A new user has only the Connect right assigned by default and belongs only to the PUBLIC group, which has no rights. In order for the user to be able to do anything, the repository administrator must grant rights to her either directly or by adding her to other groups.
For examples of combining rights to define roles, see Controlling Repository Access.
The rights a user or group receive when they become members of a group (see Adding Users and Groups to a Group) are cumulative. For example, a user with the Manage Branches right will not lose this right when he becomes a member of a group that has only the Freeze Versions and Lock Versions rights.