feat(script): 优化接口安全测试和远程更新环境功能

- 添加接口安全测试需求文档，增加参考资料和报告上传网盘功能
- 更新远程更新环境需求文档，优化更新流程为交互式输入服务器信息
- 修改配置文件结构，添加服务显示名称和容器路径配置
- 新增接口安全测试计划执行文档，完善测试报告生成机制
- 添加远程更新环境步骤优化需求文档，支持服务选择和容器重启
- 更新.gitignore文件，添加相关报告目录排除规则

.gitignore

@@ -52,3 +52,7 @@ __pycache__/
 /AuxiliaryTool/ScriptTool/RemoteUpdate/reports/X86_192.168.5.46_环境版本更新报告_20260608.md
 /AuxiliaryTool/ScriptTool/RemoteDeploy/reports/x86_uos_deploy_20260608_103633.log
 /AuxiliaryTool/ScriptTool/RemoteDeploy/reports/x86_uos_deploy_20260608_105537.log
+/AuxiliaryTool/ScriptTool/RemoteDeploy/reports/
+/AuxiliaryTool/ScriptTool/ApiSecurityTest/reports/
+/AuxiliaryTool/ScriptTool/RemoteUpdate/reports/
+/AuxiliaryTool/FunctionalTestReportGeneration/testcases/

AuxiliaryTool/ScriptTool/ApiSecurityTest/config.yaml

+# 接口安全测试全局配置文件
+# 修改此文件即可适配不同测试环境
+
+# 目标服务器配置
+target:
+  base_url: "https://192.168.5.44"
+  server_ip: "192.168.5.44"
+  # 是否跳过SSL证书验证
+  verify_ssl: false
+  # 请求超时时间（秒）
+  timeout: 30
+
+# 测试账号配置
+accounts:
+  superadmin:
+    username: "superadmin"
+    password: "Ubains@1357"
+    description: "超级管理员"
+  admin:
+    username: "admin@aq"
+    password: "Ubains@1357"
+    description: "管理员"
+  user:
+    username: "user@aq"
+    password: "Ubains@1357"
+    description: "普通用户"
+  # 固定验证码（已知安全问题）
+  captcha: "csba"
+
+# 认证配置
+auth:
+  # Token类型
+  token_type: "accessToken"
+  # 认证机制
+  mechanism: "JWT"
+  # 统一平台登录路径
+  login_path: "/platform/api/auth/login"
+  # Token请求头名称
+  token_header: "accessToken"
+  # 公司编号
+  company_number: "CN-SZ-00-0201"
+  # 讯飞转录公司密钥
+  company_secret: "57d00f9f-020f-5f1f-b788-55fae843bceb"
+  # 验证码获取路径
+  captcha_path: "/platform/api/code"
+
+# API路径前缀
+api_prefixes:
+  meeting_old: "/oldmeeting/api/"
+  meeting_new: "/newmeeting/api/"
+  meeting_public: "/api/"
+  monitor: "/monitor/api2/api/"
+  voice: "/voice/api/"
+  voice_v2: "/voice/api2/"
+  exapi: "/exapi/"
+  platform: "/platform/api/"
+  maintenance: "/system/"
+  ubains: "/ubains/server/"
+
+# 报告配置
+report:
+  output_dir: "reports/"
+  format: "markdown"
+  # 报告文件名前缀
+  prefix: "api_security_report"
+
+# 测试限制配置（防止影响服务稳定性）
+limits:
+  # 登录暴力破解最大尝试次数
+  brute_force_max: 20
+  # 限流测试最大请求数
+  rate_limit_max: 100
+  # 批量业务流测试最大请求数
+  batch_max: 50
+  # 请求间隔（秒），避免过快触发限流
+  request_interval: 0.5

AuxiliaryTool/ScriptTool/ApiSecurityTest/run_all.py

+"""
+接口安全测试 - 主入口
+一键执行全部 OWASP API Security Top 10 安全测试
+所有测试模块结果汇总后直接输出一份完整总报告，并上传至网盘
+"""
+import os
+import sys
+import shutil
+
+# 将项目根目录加入 Python 路径
+sys.path.insert(0, os.path.dirname(os.path.abspath(__file__)))
+
+from utils.logger import log
+from utils.http_client import HttpClient
+from utils.auth_helper import AuthHelper
+from utils.report_generator import ReportGenerator
+
+# 网盘固定路径：安全测试报告上传目录
+NAS_REPORT_DIR = r"\\192.168.9.9\deploy\18其它系统\安全测试\04新统一平台-安全报告"
+
+
+def upload_to_nas(report_path):
+    """
+    将报告文件上传（拷贝）至网盘固定路径
+
+    参数:
+        report_path: 本地报告文件完整路径
+
+    返回:
+        str: 网盘上的文件路径，失败返回 None
+    """
+    if not os.path.isfile(report_path):
+        log.error(f"报告文件不存在: {report_path}")
+        return None
+
+    filename = os.path.basename(report_path)
+
+    try:
+        # 确保网盘目录存在
+        os.makedirs(NAS_REPORT_DIR, exist_ok=True)
+    except Exception as e:
+        log.error(f"网盘目录不可访问: {NAS_REPORT_DIR} ({e})")
+        return None
+
+    try:
+        nas_path = os.path.join(NAS_REPORT_DIR, filename)
+        shutil.copy2(report_path, nas_path)
+        log.info(f"报告已上传至网盘: {nas_path}")
+        return nas_path
+    except Exception as e:
+        log.error(f"上传网盘失败: {e}")
+        return None
+
+
+def upload_to_erp(report_path):
+    """
+    对接ERP创建任务跟踪（预留功能）
+    暂无对接，仅保留接口入口
+
+    参数:
+        report_path: 报告文件路径
+    """
+    log.info("ERP对接功能暂未实现，跳过")
+
+
+def run_all_tests():
+    """执行全部安全测试，汇总输出一份总报告并上传网盘"""
+    log.info("=" * 60)
+    log.info("接口安全测试开始执行")
+    log.info("=" * 60)
+
+    # 初始化组件
+    client = HttpClient("config.yaml")
+    auth = AuthHelper(client)
+    report = ReportGenerator("reports/")
+    report.set_target(client.base_url)
+    report.start()
+
+    # 登录全部账号
+    log.info("阶段 1/4: 登录所有测试账号...")
+    tokens = auth.login_all_accounts()
+    success_count = sum(1 for v in tokens.values() if v)
+    log.info(f"登录完成: {success_count}/{len(tokens)} 个账号成功")
+
+    if success_count == 0:
+        log.error("所有账号登录失败，无法继续测试")
+        report.finish()
+        report.generate()
+        return
+
+    # 导入并执行所有测试模块
+    test_modules = [
+        ("API1 - 对象级别授权失效", "tests.test_api01_auth"),
+        ("API2 - 身份认证失效", "tests.test_api02_authentication"),
+        ("API3 - 对象属性级别授权失效", "tests.test_api03_object_attr"),
+        ("API4 - 资源消耗不受限", "tests.test_api04_rate_limit"),
+        ("API5 - 功能级别授权失效", "tests.test_api05_func_auth"),
+        ("API6 - 无限制访问敏感业务流", "tests.test_api06_business_flow"),
+        ("API7 - 服务器端请求伪造", "tests.test_api07_ssrf"),
+        ("API8 - 安全配置错误", "tests.test_api08_misconfig"),
+        ("API9 - 库存管理不当", "tests.test_api09_inventory"),
+        ("API10 - 不安全的第三方API集成", "tests.test_api10_third_party"),
+    ]
+
+    log.info("阶段 2/4: 执行 OWASP API Security Top 10 测试...")
+    for idx, (name, module_path) in enumerate(test_modules, 1):
+        log.info(f"\n{'='*50}")
+        log.info(f"[{idx}/10] {name}")
+        log.info(f"{'='*50}")
+        try:
+            mod = __import__(module_path, fromlist=['run_tests'])
+            results = mod.run_tests(client, auth)
+            report.add_results(results)
+            vuln_count = sum(1 for r in results if r.is_vulnerable)
+            log.info(f"{name} 完成: {len(results)} 个用例, {vuln_count} 个发现漏洞")
+        except ImportError as e:
+            log.error(f"测试模块不存在: {module_path} ({e})")
+        except Exception as e:
+            log.error(f"测试模块执行异常 [{name}]: {e}")
+
+    # 生成一份总报告
+    log.info("阶段 3/4: 生成安全测试总报告...")
+    report.finish()
+    report_path = report.generate()
+
+    # 输出摘要
+    summary = report.get_summary()
+    log.info("\n" + "=" * 60)
+    log.info("测试执行完毕 — 总报告已生成")
+    log.info("=" * 60)
+    log.info(f"总测试用例: {summary['总计']}")
+    log.info(f"高危漏洞: {summary['高危']}")
+    log.info(f"中危漏洞: {summary['中危']}")
+    log.info(f"低危漏洞: {summary['低危']}")
+    log.info(f"信息类: {summary['信息类']}")
+    log.info(f"安全项: {summary['安全']}")
+    log.info(f"总报告路径: {report_path}")
+
+    # 上传报告至网盘
+    log.info("阶段 4/4: 上传报告至网盘...")
+    upload_to_nas(report_path)
+
+    # ERP对接（预留）
+    upload_to_erp(report_path)
+
+    return report
+
+
+def run_single_module(module_name):
+    """执行单个测试模块，同样输出到一份报告中并上传网盘"""
+    module_map = {
+        "api01": ("API1 - 对象级别授权失效", "tests.test_api01_auth"),
+        "api02": ("API2 - 身份认证失效", "tests.test_api02_authentication"),
+        "api03": ("API3 - 对象属性级别授权失效", "tests.test_api03_object_attr"),
+        "api04": ("API4 - 资源消耗不受限", "tests.test_api04_rate_limit"),
+        "api05": ("API5 - 功能级别授权失效", "tests.test_api05_func_auth"),
+        "api06": ("API6 - 无限制访问敏感业务流", "tests.test_api06_business_flow"),
+        "api07": ("API7 - 服务器端请求伪造", "tests.test_api07_ssrf"),
+        "api08": ("API8 - 安全配置错误", "tests.test_api08_misconfig"),
+        "api09": ("API9 - 库存管理不当", "tests.test_api09_inventory"),
+        "api10": ("API10 - 不安全的第三方API集成", "tests.test_api10_third_party"),
+    }
+
+    if module_name not in module_map:
+        log.error(f"未知模块: {module_name}")
+        log.info(f"可用模块: {', '.join(module_map.keys())}")
+        return
+
+    name, mod_path = module_map[module_name]
+    log.info(f"仅执行测试模块: {name}")
+
+    client = HttpClient("config.yaml")
+    auth = AuthHelper(client)
+    auth.login_all_accounts()
+
+    mod = __import__(mod_path, fromlist=['run_tests'])
+    results = mod.run_tests(client, auth)
+
+    # 单模块结果也输出到统一格式的总报告中
+    report = ReportGenerator("reports/")
+    report.set_target(client.base_url)
+    report.start()
+    report.add_results(results)
+    report.finish()
+    report_path = report.generate()
+
+    log.info(f"报告路径: {report_path}")
+
+    # 上传报告至网盘
+    upload_to_nas(report_path)
+    upload_to_erp(report_path)
+
+
+if __name__ == "__main__":
+    # 支持参数：指定单个测试模块（如 python run_all.py api01）
+    if len(sys.argv) > 1:
+        run_single_module(sys.argv[1])
+    else:
+        run_all_tests()

AuxiliaryTool/ScriptTool/ApiSecurityTest/tests/__init__.py

+# tests 包初始化文件

AuxiliaryTool/ScriptTool/ApiSecurityTest/utils/__init__.py

+# utils 包初始化文件

AuxiliaryTool/ScriptTool/ApiSecurityTest/utils/auth_helper.py

+"""
+认证辅助模块
+提供多账号登录、Token 管理等功能
+"""
+from utils.logger import log
+
+
+class AuthHelper:
+    """认证辅助类，管理多账号登录和 Token 获取"""
+
+    def __init__(self, http_client):
+        """
+        初始化认证辅助
+
+        参数:
+            http_client: HttpClient 实例
+        """
+        self.client = http_client
+
+    def login_all_accounts(self):
+        """
+        使用全部配置账号登录
+
+        返回:
+            dict: {账号键名: Token} 的字典，失败的账号值为 None
+        """
+        results = {}
+        for account_key in ['superadmin', 'admin', 'user']:
+            log.info(f"尝试登录账号: {account_key}")
+            token = self.client.login(account_key)
+            results[account_key] = token
+            if token:
+                log.info(f"账号 [{account_key}] 登录成功")
+            else:
+                log.warning(f"账号 [{account_key}] 登录失败")
+        return results
+
+    def get_superadmin_token(self):
+        """获取超管 Token"""
+        return self.client.get_token("superadmin")
+
+    def get_admin_token(self):
+        """获取管理员 Token"""
+        return self.client.get_token("admin")
+
+    def get_user_token(self):
+        """获取普通用户 Token"""
+        return self.client.get_token("user")
+
+    def refresh_all_tokens(self):
+        """
+        刷新所有 Token（清除缓存后重新登录）
+
+        返回:
+            dict: {账号键名: 新Token}
+        """
+        self.client.clear_token()
+        return self.login_all_accounts()
+
+    def get_tokens_dict(self):
+        """
+        获取所有已缓存的 Token
+
+        返回:
+            dict: {账号键名: Token}
+        """
+        return dict(self.client._tokens)
+
+    def login_monitor_system(self):
+        """
+        登录运维集控系统（monitor 系统使用独立的认证）
+
+        返回:
+            bool: 是否登录成功
+        """
+        # 运维集控使用 /monitor/api2/api/userlogin/ 接口
+        log.info("尝试登录运维集控系统...")
+        # 运维集控系统通常共享统一平台的 Token
+        # 如果有独立的登录机制，在此实现
+        return True
+
+    def login_voice_system(self):
+        """
+        登录讯飞转录系统
+
+        返回:
+            bool: 是否登录成功
+        """
+        log.info("尝试登录讯飞转录系统...")
+        # 讯飞转录系统使用 /voice/api/iflytek/userlogin 接口
+        # 暂时使用统一平台 Token
+        return True

AuxiliaryTool/ScriptTool/ApiSecurityTest/utils/logger.py

+"""
+日志工具模块
+提供统一的日志记录功能，支持控制台彩色输出和文件记录
+"""
+import os
+import logging
+from datetime import datetime
+
+# 尝试导入 colorama，不存在则降级处理
+try:
+    from colorama import Fore, Style, init as colorama_init
+    colorama_init(autoreset=True)
+    HAS_COLORAMA = True
+except ImportError:
+    HAS_COLORAMA = False
+
+
+class ColoredFormatter(logging.Formatter):
+    """带颜色的日志格式化器"""
+
+    # 日志级别对应的颜色
+    LEVEL_COLORS = {
+        logging.DEBUG: Fore.CYAN if HAS_COLORAMA else '',
+        logging.INFO: Fore.GREEN if HAS_COLORAMA else '',
+        logging.WARNING: Fore.YELLOW if HAS_COLORAMA else '',
+        logging.ERROR: Fore.RED if HAS_COLORAMA else '',
+        logging.CRITICAL: Fore.RED + Style.BRIGHT if HAS_COLORAMA else '',
+    }
+
+    def format(self, record):
+        """格式化日志记录，添加颜色"""
+        color = self.LEVEL_COLORS.get(record.levelno, '')
+        reset = Style.RESET_ALL if HAS_COLORAMA else ''
+        # 保存原始格式
+        original_levelname = record.levelname
+        # 添加颜色
+        record.levelname = f"{color}{record.levelname}{reset}"
+        formatted = super().format(record)
+        record.levelname = original_levelname
+        return formatted
+
+
+def setup_logger(name="ApiSecurityTest", log_dir=None):
+    """
+    创建并配置日志器
+
+    参数:
+        name: 日志器名称
+        log_dir: 日志文件输出目录，为None则不输出文件
+
+    返回:
+        logging.Logger: 配置好的日志器
+    """
+    logger = logging.getLogger(name)
+
+    # 防止重复添加处理器
+    if logger.handlers:
+        return logger
+
+    logger.setLevel(logging.DEBUG)
+
+    # 日志格式
+    fmt = '%(asctime)s [%(levelname)s] %(message)s'
+    date_fmt = '%Y-%m-%d %H:%M:%S'
+
+    # 控制台处理器（带颜色）
+    console_handler = logging.StreamHandler()
+    console_handler.setLevel(logging.INFO)
+    console_handler.setFormatter(ColoredFormatter(fmt, date_fmt))
+    logger.addHandler(console_handler)
+
+    # 文件处理器（如果指定了日志目录）
+    if log_dir:
+        os.makedirs(log_dir, exist_ok=True)
+        log_file = os.path.join(
+            log_dir,
+            f"security_test_{datetime.now().strftime('%Y%m%d_%H%M%S')}.log"
+        )
+        file_handler = logging.FileHandler(log_file, encoding='utf-8')
+        file_handler.setLevel(logging.DEBUG)
+        file_handler.setFormatter(logging.Formatter(fmt, date_fmt))
+        logger.addHandler(file_handler)
+
+    return logger
+
+
+# 默认全局日志器
+log = setup_logger()

AuxiliaryTool/ScriptTool/RemoteUpdate/update_config.json

 {
-    "test_server": {
+    "test_server_preset": {
         "host": "192.168.5.44",
         "port": 22,
         "username": "root",
         "password": "Ubains@123"
     },
-    "target_servers": [
-        {
-            "name": "其他环境服务器",
-            "host": "192.168.5.46",
-            "port": 22,
-            "username": "root",
-            "password": "Ubains@123"
-        }
-    ],
     "services": {
         "frontend": [
-            {"name": "ai包", "path": "web/pc/pc-vue2-ai", "config_file": "static/config.json"},
-            {"name": "后台包", "path": "web/pc/pc-vue2-backstage", "config_file": "static/config.json"},
-            {"name": "main包", "path": "web/pc/pc-vue2-main", "config_file": "static/config.json"},
-            {"name": "meetngV2包", "path": "web/pc/pc-vue2-meetngV2", "config_file": "static/config.json"},
-            {"name": "meetngV3包", "path": "web/pc/pc-vue2-meetngV3", "config_file": "static/config.json"},
-            {"name": "meetingControl包", "path": "web/pc/pc-vue2-meetingControl", "config_file": "static/config.json"},
-            {"name": "monitor包", "path": "web/pc/pc-vue2-moniter", "config_file": "static/config.json"},
-            {"name": "platform包", "path": "web/pc/pc-vue2-platform", "config_file": "static/config.json"},
-            {"name": "voice包", "path": "web/pc/pc-vue2-voice/pc-vue2-voice", "config_file": "static/config.json"},
-            {"name": "h5-meeting", "path": "web/h5/h5-uniapp-meeting", "config_file": "static/config.json"},
-            {"name": "h5-moniter", "path": "web/h5/h5-uniapp-moniter", "config_file": "static/config.json"},
-            {"name": "h5-platform-mobile", "path": "web/h5/h5-uniapp-platform/meeting-mobile", "config_file": "static/config.json"},
-            {"name": "h5-platform-platform-mobile", "path": "web/h5/h5-uniapp-platform/unified-platform-mobile", "config_file": "static/config.json"}
+            {"name": "ai包", "display_name": "AI前端包", "path": "web/pc/pc-vue2-ai", "config_file": "static/config.json"},
+            {"name": "后台包", "display_name": "后台前端包", "path": "web/pc/pc-vue2-backstage", "config_file": "static/config.json"},
+            {"name": "main包", "display_name": "微服务前端包", "path": "web/pc/pc-vue2-main", "config_file": "static/config.json"},
+            {"name": "meetingV2包", "display_name": "会议V2前端包", "path": "web/pc/pc-vue2-meetingV2", "config_file": "static/config.json"},
+            {"name": "meetingV3包", "display_name": "会议V3前端包", "path": "web/pc/pc-vue2-meetingV3", "config_file": "static/config.json"},
+            {"name": "meetingControl包", "display_name": "会议控制前端包", "path": "web/pc/pc-vue2-meetingControl", "config_file": "static/config.json"},
+            {"name": "monitor包", "display_name": "运维前端包", "path": "web/pc/pc-vue2-moniter", "config_file": "static/config.json"},
+            {"name": "platform包", "display_name": "门户前端包", "path": "web/pc/pc-vue2-platform", "config_file": "static/config.json"},
+            {"name": "voice包", "display_name": "语音转录前端包", "path": "web/pc/pc-vue2-voice/pc-vue2-voice", "config_file": "static/config.json"},
+            {"name": "h5-meeting", "display_name": "H5-Meeting前端包", "path": "web/h5/h5-uniapp-meeting", "config_file": "static/config.json"},
+            {"name": "h5-moniter", "display_name": "H5-Meeting-Mobile前端包", "path": "web/h5/h5-uniapp-moniter", "config_file": "static/config.json"},
+            {"name": "h5-platform-mobile", "display_name": "H5-Meeting-Platform-Mobile前端包", "path": "web/h5/h5-uniapp-platform/meeting-mobile", "config_file": "static/config.json"},
+            {"name": "h5-platform-platform-mobile", "display_name": "H5-Meeting-Platform-Unified-Mobile前端包", "path": "web/h5/h5-uniapp-platform/unified-platform-mobile", "config_file": "static/config.json"}
         ],
         "backend_jar": [
-            {"name": "auth包", "path": "api/auth/auth-sso-auth", "file": "ubains-auth.jar"},
-            {"name": "gatway包", "path": "api/auth/auth-sso-gatway", "file": "ubains-gateway.jar"},
-            {"name": "system包", "path": "api/auth/auth-sso-system", "file": "ubains-modules-system.jar"},
-            {"name": "java2.0包", "path": "api/java-meeting/java-meeting2.0", "file": "ubains-meeting-inner-api-1.0-SNAPSHOT.jar"},
-            {"name": "java-extapi包", "path": "api/java-meeting/java-meeting-extapi", "file": "ubains-meeting-api-1.0-SNAPSHOT.jar"},
-            {"name": "java-scheduling包", "path": "api/java-meeting/java-message-scheduling", "file": "ubains-meeting-message-scheduling-1.0-SNAPSHOT.jar"},
-            {"name": "java-mqtt包", "path": "api/java-meeting/java-mqtt", "file": "ubains-meeting-mqtt-1.0-SNAPSHOT.jar"},
-            {"name": "java-quartz包", "path": "api/java-meeting/java-quartz", "file": "ubains-meeting-quartz-1.0-SNAPSHOT.jar"}
+            {"name": "auth包", "display_name": "auth后端包", "path": "api/auth/auth-sso-auth", "file": "ubains-auth.jar", "is_extapi": false, "container_path": "/var/www/java/api/auth/auth-sso-auth", "container_keyword": "java"},
+            {"name": "gatway包", "display_name": "gatway后端包", "path": "api/auth/auth-sso-gatway", "file": "ubains-gateway.jar", "is_extapi": false, "container_path": "/var/www/java/api/auth/auth-sso-gatway", "container_keyword": "java"},
+            {"name": "system包", "display_name": "system后端包", "path": "api/auth/auth-sso-system", "file": "ubains-modules-system.jar", "is_extapi": false, "container_path": "/var/www/java/api/auth/auth-sso-system", "container_keyword": "java"},
+            {"name": "java2.0包", "display_name": "java2.0后端包", "path": "api/java-meeting/java-meeting2.0", "file": "ubains-meeting-inner-api-1.0-SNAPSHOT.jar", "is_extapi": false, "container_path": "/var/www/java/api/java-meeting/java-meeting2.0", "container_keyword": "java"},
+            {"name": "java-extapi包", "display_name": "java-extapi后端包", "path": "api/java-meeting/java-meeting-extapi", "file": "ubains-meeting-api-1.0-SNAPSHOT.jar", "is_extapi": true, "container_path": "", "container_keyword": ""},
+            {"name": "java-scheduling包", "display_name": "java-scheduling后端包", "path": "api/java-meeting/java-message-scheduling", "file": "ubains-meeting-message-scheduling-1.0-SNAPSHOT.jar", "is_extapi": false, "container_path": "/var/www/java/api/java-meeting/java-message-scheduling", "container_keyword": "java"},
+            {"name": "java-mqtt包", "display_name": "java-mqtt后端包", "path": "api/java-meeting/java-mqtt", "file": "ubains-meeting-mqtt-1.0-SNAPSHOT.jar", "is_extapi": false, "container_path": "/var/www/java/api/java-meeting/java-mqtt", "container_keyword": "java"},
+            {"name": "java-quartz包", "display_name": "java-quartz后端包", "path": "api/java-meeting/java-quartz", "file": "ubains-meeting-quartz-1.0-SNAPSHOT.jar", "is_extapi": false, "container_path": "/var/www/java/api/java-meeting/java-quartz", "container_keyword": "java"}
         ],
         "backend_folder": [
-            {"name": "cmdb包", "path": "api/python-cmdb", "config_file": "cmdb/bus/config/settingbus.conf"},
-            {"name": "voice包", "path": "api/python-voice", "config_file": "uvoice/bus/config/settingbus.conf"}
+            {"name": "cmdb包", "display_name": "运维集控后端包", "path": "api/python-cmdb", "config_file": "cmdb/bus/config/settingbus.conf", "container_keyword": "upython", "restart_type": "docker_restart"},
+            {"name": "voice包", "display_name": "讯飞转录后端包", "path": "api/python-voice", "config_file": "uvoice/bus/config/settingbus.conf", "container_keyword": "upython_voice", "restart_type": "docker_restart"}
         ]
     },
-    "path_mapping": {
-        "web/pc/pc-vue2-meetngV2": "web/pc/pc-vue2-meetingV2",
-        "web/pc/pc-vue2-meetngV3": "web/pc/pc-vue2-meetingV3"
-    },
-    "containers": ["ujava2", "upython", "upython_voice"],
+    "path_mapping": {},
     "service_base_dir": "/data/services"
 }

Docs/PRD/接口安全测试/_PRD_接口安全测试_需求文档.md

@@ -16,6 +16,11 @@
  - 普通用户账号：user@aq Ubains@1357
  - 验证码可以用：csba
 
+### 参考资料
+- 华为安全红线资料：[Z:\deploy\18其它系统\安全测试\01安全测试资料]
+- 以往漏洞报告资料：[Z:\deploy\18其它系统\安全测试\02项目漏洞资料]
+- Nginx配置文件：[Z:\deploy\18其它系统\安全测试\03Nginx配置文件]
+
 ### 已知接口清单
 
 > 以下接口通过前端 JS 静态分析 + 浏览器实时抓取获得，共计 **400+** 个接口端点。
@@ -612,9 +617,13 @@ pip install requests colorama pyyaml
  - 每个测试用例记录：请求内容、响应内容、是否存在漏洞、风险等级
  - 发现高危漏洞立即记录并通知
 4. 测试报告输出
- - 输出完整的安全测试报告（Markdown 格式）
+ - 输出完整的安全测试报告（Markdown 格式），输出一份总的报告，命名为：服务器IP+安全测试报告+日期时间.md
  - 报告内容包括：测试概要、漏洞清单、风险评级、修复建议
  - 漏洞按风险等级分类：高危、中危、低危、信息类
+5. 测试报告上传网盘
+ - 交互输入网盘路径，将安全测试报告上传至网盘
+6. 对接ERP创建任务跟踪（预留）
+ - 预留功能，暂无对接
 
 ## 验收要求
 1. 安全测试报告完整性

Docs/PRD/远程更新环境/_PRD_X86自动更新环境版本_需求文档.md → Docs/PRD/远程更新环境/_PRD_新统一自动更新环境版本_需求文档.md

@@ -27,10 +27,10 @@
 - main包：/data/services/web/pc/pc-vue2-main
   - index.html
   - static文件夹
-- meetngV2包：/data/services/web/pc/pc-vue2-meetngV2
+- meetingV2包：/data/services/web/pc/pc-vue2-meetingV2
   - index.html
   - static文件夹
-- meetngV3包：/data/services/web/pc/pc-vue2-meetngV3
+- meetingV3包：/data/services/web/pc/pc-vue2-meetingV3
   - index.html
   - static文件夹
 - meetingControl：/data/services/web/pc/pc-vue2-meetingControl
@@ -98,10 +98,10 @@
 - main包：/data/services/web/pc/pc-vue2-main
   - index.html
   - static文件夹
-- meetngV2包：/data/services/web/pc/pc-vue2-meetingV2
+- meetingV2包：/data/services/web/pc/pc-vue2-meetingV2
   - index.html
   - static文件夹
-- meetngV3包：/data/services/web/pc/pc-vue2-meetingV3
+- meetingV3包：/data/services/web/pc/pc-vue2-meetingV3
   - index.html
   - static文件夹
 - meetingControl：/data/services/web/pc/pc-vue2-meetingControl
@@ -201,7 +201,7 @@
   - 更新前备份原文件夹下`bus/config/settingbus.conf`文件。
   - 覆盖新服务包后，将原`bus/config/settingbus.conf`恢复到新服务包原路径。
 - 需要恢复的配置文件清单：`config.json`、`settingbus.conf`（无其他配置文件需要恢复）。
-- 测试服务器与其他环境服务器存在路径差异（如`pc-vue2-meetngV2`与`pc-vue2-meetingV2`），脚本中需按照本文档中各服务器目录信息分别处理。
+- 测试服务器与其他环境服务器的服务目录路径一致，脚本中按照本文档中的目录信息统一处理即可。
 
 ## 核验材料
 1. 所有的操作需日志记录说明