We use an extension in
… /extensions/users-permissions/config/policies/permissions.js where we check user permissions.
If we don’t have the right permissions/roles i throw an error via
throw strapi.errorstype;
if an error is thrown for a non-graphql request in strapi i get the correct statusCode in the response
(e.g 403 for “not authorized”)
For a graphQL request the error message appears in the response body, but the response status code is always 200. Is there a way to change the status code for graphql requests from an permission extension?