I'm using content moderation in combination with the group.module, so I'm relying on node grants from that for edit access and normal editors do not have "view any unpublished entity".
As a result, /latest works fine for content that the user himself creates as he does have view own unpublished, but it doesn't work for entities that someone else created.
However, the editor can edit that entity and I'm also allowed to view it through /revisions. And on save, he's even redirect to /latest and then sees the access denied page.
Not sure what to do, For similar problems with translations, we're handling it through #2972308: Allow users to translate content they can edit → , so the access check could look at edit permission, alternatively, we could add an entity type specific check through the handler, so that node can check its access revisions permissions?
Needs work
11.0 🔥
The change is currently missing an automated test that fails when run with the original code, and succeeds when the bug has been fixed.
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.