I am developing an APP wanted to connect the GPS device, in fact, I do not want to prompt the user to manually activate would like to do automatically is it possible?
I know to ask the user to activate it manually now connect the GPS without request can not my app works with root access, if it has something that can be done with root it will also be valid
The android platform relies upon permissions, you can most certainly use the GPS in your app, but the user will be notified at first use. After the user accepts your permission your app will be allowed to use GPS in background
Related
Since Android 11, there has been a system feature where it resets app permissions after a certain amount of time has passed and you haven't used the app.
I know you can turn it off on most apps, by the user itself like the screenshot below :
and also it seems to turn back on when there are app or system updates.
How can I disable this function in my app by code or sth else?
Well, I doubt there is an easy way.
If your app is a device policy controller, it will not be set to hibernation (System exemptions from hibernation) or, if your app is a default handler for messages, phone, browser etc.
What you can do, is to ask the user to disable auto revoke for your app. But you might have to do that after updates as well, if the system resets this privilege on your app (so your problem won't be solved).
The permissions you request in your app manifest (android:required="true") should never be revoked. But of course you cannot request every kind of permission that way. Some need to be requested explicitly.
Apps using background services are whitelisted automatically as stated here. So you can declare a background service, if this is appropriate for you. But if there is nothing to be done, I could imagine, that the system removes your app from whitelist. (I didn't test all of it)
If you see this post you can also try
PackageManager pm = getPackageManager();
pm.setAutoRevokeWhitelisted(getPackageName(), true);
boolean result = pm.isAutoRevokeWhitelisted(); // result should be true
and this in your manifest:
<uses-permission android:name="android.permission.WHITELIST_AUTO_REVOKE_PERMISSIONS" />
But I actually doubt it works.
i found article for your subject. It's says,
"The toggle is disabled for some apps that perform a background
service, including device admin apps Whenever the toggle is
hidden/disabled the app is already exempted from auto revoke"
Link to the article
You can examine this if you want. I hope it helps you.
For context, the Android documentation says that some app classes receive the SYSTEM_ALERT_WINDOW permission automatically on request:
Any app that has ROLE_CALL_SCREENING and requests SYSTEM_ALERT_WINDOW automatically receives the permission. If the app misses ROLE_CALL_SCREENING, it loses permission.
Any app that is capturing the screen using a MediaProjection and requests SYSTEM_ALERT_WINDOW automatically receives permission, unless explicitly denied by the user. When the app stops capturing the screen, it loses permission. This use case is primarily intended for apps to stream games live.
How can I achieve this configuration to be able to obtain this permission automatically or by default?
As the documentation you quoted says, if you don't fit into one of those use cases, you can't.
It needs to be explicitly granted, and not all devices even support it.
This is because being able to draw over the screen whenever the app wants opens the door to bad behaviors, such as disguising other parts of the UI or preventing the using from using the device properly.
I have just completed my app which I have React Native using Expo. It is my first time uploading an APP to Play Store. After I got finished uploading my APP and all the requirements I got an Email from Google that my APP got Rejected, and I have no idea how to fix the issues they have listed.
=====================================================================
Here are the reasons:
The declared function DEVICE_AUTOMATION is allowed, but not approved for the specific permissions that are listed in your manifestREAD_SMS . These excess permissions READ_SMS must be removed from your app manifest
The declared functionality DEVICE_AUTOMATION is determined to be unnecessary or not aligned with the core functionality of your app.
=====================================================================
Any help would be grateful.
Best Regards
Musayyab
Starting from Jan 9, 2019, Google starts restricts the use of high risk or sensitive permission including SMS or Call Log.
According to mail, you can't use READ_SMS permission in your application. (It does not matter what application make by whatever language) Indeed, Google just judge 'Your application doesn't need READ_SMS function'.
If you tried to use READ_SMS as OTP(or Phone Authentication), You can use SMS Retriever API to achieve almost same feature.
In other cases, there are no alternatives available at this time.
Android apps have something called Permissions which the app tell s the phone what it would like to do. The purpose of these is to protect the privacy of the Android User.
Google Play has recently got stricter in what apps it will allow to use some of these permissions, as they are often used by abusive apps. One of these permissions is READ_SMS. If an app is granted this permission it is allowed to read all of the users SMS messages.
It sounds from your comment like you don't want your app to read the users SMS messages. So in this case the check worked - your app was asking for a permission it didn't need. You should remove the request for the READ_SMS permission from your app.
There are instructions on editing the permissions in a react native app here. So possibly you added this permission to your AndroidManifest.xml file. If you did, then you should remove it.
If you didn't add it yourself, it is a possible a bad third-party library you added to your app added the permission. If so you should stop using that library.
Android requires super user for deleting, modifying or reading anything in the root directory except system which is read only.
However, I have noticed that even without a rooted device, some applications are able to take advantage of these processes. For example, Norton is able to do device wipes on non-rooted phones. Is there a way to grant my application similar access?
An application with Administrator Rights can use the Device Administration API. This API offers the ability to wipe the device.
Using this, it doesn't need any super-user permissions, it only needs device administrator rights.
To summarize how to use the Device Administration API:
You need a resource file declaring policies needed by your app
<device-admin xmlns:android="http://schemas.android.com/apk/res/android">
<uses-policies>
<wipe-data />
</uses-policies>
</device-admin>
You need to implement a DeviceAdminReceiver to react to various administration event your app is interested in. (an empty implementation can be enough if you are only interested in wipe-device) (more details on how to setup this receiver: here)
You need the BIND_DEVICE_ADMIN permission
At some point (probably at start up) your app must trigger ACTION_ADD_DEVICE_ADMIN to ask to the user to grant "Device Administration Rights" to your app. (once those rights are granted, there is no reason to ask them again. The user always have the ability to un-grant those rights from the Settings app)
When your setup is correct (and if the user grant Device Admin rights to your app), you can invoke the DevicePolicyManager:
DevicePolicyManager devicePolicyManager = (DevicePolicyManager) context.getSystemService(Context.DEVICE_POLICY_SERVICE);
devicePolicyManager.wipeData(0);
Note that an app with device administrator rights cannot be un-installed. The user needs to manually remove those rights (with the Settings app) before being able to un-install it.
I've been trying to do correctly Google Plus sign in and it's all correct except that.
Once I've done google plus sign in, I cannot try to log with another account. Is this right?
Thanks!
If you want to simply allow the user to select an alternative account you can call PlusClient.clearDefaultAccount(). You probably also want to disconnect and reconnect the PlusClient to properly put the user into a signed out state in your app, as explained here:
https://developers.google.com/+/mobile/android/sign-in#sign_out_the_user
To actually disconnect the user from your app - ie. revoke permission for the app to call Google APIs on the users behalf, you need to call mPlusClient.revokeAccessAndDisconnect(), as in:
https://developers.google.com/+/mobile/android/sign-in#revoking_access_tokens_and_disconnecting_the_app