I have an app which use GCM and Billing. In order to make it Android M-ready i'm trying to implement the new permission model.
Unfortunately i can't find any informations about GCM and Billing permissions.
They don't appear in the normal permission list and are obviously not available with Manifest.permission.* because they are not under android.permission namespace.
Nevertheless , we still have to declare them in the manifest
<uses-permission android:name="com.android.vending.BILLING">
<uses-permission android:name="com.google.android.c2dm.permission.RECEIVE">
So how those permissions should be handled ? Are they automatically granted ?
Those permissions are granted automatically at install time:
checkSelfPermission("com.android.vending.BILLING") returns PERMISSION_GRANTED without ever asking the user.
As far as I understood the documentation and the behaviour of the most recent M preview, the only permissions that have to be requested at runtime are the ones that have a permission group, since the popups that are prompted to the user only mention permission groups.
Related
In our android app we included android.permission.READ_CALL_LOG permission which is needed for our functionality. After integrate these permission and once we uploaded the app in PlayStore the app got rejected due to READ_CALL_LOG permission and received below message.
Can anybody please let me know how could solve this issue? I couldn't remove the 'READ_CALL_LOG' permission which is require in my project.
Regards
Your app can not declare READ_CALL_LOG permission in Manifest unless it was a dialer app.
If you feel, your app's major functionality depends on READ_CALL_LOG permission, you must fill the declaration form explaining why you need this permission.
If your request is accepted, your app will be allowed to use the permission.
Google has restricted SMS and CALL permissions for default apps only. Apps are getting rejected due to permissions declaration in the manifest file. There are alternate ways to get required permissions access in android applications.
Follow below link for more information.
No more SMS and Call permissions
I am following the instructions found here at android developer. These instructions say to add these two lines of code into the manifest:
<manifest ... >
<uses-permission android:name="android.permission.ACCOUNT_MANAGER" />
<uses-permission android:name="android.permission.INTERNET" />
...
</manifest>
The problem is that I now get an error on the "ACCOUNT_MANAGER" line saying "Permission is only granted to system apps".
My application is not going to be a system application and I need to authenticate to OAuth2 services. How can it be possible that ANY app that uses OAuth2 needs to be a system application?
Does anyone know how to use ACCOUNT_MANAGER without requiring my application to be a "system application"?
I've looked at this question and this question. They say that, for the permissions they have listed, the error is a "fake" error message. Does anyone know if the 'ACCOUNT_MANAGER error is a fake message? Can I tell the compiler to ignore this like the suggestions in these other posts?
From documentation
String ACCOUNT_MANAGER
Allows applications to call into AccountAuthenticators.
Not for use by third-party applications.
ACCOUNT_MANAGER permission can only be granted to system app
If your app requires AccountManager, you can create an AccountAuthenticator service like in this tutorial
Or you can request MANAGE_ACCOUNTS permission as explained in this answer
MANAGE_ACCOUNTS: The API documentation is not that clear about this
permission. But according to Bryans answer, an app can only
delete/modify an account it created itself. Of course it can create
any new account, and manage that.
I'm trying to grant some runtime permissions to my app automatically, these include ACCESS_FINE_LOCATION, READ_PHONE_STATE as well as ACTION_MANAGE_OVERLAY_PERMISSION. Do note that this requires at least Device Administrator access rights, which I have.
While the first two work flawlessly via
dpm.setPermissionGrantState(componentName, "com.my.app", Manifest.permission.READ_PHONE_STATE, DevicePolicyManager.PERMISSION_GRANT_STATE_GRANTED);
dpm.setPermissionGrantState(componentName, "com.my.app", Manifest.permission.ACCESS_FINE_LOCATION, DevicePolicyManager.PERMISSION_GRANT_STATE_GRANTED);
ACTION_MANAGE_OVERLAY_PERMISSION does not work at all. I believe this might be due to the fact that it's not part of Manifest.permission but instead android.settings.action.MANAGE_OVERLAY_PERMISSION. However it still is a permission that I want to be granted automatically.
Edit: While it seems that this permission is granted automatically to any app that requests it, this only is the case for apps distributed via the playstore. Unfortunately my App is NOT distributed that way.
include ACCESS_FINE_LOCATION, READ_PHONE_STATE as well as ACTION_MANAGE_OVERLAY_PERMISSION
ACTION_MANAGE_OVERLAY_PERMISSION is not a permission.
but instead android.settings.action.MANAGE_OVERLAY_PERMISSION
That is not a permission. That is an Intent action.
The permission that you probably want is SYSTEM_ALERT_WINDOW.
I was able to automatically grant this permission, from my device owner app:
devicePolicyManager.setPermissionGrantState(compName, this.packageName, Manifest.permission.SYSTEM_ALERT_WINDOW, DevicePolicyManager.PERMISSION_GRANT_STATE_GRANTED)
You also need in your manifest:
<uses-permission android:name="android.permission.SYSTEM_ALERT_WINDOW"/>
After this Settings.canDrawOverlays() returns true, and the permission is granted in the settings app. Although unlike other permissions granted this way, it seems like the user can choose to disable it in settings. My targetSdkVersion is 26
It is a new behaviour introduced in Marshmallow 6.0.1.
Every app that requests the SYSTEM_ALERT_WINDOW permission and that is installed through the Play Store (version 6.0.5 or higher is required), will have granted the permission automatically.
If instead the app is sideloaded, the permission is not automatically granted. You can try to download and install the Evernote APK from apkmirror.com. As you can see you need to manually grant the permission in Settings -> Apps -> Draw over other apps.
These are the commits [1] [2] that allow the Play Store to give the automatic grant of the SYSTEM_ALERT_WINDOW permission.
I'm trying to update my application to support v23 properly especially in terms of the new permission model. Unfortunately I'm kinda confused when it comes to the GET_ACCOUNTS permission. According to Table 1 (Dangerous permissions and permission groups) the GET_ACCOUNTS permission is classified as dangerous though when you look at the Manifest.permission docs the Protection Level is set to normal which basically means that I don't need to request the permission from the user.
I've looked at the App Info -> Permissions page and the contacts permission can be revoked which seems to indicate that it is indeed a dangerous permission.
So basically the questions are:
Is it really a dangerous permission?
Is this permission required for GCM if my app is targeting only API-Level 14 and higher? (seems like this isn't the case)
Yes, the permission is dangerous since dp3. And no with the latest Google play services, this permission is not needed to use GCM.
for example,my app requests a permission in Manifest file,like android.permission.WRITE_EXTERNAL_STORAGE,how can i check whether the permission is denied by user or some security apps?
Call context.checkCallingPermission(permission)
permission -- The name of the permission being checked, as a String
Returns PERMISSION_GRANTED if you have the permission, or PERMISSION_DENIED if not.
See checkCallingPermission
As noted in the docs and the comments, there are some subtleties here.
Right now, android asks for the user to accept all the permissions an app asks for in the manifest on installation. In the upcoming M release, android will switch over to the iOS style of permissions with an "on needed" basis. (For certain permissions. See #Commonsware's comment for more details) Meaning whenever the user tries to use a feature that requires permission it will ask them to accept or deny. If they hit deny I imagine there will be an sdk positive and negative response button interface to implement.
As for right now in your dilemma, if the user rejects permissions they won't be able to use your app period.
You can use checkCallingPermission() to check weather the runningtime permission is denied by users or some apps.