What is the goal/useage of the data?
if you want to display it in the front-end. your whole security model makes no sense. Bypassing is not possible (luckily) So you have to change your security model to display it. Which should not be driven by frontend requirements at all.
Or do you want to handle this data in your app logic for calculations/data processing? In that case; microflows bypass entity access by default and thus you can retrieve data from the database w/o entity access constraints applied. The moment you want to send the retrieved list to the client, the access rules will be applied.