I read that with Android 6.0, users need to manually allow apps to hold this permission by going to app advanced settings and enabling "Draw over other apps". I have a Nexus 5 with Android 6.0 but I don't seem to be prompted to enable this setting. When I install apps from the Play Store that require this permission, such as LastPass, it gets granted automatically.
Why is this so?
It is a new behaviour introduced in Marshmallow 6.0.1.
Every app that requests the SYSTEM_ALERT_WINDOW permission and that is installed through the Play Store (version 6.0.5 or higher is required), will have granted the permission automatically.
If instead the app is sideloaded, the permission is not automatically granted. You can try to download and install the Evernote APK from apkmirror.com. As you can see you need to manually grant the permission in Settings -> Apps -> Draw over other apps.
[The above information is from this post.]
If you want the app to be sideloaded, you show manually show a prompt and direct the user to enable Draw over other apps permissions from the settings. Have a look at Requesting permissions
Every app that requests the SYSTEM_ALERT_WINDOW permission and that is installed through the Play Store (version 6.0.5 or higher is required), will have granted the permission automatically.
Click here! This may help
There are mainly two types of permissions, they are
Normal Permissions
Dangerous Permissions
Normal permissions indicates that there's no great risk to the user's privacy or security in letting apps have those permissions. For example, users would reasonably want to know whether an app can read their contact information, so users have to grant this permission explicitly. By contrast, there's no great risk in allowing an app to vibrate the device, so that permission is designated as normal.
Dangerous permissions cover areas where the app wants data or resources that involve the user's private information, or could potentially affect the user's stored data or the operation of other apps. For example, the ability to read the user's contacts is a dangerous permission. If an app declares that it needs a dangerous permission, the user has to explicitly grant the permission to the app.
In this case, SYSTEM_ALERT_WINDOW comes under Normal permissions, that is if an app declares in its manifest that it needs a normal permission, the system automatically grants the app that permission at install time. The system does not prompt the user to grant normal permissions, and users cannot revoke these permissions.
You can see the list of normal permissions in this link and dangerous permissions here.
Related
requestPermissions(permissionsToRequest.toArray(new String[permissionsToRequest.size()]), 101);
In Android, after Marshmallow version, is there any way to turn on dangerous permissions like accessing device's fine location, camera or microphone automatically without user's consultation? If not, why is it so? What is the reason behind it?
I wish I would be able to closely monitor my iPad by using my smartphone while I am at office and it would be good if it were possible to do it without user's consultation. I also know that once an app is installed and if a user accepts for a dangerous permission at least once, then it would not prompt for it again.
By the way, why it is known as dangerous permission and not something like sensitive permission, as it intrudes user's privacy and makes it possible to access stored files on any given user's mobile device?
Dangerous permissions
Dangerous permissions cover areas where the app wants data or resources that involve the user's private information, or could potentially affect the user's stored data or the operation of other apps. For example, the ability to read the user's contacts is a dangerous permission. If an app declares that it needs a dangerous permission, the user has to explicitly grant the permission to the app. Until the user approves the permission, your app cannot provide functionality that depends on that permission.
To use a dangerous permission, your app must prompt the user to grant permission at runtime. For more details about how the user is prompted, see Request prompt for dangerous permission.
I have an Application which is published by an APK, not through the Google play store.
Its takgetSdkVersion is 23.
On a 23(Marshmallow) device, I installed the Application with the APK(release build type) file and then I looked the permission setting of my Application right away.
It shows me that all permissions are enabled as a default.
Is it normal?
Permissions are divided into several protection levels which affects the requirement of runtime permission requests.There are three protection levels which are taken into consideration for third-party apps: Normal, Signature, and Dangerous permissions.
Normal permissions
System automatically grants the app that permission at install time
Signature permissions
The system grants these app permissions at install time, but only when the app that attempts to use a permission is signed by the same certificate as the app that defines the permission.
Dangerous Permissions
The user has to explicitly grant the permission to the app by prompting the user to grant permissions at runtime.
Note:
Since the permissions request-approve model has been enforced since Android Marshmallow, apps have targetSdkVersion < 23 won't have to implement it. Prior to marshmallow the permissions were granted at install time.
It shows me that all permissions are enabled as a default.
Is it normal?
No, its not normal. You might have granted the permissions previously and you are just updating the current version of app. Re-verify your targetSdkVersion.
I am developing an app and the manifest has included permissions INTERNET and SEND_SMS. There was no asking of permissions when the apk was installed by Android Studio to either an emulator or a real phone.
When I ran the app, which sends an SMS, there was a permission exception. I had to go to Settings, Apps and under Permissions, there is an option to enable SMS. After I enabled it, the app could send SMS'es.
When the app made a network call using HttpUrlConnection, it completed successfully! Under Settings Apps, there is no option for network or Internet or the like.
Why is it that making a network communication does not require any permission by the user?
Under Settings, Apps, why is there only one permission, SMS, listed for my app?
It's the developer responsibility to request the permission at the runtime.
Before accessing any danger permission. (Runtime Permission are supported from Android M(6.0))
Not all the permission need to be requested from the user. Only Danger Permission needs an approval from the user. Normal and Danger Permsission
Please follow this guide Runtime Permission
The permissions model was changed in Android 6.0. If the app targets API 23 or above than you need to request the user for the permissions in runtime. If the app targets below API 23 than the app gets the permissions during intall.
There are some permissions like "INTERNET" that will always be during intall.
You're running your app in Android SDK>=23.
Internet permission is under Normal permission so it does not show any permission prompt but Camera permission is under Dangerous Permission so it shows permission prompt.
If an app declares that it needs a normal permission, the system automatically grants that respective permission to the app.
Refer:
Reference -
Android Permissions
StackOverflow
Permission Requests
I'm trying to grant some runtime permissions to my app automatically, these include ACCESS_FINE_LOCATION, READ_PHONE_STATE as well as ACTION_MANAGE_OVERLAY_PERMISSION. Do note that this requires at least Device Administrator access rights, which I have.
While the first two work flawlessly via
dpm.setPermissionGrantState(componentName, "com.my.app", Manifest.permission.READ_PHONE_STATE, DevicePolicyManager.PERMISSION_GRANT_STATE_GRANTED);
dpm.setPermissionGrantState(componentName, "com.my.app", Manifest.permission.ACCESS_FINE_LOCATION, DevicePolicyManager.PERMISSION_GRANT_STATE_GRANTED);
ACTION_MANAGE_OVERLAY_PERMISSION does not work at all. I believe this might be due to the fact that it's not part of Manifest.permission but instead android.settings.action.MANAGE_OVERLAY_PERMISSION. However it still is a permission that I want to be granted automatically.
Edit: While it seems that this permission is granted automatically to any app that requests it, this only is the case for apps distributed via the playstore. Unfortunately my App is NOT distributed that way.
include ACCESS_FINE_LOCATION, READ_PHONE_STATE as well as ACTION_MANAGE_OVERLAY_PERMISSION
ACTION_MANAGE_OVERLAY_PERMISSION is not a permission.
but instead android.settings.action.MANAGE_OVERLAY_PERMISSION
That is not a permission. That is an Intent action.
The permission that you probably want is SYSTEM_ALERT_WINDOW.
I was able to automatically grant this permission, from my device owner app:
devicePolicyManager.setPermissionGrantState(compName, this.packageName, Manifest.permission.SYSTEM_ALERT_WINDOW, DevicePolicyManager.PERMISSION_GRANT_STATE_GRANTED)
You also need in your manifest:
<uses-permission android:name="android.permission.SYSTEM_ALERT_WINDOW"/>
After this Settings.canDrawOverlays() returns true, and the permission is granted in the settings app. Although unlike other permissions granted this way, it seems like the user can choose to disable it in settings. My targetSdkVersion is 26
It is a new behaviour introduced in Marshmallow 6.0.1.
Every app that requests the SYSTEM_ALERT_WINDOW permission and that is installed through the Play Store (version 6.0.5 or higher is required), will have granted the permission automatically.
If instead the app is sideloaded, the permission is not automatically granted. You can try to download and install the Evernote APK from apkmirror.com. As you can see you need to manually grant the permission in Settings -> Apps -> Draw over other apps.
These are the commits [1] [2] that allow the Play Store to give the automatic grant of the SYSTEM_ALERT_WINDOW permission.
Regarding Google's recent announcement about Android M and Permissions model.
Per the official Android documentation:
Limited Permissions Granted at Install Time: When the user installs or
updates the app, the system grants the app all permissions that the
app requests that fall under PROTECTION_NORMAL. For example, alarm
clock and internet permissions fall under PROTECTION_NORMAL, so they
are automatically granted at install time. The system may also grant
the app signature and system permissions, as described in System apps
and signature permissions. The user is not prompted to grant any
permissions at install time.
Particular note that it says:
...the system grants the app all permissions that the app requests.
So, if the app does not have INTERNET permission in its AndroidManifest.xml, it won't be granted access to INTERNET in that case?
Or will an app require to add INTERNET permission in its manifest in order to be able to make network calls?
As for the specific android.permission.INTERNET permission, it is still mandatory for apps that will access the Internet. If a developer were to publish an app without defining it in the Android manifest, an exception will be thrown the first time a connection attempt is made, and the app will possibly crash. This is no different than before.
All that has changed is that there won't be a prompt to the user, the app will still require the permission in the manifest.
Please check this video from Google IO - https://youtu.be/f17qe9vZ8RM?t=18m10s
There is no more Internet permission - the app will have by default access to the internet. Their idea is that if you don't have access to the device data then you can not do anything dangerous
Kind Regards