--- a/src/PermissionsGenerator.php	2025-10-01 15:06:17.442063669 +0200
+++ b/src/PermissionsGenerator.php	2025-10-01 15:06:25.789202006 +0200
@@ -35,11 +35,22 @@
    *   An array of permissions.
    */
   private function buildPermissions(array $carry, ContactForm $form) {
-    return array_merge($carry, [
+    $permissions = [
       'access messages for ' . $form->id() => [
         'title' => $this->t('Access messages created with %form form', ['%form' => $form->label()]),
       ],
-    ]);
+      'view messages for ' . $form->id() => [
+        'title' => $this->t('View messages created with %form form', ['%form' => $form->label()]),
+      ],
+      'update messages for ' . $form->id() => [
+        'title' => $this->t('Update messages created with %form form', ['%form' => $form->label()]),
+      ],
+      'delete messages for ' . $form->id() => [
+        'title' => $this->t('Delete messages created with %form form', ['%form' => $form->label()]),
+      ],
+    ];
+
+    return array_merge($carry, $permissions);
   }
 
 }

--- a/contact_message_permissions.module	2025-10-01 15:04:56.139715522 +0200
+++ b/contact_message_permissions.module	2025-10-01 15:05:08.979928517 +0200
@@ -8,8 +8,26 @@
   // Check access to the contact message entity.
   if ($entity->getEntityTypeId() == 'contact_message') {
     $form_id = $entity->contact_form->entity->id();
-    if ($account->hasPermission('bypass contact message access') ||
-      ($account->hasPermission('access messages for ' . $form_id))) {
+
+    // Bypass permission grants all access.
+    if ($account->hasPermission('bypass contact message access')) {
+      return AccessResult::allowed();
+    }
+
+    // Check operation-specific permissions.
+    $permission_map = [
+      'view' => 'view messages for ' . $form_id,
+      'update' => 'update messages for ' . $form_id,
+      'delete' => 'delete messages for ' . $form_id,
+    ];
+
+    // Check if there's a specific permission for this operation.
+    if (isset($permission_map[$operation]) && $account->hasPermission($permission_map[$operation])) {
+      return AccessResult::allowed();
+    }
+
+    // Fallback to the generic 'access messages' permission.
+    if ($account->hasPermission('access messages for ' . $form_id)) {
       return AccessResult::allowed();
     }
   }