Improve permissions CRD descriptions

api/v1alpha2/permission_types.go

@@ -7,13 +7,14 @@ import (
 
 // PermissionSpec defines the desired state of Permission
 type PermissionSpec struct {
-	// Name of the user; has to an existing user.
-	// Required property.
+	// Name of an existing user; required property.
 	// +kubebuilder:validation:Required
 	User string `json:"user"`
-	// Required property; has to an existing vhost.
+	// Name of an existing vhost; required property.
 	// +kubebuilder:validation:Required
 	Vhost string `json:"vhost"`
+	// Permissions to grant to the user in the specific vhost; required property.
+	// See RabbitMQ doc for more information: https://www.rabbitmq.com/access-control.html#user-management
 	// +kubebuilder:validation:Required
 	Permissions VhostPermissions `json:"permissions"`
 	// Reference to the RabbitmqCluster that both the provided user and vhost are.
@@ -22,9 +23,8 @@ type PermissionSpec struct {
 	RabbitmqClusterReference RabbitmqClusterReference `json:"rabbitmqClusterReference"`
 }
 
-// Defines a RabbitMQ user permissions in the specified vhost.
+// Set of RabbitMQ permissions: configure, read and write.
 // By not setting a property (configure/write/read), it result in an empty string which does not not match any permission.
-// For more information, see official doc: https://www.rabbitmq.com/access-control.html#user-management
 type VhostPermissions struct {
 	// +kubebuilder:validation:Optional
 	Configure string `json:"configure,omitempty"`

api/v1alpha2/permission_webhook.go

@@ -19,7 +19,7 @@ func (p *Permission) SetupWebhookWithManager(mgr ctrl.Manager) error {
 
 var _ webhook.Validator = &Permission{}
 
-// no validation on update
+// no validation on create
 func (p *Permission) ValidateCreate() error {
 	return nil
 }

config/crd/bases/rabbitmq.com_permissions.yaml

@@ -37,10 +37,8 @@ spec:
             description: PermissionSpec defines the desired state of Permission
             properties:
               permissions:
-                description: 'Defines a RabbitMQ user permissions in the specified
-                  vhost. By not setting a property (configure/write/read), it result
-                  in an empty string which does not not match any permission. For
-                  more information, see official doc: https://www.rabbitmq.com/access-control.html#user-management'
+                description: 'Permissions to grant to the user in the specific vhost;
+                  required property. See RabbitMQ doc for more information: https://www.rabbitmq.com/access-control.html#user-management'
                 properties:
                   configure:
                     type: string
@@ -59,10 +57,10 @@ spec:
                 - name
                 type: object
               user:
-                description: Name of the user; has to an existing user. Required property.
+                description: Name of an existing user; required property.
                 type: string
               vhost:
-                description: Required property; has to an existing vhost.
+                description: Name of an existing vhost; required property.
                 type: string
             required:
             - permissions

system_tests/permissions_system_test.go

@@ -109,7 +109,7 @@ var _ = Describe("Permission", func() {
 		updateTest.Spec.Vhost = "/a-new-vhost"
 		Expect(k8sClient.Update(ctx, &updateTest).Error()).To(ContainSubstring("spec.vhost: Forbidden: updates on user, vhost and rabbitmqClusterReference are all forbidden"))
 
-		By("updating policy definitions successfully")
+		By("updating permissions successfully")
 		Expect(k8sClient.Get(ctx, types.NamespacedName{Name: permission.Name, Namespace: permission.Namespace}, permission)).To(Succeed())
 		permission.Spec.Permissions.Write = ".*"
 		permission.Spec.Permissions.Read = "^$"