We have created a custom application on Cumulocity platform in which we are giving reader role to the user to access the application. In the application we have a widget where we want user to update his basic details like email and details of his owned device. Which role/ permissions will be suitable for the user to only update his details in that widget and have reader role to access rest of the application?