From 291618239987d9b2a9df6cb01b83d7f52d135bee Mon Sep 17 00:00:00 2001
From: imtbkcat <songlingyu@pingcap.com>
Date: Fri, 12 Jun 2020 16:44:42 +0800
Subject: [PATCH 01/11] fix dco

---
 sql-statements/sql-statement-create-user.md   | 25 +++++++++++++++++++
 sql-statements/sql-statement-drop-user.md     |  9 ++++---
 .../sql-statement-flush-privileges.md         |  1 +
 .../sql-statement-grant-privileges.md         |  3 ++-
 .../sql-statement-revoke-privileges.md        |  7 +++---
 sql-statements/sql-statement-set-password.md  |  6 ++---
 6 files changed, 40 insertions(+), 11 deletions(-)

diff --git a/sql-statements/sql-statement-create-user.md b/sql-statements/sql-statement-create-user.md
index 4f95850ed3824..ef16a1d94e01f 100644
--- a/sql-statements/sql-statement-create-user.md
+++ b/sql-statements/sql-statement-create-user.md
@@ -37,17 +37,42 @@ This statement creates a new user, specified with a password. In the MySQL privi
 
 ## Examples
 
+Create a user with password `newuserpassword`.
+
 ```sql
 mysql> CREATE USER 'newuser' IDENTIFIED BY 'newuserpassword';
 Query OK, 1 row affected (0.04 sec)
+```
 
+Create a user which could only be login at `192.168.1.1`.
+
+```sql
 mysql> CREATE USER 'newuser2'@'192.168.1.1' IDENTIFIED BY 'newuserpassword';
 Query OK, 1 row affected (0.02 sec)
 ```
 
+Create a user which enforce using TLS connection.
+
+
+```sql
+CREATE USER 'newuser3'@'%' REQUIRE SSL IDENTIFIED BY 'newuserpassword';
+Query OK, 1 row affected (0.02 sec)
+``` 
+
+Create a user which require X.509 certificate at login.
+
+```sql
+CREATE USER 'newuser4'@'%' REQUIRE ISSUER '/C=US/ST=California/L=San Francisco/O=PingCAP' IDENTIFIED BY 'newuserpassword';
+Query OK, 1 row affected (0.02 sec)
+```
+
 ## MySQL compatibility
 
 * Several of the `CREATE` options are not yet supported by TiDB, and will be parsed but ignored.
+* TiDB don't support `WITH MAX_QUERIES_PER_HOUR`, `WITH MAX_UPDATES_PER_HOUR`, `WITH MAX_USER_CONNECTIONS` in `CREATE USER`.
+* TiDB don't support `DEFAULT ROLE` option.
+* TiDB don't support `PASSWORD EXPIRE`, `PASSWORD HISTORY` or other options related to password.
+* TiDB don't support  `ACCOUNT LOCK`, `ACCOUNT UNLOCK` option.
 
 ## See also
 
diff --git a/sql-statements/sql-statement-drop-user.md b/sql-statements/sql-statement-drop-user.md
index 8d07d4ce5e560..864be568edda0 100644
--- a/sql-statements/sql-statement-drop-user.md
+++ b/sql-statements/sql-statement-drop-user.md
@@ -8,6 +8,7 @@ aliases: ['/docs/dev/reference/sql/statements/drop-user/']
 # DROP USER
 
 This statement removes a user from the TiDB system database. The optional keyword `IF EXISTS` can be used to silence an error if the user does not exist.
+This statement require `CREATE USER` privilege.
 
 ## Synopsis
 
@@ -25,10 +26,10 @@ This statement removes a user from the TiDB system database. The optional keywor
 mysql> DROP USER idontexist;
 ERROR 1396 (HY000): Operation DROP USER failed for idontexist@%
 
-mysql> DROP USER IF EXISTS idontexist;
+mysql> DROP USER IF EXISTS 'idontexist';
 Query OK, 0 rows affected (0.01 sec)
 
-mysql> CREATE USER newuser IDENTIFIED BY 'mypassword';
+mysql> CREATE USER 'newuser' IDENTIFIED BY 'mypassword';
 Query OK, 1 row affected (0.02 sec)
 
 mysql> GRANT ALL ON test.* TO 'newuser';
@@ -54,10 +55,10 @@ mysql> SHOW GRANTS FOR 'newuser';
 +-------------------------------------+
 1 row in set (0.00 sec)
 
-mysql> DROP USER newuser;
+mysql> DROP USER 'newuser';
 Query OK, 0 rows affected (0.14 sec)
 
-mysql> SHOW GRANTS FOR newuser;
+mysql> SHOW GRANTS FOR 'newuser';
 ERROR 1141 (42000): There is no such grant defined for user 'newuser' on host '%'
 ```
 
diff --git a/sql-statements/sql-statement-flush-privileges.md b/sql-statements/sql-statement-flush-privileges.md
index 9cdd58b88dbb1..3d4d372ed430d 100644
--- a/sql-statements/sql-statement-flush-privileges.md
+++ b/sql-statements/sql-statement-flush-privileges.md
@@ -8,6 +8,7 @@ aliases: ['/docs/dev/reference/sql/statements/flush-privileges/']
 # FLUSH PRIVILEGES
 
 This statement triggers TiDB to reload the in-memory copy of privileges from the privilege tables. You should execute `FLUSH PRIVILEGES` after making manual edits to tables such as `mysql.user`. Executing this statement is not required after using privilege statements such as `GRANT` or `REVOKE`.
+Executing this statement require `RELOAD` privilege.
 
 ## Synopsis
 
diff --git a/sql-statements/sql-statement-grant-privileges.md b/sql-statements/sql-statement-grant-privileges.md
index 4057574a2e088..ce0259b543749 100644
--- a/sql-statements/sql-statement-grant-privileges.md
+++ b/sql-statements/sql-statement-grant-privileges.md
@@ -8,6 +8,7 @@ aliases: ['/docs/dev/reference/sql/statements/grant-privileges/']
 # `GRANT <privileges>`
 
 This statement allocates privileges to a pre-existing user in TiDB. The privilege system in TiDB follows MySQL, where credentials are assigned based on a database/table pattern.
+Executing this statement require `GRANT OPTION` privilege and all peivileges you want to allocate.
 
 ## Synopsis
 
@@ -42,7 +43,7 @@ This statement allocates privileges to a pre-existing user in TiDB. The privileg
 ## Examples
 
 ```sql
-mysql> CREATE USER newuser IDENTIFIED BY 'mypassword';
+mysql> CREATE USER 'newuser' IDENTIFIED BY 'mypassword';
 Query OK, 1 row affected (0.02 sec)
 
 mysql> GRANT ALL ON test.* TO 'newuser';
diff --git a/sql-statements/sql-statement-revoke-privileges.md b/sql-statements/sql-statement-revoke-privileges.md
index d11e7b2877b8c..5084c4c95b6e1 100644
--- a/sql-statements/sql-statement-revoke-privileges.md
+++ b/sql-statements/sql-statement-revoke-privileges.md
@@ -8,6 +8,7 @@ aliases: ['/docs/dev/reference/sql/statements/revoke-privileges/']
 # `REVOKE <privileges>`
 
 This statement removes privileges from an existing user.
+Executing this statement require `GRANT OPTION` privilege and all peivileges you want to revok.
 
 ## Synopsis
 
@@ -42,7 +43,7 @@ This statement removes privileges from an existing user.
 ## Examples
 
 ```sql
-mysql> CREATE USER newuser IDENTIFIED BY 'mypassword';
+mysql> CREATE USER 'newuser' IDENTIFIED BY 'mypassword';
 Query OK, 1 row affected (0.02 sec)
 
 mysql> GRANT ALL ON test.* TO 'newuser';
@@ -68,10 +69,10 @@ mysql> SHOW GRANTS FOR 'newuser';
 +-------------------------------------+
 1 row in set (0.00 sec)
 
-mysql> DROP USER newuser;
+mysql> DROP USER 'newuser';
 Query OK, 0 rows affected (0.14 sec)
 
-mysql> SHOW GRANTS FOR newuser;
+mysql> SHOW GRANTS FOR 'newuser';
 ERROR 1141 (42000): There is no such grant defined for user 'newuser' on host '%'
 ```
 
diff --git a/sql-statements/sql-statement-set-password.md b/sql-statements/sql-statement-set-password.md
index 62539aae9fd71..b057c299c55c9 100644
--- a/sql-statements/sql-statement-set-password.md
+++ b/sql-statements/sql-statement-set-password.md
@@ -24,7 +24,7 @@ Query OK, 0 rows affected (0.01 sec)
 mysql> CREATE USER 'newuser' IDENTIFIED BY 'test';
 Query OK, 1 row affected (0.00 sec)
 
-mysql> SHOW CREATE USER newuser;
+mysql> SHOW CREATE USER 'newuser';
 +----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
 | CREATE USER for newuser@%                                                                                                                                            |
 +----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
@@ -35,7 +35,7 @@ mysql> SHOW CREATE USER newuser;
 mysql> SET PASSWORD FOR newuser = 'test';
 Query OK, 0 rows affected (0.01 sec)
 
-mysql> SHOW CREATE USER newuser;
+mysql> SHOW CREATE USER 'newuser';
 +----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
 | CREATE USER for newuser@%                                                                                                                                            |
 +----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
@@ -46,7 +46,7 @@ mysql> SHOW CREATE USER newuser;
 mysql> SET PASSWORD FOR newuser = PASSWORD('test'); -- deprecated syntax from earlier MySQL releases
 Query OK, 0 rows affected (0.00 sec)
 
-mysql> SHOW CREATE USER newuser;
+mysql> SHOW CREATE USER 'newuser';
 +----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
 | CREATE USER for newuser@%                                                                                                                                            |
 +----------------------------------------------------------------------------------------------------------------------------------------------------------------------+

From 01287f98d89882e5bf37cbddd3a620ec3208e486 Mon Sep 17 00:00:00 2001
From: imtbkcat <songlingyu@pingcap.com>
Date: Fri, 12 Jun 2020 16:52:19 +0800
Subject: [PATCH 02/11] fix lint

---
 sql-statements/sql-statement-create-user.md | 1 -
 1 file changed, 1 deletion(-)

diff --git a/sql-statements/sql-statement-create-user.md b/sql-statements/sql-statement-create-user.md
index ef16a1d94e01f..a51f44a04b608 100644
--- a/sql-statements/sql-statement-create-user.md
+++ b/sql-statements/sql-statement-create-user.md
@@ -53,7 +53,6 @@ Query OK, 1 row affected (0.02 sec)
 
 Create a user which enforce using TLS connection.
 
-
 ```sql
 CREATE USER 'newuser3'@'%' REQUIRE SSL IDENTIFIED BY 'newuserpassword';
 Query OK, 1 row affected (0.02 sec)

From 196307786cbfb4da215ef2ea170e17793f9bd761 Mon Sep 17 00:00:00 2001
From: Lingyu Song <songlingyu@pingcap.com>
Date: Tue, 16 Jun 2020 14:13:19 +0800
Subject: [PATCH 03/11] Update sql-statements/sql-statement-create-user.md

Co-authored-by: Keke Yi <40977455+yikeke@users.noreply.github.com>
---
 sql-statements/sql-statement-create-user.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sql-statements/sql-statement-create-user.md b/sql-statements/sql-statement-create-user.md
index a51f44a04b608..4088f0d489822 100644
--- a/sql-statements/sql-statement-create-user.md
+++ b/sql-statements/sql-statement-create-user.md
@@ -37,7 +37,7 @@ This statement creates a new user, specified with a password. In the MySQL privi
 
 ## Examples
 
-Create a user with password `newuserpassword`.
+Create a user with the `newuserpassword` password.
 
 ```sql
 mysql> CREATE USER 'newuser' IDENTIFIED BY 'newuserpassword';

From da86a51c9a9af6b63e4fc73006cbb92482eb828f Mon Sep 17 00:00:00 2001
From: Lingyu Song <songlingyu@pingcap.com>
Date: Tue, 16 Jun 2020 14:13:30 +0800
Subject: [PATCH 04/11] Update sql-statements/sql-statement-create-user.md

Co-authored-by: Keke Yi <40977455+yikeke@users.noreply.github.com>
---
 sql-statements/sql-statement-create-user.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sql-statements/sql-statement-create-user.md b/sql-statements/sql-statement-create-user.md
index 4088f0d489822..be3baeda73766 100644
--- a/sql-statements/sql-statement-create-user.md
+++ b/sql-statements/sql-statement-create-user.md
@@ -44,7 +44,7 @@ mysql> CREATE USER 'newuser' IDENTIFIED BY 'newuserpassword';
 Query OK, 1 row affected (0.04 sec)
 ```
 
-Create a user which could only be login at `192.168.1.1`.
+Create a user who can only log in to `192.168.1.1`.
 
 ```sql
 mysql> CREATE USER 'newuser2'@'192.168.1.1' IDENTIFIED BY 'newuserpassword';

From 35642e47b680f678dbe90244f340c3e1becf67fd Mon Sep 17 00:00:00 2001
From: Lingyu Song <songlingyu@pingcap.com>
Date: Tue, 16 Jun 2020 14:13:46 +0800
Subject: [PATCH 05/11] Update sql-statements/sql-statement-create-user.md

Co-authored-by: Keke Yi <40977455+yikeke@users.noreply.github.com>
---
 sql-statements/sql-statement-create-user.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sql-statements/sql-statement-create-user.md b/sql-statements/sql-statement-create-user.md
index be3baeda73766..a41afe251aa78 100644
--- a/sql-statements/sql-statement-create-user.md
+++ b/sql-statements/sql-statement-create-user.md
@@ -51,7 +51,7 @@ mysql> CREATE USER 'newuser2'@'192.168.1.1' IDENTIFIED BY 'newuserpassword';
 Query OK, 1 row affected (0.02 sec)
 ```
 
-Create a user which enforce using TLS connection.
+Create a user who is enforced to log in using TLS connection.
 
 ```sql
 CREATE USER 'newuser3'@'%' REQUIRE SSL IDENTIFIED BY 'newuserpassword';

From baa1e96cfef68e8d14970ee6eb061b8783e3b885 Mon Sep 17 00:00:00 2001
From: Lingyu Song <songlingyu@pingcap.com>
Date: Tue, 16 Jun 2020 14:13:55 +0800
Subject: [PATCH 06/11] Update sql-statements/sql-statement-create-user.md

Co-authored-by: Keke Yi <40977455+yikeke@users.noreply.github.com>
---
 sql-statements/sql-statement-create-user.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sql-statements/sql-statement-create-user.md b/sql-statements/sql-statement-create-user.md
index a41afe251aa78..64b9b48fdfc60 100644
--- a/sql-statements/sql-statement-create-user.md
+++ b/sql-statements/sql-statement-create-user.md
@@ -58,7 +58,7 @@ CREATE USER 'newuser3'@'%' REQUIRE SSL IDENTIFIED BY 'newuserpassword';
 Query OK, 1 row affected (0.02 sec)
 ``` 
 
-Create a user which require X.509 certificate at login.
+Create a user who is required to use X.509 certificate at login.
 
 ```sql
 CREATE USER 'newuser4'@'%' REQUIRE ISSUER '/C=US/ST=California/L=San Francisco/O=PingCAP' IDENTIFIED BY 'newuserpassword';

From 486ace58fa66abab11761a02efa85a02bf7ea6ce Mon Sep 17 00:00:00 2001
From: Lingyu Song <songlingyu@pingcap.com>
Date: Tue, 16 Jun 2020 14:14:07 +0800
Subject: [PATCH 07/11] Update sql-statements/sql-statement-create-user.md

Co-authored-by: Keke Yi <40977455+yikeke@users.noreply.github.com>
---
 sql-statements/sql-statement-create-user.md | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/sql-statements/sql-statement-create-user.md b/sql-statements/sql-statement-create-user.md
index 64b9b48fdfc60..5c0c6a15227a0 100644
--- a/sql-statements/sql-statement-create-user.md
+++ b/sql-statements/sql-statement-create-user.md
@@ -67,11 +67,12 @@ Query OK, 1 row affected (0.02 sec)
 
 ## MySQL compatibility
 
-* Several of the `CREATE` options are not yet supported by TiDB, and will be parsed but ignored.
-* TiDB don't support `WITH MAX_QUERIES_PER_HOUR`, `WITH MAX_UPDATES_PER_HOUR`, `WITH MAX_USER_CONNECTIONS` in `CREATE USER`.
-* TiDB don't support `DEFAULT ROLE` option.
-* TiDB don't support `PASSWORD EXPIRE`, `PASSWORD HISTORY` or other options related to password.
-* TiDB don't support  `ACCOUNT LOCK`, `ACCOUNT UNLOCK` option.
+The following `CREATE USER` options are not yet supported by TiDB, and will be parsed but ignored:
+
+* TiDB does not support `WITH MAX_QUERIES_PER_HOUR`, `WITH MAX_UPDATES_PER_HOUR`, and `WITH MAX_USER_CONNECTIONS` options.
+* TiDB does not support the `DEFAULT ROLE` option.
+* TiDB does not support `PASSWORD EXPIRE`, `PASSWORD HISTORY` or other options related to password.
+* TiDB does not support the `ACCOUNT LOCK` and `ACCOUNT UNLOCK` options.
 
 ## See also
 

From cbd09547783009079d30504b5431791162dd03ac Mon Sep 17 00:00:00 2001
From: Lingyu Song <songlingyu@pingcap.com>
Date: Tue, 16 Jun 2020 14:14:15 +0800
Subject: [PATCH 08/11] Update sql-statements/sql-statement-flush-privileges.md

Co-authored-by: Keke Yi <40977455+yikeke@users.noreply.github.com>
---
 sql-statements/sql-statement-flush-privileges.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sql-statements/sql-statement-flush-privileges.md b/sql-statements/sql-statement-flush-privileges.md
index 3d4d372ed430d..711835de0d4f0 100644
--- a/sql-statements/sql-statement-flush-privileges.md
+++ b/sql-statements/sql-statement-flush-privileges.md
@@ -8,7 +8,7 @@ aliases: ['/docs/dev/reference/sql/statements/flush-privileges/']
 # FLUSH PRIVILEGES
 
 This statement triggers TiDB to reload the in-memory copy of privileges from the privilege tables. You should execute `FLUSH PRIVILEGES` after making manual edits to tables such as `mysql.user`. Executing this statement is not required after using privilege statements such as `GRANT` or `REVOKE`.
-Executing this statement require `RELOAD` privilege.
+Executing this statement requires the `RELOAD` privilege.
 
 ## Synopsis
 

From cd3ee175fbff2becbbd163f34ac3d60f366b180d Mon Sep 17 00:00:00 2001
From: Lingyu Song <songlingyu@pingcap.com>
Date: Tue, 16 Jun 2020 14:14:24 +0800
Subject: [PATCH 09/11] Update
 sql-statements/sql-statement-revoke-privileges.md

Co-authored-by: Keke Yi <40977455+yikeke@users.noreply.github.com>
---
 sql-statements/sql-statement-revoke-privileges.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sql-statements/sql-statement-revoke-privileges.md b/sql-statements/sql-statement-revoke-privileges.md
index 5084c4c95b6e1..b6581e13863d7 100644
--- a/sql-statements/sql-statement-revoke-privileges.md
+++ b/sql-statements/sql-statement-revoke-privileges.md
@@ -8,7 +8,7 @@ aliases: ['/docs/dev/reference/sql/statements/revoke-privileges/']
 # `REVOKE <privileges>`
 
 This statement removes privileges from an existing user.
-Executing this statement require `GRANT OPTION` privilege and all peivileges you want to revok.
+Executing this statement requires the `GRANT OPTION` privilege and all privileges you revoke.
 
 ## Synopsis
 

From fb454d1b27fd2fa429965ded842772934ee90e72 Mon Sep 17 00:00:00 2001
From: Lingyu Song <songlingyu@pingcap.com>
Date: Tue, 16 Jun 2020 14:14:32 +0800
Subject: [PATCH 10/11] Update sql-statements/sql-statement-drop-user.md

Co-authored-by: Keke Yi <40977455+yikeke@users.noreply.github.com>
---
 sql-statements/sql-statement-drop-user.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sql-statements/sql-statement-drop-user.md b/sql-statements/sql-statement-drop-user.md
index 864be568edda0..74f754c719c84 100644
--- a/sql-statements/sql-statement-drop-user.md
+++ b/sql-statements/sql-statement-drop-user.md
@@ -8,7 +8,7 @@ aliases: ['/docs/dev/reference/sql/statements/drop-user/']
 # DROP USER
 
 This statement removes a user from the TiDB system database. The optional keyword `IF EXISTS` can be used to silence an error if the user does not exist.
-This statement require `CREATE USER` privilege.
+This statement requires the `CREATE USER` privilege.
 
 ## Synopsis
 

From d51a54961a5d7f26238c481f6ec63ba3d76b6004 Mon Sep 17 00:00:00 2001
From: Lingyu Song <songlingyu@pingcap.com>
Date: Tue, 16 Jun 2020 14:14:50 +0800
Subject: [PATCH 11/11] Update sql-statements/sql-statement-grant-privileges.md

Co-authored-by: Keke Yi <40977455+yikeke@users.noreply.github.com>
---
 sql-statements/sql-statement-grant-privileges.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sql-statements/sql-statement-grant-privileges.md b/sql-statements/sql-statement-grant-privileges.md
index ce0259b543749..f141e082f558a 100644
--- a/sql-statements/sql-statement-grant-privileges.md
+++ b/sql-statements/sql-statement-grant-privileges.md
@@ -8,7 +8,7 @@ aliases: ['/docs/dev/reference/sql/statements/grant-privileges/']
 # `GRANT <privileges>`
 
 This statement allocates privileges to a pre-existing user in TiDB. The privilege system in TiDB follows MySQL, where credentials are assigned based on a database/table pattern.
-Executing this statement require `GRANT OPTION` privilege and all peivileges you want to allocate.
+Executing this statement requires the `GRANT OPTION` privilege and all privileges you allocate.
 
 ## Synopsis