First - noone welcomed you, so let me do that now. Welcome!
Secondly - I think you actually want to take a look here and disable the file app altogether for some users by use of file access control lists on the Files app. This means that entire app is disabled for those users (upload, download and browse).
https://osc.github.io/ood-documentation/latest/app-sharing.html?highlight=facl#system-installed-apps
Or here where you can limit what directories are shown/available.
https://osc.github.io/ood-documentation/latest/customization.html#whitelist-directories
That said - you should know that Open OnDemand (OOD) respects the underlying file permissions. That is users using OOD who can’t see restricted files in a shell due to permissions and so on, won’t be able to view the files in the web through OOD either. OOD does not give privilege to the users they don’t already have. Indeed it runs as the user with their UID and GID(s). So if they for example can’t write to a directory through a shell - they won’t be able to upload the file through OOD.
So the whole issue may be moot if the files you’re restricting are indeed restricted to those users.
We at OSC have protected data locations (for HIPPA data and so on) and they’re access limited through group permissions along with being monitored for access & modification.