids} Catenate SEPARATOR=, ${objectids} ${object_ResB_Id}
|
|
|
|
#创建ReqBody
|
|
${objectDict} Create Dictionary
|
|
... objectType=keywords
|
|
... isValid=${1}
|
|
... objectSubType=${Default_ObjectSubType}
|
|
... isInitialize=${Default_IsInitialize}
|
|
... isExclusion=${Default_IsExclusion}
|
|
... objectName=${caseName}_http_keywordsobject
|
|
... objectDesc=${Default_ObjectDesc}
|
|
... subObjectIds=${Default_SubObjectIds}
|
|
... addItemList=*创建ReqBocy
|
|
${rescode} ${object_ReqB_Id} AddObject2 ${1} ${objectDict}
|
|
${objectids} Catenate SEPARATOR=, ${objectids} ${object_ReqB_Id}
|
|
|
|
# 新增
|
|
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages
|
|
${profiledId} Get From Dictionary ${response} profileId
|
|
Comment 创建Deny策略
|
|
${policyDict} Create Dictionary
|
|
... policyName=${caseName}
|
|
... policyType=tsg_security
|
|
... policyDesc=${caseName}
|
|
... action=deny
|
|
... effectiveRange=${Default_EffectiveRange}
|
|
... userRegion={"protocol": "HTTP","method":"alert","code":200,"html_profile":${profiledId}}
|
|
... referenceObject=${object_URL_Id}|TSG_FIELD_HTTP_URL,${object_FQDN_Id}|TSG_FIELD_HTTP_HOST,${object_ReqH_Id}|TSG_FIELD_HTTP_REQ_HDR,${object_ResH_Id}|TSG_FIELD_HTTP_RES_HDR,${object_ReqB_Id}|TSG_FIELD_HTTP_REQ_CONTENT,${object_ResB_Id}|TSG_FIELD_HTTP_RES_CONTENT
|
|
... appObjectIdArray=${2}
|
|
... userTags=${Default_UserTags}
|
|
... doLog=${Default_DoLog}
|
|
... scheduleId=${Default_ScheduleId}
|
|
|
|
${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict}
|
|
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]}
|
|
|
|
Comment 功能端验证HTTP验证
|
|
${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/selfserver/SecurityPolicy-Intercept-HTTP-0001.bat
|
|
... ELSE set variable curl http://open.node.com/test/xiaozhu/xiaozhu.html
|
|
${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
|
|
... ELSE Create List Connection reset by peer
|
|
${starttime} Get Time
|
|
Sleep ${policyVerificationSleepSeconds}s
|
|
${rescode} SystemCommands ${commandstr} ${stringlist}
|
|
Sleep ${policyLogVerificationSleepSeconds}s
|
|
${endtime} Get Time
|
|
#日志验证
|
|
${s} Convert to String ${policyId}
|
|
GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host open.node.com
|
|
|
|
|
|
|
|
|
|
|
|
ZJJ_SecurityPolicy-Deny-Http-Alert00002
|
|
[Tags] ZJJ HttpAlert
|
|
${caseName} set variable ZJJ_SecurityPolicy-Deny-Http-Alert00002
|
|
#创建url
|
|
${objectDict} Create Dictionary
|
|
... objectType=url
|
|
... isValid=${1}
|
|
... objectSubType=${Default_ObjectSubType}
|
|
... isInitialize=${Default_IsInitialize}
|
|
... isExclusion=${Default_IsExclusion}
|
|
... objectName=${caseName}_URLobject
|
|
... objectDesc=${Default_ObjectDesc}
|
|
... subObjectIds=${Default_SubObjectIds}
|
|
... addItemList=open.node.com
|
|
${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict}
|
|
#${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id}
|
|
${objectids} set Variable ${object_URL_Id}
|
|
|
|
|
|
# 新增
|
|
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404china.html resPages
|
|
${profiledId} Get From Dictionary ${response} profileId
|
|
Comment 创建Deny策略
|
|
${policyDict} Create Dictionary
|
|
... policyName=${caseName}
|
|
... policyType=tsg_security
|
|
... policyDesc=${caseName}
|
|
... action=deny
|
|
... effectiveRange=${Default_EffectiveRange}
|
|
... userRegion={"protocol": "HTTP","method":"alert","code":200,"html_profile":${profiledId}}
|
|
... referenceObject=${object_URL_Id}|TSG_FIELD_HTTP_URL
|
|
... appObjectIdArray=${2}
|
|
... userTags=${Default_UserTags}
|
|
... doLog=${Default_DoLog}
|
|
... scheduleId=${Default_ScheduleId}
|
|
|
|
${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict}
|
|
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]}
|
|
|
|
ZJJ_SecurityPolicy-Deny-Http-Alert00003
|
|
[Tags] ZJJ HttpAlert
|
|
${caseName} set variable ZJJ_SecurityPolicy-Deny-Http-Alert00003
|
|
#创建url
|
|
${objectDict} Create Dictionary
|
|
... objectType=url
|
|
... isValid=${1}
|
|
... objectSubType=${Default_ObjectSubType}
|
|
... isInitialize=${Default_IsInitialize}
|
|
... isExclusion=${Default_IsExclusion}
|
|
... objectName=${caseName}_URLobject
|
|
... objectDesc=${Default_ObjectDesc}
|
|
... subObjectIds=${Default_SubObjectIds}
|
|
... addItemList=www.icbc.com.cn
|
|
${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict}
|
|
#${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id}
|
|
${objectids} set Variable ${object_URL_Id}
|
|
|
|
|
|
# 新增
|
|
${response} CreatePolicyFile2 ${url} ${responsePageFiles} 404english.html resPages
|
|
${profiledId} Get From Dictionary ${response} profileId
|
|
Comment 创建Deny策略
|
|
${policyDict} Create Dictionary
|
|
... policyName=${caseName}
|
|
... policyType=tsg_security
|
|
... policyDesc=${caseName}
|
|
... action=deny
|
|
... effectiveRange=${Default_EffectiveRange}
|
|
... userRegion={"protocol": "HTTP","method":"alert","code":204,"html_profile":${profiledId}}
|
|
... referenceObject=${object_URL_Id}|TSG_FIELD_HTTP_URL
|
|
... appObjectIdArray=${2}
|
|
... userTags=${Default_UserTags}
|
|
... doLog=${Default_DoLog}
|
|
... scheduleId=${Default_ScheduleId}
|
|
|
|
${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict}
|
|
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]}
|
|
|
|
|
|
ZJJ_SecurityPolicy-Deny-Http-Alert00004
|
|
[Tags] ZJJ HttpAlert
|
|
${caseName} set variable ZJJ_SecurityPolicy-Deny-Http-Alert00004
|
|
#创建url
|
|
${objectDict} Create Dictionary
|
|
... objectType=url
|
|
... isValid=${1}
|
|
... objectSubType=${Default_ObjectSubType}
|
|
... isInitialize=${Default_IsInitialize}
|
|
... isExclusion=${Default_IsExclusion}
|
|
... objectName=${caseName}_URLobject
|
|
... objectDesc=${Default_ObjectDesc}
|
|
... subObjectIds=${Default_SubObjectIds}
|
|
... addItemList=www.xiaozhu.com
|
|
${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict}
|
|
#${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id}
|
|
${objectids} set Variable ${object_URL_Id}
|
|
|
|
|
|
Comment 创建Deny策略
|
|
${policyDict} Create Dictionary
|
|
... policyName=${caseName}
|
|
... policyType=tsg_security
|
|
... policyDesc=${caseName}
|
|
... action=deny
|
|
... effectiveRange=${Default_EffectiveRange}
|
|
... userRegion={"protocol": "HTTP","method":"alert","code":200,"message":"alerttest200"}
|
|
... referenceObject=${object_URL_Id}|TSG_FIELD_HTTP_URL
|
|
... appObjectIdArray=${2}
|
|
... userTags=${Default_UserTags}
|
|
... doLog=${Default_DoLog}
|
|
... scheduleId=${Default_ScheduleId}
|
|
|
|
${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict}
|
|
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]}
|
|
|
|
ZJJ_SecurityPolicy-Deny-Http-Alert00005
|
|
[Tags] ZJJ HttpAlert
|
|
${caseName} set variable ZJJ_SecurityPolicy-Deny-Http-Alert00005
|
|
#创建url
|
|
${objectDict} Create Dictionary
|
|
... objectType=url
|
|
... isValid=${1}
|
|
... objectSubType=${Default_ObjectSubType}
|
|
... isInitialize=${Default_IsInitialize}
|
|
... isExclusion=${Default_IsExclusion}
|
|
... objectName=${caseName}_URLobject
|
|
... objectDesc=${Default_ObjectDesc}
|
|
... subObjectIds=${Default_SubObjectIds}
|
|
... addItemList=www.sinovision.net
|
|
${rescode} ${object_URL_Id} AddObject2 ${1} ${objectDict}
|
|
#${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_Id}
|
|
${objectids} set Variable ${object_URL_Id}
|
|
|
|
|
|
Comment 创建Deny策略
|
|
${policyDict} Create Dictionary
|
|
... policyName=${caseName}
|
|
... policyType=tsg_security
|
|
... policyDesc=${caseName}
|
|
... action=deny
|
|
... effectiveRange=${Default_EffectiveRange}
|
|
... userRegion={"protocol": "HTTP","method":"alert","code":204,"message":"alerttest204"}
|
|
... referenceObject=${object_URL_Id}|TSG_FIELD_HTTP_URL
|
|
... appObjectIdArray=${2}
|
|
... userTags=${Default_UserTags}
|
|
... doLog=${Default_DoLog}
|
|
... scheduleId=${Default_ScheduleId}
|
|
|
|
${rescode} ${securitypolicyId} AddPolicy2 ${1} ${policyDict}
|
|
${policyIds} Create List {"policyType":"tsg_security","policyIds":[${securitypolicyId}]}
|