Suddenly my app is asking for permission to access photos

Expo SDK
1

Hi I’m using Expo 41.0.1 and building for both iOS and Android.

I don’t go anywhere near user photos in my app. Today I created and deployed a new iOS build. It had only minor changes but after deploy I noticed that the app was starting to ask users for permission to access their photos. I have absolutely no idea where this permission came from!

Is it possible that this is an issue caused by running expo build:ios and the cloud build touching requested permissions?

Anyone else experienced this weird issue?

Thanks

2

Hey @gmh, this does seem rather odd. Can you elaborate on when the permission dialog is being shown? Also, did this begin after an SDK upgrade? Lastly, is this only occurring on iOS?

Cheers,
Adam

3

Hi @adamjnav thanks for coming back :slight_smile:

It is a really odd one seeing as my app is very basic and I don’t go anywhere near user permissions. I don’t ask for permissions or have any features that require permissions. I just did a new build yesterday and the dialogue appeared out of nowhere, asking me for camera access. It wasn’t there in my previous build a few days ago and I literally only changed a couple of lines of totally unrelated code in the latest build.

  • The permission dialogue appears on app launch (right after splash screen dismiss, on my app homepage, no user actions taken previously other than opening the app)
  • I haven’t upgraded my SDK version. I’m locked to ~41.0.1 in my project
  • It does look as though it is only affecting iOS

Really strange! I’m concerned because this is affecting my production app and putting users off.

4

Hi,

I have got the same issue, my app does not use photos at all. But today the app asks for permission.
I am using SDK “^40.0.0”. Any update or any hints on this issue ?

Thanks

5

We have this problem too.

6

Actually, our app randomly asks for the Camera permission on iOS when the app starts.

7

we haven’t updated the base shell app for sdk 40 for 6 months, so i don’t think anything would have changed on your end.

we also haven’t updated the base shell app for sdk 41 for over 2 months (may 20)

any changes to your app seem to be likely caused by changes to your app code

8

On suspicion we have is that our exception tracking library from sentry.io is somehow asking for the extra permission, but we haven’t figured out a way to check that.

9

i doubt it comes from that. maybe you are all using the same third party library that changed and requests permissions on import rather than when calling a function. you should all share your package.json.

there are many other ways you could debug this but an easy one is the approach mentioned in this doc.

10

Here’s our package.json:

{
  "name": "hiddenforprivacy",
  "private": true,
  "dependencies": {
    "@rails/actioncable": "^6.0.0",
    "@rails/activestorage": "^6.0.0",
    "@rails/ujs": "^6.0.0",
    "@rails/webpacker": "^6.0.0-beta.7",
    "expo-updates": "^0.8.2",
    "turbolinks": "^5.2.0",
    "webpack": "^5.11.0",
    "webpack-cli": "^4.2.0"
  },
  "version": "0.1.0",
  "devDependencies": {
    "@webpack-cli/serve": "^1.5.1",
    "webpack-dev-server": "^3.11.2"
  },
  "engines": {
    "yarn": ">=1.10.1"
  },
  "babel": {
    "presets": [
      "./node_modules/@rails/webpacker/package/babel/preset.js"
    ]
  }
}
11

@notbrent Sorry, here’s the actual package.json from our react app:

{
  "main": "node_modules/expo/AppEntry.js",
  "scripts": {
    "start": "expo start",
    "android": "expo start --android",
    "ios": "expo start --ios",
    "web": "expo start --web",
    "eject": "expo eject",
    "test": "jest"
  },
  "jest": {
    "preset": "jest-expo",
    "transformIgnorePatterns": [
      "node_modules/(?!(jest-)?react-native|react-clone-referenced-element|@react-native-community|expo(nent)?|@expo(nent)?/.*|react-navigation|@react-navigation/.*|@unimodules/.*|unimodules|sentry-expo|native-base|@sentry/.*)"
    ]
  },
  "dependencies": {
    "@expo-google-fonts/poppins": "^0.1.0",
    "@react-native-async-storage/async-storage": "^1.14.1",
    "@react-native-community/masked-view": "0.1.10",
    "@react-navigation/native": "^5.9.3",
    "@react-navigation/stack": "^5.14.3",
    "@types/react-helmet": "^6.1.0",
    "date-fns": "^2.22.1",
    "detect-browser": "^5.2.0",
    "expo": "~40.0.0",
    "expo-app-loading": "^1.0.3",
    "expo-av": "~8.7.0",
    "expo-font": "~8.4.0",
    "expo-secure-store": "^9.3.0",
    "expo-status-bar": "~1.0.3",
    "mobx": "^6.1.7",
    "mobx-react": "^7.1.0",
    "posthog-js": "^1.11.4",
    "react": "16.13.1",
    "react-dom": "16.13.1",
    "react-helmet": "^6.1.0",
    "react-native": "https://github.com/expo/react-native/archive/sdk-40.0.1.tar.gz",
    "react-native-gesture-handler": "~1.8.0",
    "react-native-paper": "^4.9.1",
    "react-native-reanimated": "~1.13.0",
    "react-native-safe-area-context": "3.1.9",
    "react-native-screens": "~2.15.2",
    "react-native-super-grid": "^4.1.3",
    "react-native-web": "~0.13.12",
    "react-native-web-swiper": "^2.2.1",
    "react-navigation-bottom-tabs-no-warnings": "^5.11.3",
    "sentry-expo": "^3.1.3"
  },
  "devDependencies": {
    "@babel/core": "~7.9.0",
    "@expo/webpack-config": "^0.12.67",
    "@types/react": "~16.9.35",
    "@types/react-dom": "~16.9.8",
    "@types/react-native": "~0.63.2",
    "babel-plugin-transform-inline-environment-variables": "^0.4.3",
    "jest-expo": "^40.0.2",
    "react-test-renderer": "~16.13.1",
    "typescript": "~4.0.0",
    "webpack-bundle-analyzer": "^4.4.1"
  },
  "private": true
}
12

@notbrent What’s challenging about debugging this is the Camera Permission dialog does not reliably pop-up. It has occurred a few random times, but we don’t yet have a sequence of events we can take to trigger it. Therefore it’s hard to start systematically removing packages to see if one of them fixes it. Knowing that, any suggestions?

1 Like
13

Hi @notbrent and others, thanks for stepping in to help. We’ve been losing users for weeks thanks to this so I’d really love to figure it out! If anyone does manage to land on a solution while we’re looking for commonalities in packages or debugging, please do share it.

Here’s my package.json

{
  "main": "node_modules/expo/AppEntry.js",
  "scripts": {
    "start": "expo start",
    "android": "expo start --android",
    "ios": "expo start --ios",
    "web": "expo start --web",
    "eject": "expo eject",
    "lint": "eslint . --ext .js"
  },
  "dependencies": {
    "@expo-google-fonts/nunito": "^0.1.0",
    "@expo-google-fonts/source-sans-pro": "^0.1.0",
    "@portxchange/expo-mixpanel-analytics": "^1.1.0",
    "@react-native-async-storage/async-storage": "^1.13.0",
    "@react-native-community/masked-view": "0.1.10",
    "@react-navigation/bottom-tabs": "^5.11.11",
    "@react-navigation/native": "^5.9.4",
    "@react-navigation/stack": "^5.14.5",
    "camelize": "^1.0.0",
    "expo": "~41.0.1",
    "expo-firebase-analytics": "~4.0.2",
    "expo-firebase-core": "~3.0.0",
    "expo-font": "~9.1.0",
    "expo-status-bar": "~1.0.4",
    "expo-web-browser": "~9.1.0",
    "firebase": "8.2.3",
    "react": "16.13.1",
    "react-dom": "16.13.1",
    "react-native": "https://github.com/expo/react-native/archive/sdk-41.0.0.tar.gz",
    "react-native-gesture-handler": "~1.10.2",
    "react-native-paper": "^4.8.1",
    "react-native-reanimated": "~2.1.0",
    "react-native-safe-area-context": "3.2.0",
    "react-native-screens": "~3.0.0",
    "react-native-svg": "12.1.0",
    "react-native-web": "~0.13.12",
    "styled-components": "^5.3.0"
  },
  "devDependencies": {
    "@babel/core": "^7.9.0",
    "@react-native-community/eslint-config": "^2.0.0",
    "eslint": "^7.26.0",
    "prettier": "^2.3.0"
  },
  "private": true
}
14

So far, these are the common deps. Whether any of them is to blame, I have no idea:

dependency comparison
dependency comparison2350×442 306 KB

15

Another suspicion I have is that some component on the screen is triggering a gesture that is seen as a “save photo” gesture and maybe it’s trying to save the image to the Camera Roll on iOS. This is just a hunch, though.

16

We have the problem of the Photo Access Permission being randomly requested, and just got declined from the app store for it (no explanation why we need this in info.plist :)). I had the suspicion it was how we were importing our images into the JS layer, but we’re doing this consistently everywhere.

17

let us know if you can provide a reproducible example. my guess is it is coming from some third party library, but there isn’t really anything we can do to help without more information and specifically a mcve

18

Got it - good guess. I’ll reduce dependencies and if I work out what’s requesting it (and it’s an expo lib) I’ll post an MCVE.

Thank you!

1 Like
19

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.