def testParse(self):
"""Tests the Parse function on a Windows Recycler INFO2 file."""
parser = recycler.WinRecyclerInfo2Parser()
storage_writer = self._ParseFile(['INFO2'], parser)
number_of_events = storage_writer.GetNumberOfAttributeContainers(
'event')
self.assertEqual(number_of_events, 4)
number_of_warnings = storage_writer.GetNumberOfAttributeContainers(
'extraction_warning')
self.assertEqual(number_of_warnings, 0)
number_of_warnings = storage_writer.GetNumberOfAttributeContainers(
'recovery_warning')
self.assertEqual(number_of_warnings, 0)
events = list(storage_writer.GetEvents())
expected_event_values = {
'date_time':
'2004-08-25 16:18:25.2370000',
'data_type':
'windows:metadata:deleted_item',
'drive_number':
2,
'original_filename':
('C:\\Documents and Settings\\Mr. Evil\\Desktop\\lalsetup250.exe'),
'record_index':
1,
'timestamp_desc':
definitions.TIME_DESCRIPTION_DELETED
}
self.CheckEventValues(storage_writer, events[0], expected_event_values)
def testParse(self):
"""Reads an INFO2 file and run a few tests."""
parser = recycler.WinRecyclerInfo2Parser()
storage_writer = self._ParseFile(['INFO2'], parser)
self.assertEqual(storage_writer.number_of_errors, 0)
self.assertEqual(storage_writer.number_of_events, 4)
events = list(storage_writer.GetEvents())
event = events[0]
self.CheckTimestamp(event.timestamp, '2004-08-25 16:18:25.237000')
self.assertEqual(event.timestamp_desc, definitions.TIME_DESCRIPTION_DELETED)
self.assertEqual(event.record_index, 1)
expected_filename = (
'C:\\Documents and Settings\\Mr. Evil\\Desktop\\lalsetup250.exe')
self.assertEqual(event.original_filename, expected_filename)
event = events[1]
expected_message = (
'DC2 -> C:\\Documents and Settings\\Mr. Evil\\Desktop'
'\\netstumblerinstaller_0_4_0.exe (from drive: C)')
expected_short_message = (
'Deleted file: C:\\Documents and Settings\\Mr. Evil\\Desktop'
'\\netstumblerinstaller...')
self._TestGetMessageStrings(event, expected_message, expected_short_message)
event = events[2]
self._TestGetSourceStrings(event, 'Recycle Bin', 'RECBIN')
def testParse(self):
"""Reads an INFO2 file and run a few tests."""
parser = recycler.WinRecyclerInfo2Parser()
storage_writer = self._ParseFile(['INFO2'], parser)
self.assertEqual(storage_writer.number_of_warnings, 0)
self.assertEqual(storage_writer.number_of_events, 4)
events = list(storage_writer.GetEvents())
expected_filename = (
'C:\\Documents and Settings\\Mr. Evil\\Desktop\\lalsetup250.exe')
expected_event_values = {
'original_filename': expected_filename,
'record_index': 1,
'timestamp': '2004-08-25 16:18:25.237000',
'timestamp_desc': definitions.TIME_DESCRIPTION_DELETED
}
self.CheckEventValues(storage_writer, events[0], expected_event_values)
expected_message = (
'DC2 -> C:\\Documents and Settings\\Mr. Evil\\Desktop'
'\\netstumblerinstaller_0_4_0.exe (from drive: C)')
expected_short_message = (
'Deleted file: C:\\Documents and Settings\\Mr. Evil\\Desktop'
'\\netstumblerinstaller...')
event_data = self._GetEventDataOfEvent(storage_writer, events[1])
self._TestGetMessageStrings(event_data, expected_message,
expected_short_message)
def testParse(self):
"""Reads an INFO2 file and run a few tests."""
parser_object = recycler.WinRecyclerInfo2Parser()
test_file = self._GetTestFilePath([u'INFO2'])
event_queue_consumer = self._ParseFile(parser_object, test_file)
event_objects = self._GetEventObjectsFromQueue(event_queue_consumer)
self.assertEqual(len(event_objects), 4)
event_object = event_objects[0]
expected_timestamp = timelib.Timestamp.CopyFromString(
u'2004-08-25 16:18:25.237')
self.assertEqual(event_object.timestamp, expected_timestamp)
self.assertEqual(event_object.timestamp_desc,
eventdata.EventTimestamp.DELETED_TIME)
self.assertEqual(event_object.index, 1)
self.assertEqual(event_object.orig_filename, (
u'C:\\Documents and Settings\\Mr. Evil\\Desktop\\lalsetup250.exe'))
event_object = event_objects[1]
expected_msg = (u'DC2 -> C:\\Documents and Settings\\Mr. Evil\\Desktop'
u'\\netstumblerinstaller_0_4_0.exe (from drive: C)')
expected_msg_short = (
u'Deleted file: C:\\Documents and Settings\\Mr. Evil\\Desktop'
u'\\netstumblerinstaller...')
self._TestGetMessageStrings(event_object, expected_msg,
expected_msg_short)
event_object = event_objects[2]
self._TestGetSourceStrings(event_object, u'Recycle Bin', u'RECBIN')
def setUp(self): """Sets up the needed objects used throughout the test.""" self._parser = recycler.WinRecyclerInfo2Parser()
def setUp(self): """Makes preparations before running an individual test.""" self._parser = recycler.WinRecyclerInfo2Parser()