(For a precise definition of what each permission level allows, see the PermissionDenied error of individual routes. Briefly, "metadata" refers to object names, tags, types, properties, table column names, file media types, etc.; "content" refers to details, file contents, table rows, table entries, etc.).