Permissions: Changes that benefit users and devs!

Permissions: Changes that benefit users and devs!

https://skillsmatter.com/skillscasts/6616-permissions-changes-that-benefit-users-and-devs
Android Runtime Permissions are here in Marshmallow. Target 23, and build user trust by asking for permissions thoughtfully.

627ce26ea490d993a49d6b263768ca67?s=128

Eric Cochran

October 30, 2015
Tweet

Transcript

  1. ERIC COCHRAN PERMISSIONS: CHANGES THAT BENEFIT USERS AND DEVS! @ERIC_COCHRAN

    DROIDCON LONDON OCTOBER 30, 2015
  2. MARSHMALLOW IS HERE!

  3. 9 PERMISSION GROUPS • CALENDAR • READ_CALENDAR • WRITE_CALENDAR •

    CAMERA • CAMERA • CONTACTS • READ_CONTACTS • WRITE_CONTACTS • GET_ACCOUNTS • STORAGE • READ_EXTERNAL_STORAGE • WRITE_EXTERNAL_STORAGE • LOCATION • ACCESS_COARSE_LOCATION • ACCESS_FINE_LOCATION • SENSORS • BODY_SENSORS • MICROPHONE • RECORD_AUDIO • PHONE • READ_PHONE_STATE • CALL_PHONE • READ_CALL_LOG • WRITE_CALL_LOG • ADD_VOICEMAIL • USE_SIP • PROCESS_OUTGOING_CALLS • SMS • READ_SMS • SEND_SMS • RECEIVE_SMS • RECEIVE_MMS • RECEIVE_WAP_PUSH
  4. PROTECTION LEVEL • NORMAL — FREE! • DANGEROUS — ASK

    AT RUNTIME • SIGNATURE — /SYSTEM/PRIV-APP • PREINSTALLED — /SYSTEM/APP • PRE23 — FREE IF TARGET < 23 • DEVELOPMENT • PRIVILEGED (AKA SYSTEM) • SIGNATUREORSYSTEM • INSTALLER • VERIFIER
  5. KEEP UP WITH PERMISSIONS • PLATFORM_FRAMEWORKS_BASE • CORE/RES/ANDROIDMANIFEST.XML https://android.googlesource.com/platform/frameworks/ base.git/+/master/core/res/AndroidManifest.xml

  6. WHAT’S NEW FOR MY APP? • TARGETING < 23 •

    PERMISSIONS GRANTED BY DEFAULT • EMPTY DATA WHEN USERS EXPLICITLY DENY PERMISSIONS • PRE23 PROTECTION • WRITE_SETTINGS IS NO MORE • SYSTEM_ALERT_WINDOW IS GRANTABLE • 6.0: GET_ACCOUNTS NOT NEEDED FOR YOUR OWN ACCOUNT
  7. <uses-permission android:name=“android.permission.SYSTEM_ALERT_WINDOW"/> The hidden setting if (!Settings.canDrawOverlays(this)) {
 Intent intent

    = new Intent(Settings.ACTION_MANAGE_OVERLAY_PERMISSION,
 Uri.parse("package:" + activity.getPackageName()));
 activity.startActivityForResult(intent, REQUEST_CODE_PERMISION_SYSTEM_ALERT_WINDOW);
 } @Override protected void onActivityResult(int requestCode, int resultCode, Intent data) {
 if (requestCode == REQUEST_CODE_PERMISION_SYSTEM_ALERT_WINDOW) {
 if (Settings.canDrawOverlays(this)) {
 // yay!
 } else {
 // denied.
 }
 }
 }
  8. RUNTIME PERMISSIONS String permission = READ_CALENDAR;
 Context checker = …;

    // PERMISSION_DENIED or PERMISSION_GRANTED
 int result = checker.checkSelfPermission(permission);
  9. RUNTIME PERMISSIONS • USE SUPPORT ANNOTATIONS! @RequiresPermission(READ_CALENDAR) • USE SUPPORT

    V4! String permission = READ_CALENDAR;
 Context checker = …;
 int result = PermissionChecker.checkSelfPermission(checker, permission);
  10. RATIONALE BEFORE REQUEST? Activity requester = …;
 boolean rationale =

    requester.shouldShowRequestPermissionRationale(permission);
  11. REQUEST String[] permissionsNeeded = { READ_CALENDAR };
 Activity requester =

    ...;
 requester.requestPermissions(permissionsNeeded, requestCode); @Override public void onRequestPermissionsResult(int requestCode,
 @NonNull String[] permissions, @NonNull int[] grantResults) {
 // grantedResults full of PERMISSION_GRANTED and PERMISSION_DENIED.
 }
  12. DENIED: WHAT NOW? Intent appSettings = new Intent(Settings.ACTION_APPLICATION_DETAILS_SETTINGS, Uri.parse("package:" +

    context.getPackageName()));
 List<ResolveInfo> handlers = context.getPackageManager().queryIntentActivities( appSettings, 0);
 if (handlers.isEmpty()) {
 // We can't go to Settings.
 return;
 }
 context.startActivity(appSettings);
  13. TEST adb shell pm revoke <permission-name>

  14. MANIFEST TRICKS <uses-permission android:name="android.permission.GET_ACCOUNTS" android:maxSdkVersion="22"/> <uses-permission-sdk-23 android:name="android.permission.ACCESS_FINE_LOCATION"/>

  15. BUILD USER TRUST TARGETSDVERSION=23