From 45cc6e9bb1ae08032f8948e0602864b4923d556d Mon Sep 17 00:00:00 2001
From: Gayathri Vijayan <66356931+grvijayan@users.noreply.github.com>
Date: Tue, 12 Aug 2025 17:17:39 +0200
Subject: [PATCH] fix: use correct the userID column name in permissions v2
 check (#10467)

# Which Problems Are Solved

When `Permission Check V2` is enabled, calls to the `ListPasskeys` and
`ListAuthenticationFactors` APIs fail with the following error:
```
ERROR:  missing FROM-clause entry for table "users14"
```

# How the Problems Are Solved
By using the right UserID column
(`projections.user_auth_methods5.user_id`) in the permission clause in
the `userAuthMethod` query

# Additional Changes
N/A

# Additional Context
- Closes #10386
---
 internal/query/user_auth_method.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/internal/query/user_auth_method.go b/internal/query/user_auth_method.go
index fce34967cf..b7635e9ff6 100644
--- a/internal/query/user_auth_method.go
+++ b/internal/query/user_auth_method.go
@@ -112,7 +112,7 @@ func userAuthMethodPermissionCheckV2(ctx context.Context, query sq.SelectBuilder
 		ctx,
 		UserAuthMethodColumnResourceOwner,
 		domain.PermissionUserRead,
-		OwnedRowsPermissionOption(UserIDCol),
+		OwnedRowsPermissionOption(UserAuthMethodColumnUserID),
 	)
 	return query.JoinClause(join, args...)
 }