Android SDK version 23 onwards, we have to handle runtime permissions in android to access some of the protected features or modules for the purpose of privacy.
Let’s understand the types of permissions in Android App.
Such permissions are not a risk to the user’s privacy, so we don’t have to ask users to approve it. Just declaring the permission in the Manifest file is enough. For example, Internet Permission.
Signature permissions are permissions with the protection level of “signature”. For more information, please refer to the official documentation.
These permissions allow android apps to access restricted features or content. Moreover, it risks the user’s privacy, so for such permissions, the application has to ask for the user’s permission at runtime.
We will be focusing more on Runtime Permissions.
Tech Stack, We’re Using: Android, Kotlin
Tools We’re Using: Android Studio
Firstly, we should declare the permissions we want to take in the Manifest file. For Example, if our application wants to use the Camera, then “android.permission.CAMERA” permission should be declared in the manifest file as shown below.
<?xml version="1.0" encoding="utf-8"?> <manifest xmlns:android="http://schemas.android.com/apk/res/android" xmlns:tools="http://schemas.android.com/tools" package="com.test"> <uses-permission android:name="android.permission.CAMERA" /> <!-- Some other code--> </manifest>
After declaring the permission in Manifest, we can check and ask for that permission in our app code.
The below code snippet checks if the permission is granted or not.
ContextCompat.checkSelfPermission( context, permission )
Here, context is a Context instance. Permission in static final string ex. Manifest.permission.CAMERA
If this method returns false, then we need to check if the user has denied the permission.
The below code snippet checks if the permission is denied or not.
Here, the parameters are the same as in the previous method.
If this method returns true, then we should show some dialog to the user that he/she had denied some permission and navigate the user to app settings.
On the other hand, if the method returns false, then it means that the permission is not requested yet. In this case, we should ask the permission of the user.
The below snippet is used for requesting the permission of the user.
ActivityCompat.requestPermissions( context, permissions.toTypedArray(), permissionsRequestCode )
context -Context instance.
permissions -ArrayList of Permissions.
permissionRequestCode – Request Code which is required for requesting permissions.
Done. This is all code required for asking runtime permissions in Android.
For accessing the user’s location information in the background, we have to ask for ACCESS_BACKGROUND_LOCATION permission. This permission was introduced in Android 10.
This permission is also required for scanning BLE devices when the app is in the background or killed.
Getting this permission is a little tricky. For asking this permission, first we have to ask for ACCESS_FINE_LOCATION and ACCESS_COARSE_LOCATION. Once a user allows these two permissions, then only the app can request ACCESS_BACKGROUND_LOCATION permission.
You must show the user why you are accessing the background location. It should follow google standards. If you don’t do this, then Google will reject your application. For more on this, kindly check the link here. – Reference
If you will ask all 3 location permissions at once then background permission will not be asked.
First ask ACCESS_FINE_LOCATION and ACCESS_COARSE_LOCATION is one array.
When a user grants these two permissions, which you can check from onRequestPermissionsResult, then you can request for ACCESS_BACKGROUND_LOCATION permission.
In some devices, the shouldShowRequestPermissionRationale method will return false even the first time asking the ACCESS_BACKGROUND_LOCATION permission. So for that, we should show the permission denied dialog and navigate the user to the Settings screen for approving background location permission.
Moreover, you have to make a video of your application to show the usage of background location permission. Also, you have to submit the youtube URL for the same video in the play console(Sensitive permissions and APIs).
Runtime permission is a way to access restricted features of Android devices. Though it seems like a lot, it is better for the user’s privacy and security.
In that case, no dialog will be shown to the user. Also, there will be no error message or any crash. Nothing will happen on requesting permission.
Yes, but this is not the right approach. If some permission is not used by your application then you should not ask the user. This can lead to more negative reviews about your application.
No. This is only required for the permissions falling in the category of runtime permissions. For example, although we have to declare <uses-permission android:name=”android.permission.INTERNET” /> to access the internet, we don’t have to check or ask for it.
Ankit Mishra is an Android Developer at OneClick IT Consultancy Pvt Ltd. He is Passionate about to think forward & Android Ninja. Having hands on experience & skills to building, integrating, supporting and testing android applications for mobile and tablet devices on the android platform.