diff --git a/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_FTP_Tests.robot b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_FTP_Tests.robot new file mode 100644 index 0000000..f1e04c3 --- /dev/null +++ b/01-TestCase/tsg_adc/selfserver/Api_Security/Deny_FTP_Tests.robot @@ -0,0 +1,147 @@ +*** Settings *** +Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} +Force Tags tsg_adc Security_Policy +Library OperatingSystem +Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot +Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot +Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot +Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot +Resource ../../../../03-Variable/AllFlowCaseVariable.txt +Library Custometest + +*** Variables *** +${policyIds} ${EMPTY} +${objectids} ${EMPTY} + +*** Test Cases *** +SecurityPolicy-Deny-Ftp-00001 + [Tags] Selfserver Deny Ftp Account + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=ftp_user + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english + should contain ${FTP} Fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user + +SecurityPolicy-Deny-Ftp-00002 + [Tags] Selfserver Deny Ftp Account + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*user + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english + should contain ${FTP} Fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user + +SecurityPolicy-Deny-Ftp-00003 + [Tags] Selfserver Deny Ftp Account + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$ftp_user + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english + should contain ${FTP} Fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user + +SecurityPolicy-Deny-Ftp-00004 + [Tags] Selfserver Deny Ftp Account + Comment 创建Account + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=ftp_u* + ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Account_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00004 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + ${starttime} Get Time + Sleep ${policyVerificationSleepSeconds}s + ${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english + should contain ${FTP} Fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user + +SecurityPolicy-Deny-Ftp-00005 + [Tags] Selfserver Deny Ftp Url + Comment 创建URL + ${objectDict} Create Dictionary objectType=url isValid=${1} addItemList= + ${rescode} ${object_Url_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Url_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00005 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Url_Id}|TSG_FIELD_FTP_URI isValid=${1} appObjectIdArray=6 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + Sleep ${policyVerificationSleepSeconds}s + ${starttime} Get Time + ${FTP} FTP_down ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 12312313 zmm123.txt + should contain ${FTP} Fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_url ftp://192.168.100.5/test.txt + +SecurityPolicy-Deny-Ftp-00006 + [Tags] Selfserver Deny Ftp Content + Comment 创建Content + ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=ftp_user + ${rescode} ${object_Content_Id} AddObject2 ${1} ${objectDict} + ${objectids} set Variable ${object_Content_Id} + Comment 创建安全策略 + ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"rst"} referenceObject=${object_Content_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 + ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} + #删除策略 + ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} + Comment 功能端验证 + Sleep ${policyVerificationSleepSeconds}s + ${starttime} Get Time + ${FTP} FTP_down ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 123123 zmmtext123.txt + should contain ${FTP} Fail + Sleep ${policyLogVerificationSleepSeconds}s + ${endtime} Get Time + #日志验证 + ${s} Convert to String ${policyId} + GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user