Theo,
The xpath constraint to the user can be combined for multiple module roles. Let's say you have a user and an admin in a module as roles, then you can define the path to the user for both module roles. You do need to take something about the permissions that you define into account a the permissions cannot be empty and only contain an xpath to the user.