This might be related to Security roles and security groups.
The quickest way to test this is to see if the Admin user gets access. If he does, and the problem only occurs for other users, then you know that you should be looking into security groups configuration.
If Admin also has the problem then it’s more likely a bug…
If you haven’t created and edited Security Roles and groups, and this is happening by default (which it is, since I can reproduce it in my test system) I would say that this is a bug.
I see that this call is checking for a bean in a module called “activities”, when it should be “calls”:
I’ll have a look tomorrow to see if I can fix it