These examples are intentionally simple. See the explanations of the individual authorization objects and authorization checks for details on why these examples work.
See also:
Example: Employee Self-Service
Example: Administrator Should Not Be Allowed to Edit Own Data
Example: Administrator Should Not Be Allowed to Enter Data Alone
Example: Decentralized Time Recording