我有幾個用戶角色，比如說：用戶和管理員。我只想將某些路由的訪問權(quán)限授予具有管理員角色的用戶。例如對于這條路線：@GetMapping("/all")public ResponseEntity getAll(){    List<User> users = this.userRepository.findAll();    return new ResponseEntity<>(users, HttpStatus.OK);}如何在 Spring 中創(chuàng)建不同的中間件，以便我可以使用它們來限制對某個用戶角色的訪問？這是我的用戶模型：@Entity@Table(name = "users")public class User implements Serializable {private static final long serialVersionUID = -7643506746013338699L;public User() { }public User(String username, String email, String password, String firstName, String lastName) {    this.username = username;    this.password = password;    this.firstName = firstName;    this.lastName = lastName;    this.email = email;}@Id@NotEmpty@Size(min = 5, max = 15)@Column(name = "username")private String username;@Email@NotEmpty@Column(name = "email")private String email;@NotEmpty@Size(min = 5)@Column(name = "password")private String password;//some more user properties...@ManyToMany(fetch=FetchType.EAGER)@JoinTable(name = "user_roles", joinColumns = @JoinColumn(name = "username"), inverseJoinColumns = @JoinColumn(name = "role_id"))private Set<Role> roles = new HashSet<>();// getters and setters...}我實現(xiàn)了 JWT 身份驗證。請讓我知道我是否也應(yīng)該上傳它。