Extend level of permission to the asset id level. So a user could have read access to all assets of 1 type, but edit rights to only few asset ID.

Understand it can be tricky and not highly requested feature.