Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/undo-ransomware/ransomware_detection.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/lib/Db
diff options
context:
space:
mode:
Diffstat (limited to 'lib/Db')
-rw-r--r--lib/Db/FileOperation.php21
-rw-r--r--lib/Db/RecoveredFileOperation.php110
-rw-r--r--lib/Db/RecoveredFileOperationMapper.php156
3 files changed, 287 insertions, 0 deletions
diff --git a/lib/Db/FileOperation.php b/lib/Db/FileOperation.php
index 09bcedc..18d400b 100644
--- a/lib/Db/FileOperation.php
+++ b/lib/Db/FileOperation.php
@@ -22,6 +22,7 @@
namespace OCA\RansomwareDetection\Db;
use OCP\AppFramework\Db\Entity;
+use OCA\RansomwareDetection\Db\RecoveredFileOperation;
class FileOperation extends Entity
{
@@ -86,4 +87,24 @@ class FileOperation extends Entity
$this->addType('fileExtensionClass', 'integer');
$this->addType('fileClass', 'integer');
}
+
+ public function toRecoveredFileOperation() {
+ $recoveredFileOperation = new RecoveredFileOperation();
+ $recoveredFileOperation->setUserId($this->getUserId());
+ $recoveredFileOperation->setPath($this->getPath());
+ $recoveredFileOperation->setOriginalName($this->getOriginalName());
+ $recoveredFileOperation->setNewName($this->getNewName());
+ $recoveredFileOperation->setType($this->getType());
+ $recoveredFileOperation->setMimeType($this->getMimeType());
+ $recoveredFileOperation->setSize($this->getSize());
+ $recoveredFileOperation->setTimestamp($this->getTimestamp());
+ $recoveredFileOperation->setCorrupted($this->getCorrupted());
+ $recoveredFileOperation->setCommand($this->getCommand());
+ $recoveredFileOperation->setSequence($this->getSequence());
+ $recoveredFileOperation->setEntropy($this->getEntropy());
+ $recoveredFileOperation->setStandardDeviation($this->getStandardDeviation());
+ $recoveredFileOperation->setFileClass($this->getFileClass());
+ $recoveredFileOperation->setFileExtensionClass($this->getFileExtensionClass());
+ return $recoveredFileOperation;
+ }
}
diff --git a/lib/Db/RecoveredFileOperation.php b/lib/Db/RecoveredFileOperation.php
new file mode 100644
index 0000000..74dbce7
--- /dev/null
+++ b/lib/Db/RecoveredFileOperation.php
@@ -0,0 +1,110 @@
+<?php
+
+/**
+ * @copyright Copyright (c) 2020 Matthias Held <matthias.held@uni-konstanz.de>
+ * @author Matthias Held <matthias.held@uni-konstanz.de>
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+namespace OCA\RansomwareDetection\Db;
+
+use OCP\AppFramework\Db\Entity;
+use OCA\RansomwareDetection\Db\FileOperation;
+
+class RecoveredFileOperation extends Entity
+{
+ /** @var string */
+ public $userId;
+
+ /** @var string */
+ public $path;
+
+ /** @var string */
+ public $originalName;
+
+ /** @var string */
+ public $newName;
+
+ /** @var string */
+ public $type;
+
+ /** @var string */
+ public $mimeType;
+
+ /** @var int */
+ public $size;
+
+ /** @var int */
+ public $corrupted;
+
+ /** @var string */
+ public $timestamp;
+
+ /** @var int */
+ public $command;
+
+ /** @var int */
+ public $sequence;
+
+ /** @var float */
+ public $entropy;
+
+ /** @var float */
+ public $standardDeviation;
+
+ /** @var string */
+ public $fileClass;
+
+ /** @var string */
+ public $fileExtensionClass;
+
+ /** @var int */
+ public $suspicionClass;
+
+ public function __construct()
+ {
+ // Add types in constructor
+ $this->addType('size', 'integer');
+ $this->addType('corrupted', 'integer');
+ $this->addType('command', 'integer');
+ $this->addType('sequence', 'integer');
+ $this->addType('entropy', 'float');
+ $this->addType('standardDeviation', 'float');
+ $this->addType('suspicionClass', 'integer');
+ $this->addType('fileExtensionClass', 'integer');
+ $this->addType('fileClass', 'integer');
+ }
+
+ public function toFileOperation() {
+ $fileOperation = new FileOperation();
+ $fileOperation->setUserId($this->getUserId());
+ $fileOperation->setPath($this->getPath());
+ $fileOperation->setOriginalName($this->getOriginalName());
+ $fileOperation->setNewName($this->getNewName());
+ $fileOperation->setType($this->getType());
+ $fileOperation->setMimeType($this->getMimeType());
+ $fileOperation->setSize($this->getSize());
+ $fileOperation->setTimestamp($this->getTimestamp());
+ $fileOperation->setCorrupted($this->getCorrupted());
+ $fileOperation->setCommand($this->getCommand());
+ $fileOperation->setSequence($this->getSequence());
+ $fileOperation->setEntropy($this->getEntropy());
+ $fileOperation->setStandardDeviation($this->getStandardDeviation());
+ $fileOperation->setFileClass($this->getFileClass());
+ $fileOperation->setFileExtensionClass($this->getFileExtensionClass());
+ return $fileOperation;
+ }
+}
diff --git a/lib/Db/RecoveredFileOperationMapper.php b/lib/Db/RecoveredFileOperationMapper.php
new file mode 100644
index 0000000..c0ee353
--- /dev/null
+++ b/lib/Db/RecoveredFileOperationMapper.php
@@ -0,0 +1,156 @@
+<?php
+
+/**
+ * @copyright Copyright (c) 2020 Matthias Held <matthias.held@uni-konstanz.de>
+ * @author Matthias Held <matthias.held@uni-konstanz.de>
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+namespace OCA\RansomwareDetection\Db;
+
+use OCP\IDBConnection;
+use OCP\AppFramework\Db\Mapper;
+
+class RecoveredFileOperationMapper extends Mapper
+{
+ /**
+ * @param IDBConnection $db
+ */
+ public function __construct(
+ IDBConnection $db
+ ) {
+ parent::__construct($db, 'rd_recovery');
+ }
+
+ /**
+ * Find one by id.
+ *
+ * @throws \OCP\AppFramework\Db\DoesNotExistException if not found
+ * @throws \OCP\AppFramework\Db\MultipleObjectsReturnedException if more than one result
+ *
+ * @param int $id
+ *
+ * @return Entity
+ */
+ public function find($id, $userId)
+ {
+ $sql = 'SELECT * FROM `*PREFIX*rd_recovery` '.
+ 'WHERE `id` = ? AND `user_id` = ?';
+
+ return $this->findEntity($sql, [$id, $userId]);
+ }
+
+ /**
+ * Find one by file name.
+ *
+ * @throws \OCP\AppFramework\Db\DoesNotExistException if not found
+ * @throws \OCP\AppFramework\Db\MultipleObjectsReturnedException if more than one result
+ *
+ * @param string $name
+ *
+ * @return Entity
+ */
+ public function findOneByFileName($name, $userId)
+ {
+ $sql = 'SELECT * FROM `*PREFIX*rd_recovery` '.
+ 'WHERE `original_name` = ? AND `user_id` = ?';
+
+ return $this->findEntity($sql, [$name, $userId]);
+ }
+
+ /**
+ * Find the one with the highest id.
+ *
+ * @throws \OCP\AppFramework\Db\DoesNotExistException if not found
+ * @throws \OCP\AppFramework\Db\MultipleObjectsReturnedException if more than one result
+ *
+ * @return Entity
+ */
+ public function findOneWithHighestId($userId)
+ {
+ $sql = 'SELECT * FROM `*PREFIX*rd_recovery` WHERE `user_id` = ?'.
+ 'ORDER BY id DESC LIMIT 1';
+
+ return $this->findEntity($sql, [$userId]);
+ }
+
+ /**
+ * Find all.
+ *
+ * @param int $limit
+ * @param int $offset
+ *
+ * @return array
+ */
+ public function findAll(array $params = [], $limit = null, $offset = null)
+ {
+ $sql = 'SELECT * FROM `*PREFIX*rd_recovery` WHERE `user_id` = ?';
+
+ return $this->findEntities($sql, $params, $limit, $offset);
+ }
+
+ /**
+ * Find a sequence by its id.
+ *
+ * @param array $params
+ * @param int $limit
+ * @param int $offset
+ *
+ * @return array
+ */
+ public function findSequenceById(array $params = [], $limit = null, $offset = null)
+ {
+ $sql = 'SELECT * FROM `*PREFIX*rd_recovery` WHERE `sequence` = ? AND `user_id` = ?';
+
+ return $this->findEntities($sql, $params, $limit, $offset);
+ }
+
+ /**
+ * Delete entity by id.
+ *
+ * @param int $id
+ */
+ public function deleteById($id, $userId)
+ {
+ $sql = 'DELETE FROM `*PREFIX*rd_recovery` WHERE `id` = ? AND `user_id` = ?';
+ $stmt = $this->execute($sql, [$id, $userId]);
+ $stmt->closeCursor();
+ }
+
+ /**
+ * Deletes a sequence of file operations.
+ *
+ * @param int $sequence
+ */
+ public function deleteSequenceById($sequence, $userId)
+ {
+ $sql = 'DELETE FROM `*PREFIX*rd_recovery` WHERE `sequence` = ? AND `user_id` = ?';
+ $stmt = $this->execute($sql, [$sequence, $userId]);
+ $stmt->closeCursor();
+ }
+
+ /**
+ * Delete all entries before $timestamp.
+ *
+ * @param int $timestamp
+ */
+ public function deleteFileOperationsBefore($timestamp)
+ {
+ $sql = 'DELETE FROM `*PREFIX*rd_recovery` WHERE `timestamp` < ?';
+ $stmt = $this->execute($sql, [$timestamp]);
+ $stmt->closeCursor();
+ }
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-20 15:33:00 +0300