DAB returns 500 on failed authorization

[Mathos1432]

Sending a request that should result in a 401/403 ends up with a 500 + a message that says that the user is unauthorized.

Config:

{
  "$schema": "../schemas/hawaii.draft-01.schema.json",
  "data-source": {
    "connection-string": "AccountEndpoint=https://hawaii-demo.documents.azure.com:443/;<INSERT ACCOUNT KEY>",
    "database-type": "cosmosdb_nosql",
    "options": {
      "database": "mydb",
      "container": "joslin2",
      "schema": "schema.gql"
    }
  },
  "runtime": {
    "rest": {
      "enabled": false
    },
    "graphql": {
      "enabled": true,
      "path": "/graphql",
      "allow-introspection": true
    },
    "host": {
      "mode": "development",
      "cors": {
        "origins": [
          "http://localhost:5000"
        ],
        "allow-credentials": false
      },
      "authentication": {
        "provider": "StaticWebApps"
      }
    }
  },
  "entities": {
    "Player": {
      "source": "mydb.joslin2",
      "rest": false,
      "graphql": true,
      "permissions": [
        {
          "role": "anonymous",
          "actions": [
          ]
        },
        {
          "role": "authenticated",
          "actions": [
            "read"
          ]
        },
        {
          "role": "contributor",
          "actions": [
            "create",
            "read",
            "update",
            "delete"
          ]
        }
      ]
    }
  }
}

Schema:

type Player @model {
    id : ID,
    name : String,
    played: Int,
    winPercent: Float,
    currentStreak: Int,
    maxStreak: Int
}

[seantleonard]

@sourabh1007 based on your recent authZ enhancements, curious whether this is still the observed behavior. Can you check since this was opened against CosmosDB?