1 page.title=Declaring Permissions 2 helpoutsWidget=true 3 4 @jd:body 5 6 <div id="tb-wrapper"> 7 <div id="tb"> 8 <h2>This lesson teaches you to</h2> 9 <ul> 10 <li> 11 <a href="#perm-needed">Determine What Permissions Your App Needs</a> 12 </li> 13 <li> 14 <a href="#perm-add">Add Permissions to the Manifest</a> 15 </li> 16 </ul> 17 18 <!-- 19 <h2>Dependencies and Prerequisites</h2> 20 <ul> 21 <li></li> 22 </ul> 23 --> 24 25 <h2>You should also read</h2> 26 <ul> 27 <li><a href="{@docRoot}guide/topics/security/permissions.html#permissions"> 28 Using Permissions</a></li> <ul> 29 <li><a href="{@docRoot}guide/topics/security/permissions.html#normal-dangerous"> 30 Normal and Dangerous Permissions</a></li> 31 </ul> 32 </div> 33 </div> 34 35 <p> 36 Every Android app runs in a limited-access sandbox. If an app needs to use 37 resources or information outside of its own sandbox, the app has to request 38 the appropriate <i>permission.</i> You declare that your app needs a 39 permission by listing the permission in the <a href= 40 "{@docRoot}guide/topics/manifest/manifest-intro.html">App Manifest</a>. 41 </p> 42 43 <p> 44 Depending on how sensitive the permission is, the system might grant the 45 permission automatically, or the device user might have to grant 46 the request. For example, if your app requests permission to turn on the 47 device's flashlight, the system grants that permission automatically. But 48 if your app needs to read the user's contacts, the system asks the user 49 to approve that permission. Depending on the platform version, the user 50 grants the permission either when they install the app (on Android 5.1 and 51 lower) or while running the app (on Android 6.0 and higher). 52 </p> 53 54 <h2 id="perm-needed">Determine What Permissions Your App Needs</h2> 55 56 <p> 57 As you develop your app, you should note when your app is using capabilities 58 that require a permission. Typically, an app is going to need permissions 59 whenever it uses information or resources that the app doesn't create, or 60 performs actions that affect the behavior of the device or other apps. For 61 example, if an app needs to access the internet, use the device camera, or 62 turn Wi-Fi on or off, the app needs the appropriate permission. For a list of 63 system permissions, see <a href= 64 "{@docRoot}guide/topics/security/permissions.html#normal-dangerous">Normal 65 and Dangerous Permissions</a>. 66 </p> 67 68 <p> 69 Your app only needs permissions for actions that it performs directly. Your 70 app does not need permission if it is requesting that another app perform the 71 task or provide the information. For example, if your app needs to read the 72 user's address book, the app needs the {@link 73 android.Manifest.permission#READ_CONTACTS READ_CONTACTS} permission. But if 74 your app uses an <em>intent</em> to request information from the user's 75 Contacts app, your app does not need any permissions, but the 76 Contacts app <em>does</em> need to have that permission. For more 77 information, see <a href="best-practices.html#perms-vs-intents">Consider 78 Using an Intent</a>. 79 </p> 80 81 <h2 id="perm-add">Add Permissions to the Manifest</h2> 82 83 <p> 84 To declare that your app needs a permission, put a <a href= 85 "{@docRoot}guide/topics/manifest/uses-permission-element.html" 86 ><code><uses-permission></code></a> 87 element in your <a href= 88 "{@docRoot}guide/topics/manifest/manifest-intro.html">app manifest</a>, as a 89 child of the top-level <a href= 90 "{@docRoot}guide/topics/manifest/manifest-element.html"><code><manifest></code></a> 91 element. For example, an app that needs to send SMS messages would have this 92 line in the manifest: 93 </p> 94 95 <pre><manifest xmlns:android="http://schemas.android.com/apk/res/android" 96 package="com.example.snazzyapp"> 97 98 <strong><uses-permission android:name="android.permission.SEND_SMS"/></strong> 99 <!-- other permissions go here --> 100 101 <application ...> 102 ... 103 </application> 104 105 </manifest></pre> 106 107 <p> 108 The system's behavior after you declare a permission depends on how sensitive 109 the permission is. If the permission does not affect user privacy, the system 110 grants the permission automatically. If the permission might grant access to 111 sensitive user information, the system asks the user to approve the request. 112 For more information about the different kinds of permissions, see 113 <a href="{@docRoot}guide/topics/security/permissions.html#normal-dangerous">Normal 114 and Dangerous Permissions</a>. 115 </p> 116
