It is easily achieved by defining custom fallbackRule.

In following example, deny queries and mutations which have no rules but allow types and fields. So once you have rule that allows Query or Mutation you don’t have to add rule for returned type and (or) it’s fields.

const shieldFallback = async (parent, args, ctx, info) => {
    switch (info.parentType.name) {
      // queries
      case 'Query':
        return false;
      // mutations
      case 'Mutation':
        return false;
      // returned types and it's fields
      default:
        return true;
    }
};
const fallbackRule = rule({ cache: false })(shieldFallback);

const ruleTree = { Query: {}, Mutation: {} };
const permissions = shield(ruleTree, { fallbackRule });

You can play further with fallback for your needs.

@LK let’s think of the options we have. I think I understand why such functionality could be beneficial, however, I am struggling to find the right approach. My primary goal of this conversation is to understand the use case we are trying to solve and propose a meaningful solution to the problem which won’t pose a holdback in the future.

A few concerns that I have:

1. We shouldn’t split fallbacks with permissions because it doesn’t scale on large systems.
2. We should apply a logic rule when extending default with a particular rule.

My proposal:

declare function extend(rule: ShieldRule, fieldMap: IRuleFieldMap): IRuleFieldMap

const houseType = extend(allow, {
  inquiries: isUserOwner,
})

which would reduce to

const houseType: IRuleFieldMap = {
  id: allow,
  name: allow,
  price: allow,
  inquiries: and(allow, isUserOwner),
}

A few open questions that I have:

1. What kind of logic rule should we use?
2. How does global fallbackRule work?
3. What should be the name of the function?
4. Should we omit fallbackRule altogether in favour of extend which could also accept IRules as an argument, or should we keep it narrowed down to types only?

cc @ph55