Hi Ameet,
I am not completely sure about it, but I think the ACE is just supplementary to the PFCG authorizations. Mostly you will have two different authorization checks (first genereal auth. via auth. object secondly ACE check). So finally your user should have the authorization to do it in general. Therefore I would suggest to do an authorization trace via ST01, to check, whether there are missing auth. objects.
Best regards,
Daniel