diff --git a/core/modules/overlay/lib/Drupal/overlay/Access/DismissMessageAccessCheck.php b/core/modules/overlay/lib/Drupal/overlay/Access/DismissMessageAccessCheck.php
index fc25a52..3c74bab 100644
--- a/core/modules/overlay/lib/Drupal/overlay/Access/DismissMessageAccessCheck.php
+++ b/core/modules/overlay/lib/Drupal/overlay/Access/DismissMessageAccessCheck.php
@@ -27,17 +27,17 @@ public function applies(Route $route) {
    * {@inheritdoc}
    */
   public function access(Route $route, Request $request) {
-    global $user;
-    if (!user_access('access overlay')) {
-      return FALSE;
+    $account = $request->attributes->get('account');
+    if (!user_access('access overlay', $account)) {
+      return static::DENY;
     }
     // It's unlikely, but possible that "access overlay" permission is granted
     // to the anonymous role. In this case, we do not display the message to
     // disable the overlay, so there is nothing to dismiss.
-    if (empty($user->uid)) {
-      return FALSE;
+    if (!$account->id()) {
+      return static::DENY;
     }
-    return TRUE;
+    return static::ALLOW;
   }
 
 }
diff --git a/core/modules/overlay/lib/Drupal/overlay/Controller/OverlayController.php b/core/modules/overlay/lib/Drupal/overlay/Controller/OverlayController.php
index 19d9f6f..b834768 100644
--- a/core/modules/overlay/lib/Drupal/overlay/Controller/OverlayController.php
+++ b/core/modules/overlay/lib/Drupal/overlay/Controller/OverlayController.php
@@ -19,21 +19,26 @@ class OverlayController {
   /**
    * Dismisses the overlay accessibility message for this user.
    *
+   * @param \Symfony\Component\HttpFoundation\Request $request
+   *   The request object.
+   * @throws \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
+   *   Thrown when a non valid token was specified.
    * @return \Symfony\Component\HttpFoundation\RedirectResponse
    *   Redirects to the user's edit page.
+   *
    */
   public function overlayMessage(Request $request) {
-    global $user;
+    $account = $request->attributes->get('account');
 
     // @todo Integrate CSRF link token directly into routing system: http://drupal.org/node/1798296.
     $token = $request->attributes->get('token');
     if (!isset($token) || !drupal_valid_token($token, 'overlay')) {
       throw new AccessDeniedHttpException();
     }
-    $request->attributes->get('user.data')->set('overlay', $user->uid, 'message_dismissed', 1);
+    $request->attributes->get('user.data')->set('overlay', $account->id(), 'message_dismissed', 1);
     drupal_set_message(t('The message has been dismissed. You can change your overlay settings at any time by visiting your profile page.'));
     // Destination is normally given. Go to the user profile as a fallback.
-    return new RedirectResponse(url('user/' . $user->uid . '/edit', array('absolute' => TRUE)));
+    return new RedirectResponse(url('user/' . $account->id() . '/edit', array('absolute' => TRUE)));
   }
 
 }