I’m setting up authorisation in Absinthe and just want to clarify how child query authorisation works.
Am I right in believing that child queries are resolved after the parent query, and only if the parent query succeeds? I expect that this is the case, but want to confirm for DataLoader pattern too (not using yet but will be).
This will simplify authorisation logic in a few resolvers where the parent query handles the permissions and then the child query doesn’t have to check them again.