应用权限保护的对象

权限使用基本原则

  • 应用(包括应用引用的三方库)所需权限必须在应用的配置文件中严格按照权限开发指导逐个声明
  • 权限申请满足最小化原则,禁止申请非必要的、已废弃的权限
  • 应用申请敏感权限时,必须填写权限使用理由字段
  • 应用敏感权限须在对应业务功能执行前动态申请,满足隐私最小化要求
  • 用户拒绝授予某个权限后,应用与此权限无关的其他业务功能应允许正常使用

授权方式

系统授权

在应用中申请system_grant权限。被允许访问的数据不会涉及到用户或设备的敏感信息,应用被允许执行的操作对系统或者其他应用产生的影响可控

用户授权

授权示例

定位授权

  1. 在src/main/resources/module.json5中配置申请
"requestPermissions": [{
  "name": "ohos.permission.INTERNET"},
  {
  "name": "ohos.permission.LOCATION",
  //模式串需在resources/base/element/string.json中配置键值对location_reason
  //再按如下方式在"reason"中进行引用
  "reason" : "$string:location_reason",
  "usedScene": {
    "abilities": ["EntryAbility"],
    "when": "always"
  },

},
  {
    "name": "ohos.permission.APPROXIMATELY_LOCATION",
    "reason" : "$string:location_reason",
    "usedScene": {
      "abilities": ["EntryAbility"],
      "when": "always"
    }
  }
],
  1. 在模拟器设置中打开“系统”——“日期和时间”——“定位服务”——“访问我的位置”
  2. 右侧边栏中打开GPS配置GPS模拟
  3. 编写获取位置代码
import { abilityAccessCtrl, bundleManager, common } from '@kit.AbilityKit';
import { geoLocationManager } from '@kit.LocationKit';
  async getLocation(){
    const manager = abilityAccessCtrl.createAtManager()
    //上下文获取
    //1. page中getContext
    //2. Ability中this.context
    await manager.requestPermissionsFromUser(getContext(this),[
      "ohos.permission.LOCATION",
      "ohos.permission.APPROXIMATELY_LOCATION"
    ])
    const bundleInfo = bundleManager.getBundleInfoForSelfSync(bundleManager.BundleFlag.GET_BUNDLE_INFO_WITH_APPLICATION)
    const accTokenId = bundleInfo.appInfo.accessTokenId
    const state = manager.checkAccessTokenSync(accTokenId,"ohos.permission.LOCATION")
    if(state == abilityAccessCtrl.GrantStatus.PERMISSION_DENIED){
      let abilityContext = getContext(this) as common.UIAbilityContext
      abilityContext.startAbility({
        bundleName:'com.huawei.hmos.settings',
        abilityName:'com.huawei.hmos.settings.MainAbility',
        uri:'application_info_entry',
        parameters:{
          pushParams:bundleInfo.name
        }
      })
    }
    else{
      AlertDialog.show({message:"agree"})
    }
  }
  1. 获取位置信息
import { geoLocationManager } from '@kit.LocationKit';
geoLocationManager.getCurrentLocation()
            .then((val)=>{
              AlertDialog.show({ message: '${JSON.stringify(val)}' })
            })
  1. 封装工具类
    tips:alt+shift+enter
//RequestPermisssionUtils
import { abilityAccessCtrl, bundleManager, common, Permissions } from '@kit.AbilityKit'

export async function getLocation(context: Context, callback: () => void, permission: Permissions[]){
  const manager = abilityAccessCtrl.createAtManager()
  //上下文获取
  //1. page中getContext
  //2. Ability中this.context
  await manager.requestPermissionsFromUser(context,[
    "ohos.permission.LOCATION",
    "ohos.permission.APPROXIMATELY_LOCATION"
  ])
  const bundleInfo = bundleManager.getBundleInfoForSelfSync(bundleManager.BundleFlag.GET_BUNDLE_INFO_WITH_APPLICATION)
  const accTokenId = bundleInfo.appInfo.accessTokenId

  const state = manager.checkAccessTokenSync(accTokenId,permission[0])
  if(state == abilityAccessCtrl.GrantStatus.PERMISSION_DENIED){
    let abilityContext = context as common.UIAbilityContext
    abilityContext.startAbility({
      bundleName:'com.huawei.hmos.settings',
      abilityName:'com.huawei.hmos.settings.MainAbility',
      uri:'application_info_entry',
      parameters:{
        pushParams:bundleInfo.name
      }
    })
  }
  else{
    callback()
  }
}