This change involves relaxing the check that artefacts can only be
exported if they're owned by the user (naturally, site files are not).
Unfortunately, there's no easy replacement check that I can drop in to
continue to guarantee security. $user->can_view_artefact has two
problems: doesn't respect site files, and is slow.

I added a commented out hypothetical permission checking block and a
comment as to why it wasn't uncommented.

Signed-off-by: Nigel McNie <nigel@catalyst.net.nz>