def testProcessVersion25(self):
"""Tests the Process function on a Firefox History database file v 25."""
plugin = firefox_history.FirefoxHistoryPlugin()
storage_writer = self._ParseDatabaseFileWithPlugin(
['places_new.sqlite'], plugin)
# The places.sqlite file contains 84 events:
# 34 page visits.
# 28 bookmarks
# 14 bookmark folders
# 8 annotations
self.assertEqual(storage_writer.number_of_warnings, 0)
self.assertEqual(storage_writer.number_of_events, 84)
events = list(storage_writer.GetEvents())
counter = collections.Counter()
for event in events:
event_data = self._GetEventDataOfEvent(storage_writer, event)
counter[event_data.data_type] += 1
self.assertEqual(counter['firefox:places:bookmark'], 28)
self.assertEqual(counter['firefox:places:page_visited'], 34)
self.assertEqual(counter['firefox:places:bookmark_folder'], 14)
self.assertEqual(counter['firefox:places:bookmark_annotation'], 8)
event = events[10]
self.CheckTimestamp(event.timestamp, '2013-10-30 21:57:11.281942')
event_data = self._GetEventDataOfEvent(storage_writer, event)
expected_message = (
'http://code.google.com/p/plaso [count: 1] Host: code.google.com '
'(URL not typed directly) Transition: TYPED')
expected_short_message = 'URL: http://code.google.com/p/plaso'
self._TestGetMessageStrings(event_data, expected_message,
expected_short_message)
def testProcessVersion25(self):
"""Tests the Process function on a Firefox History database file v 25."""
plugin = firefox_history.FirefoxHistoryPlugin()
storage_writer = self._ParseDatabaseFileWithPlugin(
['places_new.sqlite'], plugin)
# The places.sqlite file contains 84 events:
# 34 page visits.
# 28 bookmarks
# 14 bookmark folders
# 8 annotations
self.assertEqual(storage_writer.number_of_events, 84)
self.assertEqual(storage_writer.number_of_extraction_warnings, 0)
self.assertEqual(storage_writer.number_of_recovery_warnings, 0)
events = list(storage_writer.GetEvents())
counter = collections.Counter()
for event in events:
event_data = self._GetEventDataOfEvent(storage_writer, event)
counter[event_data.data_type] += 1
self.assertEqual(counter['firefox:places:bookmark'], 28)
self.assertEqual(counter['firefox:places:page_visited'], 34)
self.assertEqual(counter['firefox:places:bookmark_folder'], 14)
self.assertEqual(counter['firefox:places:bookmark_annotation'], 8)
expected_event_values = {
'data_type': 'firefox:places:page_visited',
'date_time': '2013-10-30 21:57:11.281942',
'host': 'code.google.com',
'url': 'http://code.google.com/p/plaso',
'visit_count': 1,
'visit_type': 2
}
self.CheckEventValues(storage_writer, events[10],
expected_event_values)
def testProcessPriorTo24(self):
"""Tests the Process function on a Firefox History database file."""
# This is probably version 23 but potentially an older version.
plugin = firefox_history.FirefoxHistoryPlugin()
storage_writer = self._ParseDatabaseFileWithPlugin(['places.sqlite'],
plugin)
# The places.sqlite file contains 205 events (1 page visit,
# 2 x 91 bookmark records, 2 x 3 bookmark annotations,
# 2 x 8 bookmark folders).
# However there are three events that do not have a timestamp
# so the test file will show 202 extracted events.
self.assertEqual(storage_writer.number_of_events, 202)
self.assertEqual(storage_writer.number_of_extraction_warnings, 0)
self.assertEqual(storage_writer.number_of_recovery_warnings, 0)
events = list(storage_writer.GetEvents())
# Check the first page visited event.
expected_event_values = {
'data_type': 'firefox:places:page_visited',
'date_time': '2011-07-01 11:16:21.371935',
'host': 'news.google.com',
'timestamp_desc': definitions.TIME_DESCRIPTION_LAST_VISITED,
'title': 'Google News',
'url': 'http://news.google.com/',
'visit_count': 1,
'visit_type': 2
}
self.CheckEventValues(storage_writer, events[0], expected_event_values)
# Check the first bookmark event.
expected_event_values = {
'data_type': 'firefox:places:bookmark',
'date_time': '2011-07-01 11:13:59.266344',
'timestamp_desc': definitions.TIME_DESCRIPTION_ADDED
}
self.CheckEventValues(storage_writer, events[1], expected_event_values)
# Check the second bookmark event.
expected_event_values = {
'data_type':
'firefox:places:bookmark',
'date_time':
'2011-07-01 11:13:59.267198',
'places_title':
('folder=BOOKMARKS_MENU&folder=UNFILED_BOOKMARKS&folder=TOOLBAR&'
'sort=12&excludeQueries=1&excludeItemIfParentHasAnnotation=livemark'
'%2FfeedURI&maxResults=10&queryType=1'),
'timestamp_desc':
definitions.TIME_DESCRIPTION_MODIFICATION,
'title':
'Recently Bookmarked',
'type':
'URL',
'url':
('place:folder=BOOKMARKS_MENU&folder=UNFILED_BOOKMARKS&folder='
'TOOLBAR&sort=12&excludeQueries=1&excludeItemIfParentHasAnnotation='
'livemark%2FfeedURI&maxResults=10&queryType=1'),
'visit_count':
0
}
self.CheckEventValues(storage_writer, events[2], expected_event_values)
# Check the first bookmark annotation event.
expected_event_values = {
'data_type': 'firefox:places:bookmark_annotation',
'date_time': '2011-07-01 11:13:59.267146',
'timestamp_desc': definitions.TIME_DESCRIPTION_ADDED
}
self.CheckEventValues(storage_writer, events[183],
expected_event_values)
# Check another bookmark annotation event.
expected_event_values = {
'content': 'RecentTags',
'data_type': 'firefox:places:bookmark_annotation',
'date_time': '2011-07-01 11:13:59.267605',
'timestamp_desc': definitions.TIME_DESCRIPTION_ADDED,
'title': 'Recent Tags',
'url': 'place:sort=14&type=6&maxResults=10&queryType=1'
}
self.CheckEventValues(storage_writer, events[184],
expected_event_values)
# Check the second last bookmark folder event.
expected_event_values = {
'data_type': 'firefox:places:bookmark_folder',
'date_time': '2011-03-21 10:05:01.553774',
'timestamp_desc': definitions.TIME_DESCRIPTION_ADDED
}
self.CheckEventValues(storage_writer, events[200],
expected_event_values)
# Check the last bookmark folder event.
expected_event_values = {
'data_type': 'firefox:places:bookmark_folder',
'date_time': '2011-07-01 11:14:11.766851',
'timestamp_desc': definitions.TIME_DESCRIPTION_MODIFICATION,
'title': 'Latest Headlines'
}
self.CheckEventValues(storage_writer, events[201],
expected_event_values)
def testProcessPriorTo24(self):
"""Tests the Process function on a Firefox History database file."""
# This is probably version 23 but potentially an older version.
plugin = firefox_history.FirefoxHistoryPlugin()
storage_writer = self._ParseDatabaseFileWithPlugin(['places.sqlite'],
plugin)
# The places.sqlite file contains 205 events (1 page visit,
# 2 x 91 bookmark records, 2 x 3 bookmark annotations,
# 2 x 8 bookmark folders).
# However there are three events that do not have a timestamp
# so the test file will show 202 extracted events.
self.assertEqual(storage_writer.number_of_warnings, 0)
self.assertEqual(storage_writer.number_of_events, 202)
events = list(storage_writer.GetEvents())
# Check the first page visited event.
event = events[0]
self.CheckTimestamp(event.timestamp, '2011-07-01 11:16:21.371935')
self.assertEqual(event.timestamp_desc,
definitions.TIME_DESCRIPTION_LAST_VISITED)
event_data = self._GetEventDataOfEvent(storage_writer, event)
self.assertEqual(event_data.data_type, 'firefox:places:page_visited')
expected_url = 'http://news.google.com/'
self.assertEqual(event_data.url, expected_url)
expected_title = 'Google News'
self.assertEqual(event_data.title, expected_title)
expected_message = (
'{0:s} ({1:s}) [count: 1] Host: news.google.com '
'(URL not typed directly) Transition: TYPED').format(
expected_url, expected_title)
expected_short_message = 'URL: {0:s}'.format(expected_url)
self._TestGetMessageStrings(event_data, expected_message,
expected_short_message)
# Check the first bookmark event.
event = events[1]
self.CheckTimestamp(event.timestamp, '2011-07-01 11:13:59.266344')
self.assertEqual(event.timestamp_desc,
definitions.TIME_DESCRIPTION_ADDED)
event_data = self._GetEventDataOfEvent(storage_writer, event)
self.assertEqual(event_data.data_type, 'firefox:places:bookmark')
# Check the second bookmark event.
event = events[2]
self.CheckTimestamp(event.timestamp, '2011-07-01 11:13:59.267198')
self.assertEqual(event.timestamp_desc,
definitions.TIME_DESCRIPTION_MODIFICATION)
event_data = self._GetEventDataOfEvent(storage_writer, event)
self.assertEqual(event_data.data_type, 'firefox:places:bookmark')
expected_url = (
'place:folder=BOOKMARKS_MENU&folder=UNFILED_BOOKMARKS&folder=TOOLBAR&'
'sort=12&excludeQueries=1&excludeItemIfParentHasAnnotation=livemark%2F'
'feedURI&maxResults=10&queryType=1')
self.assertEqual(event_data.url, expected_url)
expected_title = 'Recently Bookmarked'
self.assertEqual(event_data.title, expected_title)
expected_message = (
'Bookmark URL {0:s} ({1:s}) [folder=BOOKMARKS_MENU&'
'folder=UNFILED_BOOKMARKS&folder=TOOLBAR&sort=12&excludeQueries=1&'
'excludeItemIfParentHasAnnotation=livemark%2FfeedURI&maxResults=10&'
'queryType=1] visit count 0').format(expected_title, expected_url)
expected_short_message = (
'Bookmarked Recently Bookmarked '
'(place:folder=BOOKMARKS_MENU&folder=UNFILED_BO...')
self._TestGetMessageStrings(event_data, expected_message,
expected_short_message)
# Check the first bookmark annotation event.
event = events[183]
self.CheckTimestamp(event.timestamp, '2011-07-01 11:13:59.267146')
self.assertEqual(event.timestamp_desc,
definitions.TIME_DESCRIPTION_CREATION)
event_data = self._GetEventDataOfEvent(storage_writer, event)
self.assertEqual(event_data.data_type,
'firefox:places:bookmark_annotation')
# Check another bookmark annotation event.
event = events[184]
self.CheckTimestamp(event.timestamp, '2011-07-01 11:13:59.267605')
self.assertEqual(event.timestamp_desc,
definitions.TIME_DESCRIPTION_CREATION)
event_data = self._GetEventDataOfEvent(storage_writer, event)
self.assertEqual(event_data.data_type,
'firefox:places:bookmark_annotation')
expected_url = 'place:sort=14&type=6&maxResults=10&queryType=1'
self.assertEqual(event_data.url, expected_url)
expected_title = 'Recent Tags'
self.assertEqual(event_data.title, expected_title)
expected_message = ('Bookmark Annotation: [RecentTags] to bookmark '
'[{0:s}] ({1:s})').format(expected_title,
expected_url)
expected_short_message = 'Bookmark Annotation: Recent Tags'
self._TestGetMessageStrings(event_data, expected_message,
expected_short_message)
# Check the second last bookmark folder event.
event = events[200]
self.CheckTimestamp(event.timestamp, '2011-03-21 10:05:01.553774')
self.assertEqual(event.timestamp_desc,
definitions.TIME_DESCRIPTION_ADDED)
event_data = self._GetEventDataOfEvent(storage_writer, event)
self.assertEqual(event_data.data_type,
'firefox:places:bookmark_folder')
# Check the last bookmark folder event.
event = events[201]
self.CheckTimestamp(event.timestamp, '2011-07-01 11:14:11.766851')
self.assertEqual(event.timestamp_desc,
definitions.TIME_DESCRIPTION_MODIFICATION)
event_data = self._GetEventDataOfEvent(storage_writer, event)
self.assertEqual(event_data.data_type,
'firefox:places:bookmark_folder')
expected_title = 'Latest Headlines'
self.assertEqual(event_data.title, expected_title)
expected_message = expected_title
expected_short_message = expected_title
self._TestGetMessageStrings(event_data, expected_message,
expected_short_message)