Our stakeholders do not want for users to be able to add comments to cases after the cases are Closed or Cancelled, because such comments will not be seen by anyone.  So I modified the Write Access Control (ACL) for our sn_hr_core_case table to require records to be Active and also NOT in a state of cancelled...

The problem is, it looks like after a user changes a case to Closed or Cancelled, the system still needs to add a couple things to the Activity Stream, and it can't do so because of the ACL, and thus an error message is displayed.  After the case is Closed or Cancelled, the system still might need to notate in the case that an email was sent out.  So what am I doing wrong, or what is a graceful way to handle this?

Here is what things look like when they WORK because they are done by an Admin (which passes the ACL checks).  You can see in (2) that some stuff gets added to the activity stream:

Here is what things look like when they are NOT working, because they were performed by a non-admin.

And here was my attempt at changing the ACL:

Again, the goal is to stop regular users from adding Comments to cases after the cases are closed, but I still want "the system" to be able to add things to the case, for example in the activity stream, and say that X value was changed to Y or that such-and-such email was sent out to the user.  Thanks!