& & &

For example, an activity could be protected as follows:

<manifest . . . >
    <permission android:name="com.example.project.DEBIT_ACCT" . . . />
    <uses-permission android:name="com.example.project.DEBIT_ACCT" />
    . . .
    <application . . .>
        <activity android:name="com.example.project.FreneticActivity"
                  android:permission="com.example.project.DEBIT_ACCT"
                  . . . >
            . . .
        </activity>
    </application>
</manifest>

Note that, in this example, the DEBIT_ACCT permission is not only declared with the <permission>element, its use is also requested with the <uses-permission> element. Its use must be requested in order for other components of the application to launch the protected activity, even though the protection is imposed by the application itself.

<permission-tree>

SYNTAX:

<permission-tree android:icon="drawable resource"
                 android:label="string resource" ]
                 android:name="string" />

CONTAINED IN:

<manifest>

DESCRIPTION:

Declares the base name for a tree of permissions. The application takes ownership of all names within the tree. It can dynamically add new permissions to the tree by callingPackageManager.addPermission(). Names within the tree are separated by periods ('.'). For example, if the base name is com.example.project.taxes, permissions like the following might be added:

com.example.project.taxes.CALCULATE 
com.example.project.taxes.deductions.MAKE_SOME_UP 
com.example.project.taxes.deductions.EXAGGERATE

Note that this element does not declare a permission itself, only a namespace in which further permissions can be placed. See the <permission> element for information on declaring permissions.

ATTRIBUTES:

android:icon

An icon representing all the permissions in the tree. This attribute must be set as a reference to a drawable resource containing the image definition.

android:label

A user-readable name for the group. As a convenience, the label can be directly set as a raw string for quick and dirty programming. However, when the application is ready to be published, it should be set as a reference to a string resource, so that it can be localized like other strings in the user interface.

android:name

The name that's at the base of the permission tree. It serves as a prefix to all permission names in the tree. Java-style scoping should be used to ensure that the name is unique. The name must have more than two period-separated segments in its path — for example,com.example.base is OK, but com.example is not.

INTRODUCED IN:

API Level 1

語法（SYNTAX）：

<permission-treeandroid:icon="drawable resource"
                 android:label="string resource" ]
                 android:name="string"/>

被包含於（CONTAINED IN）：

<manifest>

說明（DESCRIPTION）：

這個元素用於聲明權限樹的根節點名稱，應用程序持有樹中定義的所有權限名稱所對應的權限。通過調用PackageManager.addPermission()方法能夠動態的來添加新的權限。樹中的名稱是通過”.”來分離的。例如：如果跟節點的名稱是com.example.project.taxes，那麼可以使用下面的格式來添加權限：

com.example.project.taxes.CALCULATE
com.example.project.taxes.deductions.MAKE_SOME_UP
com.example.project.taxes.deductions.EXAGGERATE

要注意的是，這個元素本身並不聲明權限，它只是一個能夠放置更多權限的命名空間。關於聲明權限的更多信息，請看<permission>元素。

屬性（ATTRIBUTES）：

android:icon

這個屬性定義了一個代表樹中所有權限的圖標。這個屬性必須要引用一個包含圖片定義的可繪製資源來設置。

android:label

給權限樹定義一個用戶可讀的名稱。爲了開發應用程序方便，可以直接使用原生的字符串來設置這個屬性，但是，當正式發佈應用程序時，應該引用一個字符串資源來設置這個屬性，以便它能夠像用戶界面中的其他屬性一樣能夠被本地化。

android:name

這個屬性定義了權限樹根節點的名稱。它被用於樹中所有權限名稱的前綴。應該使用Java樣式命名規則，以確保名稱的唯一性。在命名中必須要有兩個以上的”.”來進行分離，例如：com.example.base是正確的，但com.example就是錯誤的。

被引入版本（INTRODUCED IN）

API Level 1

<permission-group>

SYNTAX:

<permission-group android:description="string resource"
                  android:icon="drawable resource"
                  android:label="string resource"
                  android:name="string" />

CONTAINED IN:

<manifest>

DESCRIPTION:

Declares a name for a logical grouping of related permissions. Individual permission join the group through the permissionGroup attribute of the <permission> element. Members of a group are presented together in the user interface.

Note that this element does not declare a permission itself, only a category in which permissions can be placed. See the <permission> element for element for information on declaring permissions and assigning them to groups.

ATTRIBUTES:

android:description

User-readable text that describes the group. The text should be longer and more explanatory than the label. This attribute must be set as a reference to a string resource. Unlike thelabel attribute, it cannot be a raw string.

android:icon

An icon representing the permission. This attribute must be set as a reference to a drawable resource containing the image definition.

android:label

A user-readable name for the group. As a convenience, the label can be directly set as a raw string while you're developing the application. However, when the application is ready to be published, it should be set as a reference to a string resource, so that it can be localized like other strings in the user interface.

android:name

The name of the group. This is the name that can be assigned to a <permission> element's<permissionGroup> attribute.

INTRODUCED IN:

API Level 1

<uses-permission>

Google Play Filtering

In some cases, the permissions that you request through <uses-permission> can affect how your application is filtered by Google Play.

If you request a hardware-related permission — CAMERA, for example — Google Play assumes that your application requires the underlying hardware feature and filters the application from devices that do not offer it.

To control filtering, always explicitly declare hardware features in <uses-feature>elements, rather than relying on Google Play to "discover" the requirements in <uses-permission> elements. Then, if you want to disable filtering for a particular feature, you can add aandroid:required="false"attribute to the <uses-feature>declaration.

For a list of permissions that imply hardware features, see the documentation for the <uses-feature> element.

SYNTAX:

<uses-permission android:name="string"
        android:maxSdkVersion="integer" />

CONTAINED IN:<manifest>DESCRIPTION:Requests a permission that the application must be granted in order for it to operate correctly. Permissions are granted by the user when the application is installed, not while it's running.

For more information on permissions, see thePermissions section in the introduction and the separate Security and Permissions document. A list of permissions defined by the base platform can be found at android.Manifest.permission.

ATTRIBUTES:

android:name

The name of the permission. It can be a permission defined by the application with the <permission>element, a permission defined by another application, or one of the standard system permissions, such as "android.permission.CAMERA" or "android.permission.READ_CONTACTS". As these examples show, a permission name typically includes the package name as a prefix.

android:maxSdkVersion

The highest API level at which this permission should be granted to your app. Setting this attribute is useful if the permission your app requires is no longer needed beginning at a certain API level.

For example, beginning with Android 4.4 (API level 19), it's no longer necessary for your app to request the WRITE_EXTERNAL_STORAGE permission when your app wants to write to its own application-specific directories on external storage (the directories provided bygetExternalFilesDir()). However, the permission is required for API level 18 and lower. So you can declare that this permission is needed only up to API level 18 with a declaration such as this:

<uses-permission
     android:name="android.permission.WRITE_EXTERNAL_STORAGE"
     android:maxSdkVersion="18" />

This way, beginning with API level 19, the system will no longer grant your app theWRITE_EXTERNAL_STORAGE permission.

INTRODUCED IN:API Level 1

<permission>

SYNTAX:

<permission android:description="string resource"
            android:icon="drawable resource"
            android:label="string resource"
            android:name="string"
            android:permissionGroup="string"
            android:protectionLevel=["normal" | "dangerous" | 
                                     "signature" | "signatureOrSystem"] />

CONTAINED IN:

<manifest>

DESCRIPTION:

Declares a security permission that can be used to limit access to specific components or features of this or other applications. See the Permissions section in the introduction, and the Security and Permissions document for more information on how permissions work.

ATTRIBUTES:

android:description

A user-readable description of the permission, longer and more informative than the label. It may be displayed to explain the permission to the user — for example, when the user is asked whether to grant the permission to another application.

This attribute must be set as a reference to a string resource; unlike the label attribute, it cannot be a raw string.

android:icon

A reference to a drawable resource for an icon that represents the permission.

android:label

A name for the permission, one that can be displayed to users.

As a convenience, the label can be directly set as a raw string while you're developing the application. However, when the application is ready to be published, it should be set as a reference to a string resource, so that it can be localized like other strings in the user interface.

android:name

The name of the permission. This is the name that will be used in code to refer to the permission — for example, in a <uses-permission> element and the permission attributes of application components.

The name must be unique, so it should use Java-style scoping — for example, "com.example.project.PERMITTED_ACTION".

android:permissionGroup

Assigns this permission to a group. The value of this attribute is the name of the group, which must be declared with the <permission-group> element in this or another application. If this attribute is not set, the permission does not belong to a group.

android:protectionLevel

Characterizes the potential risk implied in the permission and indicates the procedure the system should follow when determining whether or not to grant the permission to an application requesting it. The value can be set to one of the following strings:

Value	Meaning
"normal"	The default value. A lower-risk permission that gives requesting applications access to isolated application-level features, with minimal risk to other applications, the system, or the user. The system automatically grants this type of permission to a requesting application at installation, without asking for the user's explicit approval (though the user always has the option to review these permissions before installing).
"dangerous"	A higher-risk permission that would give a requesting application access to private user data or control over the device that can negatively impact the user. Because this type of permission introduces potential risk, the system may not automatically grant it to the requesting application. For example, any dangerous permissions requested by an application may be displayed to the user and require confirmation before proceeding, or some other approach may be taken to avoid the user automatically allowing the use of such facilities.
"signature"	A permission that the system grants only if the requesting application is signed with the same certificate as the application that declared the permission. If the certificates match, the system automatically grants the permission without notifying the user or asking for the user's explicit approval.
"signatureOrSystem"	A permission that the system grants only to applications that are in the Android system image or that are signed with the same certificate as the application that declared the permission. Please avoid using this option, as the signature protection level should be sufficient for most needs and works regardless of exactly where applications are installed. The "signatureOrSystem" permission is used for certain special situations where multiple vendors have applications built into a system image and need to share specific features explicitly because they are being built together.

INTRODUCED IN:

API Level 1