Missing permissions on DexterityItem contenttypes on secruity tab on management screen

Hi, i have a plain plone 5.2.6 instance where i found missing permissions on the security management screen for page based objects (dexterity content type).

When viewing the security tab for a folder, all permissions are shown. But when accessing the security tab for a Page object, only a few permissions are shown:

There are permissions managed in the workflow to allow for setting the aquire_permissions_settings, which work for folders but not Page-like objects. Not all managed permissions of the workflow are shown for the Page object.

For demonstration puposes i used the one state workflow.

Here are the permission managed by the workflow which do not show up on the security management tab of the page object. On a folder they show up as expected.

We have some additional packages in the buildout, but not activated for this instance. Can someone confirm that all permissions should show up for a Page-object in a fresh 5.2 install ?

I confirmed the issue on a fresh install from a Plone-5.2.6-UnifiedInstaller-1.0.

On a folder it is possible to retract the 'Inherit permissions from higher levels' on the sharing page, while it is not possible on a page.

Steps to reproduce:

Install Plone 5.2.6 from the unified installer.
Create a Plone-Site.
Choose one-state-workflow as the default workflow.
Add the following permissions to the workflow:
Change local roles
Sharing page: Delegate Contributor role
Sharing page: Delegate Editor role
Sharing page: Delegate Reader role
Sharing page: Delegate Reviewer role
Sharing page: Delegate roles
On the single state of the workflow: Assign those permissions to the authenticated role only. Remove the "Acquire permission settings?" check.
Optional: Click "update security settings" in the portal_workflow tab.
Create a folder and inside it a page.
Create a user without additional roles.
Log in with this user in a separate or private browser instance.
Try to unheck 'Inherit permissions from higher levels' on the sharing page of the folder and of the page and click "save" on each one.

On the folder it does succeed, on the page you get a permission related error in the browser page, and the setting on the sharing page is not updated.

Note the differences in the shown permissions under the security tab in the zope management interface for the folder and the page created. (See post above.)

What to do next ?

What to do next ?

First verify if the issue is still present in Plone 5.2.14 and if it has been fixed, update?

Tested against a fresh vanilla Plone 5.2.14 instance and the same behavior occurs.

Only some permissions for the type "Page" are shown on the security tab in the ZMI. On the folder the authenticated user can uncheck "aquire_permissions_settings" and save, on document a permission error occurs. So the same behavior as with the 5.2.6 version.

Maybe the transaction can not be completed because after unchecking the "aquire_permissions_settings" the required permission is missing ?

But why are so many permission settings missing on the ZMI-security tab for a Page type ?

When you put a folder into another folder, one can set the "aquire_permissions_settings" with no problems. Setting it on document of type Page (Dexterity Type Item-based), this is not possbile, although both have set the same, one-state workflow with only one state and should both behave the same.

This looks definitely inkonsistent to me.