Problem/Motivation
I'm using content moderation in combination with the group.module, so I'm relying on node grants from that for edit access and normal editors do not have "view any unpublished entity".
As a result, /latest works fine for content that the user himself creates as he does have view own unpublished, but it doesn't work for entities that someone else created.
However, the editor can edit that entity and I'm also allowed to view it through /revisions. And on save, he's even redirect to /latest and then sees the access denied page.
Proposed resolution
Not sure what to do, For similar problems with translations, we're handling it through #2972308: Allow users to translate content they can edit, so the access check could look at edit permission, alternatively, we could add an entity type specific check through the handler, so that node can check its access revisions permissions?