Permissions used when they are not needed.
Issue generated from Tuleap's migration script. Originally submitted by: ring user (username)
Upon opening Ring on Android it asks for the Camera permission, it will keep on doing it all the time until you either ban it from or allow it to. There is no need at all for camera when not video calling. Other permissions are possibly used in the same way, fe. the voice one.
Here is the new behaviour :
- at first launch, we ask for the main necessary permissions :
ie: Microphone, Contacts and Camera
- if the user refuses Microphone, the app can not run properly, so
it is automatically closed
- if the user refuses any of the two other permissions, the app
does not propose them anymore. The user has to trigger them
from his Android applications settings, or thanks to the app
in the settings and edit account screens.
In this last scenario, we propose this previously denied per-
mission.
- if the user denies a permission with the "Do not ask me anymore"
option enabled, he will have to activate them from the Android
applications settings.
- when the user creates his account, the Video Enabled settings is
initialized with the value of permission grant.
The scope of this issue has been widen since the discovery of issues concerning other permissions.
This artifacts now covers the READ_CONTACTS and WRITE_CALL_LOG permissions in the settings, and their behaviour in the whole application.
Cf :
I am able to get this stack trace by manually going in Settings -> Apps -> Ring -> Permissions turn off Contacts permission and coming back to the app
java.lang.SecurityException: Permission Denial: opening provider com.android.providers.contacts.ContactsProvider2 from ProcessRecord{27eccda 6766:cx.ring/u0a65} (pid=6766, uid=10065) requires android.permission.READ_CONTACTS or android.permission.WRITE_CONTACTS
at android.os.Parcel.readException(Parcel.java:1599)
at android.os.Parcel.readException(Parcel.java:1552)
at android.app.ActivityManagerProxy.getContentProvider(ActivityManagerNative.java:3550)
at android.app.ActivityThread.acquireProvider(ActivityThread.java:4778)
at android.app.ContextImpl$ApplicationContentResolver.acquireUnstableProvider(ContextImpl.java:2018)
at android.content.ContentResolver.acquireUnstableProvider(ContentResolver.java:1468)
at android.content.ContentResolver.query(ContentResolver.java:475)
at android.content.ContentResolver.query(ContentResolver.java:434)
at cx.ring.model.CallContact.buildUserContact(CallContact.java:96)
at cx.ring.views.MenuHeaderView.initViews(MenuHeaderView.java:135)
at cx.ring.views.MenuHeaderView.(MenuHeaderView.java:75)
at cx.ring.client.HomeActivity$7.onServiceConnected(HomeActivity.java:420)
Also, When turning on Ring -> Settings -> Allow system contacts, I accept the permission in the popup, go back to home screen, contacts are not loaded.
I have to force quit the app and relaunch.
Second point is more important, this is what the user will see. First point is actually acceptable because the exception is properly handled in the code (it's just ugly to see that in log)