Unnecessary fetch health permissions #449
Conversation
SamadiPour
left a comment
SamadiPour
left a comment
There was a problem hiding this comment.
Thanks for this PR. I also have this issue because it doesn't work without requesting these permissions. You also can't submit to Google Play if you request extra permissions that you don't actually need.
I added a few small notes that can improve it.
| var totalDistance = 0.0 | ||
| for (distanceRec in distanceRequest.records) { | ||
| totalDistance += distanceRec.distance.inMeters | ||
| if (permissionChecker.isLocationPermissionGranted() && permissionChecker.isHealthDistancePermissionGranted()) { |
There was a problem hiding this comment.
Why do you need both permissions to obtain distance? From what I understand, you only need READ_DISTANCE to access this.
Even if having location permission means we can access the distance, then the condition should be OR instead of AND
|
|
||
| // Get distance data | ||
| val distanceRequest = healthConnectClient.readRecords( |
There was a problem hiding this comment.
I think you forgot to remove this. You are requesting distance twice.
| ), | ||
| ), | ||
| ) | ||
| var totalEnergyBurned = 0.0 |
There was a problem hiding this comment.
I think it would be better to return null for these values when we don't have permission. This way, we have an indication of whether we don't have access to this permission or if it's actually 0.
2 participants
This pull request introduces improved permission handling for health data retrieval on Android and adds support for tracking the raw workout activity type in the Dart data model. The changes focus on ensuring that sensitive health data is only accessed when the appropriate permissions are granted, with clear logging and error handling, and on making the workout data model more robust and informative.
Android: Enhanced permission checks and error handling
HealthPermissionCheckerclass to centralize and simplify permission checks for location, distance, calories burned, and steps data. This class ensures that data is only accessed if the corresponding permissions are granted, improving security and user privacy. (android/src/main/kotlin/cachet/plugins/health/HealthPermissionChecker.kt)HealthDataReaderto useHealthPermissionCheckerfor checking permissions before retrieving distance, calories burned, and steps data. If permissions are missing, the code now logs a message and skips data retrieval for that type, instead of attempting access. (android/src/main/kotlin/cachet/plugins/health/HealthDataReader.kt) [1] [2] [3] [4]HealthDataReaderby returning a more descriptive error with an empty list when data is unavailable, instead of just an empty list. (android/src/main/kotlin/cachet/plugins/health/HealthDataReader.kt)