diff --git a/R/privileges.R b/R/privileges.R
index b55870a..169c11a 100644
--- a/R/privileges.R
+++ b/R/privileges.R
@@ -11,7 +11,13 @@
 #' if (!dbExistsTable(con, "passwd")) {
 #'    setup_example_table(con, "passwd")
 #' }
+#' 
+#' if (!rls_role_exists(con, "jane")) {
+#'   dbExecute(con, "CREATE ROLE jane")
+#' }
 #'
+#' # NOTE: privileges construction doesn't make a change in the database
+#' # unless you pass it to `rls_perform` or set `auto_pipe(TRUE)`
 #' rls_tbl(con, "passwd") %>%
 #'   grant(update) %>%
 #'   to(jane)
@@ -24,7 +30,16 @@
 #'   grant(update, select, cols = c("real_name", "home_phone")) %>%
 #'   to(jane)
 #' 
+#' # Execute a privilege and inspect the change to jane's details in the DB
+#' rls_tbl(con, "passwd") %>%
+#'   grant(update, delete) %>%
+#'   to(jane) %>% 
+#'   rls_perform()
+#' rls_column_privileges(con, "passwd", "jane")
+#' 
 #' # cleanup
+#' dbExecute(con, "DROP OWNED BY jane")
+#' dbExecute(con, "DROP ROLE jane")
 #' dbDisconnect(con)
 grant <- function(.data, ..., cols = NULL) {
   pipe_autoexec(toggle = rls_env$auto_pipe)
@@ -50,16 +65,31 @@ grant <- function(.data, ..., cols = NULL) {
 #' if (!dbExistsTable(con, "passwd")) {
 #'    setup_example_table(con, "passwd")
 #' }
+#' 
+#' if (!rls_role_exists(con, "jill")) {
+#'   dbExecute(con, "CREATE ROLE jill")
+#' }
+#' 
+#' # NOTE: privileges construction doesn't make a change in the database
+#' # unless you pass it to `rls_perform` or set `auto_pipe(TRUE)`
+#' 
+#' # Grant first
+#' rls_tbl(con, "passwd") %>%
+#'   grant(update) %>%
+#'   from(jill)
 #'
+#' # Then revoke
 #' rls_tbl(con, "passwd") %>%
 #'   revoke(update) %>%
-#'   from(jane)
+#'   from(jill)
 #'
+#' # Revoke on certain columns
 #' rls_tbl(con, "passwd") %>%
 #'   revoke(update, cols = c("real_name", "home_phone")) %>%
-#'   from(jane)
+#'   from(jill)
 #' 
 #' # cleanup
+#' dbExecute(con, "DROP ROLE jill")
 #' dbDisconnect(con)
 revoke <- function(.data, ..., cols = NULL) {
   pipe_autoexec(toggle = rls_env$auto_pipe)
diff --git a/man/grant.Rd b/man/grant.Rd
index 0220d30..3a6994b 100644
--- a/man/grant.Rd
+++ b/man/grant.Rd
@@ -25,6 +25,12 @@ if (!dbExistsTable(con, "passwd")) {
    setup_example_table(con, "passwd")
 }
 
+if (!rls_role_exists(con, "jane")) {
+  dbExecute(con, "CREATE ROLE jane")
+}
+
+# NOTE: privileges construction doesn't make a change in the database
+# unless you pass it to `rls_perform` or set `auto_pipe(TRUE)`
 rls_tbl(con, "passwd") \%>\%
   grant(update) \%>\%
   to(jane)
@@ -37,7 +43,16 @@ rls_tbl(con, "passwd") \%>\%
   grant(update, select, cols = c("real_name", "home_phone")) \%>\%
   to(jane)
 
+# Execute a privilege and inspect the change to jane's details in the DB
+rls_tbl(con, "passwd") \%>\%
+  grant(update, delete) \%>\%
+  to(jane) \%>\% 
+  rls_perform()
+rls_column_privileges(con, "passwd", "jane")
+
 # cleanup
+dbExecute(con, "DROP OWNED BY jane")
+dbExecute(con, "DROP ROLE jane")
 dbDisconnect(con)
 \dontshow{\}) # examplesIf}
 }
diff --git a/man/revoke.Rd b/man/revoke.Rd
index c233473..0161aca 100644
--- a/man/revoke.Rd
+++ b/man/revoke.Rd
@@ -25,15 +25,30 @@ if (!dbExistsTable(con, "passwd")) {
    setup_example_table(con, "passwd")
 }
 
+if (!rls_role_exists(con, "jill")) {
+  dbExecute(con, "CREATE ROLE jill")
+}
+
+# NOTE: privileges construction doesn't make a change in the database
+# unless you pass it to `rls_perform` or set `auto_pipe(TRUE)`
+
+# Grant first
+rls_tbl(con, "passwd") \%>\%
+  grant(update) \%>\%
+  from(jill)
+
+# Then revoke
 rls_tbl(con, "passwd") \%>\%
   revoke(update) \%>\%
-  from(jane)
+  from(jill)
 
+# Revoke on certain columns
 rls_tbl(con, "passwd") \%>\%
   revoke(update, cols = c("real_name", "home_phone")) \%>\%
-  from(jane)
+  from(jill)
 
 # cleanup
+dbExecute(con, "DROP ROLE jill")
 dbDisconnect(con)
 \dontshow{\}) # examplesIf}
 }