Correct way to handle prefilling/limiting user input based on Roles

[sachaw]

A common pattern in authorization is to prefill relations with the current user's id, i.e:
The user creates a new post, and that post is linked to their account, and only people with permission can add a different
relation.

Or, The user wishes to query their account data but should not be able to access other users data.

The default behavior as you know requires the user to explicitly define all data and relations and even with an authentication guard, an authenticated user can create or resolve undesirable relations, assuming they have access to the mutation/query.

From what I've read, there does not seem to be any easy way to implement this, if somebody could provide a starting point/direction I can pursue a solution.

[MichalLytek]

The goal of this library is to generate the building blocks, corresponding to Prisma inputs and outputs.

It's not a Hasura competitor, so it doesn't generate a rich resolvers with custom logic.
You can reuse some inputs and outpus and write your own resolvers when you connect new record to current user from context.