diff --git node_access_example/node_access_example.info node_access_example/node_access_example.info
index cc6c04b..2fe3e64 100644
--- node_access_example/node_access_example.info
+++ node_access_example/node_access_example.info
@@ -1,8 +1,9 @@
 ; $Id$
 name = Node access example
-description = An example illustrating how to restrict access to nodes based on some criterion associated with the user.
+description = Demonstrates how a module can use Drupal's node access system
 package = Example modules
 version = VERSION
 core = 7.x
 files[] = node_access_example.module
 files[] = node_access_example.install
+files[] = node_access_example.test
diff --git node_access_example/node_access_example.module node_access_example/node_access_example.module
index 6905749..05169ce 100755
--- node_access_example/node_access_example.module
+++ node_access_example/node_access_example.module
@@ -67,6 +67,10 @@ function node_access_example_description() {
  * Users with 'access any private content' have global access to content marked
  * private by other users. 'edit any private content' allows global edit
  * privileges, basically overriding the node access system.
+ *
+ * Note that the 'edit any * content' and 'delete any * content' permissions
+ * will allow edit or delete permissions to the holder, regardless of what
+ * this module does.
  */
 function node_access_example_permission() {
   return array(
@@ -102,11 +106,11 @@ function node_access_example_node_grants($account, $op) {
   // Then, if "access any private content" is allowed to the account,
   // grant view, update, or delete as necessary.
   if ($op == 'view' && user_access('access any private content', $account)) {
-    $grants['node_access_example'] = array(1);
+    $grants['node_access_example_view'] = array(1);
   }
 
   if (($op == 'update' || $op == 'delete') && user_access('edit any private content', $account)) {
-    $grants['node_access_example'] = array(1);
+    $grants['node_access_example_edit'] = array(1);
   }
 
   return $grants;
@@ -127,13 +131,21 @@ function node_access_example_node_access_records($node) {
   if (!empty($node->private)) {
     $grants = array();
     $grants[] = array(
-      'realm' => 'node_access_example',
+      'realm' => 'node_access_example_view',
       'gid' => 1,
       'grant_view' => 1,
       'grant_update' => 0,
       'grant_delete' => 0,
       'priority' => 0,
     );
+    $grants[] = array(
+      'realm' => 'node_access_example_edit',
+      'gid' => 1,
+      'grant_view' => 1,
+      'grant_update' => 1,
+      'grant_delete' => 1,
+      'priority' => 0,
+    );
 
     // For the example_author realm, the GID is equivalent to a UID, which
     // means there are many many groups of just 1 user.
@@ -205,6 +217,7 @@ function node_access_example_node_insert($node) {
   if (isset($node->private)) {
     db_insert('node_access_example')->fields(array('nid' => $node->nid, 'private' => (int)$node->private))->execute();
   }
+  drupal_set_message(t('New node @nid was created and private=@private', array('@nid' => $node->nid, '@private' => !empty($node->private) ? 1 : 0)));
 }
 
 /**
diff --git node_access_example/node_access_example.test node_access_example/node_access_example.test
new file mode 100644
index 0000000..543e74e
--- /dev/null
+++ node_access_example/node_access_example.test
@@ -0,0 +1,128 @@
+<?php
+// $Id$
+
+/**
+ * @file
+ * Tests for Node Access example module.
+ */
+class NodeAccessExampleTestCase extends DrupalWebTestCase {
+
+  public static function getInfo() {
+    return array(
+      'name' => 'Node Access Example functionality',
+      'description' => 'Checks behavior of Node Access Example.',
+      'group' => 'Examples',
+    );
+  }
+
+  /**
+   * Enable modules and create user with specific permissions.
+   */
+  public function setUp() {
+    parent::setUp('node_access_example', 'search');
+    node_access_rebuild();
+  }
+
+  /**
+   * Test the "private" node access.
+   *
+   * - Create 3 users with "access content" and "create article" permissions.
+   * - Each user creates one private and one not private article.
+   * - Run cron to update search index.
+   * - Test that each user can view the other user's non-private article.
+   * - Test that each user cannot view the other user's private article.
+   * - Test that each user finds only appropriate (non-private + own private)
+   *   in search results.
+   * - Create another user with 'view any private content'.
+   * - Test that user 4 can view all content created above.
+   * - Test that user 4 can search for all content created above.
+   * - Test that user 4 cannot edit private content above.
+   * - Create another user with 'edit any private content'
+   * - Test that user 5 can edit private content.
+   * - Test that user 5 can delete private content.
+   */
+  function testNodeAccessBasic() {
+    $num_simple_users = 3;
+    $simple_users = array();
+
+    // nodes keyed by uid and nid: $nodes[$uid][$nid] = $is_private;
+    $nodes_by_user = array();
+    $titles = array(); // Titles keyed by nid
+    $private_nodes = array(); // Array of nids marked private.
+    for($i = 0; $i < $num_simple_users; $i++) {
+      $simple_users[$i] = $this->drupalCreateUser(array('access content', 'create article content'));
+    }
+    foreach ($simple_users as $web_user) {
+      $this->drupalLogin($web_user);
+      foreach(array(0 => 'Public', 1 => 'Private') as $is_private => $type) {
+        $edit = array(
+          'title' => t('@private_public Article created by @user', array('@private_public' => $type, '@user' => $web_user->name)),
+        );
+        if ($is_private) {
+          $edit['private'] = TRUE;
+        }
+        $this->drupalPost('node/add/article', $edit, t('Save'));
+        debug(t('Created article with private=@private', array('@private' => $is_private)));
+        $this->assertText(t('Article @title has been created', array('@title' => $edit['title'])));
+        $nid = db_query('SELECT nid FROM {node} WHERE title = :title', array(':title' => $edit['title']))->fetchField();
+        $this->assertText(t('New node @nid was created and private=@private', array('@nid' => $nid, '@private' => $is_private)));
+        $private_status = db_query('SELECT private FROM {node_access_example} where nid = :nid', array(':nid' => $nid))->fetchField();
+        $this->assertTrue($is_private == $private_status, t('Node was properly set to private or not private in node_access_example table.'));
+        if ($is_private) {
+          $private_nodes[] = $nid;
+        }
+        $titles[$nid] = $edit['title'];
+        $nodes_by_user[$web_user->uid][$nid] = $is_private;
+      }
+    }
+    debug($nodes_by_user);
+    foreach ($simple_users as $web_user) {
+      $this->drupalLogin($web_user);
+      // Check own nodes to see that all are readable.
+      foreach(array_keys($nodes_by_user) as $uid) {
+        // All of this user's nodes should be readable to same.
+        if ($uid == $web_user->uid) {
+          foreach($nodes_by_user[$uid] as $nid => $is_private) {
+            $this->drupalGet('node/'.$nid);
+            $this->assertResponse(200);
+            $this->assertTitle($titles[$nid] . ' | Drupal', t('Correct title for node found'));
+          }
+        }
+        else {
+          // Otherwise, for other users, private nodes should get a 403,
+          // but we should be able to read non-private nodes.
+          foreach($nodes_by_user[$uid] as $nid => $is_private) {
+            $this->drupalGet('node/'.$nid);
+            $this->assertResponse($is_private ? 403 : 200, t('Node @nid by user @uid should get a @response for this user (@web_user_uid)', array('@nid' => $nid, '@uid' => $uid, '@response' => $is_private ? 403 : 200, '@web_user_uid' => $web_user->uid)));
+            if (!$is_private) {
+              $this->assertTitle($titles[$nid] . ' | Drupal', t('Correct title for node was found'));
+            }
+          }
+        }
+      }
+    }
+
+    // Now test that a user with 'access any private content' can view content.
+    $access_user = $this->drupalCreateUser(array('access content', 'create article content', 'access any private content'));
+    $this->drupalLogin($access_user);
+    foreach($nodes_by_user as $uid => $private_status) {
+      foreach ($private_status as $nid => $is_private) {
+        $this->drupalGet('node/' . $nid);
+        $this->assertResponse(200);
+      }
+    }
+
+    // Test that a privileged user can edit and delete private content.
+    $edit_user = $this->drupalCreateUser(array('access content', 'access any private content', 'edit any private content'));
+    $this->drupalLogin($edit_user);
+    foreach($private_nodes as $nid) {
+      $body = $this->randomName();
+      $edit = array('body[und][0][value]' => $body);
+      $this->drupalPost('node/' . $nid . '/edit', $edit, t('Save'));
+      $this->assertText(t('has been updated'));
+      $this->drupalPost('node/' . $nid . '/edit', array(), t('Delete'));
+      $this->drupalPost(NULL, array(), t('Delete'));
+      $this->assertText(t('has been deleted'));
+    }
+  }
+}