diff --git a/resources/sql/autopatches/20150430.calendar.1.policies.sql b/resources/sql/autopatches/20150430.calendar.1.policies.sql
new file mode 100644
index 0000000000..aa0bdff261
--- /dev/null
+++ b/resources/sql/autopatches/20150430.calendar.1.policies.sql
@@ -0,0 +1,11 @@
+ALTER TABLE {$NAMESPACE}_calendar.calendar_event
+    ADD viewPolicy varbinary(64) NOT NULL;
+
+ALTER TABLE {$NAMESPACE}_calendar.calendar_event
+    ADD editPolicy varbinary(64) NOT NULL;
+
+UPDATE {$NAMESPACE}_calendar.calendar_event
+  SET viewPolicy = 'users' WHERE viewPolicy = '';
+
+UPDATE {$NAMESPACE}_calendar.calendar_event
+  SET editPolicy = userPHID;
diff --git a/src/applications/calendar/controller/PhabricatorCalendarEventEditController.php b/src/applications/calendar/controller/PhabricatorCalendarEventEditController.php
index cd72d03fd7..238c96039e 100644
--- a/src/applications/calendar/controller/PhabricatorCalendarEventEditController.php
+++ b/src/applications/calendar/controller/PhabricatorCalendarEventEditController.php
@@ -138,6 +138,14 @@ final class PhabricatorCalendarEventEditController
             PhabricatorCalendarEventTransaction::TYPE_DESCRIPTION)
           ->setNewValue($description);
 
+        $xactions[] = id(new PhabricatorCalendarEventTransaction())
+          ->setTransactionType(PhabricatorTransactions::TYPE_VIEW_POLICY)
+          ->setNewValue($request->getStr('viewPolicy'));
+
+        $xactions[] = id(new PhabricatorCalendarEventTransaction())
+          ->setTransactionType(PhabricatorTransactions::TYPE_EDIT_POLICY)
+          ->setNewValue($request->getStr('editPolicy'));
+
         $editor = id(new PhabricatorCalendarEventEditor())
           ->setActor($user)
           ->setContentSourceFromRequest($request)
@@ -179,6 +187,23 @@ final class PhabricatorCalendarEventEditController
       ->setName('description')
       ->setValue($event->getDescription());
 
+    $current_policies = id(new PhabricatorPolicyQuery())
+      ->setViewer($user)
+      ->setObject($event)
+      ->execute();
+    $view_policies = id(new AphrontFormPolicyControl())
+      ->setUser($user)
+      ->setCapability(PhabricatorPolicyCapability::CAN_VIEW)
+      ->setPolicyObject($event)
+      ->setPolicies($current_policies)
+      ->setName('viewPolicy');
+    $edit_policies = id(new AphrontFormPolicyControl())
+      ->setUser($user)
+      ->setCapability(PhabricatorPolicyCapability::CAN_EDIT)
+      ->setPolicyObject($event)
+      ->setPolicies($current_policies)
+      ->setName('editPolicy');
+
     $subscribers = id(new AphrontFormTokenizerControl())
       ->setLabel(pht('Subscribers'))
       ->setName('subscribers')
@@ -199,6 +224,8 @@ final class PhabricatorCalendarEventEditController
       ->appendChild($status_select)
       ->appendChild($start_time)
       ->appendChild($end_time)
+      ->appendControl($view_policies)
+      ->appendControl($edit_policies)
       ->appendControl($subscribers)
       ->appendControl($invitees)
       ->appendChild($description);
diff --git a/src/applications/calendar/storage/PhabricatorCalendarEvent.php b/src/applications/calendar/storage/PhabricatorCalendarEvent.php
index ae5b14288f..84dff02e25 100644
--- a/src/applications/calendar/storage/PhabricatorCalendarEvent.php
+++ b/src/applications/calendar/storage/PhabricatorCalendarEvent.php
@@ -18,6 +18,9 @@ final class PhabricatorCalendarEvent extends PhabricatorCalendarDAO
   protected $description;
   protected $isCancelled;
 
+  protected $viewPolicy;
+  protected $editPolicy;
+
   private $invitees = self::ATTACHABLE;
 
   const STATUS_AWAY = 1;
@@ -32,6 +35,8 @@ final class PhabricatorCalendarEvent extends PhabricatorCalendarDAO
     return id(new PhabricatorCalendarEvent())
       ->setUserPHID($actor->getPHID())
       ->setIsCancelled(0)
+      ->setViewPolicy($actor->getPHID())
+      ->setEditPolicy($actor->getPHID())
       ->attachInvitees(array());
   }
 
@@ -224,18 +229,37 @@ final class PhabricatorCalendarEvent extends PhabricatorCalendarDAO
   public function getPolicy($capability) {
     switch ($capability) {
       case PhabricatorPolicyCapability::CAN_VIEW:
-        return PhabricatorPolicies::getMostOpenPolicy();
+        return $this->getViewPolicy();
       case PhabricatorPolicyCapability::CAN_EDIT:
-        return $this->getUserPHID();
+        return $this->getEditPolicy();
     }
   }
 
   public function hasAutomaticCapability($capability, PhabricatorUser $viewer) {
+    // The owner of a task can always view and edit it.
+    $user_phid = $this->getUserPHID();
+    if ($user_phid) {
+      $viewer_phid = $viewer->getPHID();
+      if ($viewer_phid == $user_phid) {
+        return true;
+      }
+    }
+
+    if ($capability == PhabricatorPolicyCapability::CAN_VIEW) {
+      $status = $this->getUserInviteStatus($viewer->getPHID());
+      if ($status == PhabricatorCalendarEventInvitee::STATUS_INVITED ||
+        $status == PhabricatorCalendarEventInvitee::STATUS_ATTENDING ||
+        $status == PhabricatorCalendarEventInvitee::STATUS_DECLINED) {
+        return true;
+      }
+    }
+
     return false;
   }
 
   public function describeAutomaticCapability($capability) {
-    return null;
+    return pht('The owner of an event can always view and edit it,
+      and invitees can always view it.');
   }
 
 /* -(  PhabricatorApplicationTransactionInterface  )------------------------- */