dongxiaoyan-tsg-autotest/01-TestCase/tsg_adc/multi_step/a_Deny_Dns_Tests.robot

*** Settings ***
Force Tags        tsg_adc_wp    adc_api    security_policy
Library           OperatingSystem
Resource          ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource          ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource          ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource          ../../../02-Keyword/tsg_adc/FileOperation.robot
Resource          ../../../02-Keyword/tsg_adc/FileOperation.robot
Resource          ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot
Resource          ../../../03-Variable/ApplicationID.txt
Resource          ../../../02-Keyword/tsg_bfapi/policy_object/ProcessPolicyBody.robot

*** Test Cases ***
SecurityPolicy-Deny-Dns-00001
    [Tags]    fqdn完整和右匹配,update policy:source ip_geo
    Comment    创建fqdn
    ${objectDict}    Create Dictionary    objectType=fqdn    isValid=${1}    addItemList=$www.facebook.com,*rutube.ru
    ${rescode}    ${objectId}    AddObject2    ${1}    ${objectDict}
    Comment    创建ip geo
    ${addItemList1}    Create Dictionary    keywordArray=XXG地区.*
    ${addItemLists}    Create list    ${addItemList1}
    ${objectDict}    Create Dictionary    objectType=ip     objectSubType=geo_location    isValid=${1}    addItemList=${addItemLists}    
    ${rescode}    ${objectId1}    AddObjects    ${1}    ${objectDict}
    Comment    创建安全策略
    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Deny-Dns-00001    policyType=tsg_security    policyDesc=autotest    action=deny    userRegion={"protocol":"DNS","method":"drop"}    filterList=${objectId}|TSG_FIELD_DNS_QNAME    isValid=${1}    appIdObjects=${DNS_ID}
    log    ${policyDict}
    ${rescode}    ${policyId}    AddPolicies    1    ${policyDict}    v2
    ${policyId}    Get-Pids    ${policyId}
    ${policyId}    Set Variable    ${policyId}[0]
    #${policyId}    Evaluate    ${policyId}.replace('[]','')
    insert_policyId_to_file1    deny_dns_objectId    ${objectId}
    insert_policyId_to_file1    deny_dns_objectId4    ${objectId1}
    insert_policyId_to_file1    deny_dns_policyId    ${policyId}

SecurityPolicy-Deny-Dns-00002
    [Tags]    cat右和完整匹配
    # Comment    创建cat
    # ${objectDict}    Create Dictionary    objectType=fqdn    isValid=${1}    addItemList=*yhd.com,$www.vk.com
    # ${rescode}    ${objectId}    AddObject2    ${1}    ${objectDict}
    Comment    创建安全策略
    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Deny-Dns-00002    policyType=tsg_security    policyDesc=autotest    action=deny    userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"A","answer":[{"atype":"CNAME","value":"www.jd.com","ttl":{"min":500,"max":500}},{"atype":"A","value":"192.168.41.186","ttl":{"min":300,"max":300}}]}]}    filterList=103|TSG_FIELD_DNS_QNAME    isValid=${1}    appIdObjects=${DNS_ID}
    log    ${policyDict}
    ${rescode}    ${policyId}    AddPolicies    1    ${policyDict}    v2
    ${policyId}    Get-Pids    ${policyId}
    ${policyId}    Set Variable    ${policyId}[0]
    #insert_policyId_to_file1    deny_dns_objectId1    ${objectId}
    insert_policyId_to_file1    deny_dns_policyId1    ${policyId}

SecurityPolicy-Deny-Dns-00003
    [Tags]    cat
    ${objectDict}    Create Dictionary    objectType=fqdn    isValid=${1}    addItemList=*aec188.com
    ${rescode}    ${objectId}    AddObject2    ${1}    ${objectDict}
    ${objectDict}    Create Dictionary    objectType=fqdn    isValid=${1}    addItemList=*huitu.com
    ${rescode}    ${objectId1}    AddObject2    ${1}    ${objectDict}
    Comment    创建安全策略
    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Deny-Dns-00003    policyType=tsg_security    policyDesc=autotest    action=deny    userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"AAAA","answer":[{"atype":"AAAA","value":"fc00::2:11","ttl":{"min":400,"max":400}},{"atype":"CNAME","value":"www.taobao.com","ttl":{"min":600,"max":600}}]}]}    filterList=129|TSG_FIELD_DNS_QNAME    isValid=${1}    appIdObjects=${DNS_ID}
    log    ${policyDict}
    ${rescode}    ${policyId}    AddPolicies    1    ${policyDict}    v2
    ${policyId}    Get-Pids    ${policyId}
    ${policyId}    Set Variable    ${policyId}[0]
    insert_policyId_to_file1    deny_dns_objectId2    ${objectId}
    insert_policyId_to_file1    deny_dns_objectId6    ${objectId1}
    insert_policyId_to_file1    deny_dns_policyId2    ${policyId}

SecurityPolicy-Deny-Dns-00004
    [Tags]    fqdn右匹配      destination:iplearning    update fqdn
    Comment    创建fqdn
    ${objectDict}    Create Dictionary    objectType=fqdn    isValid=${1}    addItemList=*twitch.tv
    ${rescode}    ${objectId}    AddObject2    ${1}    ${objectDict}
    Comment    创建fqdn2
    ${objectDict}    Create Dictionary    objectType=fqdn    isValid=${1}    addItemList=$www.twitch.tv
    ${rescode}    ${objectId1}    AddObject2    ${1}    ${objectDict}
    Comment    创建安全策略
    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Deny-Dns-00004   destination=164745|TSG_SECURITY_DESTINATION_ADDR    policyType=tsg_security    policyDesc=autotest    action=deny    userRegion={"protocol":"DNS","method":"redirect","resolution":[{"answer":[{"atype":"AAAA","value":"fc00::2:22","ttl":{"min":400,"max":400}},{"atype":"CNAME","value":"www.facebook.com","ttl":{"min":400,"max":400}}],"qtype":"AAAA"},{"qtype":"A","answer":[{"atype":"CNAME","value":"www.ok.ru","ttl":{"min":400,"max":400}},{"atype":"A","value":"192.168.40.110","ttl":{"min":400,"max":400}}]}]}    filterList=${objectId}|TSG_FIELD_DNS_QNAME    isValid=${1}    appIdObjects=${DNS_ID}
    log    ${policyDict}
    ${rescode}    ${policyId}    AddPolicies    1    ${policyDict}    v2
    ${policyId}    Get-Pids    ${policyId}
    ${policyId}    Set Variable    ${policyId}[0]
    insert_policyId_to_file1    deny_dns_objectId3    ${objectId}
    insert_policyId_to_file1    deny_dns_objectId5    ${objectId1}
    insert_policyId_to_file1    deny_dns_policyId3    ${policyId}
分离dns策略文件 2020-06-23 21:01:22 +08:00			`* Settings *`
			`Force Tags tsg_adc_wp adc_api security_policy`
			`Library OperatingSystem`
			`Resource ../../../02-Keyword/tsg_adc/SystemCommand.robot`
			`Resource ../../../02-Keyword/tsg_bfapi/PolicyObject.robot`
			`Resource ../../../02-Keyword/tsg_bfapi/LogVariable.robot`
			`Resource ../../../02-Keyword/tsg_adc/FileOperation.robot`
			`Resource ../../../02-Keyword/tsg_adc/FileOperation.robot`
更换新增关键字，使用v2版接口 2020-07-01 11:24:00 +08:00			`Resource ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot`
1、把applicationid提取到配置文件； 2、分步骤部分已经完成引用配置文件，适应20.09版的新内容； 2020-09-07 19:23:55 +08:00			`Resource ../../../03-Variable/ApplicationID.txt`
安全策略deny dns用例补充：ip learning ,ip geo update policy 2021-01-27 18:18:15 +08:00			`Resource ../../../02-Keyword/tsg_bfapi/policy_object/ProcessPolicyBody.robot`
分离dns策略文件 2020-06-23 21:01:22 +08:00
			`* Test Cases *`
			`SecurityPolicy-Deny-Dns-00001`
安全策略Deny_SSL 补充:ip geo,ip learning,改变策略中SAN,SNI,CN用例 2021-01-29 13:50:43 +08:00			`[Tags] fqdn完整和右匹配,update policy:source ip_geo`
分离dns策略文件 2020-06-23 21:01:22 +08:00			`Comment 创建fqdn`
修改部分错误用例 2020-07-06 10:29:21 +08:00			`${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.facebook.com,*rutube.ru`
分离dns策略文件 2020-06-23 21:01:22 +08:00			`${rescode} ${objectId} AddObject2 ${1} ${objectDict}`
安全策略deny dns用例补充：ip learning ,ip geo update policy 2021-01-27 18:18:15 +08:00			`Comment 创建ip geo`
			`${addItemList1} Create Dictionary keywordArray=XXG地区.*`
			`${addItemLists} Create list ${addItemList1}`
			`${objectDict} Create Dictionary objectType=ip objectSubType=geo_location isValid=${1} addItemList=${addItemLists}`
			`${rescode} ${objectId1} AddObjects ${1} ${objectDict}`
分离dns策略文件 2020-06-23 21:01:22 +08:00			`Comment 创建安全策略`
1、把applicationid提取到配置文件； 2、分步骤部分已经完成引用配置文件，适应20.09版的新内容； 2020-09-07 19:23:55 +08:00			`${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Dns-00001 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"drop"} filterList=${objectId}\|TSG_FIELD_DNS_QNAME isValid=${1} appIdObjects=${DNS_ID}`
分离dns策略文件 2020-06-23 21:01:22 +08:00			`log ${policyDict}`
更换新增关键字，使用v2版接口 2020-07-01 11:24:00 +08:00			`${rescode} ${policyId} AddPolicies 1 ${policyDict} v2`
安全策略deny dns用例补充：ip learning ,ip geo update policy 2021-01-27 18:18:15 +08:00			`${policyId} Get-Pids ${policyId}`
			`${policyId} Set Variable ${policyId}[0]`
			`#${policyId} Evaluate ${policyId}.replace('[]','')`
分离dns策略文件 2020-06-23 21:01:22 +08:00			`insert_policyId_to_file1 deny_dns_objectId ${objectId}`
安全策略deny dns用例补充：ip learning ,ip geo update policy 2021-01-27 18:18:15 +08:00			`insert_policyId_to_file1 deny_dns_objectId4 ${objectId1}`
分离dns策略文件 2020-06-23 21:01:22 +08:00			`insert_policyId_to_file1 deny_dns_policyId ${policyId}`

			`SecurityPolicy-Deny-Dns-00002`
TSG-2827修改时间，通过效率，修改标签，用例描述更加准确 2020-08-10 19:07:01 +08:00			`[Tags] cat右和完整匹配`
解决部分因策略相互影响导致的策略不生效问题 2021-02-08 18:33:51 +08:00			`# Comment 创建cat`
			`# ${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*yhd.com,$www.vk.com`
安全策略deny dns用例补充：ip learning ,ip geo update policy 2021-01-27 18:18:15 +08:00			`# ${rescode} ${objectId} AddObject2 ${1} ${objectDict}`
分离dns策略文件 2020-06-23 21:01:22 +08:00			`Comment 创建安全策略`
安全策略deny dns用例补充：ip learning ,ip geo update policy 2021-01-27 18:18:15 +08:00			`${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Dns-00002 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"A","answer":[{"atype":"CNAME","value":"www.jd.com","ttl":{"min":500,"max":500}},{"atype":"A","value":"192.168.41.186","ttl":{"min":300,"max":300}}]}]} filterList=103\|TSG_FIELD_DNS_QNAME isValid=${1} appIdObjects=${DNS_ID}`
分离dns策略文件 2020-06-23 21:01:22 +08:00			`log ${policyDict}`
更换新增关键字，使用v2版接口 2020-07-01 11:24:00 +08:00			`${rescode} ${policyId} AddPolicies 1 ${policyDict} v2`
安全策略deny dns用例补充：ip learning ,ip geo update policy 2021-01-27 18:18:15 +08:00			`${policyId} Get-Pids ${policyId}`
			`${policyId} Set Variable ${policyId}[0]`
			`#insert_policyId_to_file1 deny_dns_objectId1 ${objectId}`
分离dns策略文件 2020-06-23 21:01:22 +08:00			`insert_policyId_to_file1 deny_dns_policyId1 ${policyId}`

			`SecurityPolicy-Deny-Dns-00003`
安全策略deny dns用例补充：ip learning ,ip geo update policy 2021-01-27 18:18:15 +08:00			`[Tags] cat`
解决部分因策略相互影响导致的策略不生效问题 2021-02-08 18:33:51 +08:00			`${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*aec188.com`
			`${rescode} ${objectId} AddObject2 ${1} ${objectDict}`
			`${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*huitu.com`
			`${rescode} ${objectId1} AddObject2 ${1} ${objectDict}`
分离dns策略文件 2020-06-23 21:01:22 +08:00			`Comment 创建安全策略`
安全策略deny dns用例补充：ip learning ,ip geo update policy 2021-01-27 18:18:15 +08:00			`${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Dns-00003 policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"AAAA","answer":[{"atype":"AAAA","value":"fc00::2:11","ttl":{"min":400,"max":400}},{"atype":"CNAME","value":"www.taobao.com","ttl":{"min":600,"max":600}}]}]} filterList=129\|TSG_FIELD_DNS_QNAME isValid=${1} appIdObjects=${DNS_ID}`
分离dns策略文件 2020-06-23 21:01:22 +08:00			`log ${policyDict}`
更换新增关键字，使用v2版接口 2020-07-01 11:24:00 +08:00			`${rescode} ${policyId} AddPolicies 1 ${policyDict} v2`
安全策略deny dns用例补充：ip learning ,ip geo update policy 2021-01-27 18:18:15 +08:00			`${policyId} Get-Pids ${policyId}`
			`${policyId} Set Variable ${policyId}[0]`
解决部分因策略相互影响导致的策略不生效问题 2021-02-08 18:33:51 +08:00			`insert_policyId_to_file1 deny_dns_objectId2 ${objectId}`
			`insert_policyId_to_file1 deny_dns_objectId6 ${objectId1}`
分离dns策略文件 2020-06-23 21:01:22 +08:00			`insert_policyId_to_file1 deny_dns_policyId2 ${policyId}`

			`SecurityPolicy-Deny-Dns-00004`
安全策略deny dns用例补充：ip learning ,ip geo update policy 2021-01-27 18:18:15 +08:00			`[Tags] fqdn右匹配 destination:iplearning update fqdn`
分离dns策略文件 2020-06-23 21:01:22 +08:00			`Comment 创建fqdn`
修改部分错误用例 2020-07-06 10:29:21 +08:00			`${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=*twitch.tv`
分离dns策略文件 2020-06-23 21:01:22 +08:00			`${rescode} ${objectId} AddObject2 ${1} ${objectDict}`
安全策略deny dns用例补充：ip learning ,ip geo update policy 2021-01-27 18:18:15 +08:00			`Comment 创建fqdn2`
			`${objectDict} Create Dictionary objectType=fqdn isValid=${1} addItemList=$www.twitch.tv`
			`${rescode} ${objectId1} AddObject2 ${1} ${objectDict}`
分离dns策略文件 2020-06-23 21:01:22 +08:00			`Comment 创建安全策略`
安全策略deny dns用例补充：ip learning ,ip geo update policy 2021-01-27 18:18:15 +08:00			${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-Dns-00004 destination=164745\|TSG_SECURITY_DESTINATION_ADDR policyType=tsg_security policyDesc=autotest action=deny userRegion={"protocol":"DNS","method":"redirect","resolution":[{"answer":[{"atype":"AAAA","value":"fc00::2:22","ttl":{"min":400,"max":400}},{"atype":"CNAME","value":"www.facebook.com","ttl":{"min":400,"max":400}}],"qtype":"AAAA"},{"qtype":"A","answer":[{"atype":"CNAME","value":"www.ok.ru","ttl":{"min":400,"max":400}},{"atype":"A","value":"192.168.40.110","ttl":{"min":400,"max":400}}]}]} filterList=${objectId}\|TSG_FIELD_DNS_QNAME isValid=${1} appIdObjects=${DNS_ID}
分离dns策略文件 2020-06-23 21:01:22 +08:00			`log ${policyDict}`
更换新增关键字，使用v2版接口 2020-07-01 11:24:00 +08:00			`${rescode} ${policyId} AddPolicies 1 ${policyDict} v2`
安全策略deny dns用例补充：ip learning ,ip geo update policy 2021-01-27 18:18:15 +08:00			`${policyId} Get-Pids ${policyId}`
			`${policyId} Set Variable ${policyId}[0]`
分离dns策略文件 2020-06-23 21:01:22 +08:00			`insert_policyId_to_file1 deny_dns_objectId3 ${objectId}`
安全策略deny dns用例补充：ip learning ,ip geo update policy 2021-01-27 18:18:15 +08:00			`insert_policyId_to_file1 deny_dns_objectId5 ${objectId1}`
分离dns策略文件 2020-06-23 21:01:22 +08:00			`insert_policyId_to_file1 deny_dns_policyId3 ${policyId}`