mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-17 02:07:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

add executable files filter to Views

Browse Source
This commit is contained in:
adam-m 2013-06-03 13:04:17 -04:00
parent 402037619b
commit a9b39470f1
7 changed files with 82 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Core/src/org/sleuthkit/autopsy/datamodel/AbstractContentChildren.java
View File

@ -127,7 +127,7 @@ abstract class AbstractContentChildren<T> extends Keys<T> {
@Override
public AbstractNode visit(SearchFilters sf) {
return new SearchFiltersNode(sf.getSleuthkitCase(), true);
return new SearchFiltersNode(sf.getSleuthkitCase(), null);
}
@Override

6
Core/src/org/sleuthkit/autopsy/datamodel/AutopsyItemVisitor.java
View File

@ -28,6 +28,7 @@ public interface AutopsyItemVisitor<T> {
T visit(SearchFilters sf);
T visit(SearchFilters.FileSearchFilter fsf);
T visit(SearchFilters.DocumentFilter df);
T visit(SearchFilters.ExecutableFilter ef);
T visit(RecentFiles rf);
T visit(RecentFiles.RecentFilesFilter rff);
T visit(DeletedContent dc);
@ -64,6 +65,11 @@ public interface AutopsyItemVisitor<T> {
return defaultVisit(df);
}
@Override
public T visit(SearchFilters.ExecutableFilter ef) {
return defaultVisit(ef);
}
@Override
public T visit(DeletedContent dc) {
return defaultVisit(dc);

1
Core/src/org/sleuthkit/autopsy/datamodel/FileSearchFilterChildren.java
View File

@ -30,7 +30,6 @@ import org.sleuthkit.datamodel.Content;
import org.sleuthkit.datamodel.ContentVisitor;
import org.sleuthkit.datamodel.DerivedFile;
import org.sleuthkit.datamodel.File;
import org.sleuthkit.datamodel.FsContent;
import org.sleuthkit.datamodel.LocalFile;
import org.sleuthkit.datamodel.LayoutFile;
import org.sleuthkit.datamodel.SleuthkitCase;

2
Core/src/org/sleuthkit/autopsy/datamodel/FileSearchFilterNode.java
View File

@ -18,11 +18,9 @@
*/
package org.sleuthkit.autopsy.datamodel;
import org.openide.nodes.AbstractNode;
import org.openide.nodes.Children;
import org.openide.nodes.Sheet;
import org.openide.util.lookup.Lookups;
import org.sleuthkit.autopsy.datamodel.SearchFilters.FileSearchFilter;
import org.sleuthkit.datamodel.SleuthkitCase;
/**

57
Core/src/org/sleuthkit/autopsy/datamodel/SearchFilters.java
View File

@ -33,8 +33,9 @@ public class SearchFilters implements AutopsyVisitableItem {
TSK_IMAGE_FILTER(0, "TSK_IMAGE_FILTER", "Images", FileTypeExtensions.getImageExtensions()),
TSK_VIDEO_FILTER(1, "TSK_VIDEO_FILTER", "Videos", FileTypeExtensions.getVideoExtensions()),
TSK_AUDIO_FILTER(2, "TSK_AUDIO_FILTER", "Audio", FileTypeExtensions.getAudioExtensions()),
TSK_ARCHIVE_FILTER(3, "TSK_ARCHIVE_FILTER", "Archives", FileTypeExtensions.getArchiveExtensions()),
TSK_DOCUMENT_FILTER(3, "TSK_DOCUMENT_FILTER", "Documents", Arrays.asList(".doc", ".docx", ".pdf", ".xls", ".rtf", ".txt")),
TSK_ARCHIVE_FILTER(3, "TSK_ARCHIVE_FILTER", "Archives", FileTypeExtensions.getArchiveExtensions());
TSK_EXECUTABLE_FILTER(3, "TSK_EXECUTABLE_FILTER", "Executable", Arrays.asList(".exe", ".dll", ".bat", ".cmd", ".com"));
private int id;
private String name;
@ -82,10 +83,10 @@ public class SearchFilters implements AutopsyVisitableItem {
AUT_DOC_TXT(3, "AUT_DOC_TXT", "Plain Text", Arrays.asList(".txt")),
AUT_DOC_RTF(4, "AUT_DOC_RTF", "Rich Text", Arrays.asList(".rtf"));
int id;
String name;
String displayName;
List<String> filter;
private int id;
private String name;
private String displayName;
private List<String> filter;
private DocumentFilter(int id, String name, String displayName, List<String> filter){
this.id = id;
@ -119,6 +120,52 @@ public class SearchFilters implements AutopsyVisitableItem {
return this.filter;
}
}
public enum ExecutableFilter implements AutopsyVisitableItem,SearchFilterInterface {
ExecutableFilter_EXE(0, "ExecutableFilter_EXE", ".exe", Arrays.asList(".exe")),
ExecutableFilter_DLL(0, "ExecutableFilter_DLL", ".dll", Arrays.asList(".dll")),
ExecutableFilter_BAT(0, "ExecutableFilter_BAT", ".bat", Arrays.asList(".bat")),
ExecutableFilter_CMD(0, "ExecutableFilter_CMD", ".cmd", Arrays.asList(".cmd")),
ExecutableFilter_COM(0, "ExecutableFilter_COM", ".com", Arrays.asList(".com"));
private int id;
private String name;
private String displayName;
private List<String> filter;
private ExecutableFilter(int id, String name, String displayName, List<String> filter){
this.id = id;
this.name = name;
this.displayName = displayName;
this.filter = filter;
}
@Override
public <T> T accept(AutopsyItemVisitor<T> v) {
return v.visit(this);
}
@Override
public String getName(){
return this.name;
}
@Override
public int getId(){
return this.id;
}
@Override
public String getDisplayName(){
return this.displayName;
}
@Override
public List<String> getFilter(){
return this.filter;
}
}
public SearchFilters(SleuthkitCase skCase){
this.skCase = skCase;

24
Core/src/org/sleuthkit/autopsy/datamodel/SearchFiltersChildren.java
View File

@ -31,28 +31,38 @@ import org.sleuthkit.datamodel.SleuthkitCase;
class SearchFiltersChildren extends ChildFactory<SearchFilters.SearchFilterInterface> {
private SleuthkitCase skCase;
private boolean root;
private SearchFilters.FileSearchFilter filter;
public SearchFiltersChildren(SleuthkitCase skCase, boolean root) {
public SearchFiltersChildren(SleuthkitCase skCase, SearchFilters.FileSearchFilter filter) {
this.skCase = skCase;
this.root = root;
this.filter = filter;
}
@Override
protected boolean createKeys(List<SearchFilters.SearchFilterInterface> list) {
if(root)
if (filter == null) {
list.addAll(Arrays.asList(FileSearchFilter.values()));
else
}
else if (filter.equals(FileSearchFilter.TSK_DOCUMENT_FILTER) ){
list.addAll(Arrays.asList(SearchFilters.DocumentFilter.values()));
}
else if (filter.equals(FileSearchFilter.TSK_EXECUTABLE_FILTER) ){
list.addAll(Arrays.asList(SearchFilters.ExecutableFilter.values()));
}
return true;
}
@Override
protected Node createNodeForKey(SearchFilters.SearchFilterInterface key){
if(key.getName().equals(SearchFilters.FileSearchFilter.TSK_DOCUMENT_FILTER.getName())){
return new SearchFiltersNode(skCase, false);
return new SearchFiltersNode(skCase, SearchFilters.FileSearchFilter.TSK_DOCUMENT_FILTER);
}
else if(key.getName().equals(SearchFilters.FileSearchFilter.TSK_EXECUTABLE_FILTER.getName())){
return new SearchFiltersNode(skCase, SearchFilters.FileSearchFilter.TSK_EXECUTABLE_FILTER);
}
else {
return new FileSearchFilterNode(key, skCase);
}
return new FileSearchFilterNode(key, skCase);
}
}

14
Core/src/org/sleuthkit/autopsy/datamodel/SearchFiltersNode.java
View File

@ -18,7 +18,6 @@
*/
package org.sleuthkit.autopsy.datamodel;
import org.openide.nodes.AbstractNode;
import org.openide.nodes.Children;
import org.openide.nodes.Sheet;
import org.openide.util.lookup.Lookups;
@ -30,17 +29,16 @@ import org.sleuthkit.datamodel.SleuthkitCase;
public class SearchFiltersNode extends DisplayableItemNode {
private static final String FNAME = "File Types";
private static final String DNAME = "Documents";
SleuthkitCase skCase;
private SleuthkitCase skCase;
SearchFiltersNode(SleuthkitCase skCase, boolean root) {
super(Children.create(new SearchFiltersChildren(skCase, root), true), Lookups.singleton(root ? FNAME : DNAME));
if (root) {
SearchFiltersNode(SleuthkitCase skCase, SearchFilters.FileSearchFilter filter) {
super(Children.create(new SearchFiltersChildren(skCase, filter), true), Lookups.singleton(filter == null ? FNAME : filter.getName()));
if (filter == null) {
super.setName(FNAME);
super.setDisplayName(FNAME);
} else {
super.setName(DNAME);
super.setDisplayName(DNAME);
super.setName(filter.getName());
super.setDisplayName(filter.getDisplayName());
}
this.skCase = skCase;
this.setIconBaseWithExtension("org/sleuthkit/autopsy/images/file_types.png");