Hello all, started with

graphql-shield

, offloading my stupid queries here, please help, if you could: 1. How do I ensure that an authorized user is deleting say, wishlisht of its own? (Right now, I am using $exists from prisma client in resolvers to check if the user has that item (with isAuthenticated and isUser shield rules middleware) then only allow deletion). Should this constraint be somehow placed in the shield rule? 2. What are fragments in shield? Are they the one to use when I have to constraint some fields of a type to be public, and some to be authorized (but these could be achieved with field level rule defs, couldnt they?) Thanks :)

cc @matic 🙈

Had messaged him, then realised that he might have a life 😄