mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-06 21:00:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'sleuthkit:develop' into develop

Browse Source
This commit is contained in:
Seb2lyon 2021-07-03 09:23:12 +02:00 committed by GitHub
commit cc6c7e29bc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 68 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Core/src/org/sleuthkit/autopsy/centralrepository/contentviewer/DataContentViewerOtherCases.java
View File

@ -31,6 +31,7 @@ import org.sleuthkit.autopsy.centralrepository.application.OtherOccurrences;
import org.sleuthkit.autopsy.corecomponentinterfaces.DataContentViewer; import org.sleuthkit.autopsy.corecomponentinterfaces.DataContentViewer;
import org.sleuthkit.datamodel.AbstractFile; import org.sleuthkit.datamodel.AbstractFile;
import org.sleuthkit.autopsy.centralrepository.datamodel.CentralRepository; import org.sleuthkit.autopsy.centralrepository.datamodel.CentralRepository;
import org.sleuthkit.datamodel.OsAccount;
/** /**
* View correlation results from other cases * View correlation results from other cases
@ -92,9 +93,10 @@ public final class DataContentViewerOtherCases extends JPanel implements DataCon
// Is supported if one of the following is true: // Is supported if one of the following is true:
// - The central repo is enabled and the node is not null // - The central repo is enabled and the node is not null
// - The central repo is disabled and the backing file has a valid MD5 hash // - The central repo is disabled and the backing file has a valid MD5 hash
// And the node has information which could be correlated on.
if (CentralRepository.isEnabled() && node != null) { if (CentralRepository.isEnabled() && node != null) {
return true; return OtherOccurrences.getAbstractFileFromNode(node) != null || OtherOccurrences.getBlackboardArtifactFromNode(node) != null || node.getLookup().lookup(OsAccount.class) != null;
} else if (node != null){ } else if (node != null) {
AbstractFile file = OtherOccurrences.getAbstractFileFromNode(node); AbstractFile file = OtherOccurrences.getAbstractFileFromNode(node);
return file != null return file != null
&& file.getSize() > 0 && file.getSize() > 0

2
Core/src/org/sleuthkit/autopsy/contentviewers/Metadata.java
View File

@ -136,7 +136,7 @@ public class Metadata extends javax.swing.JPanel implements DataContentViewer {
} }
private void startTable(StringBuilder sb) { private void startTable(StringBuilder sb) {
sb.append(MessageFormat.format("<table class=\"{0}\"><tbody>", sb.append(MessageFormat.format("<table class=\"{0}\" valign=\"top\" align=\"left\"><tbody>",
ContentViewerHtmlStyles.getIndentedClassName())); //NON-NLS ContentViewerHtmlStyles.getIndentedClassName())); //NON-NLS
} }

9
Core/src/org/sleuthkit/autopsy/contentviewers/analysisresults/AnalysisResultsContentPanel.java
View File

@ -184,7 +184,10 @@ public class AnalysisResultsContentPanel extends javax.swing.JPanel {
Optional.ofNullable(getAnchor(attrs.getAnalysisResult()))); Optional.ofNullable(getAnchor(attrs.getAnalysisResult())));
// create a table // create a table
Element table = sectionDiv.appendElement("table"); Element table = sectionDiv.appendElement("table")
.attr("valign", "top")
.attr("align", "left");
table.attr("class", ContentViewerHtmlStyles.getIndentedClassName()); table.attr("class", ContentViewerHtmlStyles.getIndentedClassName());
Element tableBody = table.appendElement("tbody"); Element tableBody = table.appendElement("tbody");
@ -194,11 +197,11 @@ public class AnalysisResultsContentPanel extends javax.swing.JPanel {
Element row = tableBody.appendElement("tr"); Element row = tableBody.appendElement("tr");
String keyString = keyVal.getKey() == null ? "" : keyVal.getKey() + ":"; String keyString = keyVal.getKey() == null ? "" : keyVal.getKey() + ":";
Element keyTd = row.appendElement("td") Element keyTd = row.appendElement("td")
.attr("class", ContentViewerHtmlStyles.getTextClassName()); .attr("class", ContentViewerHtmlStyles.getKeyColumnClassName());
keyTd.appendElement("span") keyTd.appendElement("span")
.text(keyString) .text(keyString)
.attr("class", ContentViewerHtmlStyles.getKeyColumnClassName()); .attr("class", ContentViewerHtmlStyles.getTextClassName());
String valueString = keyVal.getValue() == null ? "" : keyVal.getValue(); String valueString = keyVal.getValue() == null ? "" : keyVal.getValue();
row.appendElement("td") row.appendElement("td")

30
Core/src/org/sleuthkit/autopsy/contentviewers/application/Annotations.java
View File

@ -207,11 +207,10 @@ public class Annotations {
Element sourceFileSection = appendSection(parent, Bundle.Annotations_sourceFile_title()); Element sourceFileSection = appendSection(parent, Bundle.Annotations_sourceFile_title());
sourceFileSection.attr("class", ContentViewerHtmlStyles.getSpacedSectionClassName()); sourceFileSection.attr("class", ContentViewerHtmlStyles.getSpacedSectionClassName());
Element sourceFileContainer = sourceFileSection.appendElement("div"); Element sourceFileContainer = sourceFileSection.appendElement("div");
sourceFileContainer.attr("class", ContentViewerHtmlStyles.getIndentedClassName()); sourceFileContainer.attr("class", ContentViewerHtmlStyles.getIndentedClassName());
boolean sourceFileRendered = renderContent(sourceFileContainer, sourceContent, true); boolean sourceFileRendered = renderContent(sourceFileContainer, sourceContent, true);
if (!sourceFileRendered) { if (!sourceFileRendered) {
@ -239,7 +238,7 @@ public class Annotations {
if (CentralRepository.isEnabled()) { if (CentralRepository.isEnabled()) {
List<CorrelationAttributeInstance> centralRepoComments = getCentralRepositoryData(sourceFile); List<CorrelationAttributeInstance> centralRepoComments = getCentralRepositoryData(sourceFile);
boolean crRendered = appendEntries(parent, CR_COMMENTS_CONFIG, centralRepoComments, isSubheader, boolean crRendered = appendEntries(parent, CR_COMMENTS_CONFIG, centralRepoComments, isSubheader,
!contentRendered); !contentRendered);
contentRendered = contentRendered || crRendered; contentRendered = contentRendered || crRendered;
} }
@ -475,13 +474,13 @@ public class Annotations {
if (!isFirstSection) { if (!isFirstSection) {
sectionDiv.attr("class", ContentViewerHtmlStyles.getSpacedSectionClassName()); sectionDiv.attr("class", ContentViewerHtmlStyles.getSpacedSectionClassName());
} }
Element sectionContainer = sectionDiv.appendElement("div"); Element sectionContainer = sectionDiv.appendElement("div");
if (!isSubsection) { if (!isSubsection) {
sectionContainer.attr("class", ContentViewerHtmlStyles.getIndentedClassName()); sectionContainer.attr("class", ContentViewerHtmlStyles.getIndentedClassName());
} }
appendVerticalEntryTables(sectionContainer, items, config.getAttributes()); appendVerticalEntryTables(sectionContainer, items, config.getAttributes());
return true; return true;
} }
@ -532,7 +531,10 @@ public class Annotations {
* @return The created table. * @return The created table.
*/ */
private static Element appendTable(Element parent, int columnNumber, List<List<String>> content, List<String> columnHeaders) { private static Element appendTable(Element parent, int columnNumber, List<List<String>> content, List<String> columnHeaders) {
Element table = parent.appendElement("table"); Element table = parent.appendElement("table")
.attr("valign", "top")
.attr("align", "left");
if (columnHeaders != null && !columnHeaders.isEmpty()) { if (columnHeaders != null && !columnHeaders.isEmpty()) {
Element header = table.appendElement("thead"); Element header = table.appendElement("thead");
appendRow(header, columnHeaders, columnNumber, true); appendRow(header, columnHeaders, columnNumber, true);
@ -559,9 +561,15 @@ public class Annotations {
Element row = rowParent.appendElement("tr"); Element row = rowParent.appendElement("tr");
for (int i = 0; i < columnNumber; i++) { for (int i = 0; i < columnNumber; i++) {
Element cell = row.appendElement(cellType); Element cell = row.appendElement(cellType);
cell.attr("class", ContentViewerHtmlStyles.getTextClassName());
if (i == 0) {
cell.attr("class", ContentViewerHtmlStyles.getKeyColumnClassName());
}
if (data != null && i < data.size()) { if (data != null && i < data.size()) {
cell.text(StringUtils.isEmpty(data.get(i)) ? "" : data.get(i)); cell.appendElement("span")
.attr("class", ContentViewerHtmlStyles.getTextClassName())
.text(StringUtils.isEmpty(data.get(i)) ? "" : data.get(i));
} }
} }
return row; return row;

63
Core/src/org/sleuthkit/autopsy/contentviewers/artifactviewers/ContactArtifactViewer.java
View File

@ -65,6 +65,7 @@ import org.sleuthkit.datamodel.BlackboardArtifact;
import org.sleuthkit.datamodel.BlackboardAttribute; import org.sleuthkit.datamodel.BlackboardAttribute;
import org.sleuthkit.datamodel.CommunicationsManager; import org.sleuthkit.datamodel.CommunicationsManager;
import org.sleuthkit.datamodel.Content; import org.sleuthkit.datamodel.Content;
import org.sleuthkit.datamodel.InvalidAccountIDException;
import org.sleuthkit.datamodel.TskCoreException; import org.sleuthkit.datamodel.TskCoreException;
/** /**
@ -624,48 +625,52 @@ public class ContactArtifactViewer extends javax.swing.JPanel implements Artifac
protected Map<Persona, ArrayList<CentralRepoAccount>> doInBackground() throws Exception { protected Map<Persona, ArrayList<CentralRepoAccount>> doInBackground() throws Exception {
Map<Persona, ArrayList<CentralRepoAccount>> uniquePersonas = new HashMap<>(); Map<Persona, ArrayList<CentralRepoAccount>> uniquePersonas = new HashMap<>();
CommunicationsManager commManager = Case.getCurrentCase().getSleuthkitCase().getCommunicationsManager(); CommunicationsManager commManager = Case.getCurrentCase().getSleuthkitCase().getCommunicationsManager();
List<Account> contactAccountsList = commManager.getAccountsRelatedToArtifact(artifact); List<Account> contactAccountsList = commManager.getAccountsRelatedToArtifact(artifact);
for (Account account : contactAccountsList) { for (Account account : contactAccountsList) {
if (isCancelled()) { try {
return new HashMap<>(); if (isCancelled()) {
} return new HashMap<>();
}
// make a list of all unique accounts for this contact // make a list of all unique accounts for this contact
if (!account.getAccountType().equals(Account.Type.DEVICE)) { if (!account.getAccountType().equals(Account.Type.DEVICE)) {
Optional<CentralRepoAccount.CentralRepoAccountType> optCrAccountType = CentralRepository.getInstance().getAccountTypeByName(account.getAccountType().getTypeName()); Optional<CentralRepoAccount.CentralRepoAccountType> optCrAccountType = CentralRepository.getInstance().getAccountTypeByName(account.getAccountType().getTypeName());
if (optCrAccountType.isPresent()) { if (optCrAccountType.isPresent()) {
CentralRepoAccount crAccount = CentralRepository.getInstance().getAccount(optCrAccountType.get(), account.getTypeSpecificID()); CentralRepoAccount crAccount = CentralRepository.getInstance().getAccount(optCrAccountType.get(), account.getTypeSpecificID());
if (crAccount != null && uniqueAccountsList.contains(crAccount) == false) { if (crAccount != null && uniqueAccountsList.contains(crAccount) == false) {
uniqueAccountsList.add(crAccount); uniqueAccountsList.add(crAccount);
}
} }
} }
}
Collection<PersonaAccount> personaAccounts = PersonaAccount.getPersonaAccountsForAccount(account); Collection<PersonaAccount> personaAccounts = PersonaAccount.getPersonaAccountsForAccount(account);
if (personaAccounts != null && !personaAccounts.isEmpty()) { if (personaAccounts != null && !personaAccounts.isEmpty()) {
// get personas for the account // get personas for the account
Collection<Persona> personas Collection<Persona> personas
= personaAccounts = personaAccounts
.stream() .stream()
.map(PersonaAccount::getPersona) .map(PersonaAccount::getPersona)
.collect(Collectors.toList()); .collect(Collectors.toList());
// make a list of unique personas, along with all their accounts // make a list of unique personas, along with all their accounts
for (Persona persona : personas) { for (Persona persona : personas) {
if (uniquePersonas.containsKey(persona) == false) { if (uniquePersonas.containsKey(persona) == false) {
Collection<CentralRepoAccount> accounts = persona.getPersonaAccounts() Collection<CentralRepoAccount> accounts = persona.getPersonaAccounts()
.stream() .stream()
.map(PersonaAccount::getAccount) .map(PersonaAccount::getAccount)
.collect(Collectors.toList()); .collect(Collectors.toList());
ArrayList<CentralRepoAccount> personaAccountsList = new ArrayList<>(accounts); ArrayList<CentralRepoAccount> personaAccountsList = new ArrayList<>(accounts);
uniquePersonas.put(persona, personaAccountsList); uniquePersonas.put(persona, personaAccountsList);
}
} }
} }
} catch (InvalidAccountIDException ex) {
// Do nothing, the account has an identifier that not an
// acceptable format for the cr.
} }
} }

2
Core/src/org/sleuthkit/autopsy/contentviewers/layout/ContentViewerHtmlStyles.java
View File

@ -65,7 +65,7 @@ public class ContentViewerHtmlStyles {
INDENTED_CLASSNAME, pxToPt(ContentViewerDefaults.getSectionIndent())) INDENTED_CLASSNAME, pxToPt(ContentViewerDefaults.getSectionIndent()))
+ String.format(" .%s { padding-top: %dpt } ", + String.format(" .%s { padding-top: %dpt } ",
SPACED_SECTION_CLASSNAME, pxToPt(ContentViewerDefaults.getSectionSpacing())) SPACED_SECTION_CLASSNAME, pxToPt(ContentViewerDefaults.getSectionSpacing()))
+ String.format(" .%s { padding-right: %dpt } ", + String.format(" .%s { padding-right: %dpt; white-space: nowrap; } ",
KEY_COLUMN_TD_CLASSNAME, pxToPt(ContentViewerDefaults.getColumnSpacing())); KEY_COLUMN_TD_CLASSNAME, pxToPt(ContentViewerDefaults.getColumnSpacing()));
private static final StyleSheet STYLE_SHEET = new StyleSheet(); private static final StyleSheet STYLE_SHEET = new StyleSheet();

2
Core/test/qa-functional/src/org/sleuthkit/autopsy/centralrepository/datamodel/CentralRepoDatamodelTest.java
View File

@ -1258,7 +1258,7 @@ public class CentralRepoDatamodelTest extends TestCase {
// We expect 11 total - 10 default and the custom one made earlier // We expect 11 total - 10 default and the custom one made earlier
// Note: this test will need to be updated based on the current default items defined in the correlation_types table // Note: this test will need to be updated based on the current default items defined in the correlation_types table
assertTrue("getDefinedCorrelationTypes returned " + types.size() + " entries - expected 28", types.size() == 28); assertTrue("getDefinedCorrelationTypes returned " + types.size() + " entries - expected 30", types.size() == 30);
} catch (CentralRepoException ex) { } catch (CentralRepoException ex) {
Exceptions.printStackTrace(ex); Exceptions.printStackTrace(ex);
Assert.fail(ex.getMessage()); Assert.fail(ex.getMessage());

2
docs/doxygen-user/auto_ingest_setup.dox
View File

@ -44,6 +44,8 @@ The "Advanced Settings" button will bring up the automated ingest job settings.
\image html AutoIngest/advanced_settings.png \image html AutoIngest/advanced_settings.png
The Automated Ingest Pause Setting section lets you configure a weekly time period during which ingest will not run. This is useful if any of your network services has regularly scheduled downtime. Note that ingest isn't immediately stopped at the given "Start Time" - it will run until the current file is processed or the current ingest module is complete. For this reason, we suggest using a lead time of two hours before your system will go down. For example, if the network is not accessible from 4:00 PM to 5:00 PM every Sunday, you should set the start time to 14:00 and the duration to 3 hours (to cover the lead time and the down time).
The Automated Ingest Job Settings section contains the following options: The Automated Ingest Job Settings section contains the following options:
<dl> <dl>
<dt>System synchronization wait time</dt> <dt>System synchronization wait time</dt>

BIN
docs/doxygen-user/images/AutoIngest/advanced_settings.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 28 KiB

After

Width:  |  Height:  |  Size: 158 KiB