mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-15 09:17:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

cleanup

Browse Source
This commit is contained in:
Greg DiCristofaro 2021-04-30 12:49:16 -04:00
parent a99fbc7bd2
commit ff946979a1
14 changed files with 44 additions and 293 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Core/src/org/sleuthkit/autopsy/datamodel/AnalysisResults.java
View File

@ -1,7 +1,7 @@
/*
* Autopsy Forensic Browser
*
* Copyright 2011 Basis Technology Corp.
* Copyright 2021 Basis Technology Corp.
* Contact: carrier <at> sleuthkit <dot> org
*
* Licensed under the Apache License, Version 2.0 (the "License");
@ -19,7 +19,7 @@
package org.sleuthkit.autopsy.datamodel;
/**
* Analysis Results node support
* Analysis Results node support.
*/
public class AnalysisResults implements AutopsyVisitableItem {

14
Core/src/org/sleuthkit/autopsy/datamodel/AutopsyItemVisitor.java
View File

@ -53,8 +53,6 @@ public interface AutopsyItemVisitor<T> {
T visit(FileSize.FileSizeFilter fsf);
T visit(ExtractedContent ec);
T visit(KeywordHits kh);
T visit(HashsetHits hh);
@ -63,8 +61,6 @@ public interface AutopsyItemVisitor<T> {
T visit(InterestingHits ih);
T visit(Results r);
T visit(Tags tagsNodeKey);
T visit(Reports reportsItem);
@ -94,11 +90,6 @@ public interface AutopsyItemVisitor<T> {
protected abstract T defaultVisit(AutopsyVisitableItem ec);
@Override
public T visit(ExtractedContent ec) {
return defaultVisit(ec);
}
@Override
public T visit(FileTypesByExtension sf) {
return defaultVisit(sf);
@ -204,11 +195,6 @@ public interface AutopsyItemVisitor<T> {
return defaultVisit(personGrouping);
}
@Override
public T visit(Results r) {
return defaultVisit(r);
}
@Override
public T visit(FileTypes ft) {
return defaultVisit(ft);

7
Core/src/org/sleuthkit/autopsy/datamodel/AutopsyTreeChildFactory.java
View File

@ -92,7 +92,6 @@ public final class AutopsyTreeChildFactory extends ChildFactory.Detachable<Objec
* Creates keys for the top level children.
*
* @param list list of keys created
*
* @return true, indicating that the key list is complete
*/
@Override
@ -112,16 +111,16 @@ public final class AutopsyTreeChildFactory extends ChildFactory.Detachable<Objec
if (CollectionUtils.isNotEmpty(personManager.getHostsForPerson(null))) {
list.add(new PersonGrouping(null));
}
return true;
} else {
// otherwise, just show host level
tskCase.getHostManager().getAllHosts().stream()
.map(HostGrouping::new)
.sorted()
.forEach(list::add);
return true;
}
list.add(new Reports());
return true;
} else {
// data source by type view
List<AutopsyVisitableItem> keys = new ArrayList<>(Arrays.asList(

4
Core/src/org/sleuthkit/autopsy/datamodel/DataArtifacts.java
View File

@ -1,7 +1,7 @@
/*
* Autopsy Forensic Browser
*
* Copyright 2011 Basis Technology Corp.
* Copyright 2021 Basis Technology Corp.
* Contact: carrier <at> sleuthkit <dot> org
*
* Licensed under the Apache License, Version 2.0 (the "License");
@ -19,7 +19,7 @@
package org.sleuthkit.autopsy.datamodel;
/**
* Analysis Results node support
* Analysis Results node support.
*/
public class DataArtifacts implements AutopsyVisitableItem {

10
Core/src/org/sleuthkit/autopsy/datamodel/DisplayableItemNodeVisitor.java
View File

@ -88,11 +88,6 @@ public interface DisplayableItemNodeVisitor<T> {
T visit(RecentFilesFilterNode rffn);
/*
* Extracted Results Area
*/
T visit(ResultsNode rn);
T visit(BlackboardArtifactNode ban);
T visit(ExtractedContent.TypeNode atn);
@ -405,11 +400,6 @@ public interface DisplayableItemNodeVisitor<T> {
return defaultVisit(dataSourceGroupingNode);
}
@Override
public T visit(ResultsNode rn) {
return defaultVisit(rn);
}
@Override
public T visit(FileTypesNode ft) {
return defaultVisit(ft);

20
Core/src/org/sleuthkit/autopsy/datamodel/EmailExtracted.java
View File

@ -160,15 +160,15 @@ public class EmailExtracted implements AutopsyVisitableItem {
int emailArtifactId = BlackboardArtifact.ARTIFACT_TYPE.TSK_EMAIL_MSG.getTypeID();
int pathAttrId = BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PATH.getTypeID();
String query = "SELECT \n" +
" art.artifact_id AS artifact_id,\n" +
" (SELECT value_text FROM blackboard_attributes attr\n" +
" WHERE attr.artifact_id = art.artifact_id AND attr.attribute_type_id = " + pathAttrId + "\n" +
" LIMIT 1) AS value_text\n" +
"FROM \n" +
" blackboard_artifacts art\n" +
" WHERE art.artifact_type_id = " + emailArtifactId + "\n" +
((filteringDSObjId > 0) ? " AND art.data_source_obj_id = " + filteringDSObjId : "");
String query = "SELECT \n"
+ " art.artifact_id AS artifact_id,\n"
+ " (SELECT value_text FROM blackboard_attributes attr\n"
+ " WHERE attr.artifact_id = art.artifact_id AND attr.attribute_type_id = " + pathAttrId + "\n"
+ " LIMIT 1) AS value_text\n"
+ "FROM \n"
+ " blackboard_artifacts art\n"
+ " WHERE art.artifact_type_id = " + emailArtifactId + "\n"
+ ((filteringDSObjId > 0) ? " AND art.data_source_obj_id = " + filteringDSObjId : "");
// form hierarchy of account -> folder -> account id
Map<String, Map<String, List<Long>>> newMapping = new HashMap<>();
@ -189,7 +189,6 @@ public class EmailExtracted implements AutopsyVisitableItem {
logger.log(Level.WARNING, "Cannot initialize email extraction: ", ex); //NON-NLS
}
synchronized (accounts) {
accounts.clear();
accounts.putAll(newMapping);
@ -200,7 +199,6 @@ public class EmailExtracted implements AutopsyVisitableItem {
}
}
/**
* Mail root node grouping all mail accounts, supports account-> folder
* structure

66
Core/src/org/sleuthkit/autopsy/datamodel/ExtractedContent.java
View File

@ -20,11 +20,9 @@ package org.sleuthkit.autopsy.datamodel;
import java.beans.PropertyChangeEvent;
import java.beans.PropertyChangeListener;
import java.util.Collection;
import java.util.Collections;
import java.util.EnumSet;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.logging.Level;
@ -66,61 +64,9 @@ import static org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWO
* Parent of the "extracted content" artifacts to be displayed in the tree.
* Other artifacts are displayed under other more specific parents.
*/
public class ExtractedContent implements AutopsyVisitableItem {
public class ExtractedContent {
private static final Set<IngestManager.IngestJobEvent> INGEST_JOB_EVENTS_OF_INTEREST = EnumSet.of(IngestManager.IngestJobEvent.COMPLETED, IngestManager.IngestJobEvent.CANCELLED);
public static final String NAME = NbBundle.getMessage(RootNode.class, "ExtractedContentNode.name.text");
private static final Category DEFAULT_CATEGORY = Category.DATA_ARTIFACT;
private final long filteringDSObjId; // 0 if not filtering/grouping by data source
private SleuthkitCase skCase; // set to null after case has been closed
private final Category category;
/**
* Constructs extracted content object
*
* @param skCase Case DB
*/
public ExtractedContent(SleuthkitCase skCase) {
this(skCase, 0, DEFAULT_CATEGORY);
}
public ExtractedContent(SleuthkitCase skCase, Category category) {
this(skCase, 0, DEFAULT_CATEGORY);
}
/**
* Constructs extracted content object
*
* @param skCase Case DB
* @param objId Object id of the parent datasource
*/
public ExtractedContent(SleuthkitCase skCase, long objId) {
this(skCase, objId, DEFAULT_CATEGORY);
}
public ExtractedContent(SleuthkitCase skCase, long dataSourceObjId, Category category) {
this.skCase = skCase;
this.filteringDSObjId = dataSourceObjId;
this.category = category;
}
@Override
public <T> T accept(AutopsyItemVisitor<T> visitor) {
return visitor.visit(this);
}
public SleuthkitCase getSleuthkitCase() {
return skCase;
}
long getFilteringDSObjId() {
return filteringDSObjId;
}
Category getCategory() {
return category;
}
@Messages({
"AnalysisResultsNode_name=Analysis Results",})
@ -177,7 +123,7 @@ public class ExtractedContent implements AutopsyVisitableItem {
sheetSet.put(new NodeProperty<>(NbBundle.getMessage(this.getClass(), "ExtractedContentNode.createSheet.name.name"),
NbBundle.getMessage(this.getClass(), "ExtractedContentNode.createSheet.name.displayName"),
NbBundle.getMessage(this.getClass(), "ExtractedContentNode.createSheet.name.desc"),
NAME));
super.getDisplayName()));
return sheet;
}
@ -211,11 +157,11 @@ public class ExtractedContent implements AutopsyVisitableItem {
this(new TypeNode(type, dsObjId), type);
}
private TypeNodeRecord(UpdatableTypeCountNode typeNode, BlackboardArtifact.Type...types) {
private TypeNodeRecord(UpdatableTypeCountNode typeNode, BlackboardArtifact.Type... types) {
this(typeNode, typeNode::updateDisplayName, types);
}
TypeNodeRecord(Node node, Runnable onUpdate, BlackboardArtifact.Type...types) {
TypeNodeRecord(Node node, Runnable onUpdate, BlackboardArtifact.Type... types) {
this.node = node;
this.onUpdate = onUpdate;
this.applicableTypes = Stream.of(types)
@ -273,8 +219,8 @@ public class ExtractedContent implements AutopsyVisitableItem {
KeywordHits.RootNode keywordsNode = new KeywordHits(skCase, dsObjId).new RootNode();
return new TypeNodeRecord(keywordsNode, new BlackboardArtifact.Type(TSK_KEYWORD_HIT));
} else if (TSK_INTERESTING_ARTIFACT_HIT.getTypeID() == typeId ||
TSK_INTERESTING_FILE_HIT.getTypeID() == typeId) {
} else if (TSK_INTERESTING_ARTIFACT_HIT.getTypeID() == typeId
|| TSK_INTERESTING_FILE_HIT.getTypeID() == typeId) {
InterestingHits.RootNode interestingHitsNode = new InterestingHits(skCase, dsObjId).new RootNode();
return new TypeNodeRecord(interestingHitsNode,

3
Core/src/org/sleuthkit/autopsy/datamodel/HashsetHits.java
View File

@ -48,14 +48,12 @@ import org.sleuthkit.autopsy.ingest.ModuleDataEvent;
import org.sleuthkit.datamodel.BlackboardArtifact;
import org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE;
import static org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT;
import static org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT;
import org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE;
import org.sleuthkit.datamodel.SleuthkitCase;
import org.sleuthkit.datamodel.SleuthkitCase.CaseDbQuery;
import org.sleuthkit.datamodel.TskCoreException;
import org.sleuthkit.autopsy.datamodel.ExtractedContent.UpdatableTypeCountNode;
/**
* Hash set hits node support. Inner classes have all of the nodes in the tree.
*/
@ -70,7 +68,6 @@ public class HashsetHits implements AutopsyVisitableItem {
private final HashsetResults hashsetResults;
private final long filteringDSObjId; // 0 if not filtering/grouping by data source
/**
* Constructor
*

12
Core/src/org/sleuthkit/autopsy/datamodel/InterestingHits.java
View File

@ -51,8 +51,6 @@ import org.sleuthkit.datamodel.SleuthkitCase;
import org.sleuthkit.datamodel.SleuthkitCase.CaseDbQuery;
import org.sleuthkit.datamodel.TskCoreException;
import org.sleuthkit.autopsy.datamodel.ExtractedContent.UpdatableTypeCountNode;
import static org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT;
public class InterestingHits implements AutopsyVisitableItem {
@ -407,8 +405,8 @@ public class InterestingHits implements AutopsyVisitableItem {
this.typeName = typeName;
this.setName = setName;
/**
* We use the combination of setName and typeName as the name of
* the node to ensure that nodes have a unique name. This comes into
* We use the combination of setName and typeName as the name of the
* node to ensure that nodes have a unique name. This comes into
* play when associating paging state with the node.
*/
super.setName(setName + "_" + typeName);
@ -469,9 +467,9 @@ public class InterestingHits implements AutopsyVisitableItem {
private HitFactory(String setName, String typeName) {
/**
* The node name passed to the parent constructor must be the
* same as the name set in the InterestingItemTypeNode constructor,
* i.e. setName underscore typeName
* The node name passed to the parent constructor must be the same
* as the name set in the InterestingItemTypeNode constructor, i.e.
* setName underscore typeName
*/
super(setName + "_" + typeName);
this.setName = setName;

52
Core/src/org/sleuthkit/autopsy/datamodel/Results.java
View File

@ -1,52 +0,0 @@
/*
* Autopsy Forensic Browser
*
* Copyright 2011 Basis Technology Corp.
* Contact: carrier <at> sleuthkit <dot> org
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.sleuthkit.autopsy.datamodel;
import org.sleuthkit.datamodel.SleuthkitCase;
/**
* Results node support
*/
public class Results implements AutopsyVisitableItem {
private SleuthkitCase skCase;
private final long datasourceObjId;
public Results(SleuthkitCase skCase) {
this(skCase, 0);
}
public Results(SleuthkitCase skCase, long dsObjId) {
this.skCase = skCase;
this.datasourceObjId = dsObjId;
}
@Override
public <T> T accept(AutopsyItemVisitor<T> visitor) {
return visitor.visit(this);
}
public SleuthkitCase getSleuthkitCase() {
return skCase;
}
long filteringDataSourceObjId() {
return datasourceObjId;
}
}

97
Core/src/org/sleuthkit/autopsy/datamodel/ResultsNode.java
View File

@ -1,97 +0,0 @@
/*
* Autopsy Forensic Browser
*
* Copyright 2011-2018 Basis Technology Corp.
* Contact: carrier <at> sleuthkit <dot> org
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.sleuthkit.autopsy.datamodel;
import org.sleuthkit.autopsy.datamodel.accounts.Accounts;
import java.util.Arrays;
import org.openide.nodes.Sheet;
import org.openide.util.NbBundle;
import org.openide.util.lookup.Lookups;
import org.sleuthkit.datamodel.SleuthkitCase;
/**
* Node for the results section of the tree.
*/
public class ResultsNode extends DisplayableItemNode {
@NbBundle.Messages("ResultsNode.name.text=Results")
private static final String NAME = Bundle.ResultsNode_name_text();
public static String getNameIdentifier() {
return NAME;
}
public ResultsNode(SleuthkitCase sleuthkitCase) {
this(sleuthkitCase, 0);
}
public ResultsNode(SleuthkitCase sleuthkitCase, long dsObjId) {
super(
new RootContentChildren(Arrays.asList(
new ExtractedContent(sleuthkitCase, dsObjId ),
new KeywordHits(sleuthkitCase, dsObjId),
new HashsetHits(sleuthkitCase, dsObjId),
new EmailExtracted(sleuthkitCase, dsObjId),
new InterestingHits(sleuthkitCase, dsObjId ),
new Accounts(sleuthkitCase, dsObjId),
new OsAccounts(sleuthkitCase, dsObjId))
),
Lookups.singleton(NAME));
setName(NAME);
setDisplayName(NAME);
this.setIconBaseWithExtension("org/sleuthkit/autopsy/images/results.png"); //NON-NLS
}
@Override
public boolean isLeafTypeNode() {
return false;
}
@Override
public <T> T accept(DisplayableItemNodeVisitor<T> visitor) {
return visitor.visit(this);
}
@Override
@NbBundle.Messages({
"ResultsNode.createSheet.name.name=Name",
"ResultsNode.createSheet.name.displayName=Name",
"ResultsNode.createSheet.name.desc=no description"})
protected Sheet createSheet() {
Sheet sheet = super.createSheet();
Sheet.Set sheetSet = sheet.get(Sheet.PROPERTIES);
if (sheetSet == null) {
sheetSet = Sheet.createPropertiesSet();
sheet.put(sheetSet);
}
sheetSet.put(new NodeProperty<>(Bundle.ResultsNode_createSheet_name_name(),
Bundle.ResultsNode_createSheet_name_displayName(),
Bundle.ResultsNode_createSheet_name_desc(),
NAME
));
return sheet;
}
@Override
public String getItemType() {
return getClass().getName();
}
}

13
Core/src/org/sleuthkit/autopsy/datamodel/RootContentChildren.java
View File

@ -25,8 +25,6 @@ import org.openide.nodes.Children;
import org.openide.nodes.Node;
import org.openide.util.NbBundle;
import org.sleuthkit.autopsy.datamodel.accounts.Accounts;
import org.sleuthkit.datamodel.BlackboardArtifact;
import org.sleuthkit.datamodel.BlackboardArtifact.Category;
import org.sleuthkit.datamodel.SleuthkitVisitableItem;
/**
@ -84,12 +82,6 @@ public class RootContentChildren extends Children.Keys<Object> {
* Set Hits, etc.).
*/
static class CreateAutopsyNodeVisitor extends AutopsyItemVisitor.Default<AbstractNode> {
@Override
public ExtractedContent.RootNode visit(ExtractedContent ec) {
return new ExtractedContent.DataArtifactsNode(0);
}
@Override
public AbstractNode visit(FileTypesByExtension sf) {
return sf.new FileTypesByExtNode(sf.getSleuthkitCase(), null);
@ -150,11 +142,6 @@ public class RootContentChildren extends Children.Keys<Object> {
return new ViewsNode(v.getSleuthkitCase(), v.filteringDataSourceObjId());
}
@Override
public AbstractNode visit(Results results) {
return new ResultsNode(results.getSleuthkitCase(), results.filteringDataSourceObjId());
}
@Override
public AbstractNode visit(FileTypes ft) {
return ft.new FileTypesNode();

1
Core/src/org/sleuthkit/autopsy/datamodel/accounts/Accounts.java
View File

@ -69,7 +69,6 @@ import org.sleuthkit.autopsy.datamodel.CreditCards;
import org.sleuthkit.autopsy.datamodel.DataModelActionsFactory;
import org.sleuthkit.autopsy.datamodel.DisplayableItemNode;
import org.sleuthkit.autopsy.datamodel.DisplayableItemNodeVisitor;
import org.sleuthkit.autopsy.datamodel.ExtractedContent;
import org.sleuthkit.autopsy.datamodel.ExtractedContent.UpdatableTypeCountNode;
import org.sleuthkit.autopsy.datamodel.NodeProperty;
import org.sleuthkit.autopsy.directorytree.DirectoryTreeTopComponent;