I have reviewed this document and others, managing
at the user level is not practical.
N27W23957 Paul Rd
Pewaukee, WI 53072
This article in the help file should get you started:
I created a custom property called user type, then I recreated all the security rules to directly apply to these user types and I was able to get what I wanted. Note, every user has to have a type assigned else they will have Admin rights by default. I think this is a bug. Also, I set up the AD Groups to align with the streams and set read only on the stream and added folks to the AD Groups they needed. Then the security rules that are applied to the user type will control the users access. Again, be sure you apply the user type to each user.
There are several ways to go about this as Sense is very flexible