Permissions can be used to protect application components. An activity is a component that interacts with the user and should be protected. To do that, we can define custom app permissions.
First, we need to declare custom permission in the app manifest file by using <permission> element. To control access to an activity, we can add the android:permission attribute to the activity's declaration.
app/src/main/AndroidManifest.xml (first application)
<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="com.example.app">
<permission android:name="com.example.app.permission.CUSTOM_PERMISSION"
android:label="Custom permission" android:protectionLevel="normal" />
<application
android:allowBackup="true"
android:icon="@mipmap/ic_launcher"
android:label="@string/app_name"
android:roundIcon="@mipmap/ic_launcher_round"
android:supportsRtl="true"
android:theme="@style/AppTheme">
<activity android:name=".MainActivity">
<intent-filter>
<action android:name="android.intent.action.MAIN" />
<category android:name="android.intent.category.LAUNCHER" />
</intent-filter>
</activity>
<activity android:name=".ProtectedActivity"
android:permission="com.example.app.permission.CUSTOM_PERMISSION">
<intent-filter>
<action android:name="com.example.app.CUSTOM_ACTION" />
<category android:name="android.intent.category.DEFAULT" />
</intent-filter>
</activity>
</application>
</manifest>Now we need to create a second application that will be used to open protected activity of the first application. In the layout XML file we added a Button which will used to open protected activity.
app/src/main/res/layout/activity_main.xml (second application)
<?xml version="1.0" encoding="utf-8"?>
<RelativeLayout xmlns:android="http://schemas.android.com/apk/res/android"
xmlns:tools="http://schemas.android.com/tools"
android:layout_width="match_parent"
android:layout_height="match_parent"
tools:context=".MainActivity">
<Button
android:id="@+id/myButton"
android:layout_width="wrap_content"
android:layout_height="wrap_content"
android:layout_centerInParent="true"
android:text="Open" />
</RelativeLayout>In the second application, we created an Intent object. We specified its action and category. The permission is checked when activity is started by using startActivity() or startActivityForResult() method.
app/src/main/java/com/example/app/MainActivity.kt (second application)
package com.example.app2
import android.content.Intent
import androidx.appcompat.app.AppCompatActivity
import android.os.Bundle
import kotlinx.android.synthetic.main.activity_main.*
class MainActivity : AppCompatActivity()
{
override fun onCreate(savedInstanceState: Bundle?)
{
super.onCreate(savedInstanceState)
setContentView(R.layout.activity_main)
myButton.setOnClickListener { start() }
}
private fun start()
{
val intent = Intent()
intent.action = "com.example.app.CUSTOM_ACTION"
intent.addCategory("android.intent.category.DEFAULT")
startActivity(intent)
}
}The SecurityException is thrown if the caller doesn't have the required permission.
java.lang.SecurityException: Permission Denial: starting Intent ...
requires com.example.app.permission.CUSTOM_PERMISSIONTo request a permission, a second application must include a <uses-permission> element in its manifest file.
app/src/main/AndroidManifest.xml (second application)
<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="com.example.app">
<uses-permission android:name="com.example.app.permission.CUSTOM_PERMISSION" />
<application>
...
</application>
</manifest>
Leave a Comment
Cancel reply