Hi Yassir -
Access to server content is predicated on the combination of the user's site role AND the content permissions. Additionally, it will also be driven by group membership. The screen shot is a bit blurry, but it appears you have explicit denial set for the data source permission. On the surface, this would seem to solve your problem, but this in and of itself does not prevent publishing of a data source; it restricts the ability to Save. Download, or Delete the data source. Which User ID presently owns the data source? You can't deny access to the owner. Also, check the Edit Content Permissions. Are you locking permissions on the project level? If not, it would seem your settings are not getting pushed down to the appropriate content. If that is the case, you will have to manage the permissions on each respective level. See below:
I suspect this can't be done with the current version.....if you have publisher rights on a project then you're free to publish anything via Desktop.
A band-aid solution to this might be to script a very frequent check of Tableau's postgres database for any datasources that have been published to the project, and then delete them via Tabcmd.