139 lines
8.2 KiB
Plaintext
139 lines
8.2 KiB
Plaintext
|
*** Settings ***
|
|||
|
|
Test Teardown DeletePolicyAndObjectAndApplicationAndSignature ${policyIds} ${objectids}
|
|||
|
|
Force Tags tsg_adc tsg_security
|
|||
|
|
Library OperatingSystem
|
|||
|
|
Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot
|
|||
|
|
Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
|
|||
|
|
Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot
|
|||
|
|
Resource ../../../02-Keyword/tsg_adc/FileOperation.robot
|
|||
|
|
Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot
|
|||
|
|
Resource ../../../03-Variable/ApplicationID.txt
|
|||
|
|
Resource ../../../03-Variable/BifangApiVariable.txt
|
|||
|
|
Resource ../../../02-Keyword/tsg_bfapi/policy_object/Application.robot
|
|||
|
|
Resource ../../../02-Keyword/tsg_bfapi/policy_object/ProcessPolicyBody.robot
|
|||
|
|
Library ../../../04-CustomLibrary/Library/VerifyPolicy.py
|
|||
|
|
|
|||
|
|
*** Variables ***
|
|||
|
|
${policyIds} ${EMPTY}
|
|||
|
|
${objectids} ${EMPTY}
|
|||
|
|
*** Test Cases ***
|
|||
|
|
SecurityPolicy-Allow-SIP-00001
|
|||
|
|
[Tags] Allow IP SIP
|
|||
|
|
Comment 创建IP
|
|||
|
|
${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
|
|||
|
|
${addItemLists} Create list ${addItemList1}
|
|||
|
|
${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
|
|||
|
|
${rescode} ${objectId} AddObjects ${1} ${objectDict}
|
|||
|
|
${objectids} set Variable ${objectId}
|
|||
|
|
|
|||
|
|
Comment 创建Deny策略
|
|||
|
|
${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=allow source=${objectId}|TSG_SECURITY_SOURCE_ADDR userRegion={"protocol":"SIP"} isValid=${1} appIdObjects=${SIP_ID}
|
|||
|
|
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
|||
|
|
${policyIds} set Variable ${policyId}[0][policyIds][0]
|
|||
|
|
|
|||
|
|
${starttime} Get Time
|
|||
|
|
#功能端验证
|
|||
|
|
Sleep ${policyVerificationSleepSeconds}s
|
|||
|
|
|
|||
|
|
Comment 策略验证
|
|||
|
|
#新增策略验证
|
|||
|
|
#创建attributes中的字典
|
|||
|
|
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "120"}
|
|||
|
|
${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip": "${testClentIP}","port": "80","tableName": "TSG_SECURITY_SOURCE_ADDR","addrType": 4,"protocol": "6"}
|
|||
|
|
${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip": "192.168.40.158","port": "80","tableName": "TSG_SECURITY_DESTINATION_ADDR","addrType": 4,"protocol": "6"}
|
|||
|
|
# 合成attributes字典集
|
|||
|
|
${attributes} Create List ${app_id} ${ipsource} ${ipdestination}
|
|||
|
|
${verifySession} Create Dictionary attributes=${attributes}
|
|||
|
|
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
|||
|
|
log ${verifyList}
|
|||
|
|
${rescode} ${resData} VerifyPolicies ${verifyList}
|
|||
|
|
# 打印检查结果
|
|||
|
|
${objectid_verify} Set Variable ${objectids}
|
|||
|
|
${objectid_verify} Catenate SEPARATOR=, ${policyIds}
|
|||
|
|
# # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
|
|||
|
|
log ${objectid_verify}
|
|||
|
|
${testType} Evaluate type($objectid_verify)
|
|||
|
|
${testType} Evaluate type($resData)
|
|||
|
|
log ${resData}
|
|||
|
|
sleep 5
|
|||
|
|
${ok} VerifyProxy ${resData} ${objectid_verify}
|
|||
|
|
Should Be Equal As Strings ${ok} true
|
|||
|
|
|
|||
|
|
# Comment 功能端验证
|
|||
|
|
|
|||
|
|
|
|||
|
|
# Comment 日志验证
|
|||
|
|
# #日志验证
|
|||
|
|
# ${s} Convert to String ${policyIds}
|
|||
|
|
# ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} ftp_account ftpuser
|
|||
|
|
# Should Be Equal As Strings ${returnvalue} true
|
|||
|
|
SecurityPolicy-Allow-FTP-00002
|
|||
|
|
[Tags] Allow IP SIP Originator Description Responder Description
|
|||
|
|
Comment 创建IP
|
|||
|
|
${addItemList1} Create Dictionary isSession=endpoint ip=${testClentIP} port=0-65535 direction=0 protocol=0 isInitialize=0
|
|||
|
|
${addItemLists} Create list ${addItemList1}
|
|||
|
|
${objectDict} Create Dictionary objectType=ip objectSubType=endpoint isValid=${1} addItemList=${addItemLists}
|
|||
|
|
${rescode} ${objectId} AddObjects ${1} ${objectDict}
|
|||
|
|
${objectids} set Variable ${objectId}
|
|||
|
|
|
|||
|
|
|
|||
|
|
Comment 创建Originator Description
|
|||
|
|
${addItemList1} Create Dictionary keywordArray=test1 isHexbin=${0}
|
|||
|
|
${addItemLists} Create list ${addItemList1}
|
|||
|
|
${objectDict1} Create Dictionary objectType=account objectSubType=account isValid=${1} addItemList=${addItemLists}
|
|||
|
|
${rescode} ${objectId1} AddObjects ${1} ${objectDict1}
|
|||
|
|
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId1}
|
|||
|
|
|
|||
|
|
Comment 创建Responder Description
|
|||
|
|
${addItemList1} Create Dictionary keywordArray=test2 isHexbin=${0}
|
|||
|
|
${addItemLists} Create list ${addItemList1}
|
|||
|
|
${objectDict1} Create Dictionary objectType=account objectSubType=account isValid=${1} addItemList=${addItemLists}
|
|||
|
|
${rescode} ${objectId2} AddObjects ${1} ${objectDict1}
|
|||
|
|
${objectids} Catenate SEPARATOR=, ${objectids} ${objectId2}
|
|||
|
|
|
|||
|
|
|
|||
|
|
Comment 创建Deny策略
|
|||
|
|
${policyDict} Create Dictionary policyName=${TEST NAME} policyType=tsg_security action=deny source=${objectId}|TSG_SECURITY_SOURCE_ADDR filterList=${objectId1}|TSG_FIELD_SIP_ORIGINATOR_DESCRIPTION,${objectId2}|TSG_FIELD_SIP_RESPONDER_DESCRIPTION userRegion={"protocol":"SIP"} isValid=${1} appIdObjects=${SIP_ID}
|
|||
|
|
${rescode} ${policyId} AddPolicies 1 ${policyDict} v2
|
|||
|
|
${policyIds} set Variable ${policyId}[0][policyIds][0]
|
|||
|
|
|
|||
|
|
${starttime} Get Time
|
|||
|
|
#功能端验证
|
|||
|
|
Sleep ${policyVerificationSleepSeconds}s
|
|||
|
|
|
|||
|
|
Comment 策略验证
|
|||
|
|
#新增策略验证
|
|||
|
|
#创建attributes中的字典
|
|||
|
|
${originator} Create Dictionary attributeType=string attributeName=originator appId=120 appName=SIP attributeValue={"string": "test1"}
|
|||
|
|
${responder} Create Dictionary attributeType=string attributeName=responder appId=120 appName=SIP attributeValue={"string": "test2"}
|
|||
|
|
${app_id} Create Dictionary attributeType=string attributeName=app_id attributeValue={"string": "104"}
|
|||
|
|
${ipsource} Create Dictionary attributeType=ip attributeName=source attributeValue={"ip": "${testClentIP}","port": "80","tableName": "TSG_SECURITY_SOURCE_ADDR","addrType": 4,"protocol": "6"}
|
|||
|
|
${ipdestination} Create Dictionary attributeType=ip attributeName=destination attributeValue={"ip": "192.168.40.158","port": "80","tableName": "TSG_SECURITY_DESTINATION_ADDR","addrType": 4,"protocol": "6"}
|
|||
|
|
# 合成attributes字典集
|
|||
|
|
${attributes} Create List ${app_id} ${ipsource} ${ipdestination} ${originator} ${responder}
|
|||
|
|
${verifySession} Create Dictionary attributes=${attributes}
|
|||
|
|
${verifyList} Create Dictionary policyType=tsg_security verifySession=${verifySession}
|
|||
|
|
log ${verifyList}
|
|||
|
|
${rescode} ${resData} VerifyPolicies ${verifyList}
|
|||
|
|
# 打印检查结果
|
|||
|
|
${objectid_verify} Set Variable ${objectids}
|
|||
|
|
${objectid_verify} Catenate SEPARATOR=, ${policyIds}
|
|||
|
|
# # 调用关键字 提取应答json获取其中所有的id值,并判断新下发的id值是否在应答json的id中
|
|||
|
|
log ${objectid_verify}
|
|||
|
|
${testType} Evaluate type($objectid_verify)
|
|||
|
|
${testType} Evaluate type($resData)
|
|||
|
|
log ${resData}
|
|||
|
|
sleep 5
|
|||
|
|
${ok} VerifyProxy ${resData} ${objectid_verify}
|
|||
|
|
Should Be Equal As Strings ${ok} true
|
|||
|
|
|
|||
|
|
# Comment 功能端验证
|
|||
|
|
|
|||
|
|
|
|||
|
|
# Comment 日志验证
|
|||
|
|
# #日志验证
|
|||
|
|
# ${s} Convert to String ${policyIds}
|
|||
|
|
# ${returnvalue} GetLogList_new security_event_log ${starttime} ${testClentIP} ${s} ftp_account ftpuser
|
|||
|
|
# Should Be Equal As Strings ${returnvalue} true
|
|||
|
|
|