fix(policy): bypass read-policy hooks on internal pre-load queries for dialects without RETURNING

On dialects lacking RETURNING support (e.g. MySQL), the ORM pre-loads
entity ID fields before an UPDATE to identify the row for re-reading.
This pre-load ran through onKyselyQuery plugin hooks, causing a
read-policy denial to surface as "Record not found" before the UPDATE
executed — masking the correct error code.

Introduce internalQueryContextStorage (AsyncLocalStorage) to mark these
internal pre-load queries; ZenStackQueryExecutor now skips all
onKyselyQuery hooks when the flag is set.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

Author: Azzerty23

packages/orm/src/client/crud/operations/base.ts

@@ -51,6 +51,7 @@ import {
 } from '../../query-utils';
 import { getCrudDialect } from '../dialects';
 import type { BaseCrudDialect } from '../dialects/base-dialect';
+import { internalQueryContextStorage } from '../../executor/internal-context';
 import { InputValidator } from '../validator';
 
 /**
@@ -1211,18 +1212,24 @@ export abstract class BaseOperationHandler<Schema extends SchemaDef> {
             return loadThisEntity();
         }
 
-        if (
+        if (modelDef.baseModel) {
             // when updating a model with delegate base, base fields may be referenced in the filter,
-            // so we read the id out if the filter and and use it as the update filter instead
-            modelDef.baseModel ||
-            // for dialects that don't support RETURNING, we need to read the id fields
-            // to identify the updated entity for toplevel updates
-            (!this.dialect.supportsReturning && !fromRelation)
-        ) {
-            // update the filter to db-loaded id fields
+            // so we read the id out of the filter and use it as the update filter instead
             combinedWhere = await loadThisEntity();
             if (!combinedWhere) {
-                // not found
+                return null;
+            }
+        } else if (!this.dialect.supportsReturning && !fromRelation) {
+            // For dialects without RETURNING (e.g. MySQL) we must pre-load the entity's id fields
+            // so we can re-read the row after the UPDATE. This pre-load is internal bookkeeping —
+            // not a user-visible read — so it must bypass onKyselyQuery plugin hooks. Without the
+            // bypass, a read-policy denial would surface as "Record not found" here before the
+            // UPDATE runs, preventing the policy plugin from emitting the correct error code.
+            combinedWhere = await internalQueryContextStorage.run(
+                { bypassOnKyselyHooks: true },
+                () => loadThisEntity(),
+            );
+            if (!combinedWhere) {
                 return null;
             }
         }

packages/orm/src/client/executor/internal-context.ts

@@ -0,0 +1,11 @@
+import { AsyncLocalStorage } from 'node:async_hooks';
+
+type InternalQueryContext = {
+    /**
+     * When true, `ZenStackQueryExecutor` skips all `onKyselyQuery` plugin hooks.
+     * Used for internal pre-load queries that must not be filtered by access policies.
+     */
+    bypassOnKyselyHooks?: boolean;
+};
+
+export const internalQueryContextStorage = new AsyncLocalStorage<InternalQueryContext>();

packages/orm/src/client/executor/zenstack-query-executor.ts

@@ -38,6 +38,7 @@ import type { BaseCrudDialect } from '../crud/dialects/base-dialect';
 import { createDBQueryError, createInternalError, ORMError } from '../errors';
 import type { AfterEntityMutationCallback, OnKyselyQueryCallback } from '../plugin';
 import { requireIdFields, stripAlias } from '../query-utils';
+import { internalQueryContextStorage } from './internal-context';
 import { QueryNameMapper } from './name-mapper';
 import { TempAliasTransformer } from './temp-alias-transformer';
 import type { ZenStackDriver } from './zenstack-driver';
@@ -197,6 +198,13 @@ export class ZenStackQueryExecutor extends DefaultQueryExecutor {
     ) {
         let proceed = (q: RootOperationNode) => this.proceedQuery(connection, q, parameters, queryId);
 
+        // Internal pre-load queries (e.g. entity-ID fetch before an UPDATE on dialects without
+        // RETURNING) must not be filtered by access-policy plugins, otherwise a row denied by
+        // read-policy would surface as "Record not found" instead of the correct policy error.
+        if (internalQueryContextStorage.getStore()?.bypassOnKyselyHooks) {
+            return proceed(queryNode);
+        }
+
         const hooks: OnKyselyQueryCallback<SchemaDef>[] = [];
         // tsc perf
         for (const plugin of this.client.$options.plugins ?? []) {