I used NT Utilities . Worked very well for me with Win2K / XP / Vista / 7
An example from my setup project:
uses unitNTSecurity; function CheckAccessToFile(DesiredAccess: DWORD; const FileOrDirName: string; ObjectName: string): Boolean; var fo: TNTFileObject; acl: TAccessControlList; ace: TAccessControlElement; name: string; i: integer; begin Result := False; if FileExists(FileOrDirName) or DirectoryExists(FileOrDirName) then begin fo := TNTFileObject.Create(FileOrDirName); acl := TAccessControlList.Create; try fo.GetDiscretionaryAccessList(acl); for i := 0 to acl.ElementCount - 1 do begin ace := acl.Element[i]; name := ace.Name; // format is: BUILTIN\Users if (CompareText(ObjectName, name) = 0) and (ace.Type_ = aeAccessAllowed) and (DesiredAccess = ace.Mask) then begin Result := True; Break; end; end; finally fo.Free; acl.Free; end; end; end;
Check modify permission:
Result := CheckAccessToFile($001301BF, 'C:\foo', 'BUILTIN\Users');
Note on my answer: The above code answers the OP question:
How to check change permissions programmatically
But if all you have to do is check that your application can write to the directory, I would not go for such an ACL solution and actually try to write a temp file, so I'm 100% sure that I can write to it.
I use this code as part of my installation process, where I need to provide modify permissions for some directories, so this code is used to verify that this directory does not already have these permissions. This may be a completely different scenario than yours.
There are several discussions on this issue:
So, you need to choose your solution according to your actual scenario.
kobik source share