READ_ / WRITE_EXTERNAL_STORAGE permissions / app-Specific (Private) External Storage

Hello especially to the developers,

for several reasons I want to switch from App Inventor to Kodular. Unfortunately, Kokular also has a permission issue (READ_WRITE_EXTERNAL_STORAGE) when saving to an app-specific folder. I have already posted this issue in the App Inventor Forum, but have not received a satisfactory answer.
I would like to save files in the so-called “app-specific (private) external storage”. According to Google, this does not require READ_ / WRITE_EXTERNAL STORAGE permissions.

The path of the app-specific (private) external storage is:
/storage/emulated/0/Android/data/packageName/files

The File component requires READ_ / WRITE_EXTERNAL STORAGE. Therefore, the permission must be denied or previously removed from the Manifest. These permissions should only be needed if you want to save to a non-app-specific directory.

Steps to test the app (API ≥ 19 !):

  1. Download AIA
    TestFile.aia (54.9 KB)

  2. Open AIA with Kodular or download the APK from here:
    TestFile.apk (4.2 MB)

  3. (Create APK) install APK and open the app
    If a permission is requested, deny it. (Error: 2103 may pop up)
    Do nothing else!

  4. Check if the app-specific (private) external storage folder has been created on your device:
    Android - data - packageName - files
    (If the device has a MicroSD card, the directory should also be created on this SD card)

Note: If the folder was created, ask yourself how it was possible because you had previously denied the permission. (But actually it should be exactly like that, because you wrote in an app-specific folder.)

check if the folder “files” is empty (probably it is empty)

  1. Press the “save file …” button
    If a permission is required, deny it. (probably you don’t get a query)
    Anyway, check if the file “priv.txt” is created in the folder “files”:
    Android - data - packageName - files - priv.txt (result is probably: yes)

  2. Click on the “read file …” button
    Deny permission! Message: "Error: 908: The permission READ … has been denied … "

  3. Grant permission
    now everything should work as it should do without these permissions

  4. Uninstall the app
    check if the app-specific (private) directory has been deleted. This is an indication that this is an app-specific (private) directory.

On App Inventor and Thunkable I get similar issues. Only on AppyBuilder the app runs without permissions correctly.

Therefore, I assume that there is a bug here with Kodular. The app-specific (private) external storage may NOT be declared correctly; see Google Developer Documentation:
“Also starting in API level 19, this permission is not required to read / write files in your application-specific directories returned by Context.getExternalFilesDir (String) and Context.getExternalCacheDir ().”

Thanks and regards,
Anke

5 Likes

Why you need to write data without permission? Almost every app requires that. Also writing data without permission and information is not secure for users. With permissions, user can know what will app to do.

Also whatever you do, your app probably will need to write data. TinyDB, File component etc.

1 Like

I would like to get along without the permission READ_ / WRITE_EXTERNAL_STORAGE. For this, Google has given the opportunity to save in an app-specific directory.

There are many misconceptions about the terms Internal Storage and External Storage. Here is a very good overview on this topic:
Android Read Write External Storage File Example.

Here are the blocks of my test app:

Anke

4 Likes

thank you very much for bringing this up

now with the Google permission system obviously each app developer will try to use as less permissions as necessary

and reading from/writing to the app-specific (private) external storage folder does not need any permissions.
/storage/emulated/0/Android/data/<packageName>/files

https://developer.android.com/reference/android/Manifest.permission.html#READ_EXTERNAL_STORAGE

Unfortunately App Inventor:appinventor: as well as @Kodular :kodular: currently does not consider this exception. Therefore this should be updated accordingly not only for the file component, but also for other components which currently require READ_ / WRITE_EXTERNAL STORAGE permissions.

Taifun

11 Likes

I do not understand why this really good question is not answered.

Almost everyone hates permissions. The user as well as the developer. Permissions certainly have their meaning and privacy authorities may love these permissions. But if you can avoid them where they do not make sense and are not needed, it would be great.

4 Likes

Is there any reason why I do not get a response from Kodular for this issue?
I am sure that many are interested in a solution.

Anke

8 Likes

@KodularCreator can you check this guys?

3 Likes

5 posts were split to a new topic: I would like to have a .apk that does not need any permissions

any help would be appreciated :slight_smile:

Is there a solution in the meanwhile, which works without the specific permission? :slightly_smiling_face:

1 Like

Would that be nice.
(Schön wär’s. :wink:)

2 Likes

Having few permissions is an honorable goal, which Kodular should also prescribe. Otherwise, I expect - if I am entitled to - a plausible reason why it has to be the way it is

1 Like

This post was flagged by the community and is temporarily hidden.

Has anyone heard anything about this ever being resolved? I have received a few one star reviews on Play Store for my otherwise highly rated app purely because people take exception to the requirement for the the storage permission to be given for an app which, realistically, should have no such permission requirement. Words such as “snoopware” are being used and it is difficult to explain or justify the reason to the reviewers.

meanwhile the workaround is to modify the manifest…


Taifun

2 Likes

Hi,
I deleted the following two permissons from the manifest:
<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE"/>
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE"/>

Then I want to store files in app-specific (private) external storage folder by the file-component.

My question is: What pathes are needed for the “?” in the following two blocks to store files in app-specific (private) external storage folder without permission?

blocks
blocks2

I tested the following pathes:

/storage/emulated/0/Android/data/packageName/files
storage/emulated/0/Android/data/packageName/files
/Android/data/packageName/files
Android/data/packageName/files

I got an error for each one of this four pathes that write-permission is needed, but as I said, I deleted these permissions from the manifest. (Of course I changed packageName to my package-name).

I tested it on Android 6.0.1 and Android 8.0.0.

What I’m doing wrong? :dizzy_face:

use the file extension and the CreateApplicationSpecificDirectory method to create the directory and the ApplicationSpecificDirectory method to get the directory
https://puravidaapps.com/file.php

Taifun
PS: there are also other extensions which are able to do it…

2 Likes

Thanks :slightly_smiling_face:

Instead of using the File component which (falsly) requires WRITE / READ permission even for the ASD, use the EFile extension (that doesn’t require READ / WRITE permission for the ASD).

Note: There is no need to create the ASD because this is done automatically by Kodular.

1 Like