Android Marshmallow runtime permissions
Starting with Android 6.0 (Android Marshmallow, API level 23), application will not be granted any permission during installation time. If your application targeting API level 23, has to ask user for a required permission at runtime.
If your application wants know the device’s location, the permission request dialog will be shown like the following.
The permission request dialog shown above will not show automatically, the developer has to call manually. If user clicks “Allow”, then the requested permission will be granted otherwise no.
Suppose you application wants access the location and checks network state, then you will be declaring that in manifest file as shown. The following is the AndroidManifest.xml file.
<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
While installing this application on mobile devices targeting below API level 23, it should show like the following.
In this case at the time of installation only the all required permissions are granted to the user. If your application want to know the current location of user, no need to check for the permission, application can directly access the location.
Whereas while installing this application on mobile devices targeting API level 23 (Android 6.0 or later), it should show the following.
In this case no permissions are granted at the time of installation time. But the list of permissions required to run the application will be shown in the phone’s settings application. Besides, user is also able to revoke the granted permission anytime.
In this case your application wants to know the current location of user, developer has to check whether the “ACCESS_FINE_LOCATION” and “ACCESS_COARSE_LOCATION” permissions are granted or not.
If the above permissions are not granted, then the application has to show the permission request dialog to grant the requested permission.
The code to check whether the required permission is granted or not is as follows.
boolean hasPermission = ContextCompat.checkSelfPermission(this, Manifest.permission.ACCESS_FINE_LOCATION)
== PackageManager.PERMISSION_GRANTED && ContextCompat.checkSelfPermission(this,Manifest.permission.ACCESS_COARSE_LOCATION)
== PackageManager.PERMISSION_GRANTED;
if (hasPermission)
{
//Get the location
}
else
{
//show the permission request dialog.
}
The following code is to show the permission request dialog to grant permission to access location,
ActivityCompat.requestPermissions(this,new String[]{Manifest.permission.ACCESS_COARSE_LOCATION,
Manifest.permission.ACCESS_FINE_LOCATION},
PERMISSIONS_REQUEST_LOCATION_REQUEST_CODE);
By calling this method, the permission request dialog shown like the following.
To know whether user has granted permission or not, developer has to handle the “onRequestPermissionsResult ()” method.
@Override
public void onRequestPermissionsResult(int requestCode, String[] permissions, int[] grantResults) {
switch (requestCode)
{
case PERMISSIONS_REQUEST_LOCATION_REQUEST_CODE:
{
if (grantResults.length > 0
&& grantResults[0] == PackageManager.PERMISSION_GRANTED)
{
//Permission was granted. Do the Location related task.
}
else
{
//permission denied, Disable the functionality that depends on this permission.
}
}
}
}
There is some permission that will be automatically granted at install time and will not be able to revoke. Here is the full list.
android.permission.NFC
android.permission.READ_SYNC_SETTINGS
android.permission.READ_SYNC_STATS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.REORDER_TASKS
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.SET_TIME_ZONE
android.permission.SET_WALLPAPER
android.permission.SET_WALLPAPER_HINTS
android.permission.SUBSCRIBED_FEEDS_READ
android.permission.TRANSMIT_IR
android.permission.USE_FINGERPRINT
android.permission.VIBRATE
android.permission.WAKE_LOCK
android.permission.WRITE_SYNC_SETTINGS
com.android.alarm.permission.SET_ALARM
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.UNINSTALL_SHORTCUT
android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_NOTIFICATION_POLICY
android.permission.ACCESS_WIFI_STATE
android.permission.ACCESS_WIMAX_STATE
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.BROADCAST_STICKY
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_MULTICAST_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.CHANGE_WIMAX_STATE
android.permission.DISABLE_KEYGUARD
android.permission.EXPAND_STATUS_BAR
android.permission.FLASHLIGHT
android.permission.GET_PACKAGE_SIZE
android.permission.INTERNET
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.MODIFY_AUDIO_SETTINGS
Just simply declare those permissions in “AndroidManifest.xml” and it will work just fine. No need to check for the permission listed above since it couldn't be revoked.
Anyway this new Runtime Permission will work like described only when we set the application's targetSdkVersion to 23 which mean it is declared that application has already been tested on API Level 23. And this feature will work only on Android 6.0 Marshmallow. The same app will run with same old behavior on pre-Marshmallow device.
- Summation IT
- Wednesday 24 January 2018 |
- Mobile App Development |
Categories
Recent Posts
Common Vulnerabilities in Web Applications:
Security in a website is the most important factor needs to be taken care of if considered. Are your website and user data safe and secure?Android Marshmallow runtime permissions
Security in a website is the most important factor needs to be taken care of if considered. Are your website and user data safe and secure?SignalR – Why, What and How?
An increasing number of software out there namely websites and web applications today offer or need to offer real-time dataIndexing in SQL Server
An increasing number of software out there namely websites and web applications today offer or need to offer real-time data
