@RequestMapping(MappingConstants.USER_ROLE_LIST_JSON)
 @PreAuthorize("hasRole('" + PermissionConstants.ADMIN_USER_ROLE_LIST + "')")
 public @ResponseBody List<Role> findUserRoles(@PathVariable long id) {
   return userService.findRoles(id);
 }
 @RequestMapping(MappingConstants.USER_LIST_JSON)
 @PreAuthorize("hasRole('" + PermissionConstants.ADMIN_USER_LIST + "')")
 public @ResponseBody List<User> findUsers() {
   return userService.findAll();
 }
 @RequestMapping(value = MappingConstants.USER, method = RequestMethod.POST)
 @PreAuthorize("hasRole('" + PermissionConstants.ADMIN_CREATE_USER + "')")
 public @ResponseBody Long createUser(@RequestBody @Valid User user) {
   return userService.create(user);
 }
 @RequestMapping(value = MappingConstants.USER_ROLE, method = RequestMethod.POST)
 @PreAuthorize("hasRole('" + PermissionConstants.ADMIN_CREATE_ROLE + "')")
 public @ResponseBody void assignRole(@PathVariable long userId, @PathVariable long roleId) {
   userService.assignRole(userId, roleId);
 }