Too Long; Didn't Read
Roles are defined along with their respective permissions as seen in Code (Part-III) Based on the permissions for each role, we will evaluate the authorization for the user in each of our controller methods. The convention used here is the controller/service name of the file followed by method name. For example, USERS_CONTROLLER_FINDLIST_OPERATIONS = "userscontroller.findList_operations", we have users.controller as the controller name followed by the method name as findList.controller.