Skip to content
Snippets Groups Projects
Unverified Commit 9162196c authored by Richard Cordovano's avatar Richard Cordovano Committed by GitHub
Browse files

Merge pull request #2166 from jayaramcs/develop

add ownerUid, osAccountObjId to addFileSystemFile long-form api
parents 0cb63ed2 69f10ba8
No related branches found
No related tags found
No related merge requests found
...@@ -6797,6 +6797,7 @@ public FsContent addFileSystemFile(long dataSourceObjId, long fsObjId, ...@@ -6797,6 +6797,7 @@ public FsContent addFileSystemFile(long dataSourceObjId, long fsObjId,
FsContent fileSystemFile = addFileSystemFile(dataSourceObjId, fsObjId, fileName, FsContent fileSystemFile = addFileSystemFile(dataSourceObjId, fsObjId, fileName,
metaAddr, metaSeq, attrType, attrId, dirFlag, metaFlags, size, metaAddr, metaSeq, attrType, attrId, dirFlag, metaFlags, size,
ctime, crtime, atime, mtime, null, null, null, isFile, parent, ctime, crtime, atime, mtime, null, null, null, isFile, parent,
OsAccount.NO_OWNER_ID, OsAccount.NO_ACCOUNT,
Collections.emptyList(), transaction); Collections.emptyList(), transaction);
transaction.commit(); transaction.commit();
...@@ -6839,6 +6840,9 @@ public FsContent addFileSystemFile(long dataSourceObjId, long fsObjId, ...@@ -6839,6 +6840,9 @@ public FsContent addFileSystemFile(long dataSourceObjId, long fsObjId,
* @param isFile True, unless the file is a directory. * @param isFile True, unless the file is a directory.
* @param parent The parent of the file (e.g., a virtual * @param parent The parent of the file (e.g., a virtual
* directory). * directory).
* @param ownerUid UID of the file owner as found in the file system,
* can be null.
* @param osAccountObjId Obj id of the owner OS account, may be null.
* @param fileAttributes A list of file attributes. May be empty. * @param fileAttributes A list of file attributes. May be empty.
* @param transaction A caller-managed transaction within which the add * @param transaction A caller-managed transaction within which the add
* file operations are performed. * file operations are performed.
...@@ -6854,7 +6858,9 @@ public FsContent addFileSystemFile(long dataSourceObjId, long fsObjId, ...@@ -6854,7 +6858,9 @@ public FsContent addFileSystemFile(long dataSourceObjId, long fsObjId,
TSK_FS_NAME_FLAG_ENUM dirFlag, short metaFlags, long size, TSK_FS_NAME_FLAG_ENUM dirFlag, short metaFlags, long size,
long ctime, long crtime, long atime, long mtime, long ctime, long crtime, long atime, long mtime,
String md5Hash, String sha256Hash, String mimeType, String md5Hash, String sha256Hash, String mimeType,
boolean isFile, Content parent, List<Attribute> fileAttributes, CaseDbTransaction transaction) throws TskCoreException { boolean isFile, Content parent, String ownerUid,
Long osAccountObjId, List<Attribute> fileAttributes,
CaseDbTransaction transaction) throws TskCoreException {
   
TimelineManager timelineManager = getTimelineManager(); TimelineManager timelineManager = getTimelineManager();
   
...@@ -6907,11 +6913,17 @@ public FsContent addFileSystemFile(long dataSourceObjId, long fsObjId, ...@@ -6907,11 +6913,17 @@ public FsContent addFileSystemFile(long dataSourceObjId, long fsObjId,
statement.setString(23, parentPath); statement.setString(23, parentPath);
final String extension = extractExtension(fileName); final String extension = extractExtension(fileName);
statement.setString(24, extension); statement.setString(24, extension);
statement.setString(25, ownerUid);
if (null != osAccountObjId) {
statement.setLong(26, osAccountObjId);
} else {
statement.setNull(26, java.sql.Types.BIGINT); // osAccountObjId
}
   
connection.executeUpdate(statement); connection.executeUpdate(statement);
   
DerivedFile derivedFile = new DerivedFile(this, objectId, dataSourceObjId, fileName, dirType, metaType, dirFlag, metaFlags, DerivedFile derivedFile = new DerivedFile(this, objectId, dataSourceObjId, fileName, dirType, metaType, dirFlag, metaFlags,
size, ctime, crtime, atime, mtime, md5Hash, sha256Hash, null, parentPath, null, parent.getId(), mimeType, null, extension, OsAccount.NO_OWNER_ID, OsAccount.NO_ACCOUNT); size, ctime, crtime, atime, mtime, md5Hash, sha256Hash, null, parentPath, null, parent.getId(), mimeType, null, extension, ownerUid, osAccountObjId);
   
timelineManager.addEventsForNewFile(derivedFile, connection); timelineManager.addEventsForNewFile(derivedFile, connection);
...@@ -6926,7 +6938,7 @@ public FsContent addFileSystemFile(long dataSourceObjId, long fsObjId, ...@@ -6926,7 +6938,7 @@ public FsContent addFileSystemFile(long dataSourceObjId, long fsObjId,
dirType, metaType, dirFlag, metaFlags, dirType, metaType, dirFlag, metaFlags,
size, ctime, crtime, atime, mtime, size, ctime, crtime, atime, mtime,
(short) 0, 0, 0, md5Hash, sha256Hash, null, parentPath, mimeType, (short) 0, 0, 0, md5Hash, sha256Hash, null, parentPath, mimeType,
extension, OsAccount.NO_OWNER_ID, OsAccount.NO_ACCOUNT, fileAttributes); extension, ownerUid, osAccountObjId, fileAttributes);
   
} catch (SQLException ex) { } catch (SQLException ex) {
throw new TskCoreException(String.format("Failed to INSERT file system file %s (%s) with parent id %d in tsk_files table", fileName, parentPath, parent.getId()), ex); throw new TskCoreException(String.format("Failed to INSERT file system file %s (%s) with parent id %d in tsk_files table", fileName, parentPath, parent.getId()), ex);
...@@ -12038,8 +12050,8 @@ private enum PREPARED_STATEMENT { ...@@ -12038,8 +12050,8 @@ private enum PREPARED_STATEMENT {
INSERT_OBJECT("INSERT INTO tsk_objects (par_obj_id, type) VALUES (?, ?)"), //NON-NLS INSERT_OBJECT("INSERT INTO tsk_objects (par_obj_id, type) VALUES (?, ?)"), //NON-NLS
INSERT_FILE("INSERT INTO tsk_files (obj_id, fs_obj_id, name, type, has_path, dir_type, meta_type, dir_flags, meta_flags, size, ctime, crtime, atime, mtime, md5, sha256, known, mime_type, parent_path, data_source_obj_id, extension, owner_uid, os_account_obj_id ) " //NON-NLS INSERT_FILE("INSERT INTO tsk_files (obj_id, fs_obj_id, name, type, has_path, dir_type, meta_type, dir_flags, meta_flags, size, ctime, crtime, atime, mtime, md5, sha256, known, mime_type, parent_path, data_source_obj_id, extension, owner_uid, os_account_obj_id ) " //NON-NLS
+ "VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"), //NON-NLS + "VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"), //NON-NLS
INSERT_FILE_SYSTEM_FILE("INSERT INTO tsk_files(obj_id, fs_obj_id, data_source_obj_id, attr_type, attr_id, name, meta_addr, meta_seq, type, has_path, dir_type, meta_type, dir_flags, meta_flags, size, ctime, crtime, atime, mtime, md5, sha256, mime_type, parent_path, extension)" INSERT_FILE_SYSTEM_FILE("INSERT INTO tsk_files(obj_id, fs_obj_id, data_source_obj_id, attr_type, attr_id, name, meta_addr, meta_seq, type, has_path, dir_type, meta_type, dir_flags, meta_flags, size, ctime, crtime, atime, mtime, md5, sha256, mime_type, parent_path, extension, owner_uid, os_account_obj_id )"
+ " VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"), // NON-NLS + " VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"), // NON-NLS
UPDATE_DERIVED_FILE("UPDATE tsk_files SET type = ?, dir_type = ?, meta_type = ?, dir_flags = ?, meta_flags = ?, size= ?, ctime= ?, crtime= ?, atime= ?, mtime= ?, mime_type = ? " UPDATE_DERIVED_FILE("UPDATE tsk_files SET type = ?, dir_type = ?, meta_type = ?, dir_flags = ?, meta_flags = ?, size= ?, ctime= ?, crtime= ?, atime= ?, mtime= ?, mime_type = ? "
+ "WHERE obj_id = ?"), //NON-NLS + "WHERE obj_id = ?"), //NON-NLS
INSERT_LAYOUT_FILE("INSERT INTO tsk_file_layout (obj_id, byte_start, byte_len, sequence) " //NON-NLS INSERT_LAYOUT_FILE("INSERT INTO tsk_file_layout (obj_id, byte_start, byte_len, sequence) " //NON-NLS
......
...@@ -115,22 +115,23 @@ public void fileAttributeTests() throws TskCoreException { ...@@ -115,22 +115,23 @@ public void fileAttributeTests() throws TskCoreException {
// Add a root folder // Add a root folder
FsContent root = caseDB.addFileSystemFile(fs.getDataSource().getId(), fs.getId(), "", 0, 0, FsContent root = caseDB.addFileSystemFile(fs.getDataSource().getId(), fs.getId(), "", 0, 0,
TskData.TSK_FS_ATTR_TYPE_ENUM.TSK_FS_ATTR_TYPE_DEFAULT, 0, TskData.TSK_FS_NAME_FLAG_ENUM.ALLOC, TskData.TSK_FS_ATTR_TYPE_ENUM.TSK_FS_ATTR_TYPE_DEFAULT, 0, TskData.TSK_FS_NAME_FLAG_ENUM.ALLOC,
(short) 0, 200, 0, 0, 0, 0, null, null, null, false, fs, Collections.emptyList(), trans); (short) 0, 200, 0, 0, 0, 0, null, null, null, false, fs, null, null, Collections.emptyList(), trans);
// Add a dir - no attributes // Add a dir - no attributes
FsContent windows = caseDB.addFileSystemFile(fs.getDataSource().getId(), fs.getId(), "Windows", 0, 0, FsContent windows = caseDB.addFileSystemFile(fs.getDataSource().getId(), fs.getId(), "Windows", 0, 0,
TskData.TSK_FS_ATTR_TYPE_ENUM.TSK_FS_ATTR_TYPE_DEFAULT, 0, TskData.TSK_FS_NAME_FLAG_ENUM.ALLOC, TskData.TSK_FS_ATTR_TYPE_ENUM.TSK_FS_ATTR_TYPE_DEFAULT, 0, TskData.TSK_FS_NAME_FLAG_ENUM.ALLOC,
(short) 0, 200, 0, 0, 0, 0, null, null, null, false, root, Collections.emptyList(), trans); (short) 0, 200, 0, 0, 0, 0, null, null, null, false, root, "S-1-5-80-956008885-3418522649-1831038044-1853292631-227147846", null, Collections.emptyList(), trans);
// Add dllhosts.exe file to the above dir // Add dllhosts.exe file to the above dir
FsContent dllhosts = caseDB.addFileSystemFile(fs.getDataSource().getId(), fs.getId(), "dllhosts.exe", 0, 0, FsContent dllhosts = caseDB.addFileSystemFile(fs.getDataSource().getId(), fs.getId(), "dllhosts.exe", 0, 0,
TskData.TSK_FS_ATTR_TYPE_ENUM.TSK_FS_ATTR_TYPE_DEFAULT, 0, TskData.TSK_FS_NAME_FLAG_ENUM.ALLOC, TskData.TSK_FS_ATTR_TYPE_ENUM.TSK_FS_ATTR_TYPE_DEFAULT, 0, TskData.TSK_FS_NAME_FLAG_ENUM.ALLOC,
(short)0, 200, 0, 0, 0, 0, testMD5, null, "Applicatione/Exe" , true, windows, fileAttributes, trans); (short) 0, 200, 0, 0, 0, 0, testMD5, null, "Applicatione/Exe", true, windows, "S-1-5-32-544", null, fileAttributes, trans);
// add another no attribute file to the same folder // add another no attribute file to the same folder
FsContent _nofile = caseDB.addFileSystemFile(fs.getDataSource().getId(), fs.getId(), "nofile.exe", 0, 0, FsContent _nofile = caseDB.addFileSystemFile(fs.getDataSource().getId(), fs.getId(), "nofile.exe", 0, 0,
TskData.TSK_FS_ATTR_TYPE_ENUM.TSK_FS_ATTR_TYPE_DEFAULT, 0, TskData.TSK_FS_NAME_FLAG_ENUM.ALLOC, TskData.TSK_FS_ATTR_TYPE_ENUM.TSK_FS_ATTR_TYPE_DEFAULT, 0, TskData.TSK_FS_NAME_FLAG_ENUM.ALLOC,
(short)0, 200, 0, 0, 0, 0, null, null, "Applicatione/Exe" , true, windows, Collections.emptyList(), trans); (short) 0, 200, 0, 0, 0, 0, null, null, "Applicatione/Exe", true, windows, null, null, Collections.emptyList(), trans);
// Add additional attributes to dllhosts file - within the same transaction. // Add additional attributes to dllhosts file - within the same transaction.
dllhosts.addAttributes(fileAttributes2, trans); dllhosts.addAttributes(fileAttributes2, trans);
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment