diff --git a/CHANGELOG.md b/CHANGELOG.md
index fbc8e594f86a46c8e0118f1654af71345ef9f1f7..0c5decad3d8be81a49dccdd4a748dc667994c587 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -45,7 +45,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
   execute insert, update or delete transactions on entities. However, the
   unprivileged users would also need the correct entity permissions to do that.
 
-  Without backup, this means possible data loss. Also there is the possibility
+  Without backup, this means possible data loss. Also there was the possibility
   to spam the database by creating unwanted entities.
 
 ### Documentation ###
diff --git a/src/main/java/org/caosdb/server/jobs/core/AccessControl.java b/src/main/java/org/caosdb/server/jobs/core/AccessControl.java
index 5c63f9418122b56440be0780628fb13f9ae7bc4b..ede7658580811671f19f955f36faa59db4df922f 100644
--- a/src/main/java/org/caosdb/server/jobs/core/AccessControl.java
+++ b/src/main/java/org/caosdb/server/jobs/core/AccessControl.java
@@ -1,9 +1,10 @@
 /*
- * ** header v3.0
  * This file is a part of the CaosDB Project.
  *
  * Copyright (C) 2018 Research Group Biomedical Physics,
  * Max-Planck-Institute for Dynamics and Self-Organization Göttingen
+ * Copyright (C) 2023 Timm Fitschen <t.fitschen@indiscale.com>
+ * Copyright (C) 2023 IndiScale <info@indiscale.com>
  *
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU Affero General Public License as
@@ -17,8 +18,6 @@
  *
  * You should have received a copy of the GNU Affero General Public License
  * along with this program. If not, see <https://www.gnu.org/licenses/>.
- *
- * ** end header
  */
 package org.caosdb.server.jobs.core;
 
@@ -37,6 +36,14 @@ import org.caosdb.server.transaction.Retrieve;
 import org.caosdb.server.utils.EntityStatus;
 import org.caosdb.server.utils.ServerMessages;
 
+/**
+ * Checks the TRANSACTION:* permissions before a transaction begins.
+ *
+ * <p>Users need TRANSACTION:INSERT:?ENTITY_ROLE? permission to insert an entity of the particular
+ * entity role. Likewise, they need the TRANSACTION:UPDATE or TRANSACTION:DELETE permissions.
+ *
+ * @author Timm Fitschen <f.fitschen@indiscale.com>
+ */
 @JobAnnotation(stage = TransactionStage.INIT)
 public class AccessControl extends ContainerJob {