worked through queries

Core/src/org/sleuthkit/autopsy/casemodule/datasourcesummary/DataSourceInfoUtilities.java

@@ -37,6 +37,8 @@ import org.sleuthkit.datamodel.BlackboardArtifact;
 import org.sleuthkit.datamodel.TskData;
 import org.sleuthkit.datamodel.BlackboardAttribute;
 import org.sleuthkit.datamodel.DataSource;
+import org.sleuthkit.datamodel.TskData.TSK_DB_FILES_TYPE_ENUM;
+import org.sleuthkit.datamodel.TskData.TSK_FS_META_FLAG_ENUM;
 import org.sleuthkit.datamodel.TskData.TSK_FS_META_TYPE_ENUM;
 
 /**
@@ -62,9 +64,9 @@ final class DataSourceInfoUtilities {
             try {
                 SleuthkitCase skCase = Case.getCurrentCaseThrows().getSleuthkitCase();
                 return skCase.countFilesWhere(
-                        "dir_type<>" + TskData.TSK_FS_NAME_TYPE_ENUM.VIRT_DIR.getValue()
+                        "data_source_obj_id=" + currentDataSource.getId()
+                        + " AND dir_type<>" + TskData.TSK_FS_NAME_TYPE_ENUM.VIRT_DIR.getValue()
                         + " AND name<>''"
-                        + " AND data_source_obj_id=" + currentDataSource.getId()
                         + (StringUtils.isBlank(additionalWhere) ? "" : (" AND " + additionalWhere)));
             } catch (TskCoreException | NoCurrentCaseException ex) {
                 logger.log(Level.WARNING, onError, ex);
@@ -107,6 +109,19 @@ final class DataSourceInfoUtilities {
                 "Unable to get count of files, providing empty results");
     }
 
+    /**
+     * Get count of allocated files in a data source.
+     *
+     * @param currentDataSource The data source.
+     *
+     * @return The count.
+     */
+    static Long getCountOfAllocatedFiles(DataSource currentDataSource) {
+        return getCountOfRegularFiles(currentDataSource,
+                getMetaFlagsContainsStatement(TSK_FS_META_FLAG_ENUM.ALLOC),
+                "Unable to get counts of unallocated files for datasource, providing empty results");
+    }
+
     /**
      * Get count of unallocated files in a data source.
      *
@@ -116,7 +131,8 @@ final class DataSourceInfoUtilities {
      */
     static Long getCountOfUnallocatedFiles(DataSource currentDataSource) {
         return getCountOfRegularFiles(currentDataSource,
-                "dir_flags=" + TskData.TSK_FS_NAME_FLAG_ENUM.UNALLOC.getValue(),
+                getMetaFlagsContainsStatement(TSK_FS_META_FLAG_ENUM.UNALLOC)
+                + " AND type<>" + TSK_DB_FILES_TYPE_ENUM.SLACK.getFileType(),
                 "Unable to get counts of unallocated files for datasource, providing empty results");
     }
 
@@ -129,8 +145,8 @@ final class DataSourceInfoUtilities {
      */
     static Long getCountOfDirectories(DataSource currentDataSource) {
         return getCountOfTskFiles(currentDataSource,
-                "type<>" + TskData.TSK_DB_FILES_TYPE_ENUM.VIRTUAL_DIR.getFileType()
+                "meta_type=" + TskData.TSK_FS_META_TYPE_ENUM.TSK_FS_META_TYPE_DIR.getValue()
-                + " AND meta_type=" + TskData.TSK_FS_META_TYPE_ENUM.TSK_FS_META_TYPE_DIR.getValue(),
+                + " AND type<>" + TskData.TSK_DB_FILES_TYPE_ENUM.VIRTUAL_DIR.getFileType(),
                 "Unable to get count of directories for datasource, providing empty results");
     }
 
@@ -142,8 +158,9 @@ final class DataSourceInfoUtilities {
      * @return The count.
      */
     static Long getCountOfSlackFiles(DataSource currentDataSource) {
-        return getCountOfTskFiles(currentDataSource,
+        return getCountOfRegularFiles(currentDataSource,
-                "type=" + TskData.TSK_DB_FILES_TYPE_ENUM.SLACK.getFileType(),
+                getMetaFlagsContainsStatement(TSK_FS_META_FLAG_ENUM.UNALLOC)
+                + " AND type=" + TskData.TSK_DB_FILES_TYPE_ENUM.SLACK.getFileType(),
                 "Unable to get count of slack files for datasources, providing empty results");
     }
 
@@ -195,9 +212,11 @@ final class DataSourceInfoUtilities {
         final String valueParam = "value";
         final String countParam = "count";
         String query = "SELECT SUM(size) AS " + valueParam + ", COUNT(*) AS " + countParam
-                + " FROM tsk_files WHERE type<>" + TskData.TSK_DB_FILES_TYPE_ENUM.VIRTUAL_DIR.getFileType()
+                + " FROM tsk_files"
+                + " WHERE " + getMetaFlagsContainsStatement(TSK_FS_META_FLAG_ENUM.UNALLOC)
+                + " AND type<>" + TSK_DB_FILES_TYPE_ENUM.SLACK.getFileType()
+                + " AND type<>" + TskData.TSK_DB_FILES_TYPE_ENUM.VIRTUAL_DIR.getFileType()
                 + " AND dir_type<>" + TskData.TSK_FS_NAME_TYPE_ENUM.VIRT_DIR.getValue()
-                + " AND dir_flags=" + TskData.TSK_FS_NAME_FLAG_ENUM.UNALLOC.getValue()
                 + " AND name<>''"
                 + " AND data_source_obj_id=" + currentDataSource.getId();
 
@@ -400,11 +419,12 @@ final class DataSourceInfoUtilities {
      */
     static Map<Long, Long> getCountsOfFiles() {
         try {
-            final String countFilesQuery = "data_source_obj_id, COUNT(*) AS value"
+            final String countFilesQuery = "data_source_obj_id, COUNT(*) AS value FROM tsk_files"
-                    + " FROM tsk_files WHERE type<>" + TskData.TSK_DB_FILES_TYPE_ENUM.VIRTUAL_DIR.getFileType()
+                    + " WHERE meta_type=" + TSK_FS_META_TYPE_ENUM.TSK_FS_META_TYPE_REG.getValue()
-                    + "AND meta_type=" + TSK_FS_META_TYPE_ENUM.TSK_FS_META_TYPE_REG.getValue()
+                    + " AND type<>" + TskData.TSK_DB_FILES_TYPE_ENUM.VIRTUAL_DIR.getFileType()
                     + " AND dir_type<>" + TskData.TSK_FS_NAME_TYPE_ENUM.VIRT_DIR.getValue()
-                    + " AND name<>'' GROUP BY data_source_obj_id"; //NON-NLS
+                    + " AND name<>''"
+                    + " GROUP BY data_source_obj_id"; //NON-NLS
             return getValuesMap(countFilesQuery);
         } catch (TskCoreException | NoCurrentCaseException ex) {
             logger.log(Level.WARNING, "Unable to get counts of files for all datasources, providing empty results", ex);
@@ -536,6 +556,18 @@ final class DataSourceInfoUtilities {
         return String.format("(%s) ", commaSeparatedQuoted);
     }
 
+    /**
+     * Creates sql where clause that does a bitwise check to see if flag is
+     * present.
+     *
+     * @param flag The flag for which to check.
+     *
+     * @return The clause.
+     */
+    private static String getMetaFlagsContainsStatement(TSK_FS_META_FLAG_ENUM flag) {
+        return "meta_flags & " + flag.getValue() + " > 0";
+    }
+
     /**
      * Helper method to execute a select query with a
      * DataSourceSingleValueCallback.

Core/src/org/sleuthkit/autopsy/casemodule/datasourcesummary/DataSourceSummaryCountsPanel.form

@@ -39,9 +39,6 @@
             <Property name="minimumSize" type="java.awt.Dimension" editor="org.netbeans.beaninfo.editors.DimensionEditor">
               <Dimension value="[840, 320]"/>
             </Property>
-            <Property name="preferredSize" type="java.awt.Dimension" editor="org.netbeans.beaninfo.editors.DimensionEditor">
-              <Dimension value="null"/>
-            </Property>
           </Properties>
           <AuxValues>
             <AuxValue name="JavaCodeGenerator_VariableLocal" type="java.lang.Boolean" value="true"/>

Core/src/org/sleuthkit/autopsy/casemodule/datasourcesummary/DataSourceSummaryCountsPanel.java

@@ -78,7 +78,6 @@ class DataSourceSummaryCountsPanel extends javax.swing.JPanel {
         setDataSource(null);
     }
 
-
     /**
      * The datasource currently used as the model in this panel.
      *
@@ -138,7 +137,7 @@ class DataSourceSummaryCountsPanel extends javax.swing.JPanel {
     private static Object[][] getFileCategoryModel(DataSource selectedDataSource) {
         Long fileCount = zeroIfNull(DataSourceInfoUtilities.getCountOfFiles(selectedDataSource));
         Long unallocatedFiles = zeroIfNull(DataSourceInfoUtilities.getCountOfUnallocatedFiles(selectedDataSource));
-        Long allocatedFiles = zeroIfNull(getAllocatedCount(fileCount, unallocatedFiles));
+        Long allocatedFiles = zeroIfNull(DataSourceInfoUtilities.getCountOfAllocatedFiles(selectedDataSource));
         Long slackFiles = zeroIfNull(DataSourceInfoUtilities.getCountOfSlackFiles(selectedDataSource));
         Long directories = zeroIfNull(DataSourceInfoUtilities.getCountOfDirectories(selectedDataSource));
 
@@ -162,24 +161,6 @@ class DataSourceSummaryCountsPanel extends javax.swing.JPanel {
         return origValue == null ? 0 : origValue;
     }
 
-    /**
-     * Safely gets the allocated files count.
-     *
-     * @param allFilesCount         The count of all files.
-     * @param unallocatedFilesCount The count of unallocated files.
-     *
-     * @return The count of allocated files.
-     */
-    private static long getAllocatedCount(Long allFilesCount, Long unallocatedFilesCount) {
-        if (allFilesCount == null) {
-            return 0;
-        } else if (unallocatedFilesCount == null) {
-            return allFilesCount;
-        } else {
-            return allFilesCount - unallocatedFilesCount;
-        }
-    }
-
     /**
      * The counts of different artifact types found in a DataSource.
      *