Permission levels are defined for view, update and insert resources. A permission code specifies how permissions will be propagated:
Whenever a user is given a permission level on an S3DB entity, for example a project, that same permission migrates equally to downstream resources (collection, rules, etc). If for some reason the user is given a different permission level on a downstream resource, for example in a collection, than that permission will be merged with the permission being propagated from the project and it is the final permission that will migrate to downstream resources (items). Merge is restrictive in case the permission level is described using uppercase symbols (for example, a merge of 'y' and 'N' results in 'N') and generous otherwise (for example, a merge of 'y' and 'n' results in 'y'). If the user received propagated permissions from more than 2 sources, all of the sources will be merged to produce an effective permission level.