def testParse(self):
"""Tests for the Parse method."""
parser_object = zsh_extended_history.ZshExtendedHistoryParser()
storage_writer = self._ParseFile([u'zsh_extended_history.txt'],
parser_object)
self.assertEqual(len(storage_writer.events), 4)
event = storage_writer.events[0]
expected_timestamp = timelib.Timestamp.CopyFromString(
u'2016-03-12 08:26:50')
self.assertEqual(event.timestamp, expected_timestamp)
self.assertEqual(event.elapsed_seconds, 0)
self.assertEqual(event.command, u'cd plaso')
event = storage_writer.events[2]
expected_timestamp = timelib.Timestamp.CopyFromString(
u'2016-03-26 11:54:53')
expected_command = u'echo dfgdfg \\\\\n& touch /tmp/afile'
self.assertEqual(event.timestamp, expected_timestamp)
self.assertEqual(event.command, expected_command)
event = storage_writer.events[3]
expected_timestamp = timelib.Timestamp.CopyFromString(
u'2016-03-26 11:54:57')
self.assertEqual(event.timestamp, expected_timestamp)
def testParse(self):
"""Tests for the Parse method."""
parser = zsh_extended_history.ZshExtendedHistoryParser()
storage_writer = self._ParseFile(['zsh_extended_history.txt'], parser)
self.assertEqual(storage_writer.number_of_events, 4)
events = list(storage_writer.GetEvents())
event = events[0]
self.CheckTimestamp(event.timestamp, '2016-03-12 08:26:50.000000')
self.assertEqual(event.elapsed_seconds, 0)
self.assertEqual(event.command, 'cd plaso')
event = events[2]
self.CheckTimestamp(event.timestamp, '2016-03-26 11:54:53.000000')
self.assertEqual(event.command, 'echo dfgdfg \\\\\n& touch /tmp/afile')
event = events[3]
self.CheckTimestamp(event.timestamp, '2016-03-26 11:54:57.000000')
def testParse(self):
"""Tests for the Parse method."""
parser = zsh_extended_history.ZshExtendedHistoryParser()
storage_writer = self._ParseFile(['zsh_extended_history.txt'], parser)
self.assertEqual(storage_writer.number_of_events, 4)
self.assertEqual(storage_writer.number_of_extraction_warnings, 0)
self.assertEqual(storage_writer.number_of_recovery_warnings, 0)
events = list(storage_writer.GetEvents())
expected_event_values = {
'command': 'cd plaso',
'date_time': '2016-03-12 08:26:50',
'data_type': 'shell:zsh:history',
'elapsed_seconds': 0}
self.CheckEventValues(storage_writer, events[0], expected_event_values)
expected_event_values = {
'command': 'echo dfgdfg \\\\\n& touch /tmp/afile',
'date_time': '2016-03-26 11:54:53',
'data_type': 'shell:zsh:history',
'elapsed_seconds': 0}
self.CheckEventValues(storage_writer, events[2], expected_event_values)
expected_event_values = {
'date_time': '2016-03-26 11:54:57',
'data_type': 'shell:zsh:history'}
self.CheckEventValues(storage_writer, events[3], expected_event_values)
def testVerification(self):
"""Tests for the VerifyStructure method"""
parser = zsh_extended_history.ZshExtendedHistoryParser()
mediator = None
valid_lines = ': 1457771210:0;cd plaso'
self.assertTrue(parser.VerifyStructure(mediator, valid_lines))
invalid_lines = ': 2016-03-26 11:54:53;0;cd plaso'
self.assertFalse(parser.VerifyStructure(mediator, invalid_lines))
def testParse(self):
"""Tests for the Parse method."""
parser = zsh_extended_history.ZshExtendedHistoryParser()
storage_writer = self._ParseFile(['zsh_extended_history.txt'], parser)
self.assertEqual(storage_writer.number_of_warnings, 0)
self.assertEqual(storage_writer.number_of_events, 4)
events = list(storage_writer.GetEvents())
event = events[0]
self.CheckTimestamp(event.timestamp, '2016-03-12 08:26:50.000000')
event_data = self._GetEventDataOfEvent(storage_writer, event)
self.assertEqual(event_data.elapsed_seconds, 0)
self.assertEqual(event_data.command, 'cd plaso')
event = events[2]
self.CheckTimestamp(event.timestamp, '2016-03-26 11:54:53.000000')
event_data = self._GetEventDataOfEvent(storage_writer, event)
self.assertEqual(event_data.command,
'echo dfgdfg \\\\\n& touch /tmp/afile')
event = events[3]
self.CheckTimestamp(event.timestamp, '2016-03-26 11:54:57.000000')
expected_message = ('echo dfgdfg \\\\& touch /tmp/afile '
'Time elapsed: 0 seconds')
expected_short_message = ('echo dfgdfg \\\\& touch /tmp/afile')
self._TestGetMessageStrings(event_data, expected_message,
expected_short_message)
def setUp(self):
"""Makes preparations before running an individual test."""
self._parser = zsh_extended_history.ZshExtendedHistoryParser()
