Permissions allow users to access certain features of a course or project worksite, depending on their roles and on the decisions made by the site owner and the system administrator.
Roles are simply collections of permissions. Some roles allow the user to simply access or read content, while other roles allow for advanced changes, such as adding participants, editing the site's content, and changing permissions for other roles. All roles are not created equal.
When you create a worksite or when one is created for you, you then have the role with the most permissions and the broadest level of access. You can therefore choose (within the limits established by the system administrator) which tools or functions (e.g., Forums, Schedule, Resources) you want the site to have. For many of these tools or functions, you can set permissions that allow or prevent users from seeing or performing certain tasks, depending on their roles.
Roles may vary in name, depending on the application. However, in general, the organizer of a project site, or the instructor of a course site, has full permissions and can add or delete content within a worksite.
Users who join an existing site will have a more limited role. The permissions of this role allow for interaction in the site, such as creating Chat messages, but do not allow for advanced tasks, such as uploading files into Resources or posting to the Calendar.
However, each implementation of the application will be different. System administrators can decide during implementation which roles to install, and which permissions these roles will have. Roles, and the associated permissions, will vary.