You can use the "editable" property of a dataview. Set editable on false and all attributes will be readonly within the dataview:
You could also use entity access to achieve this. Set the attribute access of an entity to read. This way the attributes will be read-only for your configured module role.
Edit:
If you want to do that conditionally then you should create entity access for readonly and readwrite. Then you could use an enumeration to add a module role to your users which has the right access.
That is a good start. I would like to do that conditionally though. So I would like to have been able to set that to a condition based on a enumeration or business rule.
Instead of using security, you can also set conditionionally editable on almost any input widget. This can be based on a boolean or enumeration attribute.
See this howto: https://world.mendix.com/display/howto25/Set+up+visibility+and+editability+based+on+an+enumeration