"""
权限控制
"""
from rest_framework.permissions import BasePermission


class IsAdmin(BasePermission):
    """管理员权限"""
    def has_permission(self, request, view):
        return request.user and request.user.is_authenticated and request.user.is_staff


class IsOwner(BasePermission):
    """资源所有者权限"""
    def has_object_permission(self, request, view, obj):
        # 假设对象有user字段
        if hasattr(obj, 'user'):
            return obj.user == request.user
        if hasattr(obj, 'owner'):
            return obj.owner == request.user
        return False


class AllowAny(BasePermission):
    """允许任何访问"""
    def has_permission(self, request, view):
        return True