Consider this as a wiki question.
While I setup my project to support Map V2, There has been a step to add MAPS_RECEIVE permission.
<permission
android:name="com.example.mapdemo.permission.MAPS_RECEIVE"
android:protectionLevel="signature"/>
<uses-permission android:name="com.example.mapdemo.permission.MAPS_RECEIVE"/>
Why we creating and consuming the permission from the app itself?
Is that google play services app interact using this permission ?
This permission can't takes care of these things?
<uses-permission android:name="com.google.android.providers.gsf.permission.READ_GSERVICES"/>
I thought the use of custom permission is to allow other apps to launch/use our app's services/resources.
For future visitors:
This permission is now completely unnecessary. The latest update of
Google Play Services 3.1.59 made it useless. As a result, it can be
removed.
source
This is the same pattern you see when using Google Cloud Messaging (GCM) with its C2D_MESSAGE permission. The idea is to protect an endpoint in your application (e.g. a broadcast receiver) so that some other component (presumably part of the Maps API) can contact it securely (otherwise, another application could impersonate your application by using the same intent filter).
In this case, then, Maps API internally sets up such an endpoint (transparently to you) and can, with the use of this permission, that this endpoint cannot be impersonated (because to do so would require the permission, which is protected by your application signature).
This permission specifies your package name.
i.e.
<permission
android:name="package_name.permission.MAPS_RECEIVE"
android:protectionLevel="signature"/>
<uses-permission android:name="package_name.permission.MAPS_RECEIVE"/>
thus, the google API simply allows your project to recieve the map.
The permission tells where to use the API.
I found that this permission is still needed when using the debug certificate. When I exported and signed my application it worked fine, but it wouldn't work when I used the debug cert. I have the MD5 for both my debug cert and application cert associated with the same key. When I finally added these extra permissions, it worked. I am using a Moto X running 4.4 with everything up to date.
Related
I installed a new application to release it to the play console. I installed Apk. First, I uploaded it to the open beta channel, but it always seems to be under review.
Later, after installing each apk, I get an e-mail about application permissions, they say that they do not comply with their privacy and sensitivity policies.
These appear in the permissions required by apk on the play console:
android.permission.ACCESS_NETWORK_STATE, android.permission.INTERNET, android.permission.READ_EXTERNAL_STORAGE, android.permission.WAKE_LOCK, android.permission.WRITE_EXTERNAL_STORAGE, com.google.android.c2dm.permission.RECEIVE
This is the content of mail:
Requested permissions do not match core functionality of the app
You declared Select Carrier Services and Device Automation as the core functionality of your app. However, after review, we found that your app does not match the declared use case(s). Learn more about permitted uses and exceptions.
Please either:
Make changes to your app so that it meets the requirements of the declared core functionality or,
Select a use case that matches your app’s functionality
Sensitive permission
Your app does not qualify for use of the requested permissions. Permission requests should make sense to users. You may only request permissions that are necessary to implement critical current features or services in your application. You may not use permissions that give access to user or device data for undisclosed, unimplemented, or disallowed features or purposes.
This is the my AndroidManifest.xml and permissions:
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.WAKE_LOCK" />
<uses-permission android:name="com.google.android.c2dm.permission.RECEIVE" />
If anyone has an idea or can help I would be very glad.
Although I changed it 8 times and installed the apk, I did not get approval for how many days and I constantly receive the mail I sent the content above, every time I send an apk..
I'm new to developing android apps, and this is my first one that I'm about to publish. The last step for me is adding permissions. I have to add permissions manually as I'm building the app through Phonegap. Anyway, I can't find what the specific permissions are required to ask of the user if you are going to use Firebase with Google Analytics and Google Admob. My app doesn't need any other permissions than for these services. (By the way, I am not adding these services via SDK, I am adding my app to these services online. However, I believe I still need to add app permissions.)
Only internet, you can add it in your Manifest:
<uses-permission android:name="android.permission.INTERNET" />
No need for runtime permissions for internet.
Recently I tried to publish an app in Google Play Store, but I am receiving the following error and my app is getting rejected every time.
I have removed all the SMS related permissions only basic permissions required are included in the app, and I have used some 3rd party libraries like PayPal, Payumoney.
Please find the reference link below for more information regarding the updated Google Policy:
Privacy, Security, and Deception
If you cannot disable adding this permission by a dependency you can explicitly remove it from merged manifest like this:
<uses-permission
android:name="android.permission.READ_PHONE_STATE"
tools:node="remove" />
this isn't really a big problem. I've got an Android App that stores user's passwords on a SQLite Database. So last week I launched an update that allows the user to export those passwords to their Google Drive. To do this, I've used the Google Drive Android API. I didn't add any special permission to the Application Manifest (AndroidManifest.xml) and it works fine (tested on KitKat4.4). But one of my friends told me that it might not work on Android 6.0+, because I should always ask for permissions. But I checked some samples and none of them had those permissions on the Manifest. Do you guys think it's necessary to add permissions? Perhaps INTERNET or GET_ACCOUNTS?
If you are using the Google Drive Android API you don't need INTERNET or GET_ACCOUNTS permissions.
The API automatically handles previously complex tasks such as offline access and syncing files. This allows you to read and write files as if Drive were a local file system.
Check the official Quickstart and the demos sample on GitHub. None of them is having special permissions in the AndroidManifest.xml.
BUT if you are using the Google Drive REST API for Android then you need INTERNET permission for sure.
If you follow the tutorials on Drive API using Android, you will see in the Step 4:Prepare the project that you need to add the permissions below in your code.
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<uses-permission android:name="android.permission.GET_ACCOUNTS" />
The permission "android.permission.INTERNET" is used if you want your application to connect/perform network operation.
For the "android.permission.GET_ACCOUNTS", it's stated in this documentation that:
Note: Beginning with Android 6.0 (API level 23), if an app shares the
signature of the authenticator that manages an account, it does not
need "GET_ACCOUNTS" permission to read information about that account.
On Android 5.1 and lower, all apps need "GET_ACCOUNTS" permission to
read information about any account.
For more information about different meaning/uses of android permission, check this page.
According to the Google Maps API documentation, INTERNET and ACCESS_NETWORK_STATE permissions will be automatically merged to project's manifest, meaning you don't have to specify them by yourself as long as calling API over Google Play services.
Couldn't find the same description for Google Drive API, though.
In my App I am getting location using NETWORK_PROVIDER but after uploading apk file to google play store,it shows the permission fine(GPS) location. I have a device which don't have GPS, I am not able to install the app from google play but i can install it manually. I am not getting any solution.It shows apps is not compatible.
You must remove the
<uses-permission android:name="android.permisssion.ACCESS_FINE_LOCATION"></uses-permission>
from your manifest. and only have ACCESS_COARSE_LOCATION. Even if you never use it in your code, Play store still uses it to filter out incompatible devices.
If you don't explicitly indicate which hardware features your app requires, Google Play will make some assumptions based on the permissions your app has requested.
If you don't require GPS for your application, you need to indicate that GPS is not required by adding this to your manifest:
<uses-feature android:name="android.hardware.location.gps" android:required="false"/>
Note: you can use the following command line to see how Google Play will filter your application, based on declared (or implied) features and permissions:
aapt dump badging <path_to_exported_.apk>
All this (and more) is described pretty clearly in the Google Play Filters documentation.