diff --git a/core/modules/comment/src/Plugin/Action/PublishComment.php b/core/modules/comment/src/Plugin/Action/PublishComment.php
index 0b82741..78fc7fa 100644
--- a/core/modules/comment/src/Plugin/Action/PublishComment.php
+++ b/core/modules/comment/src/Plugin/Action/PublishComment.php
@@ -34,7 +34,10 @@ public function execute($comment = NULL) {
    */
   public function access($object, AccountInterface $account = NULL, $return_as_object = FALSE) {
     /** @var \Drupal\comment\CommentInterface $object */
-    return $object->status->access('edit', $account, $return_as_object);
+    $result = $object->status->access('edit', $account, TRUE)
+      ->andIf($object->access('update', $account, TRUE));
+
+    return $return_as_object ? $result : $result->isAllowed();
   }
 
 }
diff --git a/core/modules/comment/src/Plugin/Action/UnpublishByKeywordComment.php b/core/modules/comment/src/Plugin/Action/UnpublishByKeywordComment.php
index cbba192..56706ad 100644
--- a/core/modules/comment/src/Plugin/Action/UnpublishByKeywordComment.php
+++ b/core/modules/comment/src/Plugin/Action/UnpublishByKeywordComment.php
@@ -72,7 +72,10 @@ public function submitConfigurationForm(array &$form, FormStateInterface $form_s
    */
   public function access($object, AccountInterface $account = NULL, $return_as_object = FALSE) {
     /** @var \Drupal\comment\CommentInterface $object */
-    return $object->access('update', $account, $return_as_object);
+    $result = $object->access('update', $account, TRUE)
+      ->andIf($object->status->access('edit', $account, TRUE));
+
+    return $return_as_object ? $result : $result->isAllowed();
   }
 
 }
diff --git a/core/modules/comment/src/Plugin/Action/UnpublishComment.php b/core/modules/comment/src/Plugin/Action/UnpublishComment.php
index 9264bef..4fb3d56 100644
--- a/core/modules/comment/src/Plugin/Action/UnpublishComment.php
+++ b/core/modules/comment/src/Plugin/Action/UnpublishComment.php
@@ -34,7 +34,10 @@ public function execute($comment = NULL) {
    */
   public function access($object, AccountInterface $account = NULL, $return_as_object = FALSE) {
     /** @var \Drupal\comment\CommentInterface $object */
-    return $object->status->access('edit', $account, $return_as_object);
+    $result = $object->status->access('edit', $account, TRUE)
+      ->andIf($object->access('update', $account, TRUE));
+
+    return $return_as_object ? $result : $result->isAllowed();
   }
 
 }
diff --git a/core/modules/node/src/Plugin/Action/AssignOwnerNode.php b/core/modules/node/src/Plugin/Action/AssignOwnerNode.php
index 5d67453..0d1cc38 100644
--- a/core/modules/node/src/Plugin/Action/AssignOwnerNode.php
+++ b/core/modules/node/src/Plugin/Action/AssignOwnerNode.php
@@ -138,7 +138,10 @@ public function submitConfigurationForm(array &$form, FormStateInterface $form_s
    */
   public function access($object, AccountInterface $account = NULL, $return_as_object = FALSE) {
     /** @var \Drupal\node\NodeInterface $object */
-    return $object->access('update', $account, $return_as_object);
+    $result = $object->access('update', $account, TRUE)
+      ->andIf($object->uid->access('edit', $account, TRUE));
+
+    return $return_as_object ? $result : $result->isAllowed();
   }
 
 }
diff --git a/core/modules/node/src/Plugin/Action/DemoteNode.php b/core/modules/node/src/Plugin/Action/DemoteNode.php
index 4996247..4a9fa4e 100644
--- a/core/modules/node/src/Plugin/Action/DemoteNode.php
+++ b/core/modules/node/src/Plugin/Action/DemoteNode.php
@@ -34,7 +34,10 @@ public function execute($entity = NULL) {
    */
   public function access($object, AccountInterface $account = NULL, $return_as_object = FALSE) {
     /** @var \Drupal\node\NodeInterface $object */
-    return $object->promote->access('edit', $account, $return_as_object);
+    $result = $object->access('update', $account, TRUE)
+      ->andIf($object->promote->access('edit', $account, TRUE));
+
+    return $return_as_object ? $result : $result->isAllowed();
   }
 
 }
diff --git a/core/modules/node/src/Plugin/Action/PublishNode.php b/core/modules/node/src/Plugin/Action/PublishNode.php
index 155b588..f01698f 100644
--- a/core/modules/node/src/Plugin/Action/PublishNode.php
+++ b/core/modules/node/src/Plugin/Action/PublishNode.php
@@ -34,7 +34,10 @@ public function execute($entity = NULL) {
    */
   public function access($object, AccountInterface $account = NULL, $return_as_object = FALSE) {
     /** @var \Drupal\node\NodeInterface $object */
-    return $object->status->access('edit', $account, $return_as_object);
+    $result = $object->access('update', $account, TRUE)
+      ->andIf($object->status->access('edit', $account, TRUE));
+
+    return $return_as_object ? $result : $result->isAllowed();
   }
 
 }
diff --git a/core/modules/node/src/Plugin/Action/UnpublishByKeywordNode.php b/core/modules/node/src/Plugin/Action/UnpublishByKeywordNode.php
index 30cdb53..7684af6 100644
--- a/core/modules/node/src/Plugin/Action/UnpublishByKeywordNode.php
+++ b/core/modules/node/src/Plugin/Action/UnpublishByKeywordNode.php
@@ -71,7 +71,10 @@ public function submitConfigurationForm(array &$form, FormStateInterface $form_s
    */
   public function access($object, AccountInterface $account = NULL, $return_as_object = FALSE) {
     /** @var \Drupal\node\NodeInterface $object */
-    return $object->status->access('edit', $account, $return_as_object);
+    $result = $object->access('update', $account, TRUE)
+      ->andIf($object->status->access('edit', $account, TRUE));
+
+    return $return_as_object ? $result : $result->isAllowed();
   }
 
 }
diff --git a/core/modules/node/src/Plugin/Action/UnpublishNode.php b/core/modules/node/src/Plugin/Action/UnpublishNode.php
index ea5634a..3672607 100644
--- a/core/modules/node/src/Plugin/Action/UnpublishNode.php
+++ b/core/modules/node/src/Plugin/Action/UnpublishNode.php
@@ -34,7 +34,10 @@ public function execute($entity = NULL) {
    */
   public function access($object, AccountInterface $account = NULL, $return_as_object = FALSE) {
     /** @var \Drupal\node\NodeInterface $object */
-    return $object->status->access('edit', $account, $return_as_object);
+    $result = $object->access('update', $account, TRUE)
+      ->andIf($object->status->access('edit', $account, TRUE));
+
+    return $return_as_object ? $result : $result->isAllowed();
   }
 
 }
diff --git a/core/modules/node/src/Plugin/Action/UnstickyNode.php b/core/modules/node/src/Plugin/Action/UnstickyNode.php
index 8d1b475..1b8cd0b 100644
--- a/core/modules/node/src/Plugin/Action/UnstickyNode.php
+++ b/core/modules/node/src/Plugin/Action/UnstickyNode.php
@@ -34,7 +34,10 @@ public function execute($entity = NULL) {
    */
   public function access($object, AccountInterface $account = NULL, $return_as_object = FALSE) {
     /** @var \Drupal\node\NodeInterface $object */
-    return $object->sticky->access('edit', $account, $return_as_object);
+    $result = $object->access('update', $account, TRUE)
+      ->andIf($object->sticky->access('edit', $account, TRUE));
+
+    return $return_as_object ? $result : $result->isAllowed();
   }
 
 }
diff --git a/core/modules/user/src/Plugin/Action/BlockUser.php b/core/modules/user/src/Plugin/Action/BlockUser.php
index 6ff1d79..a8d51dd 100644
--- a/core/modules/user/src/Plugin/Action/BlockUser.php
+++ b/core/modules/user/src/Plugin/Action/BlockUser.php
@@ -40,7 +40,10 @@ public function execute($account = NULL) {
    */
   public function access($object, AccountInterface $account = NULL, $return_as_object = FALSE) {
     /** @var \Drupal\user\UserInterface $object */
-    return $object->status->access('edit', $account, $return_as_object);
+    $result = $object->status->access('edit', $account, TRUE)
+      ->andIf($object->access('update', $account, TRUE));
+
+    return $return_as_object ? $result : $result->isAllowed();
   }
 
 }
diff --git a/core/modules/user/src/Plugin/Action/ChangeUserRoleBase.php b/core/modules/user/src/Plugin/Action/ChangeUserRoleBase.php
index ca98c75..8981c23 100644
--- a/core/modules/user/src/Plugin/Action/ChangeUserRoleBase.php
+++ b/core/modules/user/src/Plugin/Action/ChangeUserRoleBase.php
@@ -97,7 +97,10 @@ public function calculateDependencies() {
    */
   public function access($object, AccountInterface $account = NULL, $return_as_object = FALSE) {
     /** @var \Drupal\user\UserInterface $object */
-    return $object->access('update', $account, $return_as_object);
+    $result = $object->access('update', $account, TRUE)
+      ->andIf($object->roles->access('edit', $account, TRUE));
+
+    return $return_as_object ? $result : $result->isAllowed();
   }
 
 }
diff --git a/core/modules/user/src/Plugin/Action/UnblockUser.php b/core/modules/user/src/Plugin/Action/UnblockUser.php
index d24cb7f..f9ca68a 100644
--- a/core/modules/user/src/Plugin/Action/UnblockUser.php
+++ b/core/modules/user/src/Plugin/Action/UnblockUser.php
@@ -37,7 +37,10 @@ public function execute($account = NULL) {
    */
   public function access($object, AccountInterface $account = NULL, $return_as_object = FALSE) {
     /** @var \Drupal\user\UserInterface $object */
-    return $object->status->access('edit', $account, $return_as_object);
+    $result = $object->status->access('edit', $account, TRUE)
+      ->andIf($object->access('update', $account, TRUE));
+
+    return $return_as_object ? $result : $result->isAllowed();
   }
 
 }