Android Permission Denial if other app in not installed first_问答_开发者

Android Permission Denial if other app in not installed first

开发者 https://www.devze.com 2023-03-04 20:53 出处：网络

I am trying to read the content from a cursor like so: cursor = context.getContentResolver().query(TASKS_URI, null, null, new String[]{\"-1\", \"true\"}, null);

I am trying to read the content from a cursor like so:

cursor = context.getContentResolver().query(TASKS_URI, null, null, new String[]{"-1", "true"}, null);

Where the TASKS_URI is:

private final static Uri TASKS_URI = Uri.parse("content://org.dayup.gtask.data/tasks");

So all i am trying to do is to get a cursor from another app.

In my manifest.xml i define my permission as:

   <uses-permission android:name="org.dayup.gtask.permission.READ_TASKS"/>

The problem is that if my app was installed before the other app (in this case gtask) i get the following error:

05-08 15:26:45.380: ERROR/ActivityThread(18564): Failed to find provider info for org.dayup.gtask.key
05-08 15:26:45.390: ERROR/AndroidRuntime(18509): FATAL EXCEPTION: Thread-12
java.lang.SecurityException: Permission Denial: reading org.dayup.gtask.GoogleTaskProvider uri content://org.dayup.gtask.data/tasks from pid=18509, uid=10114 requires org.dayup.gtask.permission.READ_TASKS
at android.os.Parcel.readException(Parcel.java:1322)
at android.database.DatabaseUtils.readExceptionFromParcel(DatabaseUtils.java:160)
at android.database.DatabaseUtils.readExceptionFromParcel(DatabaseUtils.java:114)
at android.content.ContentProviderProxy.bulkQueryInternal(ContentProviderNative.java:372)
at android.content.ContentProviderProxy.query(ContentProviderNative.java:408)
at android.content.ContentResolver.query(ContentResolver.java:264)

If i reinstall my app or my app was installed after the other apps everything works fine.开发者_高级运维 Any idea on how to reacquire these permissions on runtime ?

There is a workaround for this. The trick is to define the permissions as if they were your own.

Here is an example:

<uses-permission android:name="com.timsu.astrid.permission.READ_TASKS" />
<permission android:name="com.timsu.astrid.permission.READ_TASKS"
    android:permissionGroup="android.permission-group.PERSONAL_INFO"
    android:protectionLevel="dangerous" android:label="read astrid tasks data" />
<uses-permission android:name="android.permission.CHANGE_COMPONENT_ENABLED_STATE" />
<!-- dato gtask -->
<uses-permission android:name="org.dayup.gtask.permission.READ_TASKS" />
<permission android:name="org.dayup.gtask.permission.READ_TASKS"
    android:permissionGroup="android.permission-group.PERSONAL_INFO"
    android:protectionLevel="dangerous" android:label="read dato gtasks tasks data" />

Android's security page says

At application install time, permissions requested by the application are granted to it by the package installer, based on checks against the signatures of the applications declaring those permissions and/or interaction with the user. No checks with the user are done while an application is running: it either was granted a particular permission when installed, and can use that feature as desired, or the permission was not granted and any attempt to use the feature will fail without prompting the user. 1

so I don't think you can change run-time permissions. The only way I can see to get around this would be to have a sort of wrapper app with android.permission.INSTALL_PACKAGES set that checks for the required app and installs it before installing yours.