from rest_framework import permissions  # type: ignore
from rest_framework.views import APIView  # type: ignore
from rest_framework.request import HttpRequest  # type: ignore

from core.apps.companies.models import (
    CompanyAccountModel, 
    CompanyModel
)


class IsCompanyAccount(permissions.IsAuthenticated):
    def has_object_permission(  # type: ignore
            self, 
            request: HttpRequest, 
            view: APIView, 
            obj: CompanyModel
        ) -> bool:
        if request.user.is_staff: 
            return True
        
        return CompanyAccountModel.objects.filter(
            company=obj, user=request.user,
        ).exists()