Update oruxmaps.py

Use new geoPointList with geoArtifactHelper along with changing point of interest from trackpoint to bookmark.

InternalPythonModules/android/oruxmaps.py

@@ -44,6 +44,8 @@ from org.sleuthkit.datamodel import BlackboardAttribute
 from org.sleuthkit.datamodel import Content
 from org.sleuthkit.datamodel import TskCoreException
 from org.sleuthkit.datamodel.Blackboard import BlackboardException
+from org.sleuthkit.datamodel.blackboardutils import GeoArtifactsHelper
+from org.sleuthkit.datamodel.blackboardutils.attributes import TskGeoTrackpointsUtil
 
 import traceback
 import general
@@ -68,7 +70,10 @@ class OruxMapsAnalyzer(general.AndroidComponentAnalyzer):
             try:
                 current_case = Case.getCurrentCaseThrows()
                 
-                poiQueryString = "SELECT poilat, poilon, poitime, poiname FROM pois"
+                skCase = Case.getCurrentCase().getSleuthkitCase()
+                geoArtifactHelper = GeoArtifactsHelper(skCase, self._MODULE_NAME, self._PROGRAM_NAME, oruxMapsTrackpointsDb.getDBFile()) 
+
+                poiQueryString = "SELECT poilat, poilon, poialt, poitime, poiname FROM pois"
                 poisResultSet = oruxMapsTrackpointsDb.runQuery(poiQueryString)
                 abstractFile = oruxMapsTrackpointsDb.getDBFile()
                 if poisResultSet is not None:
@@ -77,12 +82,14 @@ class OruxMapsAnalyzer(general.AndroidComponentAnalyzer):
                         longitude = poisResultSet.getDouble("poilon")
                         time = poisResultSet.getLong("poitime") / 1000    # milliseconds since unix epoch
                         name = poisResultSet.getString("poiname")
+                        altitude = poisResultSet.getDouble("poialt")
 
                         attributes = ArrayList()
-                        artifact = abstractFile.newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_GPS_TRACKPOINT)
+                        artifact = abstractFile.newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_GPS_BOOKMARK)
                         attributes.add(BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME, self._MODULE_NAME, time))
                         attributes.add(BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_GEO_LATITUDE, self._MODULE_NAME, latitude))
                         attributes.add(BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_GEO_LONGITUDE, self._MODULE_NAME, longitude))
+                        attributes.add(BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_GEO_ALTITUDE, self._MODULE_NAME, altitude))
                         attributes.add(BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME, self._MODULE_NAME, name))
                         attributes.add(BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME, self._MODULE_NAME, self._PROGRAM_NAME))
 						
@@ -96,32 +103,61 @@ class OruxMapsAnalyzer(general.AndroidComponentAnalyzer):
                             self._logger.log(Level.SEVERE, traceback.format_exc())
                             MessageNotifyUtil.Notify.error("Failed to index trackpoint artifact for keyword search.", artifact.getDisplayName())
                         
-                trackpointsQueryString = "SELECT trkptlat, trkptlon, trkpttime FROM trackpoints"
-                trackpointsResultSet = oruxMapsTrackpointsDb.runQuery(trackpointsQueryString)
-                if trackpointsResultSet is not None:
-                    while trackpointsResultSet.next():
-                        latitude = trackpointsResultSet.getDouble("trkptlat")
-                        longitude = trackpointsResultSet.getDouble("trkptlon")
-                        time = trackpointsResultSet.getLong("trkpttime") / 1000    # milliseconds since unix epoch
-                        name = ""
 
-                        attributes = ArrayList()
-                        artifact = abstractFile.newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_GPS_TRACKPOINT)
-                        attributes.add(BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME, self._MODULE_NAME, time))
-                        attributes.add(BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_GEO_LATITUDE, self._MODULE_NAME, latitude))
-                        attributes.add(BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_GEO_LONGITUDE, self._MODULE_NAME, longitude))
-                        attributes.add(BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME, self._MODULE_NAME, name))
-                        attributes.add(BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME, self._MODULE_NAME, self._PROGRAM_NAME))
-						
-                        artifact.addAttributes(attributes)
-                        try:
-                            # index the artifact for keyword search
-                            blackboard = Case.getCurrentCase().getSleuthkitCase().getBlackboard()
-                            blackboard.postArtifact(artifact, self._MODULE_NAME)
-                        except Blackboard.BlackboardException as ex:
-                            self._logger.log(Level.SEVERE, "Unable to index blackboard artifact " + str(artifact.getArtifactID()), ex)
-                            self._logger.log(Level.SEVERE, traceback.format_exc())
-                            MessageNotifyUtil.Notify.error("Failed to index trackpoint artifact for keyword search.", artifact.getDisplayName())
+                # tracks -> segments -> trackpoints
+                #
+                # The reason that the track and the segment are put into arrays is that once the segment query is run an error occurs that it cannot find the 
+                # trackname column in the track query.  This is avoided if all the tracks/segments are found and put into an array(s) that can then be processed all at once.
+                trackQueryString = "SELECT _id, trackname, trackciudad FROM tracks"
+                trackResultSet = oruxMapsTrackpointsDb.runQuery(trackQueryString)
+                if trackResultSet is not None:
+                    trackResults = ArrayList()
+                    while trackResultSet.next():
+                        tempTrack = ArrayList()
+                        trackName = trackResultSet.getString("trackname") + " - " + trackResultSet.getString("trackciudad")
+                        trackId = str(trackResultSet.getInt("_id"))
+                        tempTrack.append(trackId)
+                        tempTrack.append(trackName)
+                        trackResults.append(tempTrack)
+                    for trackResult in trackResults:
+                        trackId = trackResult[0]
+                        trackName = trackResult[1]
+                        segmentQueryString = "SELECT _id, segname FROM segments WHERE segtrack = " + trackId
+                        segmentResultSet = oruxMapsTrackpointsDb.runQuery(segmentQueryString)
+                        if segmentResultSet is not None:
+                            segmentResults = ArrayList()
+                            while segmentResultSet.next():
+                                segmentName = trackName + " - " + segmentResultSet.getString("segname")
+                                segmentId = str(segmentResultSet.getInt("_id"))
+                                tempSegment = ArrayList()
+                                tempSegment.append(segmentId)
+                                tempSegment.append(segmentName)
+                                segmentResults.append(tempSegment)
+                            for segmentResult in segmentResults:
+                                segmentId = segmentResult[0]
+                                segmentName = segmentResult[1]                                
+                                trackpointsQueryString = "SELECT trkptlat, trkptlon, trkptalt, trkpttime FROM trackpoints WHERE trkptseg = " + segmentId
+                                trackpointsResultSet = oruxMapsTrackpointsDb.runQuery(trackpointsQueryString)
+                                if trackpointsResultSet is not None:
+                                    geoPointList = TskGeoTrackpointsUtil.GeoTrackPointList()                            
+                                    while trackpointsResultSet.next():
+                                        latitude = trackpointsResultSet.getDouble("trkptlat")
+                                        longitude = trackpointsResultSet.getDouble("trkptlon")
+                                        altitude = trackpointsResultSet.getDouble("trkptalt")
+                                        time = trackpointsResultSet.getLong("trkpttime") / 1000    # milliseconds since unix epoch
+                                        
+                                        geoPointList.addPoint(latitude, longitude, altitude, segmentName, 0, 0, 0, time)
+
+                                    try:
+                                        geoartifact = geoArtifactHelper.addTrack(segmentName, geoPointList, None)
+                                    except Blackboard.BlackboardException as ex:
+                                        self._logger.log(Level.SEVERE, "Error using geo artifact helper with blackboard", ex)
+                                        self._logger.log(Level.SEVERE, traceback.format_exc())
+                                        MessageNotifyUtil.Notify.error("Failed to add track artifact.", "geoArtifactHelper")
+                                    except TskCoreException as e:
+                                        self._logger.log(Level.SEVERE, "Error using geo artifact helper with TskCoreException", ex)
+                                        self._logger.log(Level.SEVERE, traceback.format_exc())
+                                        MessageNotifyUtil.Notify.error("Failed to add track artifact with TskCoreException.", "geoArtifactHelper")
                         
             except SQLException as ex:
                 self._logger.log(Level.WARNING, "Error processing query result for Orux Map trackpoints.", ex)