diff --git a/Core/build.xml b/Core/build.xml
index 9d989820f5..deb035b609 100644
--- a/Core/build.xml
+++ b/Core/build.xml
@@ -134,10 +134,10 @@
-
-
+
+
release/modules/ext/okio-1.6.0.jar
- ext/postgresql-42.2.18.jar
- release/modules/ext/postgresql-42.2.18.jar
+ ext/postgresql-42.3.5.jar
+ release/modules/ext/postgresql-42.3.5.jar
ext/Rejistry-1.1-SNAPSHOT.jar
@@ -631,8 +631,8 @@
release/modules/ext/spotbugs-annotations-4.6.0.jar
- ext/sqlite-jdbc-3.25.2.jar
- release/modules/ext/sqlite-jdbc-3.25.2.jar
+ ext/sqlite-jdbc-3.36.0.3.jar
+ release/modules/ext/sqlite-jdbc-3.36.0.3.jar
ext/xmpcore-6.1.11.jar
diff --git a/Core/src/org/sleuthkit/autopsy/modules/interestingitems/Bundle.properties b/Core/src/org/sleuthkit/autopsy/modules/interestingitems/Bundle.properties
index d8b379b23d..a83d6bc467 100644
--- a/Core/src/org/sleuthkit/autopsy/modules/interestingitems/Bundle.properties
+++ b/Core/src/org/sleuthkit/autopsy/modules/interestingitems/Bundle.properties
@@ -84,3 +84,6 @@ FilesSetDefsPanel.ruleLabel.text=Rule Details
FilesSetDefsPanel.pathLabel.text=Path Substring:
FilesSetDefsPanel.mimeTypeLabel.text=MIME Type:
FilesSetDefsPanel.fileSizeLabel.text=File Size:
+FilesSetRulePanel.ruleTypeLabel.text=Rule Type:
+FilesSetRulePanel.inclusiveRuleTypeRadio.text=Include - files matching this rule will be included in results
+FilesSetRulePanel.exclusiveRuleTypeRadio.text=Exclude - files matching this rule will be excluded from results
diff --git a/Core/src/org/sleuthkit/autopsy/modules/interestingitems/Bundle.properties-MERGED b/Core/src/org/sleuthkit/autopsy/modules/interestingitems/Bundle.properties-MERGED
index 6fb258f014..e0dd7ce622 100755
--- a/Core/src/org/sleuthkit/autopsy/modules/interestingitems/Bundle.properties-MERGED
+++ b/Core/src/org/sleuthkit/autopsy/modules/interestingitems/Bundle.properties-MERGED
@@ -1,3 +1,4 @@
+FileSet_fileIsMemberOf_noInclusiveRules_ruleName=Not Excluded
FilesIdentifierIngestJobSettingsPanel.getError=Error getting interesting files sets from settings file.
FilesIdentifierIngestJobSettingsPanel.updateError=Error updating interesting files sets settings file.
FilesIdentifierIngestModule.getFilesError=Error getting interesting files sets from file.
@@ -179,6 +180,9 @@ FilesSetDefsPanel.ruleLabel.text=Rule Details
FilesSetDefsPanel.pathLabel.text=Path Substring:
FilesSetDefsPanel.mimeTypeLabel.text=MIME Type:
FilesSetDefsPanel.fileSizeLabel.text=File Size:
+FilesSetRulePanel.ruleTypeLabel.text=Rule Type:
+FilesSetRulePanel.inclusiveRuleTypeRadio.text=Include - files matching this rule will be included in results
+FilesSetRulePanel.exclusiveRuleTypeRadio.text=Exclude - files matching this rule will be excluded from results
# {0} - filesSetName
StandardInterestingFileSetsLoader.customSuffixed={0} (Custom)
StandardInterestingFilesSetsLoader_cannotLoadStandard=Unable to properly read standard interesting files sets.
diff --git a/Core/src/org/sleuthkit/autopsy/modules/interestingitems/Bundle_ja.properties b/Core/src/org/sleuthkit/autopsy/modules/interestingitems/Bundle_ja.properties
index 6c61d90e3b..318ea118ea 100644
--- a/Core/src/org/sleuthkit/autopsy/modules/interestingitems/Bundle_ja.properties
+++ b/Core/src/org/sleuthkit/autopsy/modules/interestingitems/Bundle_ja.properties
@@ -158,3 +158,6 @@ StandardInterestingFileSetsLoader.customSuffixed={0}\uff08\u30ab\u30b9\u30bf\u30
StandardInterestingFilesSetsLoader_cannotLoadStandard=\u6a19\u6e96\u306e\u8208\u5473\u6df1\u3044\u30d5\u30a1\u30a4\u30eb\u30bb\u30c3\u30c8\u3092\u6b63\u3057\u304f\u8aad\u307f\u53d6\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u305b\u3093\u3002
StandardInterestingFilesSetsLoader_cannotLoadUserConfigured=\u30e6\u30fc\u30b6\u30fc\u304c\u8a2d\u5b9a\u3057\u305f\u8208\u5473\u6df1\u3044\u30d5\u30a1\u30a4\u30eb\u30bb\u30c3\u30c8\u3092\u6b63\u3057\u304f\u8aad\u307f\u53d6\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u305b\u3093\u3002
StandardInterestingFilesSetsLoader_cannotUpdateInterestingFilesSets=\u8208\u5473\u6df1\u3044\u30d5\u30a1\u30a4\u30eb\u30bb\u30c3\u30c8\u306e\u66f4\u65b0\u8a2d\u5b9a\u3092\u8a2d\u5b9a\u30d5\u30a9\u30eb\u30c0\u30fc\u306b\u66f8\u8fbc\u3081\u307e\u305b\u3093\u3002
+FilesSetRulePanel.ruleTypeLabel.text=\u30bf\u30a4\u30d7:
+FilesSetRulePanel.inclusiveRuleTypeRadio.text=\u30d5\u30a1\u30a4\u30eb
+FilesSetRulePanel.exclusiveRuleTypeRadio.text=\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u30fc
diff --git a/Core/src/org/sleuthkit/autopsy/modules/interestingitems/FilesSet.java b/Core/src/org/sleuthkit/autopsy/modules/interestingitems/FilesSet.java
index 396480cd50..e515225478 100644
--- a/Core/src/org/sleuthkit/autopsy/modules/interestingitems/FilesSet.java
+++ b/Core/src/org/sleuthkit/autopsy/modules/interestingitems/FilesSet.java
@@ -20,12 +20,15 @@ package org.sleuthkit.autopsy.modules.interestingitems;
import java.io.Serializable;
import java.util.ArrayList;
+import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
+import java.util.Map.Entry;
import java.util.UUID;
import java.util.regex.Pattern;
import org.openide.util.NbBundle;
+import org.openide.util.NbBundle.Messages;
import org.sleuthkit.datamodel.AbstractFile;
import org.sleuthkit.datamodel.TskData;
@@ -48,7 +51,10 @@ public final class FilesSet implements Serializable {
private final boolean standardSet;
private final int versionNumber;
- private final Map rules = new HashMap<>();
+ private final Map rules;
+
+ private final Map inclusiveRules;
+ private final Map exclusiveRules;
/**
* Constructs an interesting files set.
@@ -100,9 +106,20 @@ public final class FilesSet implements Serializable {
this.description = (description != null ? description : "");
this.ignoreKnownFiles = ignoreKnownFiles;
this.ignoreUnallocatedSpace = ignoreUnallocatedSpace;
- if (rules != null) {
- this.rules.putAll(rules);
+ this.rules = rules == null ? Collections.emptyMap() : new HashMap<>(rules);
+
+ Map inclusiveRules = new HashMap<>();
+ Map exclusiveRules = new HashMap<>();
+ for (Entry ruleEntry : rules.entrySet()) {
+ if (ruleEntry.getValue().isExclusive()) {
+ exclusiveRules.put(ruleEntry.getKey(), ruleEntry.getValue());
+ } else {
+ inclusiveRules.put(ruleEntry.getKey(), ruleEntry.getValue());
+ }
}
+
+ this.inclusiveRules = inclusiveRules;
+ this.exclusiveRules = exclusiveRules;
}
/**
@@ -170,7 +187,8 @@ public final class FilesSet implements Serializable {
public Map getRules() {
return new HashMap<>(this.rules);
}
-
+
+
/**
* Determines whether a file is a member of this interesting files set.
*
@@ -179,6 +197,9 @@ public final class FilesSet implements Serializable {
* @return The name of the first set membership rule satisfied by the file,
* will be null if the file does not belong to the set.
*/
+ @Messages({
+ "FileSet_fileIsMemberOf_noInclusiveRules_ruleName=Not Excluded"
+ })
public String fileIsMemberOf(AbstractFile file) {
if ((this.ignoreKnownFiles) && (file.getKnown() == TskData.FileKnown.KNOWN)) {
return null;
@@ -191,12 +212,35 @@ public final class FilesSet implements Serializable {
return null;
}
- for (Rule rule : rules.values()) {
- if (rule.isSatisfied(file)) {
- return rule.getName();
+
+ String ruleName;
+ if (inclusiveRules.isEmpty()) {
+ // in the event there are no rules, return null for no match
+ if (exclusiveRules.isEmpty()) {
+ return null;
+ // in the event there are exclusion rules, rely on those
+ } else {
+ ruleName = Bundle.FileSet_fileIsMemberOf_noInclusiveRules_ruleName();
+ }
+
+ } else {
+ // if there are inclusive rules, at least one should be matched
+ ruleName = null;
+ for (Rule rule : inclusiveRules.values()) {
+ if (rule.isSatisfied(file)) {
+ ruleName = rule.getName();
+ break;
+ }
}
}
- return null;
+
+ for (Rule rule : exclusiveRules.values()) {
+ if (rule.isSatisfied(file)) {
+ return null;
+ }
+ }
+
+ return ruleName;
}
@Override
@@ -215,6 +259,7 @@ public final class FilesSet implements Serializable {
private static final long serialVersionUID = 1L;
private final String uuid;
private final String ruleName;
+ private final Boolean exclusive;
private final FileNameCondition fileNameCondition;
private final MetaTypeCondition metaTypeCondition;
private final ParentPathCondition pathCondition;
@@ -234,8 +279,14 @@ public final class FilesSet implements Serializable {
* @param fileSizeCondition A file size condition, may be null.
* @param dateCondition A file date created or modified condition,
* may be null
+ * @param exclusive Whether or not the rule excludes items
+ * matching the rule otherwise including them.
*/
- public Rule(String ruleName, FileNameCondition fileNameCondition, MetaTypeCondition metaTypeCondition, ParentPathCondition pathCondition, MimeTypeCondition mimeTypeCondition, FileSizeCondition fileSizeCondition, DateCondition dateCondition) {
+ public Rule(String ruleName, FileNameCondition fileNameCondition, MetaTypeCondition metaTypeCondition,
+ ParentPathCondition pathCondition, MimeTypeCondition mimeTypeCondition,
+ FileSizeCondition fileSizeCondition, DateCondition dateCondition,
+ Boolean exclusive) {
+
// since ruleName is optional, ruleUUID can be used to uniquely identify a rule.
this.uuid = UUID.randomUUID().toString();
if (metaTypeCondition == null) {
@@ -274,6 +325,8 @@ public final class FilesSet implements Serializable {
if (this.dateCondition != null) {
this.conditions.add(this.dateCondition);
}
+
+ this.exclusive = exclusive;
}
/**
@@ -316,6 +369,15 @@ public final class FilesSet implements Serializable {
return this.dateCondition;
}
+ /**
+ * @return True if this rule should exclude certain files matching
+ * criteria, otherwise including files matching criteria if
+ * false.
+ */
+ public boolean isExclusive() {
+ return exclusive != null && exclusive == true;
+ }
+
/**
* Determines whether or not a file satisfies the rule.
*
diff --git a/Core/src/org/sleuthkit/autopsy/modules/interestingitems/FilesSetDefsPanel.java b/Core/src/org/sleuthkit/autopsy/modules/interestingitems/FilesSetDefsPanel.java
index 525a072137..92bc326dca 100644
--- a/Core/src/org/sleuthkit/autopsy/modules/interestingitems/FilesSetDefsPanel.java
+++ b/Core/src/org/sleuthkit/autopsy/modules/interestingitems/FilesSetDefsPanel.java
@@ -516,7 +516,11 @@ public final class FilesSetDefsPanel extends IngestModuleGlobalSettingsPanel imp
if (selectedRule != null) {
rules.remove(selectedRule.getUuid());
}
- FilesSet.Rule newRule = new FilesSet.Rule(panel.getRuleName(), panel.getFileNameCondition(), panel.getMetaTypeCondition(), panel.getPathCondition(), panel.getMimeTypeCondition(), panel.getFileSizeCondition(), panel.getDateCondition());
+ FilesSet.Rule newRule = new FilesSet.Rule(panel.getRuleName(),
+ panel.getFileNameCondition(), panel.getMetaTypeCondition(),
+ panel.getPathCondition(), panel.getMimeTypeCondition(),
+ panel.getFileSizeCondition(), panel.getDateCondition(),
+ panel.isExclusive());
rules.put(newRule.getUuid(), newRule);
// Add the new/edited files set definition, replacing any previous
diff --git a/Core/src/org/sleuthkit/autopsy/modules/interestingitems/FilesSetRulePanel.form b/Core/src/org/sleuthkit/autopsy/modules/interestingitems/FilesSetRulePanel.form
index 3d5993dd0b..7508241998 100644
--- a/Core/src/org/sleuthkit/autopsy/modules/interestingitems/FilesSetRulePanel.form
+++ b/Core/src/org/sleuthkit/autopsy/modules/interestingitems/FilesSetRulePanel.form
@@ -6,6 +6,8 @@
+
+
@@ -22,82 +24,106 @@
-
-
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
-
+
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
+
@@ -105,7 +131,16 @@
-
+
+
+
+
+
+
+
+
+
+
@@ -161,7 +196,7 @@
-
+
@@ -421,5 +456,39 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/Core/src/org/sleuthkit/autopsy/modules/interestingitems/FilesSetRulePanel.java b/Core/src/org/sleuthkit/autopsy/modules/interestingitems/FilesSetRulePanel.java
index 541dccfa63..f341176820 100644
--- a/Core/src/org/sleuthkit/autopsy/modules/interestingitems/FilesSetRulePanel.java
+++ b/Core/src/org/sleuthkit/autopsy/modules/interestingitems/FilesSetRulePanel.java
@@ -120,6 +120,7 @@ final class FilesSetRulePanel extends javax.swing.JPanel {
populatePathConditionComponents(rule);
populateDateConditionComponents(rule);
populateSizeConditionComponents(rule);
+ populateInclusiveExclusive(rule);
this.setButtons(okButton, cancelButton);
updateNameTextFieldPrompt();
@@ -272,6 +273,11 @@ final class FilesSetRulePanel extends javax.swing.JPanel {
break;
}
}
+
+ private void populateInclusiveExclusive(FilesSet.Rule rule) {
+ this.inclusiveRuleTypeRadio.setSelected(!rule.isExclusive());
+ this.exclusiveRuleTypeRadio.setSelected(rule.isExclusive());
+ }
/**
* Populates the UI components that display the name condition for a rule.
@@ -460,6 +466,14 @@ final class FilesSetRulePanel extends javax.swing.JPanel {
String getRuleName() {
return this.ruleNameTextField.getText();
}
+
+ /**
+ * @return Whether or not this rule should exclude or include files based on
+ * the rule.
+ */
+ boolean isExclusive() {
+ return this.exclusiveRuleTypeRadio.isSelected();
+ }
/**
* Gets the name condition for the rule that was created or edited. Should
@@ -664,6 +678,7 @@ final class FilesSetRulePanel extends javax.swing.JPanel {
nameButtonGroup = new javax.swing.ButtonGroup();
typeButtonGroup = new javax.swing.ButtonGroup();
+ ruleTypeButtonGroup = new javax.swing.ButtonGroup();
ruleNameLabel = new javax.swing.JLabel();
ruleNameTextField = new javax.swing.JTextField();
jLabel1 = new javax.swing.JLabel();
@@ -689,6 +704,10 @@ final class FilesSetRulePanel extends javax.swing.JPanel {
daysIncludedTextField = new javax.swing.JTextField();
daysIncludedLabel = new javax.swing.JLabel();
dateCheck = new javax.swing.JCheckBox();
+ javax.swing.JLabel ruleTypeLabel = new javax.swing.JLabel();
+ inclusiveRuleTypeRadio = new javax.swing.JRadioButton();
+ exclusiveRuleTypeRadio = new javax.swing.JRadioButton();
+ jSeparator1 = new javax.swing.JSeparator();
org.openide.awt.Mnemonics.setLocalizedText(ruleNameLabel, org.openide.util.NbBundle.getMessage(FilesSetRulePanel.class, "FilesSetRulePanel.ruleNameLabel.text")); // NOI18N
@@ -810,75 +829,108 @@ final class FilesSetRulePanel extends javax.swing.JPanel {
}
});
+ org.openide.awt.Mnemonics.setLocalizedText(ruleTypeLabel, org.openide.util.NbBundle.getMessage(FilesSetRulePanel.class, "FilesSetRulePanel.ruleTypeLabel.text")); // NOI18N
+
+ ruleTypeButtonGroup.add(inclusiveRuleTypeRadio);
+ inclusiveRuleTypeRadio.setSelected(true);
+ org.openide.awt.Mnemonics.setLocalizedText(inclusiveRuleTypeRadio, org.openide.util.NbBundle.getMessage(FilesSetRulePanel.class, "FilesSetRulePanel.inclusiveRuleTypeRadio.text")); // NOI18N
+
+ ruleTypeButtonGroup.add(exclusiveRuleTypeRadio);
+ org.openide.awt.Mnemonics.setLocalizedText(exclusiveRuleTypeRadio, org.openide.util.NbBundle.getMessage(FilesSetRulePanel.class, "FilesSetRulePanel.exclusiveRuleTypeRadio.text")); // NOI18N
+
javax.swing.GroupLayout layout = new javax.swing.GroupLayout(this);
this.setLayout(layout);
layout.setHorizontalGroup(
layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
- .addGroup(layout.createSequentialGroup()
- .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
- .addGroup(layout.createSequentialGroup()
- .addGap(8, 8, 8)
+ .addGroup(javax.swing.GroupLayout.Alignment.TRAILING, layout.createSequentialGroup()
+ .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.TRAILING)
+ .addGroup(javax.swing.GroupLayout.Alignment.LEADING, layout.createSequentialGroup()
.addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
- .addGroup(javax.swing.GroupLayout.Alignment.TRAILING, layout.createSequentialGroup()
- .addComponent(ruleNameLabel)
- .addGap(5, 5, 5)
- .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
- .addComponent(mimeTypeComboBox, 0, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)
- .addComponent(pathTextField)
- .addGroup(javax.swing.GroupLayout.Alignment.TRAILING, layout.createSequentialGroup()
- .addComponent(equalitySymbolComboBox, 0, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)
- .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
- .addComponent(fileSizeSpinner)
- .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
- .addComponent(fileSizeComboBox, 0, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE))
- .addGroup(layout.createSequentialGroup()
- .addComponent(pathRegexCheckBox)
- .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)
- .addComponent(pathSeparatorInfoLabel))
- .addGroup(layout.createSequentialGroup()
- .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
- .addComponent(ruleNameTextField)
- .addGroup(layout.createSequentialGroup()
- .addComponent(daysIncludedTextField, javax.swing.GroupLayout.PREFERRED_SIZE, 69, javax.swing.GroupLayout.PREFERRED_SIZE)
- .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
- .addComponent(daysIncludedLabel)
- .addGap(0, 0, Short.MAX_VALUE)))
- .addGap(1, 1, 1))
- .addGroup(layout.createSequentialGroup()
- .addComponent(fullNameRadioButton)
- .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
- .addComponent(extensionRadioButton)
- .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
- .addComponent(nameRegexCheckbox))))
- .addComponent(jLabel5)
.addGroup(layout.createSequentialGroup()
+ .addGap(8, 8, 8)
+ .addComponent(jLabel5))
+ .addGroup(layout.createSequentialGroup()
+ .addContainerGap()
+ .addComponent(ruleTypeLabel))
+ .addGroup(layout.createSequentialGroup()
+ .addGap(119, 119, 119)
.addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
- .addComponent(nameCheck, javax.swing.GroupLayout.Alignment.TRAILING, javax.swing.GroupLayout.PREFERRED_SIZE, 95, javax.swing.GroupLayout.PREFERRED_SIZE)
- .addComponent(jLabel1))
- .addGap(16, 16, 16)
- .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
- .addGroup(layout.createSequentialGroup()
- .addComponent(filesRadioButton)
- .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
- .addComponent(dirsRadioButton)
- .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
- .addComponent(allRadioButton))
- .addComponent(nameTextField)))))
+ .addComponent(exclusiveRuleTypeRadio)
+ .addComponent(inclusiveRuleTypeRadio))))
+ .addGap(0, 0, Short.MAX_VALUE))
.addGroup(layout.createSequentialGroup()
.addContainerGap()
- .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
- .addComponent(pathCheck)
- .addComponent(mimeCheck)
- .addComponent(fileSizeCheck)
- .addComponent(dateCheck))
- .addGap(0, 0, Short.MAX_VALUE)))
+ .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.TRAILING)
+ .addComponent(jSeparator1)
+ .addGroup(javax.swing.GroupLayout.Alignment.LEADING, layout.createSequentialGroup()
+ .addGap(2, 2, 2)
+ .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
+ .addGroup(javax.swing.GroupLayout.Alignment.TRAILING, layout.createSequentialGroup()
+ .addComponent(ruleNameLabel)
+ .addGap(5, 5, 5)
+ .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
+ .addComponent(mimeTypeComboBox, 0, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)
+ .addComponent(pathTextField)
+ .addGroup(javax.swing.GroupLayout.Alignment.TRAILING, layout.createSequentialGroup()
+ .addComponent(equalitySymbolComboBox, 0, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)
+ .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
+ .addComponent(fileSizeSpinner)
+ .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
+ .addComponent(fileSizeComboBox, 0, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE))
+ .addGroup(layout.createSequentialGroup()
+ .addComponent(pathRegexCheckBox)
+ .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)
+ .addComponent(pathSeparatorInfoLabel))
+ .addGroup(layout.createSequentialGroup()
+ .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
+ .addComponent(ruleNameTextField)
+ .addGroup(layout.createSequentialGroup()
+ .addComponent(daysIncludedTextField, javax.swing.GroupLayout.PREFERRED_SIZE, 69, javax.swing.GroupLayout.PREFERRED_SIZE)
+ .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
+ .addComponent(daysIncludedLabel)
+ .addGap(0, 0, Short.MAX_VALUE)))
+ .addGap(1, 1, 1))
+ .addGroup(layout.createSequentialGroup()
+ .addComponent(fullNameRadioButton)
+ .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
+ .addComponent(extensionRadioButton)
+ .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
+ .addComponent(nameRegexCheckbox))))
+ .addGroup(layout.createSequentialGroup()
+ .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
+ .addComponent(nameCheck, javax.swing.GroupLayout.Alignment.TRAILING, javax.swing.GroupLayout.PREFERRED_SIZE, 95, javax.swing.GroupLayout.PREFERRED_SIZE)
+ .addComponent(jLabel1))
+ .addGap(16, 16, 16)
+ .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
+ .addComponent(nameTextField)
+ .addGroup(layout.createSequentialGroup()
+ .addComponent(filesRadioButton)
+ .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
+ .addComponent(dirsRadioButton)
+ .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
+ .addComponent(allRadioButton))))))
+ .addGroup(javax.swing.GroupLayout.Alignment.LEADING, layout.createSequentialGroup()
+ .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
+ .addComponent(pathCheck)
+ .addComponent(mimeCheck)
+ .addComponent(fileSizeCheck)
+ .addComponent(dateCheck))
+ .addGap(0, 0, Short.MAX_VALUE)))))
.addContainerGap())
);
layout.setVerticalGroup(
layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
.addGroup(layout.createSequentialGroup()
.addComponent(jLabel5)
- .addGap(3, 3, 3)
+ .addGap(8, 8, 8)
+ .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.TRAILING)
+ .addComponent(ruleTypeLabel)
+ .addComponent(inclusiveRuleTypeRadio))
+ .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
+ .addComponent(exclusiveRuleTypeRadio)
+ .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
+ .addComponent(jSeparator1, javax.swing.GroupLayout.PREFERRED_SIZE, 9, javax.swing.GroupLayout.PREFERRED_SIZE)
+ .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
.addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.TRAILING)
.addGroup(layout.createSequentialGroup()
.addComponent(jLabel1)
@@ -923,7 +975,7 @@ final class FilesSetRulePanel extends javax.swing.JPanel {
.addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE)
.addComponent(ruleNameTextField, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE)
.addComponent(ruleNameLabel, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE))
- .addContainerGap())
+ .addGap(12, 12, 12))
);
}// //GEN-END:initComponents
@@ -1023,14 +1075,17 @@ final class FilesSetRulePanel extends javax.swing.JPanel {
private javax.swing.JTextField daysIncludedTextField;
private javax.swing.JRadioButton dirsRadioButton;
private javax.swing.JComboBox equalitySymbolComboBox;
+ private javax.swing.JRadioButton exclusiveRuleTypeRadio;
private javax.swing.JRadioButton extensionRadioButton;
private javax.swing.JCheckBox fileSizeCheck;
private javax.swing.JComboBox fileSizeComboBox;
private javax.swing.JSpinner fileSizeSpinner;
private javax.swing.JRadioButton filesRadioButton;
private javax.swing.JRadioButton fullNameRadioButton;
+ private javax.swing.JRadioButton inclusiveRuleTypeRadio;
private javax.swing.JLabel jLabel1;
private javax.swing.JLabel jLabel5;
+ private javax.swing.JSeparator jSeparator1;
private javax.swing.JCheckBox mimeCheck;
private javax.swing.JComboBox mimeTypeComboBox;
private javax.swing.ButtonGroup nameButtonGroup;
@@ -1043,6 +1098,7 @@ final class FilesSetRulePanel extends javax.swing.JPanel {
private javax.swing.JTextField pathTextField;
private javax.swing.JLabel ruleNameLabel;
private javax.swing.JTextField ruleNameTextField;
+ private javax.swing.ButtonGroup ruleTypeButtonGroup;
private javax.swing.ButtonGroup typeButtonGroup;
// End of variables declaration//GEN-END:variables
}
diff --git a/Core/src/org/sleuthkit/autopsy/modules/interestingitems/FilesSetsManager.java b/Core/src/org/sleuthkit/autopsy/modules/interestingitems/FilesSetsManager.java
index 0019800ee1..afceada437 100644
--- a/Core/src/org/sleuthkit/autopsy/modules/interestingitems/FilesSetsManager.java
+++ b/Core/src/org/sleuthkit/autopsy/modules/interestingitems/FilesSetsManager.java
@@ -52,7 +52,7 @@ public final class FilesSetsManager extends Observable {
{
put(Bundle.FilesSetsManager_allFilesAndDirectories(),
new Rule(Bundle.FilesSetsManager_allFilesAndDirectories(), null,
- new MetaTypeCondition(MetaTypeCondition.Type.ALL), null, null, null, null));
+ new MetaTypeCondition(MetaTypeCondition.Type.ALL), null, null, null, null, null));
}
});
private static final FilesSet FILES_DIRS_UNALLOC_INGEST_FILTER = new FilesSet(
@@ -61,7 +61,7 @@ public final class FilesSetsManager extends Observable {
{
put(Bundle.FilesSetsManager_allFilesDirectoriesAndUnallocated(),
new Rule(Bundle.FilesSetsManager_allFilesDirectoriesAndUnallocated(), null,
- new MetaTypeCondition(MetaTypeCondition.Type.ALL), null, null, null, null));
+ new MetaTypeCondition(MetaTypeCondition.Type.ALL), null, null, null, null, null));
}
});
diff --git a/Core/src/org/sleuthkit/autopsy/modules/interestingitems/InterestingItemsFilesSetSettings.java b/Core/src/org/sleuthkit/autopsy/modules/interestingitems/InterestingItemsFilesSetSettings.java
index 863243a4e1..84b1306f26 100644
--- a/Core/src/org/sleuthkit/autopsy/modules/interestingitems/InterestingItemsFilesSetSettings.java
+++ b/Core/src/org/sleuthkit/autopsy/modules/interestingitems/InterestingItemsFilesSetSettings.java
@@ -81,6 +81,7 @@ class InterestingItemsFilesSetSettings implements Serializable {
private static final String FS_COMPARATOR_ATTR = "comparatorSymbol";
private static final String FS_SIZE_ATTR = "sizeValue";
private static final String FS_UNITS_ATTR = "sizeUnits";
+ private static final String EXCLUSIVE_ATTR = "isExclusive";
private static final String TYPE_FILTER_VALUE_FILES = "file"; //NON-NLS
private static final String XML_ENCODING = "UTF-8"; //NON-NLS
private static final Logger logger = Logger.getLogger(InterestingItemsFilesSetSettings.class.getName());
@@ -268,13 +269,14 @@ class InterestingItemsFilesSetSettings implements Serializable {
MimeTypeCondition mimeCondition = readMimeCondition(elem);
FileSizeCondition sizeCondition = readSizeCondition(elem);
DateCondition dateCondition = readDateCondition(elem); //if meta type condition or all four types of conditions the user can create are all null then don't make the rule
+ Boolean isExclusive = readExclusive(elem);
if (metaCondition == null || (nameCondition == null && pathCondition == null && mimeCondition == null && sizeCondition == null && dateCondition == null)) {
logger.log(Level.WARNING, "Error Reading Rule, " + ruleName + " was either missing a meta condition or contained only a meta condition. No rule was imported."); // NON-NLS
throw new FilesSetsManager.FilesSetsManagerException(
Bundle.InterestingItemsFilesSetSettings_readRule_missingNecessary(ruleName));
}
- return new FilesSet.Rule(ruleName, nameCondition, metaCondition, pathCondition, mimeCondition, sizeCondition, dateCondition);
+ return new FilesSet.Rule(ruleName, nameCondition, metaCondition, pathCondition, mimeCondition, sizeCondition, dateCondition, isExclusive);
}
/**
@@ -337,6 +339,22 @@ class InterestingItemsFilesSetSettings implements Serializable {
}
return nameCondition;
}
+
+ /**
+ * Construct a MIME type condition for a FilesSet membership rule from data
+ * in an XML element.
+ *
+ * @param ruleElement The XML element.
+ *
+ * @return The mime TYPE condition, or null if none existed
+ */
+ private static Boolean readExclusive(Element elem) {
+ Boolean isExclusive = null;
+ if (!elem.getAttribute(EXCLUSIVE_ATTR).isEmpty()) {
+ isExclusive = Boolean.parseBoolean(elem.getAttribute(EXCLUSIVE_ATTR));
+ }
+ return isExclusive;
+ }
/**
* Construct a MIME type condition for a FilesSet membership rule from data
@@ -724,6 +742,8 @@ class InterestingItemsFilesSetSettings implements Serializable {
if (dateCondition != null) {
ruleElement.setAttribute(DAYS_INCLUDED_ATTR, Integer.toString(dateCondition.getDaysIncluded()));
}
+
+ ruleElement.setAttribute(EXCLUSIVE_ATTR, Boolean.toString(rule.isExclusive()));
setElement.appendChild(ruleElement);
}
diff --git a/Core/test/qa-functional/src/org/sleuthkit/autopsy/ingest/IngestFileFiltersTest.java b/Core/test/qa-functional/src/org/sleuthkit/autopsy/ingest/IngestFileFiltersTest.java
index 5d674dea33..81fec226c5 100755
--- a/Core/test/qa-functional/src/org/sleuthkit/autopsy/ingest/IngestFileFiltersTest.java
+++ b/Core/test/qa-functional/src/org/sleuthkit/autopsy/ingest/IngestFileFiltersTest.java
@@ -90,7 +90,7 @@ public class IngestFileFiltersTest extends NbTestCase {
IngestUtils.addDataSource(dataSourceProcessor, IMAGE_PATH);
HashMap rule = new HashMap<>();
- rule.put("Rule", new Rule("testFileType", null, new MetaTypeCondition(MetaTypeCondition.Type.FILES), new ParentPathCondition("dir1"), null, null, null));
+ rule.put("Rule", new Rule("testFileType", null, new MetaTypeCondition(MetaTypeCondition.Type.FILES), new ParentPathCondition("dir1"), null, null, null, null));
//Filter for dir1 and no unallocated space
FilesSet dirFilter = new FilesSet("Filter", "Filter to find all files in dir1.", false, true, rule);
@@ -131,7 +131,7 @@ public class IngestFileFiltersTest extends NbTestCase {
IngestUtils.addDataSource(dataSourceProcessor, IMAGE_PATH);
HashMap rules = new HashMap<>();
- rules.put("Rule", new Rule("testExtAndDirWithOneRule", new ExtensionCondition("jpg"), new MetaTypeCondition(MetaTypeCondition.Type.FILES), new ParentPathCondition("dir1"), null, null, null));
+ rules.put("Rule", new Rule("testExtAndDirWithOneRule", new ExtensionCondition("jpg"), new MetaTypeCondition(MetaTypeCondition.Type.FILES), new ParentPathCondition("dir1"), null, null, null, null));
//Build the filter that ignore unallocated space and with one rule
FilesSet filesExtDirsFilter = new FilesSet("Filter", "Filter to find all jpg files in dir1.", false, true, rules);
@@ -167,8 +167,8 @@ public class IngestFileFiltersTest extends NbTestCase {
IngestUtils.addDataSource(dataSourceProcessor, IMAGE_PATH);
HashMap rules = new HashMap<>();
- rules.put("rule1", new Rule("FindJpgExtention", new ExtensionCondition("jpg"), new MetaTypeCondition(MetaTypeCondition.Type.FILES), null, null, null, null));
- rules.put("rule2", new Rule("FindDir1Directory", null, new MetaTypeCondition(MetaTypeCondition.Type.FILES), new ParentPathCondition("dir1"), null, null, null));
+ rules.put("rule1", new Rule("FindJpgExtention", new ExtensionCondition("jpg"), new MetaTypeCondition(MetaTypeCondition.Type.FILES), null, null, null, null, null));
+ rules.put("rule2", new Rule("FindDir1Directory", null, new MetaTypeCondition(MetaTypeCondition.Type.FILES), new ParentPathCondition("dir1"), null, null, null, null));
//Build the filter that ingnore unallocated space and with 2 rules
FilesSet filesExtDirsFilter = new FilesSet("Filter", "Filter to find all files in dir1 and all files with jpg extention.", false, true, rules);
@@ -211,7 +211,7 @@ public class IngestFileFiltersTest extends NbTestCase {
IngestUtils.addDataSource(dataSourceProcessor, IMAGE_PATH);
HashMap rules = new HashMap<>();
- rules.put("rule", new Rule("FindFileWithFullName", new FullNameCondition("file.docx"), new MetaTypeCondition(MetaTypeCondition.Type.FILES), null, null, null, null));
+ rules.put("rule", new Rule("FindFileWithFullName", new FullNameCondition("file.docx"), new MetaTypeCondition(MetaTypeCondition.Type.FILES), null, null, null, null, null));
//Build the filter to find file: file.docx
FilesSet fullNameFilter = new FilesSet("Filter", "Filter to find file.docx.", false, true, rules);
@@ -246,8 +246,8 @@ public class IngestFileFiltersTest extends NbTestCase {
IngestUtils.addDataSource(dataSourceProcessor, IMAGE_PATH);
HashMap rules = new HashMap<>();
- rules.put("rule1", new Rule("FindJpgExtention", new ExtensionCondition("jpg"), new MetaTypeCondition(MetaTypeCondition.Type.FILES), null, null, null, null));
- rules.put("rule2", new Rule("FindGifExtention", new ExtensionCondition("gif"), new MetaTypeCondition(MetaTypeCondition.Type.FILES), null, null, null, null));
+ rules.put("rule1", new Rule("FindJpgExtention", new ExtensionCondition("jpg"), new MetaTypeCondition(MetaTypeCondition.Type.FILES), null, null, null, null, null));
+ rules.put("rule2", new Rule("FindGifExtention", new ExtensionCondition("gif"), new MetaTypeCondition(MetaTypeCondition.Type.FILES), null, null, null, null, null));
//Build the filter to find files with .jpg and .gif extension and unallocated space
FilesSet extensionFilter = new FilesSet("Filter", "Filter to files with .jpg and .gif extension.", false, false, rules);
@@ -294,8 +294,8 @@ public class IngestFileFiltersTest extends NbTestCase {
IngestUtils.addDataSource(dataSourceProcessor, IMAGE_PATH);
HashMap rules = new HashMap<>();
- rules.put("rule1", new Rule("FindJpgExtention", new ExtensionCondition("jpg"), new MetaTypeCondition(MetaTypeCondition.Type.FILES), null, null, null, null));
- rules.put("rule2", new Rule("FindGifExtention", new ExtensionCondition("gif"), new MetaTypeCondition(MetaTypeCondition.Type.FILES), null, null, null, null));
+ rules.put("rule1", new Rule("FindJpgExtention", new ExtensionCondition("jpg"), new MetaTypeCondition(MetaTypeCondition.Type.FILES), null, null, null, null, null));
+ rules.put("rule2", new Rule("FindGifExtention", new ExtensionCondition("gif"), new MetaTypeCondition(MetaTypeCondition.Type.FILES), null, null, null, null, null));
//Build the filter to find files with .jpg and .gif extension
FilesSet extensionFilter = new FilesSet("Filter", "Filter to files with .jpg and .gif extension.", false, true, rules);
@@ -330,9 +330,9 @@ public class IngestFileFiltersTest extends NbTestCase {
//Build the filter to find jpg files
HashMap rules = new HashMap<>();
//Extension condition for jpg files
- rules.put("rule1", new Rule("FindJpgExtention", new ExtensionCondition("jpg"), new MetaTypeCondition(MetaTypeCondition.Type.FILES), null, null, null, null));
+ rules.put("rule1", new Rule("FindJpgExtention", new ExtensionCondition("jpg"), new MetaTypeCondition(MetaTypeCondition.Type.FILES), null, null, null, null, null));
//Extension condition for zip files, because we want test jpg extension filter for extracted files from a zip file
- rules.put("rule2", new Rule("ZipExtention", new ExtensionCondition("zip"), new MetaTypeCondition(MetaTypeCondition.Type.FILES), null, null, null, null));
+ rules.put("rule2", new Rule("ZipExtention", new ExtensionCondition("zip"), new MetaTypeCondition(MetaTypeCondition.Type.FILES), null, null, null, null, null));
FilesSet embeddedFilter = new FilesSet("Filter", "Filter to files with .jpg extension.", false, false, rules);
ArrayList templates = new ArrayList<>();
diff --git a/ImageGallery/nbproject/project.properties b/ImageGallery/nbproject/project.properties
index 273f96d9d9..71bee9e165 100644
--- a/ImageGallery/nbproject/project.properties
+++ b/ImageGallery/nbproject/project.properties
@@ -1,4 +1,4 @@
-file.reference.sqlite-jdbc-3.25.2.jar=release/modules/ext/sqlite-jdbc-3.25.2.jar
+file.reference.sqlite-jdbc-3.36.0.3.jar=release/modules/ext/sqlite-jdbc-3.36.0.3.jar
javac.source=1.8
javac.compilerargs=-Xlint -Xlint:-serial
license.file=LICENSE-2.0.txt
diff --git a/ImageGallery/nbproject/project.xml b/ImageGallery/nbproject/project.xml
index 0c5fd31fca..c3c15d5545 100644
--- a/ImageGallery/nbproject/project.xml
+++ b/ImageGallery/nbproject/project.xml
@@ -142,8 +142,8 @@
- ext/sqlite-jdbc-3.25.2.jar
- release/modules/ext/sqlite-jdbc-3.25.2.jar
+ ext/sqlite-jdbc-3.36.0.3.jar
+ release/modules/ext/sqlite-jdbc-3.36.0.3.jar
diff --git a/RecentActivity/nbproject/project.properties b/RecentActivity/nbproject/project.properties
index b94a108e6e..d5847c5263 100644
--- a/RecentActivity/nbproject/project.properties
+++ b/RecentActivity/nbproject/project.properties
@@ -1,5 +1,5 @@
file.reference.Rejistry-1.1-SNAPSHOT.jar=release/modules/ext/Rejistry-1.1-SNAPSHOT.jar
-file.reference.sqlite-jdbc-3.25.2.jar=release/modules/ext/sqlite-jdbc-3.25.2.jar
+file.reference.sqlite-jdbc-3.36.0.3.jar=release/modules/ext/sqlite-jdbc-3.36.0.3.jar
javac.source=1.8
javac.compilerargs=-Xlint -Xlint:-serial
license.file=../LICENSE-2.0.txt
diff --git a/RecentActivity/nbproject/project.xml b/RecentActivity/nbproject/project.xml
index d4bde92950..9fbbabf596 100644
--- a/RecentActivity/nbproject/project.xml
+++ b/RecentActivity/nbproject/project.xml
@@ -88,8 +88,8 @@
release/modules/ext/Rejistry-1.1-SNAPSHOT.jar
- ext/sqlite-jdbc-3.25.2.jar
- release/modules/ext/sqlite-jdbc-3.25.2.jar
+ ext/sqlite-jdbc-3.36.0.3.jar
+ release/modules/ext/sqlite-jdbc-3.36.0.3.jar