How to work on the springboot？？？

[toop]

On the springboot, when a user accesses /books/list, I need to filter books data according to the data_scope range data of the currently logged in user and the category value of books. Please ask how to do this. Please give some collective examples. Thank you very much!

USER：

user | dept | data_scope | admin
admin | 1 | [,] | 1
Tom | 1 | [1,2,3] |null
Sim | 2 | [1,2] |null
Kat | 3 | null |null

BOOKS：

id | name | category
1 | book1 | 1
2 | book2 | 1
3 | Book3 | 2
4 | book4 | 3
5 | book5 | 4
6 | book6 | 5

when user admin to access the /books/list, user.admin =1， can visible all data，return the data:

id | name | category
1 | book1 | 1
2 | book2 | 1
3 | Book3 | 2
4 | book4 | 3
5 | book5 | 4
6 | book6 | 5

when user Tom to access the /books/list, books.category in user.data_scope, return the data:
id | name | category
1 | book1 | 1
2 | book2 | 1
3 | Book3 | 2
4 | book4 | 3

when user Sim to access the /books/list, books.category in user.data_scope, return the data:
id | name | category
1 | book1 | 1
2 | book2 | 1
3 | Book3 | 2

when user Kat to access the /books/list, user.data_scope is null, return the exception:
“access denied，missing permissions”

How to implement the above requirements in MVC and oauth2 environment? Please give some practical examples. Thank you very much!