• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

Questions about Permissions

RhinoCan

RhinoCan

Well-Known Member
I am trying to understand Permissions in Android but various things aren't clear to me yet so I hope someone here can help me understand better. I'm using Android Studio 3.1.2 and am quite new to Android development. I'm not new to development though, just Android.

I'm not sure if it's better to break this up into several questions or write them all in one thread since they are all related but I'll put them all here to start with and break them up if you tell me that's better.

I am trying to write a simple app to ask the phone on which the app is running for a unique ID, either the IMEI or the DeviceId, depending on the age of the device. This is part of a group of apps I am cobbling together for use at work where three of us will use the app. We'll be recording sales and I want to spare the user having to identify each and every sale as coming from him/her since each of us will record only our own sales. I'll simply store that unique ID in an external MySQL database and whenever one of us generates a sale, the app that records the sale will simply store that unique ID on the sale record. For the moment though, I am just doing the part of the app that gets the unique ID as a small standalone app to learn about permissions.

I know that the permission I need, READ_PHONE_STATE is considered "dangerous" and that in later versions of Android, that permission is not obtained at runtime but at execution time. (I don't know what version of Android my colleagues are using but my OS Version is 24). Am I correct in believing that I have to put that permission in my AndroidManifest even though it won't be checked until runtime? If the user is on a later-model device, will he/she still be asked for READ_PHONE_STATE permission at install time AND at run time or ONLY at runtime? When I give the permission, do I use <uses-permission> or <uses-permission-sdk-23>? I've seen both in examples that I've tracked down but I'm not clear on the distinction.

The reason I ask is that if I omit giving permission in the manifest, this line of my code inevitably yields true:

if (ContextCompat.checkSelfPermission(this,
Manifest.permission.READ_PHONE_STATE)
!= PackageManager.PERMISSION_GRANTED)

That puzzles me because if I put the permission in the manifest, it doesn't seem to check any further; it seems to me that this effectively gives the permission at install time without even asking the user if it's okay, which is the exact opposite of actually asking them at run time.

One more question in this vein, then I'll wait for some answers. With luck, your answers mean I won't have to ask any further questions on permissions ;-)

The other thing that is puzzling me is this line:

if (ActivityCompat.shouldShowRequestPermissionRationale(this,
Manifest.permission.READ_PHONE_STATE)

How is this method finding out whether to return true or false? I can't find anything in the documentation that makes this clear. Do I need to explicitly call some other method to say, yes, I want to provide rationales or is that yes or no being set elsewhere by some other process? I can picture this method always returning Yes just to force developers to be polite and explain why they want permission but I can also picture it being set "under the covers" by Android on the basis of something in the manifest or in Gradle somewhere too. In any case, it always seems to return TRUE in my testing but I'd like to know if I can count on that or if that is just a lucky coincidence so far?

Sorry for the long post; I'll try to be shorter in future :-)
 
Before Android 6.0 (API level 23), the system didn't ask the user to grant individual permissions listed in the manifest. Your app was granted all permissions, or nothing at install time.
With 6.0, the user was asked to grant individual permissions at run time, using a popup dialog.

https://en.wikipedia.org/wiki/Android_version_history
 
RhinoCan said:
I am trying to understand Permissions in Android but various things aren't clear to me yet so I hope someone here can help me understand better. I'm using Android Studio 3.1.2 and am quite new to Android development. I'm not new to development though, just Android.

I'm not sure if it's better to break this up into several questions or write them all in one thread since they are all related but I'll put them all here to start with and break them up if you tell me that's better.

I am trying to write a simple app to ask the phone on which the app is running for a unique ID, either the IMEI or the DeviceId, depending on the age of the device. This is part of a group of apps I am cobbling together for use at work where three of us will use the app. We'll be recording sales and I want to spare the user having to identify each and every sale as coming from him/her since each of us will record only our own sales. I'll simply store that unique ID in an external MySQL database and whenever one of us generates a sale, the app that records the sale will simply store that unique ID on the sale record. For the moment though, I am just doing the part of the app that gets the unique ID as a small standalone app to learn about permissions.

I know that the permission I need, READ_PHONE_STATE is considered "dangerous" and that in later versions of Android, that permission is not obtained at runtime but at execution time. (I don't know what version of Android my colleagues are using but my OS Version is 24). Am I correct in believing that I have to put that permission in my AndroidManifest even though it won't be checked until runtime? If the user is on a later-model device, will he/she still be asked for READ_PHONE_STATE permission at install time AND at run time or ONLY at runtime? When I give the permission, do I use <uses-permission> or <uses-permission-sdk-23>? I've seen both in examples that I've tracked down but I'm not clear on the distinction.

The reason I ask is that if I omit giving permission in the manifest, this line of my code inevitably yields true:

if (ContextCompat.checkSelfPermission(this,
Manifest.permission.READ_PHONE_STATE)
!= PackageManager.PERMISSION_GRANTED)

That puzzles me because if I put the permission in the manifest, it doesn't seem to check any further; it seems to me that this effectively gives the permission at install time without even asking the user if it's okay, which is the exact opposite of actually asking them at run time.

One more question in this vein, then I'll wait for some answers. With luck, your answers mean I won't have to ask any further questions on permissions ;-)

The other thing that is puzzling me is this line:

if (ActivityCompat.shouldShowRequestPermissionRationale(this,
Manifest.permission.READ_PHONE_STATE)

How is this method finding out whether to return true or false? I can't find anything in the documentation that makes this clear. Do I need to explicitly call some other method to say, yes, I want to provide rationales or is that yes or no being set elsewhere by some other process? I can picture this method always returning Yes just to force developers to be polite and explain why they want permission but I can also picture it being set "under the covers" by Android on the basis of something in the manifest or in Gradle somewhere too. In any case, it always seems to return TRUE in my testing but I'd like to know if I can count on that or if that is just a lucky coincidence so far?

Sorry for the long post; I'll try to be shorter in future :)
Click to expand...

https://androidforums.com/threads/regulatory-and-safety-permissions.1272489/
 
RhinoCan said:
Do you have any information that directly addresses the specific questions I asked? The formatting in your reply seems dodgy at best - I think some items on the list are sub-bullets of the main points - and none of it seems to answer my questions, at least as far as I can tell with my very limited knowledge of Android....
Click to expand...

No not directly but indirectly some of the aspects in those permissions you may want to implement some of them in the development of your Android apps, considering you say that you are a developer but you not too king on Android. So I thought sharing that with you would give you some ideals. But hang around somebody's going to come and give you the information that you asked about directly.
 
KBU2 said:
No not directly but indirectly some of the aspects in those permissions you may want to implement some of them in the development of your Android apps, considering you say that you are a developer but you not too king on Android. So I thought sharing that with you would give you some ideals. But hang around somebody's going to come and give you the information that you asked about directly.
Click to expand...

Thank you! I think what I need most is a week in a classroom learning Android programming from the ground up but I can't afford that so I have to figure things out as best I can. I'm actually really interested in Android, I just don't know enough to write more than a few lines of code without having to ask another bunch of questions.
 
You must log in or register to reply here.
Back
Top Bottom