Using Permissions
A basic Android application has no permissions associated with it,
meaning it can not do anything that would adversely impact the user experience
or any data on the device. To make use of protected features of the device,
you must include in your AndroidManifest.xml
one or more
<uses-permission>
tags declaring the permissions that your application needs.
For example, an application that needs to monitor incoming SMS messages would
specify:
<manifest xmlns:android="https://schemas.android.com/apk/res/android"
package="com.android.app.myapp" >
<uses-permission android:name="android.permission.RECEIVE_SMS" />
</manifest>
At application install time, permissions requested by the application are
granted to it by the package installer, based on checks against the
signatures of the applications declaring those permissions and/or interaction
with the user. No checks with the user
are done while an application is running: it either was granted a particular
permission when installed, and can use that feature as desired, or the
permission was not granted and any attempt to use the feature will fail
without prompting the user.
Often times a permission failure will result in a SecurityException being thrown back to the application. However,
this is not guaranteed to occur everywhere. For example, the sendBroadcast(Intent) method checks permissions as data is
being delivered to each receiver, after the method call has returned, so you
will not receive an exception if there are permission failures. In almost all
cases, however, a permission failure will be printed to the system log.
The permissions provided by the Android system can be found at Manifest.permission. Any application may also define and enforce its
own permissions, so this is not a comprehensive list of all possible
permissions.
A particular permission may be enforced at a number of places during your
program's operation:
- At the time of a call into the system, to prevent an application from
executing certain functions.
- When starting an activity, to prevent applications from launching
activities of other applications.
- Both sending and receiving broadcasts, to control who can receive
your broadcast or who can send a broadcast to you.
- When accessing and operating on a content provider.
- Binding or starting a service.