I have an interesting question for the mere mortals gurus....

We are wanting to use security in the mere mortals application we are building in our office.. But with a twist, we want the security to allow viewing of the a list of data in the grid (using a bizobjmaint form setup..), but when they select one of the records (and move to the editing page), it detects if they have rights to edit that record. The user should be able to SEE everything - which includes all the data in the controls on the editing page which is more than what's on the grid. However, they should only be able to edit select records based on a field in the table. The manual seems to suggest using views to control row level access, but how do we have a view that acts as readonly part of the time and readwrite the other part of the time? It's not a matter of whether or not they can see or not see the record, they should be able to see everything that the view has access to, but only edit selected records. Are we missing something obvious? Looking at the security on the controls, seems to suggest that the access level is set at instantiation, not at "refresh", which is I guess more like what we want.