Hi! Although there are two contrib modules (node_privacy_by_role and nodeperm_role) which leverages the node access system, I have written a third one which is in my (chx) sandbox as nodeaccess.module. I do not intend it to be a contrib module -- I'd like to see it in 4.7 core. Features are: 1) You may give grants per role for each node type 2) Every node may have a grant tab where ordinary users may give additional grants for other users. Admins may edit grants per roles. Whether this grant tabs appears can be controlled again per node type. 3) Users may save these additional grants as default for their content. I think the UI is straightforward. TODO a) provide a mechanism to delete the default in 3) b) provide hooks for group modules so that users may operate on those, too So, this module is much more community oriented than the previous attempts while the admin remains in the driver's seat. Installation now requires a manual emptying of the node access table. Will improve this one, too. Regards Karoly Negyesi