The current Firebase Storage rule for user-uploaded media (/user-media/surveys/{surveyId}/...)
authorizes writes at the survey level only. Within a survey, any user with write permission can
create, overwrite, or delete files at arbitrary sub-paths, including paths not associated with
their own account.
The current Firebase Storage rule for user-uploaded media (
/user-media/surveys/{surveyId}/...)authorizes writes at the survey level only. Within a survey, any user with write permission can
create, overwrite, or delete files at arbitrary sub-paths, including paths not associated with
their own account.