made use of new getDisplayString in attribute, fixed report bug if attributes were not defined, made cell phone attributes more consistent

Core/src/org/sleuthkit/autopsy/datamodel/BlackboardArtifactNode.java

@@ -281,26 +281,7 @@ public class BlackboardArtifactNode extends DisplayableItemNode {
                         || attributeTypeID == ATTRIBUTE_TYPE.TSK_TAGGED_ARTIFACT.getTypeID()
                         || attributeTypeID == ATTRIBUTE_TYPE.TSK_ASSOCIATED_ARTIFACT.getTypeID()
                         || attributeTypeID == ATTRIBUTE_TYPE.TSK_SET_NAME.getTypeID()) {
-                } else {
+                } else if (attributeTypeID == ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID()
-                    // BC: This should all be moved to the Attribute class...
-                    switch (attribute.getValueType()) {
-                        case STRING:
-                            String valString = attribute.getValueString();
-                            map.put(attribute.getAttributeTypeDisplayName(),  valString == null ? "":valString);
-                            break;
-                        case INTEGER:
-                            if (attributeTypeID == ATTRIBUTE_TYPE.TSK_READ_STATUS.getTypeID()) {
-                                if (attribute.getValueInt() == 0) {
-                                    map.put(attribute.getAttributeTypeDisplayName(), "Unread");
-                                } else {
-                                    map.put(attribute.getAttributeTypeDisplayName(), "Read");
-                                }
-                            } else {
-                                map.put(attribute.getAttributeTypeDisplayName(), attribute.getValueInt());
-                            }
-                            break;
-                        case LONG:
-                            if (attributeTypeID == ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID()
                         || attributeTypeID == ATTRIBUTE_TYPE.TSK_DATETIME_ACCESSED.getTypeID()
                         || attributeTypeID == ATTRIBUTE_TYPE.TSK_DATETIME_CREATED.getTypeID()
                         || attributeTypeID == ATTRIBUTE_TYPE.TSK_DATETIME_MODIFIED.getTypeID()
@@ -310,16 +291,7 @@ public class BlackboardArtifactNode extends DisplayableItemNode {
                         || attributeTypeID == ATTRIBUTE_TYPE.TSK_DATETIME_END.getTypeID()) {
                     map.put(attribute.getAttributeTypeDisplayName(), ContentUtils.getStringTime(attribute.getValueLong(), associated));
                 } else {
-                                map.put(attribute.getAttributeTypeDisplayName(), attribute.getValueLong());
+                    map.put(attribute.getAttributeTypeDisplayName(), attribute.getDisplayString());
-                            }
-                            break;
-                        case DOUBLE:
-                            map.put(attribute.getAttributeTypeDisplayName(), attribute.getValueDouble());
-                            break;
-                        case BYTE:
-                            map.put(attribute.getAttributeTypeDisplayName(), attribute.getValueBytes());
-                            break;
-                    }
                 }
             }
         } catch (TskException ex) {

Core/src/org/sleuthkit/autopsy/modules/android/TextMessageAnalyzer.java

@@ -89,19 +89,21 @@ class TextMessageAnalyzer {
             while (resultSet.next()) {
                 address = resultSet.getString("address");
                 Long date = Long.valueOf(resultSet.getString("date")) / 1000;
-                if (resultSet.getString("type").equals("1")) {
+                
-                    direction = "Incoming";
-                } else {
-                    direction = "Outgoing";
-                }
                 read = resultSet.getInt("read");
                 subject = resultSet.getString("subject");
                 body = resultSet.getString("body");
 
                 BlackboardArtifact bba = f.newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_MESSAGE); //create Message artifact and then add attributes from result set.
-                bba.addAttribute(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PHONE_NUMBER.getTypeID(), moduleName, address));
+                if (resultSet.getString("type").equals("1")) {
+                    bba.addAttribute(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DIRECTION.getTypeID(), moduleName, "Incoming"));
+                    bba.addAttribute(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_FROM.getTypeID(), moduleName, address));
+                } else {
+                    bba.addAttribute(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DIRECTION.getTypeID(), moduleName, "Outgoing"));
+                    bba.addAttribute(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_TO.getTypeID(), moduleName, address));
+                }
                 bba.addAttribute(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID(), moduleName, date));
-                bba.addAttribute(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DIRECTION.getTypeID(), moduleName, direction));
+                
                 bba.addAttribute(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_READ_STATUS.getTypeID(), moduleName, read));
                 bba.addAttribute(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SUBJECT.getTypeID(), moduleName, subject));
                 bba.addAttribute(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_TEXT.getTypeID(), moduleName, body));

Core/src/org/sleuthkit/autopsy/modules/iOS/TextMessageAnalyzer.java

@@ -103,6 +103,8 @@ class TextMessageAnalyzer {
                     body = resultSet.getString("body");
 
                     bba = f.newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_MESSAGE); //create Message artifact and then add attributes from result set.
+                    
+                    // @@@ NEed to put into more specific TO or FROM
                     bba.addAttribute(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PHONE_NUMBER.getTypeID(), moduleName, address));
                     bba.addAttribute(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID(), moduleName, date));
                     bba.addAttribute(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DIRECTION.getTypeID(), moduleName, type));

Core/src/org/sleuthkit/autopsy/report/Bundle.properties

@@ -129,6 +129,7 @@ ReportGenerator.artTableColHdr.phoneNumMobile=Phone Number (Mobile)
 ReportGenerator.artTableColHdr.email=Email
 ReportGenerator.artTableColHdr.msgType=Message Type
 ReportGenerator.artTableColHdr.direction=Direction
+ReportGenerator.artTableColHdr.readStatus=Read Status
 ReportGenerator.artTableColHdr.fromPhoneNum=From Phone Number
 ReportGenerator.artTableColHdr.fromEmail=From Email
 ReportGenerator.artTableColHdr.toPhoneNum=To Phone Number

Core/src/org/sleuthkit/autopsy/report/ReportGenerator.java

@@ -418,7 +418,6 @@ import org.sleuthkit.datamodel.TskData;
                 }
             }
                       
-            
             // report on the blackboard results
             makeBlackboardArtifactTables();
 
@@ -1225,6 +1224,7 @@ import org.sleuthkit.datamodel.TskData;
                 columnHeaders = new ArrayList<>(Arrays.asList(new String[] {
                         NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.msgType"),
                         NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.direction"),
+                        NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.readStatus"),
                         NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.dateTime"),
                         NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.fromPhoneNum"),
                         NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.fromEmail"),
@@ -1384,13 +1384,11 @@ import org.sleuthkit.datamodel.TskData;
                     SimpleDateFormat sdf = new java.text.SimpleDateFormat("yyyy/MM/dd HH:mm:ss");
                     value = sdf.format(new java.util.Date((tempatt.getValueLong() * 1000)));
                 }
-            } else if(type.equals(ATTRIBUTE_TYPE.TSK_GEO_LATITUDE.getTypeID()) ||
-                    type.equals(ATTRIBUTE_TYPE.TSK_GEO_LONGITUDE.getTypeID()) ||
-                    type.equals(ATTRIBUTE_TYPE.TSK_GEO_ALTITUDE.getTypeID())) {
-                value = Double.toString(tempatt.getValueDouble());
-            } else {
-                value = tempatt.getValueString();
             } 
+            else {
+                value = tempatt.getDisplayString();
+            }
+            
             if (value == null) {
                 value = "";
             }
@@ -1485,6 +1483,11 @@ import org.sleuthkit.datamodel.TskData;
             if (rowData == null) {
                 try {
                     rowData = getOrderedRowDataAsStrings();
+                    // replace null values if attribute was not defined
+                    for (int i = 0; i < rowData.size(); i++) {
+                        if (rowData.get(i) == null) 
+                            rowData.set(i, "");
+                    }
                 } catch (TskCoreException ex) {
                     logger.log(Level.WARNING, "Core exception while generating row data for artifact report.", ex); //NON-NLS
                     rowData = Collections.<String>emptyList();
@@ -1497,7 +1500,7 @@ import org.sleuthkit.datamodel.TskData;
         * Get a list of Strings with all the row values for the Artifact in the
         * correct order to be written to the report.  
         * 
-        * @return List<String> row values
+        * @return List<String> row values.  Values could be null if attribute is not defined in artifact
         * @throws TskCoreException 
         */
        private List<String> getOrderedRowDataAsStrings() throws TskCoreException {
@@ -1567,7 +1570,7 @@ import org.sleuthkit.datamodel.TskData;
                     orderedRowData.add(getFileUniquePath(getObjectID()));
                     break;
                  case TSK_CONTACT:
-                    orderedRowData.add(mappedAttributes.get(ATTRIBUTE_TYPE.TSK_NAME_PERSON.getTypeID()));
+                    orderedRowData.add(mappedAttributes.get(ATTRIBUTE_TYPE.TSK_NAME.getTypeID()));
                     orderedRowData.add(mappedAttributes.get(ATTRIBUTE_TYPE.TSK_PHONE_NUMBER.getTypeID()));
                     orderedRowData.add(mappedAttributes.get(ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_HOME.getTypeID()));
                     orderedRowData.add(mappedAttributes.get(ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_OFFICE.getTypeID()));
@@ -1578,6 +1581,7 @@ import org.sleuthkit.datamodel.TskData;
                  case TSK_MESSAGE:
                     orderedRowData.add(mappedAttributes.get(ATTRIBUTE_TYPE.TSK_MESSAGE_TYPE.getTypeID()));
                     orderedRowData.add(mappedAttributes.get(ATTRIBUTE_TYPE.TSK_DIRECTION.getTypeID()));
+                    orderedRowData.add(mappedAttributes.get(ATTRIBUTE_TYPE.TSK_READ_STATUS.getTypeID()));
                     orderedRowData.add(mappedAttributes.get(ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID()));
                     orderedRowData.add(mappedAttributes.get(ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_FROM.getTypeID()));
                     orderedRowData.add(mappedAttributes.get(ATTRIBUTE_TYPE.TSK_EMAIL_FROM.getTypeID()));
@@ -1588,9 +1592,9 @@ import org.sleuthkit.datamodel.TskData;
                     orderedRowData.add(getFileUniquePath(getObjectID()));
                     break;
                   case TSK_CALLLOG:
-                    orderedRowData.add(mappedAttributes.get(ATTRIBUTE_TYPE.TSK_NAME_PERSON.getTypeID()));
+                    orderedRowData.add(mappedAttributes.get(ATTRIBUTE_TYPE.TSK_NAME.getTypeID()));
                     orderedRowData.add(mappedAttributes.get(ATTRIBUTE_TYPE.TSK_PHONE_NUMBER.getTypeID()));
-                    orderedRowData.add(mappedAttributes.get(ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID()));
+                    orderedRowData.add(mappedAttributes.get(ATTRIBUTE_TYPE.TSK_DATETIME_START.getTypeID()));
                     orderedRowData.add(mappedAttributes.get(ATTRIBUTE_TYPE.TSK_DIRECTION.getTypeID()));
                     orderedRowData.add(getFileUniquePath(getObjectID()));
                     break;
@@ -1604,7 +1608,7 @@ import org.sleuthkit.datamodel.TskData;
                     break;
                   case TSK_SPEED_DIAL_ENTRY:
                     orderedRowData.add(mappedAttributes.get(ATTRIBUTE_TYPE.TSK_SHORTCUT.getTypeID()));
-                    orderedRowData.add(mappedAttributes.get(ATTRIBUTE_TYPE.TSK_NAME_PERSON.getTypeID()));
+                    orderedRowData.add(mappedAttributes.get(ATTRIBUTE_TYPE.TSK_NAME.getTypeID()));
                     orderedRowData.add(mappedAttributes.get(ATTRIBUTE_TYPE.TSK_PHONE_NUMBER.getTypeID()));
                     orderedRowData.add(getFileUniquePath(getObjectID()));
                     break;