Android Permissions

Android Permissions

android permissions

 

To protect the system’s integrity and the user’s privacy, Android runs each app in a limited access sandbox. If the app wants to use resources or information outside of its sandbox, the app has to explicitly request permission. Depending on the type of permission the app requests, the system may grant the permission automatically, or the system may ask the user to grant the permission.

 

Declaring Permissions

 

Declare that your app needs permission by listing the permission in the App Manifest.

Depending on how sensitive the permission is, the system might grant the permission automatically, or the device user might have to grant the request.

For example, if your app requests permission to turn on the device’s flashlight, the system grants that permission automatically. But if your app needs to read the user’s contacts, the system asks the user to approve that permission.

Depending on the platform version, the user grants the permission either when they install the app (on Android 5.1 and lower) or while running the app (on Android 6.0 and higher).

 

<manifest xmlns:android=http://schemas.android.com/apk/res/android
package=com.example.myapp>
<uses-permission android:name=android.permission.WRITE_EXTERNAL_STORAGE />
<uses-permission android:name=android.permission.ACCESS_FINE_LOCATION/>
<uses-permission android:name=android.permission.ACCESS_COARSE_LOCATION/>
<application …>
</application>
</manifest>
view rawAndroidManifest.xml hosted with ❤ by GitHub

 

Requesting Permissions

 

Beginning in Android 6.0 (API level 23), users grant permissions to apps while the app is running, not when they install the app.

 

 

requesting app permission

 

It gives the user more control over the app’s functionality; for example, a user could choose to give a camera app access to the camera but not to the device location. The user can revoke the permissions at any time, by going to the app’s Settings screen.

System permissions are divided into two categories

 

  • Normal permissions do not directly risk the user’s privacy. If an app lists normal permission in its manifest, the system grants the permission automatically. The complete list of normal permissions can be found here.
  • Dangerous permissions can give the app access to the user’s confidential data. For these permissions, the user has to explicitly give approval to the app. The complete list of dangerous permissions can be found here.

 

Handling Permissions at Runtime

 

For applications to support new Runtime Permissions, in `grade.build` file  set `compileSdkVersion`  and `targetSdkVersion` to 23.

 

apply plugin: com.android.application
android {
compileSdkVersion 23
buildToolsVersion 23.0.3
defaultConfig {
applicationId com.example.myapp
minSdkVersion 10
targetSdkVersion 23
versionCode 1
versionName 1.0
}
buildTypes {
release {
minifyEnabled false
proguardFiles getDefaultProguardFile(proguard-android.txt), proguard-rules.pro
}
}
}
dependencies {
compile fileTree(dir: libs, include: [*.jar])
compile com.android.support:support-v4:23.3.0
compile com.github.bumptech.glide:glide:3.7.0
compile com.google.android.gms:play-services-location:9.2.0
testCompile junit:junit:4.12
compile com.android.support:appcompat-v7:23.3.0
}
view rawbuild.gradle hosted with ❤ by GitHub

 

Moving forward, in <ActivityClass>.java, before accessing any restricted content we will need to check for appropriate permission at runtime. This is to be done using Android `checkSelfPermission` API.
`int hasWriteContactsPermission = checkSelfPermission(Manifest.permission.WRITE_CONTACTS)`

If permission is granted, we are good to go else we need to request permission.

We will need to explicitly call `requestPermissions` API to show the request permission dialog box, Android will not do this for us.

 

private final int WRITE_EXTERNAL_STORAGE_REQUEST_CODE = 123
private void takePhoto() {
//Make sure we have permission to write to external storage
int hasWriteExternalStoragePermission = checkSelfPermission(Manifest.permission.WRITE_EXTERNAL_STORAGE);
if (hasWriteExternalStoragePermission == PackageManager.PERMISSION_GRANTED)
captureImage()
else
requestPermissionWriteToLocalStorage();
}
private void captureImage(){
//Code to capture image from camera
}
private void requestPermissionWriteToLocalStorage(){
requestPermissions(new String[] {Manifest.permission.WRITE_EXTERNAL_STORAGE}, WRITE_EXTERNAL_STORAGE_REQUEST_CODE);
}
view rawcaptureImage.java hosted with ❤ by GitHub

 

In line 5, we get current status for permission. If permission is granted, we continue with our action else we request the user for permission.

 

Handling Permission Results

 

Permission results are communicated to the app via onRequestPermissionsResult callback method. Override this to handle the result.

 

@Override
public void onRequestPermissionsResult(int requestCode, @NonNull String[] permissions, @NonNull int[] grantResults) {
if (requestCode == WRITE_EXTERNAL_STORAGE_REQUEST_CODE){
if (grantResults[0] == PackageManager.PERMISSION_GRANTED)
captureImage();
else{
if (shouldShowRequestPermissionRationale(Manifest.permission.WRITE_EXTERNAL_STORAGE))
showRationaleDialog();
else
Toast.makeText(MainActivity.this, You need to allow permission to Write to External Storage, Toast.LENGTH_LONG).show();
}
}
super.onRequestPermissionsResult(requestCode, permissions, grantResults);
}
private void showRationaleDialog(){
new AlertDialog.Builder(MainActivity.this)
.setMessage(Application needs access to READ/WRITE LocalStorage to store images.)
.setPositiveButton(OK, new DialogInterface.OnClickListener() {
@Override
public void onClick(DialogInterface dialog, int which) {
requestPermissionWriteToLocalStorage();
}
})
.setNegativeButton(Cancel, null)
.create()
.show();
}

 

If permission is granted, we continue with our intended actions.

In case, the permission is denied,  check with Android if we should show a permission rationale. `shouldShowRequestPermissionRationale` allows us to communicate the purpose of the permission to the user.

`shouldShowRequestPermissionRationale` returns `false` if the user has denied permission with option `Never ask again`. In this case, we can not invoke the Android permission dialog via `requestPermissions` API and user will have to enable permission via app settings. It makes sense to let the user know of the missing permission.

`shouldShowRequestPermissionRationale` Gets whether you should show UI with rationale for requesting permission. You should do this only if you do not have the permission and the context in which the permission is requested does not clearly communicate to the user what would be the benefit of granting this permission.

 

requesting a permission

 

Gotcha: Above implementation only works for Android API level 23 and is not compatible with older versions.

Better Fix: Use `com.android.support:support-v4` as specified in build.gradle line 24. Now your code should use Support library and make the following changes

 

checkSelfPermission(Manifest.permission.WRITE_EXTERNAL_STORAGE)
=> ContextCompat.checkSelfPermission(MainActivity.this, Manifest.permission.WRITE_EXTERNAL_STORAGE);
requestPermissions(new String[] {Manifest.permission.WRITE_EXTERNAL_STORAGE}, WRITE_EXTERNAL_STORAGE_REQUEST_CODE);
=> ActivityCompat.requestPermissions(MainActivity.this, new String[] {Manifest.permission.WRITE_EXTERNAL_STORAGE}, WRITE_EXTERNAL_STORAGE_REQUEST_CODE);
shouldShowRequestPermissionRationale(Manifest.permission.WRITE_EXTERNAL_STORAGE)
=> ActivityCompat.shouldShowRequestPermissionRationale(MainActivity.this, Manifest.permission.WRITE_EXTERNAL_STORAGE)

 

And we are done here!!

For targeting Android M or higher, refer to wrapper library EasyPermissions.

About RemotePanda

RemotePanda is a personalized platform for companies to hire remote talent and get the quality work delivered from the city Pune. The resources in our talent pool are our close network connections. While connecting them with you, we make sure to manage the quality, growth, legalities, and the delivery of their work. The idea is to make remote work successful for you. Get in touch with us to learn why RemotePanda is the best fit solution for your business requirements.

RemotePanda Android App Developer

Comments are closed.