I am new in Android development, I am facing below exception on some of the device after publishing it on play store. It is completly unknown exception for me. This exception force stop/crash my application.
Complete stacktrace logged:
Exception java.lang.SecurityException: Missing permission to insert badges
android.os.Parcel.readException (Parcel.java:1553)
android.database.DatabaseUtils.readExceptionFromParcel (DatabaseUtils.java:185)
android.database.DatabaseUtils.readExceptionFromParcel (DatabaseUtils.java:137)
android.content.ContentProviderProxy.insert (ContentProviderProxy.java:476)
android.content.ContentResolver.insert (ContentResolver.java:1213)
android.content.AsyncQueryHandler$WorkerHandler.handleMessage (AsyncQueryHandler.java:96)
android.os.Handler.dispatchMessage (Handler.java:102)
android.os.Looper.loop (Looper.java:211)
android.os.HandlerThread.run (HandlerThread.java:61)
As mentioned above exception dose not contains any part of code that relate to my application, and also I am not found any satisfactory solution for above issue.
EDIT:
I am using an external library(SDK) for push notification, after adding that my App start showing 11 new permission on play store 'Required permission' section when I am going to update my app
Some of those permissions are:
com.htc.launcher.permission.READ_SETTINGS
com.htc.launcher.permission.UPDATE_SHORTCUT
com.huawei.android.launcher.permission.CHANGE_BADGE
com.huawei.android.launcher.permission.READ_SETTINGS
com.huawei.launcher.permission.WRITE_SETTINGS
com.sec.android.provider.badge.permission.READ
com.sec.android.provider.badge.permission.WRITE
com.sonyericsson.home.permission.BROADCAST_BADGE
com.sonymobile.home.permission.PROVIDE_INSERT_BADGE
I am not added these permission in my own manifest file, So that I modified my 'AndroidManifest' file by adding following line of code into application tag:
<application
<--some code-->
tools:replace="android:icon, android:allowBackup"
>
and use a .jar file of SDK instead of compile it like
compile 'com.abc.xyz:3.+#aar' //suggested for android studio in (build.gradle)
After applying above process those permission are removed and I upload my Application.
Only These thing I have performed into my new version of app. I also looked that library project recentally and it contains a folder 'shortcutbadger' that contains some sub-folder and .class file internally
Is due to above changes I am start receiving that exception ? please explain/help!
As you said, you can change a gradle dependency with a Jar of the same SDK. But when using Jar, you should make sure all the permissions are added appropriately in manifest in order to make the SDK work properly.
The OneSignal SDK which you have used recommends gradle dependency for Android Studio & Jar file with additional permissions in Manifest for Eclipse. Since you replaced gradle with Jar in Studio, make sure you have the following permissions added to manifest file.
<permission android:name="${manifestApplicationId}.permission.C2D_MESSAGE"
android:protectionLevel="signature" />
<uses-permission android:name="${manifestApplicationId}.permission.C2D_MESSAGE" />
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="com.google.android.c2dm.permission.RECEIVE" />
<uses-permission android:name="android.permission.WAKE_LOCK" />
<uses-permission android:name="android.permission.VIBRATE" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED" />
<!-- START: ShortcutBadger -->
<!-- Samsung -->
<uses-permission android:name="com.sec.android.provider.badge.permission.READ"/>
<uses-permission android:name="com.sec.android.provider.badge.permission.WRITE"/>
<!-- HTC -->
<uses-permission android:name="com.htc.launcher.permission.READ_SETTINGS"/>
<uses-permission android:name="com.htc.launcher.permission.UPDATE_SHORTCUT"/>
<!-- Sony -->
<uses-permission android:name="com.sonyericsson.home.permission.BROADCAST_BADGE"/>
<uses-permission android:name="com.sonymobile.home.permission.PROVIDER_INSERT_BADGE"/>
<!-- Apex -->
<uses-permission android:name="com.anddoes.launcher.permission.UPDATE_COUNT"/>
<!-- Solid -->
<uses-permission android:name="com.majeur.launcher.permission.UPDATE_BADGE"/>
<!-- Huawei -->
<uses-permission android:name="com.huawei.android.launcher.permission.CHANGE_BADGE" />
<uses-permission android:name="com.huawei.android.launcher.permission.READ_SETTINGS" />
<uses-permission android:name="com.huawei.android.launcher.permission.WRITE_SETTINGS" />
<!-- End: ShortcutBadger -->
Are the devices Samsung? Samsung and some other brands have launchers where you can add badges to app icons, perhaps your code or code from a library is trying to use it?
You need to add the correct permission for it to your App Manifest.
<uses-permission android:name="com.sec.android.provider.badge.permission.READ" />
<uses-permission android:name="com.sec.android.provider.badge.permission.WRITE" />
If you are using "ShortcutBadger" Android Library then you need to follow this instruction
API >= 23 now require special permission. Try to make it through onRequestPermissionsResult
also check this url
Related
Hello i have an app in play console and receive the next notification:
We have detected that your manifest file contains the permission REQUEST_INSTALL_PACKAGES.
Google explain the steps for legalize it, but i don't have this permission in my manifest and I don't use functions to install files either ,i donĀ“t know the real reason for this message and i'm afraid that my app will be removed from the store if I don't take the necessary measures.
Does anyone have more information on this or know what google might actually be detecting in my app?
This are the permissions in the manifest:
<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" />
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.WAKE_LOCK" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<uses-permission android:name="android.permission.CALL_PHONE" />
<uses-permission android:name="android.permission.VIBRATE" />
<uses-permission android:name="android.permission.ACCESS_WIFI_STATE" />
<uses-permission android:name="android.permission.READ_PHONE_STATE" />
<uses-permission
android:name="com.google.android.gms.permission.AD_ID"
tools:node="remove" />
Edit: I receive a new mail from Google , they specify the permission belongs to HMS core, i search in the huawei developers and Huawei release some update of all their libraries fixing or eliminating the permission from the code, it seem to solve the problem , i will upload a new version to play console hoping finishing the issue
You are querying all packages with the package manager, this is no longer allowed since Android 8.0. If you don't see it in your manifest, you might want to check your merged manifest.
See more info here.
https://support.google.com/googleplay/android-developer/answer/12085295?hl=en
I have a Android build of a react native app that I have uploaded to the Google Play console.
I am having issues with the build of the app requesting more permissions than I have defined inside my apps android/app/src/main/AndroidManifest.xml
I am having troubles with the QUERY_ALL_PACKAGES permission in particular which Google says my app is not compliant with.
The permissions defined inside my app android/app/src/main/AndroidManifest.xml are the below:
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.BLUETOOTH"/>
<uses-permission android:name="android.permission.BLUETOOTH_ADMIN"/>
<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION"/>
<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" />
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
<uses-permission android:name="com.android.vending.BILLING"/>
I then did a global search for QUERY_ALL_PACKAGES in my project and found it was defined in several places like:
android/app/build/intermediates/merged_manifests/release/AndroidManifest.xml
<uses-permission android:name="android.permission.QUERY_ALL_PACKAGES" />
<uses-permission android:name="android.permission.USE_BIOMETRIC" />
<uses-permission android:name="android.permission.USE_FINGERPRINT" />
<uses-permission android:name="android.permission.FOREGROUND_SERVICE" /> <!-- Required to access Google Play Licensing -->
<uses-permission android:name="com.android.vending.CHECK_LICENSE" /> <!-- Required by older versions of Google Play services to create IID tokens -->
<uses-permission android:name="com.google.android.c2dm.permission.RECEIVE" />
<uses-permission android:name="com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE" />
and the android/app/build/intermediates/bundle_manifest/release/bundle-manifest/AndroidManifest.xml
<uses-permission android:name="android.permission.QUERY_ALL_PACKAGES" />
<uses-permission android:name="android.permission.USE_BIOMETRIC" />
<uses-permission android:name="android.permission.USE_FINGERPRINT" />
<uses-permission android:name="android.permission.FOREGROUND_SERVICE" /> <!--
Required to access Google Play Licensing -->
<uses-permission android:name="com.android.vending.CHECK_LICENSE" /> <!-- Required by
older versions of Google Play services to create IID tokens -->
<uses-permission android:name="com.google.android.c2dm.permission.RECEIVE" />
<uses-permission
android:name="com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE"
/>
What are these files and why are they requiring permissions I have not set inside my android/app/src/main/AndroidManifest.xml
How would I go about removing a permission requested by these files like the android.permission.QUERY_ALL_PACKAGES
Any help or guidance would be greatly appreciated.
Best,
Matt
By default, some permissions are added to your Android APK. To remove them, just add few lines in android/app/src/main/AndroidManifest.xml file
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="com.myappid"
+ xmlns:tools="http://schemas.android.com/tools"
>
+ <uses-permission tools:node="remove" android:name="android.permission.QUERY_ALL_PACKAGES" />
.....
</manifest>
Also you can find the reference here in the official documentation : https://reactnative.dev/docs/0.62/removing-default-permissions
I would recommend in addition to the other answer provided find out which library in your project is trying to add that permission and remove it. That permissions should be rarely used as it's able to grab the package names of every app the user has installed. It's not a recommended practise.
I have removed sms and call log permissions from my app and using alternatives to common uses that is using share intent and dial intent. But I am still getting the same warning in the play console on my application. following is the list of permissions in my app.
<uses-permission android:name="com.google.android.providers.gsf.permission.READ_GSERVICES" />
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION"/>
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE"/>
<uses-permission android:name="android.permission.CAMERA" />
<uses-permission android:name="android.permission.USE_CREDENTIALS" />
<uses-permission android:name="android.permission.ACCESS_WIFI_STATE" />
<uses-permission android:name="android.permission.CHANGE_WIFI_STATE" />
<uses-permission android:name="android.permission.CHANGE_NETWORK_STATE" />
<uses-permission android:name="android.permission.WRITE_SETTINGS"
tools:ignore="ProtectedPermissions" />
<uses-permission android:name="android.permission.WAKE_LOCK" />
<!-- Push Notification Permission -->
<uses-permission android:name="com.onwaycab.permission.C2D_MESSAGE" />
<uses-permission
android:name="com.google.android.c2dm.permission.RECEIVE"/>
<!-- MAP Permission -->
<permission
android:name="com.onwaycab.permission.MAPS_RECEIVE"
android:protectionLevel="signature" />
<uses-permission android:name="com.onwaycab.permission.MAPS_RECEIVE" />
Edit:
I am receiving the warning even if I have not used sms and call log permission so it is not duplicate of that question.
If you are seeing this alert every time you refresh the page, then one or more your libraries might be using the permission.
To check all permissions your app is using, just install the app on the real device and check the App Info - Permissions.
Alternatively, add this to your Manifest file. tools:node="remove" will remove the permission in case if any library is requesting it.
<uses-permission android:name="android.permission.READ_CALL_LOG" tools:node="remove" />
<uses-permission android:name="android.permission.WRITE_CALL_LOG" tools:node="remove" />
Another important point, if you are using build variant then define it inside your highest priority manifest file.
Library manifest: lowest Priority
Main manifest: Medium Priority
Build Vairant manifest : Highest priority
My playstore console showed this "SMS & CALL_LOGS" related warning.
So, I removed the SMS & CALL_LOGS related permissions from the manifest and uploaded the latest release build to playstore. But the warning was still shown to me after latest build was published on store.
So ,After this I filled this below Permissions declaration form and the warning is removed now.
https://docs.google.com/forms/d/e/1FAIpQLSfCnRaa4b1VuHhE4gVekWJc_V0Zt4XiTlsKsTipTlPg5ECA7Q/viewform
Another thing worth checking - we had an old Beta version of the app that did use SMS in the Google Play Console on Release management -> App release.
The Beta wasn't active any more but that old version was still showing under Release management -> Artifact library-> Active artifacts, so am guessing Google still considered it an active application. Helpfully this area also shows you all the permissions your app uses, in case you are concerned if a library or plugin is adding permissions without your knowledge.
Removing the Beta version and appealing the removal as it being due to an inactive Beta, got the app republished within a few hours.
I am compiling a project that does not explicitly request the READ_PHONE_STATE permission, but when I compile I am seeing the permission in my compiled Android Manifest file. I'm assuming some library that's being pulled in is adding it explicitly or forgot to set its minimum SDK version (which would add it).
The only thing I have to go on is that in the final manifest, the permissions I requested myself look like this:
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" />
<uses-permission android:name="android.permission.READ_CONTACTS" />
<uses-permission android:name="com.android.vending.BILLING" />
<uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED" />
<uses-permission android:name="android.permission.WAKE_LOCK" />
And the READ_PHONE_STATE looks like this:
<android:uses-permission android:name="android.permission.READ_PHONE_STATE" />
Does the android prefix mean anything?
Is there any way to narrow down which library is adding this permission?
You can exactly see if a (or because of) library adds some extra Permission to your manifest. Check at file generated (see below) during build process and look for the unwanted permission within the file!
Go to your project folder and look for this path:
[ProjectFolder]/build/outputs/logs/manifest-merger---report.txt
open the file and search for the permission
In my case I found these lines at the
uses-permission#android.permission.READ_PHONE_STATE IMPLIED from
C:\..\...\AppFolder\src\..\AndroidManifest.xml:2:1-14:12 reason:
com.some.evil.library has a targetSdkVersion < 4
This generated file show the output of the merge process described here in Android Developers site.
I would look at:
Android Library Manifest vs. App Manifest
This isn't really a duplicate so I won't flag, however I think he covers the topic fairly well in his answer to that question.
After that and assuming you can't figure it out, I would do the following:
Locate your gradle cache
Crack open the artifacts of each of your dependences (rename to .zip and extract is the easiest way to do this)
check if they have manifests included and see whats in the,
I have an app which makes use of wifi permissions only but ever since I moved to android studio, the compiled apk of my app uses two more extra permissions, that is phone calls/phone id and SD read/write.
I have no idea how and why those permissions have been added to my app but many users complain about that.
My app uses google analytics from google play services and appcompat. I also make use of this line
deviceId = Secure.getString(ctx.getContentResolver(), Secure.ANDROID_ID);
Any ideas? I don't want those extra permissions they scare my users away
Here is the content of manifest file
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<uses-permission android:name="android.permission.CHANGE_NETWORK_STATE" />
<uses-permission android:name="android.permission.ACCESS_WIFI_STATE" />
<uses-permission android:name="android.permission.CHANGE_WIFI_STATE" />
<uses-permission android:name="com.android.vending.BILLING" />
Studio is adding permissions appropriate to the classes / features that you are using in your project.
Update
Here is a related question that focuses on manifest merging config