libcli-acl: add documentation

Reviewed-by: Andrew Bartlett <abartlet@samba.org>

1 files changed, 19 insertions, 1 deletions

diff --git a/libcli/security/access_check.c b/libcli/security/access_check.c
index f0a7b665c75..936ffca242e 100644
--- a/libcli/security/access_check.c
+++ b/libcli/security/access_check.c
@@ -374,7 +374,25 @@ static const struct GUID *get_ace_object_type(struct security_ace *ace)
 	return NULL;
 }
 
-/* modified access check for the purposes of DS security
+/**
+ * @brief Perform directoryservice (DS) related access checks for a given user
+ *
+ * Perform DS access checks for the user represented by its security_token, on
+ * the provided security descriptor. If an tree associating GUID and access
+ * required is provided then object access (OA) are checked as well. *
+ * @param[in]   sd             The security descritor against which the required
+ *                             access are requested
+ *
+ * @param[in]   token          The security_token associated with the user to
+ *                             test
+ *
+ * @param[in]   access_desired A bitfield of rights that must be granted for the
+ *                             given user in the specified SD.
+ *
+ * If one
+ * of the entry in the tree grants all the requested rights for the given GUID
+ * FIXME
+ * tree can be null if not null it's the
  * Lots of code duplication, it will ve united in just one
  * function eventually */