@User does your

read

permission include

write

? if so, you could call

LookupResources

and then issue a

Check

to see if the user also has write permission on each (although it would be a lot of calls)