from django.shortcuts import get_object_or_404

from rest_framework import permissions

from tickets.models import Ticket, TicketList


class UserCanReadTicketListPermission(permissions.BasePermission):
    def has_object_permission(serf, request, view, obj):
        return request.user.is_superuser or obj.group in request.user.groups.all()


class UserTicketAccessPermission(permissions.BasePermission):
    def has_object_permission(self, request, view, obj):
        if request.method in permissions.SAFE_METHODS:
            return request.user.is_superuser or obj.ticket_list.group in request.user.groups.all() or obj.assigned_to == request.user

        return request.user.is_superuser or request.user.is_staff or obj.created_by == request.user


class UserTicketStatusAccessPermission(permissions.BasePermission):
    def has_object_permission(self, request, view, obj):
        return request.user.is_superuser or obj.ticket_list.group in request.user.groups.all() or obj.assigned_to == request.user or obj.created_by == request.user