diff --git a/core/includes/session.inc b/core/includes/session.inc
index 4cc8139..942bbf6 100644
--- a/core/includes/session.inc
+++ b/core/includes/session.inc
@@ -110,8 +110,8 @@ function _drupal_session_read($sid) {
   // active user.
   if ($values && $values['uid'] > 0 && $values['status'] == 1) {
     // Add roles element to $user.
-    $rids = db_query("SELECT ur.rid FROM {users_roles} ur WHERE ur.uid = :uid", array(':uid' => $values['uid']))->fetchCol();
-    $values['roles'] = array_merge(array(DRUPAL_AUTHENTICATED_RID), $rids);
+    $rids = Drupal::entityManager()->getStorageController('user')->getUserRoles(array($values['uid']));
+    $values['roles'] = $rids[$values['uid']];
     $user = new UserSession($values);
   }
   elseif ($values) {
diff --git a/core/modules/system/lib/Drupal/system/Tests/Entity/EntityQueryTest.php b/core/modules/system/lib/Drupal/system/Tests/Entity/EntityQueryTest.php
index 72950e1..fce3a9b 100644
--- a/core/modules/system/lib/Drupal/system/Tests/Entity/EntityQueryTest.php
+++ b/core/modules/system/lib/Drupal/system/Tests/Entity/EntityQueryTest.php
@@ -509,7 +509,7 @@ protected function assertBundleOrder($order) {
    *
    * The tags and metadata should propogate to the SQL query object.
    */
-  function testMetaData() {
+  public function testMetaData() {
     $query = \Drupal::entityQuery('entity_test_mulrev');
     $query
       ->addTag('efq_metadata_test')
@@ -519,4 +519,5 @@ function testMetaData() {
     global $efq_test_metadata;
     $this->assertEqual($efq_test_metadata, 'bar', 'Tag and metadata propogated to the SQL query object.');
   }
+
 }
diff --git a/core/modules/system/lib/Drupal/system/Tests/Entity/UserRidQueryTest.php b/core/modules/system/lib/Drupal/system/Tests/Entity/UserRidQueryTest.php
new file mode 100644
index 0000000..7438375
--- /dev/null
+++ b/core/modules/system/lib/Drupal/system/Tests/Entity/UserRidQueryTest.php
@@ -0,0 +1,45 @@
+<?php
+
+/**
+ * @file
+ * Contains \Drupal\system\Tests\Entity\UserRidQueryTest.
+ */
+
+namespace Drupal\system\Tests\Entity;
+
+class UserRidQueryTest extends EntityUnitTestBase {
+
+  static public function getInfo() {
+    return array(
+      'name' => 'User rid Query',
+      'description' => 'Tests the special Entity Query service for user roles.',
+      'group' => 'Entity API',
+    );
+  }
+
+  /**
+   * Test the special user role queries.
+   */
+  public function testUserRoleQuery() {
+    $perms = array('cancel account', 'change own username');
+    $roles = array();
+    $accounts = array();
+    foreach ($perms as $perm) {
+      $accounts[$perm] = $this->createUser(array(), array($perm));
+      foreach ($accounts[$perm]->getRoles() as $role) {
+        if ($role != DRUPAL_AUTHENTICATED_RID) {
+          $roles[$perm] = $role;
+        }
+      }
+    }
+    $this->assertEqual(count($roles), 2);
+    foreach ($perms as $perm) {
+      $results = \Drupal::entityQuery('user')
+        ->condition('rid', $roles[$perm])
+        ->execute();
+      $this->assertEqual(count($results), 1);
+      $this->assertEqual(reset($results), $accounts[$perm]->id());
+    }
+  }
+
+}
diff --git a/core/modules/user/lib/Drupal/user/Entity/Query/Sql/QueryFactory.php b/core/modules/user/lib/Drupal/user/Entity/Query/Sql/QueryFactory.php
new file mode 100644
index 0000000..e0cd265
--- /dev/null
+++ b/core/modules/user/lib/Drupal/user/Entity/Query/Sql/QueryFactory.php
@@ -0,0 +1,17 @@
+<?php
+
+/**
+ * @file
+ * Contains \Drupal\user\Entity\Query\Sql\QueryFactory.
+ */
+
+namespace Drupal\user\Entity\Query\Sql;
+
+use Drupal\Core\Entity\Query\Sql\QueryFactory as BaseQueryFactory;
+
+/**
+ * The base query factory handles everything based on the class namespace.
+ */
+class QueryFactory extends BaseQueryFactory {
+
+}
diff --git a/core/modules/user/lib/Drupal/user/Entity/Query/Sql/Tables.php b/core/modules/user/lib/Drupal/user/Entity/Query/Sql/Tables.php
new file mode 100644
index 0000000..5118e74
--- /dev/null
+++ b/core/modules/user/lib/Drupal/user/Entity/Query/Sql/Tables.php
@@ -0,0 +1,19 @@
+<?php
+
+/**
+ * @file
+ * Contains \Drupal\user\Entity\Query\Sql\Tables.
+ */
+
+namespace Drupal\user\Entity\Query\Sql;
+
+use Drupal\Core\Entity\Query\Sql\Tables as BaseTables;
+
+class Tables extends BaseTables {
+
+  protected function ensureEntityTable($index_prefix, $property, $type, $langcode, $base_table, $id_field, $entity_tables) {
+    $entity_tables['users_roles'] = drupal_get_schema('users_roles');
+    return parent::ensureEntityTable($index_prefix, $property, $type, $langcode, $base_table, $id_field, $entity_tables);
+  }
+
+}
diff --git a/core/modules/user/lib/Drupal/user/Plugin/views/field/Roles.php b/core/modules/user/lib/Drupal/user/Plugin/views/field/Roles.php
index 22c2819..44f295f 100644
--- a/core/modules/user/lib/Drupal/user/Plugin/views/field/Roles.php
+++ b/core/modules/user/lib/Drupal/user/Plugin/views/field/Roles.php
@@ -8,7 +8,9 @@
 namespace Drupal\user\Plugin\views\field;
 
 use Drupal\Component\Annotation\PluginID;
+use Drupal\Component\Utility\String;
 use Drupal\Core\Database\Connection;
+use Drupal\user\UserStorageControllerInterface;
 use Drupal\views\Plugin\views\display\DisplayPluginBase;
 use Drupal\views\ViewExecutable;
 use Drupal\views\Plugin\views\field\PrerenderList;
@@ -26,9 +28,9 @@ class Roles extends PrerenderList {
   /**
    * Database Service Object.
    *
-   * @var \Drupal\Core\Database\Connection
+   * @var \Drupal\user\UserStorageControllerInterface
    */
-  protected $database;
+  protected $storageController;
 
   /**
    * Constructs a Drupal\Component\Plugin\PluginBase object.
@@ -42,17 +44,17 @@ class Roles extends PrerenderList {
    * @param \Drupal\Core\Database\Connection $database
    *   Database Service Object.
    */
-  public function __construct(array $configuration, $plugin_id, array $plugin_definition, Connection $database) {
+  public function __construct(array $configuration, $plugin_id, array $plugin_definition, UserStorageControllerInterface $storage_controller) {
     parent::__construct($configuration, $plugin_id, $plugin_definition);
 
-    $this->database = $database;
+    $this->storageController = $storage_controller;
   }
 
   /**
    * {@inheritdoc}
    */
   public static function create(ContainerInterface $container, array $configuration, $plugin_id, array $plugin_definition) {
-    return new static($configuration, $plugin_id, $plugin_definition, $container->get('database'));
+    return new static($configuration, $plugin_id, $plugin_definition, $container->get('plugin.manager.entity')->getStorageController('user'));
   }
 
   /**
@@ -79,10 +81,15 @@ public function preRender(&$values) {
 
     if ($uids) {
       $roles = user_roles();
-      $result = $this->database->query('SELECT u.uid, u.rid FROM {users_roles} u WHERE u.uid IN (:uids) AND u.rid IN (:rids)', array(':uids' => $uids, ':rids' => array_keys($roles)));
-      foreach ($result as $role) {
-        $this->items[$role->uid][$role->rid]['role'] = check_plain($roles[$role->rid]->label());
-        $this->items[$role->uid][$role->rid]['rid'] = $role->rid;
+      $users_rids = $this->storageController->getUserRoles($uids);
+      foreach ($users_rids as $uid => $rids) {
+        foreach ($rids as $rid) {
+          // Don't list anonymous/authenticated user roles.
+          if (!in_array($rid, array(DRUPAL_AUTHENTICATED_RID, DRUPAL_ANONYMOUS_RID))) {
+            $this->items[$uid][$rid]['role'] = String::checkPlain($roles[$rid]->label());
+            $this->items[$uid][$rid]['rid'] = $rid;
+          }
+        }
       }
       // Sort the roles for each user by role weight.
       $ordered_roles = array_flip(array_keys($roles));
diff --git a/core/modules/user/lib/Drupal/user/UserStorageController.php b/core/modules/user/lib/Drupal/user/UserStorageController.php
index 48e8206..0dd6cb6 100644
--- a/core/modules/user/lib/Drupal/user/UserStorageController.php
+++ b/core/modules/user/lib/Drupal/user/UserStorageController.php
@@ -82,18 +82,10 @@ public static function createInstance(ContainerInterface $container, $entity_typ
    * Overrides Drupal\Core\Entity\DatabaseStorageController::attachLoad().
    */
   function attachLoad(&$queried_users, $load_revision = FALSE) {
-    foreach ($queried_users as $key => $record) {
-      $queried_users[$key]->roles = array();
-      if ($record->uid) {
-        $queried_users[$record->uid]->roles[] = DRUPAL_AUTHENTICATED_RID;
-      }
-      else {
-        $queried_users[$record->uid]->roles[] = DRUPAL_ANONYMOUS_RID;
-      }
-    }
-
     // Add any additional roles from the database.
-    $this->addRoles($queried_users);
+    foreach ($this->getUserRoles(array_keys($queried_users)) as $uid => $rids) {
+      $queried_users[$uid]->roles = $rids;
+    }
 
     // Call the default attachLoad() method. This will add fields and call
     // hook_user_load().
@@ -130,20 +122,38 @@ public function saveRoles(EntityInterface $user) {
   /**
    * {@inheritdoc}
    */
-  public function addRoles(array $users) {
-    $result = db_query('SELECT rid, uid FROM {users_roles} WHERE uid IN (:uids)', array(':uids' => array_keys($users)));
+  public function deleteUserRoles(array $uids) {
+    $this->database->delete('users_roles')
+      ->condition('uid', $uids)
+      ->execute();
+  }
+
+   /**
+    * {@inheritdoc}
+    */
+  public function getUserRoles(array $uids, array $rids = NULL) {
+    $users = array();
+    foreach ($uids as $uid) {
+      $users[$uid] = array();
+      if ($uid) {
+        $users[$uid] = array(DRUPAL_AUTHENTICATED_RID);
+      }
+      else {
+        $users[$uid] = array(DRUPAL_ANONYMOUS_RID);
+      }
+    }
+    $result = $this->database->query('SELECT rid, uid FROM {users_roles} WHERE uid IN (:uids)', array(':uids' => array_keys($users)));
     foreach ($result as $record) {
-      $users[$record->uid]->roles[] = $record->rid;
+      $users[$record->uid][] = $record->rid;
     }
+    return $users;
   }
 
   /**
    * {@inheritdoc}
    */
-  public function deleteUserRoles(array $uids) {
-    $this->database->delete('users_roles')
-      ->condition('uid', $uids)
-      ->execute();
+  public function getQueryServiceName() {
+    return 'user.entity.query.sql';
   }
 
 }
diff --git a/core/modules/user/lib/Drupal/user/UserStorageControllerInterface.php b/core/modules/user/lib/Drupal/user/UserStorageControllerInterface.php
index 114a24c..ec43a0c 100644
--- a/core/modules/user/lib/Drupal/user/UserStorageControllerInterface.php
+++ b/core/modules/user/lib/Drupal/user/UserStorageControllerInterface.php
@@ -16,13 +16,6 @@
 interface UserStorageControllerInterface {
 
   /**
-   * Add any roles from the storage to the user.
-   *
-   * @param array $users
-   */
-  public function addRoles(array $users);
-
-  /**
    * Save the user's roles.
    *
    * @param \Drupal\Core\Entity\EntityInterface $user
@@ -36,4 +29,15 @@ public function saveRoles(EntityInterface $user);
    */
   public function deleteUserRoles(array $uids);
 
+  /**
+   * Returns role IDs of the provided users.
+   *
+   * @param array $uids
+   *   User ID's for which roles should be returned.
+   *
+   * @return array
+   *   An array of role ids per user, keyed by the user id.
+   */
+  public function getUserRoles(array $uids);
+
 }
diff --git a/core/modules/user/user.services.yml b/core/modules/user/user.services.yml
index 6fb7d47..6c18f9d 100644
--- a/core/modules/user/user.services.yml
+++ b/core/modules/user/user.services.yml
@@ -25,3 +25,6 @@ services:
     class: Drupal\user\EventSubscriber\MaintenanceModeSubscriber
     tags:
       - { name: event_subscriber }
+  user.entity.query.sql:
+    class: Drupal\user\Entity\Query\Sql\QueryFactory
+    arguments: ['@database']
diff --git a/core/modules/views/lib/Drupal/views/Tests/ViewPageControllerTest.php b/core/modules/views/lib/Drupal/views/Tests/ViewPageControllerTest.php
index d4806f0..7e7afe1 100644
--- a/core/modules/views/lib/Drupal/views/Tests/ViewPageControllerTest.php
+++ b/core/modules/views/lib/Drupal/views/Tests/ViewPageControllerTest.php
@@ -25,7 +25,7 @@ class ViewPageControllerTest extends ViewUnitTestBase {
    *
    * @var array
    */
-  public static $modules = array('user');
+  public static $modules = array('user', 'field');
 
   /**
    * Views used by this test.
diff --git a/core/profiles/standard/standard.install b/core/profiles/standard/standard.install
index 5aa1dd7..222d22d 100644
--- a/core/profiles/standard/standard.install
+++ b/core/profiles/standard/standard.install
@@ -45,9 +45,9 @@ function standard_install() {
   $user_settings->set('admin_role', 'administrator')->save();
 
   // Assign user 1 the "administrator" role.
-  db_insert('users_roles')
-    ->fields(array('uid' => 1, 'rid' => 'administrator'))
-    ->execute();
+  $user = user_load(1);
+  $user->addRole('administrator');
+  $user->save();
 
   // Create a Home link in the main menu.
   $menu_link = entity_create('menu_link', array(