from rest_framework.permissions import BasePermission

class IsAdminOrEditor(BasePermission):
    def has_permission(self, request, view):
        return request.method in ("GET", "HEAD", "OPTIONS") or (
            request.user and request.user.is_authenticated and (
                request.user.is_superuser or getattr(request.user, "role", None) == "editor"
            )
        )