diff --git a/src/wp-includes/admin-bar.php b/src/wp-includes/admin-bar.php
index 15cb441668..048ca3011a 100644
--- a/src/wp-includes/admin-bar.php
+++ b/src/wp-includes/admin-bar.php
@@ -425,7 +425,9 @@ function wp_admin_bar_customize_menu( $wp_admin_bar ) {
 	}
 
 	// Don't show if the user cannot edit a given customize_changeset post currently being previewed.
-	if ( is_customize_preview() && $wp_customize->changeset_post_id() && ! current_user_can( get_post_type_object( 'customize_changeset' )->cap->edit_post, $wp_customize->changeset_post_id() ) ) {
+	if ( is_customize_preview() && $wp_customize->changeset_post_id()
+		&& ! current_user_can( get_post_type_object( 'customize_changeset' )->cap->edit_post, $wp_customize->changeset_post_id() )
+	) {
 		return;
 	}
 
diff --git a/src/wp-includes/class-wp-customize-manager.php b/src/wp-includes/class-wp-customize-manager.php
index c44c33a450..9832099f91 100644
--- a/src/wp-includes/class-wp-customize-manager.php
+++ b/src/wp-includes/class-wp-customize-manager.php
@@ -3139,13 +3139,27 @@ final class WP_Customize_Manager {
 			return;
 		}
 
-		if ( $changeset_post_id && ! current_user_can( get_post_type_object( 'customize_changeset' )->cap->delete_post, $changeset_post_id ) ) {
-			wp_send_json_error(
-				array(
-					'code'    => 'changeset_trash_unauthorized',
-					'message' => __( 'Unable to trash changes.' ),
-				)
-			);
+		if ( $changeset_post_id ) {
+			if ( ! current_user_can( get_post_type_object( 'customize_changeset' )->cap->delete_post, $changeset_post_id ) ) {
+				wp_send_json_error(
+					array(
+						'code'    => 'changeset_trash_unauthorized',
+						'message' => __( 'Unable to trash changes.' ),
+					)
+				);
+			}
+
+			$lock_user = (int) wp_check_post_lock( $changeset_post_id );
+
+			if ( $lock_user && get_current_user_id() !== $lock_user ) {
+				wp_send_json_error(
+					array(
+						'code'     => 'changeset_locked',
+						'message'  => __( 'Changeset is being edited by other user.' ),
+						'lockUser' => $this->get_lock_user_data( $lock_user ),
+					)
+				);
+			}
 		}
 
 		if ( 'trash' === get_post_status( $changeset_post_id ) ) {
diff --git a/tests/phpunit/tests/ajax/CustomizeManager.php b/tests/phpunit/tests/ajax/CustomizeManager.php
index d0c70893d3..1126e8e667 100644
--- a/tests/phpunit/tests/ajax/CustomizeManager.php
+++ b/tests/phpunit/tests/ajax/CustomizeManager.php
@@ -514,6 +514,16 @@ class Tests_Ajax_CustomizeManager extends WP_Ajax_UnitTestCase {
 		$this->assertEquals( 'changeset_trash_unauthorized', $this->_last_response_parsed['data']['code'] );
 		remove_filter( 'map_meta_cap', array( $this, 'return_do_not_allow' ) );
 
+		$lock_user_id  = static::factory()->user->create( array( 'role' => 'administrator' ) );
+		$previous_user = get_current_user_id();
+		wp_set_current_user( $lock_user_id );
+		$wp_customize->set_changeset_lock( $wp_customize->changeset_post_id() );
+		wp_set_current_user( $previous_user );
+		$this->make_ajax_call( 'customize_trash' );
+		$this->assertFalse( $this->_last_response_parsed['success'] );
+		$this->assertEquals( 'changeset_locked', $this->_last_response_parsed['data']['code'] );
+		delete_post_meta( $wp_customize->changeset_post_id(), '_edit_lock' );
+
 		wp_update_post(
 			array(
 				'ID'          => $wp_customize->changeset_post_id(),