Merge pull request #3714 from kiwix/Fix#3708

Fixed: Security and trust issue reported by the playStore.

app/src/androidTest/java/org/kiwix/kiwixmobile/localFileTransfer/LocalFileTransferTest.kt

@@ -57,7 +57,6 @@ class LocalFileTransferTest {
     arrayOf(
       Manifest.permission.READ_EXTERNAL_STORAGE,
       Manifest.permission.WRITE_EXTERNAL_STORAGE,
-      Manifest.permission.ACCESS_COARSE_LOCATION,
       Manifest.permission.ACCESS_FINE_LOCATION
     )
   }

app/src/androidTest/java/org/kiwix/kiwixmobile/nav/destination/PlayStoreRestrictionDialogTest.kt

@@ -54,7 +54,6 @@ class PlayStoreRestrictionDialogTest {
     arrayOf(
       Manifest.permission.READ_EXTERNAL_STORAGE,
       Manifest.permission.WRITE_EXTERNAL_STORAGE,
-      Manifest.permission.ACCESS_COARSE_LOCATION,
       Manifest.permission.ACCESS_FINE_LOCATION
     )
   }

app/src/androidTest/java/org/kiwix/kiwixmobile/webserver/ZimHostFragmentTest.kt

@@ -60,7 +60,6 @@ class ZimHostFragmentTest {
     arrayOf(
       Manifest.permission.READ_EXTERNAL_STORAGE,
       Manifest.permission.WRITE_EXTERNAL_STORAGE,
-      Manifest.permission.ACCESS_COARSE_LOCATION,
       Manifest.permission.ACCESS_FINE_LOCATION,
       Manifest.permission.ACCESS_NETWORK_STATE
     )

app/src/main/AndroidManifest.xml

@@ -5,7 +5,8 @@
 
   <uses-permission
     android:name="android.permission.ACCESS_FINE_LOCATION"
-    android:maxSdkVersion="32" />
+    android:maxSdkVersion="32"
+    tools:ignore="CoarseFineLocation" />
   <uses-permission android:name="android.permission.CHANGE_WIFI_STATE" />
   <uses-permission android:name="${permission}" />
 

app/src/main/java/org/kiwix/kiwixmobile/localFileTransfer/LocalFileTransferFragment.kt

@@ -55,23 +55,23 @@ import androidx.lifecycle.Lifecycle
 import androidx.lifecycle.lifecycleScope
 import androidx.recyclerview.widget.LinearLayoutManager
 import org.kiwix.kiwixmobile.R
-import org.kiwix.kiwixmobile.core.R.string
 import org.kiwix.kiwixmobile.cachedComponent
+import org.kiwix.kiwixmobile.core.R.string
 import org.kiwix.kiwixmobile.core.base.BaseActivity
 import org.kiwix.kiwixmobile.core.base.BaseFragment
 import org.kiwix.kiwixmobile.core.extensions.ActivityExtensions.popNavigationBackstack
 import org.kiwix.kiwixmobile.core.extensions.getToolbarNavigationIcon
 import org.kiwix.kiwixmobile.core.extensions.setToolTipWithContentDescription
 import org.kiwix.kiwixmobile.core.extensions.toast
 import org.kiwix.kiwixmobile.core.main.CoreMainActivity
+import org.kiwix.kiwixmobile.core.navigateToAppSettings
 import org.kiwix.kiwixmobile.core.utils.SharedPreferenceUtil
 import org.kiwix.kiwixmobile.core.utils.dialog.AlertDialogShower
 import org.kiwix.kiwixmobile.core.utils.dialog.KiwixDialog
 import org.kiwix.kiwixmobile.databinding.FragmentLocalFileTransferBinding
 import org.kiwix.kiwixmobile.localFileTransfer.WifiDirectManager.Companion.getDeviceStatus
 import org.kiwix.kiwixmobile.localFileTransfer.adapter.WifiP2pDelegate
 import org.kiwix.kiwixmobile.localFileTransfer.adapter.WifiPeerListAdapter
-import org.kiwix.kiwixmobile.core.webserver.ZimHostFragment.Companion.PERMISSION_REQUEST_CODE_COARSE_LOCATION
 import uk.co.deanwild.materialshowcaseview.MaterialShowcaseSequence
 import uk.co.deanwild.materialshowcaseview.ShowcaseConfig
 import javax.inject.Inject
@@ -219,17 +219,20 @@ class LocalFileTransferFragment :
     when {
       !checkFineLocationAccessPermission() ->
         true
+
       !checkExternalStorageWritePermission() ->
         true
       /* Initiate discovery */
       !wifiDirectManager.isWifiP2pEnabled -> {
         requestEnableWifiP2pServices()
         true
       }
+
       Build.VERSION.SDK_INT >= Build.VERSION_CODES.O && !isLocationServiceEnabled -> {
         requestEnableLocationServices()
         true
       }
+
       else -> {
         showPeerDiscoveryProgressBar()
         wifiDirectManager.discoverPeerDevices()
@@ -323,8 +326,8 @@ class LocalFileTransferFragment :
         if (!permissionGranted) {
           if (shouldShowRationale(NEARBY_WIFI_DEVICES)) {
             alertDialogShower.show(
-              KiwixDialog.NearbyWifiPermissionRationaleOnHostZimFile,
-              ::askNearbyWifiDevicesPermission
+              KiwixDialog.NearbyWifiPermissionRationale,
+              requireActivity()::navigateToAppSettings
             )
           } else {
             askNearbyWifiDevicesPermission()
@@ -337,7 +340,7 @@ class LocalFileTransferFragment :
         if (shouldShowRationale(ACCESS_FINE_LOCATION)) {
           alertDialogShower.show(
             KiwixDialog.LocationPermissionRationale,
-            ::requestLocationPermission
+            requireActivity()::navigateToAppSettings
           )
         } else {
           requestLocationPermission()
@@ -350,7 +353,7 @@ class LocalFileTransferFragment :
   private fun askNearbyWifiDevicesPermission() {
     ActivityCompat.requestPermissions(
       requireActivity(), arrayOf(Manifest.permission.NEARBY_WIFI_DEVICES),
-      PERMISSION_REQUEST_CODE_COARSE_LOCATION
+      PERMISSION_REQUEST_CODE_NEARBY_WIFI_DEVICES
     )
   }
 
@@ -367,7 +370,7 @@ class LocalFileTransferFragment :
           if (shouldShowRationale(WRITE_EXTERNAL_STORAGE)) {
             alertDialogShower.show(
               KiwixDialog.StoragePermissionRationale,
-              ::requestStoragePermissionPermission
+              requireActivity()::navigateToAppSettings
             )
           } else {
             requestStoragePermissionPermission()
@@ -400,25 +403,30 @@ class LocalFileTransferFragment :
   ) {
     if (grantResults[0] == PERMISSION_DENIED) {
       when (requestCode) {
-        PERMISSION_REQUEST_FINE_LOCATION -> {
+        PERMISSION_REQUEST_FINE_LOCATION,
+        PERMISSION_REQUEST_CODE_NEARBY_WIFI_DEVICES -> {
           Log.e(TAG, "Location permission not granted")
           toast(R.string.permission_refused_location, Toast.LENGTH_SHORT)
           requireActivity().popNavigationBackstack()
         }
+
         PERMISSION_REQUEST_CODE_STORAGE_WRITE_ACCESS -> {
           Log.e(TAG, "Storage write permission not granted")
           toast(R.string.permission_refused_storage, Toast.LENGTH_SHORT)
           requireActivity().popNavigationBackstack()
         }
+
         else ->
           super.onRequestPermissionsResult(requestCode, permissions, grantResults)
       }
     } else if (grantResults[0] == PERMISSION_GRANTED) {
       when (requestCode) {
         PERMISSION_REQUEST_FINE_LOCATION,
-        PERMISSION_REQUEST_CODE_STORAGE_WRITE_ACCESS -> {
+        PERMISSION_REQUEST_CODE_STORAGE_WRITE_ACCESS,
+        PERMISSION_REQUEST_CODE_NEARBY_WIFI_DEVICES -> {
           onSearchMenuClicked()
         }
+
         else ->
           super.onRequestPermissionsResult(requestCode, permissions, grantResults)
       }
@@ -489,5 +497,6 @@ class LocalFileTransferFragment :
     const val TAG = "LocalFileTransferActvty"
     private const val PERMISSION_REQUEST_FINE_LOCATION = 2
     private const val PERMISSION_REQUEST_CODE_STORAGE_WRITE_ACCESS = 3
+    const val PERMISSION_REQUEST_CODE_NEARBY_WIFI_DEVICES = 10
   }
 }

core/src/main/AndroidManifest.xml

@@ -21,7 +21,6 @@
     android:name="android.permission.NEARBY_WIFI_DEVICES"
     android:usesPermissionFlags="neverForLocation"
     tools:targetApi="s" />
-  <uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" />
   <queries>
     <intent>
       <action android:name="android.intent.action.TTS_SERVICE" />

core/src/main/java/org/kiwix/kiwixmobile/core/utils/dialog/KiwixDialog.kt

@@ -49,16 +49,9 @@ sealed class KiwixDialog(
     android.R.string.cancel
   )
 
-  object LocationPermissionRationaleOnHostZimFile : KiwixDialog(
+  object NearbyWifiPermissionRationale : KiwixDialog(
     null,
-    R.string.permission_rationale_location_on_host_zim_file,
-    android.R.string.ok,
-    android.R.string.cancel
-  )
-
-  object NearbyWifiPermissionRationaleOnHostZimFile : KiwixDialog(
-    null,
-    R.string.permission_rationale_location_on_host_zim_file,
+    R.string.permission_rationale_nearby,
     android.R.string.ok,
     android.R.string.cancel
   )

core/src/main/java/org/kiwix/kiwixmobile/core/webserver/ZimHostFragment.kt

@@ -18,15 +18,13 @@
 
 package org.kiwix.kiwixmobile.core.webserver
 
-import android.Manifest
 import android.Manifest.permission.POST_NOTIFICATIONS
 import android.annotation.SuppressLint
 import android.app.Dialog
 import android.content.ComponentName
 import android.content.Context
 import android.content.Intent
 import android.content.ServiceConnection
-import android.content.pm.PackageManager
 import android.os.Build
 import android.os.Bundle
 import android.os.IBinder
@@ -37,7 +35,6 @@ import android.view.LayoutInflater
 import android.view.View
 import android.view.ViewGroup
 import android.widget.Toast
-import androidx.annotation.RequiresApi
 import androidx.appcompat.widget.Toolbar
 import androidx.core.app.ActivityCompat
 import androidx.core.content.ContextCompat
@@ -56,7 +53,6 @@ import org.kiwix.kiwixmobile.core.navigateToAppSettings
 import org.kiwix.kiwixmobile.core.reader.ZimFileReader
 import org.kiwix.kiwixmobile.core.reader.ZimReaderContainer
 import org.kiwix.kiwixmobile.core.utils.ConnectivityReporter
-import org.kiwix.kiwixmobile.core.utils.REQUEST_POST_NOTIFICATION_PERMISSION
 import org.kiwix.kiwixmobile.core.utils.ServerUtils
 import org.kiwix.kiwixmobile.core.utils.SharedPreferenceUtil
 import org.kiwix.kiwixmobile.core.utils.dialog.AlertDialogShower
@@ -172,17 +168,14 @@ class ZimHostFragment : BaseFragment(), ZimHostCallbacks, ZimHostContract.View {
     }
 
     activityZimHostBinding?.startServerButton?.setOnClickListener {
-      if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.TIRAMISU ||
-        checkNearbyWifiDevicesPermission()
+      if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.TIRAMISU
       ) {
         if (requireActivity().hasNotificationPermission(sharedPreferenceUtil)) {
           startStopServer()
         } else {
           requestNotificationPermission()
         }
-      } else if (Build.VERSION.SDK_INT <= Build.VERSION_CODES.P ||
-        checkCoarseLocationAccessPermission()
-      ) {
+      } else {
         startStopServer()
       }
     }
@@ -203,87 +196,6 @@ class ZimHostFragment : BaseFragment(), ZimHostCallbacks, ZimHostContract.View {
     }
   }
 
-  private fun checkCoarseLocationAccessPermission(): Boolean =
-    if (ContextCompat.checkSelfPermission(
-        requireActivity(),
-        Manifest.permission.ACCESS_COARSE_LOCATION
-      ) == PackageManager.PERMISSION_DENIED
-    ) {
-      if (ActivityCompat.shouldShowRequestPermissionRationale(
-          requireActivity(),
-          Manifest.permission.ACCESS_COARSE_LOCATION
-        )
-      ) {
-        alertDialogShower.show(
-          KiwixDialog.LocationPermissionRationaleOnHostZimFile,
-          ::askCoarseLocationPermission
-        )
-      } else {
-        askCoarseLocationPermission()
-      }
-      false
-    } else {
-      true
-    }
-
-  private fun checkNearbyWifiDevicesPermission(): Boolean =
-    if (ContextCompat.checkSelfPermission(
-        requireActivity(),
-        Manifest.permission.NEARBY_WIFI_DEVICES
-      ) == PackageManager.PERMISSION_DENIED
-    ) {
-      if (ActivityCompat.shouldShowRequestPermissionRationale(
-          requireActivity(),
-          Manifest.permission.NEARBY_WIFI_DEVICES
-        )
-      ) {
-        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.TIRAMISU) {
-          alertDialogShower.show(
-            KiwixDialog.NearbyWifiPermissionRationaleOnHostZimFile,
-            ::askNearbyWifiDevicesPermission
-          )
-        }
-      } else {
-        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.TIRAMISU) {
-          askNearbyWifiDevicesPermission()
-        }
-      }
-      false
-    } else {
-      true
-    }
-
-  @Suppress("DEPRECATION")
-  override fun onRequestPermissionsResult(
-    requestCode: Int,
-    permissions: Array<out String>,
-    grantResults: IntArray
-  ) {
-    super.onRequestPermissionsResult(requestCode, permissions, grantResults)
-    if (permissions.isNotEmpty() && grantResults[0] == PackageManager.PERMISSION_GRANTED) {
-      if (requestCode == PERMISSION_REQUEST_CODE_COARSE_LOCATION ||
-        requestCode == REQUEST_POST_NOTIFICATION_PERMISSION
-      ) {
-        startStopServer()
-      }
-    }
-  }
-
-  private fun askCoarseLocationPermission() {
-    ActivityCompat.requestPermissions(
-      requireActivity(), arrayOf(Manifest.permission.ACCESS_COARSE_LOCATION),
-      PERMISSION_REQUEST_CODE_COARSE_LOCATION
-    )
-  }
-
-  @RequiresApi(Build.VERSION_CODES.TIRAMISU)
-  private fun askNearbyWifiDevicesPermission() {
-    ActivityCompat.requestPermissions(
-      requireActivity(), arrayOf(Manifest.permission.NEARBY_WIFI_DEVICES),
-      PERMISSION_REQUEST_CODE_COARSE_LOCATION
-    )
-  }
-
   private fun startStopServer() {
     when {
       ServerUtils.isServerStarted -> stopServer()
@@ -529,6 +441,5 @@ class ZimHostFragment : BaseFragment(), ZimHostCallbacks, ZimHostContract.View {
   companion object {
     const val SELECTED_ZIM_PATHS_KEY = "selected_zim_paths"
     const val RESTART_SERVER = "restart_server"
-    const val PERMISSION_REQUEST_CODE_COARSE_LOCATION = 10
   }
 }

core/src/main/res/values-ar/strings.xml

@@ -244,8 +244,6 @@
   <string name="severe_loss_error">خطأ شديد! حاول تعطيل/إعادة تمكين الواي فاي P2P</string>
   <string name="connection_failed">فشل الاتصال</string>
   <string name="permission_rationale_location">مطلوب إذن للموقع بواسطة أندرويد للسماح للتطبيق باكتشاف الأجهزة المقترنة</string>
-  <string name="permission_rationale_location_on_host_zim_file">مطلوب إذن للموقع بواسطة أندرويد للسماح للتطبيق باكتشاف ملفات زيم (Zim) المستضافة</string>
-  <string name="permission_rationale_nearby_device_on_host_zim_file">يتطلب Android إذنًا لأجهزة wifi المجاورة للسماح للتطبيق باستضافة ملفات Zim</string>
   <string name="permission_refused_location">لا يمكن تحديد موقع الأجهزة المقترنة دون أذونات الموقع</string>
   <string name="permission_refused_storage">لا يمكن الوصول إلى ملفات زيم (ZIM) دون إذن وحدة تخزين</string>
   <string name="request_enable_location">تمكين الموقع للسماح باكتشاف الأجهزة المقترنة</string>

core/src/main/res/values-cs/strings.xml

@@ -238,8 +238,6 @@
   <string name="severe_loss_error">Závažná chyba! Zkuste vypnout/znovu zapnout WiFi P2P</string>
   <string name="connection_failed">Spojení selhalo</string>
   <string name="permission_rationale_location">Systém Android vyžaduje povolení polohy, aby aplikace mohla detekovat zařízení v okolí</string>
-  <string name="permission_rationale_location_on_host_zim_file">Android vyžaduje povolení umístění, aby aplikace mohla hostovat soubory Zim</string>
-  <string name="permission_rationale_nearby_device_on_host_zim_file">Android vyžaduje povolení zařízení Wi-Fi v okolí, aby mohla aplikace hostovat soubory Zim</string>
   <string name="permission_refused_location">Nelze nalézt zařízení v okolí bez přístupu k poloze</string>
   <string name="permission_refused_storage">Nelze získat přístup k souborům zim bez povolení přístupu do úložiště</string>
   <string name="request_enable_location">Povolit přístup k poloze a umožnit vyhledávání zařízení</string>

core/src/main/res/values-dag/strings.xml

@@ -229,8 +229,6 @@
   <string name="severe_loss_error">Chiriŋ din mali yaa! Labi niŋ ŋmaabu labi\'niŋ WiFi P2P</string>
   <string name="connection_failed">Laɣimbu zaɣisiya</string>
   <string name="permission_rationale_location">Dooshee soli nyɛla binshɛli Android ni bora ni di tooi chɛ ka app ŋɔ tooi baŋ di taba</string>
-  <string name="permission_rationale_location_on_host_zim_file">Dooshee soli nyɛla binshɛli Android ni bora ni di tooi chɛ ka app ŋɔ gbubi Zim fasara nima</string>
-  <string name="permission_rationale_nearby_device_on_host_zim_file">WiFi din miri na bimbuɣisira soli nyɛla Android ni bori shɛli ni di tooi chɛ ka app ŋɔ gbubi Zim fasara nima</string>
   <string name="permission_refused_location">Ku tooi m-bo gbaai di taba  shee di yi niŋ ka a bi ti dooshee soya</string>
   <string name="permission_refused_storage">Ku tooi nya zim fasara nima di yi niŋ ka a bi ti deei niŋ shee soli</string>
   <string name="request_enable_location">Tim dooshee soli di yɛn chɛ ka di gbaai di taba</string>

core/src/main/res/values-de/strings.xml

@@ -259,8 +259,6 @@
   <string name="severe_loss_error">Schwerer Fehler! Versuchen Sie, Wi-Fi P2P auszuschalten und wieder einzuschalten</string>
   <string name="connection_failed">Verbindung fehlgeschlagen</string>
   <string name="permission_rationale_location">Android benötigt eine Standorterlaubnis, damit die App Peer-Geräte erkennen kann.</string>
-  <string name="permission_rationale_location_on_host_zim_file">Android benötigt eine Standorterlaubnis, damit die App Zim-Dateien hosten kann</string>
-  <string name="permission_rationale_nearby_device_on_host_zim_file">Android erfordert die Berechtigung für WLAN-Geräte in der Nähe, damit die App Zim-Dateien hosten kann</string>
   <string name="permission_refused_location">Ohne Standortberechtigungen können Peer-Geräte nicht lokalisiert werden</string>
   <string name="permission_refused_storage">Ohne Speichererlaubnis ist kein Zugriff auf ZIM-Dateien möglich</string>
   <string name="request_enable_location">Standort aktivieren, um Peer-Geräte zu finden</string>

core/src/main/res/values-diq/strings.xml

@@ -227,7 +227,6 @@
   <string name="severe_loss_error">Xetaya gırane! Bıcerebnê ke WiFi P2P’yi dewre ra vecê/reyêna aktif kerê</string>
   <string name="connection_failed">Gıreyin nêbiya</string>
   <string name="permission_rationale_location">Cihazê takêşan ra ferq bıyayışi rê terefê Androidi ra mısadey mehali ganiyo.</string>
-  <string name="permission_rationale_location_on_host_zim_file">Dosyayanê ZIMi darênayışê aplikasyoni rê terefê Androidi ra mısadey mehali ganiyo.</string>
   <string name="permission_refused_location">Bêmısadey mehali cihazanê takêşi nêvineyênê</string>
   <string name="permission_refused_storage">Bêmısadey depo kerdışi nêresiyeno dosyayanê ZIMi</string>
   <string name="request_enable_location">Taypêyan his kerdışi rê seba mısade dayışi mehali aktiv kerê</string>

core/src/main/res/values-es/strings.xml

@@ -247,8 +247,6 @@
   <string name="severe_loss_error">¡Error grave! Prueba inhabilitando / rehabilitando WiFi punto a punto</string>
   <string name="connection_failed">Falló la conexión</string>
   <string name="permission_rationale_location">Se requieren permisos de localización en Android para detectar dispositivos participantes</string>
-  <string name="permission_rationale_location_on_host_zim_file">Android requiere permiso de ubicación para permitir que la aplicación aloje archivos Zim</string>
-  <string name="permission_rationale_nearby_device_on_host_zim_file">Android permiso de los dispositivos WiFi cercanos para permitir a la aplicación alojar archivos zim.</string>
   <string name="permission_refused_location">No se pueden ubicar dispositivos de pares sin permisos de ubicación</string>
   <string name="permission_refused_storage">No se puede acceder a archivos ZIM sin permisos de almacenamiento</string>
   <string name="request_enable_location">Habilite la ubicación para permitir la detección de compañeros</string>

core/src/main/res/values-fr/strings.xml

@@ -254,8 +254,6 @@
   <string name="severe_loss_error">Erreur grave! Essayez de désactiver/réactiver l’appairage WiFi</string>
   <string name="connection_failed">La connexion a échoué</string>
   <string name="permission_rationale_location">L’autorisation de géolocalisation est requise par Android pour permettre à l’application de détecter des appareils à proximité.</string>
-  <string name="permission_rationale_location_on_host_zim_file">La permission locale est demandée par Android pour autoriser l’application à héberger des fichiers Zim.</string>
-  <string name="permission_rationale_nearby_device_on_host_zim_file">Une autorisation des appareils Wi-Fi à proximité est requise par Android pour permettre à l’application d’héberger des fichiers Zim.</string>
   <string name="permission_refused_location">Impossible de trouver des appareils proches sans les autorisations de géolocalisation</string>
   <string name="permission_refused_storage">Impossible d’accéder aux fichiers ZIM sans autorisation d’accès au stockage</string>
   <string name="request_enable_location">Activer la géolocalisation pour permettre la détection d’appareils proches</string>