+3  A: 

I wouldn't waste time and LOCs on checking for permissions. Ultimate test of file creation in Windows is the creation itself. Other factors may come into play (such as existing files (or worse, folders) with the same name, disk space, background processes. These conditions can even change between the time you make the initial check and the time you actually try to create your file.

So, if I had a scenario like that, I would just design my method to not lose any data in case of failure, to go ahead and try to create my file, and offer the user an option to change the selected directory and try again if creation fails.

Ishmaeel  2009-01-16 12:18:28
Currently application doesn't crash in such situation, only shows a pop-up that operation failed. But what I really need is to pass the 'Certified for Windows Vista' tests - see edited question.
Abgan  2009-01-16 12:30:27
I believe that test case means that the application should not contain permission-elevation vulnerabilities or try to circumvent standard security to allow said operation. Other than that, directory security should be OS's responsibility.
Ishmaeel  2009-01-16 12:55:24
+3  A: 

I recently wrote a App to pass a set of test to obtain the ISV status from Microsoft and I also add that condition. The way I understood it was that if the user is Least Priveledge then he won't have permission to write in the system folders. So I approached the problem the the way Ishmaeel described. I try to create the file and catch the exception then inform the user that he doesn't have permission to write files to that directory.

In my understanding an Least-Priviledged user will not have the necessary permissions to write to those folders, if he has then he is not a Least-Priveledge user.

Should I stop bothering just because Windows Vista itself won't allow the Least-Privileged user to save any files in %WINDIR%?

In my opinion? Yes.

Megacan  2009-01-16 12:36:05
Thank you. I'll follow your and Ishmaeels advice.
Abgan  2009-01-16 12:41:10
+2  A: 

I agree with the other answers that the way to do this is to try to create the file and catch the exception.

However, on Vista beware of UAC! See for example "Why does my application allow me to save files to the Windows and System32 folders in Vista?": To support old applications, Vista will "pretend" to create the file while in reality it creates it in the so-called Virtual Store under the current user's profile.

To avoid this you have to specifically tell Vista that you don't want administrative privileges, by including the appropriate commands in the .exe's manifest, see the question linked above.

dF  2009-01-16 12:56:30
Thanks for the warning, but the application in question already has required execution level set to 'asInvoker', so I shouldn't bump into UAC :-)
Abgan  2009-01-16 13:01:24
A:  
import os
import tempfile

def can_create_file(folder_path):
    try:
        tempfile.TemporaryFile(dir=folder_path)
        return True
    except OSError:
        return False

def can_create_folder(folder_path):
    try:
        name = tempfile.mkdtemp(dir=folder_path)
        os.rmdir(name)
        return True
    except OSError:
        return False
nosklo  2009-01-16 16:52:23
Your can_create_folder() fails if user doesn't have rights to remove directory, but has rights to create it.And shouldn't you catch an IOError instead of OSError? I received IOError with errno:13.Otherwise it's good, but I have to catch IOError when creating actual file anyway (race condition).
Abgan  2009-01-16 22:35:37

related questions

Verifying files for testing
How do you create your own moniker (URL Protocol) on Windows systems?
Windows Equivalent of 'nice'
Is this a good way to determine OS Architecture?
Dual vs. Quadcore on a Webserver
Is there a WMI Redistributable Package?
PHP Error - Uploading a file
Ruby On Rails with Windows Vista - Best Setup?
OpenVPN Config file to prevent timeout
How can I create Debian install packages in Windows for a Visual Studio project?
How do I configure and communicate with a serial port?
What's the best setup for Mono development on Windows?
Appropriate pagefile size for SQL Server
XML Editing/Viewing Software
Linux shell equivalent on IIS
What is a better file copy alternative than the Windows default?
Windows Help files - what are the options?
Heap corruption under Win32; how to locate?
Best way to access Exchange using PHP?
Get a preview jpeg of a pdf on windows?
WinForms ComboBox data binding gotcha
How do you schedule tasks in Windows?
Register Windows program with the mailto protocol programmatically
Embedding Windows Media Player for all Browsers
Best Subversion clients for Windows Vista (64bit)