Authenticated user can see cases they are a provider for.

modules/opencase_cases/opencase_cases.permissions.yml

@@ -59,7 +59,3 @@ revert all case fee revisions:
 delete all case fee revisions:
   title: 'Delete all revisions'
   description: 'Role requires permission to <em>view Case Fee revisions</em> and <em>delete rights</em> for case fee entities in question or <em>administer case fee entities</em>.'
-
-permission_callbacks:
-  - \Drupal\opencase_cases\OCCaseFeePermissions::generatePermissions
-  - \Drupal\opencase_cases\OCCaseProvisionPermissions::generatePermissions

modules/opencase_cases/src/CaseInvolvement.php

@@ -11,8 +11,8 @@ class CaseInvolvement {
   public static function userIsInvolved($account, $case) {
     $actorId = self::getLinkedActorId($account);        
     $query = \Drupal::entityQuery('oc_case_provision')
-    ->condition('provider', $actorId)
-    ->condition('case', $case);
+    ->condition('oc_provider', $actorId)
+    ->condition('oc_case', $case->id());
     $results = $query->execute();
     return !empty($results);
   }

modules/opencase_cases/src/OCCaseAccessControlHandler.php

@@ -32,7 +32,6 @@ class OCCaseAccessControlHandler extends EntityAccessControlHandler {
       case 'update':   // you can edit the case only if a) you can see it and b) you have the permission to edit cases.
         return AccessResult::allowedIf(
             $account->hasPermission('edit case entities')
-            && ($account->hasPermission('view published case entities') || CaseInvolvement::userIsInvolved($account, $entity))
         );
       case 'delete':   // you can delete the case only if a) you can see it and b) you have the permission to delete cases.
         return AccessResult::allowedIf(