Where a user could have vendor read permission on either tenant or vendor