how to do resource base authorization using wso2

I am new to wso2.

My problem is how to implement the things below.

user: user1,user2,user3

role: role1,role2,role3

resource: /abc/cde (GET)

role1 - user1 and user3

role2 - user 2

and role1 access for /abc/cde resource.

When user 1 calls this request they are getting a response, but when user 2 tries then it's showing access denied.

I have done the things below:

1) implement wso2 identity server and using oauth.

2) role dependent user mapping.

The 2 things above are working fine but how to check resource and method validation?

1 answer