Since Runtime Permissions were introduced in Android Marshmallow, I've been meaning to apply the new way for requesting permissions and I've read and understood the dangerous permissions and how to check for them and request them.

The question is, If I have an Activity that contains a Button for opening Camera. Do I check and request the permission when the Activity is opened? Or when the button is clicked?

Please explain why your suggested way is preferred.

Do I check and request the permission when the Activity is opened? Or when the button is clicked?

If the only purpose of the Activity is to take a picture when the button is clicked, I would request the permission when the activity is opened.

If the Activity has other roles, such that the take-a-picture button is only one feature out of many, I would ask for the permission when the user clicks the button.

In other words, once the user has requested to go down a path that will (almost) certainly need the permission, ask for the permission.

According to me, when click on button ask for permission to open camera.

because activity can have many component which can request for like camera, contacts, write storage, etc

so you must not ask for permission when activity opens but when you click on button ask for camera permission

if you want to send SMS than ask when you need to send not at opening of activity.

Permissions Best Practices.

You can download official sample app here.

hope you get it.

Starting from Android SDK 23, system permissions are divided into two categories, normal and dangerous:

• Normal permissions do not directly risk the user's privacy. If your app lists a normal permission in its manifest, the system grants the permission automatically.

• Dangerous permissions can give the app access to the user's confidential data.

If your app lists a normal permission in its manifest, the system grants the permission automatically. If you list a dangerous permission, the user has to explicitly give approval to your app.

For more information, see Normal and Dangerous Permissions.

If your app targets API 23, and you need to ask user for a dangerous permission (such as READ_CONTACT or READ_CALL_LOG etc.), you need to ask for permission in runtime.