Create further roles that would enhance the current roles by providing read / write functionality. Let's take as an example the alerts role, any user that has the Alert role can manipulate alert definitions and alert histories, this means that those users can get a full control over the Alerts, however in some scenarios I would expect that some users should be given only the ability to view the alerts histories and definitions,without being able to modify the alert definitions or delete entries from the alert histories which is not available at the moment
yes, this has been talked about before. not a simple fix, but a nice augmentation to authz for the future.
This bug was previously known as http://jira.rhq-project.org/browse/RHQ-1975
mass add of key word FutureFeature to help track
No changes authz planned. Case by case basis for future.