That is intended behavior. Only super users are allowed to modify files in the template manager.

Trying to restrict a users permissions while he can edit the files is pointless. He could raise his permissions to SuperUser within a minute.

Yes, normaly you can switch to SuperUser, but there are Permission for Configure ACL & Options.

It's actually trivial to give anybody Super User access if you can write to the database directly. It's trivial to write to the database directly when you can edit executable PHP code on the site. This article of mine is nearly five years old but the premise of injecting a Super User still holds: http://magazine.joomla.org/issues/issue-sept-2010/item/148-62-reasons-to-fire-your-super-admin It just needs a very slight modification for J! 3 which I will leave to the enterprising reader's imagination.

So, really, the template manager MUST NOT allow anyone besides Super Users to edit the template files. Do note that you can give core.admin privileges to the template manager but not the entire site which makes it different than being a Super User. With your proposed change the otherwise limited user would be able to escalate his privileges to full Super User (a.k.a. God Mode) which is a gaping security hole as @Bakual explained.

See #7353

This is what currently prevents anyone from entering the template manager if he is not already full admin in the template manager. It basically nullifies the whole ACL in the template manager.
That PR will enable ACL.