set session_states may walk around the privilege check to set resource group

## Bug Report

Please answer these questions before submitting your issue. Thanks!

### 1. Minimal reproduce step (Required)



```sql
connection default;
CREATE USER no_resource_group;
CREATE RESOURCE GROUP test RU_PER_SEC = 666;
GRANT RESOURCE_GROUP_USER ON *.* TO resource_group_user;

connect (no_resource_group,localhost,no_resource_group,,);
SET SESSION_STATES "{'rs-group':'test'}";
SELECT CURRENT_RESOURCE_GROUP();
```

### 2. What did you expect to see? (Required)

```sql
SELECT CURRENT_RESOURCE_GROUP();
default
```

### 3. What did you see instead (Required)

```sql
SELECT CURRENT_RESOURCE_GROUP();
test
```

### 4. What is your TiDB version? (Required)



master

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

set session_states may walk around the privilege check to set resource group #59600

Bug Report

1. Minimal reproduce step (Required)

2. What did you expect to see? (Required)

3. What did you see instead (Required)

4. What is your TiDB version? (Required)

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

set session_states may walk around the privilege check to set resource group #59600

Description

Bug Report

1. Minimal reproduce step (Required)

2. What did you expect to see? (Required)

3. What did you see instead (Required)

4. What is your TiDB version? (Required)

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions