I am faced with the following situation (some context): There are several developers working on a datasource that is protected (privacy issues). They have individual accounts on the source and we have managed to protect the data connections in QS at user level so they cannot use each other's data connections. So far so good.

However, these developers have access to the ContentAdmin role (so they can publish to a stream, import templates, etc.) and can thus also duplicate apps in the QMC. It turns out they can duplicate each other's apps in the QMC, including data, access to which would be a breach of security. I have tried to adjust the ContentAdmin security rule so they can no longer Create Apps in the QMC or change the owner of the object. This is working OK, as removing the priv to create an app makes it impossible to duplicate one as well. Unfortunately this also blocks them from importing Apps, for which there is still a use-case (templates, etc.)

Is there any way to restrict these devs from duplicating apps without blocking them from using the import feature? Or, can I prevent apps from individual users being duplicated?