Is your feature request related to a problem? Please describe.

The authorized decorator does not run the auth checker for InputType fields, so we can't restrict a specific field on an input type to a specific role. For example: You can query a person and see all the fields, but you can't update [insert field] unless you are a specific role

Describe the solution you'd like

The auth middleware should be applied for InputTypes as well, so that the behavior is consistent between authorizing input and output types, and so that we can make use of a single auth middleware instead of having to create a separate one to run on inputs.

My thought is it could go here, same as it is being applied to the ObjectType?
https://github.com/MichalLytek/type-graphql/blob/master/src/schema/schema-generator.ts#L478

Describe alternatives you've considered

The alternative is to create and apply a separate middleware that does the same behavior as the AuthChecker but that runs on InputType field, but this seems unnecessarily repetitive and it would be nice if the existing one just worked for both inputs and outputs.
Or create separate update mutations with separate input types for each permutation of role restrictions, so that we can use the authorization from the mutation instead of the input field level, but that seems very excessive.

This is not possible to apply any kind of middleware on input type or args type fields.
In GraphQL architecture, field resolvers are only for output types.
Args and inputs are treated like values or DTOs.

All you can do is to put some metadata using @Extensions and then use middleware/method decorator on queries/mutations that will traverse the graphql resolve info, combine with received args, read the extensions and do the business like throwing error for not authorized access.

I had a feeling it was something like that, thanks! Extensions + middleware is what we are doing now so I will continue on with that method.