权限有:
1.普通权限 normal
2.运行时权限 danger
<permission
android:name="android.permission.READ_CONTACTS" android:permissionGroup="android.permission-group.UNDEFINED" android:label="@string/permlab_readContacts" android:description="@string/permdesc_readContacts" android:protectionLevel="dangerous" />
3.Signature
权限被声明为Signature ,只有和该apk(定义这个权限的apk)有相同的私钥签名的应用才可以申请这个权限。
<!-- @hide @SystemApi @TestApi Allows an application to modify OBB files visible to other apps. --> <permission android:name="android.permission.WRITE_OBB" android:protectionLevel="signature|privileged" />
<!-- @SystemApi Allows read access to privileged phone state. @hide Used internally. --> <permission android:name="android.permission.READ_PRIVILEGED_PHONE_STATE" android:protectionLevel="signature|privileged" />
4.signature & system
系统应用或者 和定义权限的apk有相同的签名,可以去获得这个权限
5.权限组是定义一组权限,如果当前一个权限组一个权限被赋予,那么这组权限都被赋予。
<!-- Used for runtime permissions related to user's SMS messages. --> <permission-group android:name="android.permission-group.SMS" android:icon="@drawable/perm_group_sms" android:label="@string/permgrouplab_sms" android:description="@string/permgroupdesc_sms" android:request="@string/permgrouprequest_sms" android:priority="300" />
1.申请动态权限的过程:
private void myRequetPermission() { if (ContextCompat.checkSelfPermission(this, Manifest.permission.WRITE_EXTERNAL_STORAGE) != PERMISSION_GRANTED) { ActivityCompat.requestPermissions(this, new String[]{Manifest.permission.WRITE_EXTERNAL_STORAGE}, 1); }else { ...... } } @Override public void onRequestPermissionsResult(int requestCode, String[] permissions, int[] grantResults) { super.onRequestPermissionsResult(requestCode, permissions, grantResults); if (requestCode == 1) { ...... }else {//选择禁止 ...... } }
2.运行时授权过程:
权限检查的过程:
PermissionManagerService.java
private int checkPermission(String permName, String pkgName, int callingUid, int userId) { ......
final PackageParser.Package pkg = mPackageManagerInt.getPackage(pkgName);
if (pkg != null && pkg.mExtras != null) {
......
final PackageSetting ps = (PackageSetting) pkg.mExtras;
final boolean instantApp = ps.getInstantApp(userId);
final PermissionsState permissionsState = ps.getPermissionsState();
if (permissionsState.hasPermission(permName, userId)) {
......权限授予
}
if (isImpliedPermissionGranted(permissionsState, permName, userId)) {
return PackageManager.PERMISSION_GRANTED;} }
return PackageManager.PERMISSION_DENIED;
}
PermissionState.java
是权限检查的javabean对象,一个pkg有一个PermisssionState。 在app加载的时候权限授予情况:
3.权限组如何使用:
4.如何增加运行时权限:
5.adb 工具查看权限或者授予权限
查看所有的dangerous permissions:
adb shell pm list permissions –g –d
安装app并且对所有列在app manifest文件下的所有permission给予授权:
adb install -g <path_to_apk>
授权给某个app某个permission:
adb pm grant <package_name> <permission_name>
撤销授权:
adb pm revoke <package_name> <permission_name>
导出当前apk权限授予情况:
adb pull ./data/system/users/0/runtime-permissions.xml /di ./data/system/users/0/runtime-permissions.xml ./data/system/users/10/runtime-permissions.xml