diff --git a/server/middlewares/verifyResourceAccess.ts b/server/middlewares/verifyResourceAccess.ts
index ba49f02e3..f790a481a 100644
--- a/server/middlewares/verifyResourceAccess.ts
+++ b/server/middlewares/verifyResourceAccess.ts
@@ -1,11 +1,15 @@
 import { Request, Response, NextFunction } from "express";
 import { db, Resource } from "@server/db";
-import { resources, userOrgs, userResources, roleResources } from "@server/db";
-import { and, eq, inArray } from "drizzle-orm";
+import { resources, userOrgs } from "@server/db";
+import { and, eq } from "drizzle-orm";
 import createHttpError from "http-errors";
 import HttpCode from "@server/types/HttpCode";
 import { checkOrgAccessPolicy } from "#dynamic/lib/checkOrgAccessPolicy";
 import { getUserOrgRoleIds } from "@server/lib/userOrgRoles";
+import {
+    getRoleResourceAccess,
+    getUserResourceAccess
+} from "@server/db/queries/verifySessionQueries";
 
 export async function verifyResourceAccess(
     req: Request,
@@ -116,37 +120,22 @@ export async function verifyResourceAccess(
 
         const roleResourceAccess =
             (req.userOrgRoleIds?.length ?? 0) > 0
-                ? await db
-                      .select()
-                      .from(roleResources)
-                      .where(
-                          and(
-                              eq(roleResources.resourceId, resource.resourceId),
-                              inArray(
-                                  roleResources.roleId,
-                                  req.userOrgRoleIds!
-                              )
-                          )
-                      )
-                      .limit(1)
-                : [];
+                ? await getRoleResourceAccess(
+                      resource.resourceId,
+                      req.userOrgRoleIds!
+                  )
+                : null;
 
-        if (roleResourceAccess.length > 0) {
+        if (roleResourceAccess) {
             return next();
         }
 
-        const userResourceAccess = await db
-            .select()
-            .from(userResources)
-            .where(
-                and(
-                    eq(userResources.userId, userId),
-                    eq(userResources.resourceId, resource.resourceId)
-                )
-            )
-            .limit(1);
+        const userResourceAccess = await getUserResourceAccess(
+            userId,
+            resource.resourceId
+        );
 
-        if (userResourceAccess.length > 0) {
+        if (userResourceAccess) {
             return next();
         }
 
diff --git a/src/components/ResourceAuthPortal.tsx b/src/components/ResourceAuthPortal.tsx
index c7d947510..5b6ee648c 100644
--- a/src/components/ResourceAuthPortal.tsx
+++ b/src/components/ResourceAuthPortal.tsx
@@ -300,6 +300,7 @@ export default function ResourceAuthPortal(props: ResourceAuthPortalProps) {
         let isAllowed = false;
         try {
             const response = await resourceAccessProxy(props.resource.id);
+            console.log("response", response);
             if (response.error) {
                 setAccessDenied(true);
             } else {