Cannot use @include or @skip to strip unauthorized fields from a query

[chris-nissen]

Should AuthorizeWith report an error if a field the user isn't authorized for is excluded from the query via the @include or @skip directives? (It currently does.)

[joemcbride]

Indeed it should not report an error. Up for doing a PR for it?

[chris-nissen]

Bad phrasing on my part. I mean that it should not report an error when the unauthorized field is skipped (or not included), but I think we're on the same page.

I'd like to do a PR, but I haven't done one for a public project before. I'll try to work it out!