SecurityException异常与FileProvider共享文件时grantUriPermission [英] SecurityException with grantUriPermission when sharing a file with FileProvider

问题描述

我有两个应用程序。我想用一个FileProvider分享从应用程序中的一个文件，应用程序B。应用A调用在应用程序B ContentProvider的插入方法插入一条记录。插入的数据包括开放的我们在附录二我要分享的文件从应用程序答的ContentProvider然后将尝试读取应用程序A的共享文件 因为我没有使用一个Intent共享的文件，我打电话 Context.grantUriPermission 在应用程序中的允许读取（有时写）：

I have two applications. I'm trying to share a file from application A to application B using a FileProvider. Application A calls the insert method on a ContentProvider in Application B to insert a record. The data inserted includes the Uri to the file I want to share from App A. The ContentProvider in App B would then try to read the shared file from App A. Since I'm not using an Intent to share the file, I'm calling Context.grantUriPermission in App A to allow the read (and at times write):

mContext.grantUriPermission(MyPackageName, contentUri, Intent.FLAG_GRANT_READ_URI_PERMISSION | Intent.FLAG_GRANT_WRITE_URI_PERMISSION);

但是，在执行此行给我（名称变更为保护无辜者）：

However, executing this line gives me (Names changed to protect the innocent):

java.lang.SecurityException: Uid 10066 does not have permission to uri content://au.com.example.AppA.fileprovider/MyFolder/MyFileName
at android.os.Parcel.readException(Parcel.java:1322)
at android.os.Parcel.readException(Parcel.java:1276)
at android.app.ActivityManagerProxy.grantUriPermission(ActivityManagerNative.java:2374)
at android.app.ContextImpl.grantUriPermission(ContextImpl.java:1371)
at android.content.ContextWrapper.grantUriPermission(ContextWrapper.java:400)
at etc...

应用程序中的有以下清单文件中：

App A has the following in the Manifest file:

<provider
    android:name="android.support.v4.content.FileProvider"
    android:authorities="au.com.example.AppA.fileprovider"
    android:exported="false"
    android:grantUriPermissions="true"
    android:readPermission="au.com.example.READ_CONTENT"
    android:writePermission="au.com.example.WRITE_CONTENT" >
    <meta-data
        android:name="android.support.FILE_PROVIDER_PATHS"
        android:resource="@xml/filepaths" />
</provider>

filepaths.xml有：

filepaths.xml has:

<paths>
    <files-path
        name="MyFolder"
        path="MyFolder/" />
</paths>

这两个应用程序A和应用程序B具有以下内容：

Both App A and App B have the following:

<uses-permission android:name="au.com.example.READ_CONTENT" />
<uses-permission android:name="au.com.example.WRITE_CONTENT" />

我试图定义在这两个应用程序的权限。它们都具有相同的调试签名进行签名：

I've tried defining the permissions in both apps. They are both signed with the same debug signature:

<permission
    android:name="au.com.example.READ_CONTENT"
    android:permissionGroup="MyGroup"
    android:protectionLevel="signature" >
</permission>
<permission
    android:name="au.com.example.WRITE_CONTENT"
    android:permissionGroup="MyGroup"
    android:protectionLevel="signature" >
</permission>

文件结束了在实际的路径是：

The actual path the file ends up in is:

/data/data/au.com.example.AppA/files/MyFolder

在这一点上我很为难。我不知道为什么我不能为我一样的应用程序中创建的文件授予权限。所以，我的问题是：为什么我会得到这个例外，我怎么能成功地授予权限，附录二

At this point I'm stumped. I don't know why I can't grant permission for a file I just created within the same application. So my questions are: Why am I getting this exception and how can I successfully grant permission to App B?

推荐答案

好了，一个星期，大量的试验和错误之后，似乎答案是没有指定的权限。因此，应用程序中的清单而应该包括：

Well, after a week and a lot of trial and error, it seems the answer is to not specify permissions. So the App A Manifest should instead contain:

<provider
    android:name="android.support.v4.content.FileProvider"
    android:authorities="au.com.example.AppA.fileprovider"
    android:exported="false"
    android:grantUriPermissions="true" >
    <meta-data
        android:name="android.support.FILE_PROVIDER_PATHS"
        android:resource="@xml/filepaths" />
</provider>

也就是说，我删除了读取和写入权限。我最初的理解，并没有找到文档说，否则，是这些是必要的，以限制访问。然而，我发现他们实际上干扰而引起的 Context.grantUriPermission 失败。访问已经有限。

ie, I removed the read and write permissions. My initial understanding, and failing to find documentation that said otherwise, was these were necessary to restrict access. However, I've found they actually interfere and cause Context.grantUriPermission to fail. Access is limited already.

要完成的图片，并回答了我的问题的第二部分，我发现了以下内容：

To complete the picture, and answer the second part of my question, I found the following:

<一个href="http://stackoverflow.com/questions/13187284/android-permission-denial-in-widget-remoteviewsfactory-for-content">Android拒绝的权限在控件RemoteViewsFactory的内容

我不得不添加：

final long token = Binder.clearCallingIdentity();
try {
    [retrieve file here]
} finally {
    Binder.restoreCallingIdentity(token);
}

到内容提供商在应用程序B.否则，它会得到安全的错误也是如此。

to the Content Provider in App B. Otherwise it would get security errors as well.

这篇关于SecurityException异常与FileProvider共享文件时grantUriPermission的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！