当前位置:   article > 正文

Android 系统权限----系统默认授权_android 默认允许任何权限

android 默认允许任何权限

授权方式比较多根据需要进行修改:

1、安装应用时默认授权

应用安装过程中,系统会检查应用申请的各个权限情况,针对安装时权限和运行时权限分别记录。我们可以修改将运行权限也默认授予。代码如下

  1. //frameworks/base/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
  2. private void restorePermissionState(@NonNull AndroidPackage pkg, boolean replace,
  3. @Nullable String packageOfInterest, @Nullable PermissionCallback callback) {
  4. ... ...
  5. final String perm = bp.getName();
  6. boolean allowedSig = false;
  7. int grant = GRANT_DENIED;
  8. // Keep track of app op permissions.
  9. if (bp.isAppOp()) {
  10. mSettings.addAppOpPackage(perm, pkg.getPackageName());
  11. }
  12. //可以根据指定包名,将所有权限都判为安装时权限,自动授权
  13. if ("com.xxxx.xxxx".equals(pkg.getPackageName())) {
  14. grant = GRANT_INSTALL;
  15. } else if (bp.isNormal()) {
  16. //END
  17. // For all apps normal permissions are install time ones.
  18. grant = GRANT_INSTALL;
  19. } else if (bp.isRuntime()) {
  20. if (origPermissions.hasInstallPermission(bp.getName())
  21. || upgradedActivityRecognitionPermission != null) {
  22. // Before Q we represented some runtime permissions as install permissions,
  23. // in Q we cannot do this anymore. Hence upgrade them all.
  24. grant = GRANT_UPGRADE;
  25. } else {
  26. // For modern apps keep runtime permissions unchanged.
  27. grant = GRANT_RUNTIME;
  28. }
  29. } else if (bp.isSignature()) {
  30. // For all apps signature permissions are install time ones.
  31. allowedSig = grantSignaturePermission(perm, pkg, ps, bp, origPermissions);
  32. if (allowedSig) {
  33. grant = GRANT_INSTALL;
  34. }
  35. }

2、应用已安装打开时默认授权

在打开应用时如果有动态检测授权,会弹出授权提示框,弹出框对应的就是系统的权限管理窗口,可以默认在创建窗口时就自动授权然后隐藏弹窗,不用用户感知到。

  1. //PackageInstaller/src/com/android/packageinstaller/permission/ui/GrantPermissionsActivity.java
  2. private String mCallingPackage;
  3. private int getPermissionPolicy() {
  4. DevicePolicyManager devicePolicyManager = getSystemService(DevicePolicyManager.class);
  5. //默认返回 PERMISSION_POLICY_AUTO_GRANT Activity oncreate过程检测时会自动授权并退出弹框界面,不让用户感知到
  6. return DevicePolicyManager.PERMISSION_POLICY_AUTO_GRANT;
  7. }
  8. @Override
  9. public void onCreate(Bundle icicle) {

3、系统app 预置编译时授权

在预置的 Android.bp 文件中增加权限xml编译,注意 prebuilt_etc 中 name 格式

prebuilt_etc {
    name:privapp_allowlist_com.example.myvoicecontrol",
    sub_dir: "permissions",
    src: "com.example.myvoicecontrol.xml",
    filename_from_src: true,
}
android_app {
     ...
     required: ["privapp_allowlist_com.example.myvoicecontrol"],
     ...
}

对应的 com.example.myvoicecontrol.xml 中填写需要的权限

<?xml version="1.0" encoding="utf-8"?>
<permissions>
    <privapp-permissions package="com.android.car.voicecontrol">
        <permission name="android.permission.MEDIA_CONTENT_CONTROL"/>
    </privapp-permissions>
</permissions>

 这样编译出来的应用就有了对应权限,而且不能被用户手动修改

4、系统 app 预置系统中默认授权

开机第一次时系统加载部分模块时默认会授权部分权限

  1. //frameworks/base/services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java
  2. private void grantDefaultSystemHandlerPermissions(PackageManagerWrapper pm, int userId) {
  3. Log.i(TAG, "Granting permissions to default platform handlers for user " + userId);
  4. ... ...
  5. //以系统SMS为例,根据短信包名进行设置权限
  6. // SMS
  7. if (smsAppPackageNames == null) {
  8. String smsPackage = getDefaultSystemHandlerActivityPackageForCategory(pm,
  9. Intent.CATEGORY_APP_MESSAGING, userId);
  10. grantDefaultPermissionsToDefaultSystemSmsApp(pm, smsPackage, userId);
  11. } else {
  12. for (String smsPackage : smsAppPackageNames) {
  13. grantDefaultPermissionsToDefaultSystemSmsApp(pm, smsPackage, userId);
  14. }
  15. }
  16. ... ...

注意:针对MSM Dialer等必备功能应用,都有个提供用户选择的弹框设置默认应用,例如默认短信、默认电话应用等。此类应用在安装完成后,会执行 PermissionController 模块的 onAddRoleHolder 相关流程,设置为系统默认应用。应用为系统默认应用时,系统也会提供给他此类应用的基础权限,比如短信应用,会授予它短信类基础权限。

  1. @WorkerThread
  2. private boolean addRoleHolderInternal(@NonNull Role role, @NonNull String packageName,
  3. boolean dontKillApp, boolean overrideUserSetAndFixedPermissions, boolean added) {
  4. //这里会默认授予设置各类默认应用的基础相关权限
  5. role.grant(packageName, dontKillApp, overrideUserSetAndFixedPermissions, this);
  6. String roleName = role.getName();
  7. if (!added) {
  8. added = mRoleManager.addRoleHolderFromController(roleName, packageName);
  9. }
  10. if (!added) {
  11. Log.e(LOG_TAG, "Failed to add role holder in RoleManager, package: " + packageName
  12. + ", role: " + roleName);
  13. }
  14. return added;
  15. }

所以对短信等各类系统默认应用来说,开机时候实际执行两遍权限授予。

声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/木道寻08/article/detail/914093
推荐阅读
相关标签
  

闽ICP备14008679号