If mentors are able to log in, you could model it as follows:
Set entity access on the student entity for the role mentor with an xpath which will goto from the student to it's mentor to the associated account for that mentor and check against currentuser, something like: [MyFirstModule.MentorStudent/MyFirstModule.Mentor/MyFirstModule.MentorAccount = '[%CurrentUser%]']
Unfortunatly nothing of above works for me. What is exactly the full XPath constraint I have to fill in? It also doesn't work if I want to constraint on only the mentors. So when a particular mentor logs in, he or she only wants to see his own object in the entity mentors. I tried [MentorID = System.owner/Administration.Account/EmployeeID] but it doesn't worked. The strange thing is: [MentorID = '1234'] does work so when a user logs in he or she only sees the mentor with ID 1234. So it goes wrong in retrieving the EmployeeID of a user which I has made. So what I thought after your comments was that I used the following XPath constraint on the entity access of mentor:
[System.owner='[%CurrentUser%]'] [MentorID = System.owner/Administration.Account/EmployeeID]
But by doing this, a new mentor account couldn't see any mentor although the employeeID of the doctor matches the mentorID.