19 package org.sleuthkit.datamodel;
21 import java.sql.PreparedStatement;
22 import java.sql.ResultSet;
23 import java.sql.SQLException;
24 import java.sql.Statement;
25 import java.util.ArrayList;
26 import java.util.Collections;
27 import java.util.HashSet;
28 import java.util.List;
29 import java.util.Optional;
32 import java.util.logging.Logger;
33 import java.util.stream.Collectors;
46 private static final Logger LOGGER = Logger.getLogger(
ScoringManager.class.getName());
71 try (CaseDbConnection connection = db.getConnection()) {
90 if (objIds.isEmpty()) {
91 return Collections.emptyMap();
96 Set<Long> set =
new HashSet<>(objIds);
98 String queryString =
"SELECT obj_id, significance, priority FROM tsk_aggregate_score WHERE obj_id in "
99 + set.stream().map(l -> l.toString()).collect(Collectors.joining(
",",
"(",
")"));
101 Map<Long, Score> results = set.stream().collect(Collectors.toMap( key -> key, key ->
Score.
SCORE_UNKNOWN));
103 try (CaseDbConnection connection = db.getConnection()) {
104 try (Statement s = connection.createStatement(); ResultSet rs = connection.executeQuery(s, queryString)) {
106 Long objId = rs.getLong(
"obj_id");
108 results.put(objId, score);
110 }
catch (SQLException ex) {
111 throw new TskCoreException(
"SQLException thrown while running query: " + queryString, ex);
132 CaseDbConnection connection = transaction.getConnection();
146 private Score
getAggregateScore(
long objId, CaseDbConnection connection)
throws TskCoreException {
147 String queryString =
"SELECT significance, priority FROM tsk_aggregate_score WHERE obj_id = " + objId;
148 try (Statement s = connection.createStatement(); ResultSet rs = connection.executeQuery(s, queryString)) {
150 return new Score(Significance.fromID(rs.getInt(
"significance")), Priority.fromID(rs.getInt(
"priority")));
152 return Score.SCORE_UNKNOWN;
154 }
catch (SQLException ex) {
155 throw new TskCoreException(
"SQLException thrown while running query: " + queryString, ex);
170 private void setAggregateScore(
long objId, Long dataSourceObjectId, Score score, CaseDbTransaction transaction)
throws TskCoreException {
172 String insertSQLString =
"INSERT INTO tsk_aggregate_score (obj_id, data_source_obj_id, significance , priority) VALUES (?, ?, ?, ?)"
173 +
" ON CONFLICT (obj_id) DO UPDATE SET significance = ?, priority = ?";
175 CaseDbConnection connection = transaction.getConnection();
177 PreparedStatement preparedStatement = connection.getPreparedStatement(insertSQLString, Statement.NO_GENERATED_KEYS);
178 preparedStatement.clearParameters();
180 preparedStatement.setLong(1, objId);
181 if (dataSourceObjectId != null) {
182 preparedStatement.setLong(2, dataSourceObjectId);
184 preparedStatement.setNull(2, java.sql.Types.NULL);
186 preparedStatement.setInt(3, score.getSignificance().getId());
187 preparedStatement.setInt(4, score.getPriority().getId());
189 preparedStatement.setInt(5, score.getSignificance().getId());
190 preparedStatement.setInt(6, score.getPriority().getId());
192 connection.executeUpdate(preparedStatement);
193 }
catch (SQLException ex) {
194 throw new TskCoreException(String.format(
"Error updating aggregate score, query: %s for objId = %d", insertSQLString, objId), ex);
215 Score updateAggregateScoreAfterAddition(
long objId, Long dataSourceObjectId, Score newResultScore, CaseDbTransaction transaction)
throws TskCoreException {
227 CaseDbConnection connection = transaction.getConnection();
228 connection.getAggregateScoreTableWriteLock();
229 }
catch (SQLException ex) {
230 throw new TskCoreException(
"Error getting exclusive write lock on aggregate score table", ex);
235 Score currentAggregateScore = ScoringManager.this.getAggregateScore(objId, transaction);
239 if ( (currentAggregateScore.compareTo(Score.SCORE_UNKNOWN) == 0 && newResultScore.compareTo(Score.SCORE_UNKNOWN) != 0)
240 || (Score.getScoreComparator().compare(newResultScore, currentAggregateScore) > 0)) {
241 setAggregateScore(objId, dataSourceObjectId, newResultScore, transaction);
244 transaction.registerScoreChange(
new ScoreChange(objId, dataSourceObjectId, currentAggregateScore, newResultScore));
245 return newResultScore;
248 return currentAggregateScore;
262 Score updateAggregateScoreAfterDeletion(
long objId, Long dataSourceObjectId, CaseDbTransaction transaction)
throws TskCoreException {
264 CaseDbConnection connection = transaction.getConnection();
276 connection.getAggregateScoreTableWriteLock();
277 }
catch (SQLException ex) {
278 throw new TskCoreException(
"Error getting exclusive write lock on aggregate score table", ex);
282 Score currentScore = ScoringManager.this.getAggregateScore(objId, transaction);
286 Score newScore = Score.SCORE_UNKNOWN;
287 for (AnalysisResult iter : analysisResults) {
288 Score iterScore = iter.getScore();
289 if (Score.getScoreComparator().compare(iterScore, newScore) > 0) {
290 newScore = iterScore;
296 Optional<Score> tagScore = db.
getTaggingManager().getMaxTagKnownStatus(objId, transaction)
297 .map(knownStatus -> TaggingManager.getTagScore(knownStatus));
299 if (tagScore.isPresent() && Score.getScoreComparator().compare(tagScore.get(), newScore) > 0) {
300 newScore = tagScore.get();
304 if (newScore.compareTo(currentScore) != 0) {
305 setAggregateScore(objId, dataSourceObjectId, newScore, transaction);
308 transaction.registerScoreChange(
new ScoreChange(objId, dataSourceObjectId, currentScore, newScore));
325 try (CaseDbConnection connection = db.getConnection()) {
346 String queryString =
"SELECT COUNT(obj_id) AS count FROM tsk_aggregate_score"
347 +
" WHERE data_source_obj_id = " + dataSourceObjectId
348 +
" AND significance = " + significance.getId();
350 try (Statement statement = connection.createStatement();
351 ResultSet resultSet = connection.executeQuery(statement, queryString);) {
354 if (resultSet.next()) {
355 count = resultSet.getLong(
"count");
358 }
catch (SQLException ex) {
359 throw new TskCoreException(
"Error getting count of items with significance = " + significance.toString(), ex);
375 try (CaseDbConnection connection = db.getConnection()) {
376 return getContent(dataSourceObjectId, significance, connection);
395 String queryString =
"SELECT obj_id FROM tsk_aggregate_score"
396 +
" WHERE data_source_obj_id = " + dataSourceObjectId
397 +
" AND significance = " + significance.getId();
399 try (Statement statement = connection.createStatement();
400 ResultSet resultSet = connection.executeQuery(statement, queryString);) {
402 List<Content> items =
new ArrayList<>();
403 while (resultSet.next()) {
404 long objId = resultSet.getLong(
"obj_id");
408 }
catch (SQLException ex) {
409 throw new TskCoreException(
"Error getting list of items with significance = " + significance.toString(), ex);
static Priority fromID(int id)
static Significance fromID(int id)
List< Content > getContent(long dataSourceObjectId, Score.Significance significance)
static final Score SCORE_UNKNOWN
Blackboard getBlackboard()
Content getContentById(long id)
Map< Long, Score > getAggregateScores(List< Long > objIds)
synchronized TaggingManager getTaggingManager()
long getContentCount(long dataSourceObjectId, Score.Significance significance)
List< AnalysisResult > getAnalysisResults(long dataSourceObjId, Integer artifactTypeID)
void releaseSingleUserCaseReadLock()
void acquireSingleUserCaseReadLock()
Score getAggregateScore(long objId)