Why are the results different on Permission Check for my Custom Application?


the permission check is not what I expected.. so for an owner, both of these checks are true. but for say Manager, given the Can Create Map App permission is changed from the default, check1 returns false, check2 returns true.
Should the results both be true?

 public boolCanCreate(int userId, Guid containerTypeId, Guid containerId){
              PermissionCheck check1 = TEApi.Permissions.Get(UI.Permissions.MapAppPermissionRegistrar.CreateGroupMapApps, userId );
              PermissionCheck check2 = TEApi.Permissions.Get(UI.Permissions.MapAppPermissionRegistrar.CreateGroupMapApps, userId,containerId,containerTypeId, _entityPermissionType );
 
            return check1.IsAllowed || check2.IsAllowed;  
            
        }


a related post is here

heads up to