Update for Google's Permission policy update #183
Comments
|
Chiming in here. I read the announcement the same way |
|
hello @crabbydavis, Thanks for opening this issue. I agree that we have to do something about this. Do you have time to do some testing on your side? After reading this help page, this is what I understand:
This code https://github.com/cordova-sms/cordova-sms-plugin/blob/master/src/android/Sms.java#L51-L55 is supposed to the job (i.e. don't request the permission if INTENT). The If you remove the line from the plugin.xml, do you still have the warning? |
|
I too got an email from Google saying that my apps currently in the Play Store must not require the SEND_SMS permission or else.... I think @dbaq is on the right track. I reckon the code is already pretty much doing what Google wants it to do. It us just unnecessarily insisting on the user having the SEND_SMS permission. It seems this is not required, when just opening the SMS dialog on the device. Happy to help with testing -- will get back soon. PS: is the permission READ_PHONE_STATE (from plugin.xml) required? |
|
hey @RikdeBoer, thanks for your feedback. Can you try that and let me know please?
About that:
I added this permission about 4years ago and I wrote in the commit message the following: |
|
Thanks @dbaq EDIT: made a mistake --the code I tested, didn't use this plugin, ignore comment below. I've installed the above Sms.java and removed the SEND_SMS permission from the plugin.xml. EDIT: made a mistake --the code I tested, didn't use this plugin. |
|
Did you also remove the Android uses permission from manifest only below version 5.1.1, from this page
Proposition:
Thoughts? |
|
Oops.... I've just realised that the app I was testing on just uses the "SMS:" protocol to activate the SMS native dialog. So it doesn't use this plugin. The plugin is used in another app of ours, which I'm currently not working on. So I can't really comment on whether the new version of the plugin works or not. Sorry, my bad. Have adjusted my comment above. PS: you don't want to target anything below API lvl 26, because of this: Google announcement regarding Play Store: https://developer.android.com/distribute/best-practices/develop/target-sdk |
|
My two cents, we've submitted our exemption form as we use SMS for automating the sending of invoices and similar documents. This appears to be covered in there list of exemptions, so we should be able to continue using the SMS_SEND permission and sending without the native SMS dialog. We'll see though :o)
|
|
Good for you. It sure depends on your use of the SMS. I am still looking for someone to do some testing: #183 (comment) |
|
@dbaq, I'm happy to test. Tell me how. |
|
hey @amjadyahya, thanks for helping. Can you please remove the two permissions ( |
|
@dbaq, I have removed the two permissions (SEND_SMS and READ_PHONE_STATE ) from the plugin.xml, used intent: 'INTENT'. |
|
I did not eliminate the permissions, but I used the INTENT and we were able to send the SMS, however it should not be a long-term solution, in my case, there is no problem for the user to click on the send button. I imagine there will be some cases where we do not want that. Thanks for yours comments. Greetings from Venezuela. |
|
Received a similar message on an app my company has. Curious if adding the ( android:required="false" ) to the plugin.xml file in conjunction with adding the option for "intent" will satisfy the Google Play Store or if the reference to "uses-permissions …" needs to be omitted all together to pass their new security guidelines. I tested both on a device and sending a text still functions. |
|
Hello, Thanks! |
|
@dbaq thank you for looking into this. Google requires that SEND_SMS sending permission to be removed by Jan 9. Do you have an ETA when you think a fix will be available? I am happy to help with testing. |
|
hey @tigrannajaryan, thanks for your post.
|
Yes, please see https://support.google.com/googleplay/android-developer/answer/9047303
Do I understand it correct that you will accept a PR which fixes this? If yes then I can have a look into it although I have never touched cordova plugins before. |
|
Thanks for the link. I am going to do it in the next hour, would love some testing right after. |
|
Thank you. I am not sure I will be able to test it before Monday, but will see what I can do. |
|
@everyone It is fixed on master, please test by pulling the latest version of the plugin:
I'll publish the new version to npm in a few days if everything is ok. EDIT: To test:
|
|
Thanks, testing now. |
|
@dbaq I tested using latest
I did not test without an INTENT since I do not have a corresponding path in my app. Testing publishing in Play Store will take a bit more time. |
I am trying to do 0 info it worked if it ends with ok any idea what is going on? it seemed to have started that when i did a remove command to remove the plugin. the command froze, i git works fine on other projects. |
|
@dbaq I have also tested using latest master. It is working for me. This seems to have solved the Google Permission Restriction by switching to using INTENT. |
|
never mind my previous message about the error, all good now. @dbaq I tested on android and works as expected. back button returns back to my app. |
|
@dbaq, Ah, I see. Thanks. |
|
I did all steps above (remove old cordova-sms-plugin, remove the permissions from AndroidManifest.xml, add new cordova-sms-plugin) but if I build or release my application there are still |
|
I followed the steps. Confirmed nothing is showing on manifest file. Uploaded to play store, and got that same email a few days ago.
I’m not sure what to do. But something tells me this is just a warning email and not representative of what the app manifest resembles. Because there is nothing about sms in the manifest.
…Sent from my iPhone
On 5 Jan 2019, at 21:53, MirekV <[email protected]<mailto:[email protected]>> wrote:
I did all steps above (remove old cordova-sms-plugin, remove the permissions from AndroidManifest.xml, add new cordova-sms-plugin) but if I build or release my application there are still
the permissions in AndroidManifest.xml.
When I removed 2 lines of permissions from platforms/android/android.json then there are no permissions in AndroidManifest.xml anymore.
{
"xml": "<uses-permission android:name="android.permission.SEND_SMS" />",
"count": 1
},
{
"xml": "<uses-permission android:name="android.permission.READ_PHONE_STATE " />",
"count": 1
},
PS: I released my app to Google Play store 2 hours ago but in Google Play Console is still the warning message about using sms permission.
Do anybody know when it will disappear the warning message? Or I need to do any action like send a message to google support or something like that?
Thank you.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub<#183 (comment)>, or mute the thread<https://github.com/notifications/unsubscribe-auth/ARPKp10tz7AzphbqTP6kGKbtdF1vWVosks5vAK5egaJpZM4YnA4P>.
|
|
The warning goes away once your updated apk goes live.
Also, these permissions might be a result of another plugin. Check all of your plugin.xml files.
… On Jan 5, 2019, at 7:35 PM, Ramy ***@***.***> wrote:
I followed the steps. Confirmed nothing is showing on manifest file. Uploaded to play store, and got that same email a few days ago.
I’m not sure what to do. But something tells me this is just a warning email and not representative of what the app manifest resembles. Because there is nothing about sms in the manifest.
Sent from my iPhone
On 5 Jan 2019, at 21:53, MirekV ***@***.******@***.***>> wrote:
I did all steps above (remove old cordova-sms-plugin, remove the permissions from AndroidManifest.xml, add new cordova-sms-plugin) but if I build or release my application there are still
the permissions in AndroidManifest.xml.
When I removed 2 lines of permissions from platforms/android/android.json then there are no permissions in AndroidManifest.xml anymore.
{
"xml": "<uses-permission android:name="android.permission.SEND_SMS" />",
"count": 1
},
{
"xml": "<uses-permission android:name="android.permission.READ_PHONE_STATE " />",
"count": 1
},
PS: I released my app to Google Play store 2 hours ago but in Google Play Console is still the warning message about using sms permission.
Do anybody know when it will disappear the warning message? Or I need to do any action like send a message to google support or something like that?
Thank you.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub<#183 (comment)>, or mute the thread<https://github.com/notifications/unsubscribe-auth/ARPKp10tz7AzphbqTP6kGKbtdF1vWVosks5vAK5egaJpZM4YnA4P>.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub <#183 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AdrAoqbxEXk8e2PIU5908Qd8GoNjxhHUks5vAW8agaJpZM4YnA4P>.
|
|
Where was the warning message on the google play console? I tried looking the other time I didn’t find it. Maybe I missed it.
…Sent from my iPhone
On 6 Jan 2019, at 17:31, MirekV <[email protected]<mailto:[email protected]>> wrote:
I did all steps above (remove old cordova-sms-plugin, remove the permissions from AndroidManifest.xml, add new cordova-sms-plugin) but if I build or release my application there are still
the permissions in AndroidManifest.xml.
When I removed 2 lines of permissions from platforms/android/android.json then there are no permissions in AndroidManifest.xml anymore.
{ "xml": "<uses-permission android:name=\"android.permission.SEND_SMS\" />", "count": 1 },
{ "xml": "<uses-permission android:name=\"android.permission.READ_PHONE_STATE \" />", "count": 1 },
PS: I released my app to Google Play store 2 hours ago but in Google Play Console is still the warning message about using sms permission.
Do anybody know when will it disappear the warning message? Or I need to do any action like send a message to google support or something like that?
Thank you.
The warning message disappeared in Google Play console today.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub<#183 (comment)>, or mute the thread<https://github.com/notifications/unsubscribe-auth/ARPKpxEZXwIMpspikWZj7ylRftvaFGkIks5vAcJbgaJpZM4YnA4P>.
|
|
dealing with the same stuff. I just upgraded the plugin and the SEND_SMS permission is now removed from my project:
However, @MirekV above, stated he removed both SEND_SMS and READ_PHONE_STATE....is read_phone_state required for this new google policy too? I didn't see that in my email. |
|
I am only reopening this issue so it can be easily accessible by other devs. |
|
Well, even using the latest version of cordova-android and manually targeting to the API 28 of the Android SDK (API 27 by default), it still does not work. cordova platform rm android
cordova platform add android@latestSo, for me, the |
|
Hi, I was wondering if anyone is having trouble getting their app approved by Google after updating to the new SMS plugin? I updated our app to use the new plugin and verified that SEND_SMS and READ_PHONE_STATE don't exist in AndroidManifest.xml and android.json. However, when adding the APK to a release the Permissions Declaration Form keeps appearing as though SEND_SMS was still specified. Also, the Google Play Console dashboard keeps saying "This app does not meet the Google Play permissions policy relating to the use of SMS or CALL_LOG". Neither SMS or CALL_LOG are in the list of required permissions in the APK (as viewed in the Google Play Console), so I don't get why it keeps presenting that Permissions Declaration Form. I would expect that that form wouldn't appear if the APK doesn't declare SEND_SMS. It's basically forcing me to say either "my app's core function is to send SMS messages and I need special permission to do that" or else "my app is not in compliance with the new SMS policy". If anyone has any ideas, I'd love to hear them. Thanks! |
|
It took a day or two for the warning to go away after I updated my APK. There was also one other plugin that requested these permissions for me, so double check.
… On Feb 14, 2019, at 4:21 PM, Jeff Berman ***@***.***> wrote:
Hi, I was wondering if anyone is having trouble getting their app approved by Google after updating to the new SMS plugin? I updated our app to use the new plugin and verified that SEND_SMS and READ_PHONE_STATE don't exist in AndroidManifest.xml and android.json. However, when adding the APK to a release the Permissions Declaration Form keeps appearing as though SEND_SMS was still specified. Also, the Google Play Console dashboard keeps saying "This app does not meet the Google Play permissions policy relating to the use of SMS or CALL_LOG".
Neither SMS or CALL_LOG are in the list of required permissions in the APK (as viewed in the Google Play Console), so I don't get why it keeps presenting that Permissions Declaration Form. I would expect that that form wouldn't appear if the APK doesn't declare SEND_SMS.
If anyone has any ideas, I'd love to hear them. Thanks!
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub <#183 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AdrAoue-opHrtVc4RkQcmLZm9OyOWeY-ks5vNf1-gaJpZM4YnA4P>.
|
|
@JeffBerman - also check that you don't have a legacy Alpha or Beta app lingering in the other sections. I too had the same issue above and it wasn't my new app I was submitting that was the problem, it was one of the old ones I still had in the Beta Channel but was no longer using. ALL listed versions in Alpha, Beta and Production must be compliant or you will get the error. Removing an Alpha or Beta is not an easy process either. In most cases there is no delete or deactivate button. What I had to do is load my new production version to the Beta channel...overriding the old one causing the problem...and then promote that version to Production. It took me a few hours to figure it out - it was quite frustrating. |
|
@rolinger - Thanks! That's exactly what I ended up doing yesterday. So now, the Internal test track has the newest APK, and the Alpha and Beta tracks have been promoted to production. And Production has the latest APK too, of course. But it has been 15 hours or so and on the Dashboard page in the Google Play Console (not Release management -> Release dashboard, but the top-level Dashboard) it still has the warning message.
So maybe they're just running slow? Oh, and the Active Artifacts page only shows my new APK; everything else has been archived. And here are the permissions required by the APK: |
|
Well...as it says |
|
Looks like it just needed some time after loading every slot with the latest APK. The non-compliance warning message has gone away and stayed away for a few days now. Thanks! |
|
Hello, We are targeting android sdk 26. Any suggestions please? Thanks! |
|
For me it wasn’t the actual build, it was an old alpha test track I had with old build of Cordova sms that play store was flagging, they aren’t good at specifying which stream violates it.
Hope it helps.
…Sent from my iPhone
On 26 Mar 2019, at 08:49, mobileDev2020 <[email protected]<mailto:[email protected]>> wrote:
Hello,
I am trying to meet this Playstore requirement for our app. We build our apk using phonegap build which fetches the plugin from npm , when I built after this issue was published and released to Playstore, Google still complains we are not compatible.
We are targeting android sdk 26.
Any suggestions please?
Thanks!
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub<#183 (comment)>, or mute the thread<https://github.com/notifications/unsubscribe-auth/ARPKp2taHjVivtX-2f7JzHR7neeAAC4_ks5vaW6wgaJpZM4YnA4P>.
|
|
Closing this one. The issue will remain pinned on the issue page. |
"Only an app that has been selected as a user's default app for making calls or text messages will be able to access call logs and SMS, respectively.... SMS Intent enables you to initiate an SMS or MMS text message to share content or invitations."
If I'm understanding the documentation correctly, this plugin should no longer request for sms permissions but should create an ACTION_SEND Intent in order for us to be able to send text messages using our apps still.
The text was updated successfully, but these errors were encountered: