Android The authority management of “ Principle of minimum privilege ”, That's all Android Applications are given minimal permissions . One Android If the application does not declare any permissions , There is no privilege .

History of permissions

2013 year , Apple released IOS7 system . One of them is a headache for developers : Add photo album to privacy , Recording and other rights ,App To use the appropriate permissions , It needs to be applied and approved by users (IOS7 before , Direct access to photo albums ), In view of this point , quite a lot App A pop-up window at the first start-up , Apply for a variety of permissions .

Later, apple tried to improve the user experience , stay App
Store Requirements during audit App Permission must be applied immediately before use , These problems have been effectively improved . Like a live broadcast App, When you start App You don't need a camera , Recording rights , You don't need to apply for these two permissions until you start broadcasting . This scene , In fact, it's similar to what I'm going to talk about today Android Dynamic authorization .

early stage : No cover up

Android6.0 Before the system , On installation App Front , It will be listed App All permissions requested . If you continue with the installation , It is deemed that the user agrees to grant App Required permissions . This mechanism is open , Trying to install App Time , The pop-up window lists it App Full authority of application . Only the required permissions can be viewed , Authorization cannot be denied , You can choose to cancel the installation or continue with the installation .

This way , Extremely friendly to developers , You only need to Manifest Medium configuration App The required authority is enough , The code can be called directly . But for users , This method has great security risks .

development : Third party security App

In order to solve the problem that some sensitive permissions are used unreasonably , Security of some domestic companies App, Start monitoring application to obtain sensitive permission of mobile phone and prompt . as 360 Mobile phone guard , Tencent mobile phone housekeeper and other products , When it is detected that there are App Try to use SMS permission , Sensitive permissions such as location , The user will be informed , And you can deny permission . at first , It was quite smooth . But as mobile phone manufacturers began to modify ROM, Third party security App Compatibility of , Performance problems break out gradually .

upgrade : Manufacturer action

A little later , Mobile phone manufacturers take action , One after another, the authority prompt function of third-party software is directly implemented ROM. And make safety as the selling point of products .

 

at present : Google upgrade rights management

2015 Launched in Android
6.0, Dangerous authority management is added . Because mobile phone manufacturers ROM Modification of , part 6.0 The above machines do not support this feature . At this stage ,App After modifying the permission code , In order to use the corresponding permissions normally . Simply understood as 3 step :

* 1, Decide whether to authorize ;
* 2, If you are not authorized, you need to apply for permission , Continue execution according to authorization result ;
* 3, Authorized to continue .
Use and adaptation of permissions

Zero , The basics of authority

Android The system is based on Linux kernel , The permissions in the system are divided into 3 class :

* Android Mobile phone owner rights : This is related to the manufacturer , It can be understood as system permission .
* Android
ROOT jurisdiction : be similar to Linux, This is Android Highest authority in the system . If you have the permission , That's right Android Any file in the system , data , Any operation of resources . so-called “ Prison Break ”, The highest user is the highest ROOT jurisdiction .
* Android Application permissions : The permission is in the AndroidManifest The file is declared by the program developer , Authorized by user when needed .
One , Not applicable to dynamic permissions

Dynamic permission features , Only from Android 6.0 Start owning , therefore , It can be simply and brutally passed without promotion targetSDK(targetSDK<23) The way , This feature is not triggered .

If you don't change any code , Directly targetSDK Upgrade to 26, Then run App, When doing the same operation, there will be an exception or even a crash , The cause of this breakdown , It's in Android
6.0 And above , The operation that needs permission is executed directly without permission .

Two , Dynamic permission adaptation

1, Before using pre permission , Detection authority

first , We need to judge whether we have authority . Determine the time point before executing the corresponding operation that requires permission . If we're getting IMEI Front , You need to judge whether you have it or not PHONE_STATE jurisdiction .

We can call ContextCompat.checkSelfPermission() Method to detect authorization status , The result returned is PackageManager Two constants in :PERMISSION_GRANTED( Authorized ) and PERMISSION_DENIED( Unauthorized ).

2, When authorized , Perform the appropriate action

When authorized , You can perform the original operation . The code is as follows :
// testing PHONE_STATE If authorized if
(ContextCompat.checkSelfPermission(this,Manifest.permission.READ_PHONE_STATE)
== PackageManager.PERMISSION_GRANTED) { // Do what you want }
3, When not authorized , Application authority

If App Unauthorized , We need to apply for authorization from users . Can be called requestPermissions() Method to request authorization . The code is as follows :
// testing PHONE_STATE If not authorized if
(ContextCompat.checkSelfPermission(this,Manifest.permission.READ_PHONE_STATE)
!= PackageManager.PERMISSION_GRANTED) { // Application authority
ActivityCompat.requestPermissions(this,
arrayOf(Manifest.permission.READ_PHONE_STATE), PERMISSIONS_REQUEST_PHONE_STATE)
}
requestPermissions() The third parameter in is a int Type request code , Convenient callback processing .

After calling the application authorization method ,ROM A system level pop-up window will be set up , this dialog Developers cannot customize . When the user clicks agree , The system will record , The authorized status will be returned the next time the permission is judged ; When App When unloading , The record will be cleared .

4, Rewriting functions , Result of processing authorization pop-up window

Directly in Activity or Fragment Rewriting in onRequestPermissionsResult() function , To process the result of permission application .requestPermissions() The third parameter of , Will be used here . The code is as follows :
public void onRequestPermissionsResult(int requestCode, @NonNull String[]
permissions, @NonNull int[] grantResults) { if (requestCode ==
PERMISSIONS_REQUEST_READ_CONTACTS) { if (grantResults[0] ==
PackageManager.PERMISSION_GRANTED) { //todo } else { //todo } } }

Technology