I would do it with a connected node that controls if it is approved and then only allow adding/updating on that connected node to approvers. But how then to filter to show only the approved Posts? Do it with an auth query rule itself.
type User {
id: ID!
posts: [Post!] @hasInverse(field: user)
email: String! @search(by: [exact, regexp])
isEmailVerfied: Boolean
}
type Post @auth(
query: { or: [
{
# role based rule for approver to see all
}
{ rule: "query { queryPost { approved { __typename } } }" }
]}
) {
id: ID!
user: User!
title: String! @search(by: [fulltext])
description: String
approved: Approval
}
type Approval @auth(
add: # rules here to block non approvers
update: # rules here to block non approvers
delete: # rules here to delete non approvers
) {
approvedBy: User!
approved: Post! @hasInverse(field: "approved")
}