Spring security, how to restrict user access certain resources based on dynamic roles?

Question

given a scenario , there is a HTML contents OR some method in a controller, which only allow to be access by \"a\" role.

from above, we achieve by using

Answer 1

What if you use Java Reflection to get every controller method, then you asign any of these methods to role relation to build a "dynamic role"? This way you could add or remove any action to any role at any moment. Maybe Spring Security is not required this way.