Android 6.0 运行时权限检测

Android 6.0 运行时权限检测

Android 6.0之前的系统用户在安装apk文件时会根据app声明的权限声称权限列表，用户只有在同意了申请的权限后才可以继续安装应用。这样就存在了很大的安全隐患。因此在android 6.0后的系统中对权限进行了分级。一种是normal permission,一种是 dangerous permission级别权限。

normal permission权限：

• ACCESS_LOCATION_EXTRA_COMMANDS
• ACCESS_NETWORK_STATE
• ACCESS_NOTIFICATION_POLICY
• ACCESS_WIFI_STATE
• BLUETOOTH
• BLUETOOTH_ADMIN
• BROADCAST_STICKY
• CHANGE_NETWORK_STATE
• CHANGE_WIFI_MULTICAST_STATE
• CHANGE_WIFI_STATE
• DISABLE_KEYGUARD
• EXPAND_STATUS_BAR
• GET_PACKAGE_SIZE
• INSTALL_SHORTCUT
• INTERNET
• KILL_BACKGROUND_PROCESSES
• MODIFY_AUDIO_SETTINGS
• NFC
• READ_SYNC_SETTINGS
• READ_SYNC_STATS
• RECEIVE_BOOT_COMPLETED
• REORDER_TASKS
• REQUEST_INSTALL_PACKAGES
• SET_ALARM
• SET_TIME_ZONE
• SET_WALLPAPER
• SET_WALLPAPER_HINTS
• TRANSMIT_IR
• UNINSTALL_SHORTCUT
• USE_FINGERPRINT
• VIBRATE
• WAKE_LOCK
• WRITE_SYNC_SETTINGS

dangerous permission级别权限

• permission:android.permission.WRITE_CONTACTS
• permission:android.permission.GET_ACCOUNTS

• permission:android.permission.READ_CONTACTS

• permission:android.permission.READ_CALL_LOG

• permission:android.permission.READ_PHONE_STATE
  
  • * permission:android.permission.CALL_PHONE*
• permission:android.permission.WRITE_CALL_LOG
• permission:android.permission.USE_SIP
• permission:android.permission.PROCESS_OUTGOING_CALLS

• permission:com.android.voicemail.permission.ADD_VOICEMAIL

• permission:android.permission.READ_CALENDAR

• permission:android.permission.WRITE_CALENDAR

• permission:android.permission.CAMERA

• permission:android.permission.BODY_SENSORS

• permission:android.permission.ACCESS_FINE_LOCATION

  - * permission:android.permission.ACCESS_COARSE_LOCATION*

• permission:android.permission.READ_EXTERNAL_STORAGE

• permission:android.permission.WRITE_EXTERNAL_STORAGE

• permission:android.permission.RECORD_AUDIO

• permission:android.permission.READ_SMS

• permission:android.permission.RECEIVE_WAP_PUSH
• permission:android.permission.RECEIVE_MMS
• permission:android.permission.RECEIVE_SMS
• permission:android.permission.SEND_SMS
  
  • * permission:android.permission.READ_CELL_BROADCASTS*

Android 6.0在我们原有的AndroidManifest.xml声明权限的基础上，又新增了运行时权限动态检测(就是对dangerous permission级别权限进行动态权限监测)，以下权限都需要在运行时判断：

身体传感器
日历
摄像头
通讯录
地理位置
麦克风
电话
短信
存储空间

dangerous permission级别权限其实是分组的，每组中包含多个权限。app在动态获取权限时显示的是一组权限，一旦你同意了本组权限中的一种权限在下次app调用本组中其他权限时系统默认已经授权不需要用户再次确认（在miui系统的6.0中测试发现每次都需要再次授权）。

小实例

在android studio项目中要想测试运行时权限检测必须在gradle中将targetSdkVersion 设置为23。如果是小于23系统会默认授予androidmainfast.xml中声明的权限，但是这是一种临时的解决方法还是需要做新机制的兼容的。

android {
    compileSdkVersion 23
    buildToolsVersion "23.0.3"
    defaultConfig {
        applicationId "com.example.cike.testpermission"
        minSdkVersion 15
        targetSdkVersion 23
        versionCode 1
        versionName "1.0"
        testInstrumentationRunner "android.support.test.runner.AndroidJUnitRunner"
    }
    buildTypes {
        release {
            minifyEnabled false
            proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
        }
    }
}

我们需要在app中每次需要危险权限时都去权限是否授予的检测，检测代码如下：

//contextCompat.checkSelfPermission()用于检测是否授予权限
 if (ContextCompat.checkSelfPermission(MainActivity.this, Manifest.permission.CALL_PHONE) != PackageManager.PERMISSION_GRANTED) {
//activitycompat.requestPermission()请求权限                  ActivityCompat.requestPermissions(MainActivity.this, new String[] {Manifest.permission.CALL_PHONE},1);
                } else {
                    calling();
                }

---

完整代码如下：

public class MainActivity extends AppCompatActivity {

    private Button button;

    @Override
    protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.activity_main);

        button = (Button) findViewById(R.id.button);
        button.setOnClickListener(new View.OnClickListener() {

            @Override
            public void onClick(View v) {
                if (ContextCompat.checkSelfPermission(MainActivity.this, Manifest.permission.CALL_PHONE) != PackageManager.PERMISSION_GRANTED) {
                    ActivityCompat.requestPermissions(MainActivity.this, new String[] {Manifest.permission.CALL_PHONE},1);
                } else {
                    calling();
                }
            }
        });
    }

    private void calling() {
        Intent intent = new Intent(Intent.ACTION_CALL);
        Uri data = Uri.parse("tel:1234567890");
        intent.setData(data);
        startActivity(intent);
    }

    @Override
    public void onRequestPermissionsResult(int requestCode, @NonNull String[] permissions, @NonNull int[] grantResults) {
        if (requestCode == 1) {
            if (grantResults[0] == PackageManager.PERMISSION_GRANTED) {
                calling();
            } else {
                Toast.makeText(this, "权限被拒绝", Toast.LENGTH_SHORT).show();
            }
            return;
        }
        super.onRequestPermissionsResult(requestCode, permissions, grantResults);
    }
}

效果图：