Android 7.0系统在运行应用的时候,对权限做了诸多限制,normal, dangerous, signature, signatureOrSystem ,取决于保护级别,在确定是否授予权限时,系统可能采取不同的操作。
运行时权限弹窗问题是很多系统定制的客户要求屏蔽的,一直以来没有特别好的方法,下面我分享一下我自己验证可行的方案
方案1,修改frameworks/base/services/core/java/com/android/server/pm/PackageManagerService和frameworks/base/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy文件,PackageManagerService文件修改代码如下:
@Override public void systemReady() { ... synchronized (mPackages) { ... for (int userId : UserManagerService.getInstance().getUserIds()) { //if (!mSettings.areDefaultRuntimePermissionsGrantedLPr(userId)) {//注释掉这个判断 grantPermissionsUserIds = ArrayUtils.appendInt( grantPermissionsUserIds, userId); //} } }
DefaultPermissionGrantPolicy文件修改代码如下:
private void grantPermissionsToSysComponentsAndPrivApps(int userId) { Log.i(TAG, "Granting permissions to platform components for user " + userId); synchronized (mService.mPackages) { for (PackageParser.Package pkg : mService.mPackages.values()) { // if (!isSysComponentOrPersistentPlatformSignedPrivAppLPr(pkg) //删掉isSysComponentOrPersistentPlatformSignedPrivAppLPr判断 if(!doesPackageSupportRuntimePermissions(pkg) || pkg.requestedPermissions.isEmpty()) { continue; } Set<String> permissions = new ArraySet<>(); final int permissionCount = pkg.requestedPermissions.size(); for (int i = 0; i < permissionCount; i++) { String permission = pkg.requestedPermissions.get(i); BasePermission bp = mService.mSettings.mPermissions.get(permission); if (bp != null && bp.isRuntime()) { permissions.add(permission); } } if (!permissions.isEmpty()) { grantRuntimePermissionsLPw(pkg, permissions, true, userId); } } } }
简单说明下这个方案的修改原理,在PMS的systemReady方法中会遍历所有拥有默认运行时权限应用,通过遍历它们的UserId来赋予权限,注释掉判断是否为拥有运行时权限的应用方法后,会遍历所有应用,遍历应用且赋予权限的操作是在DefaultPermissionGrantPolicy中grantPermissionsToSysComponentsAndPrivApps方法,注释掉判断签名应用和系统应用的方法,普通应用也可以获取所有运行时权限,这样所有应用都不会有运行时权限的弹窗了。
方案2,只修改frameworks/base/services/core/java/com/android/server/pm/PackageManagerService文件,修改grantPermissionsLPw方法,代码如下:
private void grantPermissionsLPw(PackageParser.Package pkg, boolean replace, String packageOfInterest) { ... /*add for grant thirdparty app permssion S*/ final String thirdPkgName = SystemProperties.get("persist.thirdparty.packagenames",""); if(isSystemApp(pkg) || pkg.packageName.contains(thirdPkgName)){//xxx为包名 final int permCount = pkg.requestedPermissions.size(); for(int i = 0;i < permCount;i++){ final String name = pkg.requestedPermissions.get(i); final BasePermission bp = mSettings.mPermissions.get(name); if(bp != null && permissionsState.grantInstallPermission(bp) != PermissionsState.PERMISSION_OPERATION_FAILURE){ changeInstallPermission = true; } } /*add for grant thirdparty app permission E*/ permissionsState.setGlobalGids(mGlobalGids); ... }
简单解释下第二中方案的思路,PMS在应用安装的时候会根据应用是否为签名应用、系统应用或三方应用来更新权限,这里可以做成白名单的形式,目前通过SystemProperties来获取三方包名可以通过adb或者串口来测试三方应用权限是否可以正常获取。两种方案大家可以自由选择。