Hi Manesa,
You can set this security up on the entity itself. If you go to the access rules on the entity, you can give read access to the roles that can't edit, and read/write access to the roles that can edit.
Here is the documentation on security
https://docs.mendix.com/refguide/security
Hope this helps!