// If the node is published, also take the default grant into account. The
// default is saved with a node ID of 0.
$status =
$node->
isPublished();
if ($status) { $nids =
$query->
orConditionGroup() ->
condition($nids) ->
condition('nid', 0
);
} $query->
condition($nids);
$query->
range(0, 1
);
$grants =
$this->
buildGrantsQueryCondition(node_access_grants($operation,
$account));
if (count($grants) > 0
) { $query->
condition($grants);
} // Only the 'view' node grant can currently be cached; the others currently
// don't have any cacheability metadata. Hopefully, we can add that in the
// future, which would allow this access check result to be cacheable in all
// cases. For now, this must remain marked as uncacheable, even when it is
// theoretically cacheable, because we don't have the necessary metadata to
// know it for a fact.