I googled for an example source code for blocking calls and came across this EXAMPLE, But later I came to know that Google has updated their policy and
android.permission.MODIFY_PHONE_STATE
is an system level permission from android version 2.3, I have very important module placed on blocking a specific call.
How do I get a system level permission?
Please let me know if there is any way I can do this in my application. Its very important for the product and cannot be released without this functionality.
Please Help!
Thanks in advance
At least as of Android 5.0, MODIFY_PHONE_STATE has the following definition:
<permission android:name="android.permission.MODIFY_PHONE_STATE"
android:permissionGroup="android.permission-group.PHONE_CALLS"
android:protectionLevel="signature|system"
android:label="#string/permlab_modifyPhoneState"
android:description="#string/permdesc_modifyPhoneState" />
Your app can only hold this permission and use it to modify the phone state if it is signed by the firmware's signing key (the "your own custom ROM" scenario from Marcin's comment) or if your app is installed on the system partition. The latter can be accomplished by having your app pre-installed on the device (or having a rooted device user move your app to the system partition, as I understand it).
Related
I want to code an automotive app which should simply display a map while the user is driving. I am developing with Android Studio 4.0.1 and in Kotlin. In order to create an emulator for testing, I used Android Studio 4.2 Beta 1 to download an automotive system image because in 4.0.1 no automotive system image was available.
I am stuck to make this app "distraction optimized", so unfortunately the app still gets overlayed with a black screen and the text "You can't use this feature while driving".
When I follow the Guidelines ([https://source.android.com/devices/automotive/driver_distraction/guidelines][1]), it seems that I simply have to add the following metadata to the activity-element in the manifest.xml (I only have one activity):
<activity>
...
<meta-data android:name="distractionOptimized" android:value="true"/>
...
</activity>
Of course I also request the following needed permissions (amongst others) to the manifest-tag in the manifest.xml file:
...
<uses-permission android:name="android.car.permission.CAR_UX_RESTRICTIONS_CONFIGURATION" />
<uses-permission android:name="android.car.permission.CAR_DRIVING_STATE"/>
...
as well as to the permissions array which I pass to the requestPermissions(...)-function
val PERMISSIONS_ARRAY = arrayOf(
...
Car.PERMISSION_CAR_UX_RESTRICTIONS_CONFIGURATION,
Car.PERMISSION_CAR_DRIVING_STATE,
...
)
requestPermissions(PERMISSIONS_ARRAY, 0)
In onRequestPermissionsResult(...) I find out that these two permissions are denied. But the user was even not prompted / asked to give that permission at first app start. Also in the settings there is no possibility to give the app these permissions. In a later piece of code getActiveRestrictions() always returns 255, which means that all restrictions are active, right? Another indication that the app is not allowed to handle the Driver Distraction on it's own, and therefore the OS takes care of it by not showing the app at all...
What am I doing wrong? What do I possibly miss? Does anybody have an idea?
It is not sufficient to mark an activity as DO in the manifest, it must also be downloaded/installed from a trusted source (like Play Store) otherwise CarPackageManagerService won't allow the app to be displayed in any restricted driving-state.
Some insight (which is not fully provided by the website documentation) can be gained from reading the following comment in the source code for 'CarPackageManagerService', which performs the checks on apps and activities to see if they are Distraction Optimized (DO), among other things:
https://android.googlesource.com/platform/packages/services/Car/+/master/service/src/com/android/car/pm/CarPackageManagerService.java#740
Effectively, what this means is that your app needs to be either:
A system app,
Whitelisted in a config.xml file, which is a resource file for OEMs to create configurations for their car services, or
Tagged as DO in the app Manifest, and installed by an allowed source. The list of allowed sources is loaded from R.array.allowedAppInstallSources.
An exception to these rules is if your OS is a debug build.
<uses-permission android:name="android.permission.CALL_PRIVILEGED"/>
I cannot grant this permission in the android manifest file as it shows the following
error:
Permissions with the protection level signature or signatureOrSystem are only granted to system apps. If an app is a regular non-system app, it will never be able to use these permissions.
So,what should i do now?
Permissions with the protection level signature or signatureOrSystem
are only granted to system apps. If an app is a regular non-system
app, it will never be able to use these permissions.
So,what should i do now?
If your app is expected to run on non-rooted devices, then you're simply doomed - you can do nothing, unless you have platform keys to sign your app with it.
Alternatively, you may narrow your audience to rooted devices only but that would allow you to do what you want incl. using features usually reserved for the platform or system apps ony.
Finally you may rethink your approach. Perhaps what you want to do can be achieved other way, w/o need of elevating app privileges.
For this "CALL_PRIVILEGED" permission , you will need a rooted device and the app must be installed as a system app only.
From the documentation (https://developer.android.com/reference/android/Manifest.permission.html#CALL_PRIVILEGED):
String CALL_PRIVILEGED
Allows an application to call any phone number, including emergency numbers,
without going through the Dialer user interface for the user to confirm the
call being placed.
Not for use by third-party applications.
So, the short answer is that you can't use it. What are you trying to accomplish?
i am working on an app using the App Ops Manager. I want to get access to the Logs and analyze which app used which resource. The app works fine for the moment, since a wanted to deplay a Demo version. I have the following problem:
I started the App from Android Studio all the time and granted the Permission "GET_APP_OPS_STATS" manually by using adb.exe. Now ive wrote it down in the AndroidManifest.xml by simply using
<uses-permission android:name="android.permission.GET_APP_OPS_STATS" />
This permission doesnt work in the app and I dont get asked to set it manually (like the one for accessing the storage). I think this could be caused by the permission itself, which could be a system permission.
Are there any solutions, how i can use the App Ops Logs without rooting my device od using third party software? Maybe there is another permission i have to set or some code that sets /asks for the permission.
Best regards,
Marvin
hi everybody
i need some help please does anyone know how can i put this in my manifest tag in androidmanifest.xml file:
android:sharedUserId="android.uid.system"
==>because when i do the deployment failed .
and how can i use this permission :
<uses-permission android:name="android.permission.FORCE_STOP_PACKAGES" />
==>because xamarin studio tell me it's a unknown permission
to use this:
ActivityManager am = (ActivityManager)GetSystemService (Context.ActivityService);
am.forceStopPackage(PACKAGE_NAME);
_Any help will be appreciated _
Setting the sharedUserId to android.id.system actually means declaring your app to belong to the system. You cannot do that unless your app is actually signed with the system certificate. In order to get that certificate, you would have to negotiate with the manufacturer of the device. The only possibility you would actually be able to get the system key is running a firmware on your device that you built and signed yourself.
ActivityManager.forceStopPackage() is reserved for system applications and there is no chance to use it in a user-space application.
You can find various explanations on the Internet and on SO, e.g. here: Android Permission Denial: forceStopPackage()
If your goal is to quite your app, I would direct you to this question:
Is quitting an application frowned upon?
Which sums up how and why you might close your own application.
Actually terminating the application is near impossible, but sending it to the back ground or finishing all activities gets the similar effect of being gone from the screen. This is by design and is explained in the article
To close other applications is either a ROOT only or system specific. So your application could request root permission on android if available. Otherwise, I believe it is possible to negotiate a app with some root access through google play but I assume it is very complicated.
My android app has nothing to do with phone calls, but I'm seeing that when I install a debug build on my test device it requires "Phone Calls: read phone state and identity" permissions. (I make no mention of this in AndroidManifest.xml).
I'd like to have the minimum possible permissions, and wondered if anyone knew how to get rid of this? I commented out the part where I was logging some stuff from Build.MODEL, Build.VERSION.*, etc. I also commented out the part where I was detecting the landscape/portrait orientation thinking that that might be the "phone state". But neither of those seemed to remove that permission required.
I found this bug report: http://code.google.com/p/android/issues/detail?id=4101 but it's marked working-as-intended with a note about permissions being correct from the market but not otherwise. Is this other people's experience? (I'd hate to have to publish to the market just to test that out.) Otherwise, does anyone know if there's an API I can avoid calling that will make it so my app doesn't need this permission?
Thanks!
(Answering my own question in case anyone else runs into this problem and searches for it.)
Digging around in PackageParser.java in the android source, I found out that the system will automatically assign
android.permission.WRITE_EXTERNAL_STORAGE and
android.permission.READ_PHONE_STATE
to any app that declares a targetSdk version of less than 4 (donut). There must be a compatibility reason for this, maybe apps targeting older versions could assume they had these permissions without declaring them explicitly. So, if you don't want these permissions added to your app implicitly, add a section like the following in AndroidManifest.xml
<uses-sdk android:minSdkVersion="4" android:targetSdkVersion="4" />
That is all.
Have fun, -Mike
Android 1.6 changelog: http://developer.android.com/sdk/android-1.6.html#api
WRITE_EXTERNAL_STORAGE: Allows an
application to write to external
storage. Applications using API Level
3 and lower will be implicitly granted
this permission (and this will be
visible to the user); Applications
using API Level 4 or higher must
explicitly request this permission.
But that is only one of them. For some reason the official change log is missing the info about READ_PHONE_STATE. The full story is cleared up here: http://blogs.zdnet.com/Burnette/?p=1369&page=3
New permissions. 1.6 programs must
explicitly request the
WRITE_EXTERNAL_STORAGE permission to
be able to modify the contents of the
SD card, and they must explicitly
request the READ_PHONE_STATE
permission to be able to be able to
retrieve phone state info. Apps
targeting earlier versions will always
request these permissions implicitly.
So as you can see, there is no way to publish an app targeted at 1.5 or earlier without requesting those permissions when installed on phones running 1.6 or higher.