diff --git a/includes/menu.inc b/includes/menu.inc
index bba8abc..0b6a6aa 100644
--- a/includes/menu.inc
+++ b/includes/menu.inc
@@ -616,7 +616,7 @@ function _menu_check_access(&$item, $map) {
     // As call_user_func_array is quite slow and user_access is a very common
     // callback, it is worth making a special case for it.
     if ($callback == 'user_access') {
-      $item['access'] = (count($arguments) == 1) ? user_access($arguments[0]) : user_access($arguments[0], $arguments[1]);
+      $item['access'] = (count($arguments) == 1) ? user_access(reset($arguments)) : user_access($arguments['permission'], $arguments['account']);
     }
     elseif (function_exists($callback)) {
       $item['access'] = call_user_func_array($callback, $arguments);
diff --git a/modules/user/user.module b/modules/user/user.module
index 044ad46..416d8e4 100644
--- a/modules/user/user.module
+++ b/modules/user/user.module
@@ -767,19 +767,23 @@ function user_role_permissions($roles = array()) {
 /**
  * Determine whether the user has a given privilege.
  *
- * @param $string
- *   The permission, such as "administer nodes", being checked for.
+ * @param $permission
+ *   The permission, such as "administer nodes", being checked for. This can
+ *   also be an array of permissions, such as
+ *   array("administer nodes", "create page content").
  * @param $account
  *   (optional) The account to check, if not given use currently logged in user.
  *
  * @return
- *   Boolean TRUE if the current user has the requested permission.
+ *   Boolean TRUE if the account has the requested permission and only one
+ *   $permission string was specified. Boolean TRUE if multiple permissions are
+ *   given and the account has all of them.
  *
  * All permission checks in Drupal should go through this function. This
  * way, we guarantee consistent behavior, and ensure that the superuser
  * can perform all actions.
  */
-function user_access($string, $account = NULL) {
+function user_access($permission, $account = NULL) {
   global $user;
 
   if (!isset($account)) {
@@ -809,7 +813,16 @@ function user_access($string, $account = NULL) {
     $perm[$account->uid] = $perms;
   }
 
-  return isset($perm[$account->uid][$string]);
+  if (is_array($permission) ) {
+    foreach ($permission as $string) {
+      if (!isset($perm[$account->uid][$string])) {
+        return FALSE;
+      }
+    }
+    return TRUE;
+  }
+
+  return isset($perm[$account->uid][$permission]);
 }
 
 /**