Applying PrismaSelect "where" clause to resolvers of type globally

[renaldasrep]

Hey!

I'll try to explain what I'm trying to achieve first:

I'm using prisma, nexus and paljs generated graphql and I have some models, lets say: User, Post, Note

User can create posts and add notes to those posts, but I want the user to be only able to query for their own Notes or "public" notes that don't have a user specified, and not other users' Notes

Current approach is to use PrismaSelect.mergeDeep in findManyNote.ts

const mergedObject = PrismaSelect.mergeDeep(select, {
  where: { OR: [{ userId: null }, { userId: ctx.user.id }] }
})
return prisma.note.findMany({ ...args, ...mergedObject })

but this still allows to query for other users' notes via Post.notes, so I'd need to add another PrismaSelect.mergeDeep in findManyPost.ts

const mergedObject = PrismaSelect.mergeDeep(select, {
  select: {
    notes: { where: { OR: [{ userId: null }, { userId: ctx.user.id }] } }
  }
})
return prisma.post.findMany({ ...args, ...mergedObject })

and that of course still leaves findUnique*, findFirst* etc with open gates, so I'd need to add more mergeDeeps manually in there as well

So here goes my question: Is there a way to add this where clause globally on the entire thing in one place? Of course this might be a totally dumb approach in the first place, so in that case please advise on other ways to work around this data-leaking situation if you can, thanks!