authenticated sharp users could download unrelated laravel storage objects through the generic download endpoint
