diff --git a/core/modules/node/node.module b/core/modules/node/node.module
index bdd5051..7e49dd2 100644
--- a/core/modules/node/node.module
+++ b/core/modules/node/node.module
@@ -1957,7 +1957,7 @@ function _node_revision_access($node, $op = 'view', $account = NULL) {
     // different revisions so there is no need for a separate database check.
     // Also, if you try to revert to or delete the current revision, that's
     // not good.
-    if ($is_current_revision && (db_query('SELECT COUNT(vid) FROM {node_revision} WHERE nid = :nid', array(':nid' => $node->nid))->fetchField() == 1 || $op == 'update' || $op == 'delete')) {
+    if ($is_current_revision && ($op == 'update' || $op == 'delete' || db_query('SELECT COUNT(vid) FROM {node_revision} WHERE nid = :nid', array(':nid' => $node->nid))->fetchField() == 1)) {
       $access[$cid] = FALSE;
     }
     elseif (user_access('administer nodes', $account)) {
diff --git a/core/modules/node/node.test b/core/modules/node/node.test
index 058e0e7..e63a251 100644
--- a/core/modules/node/node.test
+++ b/core/modules/node/node.test
@@ -2403,11 +2403,19 @@ class NodeRevisionPermissionsTestCase extends NodeWebTestCase {
 
     $permutations = $this->generatePermutations($parameters);
     foreach ($permutations as $case) {
+      $path_end = $case['op'] == 'update' ? 'revert' : $case['op'];
+      $this->drupalLogin($case['account']);
       if (!empty($case['account']->is_admin) || $case['op'] == $case['account']->op) {
         $this->assertTrue(_node_revision_access($revision, $case['op'], $case['account']), "{$this->map[$case['op']]} granted.");
+        // Test that access to the corresponding path works.
+        $this->drupalGet("node/{$revision->nid}/revisions/{$revision->vid}/$path_end");
+        $this->assertText($revision->title, "Access allowed for $path_end for administer.");
       }
       else {
         $this->assertFalse(_node_revision_access($revision, $case['op'], $case['account']), "{$this->map[$case['op']]} not granted.");
+        // Test that access is denied for corresponding path.
+        $this->drupalGet("node/{$revision->nid}/revisions/{$revision->vid}/$path_end");
+        $this->assertText('Access denied', "Access denied for $path_end.");
       }
     }
 
@@ -2418,10 +2426,28 @@ class NodeRevisionPermissionsTestCase extends NodeWebTestCase {
     $this->assertFalse(_node_revision_access($revision, 'invalid-op', $admin_account), '_node_revision_access() returns FALSE with an invalid op.');
 
     // Test that the $account parameter defaults to the "logged in" user.
-    $original_user = $GLOBALS['user'];
-    $GLOBALS['user'] = $admin_account;
+    $this->drupalLogin($admin_account);
     $this->assertTrue(_node_revision_access($revision, 'view'), '_node_revision_access() returns TRUE when used with global user.');
-    $GLOBALS['user'] = $original_user;
+
+    // Test that user cannot delete or update current revision.
+    $last_revision = end($this->node_revisions);
+    $this->assertFalse(_node_revision_access($last_revision, 'update', $this->accounts['admin']), "_node_revision_access returns FALSE when used with current revision and revert.");
+    $this->assertFalse(_node_revision_access($last_revision, 'delete', $this->accounts['admin']), "_node_revision_access returns FALSE when used with current revision and delete.");
+
+    // Make sure user cannot access the delete page for last revision.
+    $this->drupalGet("node/{$last_revision->nid}/revisions/{$last_revision->vid}/delete");
+    $this->assertText('Access denied', 'Access is denied for the user accessing the delete page for last revision.');
+
+    // Create a node with a single revision and make sure cannot view, update,
+    // or delete.
+    $node_with_one_revision = $this->drupalCreateNode();
+    $this->assertFalse(_node_revision_access($node_with_one_revision, 'view', $this->accounts['admin']), "_node_revision_access returns FALSE when viewing node with one revision.");
+    $this->assertFalse(_node_revision_access($node_with_one_revision, 'update', $this->accounts['admin']), "_node_revision_access returns FALSE when reverting node with one revision.");
+    $this->assertFalse(_node_revision_access($node_with_one_revision, 'delete', $this->accounts['admin']), "_node_revision_access returns FALSE when deleting node with one revision.");
+
+    // Make sure cannot access the revisions tab when one revision.
+    $this->drupalGet("node/{$node_with_one_revision->nid}/revisions");
+    $this->assertText('Access denied', 'Access is denied for the user at at revisions page for node with one revision.');
   }
 }