"""Checks for privileges for system-level actions."""
import logging
from functools import partial

from .authspec import check


logger = logging.getLogger(__name__)


def can_link_data(system_privileges: tuple[str, ...]) -> bool:
    """Check whether user is allowed to link data to user groups."""
    return check("(AND system:data:link-to-group)", system_privileges)


def can_masquerade(system_privileges: tuple[str, ...]) -> bool:
    """Check whether the user is allowed to masquerade as a different user."""
    return check("(AND system:user:masquerade)", system_privileges)