dradis-projects 3.0.0

data/config/routes.rb

@@ -0,0 +1,4 @@
+Dradis::Plugins::Projects::Engine.routes.draw do
+  resource :package,  only: [:show]
+  resource :template, only: [:show]
+end

data/dradis-projects.gemspec

@@ -0,0 +1,30 @@
+$:.push File.expand_path('../lib', __FILE__)
+
+require 'dradis/plugins/projects/version'
+
+# Describe your gem and declare its dependencies:
+Gem::Specification.new do |spec|
+  spec.platform      = Gem::Platform::RUBY
+  spec.name = 'dradis-projects'
+  spec.version = Dradis::Plugins::Projects::VERSION::STRING
+  spec.summary = 'Project export/upload for the Dradis Framework.'
+  spec.description = 'This plugin allows you to dump the contents of the repo into a zip archive and restore the state from one of them.'
+
+  spec.license = 'GPL-2'
+
+  spec.authors = ['Daniel Martin']
+  spec.email = ['etd@nomejortu.com']
+  spec.homepage = 'http://dradisframework.org'
+
+  spec.files = `git ls-files`.split($\)
+  spec.executables = spec.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
+
+  spec.add_development_dependency 'bundler', '~> 1.6'
+  spec.add_development_dependency 'combustion'
+  spec.add_development_dependency 'rake', '~> 10.0'
+  spec.add_development_dependency 'rspec'
+
+  spec.add_dependency 'dradis-plugins', '~> 3.5'
+  spec.add_dependency 'rubyzip', '~> 1.1.0'
+end

data/lib/dradis-projects.rb

@@ -0,0 +1,5 @@
+require 'zip'
+
+require 'dradis-plugins'
+
+require 'dradis/plugins/projects'

data/lib/dradis/plugins/projects.rb

@@ -0,0 +1,15 @@
+module Dradis
+  module Plugins
+    module Projects
+      module Export; end
+      module Upload; end
+    end
+  end
+end
+
+require 'dradis/plugins/projects/engine'
+require 'dradis/plugins/projects/export/package'
+require 'dradis/plugins/projects/export/template'
+require 'dradis/plugins/projects/upload/package'
+require 'dradis/plugins/projects/upload/template'
+require 'dradis/plugins/projects/version'

data/lib/dradis/plugins/projects/engine.rb

@@ -0,0 +1,31 @@
+module Dradis
+  module Plugins
+    module Projects
+      class Engine < ::Rails::Engine
+        isolate_namespace Dradis::Plugins::Projects
+
+        include ::Dradis::Plugins::Base
+        description 'Save and restore project information'
+        provides :export, :upload
+
+        initializer 'dradis-projects.mount_engine' do
+          Rails.application.routes.append do
+            mount Dradis::Plugins::Projects::Engine => '/export/projects'
+          end
+        end
+
+        # Because this plugin provides two export modules, we have to overwrite
+        # the default .uploaders() method.
+        #
+        # See:
+        #  Dradis::Plugins::Upload::Base in dradis-plugins
+        def self.uploaders
+          [
+            Dradis::Plugins::Projects::Upload::Package,
+            Dradis::Plugins::Projects::Upload::Template
+          ]
+        end
+      end
+    end
+  end
+end

data/lib/dradis/plugins/projects/export/package.rb

@@ -0,0 +1,37 @@
+module Dradis::Plugins::Projects::Export
+  class Package < Dradis::Plugins::Export::Base
+
+    # Create a new project export bundle. It will include an XML file with the
+    # contents of the repository (see db_only) and all the attachments that
+    # have been uploaded into the system.
+    def export(params={})
+      raise ":filename not provided" unless params.key?(:filename)
+
+      filename = params[:filename]
+      logger   = params.fetch(:logger, Rails.logger)
+
+      File.delete(filename) if File.exists?(filename)
+
+      logger.debug{ "Creating a new Zip file in #{filename}..." }
+      Zip::File.open(filename, Zip::File::CREATE) do |zipfile|
+        Node.all.each do |node|
+          node_path = Attachment.pwd.join(node.id.to_s)
+
+          Dir["#{node_path}/**/**"].each do |file|
+            logger.debug{ "\tAdding attachment for '#{node.label}': #{file}" }
+            zipfile.add(file.sub("#{Attachment.pwd.to_s}/", ''), file)
+          end
+        end
+
+        logger.debug{ "\tAdding XML repository dump" }
+        template_exporter = Template.new(content_service: content_service)
+        template = template_exporter.export(params)
+        zipfile.get_output_stream('dradis-repository.xml') { |out|
+          out << template
+        }
+      end
+      logger.debug{ 'Done.' }
+    end
+
+  end
+end

data/lib/dradis/plugins/projects/export/template.rb

@@ -0,0 +1,173 @@
+module Dradis::Plugins::Projects::Export
+  class Template < Dradis::Plugins::Export::Base
+    # This method returns an XML representation of current repository which
+    # includes Categories, Nodes and Notes
+    def export(params={})
+      builder = Builder::XmlMarkup.new
+      builder.instruct!
+      result = builder.tag!('dradis-template') do |template_builder|
+        build_nodes(template_builder)
+        build_issues(template_builder)
+        build_methodologies(template_builder)
+        build_categories(template_builder)
+        build_tags(template_builder)
+      end
+      return result
+    end
+
+    private
+
+    def build_activities_for(builder, trackable)
+      builder.activities do |activities_builder|
+        trackable.activities.each do |activity|
+          activities_builder.activity do |activity_builder|
+            activity_builder.action(activity.action)
+            activity_builder.user_email(user_email_for_activity(activity))
+            activity_builder.created_at(activity.created_at.to_i)
+          end
+        end
+      end
+    end
+
+    def build_categories(builder)
+      categories = []
+      categories << Category.issue if @issues.any?
+      categories += @nodes.map do |node|
+        node.notes.map { |note| note.category }.uniq
+      end.flatten.uniq
+
+      builder.categories do |categories_builder|
+        categories.each do |category|
+          categories_builder.category do |category_builder|
+            category_builder.id(category.id)
+            category_builder.name(category.name)
+          end
+        end
+      end
+    end
+
+    def build_evidence_for_node(builder, node)
+      builder.evidence do |evidences_builder|
+        node.evidence.each do |evidence|
+          evidences_builder.evidence do |evidence_builder|
+            evidence_builder.id(evidence.id)
+            evidence_builder.author(evidence.author)
+            evidence_builder.tag!('issue-id', evidence.issue_id)
+            evidence_builder.content do
+              evidence_builder.cdata!(evidence.content)
+            end
+            build_activities_for(evidence_builder, evidence)
+          end
+        end
+      end
+    end
+
+    def build_issues(builder)
+      @issues = Issue.where(node_id: Node.issue_library).includes(:activities)
+
+      builder.issues do |issues_builder|
+        @issues.each do |issue|
+          issues_builder.issue do |issue_builder|
+            issue_builder.id(issue.id)
+            issue_builder.author(issue.author)
+            issue_builder.text do
+              issue_builder.cdata!(issue.text)
+            end
+            build_activities_for(issue_builder, issue)
+          end
+        end
+      end
+    end
+
+    def build_methodologies(builder)
+      methodologies = Node.methodology_library.notes
+      builder.methodologies do |methodologies_builder|
+        methodologies.each do |methodology|
+          methodologies_builder.methodology do |methodology_builder|
+            methodology_builder.text do
+              methodology_builder.cdata!(methodology.text)
+            end
+          end
+        end
+      end
+    end
+
+    def build_nodes(builder)
+      @nodes = Node.includes(:activities, :evidence, :notes, evidence: [:activities], notes: [:activities, :category]).all.reject do |node|
+        [Node::Types::METHODOLOGY,
+          Node::Types::ISSUELIB].include?(node.type_id)
+      end
+
+      builder.nodes do |nodes_builder|
+        @nodes.each do |node|
+          nodes_builder.node do |node_builder|
+            node_builder.id(node.id)
+            node_builder.label(node.label)
+            node_builder.tag!('parent-id', node.parent_id)
+            node_builder.position(node.position)
+            node_builder.properties do
+              node_builder.cdata!(node.raw_properties)
+            end
+            node_builder.tag!('type-id', node.type_id)
+            # Notes
+            build_notes_for_node(node_builder, node)
+            # Evidence
+            build_evidence_for_node(node_builder, node)
+            build_activities_for(node_builder, node)
+          end
+        end
+      end
+    end
+
+    def build_notes_for_node(builder, node)
+      builder.notes do |notes_builder|
+        node.notes.each do |note|
+          notes_builder.note do |note_builder|
+            note_builder.id(note.id)
+            note_builder.author(note.author)
+            note_builder.tag!('category-id', note.category_id)
+            note_builder.text do
+              note_builder.cdata!(note.text)
+            end
+            build_activities_for(note_builder, note)
+          end
+        end
+      end
+    end
+
+    def build_tags(builder)
+      tags = Tag.all
+      builder.tags do |tags_builder|
+        tags.each do |tag|
+          tags_builder.tag do |tag_builder|
+            tag_builder.id(tag.id)
+            tag_builder.name(tag.name)
+            tag_builder.taggings do |taggings_builder|
+              tag.taggings.each do |tagging|
+                taggings_builder.tagging do |tagging_builder|
+                  tagging_builder.tag!('taggable-id', tagging.taggable_id)
+                  tagging_builder.tag!('taggable-type', tagging.taggable_type)
+                end
+              end
+            end
+          end
+        end
+      end
+    end
+
+
+    # Cache user emails so we don't have to make an extra SQL request
+    # for every activity
+    def user_email_for_activity(activity)
+      return activity.user if activity.user.is_a?(String)
+
+      @user_emails ||= begin
+        User.select([:id, :email]).all.each_with_object({}) do |user, hash|
+          hash[user.id] = user.email
+        end
+      end
+      @user_emails[activity.user_id]
+    end
+
+  end
+end

data/lib/dradis/plugins/projects/gem_version.rb

@@ -0,0 +1,19 @@
+module Dradis
+  module Plugins
+    module Projects
+      # Returns the version of the currently loaded Projects as a <tt>Gem::Version</tt>
+      def self.gem_version
+        Gem::Version.new VERSION::STRING
+      end
+
+      module VERSION
+        MAJOR = 3
+        MINOR = 0
+        TINY = 0
+        PRE = nil
+
+        STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
+      end
+    end
+  end
+end

data/lib/dradis/plugins/projects/upload/package.rb

@@ -0,0 +1,71 @@
+module Dradis::Plugins::Projects::Upload
+  module Package
+    def self.meta
+      package = Dradis::Plugins::Projects
+      {
+        name:        package::Engine::plugin_name,
+        description: 'Upload Project package file (.zip)',
+        version:     package.version
+      }
+    end
+
+    # In this module you will find the implementation details that enable you to
+    # upload a project archive (generated using ProjectExport::Processor::full_project)
+    class Importer < Dradis::Plugins::Upload::Importer
+
+      def import(params={})
+        package = params[:file]
+        success = false
+
+        # Unpack the archive in a temporary location
+        FileUtils.mkdir Rails.root.join('tmp', 'zip')
+
+        begin
+          logger.info { 'Uncompressing the file' }
+          #TODO: this could be improved by only uncompressing the XML, then parsing
+          # it to get the node_lookup table and then uncompressing each entry to its
+          # final destination
+          Zip::File.foreach(package) do |entry|
+            path = Rails.root.join('tmp', 'zip', entry.name)
+            FileUtils.mkdir_p(File.dirname(path))
+            entry.extract(path)
+            logger.info { "\t#{entry.name}" }
+          end
+          logger.info { 'Done.' }
+
+          logger.info { 'Loading XML state file' }
+          importer    = Template::Importer.new(
+                          content_service:  content_service,
+                          logger:           logger,
+                          template_service: template_service
+                        )
+          node_lookup = importer.import(
+                          file: Rails.root.
+                                  join('tmp', 'zip', 'dradis-repository.xml')
+                        )
+
+          logger.info { 'Moving attachments to their final destinations' }
+          node_lookup.each do |oldid,newid|
+            if File.directory? Rails.root.join('tmp', 'zip', oldid)
+              FileUtils.mkdir_p Attachment.pwd.join(newid.to_s)
+
+              Dir.glob(Rails.root.join('tmp', 'zip', oldid, '*')).each do |attachment|
+                FileUtils.mv(attachment, Attachment.pwd.join(newid.to_s))
+              end
+            end
+          end
+
+          success = true
+        rescue Exception => e
+          logger.error { e.message }
+          success = false
+        ensure
+          # clean up the temporary files
+          FileUtils.rm_rf(Rails.root.join('tmp', 'zip'))
+        end
+
+        return success
+      end
+    end
+  end
+end

data/lib/dradis/plugins/projects/upload/template.rb

@@ -0,0 +1,364 @@
+module Dradis::Plugins::Projects::Upload
+  module Template
+    def self.meta
+      package = Dradis::Plugins::Projects
+      {
+        name:        package::Engine::plugin_name,
+        description: 'Upload Project template file (.xml)',
+        version:     package.version
+      }
+    end
+
+    class Importer < Dradis::Plugins::Upload::Importer
+
+      # The import method is invoked by the framework to process a template file
+      # that has just been uploaded using the 'Import from file...' dialog.
+      #
+      # This module will take the XMl export file created with the ProjectExport
+      # module and dump the contents into the current database.
+      #
+      # Since we cannot ensure that the original node and category IDs as specified
+      # in the XML are free in this database, we need to keep a few lookup tables
+      # to maintain the original structure of Nodes and the Notes pointing to the
+      # right nodes and categories.
+      #
+      # This method also returns the Node lookup table so callers can understand
+      # what changes to the original IDs have been applied. This is mainly for the
+      # benefit of the ProjectPackageUpload module that would use the translation
+      # table to re-associate the attachments in the project archive with the new
+      # node IDs in the current project.
+      def import(params={})
+
+        # load the template
+        logger.info { "Loading template file from: #{params[:file]}" }
+        template = Nokogiri::XML(File.read(params[:file]))
+        logger.info { "Done." }
+
+        unless template.errors.empty?
+          logger.error { "Invalid project template format." }
+          return false
+        end
+
+        # we need this to be able to convert from old category_id to the new
+        # category_id once the categories are added to the DB (the ID may have
+        # changed)
+        category_lookup = {}
+        # the same applies to Nodes (think parent_id)
+        node_lookup = {}
+        # and to issues
+        issue_lookup = {}
+
+        # evidence is parsed when nodes are parsed, but cannot be saved until issues
+        # have been created. Therefore, parse evidence into arrays until time for
+        # creation
+        evidence_array = []
+
+        # likewise we also need to hold on to the XML about evidence activities
+        # until after the evidence has been saved
+        evidence_activity_xml_array = []
+
+        # all children nodes, we will need to find the new ID of their parents
+        orphan_nodes = []
+
+        # if the note has an attachment screenshot (i.e. !.../nodes/i/attachments/...!)
+        # we will fix the URL to point to the new Node ID.
+        #
+        # WARNING: we need a lookup table because one note may be referencing a
+        # different (yet unprocessed) node's attachments.
+        attachment_notes = []
+
+        # go through the categories, keep a translation table between the old
+        # category id and the new ones so we know to which category we should
+        # assign our notes
+        template.xpath('dradis-template/categories/category').each do |xml_category|
+          old_id   = xml_category.at_xpath('id').text.strip
+          name     = xml_category.at_xpath('name').text.strip
+          category = nil
+
+          # Prevent creating duplicate categories
+          logger.info { "Looking for category: #{name}" }
+          category = Category.find_or_create_by!(name: name)
+          category_lookup[old_id] = category.id
+        end
+
+
+        # ------------------------------------------------------------------- Nodes
+        # Re generate the Node tree structure
+        template.xpath('dradis-template/nodes/node').each do |xml_node|
+          element   = xml_node.at_xpath('type-id')
+          type_id   = element.text.nil? ? nil : element.text.strip
+          label     = xml_node.at_xpath('label').text.strip
+          element   = xml_node.at_xpath('parent-id')
+          parent_id = element.text.nil? ? nil : element.text.strip
+
+          # Node positions
+          element  = xml_node.at_xpath('position')
+          position = (element && !element.text.nil?) ? element.text.strip : nil
+
+          # Node properties
+          element    = xml_node.at_xpath('properties')
+          properties = (element && !element.text.blank?) ? element.text.strip : nil
+
+          created_at = xml_node.at_xpath('created-at')
+          updated_at = xml_node.at_xpath('updated-at')
+
+          logger.info { "New node detected: #{label}, parent_id: #{parent_id}, type_id: #{type_id}" }
+
+          # There is one exception to the rule, the Configuration.uploadsNode node,
+          # it does not make sense to have more than one of this nodes, in any
+          # given tree
+          node = nil
+          note = nil
+          evidence = nil
+          if (label == Configuration.plugin_uploads_node)
+            node = Node.create_with(type_id: type_id, parent_id: parent_id).
+                    find_or_create_by!(label: label)
+          else
+            node = Node.create!(
+                     type_id:   type_id,
+                     label:     label,
+                     parent_id: parent_id,
+                     position:  position
+                   )
+          end
+
+          if properties
+            node.raw_properties = properties
+          end
+
+          node.update_attribute(:created_at, created_at.text.strip) if created_at
+          node.update_attribute(:updated_at, updated_at.text.strip) if updated_at
+
+          return false unless validate_and_save(node)
+          return false unless create_activities(node, xml_node)
+
+          xml_node.xpath('notes/note').each do |xml_note|
+
+            if xml_note.at_xpath('author') != nil
+              old_id = xml_note.at_xpath('category-id').text.strip
+              new_id = category_lookup[old_id]
+
+              created_at  = xml_note.at_xpath('created-at')
+              updated_at  = xml_note.at_xpath('updated-at')
+
+              logger.info { "Note category rewrite, used to be #{old_id}, now is #{new_id}" }
+              note = Note.create!(
+                       author:      xml_note.at_xpath('author').text.strip,
+                       node_id:     node.id,
+                       category_id: new_id,
+                       text:        xml_note.at_xpath('text').text
+                     )
+
+              note.update_attribute(:created_at, created_at.text.strip) if created_at
+              note.update_attribute(:updated_at, updated_at.text.strip) if updated_at
+
+              return false unless validate_and_save(note)
+
+              if note.text =~ %r{^!(.*)/nodes/(\d+)/attachments/(.+)!$}
+                attachment_notes << note
+              end
+
+              return false unless create_activities(note, xml_note)
+
+              logger.info { "\tNew note added detected." }
+            end
+          end
+
+          # Create array of evidence from xml input. Cannot store in DB until we
+          # have a new issue id
+          xml_node.xpath('evidence/evidence').each do |xml_evidence|
+            if xml_evidence.at_xpath('author') != nil
+              created_at  = xml_evidence.at_xpath('created-at')
+              updated_at  = xml_evidence.at_xpath('updated-at')
+
+              evidence = Evidence.new(
+                           author:   xml_evidence.at_xpath('author').text.strip,
+                           node_id:  node.id,
+                           content:  xml_evidence.at_xpath('content').text,
+                           issue_id: xml_evidence.at_xpath('issue-id').text.strip
+                         )
+
+              evidence.update_attribute(:created_at, created_at.text.strip) if created_at
+              evidence.update_attribute(:updated_at, updated_at.text.strip) if updated_at
+              evidence_array << evidence
+
+              evidence_activity_xml_array << xml_evidence.xpath("activities/activity")
+
+              logger.info { "\tNew evidence added." }
+            end
+          end
+
+          # keep track of reassigned ids
+          node_lookup[xml_node.at_xpath('id').text.strip] = node.id
+
+          if node.parent_id != nil
+            # keep track of orphaned nodes
+            orphan_nodes << node
+          end
+        end
+
+
+        # ------------------------------------------------------------------- Issues
+        issue = nil
+        issue_category = Category.issue
+        issue_library  = Node.issue_library
+        # go through the issues, keep a translation table between the old
+        # issue id and the new ones. This is important for importing evidence
+        # Will need to adjust node ID after generating node structure
+        template.xpath('dradis-template/issues/issue').each do |xml_issue|
+          old_id = xml_issue.at_xpath('id').text.strip
+
+          # TODO: Need to find some way of checking for dups
+          # May be combination of text, category_id and created_at
+          issue = Issue.new
+          issue.author   = xml_issue.at_xpath('author').text.strip
+          issue.text     = xml_issue.at_xpath('text').text
+          issue.node     = issue_library
+          issue.category = issue_category
+
+          return false unless validate_and_save(issue)
+
+          return false unless create_activities(issue, xml_issue)
+
+          if issue.text =~ %r{^!(.*)/nodes/(\d+)/attachments/(.+)!$}
+            attachment_notes << issue
+          end
+
+          issue_lookup[old_id] = issue.id
+          logger.info{ "New issue detected: #{issue.title}" }
+        end
+
+        # ----------------------------------------------------------- Methodologies
+        methodology_category = Category.default
+        methodology_library  = Node.methodology_library
+        template.xpath('dradis-template/methodologies/methodology').each do |xml_methodology|
+          # FIXME: this is wrong in a few levels, we should be able to save a
+          # Methodology instance calling .save() but the current implementation
+          # of the model would consider this a 'methodology template' and not an
+          # instance.
+          #
+          # Also, methodology notes don't have a valid author, see
+          # MethodologiesController#create action (i.e. 'methodology builder' is
+          # used).
+          Note.create!(
+            author:      'methodology importer',
+            node_id:     methodology_library.id,
+            category_id: methodology_category.id,
+            text:        xml_methodology.at_xpath('text').text
+          )
+        end
+
+        # -------------------------------------------------------------------- Tags
+        template.xpath('dradis-template/tags/tag').each do |xml_tag|
+          name = xml_tag.at_xpath('name').text()
+          tag  = Tag.find_or_create_by!(name: name)
+          @logger.info { "New tag detected: #{name}" }
+
+          xml_tag.xpath('./taggings/tagging').each do |xml_tagging|
+            old_taggable_id = xml_tagging.at_xpath('taggable-id').text()
+            taggable_type   = xml_tagging.at_xpath('taggable-type').text()
+
+            new_taggable_id = case taggable_type
+                              when 'Note'
+                                issue_lookup[old_taggable_id]
+                              end
+
+            Tagging.create! tag: tag, taggable_id: new_taggable_id, taggable_type: taggable_type
+          end
+        end
+
+        # ----------------------------------------------------------------- Wrap up
+
+        logger.info { "Wrapping up..." }
+
+        # Save the Evidence instance to the DB now that we have populated Issues
+        # the original issues
+        evidence_array.each_with_index do |evidence, i|
+          logger.info { "Setting issue_id for evidence" }
+          evidence.issue_id = issue_lookup[evidence.issue_id.to_s]
+
+          new_content      = evidence.content.gsub(%r{^!(.*)/nodes/(\d+)/attachments/(.+)!$}) do |_|
+            "!%s/nodes/%d/attachments/%s!" % [$1, node_lookup[$2], $3]
+          end
+          evidence.content = new_content
+
+          return false unless validate_and_save(evidence)
+
+          evidence_activity_xml_array[i].each do |xml_activity|
+            return false unless create_activity(evidence, xml_activity)
+          end
+        end
+
+        # Fix relationships between nodes to ensure parents and childrens match
+        # with the new assigned :ids
+        orphan_nodes.each do |node|
+          logger.info { "Finding parent for orphaned node: #{node.label}. Former parent was #{node.parent_id}" }
+          node.parent_id = node_lookup[node.parent_id.to_s]
+          return false unless validate_and_save(node)
+        end
+
+        # Adjust attachment URLs for new Node IDs
+        attachment_notes.each do |note|
+          @logger.info{ "Adjusting screenshot URLs: Note ##{note.id}" }
+          new_text = note.text.gsub(%r{^!(.*)/nodes/(\d+)/attachments/(.+)!$}) do |_|
+            "!%s/nodes/%d/attachments/%s!" % [$1, node_lookup[$2], $3]
+          end
+          note.text = new_text
+          return false unless validate_and_save(note)
+        end
+
+        return node_lookup
+      end
+
+      private
+
+      def create_activities(trackable, xml_trackable)
+        xml_trackable.xpath('activities/activity').each do |xml_activity|
+          # if 'validate_and_save(activity)' returns false, it needs
+          # to bubble up to the 'import' method so we can stop execution
+          return false unless create_activity(trackable, xml_activity)
+        end
+      end
+
+      def create_activity(trackable, xml_activity)
+        activity = trackable.activities.new(
+          action:     xml_activity.at_xpath("action").text,
+          created_at: Time.at(xml_activity.at_xpath("created_at").text.to_i)
+        )
+
+        set_activity_user(activity, xml_activity.at_xpath("user_email").text)
+
+        validate_and_save(activity)
+      end
+
+      def set_activity_user(activity, email)
+        if Activity.column_names.include?('user')
+          activity.user = email
+        else
+          activity.user_id = user_id_for_email(email)
+        end
+      end
+
+      # Cache users to cut down on excess SQL requests
+      def user_id_for_email(email)
+        return -1 if email.blank?
+        @users ||= begin
+          User.select([:id, :email]).all.each_with_object({}) do |user, hash|
+            hash[user.email] = user.id
+          end
+        end
+        @users[email] || -1
+      end
+
+      def validate_and_save(instance)
+        if instance.save
+          return true
+        else
+          @logger.info{ "Malformed #{ instance.class.name } detected: #{ instance.errors.full_messages }" }
+          return false
+        end
+      end
+
+    end
+  end
+end