App Permissions
The widget manifest supports a permissions
field. This field lets you define permission-based visibility restrictions for each of the widgets supported by your app.
Permission-based visibility restrictions work like this:
Users only need to be granted one of the required permissions to be able to view and interact with the widget, even when multiple permissions are specified in the manifest.
For widget extension points with project scopes, project-category permissions are checked on a per-project basis. For example, if you require the project-category
LINK_ISSUE
permission to view a widget that uses the project-scopedISSUE_BELOW_SUMMARY
extension point, users will only see this widget when working with projects where they have been granted theLINK_ISSUE
permission.
Permissions are listed in the permissions
field of the widget manifest as an array. Each permission is referenced using its key.
Here is an example of a widget description in an app manifest that is restricted based on user's permissions:
Use the list on this page to locate the key for each permission. To learn more about permissions in YouTrack, see Permissions.
Entity | Permission | Key |
---|---|---|
Article | Create Article | CREATE_ARTICLE |
Delete Article | DELETE_ARTICLE | |
Read Article | READ_ARTICLE | |
Update Article | UPDATE_ARTICLE | |
Article Comment | Create Article Comment | CREATE_ARTICLE_COMMENT |
Delete Article Comment | DELETE_ARTICLE_COMMENT | |
Read Article Comment | READ_ARTICLE_COMMENT | |
Update Article Comment | UPDATE_ARTICLE_COMMENT | |
Group | Create Group | CREATE_USERGROUP |
Delete Group | DELETE_USERGROUP | |
Read Group | READ_USERGROUP | |
Update Group | UPDATE_USERGROUP | |
Issue | Apply Commands Silently | APPLY_COMMANDS_SILENTLY |
Create Issue | CREATE_ISSUE | |
Delete Issue | DELETE_ISSUE | |
Link Issues | LINK_ISSUE | |
Override Visibility Restrictions | READ_HIDDEN_STUFF | |
Read Issue | READ_ISSUE | |
Read Issue Private Fields | PRIVATE_READ_ISSUE | |
Update Issue | UPDATE_ISSUE | |
Update Issue Private Fields | PRIVATE_UPDATE_ISSUE | |
Update Watchers | UPDATE_WATCHERS | |
View Voters | VIEW_VOTERS | |
View Watchers | VIEW_WATCHERS | |
Issue Attachment | Add Attachment | CREATE_ATTACHMENT_ISSUE |
Delete Attachment | DELETE_ATTACHMENT_ISSUE | |
Update Attachment | UPDATE_ATTACHMENT_ISSUE | |
Issue Comment | Create Issue Comment | CREATE_COMMENT |
Delete Issue Comment | DELETE_COMMENT | |
Delete Not Own and Permanent Comment Delete | DELETE_NOT_OWN_COMMENT | |
Read Issue Comment | READ_COMMENT | |
Update Issue Comment | UPDATE_COMMENT | |
Update Not Own Issue Comment | UPDATE_NOT_OWN_COMMENT | |
Issue Work Item | Create Not Own Work Item | CREATE_NOT_OWN_WORK_ITEM |
Create Work Item | CREATE_WORK_ITEM | |
Read Work Item | READ_WORK_ITEM | |
Update Not Own Work Item | UPDATE_NOT_OWN_WORK_ITEM | |
Update Work Item | UPDATE_WORK_ITEM | |
Organization | Create Organization | CREATE_ORGANIZATION |
Delete Organization | DELETE_ORGANIZATION | |
Read Organization | READ_ORGANIZATION | |
Update Organization | UPDATE_ORGANIZATION | |
Project | Create Project | CREATE_PROJECT |
Delete Project | DELETE_PROJECT | |
Read Project Full | READ_PROJECT | |
Read Project Basic | READ_PROJECT_BASIC | |
Update Project | UPDATE_PROJECT | |
Report | Create Report | CREATE_REPORT |
Read Report | READ_REPORT | |
Share Report | SHARE_REPORT | |
Role | Manage Role | MANAGE_ROLE |
Read Role | READ_ROLE | |
System | Low-level Admin Read | ADMIN_READ_APP |
Low-level Admin Write | ADMIN_UPDATE_APP | |
User | Create User | CREATE_USER |
Delete User | DELETE_USER | |
Read User Full | READ_USER | |
Read User Basic | READ_USER_BASIC | |
Update Self | UPDATE_PROFILE | |
Update User | UPDATE_USER | |
Watch Folder | Create Tag or Saved Search | CREATE_WATCH_FOLDER |
Delete Tag or Saved Search | DELETE_WATCH_FOLDER | |
Edit Tag or Saved Search | UPDATE_WATCH_FOLDER | |
Share Custom View | SHARE_WATCH_FOLDER |