Today I was testing one of my application over Android M (6.0). I understood that permission granting in this version is changed and I need to make some changes to make my application compatible with Android 6.0 (here is the details).
As I understood, for example If I want to grant access to write sdcard (Eternal Storage) which is a dangerous permission, I have to ask for user to grant access and then handle user decision (grant/deny) otherwise always my request are get rejected always.
I don't know am I right or not, but I want to know is it somehow against backward compatibility? I mean every application which was running in older versions, need to be changed to get running in version 6.0? If special application is not supported any more, so android 6.0 is where we should say goodbye to it?
And upon this new atmosphere, I need to change my old applications to make them running in Marshmallow (if they need dangerous permissions)?
Backwards compatibility appears to be maintained. From the page you linked,
- If the device is running Android 5.1 or lower, or your app's target SDK is 22 or lower: If you list a dangerous permission in your manifest, the user has to grant the permission when they install the app; if they do not grant the permission, the system does not install the app at all.
- If the device is running Android 6.0 or higher, and your app's target SDK is 23 or higher: The app has to list the permissions in the manifest, and it must request each dangerous permission it needs while the app is running. The user can grant or deny each permission, and the app can continue to run with limited capabilities even if the user denies a permission request.
Therefore, older apps - targeted at SDK 22 or lower - will see the old behavior of permissions granted at install time. Only new apps, those targeting SDK 23 or higher, will have to immediately worry about this.
The page does list one caveat you should be aware of:
Note: Beginning with Android 6.0 (API level 23), users can revoke permissions from any app at any time, even if the app targets a lower API level. You should test your app to verify that it behaves properly when it's missing a needed permission, regardless of what API level your app targets.
What this means for your apps, even legacy ones, is that they need to be able to survive missing a privilege you would ordinarily expect them to have. Test and update accordingly.
What this means for any third-party legacy apps you have installed is that caution must be exercised when revoking their permissions, as apps which assume their privileged actions will succeed may have issues when those permissions are unexpectedly revoked. Obviously the third-party devs should be testing and working around this, but that may not always happen.