Android 运行时权限 Runtime Permissions

运行时权限

6.0引入了一种新的权限模式，用户可直接在运行时管理应用权限。这种模式让用户能够更好地了解和控制权限，同时为应用开发者精简了安装和自动更新过程。用户可为所安装的各个应用分别授予或撤销权限。

对于以 Android 6.0（API 23）或更高版本为目标平台的应用，请务必在运行时检查和请求权限。要确定您的应用是否已被授予权限，请调用新增的 checkSelfPermission() 方法。要请求权限，请调用新增的 requestPermissions() 方法。即使您的应用并不以 Android 6.0（API 级别 23）为目标平台，您也应该在新权限模式下测试您的应用。

Developers>Android 6.0 变更

---

Normal Permissions:

• ACCESS_LOCATION_EXTRA_COMMANDS
• ACCESS_NETWORK_STATE
• ACCESS_NOTIFICATION_POLICY
• ACCESS_WIFI_STATE
• BLUETOOTH
• BLUETOOTH_ADMIN
• BROADCAST_STICKY
• CHANGE_NETWORK_STATE
• CHANGE_WIFI_MULTICAST_STATE
• CHANGE_WIFI_STATE
• DISABLE_KEYGUARD
• EXPAND_STATUS_BAR
• GET_PACKAGE_SIZE
• INSTALL_SHORTCUT
• INTERNET
• KILL_BACKGROUND_PROCESSES
• MODIFY_AUDIO_SETTINGS
• NFC
• READ_SYNC_SETTINGS
• READ_SYNC_STATS
• RECEIVE_BOOT_COMPLETED
• REORDER_TASKS
• REQUEST_INSTALL_PACKAGES
• SET_ALARM
• SET_TIME_ZONE
• SET_WALLPAPER
• SET_WALLPAPER_HINTS
• TRANSMIT_IR
• UNINSTALL_SHORTCUT
• USE_FINGERPRINT
• VIBRATE
• WAKE_LOCK
• WRITE_SYNC_SETTINGS

Dangerous Permissions

shell@zenltevzw:/ $ pm list permissions -d -g
Dangerous Permissions:

group:android.permission-group.LGT_CONTENT

group:com.sec.enterprise.permission-group.mdm

group:com.google.android.gms.permission.CAR_INFORMATION
  permission:com.google.android.gms.permission.CAR_VENDOR_EXTENSION
  permission:com.google.android.gms.permission.CAR_MILEAGE
  permission:com.google.android.gms.permission.CAR_FUEL

group:android.permission-group.CONTACTS
  permission:android.permission.WRITE_CONTACTS
  permission:android.permission.GET_ACCOUNTS
  permission:android.permission.READ_CONTACTS

group:android.permission-group.MESSAGES
  permission:com.google.android.providers.talk.permission.WRITE_ONLY
  permission:com.google.android.gm.permission.READ_CONTENT_PROVIDER
  permission:com.google.android.providers.talk.permission.READ_ONLY

group:android.permission-group.PHONE
  permission:android.permission.READ_CALL_LOG
  permission:android.permission.READ_PHONE_STATE
  permission:android.permission.CALL_PHONE
  permission:android.permission.WRITE_CALL_LOG
  permission:android.permission.USE_SIP
  permission:android.permission.PROCESS_OUTGOING_CALLS
  permission:com.android.voicemail.permission.ADD_VOICEMAIL

group:com.sec.permission-group.SECURITY

group:android.permission-group.CALENDAR
  permission:android.permission.READ_CALENDAR
  permission:android.permission.WRITE_CALENDAR

group:android.permission-group.CAMERA
  permission:com.sec.android.app.camera.permission.SHOOTING_MODE
  permission:android.permission.CAMERA

group:com.sec.orca.remoteshare.permission-group.RSHARE

group:com.samsung.android.app.memo.permission

group:android.permission-group.SENSORS
  permission:android.permission.BODY_SENSORS

group:android.permission-group.LOCATION
  permission:android.permission.ACCESS_FINE_LOCATION
  permission:com.google.android.gms.permission.CAR_SPEED
  permission:android.permission.ACCESS_COARSE_LOCATION

group:android.permission-group.STORAGE
  permission:android.permission.READ_EXTERNAL_STORAGE
  permission:android.permission.WRITE_EXTERNAL_STORAGE

group:android.permission-group.MICROPHONE
  permission:android.permission.RECORD_AUDIO

group:com.samsung.permission-group.SKT

group:android.permission-group.SMS
  permission:android.permission.READ_SMS
  permission:android.permission.RECEIVE_WAP_PUSH
  permission:android.permission.RECEIVE_MMS
  permission:android.permission.RECEIVE_SMS
  permission:android.permission.SEND_SMS
  permission:android.permission.READ_CELL_BROADCASTS

group:com.sec.android.app.sysscope.permission-group.SYSTEM_DIAGNOSIS

ungrouped:
  permission:com.google.android.apps.photos.permission.GOOGLE_PHOTOS_PROVIDER
  permission:com.sec.smartcard.permission.SMARTCARD_ADAPTER
  permission:com.samsung.android.memo.EXTRA_READ
  permission:com.samsung.android.memo.EXTRA_WRITE
shell@zenltevzw:/ $

注意：Dangerous Permission的运行时授权是以group为单位的

---

检查权限

android.content.Context.checkSelfPermission()

返回值：

android.content.pm.PackageManager.PERMISSION_DENIED = -1
android.content.pm.PackageManager.PERMISSION_GRANTED = 0

申请权限

void requestPermissions (String[] permissions, 
                int requestCode)

当申请多组权限时，会逐一弹窗确认。

requestCode用于回调：

Application specific request code to match with a result reported to onRequestPermissionsResult(int, String[], int[]). Should be >= 0

@Override
public void onRequestPermissionsResult(int requestCode,
        String permissions[], int[] grantResults) {
    switch (requestCode) {
        case MY_PERMISSIONS_REQUEST_READ_CONTACTS: {
            // If request is cancelled, the result arrays are empty.
            if (grantResults.length > 0
                && grantResults[0] == PackageManager.PERMISSION_GRANTED) {

                // permission was granted, yay! Do the
                // contacts-related task you need to do.

            } else {

                // permission denied, boo! Disable the
                // functionality that depends on this permission.
            }
            return;
        }
    }
}

解释

 boolean shouldShowRequestPermissionRationale (String permission)

申请权限的解释，该方法只有在用户在上次拒绝过你的这个权限申请。再次弹出申请权限的对话框，告诉用户该权限是应用必要的，并且不会危害之类的解释。

// Should we show an explanation?
if (ActivityCompat.shouldShowRequestPermissionRationale(thisActivity,
        Manifest.permission.READ_CONTACTS)) 
    // Show an expanation to the user *asynchronously* -- don't block
    // this thread waiting for the user's response! After the user
    // sees the explanation, try again to request the permission.

}