I use/abuse "systemd.user.tmpfiles.rules" to ensure important files and folders are present with the desired permissions. These are "for creation, deletion and cleaning of volatile and temporary files automatically", but from what I can tell, if you don't specify values for cleanup etc. then they are just created if they don't exist, permissions adjusted if they do and they are otherwise left alone. See the manpage tmpfiles.d(5) for the exact format.
The config looks something like this:
systemd.user.tmpfiles.rules = [
"d /home/username/path/to/directory 0750 username groupname - -"
"f /home/username/path/to/file.ext 0700 username groupname - -"
];`___`
where username and groupname are replaced with the actual values for the user being home-managed.