Issue #1559506 by finnydobson, JuliaKM, snehi, anil280988, priya.chat,...

Issue #1559506 by finnydobson, JuliaKM, snehi, anil280988, priya.chat, jhodgdon, alexpott: Query alter docs need some clarification

Issue #1559506 by finnydobson, JuliaKM, snehi, anil280988, priya.chat,...
Issue #1559506 by finnydobson, JuliaKM, snehi, anil280988, priya.chat, jhodgdon, alexpott: Query alter docs need some clarification
fff56d70 · Alex Pott · e3de68b0 · fff56d70
Commit fff56d70 authored Jan 07, 2016 by Alex Pott
--- a/core/modules/node/node.module
+++ b/core/modules/node/node.module
@@ -883,7 +883,9 @@ function node_form_system_themes_admin_form_submit($form, FormStateInterface $fo
 * with node access to ensure only nodes to which the user has access are
 * retrieved, through the use of hook_query_TAG_alter(). See the
 * @link entity_api Entity API topic @endlink for more information on entity
- * queries.
+ * queries. Tagging a query with "node_access" does not check the
+ * published/unpublished status of nodes, so the base query is responsible
+ * for ensuring that unpublished nodes are not displayed to inappropriate users.
 *
 * Note: Even a single module returning an AccessResultInterface object from
 * hook_node_access() whose isForbidden() method equals TRUE will block access