Permissions

Guide to Implementing and Handling Runtime Permissions for Location in Your Android SDK (CafSmartAuth)

In Android, certain permissions, especially those related to sensitive data like location, require runtime approval from users. This guide explains how to check and request location permissions programmatically in your SDK, CafSmartAuth, using the checkPermissionStatus function provided below.

Why CafSmartAuth Requires Location Permissions

CafSmartAuth requires access to the user’s location as part of its fraud prevention features, ensuring an additional layer of security by verifying location-based information. Android distinguishes between two types of location access, allowing users to control the precision of the location data they share:

ACCESS_FINE_LOCATION: Required for precise location information from GPS, which is essential for detecting potentially fraudulent activities with high accuracy.
ACCESS_COARSE_LOCATION: Provides approximate location data based on Wi-Fi and cellular networks, suitable for basic location checks.

With these permission levels, users can provide the minimum required access for fraud prevention, while CafSmartAuth ensures compliance with Android's data privacy practices.

Step-by-Step: Adding and Using `checkPermissionStatus`

Add Permissions to the Manifest
In your app's AndroidManifest.xml, include both location permissions:
```
<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" />
```
These manifest declarations allow the app to request these permissions but don’t automatically grant them.
Define a Request Code Constant
To identify the permission request, use a constant for the request code:
```
 companion object {
     private const val REQUEST_CODE = 1234
 }
```

Create and Use checkPermissionStatus to Handle Permissions

The checkPermissionStatus function checks if permissions have been granted and, if not, requests them from the user. This is essential for compliance with Android’s runtime permission model introduced in Android 6.0 (API level 23).

Here’s the code and an explanation of how it works:

 private fun checkPermissionStatus() {
     // Check for ACCESS_FINE_LOCATION permission
     if (ContextCompat.checkSelfPermission(
             this,
             Manifest.permission.ACCESS_FINE_LOCATION
         ) != PackageManager.PERMISSION_GRANTED
     ) {
         // Request the ACCESS_FINE_LOCATION permission if it hasn't been granted
         ActivityCompat.requestPermissions(
             this,
             arrayOf(Manifest.permission.ACCESS_FINE_LOCATION),
             REQUEST_CODE
         )
     }

     // Check for ACCESS_COARSE_LOCATION permission
     if (ContextCompat.checkSelfPermission(
             this,
             Manifest.permission.ACCESS_COARSE_LOCATION
         ) != PackageManager.PERMISSION_GRANTED
     ) {
         // Request the ACCESS_COARSE_LOCATION permission if it hasn't been granted
         ActivityCompat.requestPermissions(
             this,
             arrayOf(Manifest.permission.ACCESS_COARSE_LOCATION),
             REQUEST_CODE
         )
     }
 }

ContextCompat.checkSelfPermission: This checks if the app has a specific permission. If the permission isn’t granted, it returns PackageManager.PERMISSION_DENIED.
ActivityCompat.requestPermissions: Requests the specified permission(s) from the user, displaying a system dialog for approval.

Handle the Permission Result

When requesting permissions, you can handle the result in onRequestPermissionsResult to manage user responses appropriately.

 override fun onRequestPermissionsResult(
     requestCode: Int,
     permissions: Array<out String>,
     grantResults: IntArray
 ) {
     super.onRequestPermissionsResult(requestCode, permissions, grantResults)
     if (requestCode == REQUEST_CODE) {
         if ((grantResults.isNotEmpty() && grantResults[0] == PackageManager.PERMISSION_GRANTED)) {
             // Permission was granted.
         } else {
             // Permission was denied.
         }
     }
 }

Call checkPermissionStatus at the Right Time
You might want to call checkPermissionStatus within onResume or when location functionality is triggered, ensuring permissions are checked before they’re needed.

Last updated 2 months ago

private fun checkPermissionStatus() { // Check for ACCESS_FINE_LOCATION permission if (ContextCompat.checkSelfPermission( this, Manifest.permission.ACCESS_FINE_LOCATION ) != PackageManager.PERMISSION_GRANTED ) { // Request the ACCESS_FINE_LOCATION permission if it hasn't been granted ActivityCompat.requestPermissions( this, arrayOf(Manifest.permission.ACCESS_FINE_LOCATION), REQUEST_CODE ) } // Check for ACCESS_COARSE_LOCATION permission if (ContextCompat.checkSelfPermission( this, Manifest.permission.ACCESS_COARSE_LOCATION ) != PackageManager.PERMISSION_GRANTED ) { // Request the ACCESS_COARSE_LOCATION permission if it hasn't been granted ActivityCompat.requestPermissions( this, arrayOf(Manifest.permission.ACCESS_COARSE_LOCATION), REQUEST_CODE ) } }

override fun onRequestPermissionsResult( requestCode: Int, permissions: Array<out String>, grantResults: IntArray ) { super.onRequestPermissionsResult(requestCode, permissions, grantResults) if (requestCode == REQUEST_CODE) { if ((grantResults.isNotEmpty() && grantResults[0] == PackageManager.PERMISSION_GRANTED)) { // Permission was granted. } else { // Permission was denied. } } }

Guide to Implementing and Handling Runtime Permissions for Location in Your Android SDK (CafSmartAuth)

Why CafSmartAuth Requires Location Permissions

Step-by-Step: Adding and Using checkPermissionStatus

Guide to Implementing and Handling Runtime Permissions for Location in Your Android SDK (CafSmartAuth)

Why CafSmartAuth Requires Location Permissions

Step-by-Step: Adding and Using checkPermissionStatus

Step-by-Step: Adding and Using `checkPermissionStatus`

Step-by-Step: Adding and Using `checkPermissionStatus`