I have a question about granting/denying item-level permissions within Reporting Services. Here's an example of what I need to do. I need to create 2 folders for departmental reports. Each department should only have access to their own report folder and associated reports. Each department will have admin users who will create and publish reports to the appropriate report folder. The tricky part is... I would like to grant access for those admin users to create, modify, and publish, but not delete. I do not what the admin users to delete or overwrite the report.
I think I have the majority of permissions figured out but I do not know how to handle the item-level permissions such as "delete". I am okay with the user deleting a report if I can track it. So if a user comes to me and says "someone deleted my report"... I want to be able to audit this action.
I would appreciate any advice/help!