I am curious if it is possible to change an App's access permissions using an in-app purchase?
The App I am developing has access to network / internet and advertising.
To improve user's privacy, there will be an in-app purchase option that will disable ads and remove network / internet support.
I know that I could do a separate app entirely, but I'd prefer to keep it within the same app.
I have searched and cannot find a solution to my particular use case.
Thanks.
If you use an in-app purchase it isn't gonna change any permissions. Permissions are set on the manifest and is not changeable.
The only way to change permissions is with an upgrade to a newer version, as #SuperThomasLab pointed out, the permissions are in the manifest and set in stone for that version.
Google has very strict requirements that the user needs to be informed of any permission changes on each upgrade, so there is absolutely no way to change the permissions that the user agreed to the last time they installed your app.
You can add functionality to disable the code that uses any network/internet, even if the permission is still there.
As for removing ads, see this post: In-App Purchase remove ads
Related
i have a question related to Android app run time permissions.
Is it preferrable/allowed practice for developers to save users' permission preferences i.e. each user has allowed/denied any permission, on our remote server database?
Offcourse we are asking run time permission for every feature we want to use, but is it preferrable that we log on server that if user has allowed for any permission or not, please let know. Thanks
Android framework has restricted the developers to ask only those permissions which are necessary to implement a specific feature and that too if there's no other way to implement the feature without that specific permission. In your case, it seems like you have already taken care of the permissions and just want to hold the result of the asked permissions.
So the answer is YES, You can save this data and it's even considered good practice for handling permissions. Here's the reference from the official android documentation.
Greater flexibility in granting permissions
Users can deny access to individual permissions at the time they’re requested and in settings, but they may still be surprised when functionality is broken as a result. It’s a good idea to monitor how many users are denying permissions (e.g. using Google Analytics) so that you can either refactor your app to avoid depending on that permission or provide a better explanation of why you need the permission for your app to work properly. You should also make sure that your app handles exceptions when users deny permission requests or toggle off permissions in settings.
https://developer.android.com/training/permissions/usage-notes
I have developed a keyboard app for Android. It's a free app so it has in-app advertisements to earn some revenue. To run these advertisements, I need the internet permission for my app. As a keyboard app, users type a lot of sensitive information from this app. They always ask me whether their privacy is protected or not. I don't collect anything they type from this keyboard. Only the reason I have internet permission is to run ads & it is necessary to earn revenue. I know it's impossible to remove internet permission at runtime because it's declared in the manifest file. If it was possible I could add a premium version which doesn't have the internet permission.
Can anyone give me any idea to solve this problem? Thank you.
The best way to achieve this would be using Flavours. You can learn about Flavours and if they are best suited to you need by reading: https://developer.android.com/studio/build/build-variants
I'm working on a project based on cloud backup which saves and restore user's call log. It was working fine for the previous version but now getting following warning. I added a description before taking permission from the user but still getting the warning.
Your app is requesting the following permission which is used by less
than 1% of functionally similar apps: WRITE_CALL_LOG
Users prefer apps that request fewer permissions and requesting
unnecessary permissions can affect your app's visibility on the Play
Store. If these permissions aren't necessary, you may be able to use
alternative methods in your app and request fewer permissions. If they
are, we recommend providing an explanation to users of why you need
the permissions. Learn more
Note: This guidance is based on a comparison with functionally similar
apps, which change over time as new apps get published and existing
apps change behavior. Therefore the warning may change even if you
don't change your permission usage.
Its a warning. If you need that permission (and it seems your app does), then you're fine. If you didn't really need it, you should remove it. Google isn't going to scan your description to see if you explain it, that level of AI isn't really possible yet. So you'll continue to get the warning.
While migrating to run time permission model, I've a doubt . Why google play services libraries not handling the run time permissions? they can ask run time permissions from library itself right?
Most likely because it's part of the user interaction. There's more than just asking for permissions, you also need to properly handle the case when the permission is denied and when it's asked again, providing a reasoning to the user why you keep bugging about the permission. Also Google wants you to be aware of when the permission is asked, doing that without your explicit control could take the developer and the user by surprise.
Also: You can't ask for the permission without declaring it in the manifest. If you don't ask for the permission yourself you might not remember to add it.
The concern is Security. They don't know what you have planned to do with the permissions but the user knows (assumed) the consequences allowing you for a permission. So user is solely responsible for any damage due to usages of an application. In other words Google is out of damage-scene.
If an application changes its permissions, the Android market will generally mark it for manual update. Is this true if the change is only to remove a permission that was previously required by an app? Or will any change to the permissions mark the app for manual update?
EDIT
I tried it out today. Removed a permission from the app and put it up on the market. I had also ticked the 'auto update' feature in the mkt page. Although it did not automatically update the app, it did not say 'manual update' in the mkt page.
Removing permissions does not prevent auto-upgrades.
Adding a permission might prevent auto-upgrade, but not all permissions do. A good heuristic is to look at the protectionLevel of the permission; "dangerous" permissions will prevent auto upgrade, "normal" in general will not, but it's good to test with a small test bench app.
Third-party permissions are typically "normal" or "signed", and "signed" are treated same as "normal" with regards to auto upgrade.
Also, as of v4.1.6 Google Play app does show apps that require manual acceptance of new permissions in a separate "Manual Update" section. They are listed along all other updates, and the GP app will just show the new permissions dialog when user tries to update them.