permission :protectionLevel 默认权限
data/system/users/0/runtime-permissions.xml
android/frameworks/base/core/res/AndroidManifest.xml
android:protectionLevel="dangerous"
dangerous : 代表只能由用户手动授予其权限
android/frameworks/base/services/core/java/com/android/server/pm/Settings.java:168: private static final String RUNTIME_PERMISSIONS_FILE_NAME = "runtime-permissions.xml";
writePermissionsSync(){
}
public void readStateForUserSyncLPr(int userId) {
}
public void deleteUserRuntimePermissionsFile(int userId) {
getUserRuntimePermissionsFile(userId).delete();
}
/data/system/users/0/
app_idle_stats.xml registered_services settings_secure.xml
appwidgets.xml runtime-permissions.xml settings_system.xml
package-restrictions.xml settings_global.xml wallpaper_info.xml
Activity.java
public final void requestPermissions(@NonNull String[] permissions, int requestCode)
PackageManager.java
Intent intent = new Intent(ACTION_REQUEST_PERMISSIONS)
android:configChanges="orientation|keyboardHidden|screenSize"
android:excludeFromRecents="true"
android:theme="@style/GrantPermissions">
com.google.android.packageinstaller/com.android.packageinstaller.permission.ui.GrantPermissionsActivity
com.android.packageinstaller/com.android.packageinstaller.permission.ui.GrantPermissionsActivity
PackageManagerService.java
public void systemReady() {
// If we upgraded grant all default permissions before kicking off.
for (int userId : grantPermissionsUserIds) {
mDefaultPermissionPolicy.grantDefaultPermissions(userId);
}
}
DefaultPermissionGrantPolicy.java
public void grantDefaultPermissions(int userId) {
grantPermissionsToSysComponentsAndPrivApps(userId);
grantDefaultSystemHandlerPermissions(userId);
grantDefaultPermissionExceptions(userId);
}
grantDefaultSystemHandlerPermissions()
grantRuntimePermissionsLPw(){
mService.grantRuntimePermission(pkg.packageName, permission, userId);
mService.updatePermissionFlags(permission, pkg.packageName,newFlags, newFlags, userId);
}
PackageManagerService.java
grantRuntimePermission()
updatePermissionFlags(){
// Install and runtime permissions are stored in different places,
// so figure out what permission changed and persist the change.
if (permissionsState.getInstallPermissionState(name) != null) {
scheduleWriteSettingsLocked();
} else if (permissionsState.getRuntimePermissionState(name, userId) != null
|| hadState) {
mSettings.writeRuntimePermissionsForUserLPr(userId, false);
}
}
android/frameworks/base/services/core/java/com/android/server/pm/Settings.java
// /data/system/users/0/runtime-permissions.xml
//动态的 android:protectionLevel="dangerous"
public void writeRuntimePermissionsForUserLPr(int userId, boolean sync) {
if (sync) {
mRuntimePermissionsPersistence.writePermissionsForUserSyncLPr(userId);
} else {
mRuntimePermissionsPersistence.writePermissionsForUserAsyncLPr(userId);
}
}
// /data/system/packages.xml
//静态的 android:protectionLevel="normal"
void writeLPr() {
}
----------------------------------------
DefaultPermissionGrantPolicy.java
// 根据intent 查找特定的 packages(应用)
PackageParser.Package = getDefaultSystemHandlerActivityPackageLPr(Intent, userId)
getDefaultProviderAuthorityPackageLPr()
getHeadlessSyncAdapterPackagesLPr()
getDefaultSystemHandlerServicePackageLPr()
// 从activity 申请单个package的权限
grantRuntimePermission(String packageName, String name, final int userId) {}
/**
* Parser for package files (APKs) on disk. This supports apps packaged either
* as a single "monolithic" APK, or apps packaged as a "cluster" of multiple
* APKs in a single directory.
*
* Apps packaged as multiple APKs always consist of a single "base" APK (with a
* {@code null} split name) and zero or more "split" APKs (with unique split
* names). Any subset of those split APKs are a valid install, as long as the
* following constraints are met:
*
- All APKs must have the exact same package name, version code, and signing
* certificates.
* - All APKs must have unique split names.
* - All installations must contain a single base APK.
*
*
*
* @hide
*/
public class PackageParser {}
/**
* This class encapsulates the permissions for a package or a shared user.
*
* There are two types of permissions: install (granted at installation)
* and runtime (granted at runtime). Install permissions are granted to
* all device users while runtime permissions are granted explicitly to
* specific users.
*
*
* The permissions are kept on a per device user basis. For example, an
* application may have some runtime permissions granted under the device
* owner but not granted under the secondary user.
*
* This class is also responsible for keeping track of the Linux gids per
* user for a package or a shared user. The gids are computed as a set of
* the gids for all granted permissions' gids on a per user basis.
*
*/
public final class PermissionsState {}
/**
* Settings data for a particular package we know about.
*/
final class PackageSetting extends PackageSettingBase {}
02-20 08:52:29.423 4509 4509 I DefaultPermGrantPolicy: Granting permissions to platform components for user 0
02-20 08:52:29.741 4509 4509 I DefaultPermGrantPolicy: Granting permissions to default platform handlers for user 0
02-20 08:52:30.617 4509 4509 D DefaultPermGrantPolicy: salesTrackerPckg=:com.xxx.salestracker,service=[Service{ebf1f2e com.xxx.salestracker/.SalesTrackerService}]
02-20 08:52:35.906 4509 4509 I DefaultPermGrantPolicy: Granting permissions to default dialer app for user:0
02-20 08:52:41.197 4509 4509 I DefaultPermGrantPolicy: Granting permissions to default sms app for user:0
更多相关文章
- Android(安卓)7.0 FileUriExposedException 的处理
- [Android(安卓)基础] -- ueventd.rc 处理硬件设备权限和 android
- 获取Android(安卓)IP信息
- android拨打电话崩溃6.0以上实时动态权限申请
- Android(安卓)8.0 悬浮窗变动与用法
- 总结一下关于 Android(安卓)10 的适配(备注:只是自己项目中有关联
- Android(安卓)- adb shell Permission denied
- Android(安卓)VNC Server
- Android第十二课 jni函数的静态绑定