*** Settings *** Test Teardown DeletePolicyAndObject ${policyIds} ${objectids} Force Tags tsg_adc Security_Policy Library OperatingSystem Resource ../../../../02-Keyword/tsg_adc/SystemCommand.robot Resource ../../../../02-Keyword/tsg_bfapi/PolicyObject.robot Resource ../../../../02-Keyword/tsg_bfapi/LogVariable.robot Resource ../../../../02-Keyword/tsg_bfapi/ApiRequest.robot Library Custometest *** Variables *** ${policyIds} ${EMPTY} ${objectids} ${EMPTY} *** Test Cases *** SecurityPolicy-Deny-Ftp-00001 [Tags] Selfserver Deny Ftp Account子串匹配 Comment 创建Account ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=ftp_user ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00001 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english should contain ${FTP} ftp_fail Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user SecurityPolicy-Deny-Ftp-00002 [Tags] Selfserver Deny Ftp Account右匹配 Comment 创建Account ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=*user ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00002 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english should contain ${FTP} ftp_fail Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user SecurityPolicy-Deny-Ftp-00003 [Tags] Selfserver Deny Ftp Account完整匹配 Comment 创建Account ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=$ftp_user ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00003 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english should contain ${FTP} ftp_fail Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user SecurityPolicy-Deny-Ftp-00004 [Tags] Selfserver Deny Ftp Account左匹配 Comment 创建Account ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=ftp_u* ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00004 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${FTP} FTP_login ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" english should contain ${FTP} ftp_fail Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user SecurityPolicy-Deny-Ftp-00005 [Tags] Selfserver Deny Ftp Account子串匹配 Comment 创建Account ${objectDict} Create Dictionary objectType=account isValid=${1} addItemList=ftp_user ${rescode} ${object_Account_Id} AddObject2 ${1} ${objectDict} ${objectids} set Variable ${object_Account_Id} Comment 创建安全策略 ${policyDict} Create Dictionary policyName=SecurityPolicy-Deny-FTP-00005 policyType=tsg_security policyDesc=autotest userTags= action=deny effectiveRange= userRegion={"protocol":"FTP","method":"drop"} referenceObject=${object_Account_Id}|TSG_FIELD_FTP_ACCOUNT isValid=${1} appObjectIdArray=6 ${rescode} ${policyId} AddPolicy2 ${1} ${policyDict} #删除策略 ${policyIds} Create List {"policyType":"tsg_security","policyIds":[${policyId}]} Comment 功能端验证 ${starttime} Get Time Sleep ${policyVerificationSleepSeconds}s ${FTP} FTP_down ftp://192.168.100.5/test.txt -u"ftp_user:qazXSW@edc" 435814 zmmtext123.txt should contain ${FTP} ftp_fail Sleep ${policyLogVerificationSleepSeconds}s ${endtime} Get Time #日志验证 ${s} Convert to String ${policyId} GetLogList security_event_log ${starttime} ${endtime} ${testClentIP} ${s} ftp_account ftp_user