diff --git a/apps/dav/lib/CalDAV/Calendar.php b/apps/dav/lib/CalDAV/Calendar.php
index a07bbe93218caf6149bdc0b4f2fe374d8b3b0b95..e80bffdb9d08f8c9c3f90a787096f4d7847a9c00 100644
--- a/apps/dav/lib/CalDAV/Calendar.php
+++ b/apps/dav/lib/CalDAV/Calendar.php
@@ -139,6 +139,10 @@ class Calendar extends \Sabre\CalDAV\Calendar implements IShareable {
 			];
 		}
 
+		if (!$this->isShared()) {
+			return $acl;
+		}
+
 		if ($this->getOwner() !== parent::getOwner()) {
 			$acl[] =  [
 					'privilege' => '{DAV:}read',
@@ -168,14 +172,9 @@ class Calendar extends \Sabre\CalDAV\Calendar implements IShareable {
 		}
 
 		$acl = $this->caldavBackend->applyShareAcl($this->getResourceId(), $acl);
-
-		if (!$this->isShared()) {
-			return $acl;
-		}
-
 		$allowedPrincipals = [$this->getOwner(), parent::getOwner(), 'principals/system/public'];
 		return array_filter($acl, function($rule) use ($allowedPrincipals) {
-			return in_array($rule['principal'], $allowedPrincipals);
+			return \in_array($rule['principal'], $allowedPrincipals, true);
 		});
 	}
 
diff --git a/apps/dav/lib/CardDAV/AddressBook.php b/apps/dav/lib/CardDAV/AddressBook.php
index 71202319874552676c73c665465559e9b646d0fa..30ce0a3253ca897c67420f842a0810c845e435f9 100644
--- a/apps/dav/lib/CardDAV/AddressBook.php
+++ b/apps/dav/lib/CardDAV/AddressBook.php
@@ -105,12 +105,17 @@ class AddressBook extends \Sabre\CardDAV\AddressBook implements IShareable {
 				'privilege' => '{DAV:}read',
 				'principal' => $this->getOwner(),
 				'protected' => true,
-			]];
-		$acl[] = [
+			],[
 				'privilege' => '{DAV:}write',
 				'principal' => $this->getOwner(),
 				'protected' => true,
-			];
+			]
+		];
+
+		if (!$this->isShared()) {
+			return $acl;
+		}
+
 		if ($this->getOwner() !== parent::getOwner()) {
 			$acl[] =  [
 					'privilege' => '{DAV:}read',
@@ -133,11 +138,11 @@ class AddressBook extends \Sabre\CardDAV\AddressBook implements IShareable {
 			];
 		}
 
-		if ($this->isShared()) {
-			return $acl;
-		}
-
-		return $this->carddavBackend->applyShareAcl($this->getResourceId(), $acl);
+		$acl = $this->carddavBackend->applyShareAcl($this->getResourceId(), $acl);
+		$allowedPrincipals = [$this->getOwner(), parent::getOwner(), 'principals/system/system'];
+		return array_filter($acl, function($rule) use ($allowedPrincipals) {
+			return \in_array($rule['principal'], $allowedPrincipals, true);
+		});
 	}
 
 	public function getChildACL() {