from .models import APIKey
from rest_framework.decorators import api_view, throttle_classes

from django.shortcuts import render, HttpResponse

def api_permission_required(model, request_method):
    def decorator(view_func):
        def wrap(request, *args, **kwargs):
            header_key = request.META["HTTP_X_API_KEY"]
            db_key = APIKey.objects.get_from_key(header_key)
            if db_key.has_permission_method(model, request_method):
                return view_func(request, *args, **kwargs)
            else:
                return HttpResponse("NO ACCES")
        return wrap
    return decorator