Merge pull request #2166 from jayaramcs/develop

add ownerUid, osAccountObjId to addFileSystemFile long-form api

Merge pull request #2166 from jayaramcs/develop
9162196c · Richard Cordovano · GitHub · 0cb63ed2 · 69f10ba8 · 9162196c
Unverified Commit 9162196c authored 4 years ago by Richard Cordovano Committed by GitHub 4 years ago
--- a/bindings/java/src/org/sleuthkit/datamodel/SleuthkitCase.java
+++ b/bindings/java/src/org/sleuthkit/datamodel/SleuthkitCase.java
@@ -6797,6 +6797,7 @@ public FsContent addFileSystemFile(long dataSourceObjId, long fsObjId,
 			FsContent fileSystemFile = addFileSystemFile(dataSourceObjId, fsObjId, fileName,
 					metaAddr, metaSeq, attrType, attrId, dirFlag, metaFlags, size,
 					ctime, crtime, atime, mtime, null, null, null, isFile, parent,
+					OsAccount.NO_OWNER_ID, OsAccount.NO_ACCOUNT,
 					Collections.emptyList(), transaction);
 			
 			transaction.commit();
@@ -6839,6 +6840,9 @@ public FsContent addFileSystemFile(long dataSourceObjId, long fsObjId,
 	 * @param isFile          True, unless the file is a directory.
 	 * @param parent          The parent of the file (e.g., a virtual
 	 *                        directory).
+	 * @param ownerUid        UID of the file owner as found in the file system,
+	 *                        can be null.
+	 * @param osAccountObjId  Obj id of the owner OS account, may be null.
 	 * @param fileAttributes  A list of file attributes. May be empty.
 	 * @param transaction     A caller-managed transaction within which the add
 	 *                        file operations are performed.
@@ -6854,7 +6858,9 @@ public FsContent addFileSystemFile(long dataSourceObjId, long fsObjId,
 			TSK_FS_NAME_FLAG_ENUM dirFlag, short metaFlags, long size,
 			long ctime, long crtime, long atime, long mtime,
 			String md5Hash, String sha256Hash, String mimeType,
-			boolean isFile, Content parent, List<Attribute> fileAttributes, CaseDbTransaction transaction) throws TskCoreException {
+			boolean isFile, Content parent, String ownerUid,
+			Long osAccountObjId, List<Attribute> fileAttributes, 
+			CaseDbTransaction transaction) throws TskCoreException {
  
 		TimelineManager timelineManager = getTimelineManager();
  
@@ -6907,11 +6913,17 @@ public FsContent addFileSystemFile(long dataSourceObjId, long fsObjId,
 			statement.setString(23, parentPath);
 			final String extension = extractExtension(fileName);
 			statement.setString(24, extension);
+			statement.setString(25, ownerUid);
+			if (null != osAccountObjId) {
+				statement.setLong(26, osAccountObjId);
+			} else {
+				statement.setNull(26, java.sql.Types.BIGINT); // osAccountObjId
+			}
  
 			connection.executeUpdate(statement);
  
 			DerivedFile derivedFile = new DerivedFile(this, objectId, dataSourceObjId, fileName, dirType, metaType, dirFlag, metaFlags,
-					size, ctime, crtime, atime, mtime, md5Hash, sha256Hash, null, parentPath, null, parent.getId(), mimeType, null, extension, OsAccount.NO_OWNER_ID, OsAccount.NO_ACCOUNT);
+					size, ctime, crtime, atime, mtime, md5Hash, sha256Hash, null, parentPath, null, parent.getId(), mimeType, null, extension, ownerUid, osAccountObjId);
  
 			timelineManager.addEventsForNewFile(derivedFile, connection);
 			
@@ -6926,7 +6938,7 @@ public FsContent addFileSystemFile(long dataSourceObjId, long fsObjId,
 					dirType, metaType, dirFlag, metaFlags,
 					size, ctime, crtime, atime, mtime,
 					(short) 0, 0, 0, md5Hash, sha256Hash, null, parentPath, mimeType,
-					extension, OsAccount.NO_OWNER_ID, OsAccount.NO_ACCOUNT, fileAttributes);
+					extension, ownerUid, osAccountObjId, fileAttributes);
  
 		} catch (SQLException ex) {
 			throw new TskCoreException(String.format("Failed to INSERT file system file %s (%s) with parent id %d in tsk_files table", fileName, parentPath, parent.getId()), ex);
@@ -12038,8 +12050,8 @@ private enum PREPARED_STATEMENT {
 		INSERT_OBJECT("INSERT INTO tsk_objects (par_obj_id, type) VALUES (?, ?)"), //NON-NLS
 		INSERT_FILE("INSERT INTO tsk_files (obj_id, fs_obj_id, name, type, has_path, dir_type, meta_type, dir_flags, meta_flags, size, ctime, crtime, atime, mtime, md5, sha256, known, mime_type, parent_path, data_source_obj_id, extension, owner_uid, os_account_obj_id  ) " //NON-NLS
 				+ "VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"), //NON-NLS
-		INSERT_FILE_SYSTEM_FILE("INSERT INTO tsk_files(obj_id, fs_obj_id, data_source_obj_id, attr_type, attr_id, name, meta_addr, meta_seq, type, has_path, dir_type, meta_type, dir_flags, meta_flags, size, ctime, crtime, atime, mtime, md5, sha256, mime_type, parent_path, extension)"
-				+ " VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"), // NON-NLS
+		INSERT_FILE_SYSTEM_FILE("INSERT INTO tsk_files(obj_id, fs_obj_id, data_source_obj_id, attr_type, attr_id, name, meta_addr, meta_seq, type, has_path, dir_type, meta_type, dir_flags, meta_flags, size, ctime, crtime, atime, mtime, md5, sha256, mime_type, parent_path, extension, owner_uid, os_account_obj_id )"
+				+ " VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"), // NON-NLS
 		UPDATE_DERIVED_FILE("UPDATE tsk_files SET type = ?, dir_type = ?, meta_type = ?, dir_flags = ?,  meta_flags = ?, size= ?, ctime= ?, crtime= ?, atime= ?, mtime= ?, mime_type = ?  "
 				+ "WHERE obj_id = ?"), //NON-NLS
 		INSERT_LAYOUT_FILE("INSERT INTO tsk_file_layout (obj_id, byte_start, byte_len, sequence) " //NON-NLS

--- a/bindings/java/test/org/sleuthkit/datamodel/AttributeTest.java
+++ b/bindings/java/test/org/sleuthkit/datamodel/AttributeTest.java
@@ -115,22 +115,23 @@ public void fileAttributeTests() throws TskCoreException {
 		// Add a root folder
 		FsContent root = caseDB.addFileSystemFile(fs.getDataSource().getId(), fs.getId(), "", 0, 0,
 				TskData.TSK_FS_ATTR_TYPE_ENUM.TSK_FS_ATTR_TYPE_DEFAULT, 0, TskData.TSK_FS_NAME_FLAG_ENUM.ALLOC,
-				(short) 0, 200, 0, 0, 0, 0, null, null, null, false, fs, Collections.emptyList(), trans);
+				(short) 0, 200, 0, 0, 0, 0, null, null, null, false, fs, null, null, Collections.emptyList(), trans);

 		// Add a dir - no attributes 
 		FsContent windows = caseDB.addFileSystemFile(fs.getDataSource().getId(), fs.getId(), "Windows", 0, 0,
 				TskData.TSK_FS_ATTR_TYPE_ENUM.TSK_FS_ATTR_TYPE_DEFAULT, 0, TskData.TSK_FS_NAME_FLAG_ENUM.ALLOC,
-				(short) 0, 200, 0, 0, 0, 0, null, null, null, false, root, Collections.emptyList(), trans);
-		
+				(short) 0, 200, 0, 0, 0, 0, null, null, null, false, root, "S-1-5-80-956008885-3418522649-1831038044-1853292631-227147846", null, Collections.emptyList(), trans);
+
 		// Add dllhosts.exe file to the above dir
 		FsContent dllhosts = caseDB.addFileSystemFile(fs.getDataSource().getId(), fs.getId(), "dllhosts.exe", 0, 0,
 				TskData.TSK_FS_ATTR_TYPE_ENUM.TSK_FS_ATTR_TYPE_DEFAULT, 0, TskData.TSK_FS_NAME_FLAG_ENUM.ALLOC,
-				(short)0, 200, 0, 0, 0, 0, testMD5, null, "Applicatione/Exe" , true, windows, fileAttributes, trans);
+				(short) 0, 200, 0, 0, 0, 0, testMD5, null, "Applicatione/Exe", true, windows, "S-1-5-32-544", null, fileAttributes, trans);

 		// add another no attribute file to the same folder
 		FsContent _nofile = caseDB.addFileSystemFile(fs.getDataSource().getId(), fs.getId(), "nofile.exe", 0, 0,
 				TskData.TSK_FS_ATTR_TYPE_ENUM.TSK_FS_ATTR_TYPE_DEFAULT, 0, TskData.TSK_FS_NAME_FLAG_ENUM.ALLOC,
-				(short)0, 200, 0, 0, 0, 0, null, null, "Applicatione/Exe" , true, windows, Collections.emptyList(), trans);
+				(short) 0, 200, 0, 0, 0, 0, null, null, "Applicatione/Exe", true, windows, null, null, Collections.emptyList(), trans);
+		

 		// Add additional attributes to dllhosts file - within the same transaction. 
 		dllhosts.addAttributes(fileAttributes2, trans);