Create user have read only permission ( query via dev tools )

holy fucking shit. I read whole your reply over again and i found this issue:
First, I used

GET _opendistro/_security/api/account

to check which role is mapped to my account. I see all custom roles I created include own_index.
Then I tried to remove “*” from hosts in roles mapping

PUT _opendistro/_security/api/rolesmapping/wtf
  "backend_roles" : [ "wtf" ],
  "hosts" : [ "" ],
  "users" : [ "wtf" ]

Then I see that role is not mapped to the user which has a problem. Then I set all of them to null. Then my desire read-only user no longer can delete it. You know the problem from the early time but I haven’t enough smart to understand what u said.
Thank you so much again @Anthony :smiley:

Nothing of the above worked, but this did for me

which specific permission did you use that is related to dev tools in dashboard?