Index: content.module
===================================================================
RCS file: /cvs/drupal-contrib/contributions/modules/cck/content.module,v
retrieving revision 1.64
diff -u -F^f -r1.64 content.module
--- content.module	12 Jun 2006 19:36:54 -0000	1.64
+++ content.module	20 Jun 2006 14:20:38 -0000
@@ -38,7 +38,10 @@ function content_perm() {
   $perms = array('administer content types');
   foreach (content_types() as $name => $type) {
     $perms[] = 'create '. $name .' content';
+    $perms[] = 'view '. $name .' content';
     $perms[] = 'edit own '. $name .' content';
+    $perms[] = 'edit all '. $name .' content';
+    $perms[] = 'delete '. $name .' content';
   }
   return $perms;
 }
@@ -198,10 +201,43 @@ function content_access($op, $node) {
     return user_access('create '. $type .' content');
   }

-  if ($op == 'update' || $op == 'delete') {
+  if ($op == 'view' && user_access('view '. $type .' content')) {
+    return TRUE;
+  }
+
+  if ($op == 'update') {
     if (user_access('edit own '. $type .' content') && ($user->uid == $node->uid)) {
       return TRUE;
     }
+    elseif (user_access('edit all '. $type .' content')) {
+      return TRUE;
+    }
+  }
+
+  if ($op == 'delete') {
+    if (user_access('delete '. $type .' content')) {
+      return user_access('delete '. $type .' content');
+    }
+  }
+}
+
+/**
+ * Implementation of hook_db_rewrite_sql
+ */
+function content_db_rewrite_sql($query, $primary_table, $primary_field, $args) {
+  global $user;
+
+  if ($primary_field == 'nid' && $user->uid != 1) {
+    $return = array();
+    foreach (content_types() as $name => $type) {
+      if (!user_access('view '. $name .' content')) {
+        $where[] = 'n.type <> \''. $name .'\'';
+      }
+    }
+    if ($where) {
+      $return['where'] = '('. join(' AND ', $where) .')';
+    }
+    return $return;
   }
 }