Implementing row-level security in SymmetricDS

I am developing a mobile ticketing system, and I'm reviewing my requirements against embedded SymmetricDS. The only sticking point so far is that I can't find any information directly addressing the question of row-level security.

Use Case:

Some of the mobile point-of-sale nodes will be logged in as sellers, some as managers. Everybody can view everybody else's sales. Sellers can create new sales, but never modify them. Managers can modify existing sales, but not delete them.

Problem:

I don't have strict control over the Android mobile POS units, so they aren't trustworthy -- it's not realistic to prevent a malicious seller from decompiling the APK and creating a malicious client node. My environment has security requirements, such that a malicious seller cannot be allowed to modify the sales table on the server. I can trust that the hypothetical malicious seller does not have access to manager credentials, and I can trust that the server software is secure.

Questions:

Is server-side row-level security a job for a load filter?
Can the filter script get access to the node_id originating the change?
Can the filter script get access to the authentication credentials used to register the originating node?

Solution

Yes. Some of its is possible implementing with a writer filter, like the update limiting to a certain group of nodes. Disabling deleting a row from a node just means that delete trigger shouldn't be created at all for that node group
Yes, it's possible. Methods that are implemented in an extension of an abstract load file accept arguments that carry external ID of the caller (org.jumpmind.symmetric.io.data.Batch#getSourceNodeId and DataContext#getBatch())
Basic authentication is the same for all nodes. There's a password that is automatically generated when handshake is performed and it's stored in the db. Let your load file implement symmetricds interface ISymmetricEngineAware which allows for injection of an engine that can be used to access the database