from rest_framework import permissions

class CustomPermission(permissions.BasePermission):
    """
    Custom permission to only allow owners of an object to edit it.
    """

    def has_permission(self, request, view):
        # 只检查用户是否认证，如果是则返回True，允许访问
        return request.user and request.user.is_authenticated