It’s an interesting approach, but I’m not clear on how you would use a fragment for a given entity on another entity without still supplying the ‘path’ that should be taken to get back to the entity which has the ‘real’ auth rules to be checked.
Much like you, I am having to repeat the same 10 or so rules over and over again. I was thinking that with the __auth field that I proposed, the schema parser could expand the rules directly into the entity from the referenced entity (obviously taking into account recursive loops and blocking the use of this if that is the case).
Honestly, so long as an approach is thought up and implemented that would allow me to not have to repeat the same rules over and over again, I’m all for it in whatever its form is.
It looks like the ticket you referenced stopped being discussed. Any ideas on whether further thought was put into this? I’m so worried about human error with all of the copying and pasting, I’m considering writing a tool which will do this ‘expansion’ I’m talking about.