https://docs.microsoft.com/en-us/aspnet/core/security/authorization/resourcebased?tabs=aspnetcore2x#operational-requirements - We can create handler automatically. - We can restrict data access based on CRUD operations automatically. See also https://github.com/aspnetboilerplate/aspnetboilerplate/issues/3231
