Can you configure user account permissions that apply to ASDM interface from the CLI? For instance, I need to gove someone red only access to the ASDM so they can view but cannot make changes to the config.
Can this be done using the CLI?
You can't get more granular than that.
ASDM recognizes 3 types of user priv, 2, 5 and 15 (monitor, read-only, admin respecitvely).
You can move commands to different levels but that will correspond only to CLI. ASDM will recognize only the levels above for the functions/commands it does. If you move commands up and down ASDM will try to do its best and when it tries to apply a command that has been arbitrarily moved it will throw an error.