If by problem you mean that the @auth directive is not supported in DQL and all auth rules are completely ignored when running DQL queries and mutations, then yes.
Our work around for this is to use DQL to get a list of uids that fullfill the filter parameters and then with those uids, get the data using GraphQL.
When there is a will, there is a way 
I am all for making my work arounds not needed, but it is just how we learned to cope with some of the limitations in the meantime.