什么是机器人之间的区别:权限=" packagename.permissions.BROWSER_PROVIDER"和android:grantUriPermissions?
我很好奇,只是因为我想访问的URI说以下内容:
I am curious simply because the uri I am trying to access says the following:
java.lang.SecurityException: Permission Denial: reading com.foo.MyProvider uri content://com.foo/history from pid=20735, uid=10080 requires com.foo.permissions.BROWSER_PROVIDER, or grantUriPermission()
不过,该应用程序内的供应商实际上有:
However, the provider within that app actually has:
<provider android:name="com.foo.MyProvider"
android:authorities="com.foo.db.mydb"
android:permission="com.foo.permissions.BROWSER_PROVIDER">=
</provider>
这是否意味着其实我所需要的的android:grantUriPermissions = TRUE 的供应商呢?这两个声明之间的区别是什么?
Does this mean that I actually DO need the android:grantUriPermissions=true on the provider as well? What is the difference between these two declarations?
例如:
下面是我要尝试自己的应用程序中访问来自供应商:
Here is a provider which I am going to attempt to access from within my own application:
的http://dxr.mozilla.org/mozilla-central/source/mobile/android/base/AndroidManifest.xml.in#274
如果我是尝试注册一个观察者到提供商的URI(这恰好是内容://org.mozilla.firefox.db.browser/history )用下面的code:
If I were to attempt to register an observer to that provider's uri (which happens to be content://org.mozilla.firefox.db.browser/history) with the following code:
private ContentObserver mFirefoxObserver;
resolver.registerContentObserver("content://org.mozilla.firefox.db.browser/history", true, mFirefoxObserver);
然后收到该错误是:
Then the error received is:
java.lang.SecurityException: Permission Denial: reading org.mozilla.gecko.db.BrowserProvider uri content://org.mozilla.firefox.db.browser/history from pid=20735, uid=10080 requires org.mozilla.firefox.permissions.BROWSER_PROVIDER, or grantUriPermission()
但是,你会发现,权限是在供应商设置:
But, you'll notice that the permission IS set in the provider:
<provider android:name="org.mozilla.gecko.db.BrowserProvider"
android:authorities="@ANDROID_PACKAGE_NAME@.db.browser"
android:permission="@ANDROID_PACKAGE_NAME@.permissions.BROWSER_PROVIDER">
...
所以我的问题是,为什么错误说我需要一个许可或grantUriPermissions,当一个人明显存在?
So my question is, why does the error say I need that permission OR grantUriPermissions, when one is clearly there?
如果你看看这个的行,你会看到此权限的声明
If you look at this line, you'll see the declaration of this permission
<permission android:name="@ANDROID_PACKAGE_NAME@.permissions.BROWSER_PROVIDER"
android:protectionLevel="signature"/>
由于这是一个签名级别的权限,你不能持有此权限。只有应用程序使用相同的开发人员密钥作为应用程序可以签署。
Since this is a signature level permission, you cannot hold this permission. Only apps signed with the same developer key as that app can.
回到现在的供应商,这里它的全部声明:
Back to the provider now, here is it's full declaration:
<provider android:name="org.mozilla.gecko.db.BrowserProvider"
android:authorities="@ANDROID_PACKAGE_NAME@.db.browser"
android:permission="@ANDROID_PACKAGE_NAME@.permissions.BROWSER_PROVIDER">
<path-permission android:pathPrefix="/search_suggest_query"
android:readPermission="android.permission.GLOBAL_SEARCH" />
</provider>
这表示,你需要 org.mozilla.firefox.permissions.BROWSER_PROVIDER 来直接接入运营商,这正如我上面所指出的,你不能有。在供应商虽然是重要组成部分, &LT;路径许可&GT; 。什么这个元素的意思是,你可以访问 / search_suggest_query 开始的路径,如果你持有 android.permission.GLOBAL_SEARCH 许可。
Here it says that you need org.mozilla.firefox.permissions.BROWSER_PROVIDER to access the provider outright, which as I pointed out above, you cannot have. Within the provider though is the key part, <path-permission>. What this element is saying is that you can access paths beginning with /search_suggest_query if you hold the android.permission.GLOBAL_SEARCH permission.
您会得到一个安全异常,因为你试图访问 /历史,它不允许你做的。
You're getting a security exception because you are trying to access /history, which you are not allowed to do.