How does Content Provider's application specify permissions that client apps need in order to access the provider's data?

android permissions android-manifest android-contentprovider android-contentresolver
Solace picture Solace · May 7, 2015 · Viewed 9.3k times · Source

BACKGROUND

I am reading this tutorial on Android Content Providers. I understand from this tutorial that,

In order for other applications to access a Content Provider's data, the provider application must specify the permissions which the client applications need to have to access the its provider's data.

Client applications specify the permissions they require in their manifest file using the <uses-permission> element, e.g.

<uses-permission android:name="android.permission.READ_USER_DICTIONARY" > <!-- In the client app's manifest -->

Then the APK manager asks the user's consent on these permissions (in the client app) when the user is installing the client application.

QUESTION

My question is that how does the provider (app) specify the permissions that other client apps must be granted in order for them to access the provider's data?

From the developer guide,

To find the exact name of the read access permission for the provider you're using, as well as the names for other access permissions used by the provider, look in the provider's documentation.

So is that the way to specify those permissions in the provider app - in the provider's documentation? If so, where is that documentation found? Where can I find that documentation for the SearchableDictionary provider (used as an example in the tutorial), and if I write a Content Provider in my app, where shall I provide that documentation?

Answer

Leo Lin picture Leo Lin · May 7, 2015

Define Permission in provider app's AndroidManifest.xml

<permission
    android:name="com.myapp.PERMISSION"/>

Define Provider in provider app's AndroidManifest.xml

<provider
        android:name=".MyProvider"
        android:authorities="com.myapp.MyProvider.AUTHORITY"
        android:enabled="true"
        android:exported="true"
        android:multiprocess="true"
        android:readPermission="com.myapp.PERMISSION" />

Client's AndroidManifest.xml should have uses-permission tag

<uses-permission android:name="com.myapp.PERMISSION"/>

Then client can access the provider

Cursor cursor = getContentResolver().query(
Uri.parse("content://com.myapp.MyProvider.AUTHORITY/xxx" ),null, null, null, null);

Related questions

Adding Permissions in AndroidManifest.xml in Android Studio?

In Eclipse we were able to add permissions in AndroidManifest.xml by going to AndroidManifest.xml->Permission-> Adding permissions. How to add permissions in Android Studio? How can we get a list of all the permissions that we …

Read More
Warnings Your Apk Is Using Permissions That Require A Privacy Policy: (android.permission.READ_PHONE_STATE)

In manifest not added android.permission.READ_PHONE_STATE. permission. Why error comes when I upload a new apk version error comes below. Your app has an apk with version code 1 that requests the following permission(s): android.permission.READ_…

Read More
List of Android permissions normal permissions and dangerous permissions in API 23?

Which permissions need for requesting permissions at run time of API 23?

Read More