Curious to know if anyone explored authorization packages/module for Prisma? Suggestions are welcome - (something similar to - https://www.graph.cool/docs/tutorials/auth/authorization-for-a-cms-miesho4goo#elevated-access-for-owners)

It's being handled in the server resolvers

could you point me to sample/example?

first, thank you for the help sir. Second example is close but not exactly what I was looking for - was thinking if there is a middleware/resolver framework that I could use at every request which abstract the logic to check whether a user is able to perform a specific action on a specific resource. (Eg: it would take user_id/entity_type/entity_id/action, and returns true or false) - if it returns false, server returns 403 - otherwise continues to the business logic. Graph.cool does this in a neat way

Something along these lines? https://github.com/maticzav/graphql-shield

this is good for authentication (similar to JWT). I'm looking for authorization at resource level