diff --git a/core/modules/node/src/NodeAccessControlHandler.php b/core/modules/node/src/NodeAccessControlHandler.php
index 3ec9631..c0e02cc 100644
--- a/core/modules/node/src/NodeAccessControlHandler.php
+++ b/core/modules/node/src/NodeAccessControlHandler.php
@@ -109,6 +109,17 @@ protected function checkAccess(EntityInterface $node, $operation, $langcode, Acc
       return AccessResult::allowed()->cachePerPermissions()->cachePerUser()->cacheUntilEntityChanges($node);
     }
 
+    // Check for the "edit any BUNDLE" or "delete any BUNDLE" permission.
+    $type_id = $node->getType();
+    if ($operation === 'update' && $account->hasPermission("edit any $type_id content")) {
+      return AccessResult::allowed()->cachePerPermissions()->cachePerUser()->cacheUntilEntityChanges($node);
+    }
+    if ($operation === 'delete' && $account->hasPermission("delete any $type_id content")) {
+      return AccessResult::allowed()->cachePerPermissions()->cachePerUser()->cacheUntilEntityChanges($node);
+    }
+
+    // @TODO: edit own and delete own checks.
+
     // If no module specified either ALLOW or KILL, we fall back to the
     // node_access table.
     $grants = $this->grantStorage->access($node, $operation, $langcode, $account);
diff --git a/core/modules/node/src/Tests/NodeAccessGrantsTest.php b/core/modules/node/src/Tests/NodeAccessGrantsTest.php
new file mode 100644
index 0000000..c94fdbb
--- /dev/null
+++ b/core/modules/node/src/Tests/NodeAccessGrantsTest.php
@@ -0,0 +1,53 @@
+<?php
+
+/**
+ * @file
+ * Contains \Drupal\node\Tests\NodeAccessGrantsTest.
+ */
+
+namespace Drupal\node\Tests;
+
+use Drupal\node\NodeInterface;
+use Drupal\user\RoleInterface;
+
+/**
+ * Tests basic node_access functionality with one implementation of hook_node_grants().
+ *
+ * @group node
+ */
+class NodeAccessGrantsTest extends NodeTestBase {
+
+  /**
+   * Modules to enable.
+   *
+   * @var array
+   */
+  public static $modules = array('node', 'datetime', 'node_access_test');
+
+  protected function setUp() {
+    parent::setUp();
+    // Clear permissions for authenticated users.
+    $this->config('user.role.' . RoleInterface::AUTHENTICATED_ID)->set('permissions', array())->save();
+  }
+
+  /**
+   * Runs basic tests for node_access function.
+   */
+  function testNodeAccess() {
+    // Ensures user without 'access content' permission can do nothing.
+    $web_user1 = $this->drupalCreateUser(array('edit any page content', 'delete any page content'));
+    $node1 = $this->drupalCreateNode(array('type' => 'page'));
+
+    $this->assertFalse($node1->access('view', $web_user1), 'User does not have view access.');
+    $this->assertFalse($node1->access('update', $web_user1), 'User does not have edit access.');
+    $this->assertFalse($node1->access('delete', $web_user1), 'User does not have delete access.');
+
+    // Try a new user with the proper permissions.
+    $web_user2 = $this->drupalCreateUser(array('access content', 'edit any page content', 'delete any page content'));
+
+    $this->assertTrue($node1->access('view', $web_user2), 'User has view access.');
+    $this->assertTrue($node1->access('update', $web_user2), 'User has edit access.');
+    $this->assertTrue($node1->access('delete', $web_user2), 'User has delete access.');
+  }
+
+}