I'm having a tough time troubleshooting a permission query issue. My permission query to ensure a user can only request their own user node is:

query ($node_id: ID!, $user_id: ID!) {
  SomeUserExists(filter: {
    AND:[{
      id: $user_id
    },
    {
      id: $node_id
    }
  ]})
}

, and the query I'm running is:

query ($userId: ID!) {
    User (id: $userId) {
      id
    }
  }

, however I am continually getting an "Insufficient permissions" error. Outside of passing the wrong token, is there anything else I could be doing incorrectly here?