Beginners Guide: Scoped Storage in Android 11
A storage access change for Android 10 becomes mandatory for Android 11. This blog is about scoped storage. How can we access it, and what does it mean for our app?
With Android 11, Some major changes and restrictions are added to enhance user privacy like Scoped storage enforcement, Permissions auto-reset, Background location access, Package visibility.
1. Enforcement scoped storage: Access into external storage directories is limited to an application-specific directory and specific media types that the app has created.
2. Auto-reset permissions: The system auto-resets the app’s sensitive permissions if users haven’t interacted with an app for a few months.
3. Location access in the background: Users must be directed to system settings to grant apps’ background location permission.
4. Visibility of package: When an app queries the list of the installed applications on the device, the returned list is filtered.
Storage Structure Before Android version 10 :
Before the implementation of this part, let’s first understand the way data was organized before Android 10:
Private Storage: All applications have their private directory into internal storage, Ex. Android/data/package name, not visible to other apps.
Shared Storage: Private storage the rest of the storage was called shared storage. This includes all the media and non media files being stored, and an application with storage permission can easily access them.
Current Structure Problems and Access:
Suppose we used an eCommerce application and needed storage access only to ask the user to upload their profile picture, which means access to a certain file or file system. Why are we asking for complete storage access from the user?
Have we ever got worried about sensitive data? Ex. Medical prescriptions or bank documents being accessed by all the applications installed on your device?
Scoped Storage: Google provides two valid reasons why it’s making this change: reduce leftovers and security “app clutter.”
Better Attribution: An application provides access to the storage blocks with relevant data for the application.
A core part of Android designs isolates applications from each other. Android Q takes the same fundamental principle from application sandboxing, and Google has introduced scoped storage.
Private storage is the same as before. Shared storage is further divided media and downloads non media files collection.
Look at the storage structure in Android 10 & above:
Reducing file clutter:
The mainly android system binds storage to the owner app., which becomes easier for the system to locate relevant files corresponding to an app. It’s useful when the application is uninstalled because all the data related to the app is also uninstalled.
Preventing the abuse of READ_EXTERNAL_STORAGE permission:
READ_EXTERNAL_STORAGE permission for an application we got access to the entire application from external storage, where we save things like photos, private documents, videos, and other potentially sensitive files. What is Scoped Storage in Android 11?
The scoped storage in android enforced the application only. We can see their data to folders plus certain media types like music files using other storage APIs.
It gives me more control over my files and gives me access. Also, it will make extra space available for devices if non-required files are getting deleted with the app itself.
What permissions apps need to access the files from scoped storage?
Before, there was one permission to write all the files and another to read. And now, using the scoped storage, access is allotted based on the storage type and ownership of the content.
- Applications will have access to their external and internal storage for both write & read permission operations.
- Applications will not have restricted access to contribute files Media & NonMedia as long as the file is stored in the organized collection.
- Media collection contributed by other applications can be accessed based on the used “READ_STORAGE_PERMISSION” permission. Basically, “WRITE_STORAGE_PERMISSION” permission will be deprecated from the next version and, if used, will work the same as “READ_STORAGE_PERMISSION.”
- Non Media files contributed by other applications can be accessed using the Storage access framework API. No explicit permission is needed. This does not mean that applications can access all the directories Root, android/Data, Download directory. Once the user grants access, it will be complete access Read, Modify, Delete.
An application uses legacy storage & before the targeted Android version is 10 or lower, you might be storing data in a directory that you cannot access when scoped storage model is enabled. When you target version 11, migrate data to a directory compatible with scoped storage. In most cases, you can migrate data to your application’s specific directory—storage Updates in Android 11.
Let’s see understand and how to implement it:
Storage Operations:
Select a file: This ACTION_OPEN_DOCUMENT then opens the system file picker app to allow the user to choose the file to open.
const val PICK_PDF_FILE = 2
fun openFile(pickerInitialUri: uri) {
val intent = Intent(Intent.ACTION_OPEN_DOCUMENT).apply {
addCategory(Intent.CATEGORY_OPENABLE)
type = "application/pdf"
putExtra(DocumentsContract.EXTRA_INITIAL_URI, pickerInitialUri)
}
startActivityForResult(intent, PICK_PDF_FILE)
}
Select the folder: Used this “ACTION_OPEN_DOCUMENT” it has been replaced with the ACTION_OPEN_DOCUMENT_TREE.
fun openDirectory(pickerInitialUri: Uri) {
val intent = Intent(Intent.ACTION_OPEN_DOCUMENT_TREE).apply {
flags = Intent.FLAG_GRANT_READ_URI_PERMISSION
putExtra(DocumentsContract.EXTRA_INITIAL_URI, pickerInitialUri)
}
startActivityForResult(intent, your-request-code)
}
Create the file: Used this “ACTION_CREATE_DOCUMENT” to save a file in a specific location.
const val CREATE_FILE = 1
private fun createFile(pickerInitialUri: Uri) {
val intent = Intent(Intent.ACTION_CREATE_DOCUMENT).apply {
addCategory(Intent.CATEGORY_OPENABLE)
type = "application/pdf"
putExtra(Intent.EXTRA_TITLE, "invoice.pdf")
putExtra(DocumentsContract.EXTRA_INITIAL_URI, pickerInitialUri)
}
startActivityForResult(intent, CREATE_FILE)
}
Conclusion
In this blog, you will have learned the steps needed to access and implement scoped storage for your application in Android 10 and above. This will allow you to improve the privacy of your users while reducing the clutter on their devices. For more excellent blogs by our DEV IT engineers, please feel free to browse our website.