CommandLineManager.java

Go to the documentation of this file.

/*
 * Autopsy Forensic Browser
 *
 * Copyright 2020-2022 Basis Technology Corp.
 * Contact: carrier <at> sleuthkit <dot> org
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.sleuthkit.autopsy.commandlineingest;
 
import java.io.File;
import java.io.FilenameFilter;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.logging.Level;
import org.sleuthkit.autopsy.casemodule.Case;
import org.sleuthkit.autopsy.casemodule.CaseActionException;
import org.sleuthkit.autopsy.casemodule.CaseDetails;
import org.sleuthkit.autopsy.casemodule.CaseMetadata;
import static org.sleuthkit.autopsy.casemodule.CaseMetadata.getFileExtension;
import org.sleuthkit.autopsy.coreutils.Logger;
import org.sleuthkit.autopsy.coreutils.TimeStampUtils;

class CommandLineManager {
 
    private static final String LOG_DIR_NAME = "Command Output";
    private static final Logger LOGGER = Logger.getLogger(CommandLineOpenCaseManager.class.getName());

    Case openCase(String casePath) throws CaseActionException {
 
        String metadataFilePath;
        if (casePath.endsWith(".aut") && (new File(casePath)).isFile()) {
            LOGGER.log(Level.INFO, "Opening case {0}", casePath);
            metadataFilePath = casePath;
        } else {
            LOGGER.log(Level.INFO, "Opening case in directory {0}", casePath);
            metadataFilePath = findAutFile(casePath);
        }
        Case.openAsCurrentCase(metadataFilePath);
 
        Case newCase = Case.getCurrentCase();
        LOGGER.log(Level.INFO, "Opened case {0}", newCase.getName());
 
        return newCase;
    }

    private String findAutFile(String caseDirectory) throws CaseActionException {
        File caseFolder = Paths.get(caseDirectory).toFile();
        if (caseFolder.exists()) {
            /*
             * Search for '*.aut' files.
             */
            File[] fileArray = caseFolder.listFiles();
            if (fileArray == null) {
                throw new CaseActionException("No files found in case directory");
            }
            String autFilePath = null;
            for (File file : fileArray) {
                String name = file.getName().toLowerCase();
                if (autFilePath == null && name.endsWith(getFileExtension())) {
                    return file.getAbsolutePath();
                }
            }
            throw new CaseActionException("No .aut files found in case directory");
        }
        throw new CaseActionException("Case directory was not found");
    }

    Case createCase(String baseCaseName, String rootOutputDirectory, Case.CaseType caseType) throws CaseActionException {
 
        LOGGER.log(Level.INFO, "Creating new case {0} in directory {1}", new Object[]{baseCaseName, rootOutputDirectory});
        Path caseDirectoryPath = findCaseDirectory(Paths.get(rootOutputDirectory), baseCaseName);
        if (null != caseDirectoryPath) {
            // found an existing case directory for same case name. the input case name must be unique. Exit.
            LOGGER.log(Level.SEVERE, "Case {0} already exists. Case name must be unique. Exiting", baseCaseName);
            throw new CaseActionException("Case " + baseCaseName + " already exists. Case name must be unique. Exiting");
        } else {
            caseDirectoryPath = createCaseFolderPath(Paths.get(rootOutputDirectory), baseCaseName);
 
            // Create the case directory
            Case.createCaseDirectory(caseDirectoryPath.toString(), caseType);
 
            CaseDetails caseDetails = new CaseDetails(baseCaseName);
            Case.createAsCurrentCase(caseType, caseDirectoryPath.toString(), caseDetails);
        }
 
        Case caseForJob = Case.getCurrentCase();
        LOGGER.log(Level.INFO, "Created case {0}", caseForJob.getName());
        return caseForJob;
    }

    private Path createCaseFolderPath(Path caseFoldersPath, String caseName) {
        String folderName = caseName + "_" + TimeStampUtils.createTimeStamp();
        return Paths.get(caseFoldersPath.toString(), folderName);
    }

    Case openExistingCase(String caseName, String rootOutputDirectory) throws CaseActionException {
        LOGGER.log(Level.INFO, "Opening case {0} in directory {1}", new Object[]{caseName, rootOutputDirectory});
        Path caseDirectoryPath = findCaseDirectory(Paths.get(rootOutputDirectory), caseName);
        if (null != caseDirectoryPath) {
            // found an existing case directory for same case name.
            Path metadataFilePath = caseDirectoryPath.resolve(caseName + CaseMetadata.getFileExtension());
            Case.openAsCurrentCase(metadataFilePath.toString());
        } else {
            // did not find existing case directory for same case name. Exit.
            LOGGER.log(Level.SEVERE, "Case {0} doesn't exist. Exiting", caseName);
            throw new CaseActionException("Case " + caseName + " doesn't exist. Exiting");
        }
 
        Case caseForJob = Case.getCurrentCase();
        LOGGER.log(Level.INFO, "Opened case {0}", caseForJob.getName());
        return caseForJob;
    }

    private Path findCaseDirectory(Path folderToSearch, String caseName) {
        File searchFolder = new File(folderToSearch.toString());
        if (!searchFolder.isDirectory()) {
            return null;
        }
        Path caseFolderPath = null;
        String[] candidateFolders = searchFolder.list(new CaseFolderFilter(caseName));
        long mostRecentModified = 0;
        for (String candidateFolder : candidateFolders) {
            File file = new File(candidateFolder);
            if (file.lastModified() >= mostRecentModified) {
                mostRecentModified = file.lastModified();
                caseFolderPath = Paths.get(folderToSearch.toString(), file.getPath());
            }
        }
        return caseFolderPath;
    }

    String getOutputDirPath(Case caseForJob) {
        return caseForJob.getCaseDirectory() + File.separator + LOG_DIR_NAME;
    }
 
    private static class CaseFolderFilter implements FilenameFilter {
 
        private final String caseName;
        private final static String CASE_METADATA_EXT = CaseMetadata.getFileExtension();
 
        CaseFolderFilter(String caseName) {
            this.caseName = caseName;
        }
 
        @Override
        public boolean accept(File folder, String fileName) {
            File file = new File(folder, fileName);
            if (fileName.length() > TimeStampUtils.getTimeStampLength() && file.isDirectory()) {
                if (TimeStampUtils.endsWithTimeStamp(fileName)) {
                    if (null != caseName) {
                        String fileNamePrefix = fileName.substring(0, fileName.length() - TimeStampUtils.getTimeStampLength());
                        if (fileNamePrefix.equals(caseName)) {
                            return hasCaseMetadataFile(file);
                        }
                    } else {
                        return hasCaseMetadataFile(file);
                    }
                }
            }
            return false;
        }

        private static boolean hasCaseMetadataFile(File folder) {
            for (File file : folder.listFiles()) {
                if (file.getName().toLowerCase().endsWith(CASE_METADATA_EXT) && file.isFile()) {
                    return true;
                }
            }
            return false;
        }
    }
 
}