Tip

When users install the application, they are informed what permissions the application requires to run and must approve these permissions. Request only the permissions your application requires.

The following XML excerpt for the preceding Android manifest file defines a permission using the <uses-permission> tag to gain access to the built-in camera:

<uses-permission android:name="android.permission.CAMERA" />

A complete list of the permissions can be found in the android.Manifest.permission class.Your application manifest should include only the permissions required to run. The user is informed what permissions each Android application requires at install time.

You might find that, in certain cases, permissions are not enforced (you can operate without the permission). In these cases, it is prudent to request the permission anyway for two reasons. First, the user is informed that the application is performing those sensitive actions, and second, that permission could be enforced in a later SDK version.

Registering Permissions Your Application Grants to Other Applications

Applications can also define their own permissions by using the <permission> tag. Permissions must be described and then applied to specific application components, such as Activities, using the android:permission attribute.

I Tip

Use Java-style scoping for unique naming of application permissions (for example, com.androidbook.MultiMedia.ViewMatureMaterial).

Permissions can be enforced at several points:

■ When starting an Activity or Service

■ When accessing data provided by a content provider

■ At the function call level

■ When sending or receiving broadcasts by an Intent

Permissions can have three primary protection levels: normal, dangerous, and signature.The normal protection level is a good default for fine-grained permission enforcement within the application. The dangerous protection level is used for higher-risk Activities, which might adversely affect the device. Finally, the signature protection level permits any application signed with the same certificate to use that component for controlled application interoperability.You learn more about application signing in Chapter 29.

Permissions can be broken down into categories, called permission groups, which describe or warn why specific Activities require permission. For example, permissions might be applied for Activities that expose sensitive user data such as location and personal information (android.permission-group.LOCATION and android.permission-group.PERSONAL_INFO), access underlying hardware (android.permission-group.HARDWARE_CONTROLS), or perform operations that might incur fees to the user (android.permission-group.COST_MONEY). A complete list of permission groups is available within the Manifest.permission_group class.

Enforcing Content Provider Permissions at the Uri Level

You can also enforce fine-grained permissions at the Uri level using the <grant-uri-permissions> tag.

For more information about the Android permissions framework, we highly recommend reading the Android Dev Guide documentation on Security and Permissions.

Easy Software Profits

Easy Software Profits

Here's How Anyone Can Start, Build and Run their Own Successful Software Empire Without Knowing the First Thing About Programming, Scripting Or Any 'Coder' Stuff. There is no doubt about it software sells. Software has a high percieved value and it solves problems for people.  A claim that can't always be made for PDF books, Video products and the like.

Get My Free Ebook


Post a comment