mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-14 17:06:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

added hosts and persons autopsy events

Browse Source
This commit is contained in:
Greg DiCristofaro 2021-03-01 15:47:12 -05:00
parent 243631015b
commit 1c3059d76c
9 changed files with 569 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

157
Core/src/org/sleuthkit/autopsy/casemodule/Case.java
View File

@ -39,6 +39,7 @@ import java.sql.SQLException;
import java.sql.Statement;
import java.text.SimpleDateFormat;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
@ -81,6 +82,9 @@ import org.sleuthkit.autopsy.casemodule.events.ContentTagDeletedEvent;
import org.sleuthkit.autopsy.casemodule.events.DataSourceAddedEvent;
import org.sleuthkit.autopsy.casemodule.events.DataSourceDeletedEvent;
import org.sleuthkit.autopsy.casemodule.events.DataSourceNameChangedEvent;
import org.sleuthkit.autopsy.casemodule.events.HostAddedEvent;
import org.sleuthkit.autopsy.casemodule.events.HostChangedEvent;
import org.sleuthkit.autopsy.casemodule.events.HostRemovedEvent;
import org.sleuthkit.autopsy.casemodule.events.OsAccountAddedEvent;
import org.sleuthkit.autopsy.casemodule.events.OsAccountChangedEvent;
import org.sleuthkit.autopsy.casemodule.events.ReportAddedEvent;
@ -130,6 +134,7 @@ import org.sleuthkit.datamodel.Content;
import org.sleuthkit.datamodel.ContentTag;
import org.sleuthkit.datamodel.DataSource;
import org.sleuthkit.datamodel.FileSystem;
import org.sleuthkit.datamodel.Host;
import org.sleuthkit.datamodel.Image;
import org.sleuthkit.datamodel.OsAccount;
import org.sleuthkit.datamodel.OsAccountManager;
@ -426,8 +431,38 @@ public class Case {
* OSAccount associated with the current case has changed.
* Call getOsAccount to get the changed account;
*/
OS_ACCOUNT_CHANGED;
OS_ACCOUNT_CHANGED,
/**
* Hosts associated with the current case added.
*/
HOSTS_ADDED,
/**
* Hosts associated with the current case has changed.
*/
HOSTS_CHANGED,
/**
* Hosts associated with the current case has been deleted.
*/
HOSTS_DELETED,
/**
* Persons associated with the current case added.
*/
PERSONS_ADDED,
/**
* Persons associated with the current case has changed.
*/
PERSONS_CHANGED,
/**
* Persons associated with the current case has been deleted.
*/
PERSONS_DELETED
;
};
/**
@ -474,6 +509,78 @@ public class Case {
eventPublisher.publish(new OsAccountChangedEvent(account));
}
}
/**
* Publishes an autopsy event from the sleuthkit HostCreationEvent
* indicating that hosts have been created.
*
* @param event The sleuthkit event for the creation of hosts.
*/
@Subscribe
public void publishHostsAddedEvent(HostCreationEvent event) {
eventPublisher.publish(new HostsAddedEvent(
event == null ? Collections.emptyList() : event.getHosts()));
}
/**
* Publishes an autopsy event from the sleuthkit HostUpdateEvent
* indicating that hosts have been updated.
*
* @param event The sleuthkit event for the updating of hosts.
*/
@Subscribe
public void publishHostsChangedEvent(HostUpdateEvent event) {
eventPublisher.publish(new HostsChangedEvent(
event == null ? Collections.emptyList() : event.getHosts()));
}
/**
* Publishes an autopsy event from the sleuthkit HostDeletedEvent
* indicating that hosts have been deleted.
*
* @param event The sleuthkit event for the deleting of hosts.
*/
@Subscribe
public void publishHostsDeletedEvent(HostDeletedEvent event) {
eventPublisher.publish(new HostsRemovedEvent(
event == null ? Collections.emptyList() : event.getHosts()));
}
/**
* Publishes an autopsy event from the sleuthkit PersonCreationEvent
* indicating that persons have been created.
*
* @param event The sleuthkit event for the creation of persons.
*/
@Subscribe
public void publishPersonsAddedEvent(PersonCreationEvent event) {
eventPublisher.publish(new PersonsAddedEvent(
event == null ? Collections.emptyList() : event.getPersons()));
}
/**
* Publishes an autopsy event from the sleuthkit PersonUpdateEvent
* indicating that persons have been updated.
*
* @param event The sleuthkit event for the updating of persons.
*/
@Subscribe
public void publishPersonsChangedEvent(PersonUpdateEvent event) {
eventPublisher.publish(new PersonsChangedEvent(
event == null ? Collections.emptyList() : event.getPersons()));
}
/**
* Publishes an autopsy event from the sleuthkit PersonDeletedEvent
* indicating that persons have been deleted.
*
* @param event The sleuthkit event for the deleting of persons.
*/
@Subscribe
public void publishPersonsDeletedEvent(PersonDeletedEvent event) {
eventPublisher.publish(new PersonsRemovedEvent(
event == null ? Collections.emptyList() : event.getPersons()));
}
}
/**
@ -1681,6 +1788,54 @@ public class Case {
eventPublisher.publish(new OsAccountChangedEvent(account));
}
/**
* Notify via an autopsy event that a host has been added.
* @param host The host that has been added.
*/
public void notifyHostAdded(Host host) {
eventPublisher.publish(new HostAddedEvent(Collections.singletonList(host)));
}
/**
* Notify via an autopsy event that a host has been changed.
* @param newValue The host that has been updated.
*/
public void notifyHostChanged(Host newValue) {
eventPublisher.publish(new HostChangedEvent(Collections.singletonList(newValue)));
}
/**
* Notify via an autopsy event that a host has been deleted.
* @param host The host that has been deleted.
*/
public void notifyHostDeleted(Host host) {
eventPublisher.publish(new HostRemovedEvent(Collections.singletonList(host)));
}
/**
* Notify via an autopsy event that a person has been added.
* @param person The person that has been added.
*/
public void notifyPersonAdded(Person person) {
eventPublisher.publish(new PersonAddedEvent(Collections.singletonList(person)));
}
/**
* Notify via an autopsy event that a person has been changed.
* @param newValue The person that has been updated.
*/
public void notifyPersonChanged(Person newValue) {
eventPublisher.publish(new PersonChangedEvent(Collections.singletonList(newValue)));
}
/**
* Notify via an autopsy event that a person has been deleted.
* @param person The person that has been deleted.
*/
public void notifyPersonDeleted(Person person) {
eventPublisher.publish(new PersonRemovedEvent(Collections.singletonList(person)));
}
/**
* Adds a report to the case.
*

39
Core/src/org/sleuthkit/autopsy/casemodule/events/HostAddedEvent.java Normal file
View File

@ -0,0 +1,39 @@
/*
* Autopsy Forensic Browser
*
* Copyright 2021 Basis Technology Corp.
* Contact: carrier <at> sleuthkit <dot> org
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.sleuthkit.autopsy.casemodule.events;
import java.util.List;
import org.sleuthkit.autopsy.casemodule.Case;
import org.sleuthkit.datamodel.Host;
/**
* Event fired when new hosts are added.
*/
public class HostAddedEvent extends HostEvent {
private static final long serialVersionUID = 1L;
/**
* Main constructor.
* @param dataModelObjects The hosts that have been added.
*/
public HostAddedEvent(List<Host> dataModelObjects) {
super(Case.Events.HOST_ADDED.name(), dataModelObjects);
}
}

41
Core/src/org/sleuthkit/autopsy/casemodule/events/HostChangedEvent.java Normal file
View File

@ -0,0 +1,41 @@
/*
* Autopsy Forensic Browser
*
* Copyright 2021 Basis Technology Corp.
* Contact: carrier <at> sleuthkit <dot> org
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.sleuthkit.autopsy.casemodule.events;
import java.util.List;
import org.sleuthkit.autopsy.casemodule.Case;
import org.sleuthkit.datamodel.Host;
/**
* Event fired when hosts are changed.
*/
public class HostChangedEvent extends HostEvent {
private static final long serialVersionUID = 1L;
/**
* Main constructor.
*
* @param dataModelObjects The new values for the hosts that have been
* changed.
*/
public HostChangedEvent(List<Host> dataModelObjects) {
super(Case.Events.HOST_CHANGED.name(), dataModelObjects);
}
}

87
Core/src/org/sleuthkit/autopsy/casemodule/events/HostEvent.java Normal file
View File

@ -0,0 +1,87 @@
/*
* Autopsy Forensic Browser
*
* Copyright 2021 Basis Technology Corp.
* Contact: carrier <at> sleuthkit <dot> org
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.sleuthkit.autopsy.casemodule.events;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.Optional;
import java.util.stream.Collectors;
import org.sleuthkit.datamodel.Host;
import org.sleuthkit.datamodel.HostManager;
import org.sleuthkit.datamodel.SleuthkitCase;
import org.sleuthkit.datamodel.TskCoreException;
/**
* Base event class for when something pertaining to hosts changes.
*/
public class HostEvent extends TskDataModelChangeEvent<Host> {
/**
* Retrieves a list of ids from a list of hosts.
*
* @param hosts The hosts.
* @return The list of ids.
*/
private static List<Long> getIds(List<Host> hosts) {
return getSafeList(hosts).stream()
.filter(h -> h != null)
.map(h -> h.getId()).collect(Collectors.toList());
}
/**
* Returns the hosts or an empty list.
*
* @param hosts The host list.
* @return The host list or an empty list if the parameter is null.
*/
private static List<Host> getSafeList(List<Host> hosts) {
return hosts == null ? Collections.emptyList() : hosts;
}
/**
* Main constructor.
*
* @param eventName The name of the Case.Events enum value for the event
* type.
* @param dataModelObjects The list of hosts for the event.
*/
protected HostEvent(String eventName, List<Host> dataModelObjects) {
super(eventName, getIds(dataModelObjects), new ArrayList<>(getSafeList(dataModelObjects)));
}
@Override
protected List<Host> getDataModelObjects(SleuthkitCase caseDb, List<Long> ids) throws TskCoreException {
HostManager hostManager = caseDb.getHostManager();
List<Host> toRet = new ArrayList<>();
if (ids != null) {
for (Long id : ids) {
if (id == null) {
continue;
}
Optional<Host> thisHostOpt = hostManager.getHost(id);
thisHostOpt.ifPresent((h) -> toRet.add(h));
}
}
return toRet;
}
}

39
Core/src/org/sleuthkit/autopsy/casemodule/events/HostRemovedEvent.java Normal file
View File

@ -0,0 +1,39 @@
/*
* Autopsy Forensic Browser
*
* Copyright 2021 Basis Technology Corp.
* Contact: carrier <at> sleuthkit <dot> org
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.sleuthkit.autopsy.casemodule.events;
import java.util.List;
import org.sleuthkit.autopsy.casemodule.Case;
import org.sleuthkit.datamodel.Host;
/**
* Event fired when hosts are removed.
*/
public class HostRemovedEvent extends HostEvent {
private static final long serialVersionUID = 1L;
/**
* Main constructor.
* @param dataModelObjects The list of hosts that have been deleted.
*/
public HostRemovedEvent(List<Host> dataModelObjects) {
super(Case.Events.HOST_DELETED.name(), dataModelObjects);
}
}

39
Core/src/org/sleuthkit/autopsy/casemodule/events/PersonAddedEvent.java Normal file
View File

@ -0,0 +1,39 @@
/*
* Autopsy Forensic Browser
*
* Copyright 2021 Basis Technology Corp.
* Contact: carrier <at> sleuthkit <dot> org
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.sleuthkit.autopsy.casemodule.events;
import java.util.List;
import org.sleuthkit.autopsy.casemodule.Case;
import org.sleuthkit.datamodel.Person;
/**
* Event fired when new persons are added.
*/
public class PersonAddedEvent extends PersonEvent {
private static final long serialVersionUID = 1L;
/**
* Main constructor.
* @param dataModelObjects The persons that have been added.
*/
public PersonAddedEvent(List<Person> dataModelObjects) {
super(Case.Events.PERSON_ADDED.name(), dataModelObjects);
}
}

41
Core/src/org/sleuthkit/autopsy/casemodule/events/PersonChangedEvent.java Normal file
View File

@ -0,0 +1,41 @@
/*
* Autopsy Forensic Browser
*
* Copyright 2021 Basis Technology Corp.
* Contact: carrier <at> sleuthkit <dot> org
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.sleuthkit.autopsy.casemodule.events;
import java.util.List;
import org.sleuthkit.autopsy.casemodule.Case;
import org.sleuthkit.datamodel.Person;
/**
* Event fired when persons are changed.
*/
public class PersonChangedEvent extends PersonEvent {
private static final long serialVersionUID = 1L;
/**
* Main constructor.
*
* @param dataModelObjects The new values for the persons that have been
* changed.
*/
public PersonChangedEvent(List<Person> dataModelObjects) {
super(Case.Events.PERSON_CHANGED.name(), dataModelObjects);
}
}

87
Core/src/org/sleuthkit/autopsy/casemodule/events/PersonEvent.java Normal file
View File

@ -0,0 +1,87 @@
/*
* Autopsy Forensic Browser
*
* Copyright 2021 Basis Technology Corp.
* Contact: carrier <at> sleuthkit <dot> org
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.sleuthkit.autopsy.casemodule.events;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.Optional;
import java.util.stream.Collectors;
import org.sleuthkit.datamodel.Person;
import org.sleuthkit.datamodel.PersonManager;
import org.sleuthkit.datamodel.SleuthkitCase;
import org.sleuthkit.datamodel.TskCoreException;
/**
* Base event class for when something pertaining to persons changes.
*/
public class PersonEvent extends TskDataModelChangeEvent<Person> {
/**
* Retrieves a list of ids from a list of persons.
*
* @param persons The persons.
* @return The list of ids.
*/
private static List<Long> getIds(List<Person> persons) {
return getSafeList(persons).stream()
.filter(h -> h != null)
.map(h -> h.getId()).collect(Collectors.toList());
}
/**
* Returns the persons or an empty list.
*
* @param persons The person list.
* @return The person list or an empty list if the parameter is null.
*/
private static List<Person> getSafeList(List<Person> persons) {
return persons == null ? Collections.emptyList() : persons;
}
/**
* Main constructor.
*
* @param eventName The name of the Case.Events enum value for the event
* type.
* @param dataModelObjects The list of persons for the event.
*/
protected PersonEvent(String eventName, List<Person> dataModelObjects) {
super(eventName, getIds(dataModelObjects), new ArrayList<>(getSafeList(dataModelObjects)));
}
@Override
protected List<Person> getDataModelObjects(SleuthkitCase caseDb, List<Long> ids) throws TskCoreException {
PersonManager personManager = caseDb.getPersonManager();
List<Person> toRet = new ArrayList<>();
if (ids != null) {
for (Long id : ids) {
if (id == null) {
continue;
}
Optional<Person> thisPersonOpt = personManager.getPerson(id);
thisPersonOpt.ifPresent((h) -> toRet.add(h));
}
}
return toRet;
}
}

39
Core/src/org/sleuthkit/autopsy/casemodule/events/PersonRemovedEvent.java Normal file
View File

@ -0,0 +1,39 @@
/*
* Autopsy Forensic Browser
*
* Copyright 2021 Basis Technology Corp.
* Contact: carrier <at> sleuthkit <dot> org
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.sleuthkit.autopsy.casemodule.events;
import java.util.List;
import org.sleuthkit.autopsy.casemodule.Case;
import org.sleuthkit.datamodel.Person;
/**
* Event fired when persons are removed.
*/
public class PersonRemovedEvent extends PersonEvent {
private static final long serialVersionUID = 1L;
/**
* Main constructor.
* @param dataModelObjects The list of persons that have been deleted.
*/
public PersonRemovedEvent(List<Person> dataModelObjects) {
super(Case.Events.PERSON_DELETED.name(), dataModelObjects);
}
}