feat: Introduce core UI components including header with user profile and avatar upload, and define client-side navigation modules.

Author: pphatdev

src/client/controller/upload.ts

@@ -4,6 +4,18 @@ import { Controller } from "./controller.js";
 export class UploadController extends Controller {
     public static get(request: Request, response: Response, next: NextFunction) {
         const currentPath = request.path;
+        const user = (request as any).user;
+
+        if (!user || (user.role !== "admin" && user.role !== "user")) {
+            response.status(403).render('layouts/main', {
+                ...Controller.defaultConfig,
+                page: 'error',
+                title: `Forbidden - ${Controller.defaultConfig.title}`,
+                currentPath,
+                message: "Author or Admin access required to upload files."
+            });
+            return;
+        }
 
         const pageData = {
             ...Controller.defaultConfig,