A permission is an authorization granted to a user to perform particular operations. Permissions are granted to a user within a role, but not directly.
A role is a set of permissions which defines the level of access for a user to particular functionality and operations.
All permissions are divided into two categories:
Global permissions are granted within YouTrack's global scope and do not depend on a specific project. When we say 'granted within YouTrack' we mean that permission does not make sense being granted for a particular project. For example, you cannot allow someone to create users in a single project, you can do it only in the system-wide scope. Global permissions are marked with the globe icon () in the list of permissions.
Per-project permissions are granted for a specific project. Read Project or Read Group are examples of such permissions.
Even though we say that 'permissions are granted' globally or per-project, keep in mind that permissions are granted only as a part of a role and never directly as an individual permission. The following permissions are grouped by the entity that they provide access to in YouTrack.
Create a new issue.
Set relationships between issues.
Override Visibility Restrictions
View issues, comments, and attachments that are hidden by visibility settings
View issues (public fields only).
Read Issue Private Fields
View private fields of an issue.
Update the public fields of an issue.
Update Issue Private Fields
Update private fields of an issue.
Set another user as a watcher for an issue.
View the list of users who have voted for an issue (available in full issue view).
View the list of users who are watching an issue (available in full issue view).
Attach files or screenshots to issues.
Delete any file that is attached to issues.
All users can delete the files that they attached to issues themselves even when they are not explicitly granted this permission.
Modify files attached to issue and modify attachment visibility.
All users can update visibility settings for the files that they attached to issues themselves even when they are not explicitly granted this permission.
Add a comment to an issue.
Delete own comments.
Delete Not Own and Permanent Comment Delete
Delete comments posted by other users.
View issues comments.
Edit own comments.
Update Not Own Comment
Edit comments posted by other users.
Create Not Own Work Item
Create work items for other users.
Read Work Item
View the list of work items in an issue.
Update Not Own Work Item
Edit work items created by other users.
Update Work Item
Add and edit work items to an issue.
Read Not Own Profile
View profile of any user.
Update Not Own Profile
Edit the profile of any user. Allows editing and deleting any tag and saved search on the profile page of a user.
Create Tag, Saved Search or Report
Create a tag, saved search or report.
Delete Tag or Saved Search
Delete own tag or saved search.
Edit Tag or Saved Search
Edit own tag or saved search. Allows editing shared tag or saved search if user belongs to shared group.
Share Tag or Saved Search
Share own tag or saved search with other users.