Why WRITE_CONTACTS permission is granted without request? - java

I have 2 devices with API 28 and an app which needs WRITE_CONTACTS permission. I have added it in manifest <uses-permission android:name="android.permission.WRITE_CONTACTS" />. In the list of contacts in my app, when user click on delete contact, I have made a check to see if there is a permission and request if not. So, in 1st device the method
public static boolean checkWriteContactsPermission(Context context) {
if (Build.VERSION.SDK_INT < Build.VERSION_CODES.M) {
return true;
}
return ContextCompat.checkSelfPermission(context, Manifest.permission.WRITE_CONTACTS) == PackageManager.PERMISSION_GRANTED;
}
return true, at the same time on the 2nd device it reutrns false. I don`t request this permission earlier. Why does it work differently?


Android Permissions are divided into Permission groups, WRITE_CONTACTS is a part of the Contacts permission group.
if you've already asked for another permission in that same group, you are actually granted permissions for the entire group.
So if you've already asked for, and been granted permission for READ_CONTACTS, you'll get WRITE_CONTACTS for free.
But groups may change between different Android versions, see this part in the linked docs:
If the app has already been granted another dangerous permission in
the same permission group, the system immediately grants the
permission without any interaction with the user. For example, if an
app had previously requested and been granted the READ_CONTACTS
permission, and it then requests WRITE_CONTACTS, the system
immediately grants that permission without showing the permissions
dialog to the user.
And then:
Caution: Future versions of the Android SDK might move a particular
permission from one group to another. Therefore, don't base your app's
logic on the structure of these permission groups.
For example, READ_CONTACTS is in the same permission group as
WRITE_CONTACTS as of Android 8.1 (API level 27). If your app requests
the READ_CONTACTS permission, and then requests the WRITE_CONTACTS
permission, don't assume that the system can automatically grant the
WRITE_CONTACTS permission.

Related

Does ACCESS_FINE_LOCATION permission include ACCESS_COARSE_LOCATION permissons

Good day i was wondering if the user grants an application access to the ACCESS_FINE_LOCATION permission if that application would also automatically have access to the ACCESS_COARSE_LOCATION API methods

As you can see in the LocationManager API and in an older version of the guide:
If you are using both NETWORK_PROVIDER and GPS_PROVIDER, then you need
to request only the ACCESS_FINE_LOCATION permission, because it
includes permission for both providers. (Permission for
ACCESS_COARSE_LOCATION includes permission only for NETWORK_PROVIDER.)
In short: yes, you are allowing to ACCESS_COARSE_LOCATION if you've already defined ACCESS_FINE_LOCATION.

The SYSTEM_ALERT_WINDOW permission is not provided automatically after publishing to the Play Store

According to this post, after publishing in Play Store for Android 6 device the SYSTEM_ALERT_WINDOW permission has to be given automatically.
Here it's shown that my App has permission to draw over other apps.
But after downloading from Play Store it is not provided automatically.
I have announced SYSTEM_ALERT_WINDOW only in AndroidManifest.xml
<uses-permission android:name="android.permission.SYSTEM_ALERT_WINDOW"/>
What else can I do to make users receive the SYSTEM_ALERT_WINDOW permission automatically after downloading the app from an app store? Is there any chance that the Play Store will block me and not grant the ability to get the permission automatically?

Requesting Permissions & Permission Group

As per Android Guideline user need grant permission if they have device with android version Marshmallow and up. I have followed instruction given here for my application.
I have declared two permission in my application called WRITE_EXTERNAL_STORAGE and READ_EXTERNAL_STORAGE in my manifest file. I am little confused in
Permission Group
I have asked permission of WRITE_EXTERNAL_STORAGE, I still need ask permission READ_EXTERNAL_STORAGE or it may automatic granted when user grant WRITE_EXTERNAL_STORAGE permission ?

How to display permission request with api 14

I need to display request permission (Read external storage) at run time. without the permission my app crash instantly.

In API 14 you don't need to do a request.
Just put in your manifest above <application> section:
<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" />

Requesting permissions at run time is not supported with API level 14, it isn't supported until API level 23.
If you're running your app from Android Studio on a device or emulator where the app is already installed, your app will not ask for permission when it runs. If you inadvertently remove the permission you will need to manually grant the permission through the Application Manager on the device or emulator.
To prevent the initial crash, you could wrap the offending call in a permissions check.
if (ContextCompat.checkSelfPermission(thisActivity, Manifest.permission.READ_EXTERNAL_STORAGE)
== PackageManager.PERMISSION_GRANTED) {
// READ DATA
}
Hope this helps!

When exactly to ask for Runtime Permission?

Since Runtime Permissions were introduced in Android Marshmallow, I've been meaning to apply the new way for requesting permissions and I've read and understood the dangerous permissions and how to check for them and request them.
The question is, If I have an Activity that contains a Button for opening Camera.
Do I check and request the permission when the Activity is opened? Or when the button is clicked?
Please explain why your suggested way is preferred.

Do I check and request the permission when the Activity is opened? Or when the button is clicked?
If the only purpose of the Activity is to take a picture when the button is clicked, I would request the permission when the activity is opened.
If the Activity has other roles, such that the take-a-picture button is only one feature out of many, I would ask for the permission when the user clicks the button.
In other words, once the user has requested to go down a path that will (almost) certainly need the permission, ask for the permission.

According to me, when click on button ask for permission to open camera.
because activity can have many component which can request for like camera, contacts, write storage, etc
so you must not ask for permission when activity opens but when you click on button ask for camera permission
if you want to send SMS than ask when you need to send not at opening of activity.
Permissions Best Practices.
You can download official sample app here.
hope you get it.

Starting from Android SDK 23, system permissions are divided into two categories, normal and dangerous:
Normal permissions do not directly risk the user's privacy. If your
app lists a normal permission in its manifest, the system grants the
permission automatically.
Dangerous permissions can give the app access to the user's
confidential data.
If your app lists a normal permission in its manifest, the system grants the permission automatically. If you list a dangerous permission, the user has to explicitly give approval to your app.
For more information, see Normal and Dangerous Permissions.
If your app targets API 23, and you need to ask user for a dangerous
permission (such as READ_CONTACT or READ_CALL_LOG etc.), you need to
ask for permission in runtime.

Categories