最近剛做完通知權限管理的功能,在這里做一下記錄。
單個應用的權限管理需要使用到 AppOpsManager 的接口,接下來通過代碼記錄下:
AppOpsManager 是對外的管理接口,真正實現功能的是 AppOpsService。
一、AppOpsManager的工作流程
1、 AppOpsService 初始化:
public ActivityManagerService(Context systemContext) {
mContext = systemContext;
mFactoryTest = FactoryTest.getMode();
mSystemThread = ActivityThread.currentActivityThread();
....
// TODO: Move creation of battery stats service outside of activity manager service.
File dataDir = Environment.getDataDirectory();
File systemDir = new File(dataDir, "system");
systemDir.mkdirs();
....
mAppOpsService = new AppOpsService(new File(systemDir, "appops.xml"), mHandler);
mAppOpsService.startWatchingMode(AppOpsManager.OP_RUN_IN_BACKGROUND, null,
new IAppOpsCallback.Stub() {
@Override public void opChanged(int op, int uid, String packageName) {
if (op == AppOpsManager.OP_RUN_IN_BACKGROUND && packageName != null) {
if (mAppOpsService.checkOperation(op, uid, packageName)
!= AppOpsManager.MODE_ALLOWED) {
runInBackgroundDisabled(uid);
}
}
}
});
從以上代碼可知應用信息的儲存在“data/system/appops.xml”文件中,格式為:
<app-ops>
<pkg n="root">
<uid n="0" p="false">
<op n="34" t="1499140707282" pu="0" />
</uid>
</pkg>
<pkg n="com.mediatek.xxx">
<uid n="1000" p="false">
<op n="11" t="1499224813388" pu="0" />
<op n="15" m="0" />
<op n="59" t="1499224797843" pu="0" />
<op n="60" t="1499224797843" pu="0" />
<op n="71" t="1499224813389" pu="0" />
<op n="75" t="1499224813387" pu="0" />
<op n="76" t="1499224813387" pu="0" />
<op n="77" t="1499224813388" pu="0" />
</uid>
</pkg>
<pkg n="com.xxx.usercenter">
<uid n="1000" p="true">
<op n="0" t="1498721353479" pu="0" />
<op n="2" t="1498721359244" d="5787" />
<op n="10" t="1498721356900" pu="0" />
<op n="12" t="1498721353481" pu="0" />
<op n="41" t="1498721359246" d="5793" />
<op n="42" t="1498721359226" d="5769" />
<op n="59" t="1498721350806" pu="0" />
<op n="60" t="1498721350806" pu="0" />
<op n="72" m="0" t="1498721353877" pu="0" />
</uid>
</pkg>
初始化 AppOpsService 同時,解析appops.xml文件中的信息并儲存在名為 UidState 的內部類中:
void readState() {
synchronized (mFile) {
synchronized (this) {
FileInputStream stream;
try {
stream = mFile.openRead();
} catch (FileNotFoundException e) {
....
return;
}
boolean success = false;
mUidStates.clear();
try {
XmlPullParser parser = Xml.newPullParser();
parser.setInput(stream, StandardCharsets.UTF_8.name());
int type;
....
String tagName = parser.getName();
if (tagName.equals("pkg")) {
//讀取每個應用權限信息,并保存至UidState.pkgOps變量
readPackage(parser);
} else if (tagName.equals("uid")) {
//讀取每個應用對應的相關權限以及權限狀態,并保存至UidState.opModes變量
readUidOps(parser);
} else {
Slog.w(TAG, "Unknown element under <app-ops>: "
+ parser.getName());
XmlUtils.skipCurrentTag(parser);
}
}
success = true;
} catch (IllegalStateException e) {
....
}
}
}
}
void readPackage(XmlPullParser parser) throws NumberFormatException,
XmlPullParserException, IOException {
String pkgName = parser.getAttributeValue(null, "n");
int outerDepth = parser.getDepth();
int type;
while ((type = parser.next()) != XmlPullParser.END_DOCUMENT
&& (type != XmlPullParser.END_TAG || parser.getDepth() > outerDepth)) {
....
String tagName = parser.getName();
if (tagName.equals("uid")) {
readUid(parser, pkgName);
} else {
....
}
}
}
void readUid(XmlPullParser parser, String pkgName) throws NumberFormatException,
XmlPullParserException, IOException {
int uid = Integer.parseInt(parser.getAttributeValue(null, "n"));
String isPrivilegedString = parser.getAttributeValue(null, "p");
boolean isPrivileged = false;
if (isPrivilegedString == null) {
try {
IPackageManager packageManager = ActivityThread.getPackageManager();
if (packageManager != null) {
ApplicationInfo appInfo = ActivityThread.getPackageManager()
.getApplicationInfo(pkgName, 0, UserHandle.getUserId(uid));
if (appInfo != null) {
isPrivileged = (appInfo.privateFlags
& ApplicationInfo.PRIVATE_FLAG_PRIVILEGED) != 0;
}
} else {
// Could not load data, don't add to cache so it will be loaded later.
return;
}
} catch (RemoteException e) {
Slog.w(TAG, "Could not contact PackageManager", e);
}
} else {
isPrivileged = Boolean.parseBoolean(isPrivilegedString);
}
int outerDepth = parser.getDepth();
int type;
while ((type = parser.next()) != XmlPullParser.END_DOCUMENT
&& (type != XmlPullParser.END_TAG || parser.getDepth() > outerDepth)) {
if (type == XmlPullParser.END_TAG || type == XmlPullParser.TEXT) {
continue;
}
String tagName = parser.getName();
if (tagName.equals("op")) {
Op op = new Op(uid, pkgName, Integer.parseInt(parser.getAttributeValue(null, "n")));
String mode = parser.getAttributeValue(null, "m");
if (mode != null) {
op.mode = Integer.parseInt(mode);
}
String time = parser.getAttributeValue(null, "t");
if (time != null) {
op.time = Long.parseLong(time);
}
time = parser.getAttributeValue(null, "r");
if (time != null) {
op.rejectTime = Long.parseLong(time);
}
String dur = parser.getAttributeValue(null, "d");
if (dur != null) {
op.duration = Integer.parseInt(dur);
}
String sum = parser.getAttributeValue(null, "sum");
if (sum != null) {
op.mSum = Integer.parseInt(sum);
}
String proxyUid = parser.getAttributeValue(null, "pu");
if (proxyUid != null) {
op.proxyUid = Integer.parseInt(proxyUid);
}
String proxyPackageName = parser.getAttributeValue(null, "pp");
if (proxyPackageName != null) {
op.proxyPackageName = proxyPackageName;
}
UidState uidState = getUidStateLocked(uid, true);
if (uidState.pkgOps == null) {
uidState.pkgOps = new ArrayMap<>();
}
Ops ops = uidState.pkgOps.get(pkgName);
if (ops == null) {
ops = new Ops(pkgName, uidState, isPrivileged);
uidState.pkgOps.put(pkgName, ops);
}
ops.put(op.op, op);
} else {
Slog.w(TAG, "Unknown element under <pkg>: "
+ parser.getName());
XmlUtils.skipCurrentTag(parser);
}
}
}
void readUidOps(XmlPullParser parser) throws NumberFormatException,
XmlPullParserException, IOException {
final int uid = Integer.parseInt(parser.getAttributeValue(null, "n"));
int outerDepth = parser.getDepth();
int type;
while ((type = parser.next()) != XmlPullParser.END_DOCUMENT
&& (type != XmlPullParser.END_TAG || parser.getDepth() > outerDepth)) {
if (type == XmlPullParser.END_TAG || type == XmlPullParser.TEXT) {
continue;
}
String tagName = parser.getName();
if (tagName.equals("op")) {
//code對應AppopsManager中的OP值
final int code = Integer.parseInt(parser.getAttributeValue(null, "n"));
//mode 對應AppopsManager中權限狀態,有0 1 2 3四種狀態
final int mode = Integer.parseInt(parser.getAttributeValue(null, "m"));
UidState uidState = getUidStateLocked(uid, true);
if (uidState.opModes == null) {
uidState.opModes = new SparseIntArray();
}
uidState.opModes.put(code, mode);
} else {
Slog.w(TAG, "Unknown element under <uid-ops>: "
+ parser.getName());
XmlUtils.skipCurrentTag(parser);
}
}
}
2、 AppOps 權限狀態設置流程:
AppOpsManager:
/** @hide */
public void setMode(int code, int uid, String packageName, int mode) {
try {
mService.setMode(code, uid, packageName, mode);
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
}
}
AppOpsService:
@Override
public void setMode(int code, int uid, String packageName, int mode) {
/// M: Log enhancement @{
String callingApp = mContext.getPackageManager().getNameForUid(Binder.getCallingUid());
if (Binder.getCallingPid() != Process.myPid()) {
mContext.enforcePermission(android.Manifest.permission.UPDATE_APP_OPS_STATS,
Binder.getCallingPid(), Binder.getCallingUid(), null);
}
//驗證code值,不在AppOpsManager._NUM_OP范圍內會直接拋異常
verifyIncomingOp(code);
ArrayList<Callback> repCbs = null;
code = AppOpsManager.opToSwitch(code);
synchronized (this) {
//通過UID去查找UidState 、Op 對象,如果沒有就創建一個新的。
UidState uidState = getUidStateLocked(uid, false);
Op op = getOpLocked(code, uid, packageName, true);
if (op != null) {
//判斷是否需要更新appops.xml
if (op.mode != mode) {
op.mode = mode;
....
//將app權限信息寫入 appops.xml 文件
scheduleFastWriteLocked();
}
}
}
.....
}
private void scheduleFastWriteLocked() {
if (!mFastWriteScheduled) {
mWriteScheduled = true;
mFastWriteScheduled = true;
mHandler.removeCallbacks(mWriteRunner);
mHandler.postDelayed(mWriteRunner, 10*1000);
}
}
mWriteRunner 中通過異步執行了writeState()的寫入操作,將更新后的UidState 對象信息重新寫入appops.xml中。
2、 AppOps 權限狀態讀取流程:
<br />
AppOpsManager 中常用的讀取方法有四種:
[checkOp](file:///D:/AndroidStudioSDK/docs/reference/android/app/AppOpsManager.html#checkOp%28java.lang.String,%20int,%20java.lang.String%29)([String](file:///D:/AndroidStudioSDK/docs/reference/java/lang/String.html) op, int uid, [String](file:///D:/AndroidStudioSDK/docs/reference/java/lang/String.html) packageName)
只讀取不做記錄,權限不通過會拋異常
[noteOp](file:///D:/AndroidStudioSDK/docs/reference/android/app/AppOpsManager.html#noteOp%28java.lang.String,%20int,%20java.lang.String%29)([String](file:///D:/AndroidStudioSDK/docs/reference/java/lang/String.html) op, int uid, [String](file:///D:/AndroidStudioSDK/docs/reference/java/lang/String.html) packageName)
和checkOp基本相同,但是在檢驗后會做記錄。
[checkOpNoThrow](file:///D:/AndroidStudioSDK/docs/reference/android/app/AppOpsManager.html#checkOpNoThrow%28java.lang.String,%20int,%20java.lang.String%29)([String](file:///D:/AndroidStudioSDK/docs/reference/java/lang/String.html) op, int uid, [String](file:///D:/AndroidStudioSDK/docs/reference/java/lang/String.html) packageName)
和checkOp類似,但是權限錯誤,不會拋出SecurityException,而是返回AppOpsManager.MODE_ERRORED.
[noteOpNoThrow](file:///D:/AndroidStudioSDK/docs/reference/android/app/AppOpsManager.html#noteOpNoThrow%28java.lang.String,%20int,%20java.lang.String%29)([String](file:///D:/AndroidStudioSDK/docs/reference/java/lang/String.html) op, int uid, [String](file:///D:/AndroidStudioSDK/docs/reference/java/lang/String.html) packageName)
類似noteOp,但不會拋出SecurityException。
以 noteOp 來記錄下讀取的流程:
AppOpsManager:
public int noteOp(int op, int uid, String packageName) {
try {
int mode = mService.noteOperation(op, uid, packageName);
//如果權限不通過直接拋異常
if (mode == MODE_ERRORED) {
throw new SecurityException(buildSecurityExceptionMsg(op, uid, packageName));
}
return mode;
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
}
}
AppOpsService:
@Override
public int noteOperation(int code, int uid, String packageName) {
verifyIncomingUid(uid);
verifyIncomingOp(code);
String resolvedPackageName = resolvePackageName(uid, packageName);
if (resolvedPackageName == null) {
return AppOpsManager.MODE_IGNORED;
}
return noteOperationUnchecked(code, uid, resolvedPackageName, 0, null);
}
private int noteOperationUnchecked(int code, int uid, String packageName,
int proxyUid, String proxyPackageName) {
synchronized (this) {
Ops ops = getOpsRawLocked(uid, packageName, true);
if (ops == null) {
....
return AppOpsManager.MODE_ERRORED;
}
//這里會對op 對象的變量重新設值,最終會打印在appops.xml中
Op op = getOpLocked(ops, code, true);
if (isOpRestricted(uid, code, packageName)) {
return AppOpsManager.MODE_IGNORED;
}
if (op.duration == -1) {
....
}
op.duration = 0;
final int switchCode = AppOpsManager.opToSwitch(code);
UidState uidState = ops.uidState;
// If there is a non-default per UID policy (we set UID op mode only if
// non-default) it takes over, otherwise use the per package policy.
if (uidState.opModes != null && uidState.opModes.indexOfKey(switchCode) >= 0) {
final int uidMode = uidState.opModes.get(switchCode);
if (uidMode != AppOpsManager.MODE_ALLOWED) {
if (!operationFallBackCheck(uidState, switchCode, uid, packageName)) {
op.rejectTime = System.currentTimeMillis();
op.mSum ++;
return uidMode;
}
}
} else {
final Op switchOp = switchCode != code ? getOpLocked(ops, switchCode, true) : op;
if (switchOp.mode != AppOpsManager.MODE_ALLOWED) {
if (!operationFallBackCheck(ops, switchOp.op, uid, packageName)) {
op.rejectTime = System.currentTimeMillis();
op.mSum ++;
return switchOp.mode;
}
}
}
op.time = System.currentTimeMillis();
op.rejectTime = 0;
op.proxyUid = proxyUid;
op.proxyPackageName = proxyPackageName;
return AppOpsManager.MODE_ALLOWED;
}
}
二、AppOpsManager的使用方法
1.添加靜態變量
1.1 添加op:
/** @hide */
public static final int OP_BOOT_COMPLETED = 69;
1.2 修改_NUM_OP(op總數+1):
/** @hide */
public static final int _NUM_OP = 70;
1.3 添加OP_STR:
private static final String OPSTR_BOOT_COMPLETED =
"android:boot_completed";
2.在op靜態數組中添加新增op
初始化時會對每個數組的數量進行check,如果與_NUM_OP 值不一致,就會拋異常,會導致開不了機。
private static final int[] RUNTIME_PERMISSIONS_OPS = {
....
OP_BOOT_COMPLETED,
}
private static int[] sOpToSwitch = new int[] {
....
OP_BOOT_COMPLETED,
}
private static int[] sOpToSwitchCta = new int[] {
....
OP_BOOT_COMPLETED,
}
private static String[] sOpToString = new String[] {
....
OPSTR_BOOT_COMPLETED,
};
private static String[] sOpNames = new String[] {
....
"BOOT_COMPLETED",
};
private static String[] sOpPerms = new String[] {
....
Manifest.permission.RECEIVE_BOOT_COMPLETED,
};
private static String[] sOpRestrictions = new String[] {
....
null, //BOOT_COMPLETED
};
private static boolean[] sOpAllowSystemRestrictionBypass = new boolean[] {
....
true, // BOOT_COMPLETED
};
private static int[] sOpDefaultMode = new int[] {
....
AppOpsManager.MODE_IGNORED, // OP_BOOT_COMPLETED
};
private static boolean[] sOpDisableReset = new boolean[] {
....
false, // OP_BOOT_COMPLETED
};
以上已經將需要添加的op代碼添加完畢,接下來需要在系統模塊中使用。
3.在系統模塊中使用
3.1 設置權限
mAppOpsService.setMode(AppOpsManager.OP_BOOT_COMPLETED, uid, packageName, AppOpsManager.MODE_ALLOWED);
3.2 判斷權限狀態
if (mAppOps.noteOpNoThrow(AppOpsManager.OP_POST_NOTIFICATION, uid, pkg)
!= AppOpsManager.MODE_ALLOWED) {
....
}
