Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cosc 4735 Permissions Asking for them in API 23+.

Published byGinger Lynch Modified over 8 years ago

Similar presentations

Presentation on theme: "Cosc 4735 Permissions Asking for them in API 23+."— Presentation transcript:

1 Cosc 4735 Permissions Asking for them in API 23+

2 Permissions. Just as always, we have put the permissions requests in the manifest.xml Example: The last two are in the “dangerous” group and we are going to have to ask the user to allow it as an extra step in our code.

3 Runtime Permissions The users will now be able to manage some of the App’s permissions. Permissions are grouped into two categories – Dangerous These where the app wants access to a user’s private information and the app must request access from the user. – Such as calendar, contacts, camera, mic, location, phone, sensors, sms, and storage – http://developer.android.com/guide/topics/security/permissions.html#perm- groups http://developer.android.com/guide/topics/security/permissions.html#perm- groups – normal Very little risk to a user’s private information and app is granted it automatically (assuming it requests it in the manifest.xml correctly) – internet access as example. So you can not remove an app’s access to the network. – http://developer.android.com/guide/topics/security/normal-permissions.html http://developer.android.com/guide/topics/security/normal-permissions.html Note: you can also add your app launch to the dangerous group.

4 (current as of 1/11/2016) Dangerous Group Permission GroupPermissions CALENDAR READ_CALENDAR WRITE_CALENDAR CAMERA CONTACTS READ_CONTACTS WRITE_CONTACTS GET_ACCOUNTS LOCATION ACCESS_FINE_LOCATION ACCESS_COARSE_LOCATION MICROPHONE RECORD_AUDIO PHONE READ_PHONE_STATE CALL_PHONE READ_CALL_LOG WRITE_CALL_LOG ADD_VOICEMAIL USE_SIP PROCESS_OUTGOING_CALLS SENSORS BODY_SENSORS SMS SEND_SMS RECEIVE_SMS READ_SMS RECEIVE_WAP_PUSH RECEIVE_MMS STORAGE READ_EXTERNAL_STORAGE WRITE_EXTERNAL_STORAGE http://developer.android.com/guide/topics/security/permissions.html#perm-groups

5 Checking permission. Any time you use a permission that could be revoked by the user, you MUST first check to see you have the permission or not. – If not, then ask for it. – Else don’t use it! – Example we are going to use the GPS, which has the Manifest.permission.ACCESS_FINE_LOCATION.

6 Coding it. Checking to see if I already have permission using the checkSelfPermission(…) method. if (ActivityCompat.checkSelfPermission( getContext(), Manifest.permission.ACCESS_FINE_LOCATION) != PackageManager.PERMISSION_GRANTED ) { //I don’t have the user permission yet. So ask for it. } else { //I’m good, I can use the GPS. } There is a flow problem with the code, that we are going to have to fix a bit later.

7 Requesting permission To request a permission from the user, we use the requestPremissions(context, permission, int constant) method. – This method allows us to ask for multiple permissions at the same time. – The request returns async to onRequestPermissionsResult method. ActivityCompat.requestPermissions( getActivity(), new String[]{ Manifest.permission.ACCESS_FINE_LOCATION}, REQUEST_FINE_ACCESS); Add more permission to the String[] to request multiple permissions at the same time.

8 results Callback received when a permissions request has been completed. public void onRequestPermissionsResult(int requestCode, String permissions[], int[] grantResults) { switch (requestCode) { case REQUEST_FINE_ACCESS: { // If request is cancelled, the result arrays are empty. if (grantResults.length > 0 && grantResults[0] == PackageManager.PERMISSION_GRANTED) { // permission was granted, yay call the code again to start the GPS in this example. } else { // permission denied, boo! Disable this feature or close the app. } return; } // other 'case' lines to check for other permissions this app might request }

9 Multiple permission request Say I asked for both fine and course at the same time. ActivityCompat.requestPermissions( getActivity(), new String[]{ Manifest.permission.ACCESS_FINE_LOCATION, Manifest.permission.ACCESS_COARSE_LOCATION}, REQUEST_ACCESS); Then in the result, I need to use the both – String permissions[] and int[] grantResults Array of permissions ie Manifest.permission.ACCESS_FINE_LOCATION and same position in the grantResults if permission was granted.

10 Program flow control Because of the Async request/result You are going to have to make your code in method calls – if they don’t already have permission, then the code can be easily restarted – Or code can be easily skipped.

11 Why every time? Because between uses or if the app is in the background – The user may turn off permission – In settings-> app  permission.

12 References http://developer.android.com/training/permis sions/requesting.html http://developer.android.com/training/permis sions/requesting.html

13 Q A &

Download ppt "Cosc 4735 Permissions Asking for them in API 23+."

Similar presentations

Google Android Introduction to Mobile Computing. Android is part of the build a better phone process Open Handset Alliance produces Android Comprises.

Google Android Introduction to Mobile Computing. Android is part of the build a better phone process Open Handset Alliance produces Android Comprises.
Class Relationships Part 1: Composition and Association CS 21a: Introduction to Computing I First Semester, 2013-2014.

Class Relationships Part 1: Composition and Association CS 21a: Introduction to Computing I First Semester,
1 Unit & District Tools Phase 1. 2 To access the new Unit and District Tools, you will need to click on the link embedded in the MyScouting Flash page.

1 Unit & District Tools Phase 1. 2 To access the new Unit and District Tools, you will need to click on the link embedded in the MyScouting Flash page.
Cosc 5/4730 Permissions. Note that all of start with android.premission. Location: – ACCESS_COARSE_LOCATION, ACCESS_FINE_LOCATION, ACCESS_LOCATION_EXTRA_COMMANDS,

Cosc 5/4730 Permissions. Note that all of start with android.premission. Location: – ACCESS_COARSE_LOCATION, ACCESS_FINE_LOCATION, ACCESS_LOCATION_EXTRA_COMMANDS,
Teacher iPads RCSD-Getting Started Guide Cathy James- Tech Resource Teacher.

Teacher iPads RCSD-Getting Started Guide Cathy James- Tech Resource Teacher.
Android Security. N-Degree of Separation Applications can be thought as composed by Main Functionality Several Non-functional Concerns Security is a non-functional.

Android Security. N-Degree of Separation Applications can be thought as composed by Main Functionality Several Non-functional Concerns Security is a non-functional.
© 2012 Microsoft Corporation. All rights reserved. Introducing SkyDrive. With Windows 8 never be without your files again. SkyDrive helps you sync, store,

© 2012 Microsoft Corporation. All rights reserved. Introducing SkyDrive. With Windows 8 never be without your files again. SkyDrive helps you sync, store,
Operating System Customization

Operating System Customization
AutoCog: Measuring the Description-to-permission Fidelity in Android Applications Zhengyang Qu1, Vaibhav Rastogi1, Xinyi Zhang1,2, Yan Chen1, Tiantian.

AutoCog: Measuring the Description-to-permission Fidelity in Android Applications Zhengyang Qu1, Vaibhav Rastogi1, Xinyi Zhang1,2, Yan Chen1, Tiantian.
Android Permission System

Android Permission System
Microprocessors Frame Pointers and the use of the –fomit-frame-pointer switch Feb 25th, 2002.

Microprocessors Frame Pointers and the use of the –fomit-frame-pointer switch Feb 25th, 2002.
We are partners in learning.. Note: Office 365 works best in Internet Explorer V 9 or above. Some features do not work in PWCS’s Chrome Browser or in.

We are partners in learning.. Note: Office 365 works best in Internet Explorer V 9 or above. Some features do not work in PWCS’s Chrome Browser or in.
MSDN How do I add Voice Commands to my application Find Install Voice Command Sets Search Search for {dictatedSearchTerms} Find Find.

MSDN How do I add Voice Commands to my application Find Install Voice Command Sets Search Search for {dictatedSearchTerms} Find Find.
William Enck, Machigar Ongtang, and Patrick McDaniel.

William Enck, Machigar Ongtang, and Patrick McDaniel.
Android Declassification Infrastructure Matan David Yuval Evron Project Advisor: Roei Schuster 1.

Android Declassification Infrastructure Matan David Yuval Evron Project Advisor: Roei Schuster 1.
Microsoft ® Office 2007 Training Security II: Turn off the Message Bar and run code safely John Deere presents:

Microsoft ® Office 2007 Training Security II: Turn off the Message Bar and run code safely John Deere presents:
Introduction Our Topic: Mobile Security Why is mobile security important?

Introduction Our Topic: Mobile Security Why is mobile security important?
Introducing the Sudoku Example

Introducing the Sudoku Example
JavaScript Form Validation

JavaScript Form Validation
Introduction to Android Swapnil Pathak www.SecurityXploded.com Advanced Malware Analysis Training Series.

Introduction to Android Swapnil Pathak Advanced Malware Analysis Training Series.

Similar presentations

Ads by Google