Currently all authorize methods in AuthorizationManager evaluate the roles of the users in order to grant access to a resource. We need an authorize(Resource, Identity, Permission) method that would delegate the decision to the ACL layer when ACL modules have been configured.