As documented in
hook_node_access() is only invoked when the users try to view, update, or delete a node. The documentation doesn’t make it explicit, but when an entity is created, the invoked hooks are
hook_ENTITY_TYPE_create_access(), a single hook implementation returning
AccessResult::forbidden() is sufficient to block users from acting on the entity. If you are noticing users aren’t allowed to take an action on an entity when you expect them to be able to take that action, that is one of the probably causes.
I assume the code shown in the question is part of the code inside the mymodule.module file, or that a module with that machine name is installed on the site. Differently, Drupal would not consider that function a hook, and it would not invoke it (which could be a reason to say it doesn’t work).
As side note,
arg() is implemented in Drupal 4.6.x, 4.7.x, 5.x, 6.x, and 7.x, but not 8.x.y, nor 9.x.y. (Click on Same name and namespace in other branches in the documentation page to see the list of Drupal versions for which that function is implemented.)
The code shown in the question should thrown an error about a call to a not existing function.