Check out the
validateOnly option when making a call. Basically it attempts to execute an operation, and returns any errors that may have occurred while executing. However, if no error occurred, the operation is >not< executed, the account is left untouched.
You can also use validateOnly to check whether a user has sufficient permissions. To do so, try creating a campaign with a unique name - say a timestamp or so. When you get no error, you are free to go - but don't have to clean up. When you get an error, something is not right. Check whether the error is insufficient access or something like that.
Hope this helps.