from rest_framework import permissions
from apps.workspaces.models import WorkspaceMembership


class IsClientWorkspaceMember(permissions.BasePermission):
    """
    Allows access only to users who are active members of the workspace associated with the client.
    """
    message = "شما عضو فضای کاری این مشتری نیستید."

    def has_object_permission(self, request, view, obj):
        """
        Validates if the user exists in the workspace memberships for the requested client's workspace.
        """
        if not request.user.is_authenticated:
            return False
            
        return WorkspaceMembership.objects.filter(
            workspace=obj.workspace,
            user=request.user,
            is_active=True
        ).exists()