from rest_framework import permissions


# Admin Have all access Others have Read Only Access
class IsAdminOrReadOnly(permissions.BasePermission):
    def has_permission(self, request, view):
        if request.user and request.user.is_authenticated:
            if request.user.groups.filter(name='Admin').exists():
                return True  # Admins have full access
            return request.method in permissions.SAFE_METHODS  # Others have read-only access
        return False
    
# Admin and Manager have all access Others have Read Only Access
class IsManagerOrAdmin(permissions.BasePermission):
    def has_permission(self, request, view):
        return (
            request.user and
            request.user.is_authenticated and
            request.user.groups.filter(name__in=['Manager', 'Admin']).exists()
        )

# Admin and Executive have all access Others have Read Only Access
class IsExecutiveOrAdmin(permissions.BasePermission):
    def has_permission(self, request, view):
        return (
            request.user and
            request.user.is_authenticated and
            request.user.groups.filter(name__in=['Executive', 'Admin']).exists()
        )