diff options
| author | lyf <[email protected]> | 2021-04-29 18:28:41 +0800 |
|---|---|---|
| committer | lyf <[email protected]> | 2021-04-29 18:28:41 +0800 |
| commit | ca1bd18563fc9846c82c08eb6a7bca879128b6c6 (patch) | |
| tree | a272795a44e2c6d5ec5e7e4cd086c3b713b1839b | |
| parent | aa08080fcb502328567eedc2cda2c50e5f2c9125 (diff) | |
1、提交allow动作用例2、公共文件添加邮件账号密码3、提交deny的http和mail和dns用例
| -rw-r--r-- | 01-TestCase/tsg_adc/api_security/AllowDnsTests.robot | 80 | ||||
| -rw-r--r-- | 01-TestCase/tsg_adc/api_security/AllowFtpTests.robot | 78 | ||||
| -rw-r--r-- | 01-TestCase/tsg_adc/api_security/AllowMailTests.robot | 90 | ||||
| -rw-r--r-- | 01-TestCase/tsg_adc/api_security/AllowQuicTests.robot | 79 | ||||
| -rw-r--r-- | 01-TestCase/tsg_adc/api_security/DenyDNSTests.robot | 283 | ||||
| -rw-r--r-- | 01-TestCase/tsg_adc/api_security/DenyHttpTests.robot | 915 | ||||
| -rw-r--r-- | 01-TestCase/tsg_adc/api_security/DenyMailTests.robot | 1181 | ||||
| -rw-r--r-- | 03-Variable/BifangApiVariable.txt | 9 |
8 files changed, 2207 insertions, 508 deletions
diff --git a/01-TestCase/tsg_adc/api_security/AllowDnsTests.robot b/01-TestCase/tsg_adc/api_security/AllowDnsTests.robot new file mode 100644 index 0000000..a12e7c2 --- /dev/null +++ b/01-TestCase/tsg_adc/api_security/AllowDnsTests.robot @@ -0,0 +1,80 @@ +*** Settings ***
+Test Teardown DeletePolicyAndObjectAndApplicationAndSignature ${policyIds} ${objectids}
+Force Tags tsg_adc tsg_security
+Library OperatingSystem
+Library Selenium2Library
+Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
+Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
+Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
+Resource ../../../02-Keyword/tsg_adc/FileOperation.robot
+Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot
+Resource ../../../03-Variable/ApplicationID.txt
+Resource ../../../03-Variable/BifangApiVariable.txt
+Resource ../../../02-Keyword/tsg_bfapi/policy_object/Application.robot
+Resource ../../../02-Keyword/tsg_bfapi/policy_object/ProcessPolicyBody.robot
+Library ../../../04-CustomLibrary/Library/VerifyPolicy.py
+*** Variables ***
+${policyIds} ${EMPTY}
+${objectids} ${EMPTY}
+
+*** Test Cases ***
+SecurityPolicy-Allow-DNS-00001
+ [Tags] Allow IP DNS
+ Comment 创建IP
+ ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId} AddObjects ${1} ${objectDict}
+ ${objectids} set Variable ${objectId}
+
+
+ Comment 创建Allow策略
+ ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=allow source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"DNS"} isValid=${1} appIdObjects=${DNS_ID}
+ ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
+ ${policyIds} set Variable ${policyId}[0][policyIds][0]
+
+ ${starttime} Get Time
+ #功能端验证
+ Sleep ${policyVerificationSleepSeconds}s
+
+ Comment 策略验证
+ #新增策略验证
+ #创建attributes中的字典
+ ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "103"}
+ ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
+ ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
+ ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
+ # 合成attributes字典集
+ ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination}
+ ${verifySession} Create Dictionary attributes=${attributes}
+ ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
+ log ${verifyList}
+ ${rescode} ${resData} VerifyPolicies ${verifyList}
+ # 打印检查结果
+ ${objectid_verify} Set Variable ${objectids}
+ ${objectid_verify} Catenate SEPARATOR=, ${objectid_verify} ${policyIds}
+ # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
+ log ${objectid_verify}
+ ${testType} Evaluate type($objectid_verify)
+ ${testType} Evaluate type($resData)
+ log ${resData}
+ sleep 5
+ ${ok} VerifyProxy ${resData} ${objectid_verify}
+ Should Be Equal As Strings ${ok} true
+
+ Sleep ${policyLogVerificationSleepSeconds}s
+ ${endtime} Get Time
+
+ Comment 功能端验证HTTP验证
+ ${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.facebook.com
+ ... ELSE set variable nslookup www.facebook.com
+ ${stringlist} run keyword if '${systemType}'=='Windows' Create List www.facebook.com
+ ... ELSE Create List www.facebook.com
+ ${rescode} SystemCommands ${commandstr} ${stringlist}
+
+ Comment 日志验证
+ #日志验证
+ ${s} Convert to String ${policyIds}
+ ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} dns_qname www.facebook.com
+ Should Be Equal As Strings ${returnvalue} true
+
\ No newline at end of file diff --git a/01-TestCase/tsg_adc/api_security/AllowFtpTests.robot b/01-TestCase/tsg_adc/api_security/AllowFtpTests.robot new file mode 100644 index 0000000..51cb6a3 --- /dev/null +++ b/01-TestCase/tsg_adc/api_security/AllowFtpTests.robot @@ -0,0 +1,78 @@ +*** Settings ***
+Test Teardown DeletePolicyAndObjectAndApplicationAndSignature ${policyIds} ${objectids}
+Force Tags tsg_adc tsg_security
+Library OperatingSystem
+Library Selenium2Library
+Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
+Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
+Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
+Resource ../../../02-Keyword/tsg_adc/FileOperation.robot
+Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot
+Resource ../../../03-Variable/ApplicationID.txt
+Resource ../../../03-Variable/BifangApiVariable.txt
+Resource ../../../02-Keyword/tsg_bfapi/policy_object/Application.robot
+Resource ../../../02-Keyword/tsg_bfapi/policy_object/ProcessPolicyBody.robot
+Library ../../../04-CustomLibrary/Library/VerifyPolicy.py
+*** Variables ***
+${policyIds} ${EMPTY}
+${objectids} ${EMPTY}
+
+*** Test Cases ***
+SecurityPolicy-Allow-FTP-00001
+ [Tags] Allow IP FTP
+ Comment 创建IP
+ ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId} AddObjects ${1} ${objectDict}
+ ${objectids} set Variable ${objectId}
+
+
+ Comment 创建Allow策略
+ ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=allow source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"FTP"} isValid=${1} appIdObjects=${FTP_ID}
+ ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
+ ${policyIds} set Variable ${policyId}[0][policyIds][0]
+
+ ${starttime} Get Time
+ #功能端验证
+ Sleep ${policyVerificationSleepSeconds}s
+
+ Comment 策略验证
+ #新增策略验证
+ #创建attributes中的字典
+ ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "104"}
+ ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
+ ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
+ ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
+ # 合成attributes字典集
+ ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination}
+ ${verifySession} Create Dictionary attributes=${attributes}
+ ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
+ log ${verifyList}
+ ${rescode} ${resData} VerifyPolicies ${verifyList}
+ # 打印检查结果
+ ${objectid_verify} Set Variable ${objectids}
+ ${objectid_verify} Catenate SEPARATOR=, ${objectid_verify} ${policyIds}
+ # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
+ log ${objectid_verify}
+ ${testType} Evaluate type($objectid_verify)
+ ${testType} Evaluate type($resData)
+ log ${resData}
+ sleep 5
+ ${ok} VerifyProxy ${resData} ${objectid_verify}
+ Should Be Equal As Strings ${ok} true
+
+ Sleep ${policyLogVerificationSleepSeconds}s
+ ${endtime} Get Time
+
+ Comment 功能端验证
+ ${FTP} FTP_login ftp://192.168.40.158/wlcsy.txt -u ftpuser:111111 中文文件内容
+ run keyword if '${systemType}'=='Windows' should contain ${FTP} ftp_fail
+ ... ELSE should contain ${FTP} Fail
+
+ Comment 日志验证
+ #日志验证
+ ${s} Convert to String ${policyIds}
+ ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} ftp_account ftpuser
+ Should Be Equal As Strings ${returnvalue} true
+
\ No newline at end of file diff --git a/01-TestCase/tsg_adc/api_security/AllowMailTests.robot b/01-TestCase/tsg_adc/api_security/AllowMailTests.robot new file mode 100644 index 0000000..481f8cb --- /dev/null +++ b/01-TestCase/tsg_adc/api_security/AllowMailTests.robot @@ -0,0 +1,90 @@ +*** Settings ***
+Test Teardown DeletePolicyAndObjectAndApplicationAndSignature ${policyIds} ${objectids}
+Force Tags tsg_adc tsg_security
+Library OperatingSystem
+Library Selenium2Library
+Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
+Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
+Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
+Resource ../../../02-Keyword/tsg_adc/FileOperation.robot
+Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot
+Resource ../../../03-Variable/ApplicationID.txt
+Resource ../../../03-Variable/BifangApiVariable.txt
+Resource ../../../02-Keyword/tsg_bfapi/policy_object/Application.robot
+Resource ../../../02-Keyword/tsg_bfapi/policy_object/ProcessPolicyBody.robot
+Library ../../../04-CustomLibrary/Library/VerifyPolicy.py
+*** Variables ***
+${policyIds} ${EMPTY}
+${objectids} ${EMPTY}
+
+*** Test Cases ***
+SecurityPolicy-Allow-MAIL-00001
+ [Tags] Allow IP MAIL
+ Comment 创建IP
+ ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId} AddObjects ${1} ${objectDict}
+ ${objectids} set Variable ${objectId}
+
+
+ Comment 创建Allow策略
+ ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=allow source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"MAIL"} isValid=${1} appIdObjects=${MAIL_ID}
+ ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
+ ${policyIds} set Variable ${policyId}[0][policyIds][0]
+
+ ${starttime} Get Time
+ #功能端验证
+ Sleep ${policyVerificationSleepSeconds}s
+
+ Comment 策略验证
+ #新增策略验证
+ #创建attributes中的字典
+ ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "110"}
+ ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
+ ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
+ ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
+ # 合成attributes字典集
+ ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination}
+ ${verifySession} Create Dictionary attributes=${attributes}
+ ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
+ log ${verifyList}
+ ${rescode} ${resData} VerifyPolicies ${verifyList}
+ # 打印检查结果
+ ${objectid_verify} Set Variable ${objectids}
+ ${objectid_verify} Catenate SEPARATOR=, ${objectid_verify} ${policyIds}
+ # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
+ log ${objectid_verify}
+ ${testType} Evaluate type($objectid_verify)
+ ${testType} Evaluate type($resData)
+ log ${resData}
+ sleep 5
+ ${ok} VerifyProxy ${resData} ${objectid_verify}
+ Should Be Equal As Strings ${ok} true
+
+ Sleep ${policyLogVerificationSleepSeconds}s
+ ${endtime} Get Time
+
+ Comment 功能端验证
+ ${Smtp服务器} Set Variable Smtp.163.com
+ ${Smtp服务器端口} Set Variable 25
+ ${邮箱账号} Set Variable ${mailAccount163Dxy}
+ ${邮箱密码} Set Variable ${mailPasswordDxy}
+ ${邮件主题} Set Variable 123123132
+ ${发送者} Set Variable ${mailAccount163Dxy}
+ ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"]
+ ${接收者} Set Variable ["${mailAccount163Lyf}"]
+ ${抄送者} Set Variable ["${mailAccount163Lyf}"]
+ ${密送者} Set Variable ["${mailAccount163Lyf}"]
+ ${邮件正文} Set Variable Простопорно
+ ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
+ Log ${发送邮件返回结果}
+ run keyword if '${systemType}'=='Windows' should contain ${发送邮件返回结果} mail_fail
+ ... ELSE should contain ${发送邮件返回结果} fail
+
+ Comment 日志验证
+ #日志验证
+ ${s} Convert to String ${policyIds}
+ ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} mail_account ${mailAccount163Dxy}
+ Should Be Equal As Strings ${returnvalue} true
+
\ No newline at end of file diff --git a/01-TestCase/tsg_adc/api_security/AllowQuicTests.robot b/01-TestCase/tsg_adc/api_security/AllowQuicTests.robot new file mode 100644 index 0000000..e431c12 --- /dev/null +++ b/01-TestCase/tsg_adc/api_security/AllowQuicTests.robot @@ -0,0 +1,79 @@ +*** Settings ***
+Test Teardown DeletePolicyAndObjectAndApplicationAndSignature ${policyIds} ${objectids}
+Force Tags tsg_adc tsg_security
+Library OperatingSystem
+Library Selenium2Library
+Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
+Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
+Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
+Resource ../../../02-Keyword/tsg_adc/FileOperation.robot
+Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot
+Resource ../../../03-Variable/ApplicationID.txt
+Resource ../../../03-Variable/BifangApiVariable.txt
+Resource ../../../02-Keyword/tsg_bfapi/policy_object/Application.robot
+Resource ../../../02-Keyword/tsg_bfapi/policy_object/ProcessPolicyBody.robot
+Library ../../../04-CustomLibrary/Library/VerifyPolicy.py
+*** Variables ***
+${policyIds} ${EMPTY}
+${objectids} ${EMPTY}
+
+*** Test Cases ***
+SecurityPolicy-Allow-QUCI-00001
+ [Tags] Allow IP QUIC
+ Comment 创建IP
+ ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId} AddObjects ${1} ${objectDict}
+ ${objectids} set Variable ${objectId}
+
+
+ Comment 创建Allow策略
+ ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=allow source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"QUCI"} isValid=${1} appIdObjects=${QUIC_ID}
+ ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
+ ${policyIds} set Variable ${policyId}[0][policyIds][0]
+
+ ${starttime} Get Time
+ #功能端验证
+ Sleep ${policyVerificationSleepSeconds}s
+
+ Comment 策略验证
+ #新增策略验证
+ #创建attributes中的字典
+ ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "119"}
+ ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
+ ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
+ ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
+ # 合成attributes字典集
+ ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination}
+ ${verifySession} Create Dictionary attributes=${attributes}
+ ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
+ log ${verifyList}
+ ${rescode} ${resData} VerifyPolicies ${verifyList}
+ # 打印检查结果
+ ${objectid_verify} Set Variable ${objectids}
+ ${objectid_verify} Catenate SEPARATOR=, ${objectid_verify} ${policyIds}
+ # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
+ log ${objectid_verify}
+ ${testType} Evaluate type($objectid_verify)
+ ${testType} Evaluate type($resData)
+ log ${resData}
+ sleep 5
+ ${ok} VerifyProxy ${resData} ${objectid_verify}
+ Should Be Equal As Strings ${ok} true
+
+ Sleep ${policyLogVerificationSleepSeconds}s
+ ${endtime} Get Time
+
+ Comment 功能端验证HTTP验证
+ Open Browser https://www.facebook.com ${browserType}
+ sleep 2
+ ${text} Get Text xpath=//*[@id="content"]/div/div/div/div[1]/h2
+ Should Be Equal As Strings ${text} 联系你我,分享生活,尽在 Facebook
+
+ Comment 日志验证
+ #日志验证
+ ${s} Convert to String ${policyIds}
+ ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} common_schema_type QUIC
+ Should Be Equal As Strings ${returnvalue} true
+
\ No newline at end of file diff --git a/01-TestCase/tsg_adc/api_security/DenyDNSTests.robot b/01-TestCase/tsg_adc/api_security/DenyDNSTests.robot index af0e945..c503802 100644 --- a/01-TestCase/tsg_adc/api_security/DenyDNSTests.robot +++ b/01-TestCase/tsg_adc/api_security/DenyDNSTests.robot @@ -1,75 +1,208 @@ -*** Settings *** -Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} -Force Tags tsg_adc tsg_security -Library OperatingSystem #Test Setup Login #Test Teardown Logout -Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot -Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot -Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot -Resource ../../../02-Keyword/tsg_common/StmpHandle.robot - -*** Test Cases *** -SecurityPolicy-Deny-DNS-00001 - [Tags] Deny Fqdn_IP - #创建对象 IP - #${rescode} ${object_IP_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"ip","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_IP","objectDesc":"","subObjectIds":[],"addItemList":[{"addrType":4,"protocol":0,"direction":0,"clientIp1":"192.168.50.31","clientIp2":"192.168.50.31","clientIpFormat":"range","clientPortFormat":"","clientPort1":"","clientPort2":"","serverIpFormat":"","serverIp1":"","serverIp2":"","serverPortFormat":"","serverPort1":"","serverPort2":""}],"updateItemList":[],"deleteItemIds":[]}} - #log ${object_IP_Id} - #创建对象 FQDN - ${rescodeip} ${object_FQDN_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_Deny_fqdn_ziroom","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["$www.ziroom.com"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}} - log ${object_FQDN_Id} - ${objectids} set Variable ${object_FQDN_Id} - #创建策略 - #${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-DNS-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"DNS","method":"drop","keyring":1},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_DNS_QNAME"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}} - ${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-DNS-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"DNS","method":"drop"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_DNS_QNAME"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[4]}} - ... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-DNS-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"DNS","method":"drop"},"referenceObject":[{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_DNS_QNAME"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}} - ${rescode} ${policyId2} AddPolicy ${addPolicyStr} - ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]} - ${policyIds} Create List ${policyId1} - #${rescode} ${policyId} AddPolicy {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-DNS-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"DNS","method":"drop","keyring":1},"referenceObject":[{"objectId":${object_IP_Id},"protocolFields":[]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_DNS_QNAME"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}} - #log ${rescode} - #log ${policyId} - #功能端验证 - Sleep ${policyVerificationSleepSeconds}s - ${starttime} Get Time - ${commandstr} set variable nslookup -d www.ziroom.com - ${stringlista} set variable 超时 - ${stringlist} Create List ${stringlista} - ${rescode} SystemCommands ${commandstr} ${stringlist} - Sleep ${policyLogVerificationSleepSeconds}s - ${endtime} Get Time - #日志验证 - ${s} Convert to String ${policyId2} - GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname ziroom - -SecurityPolicy-Deny-DNS-00002 - [Tags] Deny Sub_Category - # #创建对象 Sub - # ${rescode} ${object_Sub_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"subscriberid","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_subid","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["$zmmtest"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}} - # log ${object_Sub_Id} - # ${objectids} set Variable ${object_Sub_Id} - #创建对象 Cat - ${rescodeip} ${object_Cat_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_Cat_smsp","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["$smspunch.net"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}} - log ${object_Cat_Id} - ${objectids} set Variable ${object_Cat_Id} - #创建策略 - #${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-DNS-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"DNS","method":"redirect","resolution":[{"qtype":"AAAA","answer":[{"atype":"AAAA","value":"e061:82db:c37e:e8c5:c8ab:eab8:5a76:04a9","ttl":{"min":300,"max":300}},{"atype":"CNAME","value":"www.ly.com","ttl":{"min":300,"max":300}}]}],"keyring":1},"referenceObject":[{"objectId":${testClentSubID},"protocolFields":[]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_DNS_QNAME"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}} - ${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-DNS-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"DNS","method":"redirect","resolution":[{"qtype":"AAAA","answer":[{"atype":"AAAA","value":"e061:82db:c37e:e8c5:c8ab:eab8:5a76:04a9","ttl":{"min":300,"max":300}},{"atype":"CNAME","value":"www.ly.com","ttl":{"min":300,"max":300}}]}]},"referenceObject":[{"objectId":${testClentSubID},"protocolFields":[null]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_DNS_QNAME"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[4]}} - ... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-DNS-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"DNS","method":"redirect","resolution":[{"qtype":"AAAA","answer":[{"atype":"AAAA","value":"e061:82db:c37e:e8c5:c8ab:eab8:5a76:04a9","ttl":{"min":300,"max":300}},{"atype":"CNAME","value":"www.ly.com","ttl":{"min":300,"max":300}}]}]},"referenceObject":[{"objectId":${testClentSubID},"protocolFields":[null]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_DNS_QNAME"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}} - ${rescode} ${policyId2} AddPolicy ${addPolicyStr} - ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]} - ${policyIds} Create List ${policyId1} - #${rescode} ${policyId} AddPolicy {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-DNS-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"DNS","method":"redirect","resolution":[{"qtype":"AAAA","answer":[{"atype":"AAAA","value":"e061:82db:c37e:e8c5:c8ab:eab8:5a76:04a9","ttl":{"min":300,"max":300}},{"atype":"CNAME","value":"www.ly.com","ttl":{"min":300,"max":300}}]}],"keyring":1},"referenceObject":[{"objectId":${object_Sub_Id},"protocolFields":[]},{"objectId":${object_Cat_Id},"protocolFields":["TSG_FIELD_DNS_QNAME"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}} - #log ${rescode} - #log ${policyId} - #功能端验证 - Sleep ${policyVerificationSleepSeconds}s - ${starttime} Get Time - ${commandstr} set variable nslookup -d www.smspunch.net - #@{stringlist} set variable www.ly.com - ${stringlista} set variable 超时 - ${stringlist} Create List ${stringlista} - ${rescode} SystemCommands ${commandstr} ${stringlist} - Sleep ${policyLogVerificationSleepSeconds}s - ${endtime} Get Time - #日志验证 - ${s} Convert to String ${policyId2} - GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} dns_qname smspunch +*** Settings ***
+Test Teardown DeletePolicyAndObjectAndApplicationAndSignature ${policyIds} ${objectids}
+Force Tags tsg_adc tsg_security
+Library OperatingSystem
+Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
+Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
+Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
+Resource ../../../02-Keyword/tsg_adc/FileOperation.robot
+Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot
+Resource ../../../03-Variable/ApplicationID.txt
+Resource ../../../03-Variable/BifangApiVariable.txt
+Resource ../../../02-Keyword/tsg_bfapi/policy_object/Application.robot
+Resource ../../../02-Keyword/tsg_bfapi/policy_object/ProcessPolicyBody.robot
+Library ../../../04-CustomLibrary/Library/VerifyPolicy.py
+
+*** Variables ***
+${policyIds} ${EMPTY}
+${objectids} ${EMPTY}
+
+*** Test Cases ***
+SecurityPolicy-Deny-DNS-00001
+ [Tags] Deny IP DNS
+ Comment 创建IP
+ ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId} AddObjects ${1} ${objectDict}
+ ${objectids} set Variable ${objectId}
+
+ Comment 创建Deny策略
+ ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"DNS","method":"drop"} isValid=${1} appIdObjects=${DNS_ID}
+ ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
+ ${policyIds} set Variable ${policyId}[0][policyIds][0]
+
+ ${starttime} Get Time
+ #功能端验证
+ Sleep ${policyVerificationSleepSeconds}s
+
+
+ Comment 策略验证
+ #新增策略验证
+ #创建attributes中的字典
+ ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string":"103" }
+ ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
+ ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
+ ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip": "252.252.252.252","port": "443","tableName": "TSG_SECURITY_DESTINATION_ADDR","addrType": 4,"protocol": "6"}
+ # 合成attributes字典集
+ ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination}
+ ${verifySession} Create Dictionary attributes=${attributes}
+ ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
+ log ${verifyList}
+ ${rescode} ${resData} VerifyPolicies ${verifyList}
+ # 打印检查结果
+ ${objectid_verify} Set Variable ${objectids}
+ ${objectid_verify} Catenate SEPARATOR=, ${policyIds}
+ # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
+ log ${objectid_verify}
+ ${testType} Evaluate type($objectid_verify)
+ ${testType} Evaluate type($resData)
+ log ${resData}
+ sleep 5
+ ${ok} VerifyProxy ${resData} ${objectid_verify}
+ Should Be Equal As Strings ${ok} true
+
+
+ Comment 功能端验证HTTP验证
+ ${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.facebook.com
+ ... ELSE set variable nslookup www.facebook.com
+ ${stringlist} run keyword if '${systemType}'=='Windows' Create List 超时
+ ... ELSE Create List timed out
+ ${rescode} SystemCommands ${commandstr} ${stringlist}
+
+ Comment 日志验证
+ #日志验证
+ ${s} Convert to String ${policyIds}
+ ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} dns_qname facebook.com
+
+SecurityPolicy-Deny-DNS-00002
+ [Tags] Deny IP DNS QNAME
+ Comment 创建IP
+ ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId} AddObjects ${1} ${objectDict}
+ ${objectids} set Variable ${objectId}
+
+ Comment 创建fqdn
+ ${addItemList1} Create Dictionary keywordArray=*www.arctictrucks.ru isHexbin=${0}
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict1} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId1} AddObjects ${1} ${objectDict1}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
+
+
+ Comment 创建Deny策略
+ ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"A","answer":[{"atype":"CNAME","value":"www.jd.com","ttl":{"min":500,"max":500}},{"atype":"A","value":"192.168.41.186","ttl":{"min":300,"max":300}}]}]} filterList=${objectId1}|TSG_FIELD_DNS_QNAME isValid=${1} appIdObjects=${DNS_ID}
+ ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
+ ${policyIds} set Variable ${policyId}[0][policyIds][0]
+
+ ${starttime} Get Time
+ #功能端验证
+ Sleep ${policyVerificationSleepSeconds}s
+
+
+ Comment 策略验证
+ #新增策略验证
+ #创建attributes中的字典
+ ${qname_fqdn_id} Create Dictionary attributeType=string attributeName=qname appId=103 appName=dns protocol=dns attributeValue={"string": "www.arctictrucks.ru"}
+ ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string":"103" }
+ ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
+ ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
+ ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip": "252.252.252.252","port": "443","tableName": "TSG_SECURITY_DESTINATION_ADDR","addrType": 4,"protocol": "6"}
+ # 合成attributes字典集
+ ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${qname_fqdn_id}
+ ${verifySession} Create Dictionary attributes=${attributes}
+ ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
+ log ${verifyList}
+ ${rescode} ${resData} VerifyPolicies ${verifyList}
+ # 打印检查结果
+ ${objectid_verify} Set Variable ${objectids}
+ ${objectid_verify} Catenate SEPARATOR=, ${policyIds}
+ # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
+ log ${objectid_verify}
+ ${testType} Evaluate type($objectid_verify)
+ ${testType} Evaluate type($resData)
+ log ${resData}
+ sleep 5
+ ${ok} VerifyProxy ${resData} ${objectid_verify}
+ Should Be Equal As Strings ${ok} true
+
+
+ Comment 功能端验证HTTP验证
+ ${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d www.arctictrucks.ru 8.8.8.8
+ ... ELSE set variable nslookup -debug -query=A \ www.arctictrucks.ru
+ ${stringlist} run keyword if '${systemType}'=='Windows' Create List www.arctictrucks.ru
+ ... ELSE Create List www.arctictrucks.ru
+ ${rescode} SystemCommands ${commandstr} ${stringlist}
+
+ Comment 日志验证
+ #日志验证
+ ${s} Convert to String ${policyIds}
+ ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} dns_qname www.arctictrucks.ru
+
+SecurityPolicy-Deny-DNS-00003
+ [Tags] Deny IP DNS QNAME
+ Comment 创建IP
+ ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId} AddObjects ${1} ${objectDict}
+ ${objectids} set Variable ${objectId}
+
+ Comment 创建fqdn
+ ${addItemList1} Create Dictionary keywordArray=*aec188.com isHexbin=${0}
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict1} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId1} AddObjects ${1} ${objectDict1}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
+
+
+ Comment 创建Deny策略
+ ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"AAAA","answer":[{"atype":"AAAA","value":"fc00::2:11","ttl":{"min":400,"max":400}},{"atype":"CNAME","value":"www.taobao.com","ttl":{"min":600,"max":600}}]}]} filterList=${objectId1}|TSG_FIELD_DNS_QNAME isValid=${1} appIdObjects=${DNS_ID}
+ ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
+ ${policyIds} set Variable ${policyId}[0][policyIds][0]
+
+ ${starttime} Get Time
+ #功能端验证
+ Sleep ${policyVerificationSleepSeconds}s
+
+
+ Comment 策略验证
+ #新增策略验证
+ #创建attributes中的字典
+ ${qname_fqdn_id} Create Dictionary attributeType=string attributeName=qname appId=103 appName=dns protocol=dns attributeValue={"string": "aec188.com"}
+ ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string":"103" }
+ ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
+ ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
+ ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip": "252.252.252.252","port": "443","tableName": "TSG_SECURITY_DESTINATION_ADDR","addrType": 4,"protocol": "6"}
+ # 合成attributes字典集
+ ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${qname_fqdn_id}
+ ${verifySession} Create Dictionary attributes=${attributes}
+ ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
+ log ${verifyList}
+ ${rescode} ${resData} VerifyPolicies ${verifyList}
+ # 打印检查结果
+ ${objectid_verify} Set Variable ${objectids}
+ ${objectid_verify} Catenate SEPARATOR=, ${policyIds}
+ # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
+ log ${objectid_verify}
+ ${testType} Evaluate type($objectid_verify)
+ ${testType} Evaluate type($resData)
+ log ${resData}
+ sleep 5
+ ${ok} VerifyProxy ${resData} ${objectid_verify}
+ Should Be Equal As Strings ${ok} true
+
+
+ Comment 功能端验证HTTP验证
+ ${commandstr} run keyword if '${systemType}'=='Windows' set variable nslookup -d aec188.com 8.8.8.8
+ ... ELSE set variable nslookup -debug -query=AAAA \ aec188.com
+ ${stringlist} run keyword if '${systemType}'=='Windows' Create List aec188.com
+ ... ELSE Create List aec188.com
+ ${rescode} SystemCommands ${commandstr} ${stringlist}
+
+ Comment 日志验证
+ #日志验证
+ ${s} Convert to String ${policyIds}
+ ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} dns_qname aec188.com
\ No newline at end of file diff --git a/01-TestCase/tsg_adc/api_security/DenyHttpTests.robot b/01-TestCase/tsg_adc/api_security/DenyHttpTests.robot index d5fe598..1e5586d 100644 --- a/01-TestCase/tsg_adc/api_security/DenyHttpTests.robot +++ b/01-TestCase/tsg_adc/api_security/DenyHttpTests.robot @@ -1,98 +1,817 @@ -*** Settings *** -Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} -Force Tags tsg_adc tsg_security -Library OperatingSystem -Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot -Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot -Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot - -*** Test Cases *** -SecurityPolicy-Deny-HTTP-00001 - [Tags] Deny Category_Url_UA_CT - #创建对象IP - #${rescode} ${object_IP_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"ip","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_IP","objectDesc":"","subObjectIds":[],"addItemList":[{"addrType":4,"protocol":0,"direction":0,"clientIp1":"192.168.50.31","clientIp2":"192.168.50.31","clientIpFormat":"range","clientPortFormat":"","clientPort1":"","clientPort2":"","serverIpFormat":"","serverIp1":"","serverIp2":"","serverPortFormat":"","serverPort1":"","serverPort2":""}],"updateItemList":[],"deleteItemIds":[]}} - #log ${object_IP_Id} - #创建对象 Category - ${rescodeip} ${object_Category_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn_category","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_cat_ziroom","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*oom.com"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}} - log ${object_Category_Id} - ${objectids} set Variable ${object_Category_Id} - #创建对象URL - ${rescode_deny} ${object_URL_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"url","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_url-ziroom","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["www.ziroom.com/li*"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}} - log ${object_URL_id} - ${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_id} - #创建对象UA - ${rescode_deny} ${object_UA_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ua_ziroom","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["Mozilla/5.0*"],"isHexbin":0,"district":"User-Agent"}],"updateItemList":[],"deleteItemIds":[]}} - log ${object_UA_id} - ${objectids} Catenate SEPARATOR=, ${objectids} ${object_UA_id} - #创建对象CT - ${rescode_deny} ${object_CT_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ct_ziroom","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["text/html; charse*"],"isHexbin":0,"district":"Content-Type"}],"updateItemList":[],"deleteItemIds":[]}} - log ${object_CT_id} - ${objectids} Catenate SEPARATOR=, ${objectids} ${object_CT_id} - #创建策略 - #${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Http-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"drop","keyring":1},"referenceObject":[{"objectId":${object_Category_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}} - ${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Http-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"drop"},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_Category_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}} - ... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Http-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"drop"},"referenceObject":[{"objectId":${object_Category_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}} - ${rescode} ${policyId2} AddPolicy ${addPolicyStr} - ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]} - ${policyIds} Create List ${policyId1} - #${rescode} ${policyId} AddPolicy {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Http-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"drop","keyring":1},"referenceObject":[{"objectId":${object_IP_Id},"protocolFields":[]},{"objectId":${object_Category_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}} - #${policyIds} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} - #log ${rescode} - #log ${policyId} - #功能端验证 - #Sleep ${policyVerificationSleepSeconds}s - ${starttime} Get Time - # ${commandreturn} run keyword if '${systemType}'=='Windows' OperatingSystem.Run curl --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' \ http://www.ziroom.com/life/index \ \ | iconv -f utf-8 -t gbk - # ... ELSE OperatingSystem.Run curl --user-agent "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36" --referer 'http://www.baidu.com/' http://www.ziroom.com/life/index - # should not contain ${commandreturn} 营业执照 - #Sleep ${policyLogVerificationSleepSeconds}s - ${endtime} Get Time - #日志验证 - ${s} Convert to String ${policyId2} - #GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host ziroom - GetLogList security_event_log 2020-04-15 19:22:01 2020-04-15 19:23:22 ${testClentIP} 4906 http_host open.node.com - #{"value":["2020-04-15 18:50:57","2020-04-15 19:00:53"],"symbol":"between","field":"common_recv_time","type":"timestamp"}] - -SecurityPolicy-Deny-HTTP-00002 - [Tags] Deny Fqdn_Url_CK_SC - # #创建对象SubID - # ${rescode} ${object_Subid_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"subscriberid","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_subid","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["$zmmtest"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}} - # log ${object_Subid_Id} - # ${objectids} set Variable ${object_Subid_Id} - #创建对象FQDN - ${rescodeip} ${object_FQDN_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"fqdn","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_xiaozhu_fqdn","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*zhu.com"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}} - log ${object_FQDN_Id} - ${objectids} set Variable ${object_FQDN_Id} - #创建对象URL - ${rescode_deny} ${object_URL_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"url","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_xiaozhu_url","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*ozhu.com/"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}} - log ${object_URL_id} - ${objectids} Catenate SEPARATOR=, ${objectids} ${object_URL_id} - #创建对象CK - ${rescode_deny} ${object_CK_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_xiaozhu_cookie","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*_math=czsuv8n9d4p; Hm_lvt_92e8bc890f374994dd570aa15afc99e1=1575187416; Hm_lpvt_92e8bc890f374994dd570aa15afc99e1=1575187416; _uab_collina=157518741578524001717192"],"isHexbin":0,"district":"Cookie"}],"updateItemList":[],"deleteItemIds":[]}} - log ${object_CK_id} - ${objectids} Catenate SEPARATOR=, ${objectids} ${object_CK_id} - #创建对象SC - ${rescode_deny} ${object_SC_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"http_signature","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_sc","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["*domain=.xiaozhu.com"],"isHexbin":0,"district":"Set-Cookie"}],"updateItemList":[],"deleteItemIds":[]}} - log ${object_SC_id} - ${objectids} Catenate SEPARATOR=, ${objectids} ${object_SC_id} - #创建策略 - #${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Http-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"rst","keyring":1},"referenceObject":[{"objectId":${object_Subid_Id},"protocolFields":[]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CK_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SC_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}} - ${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Http-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"rst"},"referenceObject":[{"objectId":${testClentSubID},"protocolFields":[null]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CK_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SC_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[2]}} - ... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Http-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"rst"},"referenceObject":[{"objectId":${testClentSubID},"protocolFields":[null]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CK_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SC_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}} - ${rescode} ${policyId2} AddPolicy ${addPolicyStr} - ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]} - ${policyIds} Create List ${policyId1} - #${rescode} ${policyId} AddPolicy {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Http-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"rst","keyring":1},"referenceObject":[{"objectId":${object_Subid_Id},"protocolFields":[]},{"objectId":${object_FQDN_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_CK_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_SC_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}} - #log ${rescode} - #log ${policyId} - #功能端验证 - Sleep ${policyVerificationSleepSeconds}s - ${starttime} Get Time - ${commandreturn} run keyword if '${systemType}'=='Windows' OperatingSystem.Run curl --cookie "*_math=czsuv8n9d4p; Hm_lvt_92e8bc890f374994dd570aa15afc99e1=1575187416; Hm_lpvt_92e8bc890f374994dd570aa15afc99e1=1575187416; _uab_collina=157518741578524001717192" --referer 'http://www.baidu.com/' \ http://www.xiaozhu.com \ \ | iconv -f utf-8 -t gbk - ... ELSE OperatingSystem.Run curl --cookie "*_math=czsuv8n9d4p; Hm_lvt_92e8bc890f374994dd570aa15afc99e1=1575187416; Hm_lpvt_92e8bc890f374994dd570aa15afc99e1=1575187416; _uab_collina=157518741578524001717192" --referer 'http://www.baidu.com/' http://www.xiaozhu.com - should contain ${commandreturn} 403 - Sleep ${policyLogVerificationSleepSeconds}s - ${endtime} Get Time - #日志验证 - ${s} Convert to String ${policyId2} - GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} http_host xiaozhu +*** Settings ***
+Test Teardown DeletePolicyAndObjectAndApplicationAndSignature ${policyIds} ${objectids}
+Force Tags tsg_adc tsg_security
+Library OperatingSystem
+Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
+Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
+Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
+Resource ../../../02-Keyword/tsg_adc/FileOperation.robot
+Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot
+Resource ../../../03-Variable/ApplicationID.txt
+Resource ../../../03-Variable/BifangApiVariable.txt
+Resource ../../../02-Keyword/tsg_bfapi/policy_object/Application.robot
+Resource ../../../02-Keyword/tsg_bfapi/policy_object/ProcessPolicyBody.robot
+Library ../../../04-CustomLibrary/Library/VerifyPolicy.py
+
+*** Variables ***
+${policyIds} ${EMPTY}
+${objectids} ${EMPTY}
+${url1} /v1/policy/profile/responsepages
+*** Test Cases ***
+SecurityPolicy-Deny-HTTP-00001
+ [Tags] Deny IP HTTP
+ Comment 创建IP
+ ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId} AddObjects ${1} ${objectDict}
+ ${objectids} set Variable ${objectId}
+
+ Comment 创建Deny策略
+ ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP","method":"drop"} isValid=${1} appIdObjects=${HTTP_ID}
+ ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
+ ${policyIds} set Variable ${policyId}[0][policyIds][0]
+
+ ${starttime} Get Time
+ #功能端验证
+ Sleep ${policyVerificationSleepSeconds}s
+
+ Comment 策略验证
+ #新增策略验证
+ #创建attributes中的字典
+ ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "106"}
+ ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
+ ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
+ ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
+ # 合成attributes字典集
+ ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination}
+ ${verifySession} Create Dictionary attributes=${attributes}
+ ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
+ log ${verifyList}
+ ${rescode} ${resData} VerifyPolicies ${verifyList}
+ # 打印检查结果
+ ${objectid_verify} Set Variable ${objectids}
+ ${objectid_verify} Catenate SEPARATOR=, ${policyIds}
+ # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
+ log ${objectid_verify}
+ ${testType} Evaluate type($objectid_verify)
+ ${testType} Evaluate type($resData)
+ log ${resData}
+ sleep 5
+ ${ok} VerifyProxy ${resData} ${objectid_verify}
+ Should Be Equal As Strings ${ok} true
+
+ Comment 功能端验证HTTP验证
+ ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00001.bat
+ ... ELSE set variable curl -m 10 -kv http://www.lkong.net/forum.php
+ ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
+ ... ELSE Create List timed out
+ ${rescode} SystemCommands ${commandstr} ${stringlist}
+
+
+ Comment 日志验证
+ #日志验证
+ ${s} Convert to String ${policyIds}
+ ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host www.lkong.net
+ Should Be Equal As Strings ${returnvalue} true
+
+SecurityPolicy-Deny-HTTP-00002
+ [Tags] Deny IP HTTP FQDN
+ Comment 创建IP
+ ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId} AddObjects ${1} ${objectDict}
+ ${objectids} set Variable ${objectId}
+
+ Comment 创建fqdn
+ ${addItemList1} Create Dictionary keywordArray=*bellaircraftmuseum.org isHexbin=${0}
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict1} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId1} AddObjects ${1} ${objectDict1}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
+
+ Comment 创建Deny策略
+ ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP","method":"rst"} filterList=${objectId1}|TSG_FIELD_HTTP_HOST isValid=${1} appIdObjects=${HTTP_ID}
+ ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
+ ${policyIds} set Variable ${policyId}[0][policyIds][0]
+
+ ${starttime} Get Time
+ #功能端验证
+ Sleep ${policyVerificationSleepSeconds}s
+
+ Comment 策略验证
+ #新增策略验证
+ #创建attributes中的字典
+ ${qname_fqdn_id} Create Dictionary attributeType=string attributeName=host appId=106 appName=http protocol=http attributeValue={"string": "bellaircraftmuseum.org"}
+ ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "106"}
+ ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
+ ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
+ ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
+ # 合成attributes字典集
+ ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${qname_fqdn_id}
+ ${verifySession} Create Dictionary attributes=${attributes}
+ ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
+ log ${verifyList}
+ ${rescode} ${resData} VerifyPolicies ${verifyList}
+ # 打印检查结果
+ ${objectid_verify} Set Variable ${objectids}
+ ${objectid_verify} Catenate SEPARATOR=, ${policyIds}
+ # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
+ log ${objectid_verify}
+ ${testType} Evaluate type($objectid_verify)
+ ${testType} Evaluate type($resData)
+ log ${resData}
+ sleep 5
+ ${ok} VerifyProxy ${resData} ${objectid_verify}
+ Should Be Equal As Strings ${ok} true
+
+ Comment 功能端验证HTTP验证
+ ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00002.bat
+ ... ELSE set variable curl http://bellaircraftmuseum.org/
+ ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00002.bat
+ ... ELSE set variable curl http://bellaircraftmuseum.org/
+ ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
+ ... ELSE Create List Connection reset by peer
+ ${rescode} SystemCommands ${commandstr} ${stringlist}
+
+
+ Comment 日志验证
+ #日志验证
+ ${s} Convert to String ${policyIds}
+ ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host bellaircraftmuseum.org
+ Should Be Equal As Strings ${returnvalue} true
+
+SecurityPolicy-Deny-HTTP-00003
+ [Tags] Deny IP HTTP URL
+ Comment 创建IP
+ ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId} AddObjects ${1} ${objectDict}
+ ${objectids} set Variable ${objectId}
+
+ Comment 创建url
+ ${addItemList1} Create Dictionary keywordArray=*/news/ isHexbin=${0}
+ ${addItemList2} Create Dictionary keywordArray=$www.icbc.com.cn/ isHexbin=${0}
+ ${addItemList3} Create Dictionary keywordArray=www.gotohoroscope* isHexbin=${0}
+ ${addItemList4} Create Dictionary keywordArray=indexv isHexbin=${0}
+ ${addItemLists} Create list ${addItemList1} ${addItemList2} ${addItemList3} ${addItemList4}
+ ${objectDict1} Create Dictionary objectType=url objectSubType=url isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId1} AddObjects ${1} ${objectDict1}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
+
+ Comment 创建引用文件
+ #创建引用文件
+ ${response} CreatePolicyFile2 ${url1} ${responsePageFiles} 404english.html resPages
+ ${profiledId} Get From Dictionary ${response} profileId
+
+ Comment 创建Deny策略
+ ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP","method":"block","code":403,"html_profile":${profiledId}} filterList=${objectId1}|TSG_FIELD_HTTP_URL isValid=${1} appIdObjects=${HTTP_ID}
+ ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
+ ${policyIds} set Variable ${policyId}[0][policyIds][0]
+
+ ${starttime} Get Time
+ #功能端验证
+ Sleep ${policyVerificationSleepSeconds}s
+
+ Comment 策略验证
+ #新增策略验证
+ #创建attributes中的字典
+ ${url} Create Dictionary attributeType=string attributeName=url appId=106 appName=http protocol=http attributeValue={"string": "www.icbc.com.cn/"}
+ ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "106"}
+ ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
+ ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
+ ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
+ # 合成attributes字典集
+ ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${url}
+ ${verifySession} Create Dictionary attributes=${attributes}
+ ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
+ log ${verifyList}
+ ${rescode} ${resData} VerifyPolicies ${verifyList}
+ # 打印检查结果
+ ${objectid_verify} Set Variable ${objectids}
+ ${objectid_verify} Catenate SEPARATOR=, ${policyIds}
+ # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
+ log ${objectid_verify}
+ ${testType} Evaluate type($objectid_verify)
+ ${testType} Evaluate type($resData)
+ log ${resData}
+ sleep 5
+ ${ok} VerifyProxy ${resData} ${objectid_verify}
+ Should Be Equal As Strings ${ok} true
+
+ Comment 功能端验证HTTP验证
+ ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00003.bat
+ ... ELSE set variable curl http://www.icbc.com.cn/
+ ${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable
+ ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable
+ ${rescode} SystemCommands ${commandstr} ${stringlist}
+ Comment 功能端验证HTTP验证
+ ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00003_1.bat
+ ... ELSE set variable curl http://www.ccb.com/cn/home/indexv3.html
+ ${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable
+ ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable
+ ${rescode} SystemCommands ${commandstr} ${stringlist}
+ Comment 功能端验证HTTP验证
+ ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00003_2.bat
+ ... ELSE set variable curl http://www.gotohoroscope.com/daily-horoscope.html
+ ${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable
+ ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable
+ ${rescode} SystemCommands ${commandstr} ${stringlist}
+ Comment 功能端验证HTTP验证
+ ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00003_3.bat
+ ... ELSE set variable curl http://government.ru/news/
+ ${stringlist} run keyword if '${systemType}'=='Windows' Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable
+ ... ELSE Create List Sorry, the page you requested does not exist, has been deleted, or is temporarily unavailable
+ ${rescode} SystemCommands ${commandstr} ${stringlist}
+
+
+ Comment 日志验证
+ #日志验证
+ ${s} Convert to String ${policyIds}
+ ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host www.icbc.com.cn
+ Should Be Equal As Strings ${returnvalue} true
+ ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host www.ccb.com
+ Should Be Equal As Strings ${returnvalue} true
+ ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host www.gotohoroscope.com
+ Should Be Equal As Strings ${returnvalue} true
+ ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host government.ru
+ Should Be Equal As Strings ${returnvalue} true
+
+SecurityPolicy-Deny-HTTP-00004
+ [Tags] Deny IP HTTP User-Agent
+ Comment 创建IP
+ ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId} AddObjects ${1} ${objectDict}
+ ${objectids} set Variable ${objectId}
+
+ Comment User-Agent
+ ${addItemList1} Create Dictionary keywordArray=Mozilla/5.0* isHexbin=${0} district=User-Agent
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId1} AddObjects ${1} ${objectDict}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
+
+ Comment 创建Deny策略
+ ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP","method":"block","code":404,"message":"block"} filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=${HTTP_ID}
+ ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
+ ${policyIds} set Variable ${policyId}[0][policyIds][0]
+
+ ${starttime} Get Time
+ #功能端验证
+ Sleep ${policyVerificationSleepSeconds}s
+
+ Comment 策略验证
+ #新增策略验证
+ #创建attributes中的字典
+ ${req_hdr_ua} Create Dictionary attributeType=signature attributeName=req_hdr appId=106 appName=http protocol=http attributeValue={"string": "Mozilla/5.0","district": "User-Agent"}
+ ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "106"}
+ ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
+ ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
+ ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
+ # 合成attributes字典集
+ ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${req_hdr_ua}
+ ${verifySession} Create Dictionary attributes=${attributes}
+ ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
+ log ${verifyList}
+ ${rescode} ${resData} VerifyPolicies ${verifyList}
+ # 打印检查结果
+ ${objectid_verify} Set Variable ${objectids}
+ ${objectid_verify} Catenate SEPARATOR=, ${policyIds}
+ # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
+ log ${objectid_verify}
+ ${testType} Evaluate type($objectid_verify)
+ ${testType} Evaluate type($resData)
+ log ${resData}
+ sleep 5
+ ${ok} VerifyProxy ${resData} ${objectid_verify}
+ Should Be Equal As Strings ${ok} true
+
+ Comment 功能端验证HTTP验证
+ ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00004.bat
+ ... ELSE set variable curl -kv --user-agent "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36" --referer 'http://www.baidu.com/' \http://www.tsutmb.ru/sveden
+ ${stringlist} run keyword if '${systemType}'=='Windows' Create List block
+ ... ELSE Create List block
+ ${rescode} SystemCommands ${commandstr} ${stringlist}
+
+
+ Comment 日志验证
+ #日志验证
+ ${s} Convert to String ${policyIds}
+ ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host tsutmb.ru
+ Should Be Equal As Strings ${returnvalue} true
+
+SecurityPolicy-Deny-HTTP-00005
+ [Tags] Deny IP HTTP Content-Type
+ Comment 创建IP
+ ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId} AddObjects ${1} ${objectDict}
+ ${objectids} set Variable ${objectId}
+
+ Comment Content-Type
+ ${addItemList1} Create Dictionary keywordArray=*utf-8 isHexbin=${0} district=Content-Type
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId1} AddObjects ${1} ${objectDict}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
+
+ Comment 创建Deny策略
+ ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP","method":"rst"} filterList=${objectId1}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=${HTTP_ID}
+ ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
+ ${policyIds} set Variable ${policyId}[0][policyIds][0]
+
+ ${starttime} Get Time
+ #功能端验证
+ Sleep ${policyVerificationSleepSeconds}s
+
+ Comment 策略验证
+ #新增策略验证
+ #创建attributes中的字典
+ ${res_hdr_ct} Create Dictionary attributeType=signature attributeName=res_hdr appId=106 appName=http protocol=http attributeValue={"string": "utf-8aabnna","district": "Content-Type"}
+ ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "106"}
+ ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
+ ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
+ ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
+ # 合成attributes字典集
+ ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${res_hdr_ct}
+ ${verifySession} Create Dictionary attributes=${attributes}
+ ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
+ log ${verifyList}
+ ${rescode} ${resData} VerifyPolicies ${verifyList}
+ # 打印检查结果
+ ${objectid_verify} Set Variable ${objectids}
+ ${objectid_verify} Catenate SEPARATOR=, ${policyIds}
+ # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
+ log ${objectid_verify}
+ ${testType} Evaluate type($objectid_verify)
+ ${testType} Evaluate type($resData)
+ log ${resData}
+ sleep 5
+ ${ok} VerifyProxy ${resData} ${objectid_verify}
+ Should Be Equal As Strings ${ok} true
+
+ Comment 功能端验证HTTP验证
+ ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00008.bat
+ ... ELSE set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00008_L.bat
+ ${stringlist} run keyword if '${systemType}'=='Windows' Create List timed out
+ ... ELSE Create List timed out
+ ${rescode} SystemCommands ${commandstr} ${stringlist}
+
+
+ Comment 日志验证
+ #日志验证
+ ${s} Convert to String ${policyIds}
+ ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host cmbchina.com
+
+SecurityPolicy-Deny-HTTP-00006
+ [Tags] Deny IP HTTP Cookie
+ Comment 创建IP
+ ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId} AddObjects ${1} ${objectDict}
+ ${objectids} set Variable ${objectId}
+
+ Comment Cookie
+ ${addItemList1} Create Dictionary keywordArray=ipp_uid2 isHexbin=${0} district=Cookie
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId1} AddObjects ${1} ${objectDict}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
+
+ Comment 创建Deny策略
+ ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP","method":"block","code":404,"message":"马上到周末"} filterList=${objectId1}|TSG_FIELD_HTTP_REQ_HDR isValid=${1} appIdObjects=${HTTP_ID}
+ ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
+ ${policyIds} set Variable ${policyId}[0][policyIds][0]
+
+ ${starttime} Get Time
+ #功能端验证
+ Sleep ${policyVerificationSleepSeconds}s
+
+ Comment 策略验证
+ #新增策略验证
+ #创建attributes中的字典
+ ${req_hdr_ck} Create Dictionary attributeType=signature attributeName=req_hdr appId=106 appName=http protocol=http attributeValue={"string": "ipp_uid2","district": "Cookie"}
+ ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "106"}
+ ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
+ ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
+ ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
+ # 合成attributes字典集
+ ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${req_hdr_ck}
+ ${verifySession} Create Dictionary attributes=${attributes}
+ ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
+ log ${verifyList}
+ ${rescode} ${resData} VerifyPolicies ${verifyList}
+ # 打印检查结果
+ ${objectid_verify} Set Variable ${objectids}
+ ${objectid_verify} Catenate SEPARATOR=, ${policyIds}
+ # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
+ log ${objectid_verify}
+ ${testType} Evaluate type($objectid_verify)
+ ${testType} Evaluate type($resData)
+ log ${resData}
+ sleep 5
+ ${ok} VerifyProxy ${resData} ${objectid_verify}
+ Should Be Equal As Strings ${ok} true
+
+ Comment 功能端验证HTTP验证
+ ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00012.bat
+ ... ELSE set variable curl -kv --cookie "ipp_uid_tst=1614083626134/s-G5u-av-3V6UMopU8qN0w; rerf=AAAAAGA09iqKHHWcAwwEAg==; visid_incap_1850197=73iJXVstR5eD96boaecG5Sr2NGAAAAAAQUIPAAAAAADRrWjXkBE1xHfgl1g2q0+Z; incap_ses_431_1850197=yz/Zbyso2kIQ3JKieDj7BSr2NGAAAAAAxpbwZIp4Ku0GJhK9DvIxUw==; ___utmvmaluytEzB=zJTWRrkycAu; ___utmvbaluytEzB=oZQ XqnOgalR: qtO; ipp_uid2=SLwSBC2htc6RCxdR/gtvNhcOjz2aYXsuOQZ9IMw==; ipp_uid1=1614083626503; ipp_uid=1614083626503/SLwSBC2htc6RCxdR/gtvNhcOjz2aYXsuOQZ9IMw==; tildauid=1614083628065.339214; tildasid=1614083628065.951808; _fbp=fb.1.1614083628650.700159084; previousUrl=universalmusic.ru%2F" --referer 'http://www.baidu.com/' \ http://www.universalmusic.ru/#about
+ ${stringlist} run keyword if '${systemType}'=='Windows' Create List 马上到周末
+ ... ELSE Create List 马上到周末
+ ${rescode} SystemCommands ${commandstr} ${stringlist}
+
+
+ Comment 日志验证
+ #日志验证
+ ${s} Convert to String ${policyIds}
+ ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host www.universalmusic.ru
+
+SecurityPolicy-Deny-HTTP-00007
+ [Tags] Deny IP HTTP Set-Cookie
+ Comment 创建IP
+ ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId} AddObjects ${1} ${objectDict}
+ ${objectids} set Variable ${objectId}
+
+ Comment Set-Cookie
+ ${addItemList1} Create Dictionary keywordArray=CURRENT_CITY_CODE* isHexbin=${0} district=Set-Cookie
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId1} AddObjects ${1} ${objectDict}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
+
+ Comment 创建Deny策略
+ ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP","method":"drop"} filterList=${objectId}|TSG_FIELD_HTTP_RES_HDR isValid=${1} appIdObjects=${HTTP_ID}
+ ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
+ ${policyIds} set Variable ${policyId}[0][policyIds][0]
+
+ ${starttime} Get Time
+ #功能端验证
+ Sleep ${policyVerificationSleepSeconds}s
+
+ Comment 策略验证
+ #新增策略验证
+ #创建attributes中的字典
+ ${res_hdr_sc} Create Dictionary attributeType=signature attributeName=res_hdr appId=106 appName=http protocol=http attributeValue={"string": "CURRENT_CITY_CODE","district": "Set-Cookie"}
+ ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "106"}
+ ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
+ ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
+ ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
+ # 合成attributes字典集
+ ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${res_hdr_sc}
+ ${verifySession} Create Dictionary attributes=${attributes}
+ ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
+ log ${verifyList}
+ ${rescode} ${resData} VerifyPolicies ${verifyList}
+ # 打印检查结果
+ ${objectid_verify} Set Variable ${objectids}
+ ${objectid_verify} Catenate SEPARATOR=, ${policyIds}
+ # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
+ log ${objectid_verify}
+ ${testType} Evaluate type($objectid_verify)
+ ${testType} Evaluate type($resData)
+ log ${resData}
+ sleep 5
+ ${ok} VerifyProxy ${resData} ${objectid_verify}
+ Should Be Equal As Strings ${ok} true
+
+ Comment 功能端验证HTTP验证
+ ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00013.bat
+ ... ELSE set variable curl --connect-timeout 5 -m 10 www.ziroom.com/life/index -o /dev/null
+ ${stringlist} run keyword if '${systemType}'=='Windows' Create List 000
+ ... ELSE Create List timed out
+ ${rescode} SystemCommands ${commandstr} ${stringlist}
+
+
+ Comment 日志验证
+ #日志验证
+ ${s} Convert to String ${policyIds}
+ ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host www.ziroom.com
+
+SecurityPolicy-Deny-HTTP-00008
+ [Tags] Deny IP HTTP Request Content
+ Comment 创建IP
+ ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId} AddObjects ${1} ${objectDict}
+ ${objectids} set Variable ${objectId}
+
+ Comment Request Content
+ ${addItemList1} Create Dictionary keywordArray=testDenyHttp0014 isHexbin=${0}
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=keywords objectSubType=keywords isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId1} AddObjects ${1} ${objectDict}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
+
+ Comment 创建Deny策略
+ ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP","method":"drop"} filterList=${objectId1}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appIdObjects=${HTTP_ID}
+ ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
+ ${policyIds} set Variable ${policyId}[0][policyIds][0]
+
+ ${starttime} Get Time
+ #功能端验证
+ Sleep ${policyVerificationSleepSeconds}s
+
+ Comment 策略验证
+ #新增策略验证
+ #创建attributes中的字典
+ ${req_body} Create Dictionary attributeType=string attributeName=req_body appId=106 appName=http protocol=http attributeValue={"string": "testDenyHttp0014"}
+ ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "106"}
+ ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
+ ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
+ ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
+ # 合成attributes字典集
+ ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${res_body}
+ ${verifySession} Create Dictionary attributes=${attributes}
+ ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
+ log ${verifyList}
+ ${rescode} ${resData} VerifyPolicies ${verifyList}
+ # 打印检查结果
+ ${objectid_verify} Set Variable ${objectids}
+ ${objectid_verify} Catenate SEPARATOR=, ${policyIds}
+ # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
+ log ${objectid_verify}
+ ${testType} Evaluate type($objectid_verify)
+ ${testType} Evaluate type($resData)
+ log ${resData}
+ sleep 5
+ ${ok} VerifyProxy ${resData} ${objectid_verify}
+ Should Be Equal As Strings ${ok} true
+
+ Comment 功能端验证HTTP验证
+ ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00014.bat
+ ... ELSE set variable curl -H "Content-Type:application/json;charset=UTF-8" -X POST -d "{"requestbody":"testDenyHttp0014","setcook":"12345678","contenttype": "content-type","responsebody": "testDenyHttp0014"}" http://open.node.com:180/go
+ ${stringlist} run keyword if '${systemType}'=='Windows' Create List Connection was reset
+ ... ELSE Create List Connection reset by peer
+ ${rescode} SystemCommands ${commandstr} ${stringlist}
+
+
+ Comment 日志验证
+ #日志验证
+ ${s} Convert to String ${policyIds}
+ ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host open.node.com
+
+SecurityPolicy-Deny-HTTP-00009
+ [Tags] Deny IP HTTP Response Content
+ Comment 创建IP
+ ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId} AddObjects ${1} ${objectDict}
+ ${objectids} set Variable ${objectId}
+
+ Comment Response Content
+ ${addItemList1} Create Dictionary keywordArray=华彤公司 isHexbin=${0}
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=keywords objectSubType=keywords isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId1} AddObjects ${1} ${objectDict}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
+
+ Comment 创建Deny策略
+ ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP","method":"drop"} filterList=${objectId1}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appIdObjects=${HTTP_ID}
+ ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
+ ${policyIds} set Variable ${policyId}[0][policyIds][0]
+
+ ${starttime} Get Time
+ #功能端验证
+ Sleep ${policyVerificationSleepSeconds}s
+
+ Comment 策略验证
+ #新增策略验证
+ #创建attributes中的字典
+ ${res_body} Create Dictionary attributeType=string attributeName=res_body appId=106 appName=http protocol=http attributeValue={"string": "华彤公司"}
+ ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "106"}
+ ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
+ ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
+ ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
+ # 合成attributes字典集
+ ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${res_body}
+ ${verifySession} Create Dictionary attributes=${attributes}
+ ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
+ log ${verifyList}
+ ${rescode} ${resData} VerifyPolicies ${verifyList}
+ # 打印检查结果
+ ${objectid_verify} Set Variable ${objectids}
+ ${objectid_verify} Catenate SEPARATOR=, ${policyIds}
+ # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
+ log ${objectid_verify}
+ ${testType} Evaluate type($objectid_verify)
+ ${testType} Evaluate type($resData)
+ log ${resData}
+ sleep 5
+ ${ok} VerifyProxy ${resData} ${objectid_verify}
+ Should Be Equal As Strings ${ok} true
+
+ Comment 功能端验证HTTP验证
+ ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00015.bat
+ ... ELSE set variable curl -m 10 -kv http://www.huatonggs.com/about.html#gsjj
+ ${stringlist} run keyword if '${systemType}'=='Windows' Create List timed out
+ ... ELSE Create List timed out
+ ${rescode} SystemCommands ${commandstr} ${stringlist}
+
+
+ Comment 日志验证
+ #日志验证
+ ${s} Convert to String ${policyIds}
+ ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host huatonggs.com
+
+SecurityPolicy-Deny-HTTP-00010
+ [Tags] Deny IP HTTP FQDN URL User-Agent Content-Type Request Content
+ Comment 创建IP
+ ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId} AddObjects ${1} ${objectDict}
+ ${objectids} set Variable ${objectId}
+
+ Comment 创建fqdn
+ ${addItemList1} Create Dictionary keywordArray=*open.node.com isHexbin=${0}
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict1} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId1} AddObjects ${1} ${objectDict1}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
+
+ Comment 创建url
+ ${addItemList1} Create Dictionary keywordArray=open.node isHexbin=${0}
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict1} Create Dictionary objectType=url objectSubType=url isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId2} AddObjects ${1} ${objectDict1}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId2}
+
+ Comment User-Agent
+ ${addItemList1} Create Dictionary keywordArray=Mozilla/5.0* isHexbin=${0} district=User-Agent
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId3} AddObjects ${1} ${objectDict}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId3}
+
+ Comment Content-Type
+ ${addItemList1} Create Dictionary keywordArray=charset isHexbin=${0} district=Content-Type
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId4} AddObjects ${1} ${objectDict}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId4}
+
+ Comment Request Content
+ ${addItemList1} Create Dictionary keywordArray=DenyHttp0016 isHexbin=${0}
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=keywords objectSubType=keywords isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId5} AddObjects ${1} ${objectDict}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId5}
+
+ Comment 创建Deny策略
+ ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP","method":"drop"} filterList=${objectId1}|TSG_FIELD_HTTP_HOST,${objectId2}|TSG_FIELD_HTTP_URL,${objectId3}|TSG_FIELD_HTTP_REQ_HDR,${objectId4}|TSG_FIELD_HTTP_RES_HDR,${objectId5}|TSG_FIELD_HTTP_REQ_CONTENT isValid=${1} appIdObjects=${HTTP_ID}
+ ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
+ ${policyIds} set Variable ${policyId}[0][policyIds][0]
+
+ ${starttime} Get Time
+ #功能端验证
+ Sleep ${policyVerificationSleepSeconds}s
+
+ Comment 策略验证
+ #新增策略验证
+ #创建attributes中的字典
+ ${qname_fqdn_id} Create Dictionary attributeType=string attributeName=host appId=106 appName=http protocol=http attributeValue={"string": "open.node.com"}
+ ${url} Create Dictionary attributeType=string attributeName=url appId=106 appName=http protocol=http attributeValue={"string": "open.node.com/"}
+ ${req_hdr_ua} Create Dictionary attributeType=signature attributeName=req_hdr appId=106 appName=http protocol=http attributeValue={"string": "Mozilla/5.0","district": "User-Agent"}
+ ${res_hdr_ct} Create Dictionary attributeType=signature attributeName=res_hdr appId=106 appName=http protocol=http attributeValue={"string": "charset","district": "Content-Type"}
+ ${req_body} Create Dictionary attributeType=string attributeName=req_body appId=106 appName=http protocol=http attributeValue={"string": "testDenyHttp0016"}
+ ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "106"}
+ ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
+ ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
+ ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
+ # 合成attributes字典集
+ ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${qname_fqdn_id} ${url} ${req_hdr_ua} ${res_hdr_ct} ${req_body}
+ ${verifySession} Create Dictionary attributes=${attributes}
+ ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
+ log ${verifyList}
+ ${rescode} ${resData} VerifyPolicies ${verifyList}
+ # 打印检查结果
+ ${objectid_verify} Set Variable ${objectids}
+ ${objectid_verify} Catenate SEPARATOR=, ${policyIds}
+ # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
+ log ${objectid_verify}
+ ${testType} Evaluate type($objectid_verify)
+ ${testType} Evaluate type($resData)
+ log ${resData}
+ sleep 5
+ ${ok} VerifyProxy ${resData} ${objectid_verify}
+ Should Be Equal As Strings ${ok} true
+
+ Comment 功能端验证HTTP验证
+ ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00016.bat
+ ... ELSE set variable curl -m 10 -kv -H "Content-Type:application/json;charset=UTF-8" -X POST -d "{"requestbody":"DenyHttp0016","setcook":"asdf","contenttype": "charsetDeny0016","responsebody": "adzx"}" -kv --user-agent "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36" --referer 'http://www.baidu.com/' http://open.node.com:180/go
+ ${stringlist} run keyword if '${systemType}'=='Windows' Create List timed out
+ ... ELSE Create List 000
+ ${rescode} SystemCommands ${commandstr} ${stringlist}
+
+
+ Comment 日志验证
+ #日志验证
+ ${s} Convert to String ${policyIds}
+ ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host open.node.com
+
+SecurityPolicy-Deny-HTTP-00011
+ [Tags] Deny IP HTTP FQDN URL Cookie Set-Cookie Response Content
+ Comment 创建IP
+ ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId} AddObjects ${1} ${objectDict}
+ ${objectids} set Variable ${objectId}
+
+ Comment 创建fqdn
+ ${addItemList1} Create Dictionary keywordArray=*smspunch.net isHexbin=${0}
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict1} Create Dictionary objectType=fqdn objectSubType=fqdn isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId1} AddObjects ${1} ${objectDict1}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
+
+ Comment 创建url
+ ${addItemList1} Create Dictionary keywordArray=*send-free-sms.aspx isHexbin=${0}
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict1} Create Dictionary objectType=url objectSubType=url isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId2} AddObjects ${1} ${objectDict1}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId2}
+
+ Comment Cookie
+ ${addItemList1} Create Dictionary keywordArray=_ym_isad=2 isHexbin=${0} district=Cookie
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId3} AddObjects ${1} ${objectDict}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId3}
+
+ Comment Set-Cookie
+ ${addItemList1} Create Dictionary keywordArray=NET_SessionId isHexbin=${0} district=Set-Cookie
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=http_signature objectSubType=http_signature isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId4} AddObjects ${1} ${objectDict}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId4}
+
+ Comment Response Content
+ ${addItemList1} Create Dictionary keywordArray=Cell No isHexbin=${0}
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=keywords objectSubType=keywords isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId5} AddObjects ${1} ${objectDict}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId5}
+
+ Comment 创建Deny策略
+ ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"HTTP","method":"drop"} filterList=${objectId1}|TSG_FIELD_HTTP_HOST,${objectId2}|TSG_FIELD_HTTP_URL,${objectId3}|TSG_FIELD_HTTP_REQ_HDR,${objectId4}|TSG_FIELD_HTTP_RES_HDR,${objectId5}|TSG_FIELD_HTTP_RES_CONTENT isValid=${1} appIdObjects=${HTTP_ID}
+ ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
+ ${policyIds} set Variable ${policyId}[0][policyIds][0]
+
+ ${starttime} Get Time
+ #功能端验证
+ Sleep ${policyVerificationSleepSeconds}s
+
+ Comment 策略验证
+ #新增策略验证
+ #创建attributes中的字典
+ ${fqdn} Create Dictionary attributeType=string attributeName=host appId=106 appName=http protocol=http attributeValue={"string": "smspunch.net"}
+ ${url} Create Dictionary attributeType=string attributeName=url appId=106 appName=http protocol=http attributeValue={"string": "smspunch.net/send-free-sms.aspx"}
+ ${req_hdr_ck} Create Dictionary attributeType=signature attributeName=req_hdr appId=106 appName=http protocol=http attributeValue={"string": "_ym_isad=2","district": "Cookie"}
+ ${res_hdr_sc} Create Dictionary attributeType=signature attributeName=res_hdr appId=106 appName=http protocol=http attributeValue={"string": "NET_SessionId","district": "Set-Cookie"}
+ ${res_body} Create Dictionary attributeType=string attributeName=res_body appId=106 appName=http protocol=http attributeValue={"string": "Cell No"}
+ ${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "106"}
+ ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
+ ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
+ ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
+ # 合成attributes字典集
+ ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${qname_fqdn_id} ${url} ${req_hdr_ua} ${res_hdr_ct} ${req_body}
+ ${verifySession} Create Dictionary attributes=${attributes}
+ ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
+ log ${verifyList}
+ ${rescode} ${resData} VerifyPolicies ${verifyList}
+ # 打印检查结果
+ ${objectid_verify} Set Variable ${objectids}
+ ${objectid_verify} Catenate SEPARATOR=, ${policyIds}
+ # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
+ log ${objectid_verify}
+ ${testType} Evaluate type($objectid_verify)
+ ${testType} Evaluate type($resData)
+ log ${resData}
+ sleep 5
+ ${ok} VerifyProxy ${resData} ${objectid_verify}
+ Should Be Equal As Strings ${ok} true
+
+ Comment 功能端验证HTTP验证
+ ${commandstr} run keyword if '${systemType}'=='Windows' set variable ${curlbatpath}/command/SecurityPolicy_Deny_HTTP_00017.bat
+ ... ELSE set variable curl -m 10 -kv --cookie "*_ga=GA1.2.721078436.1587543528; _gid=GA1.2.916148851.1587543528; _gat=1; _ym_uid=1587543532244912958; _ym_d=1587543532; _ym_isad=2" --referer 'http://www.baidu.com/' \ http://smspunch.net/send-free-sms.aspx
+ ${stringlist} run keyword if '${systemType}'=='Windows' Create List timed out
+ ... ELSE Create List timed out
+ ${rescode} SystemCommands ${commandstr} ${stringlist}
+
+
+ Comment 日志验证
+ #日志验证
+ ${s} Convert to String ${policyIds}
+ ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} http_host smspunch.net
\ No newline at end of file diff --git a/01-TestCase/tsg_adc/api_security/DenyMailTests.robot b/01-TestCase/tsg_adc/api_security/DenyMailTests.robot index e0fd9b4..874b2eb 100644 --- a/01-TestCase/tsg_adc/api_security/DenyMailTests.robot +++ b/01-TestCase/tsg_adc/api_security/DenyMailTests.robot @@ -1,333 +1,848 @@ -*** Settings *** -Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} -Force Tags tsg_adc tsg_security -Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot -Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot -Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot -Resource ../../../02-Keyword/tsg_common/StmpHandle.robot -Library Custometest - -*** Test Cases *** -SecurityPolicy-Deny-Mail-00001 - [Tags] Deny URI_Content - #创建对象 Sub - #${rescode} ${object_Sub_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"subscriberid","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_subid","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["$zmmtest"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[]}} - #log ${object_Sub_Id} - #${objectids} set Variable ${object_Sub_Id} - #创建对象 Account - ${rescodeip} ${object_Account_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"account","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_account","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["[email protected]"],"itemId":"","isValid":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[],"objectId":""}} - log ${object_Account_Id} - ${objectids} set Variable ${object_Account_Id} - #创建策略 - #${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"rst","code":""},"referenceObject":[{"objectId":${object_Account_Id},"protocolFields":["TSG_FIELD_MAIL_ACCOUNT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}} - ${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"rst","code":""},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_Account_Id},"protocolFields":["TSG_FIELD_MAIL_ACCOUNT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}} - ... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"rst","code":""},"referenceObject":[{"objectId":${object_Account_Id},"protocolFields":["TSG_FIELD_MAIL_ACCOUNT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}} - ${rescode} ${policyId2} AddPolicy ${addPolicyStr} - ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]} - ${policyIds} Create List ${policyId1} - #${rescode} ${policyId} AddPolicy {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Http-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"HTTP","method":"drop","keyring":1},"referenceObject":[{"objectId":${object_IP_Id},"protocolFields":[]},{"objectId":${object_Category_Id},"protocolFields":["TSG_FIELD_HTTP_HOST"]},{"objectId":${object_URL_id},"protocolFields":["TSG_FIELD_HTTP_URL"]},{"objectId":${object_UA_id},"protocolFields":["TSG_FIELD_HTTP_REQ_HDR"]},{"objectId":${object_CT_id},"protocolFields":["TSG_FIELD_HTTP_RES_HDR"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}} - #${policyIds} set Variable {"policyType":"tsg_security","policyIds":[${policyId}]} - #log ${rescode} - #log ${policyId} - #功能端验证 - Sleep ${policyVerificationSleepSeconds}s - ${starttime} Get Time - ${mail} EmailLogin smtp.163.com 25 [email protected] QKCEUFAJJRZLJKQE - should contain ${mail} mail_fail - Sleep ${policyLogVerificationSleepSeconds}s - ${endtime} Get Time - #日志验证 - ${s} Convert to String ${policyId2} - GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account [email protected] - -SecurityPolicy-Deny-Mail-00002 - [Tags] Deny URI_Content - #创建对象IP - #${rescode} ${object_IP_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"ip","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_IP","objectDesc":"","subObjectIds":[],"addItemList":[{"addrType":4,"protocol":0,"direction":0,"clientIp1":"192.168.50.31","clientIp2":"192.168.50.31","clientIpFormat":"range","clientPortFormat":"","clientPort1":"","clientPort2":"","serverIpFormat":"","serverIp1":"","serverIp2":"","serverPortFormat":"","serverPort1":"","serverPort2":""}],"updateItemList":[],"deleteItemIds":[]}} - #log ${object_IP_Id} - # #创建对象 Subject - # ${rescodeip} ${object_Subject_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"keywords","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_subject","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["朱明明subject"],"isHexbin":0,"itemId":"","isValid":""}],"updateItemList":[],"deleteItemIds":[],"objectId":""}} - # log ${object_Subject_Id} - # ${objectids} set Variable ${object_Subject_Id} - #创建对象 Content - ${rescode_deny} ${object_Content_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"keywords","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_content","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["朱明明content"],"isHexbin":0,"itemId":"","isValid":""}],"updateItemList":[],"deleteItemIds":[],"objectId":""}} - log ${object_Content_id} - ${objectids} set Variable ${object_Content_id} - #创建对象 Att_name - ${rescode_deny} ${object_Att_name_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"keywords","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ATT_Name","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["朱明明测试文件"],"isHexbin":0,"itemId":"","isValid":""}],"updateItemList":[],"deleteItemIds":[],"objectId":""}} - log ${object_Att_name_id} - ${objectids} Catenate SEPARATOR=, ${objectids} ${object_Att_name_id} - #创建对象 att_content - ${rescode_deny} ${object_att_content_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"keywords","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_content","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["朱明明测试文件内容"],"isHexbin":0,"itemId":"","isValid":""}],"updateItemList":[],"deleteItemIds":[],"objectId":""}} - log ${object_att_content_id} - ${objectids} Catenate SEPARATOR=, ${objectids} ${object_att_content_id} - #创建对象 From - ${rescode_deny} ${object_From_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"account","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_from","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["[email protected]"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[],"objectId":""}} - log ${object_From_id} - ${objectids} Catenate SEPARATOR=, ${objectids} ${object_From_id} - #创建对象 to - ${rescode_deny} ${object_to_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"account","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_to","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["[email protected]"],"itemId":"","isValid":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[],"objectId":""}} - log ${object_to_id} - ${objectids} Catenate SEPARATOR=, ${objectids} ${object_to_id} - #创建策略 - #${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${object_Att_name_id},"protocolFields":["TSG_FIELD_MAIL_ATT_NAME"]},{"objectId":${object_att_content_id},"protocolFields":["TSG_FIELD_MAIL_ATT_CONTENT"]},{"objectId":${object_From_id},"protocolFields":["TSG_FIELD_MAIL_FROM"]},{"objectId":${object_to_id},"protocolFields":["TSG_FIELD_MAIL_TO"]},{"objectId":${object_Content_id},"protocolFields":["TSG_FIELD_MAIL_CONTENT"]},{"objectId":${testClentSubID},"protocolFields":["TSG_FIELD_MAIL_SUBJECT"]},{"objectId":4059,"protocolFields":[]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}} - ${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_Att_name_id},"protocolFields":["TSG_FIELD_MAIL_ATT_NAME"]},{"objectId":${object_att_content_id},"protocolFields":["TSG_FIELD_MAIL_ATT_CONTENT"]},{"objectId":${object_From_id},"protocolFields":["TSG_FIELD_MAIL_FROM"]},{"objectId":${object_to_id},"protocolFields":["TSG_FIELD_MAIL_TO"]},{"objectId":${object_Content_id},"protocolFields":["TSG_FIELD_MAIL_CONTENT"]},{"objectId":${testClentSubID},"protocolFields":["TSG_FIELD_MAIL_SUBJECT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}} - ... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00002","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${object_Att_name_id},"protocolFields":["TSG_FIELD_MAIL_ATT_NAME"]},{"objectId":${object_att_content_id},"protocolFields":["TSG_FIELD_MAIL_ATT_CONTENT"]},{"objectId":${object_From_id},"protocolFields":["TSG_FIELD_MAIL_FROM"]},{"objectId":${object_to_id},"protocolFields":["TSG_FIELD_MAIL_TO"]},{"objectId":${object_Content_id},"protocolFields":["TSG_FIELD_MAIL_CONTENT"]},{"objectId":${testClentSubID},"protocolFields":["TSG_FIELD_MAIL_SUBJECT"]},{"objectId":4059,"protocolFields":[]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}} - ${rescode} ${policyId2} AddPolicy ${addPolicyStr} - ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]} - ${policyIds} Create List ${policyId1} - #功能端验证 - Sleep ${policyVerificationSleepSeconds}s - ${starttime} Get Time - ${Smtp服务器} Set Variable smtp.163.com - ${Smtp服务器端口} Set Variable 25 - ${邮箱账号} Set Variable [email protected] - ${邮箱密码} Set Variable VIAVUYPIEJRDQDBN - ${邮件主题} Set Variable 朱明明subject - ${发送者} Set Variable [email protected] - ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] - ${接收者} Set Variable ["[email protected]"] - ${抄送者} Set Variable ["[email protected]"] - ${密送者} Set Variable ["[email protected]"] - ${邮件正文} Set Variable 朱明明content - ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} - Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} mail_fail - Sleep ${policyLogVerificationSleepSeconds}s - ${endtime} Get Time - #日志验证 - ${s} Convert to String ${policyId2} - GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account [email protected] - -SecurityPolicy-Deny-Mail-00003 - [Tags] Deny Subject AloneObject - #创建对象IP - #${rescode} ${object_IP_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"ip","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_IP","objectDesc":"","subObjectIds":[],"addItemList":[{"addrType":4,"protocol":0,"direction":0,"clientIp1":"192.168.50.31","clientIp2":"192.168.50.31","clientIpFormat":"range","clientPortFormat":"","clientPort1":"","clientPort2":"","serverIpFormat":"","serverIp1":"","serverIp2":"","serverPortFormat":"","serverPort1":"","serverPort2":""}],"updateItemList":[],"deleteItemIds":[]}} - #log ${object_IP_Id} - # #创建对象 Subject - # ${rescodeip} ${object_Subject_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"keywords","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_subject","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["朱明明subject"],"isHexbin":0,"itemId":"","isValid":""}],"updateItemList":[],"deleteItemIds":[],"objectId":""}} - # log ${object_Subject_Id} - # ${objectids} set Variable ${object_Subject_Id} - #创建策略 - #${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${object_Att_name_id},"protocolFields":["TSG_FIELD_MAIL_ATT_NAME"]},{"objectId":${object_att_content_id},"protocolFields":["TSG_FIELD_MAIL_ATT_CONTENT"]},{"objectId":${object_From_id},"protocolFields":["TSG_FIELD_MAIL_FROM"]},{"objectId":${object_to_id},"protocolFields":["TSG_FIELD_MAIL_TO"]},{"objectId":${object_Content_id},"protocolFields":["TSG_FIELD_MAIL_CONTENT"]},{"objectId":${testClentSubID},"protocolFields":["TSG_FIELD_MAIL_SUBJECT"]},{"objectId":4059,"protocolFields":[]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}} - ${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00003","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${testClentSubID},"protocolFields":["TSG_FIELD_MAIL_SUBJECT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}} - ${rescode} ${policyId2} AddPolicy ${addPolicyStr} - ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]} - ${policyIds} Create List ${policyId1} - #功能端验证 - Sleep ${policyVerificationSleepSeconds}s - ${starttime} Get Time - ${Smtp服务器} Set Variable smtp.163.com - ${Smtp服务器端口} Set Variable 25 - ${邮箱账号} Set Variable [email protected] - ${邮箱密码} Set Variable VIAVUYPIEJRDQDBN - ${邮件主题} Set Variable 朱明明subject - ${发送者} Set Variable [email protected] - ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] - ${接收者} Set Variable ["[email protected]"] - ${抄送者} Set Variable ["[email protected]"] - ${密送者} Set Variable ["[email protected]"] - ${邮件正文} Set Variable 朱明明content - ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} - Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} mail_fail - Sleep ${policyLogVerificationSleepSeconds}s - ${endtime} Get Time - #日志验证 - ${s} Convert to String ${policyId2} - GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account [email protected] - -SecurityPolicy-Deny-Mail-00004 - [Tags] Deny Content - #创建对象IP - #${rescode} ${object_IP_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"ip","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_IP","objectDesc":"","subObjectIds":[],"addItemList":[{"addrType":4,"protocol":0,"direction":0,"clientIp1":"192.168.50.31","clientIp2":"192.168.50.31","clientIpFormat":"range","clientPortFormat":"","clientPort1":"","clientPort2":"","serverIpFormat":"","serverIp1":"","serverIp2":"","serverPortFormat":"","serverPort1":"","serverPort2":""}],"updateItemList":[],"deleteItemIds":[]}} - #log ${object_IP_Id} - #创建对象 Content - ${rescode_deny} ${object_Content_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"keywords","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_content","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["朱明明content"],"isHexbin":0,"itemId":"","isValid":""}],"updateItemList":[],"deleteItemIds":[],"objectId":""}} - log ${object_Content_id} - ${objectids} set Variable ${object_Content_id} - #创建策略 - #${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${object_Att_name_id},"protocolFields":["TSG_FIELD_MAIL_ATT_NAME"]},{"objectId":${object_att_content_id},"protocolFields":["TSG_FIELD_MAIL_ATT_CONTENT"]},{"objectId":${object_From_id},"protocolFields":["TSG_FIELD_MAIL_FROM"]},{"objectId":${object_to_id},"protocolFields":["TSG_FIELD_MAIL_TO"]},{"objectId":${object_Content_id},"protocolFields":["TSG_FIELD_MAIL_CONTENT"]},{"objectId":${object_Subject_Id},"protocolFields":["TSG_FIELD_MAIL_SUBJECT"]},{"objectId":4059,"protocolFields":[]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}} - ${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00004","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_Content_id},"protocolFields":["TSG_FIELD_MAIL_CONTENT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}} - ... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00004","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${object_Content_id},"protocolFields":["TSG_FIELD_MAIL_CONTENT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}} - ${rescode} ${policyId2} AddPolicy ${addPolicyStr} - ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]} - ${policyIds} Create List ${policyId1} - #功能端验证 - Sleep ${policyVerificationSleepSeconds}s - ${starttime} Get Time - ${Smtp服务器} Set Variable smtp.163.com - ${Smtp服务器端口} Set Variable 25 - ${邮箱账号} Set Variable [email protected] - ${邮箱密码} Set Variable VIAVUYPIEJRDQDBN - ${邮件主题} Set Variable 朱明明subject - ${发送者} Set Variable [email protected] - ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] - ${接收者} Set Variable ["[email protected]"] - ${抄送者} Set Variable ["[email protected]"] - ${密送者} Set Variable ["[email protected]"] - ${邮件正文} Set Variable 朱明明content - ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} - Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} mail_fail - Sleep ${policyLogVerificationSleepSeconds}s - ${endtime} Get Time - #日志验证 - ${s} Convert to String ${policyId2} - GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account [email protected] - -SecurityPolicy-Deny-Mail-00005 - [Tags] Deny tt_name - #创建对象IP - #${rescode} ${object_IP_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"ip","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_IP","objectDesc":"","subObjectIds":[],"addItemList":[{"addrType":4,"protocol":0,"direction":0,"clientIp1":"192.168.50.31","clientIp2":"192.168.50.31","clientIpFormat":"range","clientPortFormat":"","clientPort1":"","clientPort2":"","serverIpFormat":"","serverIp1":"","serverIp2":"","serverPortFormat":"","serverPort1":"","serverPort2":""}],"updateItemList":[],"deleteItemIds":[]}} - #log ${object_IP_Id} - #创建对象 Att_name - ${rescode_deny} ${object_Att_name_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"keywords","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_ATT_Name","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["朱明明测试文件"],"isHexbin":0,"itemId":"","isValid":""}],"updateItemList":[],"deleteItemIds":[],"objectId":""}} - log ${object_Att_name_id} - ${objectids} set Variable ${object_Att_name_id} - #创建策略 - #${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${object_Att_name_id},"protocolFields":["TSG_FIELD_MAIL_ATT_NAME"]},{"objectId":${object_att_content_id},"protocolFields":["TSG_FIELD_MAIL_ATT_CONTENT"]},{"objectId":${object_From_id},"protocolFields":["TSG_FIELD_MAIL_FROM"]},{"objectId":${object_to_id},"protocolFields":["TSG_FIELD_MAIL_TO"]},{"objectId":${object_Content_id},"protocolFields":["TSG_FIELD_MAIL_CONTENT"]},{"objectId":${object_Subject_Id},"protocolFields":["TSG_FIELD_MAIL_SUBJECT"]},{"objectId":4059,"protocolFields":[]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}} - ${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00005","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_Att_name_id},"protocolFields":["TSG_FIELD_MAIL_ATT_NAME"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}} - ... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00005","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${object_Att_name_id},"protocolFields":["TSG_FIELD_MAIL_ATT_NAME"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}} - ${rescode} ${policyId2} AddPolicy ${addPolicyStr} - ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]} - ${policyIds} Create List ${policyId1} - #功能端验证 - Sleep ${policyVerificationSleepSeconds}s - ${starttime} Get Time - ${Smtp服务器} Set Variable smtp.163.com - ${Smtp服务器端口} Set Variable 25 - ${邮箱账号} Set Variable [email protected] - ${邮箱密码} Set Variable VIAVUYPIEJRDQDBN - ${邮件主题} Set Variable 朱明明subject - ${发送者} Set Variable [email protected] - ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] - ${接收者} Set Variable ["[email protected]"] - ${抄送者} Set Variable ["[email protected]"] - ${密送者} Set Variable ["[email protected]"] - ${邮件正文} Set Variable 朱明明content - ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} - Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} mail_fail - Sleep ${policyLogVerificationSleepSeconds}s - ${endtime} Get Time - #日志验证 - ${s} Convert to String ${policyId2} - GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account [email protected] - -SecurityPolicy-Deny-Mail-00006 - [Tags] Deny Att_content - #创建对象IP - #${rescode} ${object_IP_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"ip","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_IP","objectDesc":"","subObjectIds":[],"addItemList":[{"addrType":4,"protocol":0,"direction":0,"clientIp1":"192.168.50.31","clientIp2":"192.168.50.31","clientIpFormat":"range","clientPortFormat":"","clientPort1":"","clientPort2":"","serverIpFormat":"","serverIp1":"","serverIp2":"","serverPortFormat":"","serverPort1":"","serverPort2":""}],"updateItemList":[],"deleteItemIds":[]}} - #log ${object_IP_Id} - #创建对象 att_content - ${rescode_deny} ${object_att_content_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"keywords","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_content","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["朱明明测试文件内容"],"isHexbin":0,"itemId":"","isValid":""}],"updateItemList":[],"deleteItemIds":[],"objectId":""}} - log ${object_att_content_id} - ${objectids} set Variable ${object_att_content_id} - #创建策略 - #${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${object_Att_name_id},"protocolFields":["TSG_FIELD_MAIL_ATT_NAME"]},{"objectId":${object_att_content_id},"protocolFields":["TSG_FIELD_MAIL_ATT_CONTENT"]},{"objectId":${object_From_id},"protocolFields":["TSG_FIELD_MAIL_FROM"]},{"objectId":${object_to_id},"protocolFields":["TSG_FIELD_MAIL_TO"]},{"objectId":${object_Content_id},"protocolFields":["TSG_FIELD_MAIL_CONTENT"]},{"objectId":${object_Subject_Id},"protocolFields":["TSG_FIELD_MAIL_SUBJECT"]},{"objectId":4059,"protocolFields":[]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}} - ${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00006","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_att_content_id},"protocolFields":["TSG_FIELD_MAIL_ATT_CONTENT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}} - ... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00006","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${object_att_content_id},"protocolFields":["TSG_FIELD_MAIL_ATT_CONTENT"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}} - ${rescode} ${policyId2} AddPolicy ${addPolicyStr} - ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]} - ${policyIds} Create List ${policyId1} - #功能端验证 - Sleep ${policyVerificationSleepSeconds}s - ${starttime} Get Time - ${Smtp服务器} Set Variable smtp.163.com - ${Smtp服务器端口} Set Variable 25 - ${邮箱账号} Set Variable [email protected] - ${邮箱密码} Set Variable VIAVUYPIEJRDQDBN - ${邮件主题} Set Variable 朱明明subject - ${发送者} Set Variable [email protected] - ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] - ${接收者} Set Variable ["[email protected]"] - ${抄送者} Set Variable ["[email protected]"] - ${密送者} Set Variable ["[email protected]"] - ${邮件正文} Set Variable 朱明明content - ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} - Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} mail_fail - Sleep ${policyLogVerificationSleepSeconds}s - ${endtime} Get Time - #日志验证 - ${s} Convert to String ${policyId2} - GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account [email protected] - -SecurityPolicy-Deny-Mail-00007 - [Tags] Deny From - #创建对象IP - #${rescode} ${object_IP_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"ip","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_IP","objectDesc":"","subObjectIds":[],"addItemList":[{"addrType":4,"protocol":0,"direction":0,"clientIp1":"192.168.50.31","clientIp2":"192.168.50.31","clientIpFormat":"range","clientPortFormat":"","clientPort1":"","clientPort2":"","serverIpFormat":"","serverIp1":"","serverIp2":"","serverPortFormat":"","serverPort1":"","serverPort2":""}],"updateItemList":[],"deleteItemIds":[]}} - #log ${object_IP_Id} - #创建对象 From - ${rescode_deny} ${object_From_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"account","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_from","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["[email protected]"],"itemId":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[],"objectId":""}} - log ${object_From_id} - ${objectids} set Variable ${object_From_id} - #创建策略 - #${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${object_Att_name_id},"protocolFields":["TSG_FIELD_MAIL_ATT_NAME"]},{"objectId":${object_att_content_id},"protocolFields":["TSG_FIELD_MAIL_ATT_CONTENT"]},{"objectId":${object_From_id},"protocolFields":["TSG_FIELD_MAIL_FROM"]},{"objectId":${object_to_id},"protocolFields":["TSG_FIELD_MAIL_TO"]},{"objectId":${object_Content_id},"protocolFields":["TSG_FIELD_MAIL_CONTENT"]},{"objectId":${object_Subject_Id},"protocolFields":["TSG_FIELD_MAIL_SUBJECT"]},{"objectId":4059,"protocolFields":[]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}} - ${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00007","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_From_id},"protocolFields":["TSG_FIELD_MAIL_FROM"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}} - ... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00007","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${object_From_id},"protocolFields":["TSG_FIELD_MAIL_FROM"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}} - ${rescode} ${policyId2} AddPolicy ${addPolicyStr} - ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]} - ${policyIds} Create List ${policyId1} - #功能端验证 - Sleep ${policyVerificationSleepSeconds}s - ${starttime} Get Time - ${Smtp服务器} Set Variable smtp.163.com - ${Smtp服务器端口} Set Variable 25 - ${邮箱账号} Set Variable [email protected] - ${邮箱密码} Set Variable VIAVUYPIEJRDQDBN - ${邮件主题} Set Variable 朱明明subject - ${发送者} Set Variable [email protected] - ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] - ${接收者} Set Variable ["[email protected]"] - ${抄送者} Set Variable ["[email protected]"] - ${密送者} Set Variable ["[email protected]"] - ${邮件正文} Set Variable 朱明明content - ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} - Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} mail_fail - Sleep ${policyLogVerificationSleepSeconds}s - ${endtime} Get Time - #日志验证 - ${s} Convert to String ${policyId2} - GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account [email protected] - -SecurityPolicy-Deny-Mail-00008 - [Tags] Deny to - #创建对象IP - #${rescode} ${object_IP_Id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"ip","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmmtest_IP","objectDesc":"","subObjectIds":[],"addItemList":[{"addrType":4,"protocol":0,"direction":0,"clientIp1":"192.168.50.31","clientIp2":"192.168.50.31","clientIpFormat":"range","clientPortFormat":"","clientPort1":"","clientPort2":"","serverIpFormat":"","serverIp1":"","serverIp2":"","serverPortFormat":"","serverPort1":"","serverPort2":""}],"updateItemList":[],"deleteItemIds":[]}} - #log ${object_IP_Id} - #创建对象 to - ${rescode_deny} ${object_to_id} AddObject {"opAction":"add","returnData":1,"objectList":{"objectType":"account","isValid":1,"isInitialize":0,"isExclusion":0,"objectName":"zmm_to","objectDesc":"","subObjectIds":[],"addItemList":[{"keywordArray":["[email protected]"],"itemId":"","isValid":"","isHexbin":0}],"updateItemList":[],"deleteItemIds":[],"objectId":""}} - log ${object_to_id} - ${objectids} set Variable ${object_to_id} - #创建策略 - #${addPolicyStr} set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00001","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${object_Att_name_id},"protocolFields":["TSG_FIELD_MAIL_ATT_NAME"]},{"objectId":${object_att_content_id},"protocolFields":["TSG_FIELD_MAIL_ATT_CONTENT"]},{"objectId":${object_From_id},"protocolFields":["TSG_FIELD_MAIL_FROM"]},{"objectId":${object_to_id},"protocolFields":["TSG_FIELD_MAIL_TO"]},{"objectId":${object_Content_id},"protocolFields":["TSG_FIELD_MAIL_CONTENT"]},{"objectId":${object_Subject_Id},"protocolFields":["TSG_FIELD_MAIL_SUBJECT"]},{"objectId":4059,"protocolFields":[]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[]}} - ${addPolicyStr} run keyword if '${addTestClentIPFlag}'=='1' set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00008","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${testClentID},"protocolFields":["TSG_SECURITY_SOURCE_ADDR"]},{"objectId":${object_to_id},"protocolFields":["TSG_FIELD_MAIL_TO"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}} - ... ELSE set variable {"opAction":"add","returnData":1,"policyList":{"policyId":"","policyName":"SecurityPolicy-Deny-Mail-00008","policyType":"tsg_security","action":"deny","userTags":"","doBlacklist":0,"doLog":1,"policyDesc":"","effectiveRange":{"tag_sets":[[]]},"userRegion":{"protocol":"MAIL","method":"drop","code":550},"referenceObject":[{"objectId":${object_to_id},"protocolFields":["TSG_FIELD_MAIL_TO"]}],"isValid":1,"scheduleId":[],"appObjectIdArray":[5]}} - ${rescode} ${policyId2} AddPolicy ${addPolicyStr} - ${policyId1} set Variable {"policyType":"tsg_security","policyIds":[${policyId2}]} - ${policyIds} Create List ${policyId1} - #功能端验证 - Sleep ${policyVerificationSleepSeconds}s - ${starttime} Get Time - ${Smtp服务器} Set Variable smtp.163.com - ${Smtp服务器端口} Set Variable 25 - ${邮箱账号} Set Variable [email protected] - ${邮箱密码} Set Variable VIAVUYPIEJRDQDBN - ${邮件主题} Set Variable 朱明明subject - ${发送者} Set Variable [email protected] - ${附件} Set Variable ["${mailpath}/朱明明测试文件.txt"] - ${接收者} Set Variable ["[email protected]"] - ${抄送者} Set Variable ["[email protected]"] - ${密送者} Set Variable ["[email protected]"] - ${邮件正文} Set Variable 朱明明content - ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件} - Log ${发送邮件返回结果} - should contain ${发送邮件返回结果} mail_fail - Sleep ${policyLogVerificationSleepSeconds}s - ${endtime} Get Time - #日志验证 - ${s} Convert to String ${policyId2} - GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} mail_account [email protected] +*** Settings ***
+Test Teardown DeletePolicyAndObjectAndApplicationAndSignature ${policyIds} ${objectids}
+Force Tags tsg_adc tsg_security
+Library OperatingSystem
+Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
+Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
+Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
+Resource ../../../02-Keyword/tsg_adc/FileOperation.robot
+Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot
+Resource ../../../03-Variable/ApplicationID.txt
+Resource ../../../03-Variable/BifangApiVariable.txt
+Resource ../../../02-Keyword/tsg_bfapi/policy_object/Application.robot
+Resource ../../../02-Keyword/tsg_bfapi/policy_object/ProcessPolicyBody.robot
+Library ../../../04-CustomLibrary/Library/VerifyPolicy.py
+
+*** Variables ***
+${policyIds} ${EMPTY}
+${objectids} ${EMPTY}
+
+*** Test Cases ***
+SecurityPolicy-Deny-Mail-00001
+ [Tags] Deny IP MAIL Subject Account Content ATT_CONT From To
+ Comment 创建IP
+ ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId} AddObjects ${1} ${objectDict}
+ ${objectids} set Variable ${objectId}
+
+ Comment 创建Subject
+ ${addItemList1} Create Dictionary keywordArray=$人生路远及时行乐 isHexbin=${0}
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=keywords objectSubType=keywords isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId1} AddObjects ${1} ${objectDict}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
+
+ Comment 创建Account
+ ${addItemList1} Create Dictionary keywordArray=dxy135222* isHexbin=${0}
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=account objectSubType=account isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId2} AddObjects ${1} ${objectDict}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId2}
+
+ Comment 创建Content
+ ${addItemList1} Create Dictionary keywordArray=good isHexbin=${0}
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=keywords objectSubType=keywords isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId3} AddObjects ${1} ${objectDict}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId3}
+
+ Comment 创建ATT_CONT
+ ${addItemList1} Create Dictionary keywordArray=Простопорно isHexbin=${0}
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=keywords objectSubType=keywords isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId4} AddObjects ${1} ${objectDict}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId4}
+
+ Comment 创建创建From
+ ${addItemList1} Create Dictionary keywordArray=dxy135222 isHexbin=${0}
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=account objectSubType=account isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId5} AddObjects ${1} ${objectDict}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId5}
+
+ Comment 创建To
+ ${addItemList1} Create Dictionary keywordArray=115751 isHexbin=${0}
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=account objectSubType=account isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId6} AddObjects ${1} ${objectDict}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId6}
+
+ Comment 创建Deny策略
+ ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"MAIL","method":"rst"} filterList=${objectId2}|TSG_FIELD_MAIL_ACCOUNT,${objectId1}|TSG_FIELD_MAIL_SUBJECT,${objectId3}|TSG_FIELD_MAIL_CONTENT,${objectId4}|TSG_FIELD_MAIL_ATT_CONTENT,${objectId5}|TSG_FIELD_MAIL_FROM,${objectId6}|TSG_FIELD_MAIL_TO isValid=${1} appIdObjects=${MAIL_ID}
+ ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
+ ${policyIds} set Variable ${policyId}[0][policyIds][0]
+
+ ${starttime} Get Time
+ #功能端验证
+ Sleep ${policyVerificationSleepSeconds}s
+
+
+ Comment 策略验证
+ #新增策略验证
+ #创建attributes中的字典
+ ${subject_id} Create Dictionary attributeType=string attributeName=subject appId=110 appName=mail protocol=mail attributeValue={"string": "人生路远及时行乐"}
+ ${content_id} Create Dictionary attributeType=string attributeName=content appId=110 appName=mail protocol=mail attributeValue={"string": "good"}
+ ${att_content_id} Create Dictionary attributeType=string attributeName=att_content appId=110 appName=mail protocol=mail attributeValue={"string": "Простопорно"}
+ ${account_id} Create Dictionary attributeType=string attributeName=account appId=110 appName=mail protocol=mail attributeValue={"string": "[email protected]"}
+ ${from_id} Create Dictionary attributeType=string attributeName=from appId=110 appName=mail protocol=mail attributeValue={"string": "[email protected]"}
+ ${to_id} Create Dictionary attributeType=string attributeName=to appId=110 appName=mail protocol=mail attributeValue={"string": "[email protected]"}
+ ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
+ ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
+ ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
+ ${app_id} Create Dictionary attributeType=string attributeName=app_id protocol=mail attributeValue={"string": "110"}
+ # 合成attributes字典集
+ ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${subject_id} ${content_id} ${att_content_id} ${from_id} ${to_id} ${account_id}
+ ${verifySession} Create Dictionary attributes=${attributes}
+ ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
+ log ${verifyList}
+ ${rescode} ${resData} VerifyPolicies ${verifyList}
+ # 打印检查结果
+ ${objectid_verify} Set Variable ${objectids}
+ ${objectid_verify} Catenate SEPARATOR=, ${policyIds}
+ # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
+ log ${objectid_verify}
+ ${testType} Evaluate type($objectid_verify)
+ ${testType} Evaluate type($resData)
+ log ${resData}
+ sleep 5
+ ${ok} VerifyProxy ${resData} ${objectid_verify}
+ Should Be Equal As Strings ${ok} true
+
+
+ Comment 功能端验证
+ ${Smtp服务器} Set Variable Smtp.163.com
+ ${Smtp服务器端口} Set Variable 25
+ ${邮箱账号} Set Variable ${mailAccount163Dxy}
+ ${邮箱密码} Set Variable ${mailPasswordDxy}
+ ${邮件主题} Set Variable 人生路远及时行乐
+ ${发送者} Set Variable ${mailAccount163Dxy}
+ ${附件} Set Variable ["${mailpath}/姬巍川测试文件.txt"]
+ ${接收者} Set Variable ["${mailAccount163Lyf}"]
+ ${抄送者} Set Variable ["${mailAccount163Lyf}"]
+ ${密送者} Set Variable ["${mailAccount163Lyf}"]
+ ${邮件正文} Set Variable good
+ ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
+ Log ${发送邮件返回结果}
+ run keyword if '${systemType}'=='Windows' should contain ${发送邮件返回结果} mail_fail
+ ... ELSE should contain ${发送邮件返回结果} fail
+
+ Comment 日志验证
+ #日志验证
+ ${s} Convert to String ${policyIds}
+ ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} mail_account ${mailAccount163Dxy}
+
+
+SecurityPolicy-Deny-Mail-00002
+ [Tags] Deny IP MAIL Subject ATT_NAME Content ATT_CONT From To
+ Comment 创建IP
+ ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId} AddObjects ${1} ${objectDict}
+ ${objectids} set Variable ${objectId}
+
+ Comment 创建Subject
+ ${addItemList1} Create Dictionary keywordArray=$人生路远及时行乐 isHexbin=${0}
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=keywords objectSubType=keywords isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId1} AddObjects ${1} ${objectDict}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
+
+ Comment 创建ATT_NAME
+ ${addItemList1} Create Dictionary keywordArray=测试文件 isHexbin=${0}
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=keywords objectSubType=keywords isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId2} AddObjects ${1} ${objectDict}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId2}
+
+ Comment 创建Content
+ ${addItemList1} Create Dictionary keywordArray=good isHexbin=${0}
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=keywords objectSubType=keywords isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId3} AddObjects ${1} ${objectDict}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId3}
+
+ Comment 创建ATT_CONT
+ ${addItemList1} Create Dictionary keywordArray=Простопорно isHexbin=${0}
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=keywords objectSubType=keywords isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId4} AddObjects ${1} ${objectDict}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId4}
+
+ Comment 创建创建From
+ ${addItemList1} Create Dictionary keywordArray=dxy135222 isHexbin=${0}
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=account objectSubType=account isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId5} AddObjects ${1} ${objectDict}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId5}
+
+ Comment 创建To
+ ${addItemList1} Create Dictionary keywordArray=115751 isHexbin=${0}
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=account objectSubType=account isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId6} AddObjects ${1} ${objectDict}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId6}
+
+ Comment 创建Deny策略
+ ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"MAIL","method":"drop"} filterList=${objectId2}|TSG_FIELD_MAIL_ATT_NAME,${objectId1}|TSG_FIELD_MAIL_SUBJECT,${objectId3}|TSG_FIELD_MAIL_CONTENT,${objectId4}|TSG_FIELD_MAIL_ATT_CONTENT,${objectId5}|TSG_FIELD_MAIL_FROM,${objectId6}|TSG_FIELD_MAIL_TO isValid=${1} appIdObjects=${MAIL_ID}
+ ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
+ ${policyIds} set Variable ${policyId}[0][policyIds][0]
+
+ ${starttime} Get Time
+ #功能端验证
+ Sleep ${policyVerificationSleepSeconds}s
+
+
+ Comment 策略验证
+ #新增策略验证
+ #创建attributes中的字典
+ ${subject_id} Create Dictionary attributeType=string attributeName=subject appId=110 appName=mail protocol=mail attributeValue={"string": "人生路远及时行乐"}
+ ${content_id} Create Dictionary attributeType=string attributeName=content appId=110 appName=mail protocol=mail attributeValue={"string": "good"}
+ ${att_content_id} Create Dictionary attributeType=string attributeName=att_content appId=110 appName=mail protocol=mail attributeValue={"string": "Простопорно"}
+ ${att_name_id} Create Dictionary attributeType=string attributeName=att_name appId=110 appName=mail protocol=mail attributeValue={"string": "测试文件"}
+ ${from_id} Create Dictionary attributeType=string attributeName=from appId=110 appName=mail protocol=mail attributeValue={"string": "[email protected]"}
+ ${to_id} Create Dictionary attributeType=string attributeName=to appId=110 appName=mail protocol=mail attributeValue={"string": "[email protected]"}
+ ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
+ ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
+ ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
+ ${app_id} Create Dictionary attributeType=string attributeName=app_id protocol=mail attributeValue={"string": "110"}
+ # 合成attributes字典集
+ ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${subject_id} ${content_id} ${att_content_id} ${from_id} ${to_id} ${att_name_id}
+ ${verifySession} Create Dictionary attributes=${attributes}
+ ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
+ log ${verifyList}
+ ${rescode} ${resData} VerifyPolicies ${verifyList}
+ # 打印检查结果
+ ${objectid_verify} Set Variable ${objectids}
+ ${objectid_verify} Catenate SEPARATOR=, ${policyIds}
+ # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
+ log ${objectid_verify}
+ ${testType} Evaluate type($objectid_verify)
+ ${testType} Evaluate type($resData)
+ log ${resData}
+ sleep 5
+ ${ok} VerifyProxy ${resData} ${objectid_verify}
+ Should Be Equal As Strings ${ok} true
+
+
+ Comment 功能端验证
+ ${Smtp服务器} Set Variable Smtp.163.com
+ ${Smtp服务器端口} Set Variable 25
+ ${邮箱账号} Set Variable ${mailAccount163Dxy}
+ ${邮箱密码} Set Variable ${mailPasswordDxy}
+ ${邮件主题} Set Variable 人生路远及时行乐
+ ${发送者} Set Variable ${mailAccount163Dxy}
+ ${附件} Set Variable ["${mailpath}/姬巍川测试文件.txt"]
+ ${接收者} Set Variable ["${mailAccount163Lyf}"]
+ ${抄送者} Set Variable ["${mailAccount163Lyf}"]
+ ${密送者} Set Variable ["${mailAccount163Lyf}"]
+ ${邮件正文} Set Variable good
+ ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
+ Log ${发送邮件返回结果}
+ run keyword if '${systemType}'=='Windows' should contain ${发送邮件返回结果} mail_fail
+ ... ELSE should contain ${发送邮件返回结果} fail
+
+ Comment 日志验证
+ #日志验证
+ ${s} Convert to String ${policyIds}
+ ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} mail_account ${mailAccount163Dxy}
+
+SecurityPolicy-Deny-Mail-00003
+ [Tags] Deny IP MAIL Subject
+ Comment 创建IP
+ ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId} AddObjects ${1} ${objectDict}
+ ${objectids} set Variable ${objectId}
+
+ Comment 创建Subject
+ ${addItemList1} Create Dictionary keywordArray=$人生路远及时行乐 isHexbin=${0}
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=keywords objectSubType=keywords isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId1} AddObjects ${1} ${objectDict}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
+
+
+ Comment 创建Deny策略
+ ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"MAIL","method":"drop"} filterList=${objectId1}|TSG_FIELD_MAIL_SUBJECT isValid=${1} appIdObjects=${MAIL_ID}
+ ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
+ ${policyIds} set Variable ${policyId}[0][policyIds][0]
+
+ ${starttime} Get Time
+ #功能端验证
+ Sleep ${policyVerificationSleepSeconds}s
+
+
+ Comment 策略验证
+ #新增策略验证
+ #创建attributes中的字典
+ ${subject_id} Create Dictionary attributeType=string attributeName=subject appId=110 appName=mail protocol=mail attributeValue={"string": "人生路远及时行乐"}
+ ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
+ ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
+ ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
+ ${app_id} Create Dictionary attributeType=string attributeName=app_id protocol=mail attributeValue={"string": "110"}
+ # 合成attributes字典集
+ ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${subject_id}
+ ${verifySession} Create Dictionary attributes=${attributes}
+ ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
+ log ${verifyList}
+ ${rescode} ${resData} VerifyPolicies ${verifyList}
+ # 打印检查结果
+ ${objectid_verify} Set Variable ${objectids}
+ ${objectid_verify} Catenate SEPARATOR=, ${policyIds}
+ # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
+ log ${objectid_verify}
+ ${testType} Evaluate type($objectid_verify)
+ ${testType} Evaluate type($resData)
+ log ${resData}
+ sleep 5
+ ${ok} VerifyProxy ${resData} ${objectid_verify}
+ Should Be Equal As Strings ${ok} true
+
+
+ Comment 功能端验证
+ ${Smtp服务器} Set Variable Smtp.163.com
+ ${Smtp服务器端口} Set Variable 25
+ ${邮箱账号} Set Variable ${mailAccount163Dxy}
+ ${邮箱密码} Set Variable ${mailPasswordDxy}
+ ${邮件主题} Set Variable 人生路远及时行乐
+ ${发送者} Set Variable ${mailAccount163Dxy}
+ ${附件} Set Variable ["${mailpath}/姬巍川测试文件.txt"]
+ ${接收者} Set Variable ["${mailAccount163Lyf}"]
+ ${抄送者} Set Variable ["${mailAccount163Lyf}"]
+ ${密送者} Set Variable ["${mailAccount163Lyf}"]
+ ${邮件正文} Set Variable good
+ ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
+ Log ${发送邮件返回结果}
+ run keyword if '${systemType}'=='Windows' should contain ${发送邮件返回结果} mail_fail
+ ... ELSE should contain ${发送邮件返回结果} fail
+
+ Comment 日志验证
+ #日志验证
+ ${s} Convert to String ${policyIds}
+ ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} mail_account ${mailAccount163Dxy}
+
+SecurityPolicy-Deny-Mail-00004
+ [Tags] Deny IP MAIL Content
+ Comment 创建IP
+ ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId} AddObjects ${1} ${objectDict}
+ ${objectids} set Variable ${objectId}
+
+ Comment 创建Content
+ ${addItemList1} Create Dictionary keywordArray=good isHexbin=${0}
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=keywords objectSubType=keywords isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId1} AddObjects ${1} ${objectDict}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
+
+
+ Comment 创建Deny策略
+ ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"MAIL","method":"drop"} filterList=${objectId1}|TSG_FIELD_MAIL_CONTENT isValid=${1} appIdObjects=${MAIL_ID}
+ ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
+ ${policyIds} set Variable ${policyId}[0][policyIds][0]
+
+ ${starttime} Get Time
+ #功能端验证
+ Sleep ${policyVerificationSleepSeconds}s
+
+
+ Comment 策略验证
+ #新增策略验证
+ #创建attributes中的字典
+ ${content_id} Create Dictionary attributeType=string attributeName=content appId=110 appName=mail protocol=mail attributeValue={"string": "good"}
+ ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
+ ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
+ ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
+ ${app_id} Create Dictionary attributeType=string attributeName=app_id protocol=mail attributeValue={"string": "110"}
+ # 合成attributes字典集
+ ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${content_id}
+ ${verifySession} Create Dictionary attributes=${attributes}
+ ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
+ log ${verifyList}
+ ${rescode} ${resData} VerifyPolicies ${verifyList}
+ # 打印检查结果
+ ${objectid_verify} Set Variable ${objectids}
+ ${objectid_verify} Catenate SEPARATOR=, ${policyIds}
+ # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
+ log ${objectid_verify}
+ ${testType} Evaluate type($objectid_verify)
+ ${testType} Evaluate type($resData)
+ log ${resData}
+ sleep 5
+ ${ok} VerifyProxy ${resData} ${objectid_verify}
+ Should Be Equal As Strings ${ok} true
+
+
+ Comment 功能端验证
+ ${Smtp服务器} Set Variable Smtp.163.com
+ ${Smtp服务器端口} Set Variable 25
+ ${邮箱账号} Set Variable ${mailAccount163Dxy}
+ ${邮箱密码} Set Variable ${mailPasswordDxy}
+ ${邮件主题} Set Variable 人生路远及时行乐
+ ${发送者} Set Variable ${mailAccount163Dxy}
+ ${附件} Set Variable ["${mailpath}/姬巍川测试文件.txt"]
+ ${接收者} Set Variable ["${mailAccount163Lyf}"]
+ ${抄送者} Set Variable ["${mailAccount163Lyf}"]
+ ${密送者} Set Variable ["${mailAccount163Lyf}"]
+ ${邮件正文} Set Variable good
+ ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
+ Log ${发送邮件返回结果}
+ run keyword if '${systemType}'=='Windows' should contain ${发送邮件返回结果} mail_fail
+ ... ELSE should contain ${发送邮件返回结果} fail
+
+ Comment 日志验证
+ #日志验证
+ ${s} Convert to String ${policyIds}
+ ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} mail_account ${mailAccount163Dxy}
+SecurityPolicy-Deny-Mail-00005
+ [Tags] Deny IP MAIL ATT_NAME
+ Comment 创建IP
+ ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId} AddObjects ${1} ${objectDict}
+ ${objectids} set Variable ${objectId}
+
+
+ Comment 创建ATT_NAME
+ ${addItemList1} Create Dictionary keywordArray=测试文件 isHexbin=${0}
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=keywords objectSubType=keywords isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId1} AddObjects ${1} ${objectDict}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
+
+ Comment 创建Deny策略
+ ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"MAIL","method":"drop"} filterList=${objectId1}|TSG_FIELD_MAIL_ATT_NAME isValid=${1} appIdObjects=${MAIL_ID}
+ ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
+ ${policyIds} set Variable ${policyId}[0][policyIds][0]
+
+ ${starttime} Get Time
+ #功能端验证
+ Sleep ${policyVerificationSleepSeconds}s
+
+
+ Comment 策略验证
+ #新增策略验证
+ #创建attributes中的字典
+ ${att_name_id} Create Dictionary attributeType=string attributeName=att_name appId=110 appName=mail protocol=mail attributeValue={"string": "测试文件"}
+ ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
+ ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
+ ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
+ ${app_id} Create Dictionary attributeType=string attributeName=app_id protocol=mail attributeValue={"string": "110"}
+ # 合成attributes字典集
+ ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${att_name_id}
+ ${verifySession} Create Dictionary attributes=${attributes}
+ ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
+ log ${verifyList}
+ ${rescode} ${resData} VerifyPolicies ${verifyList}
+ # 打印检查结果
+ ${objectid_verify} Set Variable ${objectids}
+ ${objectid_verify} Catenate SEPARATOR=, ${policyIds}
+ # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
+ log ${objectid_verify}
+ ${testType} Evaluate type($objectid_verify)
+ ${testType} Evaluate type($resData)
+ log ${resData}
+ sleep 5
+ ${ok} VerifyProxy ${resData} ${objectid_verify}
+ Should Be Equal As Strings ${ok} true
+
+
+ Comment 功能端验证
+ ${Smtp服务器} Set Variable Smtp.163.com
+ ${Smtp服务器端口} Set Variable 25
+ ${邮箱账号} Set Variable ${mailAccount163Dxy}
+ ${邮箱密码} Set Variable ${mailPasswordDxy}
+ ${邮件主题} Set Variable 人生路远及时行乐
+ ${发送者} Set Variable ${mailAccount163Dxy}
+ ${附件} Set Variable ["${mailpath}/姬巍川测试文件.txt"]
+ ${接收者} Set Variable ["${mailAccount163Lyf}"]
+ ${抄送者} Set Variable ["${mailAccount163Lyf}"]
+ ${密送者} Set Variable ["${mailAccount163Lyf}"]
+ ${邮件正文} Set Variable good
+ ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
+ Log ${发送邮件返回结果}
+ run keyword if '${systemType}'=='Windows' should contain ${发送邮件返回结果} mail_fail
+ ... ELSE should contain ${发送邮件返回结果} fail
+
+ Comment 日志验证
+ #日志验证
+ ${s} Convert to String ${policyIds}
+ ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} mail_account ${mailAccount163Dxy}
+
+
+SecurityPolicy-Deny-Mail-00006
+ [Tags] Deny IP MAIL ATT_CONT
+ Comment 创建IP
+ ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId} AddObjects ${1} ${objectDict}
+ ${objectids} set Variable ${objectId}
+
+ Comment 创建ATT_CONT
+ ${addItemList1} Create Dictionary keywordArray=Простопорно isHexbin=${0}
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=keywords objectSubType=keywords isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId1} AddObjects ${1} ${objectDict}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
+
+ Comment 创建Deny策略
+ ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"MAIL","method":"drop"} filterList=${objectId1}|TSG_FIELD_MAIL_ATT_CONTENT isValid=${1} appIdObjects=${MAIL_ID}
+ ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
+ ${policyIds} set Variable ${policyId}[0][policyIds][0]
+
+ ${starttime} Get Time
+ #功能端验证
+ Sleep ${policyVerificationSleepSeconds}s
+
+
+ Comment 策略验证
+ #新增策略验证
+ #创建attributes中的字典
+ ${att_content_id} Create Dictionary attributeType=string attributeName=att_content appId=110 appName=mail protocol=mail attributeValue={"string": "Простопорно"}
+ ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
+ ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
+ ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
+ ${app_id} Create Dictionary attributeType=string attributeName=app_id protocol=mail attributeValue={"string": "110"}
+ # 合成attributes字典集
+ ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${att_content_id}
+ ${verifySession} Create Dictionary attributes=${attributes}
+ ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
+ log ${verifyList}
+ ${rescode} ${resData} VerifyPolicies ${verifyList}
+ # 打印检查结果
+ ${objectid_verify} Set Variable ${objectids}
+ ${objectid_verify} Catenate SEPARATOR=, ${policyIds}
+ # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
+ log ${objectid_verify}
+ ${testType} Evaluate type($objectid_verify)
+ ${testType} Evaluate type($resData)
+ log ${resData}
+ sleep 5
+ ${ok} VerifyProxy ${resData} ${objectid_verify}
+ Should Be Equal As Strings ${ok} true
+
+
+ Comment 功能端验证
+ ${Smtp服务器} Set Variable Smtp.163.com
+ ${Smtp服务器端口} Set Variable 25
+ ${邮箱账号} Set Variable ${mailAccount163Dxy}
+ ${邮箱密码} Set Variable ${mailPasswordDxy}
+ ${邮件主题} Set Variable 人生路远及时行乐
+ ${发送者} Set Variable ${mailAccount163Dxy}
+ ${附件} Set Variable ["${mailpath}/姬巍川测试文件.txt"]
+ ${接收者} Set Variable ["${mailAccount163Lyf}"]
+ ${抄送者} Set Variable ["${mailAccount163Lyf}"]
+ ${密送者} Set Variable ["${mailAccount163Lyf}"]
+ ${邮件正文} Set Variable good
+ ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
+ Log ${发送邮件返回结果}
+ run keyword if '${systemType}'=='Windows' should contain ${发送邮件返回结果} mail_fail
+ ... ELSE should contain ${发送邮件返回结果} fail
+
+ Comment 日志验证
+ #日志验证
+ ${s} Convert to String ${policyIds}
+ ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} mail_account ${mailAccount163Dxy}
+
+
+SecurityPolicy-Deny-Mail-00007
+ [Tags] Deny IP MAIL From
+ Comment 创建IP
+ ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId} AddObjects ${1} ${objectDict}
+ ${objectids} set Variable ${objectId}
+
+ Comment 创建创建From
+ ${addItemList1} Create Dictionary keywordArray=dxy135222 isHexbin=${0}
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=account objectSubType=account isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId1} AddObjects ${1} ${objectDict}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
+
+ Comment 创建Deny策略
+ ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"MAIL","method":"drop"} filterList=${objectId1}|TSG_FIELD_MAIL_FROM isValid=${1} appIdObjects=${MAIL_ID}
+ ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
+ ${policyIds} set Variable ${policyId}[0][policyIds][0]
+
+ ${starttime} Get Time
+ #功能端验证
+ Sleep ${policyVerificationSleepSeconds}s
+
+
+ Comment 策略验证
+ #新增策略验证
+ #创建attributes中的字典
+ ${from_id} Create Dictionary attributeType=string attributeName=from appId=110 appName=mail protocol=mail attributeValue={"string": "[email protected]"}
+ ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
+ ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
+ ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
+ ${app_id} Create Dictionary attributeType=string attributeName=app_id protocol=mail attributeValue={"string": "110"}
+ # 合成attributes字典集
+ ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${from_id}
+ ${verifySession} Create Dictionary attributes=${attributes}
+ ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
+ log ${verifyList}
+ ${rescode} ${resData} VerifyPolicies ${verifyList}
+ # 打印检查结果
+ ${objectid_verify} Set Variable ${objectids}
+ ${objectid_verify} Catenate SEPARATOR=, ${policyIds}
+ # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
+ log ${objectid_verify}
+ ${testType} Evaluate type($objectid_verify)
+ ${testType} Evaluate type($resData)
+ log ${resData}
+ sleep 5
+ ${ok} VerifyProxy ${resData} ${objectid_verify}
+ Should Be Equal As Strings ${ok} true
+
+
+ Comment 功能端验证
+ ${Smtp服务器} Set Variable Smtp.163.com
+ ${Smtp服务器端口} Set Variable 25
+ ${邮箱账号} Set Variable ${mailAccount163Dxy}
+ ${邮箱密码} Set Variable ${mailPasswordDxy}
+ ${邮件主题} Set Variable 人生路远及时行乐
+ ${发送者} Set Variable ${mailAccount163Dxy}
+ ${附件} Set Variable ["${mailpath}/姬巍川测试文件.txt"]
+ ${接收者} Set Variable ["${mailAccount163Lyf}"]
+ ${抄送者} Set Variable ["${mailAccount163Lyf}"]
+ ${密送者} Set Variable ["${mailAccount163Lyf}"]
+ ${邮件正文} Set Variable good
+ ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
+ Log ${发送邮件返回结果}
+ run keyword if '${systemType}'=='Windows' should contain ${发送邮件返回结果} mail_fail
+ ... ELSE should contain ${发送邮件返回结果} fail
+
+ Comment 日志验证
+ #日志验证
+ ${s} Convert to String ${policyIds}
+ ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} mail_account ${mailAccount163Dxy}
+
+SecurityPolicy-Deny-Mail-00008
+ [Tags] Deny IP MAIL To
+ Comment 创建IP
+ ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId} AddObjects ${1} ${objectDict}
+ ${objectids} set Variable ${objectId}
+
+ Comment 创建To
+ ${addItemList1} Create Dictionary keywordArray=115751 isHexbin=${0}
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=account objectSubType=account isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId1} AddObjects ${1} ${objectDict}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
+
+ Comment 创建Deny策略
+ ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"MAIL","method":"drop"} filterList=${objectId1}|TSG_FIELD_MAIL_TO isValid=${1} appIdObjects=${MAIL_ID}
+ ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
+ ${policyIds} set Variable ${policyId}[0][policyIds][0]
+
+ ${starttime} Get Time
+ #功能端验证
+ Sleep ${policyVerificationSleepSeconds}s
+
+
+ Comment 策略验证
+ #新增策略验证
+ #创建attributes中的字典
+ ${to_id} Create Dictionary attributeType=string attributeName=to appId=110 appName=mail protocol=mail attributeValue={"string": "[email protected]"}
+ ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
+ ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
+ ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
+ ${app_id} Create Dictionary attributeType=string attributeName=app_id protocol=mail attributeValue={"string": "110"}
+ # 合成attributes字典集
+ ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${to_id}
+ ${verifySession} Create Dictionary attributes=${attributes}
+ ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
+ log ${verifyList}
+ ${rescode} ${resData} VerifyPolicies ${verifyList}
+ # 打印检查结果
+ ${objectid_verify} Set Variable ${objectids}
+ ${objectid_verify} Catenate SEPARATOR=, ${policyIds}
+ # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
+ log ${objectid_verify}
+ ${testType} Evaluate type($objectid_verify)
+ ${testType} Evaluate type($resData)
+ log ${resData}
+ sleep 5
+ ${ok} VerifyProxy ${resData} ${objectid_verify}
+ Should Be Equal As Strings ${ok} true
+
+
+ Comment 功能端验证
+ ${Smtp服务器} Set Variable Smtp.163.com
+ ${Smtp服务器端口} Set Variable 25
+ ${邮箱账号} Set Variable ${mailAccount163Dxy}
+ ${邮箱密码} Set Variable ${mailPasswordDxy}
+ ${邮件主题} Set Variable 人生路远及时行乐
+ ${发送者} Set Variable ${mailAccount163Dxy}
+ ${附件} Set Variable ["${mailpath}/姬巍川测试文件.txt"]
+ ${接收者} Set Variable ["${mailAccount163Lyf}"]
+ ${抄送者} Set Variable ["${mailAccount163Lyf}"]
+ ${密送者} Set Variable ["${mailAccount163Lyf}"]
+ ${邮件正文} Set Variable good
+ ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
+ Log ${发送邮件返回结果}
+ run keyword if '${systemType}'=='Windows' should contain ${发送邮件返回结果} mail_fail
+ ... ELSE should contain ${发送邮件返回结果} fail
+
+ Comment 日志验证
+ #日志验证
+ ${s} Convert to String ${policyIds}
+ ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} mail_account ${mailAccount163Dxy}
+
+SecurityPolicy-Deny-Mail-00009
+ [Tags] Deny IP MAIL Account
+ Comment 创建IP
+ ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId} AddObjects ${1} ${objectDict}
+ ${objectids} set Variable ${objectId}
+
+ Comment 创建Account
+ ${addItemList1} Create Dictionary keywordArray=dxy135222* isHexbin=${0}
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=account objectSubType=account isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId1} AddObjects ${1} ${objectDict}
+ ${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
+
+ Comment 创建Deny策略
+ ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"MAIL","method":"rst"} filterList=${objectId1}|TSG_FIELD_MAIL_ACCOUNT isValid=${1} appIdObjects=${MAIL_ID}
+ ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
+ ${policyIds} set Variable ${policyId}[0][policyIds][0]
+
+ ${starttime} Get Time
+ #功能端验证
+ Sleep ${policyVerificationSleepSeconds}s
+
+
+ Comment 策略验证
+ #新增策略验证
+ #创建attributes中的字典
+ ${account_id} Create Dictionary attributeType=string attributeName=account appId=110 appName=mail protocol=mail attributeValue={"string": "[email protected]"}
+ ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
+ ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
+ ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
+ ${app_id} Create Dictionary attributeType=string attributeName=app_id protocol=mail attributeValue={"string": "110"}
+ # 合成attributes字典集
+ ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination} ${account_id}
+ ${verifySession} Create Dictionary attributes=${attributes}
+ ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
+ log ${verifyList}
+ ${rescode} ${resData} VerifyPolicies ${verifyList}
+ # 打印检查结果
+ ${objectid_verify} Set Variable ${objectids}
+ ${objectid_verify} Catenate SEPARATOR=, ${policyIds}
+ # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
+ log ${objectid_verify}
+ ${testType} Evaluate type($objectid_verify)
+ ${testType} Evaluate type($resData)
+ log ${resData}
+ sleep 5
+ ${ok} VerifyProxy ${resData} ${objectid_verify}
+ Should Be Equal As Strings ${ok} true
+
+
+ Comment 功能端验证
+ ${Smtp服务器} Set Variable Smtp.163.com
+ ${Smtp服务器端口} Set Variable 25
+ ${邮箱账号} Set Variable ${mailAccount163Dxy}
+ ${邮箱密码} Set Variable ${mailPasswordDxy}
+ ${邮件主题} Set Variable 人生路远及时行乐
+ ${发送者} Set Variable ${mailAccount163Dxy}
+ ${附件} Set Variable ["${mailpath}/姬巍川测试文件.txt"]
+ ${接收者} Set Variable ["${mailAccount163Lyf}"]
+ ${抄送者} Set Variable ["${mailAccount163Lyf}"]
+ ${密送者} Set Variable ["${mailAccount163Lyf}"]
+ ${邮件正文} Set Variable good
+ ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
+ Log ${发送邮件返回结果}
+ run keyword if '${systemType}'=='Windows' should contain ${发送邮件返回结果} mail_fail
+ ... ELSE should contain ${发送邮件返回结果} fail
+
+ Comment 日志验证
+ #日志验证
+ ${s} Convert to String ${policyIds}
+ ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} mail_account ${mailAccount163Dxy}
+
+
+SecurityPolicy-Deny-Mail-00010
+ [Tags] Deny IP MAIL
+ Comment 创建IP
+ ${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
+ ${addItemLists} Create list ${addItemList1}
+ ${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
+ ${rescode} ${objectId} AddObjects ${1} ${objectDict}
+ ${objectids} set Variable ${objectId}
+
+ Comment 创建Deny策略
+ ${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"MAIL","method":"rst"} isValid=${1} appIdObjects=${MAIL_ID}
+ ${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
+ ${policyIds} set Variable ${policyId}[0][policyIds][0]
+
+ ${starttime} Get Time
+ #功能端验证
+ Sleep ${policyVerificationSleepSeconds}s
+
+
+ Comment 策略验证
+ #新增策略验证
+ #创建attributes中的字典
+ ${subscriberid} Create Dictionary attributeType=string attributeName=subscriberid attributeValue={"string": "test56"}
+ ${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip":"${testClentIP}","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_SOURCE_ADDR"}
+ ${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip":"254.253.252.251","port":"1","addrType":4,"protocol":"6","tableName":"TSG_SECURITY_DESTINATION_ADDR"}
+ ${app_id} Create Dictionary attributeType=string attributeName=app_id protocol=mail attributeValue={"string": "110"}
+ # 合成attributes字典集
+ ${attributes} Create List ${app_id} ${subscriberid} ${ipsource} ${ipdestination}
+ ${verifySession} Create Dictionary attributes=${attributes}
+ ${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
+ log ${verifyList}
+ ${rescode} ${resData} VerifyPolicies ${verifyList}
+ # 打印检查结果
+ ${objectid_verify} Set Variable ${objectids}
+ ${objectid_verify} Catenate SEPARATOR=, ${policyIds}
+ # # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
+ log ${objectid_verify}
+ ${testType} Evaluate type($objectid_verify)
+ ${testType} Evaluate type($resData)
+ log ${resData}
+ sleep 5
+ ${ok} VerifyProxy ${resData} ${objectid_verify}
+ Should Be Equal As Strings ${ok} true
+
+
+ Comment 功能端验证
+ ${Smtp服务器} Set Variable Smtp.163.com
+ ${Smtp服务器端口} Set Variable 25
+ ${邮箱账号} Set Variable ${mailAccount163Dxy}
+ ${邮箱密码} Set Variable ${mailPasswordDxy}
+ ${邮件主题} Set Variable 人生路远及时行乐
+ ${发送者} Set Variable ${mailAccount163Dxy}
+ ${附件} Set Variable ["${mailpath}/姬巍川测试文件.txt"]
+ ${接收者} Set Variable ["${mailAccount163Lyf}"]
+ ${抄送者} Set Variable ["${mailAccount163Lyf}"]
+ ${密送者} Set Variable ["${mailAccount163Lyf}"]
+ ${邮件正文} Set Variable good
+ ${发送邮件返回结果} EmailSendFull ${Smtp服务器} ${Smtp服务器端口} ${邮箱账号} ${邮箱密码} ${邮件主题} ${发送者} ${接收者} ${抄送者} ${密送者} ${邮件正文} ${附件}
+ Log ${发送邮件返回结果}
+ run keyword if '${systemType}'=='Windows' should contain ${发送邮件返回结果} mail_fail
+ ... ELSE should contain ${发送邮件返回结果} fail
+
+ Comment 日志验证
+ #日志验证
+ ${s} Convert to String ${policyIds}
+ ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} mail_account ${mailAccount163Dxy}
+
\ No newline at end of file diff --git a/03-Variable/BifangApiVariable.txt b/03-Variable/BifangApiVariable.txt index ed790f4..1ec0fd3 100644 --- a/03-Variable/BifangApiVariable.txt +++ b/03-Variable/BifangApiVariable.txt @@ -23,7 +23,7 @@ ${userTagIds} ${EMPTY} #Documentation] 是否添加测试终端IP到策略统一配置,0为不添加测试终端IP,1为添加测试终端IP,默认1
${addTestClentIPFlag} 0
#测试环境是否需要把tsgui和api添加为SecurityPolicy-Allow 1为需要,默认1 ,
-${addTsgUIAPIFlag} 0
+${addTsgUIAPIFlag} 1
#执行需要暂停时间
#策略下发后到验证需等待时间
${policyVerificationSleepSeconds} 20
@@ -76,4 +76,9 @@ ${sleep_Wait} 20 #name个人标识
${tag} lyf
#日志查询次数
-${logfornumber} 3
\ No newline at end of file +${logfornumber} 3
+#邮箱账户信息
+${mailAccount163Dxy} [email protected]
+${mailPasswordDxy} CXFBCUSBOZCWSMRW
+${mailAccount163Lyf} [email protected]
+${mailPasswordLyf} XEYQVHEMTOBOJSAP
\ No newline at end of file |