def testPrint(self):
"""Tests the Print function."""
output_writer = cli_test_lib.TestBinaryOutputWriter(encoding='utf-8')
test_filter = file_entry_filters.DateTimeFileEntryFilter()
test_filter.AddDateTimeRange('ctime',
end_time_string='2012-05-25 15:59:25',
start_time_string='2012-05-25 15:59:20')
test_filter.AddDateTimeRange('atime',
end_time_string='2012-05-25 15:59:25')
test_filter.AddDateTimeRange('mtime',
start_time_string='2012-05-25 15:59:20')
test_filter.Print(output_writer)
expected_output = [(b'\tctime between 2012-05-25 15:59:20.000000 and '
b'2012-05-25 15:59:25.000000'),
b'\tatime after 2012-05-25 15:59:25.000000',
b'\tmtime before 2012-05-25 15:59:20.000000', b'']
output = output_writer.ReadOutput()
# Compare the output as list of lines which makes it easier to spot
# differences.
self.assertEqual(output.split(b'\n'), expected_output)
def testAddDateTimeRange(self):
"""Tests the AddDateTimeRange function."""
test_filter = file_entry_filters.DateTimeFileEntryFilter()
test_filter.AddDateTimeRange('ctime',
end_time_string='2012-05-25 15:59:25',
start_time_string='2012-05-25 15:59:20')
with self.assertRaises(ValueError):
test_filter.AddDateTimeRange(None)
# Testing adding a badly formatter filter.
with self.assertRaises(ValueError):
test_filter.AddDateTimeRange(
'foobar', start_time_string='2012-02-01 01:01:01')
with self.assertRaises(ValueError):
test_filter.AddDateTimeRange(
'ctime',
end_time_string='2012-05-25 15:59:20',
start_time_string='2012-05-25 15:59:25')
# Testing adding a badly formatter filter, no date set.
with self.assertRaises(ValueError):
test_filter.AddDateTimeRange('atime')
def ParseOptions(cls, options, configuration_object):
"""Parses and validates options.
Args:
options (argparse.Namespace): parser options.
configuration_object (CLITool): object to be configured by the argument
helper.
Raises:
BadConfigObject: when the configuration object is of the wrong type.
BadConfigOption: when the date filter is badly formatted.
"""
if not isinstance(configuration_object, tools.CLITool):
raise errors.BadConfigObject(
'Configuration object is not an instance of CLITool')
filter_collection = getattr(configuration_object, '_filter_collection',
None)
if not filter_collection:
raise errors.BadConfigObject(
'Filter collection missing from configuration object')
date_filters = getattr(options, 'date_filters', None)
if not date_filters:
return
file_entry_filter = file_entry_filters.DateTimeFileEntryFilter()
for date_filter in date_filters:
date_filter_pieces = date_filter.split(',')
if len(date_filter_pieces) != 3:
raise errors.BadConfigOption(
'Badly formed date filter: {0:s}'.format(date_filter))
time_value, start_time_string, end_time_string = date_filter_pieces
time_value = time_value.strip()
start_time_string = start_time_string.strip()
end_time_string = end_time_string.strip()
try:
file_entry_filter.AddDateTimeRange(
time_value,
start_time_string=start_time_string,
end_time_string=end_time_string)
except ValueError:
raise errors.BadConfigOption(
'Badly formed date filter: {0:s}'.format(date_filter))
filter_collection.AddFilter(file_entry_filter)
def testMatches(self):
"""Tests the Matches function."""
test_path = self._GetTestFilePath(['ímynd.dd'])
os_path_spec = path_spec_factory.Factory.NewPathSpec(
dfvfs_definitions.TYPE_INDICATOR_OS, location=test_path)
tsk_path_spec = path_spec_factory.Factory.NewPathSpec(
dfvfs_definitions.TYPE_INDICATOR_TSK,
inode=16,
location='/a_directory/another_file',
parent=os_path_spec)
file_entry = path_spec_resolver.Resolver.OpenFileEntry(tsk_path_spec)
# Timestamps of file:
# Modified: 2012-05-25T15:59:23+00:00
# Accessed: 2012-05-25T15:59:23+00:00
# Created: 2012-05-25T15:59:23+00:00
test_filter = file_entry_filters.DateTimeFileEntryFilter()
# When no date time ranges are specified the filter returns None.
self.assertIsNone(test_filter.Matches(file_entry))
# Add a date to the date filter.
test_filter.AddDateTimeRange('ctime',
start_time_string='2012-05-25 15:59:20',
end_time_string='2012-05-25 15:59:25')
self.assertTrue(test_filter.Matches(file_entry))
test_filter = file_entry_filters.DateTimeFileEntryFilter()
test_filter.AddDateTimeRange('ctime',
start_time_string='2012-05-25 15:59:24',
end_time_string='2012-05-25 15:59:55')
self.assertFalse(test_filter.Matches(file_entry))
# Testing a timestamp that does not exist in the stat object.
test_filter = file_entry_filters.DateTimeFileEntryFilter()
test_filter.AddDateTimeRange('bkup',
start_time_string='2012-02-02 12:12:12')
self.assertTrue(test_filter.Matches(file_entry))
# Just end date set.
test_filter = file_entry_filters.DateTimeFileEntryFilter()
test_filter.AddDateTimeRange('mtime',
end_time_string='2012-05-25 15:59:55')
self.assertTrue(test_filter.Matches(file_entry))
# Just with a start date but within range.
test_filter = file_entry_filters.DateTimeFileEntryFilter()
test_filter.AddDateTimeRange('atime',
start_time_string='2012-03-25 15:59:55')
self.assertTrue(test_filter.Matches(file_entry))
# And now with a start date, but out of range.
test_filter = file_entry_filters.DateTimeFileEntryFilter()
test_filter.AddDateTimeRange('ctime',
start_time_string='2012-05-25 15:59:55')
self.assertFalse(test_filter.Matches(file_entry))
# Test with more than one date filter.
test_filter = file_entry_filters.DateTimeFileEntryFilter()
test_filter.AddDateTimeRange('ctime',
start_time_string='2012-05-25 15:59:55',
end_time_string='2012-05-25 17:34:12')
test_filter.AddDateTimeRange('atime',
start_time_string='2012-05-25 15:59:20',
end_time_string='2012-05-25 15:59:25')
test_filter.AddDateTimeRange('mtime',
start_time_string='2012-05-25 15:59:24',
end_time_string='2012-05-25 15:59:55')
self.assertFalse(test_filter.Matches(file_entry))
self.assertEqual(len(test_filter._date_time_ranges), 3)