--- modules\cck\content.module.old	2006-05-22 02:01:45.000000000 +0100
+++ modules\cck\content.module	2006-06-12 11:58:12.359375000 +0100
@@ -38,7 +38,10 @@ function content_perm() {
   $perms = array('administer content types');
   foreach (content_types() as $name => $type) {
     $perms[] = 'create '. $name .' content';
+    $perms[] = 'view '. $name .' content';
     $perms[] = 'edit own '. $name .' content';
+    $perms[] = 'edit all '. $name .' content';
+    $perms[] = 'delete '. $name .' content';
   }
   return $perms;
 }
@@ -198,10 +201,52 @@ function content_access($op, $node) {
     return user_access('create '. $type .' content');
   }
 
-  if ($op == 'update' || $op == 'delete') {
+  if ($op == 'view') {
+    if ($node->uid != $user->uid) {
+      return user_access('view '. $type .' content');
+    }
+    else {
+      return TRUE;
+    }
+  }
+
+  if ($op == 'update') {
     if (user_access('edit own '. $type .' content') && ($user->uid == $node->uid)) {
       return TRUE;
     }
+    elseif (user_access('edit all '. $type .' content')) {
+      return TRUE;
+    }
+  }
+
+  if ($op == 'delete') {
+    if (user_access('delete '. $type .' content')) {
+      return user_access('delete '. $type .' content');
+    }
+  }
+}
+
+/**
+ * Implementation of hook_db_rewrite_sql
+ */
+function content_db_rewrite_sql($query, $primary_table, $primary_field, $args) {
+  global $user;
+
+  switch ($primary_field) {
+    case 'nid':
+      if ($user->uid != 1) {
+        $return = array();
+        foreach (content_types() as $name => $type) {
+          if (!user_access('view '. $name .' content')) {
+            $where[] = 'n.type <> \''. $name .'\'';
+          }
+        }
+        if ($where) {                        
+          $return['where'] = '('. join(' AND ', $where) .') OR n.uid = '. $user->uid;
+        }
+        return $return;
+      }
+      break;
   }
 }