docs: switch role in worksheet (#1030)

* updated

* Update 02-user-show-users.md

* Update 01-members.md

---------

Co-authored-by: Quan <[email protected]>

Author: soyeric128

docs/en/guides/20-cloud/10-using-databend-cloud/01-worksheet.md

@@ -1,26 +1,23 @@
 ---
 title: Work with Worksheets
 ---
+import DbSVG from '@site/static/img/icon/database.svg'
+import RoleSVG from '@site/static/img/icon/role.svg'
+import WarehouseSVG from '@site/static/img/icon/warehouse.svg'
 
 The worksheet is an important tool in Databend Cloud used for organizing and managing SQL statements. You can edit and run SQL statements in a worksheet, as well as save them in the worksheet for future reference and use. This can greatly improve work efficiency and avoid repetitive coding.
 
-To open a new worksheet, click on **Worksheets** in the sidebar and select **New Worksheet**.
-
-![Alt text](@site/static/img/documents/worksheet/worksheet.png)
-
-The worksheet interface is divided into the following parts:
-
-- Sidebar (left side): Shows existing databases and tables, making it easy to copy table and column names to the editor. It also allows data preview and facilitates pipeline creation.
-- Editor (upper right): The area where you edit SQL statements.
-- Output area (lower right): Displays query results.
+To create a new worksheet, click on **Worksheets** in the sidebar and select **New Worksheet**.
 
 ## Editing and Running SQL Statements
 
 To edit and run an SQL statement:
 
-1. Click on the database button above the SQL input area and select the database you want to query.
-2. Edit the SQL statement in the editor.
-3. Choose a warehouse: click the button to the right of **Run Script** and select a warehouse from the list.
+1. Click on the database icon <DbSVG/> above the SQL editor and select the database you want to query.
+2. Click on the user icon <RoleSVG/> above the SQL editor and choose a role to use. The dropdown list will display all the roles you have been granted, along with any child roles under your roles in the hierarchy. For more information about the role hierarchy, see [Inheriting Roles & Establishing Hierarchy](/guides/security/access-control/roles#inheriting-roles--establishing-hierarchy).
+
+3. Edit the SQL statement in the SQL editor.
+4. Click on the warehouse icon <WarehouseSVG/> under the SQL editor and select a warehouse from the list.
 4. Click **Run Script**.
 
 The query result shows in the output area. You can click **Export** to save the whole result to a CSV file, or select one or multiple cells in the output area and press Command + C (on Mac) or Ctrl + C (on Windows) to copy them to your clipboard.

docs/en/guides/20-cloud/20-manage/01-members.md

@@ -2,29 +2,20 @@
 title: Members
 ---
 
-## User Roles
+To view all the members in your organization, go to **Manage** > **Members**. This page provides a list of all members, including their email addresses, roles, join times, and last active times. If you're an `account_admin`, you can also change a member's role or remove a member from your organization.
 
-In Databend Cloud, user management is facilitated through roles. An organization within Databend Cloud is equipped with default roles, each serving distinct purposes:
+- The roles listed show the roles assigned to users when they were invited. While these roles can be changed on the page, they cannot be revoked using SQL. However, you can grant additional roles or privileges to users based on their email addresses. These user accounts, identified by their email addresses, can also function as SQL users in Databend Cloud. Example:
 
-- account_admin: Positioned at the apex of the role hierarchy, this role embodies the highest level of authority within an organization. It is intended for users who undertake the responsibilities of database administrators.
+    ```sql
+    GRANT ROLE writer to '[email protected]';
+    GRANT SELECT ON *.* TO '[email protected]';
+    ```
 
-- public: This role encompasses all users within the organization, providing a baseline level of access and permissions.
-
-Furthermore, Databend Cloud offers the capability to craft custom roles using SQL commands for a more nuanced and tailored user management approach. This empowers you with the flexibility to establish roles that align with specific requirements. For instance, roles can be devised to correspond to users' positions, thus establishing a hierarchical role structure for your organization:
-
-![Alt text](@site/static/img/documents/org-and-users/role.png)
-
-When inviting a new user, it's necessary to assign a role to them. You can also manage roles for all users in your organization through the **Manage** > **Members** page or by using SQL commands.
-
-:::note
-- The default roles within an organization are not editable or removable.
-
-- Only users assigned to the *account_admin* role can create roles and manage user roles for their organization.
-:::
+- The page does not display users created using SQL. To view the SQL users that have been created, use the [SHOW USERS](/sql/sql-commands/ddl/user/user-show-users) command.
 
 ## Inviting New Members
 
-In Databend Cloud, you can invite new members using their email addresses to join your organization. To do this, navigate to the **Manage** > **Members** page and click on **Invite New Member**. In the dialog box that appears, enter the user's email address and select a role from the list. This list includes both default roles and any custom roles created for your organization.
+To invite a new member to your organization, navigate to the **Manage** > **Members** page and click on **Invite New Member**. In the dialog box that appears, enter the user's email address and select a role from the list. This list includes built-in roles and any created roles created for your organization. For more information about the roles, see [Roles](/guides/security/access-control/roles).
 
 An invitation email will be sent to the invited user. Inside the email, there will be a link that the user can click on to initiate the signup process.
 

docs/en/guides/56-security/access-control/02-roles.md

@@ -14,7 +14,7 @@ If `enable_experimental_rbac_check` is not manually set to `1`, UDFs and stages
 
 ## Inheriting Roles & Establishing Hierarchy
 
-Databend roles introduce a potent mechanism through role granting, enabling one role to inherit permissions and responsibilities from another. This contributes to the creation of a flexible hierarchy, similar to the organizational structure, where two [Built-in Roles](#built-in-roles) exist: the highest being `account-admin` and the lowest being `public`.
+Role granting enables one role to inherit permissions and responsibilities from another. This contributes to the creation of a flexible hierarchy, similar to the organizational structure, where two [Built-in Roles](#built-in-roles) exist: the highest being `account-admin` and the lowest being `public`.
 
 Consider the scenario where three roles are created: *manager*, *engineer*, and *intern*. In this example, the role of *intern* is granted to the engineer *role*. Consequently, the *engineer* not only possesses their own set of privileges but also inherits those associated with the *intern* role. Extending this hierarchy further, if the *engineer* role is granted to the *manager*, the *manager* now acquires both the inherent privileges of the *engineer* and the *intern* roles.
 

docs/en/sql-reference/10-sql-commands/00-ddl/02-user/02-user-show-users.md

@@ -3,7 +3,7 @@ title: SHOW USERS
 sidebar_position: 3
 ---
 
-Lists all the users in the system.
+Lists all SQL users in the system. If you're using Databend Cloud, this command also shows the user accounts (email addresses) within your organization that are used to log in to Databend Cloud.
 
 ## Syntax
 
@@ -14,13 +14,14 @@ SHOW USERS
 ## Examples
 
 ```sql
+CREATE USER eric IDENTIFIED BY 'abc123';
+
 SHOW USERS;
 
-┌─────────────────────────────────────────────────────────────────────────────────────┐
-│  name  │ hostname │       auth_type      │ is_configured │  default_role │ disabled │
-├────────┼──────────┼──────────────────────┼───────────────┼───────────────┼──────────┤
-│ root   │ %        │ no_password          │ YES           │ account_admin │ false    │
-│ u1     │ %        │ double_sha1_password │ NO            │               │ true     │
-│ u2     │ %        │ double_sha1_password │ NO            │               │ false    │
-└─────────────────────────────────────────────────────────────────────────────────────┘
+┌─────────────────────────────────────────────────────────────────────────────────────────────────────┐
+│  name  │ hostname │       auth_type      │ is_configured │  default_role │     roles     │ disabled │
+├────────┼──────────┼──────────────────────┼───────────────┼───────────────┼───────────────┼──────────┤
+│ eric   │ %        │ double_sha1_password │ NO            │               │               │ false    │
+│ root   │ %        │ no_password          │ YES           │ account_admin │ account_admin │ false    │
+└─────────────────────────────────────────────────────────────────────────────────────────────────────┘
 ```