from django.http import HttpResponseForbidden


class CheckPerm(object):
    @staticmethod
    def process_request(request):
        if '/admin' in request.path or '/analytics' in request.path:

            if not request.user.is_authenticated():
                return HttpResponseForbidden()

            if not (request.user.in_role == "M" or request.user.in_role == "S"
                    or request.user.in_role == "A" or request.user.is_admin):

                return HttpResponseForbidden()