You are looking at documentation for an older release. Not what you want? See the current release documentation.
All the methods of the API require an authenticated user, and will access the resources on behalf of that user.
While a permission can be the ownership or read or write, generally a user can have permissions to the following resources:
Calendars: His personal calendars, calendars of the groups that he belongs (for example, space calendar), and calendars that are shared to him and his groups.
Events/Tasks: When the user has access to a calendar, he has access to its events and tasks. He also has access to an event or task if he is a participant or delegatee.
Occurrences: When the user has access to a (recurring) event, he can read its occurrences. The API does not support the way to edit individual occurrences.
Invitations: When the user has access to an event, he has access to its invitations.
Attachments: When the user has access to an event or task, he has access to its attachments.
Categories: Any user has write access to his personal categories and read access to common categories.
Feeds: Feeds are always personal, so any user has access only to the feeds created by him.