class MysqlSqlReOff(unittest.TestCase):
def setUp(self):
self.sqllist = commen.PutsqlNum()
self.ruler_name = commen.PutsqlName("mysql_")
LOG.info("规则名称:%s" % self.ruler_name)
LOG.info("SQL语句:%s" % self.sqllist)
self.sensql = SensitiveSql(
self.ruler_name, GlobalConfig.db_type_['mysql'],
dbservice.select_dbservice_byname(gp.run_db["mysql"]),
GlobalConfig.db_type_['oracle'])
self.sensitiveway = SensitiveWay()
@logger('敏感mysql类型低风险禁用')
def test_mysql_re_off_risk1(self):
'''敏感mysql类型低风险禁用'''
self.sensql.sqlrisk_re_off(gp.risk_level['risk_low'], self.sqllist)
@logger('敏感mysql类型中风险禁用')
def test_mysql_re_off_risk2(self):
'''敏感mysql类型中风险禁用'''
self.sensql.sqlrisk_re_off(gp.risk_level['risk_mid'], self.sqllist)
@logger('敏感mysql类型高风险禁用')
def test_mysql_re_off_risk3(self):
'''敏感mysql类型高风险禁用'''
self.sensql.sqlrisk_re_off(gp.risk_level['risk_high'], self.sqllist)
@logger('敏感mysql类型极高风险禁用')
def test_mysql_re_off_risk4(self):
'''敏感mysql类型极高风险禁用'''
self.sensql.sqlrisk_re_off(gp.risk_level['risk_higher'], self.sqllist)
def tearDown(self):
LOG.info("删除新增sql规则")
self.sensitiveway.del_ruler(self.ruler_name)
class DmSqlReOff(unittest.TestCase):
def setUp(self):
self.dbtable = commen.PutsqlName("dbtable_")
self.sqllist = "SELECT * FROM " + self.dbtable
self.ruler_name = commen.PutsqlName("dm_")
LOG.info("规则名称:%s" % self.ruler_name)
LOG.info("SQL语句:%s" % self.sqllist)
self.sensql = SensitiveSql(
self.ruler_name, GlobalConfig.db_type_['dm'],
dbservice.select_dbservice_byname(gp.run_db['dm']))
self.sensitiveway = SensitiveWay()
@logger('敏感dm类型低风险禁用')
def test_dm_re_off_risk1(self):
'''敏感dm类型低风险禁用'''
self.sensql.sqlrisk_re_off(gp.risk_level['risk_low'], self.sqllist)
@logger('敏感dm类型中风险禁用')
def test_dm_re_off_risk2(self):
'''敏感dm类型中风险禁用'''
self.sensql.sqlrisk_re_off(gp.risk_level['risk_mid'], self.sqllist)
@logger('敏感dm类型高风险禁用')
def test_dm_re_off_risk3(self):
'''敏感dm类型高风险禁用'''
self.sensql.sqlrisk_re_off(gp.risk_level['risk_high'], self.sqllist)
@logger('敏感dm类型极高风险禁用')
def test_dm_re_off_risk4(self):
'''敏感dm类型极高风险禁用'''
self.sensql.sqlrisk_re_off(gp.risk_level['risk_higher'], self.sqllist)
def tearDown(self):
LOG.info("删除新增sql规则")
self.sensitiveway.del_ruler(self.ruler_name)
class DB2SqlRe(unittest.TestCase):
def setUp(self):
self.sqllist = commen.PutsqlNum()
self.ruler_name = commen.PutsqlName("db2_")
LOG.info("规则名称:%s" % self.ruler_name)
LOG.info("SQL语句:%s" % self.sqllist)
self.sensql = SensitiveSql(self.ruler_name, GlobalConfig.db_type_['DB2'],
dbservice.select_dbservice_byname(gp.run_db["db2"]))
self.sensitiveway = SensitiveWay()
@logger('敏感db2类型低风险')
def test_db2_re_risk1(self):
'''敏感db2类型低风险'''
self.sensql.sqlrisk_re(gp.risk_level['risk_low'], self.sqllist, gp.risk_info[1])
@logger('敏感db2类型中风险')
def test_db2_re_risk2(self):
'''敏感db2类型中风险'''
self.sensql.sqlrisk_re(gp.risk_level['risk_mid'], self.sqllist, gp.risk_info[2])
@logger('敏感db2类型高风险')
def test_db2_re_risk3(self):
'''敏感db2类型高风险'''
self.sensql.sqlrisk_re(gp.risk_level['risk_high'], self.sqllist, gp.risk_info[3])
@logger('敏感db2类型极高风险')
def test_db2_re_risk4(self):
'''敏感db2类型极高风险'''
self.sensql.sqlrisk_re(gp.risk_level['risk_higher'], self.sqllist, gp.risk_info[4])
def tearDown(self):
LOG.info("删除新增sql规则")
self.sensitiveway.del_ruler(self.ruler_name)
def setUp(self):
self.sqllist = commen.PutsqlNum()
self.ruler_name = commen.PutsqlName("db2_")
LOG.info("规则名称:%s" % self.ruler_name)
LOG.info("SQL语句:%s" % self.sqllist)
self.sensql = SensitiveSql(self.ruler_name, GlobalConfig.db_type_['DB2'],
dbservice.select_dbservice_byname(gp.run_db["db2"]))
self.sensitiveway = SensitiveWay()
def setUp(self):
self.dbtable = commen.PutsqlName("dbtable_")
self.sqllist = "SELECT * FROM " + self.dbtable
self.ruler_name = commen.PutsqlName("dm_")
LOG.info("规则名称:%s" % self.ruler_name)
LOG.info("SQL语句:%s" % self.sqllist)
self.sensql = SensitiveSql(
self.ruler_name, GlobalConfig.db_type_['dm'],
dbservice.select_dbservice_byname(gp.run_db['dm']))
self.sensitiveway = SensitiveWay()
def setUp(self):
self.dbtable = commen.PutsqlName("dbtable_")
sql_execute.db2_create_table('db2', self.dbtable)
self.sqllist = "SELECT * FROM " + self.dbtable
self.ruler_name = commen.PutsqlName("db2_")
LOG.info("规则名称:%s" % self.ruler_name)
LOG.info("SQL语句:%s" % self.sqllist)
self.sensql = SensitiveSql(
self.ruler_name, GlobalConfig.db_type_['DB2'],
dbservice.select_dbservice_byname(gp.run_db["db2"]))
self.sensitiveway = SensitiveWay()
def sqlrisk_stand_off(self, risklevel, sqllist):
self.payload["riskLevel"] = risklevel
self.payload["status"] = 0
self.payload["payloadType"] = "standardSQL"
self.payload["payloadContent"] = sqllist
self.api_dict = self.api_dict["SensitiveSql"]["increase"]
self.SensitiveWay = SensitiveWay()
LOG.info(self.api_dict)
LOG.info("规则名称:%s" % self.payload["name"])
LOG.info("当前sql类型:%s" % self.payload["payloadType"])
LOG.info("新增一条%s类型的sql规则" % self.payload["dbType"])
self.SensitiveWay.add_ruler(self.api_dict, self.payload)
time.sleep(10)
LOG.info("在%s客户端执行该语句" % self.payload["dbType"])
self.SensitiveWay.dbcon_way(sqllist, self.payload["dbType"])
LOG.info("在审计查询里面查找,sql语句应不被阻断")
self.SensitiveWay.shenji_check_safe("业务全审计", sqllist)
LOG.info("在%s客户端执行该语句" % self.dbType2)
self.SensitiveWay.dbcon_way(sqllist, self.dbType2)
LOG.info("在审计查询里面查找,sql语句应不被阻断")
self.SensitiveWay.shenji_check_safe("业务全审计", sqllist)
def sqlrisk_re(self, risklevel, sqllist, respond):
self.payload["riskLevel"] = risklevel
self.payload["status"] = 1
self.payload["payloadType"] = "fuzzySQL"
self.payload["payloadContent"] = "select\\s*(from|\\s*)\\s+((?!where).)*$"
self.api_dict = self.api_dict["SensitiveSql"]["increase"]
self.SensitiveWay = SensitiveWay()
LOG.info(self.api_dict)
LOG.info("规则名称:%s" % self.payload["name"])
LOG.info("当前sql类型:%s" % self.payload["payloadType"])
LOG.info("新增一条%s类型的sql规则" % self.payload["dbType"])
self.SensitiveWay.add_ruler(self.api_dict, self.payload)
time.sleep(10)
LOG.info("在%s客户端执行该语句" % self.payload["dbType"])
self.SensitiveWay.dbcon_way(sqllist, self.payload["dbType"])
LOG.info("在审计查询里面查找,sql语句应被阻断")
self.SensitiveWay.shenji_check_risk(self.payload["name"], sqllist, respond, risklevel)
LOG.info("在%s客户端执行该语句" % self.dbType2)
self.SensitiveWay.dbcon_way(sqllist, self.dbType2)
LOG.info("在审计查询里面查找,sql语句应不被阻断")
self.SensitiveWay.shenji_check_safe("业务全审计", sqllist)
class SensitiveSql(object):
def __init__(self, name, dbType, dbId,dbType2=GlobalConfig.db_type_['mysql']):
self.payload = {}
self.payload["name"] = name
self.payload["description"] = name
self.payload["dbType"] = dbType
self.payload["dbId"] = dbId
self.dbType2 = dbType2
self.api_dict = commen.get_api("/PolicyManage.json")
def sqlrisk_re(self, risklevel, sqllist, respond):
self.payload["riskLevel"] = risklevel
self.payload["status"] = 1
self.payload["payloadType"] = "fuzzySQL"
self.payload["payloadContent"] = "select\\s*(from|\\s*)\\s+((?!where).)*$"
self.api_dict = self.api_dict["SensitiveSql"]["increase"]
self.SensitiveWay = SensitiveWay()
LOG.info(self.api_dict)
LOG.info("规则名称:%s" % self.payload["name"])
LOG.info("当前sql类型:%s" % self.payload["payloadType"])
LOG.info("新增一条%s类型的sql规则" % self.payload["dbType"])
self.SensitiveWay.add_ruler(self.api_dict, self.payload)
time.sleep(10)
LOG.info("在%s客户端执行该语句" % self.payload["dbType"])
self.SensitiveWay.dbcon_way(sqllist, self.payload["dbType"])
LOG.info("在审计查询里面查找,sql语句应被阻断")
self.SensitiveWay.shenji_check_risk(self.payload["name"], sqllist, respond, risklevel)
LOG.info("在%s客户端执行该语句" % self.dbType2)
self.SensitiveWay.dbcon_way(sqllist, self.dbType2)
LOG.info("在审计查询里面查找,sql语句应不被阻断")
self.SensitiveWay.shenji_check_safe("业务全审计", sqllist)
def sqlrisk_re_off(self, risklevel, sqllist):
self.payload["riskLevel"] = risklevel
self.payload["status"] = 0
self.payload["payloadType"] = "fuzzySQL"
self.payload["payloadContent"] = "select\\s*(from|\\s*)\\s+((?!where).)*$"
self.api_dict = self.api_dict["SensitiveSql"]["increase"]
self.SensitiveWay = SensitiveWay()
LOG.info(self.api_dict)
LOG.info("规则名称:%s" % self.payload["name"])
LOG.info("当前sql类型:%s" % self.payload["payloadType"])
LOG.info("新增一条%s类型的sql规则" % self.payload["dbType"])
self.SensitiveWay.add_ruler(self.api_dict, self.payload)
time.sleep(10)
LOG.info("在%s客户端执行该语句" % self.payload["dbType"])
self.SensitiveWay.dbcon_way(sqllist, self.payload["dbType"])
LOG.info("在审计查询里面查找,sql语句应不被阻断")
self.SensitiveWay.shenji_check_safe("业务全审计", sqllist)
LOG.info("在%s客户端执行该语句" % self.dbType2)
self.SensitiveWay.dbcon_way(sqllist, self.dbType2)
LOG.info("在审计查询里面查找,sql语句应不被阻断")
self.SensitiveWay.shenji_check_safe("业务全审计", sqllist)
def sqlrisk_stand(self, risklevel, sqllist, respond):
self.payload["riskLevel"] = risklevel
self.payload["status"] = 1
self.payload["payloadType"] = "standardSQL"
self.payload["payloadContent"] = sqllist
self.api_dict = self.api_dict["SensitiveSql"]["increase"]
self.SensitiveWay = SensitiveWay()
LOG.info(self.api_dict)
LOG.info("规则名称:%s" % self.payload["name"])
LOG.info("当前sql类型:%s" % self.payload["payloadType"])
LOG.info("新增一条%s类型的sql规则" % self.payload["dbType"])
self.SensitiveWay.add_ruler(self.api_dict, self.payload)
time.sleep(10)
LOG.info("在%s客户端执行该语句" % self.payload["dbType"])
self.SensitiveWay.dbcon_way(sqllist, self.payload["dbType"])
LOG.info("在审计查询里面查找,sql语句应被阻断")
self.SensitiveWay.shenji_check_risk(self.payload["name"], sqllist, respond, risklevel)
LOG.info("在%s客户端执行该语句" % self.dbType2)
self.SensitiveWay.dbcon_way(sqllist, self.dbType2)
LOG.info("在审计查询里面查找,sql语句应不被阻断")
self.SensitiveWay.shenji_check_safe("业务全审计", sqllist)
def sqlrisk_stand_off(self, risklevel, sqllist):
self.payload["riskLevel"] = risklevel
self.payload["status"] = 0
self.payload["payloadType"] = "standardSQL"
self.payload["payloadContent"] = sqllist
self.api_dict = self.api_dict["SensitiveSql"]["increase"]
self.SensitiveWay = SensitiveWay()
LOG.info(self.api_dict)
LOG.info("规则名称:%s" % self.payload["name"])
LOG.info("当前sql类型:%s" % self.payload["payloadType"])
LOG.info("新增一条%s类型的sql规则" % self.payload["dbType"])
self.SensitiveWay.add_ruler(self.api_dict, self.payload)
time.sleep(10)
LOG.info("在%s客户端执行该语句" % self.payload["dbType"])
self.SensitiveWay.dbcon_way(sqllist, self.payload["dbType"])
LOG.info("在审计查询里面查找,sql语句应不被阻断")
self.SensitiveWay.shenji_check_safe("业务全审计", sqllist)
LOG.info("在%s客户端执行该语句" % self.dbType2)
self.SensitiveWay.dbcon_way(sqllist, self.dbType2)
LOG.info("在审计查询里面查找,sql语句应不被阻断")
self.SensitiveWay.shenji_check_safe("业务全审计", sqllist)
def sqlrisk_temp(self, risklevel, sqllist, respond):
self.payload["riskLevel"] = risklevel
self.payload["status"] = 1
self.payload["payloadType"] = "templateSQL"
self.payload["payloadContent"] = sqllist
self.api_dict = self.api_dict["SensitiveSql"]["increase"]
self.SensitiveWay = SensitiveWay()
LOG.info(self.api_dict)
LOG.info("规则名称:%s" % self.payload["name"])
LOG.info("当前sql类型:%s" % self.payload["payloadType"])
LOG.info("新增一条%s类型的sql规则" % self.payload["dbType"])
self.SensitiveWay.add_ruler(self.api_dict, self.payload)
time.sleep(10)
LOG.info("在%s客户端执行该语句" % self.payload["dbType"])
self.SensitiveWay.dbcon_way(sqllist, self.payload["dbType"])
LOG.info("在审计查询里面查找,sql语句应被阻断")
self.SensitiveWay.shenji_check_risk(self.payload["name"], sqllist, respond, risklevel)
LOG.info("在%s客户端执行该语句" % self.dbType2)
self.SensitiveWay.dbcon_way(sqllist, self.dbType2)
LOG.info("在审计查询里面查找,sql语句应不被阻断")
self.SensitiveWay.shenji_check_safe("业务全审计", sqllist)
def sqlrisk_temp_off(self, risklevel, sqllist):
self.payload["riskLevel"] = risklevel
self.payload["status"] = 0
self.payload["payloadType"] = "templateSQL"
self.payload["payloadContent"] = sqllist
self.api_dict = self.api_dict["SensitiveSql"]["increase"]
self.SensitiveWay = SensitiveWay()
LOG.info(self.api_dict)
LOG.info("规则名称:%s" % self.payload["name"])
LOG.info("当前sql类型:%s" % self.payload["payloadType"])
LOG.info("新增一条%s类型的sql规则" % self.payload["dbType"])
self.SensitiveWay.add_ruler(self.api_dict, self.payload)
time.sleep(10)
LOG.info("在%s客户端执行该语句" % self.payload["dbType"])
self.SensitiveWay.dbcon_way(sqllist, self.payload["dbType"])
LOG.info("在审计查询里面查找,sql语句应不被阻断")
self.SensitiveWay.shenji_check_safe("业务全审计", sqllist)
LOG.info("在%s客户端执行该语句" % self.dbType2)
self.SensitiveWay.dbcon_way(sqllist, self.dbType2)
LOG.info("在审计查询里面查找,sql语句应不被阻断")
self.SensitiveWay.shenji_check_safe("业务全审计", sqllist)
