Migrated construct-based parsers to use dtfabric log2timeline#1893

joachimmetz · May 27, 2018 · 43d7f0e · 43d7f0e
1 parent 8962ceb
commit 43d7f0e
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 32 deletions.
diff --git a/plaso/parsers/data_formats.py b/plaso/parsers/data_formats.py
@@ -3,6 +3,7 @@
 
 from __future__ import unicode_literals
 
+import abc
 import os
 
 from dtfabric import errors as dtfabric_errors
@@ -150,3 +151,15 @@ def _ReadStructureFromByteStream(
       raise errors.ParseError((
           'Unable to map {0:s} data at offset: 0x{1:08x} with error: '
           '{2!s}').format(description, file_offset, exception))
+
+  @abc.abstractmethod
+  def ParseFileObject(self, parser_mediator, file_object, **kwargs):
+    """Parses a file-like object.
+
+    Args:
+      parser_mediator (ParserMediator): a parser mediator.
+      file_object (dvfvs.FileIO): a file-like object to parse.
+
+    Raises:
+      UnableToParseFile: when the file cannot be parsed.
+    """
diff --git a/plaso/parsers/winrestore.py b/plaso/parsers/winrestore.py
@@ -8,7 +8,6 @@
 from dfdatetime import filetime as dfdatetime_filetime
 from dfdatetime import semantic_time as dfdatetime_semantic_time
 
-from dtfabric import errors as dtfabric_errors
 from dtfabric.runtime import fabric as dtfabric_fabric
 
 from plaso.containers import events
@@ -67,37 +66,6 @@ class RestorePointLogParser(data_formats.DataFormatParser):
 
   _FILE_FOOTER_SIZE = _FILE_FOOTER.GetByteSize()
 
-  def _ReadFileFooter(self, file_object):
-    """Reads the file footer.
-
-    Args:
-      file_object (dfvfs.FileIO): file-like object.
-
-    Raises:
-      ParseError: if the file footer cannot be read.
-    """
-    file_offset = self._file_size - 8
-    file_footer = self._ReadStructure(
-        file_object, file_offset, self._FILE_FOOTER_SIZE, self._FILE_FOOTER,
-        'file footer')
-
-  def ReadFileObject(self, file_object):
-    """Reads a Windows Restore Point rp.log file-like object.
-
-    Args:
-      file_object (file): file-like object.
-
-    Raises:
-      ParseError: if the file cannot be read.
-    """
-    self._ReadFileHeader(file_object)
-
-    data_size = (self._file_size - 8) - file_object.tell()
-    data = file_object.read(data_size)
-    self._DebugPrintData('Unknown1', data)
-
-    self._ReadFileFooter(file_object)
-
   def ParseFileObject(self, parser_mediator, file_object, **unused_kwargs):
     """Parses a Windows Restore Point (rp.log) log file-like object.