Galaxy Watch: Working With User Privacy-Related Permissions In Tizen .NET Applications

Galaxy Watch: Working With User Privacy-Related Permissions In Tizen .NET Applications

Armaan Ul Islam

User privacy and the protection of sensitive data have become important issues over the last several years. In response to this, Tizen Operating System has introduced runtime permission requests in Tizen 4.0 to facilitate a clearer vision on how applications deal with security-sensitive operations. In this article, I will discuss how to work with privacy-related permissions in a Tizen .NET application and will also provide helpful code snippets.


For security-sensitive operations, Tizen provides API-level access control to protect user privacy and ensure system stability. Applications that require sensitive APIs have to declare the required privileges in tizen-manifest.xml. You can check out the Security and API Privileges list to clarify whether or not the privilege you require is connected to user privacy.

Every privilege required by the app must be declared in the manifest, whether it’s privacy related or not. However, for privacy-related privileges you must request the user’s consent using the Privacy Privilege Manager API during application runtime; otherwise the desired API related to user privacy won’t perform the required operations.

Reminder: Request User Permission using the Privacy Privilege Manager API won’t function unless that privilege is first mentioned on the manifest.

Now that I’ve shared what privacy-related privileges are, let’s get into how to perform required operations. Suppose you want to develop a Tizen application that reads the heart rate of the user. Reading heart rate information requires the healthinfo privilege. The first thing to do is declare the healthinfo privilege in the manifest. This informs the user that this app requires privileges when they install the app from the store.

Healthinfo privilege is now a user-privacy-related privilege, which requires the user’s runtime consent. Simply declaring the privilege isn’t enough; it is necessary to request the user’s consent at runtime. I will discuss how to request this consent below.

Privacy Privilege Manager API offers the following features:

  • Checking current status for a privilege
  • Requesting privileges from user

Checking The Current Status Of A Privilege

You first need to check the current permission status of required privileges for this app. In order to accomplish this you will invoke a function to check a Tizen privilege. Checking for a privilege status returns one of these three states when there’s no error:

The Tizen.Security.PrivacyPrivilegeManager class provides a method to check and request permission for privacy privilege. The CheckPermission() method of PrivacyPrivilegeManager returns CheckResult which is the permission setting for a respective privilege.

Tizen .NET Sample Code

using Tizen.Security;
const string healthPrivilege = "http://tizen.org/privilege/healthinfo";
const string PPM_TAG = "PPM_TAG";

void CheckPermission()
{
  try
  {
    CheckResult result = PrivacyPrivilegeManager.CheckPermission(healthPrivilege);

    switch (result)
    {
    case CheckResult.Allow:

      // Update UI and start accessing protected functionality
      Log.Debug(PPM_TAG, "State: CheckResult.Allow");
      break;

    case CheckResult.Deny:
      // Show a message and terminate the application Or Skip this feature & continue
      Log.Debug(PPM_TAG, “State: CheckResult.Deny”);
      break;

    case CheckResult.Ask:
      // Request Permission from User
      Log.Debug(PPM_TAG, “State: CheckResult.Ask”);
      break;
    }
    catch (Exception e)
    {
      // Handle exception
    }
  }
}

Requesting User Permission For A Privilege

The Tizen.Security.PrivacyPrivilegeManager class provides a method to pop-up a permission request to the user so that privacy-related privileged APIs can be used by the application.

To request a specific privilege, the RequestPermission function has to be called with the privilege specified. The Request Permission function invokes ResponseCallback function with request result once the user makes their choice.

Note: If the user allows a single time without checking the [Don’t repeat] option, the permission is always allowed unless the user changes the permission state from [Device Settings].

Tizen .NET Sample Code

using Tizen.Security;
const string healthPrivilege = "http://tizen.org/privilege/healthinfo";
const string PPM_TAG = "PPM_TAG";

// On case CheckResult.Ask
PrivacyPrivilegeManager.RequestPermission(healthPrivilege);

PrivacyPrivilegeManager.GetResponseContext(healthPrivilege).TryGetTarget(out var context);
if (context != null)
{
  context.ResponseFetched += PPMResponseHandler;
}

void PPMResponseHandler(object sender, RequestResponseEventArgs e)
{
  if (e.cause == CallCause.Error)
  {
    /// Handle errors
    Log.Debug(PPM_TAG, "Error in Request Permission");
    return;
  }

  switch (e.result)
  {
  case RequestResult.AllowForever:
    /* Update UI and start accessing protected functionality */
    Log.Debug(PPM_TAG, "Response: RequestResult.AllowForever");
    break;
  case RequestResult.DenyForever:
    /* Show a message and terminate the application */
    Log.Debug(PPM_TAG, "Response: RequestResult.DenyForever");
    break;
  case RequestResult.DenyOnce:
    /* Show a message with explanation, Might Try Requesting again */
    Log.Debug(PPM_TAG, "Response: RequestResult.DenyOnce");
    break;
  }
}

Once the user has allowed permission for the healthInfo privilege, you can add code for HeartRateMonitor Sensor API and retrieve the user’s heart-rate information.


Bonus Tip:

Galaxy Watches allow users to change their decision from [Device Settings] > [Apps] > [Permissions] > [Application Name].

This means that you should not store a user’s decision on appdata/database and then act according to that decision. This may lead to Unexpected Closing or Application Not Responding phenomena. Instead, check the current permission state first before every privacy-related operation.


Sample Application

For your convenience, I’ve included a ready-made sample application which you can import right onto your Visual Studio IDE and test on your Galaxy Watch or emulator.


Wrap-Up

The goal of the privacy-related privileges feature is to ensure developers limit permission requests to only when and what is needed for their app to function. It’s also to foster a sense of trust in users about what data applications access through transparency and consent. It’s good to become familiar with these priveleges now as it’s expected that there will be additional security and advanced privacy features in upcoming Tizen Wearable Platforms.