def ReadSerialized(cls, proto_string):
"""Reads an analysis report from serialized form.
Args:
proto_string: a protobuf string containing the serialized form.
Returns:
An analysis report (instance of AnalysisReport).
"""
proto = plaso_storage_pb2.AnalysisReport()
proto.ParseFromString(proto_string)
return cls.ReadSerializedObject(proto)
def WriteSerializedObject(cls, analysis_report):
"""Writes an analysis report to serialized form.
Args:
analysis_report: an analysis report (instance of AnalysisReport).
Returns:
A protobuf object containing the serialized form (instance of
plaso_storage_pb2.AnalysisReport).
"""
proto = plaso_storage_pb2.AnalysisReport()
for attribute_name, attribute_value in analysis_report.GetAttributes():
if attribute_value is None:
continue
if attribute_name == u'_event_tags':
for event_tag in attribute_value:
event_tag_proto = ProtobufEventTagSerializer.WriteSerializedObject(
event_tag)
# pylint: disable=protected-access
proto._event_tags.MergeFrom(event_tag_proto)
elif attribute_name == u'images':
for image in attribute_value:
proto.images.append(image)
elif attribute_name == u'report_array':
list_proto = plaso_storage_pb2.Array()
for value in getattr(analysis_report, u'report_array', []):
sub_proto = list_proto.values.add()
ProtobufEventAttributeSerializer.WriteSerializedObject(
sub_proto, u'', value)
proto.report_array.MergeFrom(list_proto)
elif attribute_name == u'report_dict':
dict_proto = plaso_storage_pb2.Dict()
dict_object = getattr(analysis_report, u'report_dict', {})
for key, value in iter(dict_object.items()):
sub_proto = dict_proto.attributes.add()
ProtobufEventAttributeSerializer.WriteSerializedObject(
sub_proto, key, value)
proto.report_dict.MergeFrom(dict_proto)
else:
setattr(proto, attribute_name, attribute_value)
return proto
def WriteSerializedObject(cls, analysis_report):
"""Writes an analysis report to serialized form.
Args:
analysis_report: an analysis report (instance of AnalysisReport).
Returns:
A protobuf object containing the serialized form (instance of
plaso_storage_pb2.AnalysisReport).
"""
proto = plaso_storage_pb2.AnalysisReport()
proto.time_compiled = getattr(analysis_report, u'time_compiled', 0)
plugin_name = getattr(analysis_report, u'plugin_name', None)
if plugin_name:
proto.plugin_name = plugin_name
proto.text = getattr(analysis_report, u'text', u'N/A')
for image in getattr(analysis_report, u'images', []):
proto.images.append(image)
if hasattr(analysis_report, u'report_dict'):
dict_proto = plaso_storage_pb2.Dict()
dict_object = getattr(analysis_report, u'report_dict', {})
for key, value in iter(dict_object.items()):
sub_proto = dict_proto.attributes.add()
ProtobufEventAttributeSerializer.WriteSerializedObject(
sub_proto, key, value)
proto.report_dict.MergeFrom(dict_proto)
if hasattr(analysis_report, u'report_array'):
list_proto = plaso_storage_pb2.Array()
for value in getattr(analysis_report, u'report_array', []):
sub_proto = list_proto.values.add()
ProtobufEventAttributeSerializer.WriteSerializedObject(
sub_proto, u'', value)
proto.report_array.MergeFrom(list_proto)
return proto
def setUp(self):
"""Makes preparations before running an individual test."""
self._report_dict = {
u'dude': [
[u'Google Keep - notes and lists',
u'hmjkmjkepdijhoojdojkdfohbdgmmhki']
],
u'frank': [
[u'YouTube', u'blpcfgokakmgnkcojhhkbfbldkacnbeo'],
[u'Google Play Music', u'icppfcnhkcmnfdhfhphakoifcfokfdhg']
]
}
self._report_text = (
u' == USER: dude ==\n'
u' Google Keep - notes and lists [hmjkmjkepdijhoojdojkdfohbdgmmhki]\n'
u'\n'
u' == USER: frank ==\n'
u' Google Play Music [icppfcnhkcmnfdhfhphakoifcfokfdhg]\n'
u' YouTube [blpcfgokakmgnkcojhhkbfbldkacnbeo]\n'
u'\n')
attribute_serializer = protobuf_serializer.ProtobufEventAttributeSerializer
proto = plaso_storage_pb2.AnalysisReport()
dict_proto = plaso_storage_pb2.Dict()
for key, value in iter(self._report_dict.items()):
sub_proto = dict_proto.attributes.add()
attribute_serializer.WriteSerializedObject(sub_proto, key, value)
proto.report_dict.MergeFrom(dict_proto)
# TODO: add report_array, _anomalies and _tags tests.
proto.plugin_name = u'chrome_extension_test'
proto.text = self._report_text
proto.time_compiled = 1431978243000000
self._proto_string = proto.SerializeToString()
self._serializer = protobuf_serializer.ProtobufAnalysisReportSerializer