Effective Permission in Android

Transcript

1. Permissions in Android World A Selim Salman @a_selims

2. A Selim Salman Diversified Android Engineer @a_selims - Started Android

   since 2009 in MSc. - Lived the Diversity of technology. - Back officially to Android 3 years ago!

3. The Story Overview about Permissions M BorderLine Use the permissions

   effectively “Nobody can hurt me without my permission.” Mahatma Gandhi

4. What is a permission? A string that has power! Defined

   at: AndroidManifest.xml <uses-permission android:name="android.permission.INTERNET" />

5. Permissions <uses-permission android:name="android.permission.INTERNET" /> <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" /> <uses-permission android:name="android.permission.WRITE_CALENDAR" />

   <uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED" /> <uses-permission android:name="android.permission.VIBRATE" /> <uses-permission android:name="android.permission.WAKE_LOCK" /> <uses-permission android:name="android.permission.GET_ACCOUNTS" />

6. Before M Permissions granted at Install Time. One shot: allow

   and install or disallow and forget the app!

7. After M: RunTime permissions Types of permissions: - normal “granted”

   - dangerous “request” Permission Groups: - e.g. CONTACT Simple, Empowering, Go The extra mile SDK 23+

8. Normal vs Dangerous • android.permission.INTERNET • android.permission.BLUETOOTH • android.permission.KILL_BACKGROUND_PROCESSES •

   android.permission.MODIFY_AUDIO_SETTINGS • android.permission.NFC • android.permission.READ_SYNC_SETTINGS • android.permission.READ_SYNC_STATS • ... android.permission-group.CALENDAR • android.permission.READ_CALENDAR • android.permission.WRITE_CALENDAR android.permission-group.CAMERA • android.permission.CAMERA android.permission-group.CONTACTS • android.permission.READ_CONTACTS • android.permission.WRITE_CONTACTS • android.permission.GET_ACCOUNTS android.permission-group.LOCATION • android.permission.ACCESS_FINE_LOCATION • android.permission.ACCESS_COARSE_LOCATION • ...

9. The Near Future

10. Flow Define at Manifest Always Check, Request, (maybe) Inform

11. Check the permission if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) { if (this.checkSelfPermission(Manifest.permission.WRITE_EXTERNAL_STORAGE)

    != PackageManager.PERMISSION_GRANTED) { if (shouldShowRequestPermissionRationale( Manifest.permission.WRITE_EXTERNAL_STORAGE)) { tvAlert.setText("Hey Man, I need this permission or I ..."); //Explain decently! } String[] reqPerms = {Manifest.permission.WRITE_EXTERNAL_STORAGE}; requestPermissions(reqPerms, REQ_CODE_EXT_STORAGE); return; } }

12. Handle the Permission @@Override public void onRequestPermissionsResult(int requestCode, String[] permissions,

    int[] grantResults) { if(requestCode == REQ_CODE_EXT_STORAGE){ if(grantResults[0] == PackageManager.PERMISSION_GRANTED){ //ToDo write to Disk } else { //ToDo Deal with the situation gracefully } } }

13. If not granted “When the app attempts to perform an

    operation that requires that permission, the operation will not necessarily cause an exception. Instead, it might return an empty data set, signal an error, or otherwise exhibit unexpected behavior. For example, if you query a calendar without permission, the method returns an empty data set.” http://developer.android.com/preview/features/runtime-permissions.html https://github.com/aselims/android-RuntimePermissions

14. Devices and Apps ◦ Pre-M device, pre-M app “1 shot”

    ◦ Pre-M device, M app “1 shot” ◦ M device, M app “RT” ◦ M device, pre-M app “1 shot but revoked” handle M APIs: if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {}

15. Effective Permissions Remove the permissions you do not need, How?!

    - Google Play Services & 3rd party Libs permissions - Selectively compile the libs that you need. https://developers.google. com/android/guides/setup - Edit Libs from source. Use Intents! “No control over UX”

16. Show me the Code!

17. Thanks! Selim Linkedin.com/aselimSalman @a_selims [email protected]

18. None

19. dependencies { compile 'com.google.android.gms:play-services:7.8.0' } //compile 'com.google.android.gms:play-services:7.5.0' compile 'com.google.android.gms:play-services-plus:7.5.0' compile

    'com.google.android.gms:play-services-analytics:7.5.0' compile 'com.google.android.gms:play-services-gcm:7.5.0'

20. • Static • <service android:name=“.MyService” android:permission=“com.hiqes. android.permission. MY_SERVICE_CLIENT” /> Dynamic

    • if (checkCallingOrSelfPermission (MyApp.permissions. MY_SERVICE_CLIENT) != PackageManager. PERMISSION_GRANTED)