Role management in Olingo JPA oData

I found an `Olingo` implementation for fetching and modifying data in a database by using odata protocol in this repository.

No the question is, if we assume I have a mechanism for detecting the user by using `JWT` same as here, how can I implement the access management for `odata` sets as well?

In the other hand, if we could detect the user's role (e.g. Admin, Employee, ...) how can I define, who can do what? I mean who can do each of CURD actions on each sets? I am looking for the best practice approach! For example, maybe by using annotations? I don't want to implement some stupid sets of if then else!

Also I am very amateur in spring!