I would really like to see more granular permissions added for both the source control and issue tracker.
My particular scenario is that I have a few private repo's and with private issue trackers attached and I don't want some users to be able to access the source code, while still being able to view or edit the issues.
With the current setup this is not really possible, so we don't give access to the issue tracker and if we had this we would dramatically increase the number of users that would access our issues.
From a business perspective I can't see any reasons why you would not enhance the permissions ASAP considering you can derive additional revenue from the increased number of users accessing private repo/issues; in a lot of cases this might be the difference between a free and paid plan.
I'm very keen to hear feedback and the possibility of when this might be added.