Permissions not granted in portal_factory temp folder (Placeful Workflow)

I'm having the problem, that a permission is not granted within the portal_factory temp folder - even though there is a Workflow for it.

To give you an idea about what I'm trying to archieve: There is special folder within the site in which it should be allowed to create events by any member - but not necessarily in other places.

For that purpose, I have created a Workflow for the parent folder type to give the Member role the Add permission for the Event portal type. Additionally I set a Placeful Workflow, that assigns a special Workflow for the Event portal types within this folder, that allows the Owner the "Modify portal content" permission, because otherwise the user cannot edit the fields of the object.

When a Member tries to add an event in this folder, the following exception comes up:

You are not allowed to access 'atct_edit' in this context

Which I assume occurs, because the "Modify portal content" permission is missing. I have Products.PDBDebugMode installed, which helps me debugging with pdb there. My findings were:

  1. plone.api.user.get_roles(username='bob', obj=self) returns ['Owner', 'Member', 'Authenticated'] which is correct.
  2. portal_workflow.getChainFor(self) returns the correct special workflow for this event (the one assigned by the Placeful Workflow).
  3. user.get_permissions(username='bob', obj=self)['Modify portal content'] returns False, which is incorrect.

So I am wondering how the current user has not this permission, even though he has the Owner role and the special workflow of this object states, that the Owner role gets this permission?

I'm using Plone 4.3.14 with Archetypes.

After digging deeper into this issue, I found out, that the current workflow is not being applied.
So while being in pdb and calling workflow.updateRoleMappingsFor the necessary permissions are granted. So I'm wondering why this step was missing out before editing the object.

Is there a reasoning behind this or is it a bug?

Would it not be easier to use 'sharing' for that folder ?