Index: modules/node/node.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/node/node.module,v
retrieving revision 1.1071
diff -u -p -r1.1071 node.module
--- modules/node/node.module	18 Jun 2009 21:19:02 -0000	1.1071
+++ modules/node/node.module	20 Jun 2009 20:27:30 -0000
@@ -1329,6 +1329,10 @@ function node_perm() {
       'title' => t('Delete revisions'),
       'description' => t('Delete content revisions.'),
     ),
+    'view own unpublished content' => array(
+      'title' => t('View own unpublished content'),
+      'description' => t('View unpublished content created by the user'),
+    ),
   );
 
   foreach (node_type_get_types() as $type) {
@@ -2310,9 +2314,14 @@ function node_access($op, $node, $accoun
     return $access;
   }
 
+  // Check if authors can view their own unpublished nodes.
+  if ($op == 'view' && !$node->status && user_access('view own unpublished content', $account) && $account->uid == $node->uid && $account->uid != 0) {
+    return TRUE;
+  }
+
   // If the module did not override the access rights, use those set in the
   // node_access table.
-  if ($op != 'create' && $node->nid && $node->status) {
+  if ($op != 'create' && $node->nid) {
     $query = db_select('node_access');
     $query->addExpression('COUNT(*)');
     $query
@@ -2339,11 +2348,6 @@ function node_access($op, $node, $accoun
       ->fetchField();
   }
 
-  // Let authors view their own nodes.
-  if ($op == 'view' && $account->uid == $node->uid && $account->uid != 0) {
-    return TRUE;
-  }
-
   return FALSE;
 }
 
Index: modules/system/system.install
===================================================================
RCS file: /cvs/drupal/drupal/modules/system/system.install,v
retrieving revision 1.345
diff -u -p -r1.345 system.install
--- modules/system/system.install	18 Jun 2009 15:46:30 -0000	1.345
+++ modules/system/system.install	20 Jun 2009 20:27:31 -0000
@@ -3579,6 +3579,21 @@ function system_update_7028() {
 
 
 /**
+ * Add new 'view own unpublished content' permission for authenticated users.
+ * Preserves legacy behavior from Drupal 6.x.
+ */
+function system_update_7029() {
+  $ret = array();
+  db_insert('role_permission')
+    ->fields(array(
+      'rid' => DRUPAL_AUTHENTICATED_RID,
+      'permission' => 'view own unpublished content',
+    ))
+    ->execute();
+  return $ret;
+}
+
+/**
  * @} End of "defgroup updates-6.x-to-7.x"
  * The next series of updates should start at 8000.
  */
Index: profiles/default/default.profile
===================================================================
RCS file: /cvs/drupal/drupal/profiles/default/default.profile,v
retrieving revision 1.47
diff -u -p -r1.47 default.profile
--- profiles/default/default.profile	12 Jun 2009 13:59:56 -0000	1.47
+++ profiles/default/default.profile	20 Jun 2009 20:27:31 -0000
@@ -230,6 +230,14 @@ function default_profile_tasks(&$task, $
       ))->execute();
   }
 
+  // Add 'view own unpublished content' permission for authenticated users.
+  db_insert('role_permission')
+    ->fields(array(
+      'rid' => DRUPAL_AUTHENTICATED_RID,
+      'permission' => 'view own unpublished content',
+    ))
+    ->execute();
+
   // Update the menu router information.
   menu_rebuild();