Address review comments

Author: darrellwarde

modules/ROOT/pages/security/authorization.adoc

@@ -244,9 +244,7 @@ type Post @authorization(filter: [
 In each ruleset (`filter` and `validate`), rules are joined with an `OR`.
 The two rulesets are joined with an `AND`.
 
-For example: `(filterRule1 OR filterRule2) AND (validateRule1 OR validateRule2)`.
-
-If ever there are two rules which you would like to be combined with an `AND`, these should be combined into a single rule. Take for instance the following example:
+For example, the following would allow for the update of a `User` node if the JWT roles claim includes `admin` _or_ if the `locked` property on the node is `false`:
 
 [source, graphql, indent=0]
 ----

modules/ROOT/pages/security/subscriptions-authorization.adoc

@@ -3,7 +3,8 @@
 = Subscriptions authorization
 
 Subscriptions require their own authorization rules, which are configured with the `@subscriptionsAuthorization` directive.
-These rules are different to authorization rules for queries and mutations because they use filtering rules available for subscriptions events. These filtering rules can only be used to filter against the properties of the nodes impacted by the events - they cannot be used to arbitarily filter across related nodes as in the schema generated by the Neo4j GraphQL Library normally.
+These rules are different to authorization rules for queries and mutations because they use filtering rules available for subscriptions events. 
+These filtering rules can only be used to filter against the properties of the nodes impacted by the events.
 
 All subscriptions authorization rules have an implied requirement for authentication, given that the rules are normally evaluated against values in the JWT payload.