Android APP 默认赋予权限

Posted 这瓜保熟吗哼

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Android APP 默认赋予权限相关的知识,希望对你有一定的参考价值。

android APP 默认赋予权限

首先在/vendor/xxxx/中创建etc/文件夹

在etc/中创建Android.bpdefault-permissions-xxxx.xml文件

Android.bp文件写法:

prebuilt_etc {
    name: "default_permissions_whitelist_xxxx",
    product_specific: true,
    sub_dir: "default-permissions",
    src: "default-permissions-xxxx.xml",
    filename_from_src: true,
}

default-permissions-xxxx.xml文件写法:

<?xml version='1.0' encoding='utf-8' standalone='yes' ?>

<!--
  ~ Copyright (C) 2016 The Android Open Source Project
  ~
  ~ Licensed under the Apache License, Version 2.0 (the "License");
  ~ you may not use this file except in compliance with the License.
  ~ You may obtain a copy of the License at
  ~
  ~       http://www.apache.org/licenses/LICENSE-2.0
  ~
  ~ Unless required by applicable law or agreed to in writing, software
  ~ distributed under the License is distributed on an "AS IS" BASIS,
  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  ~ See the License for the specific language governing permissions and
  ~ limitations under the License
  -->

<!--
This XML file declares which signature|privileged permissions should be granted to privileged
applications that come with the platform
-->

<exceptions>
 
  <!-- exception package 为要授予权限的app包名 -->
  <!-- permission name 为要授予权限的app默认授予的权限 -->
  <!-- permission的fixed表示授权后是否可以被非系统组件修改权限 -->
  <exception package="com.xxxx.demo">
    <permission name="android.permission.INTERNET" fixed="false"/>
    <permission name="android.permission.WRITE_EXTERNAL_STORAGE" fixed="false"/>
    <permission name="android.permission.ACCESS_NETWORK_STATE" fixed="false"/>
    <permission name="android.permission.READ_EXTERNAL_STORAGE" fixed="false"/>
    <permission name="android.permission.RECORD_AUDIO" fixed="false"/>
    <permission name="android.permission.READ_PHONE_STATE" fixed="false"/>
    <permission name="android.permission.ACCESS_WIFI_STATE" fixed="false"/>
    <permission name="Manifest.permission.CAMERA" fixed="false"/>
    <permission name="Manifest.permission.READ_PHONE_STATE" fixed="false"/>
    <permission name="Manifest.permission.RECORD_AUDIO" fixed="false"/>
    <permission name="Manifest.permission.ACCESS_COARSE_LOCATION" fixed="false"/>
    <permission name="Manifest.permission.ACCESS_FINE_LOCATION" fixed="false"/>
    <permission name="android.permission.CHANGE_WIFI_STATE" fixed="false"/>
    <permission name="android.permission.CAMERA" fixed="false"/>
    <permission name="android.permission.FLASHLIGHT" fixed="false"/>
    <permission name="android.permission.VIBRATE" fixed="false"/>
    <permission name="android.permission.FOREGROUND_SERVICE" fixed="false"/>
    <permission name="android.permission.WAKE_LOCK" fixed="false"/>
    <permission name="android.permission.MODIFY_AUDIO_SETTINGS" fixed="false"/>
    <permission name="android.permission.BROADCAST_STICKY" fixed="false"/>
    <permission name="android.permission.MOUNT_UNMOUNT_FILESYSTEMS" fixed="false"/>
    <permission name="android.permission.RECEIVE_BOOT_COMPLETED" fixed="false"/>
    <permission name="android.permission.INTERACT_ACROSS_USERS" fixed="false"/>
    <permission name="android.permission.GET_TASKS" fixed="false"/>
    <permission name="android.permission.CHANGE_CONFIGURATION" fixed="false"/>
  </exception>
  <!-- 赋予app权限只需在后面添加对应的exception package和permission name即可 -->

</exceptions>

修改/device/rockchip/rk356x/device.mk

# add by mazhuang for By default, Grant app permissions 2021/08/30  
$(call inherit-product, vendor/xxxx/device.mk)

在/vendor/xxxx/device.mk中添加

# add by mazhuang for By default, Grant app permissions 2021/08/30 
PRODUCT_PACKAGES += \\
    default_permissions_whitelist_xxxx

default-permissions-xxxx.xml中添加的app和权限最终在/frameworks/base/services/core/java/com/android/server/pm/permission/DefaultPermissionGrantPolicy.java中的grantDefaultPermissionExceptions()方法中赋予权限。

private void grantDefaultPermissionExceptions(PackageManagerWrapper pm, int userId) {
        mHandler.removeMessages(MSG_READ_DEFAULT_PERMISSION_EXCEPTIONS);

        synchronized (mLock) {
            // mGrantExceptions is null only before the first read and then
            // it serves as a cache of the default grants that should be
            // performed for every user. If there is an entry then the app
            // is on the system image and supports runtime permissions.
            if (mGrantExceptions == null) {
                mGrantExceptions = readDefaultPermissionExceptionsLocked(pm);
            }
        }

        Set<String> permissions = null;
        final int exceptionCount = mGrantExceptions.size();
        for (int i = 0; i < exceptionCount; i++) {
            String packageName = mGrantExceptions.keyAt(i);
            PackageInfo pkg = pm.getSystemPackageInfo(packageName);
            List<DefaultPermissionGrant> permissionGrants = mGrantExceptions.valueAt(i);
            final int permissionGrantCount = permissionGrants.size();
            for (int j = 0; j < permissionGrantCount; j++) {
                DefaultPermissionGrant permissionGrant = permissionGrants.get(j);
                if (!pm.isPermissionDangerous(permissionGrant.name)) {
                    Log.w(TAG, "Ignoring permission " + permissionGrant.name
                            + " which isn't dangerous");
                    continue;
                }
                if (permissions == null) {
                    permissions = new ArraySet<>();
                } else {
                    permissions.clear();
                }
                permissions.add(permissionGrant.name);


                grantRuntimePermissions(pm, pkg, permissions, permissionGrant.fixed,
                        permissionGrant.whitelisted, true /*whitelistRestrictedPermissions*/,
                        userId);
            }
        }
    }

读取default-permissions-xxxx.xml的方法应该是readDefaultPermissionExceptionsLocked()

private @NonNull ArrayMap<String, List<DefaultPermissionGrant>>
            readDefaultPermissionExceptionsLocked(PackageManagerWrapper pm) {
        File[] files = getDefaultPermissionFiles();
        if (files == null) {
            return new ArrayMap<>(0);
        }

        ArrayMap<String, List<DefaultPermissionGrant>> grantExceptions = new ArrayMap<>();

        // Iterate over the files in the directory and scan .xml files
        for (File file : files) {
            if (!file.getPath().endsWith(".xml")) {
                Slog.i(TAG, "Non-xml file " + file
                        + " in " + file.getParent() + " directory, ignoring");
                continue;
            }
            if (!file.canRead()) {
                Slog.w(TAG, "Default permissions file " + file + " cannot be read");
                continue;
            }
            try (
                InputStream str = new BufferedInputStream(new FileInputStream(file))
            ) {
                XmlPullParser parser = Xml.newPullParser();
                parser.setInput(str, null);
                parse(pm, parser, grantExceptions);
            } catch (XmlPullParserException | IOException e) {
                Slog.w(TAG, "Error reading default permissions file " + file, e);
            }
        }

        return grantExceptions;
    }

最终调用到grantRuntimePermissions()方法对app赋予权限。

以上是关于Android APP 默认赋予权限的主要内容,如果未能解决你的问题,请参考以下文章

Android APP启动页面动态加载全部权限

如何为android中的APP设置默认权限值?

Expo Android App 默认不需要任何权限

ubuntu10.04在root账户下建立的文件夹,如何给默认的ubuntu帐户赋予读写权限

Android 6.0 Permission权限与安全机制

Android 逆向Linux 文件权限 ( Linux 权限简介 | 系统权限 | 用户权限 | 匿名用户权限 | 读 | 写 | 执行 | 更改组 | 更改用户 | 粘滞 )(代码片段