*** Settings ***
Force Tags        tsg_adc_wp    security_policy    adc_verify
Library           OperatingSystem
Resource          ../../../02-Keyword/tsg_adc/SystemCommand.robot
Resource          ../../../02-Keyword/tsg_bfapi/PolicyObject.robot
Resource          ../../../02-Keyword/tsg_bfapi/LogVariable.robot
Resource          ../../../02-Keyword/tsg_adc/FileOperation.robot
Resource          ../../../02-Keyword/tsg_bfapi/policy_object/Policy.robot
Resource          ../../../03-Variable/ApplicationID.txt
Resource          ../../../05-Other/AllFlowCaseVariable.txt

*** Test Cases ***
SecurityPolicy-Deny-Ssl-00001
    Comment    功能端验证HTTP验证
    ${commandstr}    run keyword if    '${systemType}'=='Windows'    set variable    ${curlbatpath}/command/SecurityPolicy_Deny_SSL_00001.bat
    ...    ELSE    set variable    curl https://www.freestockimages.ru/
    ${stringlist}    run keyword if    '${systemType}'=='Windows'    Create List    Connection was reset
    ...    ELSE    Create List    Connection reset by peer
    ${rescode}    SystemCommands    ${commandstr}    ${stringlist}
    Comment    功能端验证HTTP验证
    ${commandstr}    run keyword if    '${systemType}'=='Windows'    set variable    ${curlbatpath}/command/SecurityPolicy_Deny_SSL_00001_1.bat
    ...    ELSE    set variable    curl \ \ \ https://www.cxwl.com/
    ${stringlist}    run keyword if    '${systemType}'=='Windows'    Create List    Connection was reset
    ...    ELSE    Create List    Connection reset by peer
    ${rescode}    SystemCommands    ${commandstr}    ${stringlist}
    Comment    改变阻断策略
    ${policyDict}    Create Dictionary    policyId=${deny_ssl_policyId}    source=${deny_ssl_objectId5}|TSG_SECURITY_SOURCE_LOCATION     policyName=SecurityPolicy-Deny-Ssl-00001_1    policyType=tsg_security    policyDesc=autotest    action=deny    userRegion={"protocol":"SSL","method":"rst"}    filterList=${deny_ssl_objectId4}|TSG_FIELD_SSL_SNI    isValid=${1}    appIdObjects=${SSL_ID}
    log    ${policyDict}
    ${rescode}    UpdatePolicies    1    ${policyDict}    v2    update
    Comment    功能端验证HTTP验证
    ${commandstr}    run keyword if    '${systemType}'=='Windows'    set variable    ${curlbatpath}/command/SecurityPolicy_Deny_SSL_00001_1.bat
    ...    ELSE    set variable    curl \ \ \ https://www.cxwl.com/
    ${stringlist}    run keyword if    '${systemType}'=='Windows'    Create List    Connection was reset
    ...    ELSE    Create List    Connection reset by peer
    ${rescode}    SystemCommands    ${commandstr}    ${stringlist}
    
SecurityPolicy-Deny-Ssl-00002
    Comment    功能端验证HTTP验证
    ${commandstr}    run keyword if    '${systemType}'=='Windows'    set variable    ${curlbatpath}/command/SecurityPolicy_Deny_SSL_00002.bat
    ...    ELSE    set variable    curl https://amesweb.info/
    ${stringlist}    run keyword if    '${systemType}'=='Windows'    Create List    Connection was reset
    ...    ELSE    Create List    Connection reset by peer
    ${rescode}    SystemCommands    ${commandstr}    ${stringlist}
    Comment    功能端验证HTTP验证
    ${commandstr}    run keyword if    '${systemType}'=='Windows'    set variable    ${curlbatpath}/command/SecurityPolicy_Deny_SSL_00002_2.bat
    ...    ELSE    set variable    curl https://rentar.com/
    ${stringlist}    run keyword if    '${systemType}'=='Windows'    Create List    Connection was reset
    ...    ELSE    Create List    Connection reset by peer
    ${rescode}    SystemCommands    ${commandstr}    ${stringlist}

SecurityPolicy-Deny-Ssl-00003
    # Comment    功能端验证HTTP验证
    ${commandstr}    run keyword if    '${systemType}'=='Windows'    set variable    ${curlbatpath}/command/SecurityPolicy_Deny_SSL_00003.bat
    ...    ELSE    set variable    curl  --connect-timeout 5 -m 10 -kv --referer 'http://www.baidu.com/' \ https://austinama.org/ 
    ${stringlist}    run keyword if    '${systemType}'=='Windows'    Create List    timed out 
    ...    ELSE    Create List    timed out
    ${rescode}    SystemCommands    ${commandstr}    ${stringlist}
    Comment    功能端验证HTTP验证
    ${commandstr}    run keyword if    '${systemType}'=='Windows'    set variable    ${curlbatpath}/command/SecurityPolicy_Deny_SSL_00003_3.bat
    ...    ELSE    set variable    curl  --connect-timeout 5 -m 10 -kv --referer 'http://www.baidu.com/' \ https://www.carambola.com/ 
    ${stringlist}    run keyword if    '${systemType}'=='Windows'    Create List    timed out
    ...    ELSE    Create List    timed out
    ${rescode}    SystemCommands    ${commandstr}    ${stringlist}

SecurityPolicy-Deny-Ssl-00004
    Comment    功能端验证HTTP验证
    ${commandstr}    run keyword if    '${systemType}'=='Windows'    set variable    ${curlbatpath}/command/SecurityPolicy_Deny_SSL_00004.bat
    ...    ELSE    set variable    curl https://www.prlib.ru/
    ${stringlist}    run keyword if    '${systemType}'=='Windows'    Create List    timed out
    ...    ELSE    Create List    timed out
    ${rescode}    SystemCommands    ${commandstr}    ${stringlist}
    Comment    改变阻断策略
    ${policyDict}    Create Dictionary    policyId=${deny_ssl_policyId3}   policyName=SecurityPolicy-Deny-Ssl-00004    policyType=tsg_security    policyDesc=autotest    action=deny    userRegion={"protocol":"SSL","method":"drop"}    filterList=${deny_ssl_objectId6}|TSG_FIELD_SSL_SAN,${deny_ssl_objectId6}|TSG_FIELD_SSL_SNI,${deny_ssl_objectId6}|TSG_FIELD_SSL_CN    isValid=${1}    appIdObjects=${SSL_ID}
    log    ${policyDict}
    ${rescode}    UpdatePolicies    1    ${policyDict}    v2    update
    Comment    功能端验证HTTP验证
    ${commandstr}    run keyword if    '${systemType}'=='Windows'    set variable    ${curlbatpath}/command/SecurityPolicy_Deny_SSL_00004.bat
    ...    ELSE    set variable    curl https://www.prlib.ru/
    ${stringlist}    run keyword if    '${systemType}'=='Windows'    Create List    timed out
    ...    ELSE    Create List    timed out
    ${rescode}    SystemCommands    ${commandstr}    ${stringlist}
SecurityPolicy-Deny-Ssl-00005
    Comment    功能端验证HTTP验证
    ${commandstr}    run keyword if    '${systemType}'=='Windows'    set variable    ${curlbatpath}/command/SecurityPolicy_Deny_SSL_00005.bat
    ...    ELSE    set variable    curl  --connect-timeout 5 -m 10 -kv --referer 'http://www.baidu.com/' \ https://www.leisu.com/
    ${stringlist}    run keyword if    '${systemType}'=='Windows'    Create List    timed out
    ...    ELSE    Create List    timed out
    ${rescode}    SystemCommands    ${commandstr}    ${stringlist}
    Comment    改变阻断策略
    ${policyDict}    Create Dictionary    policyId=${deny_ssl_policyId4}    policyName=SecurityPolicy-Deny-Ssl-00005-1    destination=3309|TSG_SECURITY_DESTINATION_ADDR     policyType=tsg_security    policyDesc=autotest    action=deny    userRegion={"protocol":"SSL","method":"drop"}    filterList=${deny_ssl_objectId7}|TSG_FIELD_SSL_SAN,${deny_ssl_objectId7}|TSG_FIELD_SSL_SNI,${deny_ssl_objectId7}|TSG_FIELD_SSL_CN    isValid=${1}    appIdObjects=${SSL_ID}
    log    ${policyDict}
    ${rescode}    UpdatePolicies    1    ${policyDict}    v2    update
    Comment    功能端验证HTTP验证
    ${commandstr}    run keyword if    '${systemType}'=='Windows'    set variable    ${curlbatpath}/command/SecurityPolicy_Deny_SSL_00005.bat
    ...    ELSE    set variable    curl  --connect-timeout 5 -m 10 -kv --referer 'http://www.baidu.com/' \ https://www.leisu.com/
    ${stringlist}    run keyword if    '${systemType}'=='Windows'    Create List    timed out
    ...    ELSE    Create List    timed out
    ${rescode}    SystemCommands    ${commandstr}    ${stringlist}
    
SecurityPolicy-Deny-Ssl-00006
    Comment