Merge pull request #5499 from wschaeferB/5716-RawMediaArtifactType

5716 raw media artifact type
2025-07-12 07:56:16 +00:00 · 2019-12-18 15:08:48 -05:00 · 2019-12-18 15:08:48 -05:00 · 39f730caf4
commit 39f730caf4
parent deda848fc8 c072f06c62
5 changed files with 24 additions and 11 deletions
--- a/Core/src/org/sleuthkit/autopsy/filequery/Bundle.properties
+++ b/Core/src/org/sleuthkit/autopsy/filequery/Bundle.properties
@ -44,7 +44,7 @@ FileSearchPanel.hashSetCheckbox.text=Hash Set:
 FileSearchPanel.tagsCheckbox.text=Tag:
 FileSearchPanel.interestingItemsCheckbox.text=Interesting Item:
 FileSearchPanel.scoreCheckbox.text=Has Score:
-FileSearchPanel.exifCheckbox.text=Must contain EXIF data
+FileSearchPanel.exifCheckbox.text=Possibly User Created
 FileSearchPanel.notableCheckbox.text=Must have been tagged as notable
 FileSearchPanel.objectsCheckbox.text=Object Detected:
 ResultsPanel.currentPageLabel.text=Page: -
--- a/Core/src/org/sleuthkit/autopsy/filequery/Bundle.properties-MERGED
+++ b/Core/src/org/sleuthkit/autopsy/filequery/Bundle.properties-MERGED
@ -150,7 +150,7 @@ FileSearchPanel.hashSetCheckbox.text=Hash Set:
 FileSearchPanel.tagsCheckbox.text=Tag:
 FileSearchPanel.interestingItemsCheckbox.text=Interesting Item:
 FileSearchPanel.scoreCheckbox.text=Has Score:
-FileSearchPanel.exifCheckbox.text=Must contain EXIF data
+FileSearchPanel.exifCheckbox.text=Possibly User Created
 FileSearchPanel.notableCheckbox.text=Must have been tagged as notable
 FileSearchPanel.objectsCheckbox.text=Object Detected:
 FileSorter.SortingMethod.datasource.displayName=Data Source
--- a/Core/src/org/sleuthkit/autopsy/filequery/ResultsPanel.java
+++ b/Core/src/org/sleuthkit/autopsy/filequery/ResultsPanel.java
@ -146,15 +146,23 @@ public class ResultsPanel extends javax.swing.JPanel {
     */
    synchronized void populateInstancesList() {
        SwingUtilities.invokeLater(() -> {
+            List<AbstractFile> files = getInstancesForSelected();
+            if (files.isEmpty()) {
+                //if there are no files currently remove the current items without removing listener to cause content viewer to reset
+                instancesListModel.removeAllElements();
+            } else {
+                //remove listener so content viewer node is not set multiple times
                instancesList.removeListSelectionListener(listener);
                instancesListModel.removeAllElements();
-            for (AbstractFile file : getInstancesForSelected()) {
+                for (AbstractFile file : files) {
                    instancesListModel.addElement(file);
                }
+                //add listener back to allow selection of first index to cause content viewer node to be set
                instancesList.addListSelectionListener(listener);
                if (!instancesListModel.isEmpty()) {
                    instancesList.setSelectedIndex(0);
                }
+            }
        });
    }

--- a/Core/src/org/sleuthkit/autopsy/modules/exif/Bundle.properties-MERGED
+++ b/Core/src/org/sleuthkit/autopsy/modules/exif/Bundle.properties-MERGED
@ -1,5 +1,6 @@
 CannotRunFileTypeDetection=Cannot run file type detection.
 ExifParserFileIngestModule.indexError.message=Failed to post EXIF Metadata artifact(s).
+ExifParserFileIngestModule.userContent.description=EXIF metadata exists for this file.
 OpenIDE-Module-Display-Category=Ingest Module
 OpenIDE-Module-Long-Description=Exif metadata ingest module.  \n\nThe ingest module analyzes image files, extracts Exif information and posts the Exif data as results.
 OpenIDE-Module-Name=ExifParser
--- a/Core/src/org/sleuthkit/autopsy/modules/exif/ExifParserFileIngestModule.java
+++ b/Core/src/org/sleuthkit/autopsy/modules/exif/ExifParserFileIngestModule.java
@ -49,6 +49,7 @@ import org.sleuthkit.datamodel.AbstractFile;
 import org.sleuthkit.datamodel.Blackboard;
 import org.sleuthkit.datamodel.BlackboardArtifact;
 import static org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.TSK_METADATA_EXIF;
+import static org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.TSK_USER_CONTENT_SUSPECTED;
 import org.sleuthkit.datamodel.BlackboardAttribute;
 import static org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME_CREATED;
 import static org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DEVICE_MAKE;
@ -130,6 +131,7 @@ public final class ExifParserFileIngestModule implements FileIngestModule {
        return processFile(content);
    }

+    @Messages({"ExifParserFileIngestModule.userContent.description=EXIF metadata exists for this file."})
    private ProcessResult processFile(AbstractFile file) {

        try (BufferedInputStream bin = new BufferedInputStream(new ReadContentInputStream(file));) {
@ -193,11 +195,13 @@ public final class ExifParserFileIngestModule implements FileIngestModule {
                // Create artifact if it doesn't already exist.
                if (!blackboard.artifactExists(file, TSK_METADATA_EXIF, attributes)) {
                    BlackboardArtifact bba = file.newArtifact(TSK_METADATA_EXIF);
+                    BlackboardArtifact bba2 = file.newArtifact(TSK_USER_CONTENT_SUSPECTED);
                    bba.addAttributes(attributes);
-
+                    bba2.addAttribute(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DESCRIPTION, MODULE_NAME, Bundle.ExifParserFileIngestModule_userContent_description()));
                    try {
                        // index the artifact for keyword search
                        blackboard.postArtifact(bba, MODULE_NAME);
+                        blackboard.postArtifact(bba2, MODULE_NAME);
                    } catch (Blackboard.BlackboardException ex) {
                        logger.log(Level.SEVERE, "Unable to index blackboard artifact " + bba.getArtifactID(), ex); //NON-NLS
                        MessageNotifyUtil.Notify.error(