Autopsy  4.18.0
Graphical digital forensics platform for The Sleuth Kit and other tools.
StandardInterestingFilesSetsLoader.java
Go to the documentation of this file.
1 /*
2  * Autopsy Forensic Browser
3  *
4  * Copyright 2020 Basis Technology Corp.
5  * Contact: carrier <at> sleuthkit <dot> org
6  *
7  * Licensed under the Apache License, Version 2.0 (the "License");
8  * you may not use this file except in compliance with the License.
9  * You may obtain a copy of the License at
10  *
11  * http://www.apache.org/licenses/LICENSE-2.0
12  *
13  * Unless required by applicable law or agreed to in writing, software
14  * distributed under the License is distributed on an "AS IS" BASIS,
15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16  * See the License for the specific language governing permissions and
17  * limitations under the License.
18  */
19 package org.sleuthkit.autopsy.modules.interestingitems;
20 
21 import java.io.File;
22 import java.io.FilenameFilter;
23 import java.util.HashMap;
24 import java.util.Map;
25 import java.util.function.Function;
26 import java.util.logging.Level;
27 import java.util.stream.Collectors;
28 import org.openide.modules.InstalledFileLocator;
29 import org.openide.modules.OnStart;
30 import org.openide.util.NbBundle.Messages;
34 
39 @OnStart
40 public class StandardInterestingFilesSetsLoader implements Runnable {
41 
42  private static final Logger LOGGER = Logger.getLogger(StandardInterestingFilesSetsLoader.class.getName());
43 
44  private static final String CONFIG_DIR = "InterestingFileSetRules";
45 
46  private static final FilenameFilter DEFAULT_XML_FILTER = new FilenameFilter() {
47  @Override
48  public boolean accept(File dir, String name) {
49  return name.endsWith(".xml");
50  }
51  };
52 
53  @Override
54  @Messages({
55  "StandardInterestingFilesSetsLoader_cannotLoadStandard=Unable to properly read standard interesting files sets.",
56  "StandardInterestingFilesSetsLoader_cannotLoadUserConfigured=Unable to properly read user-configured interesting files sets.",
57  "StandardInterestingFilesSetsLoader_cannotUpdateInterestingFilesSets=Unable to write updated configuration for interesting files sets to config directory."
58  })
59  public void run() {
60  Map<String, FilesSet> standardInterestingFileSets = null;
61  try {
62  standardInterestingFileSets = readStandardFileXML();
64  handleError(Bundle.StandardInterestingFilesSetsLoader_cannotLoadStandard(), ex);
65  return;
66  }
67 
68  // Call FilesSetManager.getInterestingFilesSets() to get a Map<String, FilesSet> of the existing rule sets.
69  Map<String, FilesSet> userConfiguredSettings = null;
70  try {
71  userConfiguredSettings = FilesSetsManager.getInstance().getInterestingFilesSets();
73  LOGGER.log(Level.SEVERE, "Unable to properly read user-configured interesting files sets.", ex);
74  handleError(Bundle.StandardInterestingFilesSetsLoader_cannotLoadStandard(), ex);
75  return;
76  }
77 
78  // Add each FilesSet read from the standard rules set XML files that is missing from the Map to the Map.
79  copyOnNewer(standardInterestingFileSets, userConfiguredSettings, true);
80 
81  try {
82  // Call FilesSetManager.setInterestingFilesSets with the updated Map.
83  FilesSetsManager.getInstance().setInterestingFilesSets(userConfiguredSettings);
85  handleError(Bundle.StandardInterestingFilesSetsLoader_cannotUpdateInterestingFilesSets(), ex);
86  }
87  }
88 
95  private static void handleError(String message, Exception ex) {
96  LOGGER.log(Level.SEVERE, message, ex);
99  }
100  }
101 
109  private static Map<String, FilesSet> readStandardFileXML() throws FilesSetsManager.FilesSetsManagerException {
110  Map<String, FilesSet> standardInterestingFileSets = new HashMap<>();
111 
112  File configFolder = InstalledFileLocator.getDefault().locate(
113  CONFIG_DIR, StandardInterestingFilesSetsLoader.class.getPackage().getName(), false);
114 
115  if (configFolder == null || !configFolder.exists() || !configFolder.isDirectory()) {
116  throw new FilesSetsManager.FilesSetsManagerException("No standard interesting files set folder exists.");
117  }
118 
119  File[] standardFileSets = configFolder.listFiles(DEFAULT_XML_FILTER);
120 
121  for (File standardFileSetsFile : standardFileSets) { //NON-NLS
122  try {
123  Map<String, FilesSet> thisFilesSet = InterestingItemsFilesSetSettings.readDefinitionsXML(standardFileSetsFile);
124 
125  // ensure that read resources are standard sets
126  thisFilesSet = thisFilesSet.values()
127  .stream()
128  .map((filesSet) -> getAsStandardFilesSet(filesSet, true))
129  .collect(Collectors.toMap(FilesSet::getName, Function.identity()));
130 
131  copyOnNewer(thisFilesSet, standardInterestingFileSets);
133  LOGGER.log(Level.WARNING, String.format("There was a problem importing the standard interesting file set at: %s.",
134  standardFileSetsFile.getAbsoluteFile()), ex);
135  }
136  }
137  return standardInterestingFileSets;
138  }
139 
150  static FilesSet getAsStandardFilesSet(FilesSet origFilesSet, boolean standardFilesSet) {
151  return new FilesSet(
152  origFilesSet.getName(),
153  origFilesSet.getDescription(),
154  origFilesSet.ignoresKnownFiles(),
155  origFilesSet.ingoresUnallocatedSpace(),
156  origFilesSet.getRules(),
157  standardFilesSet,
158  origFilesSet.getVersionNumber()
159  );
160  }
161 
170  private static void copyOnNewer(Map<String, FilesSet> src, Map<String, FilesSet> dest) {
171  copyOnNewer(src, dest, false);
172  }
173 
185  private static void copyOnNewer(Map<String, FilesSet> src, Map<String, FilesSet> dest, boolean appendCustom) {
186  for (Map.Entry<String, FilesSet> srcEntry : src.entrySet()) {
187  String key = srcEntry.getKey();
188  FilesSet srcFileSet = srcEntry.getValue();
189  FilesSet destFileSet = dest.get(key);
190  if (destFileSet != null) {
191  // If and only if there is a naming conflict with a user-defined rule set, append “(Custom)”
192  // to the user-defined rule set and add it back to the Map.
193  if (appendCustom && srcFileSet.isStandardSet() != destFileSet.isStandardSet()) {
194  if (srcFileSet.isStandardSet()) {
195  addCustomFile(dest, destFileSet);
196  dest.put(key, srcFileSet);
197  } else {
198  addCustomFile(dest, srcFileSet);
199  }
200  continue;
201  }
202 
203  // Replace each FilesSet read from the standard rules set XML files that has a newer version
204  // number than the corresponding FilesSet in the Map with the updated FilesSet.
205  if (destFileSet.getVersionNumber() >= srcEntry.getValue().getVersionNumber()) {
206  continue;
207  }
208  }
209 
210  dest.put(srcEntry.getKey(), srcEntry.getValue());
211  }
212  }
213 
222  private static void addCustomFile(Map<String, FilesSet> dest, FilesSet srcFilesSet) {
223  if (srcFilesSet.isStandardSet()) {
224  LOGGER.log(Level.SEVERE, "An attempt to create a custom file that was a standard set.");
225  return;
226  }
227 
228  FilesSet srcToAdd = srcFilesSet;
229 
230  do {
231  srcToAdd = getAsCustomFileSet(srcToAdd);
232  } while (dest.containsKey(srcToAdd.getName()));
233 
234  dest.put(srcToAdd.getName(), srcToAdd);
235  }
236 
245  @Messages({
246  "# {0} - filesSetName",
247  "StandardInterestingFileSetsLoader.customSuffixed={0} (Custom)"
248  })
249  static FilesSet getAsCustomFileSet(FilesSet srcFilesSet) {
250  String customKey = Bundle.StandardInterestingFileSetsLoader_customSuffixed(srcFilesSet.getName());
251  return new FilesSet(
252  customKey,
253  srcFilesSet.getDescription(),
254  srcFilesSet.ignoresKnownFiles(),
255  srcFilesSet.ingoresUnallocatedSpace(),
256  srcFilesSet.getRules(),
257  false,
258  srcFilesSet.getVersionNumber()
259  );
260  }
261 }
static void copyOnNewer(Map< String, FilesSet > src, Map< String, FilesSet > dest)
static void copyOnNewer(Map< String, FilesSet > src, Map< String, FilesSet > dest, boolean appendCustom)
synchronized static Logger getLogger(String name)
Definition: Logger.java:124

Copyright © 2012-2021 Basis Technology. Generated on: Thu Jul 8 2021
This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.