FileInstanceNode for an instance in the CaseDB
+ */
+final public class CaseDBCommonAttributeInstance extends AbstractCommonAttributeInstance {
+
+ private static final Logger LOGGER = Logger.getLogger(CaseDBCommonAttributeInstance.class.getName());
+
+
+ /**
+ * Create meta data required to find an abstract file and build a
+ * FileInstanceNode.
+ *
+ * @param objectId id of abstract file to find
+ * @param dataSourceName name of datasource where the object is found
+ */
+ CaseDBCommonAttributeInstance(Long abstractFileReference, String dataSource, String caseName) {
+ super(abstractFileReference, dataSource, caseName);
+ }
+
+ @Override
+ public DisplayableItemNode[] generateNodes() {
+ final CaseDBCommonAttributeInstanceNode intraCaseCommonAttributeInstanceNode = new CaseDBCommonAttributeInstanceNode(this.getAbstractFile(), this.getCaseName(), this.getDataSource());
+ return Arrays.asList(intraCaseCommonAttributeInstanceNode).toArray(new DisplayableItemNode[1]);
+ }
+
+ @Override
+ AbstractFile getAbstractFile() {
+
+ Case currentCase;
+ try {
+ currentCase = Case.getCurrentCaseThrows();
+
+ SleuthkitCase tskDb = currentCase.getSleuthkitCase();
+
+ AbstractFile abstractFile = tskDb.findAllFilesWhere(String.format("obj_id in (%s)", this.getAbstractFileObjectId())).get(0);
+
+ return abstractFile;
+
+ } catch (TskCoreException | NoCurrentCaseException ex) {
+ LOGGER.log(Level.SEVERE, String.format("Unable to find AbstractFile for record with obj_id: %s. Node not created.", new Object[]{this.getAbstractFileObjectId()}), ex);
+ return null;
+ }
+ }
+}
diff --git a/Core/src/org/sleuthkit/autopsy/commonfilesearch/CaseDBCommonAttributeInstanceNode.java b/Core/src/org/sleuthkit/autopsy/commonfilesearch/CaseDBCommonAttributeInstanceNode.java
new file mode 100644
index 0000000000..b44855c51c
--- /dev/null
+++ b/Core/src/org/sleuthkit/autopsy/commonfilesearch/CaseDBCommonAttributeInstanceNode.java
@@ -0,0 +1,90 @@
+/*
+ * Autopsy Forensic Browser
+ *
+ * Copyright 2018 Basis Technology Corp.
+ * Contact: carrier AbstractFile.
+ *
+ * @param fsContent
+ * @param dataSource
+ */
+ public CaseDBCommonAttributeInstanceNode(AbstractFile fsContent, String caseName, String dataSource) {
+ super(fsContent);
+ this.caseName = caseName;
+ this.dataSource = dataSource;
+ }
+
+ @Override
+ public boolean isLeafTypeNode(){
+ //Not used atm - could maybe be leveraged for better use in Children objects
+ return true;
+ }
+
+ @Override
+ public Md5Nodes.
+ *
+ * Use this type for files which are not in the current case, but from the
+ * Central Repo. Contrast with SleuthkitCase which should be used
+ * when the FileInstance was found in the case presently open in Autopsy.
+ */
+public class CentralRepoCommonAttributeInstanceNode extends DisplayableItemNode {
+
+ private final CorrelationAttributeInstance crFile;
+
+ CentralRepoCommonAttributeInstanceNode(CorrelationAttributeInstance content) {
+ super(Children.LEAF, Lookups.fixed(content));
+ this.crFile = content;
+ this.setDisplayName(new File(this.crFile.getFilePath()).getName());
+ }
+
+ public CorrelationAttributeInstance getCorrelationAttributeInstance(){
+ return this.crFile;
+ }
+
+ @Override
+ public Action[] getActions(boolean context){
+ ListMd5Node used to display common files search
- * results in the top right pane. Calls Md5NodeFactory.
+ * Top-level node to store common file search results. Current structure is:
+ * - node for number of matches
+ * -- node for MD5/commmon attribute
+ * --- node for instance.
*/
-final public class CommonFilesNode extends DisplayableItemNode {
+final public class CommonAttributeSearchResultRootNode extends DisplayableItemNode {
- CommonFilesNode(CommonFilesMetadata metadataList) {
+ CommonAttributeSearchResultRootNode(CommonAttributeSearchResults metadataList) {
super(Children.create(new InstanceCountNodeFactory(metadataList), true));
}
@@ -58,25 +59,33 @@ final public class CommonFilesNode extends DisplayableItemNode {
public String getItemType() {
return getClass().getName();
}
+
+ /**
+ * Used to generate InstanceCountNodes.
+ */
+ static class InstanceCountNodeFactory extends ChildFactoryCommonAttributeSearchResults
+ * object into DisplayableItemNodes.
+ * @param searchResults
+ */
+ InstanceCountNodeFactory(CommonAttributeSearchResults searchResults){
+ this.searchResults = searchResults;
}
@Override
protected boolean createKeys(ListgetValues().
+ *
+ * @param isntanceCound key
+ * @return list of values which represent matches
+ */
+ CommonAttributeValueList getAttributeValuesForInstanceCount(Integer instanceCount) {
+ return this.instanceCountToAttributeValues.get(instanceCount);
+ }
+
+ /**
+ * Get an unmodifiable collection of values, indexed by number of
+ * grandchildren, which represents the common attributes found in the
+ * search.
+ * @return map of sizes of children to list of matches
+ */
+public MapMd5Node.
+ * Defines a value that was in the common file search results
+ * as well as information about its instances.
*/
-final public class Md5Metadata {
-
+final public class CommonAttributeValue {
+
private final String md5;
- private final ListSleuthkitCaseFileInstanceNode of
+ * CommonAttributeValueNode.
+ */
+ static class FileInstanceNodeFactory extends ChildFactoryDataResultViewerTable which overrides the default column
+ * header width calculations. The CommonAttributesSearchResultsViewerTable
+ * presents multiple tiers of data which are not always present and it may not
+ * make sense to try to calculate the column widths for such tables by sampling
+ * rows and looking for wide cells. Rather, we just pick some reasonable values.
+ */
+public class CommonAttributesSearchResultsViewerTable extends DataResultViewerTable {
+
+ private static final MapgetMetadata().
- *
- * @param md5 key
- * @return
- */
- Md5MetadataList getMetadataForMd5(Integer instanceCount) {
- return this.metadata.get(instanceCount);
- }
-
- public MapList when
- * findCommonFiles() is called, which organizes files by md5 to
- * prepare to display in viewer.
- *
- * This entire thing runs on a background thread where exceptions are handled.
- */
-@SuppressWarnings("PMD.AbstractNaming")
-public abstract class CommonFilesMetadataBuilder {
-
- private final MapbuildSqlSelectStatement() function to create an SQL boolean
- * expression which will filter our matches based on mime type. The
- * expression will be conjoined to base query with an AND operator.
- *
- * @return sql fragment of the form:
- * 'and "mime_type" in ( [comma delimited list of mime types] )'
- * or empty string in the event that no types to filter on were given.
- */
- String determineMimeTypeFilter() {
-
- SetFileInstanceNode.
- */
-final public class FileInstanceMetadata {
-
- private final Long objectId;
- private final String dataSourceName;
-
- /**
- * Create meta data required to find an abstract file and build a FileInstanceNode.
- * @param objectId id of abstract file to find
- * @param dataSourceName name of datasource where the object is found
- */
- FileInstanceMetadata(Long objectId, String dataSourceName) {
- this.objectId = objectId;
- this.dataSourceName = dataSourceName;
- }
-
- /**
- * obj_id for the file represented by this object
- * @return
- */
- public Long getObjectId(){
- return this.objectId;
- }
-
- /**
- * Name of datasource where this instance was found.
- * @return
- */
- public String getDataSourceName(){
- return this.dataSourceName;
- }
-
-}
diff --git a/Core/src/org/sleuthkit/autopsy/commonfilesearch/InstanceCountNode.java b/Core/src/org/sleuthkit/autopsy/commonfilesearch/InstanceCountNode.java
new file mode 100644
index 0000000000..da418c6213
--- /dev/null
+++ b/Core/src/org/sleuthkit/autopsy/commonfilesearch/InstanceCountNode.java
@@ -0,0 +1,153 @@
+/*
+ *
+ * Autopsy Forensic Browser
+ *
+ * Copyright 2018 Basis Technology Corp.
+ * Contact: carrier List when
+ * findFiles() is called, which organizes files by md5 to
+ * prepare to display in viewer.
+ *
+ * This entire thing runs on a background thread where exceptions are handled.
+ */
+@SuppressWarnings("PMD.AbstractNaming")
+public abstract class IntraCaseCommonAttributeSearcher extends AbstractCommonAttributeSearcher {
+
+ private static final String FILTER_BY_MIME_TYPES_WHERE_CLAUSE = " and mime_type in (%s)"; //NON-NLS // where %s is csv list of mime_types to filter on
+
+ /**
+ * Subclass this to implement different algorithms for getting common files.
+ *
+ * @param dataSourceIdMap a map of obj_id to datasource name
+ * @param filterByMediaMimeType match only on files whose mime types can be
+ * broadly categorized as media types
+ * @param filterByDocMimeType match only on files whose mime types can be
+ * broadly categorized as document types
+ */
+ IntraCaseCommonAttributeSearcher(MapbuildSqlSelectStatement() function to create an SQL boolean
+ * expression which will filter our matches based on mime type. The
+ * expression will be conjoined to base query with an AND operator.
+ *
+ * @return sql fragment of the form:
+ * 'and "mime_type" in ( [comma delimited list of mime types] )'
+ * or empty string in the event that no types to filter on were given.
+ */
+ String determineMimeTypeFilter() {
+
+ SetgetDisplayName() for children of this node.
- *
- * @param node The node to wrap
- */
- public MultiLayerTableFilterNode(Node node, int childLayerDepth) {
- super(node, TableFilterChildrenWithDescendants.createInstance(node, true, childLayerDepth), Lookups.proxy(node));
- this.createChildren = true;
- this.forceUseWrappedDisplayName = true;
- //this.innerNode = node;
- }
-
- void refresh() {
- DataResultFilterNode innerNode = getLookup().lookup(DataResultFilterNode.class);
- innerNode.refresh();
- }
-
- @Override
- public String getDisplayName() {
- if (this.forceUseWrappedDisplayName) {
- return super.getDisplayName();
- } else if (createChildren) {
- return NbBundle.getMessage(this.getClass(), "TableFilterNode.displayName.text");
- } else {
- return super.getDisplayName();
- }
- }
-
- @Override
- public NodeSelectionInfo getChildNodeSelectionInfo() {
- /*
- * Currently, child selection is only supported for nodes selected in
- * the tree view and decorated with a DataResultFilterNode.
- */
- if (getOriginal() instanceof DataResultFilterNode) {
- return ((DataResultFilterNode) getOriginal()).getChildNodeSelectionInfo();
- } else {
- return null;
- }
- }
-
- @Override
- public String getColumnOrderKey() {
- return columnOrderKey;
- }
-
- @Override
- public String getParentDisplayName() {
- return super.getDisplayName();
- }
-
- @Override
- public void setChildNodeSelectionInfo(NodeSelectionInfo selectedChildNodeInfo) {
- /*
- * TODO maybe we dont actually want to do anything here...?
- * Currently, child selection is only supported for nodes selected in
- * the tree view and decorated with a DataResultFilterNode.
- */
- if (getOriginal() instanceof DataResultFilterNode) {
- ((DataResultFilterNode) getOriginal()).setChildNodeSelectionInfo(selectedChildNodeInfo);
- }
- }
-}
diff --git a/Core/src/org/sleuthkit/autopsy/corecomponents/ResultViewerPersistence.java b/Core/src/org/sleuthkit/autopsy/corecomponents/ResultViewerPersistence.java
index 498857cdd5..7d03ec65eb 100644
--- a/Core/src/org/sleuthkit/autopsy/corecomponents/ResultViewerPersistence.java
+++ b/Core/src/org/sleuthkit/autopsy/corecomponents/ResultViewerPersistence.java
@@ -152,7 +152,7 @@ final class ResultViewerPersistence {
* @return A map from sort rank to sort criterion, where rank 1 means that
* this is the most important sort criteria, 2 means second etc.
*/
- static List< SortCriterion> loadSortCriteria(SingleLayerTableFilterNode node) {
+ static List< SortCriterion> loadSortCriteria(TableFilterNode node) {
ListChildren implementation for a
+ * TableFilterNode. A
+ * TableFilterNode creates at most one layer of child
+ * nodes for the node it wraps. It is designed to be used in the results view
+ * to ensure the individual viewers display only the first layer of child nodes.
*/
class TableFilterChildren extends FilterNode.Children {
/**
- * Creates a Children object for a SingleLayerTableFilterNode. A SingleLayerTableFilterNode
+ * Creates a Children object for a TableFilterNode. A TableFilterNode
creates at most one layer of child nodes for the node it wraps. It is
designed to be used in the results view to ensure the individual viewers
display only the first layer of child nodes.
*
- *
- * @param wrappedNode The node wrapped by the SingleLayerTableFilterNode.
+ * @param wrappedNode The node wrapped by the TableFilterNode.
* @param createChildren True if a children (child factory) object should be
* created for the wrapped node.
*
- * @return A children (child factory) object for a node wrapped by a
- SingleLayerTableFilterNode.
+ * @return A children (child factory) object for a node wrapped by a TableFilterNode.
*/
public static Children createInstance(Node wrappedNode, boolean createChildren) {
@@ -54,28 +53,29 @@ class TableFilterChildren extends FilterNode.Children {
}
/**
- * Constructs a children (child factory) implementation for a
- SingleLayerTableFilterNode. A SingleLayerTableFilterNode creates at most one layer of child
- nodes for the node it wraps. It is designed to be used for nodes
- displayed in Autopsy table views.
+ * Constructs a children (child factory) implementation for a
+ * TableFilterNode. A
+ * TableFilterNode creates at most one layer of
+ * child nodes for the node it wraps. It is designed to be used for nodes
+ * displayed in Autopsy table views.
*
- * @param wrappedNode The node wrapped by the SingleLayerTableFilterNode.
+ * @param wrappedNode The node wrapped by the TableFilterNode.
*/
TableFilterChildren(Node wrappedNode) {
super(wrappedNode);
}
/**
- * Copies a SingleLayerTableFilterNode, with the create children (child factory) flag
- set to false.
+ * Copies a TableFilterNode, with the create children
+ (child factory) flag set to false.
*
- * @param nodeToCopy The SingleLayerTableFilterNode to copy.
+ * @param nodeToCopy The TableFilterNode to copy.
*
- * @return A copy of a SingleLayerTableFilterNode.
+ * @return A copy of a TableFilterNode.
*/
@Override
protected Node copyNode(Node nodeToCopy) {
- return new SingleLayerTableFilterNode(nodeToCopy, false);
+ return new TableFilterNode(nodeToCopy, false);
}
/**
diff --git a/Core/src/org/sleuthkit/autopsy/corecomponents/TableFilterChildrenWithDescendants.java b/Core/src/org/sleuthkit/autopsy/corecomponents/TableFilterChildrenWithDescendants.java
index 7b728f84c4..6f5f32b247 100644
--- a/Core/src/org/sleuthkit/autopsy/corecomponents/TableFilterChildrenWithDescendants.java
+++ b/Core/src/org/sleuthkit/autopsy/corecomponents/TableFilterChildrenWithDescendants.java
@@ -28,14 +28,29 @@ import org.openide.nodes.Node;
*/
final class TableFilterChildrenWithDescendants extends TableFilterChildren {
- private int childLayerDepth;
+ private final int childLayerDepth;
+ /**
+ * Used to create children of the given node, with the specified number of
+ * child generations.
+ *
+ * @param wrappedNode node with children
+ * @param childLayerDepth number of subsequent generations.
+ */
private TableFilterChildrenWithDescendants(Node wrappedNode, int childLayerDepth) {
super(wrappedNode);
this.childLayerDepth = childLayerDepth;
}
- public static Children createInstance(Node wrappedNode, boolean createChildren, int childLayerDepth){
+ /**
+ * Factory method for getting an instance of the Children object based on the
+ * node with children, and the number of subsequent generations.
+ *
+ * @param wrappedNode node that has children
+ * @param childLayerDepth
+ * @return object capable of generating child node
+ */
+ public static Children createInstance(Node wrappedNode, int childLayerDepth){
if(childLayerDepth == 0){
return Children.LEAF;
} else {
@@ -45,6 +60,6 @@ final class TableFilterChildrenWithDescendants extends TableFilterChildren {
@Override
protected Node copyNode(Node nodeToCopy){
- return new MultiLayerTableFilterNode(nodeToCopy, this.childLayerDepth);
+ return new TableFilterNode(nodeToCopy, this.childLayerDepth);
}
}
diff --git a/Core/src/org/sleuthkit/autopsy/corecomponents/TableFilterNode.java b/Core/src/org/sleuthkit/autopsy/corecomponents/TableFilterNode.java
index 0a798f971c..890fb4ace3 100644
--- a/Core/src/org/sleuthkit/autopsy/corecomponents/TableFilterNode.java
+++ b/Core/src/org/sleuthkit/autopsy/corecomponents/TableFilterNode.java
@@ -1,16 +1,15 @@
/*
- *
* Autopsy Forensic Browser
- *
- * Copyright 2018 Basis Technology Corp.
+ *
+ * Copyright 2011-2017 Basis Technology Corp.
* Contact: carrier