In order to have proper test coverage you should make it easy for you and your colleagues to test this. I have no doubts that if you ever needed to test this you already have some kind of such test support. I've written down some of my ideas for testing access control logic in article on my blog:

Many of complex applications put on top of their complexity access control logic for securing data and to limit access to certain functions. No matter if you have fully configurable ACL settings based on rights or role based access you’d probably want to test this part of application too. In order to have proper test coverage you should make it easy for you and your colleagues to test this. I have no doubts that if you ever needed to test this you already have some kind of such test support, but this article describes what kind of it I’ve created for myself. It might be interesting for you to compare it with your solution or inspire you to create one if you haven’t done it already.

http://blog.novoj.net/2012/06/14/how-do-you-test-access-control-of-your-application/

It might be interesting for you to compare it with your solution or inspire you to create one if you haven’t done it already.