from django.contrib.auth.mixins import LoginRequiredMixin
from django.core.exceptions import PermissionDenied


class RoleRequiredMixin(LoginRequiredMixin):
    """Base mixin for role-based access. Super admin always passes."""
    allowed_roles = []

    def dispatch(self, request, *args, **kwargs):
        if not request.user.is_authenticated:
            return self.handle_no_permission()
        if request.user.role not in self.allowed_roles and not request.user.is_super_admin():
            raise PermissionDenied
        return super().dispatch(request, *args, **kwargs)


class StudentRequiredMixin(RoleRequiredMixin):
    allowed_roles = ['student', 'super_admin']


class TeacherRequiredMixin(RoleRequiredMixin):
    allowed_roles = ['teacher', 'super_admin']


class AdminRequiredMixin(RoleRequiredMixin):
    allowed_roles = ['admin', 'super_admin']


class SuperAdminRequiredMixin(RoleRequiredMixin):
    allowed_roles = ['super_admin']