def testParseWindows10(self):
"""Tests the Parse function on a Windows 10 RecycleBin file."""
parser_object = recycler.WinRecycleBinParser()
storage_writer = self._ParseFile([u'$I103S5F.jpg'], parser_object)
self.assertEqual(len(storage_writer.events), 1)
event = storage_writer.events[0]
expected_filename = (
u'C:\\Users\\random\\Downloads\\bunnies.jpg')
self.assertEqual(event.original_filename, expected_filename)
expected_timestamp = timelib.Timestamp.CopyFromString(
u'2016-06-29 21:37:45.618')
self.assertEqual(event.timestamp, expected_timestamp)
self.assertEqual(event.file_size, 222255)
expected_message = u'{0:s} (from drive: UNKNOWN)'.format(expected_filename)
expected_message_short = u'Deleted file: {0:s}'.format(expected_filename)
self._TestGetMessageStrings(event, expected_message, expected_message_short)
def testParseVista(self):
"""Tests the Parse function on a Windows Vista RecycleBin file."""
parser_object = recycler.WinRecycleBinParser()
storage_writer = self._ParseFile([u'$II3DF3L.zip'], parser_object)
self.assertEqual(len(storage_writer.events), 1)
event = storage_writer.events[0]
expected_filename = (
u'C:\\Users\\nfury\\Documents\\Alloy Research\\StarFury.zip')
self.assertEqual(event.original_filename, expected_filename)
expected_timestamp = timelib.Timestamp.CopyFromString(
u'2012-03-12 20:49:58.633')
self.assertEqual(event.timestamp, expected_timestamp)
self.assertEqual(event.file_size, 724919)
expected_message = u'{0:s} (from drive: UNKNOWN)'.format(expected_filename)
expected_message_short = u'Deleted file: {0:s}'.format(expected_filename)
self._TestGetMessageStrings(event, expected_message, expected_message_short)