Authorization in SharePoint is based on Permissions Levels,
Permission Levels can be assigned to users (SPUser) or groups (SPGroup).
A Permission Level is made of a set of permissions,
SharePoint 2010 defines a default set of Permission Levels:
- View Only View pages, list items, and documents. Document types with server-side
file handlers can be viewed in the browser but not downloaded.
- Limited Access View specific lists, document libraries, list items, folders, or documents
when given permissions.
- Read View pages and list items, and download documents.
- Contribute View, add, update, and delete list items and documents.
- Design View, add, update, delete, approve, and customize.
- Full Control