App Permissions
1 like1,658 views
The document discusses Android's new runtime permissions model introduced in Android M. Key points include: - Permissions are now requested at runtime when an app needs them, rather than during installation. - Users can revoke permissions at any time from the app's settings screen. - Apps that don't target Android M will still work on M devices using the old permissions model, but users can disable permissions for those apps. - The permissions status is managed in the runtime-permissions.xml file for each user.
![String[] PERMISSIONS = new String[]{Manifest.permission.READ_PHONE_STATE};
if (checkSelfPermission(Manifest.permission.READ_PHONE_STATE)
!= PackageManager.PERMISSION_GRANTED) {
requestPermissions(PERMISSIONS,PERMISSIONS_REQUEST_READ_PHONE_STATE);
} else {
showLineNumber();
}
Check permissions](https://image.slidesharecdn.com/apppermissions-150708130025-lva1-app6891/85/App-Permissions-28-320.jpg)
![String[] PERMISSIONS = new String[]{Manifest.permission.READ_PHONE_STATE};
if (checkSelfPermission(Manifest.permission.READ_PHONE_STATE)
!= PackageManager.PERMISSION_GRANTED) {
requestPermissions(PERMISSIONS,PERMISSIONS_REQUEST_READ_PHONE_STATE);
} else {
showLineNumber();
}
Check permissions
checkSelfPermission
指定Permissionが許可されているかどうか](https://image.slidesharecdn.com/apppermissions-150708130025-lva1-app6891/85/App-Permissions-29-320.jpg)
![String[] PERMISSIONS = new String[]{Manifest.permission.READ_PHONE_STATE};
if (checkSelfPermission(Manifest.permission.READ_PHONE_STATE)
!= PackageManager.PERMISSION_GRANTED) {
requestPermissions(PERMISSIONS,PERMISSIONS_REQUEST_READ_PHONE_STATE);
} else {
showLineNumber();
}
Check permissions
checkSelfPermission
ちなみに、これ
⼀一つのPermissionしか指定できない…](https://image.slidesharecdn.com/apppermissions-150708130025-lva1-app6891/85/App-Permissions-30-320.jpg)
![public abstract class PermissionUtil {
/**
* Returns true if the Activity has access to all given permissions.
* Always returns true on platforms below M.
*
* @see Activity#checkSelfPermission(String)
*/
public static boolean hasSelfPermission(Activity activity, String[] permissions) {
if (!isMNC()) {
return true;
}
for (String permission : permissions) {
if (activity.checkSelfPermission(permission) != PackageManager.PERMISSION_GRANTED) {
return false;
}
}
return true;
}
public static boolean isMNC() {
/*
TODO: In the Android M Preview release, checking if the platform is M is done through
the codename, not the version code. Once the API has been finalised, the following check
should be used: */
// return Build.VERSION.SDK_INT == Build.VERSION_CODES.MNC
return "MNC".equals(Build.VERSION.CODENAME);
}
}
https://github.com/googlesamples/android-RuntimePermissions
Sample CodeはUtilクラス作ってる](https://image.slidesharecdn.com/apppermissions-150708130025-lva1-app6891/85/App-Permissions-32-320.jpg)
![String[] PERMISSIONS = new String[]{Manifest.permission.READ_PHONE_STATE};
if (checkSelfPermission(Manifest.permission.READ_PHONE_STATE)
!= PackageManager.PERMISSION_GRANTED) {
requestPermissions(PERMISSIONS,PERMISSIONS_REQUEST_READ_PHONE_STATE);
} else {
showLineNumber();
}
Request permissions
requestPermissions
指定Permissionの権限(許可)を求める](https://image.slidesharecdn.com/apppermissions-150708130025-lva1-app6891/85/App-Permissions-34-320.jpg)
![@Override
public void onRequestPermissionsResult(int requestCode, String[] permissions, int[] grantResults) {
if (MY_PERMISSIONS_REQUEST_READ_PHONE_STATE == requestCode) {
if (grantResults[0] == PackageManager.PERMISSION_GRANTED) {
showLineNumber();
Toast.makeText(this, "Phone Permission OK", Toast.LENGTH_SHORT).show();
} else {
Toast.makeText(this, "Phone Permission NG", Toast.LENGTH_SHORT).show();
}
}
}
private void showLineNumber() {
TelephonyManager telephonyManager = (TelephonyManager) getSystemService(TELEPHONY_SERVICE);
Toast.makeText(this, telephonyManager.getLine1Number(), Toast.LENGTH_SHORT).show();
}
Handle the
permissions request response](https://image.slidesharecdn.com/apppermissions-150708130025-lva1-app6891/85/App-Permissions-37-320.jpg)
![@Override
public void onRequestPermissionsResult(int requestCode, String[] permissions, int[] grantResults) {
if (MY_PERMISSIONS_REQUEST_READ_PHONE_STATE == requestCode) {
if (grantResults[0] == PackageManager.PERMISSION_GRANTED) {
showLineNumber();
Toast.makeText(this, "Phone Permission OK", Toast.LENGTH_SHORT).show();
} else {
Toast.makeText(this, "Phone Permission NG", Toast.LENGTH_SHORT).show();
}
}
}
private void showLineNumber() {
TelephonyManager telephonyManager = (TelephonyManager) getSystemService(TELEPHONY_SERVICE);
Toast.makeText(this, telephonyManager.getLine1Number(), Toast.LENGTH_SHORT).show();
}
Handle the
permissions request response
onRequestPermissionResult
Permissionの許可・否許可の結果が返される
結果によって処理理を分ける](https://image.slidesharecdn.com/apppermissions-150708130025-lva1-app6891/85/App-Permissions-38-320.jpg)
![@Override
public void onRequestPermissionsResult(int requestCode, String[] permissions, int[] grantResults) {
if (MY_PERMISSIONS_REQUEST_READ_PHONE_STATE == requestCode) {
if (grantResults[0] == PackageManager.PERMISSION_GRANTED) {
showLineNumber();
Toast.makeText(this, "Phone Permission OK", Toast.LENGTH_SHORT).show();
} else {
Toast.makeText(this, "Phone Permission NG", Toast.LENGTH_SHORT).show();
}
}
}
private void showLineNumber() {
TelephonyManager telephonyManager = (TelephonyManager) getSystemService(TELEPHONY_SERVICE);
Toast.makeText(this, telephonyManager.getLine1Number(), Toast.LENGTH_SHORT).show();
}
Handle the
permissions request response
onRequestPermissionResult
Permissionが許可されたら
権限が必要なAPIへアクセスする](https://image.slidesharecdn.com/apppermissions-150708130025-lva1-app6891/85/App-Permissions-39-320.jpg)
App Permissions
- 1. App Permissions -‐‑‒ M Preview -‐‑‒ What's New in Android (I/O 2015)
- 2. About Me • Shinobu Okano • @operandoOS • Mercari, Inc. • Android Engineer • Garum https://github.com/operando/Garum
- 6. Google I/O 2015 新しいパミッションモデルの超訳 http://www.taosoftware.co.jp/blog/2015/06/google-‐‑‒i-‐‑‒ o-‐‑‒2015-‐‑‒new-‐‑‒permission_̲model.html
- 9. App Permissions? New App Permissions Model
- 10. App Permissions? “user does not have to grant any permissions when they install or upgrade the app. “
- 11. App Permissions? “Instead, the app requests permissions as it needs them, and the system shows a dialog to the user asking for the permission. “
- 12. App Permissions?
- 13. App Permissions? “If an app supports the new permissions model, it can still be installed and run on devices running older versions of Android, using the old permissions model on those devices.“
- 14. App Permissions? “Users can revoke an app's permissions at any time.“ Permissions are Revocable
- 15. App Permissions? “On devices running the M Developer Preview, a user can turn off permissions for any app (including legacy apps) from the app's Settings screen. If a user turns off permissions for a legacy app, the system silently disables the appropriate functionality. When the app attempts to perform an operation that requires that permission, the operation will not necessarily cause an exception. Instead, it might return an empty data set, signal an error, or otherwise exhibit unexpected behavior. For example, if you query a calendar without permission, the method returns an empty data set.“ Forwards and backwards compatibility
- 16. App Permissions? “On devices running the M Developer Preview, a user can turn off permissions for any app (including legacy apps) from the app's Settings screen. If a user turns off permissions for a legacy app, the system silently disables the appropriate functionality. When the app attempts to perform an operation that requires that permission, the operation will not necessarily cause an exception. Instead, it might return an empty data set, signal an error, or otherwise exhibit unexpected behavior. For example, if you query a calendar without permission, the method returns an empty data set.“ Forwards and backwards compatibility ⻑⾧長い…
- 17. App Permissions? “On devices running the M Developer Preview, a user can turn off permissions for any app (including legacy apps) from the app's Settings screen. If a user turns off permissions for a legacy app, the system silently disables the appropriate functionality. When the app attempts to perform an operation that requires that permission, the operation will not necessarily cause an exception. Instead, it might return an empty data set, signal an error, or otherwise exhibit unexpected behavior. For example, if you query a calendar without permission, the method returns an empty data set.“ Forwards and backwards compatibility App Permissionsに対応してないアプリで権限をOFFした時の話。 例例外起きない。 空データ返ってくる。
- 18. App Permissions?
- 19. つまり…
- 20. iOS like Permission Model
- 21. 許可が必要な機能
- 22. • Location • Camera • Microphone • Phone • SMS • Contacts • Calendar • Sensor 許可が必要な機能
- 23. e.g. android.permission.READ_̲PHONE_̲STATE android.permission.CAMERA"
- 25. How to Permissions • Check • Request • Handling
- 26. How to Permissions • Check • Request • Handling
- 28. String[] PERMISSIONS = new String[]{Manifest.permission.READ_PHONE_STATE}; if (checkSelfPermission(Manifest.permission.READ_PHONE_STATE) != PackageManager.PERMISSION_GRANTED) { requestPermissions(PERMISSIONS,PERMISSIONS_REQUEST_READ_PHONE_STATE); } else { showLineNumber(); } Check permissions
- 29. String[] PERMISSIONS = new String[]{Manifest.permission.READ_PHONE_STATE}; if (checkSelfPermission(Manifest.permission.READ_PHONE_STATE) != PackageManager.PERMISSION_GRANTED) { requestPermissions(PERMISSIONS,PERMISSIONS_REQUEST_READ_PHONE_STATE); } else { showLineNumber(); } Check permissions checkSelfPermission 指定Permissionが許可されているかどうか
- 30. String[] PERMISSIONS = new String[]{Manifest.permission.READ_PHONE_STATE}; if (checkSelfPermission(Manifest.permission.READ_PHONE_STATE) != PackageManager.PERMISSION_GRANTED) { requestPermissions(PERMISSIONS,PERMISSIONS_REQUEST_READ_PHONE_STATE); } else { showLineNumber(); } Check permissions checkSelfPermission ちなみに、これ ⼀一つのPermissionしか指定できない…
- 31. if (checkSelfPermission(Manifest.permission.READ_PHONE_STATE) != PackageManager.PERMISSION_GRANTED && checkSelfPermission(Manifest.permission.CAMERA) != PackageManager.PERMISSION_GRANTED && checkSelfPermission(Manifest.permission. READ_CALL_LOG) != PackageManager.PERMISSION_GRANTED … Check permissions checkSelfPermission (´́・ω・`)
- 32. public abstract class PermissionUtil { /** * Returns true if the Activity has access to all given permissions. * Always returns true on platforms below M. * * @see Activity#checkSelfPermission(String) */ public static boolean hasSelfPermission(Activity activity, String[] permissions) { if (!isMNC()) { return true; } for (String permission : permissions) { if (activity.checkSelfPermission(permission) != PackageManager.PERMISSION_GRANTED) { return false; } } return true; } public static boolean isMNC() { /* TODO: In the Android M Preview release, checking if the platform is M is done through the codename, not the version code. Once the API has been finalised, the following check should be used: */ // return Build.VERSION.SDK_INT == Build.VERSION_CODES.MNC return "MNC".equals(Build.VERSION.CODENAME); } } https://github.com/googlesamples/android-RuntimePermissions Sample CodeはUtilクラス作ってる
- 33. How to Permissions • Check • Request • Handling
- 34. String[] PERMISSIONS = new String[]{Manifest.permission.READ_PHONE_STATE}; if (checkSelfPermission(Manifest.permission.READ_PHONE_STATE) != PackageManager.PERMISSION_GRANTED) { requestPermissions(PERMISSIONS,PERMISSIONS_REQUEST_READ_PHONE_STATE); } else { showLineNumber(); } Request permissions requestPermissions 指定Permissionの権限(許可)を求める
- 35. How to Permissions • Check • Request • Handling
- 36. Handle the permissions request response
- 37. @Override public void onRequestPermissionsResult(int requestCode, String[] permissions, int[] grantResults) { if (MY_PERMISSIONS_REQUEST_READ_PHONE_STATE == requestCode) { if (grantResults[0] == PackageManager.PERMISSION_GRANTED) { showLineNumber(); Toast.makeText(this, "Phone Permission OK", Toast.LENGTH_SHORT).show(); } else { Toast.makeText(this, "Phone Permission NG", Toast.LENGTH_SHORT).show(); } } } private void showLineNumber() { TelephonyManager telephonyManager = (TelephonyManager) getSystemService(TELEPHONY_SERVICE); Toast.makeText(this, telephonyManager.getLine1Number(), Toast.LENGTH_SHORT).show(); } Handle the permissions request response
- 38. @Override public void onRequestPermissionsResult(int requestCode, String[] permissions, int[] grantResults) { if (MY_PERMISSIONS_REQUEST_READ_PHONE_STATE == requestCode) { if (grantResults[0] == PackageManager.PERMISSION_GRANTED) { showLineNumber(); Toast.makeText(this, "Phone Permission OK", Toast.LENGTH_SHORT).show(); } else { Toast.makeText(this, "Phone Permission NG", Toast.LENGTH_SHORT).show(); } } } private void showLineNumber() { TelephonyManager telephonyManager = (TelephonyManager) getSystemService(TELEPHONY_SERVICE); Toast.makeText(this, telephonyManager.getLine1Number(), Toast.LENGTH_SHORT).show(); } Handle the permissions request response onRequestPermissionResult Permissionの許可・否許可の結果が返される 結果によって処理理を分ける
- 39. @Override public void onRequestPermissionsResult(int requestCode, String[] permissions, int[] grantResults) { if (MY_PERMISSIONS_REQUEST_READ_PHONE_STATE == requestCode) { if (grantResults[0] == PackageManager.PERMISSION_GRANTED) { showLineNumber(); Toast.makeText(this, "Phone Permission OK", Toast.LENGTH_SHORT).show(); } else { Toast.makeText(this, "Phone Permission NG", Toast.LENGTH_SHORT).show(); } } } private void showLineNumber() { TelephonyManager telephonyManager = (TelephonyManager) getSystemService(TELEPHONY_SERVICE); Toast.makeText(this, telephonyManager.getLine1Number(), Toast.LENGTH_SHORT).show(); } Handle the permissions request response onRequestPermissionResult Permissionが許可されたら 権限が必要なAPIへアクセスする
- 42. • Only ask for permissions you need • Don't overwhelm the user • Explain why you need permissions Best Practices
- 43. App Permissions対応してないアプリ Android M Previewで動かした
- 44. App Permissions対応してないアプリ Android M Previewで動かした 意外とアプリ落落ちない
- 45. App Permissions対応してないアプリ Android M Previewで動かした 意外とアプリ落落ちない Forwards and backwards compatibility
- 46. App Permissions対応してないアプリ Android M Previewで動かした ただ、サービスへの影響は でかい
- 47. App Permissions対応してないアプリ Android M Previewで動かした ユーザさんの声 カメラが起動しません とにかく動きません
- 48. App Permissions対応してないアプリ Android M Previewで動かした Explain why you need permissions これ⼤大事
- 50. uses-‐‑‒permission-‐‑‒sdkに書かないで Permission Requestしたらどうなるのか?? Permission RequestのDialogが出なかった。 権限は否許可されたことになって onRequestPermissionResultに返ってくる。 例例外とかにはならない。
- 53. Permissionの許可・否許可って どこで管理理されてるの?? /data/system/users/{userId}/runtime-‐‑‒permissions.xml <pkg name="com.os.operando.m_preview_sample"> <item name="android.permission.READ_PHONE_STATE" granted="true" flags="0" /> <item name="android.permission.CAMERA" granted="false" flags="0" /> </pkg>
- 54. Permissionの許可・否許可って どこで管理理されてるの?? /data/system/users/{userId}/runtime-‐‑‒permissions.xml /data/system/users/{userId}配下には 各ユーザの設定ファイル等がある。 Settingsのファイルとかウィジットの位置とか⾊色々。
- 58. adb shellから権限を変更更できる?? $ adb shell pm grant <package_̲name> <permission_̲name> $ adb shell pm revoke <package_̲name> <permission_̲name>
- 61. Permissionを要求するAPI調べたい Android Studio 1.3から Permissionを要求するAPIには注釈が出る?? Lintでもチェックできる?? ※検証してない…
- 62. App Ops Android 4.3
- 63. App Ops App Permission Manager
- 64. App Permision = App Ops ?
- 65. App Permision ≠ App Ops ?
- 66. App Permision || Renewal App Ops !! ※推測
- 68. Legacy??
- 69. まとめ • とにかく既存のアプリをM Previewで動かしてみ?? • 正式にAndroid M出たら、すぐ対応しないとダメそう • とにかく偉い⼈人に、今からApp Permissionsの説明しよう • ユーザが混乱しないために、サービスに対する影響範囲とか 問い合わせ等の対応策は、今から考えておいた⽅方がいい
- 70. Thank you