Archived: This article is archived because it is not considered relevant for third-party developers creating commercial solutions today. If you think this article is still relevant, let us know by adding the template {{ReviewForRemovalFromArchive|user=~~~~|write your reason here}}.

The article is believed to be still valid for the original topic scope.

Overview

Checking API permissions using checkPermission() produces -1 with S60 devices even if the checked permission has been manually set with Application Manager.

Description

According to the MIDP 2.0 specification, the API permission status can be checked with the checkPermission(String permissionAsStringValue) method. If an API on the device defines the specific permission requested, the method returns 1 (the permission is allowed by the device). If no API on the device defines the specific permission requested, the method returns 0 (the permission is to be reported as denied). If the status of the permission is not known because it might require user interaction, the method returns -1 (the permission is to be reported as unknown).

With S60 devices, the result will be -1 if the related API with its methods are not called during startup of the MIDlet which checks the API permission. This differs from the behaviour of Series 40 devices which investigate whether a checked permission has been set by Application Manager and if so, resulting in 1.

How to reproduce

The below example checks contact list read and write permissions for the PIM API (JSR-75).

1. Write the following source code

 import javax.microedition.lcdui.*;
 import javax.microedition.midlet.*;
 
 public class Permission extends MIDlet{
 
 ... //  pauseApp() and destroyApp() methods excluded from this example 
 
 protected void startApp() throws MIDletStateChangeException {
 
 Form f = new Form("Permissions");
 f.append("Contacts Read: "
    + checkPermission("javax.microedition.pim.ContactList.read")+"\n");
 f.append("Contacts Write:"
    + checkPermission("javax.microedition.pim.ContactList.write")+"\n");
 Display.getDisplay(this).setCurrent(f);
 } 
 }

2. Include the related permissions in the JAD:

 MIDlet-Permissions: javax.microedition.pim.ContactList.read,
                     javax.microedition.pim.ContactList.write

3. Sign the MIDlet using a third party certificate.

4. After installing the MIDlet to a S60 device, set the permissions for the MIDlet from Application Manager as follows:

Read user data: Always allowed
Edit user data: Always allowed

4. Launch the signed MIDlet. The result for permission check will be as follows:

Contacts Read: -1
Contacts Write: -1

To get the permission check to return 1, it is necessary to include the related API and the API method(s) which require the permissions for using the API methods. In the PIM example, it is necessary to import the PIM API and include the PIM Contact list instance together with the accessing method:

 import javax.microedition.lcdui.*;
 import javax.microedition.midlet.*;
 import javax.microedition.pim.*; // import the PIM API
 
 public class Permission extends MIDlet{
 
 PIM pim;
 PIMList pl;
 
 ... //  pauseApp() and destroyApp() methods excluded from this example 
 
 protected void startApp() throws MIDletStateChangeException {
 try {
 
 pim = PIM.getInstance(); // Obtaining a PIM instance  
 pl = pim.openPIMList(pim.CONTACT_LIST, pim.READ_WRITE); // Access contacts list 
 
 Form f = new Form("Permissions");
 f.append("Contacts Read: "
    + checkPermission("javax.microedition.pim.ContactList.read") + "\n"); 
 f.append("Contacts Write: "
    + checkPermission("javax.microedition.pim.ContactList.write") + "\n");
 Display.getDisplay(this).setCurrent(f);
 } catch (PIMException ex) {
 ex.printStackTrace();
 }
 }
 }

After including the related API and API methods in the source code, repeat steps 2-4. For step 4, the result will be 1, which means that the API permissions are allowed.

Solution

This problem is expected to be fixed in future software versions.