Code review: 228160043: Added more formatter tests for issue #99.

config/dpkg/changelog

@@ -2,4 +2,4 @@ python-plaso (1.2.1-1) unstable; urgency=low
 
   * Auto-generated
 
- -- Log2Timeline <log2timeline-dev@googlegroups.com>  Tue, 14 Apr 2015 22:00:51 +0200
+ -- Log2Timeline <log2timeline-dev@googlegroups.com>  Tue, 14 Apr 2015 22:13:00 +0200

plaso/formatters/default.py

@@ -6,7 +6,7 @@
 
 
 class DefaultFormatter(interface.EventFormatter):
-  """Default formatter for events that do not have any defined formatter."""
+  """Formatter for events that do not have any defined formatter."""
 
   DATA_TYPE = u'event'
   FORMAT_STRING = u'<WARNING DEFAULT FORMATTER> Attributes: {attribute_driven}'

plaso/formatters/default_test.py

@@ -0,0 +1,32 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+"""Tests for the default event formatter."""
+
+import unittest
+
+from plaso.formatters import default
+from plaso.formatters import test_lib
+
+
+class DefaultFormatterTest(test_lib.EventFormatterTestCase):
+  """Tests for the default event formatter."""
+
+  def testInitialization(self):
+    """Tests the initialization."""
+    event_formatter = default.DefaultFormatter()
+    self.assertNotEqual(event_formatter, None)
+
+  def testGetFormatStringAttributeNames(self):
+    """Tests the GetFormatStringAttributeNames function."""
+    event_formatter = default.DefaultFormatter()
+
+    expected_attribute_names = [u'attribute_driven']
+
+    self._TestGetFormatStringAttributeNames(
+        event_formatter, expected_attribute_names)
+
+  # TODO: add test for GetMessages.
+
+
+if __name__ == '__main__':
+  unittest.main()

plaso/formatters/interface.py

@@ -118,14 +118,14 @@ def GetFormatStringAttributeNames(self):
     """Retrieves the attribute names in the format string.
 
     Returns:
-      A list containing the attribute names.
+      A set containing the attribute names.
     """
     if self._format_string_attribute_names is None:
       self._format_string_attribute_names = (
           self._FORMAT_STRING_ATTRIBUTE_NAME_RE.findall(
               self.FORMAT_STRING))
 
-    return self._format_string_attribute_names
+    return set(self._format_string_attribute_names)
 
   def GetMessages(self, unused_formatter_mediator, event_object):
     """Determines the formatted message strings for an event object.
@@ -279,7 +279,7 @@ def GetFormatStringAttributeNames(self):
     """Retrieves the attribute names in the format string.
 
     Returns:
-      A list containing the attribute names.
+      A set containing the attribute names.
     """
     if self._format_string_attribute_names is None:
       self._format_string_attribute_names = []
@@ -290,7 +290,7 @@ def GetFormatStringAttributeNames(self):
         if attribute_names:
           self._format_string_attribute_names.extend(attribute_names)
 
-    return self._format_string_attribute_names
+    return set(self._format_string_attribute_names)
 
   def GetMessages(self, unused_ormatter_mediator, event_object):
     """Determines the formatted message strings for an event object.

plaso/formatters/msie_webcache_test.py

@@ -56,8 +56,7 @@ def testGetFormatStringAttributeNames(self):
         u'container_identifier',
         u'set_identifier',
         u'name',
-        u'directory',
-        u'container_identifier']
+        u'directory']
 
     self._TestGetFormatStringAttributeNames(
         event_formatter, expected_attribute_names)

plaso/formatters/skype.py

@@ -1,23 +1,26 @@
 # -*- coding: utf-8 -*-
-"""Formatter for the Skype Main database events."""
+"""The Skype main database event formatter."""
 
 from plaso.formatters import interface
 from plaso.formatters import manager
 
 
 class SkypeAccountFormatter(interface.ConditionalEventFormatter):
-  """Formatter for Skype Account information."""
+  """Formatter for a Skype account event."""
 
   DATA_TYPE = 'skype:event:account'
 
-  FORMAT_STRING_PIECES = [u'{username}', u'[{email}]', u'Country: {country}']
+  FORMAT_STRING_PIECES = [
+      u'{username}',
+      u'[{email}]',
+      u'Country: {country}']
 
   SOURCE_LONG = 'Skype Account'
   SOURCE_SHORT = 'LOG'
 
 
 class SkypeChatFormatter(interface.ConditionalEventFormatter):
-  """Formatter for Skype chat events."""
+  """Formatter for a Skype chat message event."""
 
   DATA_TYPE = 'skype:event:chat'
 
@@ -27,25 +30,29 @@ class SkypeChatFormatter(interface.ConditionalEventFormatter):
       u'[{title}]',
       u'Message: [{text}]']
 
-  FORMAT_STRING_SHORT_PIECES = [u'From: {from_account}', u' To: {to_account}']
+  FORMAT_STRING_SHORT_PIECES = [
+      u'From: {from_account}',
+      u'To: {to_account}']
 
   SOURCE_LONG = 'Skype Chat MSG'
   SOURCE_SHORT = 'LOG'
 
 
 class SkypeSMSFormatter(interface.ConditionalEventFormatter):
-  """Formatter for Skype SMS."""
+  """Formatter for a Skype SMS event."""
 
   DATA_TYPE = 'skype:event:sms'
 
-  FORMAT_STRING_PIECES = [u'To: {number}', u'[{text}]']
+  FORMAT_STRING_PIECES = [
+      u'To: {number}',
+      u'[{text}]']
 
   SOURCE_LONG = 'Skype SMS'
   SOURCE_SHORT = 'LOG'
 
 
 class SkypeCallFormatter(interface.ConditionalEventFormatter):
-  """Formatter for Skype calls."""
+  """Formatter for a Skype call event."""
 
   DATA_TYPE = 'skype:event:call'
 
@@ -59,7 +66,7 @@ class SkypeCallFormatter(interface.ConditionalEventFormatter):
 
 
 class SkypeTransferFileFormatter(interface.ConditionalEventFormatter):
-  """Formatter for Skype transfer files"""
+  """Formatter for a Skype transfer file event."""
 
   DATA_TYPE = 'skype:event:transferfile'
 

plaso/formatters/skype_test.py

@@ -0,0 +1,128 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+"""Tests for the Skype main database event formatter."""
+
+import unittest
+
+from plaso.formatters import skype
+from plaso.formatters import test_lib
+
+
+class SkypeAccountFormatterTest(test_lib.EventFormatterTestCase):
+  """Tests for the Skype account event formatter."""
+
+  def testInitialization(self):
+    """Tests the initialization."""
+    event_formatter = skype.SkypeAccountFormatter()
+    self.assertNotEqual(event_formatter, None)
+
+  def testGetFormatStringAttributeNames(self):
+    """Tests the GetFormatStringAttributeNames function."""
+    event_formatter = skype.SkypeAccountFormatter()
+
+    expected_attribute_names = [
+        u'username',
+        u'email',
+        u'country']
+
+    self._TestGetFormatStringAttributeNames(
+        event_formatter, expected_attribute_names)
+
+  # TODO: add test for GetMessages.
+
+
+class SkypeChatFormatterTest(test_lib.EventFormatterTestCase):
+  """Tests for the Skype chat event formatter."""
+
+  def testInitialization(self):
+    """Tests the initialization."""
+    event_formatter = skype.SkypeChatFormatter()
+    self.assertNotEqual(event_formatter, None)
+
+  def testGetFormatStringAttributeNames(self):
+    """Tests the GetFormatStringAttributeNames function."""
+    event_formatter = skype.SkypeChatFormatter()
+
+    expected_attribute_names = [
+        u'from_account',
+        u'to_account',
+        u'title',
+        u'text']
+
+    self._TestGetFormatStringAttributeNames(
+        event_formatter, expected_attribute_names)
+
+  # TODO: add test for GetMessages.
+
+
+class SkypeSMSFormatterTest(test_lib.EventFormatterTestCase):
+  """Tests for the Skype SMS event formatter."""
+
+  def testInitialization(self):
+    """Tests the initialization."""
+    event_formatter = skype.SkypeSMSFormatter()
+    self.assertNotEqual(event_formatter, None)
+
+  def testGetFormatStringAttributeNames(self):
+    """Tests the GetFormatStringAttributeNames function."""
+    event_formatter = skype.SkypeSMSFormatter()
+
+    expected_attribute_names = [
+        u'number',
+        u'text']
+
+    self._TestGetFormatStringAttributeNames(
+        event_formatter, expected_attribute_names)
+
+  # TODO: add test for GetMessages.
+
+
+class SkypeCallFormatterTest(test_lib.EventFormatterTestCase):
+  """Tests for the Skype call event formatter."""
+
+  def testInitialization(self):
+    """Tests the initialization."""
+    event_formatter = skype.SkypeCallFormatter()
+    self.assertNotEqual(event_formatter, None)
+
+  def testGetFormatStringAttributeNames(self):
+    """Tests the GetFormatStringAttributeNames function."""
+    event_formatter = skype.SkypeCallFormatter()
+
+    expected_attribute_names = [
+        u'src_call',
+        u'dst_call',
+        u'call_type']
+
+    self._TestGetFormatStringAttributeNames(
+        event_formatter, expected_attribute_names)
+
+  # TODO: add test for GetMessages.
+
+
+class SkypeTransferFileFormatterTest(test_lib.EventFormatterTestCase):
+  """Tests for the Skype transfer file event formatter."""
+
+  def testInitialization(self):
+    """Tests the initialization."""
+    event_formatter = skype.SkypeTransferFileFormatter()
+    self.assertNotEqual(event_formatter, None)
+
+  def testGetFormatStringAttributeNames(self):
+    """Tests the GetFormatStringAttributeNames function."""
+    event_formatter = skype.SkypeTransferFileFormatter()
+
+    expected_attribute_names = [
+        u'source',
+        u'destination',
+        u'transferred_filename',
+        u'action_type']
+
+    self._TestGetFormatStringAttributeNames(
+        event_formatter, expected_attribute_names)
+
+  # TODO: add test for GetMessages.
+
+
+if __name__ == '__main__':
+  unittest.main()

plaso/formatters/symantec.py

@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-"""This file contains a formatter for Symantec logs."""
+"""The Symantec AV log file event formatter."""
 
 from plaso.formatters import interface
 from plaso.formatters import manager
@@ -9,8 +9,8 @@
 __author__ = 'David Nides (david.nides@gmail.com)'
 
 
-class SymantecFormatter(interface.ConditionalEventFormatter):
-  """Define the formatting for Symantec events."""
+class SymantecAVFormatter(interface.ConditionalEventFormatter):
+  """Formatter for a Symantec AV log file event."""
 
   DATA_TYPE = 'av:symantec:scanlog'
 
@@ -90,22 +90,22 @@ class SymantecFormatter(interface.ConditionalEventFormatter):
       '74': 'GL_EVENT_LOAD_ERROR_SYKNAPPS',
       '75': 'GL_EVENT_INTERESTING_PROCESS_DETECTED_FINISH',
       '76': 'GL_EVENT_HPP_SCAN_NOT_SUPPORTED_FOR_OS',
-      '77': 'GL_EVENT_HEUR_THREAT_NOW_KNOWN'
-  }
+      '77': 'GL_EVENT_HEUR_THREAT_NOW_KNOWN'}
+
   CATEGORY_NAMES = {
       '1': 'GL_CAT_INFECTION',
       '2': 'GL_CAT_SUMMARY',
       '3': 'GL_CAT_PATTERN',
-      '4': 'GL_CAT_SECURITY'
-  }
+      '4': 'GL_CAT_SECURITY'}
+
   ACTION_1_2_NAMES = {
       '1': 'Quarantine infected file',
       '2': 'Rename infected file',
       '3': 'Delete infected file',
       '4': 'Leave alone (log only)',
       '5': 'Clean virus from file',
-      '6': 'Clean or delete macros'
-  }
+      '6': 'Clean or delete macros'}
+
   ACTION_0_NAMES = {
       '1': 'Quarantined',
       '2': 'Renamed',
@@ -120,8 +120,7 @@ class SymantecFormatter(interface.ConditionalEventFormatter):
       '10': 'Renamed backup file',
       '11': 'Undo action in Quarantine View',
       '12': 'Write protected or lack of permissions - Unable to act on file',
-      '13': 'Backed up file'
-  }
+      '13': 'Backed up file'}
 
   # The identifier for the formatter (a regular expression)
   FORMAT_STRING_SEPARATOR = u'; '
@@ -195,4 +194,4 @@ def GetMessages(self, unused_formatter_mediator, event_object):
     return self._ConditionalFormatMessages(event_values)
 
 
-manager.FormattersManager.RegisterFormatter(SymantecFormatter)
+manager.FormattersManager.RegisterFormatter(SymantecAVFormatter)