mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-17 10:17:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #4445 from dgrove727/4597_StoreDataSourceHashesInCentralRepo

Browse Source 
4597 store data source hashes in central repo
This commit is contained in:
Richard Cordovano 2019-01-21 11:12:54 -05:00 committed by GitHub
commit 45e90bb4cc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 380 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

91
Core/src/org/sleuthkit/autopsy/centralrepository/datamodel/AbstractSqlEamDb.java
View File

@ -621,8 +621,7 @@ abstract class AbstractSqlEamDb implements EamDb {
Connection conn = connect();
PreparedStatement preparedStatement = null;
//The conflict clause exists incase multiple nodes are trying to add the datasource because it did not exist at the same time
String sql = "INSERT INTO data_sources(device_id, case_id, name, datasource_obj_id) VALUES (?, ?, ?, ?) "
String sql = "INSERT INTO data_sources(device_id, case_id, name, datasource_obj_id, md5, sha1, sha256) VALUES (?, ?, ?, ?, ?, ?, ?) "
+ getConflictClause();
ResultSet resultSet = null;
try {
@ -632,6 +631,9 @@ abstract class AbstractSqlEamDb implements EamDb {
preparedStatement.setInt(2, eamDataSource.getCaseID());
preparedStatement.setString(3, eamDataSource.getName());
preparedStatement.setLong(4, eamDataSource.getDataSourceObjectID());
preparedStatement.setString(5, eamDataSource.getMd5());
preparedStatement.setString(6, eamDataSource.getSha1());
preparedStatement.setString(7, eamDataSource.getSha256());
preparedStatement.executeUpdate();
resultSet = preparedStatement.getGeneratedKeys();
@ -652,6 +654,7 @@ abstract class AbstractSqlEamDb implements EamDb {
dataSourceCacheById.put(getDataSourceByIdCacheKey(dataSource.getCaseID(), dataSource.getID()), dataSource);
return dataSource;
}
} catch (SQLException ex) {
throw new EamDbException("Error inserting new data source.", ex); // NON-NLS
} finally {
@ -828,6 +831,73 @@ abstract class AbstractSqlEamDb implements EamDb {
return dataSources;
}
/**
* Updates the MD5 hash value in an existing data source in the database.
*
* @param eamDataSource The data source to update
*/
@Override
public void updateDataSourceMd5Hash(CorrelationDataSource eamDataSource) throws EamDbException {
updateDataSourceStringValue(eamDataSource, "md5", eamDataSource.getMd5());
}
/**
* Updates the SHA-1 hash value in an existing data source in the database.
*
* @param eamDataSource The data source to update
*/
@Override
public void updateDataSourceSha1Hash(CorrelationDataSource eamDataSource) throws EamDbException {
updateDataSourceStringValue(eamDataSource, "sha1", eamDataSource.getSha1());
}
/**
* Updates the SHA-256 hash value in an existing data source in the database.
*
* @param eamDataSource The data source to update
*/
@Override
public void updateDataSourceSha256Hash(CorrelationDataSource eamDataSource) throws EamDbException {
updateDataSourceStringValue(eamDataSource, "sha256", eamDataSource.getSha256());
}
/**
* Updates the specified value in an existing data source in the database.
*
* @param eamDataSource The data source to update
* @param column The name of the column to be updated
* @param value The value to assign to the specified column
*/
private void updateDataSourceStringValue(CorrelationDataSource eamDataSource, String column, String value) throws EamDbException {
if (eamDataSource == null) {
throw new EamDbException("Correlation data source is null");
}
Connection conn = connect();
PreparedStatement preparedStatement = null;
String sql = "UPDATE data_sources "
+ "SET " + column + "=? "
+ "WHERE id=?";
try {
preparedStatement = conn.prepareStatement(sql);
preparedStatement.setString(1, value);
preparedStatement.setInt(2, eamDataSource.getID());
preparedStatement.executeUpdate();
//update the case in the cache
dataSourceCacheByDsObjectId.put(getDataSourceByDSObjectIdCacheKey(eamDataSource.getCaseID(), eamDataSource.getDataSourceObjectID()), eamDataSource);
dataSourceCacheById.put(getDataSourceByIdCacheKey(eamDataSource.getCaseID(), eamDataSource.getID()), eamDataSource);
} catch (SQLException ex) {
throw new EamDbException(String.format("Error updating data source (obj_id=%d).", eamDataSource.getDataSourceObjectID()), ex); // NON-NLS
} finally {
EamDbUtil.closeStatement(preparedStatement);
EamDbUtil.closeConnection(conn);
}
}
/**
* Inserts new Artifact(s) into the database. Should add associated Case and
@ -941,7 +1011,7 @@ abstract class AbstractSqlEamDb implements EamDb {
+ ".value,"
+ tableName
+ ".file_obj_id,"
+ " cases.case_name, cases.case_uid, data_sources.id AS data_source_id, data_sources.name, device_id, file_path, known_status, comment, data_sources.case_id, data_sources.datasource_obj_id FROM "
+ " cases.case_name, cases.case_uid, data_sources.id AS data_source_id, data_sources.name, device_id, file_path, known_status, comment, data_sources.case_id, data_sources.datasource_obj_id, data_sources.md5, data_sources.sha1, data_sources.sha256 FROM "
+ tableName
+ " LEFT JOIN cases ON "
+ tableName
@ -1006,7 +1076,7 @@ abstract class AbstractSqlEamDb implements EamDb {
+ ".value,"
+ tableName
+ ".file_obj_id,"
+ " cases.case_name, cases.case_uid, data_sources.id AS data_source_id, data_sources.name, device_id, file_path, known_status, comment, data_sources.case_id, data_sources.datasource_obj_id FROM "
+ " cases.case_name, cases.case_uid, data_sources.id AS data_source_id, data_sources.name, device_id, file_path, known_status, comment, data_sources.case_id, data_sources.datasource_obj_id, data_sources.md5, data_sources.sha1, data_sources.sha256 FROM "
+ tableName
+ " LEFT JOIN cases ON "
+ tableName
@ -1731,7 +1801,7 @@ abstract class AbstractSqlEamDb implements EamDb {
+ ".value, "
+ tableName
+ ".file_obj_id,"
+ "cases.case_name, cases.case_uid, data_sources.id AS data_source_id, data_sources.name, device_id, file_path, known_status, comment, data_sources.case_id, data_sources.datasource_obj_id FROM "
+ "cases.case_name, cases.case_uid, data_sources.id AS data_source_id, data_sources.name, device_id, file_path, known_status, comment, data_sources.case_id, data_sources.datasource_obj_id, data_sources.md5, data_sources.sha1, data_sources.sha256 FROM "
+ tableName
+ " LEFT JOIN cases ON "
+ tableName
@ -1788,7 +1858,7 @@ abstract class AbstractSqlEamDb implements EamDb {
String tableName = EamDbUtil.correlationTypeToInstanceTableName(aType);
String sql
= "SELECT cases.case_name, cases.case_uid, data_sources.name, device_id, file_path, known_status, comment, data_sources.case_id, id, value, file_obj_id, data_sources.datasource_obj_id FROM "
= "SELECT cases.case_name, cases.case_uid, data_sources.name, device_id, file_path, known_status, comment, data_sources.case_id, id, value, file_obj_id, data_sources.datasource_obj_id, data_sources.md5, data_sources.sha1, data_sources.sha256 FROM "
+ tableName
+ " LEFT JOIN cases ON "
+ tableName
@ -3071,7 +3141,10 @@ abstract class AbstractSqlEamDb implements EamDb {
resultSet.getInt("id"),
resultSet.getString("device_id"),
resultSet.getString("name"),
resultSet.getLong("datasource_obj_id")
resultSet.getLong("datasource_obj_id"),
resultSet.getString("md5"),
resultSet.getString("sha1"),
resultSet.getString("sha256")
);
return eamDataSource;
@ -3112,7 +3185,9 @@ abstract class AbstractSqlEamDb implements EamDb {
resultSet.getString("value"),
resultSet.getInt("id"),
new CorrelationCase(resultSet.getInt("case_id"), resultSet.getString("case_uid"), resultSet.getString("case_name")),
new CorrelationDataSource(resultSet.getInt("case_id"), resultSet.getInt("data_source_id"), resultSet.getString("device_id"), resultSet.getString("name"), resultSet.getLong("datasource_obj_id")),
new CorrelationDataSource(
resultSet.getInt("case_id"), resultSet.getInt("data_source_id"), resultSet.getString("device_id"), resultSet.getString("name"),
resultSet.getLong("datasource_obj_id"), resultSet.getString("md5"), resultSet.getString("sha1"), resultSet.getString("sha256")),
resultSet.getString("file_path"),
resultSet.getString("comment"),
TskData.FileKnown.valueOf(resultSet.getByte("known_status")),

115
Core/src/org/sleuthkit/autopsy/centralrepository/datamodel/CorrelationDataSource.java
View File

@ -1,7 +1,7 @@
/*
* Central Repository
*
* Copyright 2015-2018 Basis Technology Corp.
* Copyright 2015-2019 Basis Technology Corp.
* Contact: carrier <at> sleuthkit <dot> org
*
* Licensed under the Apache License, Version 2.0 (the "License");
@ -22,6 +22,7 @@ import java.io.Serializable;
import org.sleuthkit.autopsy.casemodule.Case;
import org.sleuthkit.autopsy.casemodule.NoCurrentCaseException;
import org.sleuthkit.datamodel.Content;
import org.sleuthkit.datamodel.Image;
import org.sleuthkit.datamodel.TskCoreException;
import org.sleuthkit.datamodel.TskDataException;
@ -39,20 +40,31 @@ public class CorrelationDataSource implements Serializable {
private final Long dataSourceObjectID; //< Id for data source in the caseDB
private final String deviceID; //< Unique to its associated case (not necessarily globally unique)
private final String name;
private String md5Hash;
private String sha1Hash;
private String sha256Hash;
/**
* Create a CorrelationDataSource object, the object will not have the data
* source id for the row in the central repository.
* Create a CorrelationDataSource object.
*
* @param correlationCase CorrelationCase object data source is
* associated with. Must have been created by
* EamDB and have a valid ID.
* @param deviceId User specified case-specific ID
* @param name Display name of data source
* @param deviceId User specified ID for device (unique per case)
* @param name User specified name
* @param dataSourceObjectId The object ID for the datasource
* @param md5Hash The MD5 hash value
* @param sha1Hash The SHA-1 hash value
* @param sha256Hash The SHA-256 hash value
*/
public CorrelationDataSource(CorrelationCase correlationCase, String deviceId, String name, long dataSourceObjectId) {
this(correlationCase.getID(), -1, deviceId, name, dataSourceObjectId);
CorrelationDataSource(CorrelationCase correlationCase,
String deviceId,
String name,
Long dataSourceObjectId,
String md5Hash,
String sha1Hash,
String sha256Hash) {
this(correlationCase.getID(), -1, deviceId, name, dataSourceObjectId, md5Hash, sha1Hash, sha256Hash);
}
/**
@ -63,17 +75,26 @@ public class CorrelationDataSource implements Serializable {
* @param deviceId User specified ID for device (unique per case)
* @param name User specified name
* @param dataSourceObjectId The object ID for the datasource
* @param md5Hash The MD5 hash value
* @param sha1Hash The SHA-1 hash value
* @param sha256Hash The SHA-256 hash value
*/
CorrelationDataSource(int caseId,
int dataSourceId,
String deviceId,
String name,
Long dataSourceObjectId) {
Long dataSourceObjectId,
String md5Hash,
String sha1Hash,
String sha256Hash) {
this.caseID = caseId;
this.dataSourceID = dataSourceId;
this.deviceID = deviceId;
this.name = name;
this.dataSourceObjectID = dataSourceObjectId;
this.md5Hash = md5Hash;
this.sha1Hash = sha1Hash;
this.sha256Hash = sha256Hash;
}
/**
@ -105,12 +126,23 @@ public class CorrelationDataSource implements Serializable {
if (correlationDataSource == null) {
String deviceId;
String md5 = null;
String sha1 = null;
String sha256 = null;
try {
deviceId = curCase.getSleuthkitCase().getDataSource(dataSource.getId()).getDeviceId();
if (dataSource instanceof Image) {
Image image = (Image) dataSource;
md5 = image.getMd5();
sha1 = image.getSha1();
sha256 = image.getSha256();
}
} catch (TskDataException | TskCoreException ex) {
throw new EamDbException("Error getting data source info: " + ex.getMessage());
}
correlationDataSource = new CorrelationDataSource(correlationCase, deviceId, dataSource.getName(), dataSource.getId());
correlationDataSource = new CorrelationDataSource(correlationCase, deviceId, dataSource.getName(), dataSource.getId(), md5, sha1, sha256);
if (useCR) {
//add the correlation data source to the central repository and fill in the Central repository data source id in the object
correlationDataSource = EamDb.getInstance().newDataSource(correlationDataSource);
@ -173,4 +205,69 @@ public class CorrelationDataSource implements Serializable {
public String getName() {
return name;
}
/**
* @return the MD5 hash value
*/
public String getMd5() {
return (md5Hash == null ? "" : md5Hash);
}
/**
* Set the MD5 hash value and persist to the Central Repository if available.
*
* @param md5Hash The MD5 hash value.
*
* @exception EamDbException If there's an issue updating the Central
* Repository.
*/
public void setMd5(String md5Hash) throws EamDbException {
this.md5Hash = md5Hash;
if (dataSourceObjectID != -1) {
EamDb.getInstance().updateDataSourceMd5Hash(this);
}
}
/**
* @return the SHA-1 hash value
*/
public String getSha1() {
return (sha1Hash == null ? "" : sha1Hash);
}
/**
* Set the SHA-1 hash value and persist to the Central Repository if
* available.
*
* @param sha1Hash The SHA-1 hash value.
*/
public void setSha1(String sha1Hash) throws EamDbException {
this.sha1Hash = sha1Hash;
if (dataSourceObjectID != -1) {
EamDb.getInstance().updateDataSourceSha1Hash(this);
}
}
/**
* @return the SHA-256 hash value
*/
public String getSha256() {
return (sha256Hash == null ? "" : sha256Hash);
}
/**
* Set the SHA-256 hash value and persist to the Central Repository if
* available.
*
* @param sha256Hash The SHA-256 hash value.
*/
public void setSha256(String sha256Hash) throws EamDbException {
this.sha256Hash = sha256Hash;
if (dataSourceObjectID != -1) {
EamDb.getInstance().updateDataSourceSha256Hash(this);
}
}
}

2
Core/src/org/sleuthkit/autopsy/centralrepository/datamodel/DataSourceUpdateService.java
View File

@ -65,4 +65,4 @@ public class DataSourceUpdateService implements AutopsyService {
}
}
}
}

23
Core/src/org/sleuthkit/autopsy/centralrepository/datamodel/EamDb.java
View File

@ -1,7 +1,7 @@
/*
* Central Repository
*
* Copyright 2015-2018 Basis Technology Corp.
* Copyright 2015-2019 Basis Technology Corp.
* Contact: carrier <at> sleuthkit <dot> org
*
* Licensed under the Apache License, Version 2.0 (the "License");
@ -204,6 +204,27 @@ public interface EamDb {
* @return - A CorrelationDataSource object with data source's central repository id
*/
CorrelationDataSource newDataSource(CorrelationDataSource eamDataSource) throws EamDbException;
/**
* Updates the MD5 hash value in an existing data source in the database.
*
* @param eamDataSource The data source to update
*/
void updateDataSourceMd5Hash(CorrelationDataSource eamDataSource) throws EamDbException;
/**
* Updates the SHA-1 hash value in an existing data source in the database.
*
* @param eamDataSource The data source to update
*/
void updateDataSourceSha1Hash(CorrelationDataSource eamDataSource) throws EamDbException;
/**
* Updates the SHA-256 hash value in an existing data source in the database.
*
* @param eamDataSource The data source to update
*/
void updateDataSourceSha256Hash(CorrelationDataSource eamDataSource) throws EamDbException;
/**
* Retrieves Data Source details based on data source device ID

47
Core/src/org/sleuthkit/autopsy/centralrepository/datamodel/SqliteEamDb.java
View File

@ -1,7 +1,7 @@
/*
* Central Repository
*
* Copyright 2015-2018 Basis Technology Corp.
* Copyright 2015-2019 Basis Technology Corp.
* Contact: carrier <at> sleuthkit <dot> org
*
* Licensed under the Apache License, Version 2.0 (the "License");
@ -433,6 +433,51 @@ final class SqliteEamDb extends AbstractSqlEamDb {
releaseSharedLock();
}
}
/**
* Updates the MD5 hash value in an existing data source in the database.
*
* @param eamDataSource The data source to update
*/
@Override
public void updateDataSourceMd5Hash(CorrelationDataSource eamDataSource) throws EamDbException {
try {
acquireExclusiveLock();
super.updateDataSourceMd5Hash(eamDataSource);
} finally {
releaseExclusiveLock();
}
}
/**
* Updates the SHA-1 hash value in an existing data source in the database.
*
* @param eamDataSource The data source to update
*/
@Override
public void updateDataSourceSha1Hash(CorrelationDataSource eamDataSource) throws EamDbException {
try {
acquireExclusiveLock();
super.updateDataSourceSha1Hash(eamDataSource);
} finally {
releaseExclusiveLock();
}
}
/**
* Updates the SHA-256 hash value in an existing data source in the database.
*
* @param eamDataSource The data source to update
*/
@Override
public void updateDataSourceSha256Hash(CorrelationDataSource eamDataSource) throws EamDbException {
try {
acquireExclusiveLock();
super.updateDataSourceSha256Hash(eamDataSource);
} finally {
releaseExclusiveLock();
}
}
/**
* Inserts new Artifact(s) into the database. Should add associated Case and

110
Core/src/org/sleuthkit/autopsy/centralrepository/eventlisteners/IngestEventsListener.java
View File

@ -1,7 +1,7 @@
/*
* Central Repository
*
* Copyright 2015-2018 Basis Technology Corp.
* Copyright 2015-2019 Basis Technology Corp.
* Contact: carrier <at> sleuthkit <dot> org
*
* Licensed under the Apache License, Version 2.0 (the "License");
@ -30,6 +30,7 @@ import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.logging.Level;
import java.util.stream.Collectors;
import org.apache.commons.lang3.StringUtils;
import org.openide.util.NbBundle;
import org.sleuthkit.autopsy.casemodule.Case;
import org.sleuthkit.autopsy.casemodule.NoCurrentCaseException;
@ -40,6 +41,8 @@ import org.sleuthkit.autopsy.ingest.IngestManager;
import org.sleuthkit.autopsy.ingest.IngestServices;
import org.sleuthkit.autopsy.ingest.ModuleDataEvent;
import org.sleuthkit.autopsy.centralrepository.datamodel.CorrelationAttributeInstance;
import org.sleuthkit.autopsy.centralrepository.datamodel.CorrelationCase;
import org.sleuthkit.autopsy.centralrepository.datamodel.CorrelationDataSource;
import org.sleuthkit.autopsy.centralrepository.datamodel.EamArtifactUtil;
import org.sleuthkit.autopsy.centralrepository.datamodel.EamDbException;
import org.sleuthkit.datamodel.AbstractFile;
@ -48,6 +51,9 @@ import org.sleuthkit.datamodel.BlackboardAttribute;
import org.sleuthkit.datamodel.TskCoreException;
import org.sleuthkit.autopsy.centralrepository.datamodel.EamDb;
import org.sleuthkit.autopsy.coreutils.ThreadUtils;
import org.sleuthkit.autopsy.ingest.events.DataSourceAnalysisCompletedEvent;
import org.sleuthkit.datamodel.Content;
import org.sleuthkit.datamodel.Image;
import org.sleuthkit.datamodel.SleuthkitCase;
/**
@ -294,6 +300,8 @@ public class IngestEventsListener {
jobProcessingExecutor.submit(new DataAddedTask(dbManager, evt, flagNotable, flagPrevious, createAttributes));
break;
}
default:
break;
}
}
}
@ -303,17 +311,35 @@ public class IngestEventsListener {
@Override
public void propertyChange(PropertyChangeEvent evt) {
EamDb dbManager;
try {
dbManager = EamDb.getInstance();
} catch (EamDbException ex) {
LOGGER.log(Level.SEVERE, "Failed to connect to Central Repository database.", ex);
return;
}
switch (IngestManager.IngestJobEvent.valueOf(evt.getPropertyName())) {
case DATA_SOURCE_ANALYSIS_COMPLETED: {
jobProcessingExecutor.submit(new AnalysisCompleteTask());
jobProcessingExecutor.submit(new AnalysisCompleteTask(dbManager, evt));
break;
}
default:
break;
}
}
}
private final class AnalysisCompleteTask implements Runnable {
private final EamDb dbManager;
private final PropertyChangeEvent event;
private AnalysisCompleteTask(EamDb db, PropertyChangeEvent evt) {
dbManager = db;
event = evt;
}
@Override
public void run() {
@ -322,6 +348,86 @@ public class IngestEventsListener {
recentlyAddedCeArtifacts.clear();
}
//else another instance of the Correlation Engine Module is still being run.
/*
* Ensure the data source in the Central Repository has hash values
* that match those in the case database.
*/
if (!EamDb.isEnabled()) {
return;
}
Content dataSource;
String dataSourceName = "";
long dataSourceObjectId = -1;
try {
dataSource = ((DataSourceAnalysisCompletedEvent) event).getDataSource();
/*
* We only care about Images for the purpose of
* updating hash values.
*/
if (!(dataSource instanceof Image)) {
return;
}
dataSourceName = dataSource.getName();
dataSourceObjectId = dataSource.getId();
Case openCase = Case.getCurrentCaseThrows();
CorrelationCase correlationCase = dbManager.getCase(openCase);
if (null == correlationCase) {
correlationCase = dbManager.newCase(openCase);
}
CorrelationDataSource correlationDataSource = dbManager.getDataSource(correlationCase, dataSource.getId());
if (correlationDataSource == null) {
// Add the data source.
CorrelationDataSource.fromTSKDataSource(correlationCase, dataSource);
} else {
// Sync the data source hash values if necessary.
if (dataSource instanceof Image) {
Image image = (Image) dataSource;
String imageMd5Hash = image.getMd5();
if (imageMd5Hash == null) {
imageMd5Hash = "";
}
String crMd5Hash = correlationDataSource.getMd5();
if (StringUtils.equals(imageMd5Hash, crMd5Hash) == false) {
correlationDataSource.setMd5(imageMd5Hash);
}
String imageSha1Hash = image.getSha1();
if (imageSha1Hash == null) {
imageSha1Hash = "";
}
String crSha1Hash = correlationDataSource.getSha1();
if (StringUtils.equals(imageSha1Hash, crSha1Hash) == false) {
correlationDataSource.setSha1(imageSha1Hash);
}
String imageSha256Hash = image.getSha256();
if (imageSha256Hash == null) {
imageSha256Hash = "";
}
String crSha256Hash = correlationDataSource.getSha256();
if (StringUtils.equals(imageSha256Hash, crSha256Hash) == false) {
correlationDataSource.setSha256(imageSha256Hash);
}
}
}
} catch (EamDbException ex) {
LOGGER.log(Level.SEVERE, String.format(
"Unable to fetch data from the Central Repository for data source '%s' (obj_id=%d)",
dataSourceName, dataSourceObjectId), ex);
} catch (NoCurrentCaseException ex) {
LOGGER.log(Level.SEVERE, "No current case opened.", ex);
} catch (TskCoreException ex) {
LOGGER.log(Level.SEVERE, String.format(
"Unable to fetch data from the case database for data source '%s' (obj_id=%d)",
dataSourceName, dataSourceObjectId), ex);
}
} // DATA_SOURCE_ANALYSIS_COMPLETED
}

5
Core/src/org/sleuthkit/autopsy/ingest/IngestManager.java
View File

@ -1102,9 +1102,8 @@ public class IngestManager implements IngestProgressSnapshotProvider {
DATA_ADDED,
/**
* Property change event fired when an ingest module adds new content to
* a case or changes a recorded attribute of existing content. For
* example, if a module adds an extracted or carved file to a case, the
* module should fire this event. The old value of the
* a case. For example, if a module adds an extracted or carved file to
* a case, the module should fire this event. The old value of the
* PropertyChangeEvent is a ModuleContentEvent object, and the new value
* is set to null.
*/

3
Core/src/org/sleuthkit/autopsy/ingest/IngestServices.java
View File

@ -111,7 +111,8 @@ public final class IngestServices {
/**
* Fires an event to notify registered listeners that there is new content
* (e.g., files extracted from an archive file, carved files, etc.)
* added to the case. (e.g., files extracted from an archive file, carved
* files, etc.)
*
* @param moduleContentEvent A module content event, i.e., an event that
* encapsulates new content data.

20
Core/test/qa-functional/src/org/sleuthkit/autopsy/centralrepository/datamodel/CentralRepoDatamodelTest.java
View File

@ -150,17 +150,17 @@ public class CentralRepoDatamodelTest extends TestCase {
case2 = EamDb.getInstance().newCase(case2);
assertTrue("Failed to create test object case2", case2 != null);
dataSource1fromCase1 = new CorrelationDataSource(case1, "dataSource1_deviceID", "dataSource1", CASE_1_DATA_SOURCE_1_ID);
dataSource1fromCase1 = new CorrelationDataSource(case1, "dataSource1_deviceID", "dataSource1", CASE_1_DATA_SOURCE_1_ID, null, null, null);
EamDb.getInstance().newDataSource(dataSource1fromCase1);
dataSource1fromCase1 = EamDb.getInstance().getDataSource(case1, dataSource1fromCase1.getDataSourceObjectID());
assertTrue("Failed to create test object dataSource1fromCase1", dataSource1fromCase1 != null);
dataSource2fromCase1 = new CorrelationDataSource(case1, "dataSource2_deviceID", "dataSource2", CASE_1_DATA_SOURCE_2_ID);
dataSource2fromCase1 = new CorrelationDataSource(case1, "dataSource2_deviceID", "dataSource2", CASE_1_DATA_SOURCE_2_ID, null, null, null);
EamDb.getInstance().newDataSource(dataSource2fromCase1);
dataSource2fromCase1 = EamDb.getInstance().getDataSource(case1, dataSource2fromCase1.getDataSourceObjectID());
assertTrue("Failed to create test object dataSource2fromCase1", dataSource2fromCase1 != null);
dataSource1fromCase2 = new CorrelationDataSource(case2, "dataSource3_deviceID", "dataSource3", CASE_2_DATA_SOURCE_1_ID);
dataSource1fromCase2 = new CorrelationDataSource(case2, "dataSource3_deviceID", "dataSource3", CASE_2_DATA_SOURCE_1_ID, null, null, null);
EamDb.getInstance().newDataSource(dataSource1fromCase2);
dataSource1fromCase2 = EamDb.getInstance().getDataSource(case2, dataSource1fromCase2.getDataSourceObjectID());
assertTrue("Failed to create test object dataSource1fromCase2", dataSource1fromCase2 != null);
@ -866,7 +866,7 @@ public class CentralRepoDatamodelTest extends TestCase {
// Test adding instance with invalid data source ID
try {
CorrelationDataSource badDS = new CorrelationDataSource(case1, "badDSUuid", "badDSName",
0L);
0L, null, null, null);
CorrelationAttributeInstance failAttrInst4 = new CorrelationAttributeInstance(fileType, randomHash(), case1, badDS, BAD_PATH,
null, TskData.FileKnown.UNKNOWN, 0L);
EamDb.getInstance().addArtifactInstance(failAttrInst4);
@ -2348,7 +2348,7 @@ public class CentralRepoDatamodelTest extends TestCase {
// Test creating a data source with valid case, name, and ID
try {
dataSourceA = new CorrelationDataSource(case2, dataSourceAid, dataSourceAname,
0L);
0L, null, null, null);
EamDb.getInstance().newDataSource(dataSourceA);
} catch (EamDbException ex) {
Exceptions.printStackTrace(ex);
@ -2359,7 +2359,7 @@ public class CentralRepoDatamodelTest extends TestCase {
// Test creating a data source with the same case, name, and ID
try {
CorrelationDataSource temp = new CorrelationDataSource(case2, dataSourceAid, dataSourceAname,
0L);
0L, null, null, null);
EamDb.getInstance().newDataSource(temp);
fail("newDataSource did not throw exception from duplicate data source");
} catch (EamDbException ex) {
@ -2369,7 +2369,7 @@ public class CentralRepoDatamodelTest extends TestCase {
// Test creating a data source with the same name and ID but different case
try {
dataSourceB = new CorrelationDataSource(case1, dataSourceAid, dataSourceAname,
0L);
0L, null, null, null);
EamDb.getInstance().newDataSource(dataSourceB);
} catch (EamDbException ex) {
Exceptions.printStackTrace(ex);
@ -2381,7 +2381,7 @@ public class CentralRepoDatamodelTest extends TestCase {
try {
CorrelationCase correlationCase = new CorrelationCase("1", "test");
CorrelationDataSource temp = new CorrelationDataSource(correlationCase, "tempID", "tempName",
0L);
0L, null, null, null);
EamDb.getInstance().newDataSource(temp);
fail("newDataSource did not throw exception from invalid case ID");
} catch (EamDbException ex) {
@ -2392,7 +2392,7 @@ public class CentralRepoDatamodelTest extends TestCase {
// Test creating a data source with null device ID
try {
CorrelationDataSource temp = new CorrelationDataSource(case2, null, "tempName",
0L);
0L, null, null, null);
EamDb.getInstance().newDataSource(temp);
fail("newDataSource did not throw exception from null device ID");
} catch (EamDbException ex) {
@ -2403,7 +2403,7 @@ public class CentralRepoDatamodelTest extends TestCase {
// Test creating a data source with null name
try {
CorrelationDataSource temp = new CorrelationDataSource(case2, "tempID", null,
0L);
0L, null, null, null);
EamDb.getInstance().newDataSource(temp);
fail("newDataSource did not throw exception from null name");
} catch (EamDbException ex) {