Project

General

Profile

Bug #478

Implement scoped storage with API 29

Added by Dazed Dazed about 2 months ago. Updated 16 days ago.

Status:
New
Priority:
3.x
Start date:
07/23/2019
Due date:
% Done:

0%

Estimated time:

Description

According to the android documentation it should be possible to provide all necessary storage functions without 'storage' permission by using the Storage Access Framework(SAF).

I think using the ACTION_CREATE_DOCUMENT & ACTION_OPEN_DOCUMENT intents should provide all required functionality.

I've never seen a browser that uses ACTION_CREATE_DOCUMENT for downloads, all require storage permission to download files, which I find disappointing.

https://developer.android.com/guide/topics/providers/document-provider

It may be necessary to keep storage permission for support of versions earlier than Android 4.4, but ideally the app would never ask users for storage permission when using newer versions.

Android Q brings scoped storage which gives big improvements for shared storage privacy. It will be compulsory in R. Apps which use SAF will have smooth integration.

https://developer.android.com/preview/privacy/scoped-storage

History

#1

Updated by Dazed Dazed about 2 months ago

Implementing this should have the additional benefit that users can select alternative storage locations other than shared storage and avoid leaking all downloads to every app with storage permission.

I say this with slight hesitation as I think some functionality related to this is/was/may have been broken in AOSP/Android or some of the many forks, but I suspect things will improve with the focus on scoped storage, and it may just work for some now.

Checked out the functionality of your export function and found exporting to a location other than default gave an empty file.

#2

Updated by Soren Stoutner about 2 months ago

  • Subject changed from Avoid needing storage permission to Implement scoped storage with API 29
  • Assignee set to Soren Stoutner

I think you have misunderstood the Android documentation. Privacy Browser already uses the Storage Access Framework, both as a client and as a provider. For example, when importing and exporting settings, when clicking the Browse button, a Storage Access Framework request is sent to the system file picker using ACTION_OPEN_DOCUMENT for import and ACTION_CREATE_DOCUMENT for export. However, Privacy Browser isn't actually able to use the returned file path without the storage permission if the file path is outside the app directories.

Scoped storage is indeed an improvement on the situation, and I am intending to implement it in Privacy Browser, but the benefits will only be seen by users with devices running Android Q (API 29) or higher. However, as documented in the link on scoped storage, the file permissions will still be required.

#3

Updated by Soren Stoutner about 2 months ago

Also, a note on the commend about empty export files. If you use the Browse button to find an export file location, it calls ACTION_CREATE_DOCUMENT via the Storage Access Framework. When you select the file in the file browser, it creates that file with 0 bytes. If you have selected a file location that would require the storage permission, Privacy Browser will prompt for that permission. If it is denied, Privacy Browser displays an error message saying it can't write to that location, leaving that 0 byte file behind.

None of this is really a bug. Rather, it is the way Android storage works.

#4

Updated by Dazed Dazed 17 days ago

On LineageOS Oreo, using Twidere from Fdroid app store, without it having storage permission, I can save an image, viewed in Twidere, using the 'save to …' option in the menu to any location on the device.
Not got time to work out how they do this, but it works. Interested to know how, if you do explore.

#5

Updated by Soren Stoutner 16 days ago

I will take a look at Twidere and see if I can implement something similar.

Also available in: Atom PDF