Tuesday, 14 July 2015

Permissions in Android M Preview

Milkyway? Well I guess so but macaroon, muffin, marsmallow are still good candidates to become the name of the new Android version. We have more to make guesses until the final version is relased in quarter 3. Following last years tradition of releasing a preview version at the time IO, Google has already released M Preview. Unlike last year this preview release pretty much functional and two more previews will be release (end june and end july) before the final version.

Let's forget about the naming and deep dive into technical parts of 'M'. If you are planning to have hands on experience on M, the system images for your devices are located here. If your android studio is subscribed the preview channel for sdk updates, you should have already been informed about an available sdk update which is called "android-MNC".

The most significant change with M is the permissions. Android applications ask for permissions before the installiation of an app. Once the app is given the permissions it is asking for, disabling a permission is not an option for the user. This was a simple design decision (both for users and developers) but introduced undesired app behavior for a user. However, on M, permissions are granted or denied at runtime.

If the permission is denied the app may receive an empty object, a null object or may even got a security exception. Since apps relied on permissions to be granted automatically until M, this would introduce an important change to legacy apps.

If you do not update you app compiled with target sdk pointing M, the application will ask for list of needed permissions at the time of install. However, the user can always turn of a granted permission which leaves the app to deal with denied permission. A dialog saying the app may crash will be shown while if user disables a permission. If you compiled your app with M as the the target sdk, the app will install silently and ask for each needed permission at the time execution.

This a big change which may effect previous code. Simply you need to revisit your old apps make sure you handle the cases where permission is not granted. In most cases the app should recover and continue working.

I think this a very good change. Users tend to not read permissions while installing (do any of you read agreements?) but asking permissions in runtime always gets the attention of the user. Plus the user would realize what current context and judge if the permissions makes sense.

Welldone Android team, let's see how old apps will survive the change..