Hi @tom_wang , of course is possible, just need to have your security_admin user and your role that you give to the autitors "ReadOnly", Elevate Role to "security_admin", then go to System Security -> Access Control(ACL) ,  Select New and fill the information, just add the operation read and select the table and insert the role.

In another hand you will need to create another ACL with the other operations as create write and delete with the roles can have access to edit that table.