disable module instead of running without license

Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/Bundle.properties-MERGED

@@ -18,6 +18,10 @@ MalwareScanIngestModule_ShareProcessing_batchTimeout_title=Batch Processing Time
 # {0} - remainingLookups
 MalwareScanIngestModule_ShareProcessing_lowLimitWarning_desc=This license only has {0} lookups remaining
 MalwareScanIngestModule_ShareProcessing_lowLimitWarning_title=Hash Lookups Low
+MalwareScanIngestModule_ShareProcessing_noLicense_desc=No Cyber Triage license could be loaded.  Cyber Triage processing will be disabled.
+MalwareScanIngestModule_ShareProcessing_noLicense_title=No Cyber Triage License
+MalwareScanIngestModule_ShareProcessing_noRemaining_desc=There are no more remaining hash lookups for this license at this time.  Cyber Triage processing will be disabled.
+MalwareScanIngestModule_ShareProcessing_noRemaining_title=No remaining lookups
 MalwareScanIngestModuleFactory_description=The malware scan ingest module queries the Cyber Triage cloud API for any possible malicious executables.
 MalwareScanIngestModuleFactory_displayName=Cyber Triage Malware Scanner
 MalwareScanIngestModuleFactory_version=1.0.0

Core/src/com/basistech/df/cybertriage/autopsy/malwarescan/MalwareScanIngestModule.java

@@ -111,13 +111,12 @@ public class MalwareScanIngestModule implements FileIngestModule {
         private final CTLicensePersistence ctSettingsPersistence = CTLicensePersistence.getInstance();
         private final CTApiDAO ctApiDAO = CTApiDAO.getInstance();
 
-        private FileTypeDetector fileTypeDetector;
         private RunState runState = null;
+        
         private SleuthkitCase tskCase = null;
+        private FileTypeDetector fileTypeDetector = null;
         private LicenseInfo licenseInfo = null;
         private BlackboardArtifact.Type malwareType = null;
-        private boolean noMoreHashLookups = false;
-        private IngestModuleException startupException;
         private long dsId = 0;
         private long ingestJobId = 0;
 
@@ -125,23 +124,28 @@ public class MalwareScanIngestModule implements FileIngestModule {
             "MalwareScanIngestModule_ShareProcessing_lowLimitWarning_title=Hash Lookups Low",
             "# {0} - remainingLookups",
             "MalwareScanIngestModule_ShareProcessing_lowLimitWarning_desc=This license only has {0} lookups remaining",
-            "MalwareScanIngestModule_malwareTypeDisplayName=Malware"
+            "MalwareScanIngestModule_malwareTypeDisplayName=Malware",
+            "MalwareScanIngestModule_ShareProcessing_noLicense_title=No Cyber Triage License",
+            "MalwareScanIngestModule_ShareProcessing_noLicense_desc=No Cyber Triage license could be loaded.  Cyber Triage processing will be disabled.",
+            "MalwareScanIngestModule_ShareProcessing_noRemaining_title=No remaining lookups",
+            "MalwareScanIngestModule_ShareProcessing_noRemaining_desc=There are no more remaining hash lookups for this license at this time.  Cyber Triage processing will be disabled."
         })
         synchronized void startUp(IngestJobContext context) throws IngestModuleException {
             // only run this code once per startup
-            if (runState == RunState.STARTED_UP) {
+            if (runState == RunState.STARTED_UP || runState == RunState.DISABLED) {
-                if (startupException != null) {
-                    throw startupException;
-                } else {
                 return;
             }
-            }
 
             try {
                 // get saved license
                 Optional<LicenseInfo> licenseInfoOpt = ctSettingsPersistence.loadLicenseInfo();
                 if (licenseInfoOpt.isEmpty() || licenseInfoOpt.get().getDecryptedLicense() == null) {
-                    throw new IngestModuleException("No saved license was found");
+                    notifyWarning(
+                            Bundle.MalwareScanIngestModule_ShareProcessing_noLicense_title(),
+                            Bundle.MalwareScanIngestModule_ShareProcessing_noLicense_desc(),
+                            null);
+                    runState = RunState.DISABLED;
+                    return;
                 }
 
                 AuthTokenResponse authTokenResponse = ctApiDAO.getAuthToken(licenseInfoOpt.get().getDecryptedLicense());
@@ -150,7 +154,12 @@ public class MalwareScanIngestModule implements FileIngestModule {
                 // determine lookups remaining
                 long lookupsRemaining = remaining(authTokenResponse.getHashLookupLimit(), authTokenResponse.getHashLookupCount());
                 if (lookupsRemaining <= 0) {
-                    throw new IngestModuleException("There are no more file hash lookups for this license");
+                    notifyWarning(
+                            Bundle.MalwareScanIngestModule_ShareProcessing_noRemaining_title(),
+                            Bundle.MalwareScanIngestModule_ShareProcessing_noRemaining_desc(),
+                            null);
+                    runState = RunState.DISABLED;
+                    return;
                 } else if (lookupsRemaining < LOW_LOOKUPS_REMAINING) {
                     notifyWarning(
                             Bundle.MalwareScanIngestModule_ShareProcessing_lowLimitWarning_title(),
@@ -168,15 +177,12 @@ public class MalwareScanIngestModule implements FileIngestModule {
                 dsId = context.getDataSource().getId();
                 ingestJobId = context.getJobId();
                 licenseInfo = licenseInfoOpt.get();
-                startupException = null;
+
-                noMoreHashLookups = false;
+                // set run state to initialized
                 runState = RunState.STARTED_UP;
-            } catch (IngestModuleException ex) {
-                startupException = ex;
-                throw startupException;
             } catch (Exception ex) {
-                startupException = new IngestModuleException("An exception occurred on MalwareScanIngestModule startup", ex);
+                runState = RunState.DISABLED;
-                throw startupException;
+                throw new IngestModuleException("An exception occurred on MalwareScanIngestModule startup", ex);
             }
         }
 
@@ -192,7 +198,7 @@ public class MalwareScanIngestModule implements FileIngestModule {
         })
         IngestModule.ProcessResult process(AbstractFile af) {
             try {
-                if (af.getKnown() != TskData.FileKnown.KNOWN
+                if (runState == RunState.STARTED_UP && af.getKnown() != TskData.FileKnown.KNOWN
                         && EXECUTABLE_MIME_TYPES.contains(StringUtils.defaultString(fileTypeDetector.getMIMEType(af)).trim().toLowerCase())) {
                     batchProcessor.add(new FileRecord(af.getId(), af.getMd5Hash()));
 
@@ -219,7 +225,7 @@ public class MalwareScanIngestModule implements FileIngestModule {
             "MalwareScanIngestModule_SharedProcessing_generalProcessingError_title=Hash Lookup Error",
             "MalwareScanIngestModule_SharedProcessing_generalProcessingError_desc=An error occurred while processing hash lookup results",})
         private void handleBatch(List<FileRecord> fileRecords) {
-            if (fileRecords == null || fileRecords.isEmpty() || noMoreHashLookups) {
+            if (runState != RunState.STARTED_UP || fileRecords == null || fileRecords.isEmpty()) {
                 return;
             }
 
@@ -250,7 +256,7 @@ public class MalwareScanIngestModule implements FileIngestModule {
                 // make sure we are in bounds for the remaining scans
                 long remainingScans = remaining(authTokenResponse.getHashLookupLimit(), authTokenResponse.getHashLookupCount());
                 if (remainingScans <= 0) {
-                    noMoreHashLookups = true;
+                    runState = RunState.DISABLED;
                     notifyWarning(
                             Bundle.MalwareScanIngestModule_SharedProcessing_exhaustedHashLookups_title(),
                             Bundle.MalwareScanIngestModule_SharedProcessing_exhaustedHashLookups_desc(),
@@ -307,7 +313,7 @@ public class MalwareScanIngestModule implements FileIngestModule {
                     
                     // if we only processed part of the batch, after processing, notify that we are out of scans.
                     if (exceededScanLimit) {
-                        noMoreHashLookups = true;
+                        runState = RunState.DISABLED;
                         notifyWarning(
                                 Bundle.MalwareScanIngestModule_SharedProcessing_exhaustedHashLookups_title(),
                                 Bundle.MalwareScanIngestModule_SharedProcessing_exhaustedHashLookups_desc(),
@@ -378,9 +384,7 @@ public class MalwareScanIngestModule implements FileIngestModule {
                         ex);
             } finally {
                 // set state to shut down and clear any remaining
-                noMoreHashLookups = false;
                 runState = RunState.SHUT_DOWN;
-                startupException = null;
                 batchProcessor.clearCurrentBatch();
             }
         }
@@ -391,7 +395,7 @@ public class MalwareScanIngestModule implements FileIngestModule {
         }
 
         private enum RunState {
-            STARTED_UP, SHUT_DOWN
+            STARTED_UP, DISABLED, SHUT_DOWN
         }
 
         class FileRecord {