foreach ($need_zones as $tzid => $v) {
if (isset($timezones[$tzid])) {
$vcal->AddComponent($timezones[$tzid]);
}
}
$response = $vcal->Render();
header('Content-Length: ' . strlen($response));
header('Etag: ' . $dav_resource->unique_tag());
$request->DoResponse(200, $request->method == 'HEAD' ? '' : $response, 'text/calendar; charset="utf-8"');
}
// Just a single event then
$resource = $dav_resource->resource();
$ic = new iCalComponent($resource->caldav_data);
/** Default deny... */
$allowed = false;
if ($dav_resource->HavePrivilegeTo('all', false) || $session->user_no == $resource->user_no || $session->user_no == $resource->logged_user || $c->allow_get_email_visibility && $ic->IsAttendee($session->email)) {
/**
* These people get to see all of the event, and they should always
* get any alarms as well.
*/
$allowed = true;
} else {
if ($resource->class != 'PRIVATE') {
$allowed = true;
// but we may well obfuscate it below
if (!$dav_resource->HavePrivilegeTo('DAV::read') || $resource->class == 'CONFIDENTIAL' && !$request->HavePrivilegeTo('DAV::write-content')) {
$ical = new iCalComponent($resource->caldav_data);
$comps = $ical->GetComponents('VTIMEZONE', false);
$confidential = obfuscated_event($comps[0]);
$ical->SetComponents(array($confidential), $resource->caldav_type);
$resource->caldav_data = $ical->Render();
