At a basic levels, access layers should be aware of operations that are Read-only and operations that are Write/Delete. It should be easy to give agents access to read anything, then require permission/prompt to execute any state changing operations.