为什么查询联系人选择器根据Android版本需要不同的权限? [英] Why does querying contact picker require different permissions depending on the android version?

问题描述

我们一直在尝试使用Android联系人选择器，以允许用户选择不需要应用程序具有READ_CONTACTS权限的联系人.以下意图似乎适用于4.0(ICS)设备以及2.3.3模拟器:

We have been experimenting with the Android contact picker to allow users to select a contact without the app requiring the READ_CONTACTS permission. The following intents appear to work on 4.0 (ICS) devices as well as a 2.3.3 emulator:

Intent contactPickerIntent = new Intent(Intent.ACION_GET_CONTENT);
contactPickerIntent.setType(Phone.CONTENT_ITEM_TYPE); // returns content://com.android.contacts/data/...

Intent contactPickerIntent = new Intent(Intent.ACTION_PICK, Contacts.CONTENT_URI); // returns content://com.android.contacts/lookup/...

但是，在2.2仿真器和某些ICS之前的模型(例如HTC Thunderbolt，Motorola Droid)上，尝试查询返回的UI会导致权限拒绝异常:

On a 2.2 emulator and certain pre-ICS models (e.g., HTC Thunderbolt, Motorola Droid), however, attempting to query the returned UI results in a permission denial exception:

由以下原因引起:java.lang.SecurityException:权限被拒绝:正在读取 com.android.providers.contacts.ContactsProvider2 uri内容://com.android.contacts/contacts/lookup/0r1-52345052324E483C32/1 从pid = 273开始，uid = 10036需要android.permission.READ_CONTACTS

Caused by: java.lang.SecurityException: Permission Denial: reading com.android.providers.contacts.ContactsProvider2 uri content://com.android.contacts/contacts/lookup/0r1-52345052324E483C32/1 from pid=273, uid=10036 requires android.permission.READ_CONTACTS

这看起来像是操作系统或设备碎片问题；我们正在寻求对此主题的澄清，以便我们可以继续采用这种方法或其他方法.

This looks like a OS or device fragmentation issue; we're seeking clarification on this topic so that we can move forward with this or an alternate approach.

有想法吗?

推荐答案

这是故意的.在此页面的底部记录了此行为:

This is intentional. At the bottom of this page this behavior is documented:

在Android 2.3(API级别9)之前，要在Contacts Provider上执行查询(如上面所示)，需要您的应用声明READ_CONTACTS权限(请参阅安全性和权限).但是，从Android 2.3开始，Contacts/People应用程序向您的应用程序授予临时权限，以便在它向您返回结果时从Contacts Provider读取.临时权限仅适用于请求的特定联系人，因此，除非您声明了READ_CONTACTS权限，否则您无法查询除意图Uri指定的联系人以外的其他联系人.

Before Android 2.3 (API level 9), performing a query on the Contacts Provider (like the one shown above) requires that your app declare the READ_CONTACTS permission (see Security and Permissions). However, beginning with Android 2.3, the Contacts/People app grants your app a temporary permission to read from the Contacts Provider when it returns you a result. The temporary permission applies only to the specific contact requested, so you cannot query a contact other than the one specified by the intent's Uri, unless you do declare the READ_CONTACTS permission.

您希望在其他许多地方对此进行记录，但是该页面是我找到的唯一解释它的地方.

There are a dozen other places where you would expect this to be documented, but that page is the only place I have found it explained.

这篇关于为什么查询联系人选择器根据Android版本需要不同的权限?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！