add executable files filter to Views

Core/src/org/sleuthkit/autopsy/datamodel/AbstractContentChildren.java

@@ -127,7 +127,7 @@ abstract class AbstractContentChildren<T> extends Keys<T> {
         
         @Override
         public AbstractNode visit(SearchFilters sf) {
-            return new SearchFiltersNode(sf.getSleuthkitCase(), true);
+            return new SearchFiltersNode(sf.getSleuthkitCase(), null);
         }
         
         @Override

Core/src/org/sleuthkit/autopsy/datamodel/AutopsyItemVisitor.java

@@ -28,6 +28,7 @@ public interface AutopsyItemVisitor<T> {
     T visit(SearchFilters sf);
     T visit(SearchFilters.FileSearchFilter fsf);
     T visit(SearchFilters.DocumentFilter df);
+    T visit(SearchFilters.ExecutableFilter ef);
     T visit(RecentFiles rf);
     T visit(RecentFiles.RecentFilesFilter rff);
     T visit(DeletedContent dc);
@@ -64,6 +65,11 @@ public interface AutopsyItemVisitor<T> {
             return defaultVisit(df);
         }
         
+        @Override
+        public T visit(SearchFilters.ExecutableFilter ef) {
+            return defaultVisit(ef);
+        }
+        
          @Override
         public T visit(DeletedContent dc) {
             return defaultVisit(dc);

Core/src/org/sleuthkit/autopsy/datamodel/FileSearchFilterChildren.java

@@ -30,7 +30,6 @@ import org.sleuthkit.datamodel.Content;
 import org.sleuthkit.datamodel.ContentVisitor;
 import org.sleuthkit.datamodel.DerivedFile;
 import org.sleuthkit.datamodel.File;
-import org.sleuthkit.datamodel.FsContent;
 import org.sleuthkit.datamodel.LocalFile;
 import org.sleuthkit.datamodel.LayoutFile;
 import org.sleuthkit.datamodel.SleuthkitCase;

Core/src/org/sleuthkit/autopsy/datamodel/FileSearchFilterNode.java

@@ -18,11 +18,9 @@
  */
 package org.sleuthkit.autopsy.datamodel;
 
-import org.openide.nodes.AbstractNode;
 import org.openide.nodes.Children;
 import org.openide.nodes.Sheet;
 import org.openide.util.lookup.Lookups;
-import org.sleuthkit.autopsy.datamodel.SearchFilters.FileSearchFilter;
 import org.sleuthkit.datamodel.SleuthkitCase;
 
 /**

Core/src/org/sleuthkit/autopsy/datamodel/SearchFilters.java

@@ -33,8 +33,9 @@ public class SearchFilters implements AutopsyVisitableItem {
         TSK_IMAGE_FILTER(0, "TSK_IMAGE_FILTER", "Images", FileTypeExtensions.getImageExtensions()),
         TSK_VIDEO_FILTER(1, "TSK_VIDEO_FILTER", "Videos", FileTypeExtensions.getVideoExtensions()),
         TSK_AUDIO_FILTER(2, "TSK_AUDIO_FILTER", "Audio", FileTypeExtensions.getAudioExtensions()),
+        TSK_ARCHIVE_FILTER(3, "TSK_ARCHIVE_FILTER", "Archives", FileTypeExtensions.getArchiveExtensions()),
         TSK_DOCUMENT_FILTER(3, "TSK_DOCUMENT_FILTER", "Documents", Arrays.asList(".doc", ".docx", ".pdf", ".xls", ".rtf", ".txt")),
-        TSK_ARCHIVE_FILTER(3, "TSK_ARCHIVE_FILTER", "Archives", FileTypeExtensions.getArchiveExtensions());
+        TSK_EXECUTABLE_FILTER(3, "TSK_EXECUTABLE_FILTER", "Executable", Arrays.asList(".exe", ".dll", ".bat", ".cmd", ".com"));
 
         private int id;
         private String name;
@@ -82,10 +83,10 @@ public class SearchFilters implements AutopsyVisitableItem {
         AUT_DOC_TXT(3, "AUT_DOC_TXT", "Plain Text", Arrays.asList(".txt")),
         AUT_DOC_RTF(4, "AUT_DOC_RTF", "Rich Text", Arrays.asList(".rtf"));
 
-        int id;
+        private int id;
-        String name;
+        private String name;
-        String displayName;
+        private String displayName;
-        List<String> filter;
+        private List<String> filter;
 
         private DocumentFilter(int id, String name, String displayName, List<String> filter){
             this.id = id;
@@ -119,6 +120,52 @@ public class SearchFilters implements AutopsyVisitableItem {
             return this.filter;
         }
     }
+    
+    
+    public enum ExecutableFilter implements AutopsyVisitableItem,SearchFilterInterface {
+        ExecutableFilter_EXE(0, "ExecutableFilter_EXE", ".exe", Arrays.asList(".exe")),
+        ExecutableFilter_DLL(0, "ExecutableFilter_DLL", ".dll", Arrays.asList(".dll")),
+        ExecutableFilter_BAT(0, "ExecutableFilter_BAT", ".bat", Arrays.asList(".bat")),
+        ExecutableFilter_CMD(0, "ExecutableFilter_CMD", ".cmd", Arrays.asList(".cmd")),
+        ExecutableFilter_COM(0, "ExecutableFilter_COM", ".com", Arrays.asList(".com"));
+        
+        private int id;
+        private String name;
+        private String displayName;
+        private List<String> filter;
+
+        private ExecutableFilter(int id, String name, String displayName, List<String> filter){
+            this.id = id;
+            this.name = name;
+            this.displayName = displayName;
+            this.filter = filter;
+        }
+
+        @Override
+        public <T> T accept(AutopsyItemVisitor<T> v) {
+            return v.visit(this);
+        }
+
+        @Override
+        public String getName(){
+            return this.name;
+        }
+
+        @Override
+        public int getId(){
+            return this.id;
+        }
+
+        @Override
+        public String getDisplayName(){
+            return this.displayName;
+        }
+
+        @Override
+        public List<String> getFilter(){
+            return this.filter;
+        }
+    }
 
     public SearchFilters(SleuthkitCase skCase){
         this.skCase = skCase;

Core/src/org/sleuthkit/autopsy/datamodel/SearchFiltersChildren.java

@@ -31,28 +31,38 @@ import org.sleuthkit.datamodel.SleuthkitCase;
 class SearchFiltersChildren extends ChildFactory<SearchFilters.SearchFilterInterface> {
     
     private SleuthkitCase skCase;
-    private boolean root;
+    private SearchFilters.FileSearchFilter filter;
 
-    public SearchFiltersChildren(SleuthkitCase skCase, boolean root) {
+    public SearchFiltersChildren(SleuthkitCase skCase, SearchFilters.FileSearchFilter filter) {
         this.skCase = skCase;
-        this.root = root;
+        this.filter = filter;
     }
 
     @Override
     protected boolean createKeys(List<SearchFilters.SearchFilterInterface> list) {
-        if(root)
+        if (filter == null) {
             list.addAll(Arrays.asList(FileSearchFilter.values()));
-        else
+        }
+        else if (filter.equals(FileSearchFilter.TSK_DOCUMENT_FILTER) ){
             list.addAll(Arrays.asList(SearchFilters.DocumentFilter.values()));
+        }
+        else if (filter.equals(FileSearchFilter.TSK_EXECUTABLE_FILTER) ){
+            list.addAll(Arrays.asList(SearchFilters.ExecutableFilter.values()));
+        }
         return true;
     }
     
     @Override
     protected Node createNodeForKey(SearchFilters.SearchFilterInterface key){
         if(key.getName().equals(SearchFilters.FileSearchFilter.TSK_DOCUMENT_FILTER.getName())){
-            return new SearchFiltersNode(skCase, false);
+            return new SearchFiltersNode(skCase, SearchFilters.FileSearchFilter.TSK_DOCUMENT_FILTER);
+        }
+        else if(key.getName().equals(SearchFilters.FileSearchFilter.TSK_EXECUTABLE_FILTER.getName())){
+            return new SearchFiltersNode(skCase, SearchFilters.FileSearchFilter.TSK_EXECUTABLE_FILTER);
+        }
+        else {
+            return new FileSearchFilterNode(key, skCase);
         }
-        return new FileSearchFilterNode(key, skCase);
     }
     
 }

Core/src/org/sleuthkit/autopsy/datamodel/SearchFiltersNode.java

@@ -18,7 +18,6 @@
  */
 package org.sleuthkit.autopsy.datamodel;
 
-import org.openide.nodes.AbstractNode;
 import org.openide.nodes.Children;
 import org.openide.nodes.Sheet;
 import org.openide.util.lookup.Lookups;
@@ -30,17 +29,16 @@ import org.sleuthkit.datamodel.SleuthkitCase;
 public class SearchFiltersNode extends DisplayableItemNode {
 
     private static final String FNAME = "File Types";
-    private static final String DNAME = "Documents";
+    private SleuthkitCase skCase;
-    SleuthkitCase skCase;
 
-    SearchFiltersNode(SleuthkitCase skCase, boolean root) {
+    SearchFiltersNode(SleuthkitCase skCase, SearchFilters.FileSearchFilter filter) {
-        super(Children.create(new SearchFiltersChildren(skCase, root), true), Lookups.singleton(root ? FNAME : DNAME));
+        super(Children.create(new SearchFiltersChildren(skCase, filter), true), Lookups.singleton(filter == null ? FNAME : filter.getName()));
-        if (root) {
+        if (filter == null) {
             super.setName(FNAME);
             super.setDisplayName(FNAME);
         } else {
-            super.setName(DNAME);
+            super.setName(filter.getName());
-            super.setDisplayName(DNAME);
+            super.setDisplayName(filter.getDisplayName());
         }
         this.skCase = skCase;
         this.setIconBaseWithExtension("org/sleuthkit/autopsy/images/file_types.png");