Add a description comment

Basically describing commit 71c6f438cecc3ce5e8060efe1df840652885701c
(tdf#129311 don't allow temporary trusted certs, 2019-12-17).

Change-Id: I4d947014b09412638560e9249f242cf6ff222cc2
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159069
Tested-by: Jenkins
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159266
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>

1 files changed, 7 insertions, 0 deletions

diff --git a/sfx2/source/doc/docmacromode.cxx b/sfx2/source/doc/docmacromode.cxx
index 1a311de7a1b6..50487b657101 100644
--- a/sfx2/source/doc/docmacromode.cxx
+++ b/sfx2/source/doc/docmacromode.cxx
@@ -230,6 +230,13 @@ namespace sfx2
             // check whether the document is signed with trusted certificate
             if ( nMacroExecutionMode != MacroExecMode::FROM_LIST )
             {
+                // At this point, the possible values of nMacroExecutionMode are: ALWAYS_EXECUTE,
+                // FROM_LIST_AND_SIGNED_WARN (the default), FROM_LIST_AND_SIGNED_NO_WARN.
+                // ALWAYS_EXECUTE corresponds to the Medium security level; it should ask for
+                // confirmation when macros are unsigned or untrusted. FROM_LIST_AND_SIGNED_NO_WARN
+                // should not ask any confirmations. FROM_LIST_AND_SIGNED_WARN should only allow
+                // trusted signed macros at this point; so it may only ask for confirmation to add
+                // certificates to trusted, and shouldn't show UI when trusted list is read-only.
                 // the trusted macro check will also retrieve the signature state ( small optimization )
                 const bool bAllowUI = nMacroExecutionMode != MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN
                                                  && (nMacroExecutionMode == MacroExecMode::ALWAYS_EXECUTE