It should be possible to set a ACL to prevent the possibility to upload a CAD Document.
Today there is a "Create" permission but this will only disallow Check In not Upload.
This can be a problem if using different soft-types of CAD Document. Soft-Type is applied to the CAD object when uploading, and is not possible to change after uploading (at least for end user. admin can run "java wt.epm.util.SoftTypeChangeUtility" to change).
PTC solution for using multiple soft types for cad document, is to use a upload parameter (e.g. UPLOAD_SOFT_TYPE). But if a user is using the incorrect start teplatre or forgett to set this parameter. Then the CAD Document will get the type defined in <WC_HOME>\codebase\EPMDefaultSoftTypes.xml
So one way of prevent a user to upload a CAD document, could be to have a Upload permission that you can control