Is it possible to restrict security rule creation for streams so the user can only grant access to the explicit name of the resource(in this case a stream) they're creating? I.e. I want to give a user access to create their own streams and define security on them... but I don't want them to be able to replace the resource filter with streams_* and get access to streams they aren't supposed to see.
Is this possible?