#153998 follow up by salvis: we should return NULL if access cannot be granted based on permissions so the node level permission system can take it forward