AndroidManifest.xml 隐含与显式权限(使用功能与使用权限) [英] AndroidManifest.xml implied vs explicit permissions ( uses-feature vs uses-permission )

问题描述

我的应用程序中有一些权限，例如

I have some permissions in my app such as

<uses-permission android:name="android.permission.CONTROL_LOCATION_UPDATES" />
<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
<uses-permission android:name="android.permission.ACCESS_MOCK_LOCATION" />

我怀疑它们实际上并不是必需的.

and I am under the suspicion that they aren't actually necessary.

根据Android文档，他们都暗示

According to the Android documents, they all imply that

<uses-feature
    android:name="android.hardware.location"/>

为真且必填.

因此，例如，如果我执行了三个命令中的两个，我所有的 A-GPS 相关调用仍会以完全相同的方式工作?

so, for instance, if I took out two out of three of those commands, all of my A-GPS related calls will still work the exact same way?

关于这方面的文献似乎并不多，除了人们重复 android 文档.

There doesn't really seem to be much literature about this, except for people repeating the android documents.

最终，我认为暗示 android:required = true 用于代码的许多元素会限制我可以访问的设备数量.

Ultimately, I think that implying that android:required = true for so many elements of the code is limiting the amount of devices I can access.

 <uses-feature
    android:name="android.hardware.location" android:required="false"/>

将向更多设备开放该应用，并且我可以在应用中使用有条件的逻辑来允许执行某些功能.

will open up to the app to many more devices, and I can use conditionally logic within the app to allow some features to execute.

但我的主要问题是 android.hardware.location 涵盖了许多 功能.没有 android.hardware.location.ACCESS_MOCK_LOCATION 或 android.hardware.location.CONTROL_LOCATION_UPDATES ，只有 android.hardware.location

But my main problem is that android.hardware.location covers SO many of the <uses-permission/> features. There is no android.hardware.location.ACCESS_MOCK_LOCATION or android.hardware.location.CONTROL_LOCATION_UPDATES , only android.hardware.location

这里有几个假设，但 android 开发者文档确实没有详细说明，只是表明那些单独的 uses-permissions 暗示需要一个 uses-feature.当它不一定是必需的，我只想确保我的 android sdk 调用有权运行

a couple assumptions here, but the android developer documents really don't elaborate, except reveal that those separate uses-permissions imply that one single uses-feature is required. when it necessarily is not intended to be required and I just want to make sure my android sdk calls have permission to run

问题:

1) 如果我去掉其中三个 uses-permissions 中的两个，我所有的 A-GPS 相关调用是否仍会以完全相同的方式工作，就好像我拥有所有这些个人一样权限设置?

1) if I took out two out of three of those uses-permissions, would all of my A-GPS related calls will still work the exact same way as if I had all of those individual permissions set?

2) android.hardware.location 是否变得更具体?我已经看过 android.hardware.location.NETWORK 但我在哪里可以看到所有的可能性?

2) does android.hardware.location get more specific? I have seen android.hardware.location.NETWORK but where can I see what all of the possibilities are?

推荐答案

因此，例如，如果我执行了三个命令中的两个，我所有的 A-GPS 相关调用仍会以完全相同的方式工作?

so, for instance, if I took out two out of three of those commands, all of my A-GPS related calls will still work the exact same way?

好吧，这三个权限中的两个应该不是必需的.ACCESS_MOCK_LOCATION 与 GPS 无关，而是与您自己的模拟位置提供者有关.引用 Cyril Mottier:

Well, two out of those three permissions should not be necessary. ACCESS_MOCK_LOCATION has nothing to do with GPS, but with your own mock location provider. To quote Cyril Mottier:

各位，请在发布您的应用之前从您的清单中删除 ACCESS_MOCK_LOCATION 权限.遗忘让你成为业余爱好者.

Please guys, remove the ACCESS_MOCK_LOCATION permission from your manifest prior publishing your app. Forgetting makes you an amateur.

并且普通的 SDK 应用程序无法保存 CONTROL_LOCATION_UPDATES -- 这仅适用于使用固件的签名密钥签名或安装在固件本身中的应用程序.

And normal SDK apps cannot hold CONTROL_LOCATION_UPDATES -- that is only available to apps signed with the firmware's signing key or installed in the firmware itself.

因此，一个普通的 SDK 应用程序可以删除这两个用于生产，并且可以删除 CONTROL_LOCATION_UPDATES 用于开发.如果您没有在应用中使用模拟位置提供程序，您也可以在开发中删除 ACCESS_MOCK_LOCATION.最有可能的是，您一开始就不应该将这两个权限添加到您的应用中.

Hence, a normal SDK app can remove both of those for production, and can remove CONTROL_LOCATION_UPDATES for development. If you are not using mock location providers in your app, you can remove ACCESS_MOCK_LOCATION in development too. Most likely, you should have never added those two permissions to your app in the first place.

不过，这些都与 无关.

None of this has anything to do with <uses-feature> though.

我可以在应用中使用条件逻辑来允许执行某些功能.

I can use conditionally logic within the app to allow some features to execute.

绝对的.您可以在 PackageManager 上使用 hasSystemFeature() 来查看您是否有 android.hardware.location，然后再处理 LocationManager.

Absolutely. You can use hasSystemFeature() on PackageManager to see if you have android.hardware.location, before bothering dealing with LocationManager.

但我的主要问题是 android.hardware.location 涵盖了很多功能.

But my main problem is that android.hardware.location covers SO many of the features.

动词cover"在这里对我来说没有意义，或者就它的意义而言，你的方向颠倒了. 元素可能意味着 元素，但反之则不然.

The verb "cover" makes no sense here to me, or to the extent it does, you have the direction reversed. <uses-permission> elements may imply <uses-feature> elements, but not the reverse.

如果我取消了其中三个使用权限中的两个，我所有的 A-GPS 相关调用是否仍会以完全相同的方式工作，就像我设置了所有这些个人权限一样?

if I took out two out of three of those uses-permissions, would all of my A-GPS related calls will still work the exact same way as if I had all of those individual permissions set?

见上文.

我见过 android.hardware.location.NETWORK

I have seen android.hardware.location.NETWORK

您可能已经看过android.hardware.location.network.

我见过 android.hardware.location.NETWORK

I have seen android.hardware.location.NETWORK

在 的文档中:http://developer.android.com/guide/topics/manifest/uses-feature-element.html

这篇关于AndroidManifest.xml 隐含与显式权限(使用功能与使用权限)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！