Android always has been cursed for its privacy issues.
Before Marshmallow, android devices were like open and easy prey available to be hunted.
An immense amount of user data has been leaked out without the user’s understanding.
Later, after the Marshmallow release, at least users were shown permissions of the apps they were using.
Still, Users were unaware of the permissions they allowed.
Considering permission. android.permission.WRITE_EXTERNAL_STORAGE
If the User allows this permission, the application will be in full authority to create, update, delete any files on its internal as well external storage device.
Considering such issues and many more, Android R (11) has taken a step towards privacy and has been continuing its work for fewer privacy issues.
Google has placed deadlines to be taken into effect by August 2021.
New apps must target at least Android 11 (API level 30)
Android R (11) has restricted developers to access user files and allows only if apps follow the following ways.
– Scoped storage –
Scoped storage brings two major changes. Developers no longer have access to a file via its path. Instead, you need to use via “Uri“. Second, if you want to change a file not created by your app, you need to ask the user for permission. Scoped storage was introduced in android 10 but developers can opt-out using the below flag. (i.e. Individual File access)requestLegacyExternalStorage = true
Developers can opt-out from scoped storage by declaring the above flag in app’s Android Manifest file while in any android R above flag is ignored.
There are two ways one can access files, MediaStore API that allows you to query the device for images, videos, and audio, other ways is using Storage access framework.
By firing one of the below intents,
Using action ACTION_OPEN_DOCUMENT or ACTION_OPEN_DOCUMENT_TREE, respectively. Where the user will be asked for permissions per-directory access if ACTION_OPEN_DOCUMENT_TREE and for ACTION_OPEN_DOCUMENT user can copy and manipulate files in public folders (Download and Document)
– Access to Only Media files.
There might be a scenario where you may only request for media files and not, Non-media files for such scenarios developer can only request the below permission instead of WRITE_EXTERNAL_STORAGE
– Request access to overall files. (Google Approval Required)
<uses-permission android:name="android.permission.MANAGED_EXTERNAL_STORAGE"/>
The above permission is asking the user to allow access to overall storage devices. Applications like antivirus, file manager are eligible to ask, However, if your app requires this permission you will have to explain to google why it’s needed, and depending on use cases Google might reject or approve.
Example for using MediaStore api. where one can query media files using selection args and clauses to retrieve a media file’s URI
val projection = arrayOf(media-database-columns-to-retrieve)
val selection = sql-where-clause-with-placeholder-variables
val selectionArgs = values-of-placeholder-variables
val sortOrder = sql-order-by-clause
applicationContext.contentResolver.query(
MediaStore.media-type.Media.EXTERNAL_CONTENT_URI,
projection,
selection,
selectionArgs,
sortOrder
)?.use { cursor ->
while (cursor.moveToNext()) {
// Use an ID column from the projection to get
// a URI representing the media item itself.
}
}
Summary
Uri fetched from the above operations can be used as per requirements. You can find complete operations for Shared, Scoped related examples here.
Happy Coding.
Josh Software 