Android permission.INTERACT_ACROSS_USERS_FULL

Question

I have a large app in android.

From time to time the application crashes with an error not clear. I do not know exactly when and why this happens.

java.lang.SecurityException: Permission Denial: get/set setting for user asks
to run as user -2 but is calling from user 0; this requires 
android.permission.INTERACT_ACROSS_USERS_FULL

Any help?

Answer 1

java.lang.SecurityException: Permission Denial: get/set setting for user asks to run as user -2 but is calling from user 0; this requires android.permission.INTERACT_ACROSS_USERS_FULL

Add this android:protectionLevel="signature" in your manifest .

For more details, you can check Permission-Element

Like:

<permission android:name="android.permission.INTERACT_ACROSS_USERS_FULL" android:protectionLevel="signature"/>

Answer 2

To summarize from this answer, and looking at the sources of UserHandle.java we see the meaning of the framework user id's.

# | @UserIdInt            | Value  | Status     | Description |
# | --------------------- | ------ | ---------- | ------------| 
# | USER_OWNER            | 0      | deprecated | "owner" user of the device
# | USER_SYSTEM           | 0      | ok         | "system" user of the device
# | USER_ALL              | -1     | ok         | ALL users on the device
  | USER_CURRENT          | -2     | ok         | the currently active user
# | USER_CURRENT_OR_SELF  | -3     | ok         | id from which we would like to send to the current user
# | USER_NULL             | -10000 | ok         | An undefined user id

---

Then to understand what android:protectionLevel="signature" means, you'll have to read the page about permission-element. Which is summarized in the table:

So what you need to do in your AndroidManifest.xml depend a lot on what API's you need to support, as higher > 23 API's also require a android:permissionGroup= definition, for non-normal ("dangerous") permissions...

Also good to know (by @CommonsWare)

To be able to hold INTERACT_ACROSS_USERS, your app has to be signed by the firmware's signing key or it has to be installed on the system partition.

To be able to hold INTERACT_ACROSS_USERS_FULL, your app has to be signed by the firmware's signing key.

Answer 3

Same issue i was getting when i use billingProcessor.subscribe() or billingProcessor.purchase() with two parameter as Activity and product_id of product. There was i pass the value of product_id is empty.

Please once make sure that you are passing value in the product_id is not empty.

Answer 4

One of the possible solutions is to disable auto-fill, but it works only on Android Oreo. Check this link

Simply add this code to your app :

      if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O) {
        window.decorView.importantForAutofill = 
        View.IMPORTANT_FOR_AUTOFILL_NO_EXCLUDE_DESCENDANTS;
    }

And rename getUserId() method if you have it.