Declaring and Using Permissions

Android defines a permission scheme meant to protect resources and features on the device. For example, applications, by default, cannot access the contacts list, make phone calls, and so on. To protect the user from malicious applications, Android requires applications to request permissions if they need to use a protected feature or resource. As you'll see shortly, permission requests go in the manifest file. At install time, the APK installer either grants or denies the requested permissions based on the signature of the .apk file and/or feedback from the user. If a permission is not granted, any attempt to execute or access the associated feature will result in a permission failure.

Table 7-2 shows some commonly used features and the permissions they require. Note that you are not yet familiar with all the features listed in Table 7-2, but you will see them later (either in this chapter or subsequent chapters).

Table 7-2. Features and Resources, and the Permissions They Require

Feature/Resource

Required Permission

Description

Camera

android.

permission

.CAMERA

Enables you to access the device's camera.

Internet

android.

permission

.INTERNET

Enables you to make a network connection.

User's Contact Data

android. android.

permission permission

.READ CONTACTS .WRITE_CONTACTS

Enables you to read from or write to the user's contact data.

User's Calendar Data

android. android.

permission permission

.READ CALENDAR WRITE_CALENDAR

Enables you to read from or write to the user's calendar data.

Record Audio

android.

permission

. RECORD_AUDIO

Enables you to record audio.

GPS Location Information

android.permission. LOCATION

,ACCESS_FINE_

Enables you to access finegrained location information. This includes GPS location information.

WiFi Location Information

android.permission. LOCATION

ACCESS_COARSE_

Enables you to access coarsegrained location information. This includes WiFi location information.

Battery Information

android.

permission

. BATTERY_STATS

Enables you to obtain battery-state information.

Bluetooth

android.

permission

.BLUETOOTH

Enables you to connect to paired Bluetooth devices.

CHAPTER 7 ■ EXPLORING SECURITY AND LOCATION-BASED SERVICES 231

For a complete list of permissions, see http://developer.android.com/reference/ android/Manifest.permission.html.

Application developers can request permissions by adding entries to the AndroidManifest. xml file. For example, Listing 7-3 asks to access the camera on the device, to read the list of contacts, and to read the calendar.

Listing 7-3. Permissions in AndroidManifest.xml

<manifest xmlns:android="http://schemas.android.com/apk/res/android" package="com.android.app.permApp" >

<uses-permission android:name="android.permission.CAMERA" /> <uses-permission android:name="android.permission.READ_CONTACTS"/> <uses-permission android:name="android.permission.READ_CALENDAR" /> </manifest>

Note that you can either hand-code permissions in the AndroidManifest.xml file or use the manifest editor. The manifest editor is wired up to launch when you open (double-click) the manifest file. The manifest editor contains a drop-down list that has all of the permissions preloaded to prevent you from making a mistake. As shown in Figure 7-2, you can access the permissions list by selecting the Permissions tab in the manifest editor.

Figure 7-2. The Android manifest editor tool in Eclipse

You now know that Android defines a set of permissions that protects a set of features and resources. Similarly, you can define, and enforce, custom permissions with your application. Let's see how that works.

0 0

Post a comment