Make TN web Manager more secure

We have a requirement in which certain users (not external partners) logging into TN Web Manager should see only “Transaction Analysis” option, & they should be able to view documents of any receiver and/or sender.
Has anybody already implemented it?
These users should not be able to login into TNConsole & should not have other options in TN Web Manager.
Any info. on this would be of great help.
Advance thanks.