Allow Replace application from Hub, but not published of new application.
I hope someone can point me in the right direction. We are looking for the option the disallow publish on our production node, but allow content providers with only the option to replace existing application in target streams.
To my question. Is it even possible to distinct between replace and published of an application from the hub or Qmc?
If so, do you have en example on the security rules needed?