In Nexus 2.0.1, this is the solution I worked on and tested.
Cautions:
This allows you to restrict the option "Load artifacts" in the directory hierarchy.
This is not exactly the same as “deploy” or in combination with “release preparation”.
Steps:
Remove the only Artifact Download privilege from all that it does not want to use.
Create a Target Repository that includes the directory mask where you want to grant access. Ex. .*/com/mycompany/target-dir/.*
Double check the mask, it starts with a period symbol and ends with a period asterisk.
Create a Privilege Repository that maps to the target repository you created. I usually include the repo name in this repository privilege name, for example, "releases.com.mycompany.target-dir". This creates CRUD (4) entries for the specified directory.
Then create a “Role” based on the repository you just created (4), plus “Download an artifact”. Only 5 entries for the role. Use the "Apply Filter" here to help you find these items. I call this role something like "Upload.Role.Releases.Target-Dir". Again, when done, there should be 5 entries for this role:
Artifact loading
com.mycompany.target-dir (create)
com.mycompany.target-dir (delete)
com.mycompany.target-dir (read)
com.mycompany.target-dir (update)
This is what limits the download role in this repo.directory directory.
Create a user, if he does not already exist, assign a password.
Provide the user with the following roles:
Nexus Deployment
Repo: all Maven repositories (Read)
UI: Basic Interface Privileges
Upload.Role.Relases.Target-Dir
Click save and you have it. Later, you can use the same approach to create a new role for other repositories (such as Snapshot or 3rd Party) and keep the same directory mask.