参考网址
运行时权限和gids
GIDS
gids是由框架在Application安装过程中生成,与Application申请的具体权限相关。如果Application申请的相应的permission被granted,而且有对应的gids,那么这个Application的gids中将包含这个gids
<!-- This file is used to define the mappings between lower-level system
user and group IDs and the higher-level permission names managed
by the platform.
Be VERY careful when editing this file! Mistakes made here can open
big security holes.
-->
<permissions>
<permission name="android.permission.WRITE_MEDIA_STORAGE" >
<group gid="media_rw" />
<group gid="sdcard_rw" />
</permission>
</permissions>
调试命令
查看设备支持的运行时权限列表
adb shell pm list permissions -g -d
查看进程gids
adb shell dumpsys activity p com.sunmi.superpermissiontest
查看应用已经授予的动态权限
adb shell dumpsys package com.sunmi.superpermissiontest
权限授予和收回
pm grant [–user USER_ID] PACKAGE PERMISSION
pm revoke [–user USER_ID] PACKAGE PERMISSION
pm reset-permissions
pm set-permission-enforced PERMISSION [true|false]
系统预置应用授权
DefaultPermissionGrantPolicy.java
PackageManagerService
final DefaultPermissionGrantPolicy mDefaultPermissionPolicy;
public PackageManagerService(Context context, Installer installer,
boolean factoryTest, boolean onlyCore) {
mDefaultPermissionPolicy = new DefaultPermissionGrantPolicy(this);
}
@Override
public void systemReady() {
// If we upgraded grant all default permissions before kicking off.
for (int userId : grantPermissionsUserIds) {
mDefaultPermissionPolicy.grantDefaultPermissions(userId);
}
}
@Override
public void grantRuntimePermission(String packageName, String name, final int userId) {}
@Override
public void revokeRuntimePermission(String packageName, String name, int userId) {}
DefaultPermissionGrantPolicy
public void grantDefaultPermissions(int userId) {
grantPermissionsToSysComponentsAndPrivApps(userId);
grantDefaultSystemHandlerPermissions(userId);
grantDefaultPermissionExceptions(userId);
}
APP如何请求动态权限
// 请求权限
// Here, thisActivity is the current activity
if (ContextCompat.checkSelfPermission(thisActivity,
Manifest.permission.READ_CONTACTS)
!= PackageManager.PERMISSION_GRANTED) {
// Permission is not granted
// Should we show an explanation?
if (ActivityCompat.shouldShowRequestPermissionRationale(thisActivity,
Manifest.permission.READ_CONTACTS)) {
// Show an explanation to the user *asynchronously* -- don't block
// this thread waiting for the user's response! After the user
// sees the explanation, try again to request the permission.
} else {
// No explanation needed; request the permission
ActivityCompat.requestPermissions(thisActivity,
new String[]{Manifest.permission.READ_CONTACTS},
MY_PERMISSIONS_REQUEST_READ_CONTACTS);
// MY_PERMISSIONS_REQUEST_READ_CONTACTS is an
// app-defined int constant. The callback method gets the
// result of the request.
}
} else {
// Permission has already been granted
}
// 请求结果
@Override
public void onRequestPermissionsResult(int requestCode,
String[] permissions, int[] grantResults) {
switch (requestCode) {
case MY_PERMISSIONS_REQUEST_READ_CONTACTS: {
// If request is cancelled, the result arrays are empty.
if (grantResults.length > 0
&& grantResults[0] == PackageManager.PERMISSION_GRANTED) {
// permission was granted, yay! Do the
// contacts-related task you need to do.
} else {
// permission denied, boo! Disable the
// functionality that depends on this permission.
}
return;
}
// other 'case' lines to check for other
// permissions this app might request.
}
}
