4 files changed, 38 insertions, 23 deletions

diff --git a/modules/node/node.api.php b/modules/node/node.api.php
index 5c41e1f76..a9881d5ee 100644
--- a/modules/node/node.api.php
+++ b/modules/node/node.api.php
@@ -570,8 +570,12 @@ function hook_node_load($nodes, $types) {
  * block access, return NODE_ACCESS_IGNORE or simply return nothing.
  * Blindly returning FALSE will break other node access modules.
  *
+ * Also note that this function isn't called for node listings (e.g., RSS feeds,
+ * the default home page at path 'node', a recent content block, etc.) See
+ * @link node_access Node access rights @endlink for a full explanation.
+ *
  * @param $node
- *   Either a node object or a (machine-readable) content type on which to
+ *   Either a node object or the machine name of the content type on which to
  *   perform the access check.
  * @param $op
  *   The operation to be performed. Possible values:
@@ -583,9 +587,9 @@ function hook_node_load($nodes, $types) {
  *   The user object to perform the access check operation on.
  *
  * @return
- *   NODE_ACCESS_ALLOW if the operation is to be allowed;
- *   NODE_ACCESS_DENY if the operation is to be denied;
- *   NODE_ACCESS_IGNORE to not affect this operation at all.
+ *   - NODE_ACCESS_ALLOW: if the operation is to be allowed.
+ *   - NODE_ACCESS_DENY: if the operation is to be denied.
+ *   - NODE_ACCESS_IGNORE: to not affect this operation at all.
  *
  * @ingroup node_access
  */
@@ -972,6 +976,7 @@ function hook_ranking() {
  *   The node type object that is being created.
  */
 function hook_node_type_insert($info) {
+  drupal_set_message(t('You have just created a content type with a machine name %type.', array('%type' => $info->type)));
 }
 
 /**
@@ -1229,9 +1234,12 @@ function hook_validate($node, $form, &$form_state) {
 /**
  * Display a node.
  *
- * This is a hook used by node modules. It allows a module to define a
- * custom method of displaying its nodes, usually by displaying extra
- * information particular to that node type.
+ * This hook is invoked only on the module that defines the node's content type
+ * (use hook_node_view() to act on all node views).
+ *
+ * This hook is invoked during node viewing after the node is fully loaded,
+ * so that the node type module can define a custom method for display, or
+ * add to the default display.
  *
  * @param $node
  *   The node to be displayed, as returned by node_load().
@@ -1249,8 +1257,6 @@ function hook_validate($node, $form, &$form_state) {
  *   view of the node, you might consider implementing one of these hooks
  *   instead.
  *
- * For a detailed usage example, see node_example.module.
- *
  * @ingroup node_api_hooks
  */
 function hook_view($node, $view_mode) {
diff --git a/modules/node/node.module b/modules/node/node.module
index 51ec8c306..fe8ee5169 100644
--- a/modules/node/node.module
+++ b/modules/node/node.module
@@ -919,7 +919,7 @@ function node_load_multiple($nids = array(), $conditions = array(), $reset = FAL
  *   Whether to reset the node_load_multiple cache.
  *
  * @return
- *   A fully-populated node object.
+ *   A fully-populated node object, or FALSE if the node is not found.
  */
 function node_load($nid = NULL, $vid = NULL, $reset = FALSE) {
   $nids = (isset($nid) ? array($nid) : array());
@@ -1396,7 +1396,7 @@ function node_build_content($node, $view_mode = 'full', $langcode = NULL) {
  * @param $message
  *   A flag which sets a page title relevant to the revision being viewed.
  * @return
- *   A $page element suitable for use by drupal_page_render().
+ *   A $page element suitable for use by drupal_render().
  */
 function node_show($node, $message = FALSE) {
   if ($message) {
@@ -2790,13 +2790,14 @@ function node_search_validate($form, &$form_state) {
  * that this table is a list of grants; any matching row is sufficient to
  * grant access to the node.
  *
- * In node listings, the process above is followed except that
- * hook_node_access() is not called on each node for performance reasons and for
- * proper functioning of the pager system. When adding a node listing to your
- * module, be sure to use a dynamic query created by db_select() and add a tag
- * of "node_access". This will allow modules dealing with node access to ensure
- * only nodes to which the user has access are retrieved, through the use of
- * hook_query_TAG_alter().
+ * In node listings (lists of nodes generated from a select query, such as the
+ * default home page at path 'node', an RSS feed, a recent content block, etc.),
+ * the process above is followed except that hook_node_access() is not called on
+ * each node for performance reasons and for proper functioning of the pager
+ * system. When adding a node listing to your module, be sure to use a dynamic
+ * query created by db_select() and add a tag of "node_access". This will allow
+ * modules dealing with node access to ensure only nodes to which the user has
+ * access are retrieved, through the use of hook_query_TAG_alter().
  *
  * Note: Even a single module returning NODE_ACCESS_DENY from hook_node_access()
  * will block access to the node. Therefore, implementers should take care to
@@ -2961,7 +2962,6 @@ function node_node_access($node, $op, $account) {
  */
 function node_list_permissions($type) {
   $info = node_type_get_type($type);
-  $type = check_plain($info->type);
 
   // Build standard list of node permissions for this type.
   $perms = array(
diff --git a/modules/node/node.test b/modules/node/node.test
index 6c3a678d5..96b93cf4a 100644
--- a/modules/node/node.test
+++ b/modules/node/node.test
@@ -1088,7 +1088,15 @@ class NodeAccessBaseTableTestCase extends DrupalWebTestCase {
     $this->assertTaxonomyPage(TRUE);
   }
 
-  protected function assertTaxonomyPage($super) {
+  /**
+   * Checks taxonomy/term listings to ensure only accessible nodes are listed.
+   *
+   * @param $is_admin
+   *   A boolean indicating whether the current user is an administrator. If
+   *   TRUE, all nodes should be listed. If FALSE, only public nodes and the
+   *   user's own private nodes should be listed.
+   */
+  protected function assertTaxonomyPage($is_admin) {
     foreach (array($this->publicTid, $this->privateTid) as $tid_is_private => $tid) {
       $this->drupalGet("taxonomy/term/$tid");
       $this->nids_visible = array();
@@ -1101,8 +1109,9 @@ class NodeAccessBaseTableTestCase extends DrupalWebTestCase {
           // Private nodes should be visible on the private term page,
           // public nodes should be visible on the public term page.
           $should_be_visible = $tid_is_private == $is_private;
-          // Non-superusers on the private page can only see their own nodes.
-          if (!$super && $tid_is_private) {
+          // Non-administrators can only see their own nodes on the private
+          // term page.
+          if (!$is_admin && $tid_is_private) {
             $should_be_visible = $should_be_visible && $uid == $this->webUser->uid;
           }
           $this->assertIdentical(isset($this->nids_visible[$nid]), $should_be_visible, strtr('A %private node by user %uid is %visible for user %current_uid on the %tid_is_private page.', array(
diff --git a/modules/node/tests/node_access_test.module b/modules/node/tests/node_access_test.module
index 91c117a6f..f2eca2e42 100644
--- a/modules/node/tests/node_access_test.module
+++ b/modules/node/tests/node_access_test.module
@@ -159,7 +159,7 @@ function node_access_entity_test_page() {
 }
 
 /**
- * Implements hook_form_node_form_alter().
+ * Implements hook_form_BASE_FORM_ID_alter().
  */
 function node_access_test_form_node_form_alter(&$form, $form_state) {
   // Only show this checkbox for NodeAccessBaseTableTestCase.