diff --git a/Core/src/org/sleuthkit/autopsy/modules/stix/STIXReportModule.java b/Core/src/org/sleuthkit/autopsy/modules/stix/STIXReportModule.java index 2762f21e26..ab42938cca 100644 --- a/Core/src/org/sleuthkit/autopsy/modules/stix/STIXReportModule.java +++ b/Core/src/org/sleuthkit/autopsy/modules/stix/STIXReportModule.java @@ -18,48 +18,45 @@ */ package org.sleuthkit.autopsy.modules.stix; -import java.io.File; -import java.io.IOException; -import java.util.HashMap; -import java.util.Map; -import java.util.List; -import java.util.logging.Level; import java.io.BufferedWriter; +import java.io.File; import java.io.FileWriter; +import java.io.IOException; import java.util.Arrays; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.logging.Level; import javax.swing.JPanel; import javax.xml.bind.JAXBContext; import javax.xml.bind.JAXBException; import javax.xml.bind.Unmarshaller; import javax.xml.namespace.QName; - import org.mitre.cybox.cybox_2.ObjectType; import org.mitre.cybox.cybox_2.Observable; import org.mitre.cybox.cybox_2.ObservableCompositionType; +import org.mitre.cybox.cybox_2.OperatorTypeEnum; +import org.mitre.cybox.objects.AccountObjectType; +import org.mitre.cybox.objects.Address; +import org.mitre.cybox.objects.DomainName; +import org.mitre.cybox.objects.EmailMessage; +import org.mitre.cybox.objects.FileObjectType; +import org.mitre.cybox.objects.SystemObjectType; +import org.mitre.cybox.objects.URIObjectType; +import org.mitre.cybox.objects.URLHistory; +import org.mitre.cybox.objects.WindowsNetworkShare; +import org.mitre.cybox.objects.WindowsRegistryKey; import org.mitre.stix.common_1.IndicatorBaseType; import org.mitre.stix.indicator_2.Indicator; import org.mitre.stix.stix_1.STIXPackage; - -import org.sleuthkit.autopsy.coreutils.Logger; -import org.sleuthkit.autopsy.report.GeneralReportModule; import org.openide.util.NbBundle; -import org.sleuthkit.autopsy.report.ReportProgressPanel; -import org.sleuthkit.datamodel.TskCoreException; - -import org.mitre.cybox.cybox_2.OperatorTypeEnum; -import org.mitre.cybox.objects.Address; -import org.mitre.cybox.objects.FileObjectType; -import org.mitre.cybox.objects.URIObjectType; -import org.mitre.cybox.objects.EmailMessage; -import org.mitre.cybox.objects.WindowsNetworkShare; -import org.mitre.cybox.objects.AccountObjectType; -import org.mitre.cybox.objects.SystemObjectType; -import org.mitre.cybox.objects.URLHistory; -import org.mitre.cybox.objects.DomainName; -import org.mitre.cybox.objects.WindowsRegistryKey; +import org.sleuthkit.autopsy.coreutils.Logger; import org.sleuthkit.autopsy.coreutils.MessageNotifyUtil; import org.sleuthkit.autopsy.coreutils.ModuleSettings; +import org.sleuthkit.autopsy.report.GeneralReportModule; +import org.sleuthkit.autopsy.report.ReportProgressPanel; import org.sleuthkit.autopsy.report.ReportProgressPanel.ReportStatus; +import org.sleuthkit.datamodel.TskCoreException; /** * @@ -180,6 +177,9 @@ public class STIXReportModule implements GeneralReportModule { // Process each STIX file for (File file : stixFiles) { + if (progressPanel.getStatus() == ReportStatus.CANCELED) { + return; + } try { processFile(file.getAbsolutePath(), progressPanel); } catch (TskCoreException ex) { diff --git a/Core/src/org/sleuthkit/autopsy/report/ReportGenerator.java b/Core/src/org/sleuthkit/autopsy/report/ReportGenerator.java index c0c72447d6..7e4896b531 100644 --- a/Core/src/org/sleuthkit/autopsy/report/ReportGenerator.java +++ b/Core/src/org/sleuthkit/autopsy/report/ReportGenerator.java @@ -223,8 +223,10 @@ class ReportGenerator { * Run the GeneralReportModules using a SwingWorker. */ public void generateGeneralReports() { - GeneralReportsWorker worker = new GeneralReportsWorker(); - worker.execute(); + if (this.generalReportModule != null) { + GeneralReportsWorker worker = new GeneralReportsWorker(); + worker.execute(); + } } /** @@ -675,22 +677,21 @@ class ReportGenerator { // Tell the modules reporting on blackboard artifact tags data type is beginning. // @@@ Using the obsolete ARTIFACT_TYPE.TSK_TAG_ARTIFACT is an expedient hack. - progressPanel.updateStatusLabel( - NbBundle.getMessage(this.getClass(), "ReportGenerator.progress.processing", - ARTIFACT_TYPE.TSK_TAG_ARTIFACT.getDisplayName())); - StringBuilder comment = new StringBuilder(); - if (!tagNamesFilter.isEmpty()) { - comment.append( - NbBundle.getMessage(this.getClass(), "ReportGenerator.makeBbArtTagTab.taggedRes.msg")); - comment.append(makeCommaSeparatedList(tagNamesFilter)); - } - module.startDataType(ARTIFACT_TYPE.TSK_TAG_ARTIFACT.getDisplayName(), comment.toString()); - module.startTable(new ArrayList<>(Arrays.asList( - NbBundle.getMessage(this.getClass(), "ReportGenerator.tagTable.header.resultType"), - NbBundle.getMessage(this.getClass(), "ReportGenerator.tagTable.header.tag"), - NbBundle.getMessage(this.getClass(), "ReportGenerator.tagTable.header.comment"), - NbBundle.getMessage(this.getClass(), "ReportGenerator.tagTable.header.srcFile")))); - + progressPanel.updateStatusLabel( + NbBundle.getMessage(this.getClass(), "ReportGenerator.progress.processing", + ARTIFACT_TYPE.TSK_TAG_ARTIFACT.getDisplayName())); + StringBuilder comment = new StringBuilder(); + if (!tagNamesFilter.isEmpty()) { + comment.append( + NbBundle.getMessage(this.getClass(), "ReportGenerator.makeBbArtTagTab.taggedRes.msg")); + comment.append(makeCommaSeparatedList(tagNamesFilter)); + } + tableReportModule.startDataType(ARTIFACT_TYPE.TSK_TAG_ARTIFACT.getDisplayName(), comment.toString()); + tableReportModule.startTable(new ArrayList<>(Arrays.asList( + NbBundle.getMessage(this.getClass(), "ReportGenerator.tagTable.header.resultType"), + NbBundle.getMessage(this.getClass(), "ReportGenerator.tagTable.header.tag"), + NbBundle.getMessage(this.getClass(), "ReportGenerator.tagTable.header.comment"), + NbBundle.getMessage(this.getClass(), "ReportGenerator.tagTable.header.srcFile")))); // Give the modules the rows for the content tags. for (BlackboardArtifactTag tag : tags) { @@ -699,21 +700,17 @@ class ReportGenerator { } List row; - for (TableReportModule module : tableModules) { - row = new ArrayList<>(Arrays.asList(tag.getArtifact().getArtifactTypeName(), tag.getName().getDisplayName(), tag.getComment(), tag.getContent().getName())); - module.addRow(row); - } + row = new ArrayList<>(Arrays.asList(tag.getArtifact().getArtifactTypeName(), tag.getName().getDisplayName(), tag.getComment(), tag.getContent().getName())); + tableReportModule.addRow(row); // check if the tag is an image that we should later make a thumbnail for checkIfTagHasImage(tag); } // The the modules blackboard artifact tags reporting is ended. - for (TableReportModule module : tableModules) { - tableProgress.get(module).increment(); - module.endTable(); - module.endDataType(); - } + progressPanel.increment(); + tableReportModule.endTable(); + tableReportModule.endDataType(); } /** @@ -728,35 +725,35 @@ class ReportGenerator { } void removeCancelledTableReportModules() { - if (progressPanel.getStatus() == ReportStatus.CANCELED) { - tableReportModule = null; - } + if (progressPanel.getStatus() == ReportStatus.CANCELED) { + tableReportModule = null; + } + } /** * Make a report for the files that were previously found to be images. */ private void makeThumbnailTable() { - for (TableReportModule module : tableModules) { - tableProgress.get(module).updateStatusLabel( - NbBundle.getMessage(this.getClass(), "ReportGenerator.progress.createdThumb.text")); + progressPanel.updateStatusLabel( + NbBundle.getMessage(this.getClass(), "ReportGenerator.progress.createdThumb.text")); - if (module instanceof ReportHTML) { - ReportHTML htmlModule = (ReportHTML) module; - htmlModule.startDataType( - NbBundle.getMessage(this.getClass(), "ReportGenerator.thumbnailTable.name"), - NbBundle.getMessage(this.getClass(), "ReportGenerator.thumbnailTable.desc")); - List emptyHeaders = new ArrayList<>(); - for (int i = 0; i < ReportHTML.THUMBNAIL_COLUMNS; i++) { - emptyHeaders.add(""); - } - htmlModule.startTable(emptyHeaders); - - htmlModule.addThumbnailRows(images); - - htmlModule.endTable(); - htmlModule.endDataType(); + if (tableReportModule instanceof ReportHTML) { + ReportHTML htmlModule = (ReportHTML) tableReportModule; + htmlModule.startDataType( + NbBundle.getMessage(this.getClass(), "ReportGenerator.thumbnailTable.name"), + NbBundle.getMessage(this.getClass(), "ReportGenerator.thumbnailTable.desc")); + List emptyHeaders = new ArrayList<>(); + for (int i = 0; i < ReportHTML.THUMBNAIL_COLUMNS; i++) { + emptyHeaders.add(""); } + htmlModule.startTable(emptyHeaders); + + htmlModule.addThumbnailRows(images); + + htmlModule.endTable(); + htmlModule.endDataType(); } + } /** @@ -867,7 +864,7 @@ class ReportGenerator { * @param tableModules modules to report on */ @SuppressWarnings("deprecation") - private void writeKeywordHits(List tableModules, String comment, HashSet tagNamesFilter) { + private void writeKeywordHits(TableReportModule tableModule, String comment, HashSet tagNamesFilter) { // Query for keyword lists-only so that we can tell modules what lists // will exist for their index. @@ -905,13 +902,11 @@ class ReportGenerator { } // Make keyword data type and give them set index - for (TableReportModule module : tableModules) { - module.startDataType(ARTIFACT_TYPE.TSK_KEYWORD_HIT.getDisplayName(), comment); - module.addSetIndex(lists); - tableProgress.get(module).updateStatusLabel( - NbBundle.getMessage(this.getClass(), "ReportGenerator.progress.processing", - ARTIFACT_TYPE.TSK_KEYWORD_HIT.getDisplayName())); - } + tableModule.startDataType(ARTIFACT_TYPE.TSK_KEYWORD_HIT.getDisplayName(), comment); + tableModule.addSetIndex(lists); + progressPanel.updateStatusLabel( + NbBundle.getMessage(this.getClass(), "ReportGenerator.progress.processing", + ARTIFACT_TYPE.TSK_KEYWORD_HIT.getDisplayName())); } catch (TskCoreException | SQLException ex) { errorList.add(NbBundle.getMessage(this.getClass(), "ReportGenerator.errList.failedQueryKWLists")); logger.log(Level.SEVERE, "Failed to query keyword lists: ", ex); //NON-NLS @@ -958,16 +953,9 @@ class ReportGenerator { String currentList = ""; while (resultSet.next()) { // Check to see if all the TableReportModules have been canceled - if (tableModules.isEmpty()) { + if (progressPanel.getStatus() == ReportStatus.CANCELED) { break; } - Iterator iter = tableModules.iterator(); - while (iter.hasNext()) { - TableReportModule module = iter.next(); - if (tableProgress.get(module).getStatus() == ReportStatus.CANCELED) { - iter.remove(); - } - } // Get any tags that associated with this artifact and apply the tag filter. HashSet uniqueTagNames = getUniqueTagNames(resultSet.getLong("artifact_id")); //NON-NLS @@ -997,49 +985,37 @@ class ReportGenerator { if ((!list.equals(currentList) && !list.isEmpty()) || (list.isEmpty() && !currentList.equals( NbBundle.getMessage(this.getClass(), "ReportGenerator.writeKwHits.userSrchs")))) { if (!currentList.isEmpty()) { - for (TableReportModule module : tableModules) { - module.endTable(); - module.endSet(); - } + tableModule.endTable(); + tableModule.endSet(); } currentList = list.isEmpty() ? NbBundle .getMessage(this.getClass(), "ReportGenerator.writeKwHits.userSrchs") : list; currentKeyword = ""; // reset the current keyword because it's a new list - for (TableReportModule module : tableModules) { - module.startSet(currentList); - tableProgress.get(module).updateStatusLabel( - NbBundle.getMessage(this.getClass(), "ReportGenerator.progress.processingList", - ARTIFACT_TYPE.TSK_KEYWORD_HIT.getDisplayName(), currentList)); - } + tableModule.startSet(currentList); + progressPanel.updateStatusLabel( + NbBundle.getMessage(this.getClass(), "ReportGenerator.progress.processingList", + ARTIFACT_TYPE.TSK_KEYWORD_HIT.getDisplayName(), currentList)); } if (!keyword.equals(currentKeyword)) { if (!currentKeyword.equals("")) { - for (TableReportModule module : tableModules) { - module.endTable(); - } + tableModule.endTable(); } currentKeyword = keyword; - for (TableReportModule module : tableModules) { - module.addSetElement(currentKeyword); - List columnHeaderNames = new ArrayList<>(); - columnHeaderNames.add(NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.preview")); - columnHeaderNames.add(NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.srcFile")); - columnHeaderNames.add(NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.tags")); - module.startTable(columnHeaderNames); - } + tableModule.addSetElement(currentKeyword); + List columnHeaderNames = new ArrayList<>(); + columnHeaderNames.add(NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.preview")); + columnHeaderNames.add(NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.srcFile")); + columnHeaderNames.add(NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.tags")); + tableModule.startTable(columnHeaderNames); } String previewreplace = EscapeUtil.escapeHtml(preview); - for (TableReportModule module : tableModules) { - module.addRow(Arrays.asList(new String[]{previewreplace.replaceAll(" tableModules, String comment, HashSet tagNamesFilter) { + private void writeHashsetHits(TableReportModule tableModule, String comment, HashSet tagNamesFilter) { String orderByClause; if (currentCase.getCaseType() == Case.CaseType.MULTI_USER_CASE) { orderByClause = "ORDER BY convert_to(att.value_text, 'SQL_ASCII') ASC NULLS FIRST"; //NON-NLS @@ -1080,13 +1056,11 @@ class ReportGenerator { lists.add(listsRs.getString("list")); //NON-NLS } - for (TableReportModule module : tableModules) { - module.startDataType(ARTIFACT_TYPE.TSK_HASHSET_HIT.getDisplayName(), comment); - module.addSetIndex(lists); - tableProgress.get(module).updateStatusLabel( - NbBundle.getMessage(this.getClass(), "ReportGenerator.progress.processing", - ARTIFACT_TYPE.TSK_HASHSET_HIT.getDisplayName())); - } + tableModule.startDataType(ARTIFACT_TYPE.TSK_HASHSET_HIT.getDisplayName(), comment); + tableModule.addSetIndex(lists); + progressPanel.updateStatusLabel( + NbBundle.getMessage(this.getClass(), "ReportGenerator.progress.processing", + ARTIFACT_TYPE.TSK_HASHSET_HIT.getDisplayName())); } catch (TskCoreException | SQLException ex) { errorList.add(NbBundle.getMessage(this.getClass(), "ReportGenerator.errList.failedQueryHashsetLists")); logger.log(Level.SEVERE, "Failed to query hashset lists: ", ex); //NON-NLS @@ -1122,16 +1096,9 @@ class ReportGenerator { String currentSet = ""; while (resultSet.next()) { // Check to see if all the TableReportModules have been canceled - if (tableModules.isEmpty()) { + if (progressPanel.getStatus() == ReportStatus.CANCELED) { break; } - Iterator iter = tableModules.iterator(); - while (iter.hasNext()) { - TableReportModule module = iter.next(); - if (tableProgress.get(module).getStatus() == ReportStatus.CANCELED) { - iter.remove(); - } - } // Get any tags that associated with this artifact and apply the tag filter. HashSet uniqueTagNames = getUniqueTagNames(resultSet.getLong("artifact_id")); //NON-NLS @@ -1160,36 +1127,28 @@ class ReportGenerator { // If the sets aren't the same, we've started a new set if (!set.equals(currentSet)) { if (!currentSet.isEmpty()) { - for (TableReportModule module : tableModules) { - module.endTable(); - module.endSet(); - } + tableModule.endTable(); + tableModule.endSet(); } currentSet = set; - for (TableReportModule module : tableModules) { - module.startSet(currentSet); - List columnHeaderNames = new ArrayList<>(); - columnHeaderNames.add(NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.file")); - columnHeaderNames.add(NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.size")); - columnHeaderNames.add(NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.tags")); - module.startTable(columnHeaderNames); - tableProgress.get(module).updateStatusLabel( - NbBundle.getMessage(this.getClass(), "ReportGenerator.progress.processingList", - ARTIFACT_TYPE.TSK_HASHSET_HIT.getDisplayName(), currentSet)); - } + tableModule.startSet(currentSet); + List columnHeaderNames = new ArrayList<>(); + columnHeaderNames.add(NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.file")); + columnHeaderNames.add(NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.size")); + columnHeaderNames.add(NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.tags")); + tableModule.startTable(columnHeaderNames); + progressPanel.updateStatusLabel( + NbBundle.getMessage(this.getClass(), "ReportGenerator.progress.processingList", + ARTIFACT_TYPE.TSK_HASHSET_HIT.getDisplayName(), currentSet)); } // Add a row for this hit to every module - for (TableReportModule module : tableModules) { - module.addRow(Arrays.asList(new String[]{uniquePath, size, tagsList})); - } + tableModule.addRow(Arrays.asList(new String[]{uniquePath, size, tagsList})); } // Finish the current data type - for (TableReportModule module : tableModules) { - tableProgress.get(module).increment(); - module.endDataType(); - } + progressPanel.increment(); + tableModule.endDataType(); } catch (TskCoreException | SQLException ex) { errorList.add(NbBundle.getMessage(this.getClass(), "ReportGenerator.errList.failedQueryHashsetHits")); logger.log(Level.SEVERE, "Failed to query hashsets hits: ", ex); //NON-NLS diff --git a/Core/src/org/sleuthkit/autopsy/report/ReportKML.java b/Core/src/org/sleuthkit/autopsy/report/ReportKML.java index abdd7dee96..d8bb02508a 100644 --- a/Core/src/org/sleuthkit/autopsy/report/ReportKML.java +++ b/Core/src/org/sleuthkit/autopsy/report/ReportKML.java @@ -19,14 +19,6 @@ */ package org.sleuthkit.autopsy.report; -import javax.swing.JPanel; - -import org.openide.util.NbBundle; -import org.sleuthkit.autopsy.casemodule.Case; -import org.sleuthkit.autopsy.coreutils.Logger; -import org.sleuthkit.datamodel.*; -import org.sleuthkit.autopsy.ingest.IngestManager; -import org.sleuthkit.datamodel.BlackboardArtifact; import java.io.BufferedReader; import java.io.BufferedWriter; import java.io.File; @@ -37,12 +29,18 @@ import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; import java.util.logging.Level; +import javax.swing.JPanel; +import org.apache.commons.lang.StringEscapeUtils; import org.jdom2.Document; import org.jdom2.Element; import org.jdom2.Namespace; import org.jdom2.output.Format; import org.jdom2.output.XMLOutputter; -import org.apache.commons.lang.StringEscapeUtils; +import org.openide.util.NbBundle; +import org.sleuthkit.autopsy.casemodule.Case; +import org.sleuthkit.autopsy.coreutils.Logger; +import org.sleuthkit.autopsy.ingest.IngestManager; +import org.sleuthkit.datamodel.*; /** * Generates a KML file based on geo coordinates store in blackboard. @@ -85,6 +83,9 @@ class ReportKML implements GeneralReportModule { currentCase = Case.getCurrentCase(); skCase = currentCase.getSleuthkitCase(); + if (progressPanel.getStatus() == ReportProgressPanel.ReportStatus.CANCELED) { + return; + } progressPanel.updateStatusLabel(NbBundle.getMessage(this.getClass(), "ReportKML.progress.loading")); // Check if ingest has finished String ingestwarning = ""; @@ -98,6 +99,9 @@ class ReportKML implements GeneralReportModule { // Why not just print the coordinates as we find them and make some utility methods to do the printing? // Should pull out time values for all of these points and store in TimeSpan element try { + if (progressPanel.getStatus() == ReportProgressPanel.ReportStatus.CANCELED) { + return; + } try (BufferedWriter out = new BufferedWriter(new FileWriter(reportPath2))) { double lat = 0; // temp latitude @@ -108,6 +112,9 @@ class ReportKML implements GeneralReportModule { File f; for (BlackboardArtifact artifact : skCase.getBlackboardArtifacts(BlackboardArtifact.ARTIFACT_TYPE.TSK_METADATA_EXIF)) { + if (progressPanel.getStatus() == ReportProgressPanel.ReportStatus.CANCELED) { + return; + } lat = 0; lon = 0; geoPath = ""; diff --git a/Core/src/org/sleuthkit/autopsy/report/ReportVisualPanel1.java b/Core/src/org/sleuthkit/autopsy/report/ReportVisualPanel1.java index 502c3162a3..93acae830a 100644 --- a/Core/src/org/sleuthkit/autopsy/report/ReportVisualPanel1.java +++ b/Core/src/org/sleuthkit/autopsy/report/ReportVisualPanel1.java @@ -24,9 +24,7 @@ import java.util.ArrayList; import java.util.Collections; import static java.util.Collections.swap; import java.util.Comparator; -import java.util.LinkedHashMap; import java.util.List; -import java.util.Map; import java.util.logging.Level; import javax.swing.JList; import javax.swing.JPanel; @@ -164,7 +162,6 @@ final class ReportVisualPanel1 extends JPanel implements ListSelectionListener { * @return */ TableReportModule getTableModule() { - Map reportModuleStates = new LinkedHashMap<>(); ReportModule mod = getSelectedModule(); if (tableModules.contains(mod)) { return (TableReportModule) mod;