Merge pull request #1200 from karlmortensen/blackboard_attributes

Blackboard Artifacts
This commit is contained in:
Richard Cordovano 2015-04-17 17:23:02 -04:00
commit d346cb79ef
12 changed files with 38 additions and 33 deletions

View File

@ -149,6 +149,7 @@ CaseOpenAction.msgDlg.fileNotExist.msg=Error\: File does not exist.
CaseOpenAction.msgDlg.fileNotExist.title=Error CaseOpenAction.msgDlg.fileNotExist.title=Error
CaseOpenAction.msgDlg.cantOpenCase.msg=Error\: could not open the case in folder {0}\: {1} CaseOpenAction.msgDlg.cantOpenCase.msg=Error\: could not open the case in folder {0}\: {1}
CaseOpenAction.msgDlg.cantOpenCase.title=Error CaseOpenAction.msgDlg.cantOpenCase.title=Error
CaseCreateAction.msgDlg.cantCreateCase.msg=Cannot create case
CasePropertiesAction.window.title=Case Properties CasePropertiesAction.window.title=Case Properties
CasePropertiesForm.updateCaseName.msgDlg.empty.msg=The caseName cannot be empty. CasePropertiesForm.updateCaseName.msgDlg.empty.msg=The caseName cannot be empty.
CasePropertiesForm.updateCaseName.msgDlg.empty.title=Error CasePropertiesForm.updateCaseName.msgDlg.empty.title=Error

View File

@ -30,8 +30,6 @@
<Component id="rbSingleUserCase" min="-2" max="-2" attributes="0"/> <Component id="rbSingleUserCase" min="-2" max="-2" attributes="0"/>
<EmptySpace type="unrelated" max="-2" attributes="0"/> <EmptySpace type="unrelated" max="-2" attributes="0"/>
<Component id="rbMultiUserCase" min="-2" max="-2" attributes="0"/> <Component id="rbMultiUserCase" min="-2" max="-2" attributes="0"/>
<EmptySpace type="unrelated" max="-2" attributes="0"/>
<Component id="lbBadMultiUserSettings" max="32767" attributes="0"/>
</Group> </Group>
<Component id="jLabel1" alignment="0" min="-2" max="-2" attributes="0"/> <Component id="jLabel1" alignment="0" min="-2" max="-2" attributes="0"/>
<Group type="102" alignment="0" attributes="0"> <Group type="102" alignment="0" attributes="0">
@ -44,7 +42,8 @@
<EmptySpace max="32767" attributes="0"/> <EmptySpace max="32767" attributes="0"/>
<Component id="caseNameTextField" min="-2" pref="296" max="-2" attributes="0"/> <Component id="caseNameTextField" min="-2" pref="296" max="-2" attributes="0"/>
</Group> </Group>
<Component id="caseDirTextField" alignment="0" min="-2" pref="380" max="-2" attributes="1"/> <Component id="caseDirTextField" alignment="0" max="32767" attributes="1"/>
<Component id="lbBadMultiUserSettings" alignment="1" min="-2" pref="372" max="-2" attributes="0"/>
</Group> </Group>
<EmptySpace type="unrelated" max="-2" attributes="0"/> <EmptySpace type="unrelated" max="-2" attributes="0"/>
<Component id="caseDirBrowseButton" min="-2" max="-2" attributes="0"/> <Component id="caseDirBrowseButton" min="-2" max="-2" attributes="0"/>
@ -78,9 +77,10 @@
<Group type="103" groupAlignment="3" attributes="0"> <Group type="103" groupAlignment="3" attributes="0">
<Component id="rbSingleUserCase" alignment="3" min="-2" max="-2" attributes="0"/> <Component id="rbSingleUserCase" alignment="3" min="-2" max="-2" attributes="0"/>
<Component id="rbMultiUserCase" alignment="3" min="-2" max="-2" attributes="0"/> <Component id="rbMultiUserCase" alignment="3" min="-2" max="-2" attributes="0"/>
<Component id="lbBadMultiUserSettings" alignment="3" min="-2" max="-2" attributes="0"/>
</Group> </Group>
<EmptySpace pref="16" max="32767" attributes="0"/> <EmptySpace min="-2" max="-2" attributes="0"/>
<Component id="lbBadMultiUserSettings" min="-2" pref="23" max="-2" attributes="0"/>
<EmptySpace max="32767" attributes="0"/>
</Group> </Group>
</Group> </Group>
</DimensionLayout> </DimensionLayout>

View File

@ -198,9 +198,7 @@ final class NewCaseVisualPanel1 extends JPanel implements DocumentListener {
.addGroup(javax.swing.GroupLayout.Alignment.LEADING, layout.createSequentialGroup() .addGroup(javax.swing.GroupLayout.Alignment.LEADING, layout.createSequentialGroup()
.addComponent(rbSingleUserCase) .addComponent(rbSingleUserCase)
.addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED)
.addComponent(rbMultiUserCase) .addComponent(rbMultiUserCase))
.addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED)
.addComponent(lbBadMultiUserSettings, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE))
.addComponent(jLabel1, javax.swing.GroupLayout.Alignment.LEADING) .addComponent(jLabel1, javax.swing.GroupLayout.Alignment.LEADING)
.addGroup(javax.swing.GroupLayout.Alignment.LEADING, layout.createSequentialGroup() .addGroup(javax.swing.GroupLayout.Alignment.LEADING, layout.createSequentialGroup()
.addComponent(caseDirLabel) .addComponent(caseDirLabel)
@ -210,7 +208,8 @@ final class NewCaseVisualPanel1 extends JPanel implements DocumentListener {
.addComponent(caseNameLabel) .addComponent(caseNameLabel)
.addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)
.addComponent(caseNameTextField, javax.swing.GroupLayout.PREFERRED_SIZE, 296, javax.swing.GroupLayout.PREFERRED_SIZE)) .addComponent(caseNameTextField, javax.swing.GroupLayout.PREFERRED_SIZE, 296, javax.swing.GroupLayout.PREFERRED_SIZE))
.addComponent(caseDirTextField, javax.swing.GroupLayout.Alignment.LEADING, javax.swing.GroupLayout.PREFERRED_SIZE, 380, javax.swing.GroupLayout.PREFERRED_SIZE)) .addComponent(caseDirTextField, javax.swing.GroupLayout.Alignment.LEADING)
.addComponent(lbBadMultiUserSettings, javax.swing.GroupLayout.PREFERRED_SIZE, 372, javax.swing.GroupLayout.PREFERRED_SIZE))
.addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED)
.addComponent(caseDirBrowseButton))) .addComponent(caseDirBrowseButton)))
.addContainerGap(javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)) .addContainerGap(javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE))
@ -236,9 +235,10 @@ final class NewCaseVisualPanel1 extends JPanel implements DocumentListener {
.addGap(18, 18, 18) .addGap(18, 18, 18)
.addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE) .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE)
.addComponent(rbSingleUserCase) .addComponent(rbSingleUserCase)
.addComponent(rbMultiUserCase) .addComponent(rbMultiUserCase))
.addComponent(lbBadMultiUserSettings)) .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
.addContainerGap(16, Short.MAX_VALUE)) .addComponent(lbBadMultiUserSettings, javax.swing.GroupLayout.PREFERRED_SIZE, 23, javax.swing.GroupLayout.PREFERRED_SIZE)
.addContainerGap(javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE))
); );
}// </editor-fold>//GEN-END:initComponents }// </editor-fold>//GEN-END:initComponents

View File

@ -22,12 +22,13 @@ package org.sleuthkit.autopsy.casemodule;
import java.util.HashSet; import java.util.HashSet;
import java.util.Iterator; import java.util.Iterator;
import java.util.Set; import java.util.Set;
import java.util.logging.Level;
import javax.swing.JOptionPane;
import javax.swing.SwingUtilities; import javax.swing.SwingUtilities;
import javax.swing.event.ChangeEvent; import javax.swing.event.ChangeEvent;
import javax.swing.event.ChangeListener; import javax.swing.event.ChangeListener;
import org.openide.WizardDescriptor; import org.openide.WizardDescriptor;
import org.openide.WizardValidationException; import org.openide.WizardValidationException;
import org.openide.util.Exceptions;
import org.openide.util.HelpCtx; import org.openide.util.HelpCtx;
import org.openide.util.NbBundle; import org.openide.util.NbBundle;
import org.sleuthkit.autopsy.casemodule.Case.CaseType; import org.sleuthkit.autopsy.casemodule.Case.CaseType;
@ -174,30 +175,29 @@ class NewCaseWizardPanel2 implements WizardDescriptor.ValidatingPanel<WizardDesc
@Override @Override
public void validate() throws WizardValidationException { public void validate() throws WizardValidationException {
NewCaseVisualPanel2 currentComponent = getComponent(); NewCaseVisualPanel2 currentComponent = getComponent();
final String caseNumber = currentComponent.getCaseNumber(); final String caseNumber = currentComponent.getCaseNumber();
final String examiner = currentComponent.getExaminer(); final String examiner = currentComponent.getExaminer();
try { try {
SwingUtilities.invokeLater(new Runnable(){ SwingUtilities.invokeLater(new Runnable() {
@Override @Override
public void run() { public void run() {
try { try {
Case.create(createdDirectory, caseName, caseNumber, examiner, caseType); Case.create(createdDirectory, caseName, caseNumber, examiner, caseType);
} catch (Exception ex) { } catch (Exception ex) {
Exceptions.printStackTrace(ex); JOptionPane.showMessageDialog(null, NbBundle.getMessage(this.getClass(),
"CaseCreateAction.msgDlg.cantCreateCase.msg")+" "+caseName,
NbBundle.getMessage(this.getClass(),
"CaseOpenAction.msgDlg.cantOpenCase.title"),
JOptionPane.ERROR_MESSAGE);
} }
} }
});
}); } catch (Exception ex) {
//Case.create(createdDirectory, caseName, caseNumber, examiner);
} catch(Exception ex) {
throw new WizardValidationException(this.getComponent(), throw new WizardValidationException(this.getComponent(),
NbBundle.getMessage(this.getClass(), NbBundle.getMessage(this.getClass(), "NewCaseWizardPanel2.validate.errCreateCase.msg"), null);
"NewCaseWizardPanel2.validate.errCreateCase.msg"),
null);
} }
} }
} }

View File

@ -18,7 +18,7 @@ import org.sleuthkit.autopsy.coreutils.Logger;
@OptionsPanelController.TopLevelRegistration( @OptionsPanelController.TopLevelRegistration(
categoryName = "#OptionsCategory_Name_FileExtMismatchOptions", categoryName = "#OptionsCategory_Name_FileExtMismatchOptions",
iconBase = "org/sleuthkit/autopsy/modules/fileextmismatch/options-icon.png", iconBase = "org/sleuthkit/autopsy/modules/fileextmismatch/options-icon.png",
position = 4, position = 5,
keywords = "#OptionsCategory_FileExtMismatch", keywords = "#OptionsCategory_FileExtMismatch",
keywordsCategory = "KeywordSearchOptions") keywordsCategory = "KeywordSearchOptions")
public final class FileExtMismatchOptionsPanelController extends OptionsPanelController { public final class FileExtMismatchOptionsPanelController extends OptionsPanelController {

View File

@ -174,6 +174,9 @@ class FileType {
* @return True or false. * @return True or false.
*/ */
boolean containedIn(final AbstractFile file) { boolean containedIn(final AbstractFile file) {
if(file.getSize() < (offset+signatureBytes.length)) {
return false; /// too small, can't contain this signature
}
try { try {
byte[] buffer = new byte[signatureBytes.length]; byte[] buffer = new byte[signatureBytes.length];
int bytesRead = file.read(buffer, offset, signatureBytes.length); int bytesRead = file.read(buffer, offset, signatureBytes.length);

View File

@ -17,7 +17,7 @@ import org.openide.util.Lookup;
iconBase = "org/sleuthkit/autopsy/modules/filetypeid/user-defined-file-types-settings.png", iconBase = "org/sleuthkit/autopsy/modules/filetypeid/user-defined-file-types-settings.png",
keywords = "#OptionsCategory_Keywords_FileTypeId", keywords = "#OptionsCategory_Keywords_FileTypeId",
keywordsCategory = "FileTypeId", keywordsCategory = "FileTypeId",
position = 5 position = 6
) )
// moved messages to Bundle.properties // moved messages to Bundle.properties
//@org.openide.util.NbBundle.Messages({"OptionsCategory_Name_FileTypeId=FileTypeId", "OptionsCategory_Keywords_FileTypeId=FileTypeId"}) //@org.openide.util.NbBundle.Messages({"OptionsCategory_Name_FileTypeId=FileTypeId", "OptionsCategory_Keywords_FileTypeId=FileTypeId"})

View File

@ -33,7 +33,7 @@ import org.sleuthkit.autopsy.coreutils.Logger;
@OptionsPanelController.TopLevelRegistration( @OptionsPanelController.TopLevelRegistration(
categoryName = "#OptionsCategory_Name_HashDatabase", categoryName = "#OptionsCategory_Name_HashDatabase",
iconBase = "org/sleuthkit/autopsy/modules/hashdatabase/options_icon.png", iconBase = "org/sleuthkit/autopsy/modules/hashdatabase/options_icon.png",
position = 3, position = 4,
keywords = "#OptionsCategory_Keywords_HashDatabase", keywords = "#OptionsCategory_Keywords_HashDatabase",
keywordsCategory = "HashDatabase", keywordsCategory = "HashDatabase",
id = "HashDatabase") id = "HashDatabase")

View File

@ -31,7 +31,7 @@ import org.openide.util.Lookup;
iconBase = "org/sleuthkit/autopsy/images/interesting_item_32x32.png", iconBase = "org/sleuthkit/autopsy/images/interesting_item_32x32.png",
keywords = "#OptionsCategory_Keywords_InterestingItemDefinitions", keywords = "#OptionsCategory_Keywords_InterestingItemDefinitions",
keywordsCategory = "InterestingItemDefinitions", keywordsCategory = "InterestingItemDefinitions",
position = 6 position = 7
) )
public final class InterestingItemDefsOptionsPanelController extends OptionsPanelController { public final class InterestingItemDefsOptionsPanelController extends OptionsPanelController {

View File

@ -31,7 +31,8 @@ import org.openide.util.Lookup;
categoryName = "#OptionsCategory_Name_Options", categoryName = "#OptionsCategory_Name_Options",
iconBase = "org/sleuthkit/autopsy/imagegallery/images/polaroid_48_silhouette.png", iconBase = "org/sleuthkit/autopsy/imagegallery/images/polaroid_48_silhouette.png",
keywords = "#OptionsCategory_Keywords_Options", keywords = "#OptionsCategory_Keywords_Options",
keywordsCategory = "Options" keywordsCategory = "Options",
position = 10
) )
@org.openide.util.NbBundle.Messages({"OptionsCategory_Name_Options=Image / Video Gallery", "OptionsCategory_Keywords_Options=image video gallery category "}) @org.openide.util.NbBundle.Messages({"OptionsCategory_Name_Options=Image / Video Gallery", "OptionsCategory_Keywords_Options=image video gallery category "})
public final class ImageGalleryOptionsPanelController extends OptionsPanelController { public final class ImageGalleryOptionsPanelController extends OptionsPanelController {

View File

@ -32,7 +32,7 @@ import org.sleuthkit.autopsy.coreutils.Logger;
@OptionsPanelController.TopLevelRegistration( @OptionsPanelController.TopLevelRegistration(
categoryName = "#OptionsCategory_Name_KeywordSearchOptions", categoryName = "#OptionsCategory_Name_KeywordSearchOptions",
iconBase = "org/sleuthkit/autopsy/keywordsearch/options-icon.png", iconBase = "org/sleuthkit/autopsy/keywordsearch/options-icon.png",
position = 2, position = 3,
keywords = "#OptionsCategory_Keywords_KeywordSearchOptions", keywords = "#OptionsCategory_Keywords_KeywordSearchOptions",
keywordsCategory = "KeywordSearchOptions") keywordsCategory = "KeywordSearchOptions")
public final class KeywordSearchOptionsPanelController extends OptionsPanelController { public final class KeywordSearchOptionsPanelController extends OptionsPanelController {

View File

@ -273,8 +273,8 @@ class SearchEngineURLQueryAnalyzer extends Extract {
int totalQueries = 0; int totalQueries = 0;
try { try {
//from blackboard_artifacts //from blackboard_artifacts
Collection<BlackboardArtifact> listArtifacts = currentCase.getSleuthkitCase().getMatchingArtifacts("WHERE (`artifact_type_id` = '" + ARTIFACT_TYPE.TSK_WEB_BOOKMARK.getTypeID() //NON-NLS Collection<BlackboardArtifact> listArtifacts = currentCase.getSleuthkitCase().getMatchingArtifacts("WHERE (artifact_type_id = '" + ARTIFACT_TYPE.TSK_WEB_BOOKMARK.getTypeID() //NON-NLS
+ "' OR `artifact_type_id` = '" + ARTIFACT_TYPE.TSK_WEB_HISTORY.getTypeID() + "') "); //List of every 'web_history' and 'bookmark' artifact NON-NLS + "' OR artifact_type_id = '" + ARTIFACT_TYPE.TSK_WEB_HISTORY.getTypeID() + "') "); //List of every 'web_history' and 'bookmark' artifact NON-NLS
logger.log(Level.INFO, "Processing {0} blackboard artifacts.", listArtifacts.size()); //NON-NLS logger.log(Level.INFO, "Processing {0} blackboard artifacts.", listArtifacts.size()); //NON-NLS
for (BlackboardArtifact artifact : listArtifacts) { for (BlackboardArtifact artifact : listArtifacts) {
@ -302,7 +302,7 @@ class SearchEngineURLQueryAnalyzer extends Extract {
SearchEngineURLQueryAnalyzer.SearchEngine se = null; SearchEngineURLQueryAnalyzer.SearchEngine se = null;
//from blackboard_attributes //from blackboard_attributes
Collection<BlackboardAttribute> listAttributes = currentCase.getSleuthkitCase().getMatchingAttributes("Where `artifact_id` = " + artifact.getArtifactID()); //NON-NLS Collection<BlackboardAttribute> listAttributes = currentCase.getSleuthkitCase().getMatchingAttributes("Where artifact_id = " + artifact.getArtifactID()); //NON-NLS
for (BlackboardAttribute attribute : listAttributes) { for (BlackboardAttribute attribute : listAttributes) {
if (attribute.getAttributeTypeID() == BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL.getTypeID()) { if (attribute.getAttributeTypeID() == BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL.getTypeID()) {