The way you've written it checks wether the user who's viewing the page has permission_needed on user_id, which is probably not what you want. The first argument should be your 'module'.
Otherwise, ad_permission_p allows the flexibility to check permissions for arbitrary users.
