From 05be0984b4ddafbe5ac77e7f5356cdbec6d4924a Mon Sep 17 00:00:00 2001
From: Thomas Lamprecht <t.lamprecht@proxmox.com>
Date: Mon, 5 Oct 2020 14:53:49 +0200
Subject: [PATCH] acl: document Admin and NoAccess a bit

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
---
 src/config/acl.rs | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/config/acl.rs b/src/config/acl.rs
index c5d5dd5f..d31c7a85 100644
--- a/src/config/acl.rs
+++ b/src/config/acl.rs
@@ -47,7 +47,11 @@ constnamemap! {
 }
 
 
+/// Admin always has all privileges. It can do everything except a few actions
+/// which are limited to the 'root@pam` superuser
 pub const ROLE_ADMIN: u64 = std::u64::MAX;
+
+/// NoAccess can be used to remove privileges from specific paths
 pub const ROLE_NO_ACCESS: u64 = 0;
 
 pub const ROLE_AUDIT: u64 =
-- 
2.39.5