From c000e063e4aa1ead3212bc5e3438c6cea5e8c625 Mon Sep 17 00:00:00 2001
From: Raman Arora <raman@basistech.com>
Date: Wed, 2 Oct 2019 10:18:24 -0400
Subject: [PATCH 1/2] 5612: Filter out call control messages from FB Messenger
 'message' query.

---
 InternalPythonModules/android/fbmessenger.py | 22 +++++++++++++++++---
 1 file changed, 19 insertions(+), 3 deletions(-)

diff --git a/InternalPythonModules/android/fbmessenger.py b/InternalPythonModules/android/fbmessenger.py
index 156629f1df..e4ab5408cb 100644
--- a/InternalPythonModules/android/fbmessenger.py
+++ b/InternalPythonModules/android/fbmessenger.py
@@ -80,6 +80,21 @@ class FBMessengerAnalyzer(general.AndroidComponentAnalyzer):
                     --- A sender column - this is a JSON structure which has a the FB user key of sender.
                     --- A attachments column - a JSON structure that has details of the attachments,
                     --- A msg_type column: message type - indicates whether its a text/mms message or a audio/video call
+                        Following values have been observed:
+                         -1:  UNKNOWN - need more research, have no meaningful text though.
+                              observed for 1-to-1, Group message hreads as well as Montage (wall messages)
+                          0:  User messages in 1-to-1, Group and montage threads
+                          8:  System generated messages in 1-to-1, Group and montage threads
+                              e.g. "You created a the group", "You can now talk to XYZ".....
+                          9:  System generated event records for one to one calls ??
+                              * have no text,
+                              * admin_text_thread_rtc_event has the specific event
+                                  "one-to-one-call-ended", "missed-call"  (havent seen a "one-to-one-call-started" event??)
+                          203: System generated event records for group calls ??
+                                * have no text,
+                                * admin_text_thread_rtc_event has the specific event
+                                  "group-call-started", "group-call_ended"
+                    --- A admin_text_thread_rtc_event column - has specific text events such as- "one-on-one-call-ended"      
                     --- A thread_key column - identifies the message thread
                     --- A timestamp_ms column - date/time message was sent
                     --- A text column - message text, if applicable
@@ -191,17 +206,18 @@ class FBMessengerAnalyzer(general.AndroidComponentAnalyzer):
                                         Account.Type.FACEBOOK)
                 
                 ## Messages are found in the messages table.
+                ## This query filters messages by msg_type to only get actual conversation messages (msg_type 0 or 8).
                 ## The participant ids can be found in the thread_participants table.
                 ## Participant names are found in thread_users table.
                 ## Joining these tables produces multiple rows per message, one row for each recipient.
-                ## The result set is processed to collect the multiple recipients for a given message.
-                    
+                ## The result set is processed to collect the multiple recipients for a given message.    
                 sqlString = """
-                            SELECT msg_id, text, sender, timestamp_ms, messages.thread_key as thread_key, 
+                            SELECT msg_id, text, sender, timestamp_ms, msg_type, messages.thread_key as thread_key, 
                                  snippet, thread_participants.user_key as user_key, thread_users.name as name
                             FROM messages
                             JOIN thread_participants ON messages.thread_key = thread_participants.thread_key
                             JOIN thread_users ON thread_participants.user_key = thread_users.user_key
+                            WHERE msg_type = 0 OR msg_type = 8
                             ORDER BY msg_id
                             """
                 

From 9f337c0337fc4098b158c96ad8426e27e6447bbf Mon Sep 17 00:00:00 2001
From: Raman Arora <raman@basistech.com>
Date: Wed, 2 Oct 2019 11:37:51 -0400
Subject: [PATCH 2/2] Restrict FB Messenger messages to user created messages.

---
 InternalPythonModules/android/fbmessenger.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/InternalPythonModules/android/fbmessenger.py b/InternalPythonModules/android/fbmessenger.py
index e4ab5408cb..eb41cbd88a 100644
--- a/InternalPythonModules/android/fbmessenger.py
+++ b/InternalPythonModules/android/fbmessenger.py
@@ -206,7 +206,7 @@ class FBMessengerAnalyzer(general.AndroidComponentAnalyzer):
                                         Account.Type.FACEBOOK)
                 
                 ## Messages are found in the messages table.
-                ## This query filters messages by msg_type to only get actual conversation messages (msg_type 0 or 8).
+                ## This query filters messages by msg_type to only get actual user created conversation messages (msg_type 0).
                 ## The participant ids can be found in the thread_participants table.
                 ## Participant names are found in thread_users table.
                 ## Joining these tables produces multiple rows per message, one row for each recipient.
@@ -217,7 +217,7 @@ class FBMessengerAnalyzer(general.AndroidComponentAnalyzer):
                             FROM messages
                             JOIN thread_participants ON messages.thread_key = thread_participants.thread_key
                             JOIN thread_users ON thread_participants.user_key = thread_users.user_key
-                            WHERE msg_type = 0 OR msg_type = 8
+                            WHERE msg_type = 0
                             ORDER BY msg_id
                             """