Android 10 默认授权app运行时权限(去掉运行时权限授权弹窗)

问题现象
Android 10 默认授权app运行时权限(去掉运行时权限授权弹窗)_第1张图片该窗口对应的包名如下

C:\Users\Android1>adb shell dumpsys window | findstr mCurrentFocus
  mCurrentFocus=Window{35a20c5 u0 com.android.permissioncontroller/com.android.packageinstaller.permission.ui.ReviewPermissionsActivity}

Android 6.0以后由于系统运行安全的考虑,既然在AndroidManifest.xml需要申请权限,对于一些特殊权限需要在app运行时申请权限,并且会在app每次运行的时候弹出没有授权的授权框来然用户授权,PermissionManagerService.java就是负责对系统权限管理的服务
下面对PermissionManagerService.java源码进行分析
1、在PermissionManagerService.java文件中updatePermissions()方法中,系统开机起来后就会会更新应用的权限,就会调用该方法updatePermissions()

private void updatePermissions(String changingPkgName, PackageParser.Package changingPkg,
            String replaceVolumeUuid, int flags, Collection<PackageParser.Package> allPackages,
            PermissionCallback callback) {
        // TODO: Most of the methods exposing BasePermission internals [source package name,
        // etc..] shouldn't be needed. Instead, when we've parsed a permission that doesn't
        // have package settings, we should make note of it elsewhere [map between
        // source package name and BasePermission] and cycle through that here. Then we
        // define a single method on BasePermission that takes a PackageSetting, changing
        // package name and a package.
        // NOTE: With this approach, we also don't need to tree trees differently than
        // normal permissions. Today, we need two separate loops because these BasePermission
        // objects are stored separately.
        // Make sure there are no dangling permission trees.
        flags = updatePermissionTrees(changingPkgName, changingPkg, flags);
		Slog.i("wangqi", "updatePermissions():  changingPkgName " + changingPkgName);
        // Make sure all dynamic permissions have been assigned to a package,
        // and make sure there are no dangling permissions.
        flags = updatePermissions(changingPkgName, changingPkg, flags, callback);

        synchronized (mLock) {
            if (mBackgroundPermissions == null) {
                // Cache background -> foreground permission mapping.
                // Only system declares background permissions, hence mapping does never change.
                mBackgroundPermissions = new ArrayMap<>();
                for (BasePermission bp : mSettings.getAllPermissionsLocked()) {
                    if (bp.perm != null && bp.perm.info != null
                            && bp.perm.info.backgroundPermission != null) {
                        String fgPerm = bp.name;
                        String bgPerm = bp.perm.info.backgroundPermission;

                        List<String> fgPerms = mBackgroundPermissions.get(bgPerm);
                        if (fgPerms == null) {
                            fgPerms = new ArrayList<>();
                            mBackgroundPermissions.put(bgPerm, fgPerms);
                        }

                        fgPerms.add(fgPerm);
                    }
                }
            }
        }

        Trace.traceBegin(TRACE_TAG_PACKAGE_MANAGER, "restorePermissionState");
        // Now update the permissions for all packages, in particular
        // replace the granted permissions of the system packages.
        if ((flags & UPDATE_PERMISSIONS_ALL) != 0) {
            for (PackageParser.Package pkg : allPackages) {
				
                if (pkg != changingPkg) {
                    // Only replace for packages on requested volume
                    final String volumeUuid = getVolumeUuidForPackage(pkg);
                    final boolean replace = ((flags & UPDATE_PERMISSIONS_REPLACE_ALL) != 0)
                            && Objects.equals(replaceVolumeUuid, volumeUuid);
                    restorePermissionState(pkg, replace, changingPkgName, callback);
                }
            }
        }
		
        if (changingPkg != null) {
            // Only replace for packages on requested volume
            final String volumeUuid = getVolumeUuidForPackage(changingPkg);
            final boolean replace = ((flags & UPDATE_PERMISSIONS_REPLACE_PKG) != 0)
                    && Objects.equals(replaceVolumeUuid, volumeUuid);
            restorePermissionState(changingPkg, replace, changingPkgName, callback);
        }
        Trace.traceEnd(TRACE_TAG_PACKAGE_MANAGER);
    }

2、在PermissionManagerService.java文件中updatePermissions()方法中会调用restorePermissionState()方法来开机默认给应用授权,
if ((flags & UPDATE_PERMISSIONS_ALL) != 0) {
            for (PackageParser.Package pkg : allPackages) {
				
                if (pkg != changingPkg) {
                    // Only replace for packages on requested volume
                    final String volumeUuid = getVolumeUuidForPackage(pkg);
                    final boolean replace = ((flags & UPDATE_PERMISSIONS_REPLACE_ALL) != 0)
                            && Objects.equals(replaceVolumeUuid, volumeUuid);
                    restorePermissionState(pkg, replace, changingPkgName, callback);
                }
            }

会根据 int grant = GRANT_INSTALL;
而GRANT_INSTALL就是在安装apk时已经给予了所有申请权限,所以运行时给与权限改为安装时给予权限就可以了。
解决方案如下:
在PermissionManagerService.java文件中restorePermissionState方法中将应用权限设置为安装权限

--- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
+++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
@@ -1153,7 +1153,8 @@ public class PermissionManagerService {
 if (bp.isNormal()) {
                    // For all apps normal permissions are install time ones.
                    grant = GRANT_INSTALL;
                } else if (bp.isRuntime()) {
                    if (origPermissions.hasInstallPermission(bp.getName())
                            || upgradedActivityRecognitionPermission != null) {
                        // Before Q we represented some runtime permissions as install permissions,
                        // in Q we cannot do this anymore. Hence upgrade them all.
                        grant = GRANT_UPGRADE;
                    } else {
                        // For modern apps keep runtime permissions unchanged.
+                        //grant = GRANT_RUNTIME;
+                         grant = GRANT_INSTALL;
                    }
                } else if (bp.isSignature()) {
                    // For all apps signature permissions are install time ones.
                         // Before Q we represented some runtime permissions as install permissions,
                         // in Q we cannot do this anymore. Hence upgrade them all.
-                        grant = GRANT_UPGRADE;
+                        grant = GRANT_INSTALL;
                     } else {
                         // For modern apps keep runtime permissions unchanged.
                         //grant = GRANT_RUNTIME;
@@ -1179,7 +1179,7 @@ public class PermissionManagerService {
                             // to the platform (note: need to only do this when
                             // updating the platform).
                             if (!isNewPlatformPermissionForPackage(perm, pkg)) {
-                                grant = GRANT_DENIED;
+                                grant = GRANT_INSTALL;
                             }
                         }
                     }

先对如下权限进行说明GRANT_DENIED 、GRANT_INSTALL 、GRANT_INSTALL_LEGACY 、GRANT_RUNTIME 、GRANT_UPGRADE
GRANT_DENIED =1 ,不授予权限
GRANT_INSTALL = 2; 授予权限作为安装权限
GRANT_INSTALL_LEGACY = 3;授予作为一个旧的应用程序的安装权限的权限
GRANT_RUNTIME = 4; 授予运行运行时的权限
GRANT_UPGRADE = 5; 授予作为运行时一个被授予的权限,作为一个安装时间

你可能感兴趣的:(Android系统开发,android,java)