What I understood is you want to have a readonly user who can just view the configurations and runtime information. Based on that I have attached two images one with config permission and the other with manage permissions. let me know if that is not what you wanted.
For reference, see the “Management Security” chapter in the Progress SonicMQ Deployment Guide, in particular the section on "Permissions Enforcement".