Hi Paulo,
Typically for something like that you would use function access on a role, and not data partitions, as its something you want to control for ALL tickets, not just the individual ticket that the user is interacting with. What I would recommend here is creating an access type, and then a role (or multiple access types and roles) which you would then add those users to that access type, and put that new role on that new access type - then set the function access in the role such that they can view, but not edit the different ticket types. Data partitions are really used more for allowing or not allowing the editing of tickets based on a field in the ticket, but not based on something having to do only with the logged in user. These types of things are much more effectively managed by using access types, roles and function access if its something global like this.
Hope this helps.
Let us know.
Thanks,
Jon I.