testing - How can I add additional Android permissions for my UI test project only?

Question

I try to write files to the external SD card in a from InstrumentationTestCase2 derived test case for pure testing purposes. This works all well when android.permission.WRITE_EXTERNAL_STORAGE is configured in the AndroidManifest.xml file of the application under test, but does not work if this setting is only present in the AndroidManifest.xml file of the test project.

Naturally, I don't want to add this permission to the main manifest, since I only need this capability during my functional tests. How can I achieve that?

Answer 1

In short you should add the same android:sharedUserId for both application's manifest and test project's manifest and declare necessary permission for the test project.

This workaround comes from the fact that Android actually assigns permissions to linux user accounts (uids) but not to application themselves (by default every application gets its own uid so it looks like permissions are set per an application).

Applictions that are signed with the same certificate can however share the same uid. As a consequence they have a common set of permissions. For example, I can have application A that requests WRITE_EXTERNAL_STORAGE permission and application B that requests INTERNET permission. Both A and B are signed by the same certificate (let's say debug one). In AndroidManifest.xml files for A and B android:sharedUserId="test.shared.id" is declared in <manifest> tag. Then both A and B can access network and write to sdcard even though they declare only part of needed permissions because permissions are assigned per uid. Of course, this works only if both A and B are actually installed.

Here is an example of how to set up in case of the test project. The AndroidManifest.xml for application:

<manifest xmlns:android="http://schemas.android.com/apk/res/android"
    package="com.example.testproject"
    android:versionCode="1"
    android:versionName="1.0"
    android:sharedUserId="com.example.testproject.uid">

    <uses-sdk
        android:minSdkVersion="8"
        android:targetSdkVersion="16" />

    <application
        android:icon="@drawable/ic_launcher"
        android:label="@string/app_name">
        <activity
            android:name="com.example.testproject.MainActivity"
            android:label="@string/app_name" >
            <intent-filter>
                <action android:name="android.intent.action.MAIN" />    
                <category android:name="android.intent.category.LAUNCHER" />
            </intent-filter>
        </activity>
    </application>

</manifest>

And the AndroidManifest.xml for a test project

<manifest xmlns:android="http://schemas.android.com/apk/res/android"
    package="com.example.testproject.test"
    android:sharedUserId="com.example.testproject.uid"
    android:versionCode="1"
    android:versionName="1.0" >

    <uses-sdk android:minSdkVersion="8" />

    <instrumentation
        android:name="android.test.InstrumentationTestRunner"
        android:targetPackage="com.example.testproject" />

    <uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />

    <application
        android:icon="@drawable/ic_launcher"
        android:label="@string/app_name" >
        <uses-library android:name="android.test.runner" />
    </application>

</manifest>

The drawback of this solution is that the application is able to write to external storage too when test package is installed. If it accidentally writes something to a storage it may remain unnoticed until release when the package will be signed with a different key.

Some additional information about shared UIDs can be found at http://developer.android.com/guide/topics/security/permissions.html#userid.