*** Settings ***
Force Tags        tsg_adc_wp    adc_api    security_policy
Library           OperatingSystem
Resource          ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource          ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource          ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource          ../../../02-Keyword/tsg_adc/FileOperation.robot
Resource          ../../../02-Keyword/tsg_adc/FileOperation.robot
Resource          ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot
Resource          ../../../02-Keyword/tsg_bfapi/policy_object/ProcessPolicyBody.robot

*** Test Cases ***
SecurityPolicy-Deny-Dns-00001
    [Tags]    fqdn完整和右匹配,update policy:source ip_geo
    Comment    创建fqdn
    ${addItemList1}    Create Dictionary    keywordArray=$www.facebook.com    isHexbin=${0}
    ${addItemList2}    Create Dictionary    keywordArray=*rutube.ru   isHexbin=${0}
    ${addItemLists}    Create list    ${addItemList1}    ${addItemList2}
    ${objectDict}    Create Dictionary    objectType=fqdn    objectSubType=fqdn       isValid=${1}    addItemList=${addItemLists}    
    ${rescode}    ${objectId}    AddObjects    ${1}    ${objectDict}
    Comment    创建categories
    ${addItemList1}    Create Dictionary    fqdn=$www.facebook.com
    ${addItemList2}    Create Dictionary    fqdn=*rutube.ru
    ${addItemLists}    Create list    ${addItemList1}    ${addItemList2}
    ${objectDict}    Create Dictionary    categoryType=fqdn    categoryName=lianshu    objectSubType=category      isValid=${1}      fqdnList=${addItemLists}    
    ${rescode}    ${categoryObjId}    ${categoryId}    AddCategories    ${1}    ${objectDict}    add    200
    Comment    创建ip geo
    ${addItemList1}    Create Dictionary    keywordArray=XXG地区.*
    ${addItemLists}    Create list    ${addItemList1}
    ${objectDict}    Create Dictionary    objectType=ip     objectSubType=geo_location    isValid=${1}    addItemList=${addItemLists}    
    ${rescode}    ${objectId1}    AddObjects    ${1}    ${objectDict}
    Comment    创建安全策略
    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Deny-Dns-00001    policyType=tsg_security    policyDesc=autotest    action=deny    userRegion={"protocol":"DNS","method":"drop"}    filterList=${objectId}|TSG_FIELD_DNS_QNAME,${categoryObjId}|TSG_FIELD_DNS_QNAME    isValid=${1}    appIdObjects=${DNS_ID}
    log    ${policyDict}
    ${rescode}    ${policyId}    AddPolicies    1    ${policyDict}    v2
    ${policyId}    Get-Pids    ${policyId}
    ${policyId}    Set Variable    ${policyId}[0]
    insert_policyId_to_file1    deny_dns_objectId    ${objectId}
    insert_policyId_to_file1    deny_dns_objectId4    ${objectId1}
    insert_policyId_to_file1    deny_dns_policyId    ${policyId}
    insert_policyId_to_file1    deny_dns_categoryId    ${categoryId}
    
SecurityPolicy-Deny-Dns-00002
    [Tags]    cat右和完整匹配
    Comment    创建fqdn
    ${addItemList1}    Create Dictionary    keywordArray=*arctictrucks.ru    isHexbin=${0}
    ${addItemList2}    Create Dictionary    keywordArray=*wifika.ru   isHexbin=${0}
    ${addItemLists}    Create list    ${addItemList1}    ${addItemList2}
    ${objectDict}    Create Dictionary    objectType=fqdn    objectSubType=fqdn       isValid=${1}    addItemList=${addItemLists}    
    ${rescode}    ${objectId}    AddObjects    ${1}    ${objectDict}
    Comment    创建安全策略
    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Deny-Dns-00002    policyType=tsg_security    policyDesc=autotest    action=deny    userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"A","answer":[{"atype":"CNAME","value":"www.jd.com","ttl":{"min":500,"max":500}},{"atype":"A","value":"192.168.41.186","ttl":{"min":300,"max":300}}]}]}    filterList=${objectId}|TSG_FIELD_DNS_QNAME    isValid=${1}    appIdObjects=${DNS_ID}
    log    ${policyDict}
    ${rescode}    ${policyId}    AddPolicies    1    ${policyDict}    v2
    ${policyId}    Get-Pids    ${policyId}
    ${policyId}    Set Variable    ${policyId}[0]
    insert_policyId_to_file1    deny_dns_objectId1    ${objectId}
    insert_policyId_to_file1    deny_dns_policyId1    ${policyId}

SecurityPolicy-Deny-Dns-00003
    [Tags]    cat
    ${iniCatId}    GetIniCategoryId    filehosting
    Comment    创建fqdn1
    ${addItemList1}    Create Dictionary    keywordArray=*aec188.com    isHexbin=${0}
    ${addItemLists}    Create list    ${addItemList1}
    ${objectDict}    Create Dictionary    objectType=fqdn    objectSubType=fqdn       isValid=${1}    addItemList=${addItemLists}    
    ${rescode}    ${objectId}    AddObjects    ${1}    ${objectDict}
    Comment    创建安全策略
    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Deny-Dns-00003    policyType=tsg_security    policyDesc=autotest    action=deny    userRegion={"protocol":"DNS","method":"redirect","resolution":[{"qtype":"AAAA","answer":[{"atype":"AAAA","value":"fc00::2:11","ttl":{"min":400,"max":400}},{"atype":"CNAME","value":"www.taobao.com","ttl":{"min":600,"max":600}}]}]}    filterList=${iniCatId}|TSG_FIELD_DNS_QNAME,${objectId}|TSG_FIELD_DNS_QNAME    isValid=${1}    appIdObjects=${DNS_ID}
    log    ${policyDict}
    ${rescode}    ${policyId}    AddPolicies    1    ${policyDict}    v2
    ${policyId}    Get-Pids    ${policyId}
    ${policyId}    Set Variable    ${policyId}[0]
    insert_policyId_to_file1    deny_dns_objectId2    ${objectId}
    insert_policyId_to_file1    deny_dns_policyId2    ${policyId}

SecurityPolicy-Deny-Dns-00004
    [Tags]    fqdn右匹配      destination:iplearning    update fqdn
    Comment    创建fqdn1
    ${addItemList1}    Create Dictionary    keywordArray=*twitch.tv   isHexbin=${0}
    ${addItemLists}    Create list    ${addItemList1}
    ${objectDict}    Create Dictionary    objectType=fqdn    objectSubType=fqdn       isValid=${1}    addItemList=${addItemLists}    
    ${rescode}    ${objectId}    AddObjects    ${1}    ${objectDict}
    Comment    创建fqdn2
    ${addItemList1}    Create Dictionary    keywordArray=$www.twitch.tv   isHexbin=${0}
    ${addItemLists}    Create list    ${addItemList1}
    ${objectDict}    Create Dictionary    objectType=fqdn    objectSubType=fqdn       isValid=${1}    addItemList=${addItemLists}    
    ${rescode}    ${objectId1}    AddObjects    ${1}    ${objectDict}
    Comment    创建安全策略
    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Deny-Dns-00004     policyType=tsg_security    policyDesc=autotest    action=deny    userRegion={"protocol":"DNS","method":"redirect","resolution":[{"answer":[{"atype":"AAAA","value":"fc00::2:22","ttl":{"min":400,"max":400}},{"atype":"CNAME","value":"www.facebook.com","ttl":{"min":400,"max":400}}],"qtype":"AAAA"},{"qtype":"A","answer":[{"atype":"CNAME","value":"www.ok.ru","ttl":{"min":400,"max":400}},{"atype":"A","value":"192.168.40.110","ttl":{"min":400,"max":400}}]}]}    filterList=${objectId}|TSG_FIELD_DNS_QNAME    isValid=${1}    appIdObjects=${DNS_ID}
    log    ${policyDict}
    ${rescode}    ${policyId}    AddPolicies    1    ${policyDict}    v2
    ${policyId}    Get-Pids    ${policyId}
    ${policyId}    Set Variable    ${policyId}[0]
    insert_policyId_to_file1    deny_dns_objectId3    ${objectId}
    insert_policyId_to_file1    deny_dns_objectId5    ${objectId1}
    insert_policyId_to_file1    deny_dns_policyId3    ${policyId}
    
SecurityPolicy-Deny-Dns-00005
    [Tags]    the minimum match
    Comment    创建安全策略
    ${policyDict}    Create Dictionary    policyName=SecurityPolicy-Deny-Dns-00005    policyType=tsg_security    policyDesc=autotest    action=deny    userRegion={"protocol":"DNS","method":"drop"}       isValid=${0}    appIdObjects=${DNS_ID}
    log    ${policyDict}
    ${rescode}    ${policyId}    AddPolicies    1    ${policyDict}    v2
    ${policyId}    Get-Pids    ${policyId}
    ${policyId}    Set Variable    ${policyId}[0]
    insert_policyId_to_file1    deny_dns_policyId4    ${policyId}