diff --git a/engine/classes/Elgg/Database/AccessCollections.php b/engine/classes/Elgg/Database/AccessCollections.php
index ad6c4268ed0..30e82d173cf 100644
--- a/engine/classes/Elgg/Database/AccessCollections.php
+++ b/engine/classes/Elgg/Database/AccessCollections.php
@@ -317,8 +317,10 @@ function getWhereSql(array $options = array()) {
 	 * @return bool
 	 */
 	function hasAccessToEntity($entity, $user = null) {
-		
-	
+		if (!$entity instanceof \ElggEntity) {
+			return false;
+		}
+
 		// See #7159. Must not allow ignore access to affect query
 		$ia = elgg_set_ignore_access(false);
 	
diff --git a/engine/tests/ElggCoreAccessSQLTest.php b/engine/tests/ElggCoreAccessSQLTest.php
index 6ea7ff41550..541d5eb3c01 100644
--- a/engine/tests/ElggCoreAccessSQLTest.php
+++ b/engine/tests/ElggCoreAccessSQLTest.php
@@ -33,7 +33,7 @@ public function __construct() {
 	public function setUp() {
 		// Replace current hook service with new instance for each test
 		$this->original_hooks = _elgg_services()->hooks;
-		_elgg_services()->hooks = new \Elgg\PluginHooksService();
+		_elgg_services()->setValue('hooks', new \Elgg\PluginHooksService());
 	}
 
 	/**
@@ -41,7 +41,7 @@ public function setUp() {
 	 */
 	public function tearDown() {
 		// Restore original hook service
-		_elgg_services()->hooks = $this->original_hooks;
+		_elgg_services()->setValue('hooks', $this->original_hooks);
 	}
 
 	/**
@@ -175,6 +175,49 @@ public function testAccessPluginHookAddAnd() {
 		$this->assertTrue($this->assertSqlEqual($ans, $sql), "$sql does not match $ans");
 	}
 
+	public function testHasAccessToEntity() {
+		$session = elgg_get_session();
+		$test_user = $session->getLoggedInUser();
+
+		$object = new ElggObject();
+		$object->access_id = ACCESS_PRIVATE;
+		$object->save();
+
+		$session->removeLoggedInUser();
+		$this->assertFalse(has_access_to_entity($object));
+		$this->assertFalse(has_access_to_entity($object, $this->user));
+		$session->setLoggedInUser($test_user);
+
+		$object->access_id = ACCESS_PUBLIC;
+		$object->save();
+
+		$session->removeLoggedInUser();
+		$this->assertTrue(has_access_to_entity($object));
+		$this->assertTrue(has_access_to_entity($object, $this->user));
+		$session->setLoggedInUser($test_user);
+
+		$object->access_id = ACCESS_LOGGED_IN;
+		$object->save();
+
+		$session->removeLoggedInUser();
+		$this->assertFalse(has_access_to_entity($object));
+		$this->assertTrue(has_access_to_entity($object, $this->user));
+		$session->setLoggedInUser($test_user);
+
+		$test_user->addFriend($this->user->guid);
+
+		$object->access_id = ACCESS_FRIENDS;
+		$object->save();
+
+		$session->removeLoggedInUser();
+		$this->assertFalse(has_access_to_entity($object));
+		$this->assertTrue(has_access_to_entity($object, $this->user));
+		$session->setLoggedInUser($test_user);
+
+		$test_user->removeFriend($this->user->guid);
+		$object->delete();
+	}
+
 	public function addAndCallback($hook, $type, $clauses, $params) {
 		$clauses['ands'][] = '57 > 32';
 		return $clauses;