The clients supports the access right on models and they disable the corresponding buttons.
When a model has record rules for the write and delete rights, we rely on the server validation only which is not ideal for the experience. It will be better if the client could display as read-only record for which the user does not have the write right and disable the delete button if he does not have the delete right to any of the selected record.
Proposal
I think we could send to the client the write and delete rights of each record read using private variable (like the _timestamp).
The simplest way should be to add to the SELECT query two column that contains a sub-query based on the ir.rule. If there is no rule, the query is replaced by a fixed value.
Those fields should be explicitly requested on the read call.
There could be some concern about the performance. This may have an negative impact on the read.
I think that once we have removed the company record rules, there should be a very low number of impacted model with rules.
A specific attribute on the Model (since there is an ir.rule it would be a “global” setting anyway) or more something that should be specified in the ir.action or even the ir.ui.view of said model?
I tend to prefer the Model idea but there might be another issue that I haven’t expected.