stored ps.txt in archive to preserve timestamp, modified tests to han…

…dled a compressed text file, fixed the plugin name in the presets.

plaso/data/presets.yaml

@@ -27,7 +27,7 @@ parsers:
 - sqlite/ios_screentime
 - sqlite/kik_ios
 - sqlite/twitter_ios
-- text/apple_pstxt
+- text/apple_ps_txt
 - text/ios_lockdownd
 - text/ios_logd
 - text/ios_sysdiag_log
@@ -90,7 +90,7 @@ parsers:
 - sqlite/mackeeper_cache
 - sqlite/mac_knowledgec
 - sqlite/skype
-- text/apple_pstxt
+- text/apple_ps_txt
 - text/bash_history
 - text/gdrive_synclog
 - text/mac_appfirewall_log

tests/parsers/text_plugins/apple_pstxt.py

@@ -15,8 +15,9 @@ class ApplePSTextPluginTest(test_lib.TextPluginTestCase):
   def testProcess(self):
     """Tests the Process function."""
     plugin = apple_pstxt.ApplePSTextPlugin()
-    storage_writer = self._ParseTextFileWithPlugin(
-        ['text_parser', 'ps.txt'], plugin)
+
+    storage_writer = self._ParseCompressedTextFileWithPlugin(
+        'test_data/text_parser/ps.txt.gz', plugin)
 
     number_of_event_data = storage_writer.GetNumberOfAttributeContainers(
         'event_data')

tests/parsers/text_plugins/test_lib.py

@@ -1,6 +1,10 @@
 # -*- coding: utf-8 -*-
 """Text parser plugin related functions and classes for testing."""
 
+from dfvfs.lib import definitions as dfvfs_definitions
+from dfvfs.path import factory as path_spec_factory
+from dfvfs.resolver import resolver as path_spec_resolver
+
 from plaso.containers import events
 from plaso.parsers import mediator as parsers_mediator
 from plaso.parsers import text_parser
@@ -65,3 +69,63 @@ def _ParseTextFileWithPlugin(self, path_segments, plugin):
       parser_mediator.AddDateLessLogHelper(date_less_log_helper)
 
     return storage_writer
+
+  def _ParseCompressedTextFileWithPlugin(self, path_string, plugin):
+    """Parses a file contained in an archive as a text log file and returns an
+    event generator.
+
+    This method will first test if a text log file has the required format
+    using plugin.CheckRequiredFormat() and then extracts events using
+    plugin.Process().
+
+    Args:
+      path_string (str): path segments inside the test data directory.
+      plugin (TextPlugin): text log file plugin.
+
+    Returns:
+      FakeStorageWriter: storage writer.
+
+    Raises:
+      SkipTest: if the path inside the test data directory does not exist and
+          the test should be skipped.
+    """
+    parser_mediator = parsers_mediator.ParserMediator()
+
+    storage_writer = self._CreateStorageWriter()
+    parser_mediator.SetStorageWriter(storage_writer)
+
+    os_path_spec = path_spec_factory.Factory.NewPathSpec(
+        dfvfs_definitions.TYPE_INDICATOR_OS, location=path_string)
+    gzip_path_spec = path_spec_factory.Factory.NewPathSpec(
+        dfvfs_definitions.TYPE_INDICATOR_GZIP, parent=os_path_spec)
+    file_entry = path_spec_resolver.Resolver.OpenFileEntry(gzip_path_spec)
+    parser_mediator.SetFileEntry(file_entry)
+
+    if file_entry:
+      event_data_stream = events.EventDataStream()
+      event_data_stream.path_spec = file_entry.path_spec
+
+      parser_mediator.ProduceEventDataStream(event_data_stream)
+
+    # AppendToParserChain needs to be run after SetFileEntry.
+    parser_mediator.AppendToParserChain('text')
+
+    encoding = plugin.ENCODING
+    if not encoding:
+      encoding = parser_mediator.GetCodePage()
+
+    file_object = file_entry.GetFileObject()
+    text_reader = text_parser.EncodedTextReader(file_object, encoding=encoding)
+
+    text_reader.ReadLines()
+
+    required_format = plugin.CheckRequiredFormat(parser_mediator, text_reader)
+    self.assertTrue(required_format)
+
+    plugin.UpdateChainAndProcess(parser_mediator, file_object=file_object)
+
+    if hasattr(plugin, 'GetDateLessLogHelper'):
+      date_less_log_helper = plugin.GetDateLessLogHelper()
+      parser_mediator.AddDateLessLogHelper(date_less_log_helper)
+
+    return storage_writer