mirror of
https://github.com/overcuriousity/autopsy-flatpak.git
synced 2025-07-14 17:06:16 +00:00
6865 fix alternate filter use for domains
This commit is contained in:
parent
7c652b384c
commit
0f0f7022b7
@ -59,23 +59,25 @@ class DomainSearchCacheLoader extends CacheLoader<SearchKey, Map<GroupKey, List<
|
|||||||
public Map<GroupKey, List<Result>> load(SearchKey key) throws DiscoveryException, SQLException, TskCoreException {
|
public Map<GroupKey, List<Result>> load(SearchKey key) throws DiscoveryException, SQLException, TskCoreException {
|
||||||
|
|
||||||
List<Result> domainResults = getResultDomainsFromDatabase(key);
|
List<Result> domainResults = getResultDomainsFromDatabase(key);
|
||||||
|
//manually add the attributes for filters which use alternate non filters and could be used by grouping or sorting
|
||||||
|
DiscoveryAttributes.FrequencyAttribute freqAttr = new DiscoveryAttributes.FrequencyAttribute();
|
||||||
|
freqAttr.addAttributeToResults(domainResults, key.getSleuthkitCase(), key.getCentralRepository());
|
||||||
// Apply secondary in memory filters
|
// Apply secondary in memory filters
|
||||||
for (AbstractFilter filter : key.getFilters()) {
|
for (AbstractFilter filter : key.getFilters()) {
|
||||||
if (filter.useAlternateFilter()) {
|
if (filter.useAlternateFilter()) {
|
||||||
domainResults = filter.applyAlternateFilter(domainResults, key.getSleuthkitCase(), key.getCentralRepository());
|
domainResults = filter.applyAlternateFilter(domainResults, key.getSleuthkitCase(), key.getCentralRepository());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Grouping by CR Frequency, for example, will require further processing
|
// Grouping by CR Frequency, for example, will require further processing
|
||||||
// in order to make the correct decision. The attribute types that require
|
// in order to make the correct decision. The attribute types that require
|
||||||
// more information implement their logic by overriding `addAttributeToResults`.
|
// more information implement their logic by overriding `addAttributeToResults`.
|
||||||
List<AttributeType> searchAttributes = new ArrayList<>();
|
List<AttributeType> searchAttributes = new ArrayList<>();
|
||||||
searchAttributes.add(key.getGroupAttributeType());
|
searchAttributes.add(key.getGroupAttributeType());
|
||||||
searchAttributes.addAll(key.getFileSortingMethod().getRequiredAttributes());
|
searchAttributes.addAll(key.getFileSortingMethod().getRequiredAttributes());
|
||||||
|
|
||||||
for (AttributeType attr : searchAttributes) {
|
for (AttributeType attr : searchAttributes) {
|
||||||
attr.addAttributeToResults(domainResults,
|
attr.addAttributeToResults(domainResults,
|
||||||
key.getSleuthkitCase(), key.getCentralRepository());
|
key.getSleuthkitCase(), key.getCentralRepository());
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -244,11 +246,13 @@ class DomainSearchCacheLoader extends CacheLoader<SearchKey, Map<GroupKey, List<
|
|||||||
private final SleuthkitCase skc;
|
private final SleuthkitCase skc;
|
||||||
private SQLException sqlCause;
|
private SQLException sqlCause;
|
||||||
private TskCoreException coreCause;
|
private TskCoreException coreCause;
|
||||||
|
|
||||||
private final Set<String> bannedDomains = new HashSet<String>() {{
|
private final Set<String> bannedDomains = new HashSet<String>() {
|
||||||
add("localhost");
|
{
|
||||||
add("127.0.0.1");
|
add("localhost");
|
||||||
}};
|
add("127.0.0.1");
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Construct a new DomainCallback object.
|
* Construct a new DomainCallback object.
|
||||||
@ -267,13 +271,13 @@ class DomainSearchCacheLoader extends CacheLoader<SearchKey, Map<GroupKey, List<
|
|||||||
|
|
||||||
while (resultSet.next()) {
|
while (resultSet.next()) {
|
||||||
String domain = resultSet.getString("domain");
|
String domain = resultSet.getString("domain");
|
||||||
|
|
||||||
if (bannedDomains.contains(domain)) {
|
if (bannedDomains.contains(domain)) {
|
||||||
// Skip banned domains
|
// Skip banned domains
|
||||||
// Domain names are lowercased in the SQL query
|
// Domain names are lowercased in the SQL query
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
Long activityStart = resultSet.getLong("activity_start");
|
Long activityStart = resultSet.getLong("activity_start");
|
||||||
if (resultSet.wasNull()) {
|
if (resultSet.wasNull()) {
|
||||||
activityStart = null;
|
activityStart = null;
|
||||||
|
Loading…
x
Reference in New Issue
Block a user