Checking permission at service definition level is a better approach than checking it at the implementation level.
1. Permission check will be done during service validation.
2. If one want to override the permission for any service then he need not required to override the actual implementation. He will override the permission service.