_params = $params; } return self::$_singleton; } public function viewFeed() { $contact_id = CRM_Utils_Array::value('cid', $this->_params); $hash = CRM_Utils_Array::value('key', $this->_params); // Ensure correct parameters. if (empty($contact_id) || empty($hash)) { return FALSE; } if (!_activityical_contact_has_feed_group($contact_id)) { return FALSE; } // Check $this->_params['key'] that it matches $this->_params['contact_id']. $feed = CRM_Activityical_Feed::getInstance($contact_id); if (!$feed->validateHash($hash)) { return FALSE; } return TRUE; } public function manageFeedDetails() { // Only allow access if no contact_id is given (working on my own contact) // or user has 'administer civicrm'. $contact_id = CRM_Utils_Array::value('contact_id', $this->_params); return ( !$contact_id || $contact_id == CRM_Core_Session::singleton()->getLoggedInContactID() || CRM_Core_Permission::check('administer CiviCRM') ); } }