Security Rule for only Private Sheet on published apps

Dear Community,

security rules of QlikSense can be really annoying.

After playing around with some definitions,all Users can edit all Sheets from published apps.

This is not the desired behavior, i need that published apps can not be edited, only new private sheets should be possible.

Whats the security rule for such behavior? Actually i use following security rule:

Please Help!