Closed aper-project closed 4 years ago
As this app is a utility that is intended to be used in a manner where the user is never looking at the screen when then app is working, all permissions must be accepted the first time you open it. I did not go through all the work to request permissions as needed since the user won't even be looking at the screen then. The user must accept all permission requests right when they first open the app. Otherwise, it will just crash. So, I do not plan to address this issue.
Issue description
Hi, in a2dpvolume v2.13.0.2, we found a dangerous API usage (https://github.com/jroal/a2dpvolume/blob/master/app/src/main/java/a2dp/Vol/StoreLoc.java#L796) which requires Manifest.permission.ACCESS_COARSE_LOCATION or Manifest.permission.ACCESS_FINE_LOCATION in accordance to the Android official documentation (https://developer.android.com/reference/android/location/LocationManager).
However, it seems that it missed the “request” operation in the following call chain starting from the StoreLoc.registerListeners() activity if permission is not granted.
This will cause the location permission dependent API to be unavailable, and the functions related to this API will not be available to users, resulting in bad user experience.
@jroal Could you help me review this issue? Thx