api-docs/4.16.0/_file_search_8java_source.html

 /*

  * Autopsy Forensic Browser

  *

  * Copyright 2019-2020 Basis Technology Corp.

  * Contact: carrier <at> sleuthkit <dot> org

  *

  * Licensed under the Apache License, Version 2.0 (the "License");

  * you may not use this file except in compliance with the License.

  * You may obtain a copy of the License at

  *

  *     http://www.apache.org/licenses/LICENSE-2.0

  *

  * Unless required by applicable law or agreed to in writing, software

  * distributed under the License is distributed on an "AS IS" BASIS,

  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  * See the License for the specific language governing permissions and

  * limitations under the License.

  */

 package org.sleuthkit.autopsy.discovery.search;


 import com.google.common.cache.Cache;

 import com.google.common.cache.CacheBuilder;

 import java.io.IOException;

 import java.util.ArrayList;

 import java.util.LinkedHashMap;

 import java.util.List;

 import java.util.Map;

 import java.util.logging.Level;

 import org.apache.commons.lang.StringUtils;

 import org.openide.util.NbBundle;

 import org.sleuthkit.autopsy.coreutils.Logger;

 import org.sleuthkit.datamodel.AbstractFile;

 import org.sleuthkit.datamodel.SleuthkitCase;

 import org.sleuthkit.autopsy.centralrepository.datamodel.CentralRepository;

 import org.sleuthkit.autopsy.discovery.search.DiscoveryAttributes.AttributeType;

 import org.sleuthkit.autopsy.discovery.search.DiscoveryKeyUtils.GroupKey;

 import org.sleuthkit.autopsy.discovery.search.DiscoveryKeyUtils.SearchKey;

 import org.sleuthkit.autopsy.textsummarizer.TextSummarizer;

 import org.sleuthkit.autopsy.textsummarizer.TextSummary;


 public class FileSearch {


     private final static Logger logger = Logger.getLogger(FileSearch.class.getName());

     private static final int MAXIMUM_CACHE_SIZE = 10;

     private static final Cache<SearchKey, Map<GroupKey, List<Result>>> searchCache = CacheBuilder.newBuilder()

             .maximumSize(MAXIMUM_CACHE_SIZE)

             .build();


     static SearchResults runFileSearchDebug(String userName,

             List<AbstractFilter> filters,

             AttributeType groupAttributeType,

             Group.GroupSortingAlgorithm groupSortingType,

             ResultsSorter.SortingMethod fileSortingMethod,

             SleuthkitCase caseDb, CentralRepository centralRepoDb) throws DiscoveryException {

         // Make a list of attributes that we want to add values for. This ensures the

         // ResultFile objects will have all needed fields set when it's time to group

         // and sort them. For example, if we're grouping by central repo frequency, we need

         // to make sure we've loaded those values before grouping.

         List<AttributeType> attributesNeededForGroupingOrSorting = new ArrayList<>();

         attributesNeededForGroupingOrSorting.add(groupAttributeType);

         attributesNeededForGroupingOrSorting.addAll(fileSortingMethod.getRequiredAttributes());


         // Run the queries for each filter

         List<Result> results = SearchFiltering.runQueries(filters, caseDb, centralRepoDb);


         // Add the data to resultFiles for any attributes needed for sorting and grouping

         addAttributes(attributesNeededForGroupingOrSorting, results, caseDb, centralRepoDb);


         // Collect everything in the search results

         SearchResults searchResults = new SearchResults(groupSortingType, groupAttributeType, fileSortingMethod);

         searchResults.add(results);


         // Sort and group the results

         searchResults.sortGroupsAndFiles();

         Map<GroupKey, List<Result>> resultHashMap = searchResults.toLinkedHashMap();

         SearchKey searchKey = new SearchKey(userName, filters, groupAttributeType, groupSortingType, fileSortingMethod);

         synchronized (searchCache) {

             searchCache.put(searchKey, resultHashMap);

         }

         return searchResults;

     }


     public static Map<GroupKey, Integer> getGroupSizes(String userName,

             List<AbstractFilter> filters,

             AttributeType groupAttributeType,

             Group.GroupSortingAlgorithm groupSortingType,

             ResultsSorter.SortingMethod fileSortingMethod,

             SleuthkitCase caseDb, CentralRepository centralRepoDb) throws DiscoveryException {

         Map<GroupKey, List<Result>> searchResults = runFileSearch(userName, filters,

                 groupAttributeType, groupSortingType, fileSortingMethod, caseDb, centralRepoDb);

         LinkedHashMap<GroupKey, Integer> groupSizes = new LinkedHashMap<>();

         for (GroupKey groupKey : searchResults.keySet()) {

             groupSizes.put(groupKey, searchResults.get(groupKey).size());

         }

         return groupSizes;

     }


     public static List<Result> getFilesInGroup(String userName,

             List<AbstractFilter> filters,

             AttributeType groupAttributeType,

             Group.GroupSortingAlgorithm groupSortingType,

             ResultsSorter.SortingMethod fileSortingMethod,

             GroupKey groupKey,

             int startingEntry,

             int numberOfEntries,

             SleuthkitCase caseDb, CentralRepository centralRepoDb) throws DiscoveryException {

         //the group should be in the cache at this point

         List<Result> filesInGroup = null;

         SearchKey searchKey = new SearchKey(userName, filters, groupAttributeType, groupSortingType, fileSortingMethod);

         Map<GroupKey, List<Result>> resultsMap;

         synchronized (searchCache) {

             resultsMap = searchCache.getIfPresent(searchKey);

         }

         if (resultsMap != null) {

             filesInGroup = resultsMap.get(groupKey);

         }

         List<Result> page = new ArrayList<>();

         if (filesInGroup == null) {

             logger.log(Level.INFO, "Group {0} was not cached, performing search to cache all groups again", groupKey);

             runFileSearch(userName, filters, groupAttributeType, groupSortingType, fileSortingMethod, caseDb, centralRepoDb);

             synchronized (searchCache) {

                 resultsMap = searchCache.getIfPresent(searchKey.getKeyString());

             }

             if (resultsMap != null) {

                 filesInGroup = resultsMap.get(groupKey);

             }

             if (filesInGroup == null) {

                 logger.log(Level.WARNING, "Group {0} did not exist in cache or new search results", groupKey);

                 return page; //group does not exist

             }

         }

         // Check that there is data after the starting point

         if (filesInGroup.size() < startingEntry) {

             logger.log(Level.WARNING, "Group only contains {0} files, starting entry of {1} is too large.", new Object[]{filesInGroup.size(), startingEntry});

             return page;

         }

         // Add files to the page

         for (int i = startingEntry; (i < startingEntry + numberOfEntries)

                 && (i < filesInGroup.size()); i++) {

             page.add(filesInGroup.get(i));

         }

         return page;

     }


     @NbBundle.Messages({"FileSearch.documentSummary.noPreview=No preview available.",

         "FileSearch.documentSummary.noBytes=No bytes read for document, unable to display preview."})

     public static TextSummary summarize(AbstractFile file) {

         TextSummary summary = null;

         TextSummarizer localSummarizer;

         synchronized (searchCache) {

             localSummarizer = SummaryHelpers.getLocalSummarizer();


         }

         if (localSummarizer != null) {

             try {

                 //a summary of length 40 seems to fit without vertical scroll bars

                 summary = localSummarizer.summarize(file, 40);

             } catch (IOException ex) {

                 return new TextSummary(Bundle.FileSearch_documentSummary_noPreview(), null, 0);

             }

         }

         if (summary == null || StringUtils.isBlank(summary.getSummaryText())) {

             //summary text was empty grab the beginning of the file

             summary = SummaryHelpers.getDefaultSummary(file);

         }

         return summary;

     }


     private static Map<GroupKey, List<Result>> runFileSearch(String userName,

             List<AbstractFilter> filters,

             AttributeType groupAttributeType,

             Group.GroupSortingAlgorithm groupSortingType,

             ResultsSorter.SortingMethod fileSortingMethod,

             SleuthkitCase caseDb, CentralRepository centralRepoDb) throws DiscoveryException {


         // Make a list of attributes that we want to add values for. This ensures the

         // ResultFile objects will have all needed fields set when it's time to group

         // and sort them. For example, if we're grouping by central repo frequency, we need

         // to make sure we've loaded those values before grouping.

         List<AttributeType> attributesNeededForGroupingOrSorting = new ArrayList<>();

         attributesNeededForGroupingOrSorting.add(groupAttributeType);

         attributesNeededForGroupingOrSorting.addAll(fileSortingMethod.getRequiredAttributes());


         // Run the queries for each filter

         List<Result> results = SearchFiltering.runQueries(filters, caseDb, centralRepoDb);


         // Add the data to resultFiles for any attributes needed for sorting and grouping

         addAttributes(attributesNeededForGroupingOrSorting, results, caseDb, centralRepoDb);


         // Collect everything in the search results

         SearchResults searchResults = new SearchResults(groupSortingType, groupAttributeType, fileSortingMethod);

         searchResults.add(results);

         Map<GroupKey, List<Result>> resultHashMap = searchResults.toLinkedHashMap();

         SearchKey searchKey = new SearchKey(userName, filters, groupAttributeType, groupSortingType, fileSortingMethod);

         synchronized (searchCache) {

             searchCache.put(searchKey, resultHashMap);

         }

         // Return a version of the results in general Java objects

         return resultHashMap;

     }


     private static void addAttributes(List<AttributeType> attrs, List<Result> results, SleuthkitCase caseDb, CentralRepository centralRepoDb)

             throws DiscoveryException {

         for (AttributeType attr : attrs) {

             attr.addAttributeToResults(results, caseDb, centralRepoDb);

         }

     }


     private FileSearch() {

         // Class should not be instantiated

     }


 }

org.sleuthkit

org.sleuthkit.autopsy.discovery.search.FileSearch.addAttributes
static void addAttributes(List< AttributeType > attrs, List< Result > results, SleuthkitCase caseDb, CentralRepository centralRepoDb)
Definition: FileSearch.java:301

org.sleuthkit.autopsy.discovery.search
Definition: AbstractFilter.java:19

org.sleuthkit.autopsy.discovery.search.FileSearch.FileSearch
FileSearch()
Definition: FileSearch.java:308

org.sleuthkit.autopsy.textsummarizer.TextSummarizer.summarize
TextSummary summarize(AbstractFile file, int summarySize)

org.sleuthkit.autopsy.discovery.search.Group
Definition: Group.java:29

org.sleuthkit.autopsy.textsummarizer.TextSummary
Definition: TextSummary.java:26

org.sleuthkit.autopsy.centralrepository.datamodel
Definition: CentralRepoAccount.java:19

org.sleuthkit.autopsy.textsummarizer.TextSummary.getSummaryText
String getSummaryText()
Definition: TextSummary.java:49

org.sleuthkit.autopsy.discovery.search.FileSearch
Definition: FileSearch.java:44

org.sleuthkit.autopsy.discovery.search.DiscoveryException
Definition: DiscoveryException.java:24

org.sleuthkit.autopsy.discovery.search.FileSearch.MAXIMUM_CACHE_SIZE
static final int MAXIMUM_CACHE_SIZE
Definition: FileSearch.java:47

org

org.sleuthkit.autopsy.discovery.search.DiscoveryKeyUtils.GroupKey
Definition: DiscoveryKeyUtils.java:205

org.sleuthkit.autopsy.discovery

org.sleuthkit.autopsy.centralrepository
Definition: AddEditCentralRepoCommentAction.java:19

org.sleuthkit.autopsy.discovery.search.FileSearch.searchCache
static final Cache< SearchKey, Map< GroupKey, List< Result > > > searchCache
Definition: FileSearch.java:48

org.sleuthkit.autopsy.discovery.search.FileSearch.summarize
static TextSummary summarize(AbstractFile file)
Definition: FileSearch.java:216

org.sleuthkit.autopsy.coreutils
Definition: AppSQLiteDB.java:19

org.sleuthkit.autopsy.coreutils.Logger
Definition: Logger.java:36

org.sleuthkit.autopsy.discovery.search.ResultsSorter.SortingMethod
Definition: ResultsSorter.java:322

org.sleuthkit.autopsy.discovery.search.DiscoveryAttributes
Definition: DiscoveryAttributes.java:54

org.sleuthkit.autopsy.discovery.search.ResultsSorter
Definition: ResultsSorter.java:32

org.sleuthkit.autopsy.discovery.search.FileSearch.runFileSearch
static Map< GroupKey, List< Result > > runFileSearch(String userName, List< AbstractFilter > filters, AttributeType groupAttributeType, Group.GroupSortingAlgorithm groupSortingType, ResultsSorter.SortingMethod fileSortingMethod, SleuthkitCase caseDb, CentralRepository centralRepoDb)
Definition: FileSearch.java:255

org.sleuthkit.autopsy.discovery.search.FileSearch.logger
static final Logger logger
Definition: FileSearch.java:46

org.sleuthkit.autopsy.centralrepository.datamodel.CentralRepository
Definition: CentralRepository.java:35

org.sleuthkit.autopsy.discovery.search.FileSearch.getGroupSizes
static Map< GroupKey, Integer > getGroupSizes(String userName, List< AbstractFilter > filters, AttributeType groupAttributeType, Group.GroupSortingAlgorithm groupSortingType, ResultsSorter.SortingMethod fileSortingMethod, SleuthkitCase caseDb, CentralRepository centralRepoDb)
Definition: FileSearch.java:122

org.sleuthkit.autopsy.discovery.search.DiscoveryAttributes.AttributeType
Definition: DiscoveryAttributes.java:61

org.sleuthkit.autopsy.coreutils.Logger.getLogger
synchronized static Logger getLogger(String name)
Definition: Logger.java:124

org.sleuthkit.autopsy

org.sleuthkit.autopsy.discovery.search.SearchFiltering
Definition: SearchFiltering.java:52

org.sleuthkit.autopsy.discovery.search.Group.GroupSortingAlgorithm
Definition: Group.java:146

org.sleuthkit.autopsy.textsummarizer
Definition: TextSummarizer.java:19

org.sleuthkit.autopsy.discovery.search.FileSearch.getFilesInGroup
static List< Result > getFilesInGroup(String userName, List< AbstractFilter > filters, AttributeType groupAttributeType, Group.GroupSortingAlgorithm groupSortingType, ResultsSorter.SortingMethod fileSortingMethod, GroupKey groupKey, int startingEntry, int numberOfEntries, SleuthkitCase caseDb, CentralRepository centralRepoDb)
Definition: FileSearch.java:159

org.sleuthkit.autopsy.discovery.search.DiscoveryKeyUtils.SearchKey
Definition: DiscoveryKeyUtils.java:47

org.sleuthkit.autopsy.textsummarizer.TextSummarizer
Definition: TextSummarizer.java:27

org.sleuthkit.autopsy.discovery.search.DiscoveryKeyUtils
Definition: DiscoveryKeyUtils.java:40