问题
How does I determine which permissions should I ask at runtime and which one is 'enough' to have declared in the manifest?
回答1:
From the documentation:
System permissions are divided into two categories, normal and dangerous:
Normal permissions do not directly risk the user's privacy. If your app lists a normal permission in its manifest, the system grants the permission automatically.
Dangerous permissions can give the app access to the user's confidential data. If your app lists a normal permission in its manifest, the system grants the permission automatically. If you list a dangerous permission, the user has to explicitly give approval to your app.
See the documentation on normal permissions and dangerous permissions for more details.
回答2:
Dangerous permissions should ask in runtime, normal enough in manifest. List of dangerous and normal permissions you can see here.
From docs:
System permissions are divided into several protection levels. The two most important protection levels to know about are normal and dangerous permissions:
Normal permissions cover areas where your app needs to access data or resources outside the app's sandbox, but where there's very little risk to the user's privacy or the operation of other apps. For example, permission to set the time zone is a normal permission. If an app declares that it needs a normal permission, the system automatically grants the permission to the app. For a full listing of the current normal permissions, see Normal permissions.
Dangerous permissions cover areas where the app wants data or resources that involve the user's private information, or could potentially affect the user's stored data or the operation of other apps. For example, the ability to read the user's contacts is a dangerous permission. If an app declares that it needs a dangerous permission, the user has to explicitly grant the permission to the app. Special Permissions There are a couple of permissions that don't behave like normal and dangerous permissions. SYSTEM_ALERT_WINDOW and WRITE_SETTINGS are particularly sensitive, so most apps should not use them. If an app needs one of these permissions, it must declare the permission in the manifest, and send an intent requesting the user's authorization. The system responds to the intent by showing a detailed management screen to the user.
For details on how to request these permissions, see the SYSTEM_ALERT_WINDOW and WRITE_SETTINGS reference entries.
回答3:
You should always put every permission you want access to in the Manifest. Devices before Android Marshmallow cannot handle runtime permissions, so unless you are targeting only Marshmallow and above, this part is important.
You do not need to ask at runtime for any "Normal Permissions". Only permissions designated as "dangerous" are not given automatically.
回答4:
If you're targeting Android Marshmallow and above, you've to request for dangerous permissions at runtime. You can find the list here. You should also read this.
来源:https://stackoverflow.com/questions/46588221/which-permissions-should-i-ask-at-runtime-and-which-i-dont-have-to-ask-runtime