diff --git a/bindings/java/src/org/sleuthkit/datamodel/OsAccountManager.java b/bindings/java/src/org/sleuthkit/datamodel/OsAccountManager.java
index 89f3789fa537156439006da6127be09e904dcd80..6b2c74ea5783aac8d7b98f7e458c55b116f923b2 100755
--- a/bindings/java/src/org/sleuthkit/datamodel/OsAccountManager.java
+++ b/bindings/java/src/org/sleuthkit/datamodel/OsAccountManager.java
@@ -333,7 +333,7 @@ public OsAccount newWindowsOsAccount(String sid, String loginName, OsAccountReal
}
}
- /**
+ /**
* Creates a local OS account with Linux-specific data. If an account already
* exists with the given id or realm/login, then the existing OS account is
* returned.
@@ -505,7 +505,7 @@ private Optional<OsAccount> getOsAccountByAddr(String uniqueId, Host host, CaseD
String queryString = "SELECT accounts.os_account_obj_id as os_account_obj_id, accounts.login_name, accounts.full_name, "
+ " accounts.realm_id, accounts.addr, accounts.signature, "
- + " accounts.type, accounts.status, accounts.admin, accounts.created_date, accounts.db_status, "
+ + " accounts.type, accounts.status, accounts.created_date, accounts.db_status, "
+ " realms.realm_name as realm_name, realms.realm_addr as realm_addr, realms.realm_signature, realms.scope_host_id, realms.scope_confidence, realms.db_status as realm_db_status "
+ " FROM tsk_os_accounts as accounts"
+ " LEFT JOIN tsk_os_account_realms as realms"
@@ -1855,6 +1855,69 @@ private OsAccountUpdateResult updateCoreWindowsOsAccountAttributes(OsAccount osA
return updateStatus;
}
+ /**
+ * Update the address and/or login name for the specified account in the
+ * database.
+ *
+ * A column is updated only if its current value is null and a non-null
+ * value has been specified.
+ *
+ * @param osAccount OsAccount that needs to be updated in the database.
+ * @param uid Account ID, may be null.
+ * @param loginName Login name, may be null.
+ *
+ * @return OsAccountUpdateResult Account update status, and the updated
+ * account.
+ *
+ * @throws TskCoreException If there is a database error or if the updated
+ * information conflicts with an existing account.
+ */
+ public OsAccountUpdateResult updateCoreLocalLinuxOsAccountAttributes(OsAccount osAccount, String uid, String loginName) throws TskCoreException {
+ CaseDbTransaction trans = db.beginTransaction();
+ try {
+ OsAccountUpdateResult updateStatus = this.updateCoreLocalLinuxOsAccountAttributes(osAccount, uid, loginName, trans);
+
+ trans.commit();
+ trans = null;
+ return updateStatus;
+ } finally {
+ if (trans != null) {
+ trans.rollback();
+ }
+ }
+ }
+
+ /**
+ * Update the address and/or login name for the specified account in the
+ * database.
+ *
+ * A column is updated only if it's current value is null and a non-null
+ * value has been specified.
+ *
+ * @param osAccount OsAccount that needs to be updated in the database.
+ * @param uid Account ID, may be null.
+ * @param loginName Login name, may be null.
+ *
+ * @return OsAccountUpdateResult Account update status, and the updated
+ * account.
+ *
+ * @throws TskCoreException If there is a database error or if the updated
+ * information conflicts with an existing account.
+ */
+ private OsAccountUpdateResult updateCoreLocalLinuxOsAccountAttributes(OsAccount osAccount, String uid, String loginName, CaseDbTransaction trans) throws TskCoreException {
+
+ // Update the account core data
+ OsAccountUpdateResult updateStatus = this.updateOsAccountCore(osAccount, uid, loginName, trans);
+
+ Optional<OsAccount> updatedAccount = updateStatus.getUpdatedAccount();
+ if (updatedAccount.isPresent()) {
+ // After updating account data, check if there is matching account to merge
+ mergeOsAccount(updatedAccount.get(), trans);
+ }
+
+ return updateStatus;
+ }
+
/**
* Update the address and/or login name for the specified account in the
* database.
@@ -1911,7 +1974,32 @@ private OsAccountUpdateResult updateOsAccountCore(OsAccount osAccount, String ad
String newLoginName = currAccount.getLoginName().orElse(null);
String newSignature = getOsAccountSignature(newAddress, newLoginName);
- updateAccountSignature(osAccount.getId(), newSignature, connection);
+
+ try {
+ updateAccountSignature(osAccount.getId(), newSignature, connection);
+ } catch (SQLException ex) {
+ // There's a slight chance that we're in the case where we are trying to add an addr to an OS account
+ // with only a name where the addr already exists on a different OS account. This will cause a unique
+ // constraint failure in updateAccountSignature(). This is unlikely to happen in normal use
+ // since we lookup OS accounts by addr before name when we have both (i.e., it would be strange to have an
+ // OsAccount in hand with only the loginName set when we also know the addr).
+ // Correctly handling every case here is non-trivial, so for the moment only look for the specific case where
+ // we had an OsAccount with just an addr and and OsAccount with just a login name that we now
+ // want to combine.
+ if (osAccount.getAddr().isEmpty() && !StringUtils.isBlank(address)) {
+ OsAccountRealm realm = db.getOsAccountRealmManager().getRealmByRealmId(osAccount.getRealmId(), connection);
+ Optional<OsAccount> matchingAddrAcct = getOsAccountByAddr(address, realm.getScopeHost().get(), connection);
+ if (matchingAddrAcct.isEmpty()
+ || matchingAddrAcct.get().getId() == osAccount.getId()
+ || matchingAddrAcct.get().getLoginName().isPresent()) {
+ throw ex; // Rethrow the original error
+ }
+
+ // What we should have is osAccount with just a loginName and matchingAddrAcct with
+ // just an address, so merge them.
+ mergeOsAccounts(matchingAddrAcct.get(), osAccount, trans);
+ }
+ }
// get the updated account from database
updatedAccount = getOsAccountByObjectId(osAccount.getId(), connection);
@@ -1921,7 +2009,7 @@ private OsAccountUpdateResult updateOsAccountCore(OsAccount osAccount, String ad
return new OsAccountUpdateResult(updateStatusCode, updatedAccount);
- } catch (SQLException ex) {
+ } catch (SQLException ex) {
throw new TskCoreException(String.format("Error updating account with unique id = %s, account id = %d", osAccount.getAddr().orElse("Unknown"), osAccount.getId()), ex);
}
}
diff --git a/bindings/java/test/org/sleuthkit/datamodel/OsAccountTest.java b/bindings/java/test/org/sleuthkit/datamodel/OsAccountTest.java
index b18826c9b745bdaad566dd51e4270b7be1dc0bcb..d086cd9feb642c8999624a156c511d976dfc36f9 100644
--- a/bindings/java/test/org/sleuthkit/datamodel/OsAccountTest.java
+++ b/bindings/java/test/org/sleuthkit/datamodel/OsAccountTest.java
@@ -770,6 +770,80 @@ public void basicOsAccountTests() throws TskCoreException, OsAccountManager.NotU
}
+ @Test
+ public void basicLinuxOsAccountTests() throws TskCoreException {
+
+ try {
+ String hostname1 = "linuxTestHost";
+ Host host1 = caseDB.getHostManager().newHost(hostname1);
+
+ // Create an account with uid and username
+ String uid1 = "501";
+ String loginName1 = "user1";
+
+ OsAccount osAccount1 = caseDB.getOsAccountManager().newLocalLinuxOsAccount(uid1, loginName1, host1);
+ assertEquals(osAccount1.getAddr().orElse("").equalsIgnoreCase(uid1), true);
+ assertEquals(osAccount1.getLoginName().orElse("").equalsIgnoreCase(loginName1), true);
+
+ Optional<OsAccount> osAccount1loadWithUID = caseDB.getOsAccountManager().getLocalLinuxOsAccount(uid1, null, host1);
+ assertEquals(osAccount1loadWithUID.isPresent(), true);
+ assertEquals(osAccount1loadWithUID.get().getAddr().orElse("").equalsIgnoreCase(uid1), true);
+ assertEquals(osAccount1loadWithUID.get().getLoginName().orElse("").equalsIgnoreCase(loginName1), true);
+
+ // Create an account with only a UID then update it
+ String uid2 = "502";
+ String loginName2 = "user2";
+
+ OsAccount osAccount2 = caseDB.getOsAccountManager().newLocalLinuxOsAccount(uid2, null, host1);
+ assertEquals(osAccount2.getAddr().orElse("").equalsIgnoreCase(uid2), true);
+ assertEquals(osAccount2.getLoginName().isEmpty(), true);
+
+ OsAccountManager.OsAccountUpdateResult updateResult = caseDB.getOsAccountManager()
+ .updateCoreLocalLinuxOsAccountAttributes(osAccount2, uid2, loginName2);
+ Optional<OsAccount> oOsAccount2Updated = updateResult.getUpdatedAccount();
+
+ assertEquals(updateResult.getUpdateStatusCode().equals(OsAccountManager.OsAccountUpdateStatus.UPDATED), true);
+ assertEquals(oOsAccount2Updated.isPresent(), true);
+ assertEquals(oOsAccount2Updated.get().getAddr().orElse("").equalsIgnoreCase(uid2), true);
+ assertEquals(oOsAccount2Updated.get().getLoginName().orElse("").equalsIgnoreCase(loginName2), true);
+
+ // Test unusual merge case (unusual because we're updating the account with the name, not the UID)
+ String uid3 = "503";
+ String loginName3 = "user3";
+
+ OsAccount osAccount3uidOnly = caseDB.getOsAccountManager().newLocalLinuxOsAccount(uid3, null, host1);
+ OsAccount osAccount3nameOnly = caseDB.getOsAccountManager().newLocalLinuxOsAccount(null, loginName3, host1);
+
+ updateResult = caseDB.getOsAccountManager()
+ .updateCoreLocalLinuxOsAccountAttributes(osAccount3nameOnly, uid3, loginName3);
+ Optional<OsAccount> oOsAccount3Updated = updateResult.getUpdatedAccount();
+
+ assertEquals(updateResult.getUpdateStatusCode().equals(OsAccountManager.OsAccountUpdateStatus.UPDATED), true);
+ assertEquals(oOsAccount3Updated.isPresent(), true);
+ assertEquals(oOsAccount3Updated.get().getAddr().orElse("").equalsIgnoreCase(uid3), true);
+ assertEquals(oOsAccount3Updated.get().getLoginName().orElse("").equalsIgnoreCase(loginName3), true);
+
+ // Test normal merge case
+ String uid4 = "504";
+ String loginName4 = "user4";
+
+ OsAccount osAccount4uidOnly = caseDB.getOsAccountManager().newLocalLinuxOsAccount(uid4, null, host1);
+ OsAccount osAccount4nameOnly = caseDB.getOsAccountManager().newLocalLinuxOsAccount(null, loginName4, host1);
+
+ updateResult = caseDB.getOsAccountManager()
+ .updateCoreLocalLinuxOsAccountAttributes(osAccount4uidOnly, uid4, loginName4);
+ Optional<OsAccount> oOsAccount4Updated = updateResult.getUpdatedAccount();
+
+ assertEquals(updateResult.getUpdateStatusCode().equals(OsAccountManager.OsAccountUpdateStatus.UPDATED), true);
+ assertEquals(oOsAccount4Updated.isPresent(), true);
+ assertEquals(oOsAccount4Updated.get().getAddr().orElse("").equalsIgnoreCase(uid4), true);
+ assertEquals(oOsAccount4Updated.get().getLoginName().orElse("").equalsIgnoreCase(loginName4), true);
+
+ } finally {
+
+ }
+
+ }
@Test
public void windowsSpecialAccountTests() throws TskCoreException, OsAccountManager.NotUserSIDException {