There are two types of app permissions in case of android apps
Install time permissions- apps take permission while being installed (run at startup, install shortcuts, run in background etc.)
Run time permissions- Users give permission to the app (gallery, camera, contacts etc.)
Can you please give me the separate lists of all the permissions?
Also, how to know which permissions are taken by an app?
The complete list of all permissions available to an app is available here. For runtime permissions you should search for all permissions in the provided link with the Protection level equal to dangerous. For example ACCESS_MEDIA_LOCATION is a runtime (dangerous) permission as stated here.
If you want to check that a specific permission is granted or not, use the following code snippet:
boolean isGranted = ContextCompat.checkSelfPermission(context, Manifest.permission.ACCESS_MEDIA_LOCATION) == PackageManager.PERMISSION_GRANTED
For permission list go through this page do some digging you will find required info
Related
I'm trying to use a custom permission created by another application (Bazaar) in my app (It's a permission to use a market com.farsitel.bazaar.permission.PAY_THROUGH_BAZAAR). Normally it works right.
But if Bazaar is installed after my application. My app won't get the custom permissions (Which are created by Bazaar) and throws exception. I want to know If anybody else has faced a similar problem and what solutions do you have to it?
This is a desired behaviour.
In the textbook, Android Security Internals: An In-Depth Guide to Android's Security Architecture by Nikolay Elenkov(2014) said:
The system can only grant a permission that it knows about, which
means that applications that define custom permissions need to be
installed before the applications that make use of those permissions
are installed. If an application requests a permission unknown to the
system, it is ignored and not granted.
BTW, permissions are assigned to each application at the install time by PackageManager, it maintains some information of installed packages, such as package name, version and permissions, these info are stored in /data/system/packages.xml. If you want to query all permissions on device, you can try pm list permissions.
I read that with Android 6.0, users need to manually allow apps to hold this permission by going to app advanced settings and enabling "Draw over other apps". I have a Nexus 5 with Android 6.0 but I don't seem to be prompted to enable this setting. When I install apps from the Play Store that require this permission, such as LastPass, it gets granted automatically.
Why is this so?
It is a new behaviour introduced in Marshmallow 6.0.1.
Every app that requests the SYSTEM_ALERT_WINDOW permission and that is installed through the Play Store (version 6.0.5 or higher is required), will have granted the permission automatically.
If instead the app is sideloaded, the permission is not automatically granted. You can try to download and install the Evernote APK from apkmirror.com. As you can see you need to manually grant the permission in Settings -> Apps -> Draw over other apps.
[The above information is from this post.]
If you want the app to be sideloaded, you show manually show a prompt and direct the user to enable Draw over other apps permissions from the settings. Have a look at Requesting permissions
Every app that requests the SYSTEM_ALERT_WINDOW permission and that is installed through the Play Store (version 6.0.5 or higher is required), will have granted the permission automatically.
Click here! This may help
There are mainly two types of permissions, they are
Normal Permissions
Dangerous Permissions
Normal permissions indicates that there's no great risk to the user's privacy or security in letting apps have those permissions. For example, users would reasonably want to know whether an app can read their contact information, so users have to grant this permission explicitly. By contrast, there's no great risk in allowing an app to vibrate the device, so that permission is designated as normal.
Dangerous permissions cover areas where the app wants data or resources that involve the user's private information, or could potentially affect the user's stored data or the operation of other apps. For example, the ability to read the user's contacts is a dangerous permission. If an app declares that it needs a dangerous permission, the user has to explicitly grant the permission to the app.
In this case, SYSTEM_ALERT_WINDOW comes under Normal permissions, that is if an app declares in its manifest that it needs a normal permission, the system automatically grants the app that permission at install time. The system does not prompt the user to grant normal permissions, and users cannot revoke these permissions.
You can see the list of normal permissions in this link and dangerous permissions here.
I have a multiple module Android M app. Several modules require "WRITE_EXTERNAL_STORAGE" & "READ_EXTERNAL_STORAGE" permissions.
I would like to ask the user for permissions once:
1. Where would be the right place to do that?
1.1 Are permissions granted per activity?
1.2 Would asking for permission in module 1 give permissions to all app?
1.3 Is there a way to ask for both READ & WRITE permissions?
Google has published guidelines describing when to ask for permissions. It depends on context. Your questions 1.1 and 1.2 can be answered with the same info: permissions are granted and denied at the app level. It applies to every part of your app package. For 1.3: they are limited together into a group. When you ask for one you automatically get everything in the group.
This talk from DroidconNYC NYC will give you more details: https://youtu.be/WGz-alwVh8A.
Where would be the right place to do that?
From somewhere in your UI, before you need those permissions.
Are permissions granted per activity?
No, they are for the entire application.
Would asking for permission in module 1 give permissions to all app?
Asking for a permission in a module will give that permission to the entire app, if the user grants you the permission.
Is there a way to ask for both READ & WRITE permissions?
In this case, AFAIK you do not need both. Just ask for WRITE_EXTERNAL_STORAGE. In general, you can request as many permissions as you want; the requestPermissions() method takes a String[] of permission names.
I work in the IT department of my university and we work on an app that installs the correct setup for the eduroam WiFi (maybe you have heard of it).
However I have a problem running it on my own LG G4 with Android 6.0. When installing the compiled *.apk it doesn't ask for any permissions although they are set in the AndroidManifest.xml. It was working on all previous Android versions.
Is it mandatory now to ask for permissions at run time?
If your target SDK version is 23 then you need to ask for "dangerous" permissions at run time.
If this is the case then you should be able to see that no permissions have been granted if you go to Settings > Apps > "Your app" > Permissions.
If you don't want to do implement the new system yet then you can reduce your target sdk version to 22 to get the old permission system. You can still compile with sdk version 23 though.
See the documentation for more information.
if you want to request permissions at runtime you should write a special request in your app. Something like this:
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
createPermissions();
}
public void createPermissions(){
String permission = Manifest.permission.READ_SMS;
if (ContextCompat.checkSelfPermission(getContext(), permission) != PackageManager.PERMISSION_GRANTED){
if(!ActivityCompat.shouldShowRequestPermissionRationale(getActivity(), permission)){
requestPermissions(new String[]{permission}),
SMS_PERMISSION);
}
}
}
If the user is running Android 6.0 (API level 23) or later, the user has to grant your app its permissions while they are running the app. If you confront the user with a lot of requests for permissions at once, you may overwhelm the user and cause them to quit your app. Instead, you should ask for permissions as you need them.
In some cases, one or more permissions might be absolutely essential to your app. It might make sense to ask for all of those permissions as soon as the app launches. For example, if you make a photography app, the app would need access to the device camera. When the user launches the app for the first time, they won't be surprised to be asked for permission to use the camera. But if the same app also had a feature to share photos with the user's contacts, you probably should not ask for the READ_CONTACTS permission at first launch. Instead, wait until the user tries to use the "sharing" feature and ask for the permission then.
If your app provides a tutorial, it may make sense to request the app's essential permissions at the end of the tutorial sequence.
Source/ref https://developer.android.com/training/permissions/usage-notes
I am going to update an application to Android 6.0. For users who already have the application installed when an update is made, are all the permissions still active or is the user going to be asked for permissions that are in the dangerous category?
It will still ask them to allow those permissions if they are in the dangerous category, regardless if they are specified in the manifest. (i.e Writing to SD, Using the camera) See Permission Groups
If you have users who are on Android 6.0 Marshmallow and your application only specifies permissions in the manifest and not at run time then those actions will fail. For example, if you have code that writes to the external storage, it will fail and give a Permission Denied error.