Index: modules/node/node.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/node/node.module,v
retrieving revision 1.1045
diff -u -p -r1.1045 node.module
--- modules/node/node.module	9 May 2009 18:28:12 -0000	1.1045
+++ modules/node/node.module	10 May 2009 14:29:06 -0000
@@ -1351,6 +1351,10 @@ function node_perm() {
       'title' => t('Delete revisions'),
       'description' => t('Delete content revisions.'),
     ),
+    'view own unpublished content' => array(
+      'title' => t('View own unpublished content'),
+      'description' => t('View unpublished content created by the user'),
+    ),
   );
 
   foreach (node_get_types() as $type) {
@@ -2335,9 +2339,14 @@ function node_access($op, $node, $accoun
     return $access;
   }
 
+  // Check if authors can view their own unpublished nodes.
+  if ($op == 'view' && !$node->status && user_access('view own unpublished content', $account) && $account->uid == $node->uid && $account->uid != 0) {
+    return TRUE;
+  }
+
   // If the module did not override the access rights, use those set in the
   // node_access table.
-  if ($op != 'create' && $node->nid && $node->status) {
+  if ($op != 'create' && $node->nid) {
     $query = db_select('node_access');
     $query->addExpression('COUNT(*)');
     $query
@@ -2364,11 +2373,6 @@ function node_access($op, $node, $accoun
       ->fetchField();
   }
 
-  // Let authors view their own nodes.
-  if ($op == 'view' && $account->uid == $node->uid && $account->uid != 0) {
-    return TRUE;
-  }
-
   return FALSE;
 }