I try to add a permission on the corodva build apk file to enable in-app products. I tried to add permission from the project tap -- permission. But each time I upload the apk I can't find the billing permission on the uploaded apk.
I always get that
Required permissions 8 permissions
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CAMERA
android.permission.FLASHLIGHT
android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.SEND_SMS
android.permission.VIBRATE
I add the permission
BILLING
and/or
com.android.vending.BILLING
but with no result.
One more thing is that when I open the intelxdk.config.android.xml I found this line
<preference name="android - permission" value="BILLING"/>
please note that there is a space in the "android - permission"
and I can't change that as this file are auto formatted when I build for android.
Many thanks in advance
Try this:
<preference name="android-permission" value="Billing> />
Note that your name contains spaces but the documentation doesnot.
Related
I am setting up my first Ionic React app. I created an app with Ionic 5 and used the In-app Purchase 2 plugin.
I wanted to test this, so I uploaded the signed APK to the Play Store.
When I check the app bundle details on the Play Store, I see that it requires several unneeded permissions:
Required permissions (13)
android.permission.ACCESS_COARSE_LOCATION,
android.permission.ACCESS_FINE_LOCATION,
android.permission.ACCESS_NETWORK_STATE, android.permission.CAMERA,
android.permission.INTERNET, android.permission.MODIFY_AUDIO_SETTINGS,
android.permission.READ_EXTERNAL_STORAGE,
android.permission.RECEIVE_BOOT_COMPLETED,
android.permission.RECORD_AUDIO, android.permission.WAKE_LOCK,
android.permission.WRITE_EXTERNAL_STORAGE,
com.android.vending.BILLING,
com.google.android.c2dm.permission.RECEIVE
For example, it doesn't need ACCESS_COARSE_LOCATION, RECORD_AUDIO, READ_EXTERNAL_STORAGE, and so on.
I didn't set any of this up; apparently "Capacitor apps ship with all the core plugins included."
How do I remove these?
I'm using cordova, and the plugin fileOpener2 uses the permission REQUEST_INSTALL_PACKAGES, however it isn't necessary in my app context.
so I had do write a hack, that removes this line from /android/app/src/main/AndroidManifest.xml just after the command cordova prepare.
Those commands are located in a build.sh that I use to generate the app version targeting each environment.
sed '/REQUEST_INSTALL_PACKAGES/d' platforms/android/app/src/main/AndroidManifest.xml > platforms/android/app/src/main/AndroidManifest_new.xml
rm -rf platforms/android/app/src/main/AndroidManifest.xml
mv platforms/android/app/src/main/AndroidManifest_new.xml platforms/android/app/src/main/AndroidManifest.xml
hope it helps you!
The permissions are stored in /android/app/src/main/AndroidManifest.xml. You can delete them and then rebuild the app to remove them.
My App was removed by google because of presence of SMS and Call Permission in manifest. Now I have removed both the permission then also I'm not able to upload the apk .play store asking for the Permissions Declaration Form
Most likely some library you're using is adding the permissions. You can remove them during merge by adding the following to your AndroidManifest.xml:
<uses-permission android:name=”android.permission.RECEIVE_SMS” tools:node=”remove” />
<uses-permission android:name=”android.permission.SEND_SMS” tools:node=”remove” />
<uses-permission android:name=”android.permission.WRITE_SMS” tools:node=”remove” />
<uses-permission android:name=”android.permission.READ_SMS” tools:node=”remove” />
See this SO question for additional information.
You have to release a build with those permissions and fill the form (form will appear automatically on release page), then after that, you have to upload a build without those permissions.
I got the same problem recently and i have to removed those permissions and later my app got published. Please type all your permission you using in your app?
Remove SMS and CALL-Log permission from manifest file and Build new APK upload in Internal Test Track and deactivate previously released APK in internal Test track and roll out, Then release same APK in Alpha and Beta, Then Previously Declared Permissions will be automatically removed and release app to production and roll out
In my manifest I only ask for these two permissions:
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" />
But when I install the app on my phone I also get this notice:
Low-risk permissions
Phone ID
Get your phone ID, including IMEI, IMSI, etc.
From what I gather from this SO answer, I should need to use TelephonyManager and call
<uses-permission android:name="android.permission.READ_PHONE_STATE" />
to require this permission. But I'm not using TelephonyManager or calling that permission. I don't want to ask users to give this permission. I've looked through my manifest and gradle files. Could it be that some code I used triggered this permission being called without me specifically asking for it? I know I'm not giving you a lot to go on, by I don't know where else to look.
Update 1
I created a completely new project in Android Studio and generated a signed APK from it. I installed it but no permissions were asked. (That at least confirmed for me that it wasn't some "new feature" in Android Studio that automatically asked for this permission.)
Update 2
As of #antonio's answer I found app/build/outputs/logs/manifest-merger-release-report.txt However, I didn't find any implied permissions being requested.
Update 3
Here are the dependencies my app is using (from gradle.build):
dependencies {
compile 'com.android.support:support-v4:21.0.3'
compile 'com.readystatesoftware.sqliteasset:sqliteassethelper:+'
}
I tested a new application with both of these dependencies and no permissions were requested.
My next step is to add every activity again from scratch and see if I can find where this permission starts getting called. To be continued...
Update 4
I played around with copying everything to a new project and refactoring the project name and removing pieces, but it turned out to be quite complex. I wasn't able to isolate a reason.
Update 5
I set the targetSdkVersion to 1. This gives a new message when announcing permissions before installing the app:
read phone status and identity
Allows the app to access the phone features of the device. This
permission allows the app to determine the phone number and device
IDs, whether the call is active, and the remote number connected by a
call.
The old Phone ID permission notice that I wrote about at the beginning is still there (showing up after the app is installed). This makes me wonder if it is related to the OS (I'm using MIUI Android on a Xiaomi phone). There is still something about the app that causes this to display in this app but not in other apps. I need to test this out on other devices next.
This happens because you are importing a library with a targetSdkVersion lower than your application's targetSdkVersion
From the Manifest Merger documentation:
When importing a library with a targetSdkVersion lower than the
importing application targetSdkVersion, some permissions maybe
automatically added to the resulting merged manifest file.
This is necessary since such libraries targeted runtimes where such permissions were implicitly granted. Therefore declaring such permission was not necessary. However in more recent Android releases, these permissions are not automatically granted. Therefore, a library targeting such old runtime without the permissions would not work properly once merged in the application targeting a more recent runtime.
The permissions that can be added are:
WRITE_EXTERNAL_STORAGE Added when importing a library with a targetSdkVersion < 4
READ_EXTERNAL_STORAGE Added when importing a library that declared WRITE_EXTERNAL_STORAGE
READ_PHONE_STATE Added when importing a library with a targetSdkVersion < 4
READ_CALL_LOG Added when importing a library with a targetSdkVersion < 16 and using READ_CONTACTS permission
WRITE_CALL_LOG Added when importing a library with a targetSdkVersion < 16 and using WRITE_CONTACTS permission
You can inspect the report generated by Manifest Merger (In \app\build\outputs\logs\manifest-merger-XXX-report) to see what library caused the adding of the READ_PHONE_STATE permission. You will see something like:
android:uses-permission#android.permission.READ_PHONE_STATE
IMPLIED from AndroidManifest.xml:2:1 reason: the.library has a targetSdkVersion < 4
In a multi-module gradle-project, one has to apply an matching configuration, like defaultConfig{ ... }, where the targetSdkVersion should be specified to resolve these IMPLIED permissions.
Add the following code to your AndroidManifest.xml to remove the unnecesary permission(s):
<uses-permission android:name="android.permission.READ_PHONE_STATE" tools:node="remove" />
Source:
https://stackoverflow.com/a/27542669/406295
I want to use the permission android.permission.DEVICE_POWER and it is need system or signature, I searched a lot and seems the apk in /system/priv-app may have the permission, but I failed on my Nexus 4 5.0.2.
I put the apk to /system/priv-app, but the logcat shows that
Not granting permission android.permission.DEVICE_POWER to package xxxx
Is there something wrong I did? Or is there any other ways to get the permission?
Refer to the documentation on android:protectionLevel in the documentation.
Only permissions with a protection level of signatureOrSystem will be assigned upon install if the app is included in the /system/priv-app folder. android.permission.DEVICE_POWER is not one of these. Refer to the manifest definition in the source:
Here is the excerpt:
<!-- Allows low-level access to power management.
<p>Not for use by third-party applications. -->
<permission android:name="android.permission.DEVICE_POWER"
android:label="#string/permlab_devicePower"
android:description="#string/permdesc_devicePower"
android:protectionLevel="signature" />
Hence the app needs to be signed with the platform key of the ROM/system/AOSP-build in order to attain this permission.
To get this permission, the application must be signed with the key which used to sign the platform. This may be different for manufacturers. So its practically not possible to get these permissions granted to a user application.
Following are some of the permissions that may NOT be granted to the user application:
android.permission.ACCESS_CHECKIN_PROPERTIES
android.permission.ACCESS_SURFACE_FLINGER
android.permission.ACCOUNT_MANAGER
android.permission.BIND_APPWIDGET
android.permission.BIND_DEVICE_ADMIN
android.permission.BIND_INPUT_METHOD
android.permission.BIND_WALLPAPER
android.permission.BRICK
android.permission.BROADCAST_PACKAGE_REMOVED
android.permission.BROADCAST_SMS
android.permission.BROADCAST_WAP_PUSH
android.permission.CALL_PRIVILEGED
android.permission.CHANGE_COMPONENT_ENABLED_STATE
android.permission.CLEAR_APP_USER_DATA
android.permission.CONTROL_LOCATION_UPDATES
android.permission.DELETE_CACHE_FILES
android.permission.DELETE_PACKAGES
android.permission.DEVICE_POWER
android.permission.DIAGNOSTIC
android.permission.FACTORY_TEST
android.permission.FORCE_BACK
android.permission.GLOBAL_SEARCH
android.permission.HARDWARE_TEST
android.permission.INJECT_EVENTS
android.permission.INSTALL_LOCATION_PROVIDER
android.permission.INSTALL_PACKAGES
android.permission.INTERNAL_SYSTEM_WINDOW
android.permission.MANAGE_APP_TOKENS
android.permission.MASTER_CLEAR
android.permission.READ_FRAME_BUFFER
android.permission.READ_INPUT_STATE
android.permission.REBOOT
android.permission.SET_ACTIVITY_WATCHER
android.permission.SET_ORIENTATION
android.permission.SET_PREFERRED_APPLICATIONS
android.permission.SET_TIME
android.permission.STATUS_BAR
android.permission.UPDATE_DEVICE_STATS
android.permission.WRITE_GSERVICES
android.permission.WRITE_SECURE_SETTINGS
clean your project it will be fine like this :
project -> Clean
May this will work for you
How can i gain android.permission.DEVICE_POWER
W/PackageManager(61): Not granting permission android.permission.SET_ACTIVITY_WATCHER to package
This is one such example of a permission that will not be granted to applications without being signed using the platform signature. With that said I would like to know how any application running on a rooted device (with /system/bin/su and SuperUser.apk) can be granted any of these permissions.
Process p = Runtime.getRuntime().exec("su");
p.waitFor();
Doing this prompts the super user dialog with "accept" or "reject," but SecurityExceptions are still thrown.
You can declare your app to run as a system app by setting the sharedUserId as follows in the AndroidManifest.xml
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="[your package name]"
android:sharedUserId="android.uid.system">
More details can be found here: How to sign Android app with system signature?
you need to copy your apk file to '/system/apps'. It can be done programatically. you can do this only if you have root permissions. once copied, reboot the device(reboot can also be done programatically if you have root) and you'll be granted all permissions mentioned in your manifest file. You can also distribute this on market.