Android6.0 动态权限机制深入讲解
前言
Android6.0以后引入了动态权限机制,一些系统权限的分配需要在app运行中进行分配,而不只是在AndroidManifest中指定。
本篇将针对动态权限的底层分配过程进行分析(基于Android-6.0.1)。
权限分配
我们先看一下请求分配权限的代码
//frameworks/support/v4/java/android/support/v4/app/ActivityCompat.java
publicstaticvoidrequestPermissions(final@NonNullActivityactivity,
final@NonNullString[]permissions,finalintrequestCode){
if(Build.VERSION.SDK_INT>=23){//对于AndroidM以及以上的权限的分配
ActivityCompatApi23.requestPermissions(activity,permissions,requestCode);
}elseif(activityinstanceofOnRequestPermissionsResultCallback){//AndroidM以下的权限分配
Handlerhandler=newHandler(Looper.getMainLooper());
handler.post(newRunnable(){
@Override
publicvoidrun(){
//请求分配的权限结果,如分配就是PERMISSION_GRANTED
finalint[]grantResults=newint[permissions.length];
PackageManagerpackageManager=activity.getPackageManager();
StringpackageName=activity.getPackageName();
finalintpermissionCount=permissions.length;
//通过包管理的checkPermission来检验是否分配权限
for(inti=0;i
requestPermissions对于AndroidM的前后版本都分别做了处理,AndroidM以上通过ActivityCompatApi23.requestPermissions进行权限的请求,而AndroidM以下通过PackageManager来检查Permission的分配情况。
//frameworks/support/v4/api23/android/support/v4/app/ActivityCompat23.java
classActivityCompatApi23{
...
publicstaticvoidrequestPermissions(Activityactivity,String[]permissions,
intrequestCode){
if(activityinstanceofRequestPermissionsRequestCodeValidator){
((RequestPermissionsRequestCodeValidator)activity)
.validateRequestPermissionsRequestCode(requestCode);
}
//通过AndroidM的Activity处理
activity.requestPermissions(permissions,requestCode);
}
...
}
//frameworks/base/core/java/android/app/Activity.java
publicfinalvoidrequestPermissions(@NonNullString[]permissions,intrequestCode){
if(mHasCurrentPermissionsRequest){
Log.w(TAG,"Canreqeustonlyonesetofpermissionsatatime");
//Dispatchthecallbackwithemptyarrayswhichmeansacancellation.
onRequestPermissionsResult(requestCode,newString[0],newint[0]);
return;
}
//通过请求的权限构造Intent,弹出请求的窗口
Intentintent=getPackageManager().buildRequestPermissionsIntent(permissions);
startActivityForResult(REQUEST_PERMISSIONS_WHO_PREFIX,intent,requestCode,null);
mHasCurrentPermissionsRequest=true;
}
ActivityCompat23将请求权限的任务交给Activity来完成,在Activity中,通过请求的permission来构造一个Intent随后启动Activity来弹出请求的界面。Intent的构造是通过PackageManager的buildRequestPermissionsIntent方法构造的。
publicIntentbuildRequestPermissionsIntent(@NonNullString[]permissions){
if(ArrayUtils.isEmpty(permissions)){
thrownewNullPointerException("permissioncannotbenullorempty");
}
Intentintent=newIntent(ACTION_REQUEST_PERMISSIONS);
intent.putExtra(EXTRA_REQUEST_PERMISSIONS_NAMES,permissions);
intent.setPackage(getPermissionControllerPackageName());
returnintent;
}
Intent的action是ACTION_REQUEST_PERMISSIONS,它是这么定义的
publicstaticfinalStringACTION_REQUEST_PERMISSIONS=
"android.content.pm.action.REQUEST_PERMISSIONS";
随后一个参数就是具体请求的permission数组和一个权限分派控制的相关的包名。所以activity的请求窗口是通过隐式启动的。
/packages/apps/PackageInstaller/AndroidManifest.xml
从intent-fliter可以看到,这个GrantPermissionsActivity就是我们进行权限分配的弹出窗口。GrantPermissionsActivity它的布局文件定义在packages/apps/PackageInstaller/res/layout/grant_permissions.xml,从GrantPermissionsActivity的实现来看它就是一个长的像Dialog的activity,这里我们重点关注在该Activity中对权限的允许和拒绝的处理。
//packages/apps/PackageInstaller/src/com/android/packageinstaller/permission/ui/GrantPermissionsDefaultViewHandler.java
publicvoidonClick(Viewview){
switch(view.getId()){
caseR.id.permission_allow_button://允许
if(mResultListener!=null){
view.clearAccessibilityFocus();
mResultListener.onPermissionGrantResult(mGroupName,true,false);
}
break;
caseR.id.permission_deny_button://拒绝
mAllowButton.setEnabled(true);
if(mResultListener!=null){
view.clearAccessibilityFocus();
mResultListener.onPermissionGrantResult(mGroupName,false,
mDoNotAskCheckbox.isChecked());
}
break;
caseR.id.do_not_ask_checkbox://不再询问
mAllowButton.setEnabled(!mDoNotAskCheckbox.isChecked());
break;
}
}
这里是通过GrantPermissionsDefaultViewHandler来控制GrantPermissionsActivity的ui视图,按钮的点击事件是通过GrantPermissionsViewHandler.ResultListener接口来处理的,GrantPermissionsActivity实现了该接口。
@Override
publicvoidonPermissionGrantResult(Stringname,booleangranted,booleandoNotAskAgain){
if(isObscuredTouch()){
showOverlayDialog();
finish();
return;
}
GroupStategroupState=mRequestGrantPermissionGroups.get(name);
if(groupState.mGroup!=null){
if(granted){
groupState.mGroup.grantRuntimePermissions(doNotAskAgain);//权限组内部的权限分配
groupState.mState=GroupState.STATE_ALLOWED;//重置权限组的状态
}else{
groupState.mGroup.revokeRuntimePermissions(doNotAskAgain);
groupState.mState=GroupState.STATE_DENIED;
}
updateGrantResults(groupState.mGroup);
}
//下一个组权限的授权
if(!showNextPermissionGroupGrantRequest()){
setResultAndFinish();
}
}
onPermissionGrantResult的三个参数分别是name代表了权限组的名字,granted表示是否进行权限分配,doNotAskAgain代表是否询问权限。内部的mRequestGrantPermissionGroups是一个LinkedHashMap,它的key是权限组名,值为GroupState,它代表了待授权的权限组Map。需要注意的是权限和权限组的概念是不同的,一个权限所属一个权限组,要给权限组可以对应多个权限。而我们传递给GrantPermissionsActivity的是权限数组(注意并不是权限组),在GrantPermissionsActivity创建的时候,会将我们请求的权限分别匹配到其对应的权限组中,这会重新计算权限组的状态。这个方法对name对应的权限组进行授权或者拒绝,然后处理下一个权限组。
//packages/apps/PackageInstaller/src/com/android/packageinstaller/permission/ui/GrantPermissionsActivity.java
publicclassGrantPermissionsActivityextendsOverlayTouchActivity
implementsGrantPermissionsViewHandler.ResultListener{
privateString[]mRequestedPermissions;//请求的权限数组
privateint[]mGrantResults;//权限分配的结果数组
//请求的权限数组对应的权限组Map
privateLinkedHashMapmRequestGrantPermissionGroups=newLinkedHashMap<>();
...
@Override
publicvoidonCreate(Bundleicicle){
...
//加载应用权限组
mAppPermissions=newAppPermissions(this,callingPackageInfo,null,false,
newRunnable(){
@Override
publicvoidrun(){
setResultAndFinish();
}
});
//遍历权限组
for(AppPermissionGroupgroup:mAppPermissions.getPermissionGroups()){
booleangroupHasRequestedPermission=false;
for(StringrequestedPermission:mRequestedPermissions){
//如果请求的权限在该组内则标记groupHasRequestedPermission为true
if(group.hasPermission(requestedPermission)){
groupHasRequestedPermission=true;
break;
}
}
if(!groupHasRequestedPermission){
continue;
}
//Weallowtheusertochooseonlynon-fixedpermissions.Apermission
//isfixedeitherbydevicepolicyortheuserdenyingwithprejudice.
if(!group.isUserFixed()&&!group.isPolicyFixed()){
switch(permissionPolicy){
caseDevicePolicyManager.PERMISSION_POLICY_AUTO_GRANT:{
if(!group.areRuntimePermissionsGranted()){
group.grantRuntimePermissions(false);
}
group.setPolicyFixed();
}break;
caseDevicePolicyManager.PERMISSION_POLICY_AUTO_DENY:{
if(group.areRuntimePermissionsGranted()){
group.revokeRuntimePermissions(false);
}
group.setPolicyFixed();
}break;
default:{
//权限组是否已经分配了RuntimePermission,如果没有,则添加到mRequestGrantPermissionGroups中
if(!group.areRuntimePermissionsGranted()){
mRequestGrantPermissionGroups.put(group.getName(),
newGroupState(group));
}else{
group.grantRuntimePermissions(false);
updateGrantResults(group);
}
}break;
}
}else{
//ifthepermissionisfixed,ensurethatwereturntherightrequestresult
updateGrantResults(group);
}
}
...
if(!showNextPermissionGroupGrantRequest()){
setResultAndFinish();
}
}
}
在GrantPermissionsActivity的onCreate方法中,根据请求的权限计算所属权限组的状态,首先创建AppPermissions对象,这时会去加载应用的权限组。同时遍历用于请求的权限数组并找到其对应的权限组,同时判断该权限组是否已经分配了动态权限,如果未授权则添加到待授权的权限组Map中。到这里我们还未看到真正的授权过程,在前面onPermissionGrantResult方法中,授权是通过GroupState中的成员mGroup的grantRuntimePermissions方法进一步进行权限分配的。而GroupState的定义如下
privatestaticfinalclassGroupState{
staticfinalintSTATE_UNKNOWN=0;
staticfinalintSTATE_ALLOWED=1;
staticfinalintSTATE_DENIED=2;
finalAppPermissionGroupmGroup;
intmState=STATE_UNKNOWN;
GroupState(AppPermissionGroupgroup){
mGroup=group;
}
}
GroupState有三个状态STATE_UNKNOWN,STATE_ALLOWED,STATE_DENIED,它内部的mGroup实际上是个AppPermissionGroup,这些AppPermissionGroup是在AppPermissions加载的。
//packages/apps/PackageInstaller/src/com/android/packageinstaller/permission/model/AppPermissionGroup.java
publicbooleangrantRuntimePermissions(booleanfixedByTheUser){
finalbooleanisSharedUser=mPackageInfo.sharedUserId!=null;
finalintuid=mPackageInfo.applicationInfo.uid;
//Wetogglepermissionsonlytoappsthatsupportruntime
//permissions,otherwisewetoggletheappopcorresponding
//tothepermissionifthepermissionisgrantedtotheapp.
//遍历权限组对应的权限
for(Permissionpermission:mPermissions.values()){
if(mAppSupportsRuntimePermissions){//支持动态权限分配
//Donottouchpermissionsfixedbythesystem.
if(permission.isSystemFixed()){//系统权限则返回
returnfalse;
}
//Ensurethepermissionappopenabledbeforethepermissiongrant.
//打开permssion可以被grant的选项
if(permission.hasAppOp()&&!permission.isAppOpAllowed()){
permission.setAppOpAllowed(true);
mAppOps.setUidMode(permission.getAppOp(),uid,AppOpsManager.MODE_ALLOWED);
}
//Grantthepermissionifneeded.
//进行动态分配,通过PMS完成
if(!permission.isGranted()){
permission.setGranted(true);
mPackageManager.grantRuntimePermission(mPackageInfo.packageName,
permission.getName(),mUserHandle);
}
//Updatethepermissionflags.
if(!fixedByTheUser){
//Nowtheappscanaskforthepermissionastheuser
//nolongerhasitfixedinadeniedstate.
if(permission.isUserFixed()||permission.isUserSet()){
permission.setUserFixed(false);
permission.setUserSet(true);
mPackageManager.updatePermissionFlags(permission.getName(),
mPackageInfo.packageName,
PackageManager.FLAG_PERMISSION_USER_FIXED
|PackageManager.FLAG_PERMISSION_USER_SET,
0,mUserHandle);
}
}
}else{//AdnroidM以下的版本权限分配
....
}
}
returntrue;
}
权限的分配最终是通过PMS的grantRuntimePermission方法来完成的。
//frameworks/base/services/core/java/com/android/server/pm/PackageManagerService.java
@Override
publicvoidgrantRuntimePermission(StringpackageName,Stringname,finalintuserId){
...
mContext.enforceCallingOrSelfPermission(
android.Manifest.permission.GRANT_RUNTIME_PERMISSIONS,
"grantRuntimePermission");
enforceCrossUserPermission(Binder.getCallingUid(),userId,true,false,
"grantRuntimePermission");
finalintuid;
finalSettingBasesb;
synchronized(mPackages){
//取到Package对象
finalPackageParser.Packagepkg=mPackages.get(packageName);
if(pkg==null){
thrownewIllegalArgumentException("Unknownpackage:"+packageName);
}
//取到全局设置中的权限信息
finalBasePermissionbp=mSettings.mPermissions.get(name);
if(bp==null){
thrownewIllegalArgumentException("Unknownpermission:"+name);
}
enforceDeclaredAsUsedAndRuntimeOrDevelopmentPermission(pkg,bp);
uid=UserHandle.getUid(userId,pkg.applicationInfo.uid);
sb=(SettingBase)pkg.mExtras;//从pkg中取到应用的设置信息SettingBase
if(sb==null){
thrownewIllegalArgumentException("Unknownpackage:"+packageName);
}
//取到权限状态
finalPermissionsStatepermissionsState=sb.getPermissionsState();
finalintflags=permissionsState.getPermissionFlags(name,userId);
if((flags&PackageManager.FLAG_PERMISSION_SYSTEM_FIXED)!=0){
thrownewSecurityException("Cannotgrantsystemfixedpermission:"
+name+"forpackage:"+packageName);
}
if(bp.isDevelopment()){
//Developmentpermissionsmustbehandledspecially,sincetheyarenot
//normalruntimepermissions.Fornowtheyapplytoallusers.
if(permissionsState.grantInstallPermission(bp)!=
PermissionsState.PERMISSION_OPERATION_FAILURE){
scheduleWriteSettingsLocked();
}
return;
}
//通过PermissionsState进行动态权限的分配
finalintresult=permissionsState.grantRuntimePermission(bp,userId);
....
}
.....
}
在PMS的grantRuntimePermission方法中首先根据包名取到应用安装时的Package对象,这个Package对象中包含了应用的一些设置信息,通过这个设置信息可以取到当前应用的PermissionState,它维护了当前应用的权限授予情况。同时根据参数name,也就是权限名获取全新的配置信息BasePermission对象,它时从mSettings中取到的,mSettings是PMS的全局设置,它在PMS启动的时候初始化,里面包含了平台支持的所有权限。最后权限的分配进一步通过PermissionState来完成
//frameworks/base/services/core/java/com/android/server/pm/PermissionsState.java
//动态权限的分配
publicintgrantRuntimePermission(BasePermissionpermission,intuserId){
enforceValidUserId(userId);
if(userId==UserHandle.USER_ALL){
returnPERMISSION_OPERATION_FAILURE;
}
returngrantPermission(permission,userId);
}
privateintgrantPermission(BasePermissionpermission,intuserId){
if(hasPermission(permission.name,userId)){
returnPERMISSION_OPERATION_FAILURE;
}
//计算用户组id
finalbooleanhasGids=!ArrayUtils.isEmpty(permission.computeGids(userId));
finalint[]oldGids=hasGids?computeGids(userId):NO_GIDS;
//将权限包装成PermissionData添加到应用的权限列表中
PermissionDatapermissionData=ensurePermissionData(permission);
//授予权限,修改PermissionState的mGranted属性
if(!permissionData.grant(userId)){
returnPERMISSION_OPERATION_FAILURE;
}
if(hasGids){
finalint[]newGids=computeGids(userId);//重新计算用户的权限组id
//权限组id是否发生变化
if(oldGids.length!=newGids.length){
returnPERMISSION_OPERATION_SUCCESS_GIDS_CHANGED;
}
}
returnPERMISSION_OPERATION_SUCCESS;
}
在grantPermission方法中首先会计算当前用户进程当前拥有的组id,然后再通过ensurePermissionData将权限添加到应用的PermissionData列表中,这里返回一个PermissionData,通过该对象的grant方法进行最终的分配,事实上它其实是修改内部PermissionState成员的mGranted状态为true。最后会对用户的组id进行重新计算,如果发生变化则返回PERMISSION_OPERATION_SUCCESS_GIDS_CHANGED,否则返回PERMISSION_OPERATION_SUCCESS
//保证权限被添加到用户列表中
privatePermissionDataensurePermissionData(BasePermissionpermission){
if(mPermissions==null){
mPermissions=newArrayMap<>();
}
PermissionDatapermissionData=mPermissions.get(permission.name);
if(permissionData==null){
permissionData=newPermissionData(permission);
mPermissions.put(permission.name,permissionData);
}
returnpermissionData;
}
//根据用户权限列表计算用户的gid
publicint[]computeGids(intuserId){
enforceValidUserId(userId);
int[]gids=mGlobalGids;
if(mPermissions!=null){
finalintpermissionCount=mPermissions.size();
for(inti=0;i
ensurePermissionData方法确保将权限对应的PermissionData添加到PermissonsState的权限列表中,后续通过computeGids计算用户userId对应的组id,并将其添加到用户的组id数组mGlobalGids中。其中内置权限的gid映射是定义在/etc/permission/platform.xml
···
至此,我们明白了权限的本质实际上就是一组gid,这组gid对应的是一些整型,这些映射关系存放在system/core/include/private/android_filesystem_config.h中,其中的定义如下
#defineAID_NET_BT_ADMIN3001/*bluetooth:createanysocket*/
#defineAID_NET_BT3002/*bluetooth:createsco,rfcommorl2capsockets*/
#defineAID_INET3003/*cancreateAF_INETandAF_INET6sockets*/
#defineAID_SDCARD_RW1015/*externalstoragewriteaccess*/
staticconststructandroid_id_infoandroid_ids[]={
...
{"bluetooth",AID_BLUETOOTH,},
{"sdcard_rw",AID_SDCARD_RW,},
{"net_bt_admin",AID_NET_BT_ADMIN,},
{"net_bt",AID_NET_BT,},
{"inet",AID_INET,},
...
}
通过将权限映射成一组gid,然后作为补充gid赋值给用户进程,也就是权限分配的本质。
//PermisssionsState.PermissionData
publicbooleangrant(intuserId){
if(!isCompatibleUserId(userId)){
returnfalse;
}
if(isGranted(userId)){
returnfalse;
}
PermissionStateuserState=mUserStates.get(userId);
if(userState==null){
userState=newPermissionState(mPerm.name);
mUserStates.put(userId,userState);
}
//分配权限置true
userState.mGranted=true;
returntrue;
}
通过PermissionData的grant方法,为对应的用户创建PermissionState,并将mGranted置为true表示分配了该权限给
该用户。
当然权限分配完成后,下次不需要再次分配,当我们重新启动手机后,并需要再次对权限进行分配,这是因为PMS为所有的package记录了权限分配的情况,在Android6.0之前,package所有的权限信息都是存放在data/system/packages.xml配置文件中,在应用中启动时候读取该配置就可以直到权限分配了哪些权限。但在Android6.0后,运行时权限放在了data/system/users/0/runtime-permissions.xml中,而普通权限保持不变依然存放在packages.xml中,而且默认granted就是true。那么在分配完成权限后需要将权限的分配信息持久化到该文件中。
//packages.xml
在PMS的grantRuntimePermission分配完运行时权限后,最后会调用writeRuntimePermissionsForUserLPr将权限信息持久化到配置文件runtime-permissions.xml中,我们看看这个过程
publicvoidwriteRuntimePermissionsForUserLPr(intuserId,booleansync){
if(sync){
mRuntimePermissionsPersistence.writePermissionsForUserSyncLPr(userId);
}else{
mRuntimePermissionsPersistence.writePermissionsForUserAsyncLPr(userId);
}
}
无论时同步方式还是异步方式的持久化,最后都会调用下面的方法进行
//写入权限到配置文件
privatevoidwritePermissionsSync(intuserId){
//要写入的文件/data/system/users/0/runtime-permissions.xml
AtomicFiledestination=newAtomicFile(getUserRuntimePermissionsFile(userId));
ArrayMap>permissionsForPackage=newArrayMap<>();
ArrayMap>permissionsForSharedUser=newArrayMap<>();
synchronized(mLock){
mWriteScheduled.delete(userId);
//对所有的package进行处理
finalintpackageCount=mPackages.size();
for(inti=0;ipermissionsStates=permissionsState
.getRuntimePermissionStates(userId);//获取全新分配列表
if(!permissionsStates.isEmpty()){
//存放在permissionsForPackage这个Map中,以包名为键
permissionsForPackage.put(packageName,permissionsStates);
}
}
}
//有shareUser的情况
finalintsharedUserCount=mSharedUsers.size();
for(inti=0;ipermissionsStates=permissionsState
.getRuntimePermissionStates(userId);
if(!permissionsStates.isEmpty()){
permissionsForSharedUser.put(sharedUserName,permissionsStates);
}
}
}
//写配置
FileOutputStreamout=null;
try{
//取到输出流
out=destination.startWrite();
XmlSerializerserializer=Xml.newSerializer();
serializer.setOutput(out,StandardCharsets.UTF_8.name());
serializer.setFeature(
"http://xmlpull.org/v1/doc/features.html#indent-output",true);
serializer.startDocument(null,true);
serializer.startTag(null,TAG_RUNTIME_PERMISSIONS);
Stringfingerprint=mFingerprints.get(userId);
if(fingerprint!=null){
serializer.attribute(null,ATTR_FINGERPRINT,fingerprint);
}
//先写当前package的permission
finalintpackageCount=permissionsForPackage.size();
for(inti=0;ipermissionStates=permissionsForPackage.valueAt(i);
serializer.startTag(null,TAG_PACKAGE);//package
serializer.attribute(null,ATTR_NAME,packageName);
writePermissions(serializer,permissionStates);
serializer.endTag(null,TAG_PACKAGE);
}
//写其shareUser进程的permission
finalintsharedUserCount=permissionsForSharedUser.size();
for(inti=0;ipermissionStates=permissionsForSharedUser.valueAt(i);
serializer.startTag(null,TAG_SHARED_USER);
serializer.attribute(null,ATTR_NAME,packageName);
writePermissions(serializer,permissionStates);
serializer.endTag(null,TAG_SHARED_USER);
}
serializer.endTag(null,TAG_RUNTIME_PERMISSIONS);
serializer.endDocument();
destination.finishWrite(out);
if(Build.FINGERPRINT.equals(fingerprint)){
mDefaultPermissionsGranted.put(userId,true);
}
//Anyerrorwhilewritingisfatal.
}catch(Throwablet){
Slog.wtf(PackageManagerService.TAG,
"Failedtowritesettings,restoringbackup",t);
destination.failWrite(out);
}finally{
IoUtils.closeQuietly(out);
}
}
writePermissionsSync写配置的过程很简单,先打开配置文件/data/system/users/0/runtime-permissions.xml,随后对PMS中的每个package和sharedUser分别将其对应的权限分配列表按照包名和shareUserName存放在permissionsForPackage和permissionsForSharedUser中,随后打开输出流分别将其对应的运行时权限分配情况写入文件。
privatevoidwritePermissions(XmlSerializerserializer,
ListpermissionStates)throwsIOException{
for(PermissionStatepermissionState:permissionStates){
serializer.startTag(null,TAG_ITEM);
serializer.attribute(null,ATTR_NAME,permissionState.getName());
serializer.attribute(null,ATTR_GRANTED,
String.valueOf(permissionState.isGranted()));
serializer.attribute(null,ATTR_FLAGS,
Integer.toHexString(permissionState.getFlags()));
serializer.endTag(null,TAG_ITEM);
}
}
writePermissions负责写tag为package下的一条权限分配信息,如
权限的检测
权限检测是通过Context的checkSelfPermission方法来进行的。我们看下它的实现
@Override
publicintcheckSelfPermission(Stringpermission){
if(permission==null){
thrownewIllegalArgumentException("permissionisnull");
}
returncheckPermission(permission,Process.myPid(),Process.myUid());
}
@Override
publicintcheckPermission(Stringpermission,intpid,intuid){
if(permission==null){
thrownewIllegalArgumentException("permissionisnull");
}
try{
returnActivityManagerNative.getDefault().checkPermission(
permission,pid,uid);
}catch(RemoteExceptione){
returnPackageManager.PERMISSION_DENIED;
}
}
最终还是通过AMS的checkPermission来进行权限检查。
//frameworks/base/core/java/android/app/ActivityManager.java
@Override
publicintcheckPermission(Stringpermission,intpid,intuid){
if(permission==null){
returnPackageManager.PERMISSION_DENIED;
}
returncheckComponentPermission(permission,pid,uid,-1,true);
}
intcheckComponentPermission(Stringpermission,intpid,intuid,
intowningUid,booleanexported){
if(pid==MY_PID){
returnPackageManager.PERMISSION_GRANTED;
}
returnActivityManager.checkComponentPermission(permission,uid,
owningUid,exported);
}
/**@hide*/
publicstaticintcheckComponentPermission(Stringpermission,intuid,
intowningUid,booleanexported){
//Root,systemservergettodoeverything.
finalintappId=UserHandle.getAppId(uid);
if(appId==Process.ROOT_UID||appId==Process.SYSTEM_UID){
returnPackageManager.PERMISSION_GRANTED;
}
//Isolatedprocessesdon'tgetanypermissions.
if(UserHandle.isIsolated(uid)){
returnPackageManager.PERMISSION_DENIED;
}
//Ifthereisauidthatownswhateverisbeingaccessed,ithas
//blanketaccesstoitregardlessofthepermissionsitrequires.
if(owningUid>=0&&UserHandle.isSameApp(uid,owningUid)){
returnPackageManager.PERMISSION_GRANTED;
}
//Ifthetargetisnotexported,thennobodyelsecangettoit.
if(!exported){
/*
RuntimeExceptionhere=newRuntimeException("here");
here.fillInStackTrace();
Slog.w(TAG,"Permissiondenied:checkComponentPermission()owningUid="+owningUid,
here);
*/
returnPackageManager.PERMISSION_DENIED;
}
if(permission==null){
returnPackageManager.PERMISSION_GRANTED;
}
//通过PMS进行check
try{
returnAppGlobals.getPackageManager()
.checkUidPermission(permission,uid);
}catch(RemoteExceptione){
//Shouldneverhappen,butifitdoes...deny!
Slog.e(TAG,"PackageManagerisdead?!?",e);
}
returnPackageManager.PERMISSION_DENIED;
}
在AMS中的一系列调用中,最终的权限还是通过PMS的checkUidPermission来进行check的。
//PMS
@Override
publicintcheckUidPermission(StringpermName,intuid){
finalintuserId=UserHandle.getUserId(uid);
if(!sUserManager.exists(userId)){
returnPackageManager.PERMISSION_DENIED;
}
synchronized(mPackages){
Objectobj=mSettings.getUserIdLPr(UserHandle.getAppId(uid));
if(obj!=null){
finalSettingBaseps=(SettingBase)obj;
finalPermissionsStatepermissionsState=ps.getPermissionsState();
//通过PermissionsState来检查
if(permissionsState.hasPermission(permName,userId)){
returnPackageManager.PERMISSION_GRANTED;
}
//定位权限的检测特殊处理
//Specialcase:ACCESS_FINE_LOCATIONpermissionincludesACCESS_COARSE_LOCATION
if(Manifest.permission.ACCESS_COARSE_LOCATION.equals(permName)&&permissionsState
.hasPermission(Manifest.permission.ACCESS_FINE_LOCATION,userId)){
returnPackageManager.PERMISSION_GRANTED;
}
}else{
ArraySetperms=mSystemPermissions.get(uid);
if(perms!=null){
if(perms.contains(permName)){
returnPackageManager.PERMISSION_GRANTED;
}
if(Manifest.permission.ACCESS_COARSE_LOCATION.equals(permName)&&perms
.contains(Manifest.permission.ACCESS_FINE_LOCATION)){
returnPackageManager.PERMISSION_GRANTED;
}
}
}
}
returnPackageManager.PERMISSION_DENIED;
}
checkUidPermission首先根据userId从PMS的配置对象中取到SettingBase,然后取到用户对应的PermissionsState,再通过permissionsState的hasPermission判断是否有该权限。
//检测权限
publicbooleanhasPermission(Stringname,intuserId){
enforceValidUserId(userId);
if(mPermissions==null){
returnfalse;
}
//取到权限对应的PermissionData
PermissionDatapermissionData=mPermissions.get(name);
//通过isGranted来判断
returnpermissionData!=null&&permissionData.isGranted(userId);
}
从PermissionsState的权限列表中取到PermissionData,通过PermissionData的PermissionState对象的mGranted成员就知道权限是否分配了。
总结
在Android6.0之前的版本中,应用在安装的时候会将manifest中request的权限(即通过申请的权限)添加到Package对象的PackageSetting中,PMS为每个安装的app创建一个Package对象,这个是在安装过程中创建的,同时在安装过程中也会为每个app创建一个PackageSetting对象,并将其保存在Package对象的mExtra中,在PackageSetting内部保存了应用的签名信息和授予的权限列表,实际上PackageSetting本身就是继承自GrantedPermissions类,这个类从名字看就知道它负责已授权的permission。应用中授权的权限在安装完成后会将应用的信息(包括了权限,签名和应用的基本信息等)写入到pacakge.xml文件中,这样下次系统启动就可以通过读取该文件获取应用的授权信息。
在Aandroid6.0之后,google为了防止应用滥用权限对权限的授予进行了收缩,将危险的权限授予过程交给用户来决定,为了适应这样的变化,必须要将安装权限和运行时权限进行区分处理,安装权限保持原有的逻辑不变,对于动态权限的分配必然要对PackageSetting进行一个大手术,在Android6.0中PackageSetting不再继承自GrantedPermissions,而是继承自于SettingBase,它的内部也比以前复杂了一些,简单来说它内部维护了一个PermissionsState,它负责管理应用的权限,因此它内部存放着应用的授权的权限列表(实际上是一个ArrayMap),以及权限组对应的gids,此时的权限不再是仅仅是一个String,而是一个PermissionData,而PermissionData内部持有PermissionState即permission的状态,可以看到最终我们还是通过改变PermissionData的PermissionState来达到动态授权的目的。另外授予的动态权限最终会保存在runtime-permission.xml中。
到此这篇关于Android6.0动态权限机制深入讲解的文章就介绍到这了,更多相关Android6.0动态权限机制内容请搜索毛票票以前的文章或继续浏览下面的相关文章希望大家以后多多支持毛票票!