Best way to check if directory is writable in BAT script?

How can I check whether a directory is writable by the executing user from a batch script?

Here's what I've tried so far:

> cd "%PROGRAMFILES%"

> echo. > foo
Access is denied.
> echo %ERRORLEVEL%
0

Ok, so how about...

> copy NUL > foo
Access is denied.
> echo %ERRORLEVEL%
0

Not that either? Then what about...

> copy foo bar
Access is denied.
0 file(s) copied.
> echo %ERRORLEVEL%
1

This works, but it breaks if the file doesn't exist.

I've read something about internal commands not setting ERRORLEVEL, but `copy` obviously seems to do so in the last case.

You can write `copy %0 foo` to copy the batch file itself.
This will always exist.

Remember to delete the file afterwards, and to make sure that you aren't overwriting an existing file by that name.

There ought to be a better way to do this, but I don't know of any.

**EDIT**: Better yet, try `mkdir foo`.
In case the batch file is running off a network (or if it's very large), this may be faster.

Definitely running a command against it to find if its denied is the easy way to do it. You can also use CACLS to find exactly what the permissions are or aren't. Here's a sample.

In CMD type `CACLS /?`

`CACLS "filename"` will give you what the current permissions is allowed on the file.
R = Read, W = Write, C = Change (same as write?), F = Full access.

EDIT: You can use directory name as well.

So to do a check, you would:

FOR /F "USEBACKQ tokens=2 delims=:" %%F IN (`CACLS "filename" ^| FIND "%username%"`) DO (
IF "%%F"=="W" (SET value=true && GOTO:NEXT)
IF "%%F"=="F" (SET value=true && GOTO:NEXT)
IF "%%F"=="C" (SET value=true && GOTO:NEXT)
SET value=false
)
ECHO This user does not have permissions to write to file.
GOTO:EOF
:NEXT
ECHO This user is able to write to file.

set testdir=%programfiles%
set myguid={A4E30755-FE04-4ab7-BD7F-E006E37B7BF7}.tmp
set waccess=0
echo.> "%testdir%\%myguid%"&&(set waccess=1&del "%testdir%\%myguid%")
echo write access=%waccess%

i found that executing <code>copy</code> within the batch file echoed an error to STDERR, but left <code>%ERRORLEVEL%</code> untouched (still 0). so the workaround was to combine the command with a conditional execution of <code>set</code>.

copy /Y NUL "%FOLDER%\.writable" > NUL 2>&1 && set WRITEOK=1
IF DEFINED WRITEOK (
rem ---- we have write access ----
...
) else (
rem ---- we don't ----
...
)

this is tested on XP and 7 and seems to work reliably.

An extension to <a href="https://stackoverflow.com/users/781339/mechaflash">Mechaflash</a>'s answer, and solves the problem of overwriting the file by generating a unique filename for the "testing" file.

@ECHO OFF
SETLOCAL ENABLEDELAYEDEXPANSION
SET "a=%~1"
SET "b="
SET "g=0"
:a
SET "c= `1234567890-=qwertyuiop[]asdfghjkl;'zxcvbnm,.~!@#$%%^&()_+QWERTYUIOP{}ASDFGHJKLZXCVBNM"
SET /A "d=0, e=1"
:b
IF "!c!" NEQ "" (
IF "!c:~%d%,1!" NEQ "" (
IF EXIST "!a!\!b!!c:~%d%,1!" (
SET "c=!c:~0,%d%!!c:~%e%!"
) ELSE (
SET /A "d=!d!+1, e=!e!+1"
)
GOTO :b
)
)
IF "!c!" EQU "" (
SET "c= `1234567890-=qwertyuiop[]asdfghjkl;'zxcvbnm,.~!@#$%%^&()_+QWERTYUIOP{}ASDFGHJKLZXCVBNM"
:c
IF "!c!" NEQ "" (
IF "!c:~%d%,1!" NEQ "" (
SET /A "d=!d!+1"
GOTO :c
)
)
SET /A "d=!d!-1"
SET /A "f=%RANDOM%*!d!/32768"
SET "b=!b!!c:~%f%,1!"
GOTO :a
) ELSE (
SET /A "d=!d!-1"
SET /A "f=%RANDOM%*!d!/32768"
SET "b=!b!!c:~%f%,1!"
)
((ECHO EXIT>"!a!\!b!" && SET "g=1") & IF EXIST "!a!\!b!" DEL /F "!a!\!b!") >NUL 2>&1
ENDLOCAL & (SET "a=%g%")
IF "%a%" EQU "1" ECHO TRUE
(`%~1` is the input directory)<br/>
EDIT: If you want a more safe option<br/>

@ECHO OFF
SETLOCAL ENABLEDELAYEDEXPANSION
SET "a=%~1"
SET "b="
SET "g=0"
:a
SET "c= `1234567890-=qwertyuiop[]asdfghjkl;'zxcvbnm,.~!@#$%%^&()_+QWERTYUIOP{}ASDFGHJKLZXCVBNM"
SET /A "d=0, e=1"
:b
IF "!c!" NEQ "" (
IF "!c:~%d%,1!" NEQ "" (
IF EXIST "!a!\!b!!c:~%d%,1!" (
SET "c=!c:~0,%d%!!c:~%e%!"
) ELSE (
SET /A "d=!d!+1, e=!e!+1"
)
GOTO :b
)
)
IF "!c!" EQU "" (
SET "c= `1234567890-=qwertyuiop[]asdfghjkl;'zxcvbnm,.~!@#$%%^&()_+QWERTYUIOP{}ASDFGHJKLZXCVBNM"
:c
IF "!c!" NEQ "" (
IF "!c:~%d%,1!" NEQ "" (
SET /A "d=!d!+1"
GOTO :c
)
)
SET /A "d=!d!-1"
SET /A "f=%RANDOM%*!d!/32768"
SET "b=!b!!c:~%f%,1!"
GOTO :a
) ELSE (
SET /A "d=!d!-1"
SET /A "f=%RANDOM%*!d!/32768"
SET "b=!b!!c:~%f%,1!"
)
IF EXIST "!a!\!b!" (
SET "b=!b:~0,-1!"
GOTO :a
) ELSE (
((ECHO EXIT>"!a!\!b!" && SET "g=1") & IF EXIST "!a!\!b!" DEL /F "!a!\!b!") >NUL 2>&1
)
ENDLOCAL & (SET "a=%g%")
IF "%a%" EQU "1" ECHO TRUE

You can solve this problem by using `echo`.

```
(> %tmpfile% echo) 2>NUL && (del %tmpfile% && goto can-write || goto can-write-not-del) || goto cannot-write
```

Try writing to a file with `echo`. On succes (`&&`) delete the `%tmpfile%` again and do something. On error (`||`) do something different.

# Example

```
C:\>check-directory.bat
usage: check-directory.bat <folder>

C:\>check-directory.bat is-writable
Can write to C:\is-writable

C:\>check-directory.bat is-not-writable
Can **not** write to C:\is-not-writable
```

## check-directory.bat

```
@echo off

if "%~1" == "" (
echo usage: %0 ^<folder^>
goto :eof
)
if not exist "%~1\*" (
echo The folder '%~1' does not exist.
goto :eof
)

set tmpfile=%~1\.deleteme
(> %tmpfile% echo) 2>NUL && (del %tmpfile% && goto can-write || goto can-write-not-del) || goto cannot-write

:cannot-write
echo Can **not** write to %CD%
goto :eof

:can-write
echo Can write to %CD%
goto :eof

:can-write-not-del
echo Can write to %CD% but couldn't delete %tmpfile%.
goto :eof
```

**2023 UPDATE**

Anthony Miller's answer is depreciated, this is the updated version.

This checks if the user has full access on the `C:` drive.
```batch
set CHK_DISK=C:
set CHK_PERMISSION=F
FOR /F "USEBACKQ tokens=2 delims=:" %%F IN (`ICACLS "%CHK_DISK%" ^| FIND "%username%"`) DO (
set perm_str=%%F
set adj_perm_str=!perm_str:%CHK_PERMISSION%=!
if not x!perm_str!==x!adj_perm_str! (
echo %username% has full access for %CHK_DISK%
) else (
echo %username% does not have full access for %CHK_DISK%
)
)
```

It first reads the `ICALS` output for the user on the specific drive, for example `(OI)(CI)(F)`. It then assigns this to `perm_str` and creates a new variable `adj_perm_str` where the letter `F` (full control) is removed. If the `perm_str` and `adj_perm_str` are equal, there is no `F` present. If there is, the user has full control.

Change `CHK_DISK` if you want to check permission for a different disk, adjust `CHK_PERMISSION` to check for other permissions.
* F - Full access
* M- Modify access
* RX - Read and execute access
* R - Read-only access
* W - Write-only access