OS Permissions Audit
CommitT operates on a zero-trust, fail-closed enforcement model. To prevent bypasses, self-sabotage, and background sleep cycles, the application requires and continuously audits eight system-level permissions.
If any required permission is revoked by the user while a commitment is active, the local SQLite engine immediately triggers a fail-closed lock state, restricting device usage until the audit passes.
The 8-Point Audit Matrix
CommitT’s custom React Native module—Enforcement—exposes the checkAllPermissions() method to perform a concurrent system-level check on the device.
Strict Background Location Protocol
API 29+ (Androidd 10+) Requirement: Granting "Allow only while using the app" is insufficient for CommitT.
For location-based tracking (such as Stay Throughout geofencing), the Android operating system enforces background location limits.
- The Issue: If
ACCESS_FINE_LOCATION is granted but ACCESS_BACKGROUND_LOCATION is not, the accessibility service’s background GPS thread is killed by the OS after several minutes of screen-off time.
- The Enforcement Solution: The
Enforcement module checks both fine and background permissions:
- User Action: The user must explicitly select “Allow all the time” in the system settings screen.
Native API Integration
The native bridge uses double intent flags (FLAG_ACTIVITY_NEW_TASK and FLAG_ACTIVITY_CLEAR_TOP) to ensure that when a user completes settings configuration and presses the system back button, they are immediately returned to the CommitT application.