Adds notes

src/Umbraco.Web.Common/Filters/UmbracoMemberAuthorizeFilter.cs

@@ -8,10 +8,12 @@ namespace Umbraco.Web.Common.Filters
 {
 
     /// <summary>
-    /// Ensures authorization is successful for a back office user.
+    /// Ensures authorization is successful for a front-end member
     /// </summary>
     public class UmbracoMemberAuthorizeFilter : IAuthorizationFilter
     {
+        // TODO: Lets revisit this when we get members done and the front-end working and whether it can be replaced or moved to an authz policy
+
         /// <summary>
         /// Comma delimited list of allowed member types
         /// </summary>

src/Umbraco.Web.Common/Filters/ValidateUmbracoFormRouteStringAttribute.cs

@@ -22,6 +22,8 @@ namespace Umbraco.Web.Common.Filters
     public class ValidateUmbracoFormRouteStringAttribute : TypeFilterAttribute
     {
 
+        // TODO: Lets revisit this when we get members done and the front-end working and whether it can moved to an authz policy
+
         public ValidateUmbracoFormRouteStringAttribute() : base(typeof(ValidateUmbracoFormRouteStringFilter))
         {
             Arguments = new object[] { };

src/Umbraco.Web.Common/Install/InstallAuthorizeAttribute.cs

@@ -13,6 +13,8 @@ namespace Umbraco.Web.Common.Install
     /// </summary>
     public class InstallAuthorizeAttribute : TypeFilterAttribute
     {
+        // NOTE: This doesn't need to be an authz policy, it's only used for the installer
+
         public InstallAuthorizeAttribute() : base(typeof(InstallAuthorizeFilter))
         {
         }