neo4j · lidiazuin · Oct 10, 2022 · Sep 30, 2022
diff --git a/modules/ROOT/pages/access-control/privileges-reads.adoc b/modules/ROOT/pages/access-control/privileges-reads.adoc
@@ -12,7 +12,7 @@ This section explains how to use Cypher to manage read privileges on graphs.
 There are three separate read privileges:
 
 * xref::access-control/privileges-reads.adoc#access-control-privileges-reads-traverse[`TRAVERSE`] - enables the specified entities to be found.
-* xref::access-control/privileges-reads.adoc#access-control-privileges-reads-read[`READ`] - enables the specified properties on the found entities to be read.
+* xref::access-control/privileges-reads.adoc#access-control-privileges-reads-read[`READ`] - enables the specified properties of the found entities to be read.
 * xref::access-control/privileges-reads.adoc#access-control-privileges-reads-match[`MATCH`] - combines both `TRAVERSE` and `READ`, enabling an entity to be found and its properties read.
 
 
@@ -21,7 +21,7 @@ There are three separate read privileges:
 
 Users can be granted the right to find nodes and relationships using the `GRANT TRAVERSE` privilege.
 
-[source, syntax, role="noheader", indent=0]
+[source, syntax, role="noheader"]
 ----
 GRANT TRAVERSE
   ON { HOME GRAPH | GRAPH[S] { * | name[, ...] } }
@@ -33,16 +33,16 @@ GRANT TRAVERSE
   TO role[, ...]
 ----
 
-For example, we can enable the user `jake`, who has role `regularUsers` to find all nodes with the label `Post`.
+For example, we can enable the user `jake`, who has the role 'regularUsers' to find all nodes with the label `Post`:
 
-[source, cypher, role=noplay, indent=0]
+[source, cypher, role=noplay]
 ----
 GRANT TRAVERSE ON GRAPH neo4j NODES Post TO regularUsers
 ----
 
 The `TRAVERSE` privilege can also be denied.
 
-[source, syntax, role="noheader", indent=0]
+[source, syntax, role="noheader"]
 ----
 DENY TRAVERSE
   ON { HOME GRAPH | GRAPH[S] { * | name[, ...] } }
@@ -54,9 +54,9 @@ DENY TRAVERSE
   TO role[, ...]
 ----
 
-For example, we can disable the user `jake`, who has role `regularUsers` from finding all nodes with the label `Payments`.
+For example, we can disable the user `jake`, who has the role 'regularUsers' from finding all nodes with the label `Payments`:
 
-[source, cypher, role=noplay, indent=0]
+[source, cypher, role=noplay]
 ----
 DENY TRAVERSE ON HOME GRAPH NODES Payments TO regularUsers
 ----
@@ -68,7 +68,7 @@ DENY TRAVERSE ON HOME GRAPH NODES Payments TO regularUsers
 Users can be granted the right to do property reads on nodes and relationships using the `GRANT READ` privilege.
 It is very important to note that users can only read properties on entities that they are enabled to find in the first place.
 
-[source, syntax, role="noheader", indent=0]
+[source, syntax, role="noheader"]
 ----
 GRANT READ "{" { * | property[, ...] } "}"
   ON { HOME GRAPH | GRAPH[S] { * | name[, ...] } }
@@ -80,10 +80,10 @@ GRANT READ "{" { * | property[, ...] } "}"
   TO role[, ...]
 ----
 
-For example, we can enable the user `jake`, who has role `regularUsers` to read all properties on nodes with the label `Post`.
+For example, we can enable the user `jake`, who has the role 'regularUsers' to read all properties on nodes with the label `Post`.
 The `+*+` implies that the ability to read all properties also extends to properties that might be added in the future.
 
-[source, cypher, role=noplay, indent=0]
+[source, cypher, role=noplay]
 ----
 GRANT READ { * } ON GRAPH neo4j NODES Post TO regularUsers
 ----
@@ -96,7 +96,7 @@ For example, if there is also a `DENY TRAVERSE` present on the same entity as a
 
 The `READ` privilege can also be denied.
 
-[source, syntax, role="noheader", indent=0]
+[source, syntax, role="noheader"]
 ----
 DENY READ "{" { * | property[, ...] } "}"
   ON { HOME GRAPH | GRAPH[S] { * | name[, ...] } }
@@ -109,9 +109,9 @@ DENY READ "{" { * | property[, ...] } "}"
 ----
 
 Although we just granted the user `jake` the right to read all properties, we may want to hide the `secret` property.
-The following example shows how to do that.
+The following example shows how to do that:
 
-[source, cypher, role=noplay, indent=0]
+[source, cypher, role=noplay]
 ----
 DENY READ { secret } ON GRAPH neo4j NODES Post TO regularUsers
 ----
@@ -120,10 +120,10 @@ DENY READ { secret } ON GRAPH neo4j NODES Post TO regularUsers
 [[access-control-privileges-reads-match]]
 == The `MATCH` privilege
 
-Users can be granted the right to find and do property reads on nodes and relationships using the `GRANT MATCH` privilege
+Users can be granted the right to find and do property reads on nodes and relationships using the `GRANT MATCH` privilege.
 This is semantically the same as having both `TRAVERSE` and `READ` privileges.
 
-[source, syntax, role="noheader", indent=0]
+[source, syntax, role="noheader"]
 ----
 GRANT MATCH "{" { * | property[, ...] } "}"
   ON { HOME GRAPH | GRAPH[S] { * | name[, ...] } }
@@ -135,16 +135,16 @@ GRANT MATCH "{" { * | property[, ...] } "}"
   TO role[, ...]
 ----
 
-For example if you want to grant the ability to read the properties `language` and `length` for nodes with the label `Message`, as well as the ability to find these nodes, to a role `regularUsers` you can use the following `GRANT MATCH` query.
+For example if you want to grant the ability to read the properties `language` and `length` for nodes with the label `Message`, as well as the ability to find these nodes to the role `regularUsers`, you can use the following `GRANT MATCH` query:
 
-[source, cypher, role=noplay, indent=0]
+[source, cypher, role=noplay]
 ----
 GRANT MATCH { language, length } ON GRAPH neo4j NODES Message TO regularUsers
 ----
 
 Like all other privileges, the `MATCH` privilege can also be denied.
 
-[source, syntax, role="noheader", indent=0]
+[source, syntax, role="noheader"]
 ----
 DENY MATCH "{" { * | property[, ...] } "}"
   ON { HOME GRAPH | GRAPH[S] { * | name[, ...] } }
@@ -156,24 +156,23 @@ DENY MATCH "{" { * | property[, ...] } "}"
   TO role[, ...]
 ----
 
-Please note that the effect of denying a `MATCH` privilege depends on whether concrete property keys are specified or a `+*+`.
-If you specify concrete property keys then `DENY MATCH` will only deny reading those properties.
+Please note that the effect of denying a `MATCH` privilege depends on whether concrete property keys are specified or are `+*+`.
+If you specify concrete property keys, then `DENY MATCH` will only deny reading those properties.
 Finding the elements to traverse would still be enabled.
-If you specify `+*+` instead then both traversal of the element and all property reads will be disabled.
+If you specify `+*+` instead, then both traversal of the element and all property reads will be disabled.
 The following queries will show examples for this.
 
-Denying to read the property ´content´ on nodes with the label `Message` for the role `regularUsers` would look like the following query.
+Denying to read the property `content` on nodes with the label `Message` for the role `regularUsers` would look like the following query.
 Although not being able to read this specific property, nodes with that label can still be traversed (and, depending on other grants, other properties on it could still be read).
 
-[source, cypher, role=noplay, indent=0]
+[source, cypher, role=noplay]
 ----
 DENY MATCH { content } ON GRAPH neo4j NODES Message TO regularUsers
 ----
 
-The following query exemplifies how it would look like if you want to deny both reading all properties and traversing nodes labeled with `Account`.
+The following query exemplifies how it would look if you wanted to deny both reading all properties and traversing nodes labeled with `Account`:
 
-[source, cypher, role=noplay, indent=0]
+[source, cypher, role=noplay]
 ----
 DENY MATCH { * } ON GRAPH neo4j NODES Account TO regularUsers
 ----
-