Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Effective Permission in Android

3a7c04e082380dc5d76182aefb1e244a?s=47 Selim
September 30, 2015

Effective Permission in Android

Effective Permission in Android before and after Marshmallow. presented at GDG Android meetup Berlin. http://www.meetup.com/GDG-Berlin-Android/events/225467763/

3a7c04e082380dc5d76182aefb1e244a?s=128

Selim

September 30, 2015
Tweet

More Decks by Selim

Other Decks in Programming

Transcript

  1. Permissions in Android World A Selim Salman @a_selims

  2. A Selim Salman Diversified Android Engineer @a_selims - Started Android

    since 2009 in MSc. - Lived the Diversity of technology. - Back officially to Android 3 years ago!
  3. The Story Overview about Permissions M BorderLine Use the permissions

    effectively “Nobody can hurt me without my permission.” Mahatma Gandhi
  4. What is a permission? A string that has power! Defined

    at: AndroidManifest.xml <uses-permission android:name="android.permission.INTERNET" />
  5. Permissions <uses-permission android:name="android.permission.INTERNET" /> <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" /> <uses-permission android:name="android.permission.WRITE_CALENDAR" />

    <uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED" /> <uses-permission android:name="android.permission.VIBRATE" /> <uses-permission android:name="android.permission.WAKE_LOCK" /> <uses-permission android:name="android.permission.GET_ACCOUNTS" />
  6. Before M Permissions granted at Install Time. One shot: allow

    and install or disallow and forget the app!
  7. After M: RunTime permissions Types of permissions: - normal “granted”

    - dangerous “request” Permission Groups: - e.g. CONTACT Simple, Empowering, Go The extra mile SDK 23+
  8. Normal vs Dangerous • android.permission.INTERNET • android.permission.BLUETOOTH • android.permission.KILL_BACKGROUND_PROCESSES •

    android.permission.MODIFY_AUDIO_SETTINGS • android.permission.NFC • android.permission.READ_SYNC_SETTINGS • android.permission.READ_SYNC_STATS • ... android.permission-group.CALENDAR • android.permission.READ_CALENDAR • android.permission.WRITE_CALENDAR android.permission-group.CAMERA • android.permission.CAMERA android.permission-group.CONTACTS • android.permission.READ_CONTACTS • android.permission.WRITE_CONTACTS • android.permission.GET_ACCOUNTS android.permission-group.LOCATION • android.permission.ACCESS_FINE_LOCATION • android.permission.ACCESS_COARSE_LOCATION • ...
  9. The Near Future

  10. Flow Define at Manifest Always Check, Request, (maybe) Inform

  11. Check the permission if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) { if (this.checkSelfPermission(Manifest.permission.WRITE_EXTERNAL_STORAGE)

    != PackageManager.PERMISSION_GRANTED) { if (shouldShowRequestPermissionRationale( Manifest.permission.WRITE_EXTERNAL_STORAGE)) { tvAlert.setText("Hey Man, I need this permission or I ..."); //Explain decently! } String[] reqPerms = {Manifest.permission.WRITE_EXTERNAL_STORAGE}; requestPermissions(reqPerms, REQ_CODE_EXT_STORAGE); return; } }
  12. Handle the Permission @@Override public void onRequestPermissionsResult(int requestCode, String[] permissions,

    int[] grantResults) { if(requestCode == REQ_CODE_EXT_STORAGE){ if(grantResults[0] == PackageManager.PERMISSION_GRANTED){ //ToDo write to Disk } else { //ToDo Deal with the situation gracefully } } }
  13. If not granted “When the app attempts to perform an

    operation that requires that permission, the operation will not necessarily cause an exception. Instead, it might return an empty data set, signal an error, or otherwise exhibit unexpected behavior. For example, if you query a calendar without permission, the method returns an empty data set.” http://developer.android.com/preview/features/runtime-permissions.html https://github.com/aselims/android-RuntimePermissions
  14. Devices and Apps ◦ Pre-M device, pre-M app “1 shot”

    ◦ Pre-M device, M app “1 shot” ◦ M device, M app “RT” ◦ M device, pre-M app “1 shot but revoked” handle M APIs: if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {}
  15. Effective Permissions Remove the permissions you do not need, How?!

    - Google Play Services & 3rd party Libs permissions - Selectively compile the libs that you need. https://developers.google. com/android/guides/setup - Edit Libs from source. Use Intents! “No control over UX”
  16. Show me the Code!

  17. Thanks! Selim Linkedin.com/aselimSalman @a_selims selim.2k@gmail.com

  18. None
  19. dependencies { compile 'com.google.android.gms:play-services:7.8.0' } //compile 'com.google.android.gms:play-services:7.5.0' compile 'com.google.android.gms:play-services-plus:7.5.0' compile

    'com.google.android.gms:play-services-analytics:7.5.0' compile 'com.google.android.gms:play-services-gcm:7.5.0'
  20. • Static • <service android:name=“.MyService” android:permission=“com.hiqes. android.permission. MY_SERVICE_CLIENT” /> Dynamic

    • if (checkCallingOrSelfPermission (MyApp.permissions. MY_SERVICE_CLIENT) != PackageManager. PERMISSION_GRANTED)