Specific "edit" and "delete" rights are not taken into account when showing event modal dialog

When deciding if to show the "edit" and "delete" buttons in the modal dialog view for any event, the actual permissions for that event are not taken into account; instead only the global rights for the current user are used.

This happens by passing an undefined velocity variable in the check $xwiki.hasAccessLevel($right, $xcontext.getUser(), $item) .

Fortunately this is not a security issue, as only the buttons are show or not shown incorrectly. Still it means for example that normal users cannot delete their own events via the modal dialog because the button is missing.