Android Permissions

Android Runtime Permissions Tutorial and Examples.

Android has this concept of permission requesting before accessing various device resources.

This helps in protecting the privacy of an Android Device user.
So for example you(your apps) have to request permissions to:

  1. Access sensitive user data (such as contacts and SMS).
  2. Acess certain system features (such as camera and internet).

Depending on the feature, the system might grant the permission automatically or might prompt the user to approve the request.

Permission approval

Your apps will have to declare the permissions for certain device features using the <uses-permission> tags in the AndroidManifest.xml file.

For example, an app that needs to send SMS messages would have this line in the manifest:

<manifest 
          package="com.example.mysmsapp">

    <uses-permission android_name="android.permission.SEND_SMS"/>

    <application ...>
        ...
    </application>
</manifest>

An app that requires to access network must declare a permissio also:

xml
<manifest 
          package="com.example.myinternetapp">

    <uses-permission android_name="android.permission.INTERNET"/>

    <application ...>
        ...
    </application>
</manifest></code></pre>
<h4>Protection levels</h4>
There are several protection levels for permissions.These levels affect whether runtime permission requests are required.

These levels include:
<ol>
 	<li>Normal.</li>
 	<li>Signature.</li>
 	<li>Dangerous permissions.</li>
</ol>
If your app lists normal permissions in its manifest (that is, permissions that don't pose much risk to the user's privacy or the device's operation), the system automatically grants those permissions to your app.

If your app lists dangerous permissions in its manifest (that is, permissions that could potentially affect the user's privacy or the device's normal operation), such as the <code>SEND_SMS</code> permission above, the user must explicitly agree to grant those permissions.
<h5>(a). Normal Permissions</h5>
These are required when your app needs to access data or resources outside the app's sandbox, but where there's very little risk to the user's privacy or the operation of other apps. For example, permission to set the time zone is a normal permission.

If an app declares in its manifest that it needs a normal permission, the system automatically grants the app that permission at install time. The system doesn't prompt the user to grant normal permissions, and users cannot revoke these permissions.

Normal permissions include:
<ol>
 	<li>ACCESS_LOCATION_EXTRA_COMMANDS</li>
 	<li>ACCESS_NETWORK_STATE</li>
 	<li>ACCESS_NOTIFICATION_POLICY</li>
 	<li>ACCESS_WIFI_STATE</li>
 	<li>BLUETOOTH</li>
 	<li>BLUETOOTH_ADMIN</li>
 	<li>BROADCAST_STICKY</li>
 	<li>CHANGE_NETWORK_STATE</li>
 	<li>CHANGE_WIFI_MULTICAST_STATE</li>
 	<li>CHANGE_WIFI_STATE</li>
 	<li>DISABLE_KEYGUARD</li>
 	<li>EXPAND_STATUS_BAR</li>
 	<li>FOREGROUND_SERVICE</li>
 	<li>GET_PACKAGE_SIZE</li>
 	<li>INSTALL_SHORTCUT</li>
 	<li>INTERNET</li>
 	<li>KILL_BACKGROUND_PROCESSES</li>
 	<li>MANAGE_OWN_CALLS</li>
 	<li>MODIFY_AUDIO_SETTINGS</li>
 	<li>NFC</li>
 	<li>READ_SYNC_SETTINGS</li>
 	<li>READ_SYNC_STATS</li>
 	<li>RECEIVE_BOOT_COMPLETED</li>
 	<li>REORDER_TASKS</li>
 	<li>REQUEST_COMPANION_RUN_IN_BACKGROUND</li>
 	<li>REQUEST_COMPANION_USE_DATA_IN_BACKGROUND</li>
 	<li>REQUEST_DELETE_PACKAGES</li>
 	<li>REQUEST_IGNORE_BATTERY_OPTIMIZATIONS</li>
 	<li>SET_ALARM</li>
 	<li>SET_WALLPAPER</li>
 	<li>SET_WALLPAPER_HINTS</li>
 	<li>TRANSMIT_IR</li>
 	<li>USE_FINGERPRINT</li>
 	<li>VIBRATE</li>
 	<li>WAKE_LOCK</li>
 	<li>WRITE_SYNC_SETTINGS</li>
</ol>
<h5>(b). Signature permissions</h5>
The second type of permission are the <code>Signature</code> permission.

These get granted by the system at install time. However this occurs only when the app that attempts to use a permission is signed by the same certificate as the app that defines the permission.

As of <code>Android 8.1 (API level 27)</code>, the following permissions that third-party apps can use are classified as <code>PROTECTION_SIGNATURE</code>:
<ol>
 	<li>BIND_ACCESSIBILITY_SERVICE</li>
 	<li>BIND_AUTOFILL_SERVICE</li>
 	<li>BIND_CARRIER_SERVICES</li>
 	<li>BIND_CHOOSER_TARGET_SERVICE</li>
 	<li>BIND_CONDITION_PROVIDER_SERVICE</li>
 	<li>BIND_DEVICE_ADMIN</li>
 	<li>BIND_DREAM_SERVICE</li>
 	<li>BIND_INCALL_SERVICE</li>
 	<li>BIND_INPUT_METHOD</li>
 	<li>BIND_MIDI_DEVICE_SERVICE</li>
 	<li>BIND_NFC_SERVICE</li>
 	<li>BIND_NOTIFICATION_LISTENER_SERVICE</li>
 	<li>BIND_PRINT_SERVICE</li>
 	<li>BIND_SCREENING_SERVICE</li>
 	<li>BIND_TELECOM_CONNECTION_SERVICE</li>
 	<li>BIND_TEXT_SERVICE</li>
 	<li>BIND_TV_INPUT</li>
 	<li>BIND_VISUAL_VOICEMAIL_SERVICE</li>
 	<li>BIND_VOICE_INTERACTION</li>
 	<li>BIND_VPN_SERVICE</li>
 	<li>BIND_VR_LISTENER_SERVICE</li>
 	<li>BIND_WALLPAPER</li>
 	<li>CLEAR_APP_CACHE</li>
 	<li>MANAGE_DOCUMENTS</li>
 	<li>READ_VOICEMAIL</li>
 	<li>REQUEST_INSTALL_PACKAGES</li>
 	<li>SYSTEM_ALERT_WINDOW</li>
 	<li>WRITE_SETTINGS</li>
 	<li>WRITE_VOICEMAIL</li>
</ol>
<h5>(c). Dangerous permissions</h5>
Permissions are considered to be of dangerous type when you app wants data or resources involving user's private information, or could potentially affect the user's stored data or the operation of other apps.

For example, the ability to read the user's contacts is a dangerous permission. If an app declares that it needs a dangerous permission, the user has to explicitly grant the permission to the app. Until the user approves the permission, your app cannot provide functionality that depends on that permission.

To use a dangerous permission, your app must prompt the user to grant permission at runtime. For more details about how the user is prompted.
<table>
<thead>
<tr>
<th>No.</th>
<th>Permission Group</th>
<th>Permissions</th>
</tr>
</thead>
<tbody>
<tr>
<td>1.</td>
<td>CALENDAR</td>
<td>READ_CALENDAR , WRITE_CALENDAR</td>
</tr>
<tr>
<td>2.</td>
<td>CALL_LOG</td>
<td>READ_CALL_LOG, WRITE_CALL_LOG, PROCESS_OUTGOING_CALLS</td>
</tr>
<tr>
<td>3.</td>
<td>CAMERA</td>
<td>CAMERA</td>
</tr>
<tr>
<td>4.</td>
<td>CONTACTS</td>
<td>READ_CONTACTS, WRITE_CONTACTS, GET_ACCOUNTS</td>
</tr>
<tr>
<td>5.</td>
<td>LOCATION</td>
<td>ACCESS_FINE_LOCATION, ACCESS_COARSE_LOCATION</td>
</tr>
<tr>
<td>6.</td>
<td>MICROPHONE</td>
<td>RECORD_AUDIO</td>
</tr>
<tr>
<td>7.</td>
<td>PHONE</td>
<td>READ_PHONE_STATE, READ_PHONE_NUMBERS, CALL_PHONE, ANSWER_PHONE_CALLS,ADD_VOICEMAIL , USE_SIP</td>
</tr>
<tr>
<td>8.</td>
<td>SENSORS</td>
<td>BODY_SENSORS</td>
</tr>
<tr>
<td>9.</td>
<td>SMS</td>
<td>SEND_SMS, RECEIVE_SMS, READ_SMS, RECEIVE_WAP_PUSH, RECEIVE_MMS</td>
</tr>
<tr>
<td>10.</td>
<td>STORAGE</td>
<td>READ_EXTERNAL_STORAGE, WRITE_EXTERNAL_STORAGE</td>
</tr>
</tbody>
</table>
<h5>(d). Special permissions</h5>
However, some permissions don't behave like normal and dangerous permissions. These include the <code>SYSTEM_ALERT_WINDOW</code> and <code>WRITE_SETTINGS</code> . These are particularly sensitive, so most apps should not use them.

If an app needs one of these permissions, it must declare the permission in the manifest, and send an intent requesting the user's authorization. The system responds to the intent by showing a detailed management screen to the user.

Find more details about permissions <a href="https://developer.android.com/training/permissions/requesting">here</a>.
<h4>How to Check for permissions</h4>
As we have said, dangerous permissions get specified when your app tries to access user's sensitive or private data. So if your app needs a dangerous permission, you must check whether you have that permission every time you perform an operation that requires that permission.

Since <code>Android 6.0 (API level 23)</code>, users have the authority to revoke permissions from any app at any time, even if the app targets a lower API level. So even if the app used the camera yesterday, it can't assume it still has that permission today.

Luckily checking for permissions is easy, you do it using the <code>ContextCompat.checkSelfPermission()</code> method. For example, this snippet shows how to check if the activity has permission to write to the calendar.
<pre>if (ContextCompat.checkSelfPermission(thisActivity, Manifest.permission.WRITE_CALENDAR)
        != PackageManager.PERMISSION_GRANTED) {
    // Permission is not granted 
} </code></pre>
Then suppose your app has been given the permission, our method will return <code>PERMISSION_GRANTED</code>. That means the app can proceed with the operation. One the other hand if the app does not have the permission, the method returns <code>PERMISSION_DENIED</code>, and the app has to explicitly ask the user for permission.
<h4>How to Request the permissions you need</h4>
You have to call one of the <code>requestPermissions()</code> methods to request for the appropriate permission.
Then our app will app pass the permissions it wants and an <code>integer</code> request code. This request code is meant to identify our permission request. This method functions asynchronously. It returns right away, and after the user responds to the prompt, the system calls the app's callback method with the results, passing the same request code that the app passed to <code>requestPermissions()</code>.

Here's an example:
<pre>// Here, thisActivity is the current activity 
if (ContextCompat.checkSelfPermission(thisActivity,
        Manifest.permission.READ_CONTACTS) 
        != PackageManager.PERMISSION_GRANTED) {

    // Permission is not granted 
    // Should we show an explanation? 
    if (ActivityCompat.shouldShowRequestPermissionRationale(thisActivity,
            Manifest.permission.READ_CONTACTS)) { 
        // Show an explanation to the user *asynchronously* -- don't block 
        // this thread waiting for the user's response! After the user 
        // sees the explanation, try again to request the permission. 
    } else { 
        // No explanation needed; request the permission 
        ActivityCompat.requestPermissions(thisActivity,
                new String[]{Manifest.permission.READ_CONTACTS},
                MY_PERMISSIONS_REQUEST_READ_CONTACTS); 

        // MY_PERMISSIONS_REQUEST_READ_CONTACTS is an 
        // app-defined int constant. The callback method gets the 
        // result of the request. 
    } 
} else { 
    // Permission has already been granted 
} </code></pre>
<h4>Quick Permissions Example</h4>
<h5>1. Android Runtime Permission Check and Request</h5>
Let's now put together a simple utility or helper class to allow us check and request for permissions in an easy manner.
This class can be reused.
<pre>import android.app.Activity;
import android.content.Context;
import android.content.Intent;
import android.content.pm.PackageManager;
import android.os.Bundle;
import android.support.annotation.NonNull;
import android.support.v4.app.ActivityCompat;
import android.support.v4.content.ContextCompat;
import android.support.v7.app.AppCompatActivity;

public class PermissionUtils{

    private static final int REQUEST_CODE = 1111;

    private Context context;

    private PermissionCallback callback;

    private PermissionUtils(Context context) {
        this.context = context;
    }

    public static PermissionUtils getInstance(Context context){
        return new PermissionUtils(context);
    }

    public void requestPermission(@NonNull String permission){
        if (ContextCompat.checkSelfPermission(context,permission) == PackageManager.PERMISSION_GRANTED){
            if (callback != null){
                callback.success();
            }
        }else {
            ActivityCompat.requestPermissions((Activity) context,new String[]{permission},REQUEST_CODE);
        }
    }

    public PermissionUtils setCallback(PermissionCallback callback) {
        this.callback = callback;
        return this;
    }

    public interface PermissionCallback{

        int REQUEST_CODE = 1234;

        void success();
        void fail();
    }

}</code></pre>
<h3>Full Permission Examples</h3>
<h4>1. Request and Check Permission</h4>
Let's look at a runtime permission example. We will see how to check and request permissions in a full runnable app.

[ui-tabs position="top-left" active="0" theme="default"]

[ui-tab title="MainActivity.java"]
This is the main activity. It will be responsible for checking and requesting permission.
<pre>
package com.example.ankitkumar.permissionrequest;

import android.content.DialogInterface;
import android.content.pm.PackageManager;
import android.os.Build;
import android.support.design.widget.Snackbar;
import android.support.v4.app.ActivityCompat;
import android.support.v4.content.ContextCompat;
import android.support.v7.app.AlertDialog;
import android.support.v7.app.AppCompatActivity;
import android.os.Bundle;
import android.support.v7.widget.Toolbar;
import android.view.View;
import android.widget.Button;

import static android.Manifest.permission.ACCESS_FINE_LOCATION;
import static android.Manifest.permission.CAMERA;

public class MainActivity extends AppCompatActivity implements View.OnClickListener{

    private static final int PERMISSION_REQUEST_CODE = 200;
    private View view;

    @Override
    protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.activity_main);
        Toolbar toolbar = (Toolbar) findViewById(R.id.toolbar);
        setSupportActionBar(toolbar);

        Button check_permission = (Button) findViewById(R.id.check_permission);
        Button request_permission = (Button) findViewById(R.id.request_permission);
        check_permission.setOnClickListener(this);
        request_permission.setOnClickListener(this);

    }
    @Override
    public void onClick(View v) {

        view = v;

        int id = v.getId();
        switch (id) {
            case R.id.check_permission:
                if (checkPermission()) {

                    Snackbar.make(view, "Permission already granted.", Snackbar.LENGTH_LONG).show();

                } else {

                    Snackbar.make(view, "Please request permission.", Snackbar.LENGTH_LONG).show();
                }
                break;
            case R.id.request_permission:
                if (!checkPermission()) {

                    requestPermission();

                } else {

                    Snackbar.make(view, "Permission already granted.", Snackbar.LENGTH_LONG).show();

                }
                break;
        }

    }

    private boolean checkPermission() {
        //int result = ContextCompat.checkSelfPermission(getApplicationContext(), ACCESS_FINE_LOCATION);
        int result1 = ContextCompat.checkSelfPermission(getApplicationContext(), CAMERA);

        return result1 == PackageManager.PERMISSION_GRANTED;
    }

    private void requestPermission() {

        ActivityCompat.requestPermissions(this, new String[]{CAMERA}, PERMISSION_REQUEST_CODE);

    }

    @Override
    public void onRequestPermissionsResult(int requestCode, String permissions[], int[] grantResults) {
        switch (requestCode) {
            case PERMISSION_REQUEST_CODE:
                if (grantResults.length > 0) {

                    // boolean locationAccepted = grantResults[0] == PackageManager.PERMISSION_GRANTED;
                    boolean cameraAccepted = grantResults[1] == PackageManager.PERMISSION_GRANTED;

                    if (cameraAccepted)
                        Snackbar.make(view, "Permission Granted, Now you can access camera.", Snackbar.LENGTH_LONG).show();
                    else {

                        Snackbar.make(view, "Permission Denied, You cannot access camera.", Snackbar.LENGTH_LONG).show();

                        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
                            if (shouldShowRequestPermissionRationale(ACCESS_FINE_LOCATION)) {
                                showMessageOKCancel("You need to allow access to the permission",
                                        new DialogInterface.OnClickListener() {
                                            @Override
                                            public void onClick(DialogInterface dialog, int which) {
                                                if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
                                                    requestPermissions(new String[]{ACCESS_FINE_LOCATION, CAMERA},
                                                            PERMISSION_REQUEST_CODE);
                                                }
                                            }
                                        });
                                return;
                            }
                        }

                    }
                }

                break;
        }
    }

    private void showMessageOKCancel(String message, DialogInterface.OnClickListener okListener) {
        new AlertDialog.Builder(MainActivity.this)
                .setMessage(message)
                .setPositiveButton("OK", okListener)
                .setNegativeButton("Cancel", null)
                .create()
                .show();
    }

}

[/ui-tab]
[ui-tab title=”activity_main.xml”]
This is the main layout. We will have two buttons: one for checking permission while the other for requesting permission.

We wrap them in the RelativeLayout.

<?xml version="1.0" encoding="utf-8"?>
<RelativeLayout 
    
    
    android_layout_width="match_parent"
    android_layout_height="match_parent"
    android_paddingBottom="@dimen/activity_vertical_margin"
    android_paddingLeft="@dimen/activity_horizontal_margin"
    android_paddingRight="@dimen/activity_horizontal_margin"
    android_paddingTop="@dimen/activity_vertical_margin"
    app_layout_behavior="@string/appbar_scrolling_view_behavior"
    tools_context="com.example.ankitkumar.permissionrequest.MainActivity"
    >
    <Button
        android_id="@+id/check_permission"
        android_layout_width="match_parent"
        android_layout_centerInParent="true"
        android_layout_height="wrap_content"
        android_text="Check Permission"/>
    <Button
        android_id="@+id/request_permission"
        android_layout_below="@+id/check_permission"
        android_layout_width="match_parent"
        android_layout_height="wrap_content"
        android_text="Request Permission"/>
</RelativeLayout>

[/ui-tab]
[ui-tab title=”Download”]

No. Location Link
1. GitHub Download
2. GitHub Browse
2. GitHub Original Creator: @AnkitKumar111

 

 

Share



Share an Example

Share an Example

Browse
What is the capital of Egypt? ( Cairo )