I hava the edit and delete buttons in show.gsp
I hava an admin user which has the 'ROLE_ADMIN' role.
Now, I do not want other user which has no 'ROLE_ADMIN' role can see the edit and delete buttons.
I use nginx cache, so if I login as admin, the buttons will be cached.
Then admin logout, and other user login, I can see the edit and delete buttons because the cache.