With Android 6.0 Marshmallow (API 23) Google has finally included a new permissions model similar to iOS.
The new model is quite a change for app developers, because they have to handle permission requests at runtime and can’t rely on the fact that they are automatically granted by installing the app. In addition users can revoke them at any time.
This means you have to handle new situations:
- your app still has to work even when the user denies the permission.
- the user may revoke permissions later on.
- you can explain yourself why your app needs the the requested permission.
As a developer it is important to explain why you need the requested permissions. This helps to build up trust in your app. Major apps are doing this by using the two dialog system. The first dialog explains why the permission is needed and the second one is actually the system permission dialog.
Here is an example how twitter handles the permission requests:
The most important part is that the app should still be working even when a user doesn’t accept a permission check. You also need to handle the fact that it can be manually revoked afterwards.
It’s important to check for permissions every time you need them!
Check permissions at runtime
Here is a short example how to implement the new permissions system. You can check if the appropriate permission is granted by calling the checkSelfPermission() method.
shouldShowRequestPermissionRationale() is a utility method to find out if the app has requested this permission previously and the user denied the request. It tells you if the user selected a checkbox to be never asked again for the permission or the device policy prohibits the app from having the permission.
When the user answers to the permission request the app’s callback method will be called. You can override this method in your activity to evaluate the result.
At last I want to recommend the Youtube Video from Google Dev. It shows the basics how to integrate runtime permissions into your Android app: