def testPluginList(self):
"""Test the plugin list returns the right values."""
# pylint: disable=protected-access
self._parser = sqlite.SQLiteParser(self._pre_obj, self._config)
all_plugins = self._parser._plugins
self.assertGreaterEqual(len(all_plugins), 10)
all_plugin_names = all_plugins.keys()
self.assertTrue('skype' in all_plugin_names)
self.assertTrue('chrome_history' in all_plugin_names)
self.assertTrue('firefox_history' in all_plugin_names)
# Change the calculations of the parsers.
self._config.parsers = 'chrome_history, firefox_history, -skype'
self._parser = sqlite.SQLiteParser(self._pre_obj, self._config)
plugins = self._parser._plugins
self.assertEquals(len(plugins), 2)
# Test with a different plugin selection.
self._config.parsers = 'sqlite, -skype'
self._parser = sqlite.SQLiteParser(self._pre_obj, self._config)
plugins = self._parser._plugins
# This should result in all plugins EXCEPT the skype one.
self.assertEquals(len(plugins), len(all_plugins) - 1)
def testParseFileEntryOnDatabaseWithDotInTableName(self):
"""Tests ParseFileEntry on a database with a dot in a table name."""
parser = sqlite.SQLiteParser()
storage_writer = self._ParseFile(['data.db'], parser)
self.assertEqual(storage_writer.number_of_warnings, 0)
self.assertEqual(storage_writer.number_of_events, 0)
def testExamineEventAndCompileReport(self):
"""Tests the ExamineEvent and CompileReport functions."""
parser = sqlite.SQLiteParser()
plugin = browser_search.BrowserSearchPlugin()
storage_writer = self._ParseAndAnalyzeFile(['History'], parser, plugin)
self.assertEqual(storage_writer.number_of_events, 71)
self.assertEqual(len(storage_writer.analysis_reports), 1)
analysis_report = storage_writer.analysis_reports[0]
# Due to the behavior of the join one additional empty string at the end
# is needed to create the last empty line.
expected_text = '\n'.join([
' == ENGINE: Google Search ==', '1 really really funny cats',
'1 java plugin', '1 funnycats.exe', '1 funny cats', '', ''
])
self.assertEqual(analysis_report.text, expected_text)
self.assertEqual(analysis_report.plugin_name, 'browser_search')
expected_keys = set(['Google Search'])
self.assertEqual(set(analysis_report.report_dict.keys()),
expected_keys)
def testFileParserChainMaintenance(self):
"""Tests that the parser chain is correctly maintained by the parser."""
parser = sqlite.SQLiteParser()
storage_writer = self._ParseFile([u'contacts2.db'], parser)
for event in storage_writer.GetEvents():
chain = event.parser
self.assertEqual(1, chain.count(u'/'))
def testFileParserChainMaintenance(self):
"""Tests that the parser chain is correctly maintained by the parser."""
parser = sqlite.SQLiteParser()
storage_writer = self._ParseFile(['contacts2.db'], parser)
for event in storage_writer.GetEvents():
event_data = self._GetEventDataOfEvent(storage_writer, event)
self.assertEqual(1, event_data.parser.count('/'))
def testEnablePlugins(self):
"""Tests the EnablePlugins function."""
parser_object = sqlite.SQLiteParser()
parser_object.EnablePlugins([u'chrome_history'])
self.assertIsNotNone(parser_object)
self.assertIsNone(parser_object._default_plugin)
self.assertNotEqual(parser_object._plugin_objects, [])
self.assertEqual(len(parser_object._plugin_objects), 1)
def testEnablePlugins(self):
"""Tests the EnablePlugins function."""
parser = sqlite.SQLiteParser()
parser.EnablePlugins(['chrome_27_history'])
self.assertIsNotNone(parser)
self.assertIsNone(parser._default_plugin)
self.assertNotEqual(parser._plugins, [])
self.assertEqual(len(parser._plugins), 1)
def testFileParserChainMaintenance(self):
"""Tests that the parser chain is correctly maintained by the parser."""
parser_object = sqlite.SQLiteParser()
test_file = self._GetTestFilePath([u'contacts2.db'])
event_queue_consumer = self._ParseFile(parser_object, test_file)
event_objects = self._GetEventObjectsFromQueue(event_queue_consumer)
for event in event_objects:
chain = event.parser
self.assertEqual(1, chain.count(u'/'))
def testParseFileEntry(self):
"""Tests the ParseFileEntry function."""
parser = sqlite.SQLiteParser()
storage_writer = self._ParseFile(['contacts2.db'], parser)
self.assertEqual(storage_writer.number_of_warnings, 0)
self.assertEqual(storage_writer.number_of_events, 5)
for event in storage_writer.GetEvents():
event_data = self._GetEventDataOfEvent(storage_writer, event)
self.assertEqual(1, event_data.parser.count('/'))
def testEnablePlugins(self):
"""Tests the EnablePlugins function."""
parser = sqlite.SQLiteParser()
number_of_plugins = len(parser._plugin_classes)
parser.EnablePlugins([])
self.assertEqual(len(parser._plugins), 0)
parser.EnablePlugins(parser.ALL_PLUGINS)
self.assertEqual(len(parser._plugins), number_of_plugins)
parser.EnablePlugins(['chrome_27_history'])
self.assertEqual(len(parser._plugins), 1)
def testParseFileEntryOnDatabaseWithDotInTableName(self):
"""Tests ParseFileEntry on a database with a dot in a table name."""
parser = sqlite.SQLiteParser()
storage_writer = self._ParseFile(['data.db'], parser)
number_of_events = storage_writer.GetNumberOfAttributeContainers(
'event')
self.assertEqual(number_of_events, 0)
number_of_warnings = storage_writer.GetNumberOfAttributeContainers(
'extraction_warning')
self.assertEqual(number_of_warnings, 0)
number_of_warnings = storage_writer.GetNumberOfAttributeContainers(
'recovery_warning')
self.assertEqual(number_of_warnings, 0)
def testParseFileEntry(self):
"""Tests the ParseFileEntry function."""
parser = sqlite.SQLiteParser()
storage_writer = self._ParseFile(['contacts2.db'], parser)
number_of_events = storage_writer.GetNumberOfAttributeContainers(
'event')
self.assertEqual(number_of_events, 5)
number_of_warnings = storage_writer.GetNumberOfAttributeContainers(
'extraction_warning')
self.assertEqual(number_of_warnings, 0)
number_of_warnings = storage_writer.GetNumberOfAttributeContainers(
'recovery_warning')
self.assertEqual(number_of_warnings, 0)
for event in storage_writer.GetEvents():
event_data = self._GetEventDataOfEvent(storage_writer, event)
self.assertEqual(1, event_data.parser.count('/'))
def testExamineEventAndCompileReport(self):
"""Tests the ExamineEvent and CompileReport functions."""
parser = sqlite.SQLiteParser()
plugin = browser_search.BrowserSearchPlugin()
storage_writer = self._ParseAndAnalyzeFile(['History'], parser, plugin)
analysis_results = list(
storage_writer.GetAttributeContainers(
'browser_search_analysis_result'))
self.assertEqual(len(analysis_results), 4)
analysis_result = analysis_results[2]
self.assertEqual(analysis_result.search_engine, 'Google Search')
self.assertEqual(analysis_result.search_term,
'really really funny cats')
self.assertEqual(analysis_result.number_of_queries, 1)
number_of_reports = storage_writer.GetNumberOfAttributeContainers(
'analysis_report')
self.assertEqual(number_of_reports, 1)
analysis_report = storage_writer.GetAttributeContainerByIndex(
reports.AnalysisReport.CONTAINER_TYPE, 0)
self.assertIsNotNone(analysis_report)
self.assertEqual(analysis_report.plugin_name, 'browser_search')
expected_analysis_counter = collections.Counter({
'Google Search:funny cats':
1,
'Google Search:funnycats.exe':
1,
'Google Search:java plugin':
1,
'Google Search:really really funny cats':
1
})
self.assertEqual(analysis_report.analysis_counter,
expected_analysis_counter)
def setUp(self):
"""Sets up the needed objects used throughout the test."""
self._pre_obj = event.PreprocessObject()
self._parser = sqlite.SQLiteParser(self._pre_obj, None)
def setUp(self):
"""Sets up the needed objects used throughout the test."""
self._parser = sqlite.SQLiteParser()
def setUp(self): """Makes preparations before running an individual test.""" self._parser = sqlite.SQLiteParser()
