KILL USER and missing privilegespreview-11.0-preview

note that `KILL USER foo` should *not* fail with ER_KILL_DENIED_ERROR
when SHOW PROCESSLIST doesn't show connections of that user.
Because no connections exist or because the caller has no PROCESS -
doesn't matter.

also, fix the error message to make sense
("You are not owner of thread <current connection id>" is ridiculous)

3 files changed, 65 insertions, 2 deletions

diff --git a/mysql-test/main/kill-2.result b/mysql-test/main/kill-2.result
index daaba2c092a..5423cce17e2 100644
--- a/mysql-test/main/kill-2.result
+++ b/mysql-test/main/kill-2.result
@@ -10,3 +10,34 @@ foo
 root
 kill user foo@'127.0.0.1';
 drop user foo@'127.0.0.1';
+#
+# KILL USER and missing privileges
+#
+create user a@localhost;
+create user b@localhost;
+grant process on *.* to a@localhost;
+grant select on *.* to b@localhost;
+connect a,localhost,a;
+show grants;
+Grants for a@localhost
+GRANT PROCESS ON *.* TO `a`@`localhost`
+connect b,localhost,b;
+show processlist;
+Id	User	Host	db	Command	Time	State	Info	Progress
+#	b	localhost	test	#	#	starting	show processlist	#
+kill user a;
+kill user x;
+connection a;
+show processlist;
+Id	User	Host	db	Command	Time	State	Info	Progress
+#	root	localhost	test	#	#	#	#	#
+#	a	localhost	NULL	#	#	#	#	#
+#	b	localhost	test	#	#	#	#	#
+kill user b;
+ERROR HY000: Operation KILL USER failed for b@%
+connection default;
+drop user a@localhost;
+drop user b@localhost;
+#
+# End of 10.3 tests
+#
diff --git a/mysql-test/main/kill-2.test b/mysql-test/main/kill-2.test
index 6d40e14a700..a7642b71c3d 100644
--- a/mysql-test/main/kill-2.test
+++ b/mysql-test/main/kill-2.test
@@ -27,3 +27,30 @@ let $wait_condition=
 --source include/wait_condition.inc
 drop user foo@'127.0.0.1';
 --enable_service_connection
+
+--echo #
+--echo # KILL USER and missing privileges
+--echo #
+create user a@localhost;
+create user b@localhost;
+grant process on *.* to a@localhost;
+grant select on *.* to b@localhost;
+--connect a,localhost,a
+show grants;
+--connect b,localhost,b
+--replace_column 1 # 5 # 6 # 9 #
+show processlist;
+kill user a; # existing connection, but not visible to current_user
+kill user x; # not existing connection
+--connection a
+--replace_column 1 # 5 # 6 # 7 # 8 # 9 #
+show processlist;
+--error ER_KILL_DENIED_ERROR
+kill user b;
+--connection default
+drop user a@localhost;
+drop user b@localhost;
+
+--echo #
+--echo # End of 10.3 tests
+--echo #
diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc
index cc476dd8232..8d661d1c2af 100644
--- a/sql/sql_parse.cc
+++ b/sql/sql_parse.cc
@@ -9279,7 +9279,9 @@ static my_bool kill_threads_callback(THD *thd, kill_threads_callback_arg *arg)
       if (!(arg->thd->security_ctx->master_access &
             PRIV_KILL_OTHER_USER_PROCESS) &&
           !arg->thd->security_ctx->user_matches(thd->security_ctx))
-        return 1;
+      {
+        return MY_TEST(arg->thd->security_ctx->master_access & PROCESS_ACL);
+      }
       if (!arg->threads_to_kill.push_back(thd, arg->thd->mem_root))
       {
         mysql_mutex_lock(&thd->LOCK_thd_kill); // Lock from delete
@@ -9399,7 +9401,10 @@ sql_kill_user(THD *thd, LEX_USER *user, killed_state state)
     my_ok(thd, rows);
     break;
   case ER_KILL_DENIED_ERROR:
-    my_error(error, MYF(0), (long long) thd->thread_id);
+    char buf[DEFINER_LENGTH+1];
+    strxnmov(buf, sizeof(buf), user->user.str, "@", user->host.str, NULL);
+    my_printf_error(ER_KILL_DENIED_ERROR, ER_THD(thd, ER_CANNOT_USER), MYF(0),
+                    "KILL USER", buf);
     break;
   case ER_OUT_OF_RESOURCES:
   default: