diff options
Diffstat (limited to 'crates/directory/src/core/mod.rs')
-rw-r--r-- | crates/directory/src/core/mod.rs | 61 |
1 files changed, 32 insertions, 29 deletions
diff --git a/crates/directory/src/core/mod.rs b/crates/directory/src/core/mod.rs index a91852a2..4f420693 100644 --- a/crates/directory/src/core/mod.rs +++ b/crates/directory/src/core/mod.rs @@ -15,27 +15,29 @@ pub mod secret; impl Permission { pub fn description(&self) -> &'static str { match self { - Permission::Impersonate => "Allows acting on behalf of another user", - Permission::UnlimitedRequests => "Removes request limits or quotas", - Permission::UnlimitedUploads => "Removes upload size or frequency limits", - Permission::DeleteSystemFolders => "Allows deletion of critical system folders", + Permission::Impersonate => "Act on behalf of another user", + Permission::UnlimitedRequests => "Perform unlimited requests", + Permission::UnlimitedUploads => "Upload unlimited data", + Permission::DeleteSystemFolders => "Delete of system folders", Permission::MessageQueueList => "View message queue", Permission::MessageQueueGet => "Retrieve specific messages from the queue", Permission::MessageQueueUpdate => "Modify queued messages", Permission::MessageQueueDelete => "Remove messages from the queue", - Permission::OutgoingReportList => "View reports for outgoing emails", - Permission::OutgoingReportGet => "Retrieve specific outgoing email reports", - Permission::OutgoingReportDelete => "Remove outgoing email reports", - Permission::IncomingReportList => "View reports for incoming emails", - Permission::IncomingReportGet => "Retrieve specific incoming email reports", - Permission::IncomingReportDelete => "Remove incoming email reports", + Permission::OutgoingReportList => "View outgoing DMARC and TLS reports", + Permission::OutgoingReportGet => "Retrieve specific outgoing DMARC and TLS reports", + Permission::OutgoingReportDelete => "Remove outgoing DMARC and TLS reports", + Permission::IncomingReportList => "View incoming DMARC, TLS and ARF reports", + Permission::IncomingReportGet => { + "Retrieve specific incoming DMARC, TLS and ARF reports" + } + Permission::IncomingReportDelete => "Remove incoming DMARC, TLS and ARF reports", Permission::SettingsList => "View system settings", Permission::SettingsUpdate => "Modify system settings", Permission::SettingsDelete => "Remove system settings", Permission::SettingsReload => "Refresh system settings", - Permission::IndividualList => "View list of individual users", - Permission::IndividualGet => "Retrieve specific user information", - Permission::IndividualUpdate => "Modify user information", + Permission::IndividualList => "View list of user accounts", + Permission::IndividualGet => "Retrieve specific account information", + Permission::IndividualUpdate => "Modify user account information", Permission::IndividualDelete => "Remove user accounts", Permission::IndividualCreate => "Add new user accounts", Permission::GroupList => "View list of user groups", @@ -48,7 +50,7 @@ impl Permission { Permission::DomainCreate => "Add new email domains", Permission::DomainUpdate => "Modify domain information", Permission::DomainDelete => "Remove email domains", - Permission::TenantList => "View list of tenants (in multi-tenant setup)", + Permission::TenantList => "View list of tenants", Permission::TenantGet => "Retrieve specific tenant information", Permission::TenantCreate => "Add new tenants", Permission::TenantUpdate => "Modify tenant information", @@ -63,16 +65,16 @@ impl Permission { Permission::RoleCreate => "Create new roles", Permission::RoleUpdate => "Modify role information", Permission::RoleDelete => "Remove roles", - Permission::PrincipalList => "View list of principals (users or system entities)", + Permission::PrincipalList => "View list of principals", Permission::PrincipalGet => "Retrieve specific principal information", Permission::PrincipalCreate => "Create new principals", Permission::PrincipalUpdate => "Modify principal information", Permission::PrincipalDelete => "Remove principals", - Permission::BlobFetch => "Retrieve binary large objects", - Permission::PurgeBlobStore => "Clear the blob storage", - Permission::PurgeDataStore => "Clear the data storage", - Permission::PurgeLookupStore => "Clear the lookup storage", - Permission::PurgeAccount => "Completely remove an account and all associated data", + Permission::BlobFetch => "Retrieve arbitrary blobs", + Permission::PurgeBlobStore => "Purge the blob storage", + Permission::PurgeDataStore => "Purge the data storage", + Permission::PurgeLookupStore => "Purge the lookup storage", + Permission::PurgeAccount => "Purge user accounts", Permission::FtsReindex => "Rebuild the full-text search index", Permission::Undelete => "Restore deleted items", Permission::DkimSignatureCreate => "Create DKIM signatures for email authentication", @@ -80,19 +82,19 @@ impl Permission { Permission::UpdateSpamFilter => "Modify spam filter settings", Permission::UpdateWebadmin => "Modify web admin interface settings", Permission::LogsView => "Access system logs", - Permission::SieveRun => "Execute Sieve scripts for email filtering", + Permission::SieveRun => "Execute Sieve scripts from the REST API", Permission::Restart => "Restart the email server", - Permission::TracingList => "View list of system traces", + Permission::TracingList => "View stored traces", Permission::TracingGet => "Retrieve specific trace information", - Permission::TracingLive => "View real-time system traces", - Permission::MetricsList => "View list of system metrics", - Permission::MetricsLive => "View real-time system metrics", - Permission::Authenticate => "Perform authentication", - Permission::AuthenticateOauth => "Perform OAuth authentication", + Permission::TracingLive => "Perform real-time tracing", + Permission::MetricsList => "View stored metrics", + Permission::MetricsLive => "View real-time metrics", + Permission::Authenticate => "Authenticate", + Permission::AuthenticateOauth => "Authenticate via OAuth", Permission::EmailSend => "Send emails", Permission::EmailReceive => "Receive emails", - Permission::ManageEncryption => "Handle encryption settings and operations", - Permission::ManagePasswords => "Manage user passwords", + Permission::ManageEncryption => "Manage encryption-at-rest settings", + Permission::ManagePasswords => "Manage account passwords", Permission::JmapEmailGet => "Retrieve emails via JMAP", Permission::JmapMailboxGet => "Retrieve mailboxes via JMAP", Permission::JmapThreadGet => "Retrieve email threads via JMAP", @@ -223,6 +225,7 @@ mod test { .then_some(CHECK) .unwrap_or_default() ); + //println!("({:?},{:?}),", permission.name(), permission.description(),); } } } |