diff --git a/core/modules/block_content/src/BlockContentAccessControlHandler.php b/core/modules/block_content/src/BlockContentAccessControlHandler.php
index d0c19c5..8f107c2 100644
--- a/core/modules/block_content/src/BlockContentAccessControlHandler.php
+++ b/core/modules/block_content/src/BlockContentAccessControlHandler.php
@@ -19,9 +19,15 @@ class BlockContentAccessControlHandler extends EntityAccessControlHandler {
    */
   protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
     if ($operation === 'view') {
-      return AccessResult::allowed();
+      $result = AccessResult::allowedIfHasPermission($account, 'access content');
     }
-    return parent::checkAccess($entity, $operation, $account);
+    else {
+      $result = parent::checkAccess($entity, $operation, $account);
+    }
+    if (!$result->isAllowed() && in_array($operation, ['view', 'update'], TRUE)) {
+      $result->setReason("The 'access content' permission is required for view, and 'administer blocks' permission is required for update BlockContent entity.");
+    }
+    return $result;
   }
 
 }
diff --git a/core/modules/block_content/tests/src/Functional/BlockContentCacheTagsTest.php b/core/modules/block_content/tests/src/Functional/BlockContentCacheTagsTest.php
index 59f111b..bf4eb00 100644
--- a/core/modules/block_content/tests/src/Functional/BlockContentCacheTagsTest.php
+++ b/core/modules/block_content/tests/src/Functional/BlockContentCacheTagsTest.php
@@ -8,6 +8,7 @@
 use Drupal\Core\Entity\EntityInterface;
 use Drupal\Core\Language\LanguageInterface;
 use Drupal\system\Tests\Entity\EntityCacheTagsTestBase;
+use Drupal\user\Entity\Role;
 use Symfony\Component\HttpFoundation\Request;
 
 /**
@@ -25,6 +26,19 @@ class BlockContentCacheTagsTest extends EntityCacheTagsTestBase {
   /**
    * {@inheritdoc}
    */
+  protected function setUp() {
+    parent::setUp();
+
+    // Give anonymous users permission to access content, so that we can view
+    // BlockContent entity.
+    $anonymous_role = Role::load(Role::ANONYMOUS_ID);
+    $anonymous_role->grantPermission('access content');
+    $anonymous_role->save();
+  }
+
+  /**
+   * {@inheritdoc}
+   */
   protected function createEntity() {
     $block_content_type = BlockContentType::create([
       'id' => 'basic',
diff --git a/core/modules/block_content/tests/src/Functional/BlockContentCreationTest.php b/core/modules/block_content/tests/src/Functional/BlockContentCreationTest.php
index 562a4bd..e9001c3 100644
--- a/core/modules/block_content/tests/src/Functional/BlockContentCreationTest.php
+++ b/core/modules/block_content/tests/src/Functional/BlockContentCreationTest.php
@@ -21,7 +21,7 @@ class BlockContentCreationTest extends BlockContentTestBase {
    *
    * @var array
    */
-  public static $modules = ['block_content_test', 'dblog', 'field_ui'];
+  public static $modules = ['block_content_test', 'dblog', 'field_ui', 'node'];
 
   /**
    * Permissions to grant admin user.
@@ -30,7 +30,8 @@ class BlockContentCreationTest extends BlockContentTestBase {
    */
   protected $permissions = [
     'administer blocks',
-    'administer block_content display'
+    'administer block_content display',
+    'access content',
   ];
 
   /**
diff --git a/core/modules/block_content/tests/src/Functional/BlockContentPageViewTest.php b/core/modules/block_content/tests/src/Functional/BlockContentPageViewTest.php
index 355faf1..9c85bcf 100644
--- a/core/modules/block_content/tests/src/Functional/BlockContentPageViewTest.php
+++ b/core/modules/block_content/tests/src/Functional/BlockContentPageViewTest.php
@@ -17,6 +17,14 @@ class BlockContentPageViewTest extends BlockContentTestBase {
   public static $modules = ['block_content_test'];
 
   /**
+   * {@inheritdoc}
+   */
+  protected $permissions = [
+    'administer blocks',
+    'access content',
+  ];
+
+  /**
    * Checks block edit and fallback functionality.
    */
   public function testPageEdit() {
diff --git a/core/modules/block_content/tests/src/Functional/BlockContentTranslationUITest.php b/core/modules/block_content/tests/src/Functional/BlockContentTranslationUITest.php
index 2699fcf..41c9465 100644
--- a/core/modules/block_content/tests/src/Functional/BlockContentTranslationUITest.php
+++ b/core/modules/block_content/tests/src/Functional/BlockContentTranslationUITest.php
@@ -6,6 +6,7 @@
 use Drupal\block_content\Entity\BlockContentType;
 use Drupal\Component\Utility\Unicode;
 use Drupal\content_translation\Tests\ContentTranslationUITestBase;
+use Drupal\user\Entity\Role;
 
 /**
  * Tests the block content translation UI.
@@ -24,7 +25,8 @@ class BlockContentTranslationUITest extends ContentTranslationUITestBase {
     'content_translation',
     'block',
     'field_ui',
-    'block_content'
+    'block_content',
+    'node',
   ];
 
   /**
@@ -50,6 +52,12 @@ protected function setUp() {
     parent::setUp();
 
     $this->drupalPlaceBlock('page_title_block');
+
+    // Give anonymous users permission to access content, so that we can view
+    // BlockContent entity.
+    $anonymous_role = Role::load(Role::ANONYMOUS_ID);
+    $anonymous_role->grantPermission('access content');
+    $anonymous_role->save();
   }
 
   /**
diff --git a/core/modules/hal/tests/src/Functional/EntityResource/BlockContent/BlockContentHalJsonAnonTest.php b/core/modules/hal/tests/src/Functional/EntityResource/BlockContent/BlockContentHalJsonAnonTest.php
new file mode 100644
index 0000000..d4ee9ab
--- /dev/null
+++ b/core/modules/hal/tests/src/Functional/EntityResource/BlockContent/BlockContentHalJsonAnonTest.php
@@ -0,0 +1,74 @@
+<?php
+
+namespace Drupal\Tests\hal\Functional\EntityResource\BlockContent;
+
+use Drupal\Core\Cache\Cache;
+use Drupal\Tests\hal\Functional\EntityResource\HalEntityNormalizationTrait;
+use Drupal\Tests\rest\Functional\AnonResourceTestTrait;
+use Drupal\Tests\rest\Functional\EntityResource\BlockContent\BlockContentResourceTestBase;
+
+/**
+ * @group hal
+ */
+class BlockContentHalJsonAnonTest extends BlockContentResourceTestBase {
+
+  use HalEntityNormalizationTrait;
+  use AnonResourceTestTrait;
+
+  /**
+   * {@inheritdoc}
+   */
+  public static $modules = ['hal'];
+
+  /**
+   * {@inheritdoc}
+   */
+  protected static $format = 'hal_json';
+
+  /**
+   * {@inheritdoc}
+   */
+  protected static $mimeType = 'application/hal+json';
+
+  /**
+   * {@inheritdoc}
+   */
+  protected function getExpectedNormalizedEntity() {
+    $default_normalization = parent::getExpectedNormalizedEntity();
+
+    $normalization = $this->applyHalFieldNormalization($default_normalization);
+
+    return $normalization + [
+      '_links' => [
+        'self' => [
+          'href' => $this->baseUrl . '/block/1?_format=hal_json',
+        ],
+        'type' => [
+          'href' => $this->baseUrl . '/rest/type/block_content/basic',
+        ],
+      ],
+    ];
+  }
+
+  /**
+   * {@inheritdoc}
+   */
+  protected function getNormalizedPostEntity() {
+    return parent::getNormalizedPostEntity() + [
+      '_links' => [
+        'type' => [
+          'href' => $this->baseUrl . '/rest/type/block_content/basic',
+        ],
+      ],
+    ];
+  }
+
+  /**
+   * {@inheritdoc}
+   */
+  protected function getExpectedCacheContexts() {
+    // The 'url.site' cache context is added for '_links' in the response.
+    return Cache::mergeTags(parent::getExpectedCacheContexts(), ['url.site']);
+  }
+
+}
diff --git a/core/modules/hal/tests/src/Functional/EntityResource/BlockContent/BlockContentHalJsonBasicAuthTest.php b/core/modules/hal/tests/src/Functional/EntityResource/BlockContent/BlockContentHalJsonBasicAuthTest.php
new file mode 100644
index 0000000..94d3ff4
--- /dev/null
+++ b/core/modules/hal/tests/src/Functional/EntityResource/BlockContent/BlockContentHalJsonBasicAuthTest.php
@@ -0,0 +1,24 @@
+<?php
+
+namespace Drupal\Tests\hal\Functional\EntityResource\BlockContent;
+
+use Drupal\Tests\rest\Functional\BasicAuthResourceTestTrait;
+
+/**
+ * @group hal
+ */
+class BlockContentHalJsonBasicAuthTest extends BlockContentHalJsonAnonTest {
+
+  use BasicAuthResourceTestTrait;
+
+  /**
+   * {@inheritdoc}
+   */
+  public static $modules = ['basic_auth'];
+
+  /**
+   * {@inheritdoc}
+   */
+  protected static $auth = 'basic_auth';
+
+}
diff --git a/core/modules/hal/tests/src/Functional/EntityResource/BlockContent/BlockContentHalJsonCookieTest.php b/core/modules/hal/tests/src/Functional/EntityResource/BlockContent/BlockContentHalJsonCookieTest.php
new file mode 100644
index 0000000..9cc0f25
--- /dev/null
+++ b/core/modules/hal/tests/src/Functional/EntityResource/BlockContent/BlockContentHalJsonCookieTest.php
@@ -0,0 +1,19 @@
+<?php
+
+namespace Drupal\Tests\hal\Functional\EntityResource\BlockContent;
+
+use Drupal\Tests\rest\Functional\CookieResourceTestTrait;
+
+/**
+ * @group hal
+ */
+class BlockContentHalJsonCookieTest extends BlockContentHalJsonAnonTest {
+
+  use CookieResourceTestTrait;
+
+  /**
+   * {@inheritdoc}
+   */
+  protected static $auth = 'cookie';
+
+}
diff --git a/core/modules/quickedit/src/Tests/QuickEditLoadingTest.php b/core/modules/quickedit/src/Tests/QuickEditLoadingTest.php
index 41f26a8..6f50d83 100644
--- a/core/modules/quickedit/src/Tests/QuickEditLoadingTest.php
+++ b/core/modules/quickedit/src/Tests/QuickEditLoadingTest.php
@@ -89,7 +89,7 @@ protected function setUp() {
     // editing
     $basic_permissions = ['access content', 'create article content', 'edit any article content', 'use text format filtered_html', 'access contextual links'];
     $this->authorUser = $this->drupalCreateUser($basic_permissions);
-    $this->editorUser = $this->drupalCreateUser(array_merge($basic_permissions, ['access in-place editing']));
+    $this->editorUser = $this->drupalCreateUser(array_merge($basic_permissions, ['access in-place editing', 'access content']));
   }
 
   /**
diff --git a/core/modules/rest/tests/src/Functional/EntityResource/BlockContent/BlockContentJsonAnonTest.php b/core/modules/rest/tests/src/Functional/EntityResource/BlockContent/BlockContentJsonAnonTest.php
new file mode 100644
index 0000000..16688cb
--- /dev/null
+++ b/core/modules/rest/tests/src/Functional/EntityResource/BlockContent/BlockContentJsonAnonTest.php
@@ -0,0 +1,24 @@
+<?php
+
+namespace Drupal\Tests\rest\Functional\EntityResource\BlockContent;
+
+use Drupal\Tests\rest\Functional\AnonResourceTestTrait;
+
+/**
+ * @group rest
+ */
+class BlockContentJsonAnonTest extends BlockContentResourceTestBase {
+
+  use AnonResourceTestTrait;
+
+  /**
+   * {@inheritdoc}
+   */
+  protected static $format = 'json';
+
+  /**
+   * {@inheritdoc}
+   */
+  protected static $mimeType = 'application/json';
+
+}
diff --git a/core/modules/rest/tests/src/Functional/EntityResource/BlockContent/BlockContentJsonBasicAuthTest.php b/core/modules/rest/tests/src/Functional/EntityResource/BlockContent/BlockContentJsonBasicAuthTest.php
new file mode 100644
index 0000000..c804632
--- /dev/null
+++ b/core/modules/rest/tests/src/Functional/EntityResource/BlockContent/BlockContentJsonBasicAuthTest.php
@@ -0,0 +1,34 @@
+<?php
+
+namespace Drupal\Tests\rest\Functional\EntityResource\BlockContent;
+
+use Drupal\Tests\rest\Functional\BasicAuthResourceTestTrait;
+
+/**
+ * @group rest
+ */
+class BlockContentJsonBasicAuthTest extends BlockContentResourceTestBase {
+
+  use BasicAuthResourceTestTrait;
+
+  /**
+   * {@inheritdoc}
+   */
+  public static $modules = ['basic_auth'];
+
+  /**
+   * {@inheritdoc}
+   */
+  protected static $format = 'json';
+
+  /**
+   * {@inheritdoc}
+   */
+  protected static $mimeType = 'application/json';
+
+  /**
+   * {@inheritdoc}
+   */
+  protected static $auth = 'basic_auth';
+
+}
diff --git a/core/modules/rest/tests/src/Functional/EntityResource/BlockContent/BlockContentJsonCookieTest.php b/core/modules/rest/tests/src/Functional/EntityResource/BlockContent/BlockContentJsonCookieTest.php
new file mode 100644
index 0000000..75bb3c2
--- /dev/null
+++ b/core/modules/rest/tests/src/Functional/EntityResource/BlockContent/BlockContentJsonCookieTest.php
@@ -0,0 +1,29 @@
+<?php
+
+namespace Drupal\Tests\rest\Functional\EntityResource\BlockContent;
+
+use Drupal\Tests\rest\Functional\CookieResourceTestTrait;
+
+/**
+ * @group rest
+ */
+class BlockContentJsonCookieTest extends BlockContentResourceTestBase {
+
+  use CookieResourceTestTrait;
+
+  /**
+   * {@inheritdoc}
+   */
+  protected static $format = 'json';
+
+  /**
+   * {@inheritdoc}
+   */
+  protected static $mimeType = 'application/json';
+
+  /**
+   * {@inheritdoc}
+   */
+  protected static $auth = 'cookie';
+
+}
diff --git a/core/modules/rest/tests/src/Functional/EntityResource/BlockContent/BlockContentResourceTestBase.php b/core/modules/rest/tests/src/Functional/EntityResource/BlockContent/BlockContentResourceTestBase.php
new file mode 100644
index 0000000..42d1ea2
--- /dev/null
+++ b/core/modules/rest/tests/src/Functional/EntityResource/BlockContent/BlockContentResourceTestBase.php
@@ -0,0 +1,175 @@
+<?php
+
+namespace Drupal\Tests\rest\Functional\EntityResource\BlockContent;
+
+use Drupal\block_content\Entity\BlockContent;
+use Drupal\block_content\Entity\BlockContentType;
+use Drupal\Tests\rest\Functional\BcTimestampNormalizerUnixTestTrait;
+use Drupal\Tests\rest\Functional\EntityResource\EntityResourceTestBase;
+
+/**
+ * ResourceTestBase for BlockContent entity.
+ */
+abstract class BlockContentResourceTestBase extends EntityResourceTestBase {
+
+  use BcTimestampNormalizerUnixTestTrait;
+
+  /**
+   * {@inheritdoc}
+   */
+  public static $modules = ['block_content'];
+
+  /**
+   * {@inheritdoc}
+   */
+  protected static $entityTypeId = 'block_content';
+
+  /**
+   * {@inheritdoc}
+   */
+  protected static $patchProtectedFieldNames = [
+    'changed',
+  ];
+
+  /**
+   * @var \Drupal\block_content\BlockContentInterface
+   */
+  protected $entity;
+
+  /**
+   * {@inheritdoc}
+   */
+  protected function setUpAuthorization($method) {
+    $this->grantPermissionsToTestedRole(['administer blocks', 'access content']);
+  }
+
+  /**
+   * {@inheritdoc}
+   */
+  protected function createEntity() {
+    if (!BlockContentType::load('basic')) {
+      $block_content_type = BlockContentType::create([
+        'id' => 'basic',
+        'label' => 'basic',
+        'revision' => TRUE,
+      ]);
+      $block_content_type->save();
+      block_content_add_body_field($block_content_type->id());
+    }
+
+    // Create a "Llama" custom block.
+    $block_content = BlockContent::create([
+      'info' => 'Llama',
+      'type' => 'basic',
+      'body' => [
+        'value' => 'The name "llama" was adopted by European settlers from native Peruvians.',
+        'format' => 'plain_text',
+      ],
+    ]);
+    $block_content->save();
+    return $block_content;
+  }
+
+  /**
+   * {@inheritdoc}
+   */
+  protected function getExpectedNormalizedEntity() {
+    return [
+      'id' => [
+        [
+          'value' => 1,
+        ],
+      ],
+      'uuid' => [
+        [
+          'value' => $this->entity->uuid(),
+        ],
+      ],
+      'langcode' => [
+        [
+          'value' => 'en',
+        ],
+      ],
+      'type' => [
+        [
+          'target_id' => 'basic',
+          'target_type' => 'block_content_type',
+          'target_uuid' => BlockContentType::load('basic')->uuid(),
+        ],
+      ],
+      'info' => [
+        [
+          'value' => 'Llama',
+        ],
+      ],
+      'revision_log' => [],
+      'changed' => [
+        $this->formatExpectedTimestampItemValues($this->entity->getChangedTime()),
+      ],
+      'revision_id' => [
+        [
+          'value' => 1,
+        ],
+      ],
+      'revision_created' => [
+        $this->formatExpectedTimestampItemValues((int) $this->entity->getRevisionCreationTime()),
+      ],
+      'revision_user' => [],
+      'revision_translation_affected' => [
+        [
+          'value' => TRUE,
+        ],
+      ],
+      'default_langcode' => [
+        [
+          'value' => TRUE,
+        ],
+      ],
+      'body' => [
+        [
+          'value' => 'The name "llama" was adopted by European settlers from native Peruvians.',
+          'format' => 'plain_text',
+          'summary' => NULL,
+        ],
+      ],
+    ];
+  }
+
+  /**
+   * {@inheritdoc}
+   */
+  protected function getNormalizedPostEntity() {
+    return [
+      'type' => [
+        [
+          'target_id' => 'basic',
+        ],
+      ],
+      'info' => [
+        [
+          'value' => 'Dramallama',
+        ],
+      ],
+    ];
+  }
+
+
+  /**
+   * {@inheritdoc}
+   */
+  protected function getExpectedUnauthorizedAccessMessage($method) {
+    if ($this->config('rest.settings')->get('bc_entity_resource_permissions')) {
+      return parent::getExpectedUnauthorizedAccessMessage($method);
+    }
+
+    switch ($method) {
+      case 'GET':
+      case 'PATCH':
+        return "The 'access content' permission is required for view, and 'administer blocks' permission is required for update BlockContent entity.";
+
+      default:
+        return parent::getExpectedUnauthorizedAccessMessage($method);
+    }
+  }
+
+}
diff --git a/core/modules/system/src/Tests/Update/UpdatePathRC1TestBaseFilledTest.php b/core/modules/system/src/Tests/Update/UpdatePathRC1TestBaseFilledTest.php
index 9ee6d0c..0e0ab15 100644
--- a/core/modules/system/src/Tests/Update/UpdatePathRC1TestBaseFilledTest.php
+++ b/core/modules/system/src/Tests/Update/UpdatePathRC1TestBaseFilledTest.php
@@ -4,6 +4,7 @@
 
 use Drupal\node\Entity\Node;
 use Drupal\node\Entity\NodeType;
+use Drupal\user\Entity\Role;
 use Drupal\user\Entity\User;
 
 /**
@@ -16,6 +17,19 @@ class UpdatePathRC1TestBaseFilledTest extends UpdatePathRC1TestBaseTest {
   /**
    * {@inheritdoc}
    */
+  protected function setUp() {
+    parent::setUp();
+
+    // Give anonymous users permission to access content, so that we can view
+    // BlockContent entity.
+    $anonymous_role = Role::load(Role::ANONYMOUS_ID);
+    $anonymous_role->grantPermission('access content');
+    $anonymous_role->save();
+  }
+
+  /**
+   * {@inheritdoc}
+   */
   protected function setDatabaseDumpFiles() {
     parent::setDatabaseDumpFiles();
     $this->databaseDumpFiles[0] = __DIR__ . '/../../../tests/fixtures/update/drupal-8-rc1.filled.standard.php.gz';