Cleaned up message formatters log2timeline#444

Author: joachimmetz

plaso/formatters/default.py

@@ -5,13 +5,19 @@
 from plaso.lib import definitions
 
 
-class DefaultFormatter(interface.EventFormatter):
+class DefaultEventFormatter(interface.BasicEventFormatter):
   """Formatter for events that do not have any defined formatter."""
 
   DATA_TYPE = 'event'
   FORMAT_STRING = '<WARNING DEFAULT FORMATTER> Attributes: {attribute_driven}'
   FORMAT_STRING_SHORT = '<DEFAULT> {attribute_driven}'
 
+  def __init__(self):
+    """Initializes a default event formatter."""
+    super(DefaultEventFormatter, self).__init__(
+        data_type=self.DATA_TYPE, format_string=self.FORMAT_STRING,
+        format_string_short=self.FORMAT_STRING_SHORT)
+
   def FormatEventValues(self, event_values):
     """Formats event values using the helpers.
 

plaso/formatters/interface.py

@@ -186,40 +186,37 @@ def FormatEventValues(self, event_values):
 
 
 class EventFormatter(object):
-  """Base class to format event data using a format string.
-
-  Define the (long) format string and the short format string by defining
-  FORMAT_STRING and FORMAT_STRING_SHORT. The syntax of the format strings
-  is similar to that of format() where the place holder for a certain
-  event object attribute is defined as {attribute_name}.
+  """Base class to format event values.
 
   Attributes:
     custom_helpers (list[str]): identifiers of custom event formatter helpers.
     helpers (list[EventFormatterHelper]): event formatter helpers.
   """
 
-  # The data type is a unique identifier for the event data. The current
-  # approach is to define it as human readable string in the format
-  # root:branch: ... :leaf, e.g. a page visited entry inside a Chrome History
-  # database is defined as: chrome:history:page_visited.
-  DATA_TYPE = 'internal'
-
-  # The format string.
-  FORMAT_STRING = ''
-  FORMAT_STRING_SHORT = ''
-
   # The format string can be defined as:
   # {name}, {name:format}, {name!conversion}, {name!conversion:format}
   _FORMAT_STRING_ATTRIBUTE_NAME_RE = re.compile(
       '{([a-z][a-zA-Z0-9_]*)[!]?[^:}]*[:]?[^}]*}')
 
-  def __init__(self):
-    """Initializes an event formatter object."""
+  def __init__(self, data_type='internal'):
+    """Initializes an event formatter.
+
+    Args:
+      data_type (Optional[str]): unique identifier for the event data supported
+          by the formatter.
+    """
     super(EventFormatter, self).__init__()
+    self._data_type = data_type
     self._format_string_attribute_names = None
+
     self.custom_helpers = []
     self.helpers = []
 
+  @property
+  def data_type(self):
+    """str: unique identifier for the event data supported by the formatter."""
+    return self._data_type.lower()
+
   def _FormatMessage(self, format_string, event_values):
     """Determines the formatted message.
 
@@ -293,18 +290,13 @@ def FormatEventValues(self, event_values):
     for helper in self.helpers:
       helper.FormatEventValues(event_values)
 
+  @abc.abstractmethod
   def GetFormatStringAttributeNames(self):
     """Retrieves the attribute names in the format string.
 
     Returns:
       set(str): attribute names.
     """
-    if self._format_string_attribute_names is None:
-      self._format_string_attribute_names = (
-          self._FORMAT_STRING_ATTRIBUTE_NAME_RE.findall(
-              self.FORMAT_STRING))
-
-    return set(self._format_string_attribute_names)
 
   # pylint: disable=unused-argument
   def AddCustomHelper(
@@ -328,6 +320,7 @@ def AddHelper(self, helper):
     """
     self.helpers.append(helper)
 
+  @abc.abstractmethod
   def GetMessage(self, event_values):
     """Determines the message.
 
@@ -337,8 +330,8 @@ def GetMessage(self, event_values):
     Returns:
       str: message.
     """
-    return self._FormatMessage(self.FORMAT_STRING, event_values)
 
+  @abc.abstractmethod
   def GetMessageShort(self, event_values):
     """Determines the short message.
 
@@ -348,10 +341,72 @@ def GetMessageShort(self, event_values):
     Returns:
       str: short message.
     """
-    if self.FORMAT_STRING_SHORT:
-      format_string = self.FORMAT_STRING_SHORT
+
+
+class BasicEventFormatter(EventFormatter):
+  """Format event values using a message format string.
+
+  Attributes:
+    custom_helpers (list[str]): identifiers of custom event formatter helpers.
+    helpers (list[EventFormatterHelper]): event formatter helpers.
+  """
+
+  def __init__(
+      self, data_type='basic', format_string=None, format_string_short=None):
+    """Initializes a basic event formatter.
+
+    The syntax of the format strings is similar to that of format() where
+    the place holder for a certain event object attribute is defined as
+    {attribute_name}.
+
+    Args:
+      data_type (Optional[str]): unique identifier for the event data supported
+          by the formatter.
+      format_string (Optional[str]): (long) message format string.
+      format_string_short (Optional[str]): short message format string.
+    """
+    super(BasicEventFormatter, self).__init__(data_type=data_type)
+    self._format_string_attribute_names = None
+    self._format_string = format_string
+    self._format_string_short = format_string_short
+
+  def GetFormatStringAttributeNames(self):
+    """Retrieves the attribute names in the format string.
+
+    Returns:
+      set(str): attribute names.
+    """
+    if self._format_string_attribute_names is None:
+      self._format_string_attribute_names = (
+          self._FORMAT_STRING_ATTRIBUTE_NAME_RE.findall(
+              self._format_string))
+
+    return set(self._format_string_attribute_names)
+
+  def GetMessage(self, event_values):
+    """Determines the message.
+
+    Args:
+      event_values (dict[str, object]): event values.
+
+    Returns:
+      str: message.
+    """
+    return self._FormatMessage(self._format_string, event_values)
+
+  def GetMessageShort(self, event_values):
+    """Determines the short message.
+
+    Args:
+      event_values (dict[str, object]): event values.
+
+    Returns:
+      str: short message.
+    """
+    if self._format_string_short:
+      format_string = self._format_string_short
     else:
-      format_string = self.FORMAT_STRING
+      format_string = self._format_string
 
     short_message_string = self._FormatMessage(format_string, event_values)
 
@@ -363,28 +418,38 @@ def GetMessageShort(self, event_values):
 
 
 class ConditionalEventFormatter(EventFormatter):
-  """Base class to conditionally format event data using format string pieces.
+  """Conditionally format event values using format string pieces."""
 
-  Define the (long) format string and the short format string by defining
-  FORMAT_STRING_PIECES and FORMAT_STRING_SHORT_PIECES. The syntax of the
-  format strings pieces is similar to of the event formatter
-  (EventFormatter). Every format string piece should contain a single
-  attribute name or none.
+  _DEFAULT_FORMAT_STRING_SEPARATOR = ' '
 
-  FORMAT_STRING_SEPARATOR is used to control the string which the separate
-  string pieces should be joined. It contains a space by default.
-  """
-  # The format string pieces.
-  FORMAT_STRING_PIECES = ['']
-  FORMAT_STRING_SHORT_PIECES = ['']
+  def __init__(
+      self, data_type='conditional', format_string_pieces=None,
+      format_string_separator=None, format_string_short_pieces=None):
+    """Initializes a conditional event formatter.
+
+    The syntax of the format strings pieces is similar to of the basic event
+    formatter (BasicEventFormatter). Every format string piece should contain
+    at maximum one unique attribute name. Format string pieces without an
+    attribute name are supported.
 
-  # The separator used to join the string pieces.
-  FORMAT_STRING_SEPARATOR = ' '
+    Args:
+      data_type (Optional[str]): unique identifier for the event data supported
+          by the formatter.
+      format_string_pieces (Optional[list[str]]): (long) message format string
+          pieces.
+      format_string_separator (Optional[str]): string by which separate format
+          string pieces should be joined.
+      format_string_short_pieces (Optional[list[str]]): short message format
+          string pieces.
+    """
+    if format_string_separator is None:
+      format_string_separator = self._DEFAULT_FORMAT_STRING_SEPARATOR
 
-  def __init__(self):
-    """Initializes the conditional formatter."""
-    super(ConditionalEventFormatter, self).__init__()
+    super(ConditionalEventFormatter, self).__init__(data_type=data_type)
+    self._format_string_pieces = format_string_pieces or []
     self._format_string_pieces_map = []
+    self._format_string_separator = format_string_separator
+    self._format_string_short_pieces = format_string_short_pieces or []
     self._format_string_short_pieces_map = []
 
   def _CreateFormatStringMap(
@@ -433,11 +498,11 @@ def _CreateFormatStringMaps(self):
     """
     self._format_string_pieces_map = []
     self._CreateFormatStringMap(
-        self.FORMAT_STRING_PIECES, self._format_string_pieces_map)
+        self._format_string_pieces, self._format_string_pieces_map)
 
     self._format_string_short_pieces_map = []
     self._CreateFormatStringMap(
-        self.FORMAT_STRING_SHORT_PIECES, self._format_string_short_pieces_map)
+        self._format_string_short_pieces, self._format_string_short_pieces_map)
 
   def _ConditionalFormatMessage(
       self, format_string_pieces, format_string_pieces_map, event_values):
@@ -469,7 +534,7 @@ def _ConditionalFormatMessage(
 
         string_pieces.append(format_string_pieces[map_index])
 
-    format_string = self.FORMAT_STRING_SEPARATOR.join(string_pieces)
+    format_string = self._format_string_separator.join(string_pieces)
 
     return self._FormatMessage(format_string, event_values)
 
@@ -481,7 +546,7 @@ def GetFormatStringAttributeNames(self):
     """
     if self._format_string_attribute_names is None:
       self._format_string_attribute_names = []
-      for format_string_piece in self.FORMAT_STRING_PIECES:
+      for format_string_piece in self._format_string_pieces:
         attribute_names = self._FORMAT_STRING_ATTRIBUTE_NAME_RE.findall(
             format_string_piece)
 
@@ -503,7 +568,8 @@ def GetMessage(self, event_values):
       self._CreateFormatStringMaps()
 
     return self._ConditionalFormatMessage(
-        self.FORMAT_STRING_PIECES, self._format_string_pieces_map, event_values)
+        self._format_string_pieces, self._format_string_pieces_map,
+        event_values)
 
   def GetMessageShort(self, event_values):
     """Determines the short message.
@@ -517,12 +583,12 @@ def GetMessageShort(self, event_values):
     if not self._format_string_pieces_map:
       self._CreateFormatStringMaps()
 
-    if (self.FORMAT_STRING_SHORT_PIECES and
-        self.FORMAT_STRING_SHORT_PIECES != ['']):
-      format_string_pieces = self.FORMAT_STRING_SHORT_PIECES
+    if (self._format_string_short_pieces and
+        self._format_string_short_pieces != ['']):
+      format_string_pieces = self._format_string_short_pieces
       format_string_pieces_map = self._format_string_short_pieces_map
     else:
-      format_string_pieces = self.FORMAT_STRING_PIECES
+      format_string_pieces = self._format_string_pieces
       format_string_pieces_map = self._format_string_pieces_map
 
     short_message_string = self._ConditionalFormatMessage(

plaso/formatters/yaml_formatters_file.py

@@ -211,26 +211,17 @@ def _ReadFormatterDefinition(self, formatter_definition_values):
       raise errors.ParseError(
           'Invalid event formatter definition missing short message.')
 
-    # TODO: pylint will complain about invalid-name because of the override
-    # of class "constants", hence that setattr is used. Change this once
-    # formatters have been migrated to configuration file. Also see:
-    # https://github.com/log2timeline/plaso/issues/444
     if formatter_type == 'basic':
-      formatter = interface.EventFormatter()
-      # TODO: check if message and short_message are strings
-      setattr(formatter, 'FORMAT_STRING', message)
-      setattr(formatter, 'FORMAT_STRING_SHORT', short_message)
+      formatter = interface.BasicEventFormatter(
+          data_type=data_type, format_string=message,
+          format_string_short=short_message)
 
     elif formatter_type == 'conditional':
-      formatter = interface.ConditionalEventFormatter()
-      separator = formatter_definition_values.get(
-          'separator', formatter.FORMAT_STRING_SEPARATOR)
-      # TODO: check if message and short_message are list of strings
-      setattr(formatter, 'FORMAT_STRING_PIECES', message)
-      setattr(formatter, 'FORMAT_STRING_SHORT_PIECES', short_message)
-      setattr(formatter, 'FORMAT_STRING_SEPARATOR', separator)
-
-    setattr(formatter, 'DATA_TYPE', data_type)
+      separator = formatter_definition_values.get('separator', None)
+      formatter = interface.ConditionalEventFormatter(
+          data_type=data_type, format_string_pieces=message,
+          format_string_separator=separator,
+          format_string_short_pieces=short_message)
 
     boolean_helpers = formatter_definition_values.get('boolean_helpers', [])
     self._ReadBooleanHelpers(formatter, boolean_helpers)

plaso/output/mediator.py

@@ -29,7 +29,7 @@ class OutputMediator(object):
   # LCID 0x0409 is en-US.
   DEFAULT_LCID = 0x0409
 
-  _DEFAULT_MESSAGE_FORMATTER = default.DefaultFormatter()
+  _DEFAULT_MESSAGE_FORMATTER = default.DefaultEventFormatter()
 
   _WINEVT_RC_DATABASE = 'winevt-rc.db'
 
@@ -103,8 +103,7 @@ def _ReadMessageFormattersFile(self, path):
         if custom_formatter_helper:
           message_formatter.AddHelper(custom_formatter_helper)
 
-      data_type = message_formatter.DATA_TYPE.lower()
-      self._message_formatters[data_type] = message_formatter
+      self._message_formatters[message_formatter.data_type] = message_formatter
 
   def GetDisplayNameForPathSpec(self, path_spec):
     """Retrieves the display name for a path specification.

tests/formatters/default.py

@@ -9,17 +9,17 @@
 from tests.formatters import test_lib
 
 
-class DefaultFormatterTest(test_lib.EventFormatterTestCase):
+class DefaultEventFormatterTest(test_lib.EventFormatterTestCase):
   """Tests for the default event formatter."""
 
   def testInitialization(self):
     """Tests the initialization."""
-    event_formatter = default.DefaultFormatter()
+    event_formatter = default.DefaultEventFormatter()
     self.assertIsNotNone(event_formatter)
 
   def testGetFormatStringAttributeNames(self):
     """Tests the GetFormatStringAttributeNames function."""
-    event_formatter = default.DefaultFormatter()
+    event_formatter = default.DefaultEventFormatter()
 
     expected_attribute_names = ['attribute_driven']