I’m trying to protect file upload behaving similarly to what workflow conditions do with writing to the database in a workflow. If the condition is not meet, for example, the user is not logged in, I don’t want to enable file upload.
Unfortunately, you cannot have any conditions before uploading the file. You can just delete it after upload. Meaning anybody could stop the trigger to the deletion workflow and fill up all the space with junk. Plus there is no way to disable file upload and only client-side code is required to do it (looking at the source for Uppy File + Webcam Uploader shows this, no actions are defined). Does this mean I can upload anything I want to any bubble app out there and make them run out of space? Or is there some security feature I am not aware of?