From ef5ec28a8aa6eabf1033a7ea53e6eb101d6d66c7 Mon Sep 17 00:00:00 2001
From: apriestman <apriestman@basistech.com>
Date: Tue, 14 Apr 2020 15:42:29 -0400
Subject: [PATCH] Removed timing statements. Added new version of
 addEventsForNewFile that does not post events.

---
 .../sleuthkit/datamodel/SleuthkitCase.java    |  2 +-
 .../org/sleuthkit/datamodel/SleuthkitJNI.java | 10 +---
 .../sleuthkit/datamodel/TimelineManager.java  | 57 +++++++++++++++++++
 3 files changed, 60 insertions(+), 9 deletions(-)

diff --git a/bindings/java/src/org/sleuthkit/datamodel/SleuthkitCase.java b/bindings/java/src/org/sleuthkit/datamodel/SleuthkitCase.java
index af4eb9b73..1f8f94bde 100644
--- a/bindings/java/src/org/sleuthkit/datamodel/SleuthkitCase.java
+++ b/bindings/java/src/org/sleuthkit/datamodel/SleuthkitCase.java
@@ -11248,7 +11248,7 @@ long addFileJNI(long parentObjId,
 						(short)metaFlags,
 						size, ctime, crtime, atime, mtime, null, null, escaped_path, null, parentObjId, null, null, extension);
 
-				timelineManager.addEventsForNewFile(derivedFile, connection);	
+				timelineManager.addEventsForNewFileJNI(derivedFile, connection);	
 			}
 			
 			return objectId;
diff --git a/bindings/java/src/org/sleuthkit/datamodel/SleuthkitJNI.java b/bindings/java/src/org/sleuthkit/datamodel/SleuthkitJNI.java
index 6697a50ae..5ab34ecfd 100644
--- a/bindings/java/src/org/sleuthkit/datamodel/SleuthkitJNI.java
+++ b/bindings/java/src/org/sleuthkit/datamodel/SleuthkitJNI.java
@@ -414,18 +414,15 @@ long addImageInfo(long deviceObjId, List<String> imageFilePaths, String timeZone
 			JniDbHelper dbHelper = new JniDbHelper(skCase);
 			try {
 				dbHelper.beginTransaction();
-				long startTime = System.currentTimeMillis();
 				long tskAutoDbPointer = initializeAddImgNat(caseDbPointer, dbHelper, timezoneLongToShort(timeZone), false, false, false);
 				runOpenAndAddImgNat(tskAutoDbPointer, UUID.randomUUID().toString(), imageFilePaths.toArray(new String[0]), imageFilePaths.size(), timeZone);				
 				long id = finishAddImgNat(tskAutoDbPointer);
-				long endTime = System.currentTimeMillis();
-				System.out.println("### addImage time: " + (endTime - startTime) + " ms");
+				dbHelper.commitTransaction();
 				skCase.addDataSourceToHasChildrenMap();
 				return id;
 			} catch (TskDataException ex) {
+				dbHelper.revertTransaction();
 				throw new TskCoreException("Error adding image to case database", ex);
-			} finally {
-				dbHelper.commitTransaction(); // TODO - is this right?
 			}
 		}
 
@@ -510,7 +507,6 @@ public void run(String deviceId, String[] imageFilePaths, int sectorSize) throws
 				getTSKReadLock();
 				try {
 					long imageHandle = 0;
-					long startTime = System.currentTimeMillis();
 					synchronized (this) {
 						if (0 != tskAutoDbPointer) {
 							throw new TskCoreException("Add image process already started");
@@ -527,8 +523,6 @@ public void run(String deviceId, String[] imageFilePaths, int sectorSize) throws
 					if (imageHandle != 0) {
 						runAddImgNat(tskAutoDbPointer, deviceId, imageHandle, timeZone, imageWriterPath);
 					}
-					long endTime = System.currentTimeMillis();
-					System.out.println("### addImage time: " + (endTime - startTime) + " ms");
 				} finally {
 					releaseTSKReadLock();
 				}
diff --git a/bindings/java/src/org/sleuthkit/datamodel/TimelineManager.java b/bindings/java/src/org/sleuthkit/datamodel/TimelineManager.java
index 661d4ff21..cf2fc53e2 100644
--- a/bindings/java/src/org/sleuthkit/datamodel/TimelineManager.java
+++ b/bindings/java/src/org/sleuthkit/datamodel/TimelineManager.java
@@ -543,6 +543,63 @@ Collection<TimelineEvent> addEventsForNewFile(AbstractFile file, CaseDbConnectio
 
 		return events;
 	}
+	
+	void addEventsForNewFileJNI(AbstractFile file, CaseDbConnection connection) throws TskCoreException {
+		//gather time stamps into map
+		Map<TimelineEventType, Long> timeMap = ImmutableMap.of(TimelineEventType.FILE_CREATED, file.getCrtime(),
+				TimelineEventType.FILE_ACCESSED, file.getAtime(),
+				TimelineEventType.FILE_CHANGED, file.getCtime(),
+				TimelineEventType.FILE_MODIFIED, file.getMtime());
+		List<TimelineEventType> tempList = ImmutableList.of(TimelineEventType.FILE_MODIFIED,
+				TimelineEventType.FILE_ACCESSED, TimelineEventType.FILE_CREATED, TimelineEventType.FILE_CHANGED);
+
+		/*
+		 * If there are no legitimate ( greater than zero ) time stamps skip the
+		 * rest of the event generation.
+		 */
+		if (Collections.max(timeMap.values()) <= 0) {
+			return;
+		}
+
+		String description = file.getParentPath() + file.getName();
+		long fileObjId = file.getId();
+		caseDB.acquireSingleUserCaseWriteLock();
+		try {
+			long descriptionID = addEventDescription(file.getDataSourceObjectId(), fileObjId, null,
+					description, null, null, false, false, connection);
+
+			//for (Map.Entry<TimelineEventType, Long> timeEntry : timeMap.entrySet()) {
+			for (TimelineEventType type : tempList) {
+				//Map.Entry<TimelineEventType, Long> timeEntry = timeMap.get(type);
+				Long time = timeMap.get(type);
+				//Long time = timeEntry.getValue();
+				if (time > 0 && time < MAX_TIMESTAMP_TO_ADD) {// if the time is legitimate ( greater than zero and less then 12 years from current date) insert it
+					//TimelineEventType type = timeEntry.getKey();
+					long eventID = addEventWithExistingDescription(time, type, descriptionID, connection);
+
+					/*
+					 * Last two flags indicating hasTags and hasHashHits are
+					 * both set to false with the assumption that this is not
+					 * possible for a new file. See JIRA-5407
+					 */
+					//events.add(new TimelineEvent(eventID, descriptionID, fileObjId, null, time, type,
+				//			description, null, null, false, false));
+				} else {
+					if (time >= MAX_TIMESTAMP_TO_ADD) {
+						//logger.log(Level.WARNING, String.format("Date/Time discarded from Timeline for %s for file %s with Id %d", timeEntry.getKey().getDisplayName(), file.getParentPath() + file.getName(), file.getId()));
+					}
+				}
+			}
+
+		} finally {
+			caseDB.releaseSingleUserCaseWriteLock();
+		}
+		//events.stream()
+		//		.map(TimelineEventAddedEvent::new)
+		//		.forEach(caseDB::fireTSKEvent);
+
+		//return events;
+	}	
 
 	/**
 	 * Add any events that can be created from the given Artifact. If the
-- 
GitLab