i have a question related to Android app run time permissions.
Is it preferrable/allowed practice for developers to save users' permission preferences i.e. each user has allowed/denied any permission, on our remote server database?
Offcourse we are asking run time permission for every feature we want to use, but is it preferrable that we log on server that if user has allowed for any permission or not, please let know. Thanks
Android framework has restricted the developers to ask only those permissions which are necessary to implement a specific feature and that too if there's no other way to implement the feature without that specific permission. In your case, it seems like you have already taken care of the permissions and just want to hold the result of the asked permissions.
So the answer is YES, You can save this data and it's even considered good practice for handling permissions. Here's the reference from the official android documentation.
Greater flexibility in granting permissions
Users can deny access to individual permissions at the time they’re requested and in settings, but they may still be surprised when functionality is broken as a result. It’s a good idea to monitor how many users are denying permissions (e.g. using Google Analytics) so that you can either refactor your app to avoid depending on that permission or provide a better explanation of why you need the permission for your app to work properly. You should also make sure that your app handles exceptions when users deny permission requests or toggle off permissions in settings.
https://developer.android.com/training/permissions/usage-notes
Related
I have built an app that use different kind of permissions like location, contacts etc.
Not all the permissions are used by all the users, instead each user only needs the permissions related to the features he/she is using it.
My question, should I ask all the permission on startup for all users or can I add them gradually while using the app and only when needed?
Thanks
If a user doesn't know why they need to accept a specific permisson, they may be suspicious and refuse (eg. camera).
If they click on a functionnality like 'Scan code' they will know why they are being asked for that permission and accept.
If you asked beforehand and the user refused, when you get to the part where you need that permission, it won't work. This is why they changed it to dynamic permissions in Android 6.
While migrating to run time permission model, I've a doubt . Why google play services libraries not handling the run time permissions? they can ask run time permissions from library itself right?
Most likely because it's part of the user interaction. There's more than just asking for permissions, you also need to properly handle the case when the permission is denied and when it's asked again, providing a reasoning to the user why you keep bugging about the permission. Also Google wants you to be aware of when the permission is asked, doing that without your explicit control could take the developer and the user by surprise.
Also: You can't ask for the permission without declaring it in the manifest. If you don't ask for the permission yourself you might not remember to add it.
The concern is Security. They don't know what you have planned to do with the permissions but the user knows (assumed) the consequences allowing you for a permission. So user is solely responsible for any damage due to usages of an application. In other words Google is out of damage-scene.
I'm using the Android Marshmallow READ_PHONE_STATE permission and I would like to change the text that appears on the permission request.
By default it shows:
Allow [App name] to make and manage phone calls?
But I'm using it to get the device id and the sim serial number, so I think is better to change the request message. Do anyone knows how to do it (some special function or something)?
Or I just have to implement an independent Dialog for that?
Thank you very much.
No you can't change the text in the dialog. It is implemented by default in the system. You can provide a brief explanation regarding the permission before you ask for it. That way user will know exactly what you're going to use it for.
Request Permissions
If your app needs a dangerous permission that was listed in the app
manifest, it must ask the user to grant the permission. Android
provides several methods you can use to request a permission. Calling
these methods brings up a standard Android dialog, which you cannot
customize.
Explain why the app needs permissions
In some circumstances, you might want to help the user understand why
your app needs a permission. For example, if a user launches a
photography app, the user probably won't be surprised that the app
asks for permission to use the camera, but the user might not
understand why the app wants access to the user's location or
contacts. Before you request a permission, you should consider
providing an explanation to the user. Keep in mind that you don't want
to overwhelm the user with explanations; if you provide too many
explanations, the user might find the app frustrating and remove it.
One approach you might use is to provide an explanation only if the
user has already turned down that permission request. If a user keeps
trying to use functionality that requires a permission, but keeps
turning down the permission request, that probably shows that the user
doesn't understand why the app needs the permission to provide that
functionality. In a situation like that, it's probably a good idea to
show an explanation.
To help find situations where the user might need an explanation,
Android provides a utiltity method,
shouldShowRequestPermissionRationale(). This method returns true if
the app has requested this permission previously and the user denied
the request.
More details in the documentation
is there any way for hide the android manifest Permissions for some reasons and user couldnt see during installing the app?
Taken from the support page from Google Play:
Google Play shows you which permission groups an app will be able to
access. This information can help you decide whether you want to
install the app.
The whole sole purpose of those permissions is for people to see what your app can access and decide whether they want to share (all) that information with you.
In Android L and lower, this is impossible. If you do not ask for a permission, you will get a crash when you try to access the thing that needs permission. Thus, you cannot hide permissions from users.
In Android M, the whole permission idea is changed: instead of asking for lots of permission at the install, the app is installed without permissions, and when you need a specific permission, for example for camera, the user will have the option of accepting or declining the permission. Thus, the user will have a clearer view of what a permission is asked for.
I have few doubts.
Is it possible for Android application after installation, to ask user for permission for accessing certain functions? Like say the app A wants to read contacts for a specific purpose. If the user grants permission, then the activity will take place. Else it wont. Is it possible?
Is there a way of allowing user to select/de-select permissions during installation time?
I have read that using CyanogenMod grants user these kind of priveleges. Is there any solution for non-rooted user, apart from take-it-or-leave-it approach?
It would be great, but not, all permission must be granted during installation :-(
Only exception is access to the google profile, this will be authorized during first access.
I hope that a future android version will can do that.
Cyanogen can do opposite. You must grant all permissions during install, but you can explicitly remove them later. But it result in application crash very often. This is only for advanced users.