As you are developing an application, user roles are defined at the application level. You will manage what a user role can and cannot do at the application level.
You can assign multiple roles to a user. Specific access will be granted based on the highest available for any assigned roles.
For more information please visit our online documentation pertaining to Roles and Permissions.