Wednesday, June 6, 2018

New permission group in Android P makes it clear when apps want to read call log or phone number

Android Developer Preview 3 (Android P Beta 2) just dropped, and with it comes a number of changes—mostly under the hood. While there are some user-facing changes, nearly all the changes are in preparation for the final release. The biggest part of the update is the finalized APIs, which means that you can build an application now targeting API 28, Android P. In Developer Preview 3, a new permission group has been added. This permission group pertains specifically to the Android call log, meaning that when an application wants to read your call log or phone numbers, a prominent, user-facing message will display telling them exactly what kind of access they are granting an app.

First, these are the new strings that a user will see when any permission in the new CALL_LOG permission group is requested.

  <string name="permgroupdesc_calllog">read and write phone call log</string>  <string name="permgrouprequest_calllog">Allow &lt;b>%1$s&lt;/b> to access your phone call logs?</string>  
android p

The permission box that appeared when requesting READ_CALL_LOG, which was previously under the PHONE permission group.

How will this affect existing applications? Android uses permission groupings for permissions marked as "dangerous" to manage the level of access granted to an application and choose the message to be displayed to the user. Previously, READ_CALL_LOG and other call log related permissions were shown as part of the general "access the phone features of the device" dialogue, but that message is extremely vague. Not only that, it could be argued that it's irrelevant to your device's call log. Android P Developer Preview 3 has regrouped all call log related permissions into a brand new group appropriately called CALL_LOG so that a more suitable message will appear when an application requests it.

android p


Applications will need to explicitly request the CALL_LOG, READ_CALL_LOG, WRITE_CALL_LOG, or PROCESS_OUTGOING_CALLS permissions from the CALL_LOG group if they need to access the call log or process outgoing calls, according to the Android P developer preview documentation. Also, developers will need to account for when the user denies the app access to call log information.

Android P Developer Preview 3 Android P Beta 2 Android P Developer Preview 3 Android P Beta 2

You can also check out the new permission grouping taken from the decompiled Android Framework below.

  <permission-group android:description="@string/permgroupdesc_calllog" android:icon="@drawable/perm_group_phone_calls" android:label="@string/permgrouplab_calllog" android:name="android.permission-group.CALL_LOG" android:priority="450" android:request="@string/permgrouprequest_calllog"/>  <permission android:description="@string/permdesc_accessImsCallService" android:label="@string/permlab_accessImsCallService" android:name="android.permission.ACCESS_IMS_CALL_SERVICE" android:protectionLevel="privileged|signature"/>  <permission android:description="@string/permdesc_readCallLog" android:label="@string/permlab_readCallLog" android:name="android.permission.READ_CALL_LOG" android:permissionGroup="android.permission-group.CALL_LOG" android:protectionLevel="dangerous"/>  <permission android:description="@string/permdesc_writeCallLog" android:label="@string/permlab_writeCallLog" android:name="android.permission.WRITE_CALL_LOG" android:permissionGroup="android.permission-group.CALL_LOG" android:protectionLevel="dangerous"/>  <permission android:description="@string/permdesc_processOutgoingCalls" android:label="@string/permlab_processOutgoingCalls" android:name="android.permission.PROCESS_OUTGOING_CALLS" android:permissionGroup="android.permission-group.CALL_LOG" android:protectionLevel="dangerous"/>  

Source: Android P Developer Documentation

from xda-developers