【CTA认证】Android8实现android6以下的应用运行时也要申请权限

需求

CTA入网认证，要求低版本比如Android6以下的应用，运行时，也需要有运行时权限(Runtime Permission)功能，不能默认就取到权限，必须人工在设置中打开才可。

环境

Android 8

实现

frameworks
修改思路是所有APP都统一处理，支持运行时权限，
把所有版本相关的判断去掉，检测是否支持运行时权限的判断去掉。

diff --git a/base/services/core/java/com/android/server/pm/PackageInstallerService.java b/base/services/core/java/com/android/server/pm/PackageInstallerService.java
index 1fa37b91..3a3433c9 100644
--- a/base/services/core/java/com/android/server/pm/PackageInstallerService.java
+++ b/base/services/core/java/com/android/server/pm/PackageInstallerService.java
@@ -436,6 +436,7 @@ public class PackageInstallerService extends IPackageInstaller.Stub {params.installFlags |= PackageManager.INSTALL_FROM_ADB;} else {
+            mAppOps = mContext.getSystemService(AppOpsManager.class);mAppOps.checkPackage(callingUid, installerPackageName);params.installFlags &= ~PackageManager.INSTALL_FROM_ADB;
@@ -705,6 +706,7 @@ public class PackageInstallerService extends IPackageInstaller.Stub {@Overridepublic ParceledListSlice<SessionInfo> getMySessions(String installerPackageName, int userId) {mPm.enforceCrossUserPermission(Binder.getCallingUid(), userId, true, false, "getMySessions");
+        mAppOps = mContext.getSystemService(AppOpsManager.class);mAppOps.checkPackage(Binder.getCallingUid(), installerPackageName);final List<SessionInfo> result = new ArrayList<>();
diff --git a/base/services/core/java/com/android/server/pm/PackageManagerService.java b/base/services/core/java/com/android/server/pm/PackageManagerService.java
index aa43008b..5f0f66a4 100644
--- a/base/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/base/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -2279,8 +2279,9 @@ public class PackageManagerService extends PackageManagerServiceExAbsfinal int immutableFlags = PackageManager.FLAG_PERMISSION_SYSTEM_FIXED| PackageManager.FLAG_PERMISSION_POLICY_FIXED;-        final boolean supportsRuntimePermissions = pkg.applicationInfo.targetSdkVersion
-                >= Build.VERSION_CODES.M;
+        //final boolean supportsRuntimePermissions = pkg.applicationInfo.targetSdkVersion
+                //>= Build.VERSION_CODES.M;
+        final boolean supportsRuntimePermissions = false;final boolean instantApp = isInstantApp(pkg.packageName, userId);@@ -5884,7 +5885,6 @@ public class PackageManagerService extends PackageManagerServiceExAbs// to keep the review required permission flag per user while an// install permission's state is shared across all users.if (mPermissionReviewRequired
-                    && pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M&& bp.isRuntime()) {return;}
@@ -5918,10 +5918,10 @@ public class PackageManagerService extends PackageManagerServiceExAbs+ name + " for package " + packageName);}-            if (pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M) {
-                Slog.w(TAG, "Cannot grant runtime permission to a legacy app");
-                return;
-            }
+            //if (pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M) {
+                //Slog.w(TAG, "Cannot grant runtime permission to a legacy app");
+                //return;
+            //}final int result = permissionsState.grantRuntimePermission(bp, userId);switch (result) {
@@ -6021,7 +6021,7 @@ public class PackageManagerService extends PackageManagerServiceExAbs// to keep the review required permission flag per user while an// install permission's state is shared across all users.if (mPermissionReviewRequired
-                    && pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M
+                    //&& pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M&& bp.isRuntime()) {return;}
@@ -13615,8 +13615,7 @@ public class PackageManagerService extends PackageManagerServiceExAbsfor (int i=0; i<N; i++) {final String name = pkg.requestedPermissions.get(i);final BasePermission bp = mSettings.mPermissions.get(name);
-            final boolean appSupportsRuntimePermissions = pkg.applicationInfo.targetSdkVersion
-                    >= Build.VERSION_CODES.M;
+            final boolean appSupportsRuntimePermissions = false;if (DEBUG_INSTALL) {Log.i(TAG, "Package " + pkg.packageName + " checking " + name + ": " + bp);
@@ -13676,10 +13675,7 @@ public class PackageManagerService extends PackageManagerServiceExAbs// their permissions as always granted runtime ones since we need// to keep the review required permission flag per user while an// install permission's state is shared across all users.
-                    if (!appSupportsRuntimePermissions && !mPermissionReviewRequired) {
-                        // For legacy apps dangerous permissions are install time ones.
-                        grant = GRANT_INSTALL;
-                    } else if (origPermissions.hasInstallPermission(bp.name)) {
+                    if (origPermissions.hasInstallPermission(bp.name)) {// For legacy apps that became modern, install becomes runtime.grant = GRANT_UPGRADE;} else if (mPromoteSystemApps
@@ -14023,14 +14019,6 @@ public class PackageManagerService extends PackageManagerServiceExAbs}}if (!allowed) {
-            if (!allowed && (bp.protectionLevel
-                    & PermissionInfo.PROTECTION_FLAG_PRE23) != 0
-                    && pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M) {
-                // If this was a previously normal/dangerous permission that got moved
-                // to a system permission as part of the runtime permission redesign, then
-                // we still want to blindly grant it to old apps.
-                allowed = true;
-            }if (!allowed && (bp.protectionLevel & PermissionInfo.PROTECTION_FLAG_INSTALLER) != 0&& pkg.packageName.equals(mRequiredInstallerPackage)) {// If this permission is to be granted to the system installer and
@@ -21325,8 +21313,7 @@ public class PackageManagerService extends PackageManagerServiceExAbs// If permission review is enabled and this is a legacy app, mark the// permission as requiring a review as this is the initial state.int flags = 0;
-            if (mPermissionReviewRequired
-                    && ps.pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M) {
+            if (mPermissionReviewRequired) {flags |= FLAG_PERMISSION_REVIEW_REQUIRED;}if (permissionsState.updatePermissionFlags(bp, userId, userSettableMask, flags)) {
@@ -26124,9 +26111,9 @@ Slog.v(TAG, ":: stepped forward, applying functor at tag " + parser.getName());}// Permission review applies only to apps not supporting the new permission model.
-                if (packageSetting.pkg.applicationInfo.targetSdkVersion >= Build.VERSION_CODES.M) {
-                    return false;
-                }
+                //if (packageSetting.pkg.applicationInfo.targetSdkVersion >= Build.VERSION_CODES.M) {
+                    //return false;
+                //}// Legacy apps have the permission and get user consent on launch.PermissionsState permissionsState = packageSetting.getPermissionsState();

作者：帅得不敢出门 原创文章谢绝转载