diff --git a/core/modules/book/src/BookManager.php b/core/modules/book/src/BookManager.php
index 59f6822..64f7128 100644
--- a/core/modules/book/src/BookManager.php
+++ b/core/modules/book/src/BookManager.php
@@ -914,8 +914,30 @@ public function bookTreeCheckAccess(&$tree, $node_links = array()) {
 
       // @todo This should be actually filtering on the desired node status
       //   field language and just fall back to the default language.
-      $nids = \Drupal::entityQuery('node')
+      $query = \Drupal::entityQuery('node');
+
+      $account = \Drupal::currentUser();
+      if (!$account->hasPermission('bypass node access')) {
+        // If the user is able to view their own unpublished nodes, allow them
+        // to see these in addition to published nodes. Check that they actually
+        // have some unpublished nodes to view before adding the condition.
+        $access_query =  \Drupal::entityQuery('node')
+          ->condition('uid', $account->id())
+          ->condition('status', NODE_NOT_PUBLISHED);
+        if ($account->hasPermission('view own unpublished content') && ($own_unpublished = $access_query->execute())) {
+          $query->orConditionGroup()
+            ->condition('status', NODE_PUBLISHED)
+            ->condition('nid', $own_unpublished, 'IN');
+        }
+        else {
+          // If not, restrict the query to published nodes.
+          $query->condition('status', NODE_PUBLISHED);
+        }
+      }
+
+      $nids = $query
         ->condition('nid', $nids, 'IN')
+        ->addTag('node_access')
         ->execute();
 
       foreach ($nids as $nid) {