I think I found where the problem is: The folder_id has context_id=-100 . If this context_id was equal to the object_id of the file_storage instance, the permissions problem would be solved, wouldn't it?
About Malte's comment on permissions granularity, I also think revision based permissions is a bit overkill.
