From 778e1ce985fe89b375b3637c8ee64185e70f19b5 Mon Sep 17 00:00:00 2001
From: Georg Ehrke <dev@georgswebsite.de>
Date: Thu, 31 Jan 2013 17:52:50 +0100
Subject: [PATCH] some fixes for export with sharing

---
 export.php  | 8 ++++----
 lib/app.php | 9 ++++++++-
 2 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/export.php b/export.php
index a95c2818..1824e49c 100644
--- a/export.php
+++ b/export.php
@@ -9,19 +9,19 @@ OCP\User::checkLoggedIn();
 OCP\App::checkAppEnabled('calendar');
 $cal = isset($_GET['calid']) ? $_GET['calid'] : null;
 $event = isset($_GET['eventid']) ? $_GET['eventid'] : null;
-if(isset($cal)) {
+if(!is_null($cal)) {
 	$calendar = OC_Calendar_App::getCalendar($cal, true);
 	if(!$calendar) {
-		header('HTTP/1.0 404 Not Found');
+		header('HTTP/1.0 403 Forbidden');
 		exit;
 	}
 	header('Content-Type: text/calendar');
 	header('Content-Disposition: inline; filename=' . str_replace(' ', '-', $calendar['displayname']) . '.ics');
 	echo OC_Calendar_Export::export($cal, OC_Calendar_Export::CALENDAR);
-}elseif(isset($event)) {
+}elseif(!is_null($event)) {
 	$data = OC_Calendar_App::getEventObject($_GET['eventid'], true);
 	if(!$data) {
-		header('HTTP/1.0 404 Not Found');
+		header('HTTP/1.0 403 Forbidden');
 		exit;
 	}
 	header('Content-Type: text/calendar');
diff --git a/lib/app.php b/lib/app.php
index a1841b33..37d50671 100644
--- a/lib/app.php
+++ b/lib/app.php
@@ -42,7 +42,14 @@ class OC_Calendar_App{
 
 		$calendar = OC_Calendar_Calendar::find($id);
 		// FIXME: Correct arguments to just check for permissions
-		if($security === true || $shared === true) {
+		if($security === true && $shared === false) {
+			if(OCP\User::getUser() === $calendar['userid']){
+				return $calendar;
+			}else{
+				return false;
+			}
+		}
+		if($security === true && $shared === true) {
 			if(OCP\Share::getItemSharedWithBySource('calendar', $id)) {
 				return $calendar;
 			}