: Beginning Android

Enforcing Permissions via the Manifest

Enforcing Permissions via the Manifest

Activities, services, and intent receivers can all declare an attribute named android:permission, whose value is the name of the permission that is required to access those items:

<activity
android:name=".SekritApp"
android:label="Top Sekrit"
android:permission="vnd.tlagency.sekrits.SEE SEKRITS">
<intent-filter>
<action android:name="android.intent.action.MAIN" />
<category
android:name="android.intent.category.LAUNCHER" />
</intent-filter>
</activity>

Only applications that have requested your indicated permission will be able to access the secured component. In this case, access means the following:

Activities cannot be started without the permission.

Services cannot be started, stopped, or bound to an activity without the permission.

Intent receivers ignore messages sent via sendBroadcast() unless the sender has the permission.

Content providers offer two distinct attributes: readPermission and writePermission:

<provider
android:name=".SekritProvider"
android:authorities="vnd.tla.sekrits.SekritProvider"
android:readPermission="vnd.tla.sekrits.SEE SEKRITS"
android:writePermission="vnd.tla.sekrits.MOD SEKRITS" />

In this case, readPermission controls access to querying the content provider, while writePermission controls access to insert, update, or delete data in the content provider.


: 1.172. /Cache: 3 / 1