This is possible already
https://forum.obsidian.md/t/obsidian-sync-self-hosted-server/20975
This is a mix of https://forum.obsidian.md/t/obsidian-publish-support-of-plugins-that-are-rendering-text-in-preview/23019
and https://forum.obsidian.md/t/enterprisey-private-publishing/9340
This is a good idea and you should open a specific FR about this. “Implementing an access control system in Obsidian Sync”. However, I foresee 2 issues. 1) The notes are still files and the users may still be able to circumvent the restrictions by accessing the notes/config thru the OS file manager. 2) Obsidian Sync is end to end encrypted, so the server can’t enforce anything because the server doesn’t know what is what.