Android M之前,权限都是在安装时授予的,虽然在4.3时,Google就试图在源码里面引入AppOpsManager来达到动态控制权限的目的,但由于不太成熟,在Release版本并没有释放这个功能。在6.0之后,Google为了简化安装流程且方便用户控制权限,正式引入了runtime-permission,允许用户在运行的时候动态控制权限。对于开发而言就是将targetSdkVersion设置为23,并且在相应的时机动态申请权限,在适配了Android6.0的App运行在Android 6.0+的手机上时,就会调用6.0相关的API,不过在低版本的手机上,仍然是按安装时权限处理。
1. 适配Android运行时权限
适配Android Runtime Permission,常见的步骤如下:
1.1 在AndroidManifest文件中添加需要的权限。
这个步骤和我们之前的开发并没有什么变化,试图去申请一个没有声明的权限可能会导致程序崩溃。
1.2 检查权限
if (ContextCompat.checkSelfPermission(this, Manifest.permission.READ_CONTACTS)
!= PackageManager.PERMISSION_GRANTED) {
//申请权限
}
这里涉及到一个API,ContextCompat.checkSelfPermission,主要用于检测某个权限是否已经被授予,方法返回值为PackageManager.PERMISSION_DENIED或者PackageManager.PERMISSION_GRANTED。当返回DENIED就需要进行申请授权了。
1.3 申请授权
ActivityCompat.requestPermissions(thisActivity,
new String[]{Manifest.permission.READ_CONTACTS}, PERMISSIONS_REQUEST_CODE);
该方法是异步的,第一个参数是Context;第二个参数是需要申请的权限的字符串数组;第三个参数为requestCode,主要用于回调的时候检测。可以从方法名requestPermissions以及第二个参数看出,是支持一次性申请多个权限的,系统会通过对话框逐一询问用户是否授权。
1.4处理权限申请回调
@Override
public void onRequestPermissionsResult(int requestCode, String permissions[], int[] grantResults) {
switch (requestCode) {
case PERMISSIONS_REQUEST_CODE: {
if (grantResults.length > 0 && grantResults[0] == PackageManager.PERMISSION_GRANTED) {
//权限申请成功
} else {
//权限申请失败
}
return;
}
}
}
该方法在权限申请之后会回调,首先验证requestCode,然后验证grantResults对应于申请的结果,这里的数组对应于申请时的第二个权限字符串数组。如果你同时申请两个权限,那么grantResults的length就为2,分别记录你两个权限的申请结果。
以上的步骤对于我们Android开发者来说都很熟悉,但是很少有人研究Android鉴权的底层逻辑,今天我们就从上述调用的api入手,来研究Android权限的调用流程。
2. 检查权限流程
检查权限通过系统api ActivityCompat.requestPermissions()进行,其底层通过上下文对象ContextImpl调用PermissionManager.checkPermission()方法。
frameworks/base/core/java/android/app/ContextImpl.java
@Override
public int checkPermission(String permission, int pid, int uid) {
if (permission == null) {
throw new IllegalArgumentException("permission is null");
}
return PermissionManager.checkPermission(permission, pid, uid);
}
PermissionManager 中 checkPermission()采用缓存机制,将最近检查的权限缓存起来,缓存中没有的权限,调用checkPermissionUncached()方法从底层服务中继续查询。
正常情况下,会拿到AMS的binder对象,调用AMS checkPermission()方法。
frameworks/base/core/java/android/permission/PermissionManager.java
/* @hide */
private static int checkPermissionUncached(@Nullable String permission, int pid, int uid) {
final IActivityManager am = ActivityManager.getService();
......
try {
return am.checkPermission(permission, pid, uid);
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
}
}
checkPermission()方法是权限检查的唯一公共入口点,在这里会将空权限字符串过滤掉。
frameworks/base/services/core/java/com/android/server/am/ActivityManagerService.java
@Override
public int checkPermission(String permission, int pid, int uid) {
if (permission == null) {
return PackageManager.PERMISSION_DENIED;
}
return checkComponentPermission(permission, pid, uid, -1, true);
}
继续执行checkComponentPermission()方法,这里会判断是否进程已经被拒绝访问该权限,如果是就直接返回PERMISSION_GRANTED。如果不是,就继续执行ActivityManager.checkComponentPermission()方法。
public static int checkComponentPermission(String permission, int pid, int uid,
int owningUid, boolean exported) {
if (pid == MY_PID) {
return PackageManager.PERMISSION_GRANTED;
}
// If there is an explicit permission being checked, and this is coming from a process
// that has been denied access to that permission, then just deny. Ultimately this may
// not be quite right -- it means that even if the caller would have access for another
// reason (such as being the owner of the component it is trying to access), it would still
// fail. This also means the system and root uids would be able to deny themselves
// access to permissions, which... well okay. ¯\_(ツ)_/¯
if (permission != null) {
synchronized (sActiveProcessInfoSelfLocked) {
ProcessInfo procInfo = sActiveProcessInfoSelfLocked.get(pid);
if (procInfo != null && procInfo.deniedPermissions != null
&& procInfo.deniedPermissions.contains(permission)) {
return PackageManager.PERMISSION_DENIED;
}
}
}
return ActivityManager.checkComponentPermission(permission, uid,
owningUid, exported);
}
这里有执行到了ActivityManager的checkComponentPermission()方法,在进行一些特殊进程的判断之后,最终调用到了PMS的checkUidPermission()方法。
frameworks/base/core/java/android/app/ActivityManager.java
/** @hide */
@UnsupportedAppUsage
public static int checkComponentPermission(String permission, int uid,
int owningUid, boolean exported) {
// Root, system server get to do everything.
final int appId = UserHandle.getAppId(uid);
if (appId == Process.ROOT_UID || appId == Process.SYSTEM_UID) {
return PackageManager.PERMISSION_GRANTED;
}
// Isolated processes don't get any permissions.
if (UserHandle.isIsolated(uid)) {
return PackageManager.PERMISSION_DENIED;
}
// If there is a uid that owns whatever is being accessed, it has
// blanket access to it regardless of the permissions it requires.
if (owningUid >= 0 && UserHandle.isSameApp(uid, owningUid)) {
return PackageManager.PERMISSION_GRANTED;
}
// If the target is not exported, then nobody else can get to it.
if (!exported) {
/*
RuntimeException here = new RuntimeException("here");
here.fillInStackTrace();
Slog.w(TAG, "Permission denied: checkComponentPermission() owningUid=" + owningUid,
here);
*/
return PackageManager.PERMISSION_DENIED;
}
if (permission == null) {
return PackageManager.PERMISSION_GRANTED;
}
try {
return AppGlobals.getPackageManager()
.checkUidPermission(permission, uid);
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
}
}
和其它服务一样,PackageManagerService 由于自身功能太多,将功能细分为不同的模块调用对用的工具类,权限相关的功能就由PermissionManagerService来处理。
frameworks/base/services/core/java/com/android/server/pm/PackageManagerService.java
// NOTE: Can't remove without a major refactor. Keep around for now.
@Override
public int checkUidPermission(String permName, int uid) {
/// M: CTA requirement - permission control @{
CtaManagerFactory.getInstance().makeCtaManager().reportPermRequestUsage(permName, uid);
//@}
try {
// Because this is accessed via the package manager service AIDL,
// go through the permission manager service AIDL
return mPermissionManagerService.checkUidPermission(permName, uid);
} catch (RemoteException ignore) { }
return PackageManager.PERMISSION_DENIED;
}
继续来看PermissionManagerService,这里首先调用到了checkUidPermission()方法,进行一些异常情况的处理,比如permission name为空,userId不存在。然后判断checkPermissionDelegate 是否为空,正常情况下这里checkPermissionDelegate 是 空,其赋值是在AMS中的。所以会继续流转到checkUidPermissionImpl()方法。
frameworks/base/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
@Override
public int checkUidPermission(String permName, int uid) {
// Not using Objects.requireNonNull() here for compatibility reasons.
if (permName == null) {
return PackageManager.PERMISSION_DENIED;
}
final int userId = UserHandle.getUserId(uid);
if (!mUserManagerInt.exists(userId)) {
return PackageManager.PERMISSION_DENIED;
}
final CheckPermissionDelegate checkPermissionDelegate;
synchronized (mLock) {
checkPermissionDelegate = mCheckPermissionDelegate;
}
if (checkPermissionDelegate == null) {
return checkUidPermissionImpl(permName, uid);
}
return checkPermissionDelegate.checkUidPermission(permName, uid,
this::checkUidPermissionImpl);
}
可以看到,checkUidPermissionImpl()方法通过uid获取了进程对应的包信息AndroidPackage,再将其传入checkUidPermissionInternal()方法。
private int checkUidPermissionImpl(String permName, int uid) {
final AndroidPackage pkg = mPackageManagerInt.getPackage(uid);
return checkUidPermissionInternal(pkg, uid, permName);
}
继续看checkUidPermissionInternalf()方法,AndroidPackage 不为空的情况下,会继续调用checkPermissionInternal()方法。
/**
* Checks whether or not the given package has been granted the specified
* permission. If the given package is {@code null}, we instead check the
* system permissions for the given UID.
*
* @see SystemConfig#getSystemPermissions()
*/
private int checkUidPermissionInternal(@Nullable AndroidPackage pkg, int uid,
@NonNull String permissionName) {
if (pkg != null) {
final int userId = UserHandle.getUserId(uid);
return checkPermissionInternal(pkg, false, permissionName, userId);
}
......
return PackageManager.PERMISSION_DENIED;
}
checkPermissionInternal()方法获取AndroidPackage的PackageName,将其传入mPackageManagerInt.getPackageSetting()方法获取PackageSetting实例(PackageSetting类存储了应用的各中信息),再获取PackageSetting的PermissionsState实例(PermissionsState是PackageSetting的属性,存储应用的权限信息),再继续调用checkSinglePermissionInternal()继续判断。
private int checkPermissionInternal(@NonNull AndroidPackage pkg, boolean isPackageExplicit,
@NonNull String permissionName, @UserIdInt int userId) {
final int callingUid = getCallingUid();
......
final int uid = UserHandle.getUid(userId, pkg.getUid());
final PackageSetting ps = (PackageSetting) mPackageManagerInt.getPackageSetting(
pkg.getPackageName());
if (ps == null) {
return PackageManager.PERMISSION_DENIED;
}
final PermissionsState permissionsState = ps.getPermissionsState();
if (checkSinglePermissionInternal(uid, permissionsState, permissionName)) {
return PackageManager.PERMISSION_GRANTED;
}
.......
return PackageManager.PERMISSION_DENIED;
}
checkSinglePermissionInternal()很简单,调用PermissionsState.hasPermission()方法进行判断。
private boolean checkSinglePermissionInternal(int uid,
@NonNull PermissionsState permissionsState, @NonNull String permissionName) {
if (!permissionsState.hasPermission(permissionName, UserHandle.getUserId(uid))) {
return false;
}
......
return true;
}
PermissionsState中维护了一个ArrayMap mPermissions,mPermissions存储了应用的权限数据PermissionData,通过调用permissionData.isGranted()来最终判断是否具有该项权限。
frameworks/base/services/core/java/com/android/server/pm/permission/PermissionsState.java
/**
* Gets whether the state has a given permission for the specified
* user, regardless if this is an install or a runtime permission.
*
* @param name The permission name.
* @param userId The device user id.
* @return Whether the user has the permission.
*/
public boolean hasPermission(String name, int userId) {
enforceValidUserId(userId);
synchronized (mLock) {
if (mPermissions == null) {
return false;
}
PermissionData permissionData = mPermissions.get(name);
return permissionData != null && permissionData.isGranted(userId);
}
}
以上,就是运行时权限的检查流程。
3. 申请权限流程
申请权限调用 Activity.requestPermissions(thisActivity,new String[]{Manifest.permission.READ_CONTACTS}, PERMISSIONS_REQUEST_CODE)接口,requestPermissions方法构造一个intent,intent指向android.content.pm.action.REQUEST_PERMISSIONS,启动权限管理器PermissionController。
frameworks/base/core/java/android/app/Activity.java
public final void requestPermissions(@NonNull String[] permissions, int requestCode) {
if (requestCode < 0) {
throw new IllegalArgumentException("requestCode should be >= 0");
}
if (mHasCurrentPermissionsRequest) {
Log.w(TAG, "Can request only one set of permissions at a time");
// Dispatch the callback with empty arrays which means a cancellation.
onRequestPermissionsResult(requestCode, new String[0], new int[0]);
return;
}
Intent intent = getPackageManager().buildRequestPermissionsIntent(permissions);
startActivityForResult(REQUEST_PERMISSIONS_WHO_PREFIX, intent, requestCode, null);
mHasCurrentPermissionsRequest = true;
}
权限管理器用于权限申请的界面为GrantPermissionsActivity.java,我们省略UI上的流程,直接来到权限申请完成的逻辑,用户点击权限弹框上的选项之后,会回调onPermissionGrantResult()方法,对权限申请进行处理。我们看到。这里有6中状态:
- CANCELED:取消权限申请
- GRANTED_ALWAYS :任何时候都允许
- GRANTED_FOREGROUND_ONLY :仅在使用该应用时允许
- GRANTED_ONE_TIME:仅限这一次
- DENIED:拒绝
- DENIED_DO_NOT_ASK_AGAIN:拒绝并不再询问
除CANCELED没有实际操作之外,其它的选项都会调用onPermissionGrantResultSingleState这个方法,不同的是每种状态传递的参数不同。
参数意义:
对于权限组,这里有两种foregroundGroupState 和 backgroundGroupState ,foregroundGroupState 代表只在允许前台访问的权限组,backgroundGroupState 代表允许后台访问的权限组。
- groupState: 权限组的状态,包括foregroundGroupState 和 backgroundGroupState
- granted:是否允许权限
- isOneTime: 是否只允许一次权限
- doNotAskAgain: 如果权限被拒绝,是否应该再次申请
以GRANTED_FOREGROUND_ONLY 为例,它仅允许应用在使用期间访问权限,所以foregroundGroupState granted传值为true,backgroundGroupState granted传值为false。
onPermissionGrantResultSingleState(foregroundGroupState, true, false, false);
onPermissionGrantResultSingleState(backgroundGroupState, false, false, false);
packages/apps/PermissionController/src/com/android/permissioncontroller/permission/ui/GrantPermissionsActivity.java
@Override
public void onPermissionGrantResult(String name,
@GrantPermissionsViewHandler.Result int result) {
GroupState foregroundGroupState = getForegroundGroupState(name);
GroupState backgroundGroupState = getBackgroundGroupState(name);
......
switch (result) {
case CANCELED:
if (foregroundGroupState != null) {
reportRequestResult(foregroundGroupState.affectedPermissions,
PERMISSION_GRANT_REQUEST_RESULT_REPORTED__RESULT__USER_IGNORED);
}
if (backgroundGroupState != null) {
reportRequestResult(backgroundGroupState.affectedPermissions,
PERMISSION_GRANT_REQUEST_RESULT_REPORTED__RESULT__USER_IGNORED);
}
setResultAndFinish();
return;
case GRANTED_ALWAYS :
if (foregroundGroupState != null) {
onPermissionGrantResultSingleState(foregroundGroupState, true, false, false);
}
if (backgroundGroupState != null) {
onPermissionGrantResultSingleState(backgroundGroupState, true, false, false);
}
break;
case GRANTED_FOREGROUND_ONLY :
if (foregroundGroupState != null) {
onPermissionGrantResultSingleState(foregroundGroupState, true, false, false);
}
if (backgroundGroupState != null) {
onPermissionGrantResultSingleState(backgroundGroupState, false, false, false);
}
break;
case GRANTED_ONE_TIME:
if (foregroundGroupState != null) {
onPermissionGrantResultSingleState(foregroundGroupState, true, true, false);
}
if (backgroundGroupState != null) {
onPermissionGrantResultSingleState(backgroundGroupState, false, true, false);
}
break;
case DENIED :
if (foregroundGroupState != null) {
onPermissionGrantResultSingleState(foregroundGroupState, false, false, false);
}
if (backgroundGroupState != null) {
onPermissionGrantResultSingleState(backgroundGroupState, false, false, false);
}
break;
case DENIED_DO_NOT_ASK_AGAIN :
if (foregroundGroupState != null) {
onPermissionGrantResultSingleState(foregroundGroupState, false, false, true);
}
if (backgroundGroupState != null) {
onPermissionGrantResultSingleState(backgroundGroupState, false, false, true);
}
break;
}
if (!showNextPermissionGroupGrantRequest()) {
setResultAndFinish();
}
}
我们继续来看onPermissionGrantResultSingleState()方法,它对我们传递进来的参数进行处理。
如果granted为true,执行权限组的groupState.mGroup.grantRuntimePermissions()方法;
如果granted为false,执行权限组的groupState.mGroup.revokeRuntimePermissions()方法;
private void onPermissionGrantResultSingleState(GroupState groupState, boolean granted,
boolean isOneTime, boolean doNotAskAgain) {
if (groupState != null && groupState.mGroup != null
&& groupState.mState == GroupState.STATE_UNKNOWN) {
if (granted) {
int permissionGrantRequestResult =
PERMISSION_GRANT_REQUEST_RESULT_REPORTED__RESULT__USER_GRANTED;
if (isOneTime) {
groupState.mGroup.setOneTime(true);
permissionGrantRequestResult =
PERMISSION_GRANT_REQUEST_RESULT_REPORTED__RESULT__USER_GRANTED_ONE_TIME;
} else {
groupState.mGroup.setOneTime(false);
}
groupState.mGroup.grantRuntimePermissions(true, doNotAskAgain,
groupState.affectedPermissions);
groupState.mState = GroupState.STATE_ALLOWED;
reportRequestResult(groupState.affectedPermissions, permissionGrantRequestResult);
} else {
groupState.mGroup.revokeRuntimePermissions(doNotAskAgain,
groupState.affectedPermissions);
groupState.mGroup.setOneTime(false);
groupState.mState = GroupState.STATE_DENIED;
reportRequestResult(groupState.affectedPermissions, doNotAskAgain
?PERMISSION_GRANT_REQUEST_RESULT_REPORTED__RESULT__USER_DENIED_WITH_PREJUDICE
: PERMISSION_GRANT_REQUEST_RESULT_REPORTED__RESULT__USER_DENIED);
}
}
}
我们继续来看AppPermissionGroup grantRuntimePermissions()方法,方法很长,我们逐一来分析。
- 首先,这里for循环将遍历权限组的所有权限,filterPermissions如果为空,则遍历所有权限,filterPermissions如果不为空,则只遍历filterPermissions中的权限。
- 如果不支持运行时权限(权限非运行时权限或SDK<23),则不处理
- 如果是系统设置的权限,不进行处理
- 在授予权限前,请确认权限应用可操作性已开启。
- 权限granted设置为true
- 更新权限的标记
权限更改完成之后,这里只是将数据保存在了permissionController,并没有持久化,还需要调用persistChanges()方法持久化数据。
packages/apps/PermissionController/src/com/android/permissioncontroller/permission/model/AppPermissionGroup.java
public boolean grantRuntimePermissions(boolean setByTheUser, boolean fixedByTheUser,
String[] filterPermissions) {
boolean killApp = false;
boolean wasAllGranted = true;
// We toggle permissions only to apps that support runtime
// permissions, otherwise we toggle the app op corresponding
// to the permission if the permission is granted to the app.
for (Permission permission : mPermissions.values()) {
if (filterPermissions != null
&& !ArrayUtils.contains(filterPermissions, permission.getName())) {
continue;
}
if (!permission.isGrantingAllowed(mIsEphemeralApp, mAppSupportsRuntimePermissions)) {
// Skip unallowed permissions.
continue;
}
boolean wasGranted = permission.isGrantedIncludingAppOp();
if (mAppSupportsRuntimePermissions) {
// Do not touch permissions fixed by the system.
if (permission.isSystemFixed()) {
wasAllGranted = false;
break;
}
// Ensure the permission app op is enabled before the permission grant.
if (permission.affectsAppOp() && !permission.isAppOpAllowed()) {
permission.setAppOpAllowed(true);
}
// Grant the permission if needed.
if (!permission.isGranted()) {
permission.setGranted(true);
}
// Update the permission flags.
if (!fixedByTheUser) {
if (permission.isUserFixed()) {
permission.setUserFixed(false);
}
if (setByTheUser) {
if (!permission.isUserSet()) {
permission.setUserSet(true);
}
}
} else {
if (!permission.isUserFixed()) {
permission.setUserFixed(true);
}
if (permission.isUserSet()) {
permission.setUserSet(false);
}
}
}
......
}
if (!mDelayChanges) {
persistChanges(false);
if (killApp) {
killApp(KILL_REASON_APP_OP_CHANGE);
}
}
return wasAllGranted;
}
我们继续看persistChanges()方法,这里会遍历mPermissions,判断权限是否授予,如果没有授予就调用PKMS grantRuntimePermission()方法授权,如果已经授权了,就调用revokeRuntimePermission()方法撤销权限。
/**
* If the changes to this group were delayed, persist them to the platform.
*
* @param mayKillBecauseOfAppOpsChange If the app these permissions belong to may be killed if
* app ops change. If this is set to {@code false} the
* caller has to make sure to kill the app if needed.
* @param revokeReason If any permissions are getting revoked, the reason for revoking them.
*/
public void persistChanges(boolean mayKillBecauseOfAppOpsChange, String revokeReason) {
int uid = mPackageInfo.applicationInfo.uid;
int numPermissions = mPermissions.size();
boolean shouldKillApp = false;
for (int i = 0; i < numPermissions; i++) {
Permission permission = mPermissions.valueAt(i);
if (!permission.isSystemFixed()) {
if (permission.isGranted()) {
mPackageManager.grantRuntimePermission(mPackageInfo.packageName,
permission.getName(), mUserHandle);
} else {
boolean isCurrentlyGranted = mContext.checkPermission(permission.getName(), -1,
uid) == PERMISSION_GRANTED;
if (isCurrentlyGranted) {
if (revokeReason == null) {
mPackageManager.revokeRuntimePermission(mPackageInfo.packageName,
permission.getName(), mUserHandle);
} else {
mPackageManager.revokeRuntimePermission(mPackageInfo.packageName,
permission.getName(), mUserHandle, revokeReason);
}
}
}
}
......
}
和检查权限一样,PackageManagerService并不处理权限相关的逻辑,而是将它交给PermissionManagerService处理。
frameworks/base/services/core/java/com/android/server/pm/PackageManagerService.java
// NOTE: Can't remove due to unsupported app usage
@Override
public void grantRuntimePermission(String packageName, String permName, final int userId) {
try {
// Because this is accessed via the package manager service AIDL,
// go through the permission manager service AIDL
mPermissionManagerService.grantRuntimePermission(packageName, permName, userId);
} catch (RemoteException ignore) { }
}
PermissionManagerService grantRuntimePermission()方法调用grantRuntimePermissionInternal()方法继续处理,我们省略前面的一系列合法性判断,只看关键步骤。这里和checkPermissionInternal()一样,通过AndroidPackage 获取PackageSetting,再通过PackageSetting获取permissionsState 实例,最终通过permissionsState 的 grantRuntimePermission()来完成授权。
frameworks/base/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
@Override
public void grantRuntimePermission(String packageName, String permName, final int userId) {
final int callingUid = Binder.getCallingUid();
final boolean overridePolicy =
checkUidPermission(ADJUST_RUNTIME_PERMISSIONS_POLICY, callingUid)
== PackageManager.PERMISSION_GRANTED;
grantRuntimePermissionInternal(permName, packageName, overridePolicy,
callingUid, userId, mDefaultPermissionCallback);
}
// TODO swap permission name and package name
private void grantRuntimePermissionInternal(String permName, String packageName,
boolean overridePolicy, int callingUid, final int userId, PermissionCallback callback) {
......
final AndroidPackage pkg = mPackageManagerInt.getPackage(packageName);
final PackageSetting ps = (PackageSetting) mPackageManagerInt.getPackageSetting(
packageName);
......
final int uid = UserHandle.getUid(userId, UserHandle.getAppId(pkg.getUid()));
final PermissionsState permissionsState = ps.getPermissionsState();
......
final int result = permissionsState.grantRuntimePermission(bp, userId);
switch (result) {
case PERMISSION_OPERATION_FAILURE: {
return;
}
case PermissionsState.PERMISSION_OPERATION_SUCCESS_GIDS_CHANGED: {
if (callback != null) {
callback.onGidsChanged(UserHandle.getAppId(pkg.getUid()), userId);
}
}
break;
}
......
}
我们之前了解过,PermissionsState中维护了一个ArrayMap mPermissions,mPermissions存储了应用的权限数据PermissionData,最终通过调用permissionData.grant()来将授权数据持久化到平台。
frameworks/base/services/core/java/com/android/server/pm/permission/PermissionsState.java
public int grantRuntimePermission(BasePermission permission, int userId) {
enforceValidUserId(userId);
if (userId == UserHandle.USER_ALL) {
return PERMISSION_OPERATION_FAILURE;
}
return grantPermission(permission, userId);
}
private int grantPermission(BasePermission permission, int userId) {
if (hasPermission(permission.getName(), userId)) {
return PERMISSION_OPERATION_SUCCESS;
}
final boolean hasGids = !ArrayUtils.isEmpty(permission.computeGids(userId));
final int[] oldGids = hasGids ? computeGids(userId) : NO_GIDS;
PermissionData permissionData = ensurePermissionData(permission);
if (!permissionData.grant(userId)) {
return PERMISSION_OPERATION_FAILURE;
}
if (hasGids) {
final int[] newGids = computeGids(userId);
if (oldGids.length != newGids.length) {
return PERMISSION_OPERATION_SUCCESS_GIDS_CHANGED;
}
}
return PERMISSION_OPERATION_SUCCESS;
}
应用的授权过程就解析完毕。