MM01 and MM02

We are enhancing MM01 and MM02 security. Does anyone has idea how we can restrict Material types for users with user groups.

I checked MM01 SU24 table and many objects are checking during run-time. Would someone tell me which main object we can use.

The scenario is.

1. Some will request the Material (workflow initiated).

2. This will go to Manager bucket and Manage allow to create Material someone else.

3. So creator and changing of Material name would be other person.