Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

Adobe AIR Development

Reply
Developer
Posts: 1,280
Registered: ‎03-03-2011
My Device: Playbook, Z10, Q10, Z30 with Files & Folders and Orbit of course
My Carrier: Vodafone

Permissions API request

Hey RIM,

 

it would be really useful to have an API to examine permissions and request new permissions at runtime:

 

  • a function to check whether a permission has been granted
  • a function to revoke a granted permission if no longer needed
  • a function to ask for a permission permanently
  • a function to ask for a permission until the app is closed
  • a function to ask for a permission for a limited time period

The functions that ask for permissions could include a "reason" parameter that is displayed to the user upon request, i.e.

 

The application application name is requesting permission to access something because reason

 

For instance:

 

The application Files & Folders is requesting permission to access the internet because you asked it to connect to Dropbox

 

      • Grant: 
         
        • always
        • just this once, until I close the application
        • until [user-selectable date, default tomorrow]
      • Deny

 

This way, the users will not have to grant all kinds of permissions to an app that only uses them for certain features. It would also improve security: users could check out apps while having better control over security.

 

Cheers,       - Jon -

 

Files & Folders, the unified file & cloud manager for PlayBook and BB10 with SkyDrive, SugarSync, Box, Dropbox, Google Drive, Google Docs. Free 3-day trial! - Jon Webb - Innovatology - Utrecht, Netherlands
Developer
Posts: 6,473
Registered: ‎12-08-2010
My Device: PlayBook, Z10
My Carrier: none

Re: Permissions API request

I wanted this last week too, when I was thinking about adding a feature that would be little-used, but would benefit from having access to the device id information when used.

Having to ask for that permission up front, before the first launch, could "frighten" some users since it wouldn't normally be needed by such an app.

Only if they activated the little-used feature, however, would it then ask. It could show them an explanation in advance ("You will be asked to grant permission to this app to access device information. It's needed for ....") and then trigger the "request permission" API. (Or, Jon's suggestion of including a reason in the request would be sufficient.)

Peter Hansen -- (BB10 and dev-related blog posts at http://peterhansen.ca.)
Author of White Noise and Battery Guru for BB10 and for PlayBook | Get more from your battery!
Developer
Posts: 6,473
Registered: ‎12-08-2010
My Device: PlayBook, Z10
My Carrier: none

Re: Permissions API request

Jon entered this into Jira as a feature request, TABLET-289.

 

(MSohm, could that one be made public so people can vote please?)


Peter Hansen -- (BB10 and dev-related blog posts at http://peterhansen.ca.)
Author of White Noise and Battery Guru for BB10 and for PlayBook | Get more from your battery!
BlackBerry Development Advisor
Posts: 172
Registered: ‎10-25-2010
My Device: Not Specified

Re: Permissions API request

Having the application specify a reason would open up a security hole, so it is highly likely you would never see that.

 

The "work around" for now would be to tell the user in your application how to grant access for a specific permission for  in the settings. I know it is not an ideal solution right now, but it at least allows you to explain to users why and when you would need the permission.

 

I'll ask around internally if this is even technically possible. I am pretty sure all permissions get set when the application is  launched and not sure what it would take to make that happen at runtime.

Developer
Posts: 6,473
Registered: ‎12-08-2010
My Device: PlayBook, Z10
My Carrier: none

Re: Permissions API request

Julian, some followups to specific items:

 

1. I'm not clear how specifying a reason is more of a security hole than the current situation would be.  In my app's description, I might write "Note that this app requires access to your shared folders in order to save configuration data", to convince the user to grant that permission.  In actual fact, I might then use that access to read all there data and send it to my own server without them knowing.  I don't think we're suggesting that the current warning ("This could potentially be used to share your personal data.") be eliminated, just that the app could in effect supplement that with its own explanation, so the user wouldn't operate entirely from fear as they might now.

 

2. The "work around" is merely the current state of affairs, which of course is available.  The whole point of this request is that it allows the app to defer asking for a permission that may never be requested for many users, or similar things.

 

3. This feature may still be very useful even if it can't apply to all permissions.  Perhaps only a few are technically possible (e.g. maybe "Device Identifying Information" and "GPS" but not "Files"), but I believe that would still make it very useful for improving the user experience in some cases.  I can't see that not being able to support this for all permissions is a good reason to reject the feature for the ones that could be supported.

 

Thanks for looking into it.  I doubt Jon and I are the only two to have thought this would be good for our users.


Peter Hansen -- (BB10 and dev-related blog posts at http://peterhansen.ca.)
Author of White Noise and Battery Guru for BB10 and for PlayBook | Get more from your battery!
BlackBerry Development Advisor
Posts: 15,753
Registered: ‎07-09-2008
My Device: BlackBerry PRIV
My Carrier: Bell

Re: Permissions API request


peter9477 wrote:

Jon entered this into Jira as a feature request, TABLET-289.

 

(MSohm, could that one be made public so people can vote please?)


It is now public.  

 

The API you describe is pretty well exactly how the ApplicationPermissions APIs work in the BlackBerry Java APIs.  I'll sync up with Julian offline to see what we can do here.

Mark Sohm
BlackBerry Development Advisor

Please refrain from posting new questions in solved threads.
Problem solved? Click the Accept As Solution button.
Found a bug? Report it using Issue Tracker
Developer
Posts: 425
Registered: ‎03-17-2011
My Device: Developer
My Carrier: Telus

Re: Permissions API request

I think it would also be helpful if the developer could specify why they needeach permissions in the blackberry-tablet..xml file. This would make the permissions dialog just a little bit less intimidating.

_________________________
In the dark and need a sky map?
Discover What's up at App World.
Follow What's up on Facebook

BlackBerry Development Advisor
Posts: 172
Registered: ‎10-25-2010
My Device: Not Specified

Re: Permissions API request

Giving applications the ability to specify the reason opens the door for spoofing and misleading the user on how what the application can do.

 

Take the example that Jon outlined in the orginal post.

 

It asks for access to the internet because it wants to connect to DropBox.

 

But I have forgotten about giving it access to the shared directory because it has been a while since I allowed permission.

 

Now the application is free to upload all of my files to a secondary server without my knowledge, which is very bad. This is just one simple example, but I am sure you can see that an application could over time start asking for individual permissions and then after some use have acess to more then the user would be willing to give if they saw them all up front.

 

I do not disagree with you that it would be useful, but there are security and privacy concerns to take into account.

 

There may be a comprise to all of this, but I will leave that up to the security team to decide.

 

Highlighted
Developer
Posts: 1,280
Registered: ‎03-03-2011
My Device: Playbook, Z10, Q10, Z30 with Files & Folders and Orbit of course
My Carrier: Vodafone

Re: Permissions API request

Good point, perhaps a compromise would be to give the user an option to view all granted permissions alongside the new permission request (a "what other permissions have I given this app?" button),

 

One of the problem with the current "one time only" method is psychological: the curiosity or the need for a solution "right now"  influences the judgement of 90% of all users much more than any security concerns. They have other things on their mind at that moment. How many times have you seen a user click away an error message without reading it , simply because their mind was elsewhere? For some users it's second nature to automatically click "OK" as soon as they hear a "ding" sound. The same is true for all those license agreement/terms of use screens that nobody reads.

 

So most users will just go ahead and click OK because they are curious or in a hurry. If the list of permissions is bloated, a few users may wonder why but will probably still go ahead and grant them.

 

Another problem is that most users are not programmers or security experts and don't relate permissions to features. What can  geo be used for? What's the harm of accessing the internet? Does this app need to access shared storage? Is it going to save something there for me (yes please!), or is it going to upload my files to China (no thanks, sorry China!)? These are things that simply do not occur to most users. They assume the app vendor knows best and has a good reason, especially if they don't know the app yet.

 

For example: the user is very excited that he/she has found a Facebook app. He installs the app and may be one of the few who even reads the permissions dialog and wonders:

 

Why does Facebook need my geo? Is it going to track me? Or offer localized search? Suggest friends in my hometown? Adjust its advertising? Send it to the mafia? Dunno,  probably needs it for doing something really, really cool. OK then, I'll have to, because I really, really want Facebook!

 

Now, if the request for a permission is a direct consequence of an action taken in the app, then the user knows the context of the permission request, has probably already used the app for a while and has an idea about its trustworthyness:

 

I tapped "check in" so Facebook needs to access my geo. OK, makes sense.

 

or

 

I tapped "Google Docs" so Files & Folders wants to access the internet. Yes, please, but only this once.

 

Of course it could still be misused for tracking, advertising, spying etc. but its much better than what we have today.

 

To be honest, I've never tapped "deny" and can't even remember what I've granted to which app. And I expect that is true for most users.

 

Files & Folders, the unified file & cloud manager for PlayBook and BB10 with SkyDrive, SugarSync, Box, Dropbox, Google Drive, Google Docs. Free 3-day trial! - Jon Webb - Innovatology - Utrecht, Netherlands
Developer
Posts: 425
Registered: ‎03-17-2011
My Device: Developer
My Carrier: Telus

Re: Permissions API request


webbsites wrote:

Good point, perhaps a compromise would be to give the user an option to view all granted permissions alongside the new permission request (a "what other permissions have I given this app?" button),

 

To be honest, I've never tapped "deny" and can't even remember what I've granted to which app. And I expect that is true for most users.

 


My comment was prompted by a rather heated discussion at crackberry.com about an individual who denied access to the file system and then complained that the app did not work properly. Many uses are intimidated by the current dialog which "demands" access for no apparent reason and "expects" an instanstant decision before the app can even present a help screen or more friendly introduction upon first use.

_________________________
In the dark and need a sky map?
Discover What's up at App World.
Follow What's up on Facebook