For an hierarchy like the below,

• User Assets
• Notebook
• Workstation
• Workstation accessories
• Network Devices
• Servers
• Switch
• Ports

All users who can see this scheme, should create objects for above list but they should not edit them.

In other words, it is like self service - An user can manually add the Assets(Objects) tagged to them, but should not be able to edit the objects created .

Object type permissions are suitable for this, but it grants both Create/Edit permissions. My question is: Can these permissions be separated?