Just recently I ran across a test case I was testing on a web part in SharePoint. I was opening the page with a user that had read only access to the page and I was getting an "Access Denied" message. After several hours of hunting I discovered that it was related to calling SetPersonalizationDirty() for the current web part. Obviously a user with read only access shouldn't be allowed to update the web parts properties. So here's what I used to resolve the issue:
if(SPContext.Current.Web.DoesUserHavePermissions(SPBasePermissions.UpdatePersonalWebParts))
{
this.SetPersonalizationDirty();
}