Hardware Tier access within projects.

Hardware tier access in Domino projects is defined by the project.  The auth for a user to access a particular hardware tier in a project starts with the tiers that are available to a project.  If you give a user access to a larger set of hardware tiers, GPU for instance, those permissions will not follow the user to the project unless the project already has access to that tier.  

Consider the use case where all hardware tiers are managed by org structures...

Org Nothing has access to no hardware tiers except global hardware tiers.  Org GPU has access to global tiers plus the GPU tiers.  

Project N is owned by org Nothing and so the project has access to just the global hardware tiers.  A collaborator in this project will have access to the global tiers.  Any additional access they have to the GPU tier via membership in the GPU org will not follow them to the project. 

The flow of authorization is does the project have access? If yes, then verify the user has access.