If you want to "read" (as in inspect its content) a file you have to download, i.e. transfer its contents from the server to the client. There is no way around it, when you are restricted to a client sided solution.
In general it is a bad idea to check user permissions in the client only. If a malicious user has the correct credentials to access the server (that could be extracted from the client), he can circumvent the client sided authorization, rendering it useless.
Authentication and authorization of users should always occur server sided.
In your example you could consider the creation of different users on the ftp server and appropriate rights to access, read and write files / directories.