make sure to add all attributes for an artifact from XML, not just one

2025-07-15 09:17:42 +00:00 · 2014-04-30 16:34:10 -04:00 · 2014-04-30 16:34:10 -04:00 · 9dcd37a008
commit 9dcd37a008
parent 4bfc6ad8af
3 changed files with 38 additions and 31 deletions
--- a/Core/src/org/sleuthkit/autopsy/modules/externalresults/ExternalResultsIngestModule.java
+++ b/Core/src/org/sleuthkit/autopsy/modules/externalresults/ExternalResultsIngestModule.java
@ -78,7 +78,7 @@ public class ExternalResultsIngestModule extends IngestModuleAdapter implements
            }
            ///@todo use a standard name or search for an XML file
-            importFilePath = importPath + File.separator + "ext-test6.xml";
+            importFilePath = importPath + File.separator + "ext-test5multi.xml";
        }
    }        
--- a/Core/src/org/sleuthkit/autopsy/modules/externalresults/ExternalResultsUtility.java
+++ b/Core/src/org/sleuthkit/autopsy/modules/externalresults/ExternalResultsUtility.java
@ -23,6 +23,7 @@ package org.sleuthkit.autopsy.modules.externalresults;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;
 import java.util.Set;
 import java.util.logging.Level;
 import org.sleuthkit.autopsy.casemodule.Case;
 import org.sleuthkit.autopsy.coreutils.Logger;
@ -63,7 +64,6 @@ public class ExternalResultsUtility {
                Collection<BlackboardAttribute> bbAttributes = new ArrayList<>();
                for (ResultsData.AttributeData attr : art.attributes) {
                    BlackboardAttribute bbAttr = null;
                    int bbAttrTypeId;
                    BlackboardAttribute.ATTRIBUTE_TYPE stdAttrType = isStandardAttributeType(attr.typeStr);
                    if (stdAttrType != null) {
@ -73,28 +73,34 @@ public class ExternalResultsUtility {
                        bbAttrTypeId = Case.getCurrentCase().getSleuthkitCase().addAttrType(attr.typeStr, attr.typeStr);
                    }                    
-                    switch (attr.valueType) {
+                    // Add all attribute values
-                        case "text": //NON-NLS
+                    Set<String> valueTypes = attr.valueStr.keySet();
-                            bbAttr = new BlackboardAttribute(bbAttrTypeId, attr.source, attr.context, attr.valueStr);
+                    for (String valueType : valueTypes) {                        
-                            break;
+                        String valueString = attr.valueStr.get(valueType);
-                        case "int32": //NON-NLS
+                        BlackboardAttribute bbAttr = null;
-                            int intValue = Integer.parseInt(attr.valueStr);
+                        switch (valueType) {
-                            bbAttr = new BlackboardAttribute(bbAttrTypeId, attr.source, attr.context, intValue);
+                            case "text": //NON-NLS
-                            break;
+                                bbAttr = new BlackboardAttribute(bbAttrTypeId, attr.source, attr.context, valueString);
-                        case "int64": //NON-NLS
+                                break;
-                            long longValue = Long.parseLong(attr.valueStr);
+                            case "int32": //NON-NLS
-                            bbAttr = new BlackboardAttribute(bbAttrTypeId, attr.source, attr.context, longValue);
+                                int intValue = Integer.parseInt(valueString);
-                            break;
+                                bbAttr = new BlackboardAttribute(bbAttrTypeId, attr.source, attr.context, intValue);
-                        case "double": //NON-NLS
+                                break;
-                            double doubleValue = Double.parseDouble(attr.valueStr);
+                            case "int64": //NON-NLS
-                            bbAttr = new BlackboardAttribute(bbAttrTypeId, attr.source, attr.context, doubleValue);
+                                long longValue = Long.parseLong(valueString);
-                            break;
+                                bbAttr = new BlackboardAttribute(bbAttrTypeId, attr.source, attr.context, longValue);
-                        default:
+                                break;
-                            logger.log(Level.WARNING, "Ignoring invalid attribute value type " + attr.valueType);
+                            case "double": //NON-NLS
-                            break;
+                                double doubleValue = Double.parseDouble(valueString);
-                    }
+                                bbAttr = new BlackboardAttribute(bbAttrTypeId, attr.source, attr.context, doubleValue);
-                    if (bbAttr != null) {
+                                break;
-                        bbAttributes.add(bbAttr);
+                            default:
                                logger.log(Level.WARNING, "Ignoring invalid attribute value type " + valueType);
                                break;
                        }
                        if (bbAttr != null) {
                            bbAttributes.add(bbAttr);
                        }
                    }
                }        
--- a/Core/src/org/sleuthkit/autopsy/modules/externalresults/ResultsData.java
+++ b/Core/src/org/sleuthkit/autopsy/modules/externalresults/ResultsData.java
@ -21,6 +21,7 @@
 package org.sleuthkit.autopsy.modules.externalresults;
 import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.List;
 /**
@ -69,11 +70,11 @@ public class ResultsData {
    public void addAttributeValue(int artIndex, int attrIndex, String valueStr, String valueType) {
        ArtifactData art = artifacts.get(artIndex);
-        AttributeData attr = art.attributes.get(attrIndex);
+        AttributeData attr = art.attributes.get(attrIndex);        
-        attr.valueStr = valueStr;
+        if (valueType.isEmpty()) {
-        if (!valueType.isEmpty()) {
+            valueType = AttributeData.DEFAULT_VALUE_TYPE;
            attr.valueType = valueType;
        }
        attr.valueStr.put(valueType, valueStr);
    }    
    public void addAttributeSource(int artIndex, int attrIndex, String source) {
@ -119,9 +120,9 @@ public class ResultsData {
    }
    public static class AttributeData {
-        public String typeStr;
+        public static final String DEFAULT_VALUE_TYPE = "text";
-        public String valueType = "text"; //default if not specified
+        public String typeStr;        
-        public String valueStr; //valueType determines how to interpret it
+        public HashMap<String, String> valueStr = new HashMap<>(); //valueType determines how to interpret valueStr
        public String source;
        public String context;        
    }