Search code examples
androidandroid-contentprovider

Getting permission denial while reading content provider using a custom permission

I have two different apps. App A defines a custom permission and a content provider which needs the defined custom permission. App B uses that permission and tries to access the content provider of App A. However, I get the following error:

java.lang.SecurityException: Permission Denial: reading com.casimirlab.simpleDeadlines.provider.DeadlineProvider uri content://com.casimirlab.simpleDeadlines.provider/deadlines from pid=17350, uid=10070 requires com.casimirlab.simpleDeadlines.READ_DEADLINE_DATABASE, or grantUriPermission()

AndroidManifest.xml for App A:

<Permission
android:name="com.casimirlab.simpleDeadlines.READ_DEADLINE_DATABASE"
android:protectionLevel="normal">
</Permission>

<uses-permission android:name="com.casimirlab.simpleDeadlines.READ_DEADLINE_DATABASE" />

...

<provider
        android:name=".provider.DeadlineProvider"
        android:authorities="com.casimirlab.simpleDeadlines.provider"
        android:readPermission="com.casimirlab.simpleDeadlines.READ_DEADLINE_DATABASE"
        android:exported="true"
        android:grantUriPermissions="true" />

AndroidManifest.xml for App B:

<uses-permission android:name="com.casimirlab.simpleDeadlines.READ_DEADLINE_DATABASE" />

Query code in App B:

Uri uri = Uri.parse("content://com.casimirlab.simpleDeadlines.provider/deadlines");
ContentResolver cr = getContentResolver();
Cursor cursor = cr.query(uri, null, null, null, null);

I am using following versions for both apps.

compileSdkVersion 23
buildToolsVersion '25.0.0'

minSdkVersion 10
targetSdkVersion 23

I also know the order of app installations. I first install App A and then App B.

I've read other related questions but their solutions didn't help me.

Solution

  • Rework your permission declaration, XML is case sensitive:

    <manifest xmlns:android="http://schemas.android.com/apk/res/android"
          package="com.casimirlab.simpleDeadlines">

    <permission android:name="com.casimirlab.simpleDeadlines.READ_DEADLINE_DATABASE"
                android:protectionLevel="normal" />
    ...
</manifest>

    You might consider declaring the protection level "dangerous", requiring user confirmation to allow it (and on newer version of Android requiring the newer permission handling.)