Embedded Files
Video Notes
Video Notes
Two type of permissions
Install time
Less sensitive ex: Internet access
Runtime
Users private data access permission ex: camera, location, microphone
Best practice
Minimal number of permission
Runtime permission associated with specific action only
Be Transparent
Basics
Basics
App permissions help support user privacy by protecting access to the following:
Restricted data, such as system state and users' contact information
Restricted actions, such as connecting to a paired device and recording audio
Some permissions, known as install-time permissions, are automatically granted when your app is installed. Other permissions, known as runtime permissions, require your app to go a step further and request the permission at runtime.
Types of permissions
Types of permissions
Install-time permissions
Install-time permissions
Install-time permissions give your app limited access to restricted data or let your app perform restricted actions that minimally affect the system or other apps. When you declare install-time permissions in your app, an app store presents an install-time permission notice to the user when they view an app's details page.
Runtime permissions
Runtime permissions
you need to request runtime permissions in your app before you can access the restricted data or perform restricted actions.
Many runtime permissions access private user data, a special type of restricted data that includes potentially sensitive information. Examples of private user data include location and contact information.
Special permissions
Special permissions
A special permission guards access to system resources that are particularly sensitive or not directly related to user privacy. These permissions are different than install-time permissions and runtime permissions.
Some examples of special permissions include:
Scheduling exact alarms.
Displaying and drawing over other apps.
Accessing all storage data.
Similar to runtime permissions, apps should request special permissions in-context when the user requests a specific action that requires the permission. For example, wait to request the SCHEDULE_EXACT_ALARMS permission until the user schedules an email to be sent at a specific time.
Apps that declare a special permission are shown in the Special app access page in system settings (figure 1). To grant a special permission to the app, a user must navigate to this page: Settings > Apps > Special app access.
Permission groups
Permission groups
Permissions can belong to permission groups. Permission groups consist of a set of logically related permissions. For example, permissions to send and receive SMS messages might belong to the same group, as they both relate to the application's interaction with SMS.
Permission groups help the system minimize the number of system dialogs that are presented to the user when an app requests closely related permissions
Declare app permissions
Declare app permissions
Add declaration to app manifest
Add declaration to app manifest
To declare a permission that your app might request, include the appropriate <uses-permission> element in your app's manifest file. For example, an app that needs to access the camera has this line in AndroidManifest.xml:
<manifest ...>
<uses-permission android:name="android.permission.CAMERA"/>
<application ...>
...
</application>
</manifest>
Declare hardware as optional
Declare hardware as optional
Some permissions, such as CAMERA, let your app access pieces of hardware that only some Android devices have. If your app declares one of these hardware-associated permissions, consider whether your app can still run on a device that doesn't have that hardware. In most cases, hardware is optional, so it's better to declare the hardware as optional by setting android:required to false in your <uses-feature> declaration, as shown in the following code snippet from an AndroidManifest.xml file:
<manifest ...>
<application>
...
</application>
<uses-feature android:name="android.hardware.camera"
android:required="false" />
<manifest>
Request runtime permissions
Request runtime permissions
Video Notes
Video Notes
Steps:
Define in manifest
RegisterForActivityResults( ActivityResultContract ) method
If you conclude that your app needs to declare and request runtime permissions, complete these
steps:
steps:
specific actions associated
specific actions associated
Design your app's UX so that specific actions in your app are associated with specific runtime permissions. Let users know which actions might require them to grant permission for your app to access private user data.
Wait for the user to invoke the task or action in your app that requires access to specific private user data. At that time, your app can request the runtime permission that's required for accessing that data.
user's response
user's response
Check the user's response—whether they chose to grant or deny the runtime permission.
next steps
next steps
If the user granted the permission to your app, you can access the private user data. If the user denied the permission instead, gracefully degrade your app experience so that it provides functionality to the user without the information that's protected by that permission.
Page updated
Google Sites
Report abuse