foreach ($need_zones as $tzid => $v) { if (isset($timezones[$tzid])) { $vcal->AddComponent($timezones[$tzid]); } } $response = $vcal->Render(); header('Content-Length: ' . strlen($response)); header('Etag: ' . $dav_resource->unique_tag()); $request->DoResponse(200, $request->method == 'HEAD' ? '' : $response, 'text/calendar; charset="utf-8"'); } // Just a single event then $resource = $dav_resource->resource(); $ic = new iCalComponent($resource->caldav_data); /** Default deny... */ $allowed = false; if ($dav_resource->HavePrivilegeTo('all', false) || $session->user_no == $resource->user_no || $session->user_no == $resource->logged_user || $c->allow_get_email_visibility && $ic->IsAttendee($session->email)) { /** * These people get to see all of the event, and they should always * get any alarms as well. */ $allowed = true; } else { if ($resource->class != 'PRIVATE') { $allowed = true; // but we may well obfuscate it below if (!$dav_resource->HavePrivilegeTo('DAV::read') || $resource->class == 'CONFIDENTIAL' && !$request->HavePrivilegeTo('DAV::write-content')) { $ical = new iCalComponent($resource->caldav_data); $comps = $ical->GetComponents('VTIMEZONE', false); $confidential = obfuscated_event($comps[0]); $ical->SetComponents(array($confidential), $resource->caldav_type); $resource->caldav_data = $ical->Render();