This repository has been archived by the owner on Oct 3, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
AppOps
ikas edited this page May 20, 2021
·
5 revisions
App-ops are used for two purposes: Access control and tracking
MODE_DEFAULT : Default behavior, might differ from app-op to app-op
MODE_ALLOWED : Allow the access
MODE_FOREGROUND : Allow the access but only if the app is currently in the foreground
MODE_IGNORED : Don't allow the access, i.e. don't perform the requested action or return placeholder data
MODE_ERRORED : Throw a SecurityException on access. This can be suppressed by using a ...noThrow method to check the mode
App-ops can either be controlled for each uid or for each package , If the uid mode has been set, then the package mode will not be checked
//uid mode
UidState uidState = getUidStateLocked(uid, false);
if (uidState != null && uidState.opModes != null
&& uidState.opModes.indexOfKey(code) >= 0) {
final int rawMode = uidState.opModes.get(code);
return raw ? rawMode : uidState.evalMode(code, rawMode);
}
//package mode
Op op = getOpLocked(code, uid, packageName, false, verify, false);
if (op == null) {
return AppOpsManager.opToDefaultMode(code);
}
return raw ? op.mode : op.evalMode();
- 页面权限状态会同时检查权限状态与op状态(uid mode,下同)
- 修改权限时,会立即修改权限对应的op状态
- 当应用检查权限时,会根据权限组状态修正组内所有权限状态与op状态
- 会根据权限状态自动修正权限对应的op状态,反之亦然
- 系统默认存在多种触发同步的机制,比如任意app的卸载,权限变更
- 会自动重置op状态,如package mode
- 系统内置的组件对op的修改采用uid mode,所以外部App对op修改也需要采用uid mode,否则会有冲突