Giving out rights for read or write access per data object is not directly possible in Mendix. This is always related to UserRoles through the connected ModuleRoles.
You can however configure your app with UserRole that you call RoleRead and RoleReadWrite.
These specific UserRoles can be added/removed from a specific User by the Administrator.
For example, if you have 2 modules: customer and orders.
Create 4 UserRoles in your project:
Then add a page in which the administrator can add/remove these roles to the users of your app.