PermissionChecker

Added in 1.1.0

public final class PermissionChecker


This class provides permission check APIs that verify both the permission and the associated app op for this permission if such is defined.

In the new permission model permissions with protection level dangerous are runtime permissions. For apps targeting M and above the user may not grant such permissions or revoke them at any time. For apps targeting API lower than M these permissions are always granted as such apps do not expect permission revocations and would crash. Therefore, when the user disables a permission for a legacy app in the UI the platform disables the APIs guarded by this permission making them a no-op which is doing nothing or returning an empty result or default error.

It is important that when you perform an operation on behalf of another app you use these APIs to check for permissions as the app may be a legacy app that does not participate in the new permission model for which the user had disabled the "permission" which is achieved by disallowing the corresponding app op.

Summary

Constants

static final int

Permission result: The permission is denied.

static final int

Permission result: The permission is denied because the app op is not allowed.

static final int

Permission result: The permission is granted.

Public methods

static int
checkCallingOrSelfPermission(
    @NonNull Context context,
    @NonNull String permission
)

Checks whether the IPC you are handling or your app has a given permission and whether the app op that corresponds to this permission is allowed.

static int
checkCallingPermission(
    @NonNull Context context,
    @NonNull String permission,
    @Nullable String packageName
)

Checks whether the IPC you are handling has a given permission and whether the app op that corresponds to this permission is allowed.

static int
checkPermission(
    @NonNull Context context,
    @NonNull String permission,
    int pid,
    int uid,
    @Nullable String packageName
)

Checks whether a given package in a UID and PID has a given permission and whether the app op that corresponds to this permission is allowed.

static int

Checks whether your app has a given permission and whether the app op that corresponds to this permission is allowed.

Constants

PERMISSION_DENIED

Added in 1.1.0
public static final int PERMISSION_DENIED = -1

Permission result: The permission is denied.

PERMISSION_DENIED_APP_OP

Added in 1.1.0
public static final int PERMISSION_DENIED_APP_OP = -2

Permission result: The permission is denied because the app op is not allowed.

PERMISSION_GRANTED

Added in 1.1.0
public static final int PERMISSION_GRANTED = 0

Permission result: The permission is granted.

Public methods

checkCallingOrSelfPermission

Added in 1.1.0
public static int checkCallingOrSelfPermission(
    @NonNull Context context,
    @NonNull String permission
)

Checks whether the IPC you are handling or your app has a given permission and whether the app op that corresponds to this permission is allowed.

Parameters
@NonNull Context context

Context for accessing resources.

@NonNull String permission

The permission to check.

Returns
int

The permission check result which is either PERMISSION_GRANTED or PERMISSION_DENIED or PERMISSION_DENIED_APP_OP.

checkCallingPermission

Added in 1.1.0
public static int checkCallingPermission(
    @NonNull Context context,
    @NonNull String permission,
    @Nullable String packageName
)

Checks whether the IPC you are handling has a given permission and whether the app op that corresponds to this permission is allowed.

Parameters
@NonNull Context context

Context for accessing resources.

@NonNull String permission

The permission to check.

@Nullable String packageName

The package name making the IPC. If null the the first package for the calling UID will be used.

Returns
int

The permission check result which is either PERMISSION_GRANTED or PERMISSION_DENIED or PERMISSION_DENIED_APP_OP.

checkPermission

Added in 1.1.0
public static int checkPermission(
    @NonNull Context context,
    @NonNull String permission,
    int pid,
    int uid,
    @Nullable String packageName
)

Checks whether a given package in a UID and PID has a given permission and whether the app op that corresponds to this permission is allowed.

Parameters
@NonNull Context context

Context for accessing resources.

@NonNull String permission

The permission to check.

int pid

The process id for which to check.

int uid

The uid for which to check.

@Nullable String packageName

The package name for which to check. If null the the first package for the calling UID will be used.

Returns
int

The permission check result which is either PERMISSION_GRANTED or PERMISSION_DENIED or PERMISSION_DENIED_APP_OP.

checkSelfPermission

Added in 1.1.0
public static int checkSelfPermission(@NonNull Context context, @NonNull String permission)

Checks whether your app has a given permission and whether the app op that corresponds to this permission is allowed.

Parameters
@NonNull Context context

Context for accessing resources.

@NonNull String permission

The permission to check.

Returns
int

The permission check result which is either PERMISSION_GRANTED or PERMISSION_DENIED or PERMISSION_DENIED_APP_OP.