1 files changed, 32 insertions, 29 deletions

diff --git a/crates/directory/src/core/mod.rs b/crates/directory/src/core/mod.rs
index a91852a2..4f420693 100644
--- a/crates/directory/src/core/mod.rs
+++ b/crates/directory/src/core/mod.rs
@@ -15,27 +15,29 @@ pub mod secret;
 impl Permission {
     pub fn description(&self) -> &'static str {
         match self {
-            Permission::Impersonate => "Allows acting on behalf of another user",
-            Permission::UnlimitedRequests => "Removes request limits or quotas",
-            Permission::UnlimitedUploads => "Removes upload size or frequency limits",
-            Permission::DeleteSystemFolders => "Allows deletion of critical system folders",
+            Permission::Impersonate => "Act on behalf of another user",
+            Permission::UnlimitedRequests => "Perform unlimited requests",
+            Permission::UnlimitedUploads => "Upload unlimited data",
+            Permission::DeleteSystemFolders => "Delete of system folders",
             Permission::MessageQueueList => "View message queue",
             Permission::MessageQueueGet => "Retrieve specific messages from the queue",
             Permission::MessageQueueUpdate => "Modify queued messages",
             Permission::MessageQueueDelete => "Remove messages from the queue",
-            Permission::OutgoingReportList => "View reports for outgoing emails",
-            Permission::OutgoingReportGet => "Retrieve specific outgoing email reports",
-            Permission::OutgoingReportDelete => "Remove outgoing email reports",
-            Permission::IncomingReportList => "View reports for incoming emails",
-            Permission::IncomingReportGet => "Retrieve specific incoming email reports",
-            Permission::IncomingReportDelete => "Remove incoming email reports",
+            Permission::OutgoingReportList => "View outgoing DMARC and TLS reports",
+            Permission::OutgoingReportGet => "Retrieve specific outgoing DMARC and TLS reports",
+            Permission::OutgoingReportDelete => "Remove outgoing DMARC and TLS reports",
+            Permission::IncomingReportList => "View incoming DMARC, TLS and ARF reports",
+            Permission::IncomingReportGet => {
+                "Retrieve specific incoming DMARC, TLS and ARF reports"
+            }
+            Permission::IncomingReportDelete => "Remove incoming DMARC, TLS and ARF reports",
             Permission::SettingsList => "View system settings",
             Permission::SettingsUpdate => "Modify system settings",
             Permission::SettingsDelete => "Remove system settings",
             Permission::SettingsReload => "Refresh system settings",
-            Permission::IndividualList => "View list of individual users",
-            Permission::IndividualGet => "Retrieve specific user information",
-            Permission::IndividualUpdate => "Modify user information",
+            Permission::IndividualList => "View list of user accounts",
+            Permission::IndividualGet => "Retrieve specific account information",
+            Permission::IndividualUpdate => "Modify user account information",
             Permission::IndividualDelete => "Remove user accounts",
             Permission::IndividualCreate => "Add new user accounts",
             Permission::GroupList => "View list of user groups",
@@ -48,7 +50,7 @@ impl Permission {
             Permission::DomainCreate => "Add new email domains",
             Permission::DomainUpdate => "Modify domain information",
             Permission::DomainDelete => "Remove email domains",
-            Permission::TenantList => "View list of tenants (in multi-tenant setup)",
+            Permission::TenantList => "View list of tenants",
             Permission::TenantGet => "Retrieve specific tenant information",
             Permission::TenantCreate => "Add new tenants",
             Permission::TenantUpdate => "Modify tenant information",
@@ -63,16 +65,16 @@ impl Permission {
             Permission::RoleCreate => "Create new roles",
             Permission::RoleUpdate => "Modify role information",
             Permission::RoleDelete => "Remove roles",
-            Permission::PrincipalList => "View list of principals (users or system entities)",
+            Permission::PrincipalList => "View list of principals",
             Permission::PrincipalGet => "Retrieve specific principal information",
             Permission::PrincipalCreate => "Create new principals",
             Permission::PrincipalUpdate => "Modify principal information",
             Permission::PrincipalDelete => "Remove principals",
-            Permission::BlobFetch => "Retrieve binary large objects",
-            Permission::PurgeBlobStore => "Clear the blob storage",
-            Permission::PurgeDataStore => "Clear the data storage",
-            Permission::PurgeLookupStore => "Clear the lookup storage",
-            Permission::PurgeAccount => "Completely remove an account and all associated data",
+            Permission::BlobFetch => "Retrieve arbitrary blobs",
+            Permission::PurgeBlobStore => "Purge the blob storage",
+            Permission::PurgeDataStore => "Purge the data storage",
+            Permission::PurgeLookupStore => "Purge the lookup storage",
+            Permission::PurgeAccount => "Purge user accounts",
             Permission::FtsReindex => "Rebuild the full-text search index",
             Permission::Undelete => "Restore deleted items",
             Permission::DkimSignatureCreate => "Create DKIM signatures for email authentication",
@@ -80,19 +82,19 @@ impl Permission {
             Permission::UpdateSpamFilter => "Modify spam filter settings",
             Permission::UpdateWebadmin => "Modify web admin interface settings",
             Permission::LogsView => "Access system logs",
-            Permission::SieveRun => "Execute Sieve scripts for email filtering",
+            Permission::SieveRun => "Execute Sieve scripts from the REST API",
             Permission::Restart => "Restart the email server",
-            Permission::TracingList => "View list of system traces",
+            Permission::TracingList => "View stored traces",
             Permission::TracingGet => "Retrieve specific trace information",
-            Permission::TracingLive => "View real-time system traces",
-            Permission::MetricsList => "View list of system metrics",
-            Permission::MetricsLive => "View real-time system metrics",
-            Permission::Authenticate => "Perform authentication",
-            Permission::AuthenticateOauth => "Perform OAuth authentication",
+            Permission::TracingLive => "Perform real-time tracing",
+            Permission::MetricsList => "View stored metrics",
+            Permission::MetricsLive => "View real-time metrics",
+            Permission::Authenticate => "Authenticate",
+            Permission::AuthenticateOauth => "Authenticate via OAuth",
             Permission::EmailSend => "Send emails",
             Permission::EmailReceive => "Receive emails",
-            Permission::ManageEncryption => "Handle encryption settings and operations",
-            Permission::ManagePasswords => "Manage user passwords",
+            Permission::ManageEncryption => "Manage encryption-at-rest settings",
+            Permission::ManagePasswords => "Manage account passwords",
             Permission::JmapEmailGet => "Retrieve emails via JMAP",
             Permission::JmapMailboxGet => "Retrieve mailboxes via JMAP",
             Permission::JmapThreadGet => "Retrieve email threads via JMAP",
@@ -223,6 +225,7 @@ mod test {
                     .then_some(CHECK)
                     .unwrap_or_default()
             );
+            //println!("({:?},{:?}),", permission.name(), permission.description(),);
         }
     }
 }