TYPO3 Core

Patch set 2 for branch main of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/77950

I tried to reproduce this issue on TYPO3 12 with the following test:

1) Have an "Editors" BE Usergroup with Full ACL (all tables, all fields...) except :

Explicitly allow field values  >  Insert Plugin [tt_content:CType:list]

This is the only option Unchecked

2) Create and Editor user and assign it to "Editors" group

3) Create two pages "Page A" and "Page B";
4) "Access" Module > assign both pages as Owner: Editor, Group: Editors (full access)
5) on "Page A" create a CType plugin (E.g. Indexed search)
6) Switch to "Editor" user

The following happens:

- Page view > "Page A" > the CE "Indexed Search" cannot be edited; even the "kebab" menu is absent
- switch to List view > from here the "kebab" menu is present, and you can click on "Copy"
- clicking on "copy", the CE is copied in the clipboard

7) Go to "Page B" > Page view > click on the "paste" icon (paste in this column) > on the modal, confirm the paste action

Result

An error toast message appears on the bottom right corner:

1: Attempt to copy record "tt_content:11" without having permissions to do so [ERROR: authMode "explicitAllow" failed for field "CType" with value "list" evaluated]

So, I don't see any PHP warning. Indeed, the error message is not the most user-friendly (I guess it should start with "Attempt to paste record..."
Plus, it would be better to fire it when the user attempts to copy the element on the clipboard, I guess...

Is this test the correct one? Or a different one is necessary?