【CTA认证】Android8实现android6以下的应用运行时也要申请权限

需求

CTA入网认证，要求低版本比如Android6以下的应用，运行时，也需要有运行时权限(Runtime Permission)功能，不能默认就取到权限，必须人工在设置中打开才可。

环境

Android 8

实现

frameworks
修改思路是所有APP都统一处理，支持运行时权限，
把所有版本相关的判断去掉，检测是否支持运行时权限的判断去掉。

diff --git a/base/services/core/java/com/android/server/pm/PackageInstallerService.java b/base/services/core/java/com/android/server/pm/PackageInstallerService.java
index 1fa37b91..3a3433c9 100644
--- a/base/services/core/java/com/android/server/pm/PackageInstallerService.java
+++ b/base/services/core/java/com/android/server/pm/PackageInstallerService.java
@@ -436,6 +436,7 @@ public class PackageInstallerService extends IPackageInstaller.Stub {
             params.installFlags |= PackageManager.INSTALL_FROM_ADB;
 
         } else {
+            mAppOps = mContext.getSystemService(AppOpsManager.class);
             mAppOps.checkPackage(callingUid, installerPackageName);
 
             params.installFlags &= ~PackageManager.INSTALL_FROM_ADB;
@@ -705,6 +706,7 @@ public class PackageInstallerService extends IPackageInstaller.Stub {
     @Override
     public ParceledListSlice<SessionInfo> getMySessions(String installerPackageName, int userId) {
         mPm.enforceCrossUserPermission(Binder.getCallingUid(), userId, true, false, "getMySessions");
+        mAppOps = mContext.getSystemService(AppOpsManager.class);
         mAppOps.checkPackage(Binder.getCallingUid(), installerPackageName);
 
         final List<SessionInfo> result = new ArrayList<>();
diff --git a/base/services/core/java/com/android/server/pm/PackageManagerService.java b/base/services/core/java/com/android/server/pm/PackageManagerService.java
index aa43008b..5f0f66a4 100644
--- a/base/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/base/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -2279,8 +2279,9 @@ public class PackageManagerService extends PackageManagerServiceExAbs
         final int immutableFlags = PackageManager.FLAG_PERMISSION_SYSTEM_FIXED
                 | PackageManager.FLAG_PERMISSION_POLICY_FIXED;
 
-        final boolean supportsRuntimePermissions = pkg.applicationInfo.targetSdkVersion
-                >= Build.VERSION_CODES.M;
+        //final boolean supportsRuntimePermissions = pkg.applicationInfo.targetSdkVersion
+                //>= Build.VERSION_CODES.M;
+        final boolean supportsRuntimePermissions = false;
 
         final boolean instantApp = isInstantApp(pkg.packageName, userId);
 
@@ -5884,7 +5885,6 @@ public class PackageManagerService extends PackageManagerServiceExAbs
             // to keep the review required permission flag per user while an
             // install permission's state is shared across all users.
             if (mPermissionReviewRequired
-                    && pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M
                     && bp.isRuntime()) {
                 return;
             }
@@ -5918,10 +5918,10 @@ public class PackageManagerService extends PackageManagerServiceExAbs
                         + name + " for package " + packageName);
             }
 
-            if (pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M) {
-                Slog.w(TAG, "Cannot grant runtime permission to a legacy app");
-                return;
-            }
+            //if (pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M) {
+                //Slog.w(TAG, "Cannot grant runtime permission to a legacy app");
+                //return;
+            //}
 
             final int result = permissionsState.grantRuntimePermission(bp, userId);
             switch (result) {
@@ -6021,7 +6021,7 @@ public class PackageManagerService extends PackageManagerServiceExAbs
             // to keep the review required permission flag per user while an
             // install permission's state is shared across all users.
             if (mPermissionReviewRequired
-                    && pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M
+                    //&& pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M
                     && bp.isRuntime()) {
                 return;
             }
@@ -13615,8 +13615,7 @@ public class PackageManagerService extends PackageManagerServiceExAbs
         for (int i=0; i<N; i++) {
             final String name = pkg.requestedPermissions.get(i);
             final BasePermission bp = mSettings.mPermissions.get(name);
-            final boolean appSupportsRuntimePermissions = pkg.applicationInfo.targetSdkVersion
-                    >= Build.VERSION_CODES.M;
+            final boolean appSupportsRuntimePermissions = false;
 
             if (DEBUG_INSTALL) {
                 Log.i(TAG, "Package " + pkg.packageName + " checking " + name + ": " + bp);
@@ -13676,10 +13675,7 @@ public class PackageManagerService extends PackageManagerServiceExAbs
                     // their permissions as always granted runtime ones since we need
                     // to keep the review required permission flag per user while an
                     // install permission's state is shared across all users.
-                    if (!appSupportsRuntimePermissions && !mPermissionReviewRequired) {
-                        // For legacy apps dangerous permissions are install time ones.
-                        grant = GRANT_INSTALL;
-                    } else if (origPermissions.hasInstallPermission(bp.name)) {
+                    if (origPermissions.hasInstallPermission(bp.name)) {
                         // For legacy apps that became modern, install becomes runtime.
                         grant = GRANT_UPGRADE;
                     } else if (mPromoteSystemApps
@@ -14023,14 +14019,6 @@ public class PackageManagerService extends PackageManagerServiceExAbs
             }
         }
         if (!allowed) {
-            if (!allowed && (bp.protectionLevel
-                    & PermissionInfo.PROTECTION_FLAG_PRE23) != 0
-                    && pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M) {
-                // If this was a previously normal/dangerous permission that got moved
-                // to a system permission as part of the runtime permission redesign, then
-                // we still want to blindly grant it to old apps.
-                allowed = true;
-            }
             if (!allowed && (bp.protectionLevel & PermissionInfo.PROTECTION_FLAG_INSTALLER) != 0
                     && pkg.packageName.equals(mRequiredInstallerPackage)) {
                 // If this permission is to be granted to the system installer and
@@ -21325,8 +21313,7 @@ public class PackageManagerService extends PackageManagerServiceExAbs
             // If permission review is enabled and this is a legacy app, mark the
             // permission as requiring a review as this is the initial state.
             int flags = 0;
-            if (mPermissionReviewRequired
-                    && ps.pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M) {
+            if (mPermissionReviewRequired) {
                 flags |= FLAG_PERMISSION_REVIEW_REQUIRED;
             }
             if (permissionsState.updatePermissionFlags(bp, userId, userSettableMask, flags)) {
@@ -26124,9 +26111,9 @@ Slog.v(TAG, ":: stepped forward, applying functor at tag " + parser.getName());
                 }
 
                 // Permission review applies only to apps not supporting the new permission model.
-                if (packageSetting.pkg.applicationInfo.targetSdkVersion >= Build.VERSION_CODES.M) {
-                    return false;
-                }
+                //if (packageSetting.pkg.applicationInfo.targetSdkVersion >= Build.VERSION_CODES.M) {
+                    //return false;
+                //}
 
                 // Legacy apps have the permission and get user consent on launch.
                 PermissionsState permissionsState = packageSetting.getPermissionsState();

作者：帅得不敢出门 原创文章谢绝转载