android permissions

Android Permissions

To protect the system’s integrity and the user’s privacy, Android runs each app in a limited access sandbox. If the app wants to use resources or information outside of its sandbox, the app has to explicitly request permission. Depending on the type of permission the app requests, the system may grant the permission automatically, or the system may ask the user to grant the permission.

Declaring Permissions

Declare that your app needs permission by listing the permission in the App Manifest.


Depending on how sensitive the permission is, the system might grant the permission automatically, or the device user might have to grant the request.


For example, if your app requests permission to turn on the device’s flashlight, the system grants that permission automatically. But if your app needs to read the user’s contacts, the system asks the user to approve that permission.


Depending on the platform version, the user grants the permission either when they install the app (on Android 5.1 and lower) or while running the app (on Android 6.0 and higher).


<manifest xmlns:android=
<uses-permission android:name=android.permission.WRITE_EXTERNAL_STORAGE />
<uses-permission android:name=android.permission.ACCESS_FINE_LOCATION/>
<uses-permission android:name=android.permission.ACCESS_COARSE_LOCATION/>
<application …>
view rawAndroidManifest.xml hosted with ❤ by GitHub

Requesting Permissions

Beginning in Android 6.0 (API level 23), users grant permissions to apps while the app is running, not when they install the app.



It gives the user more control over the app’s functionality; for example, a user could choose to give a camera app access to the camera but not to the device location. The user can revoke the permissions at any time, by going to the app’s Settings screen.

System permissions are divided into two categories

  • Normal permissions do not directly risk the user’s privacy. If an app lists normal permission in its manifest, the system grants the permission automatically. The complete list of normal permissions can be found here.
  • Dangerous permissions can give the app access to the user’s confidential data. For these permissions, the user has to explicitly give approval to the app. The complete list of dangerous permissions can be found here.

Handling Permissions at Runtime

For applications to support new Runtime Permissions, in `` file  set `compileSdkVersion`  and `targetSdkVersion` to 23.

apply plugin:
android {
compileSdkVersion 23
buildToolsVersion 23.0.3
defaultConfig {
applicationId com.example.myapp
minSdkVersion 10
targetSdkVersion 23
versionCode 1
versionName 1.0
buildTypes {
release {
minifyEnabled false
proguardFiles getDefaultProguardFile(proguard-android.txt),
dependencies {
compile fileTree(dir: libs, include: [*.jar])
compile com.github.bumptech.glide:glide:3.7.0
testCompile junit:junit:4.12
view rawbuild.gradle hosted with ❤ by GitHub

Moving forward, in <ActivityClass>.java, before accessing any restricted content we will need to check for appropriate permission at runtime. This is to be done using Android `checkSelfPermission` API.
`int hasWriteContactsPermission = checkSelfPermission(Manifest.permission.WRITE_CONTACTS)`

If permission is granted, we are good to go else we need to request permission.

We will need to explicitly call `requestPermissions` API to show the request permission dialog box, Android will not do this for us.

private void takePhoto() {
//Make sure we have permission to write to external storage
int hasWriteExternalStoragePermission = checkSelfPermission(Manifest.permission.WRITE_EXTERNAL_STORAGE);
if (hasWriteExternalStoragePermission == PackageManager.PERMISSION_GRANTED)
private void captureImage(){
//Code to capture image from camera
private void requestPermissionWriteToLocalStorage(){
requestPermissions(new String[] {Manifest.permission.WRITE_EXTERNAL_STORAGE}, WRITE_EXTERNAL_STORAGE_REQUEST_CODE);
view hosted with ❤ by GitHub

In line 5, we get current status for permission. If permission is granted, we continue with our action else we request the user for permission.

Handling Permission Results

Permission results are communicated to the app via onRequestPermissionsResult callback method. Override this to handle the result.

public void onRequestPermissionsResult(int requestCode, @NonNull String[] permissions, @NonNull int[] grantResults) {
if (grantResults[0] == PackageManager.PERMISSION_GRANTED)
if (shouldShowRequestPermissionRationale(Manifest.permission.WRITE_EXTERNAL_STORAGE))
Toast.makeText(MainActivity.this, You need to allow permission to Write to External Storage, Toast.LENGTH_LONG).show();
super.onRequestPermissionsResult(requestCode, permissions, grantResults);
private void showRationaleDialog(){
new AlertDialog.Builder(MainActivity.this)
.setMessage(Application needs access to READ/WRITE LocalStorage to store images.)
.setPositiveButton(OK, new DialogInterface.OnClickListener() {
public void onClick(DialogInterface dialog, int which) {
.setNegativeButton(Cancel, null)

If permission is granted, we continue with our intended actions.

In case, the permission is denied,  check with Android if we should show a permission rationale. `shouldShowRequestPermissionRationale` allows us to communicate the purpose of the permission to the user.

`shouldShowRequestPermissionRationale` returns `false` if the user has denied permission with option `Never ask again`. In this case, we can not invoke the Android permission dialog via `requestPermissions` API and user will have to enable permission via app settings. It makes sense to let the user know of the missing permission.

`shouldShowRequestPermissionRationale` Gets whether you should show UI with rationale for requesting permission. You should do this only if you do not have the permission and the context in which the permission is requested does not clearly communicate to the user what would be the benefit of granting this permission.

android permission

Gotcha: Above implementation only works for Android API level 23 and is not compatible with older versions.

Better Fix: Use `` as specified in build.gradle line 24. Now your code should use Support library and make the following changes

=> ContextCompat.checkSelfPermission(MainActivity.this, Manifest.permission.WRITE_EXTERNAL_STORAGE);
requestPermissions(new String[] {Manifest.permission.WRITE_EXTERNAL_STORAGE}, WRITE_EXTERNAL_STORAGE_REQUEST_CODE);
=> ActivityCompat.requestPermissions(MainActivity.this, new String[] {Manifest.permission.WRITE_EXTERNAL_STORAGE}, WRITE_EXTERNAL_STORAGE_REQUEST_CODE);
=> ActivityCompat.shouldShowRequestPermissionRationale(MainActivity.this, Manifest.permission.WRITE_EXTERNAL_STORAGE)

And we are done here!!

For targeting Android M or higher, refer to wrapper library EasyPermissions.

About RemotePanda


RemotePanda is a global marketplace for Freelancers. Our concierge service means you have someone to take care of your needs right from profile matching to hiring and throughout the project. We set the KPIs for the work and build accountability within the process for the Freelancers.
Thinking Freelancers, Think RemotePanda

hire freelance android developers
No Comments

Post a Comment