AndroidManifest.xml 中的最大 Android 权限

Question

Adding a lot of permissions doesn't cause problems, as far as I know. So why a developer should not be asking for all the available permissions, Including unnecessary ones?

I noticed that Android doesn't ask for the user's permissions for some of the permissions. What's the reason for that?

Answer 1

You must follow the Permissions best practices.

1. You must specify in your Manifest only the permissions that you need. If you ask for not necessary ones or too many then users will most likely remove your app even before they fully run it.

2. Is better to request each Permission or group of Permissions whenever is first needed. Though, if it's just a couple of permissions probably you can ask for them right away at start time.

3. The fact that a Permission is declared in the Manifest doesn't mean it is Granted, it only means that the app will require it. And yes, you still need to ask each to be granted.

4. A practical example. A camera app:

   • The first time it runs should ask for the storage and camera permissions, so it can take photos and write them to file.
   • Then the user changes to video mode, at this point you can ask for the Audio permission, so videos can be recorded with audio.
   • Probably the app can have an extra option in its settings window, which may allow to save the GPS location in the EXIF data. So, when accessing such setting the app may ask for the Location permission.

This may sound at first glance like a lot of requests at different points, but this is how is specified by the best practices. Permissions should be requested in a way that doesn't overwhelm the user.

More details in next link: https://developer.android.com/training/permissions/usage-notes

And a final clarification. If a specific API call requires a permission which isn't granted, then an Exception will be thrown at the moment that such API call gets executed.