Everything to know about working with Android App Permission

In this tutorial series: Android App Permission is quite a critical part which in development of an app, using recent case study of UC Browser learn more about Android Permissions.

In earlier versions of Android prior to Android Marshmallow (6.0) permissions to an android app were granted by the user at the time of installation and if the user was to revoke any one the permission granted to the app, the only way of doing so was by actually uninstalling the app or rooting the mobile phone which in case could have void the warranty of the user.

Everything to know about working with Android App Permission

But by releasing Android Marshmallow which has a completely different way of handling android app permission, Google has has empowered its user with better and more direct control on the android app permission and user data itself. In recent versions of Android from Marshmallow on wards, the users have complete control over whether or not to give a specific permission to an android app.

So now whenever the user installs any particular app, the app gets installed without requesting for permissions (other than basic ones) and the permissions are specifically requested by the app whenever it is called. As you can see in the image below.

Like what you're reading? Subscribe to our Weekly Tech Newsletter!

* indicates required

Though as per Android documentation, whenever your android app runs, it has to ask for permission from the user (which is actually quite annoying) but Android Engine takes care of it by setting user’s first input as their default choice.

So for a developer its important now to minimize the level of permissions that their app may require as that will less annoy the user also lesson must be taken from a recent case study in which UC Browser, an android web surfing app which was banned from Google play store for 30 days after found guilty for abusing device security and misusing with users data.

Android App Permission Types

As per Google all required permissions must be declared by the developer in the Android Manifest File, for requesting permission which is for Android versions 6.0 Marshmallow and above, all permissions must not be requested at once but rather must be asked only when needed.

Now the permissions that the app needs are grouped into two category i.e, the Normal and the Dangerous permissions. Permissions like permission to access the internet are basic permission which is automatically granted by the system but permissions like to read the contact or install some 3rd party app are dangerous permission and needs explicit permission of the user.

A list of Normal Permissions is as follows, the system doesn’t prompts user about these permissions and user too can’t revoke them:

  • ACCESS_LOCATION_EXTRA_COMMANDS
  • ACCESS_NETWORK_STATE
  • ACCESS_NOTIFICATION_POLICY
  • ACCESS_WIFI_STATE
  • BLUETOOTH
  • BLUETOOTH_ADMIN
  • BROADCAST_STICKY
  • CHANGE_NETWORK_STATE
  • CHANGE_WIFI_MULTICAST_STATE
  • CHANGE_WIFI_STATE
  • DISABLE_KEYGUARD
  • EXPAND_STATUS_BAR
  • GET_PACKAGE_SIZE
  • INSTALL_SHORTCUT
  • INTERNET
  • KILL_BACKGROUND_PROCESSES
  • MODIFY_AUDIO_SETTINGS
  • NFC
  • READ_SYNC_SETTINGS
  • READ_SYNC_STATS
  • RECEIVE_BOOT_COMPLETED
  • REORDER_TASKS
  • REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
  • REQUEST_INSTALL_PACKAGES
  • SET_ALARM
  • SET_TIME_ZONE
  • SET_WALLPAPER
  • SET_WALLPAPER_HINTS
  • TRANSMIT_IR
  • UNINSTALL_SHORTCUT
  • USE_FINGERPRINT
  • VIBRATE
  • WAKE_LOCK
  • WRITE_SYNC_SETTINGS

A list of Dangerous Permission is as follows, the system prompts user about these permissions and user can revoke them:

  • READ_CALENDAR
  • WRITE_CALENDAR
  • CAMERA
  • READ_CONTACTS
  • WRITE_CONTACTS
  • GET_ACCOUNTS
  • ACCESS_FINE_LOCATION
  • ACCESS_COARSE_LOCATION
  • RECORD_AUDIO
  • READ_PHONE_STATE
  • READ_PHONE_NUMBERS
  • CALL_PHONE
  • ANSWER_PHONE_CALLS (must request at runtime)
  • READ_CALL_LOG
  • WRITE_CALL_LOG
  • ADD_VOICEMAIL
  • USE_SIP
  • PROCESS_OUTGOING_CALLS
  • BODY_SENSORS
  • SEND_SMS
  • RECEIVE_SMS
  • READ_SMS
  • RECEIVE_WAP_PUSH
  • RECEIVE_MMS
  • READ_EXTERNAL_STORAGE
  • WRITE_EXTERNAL_STORAGE

Such permission must be requested at run-time when required.

To declare Permission in Android Manifest, go to AndroidManifest.xml file in Android Studio and insert the following code as per permission required!

<uses-permission android:name="android.permission.INTERNET"/>
<uses-permission android:name="android.permission.READ_CONTACTS"></uses-permission>

To learn more in Android App Development explore our FREE course here: Roadway to Android App Development

Learn to build a Simple Login app in Android here and your own Piano app over here.