From 1488615ce2be57edae5f905f828e2d52f3238a83 Mon Sep 17 00:00:00 2001
From: Morgan Tocker <tocker@gmail.com>
Date: Wed, 26 Dec 2018 13:43:06 -0700
Subject: [PATCH 1/4] planner, privilege: check user priv on SET GLOBAL

---
 planner/core/planbuilder.go             |  3 +++
 privilege/privileges/privileges_test.go | 17 +++++++++++++++++
 2 files changed, 20 insertions(+)

diff --git a/planner/core/planbuilder.go b/planner/core/planbuilder.go
index 5868bc304b9db..0e2571a2b8971 100644
--- a/planner/core/planbuilder.go
+++ b/planner/core/planbuilder.go
@@ -245,6 +245,9 @@ func (b *PlanBuilder) buildDo(v *ast.DoStmt) (Plan, error) {
 func (b *PlanBuilder) buildSet(v *ast.SetStmt) (Plan, error) {
 	p := &Set{}
 	for _, vars := range v.Variables {
+		if vars.IsGlobal {
+			b.visitInfo = appendVisitInfo(b.visitInfo, mysql.SuperPriv, "", "", "")
+		}
 		assign := &expression.VarAssignment{
 			Name:     vars.Name,
 			IsGlobal: vars.IsGlobal,
diff --git a/privilege/privileges/privileges_test.go b/privilege/privileges/privileges_test.go
index 3dec73867a627..e4032710fda41 100644
--- a/privilege/privileges/privileges_test.go
+++ b/privilege/privileges/privileges_test.go
@@ -349,6 +349,23 @@ func (s *testPrivilegeSuite) TestUseDb(c *C) {
 
 }
 
+func (s *testPrivilegeSuite) TestSetGlobal(c *C) {
+
+	se := newSession(c, s.store, s.dbName)
+	mustExec(c, se, `CREATE USER setglobal_a@localhost`)
+	mustExec(c, se, `CREATE USER setglobal_b@localhost`)
+	mustExec(c, se, `GRANT SUPER ON *.* to setglobal_a@localhost`)
+	mustExec(c, se, `FLUSH PRIVILEGES`)
+
+	c.Assert(se.Auth(&auth.UserIdentity{Username: "setglobal_a", Hostname: "localhost"}, nil, nil), IsTrue)
+	mustExec(c, se, `set global innodb_commit_concurrency=16`)
+
+	c.Assert(se.Auth(&auth.UserIdentity{Username: "setglobal_b", Hostname: "localhost"}, nil, nil), IsTrue)
+	_, err := se.Execute(context.Background(), `set global innodb_commit_concurrency=16`)
+	c.Assert(strings.Contains(err.Error(), "privilege check fail"), IsTrue)
+
+}
+
 func (s *testPrivilegeSuite) TestInformationSchema(c *C) {
 
 	// This test tests no privilege check for INFORMATION_SCHEMA database.

From 9db54394a211e4920a57e258b0f3487ff53d079f Mon Sep 17 00:00:00 2001
From: Morgan Tocker <tocker@gmail.com>
Date: Thu, 27 Dec 2018 21:02:07 -0700
Subject: [PATCH 2/4] fix bad merge

---
 privilege/privileges/privileges_test.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/privilege/privileges/privileges_test.go b/privilege/privileges/privileges_test.go
index 250ab90e44226..8879db4459c70 100644
--- a/privilege/privileges/privileges_test.go
+++ b/privilege/privileges/privileges_test.go
@@ -363,6 +363,7 @@ func (s *testPrivilegeSuite) TestSetGlobal(c *C) {
 	c.Assert(se.Auth(&auth.UserIdentity{Username: "setglobal_b", Hostname: "localhost"}, nil, nil), IsTrue)
 	_, err := se.Execute(context.Background(), `set global innodb_commit_concurrency=16`)
 	c.Assert(strings.Contains(err.Error(), "privilege check fail"), IsTrue)
+}
 
 func (s *testPrivilegeSuite) TestAnalyzeTable(c *C) {
 

From 97b797894524342eccb04e99f8bc939698853980 Mon Sep 17 00:00:00 2001
From: Morgan Tocker <tocker@gmail.com>
Date: Fri, 28 Dec 2018 06:49:50 -0700
Subject: [PATCH 3/4] Removed blank line

---
 privilege/privileges/privileges_test.go | 1 -
 1 file changed, 1 deletion(-)

diff --git a/privilege/privileges/privileges_test.go b/privilege/privileges/privileges_test.go
index 8879db4459c70..3beaaef124b17 100644
--- a/privilege/privileges/privileges_test.go
+++ b/privilege/privileges/privileges_test.go
@@ -350,7 +350,6 @@ func (s *testPrivilegeSuite) TestUseDb(c *C) {
 }
 
 func (s *testPrivilegeSuite) TestSetGlobal(c *C) {
-
 	se := newSession(c, s.store, s.dbName)
 	mustExec(c, se, `CREATE USER setglobal_a@localhost`)
 	mustExec(c, se, `CREATE USER setglobal_b@localhost`)

From e5bf2919937a7e1148c0a064e44868023f4a4382 Mon Sep 17 00:00:00 2001
From: Morgan Tocker <tocker@gmail.com>
Date: Fri, 4 Jan 2019 06:32:09 -0700
Subject: [PATCH 4/4] fix error introducted from master

---
 planner/core/planbuilder.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/planner/core/planbuilder.go b/planner/core/planbuilder.go
index 82237a2890c85..ee723274ff50d 100644
--- a/planner/core/planbuilder.go
+++ b/planner/core/planbuilder.go
@@ -249,7 +249,7 @@ func (b *PlanBuilder) buildSet(v *ast.SetStmt) (Plan, error) {
 	p := &Set{}
 	for _, vars := range v.Variables {
 		if vars.IsGlobal {
-			b.visitInfo = appendVisitInfo(b.visitInfo, mysql.SuperPriv, "", "", "")
+			b.visitInfo = appendVisitInfo(b.visitInfo, mysql.SuperPriv, "", "", "", nil)
 		}
 		assign := &expression.VarAssignment{
 			Name:     vars.Name,