CN108549799B - Android permission management method and device, terminal and computer storage medium - Google Patents
Android permission management method and device, terminal and computer storage medium Download PDFInfo
- Publication number
- CN108549799B CN108549799B CN201810337547.9A CN201810337547A CN108549799B CN 108549799 B CN108549799 B CN 108549799B CN 201810337547 A CN201810337547 A CN 201810337547A CN 108549799 B CN108549799 B CN 108549799B
- Authority
- CN
- China
- Prior art keywords
- authority
- operation instruction
- information
- permission
- instruction
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Abstract
The invention discloses a management method of android permission, which comprises the following steps: receiving an operation instruction, and comparing the operation instruction with a permission related instruction set of a preset system to judge whether the operation instruction is a target permission related instruction in the permission related instruction set; if so, acquiring an application identifier of the target authority related instruction for applying the authority, and calling a preset authority frame; inputting the application identifier into a preset authority frame, determining target authority information corresponding to the application identifier, and judging whether a user triggering the operation instruction has authority corresponding to an authority request according to the target authority information; and if the user triggering the operation instruction has the corresponding authority of the authority request, executing the operation instruction. The invention also discloses a management device, a terminal and a computer storage medium for the android permission. According to the invention, the permission related code in the application is written into the preset permission frame, so that the android permission management is more convenient.
Description
Technical Field
The invention relates to the field of electronic communication, in particular to a management method, a device, a terminal and a computer storage medium of android permission.
Background
With the rapid development and wide application of the mobile internet and intelligent terminal technology, mobile applications and services are increasingly abundant, and an Android system becomes a popular intelligent terminal platform. To achieve protection of private or sensitive information, the Android system provides a permission-based access control mechanism.
When an existing developer accesses system resources by using an API (data interface) provided by an Android system, the Android system controls an application program to use the API by means of an authority granting mechanism. Taking android6.0 as an example, the safety of an android system is guaranteed, the existing android6.0 adopts a new authority management model, authorization is carried out only when the authority is needed, whether the mark of the authority in operation is targetSDKversion is judged, when the targetSDKversion is less than 23, the authority is given only during installation, the authority is not reminded during use, and when the targetSDKversion is more than or equal to 23, a new authority rule in operation is used, so that the authority of android is fixed, and the flexible management of the authority of the android cannot be carried out.
The above is only for the purpose of assisting understanding of the technical aspects of the present invention, and does not represent an admission that the above is prior art.
Disclosure of Invention
The invention mainly aims to provide a management method, a device, a terminal and a computer storage medium of android permission, and aims to realize convenient management of the android permission.
In order to achieve the above object, the present invention provides a management method for android permissions, which comprises the following steps:
receiving an operation instruction, and comparing the operation instruction with a permission related instruction set of a preset system to judge whether the operation instruction is a target permission related instruction in the permission related instruction set;
if the operation instruction is a target authority related instruction in the authority related instruction set, acquiring an application identifier of the target authority related instruction for applying authority, and calling a preset authority frame;
inputting the application identifier into a preset authority frame, determining target authority information corresponding to the application identifier, and judging whether a user triggering the operation instruction has authority corresponding to an authority request according to the target authority information;
and if the user triggering the operation instruction has the corresponding authority of the authority request, executing the operation instruction.
Optionally, the step of receiving an operation instruction, and comparing the operation instruction with a permission related instruction set of a preset system to determine whether the operation instruction is a target permission related instruction in the permission related instruction set includes:
receiving an operation instruction triggered by a user based on a terminal, and comparing the operation instruction with an authority related instruction set in a Google system;
judging whether the permission related instruction set contains an operation instruction or not;
if the authority-related instruction set contains an operation instruction, judging that the operation instruction is a target authority-related instruction in the authority-related instruction set;
and if the permission related instruction set does not contain the operation instruction, judging that the operation instruction is not the target permission related instruction in the permission related instruction set.
Optionally, the step of inputting the application identifier into a preset authority frame, determining target authority information corresponding to the application identifier, and determining whether a user triggering the operation instruction has authority corresponding to an authority request according to the target authority information further includes:
when a calling instruction of a preset authority frame is received, inputting an application identifier into a corresponding position of a preset code in the preset authority frame;
running a preset code carrying an application identifier, determining target authority information corresponding to the application identifier, and acquiring an authorized authority information set of the terminal;
judging whether the authorized authority information set contains the target authority information or not;
if the authorized authority information set contains the target authority information, judging that the user triggering the operation instruction has the authority corresponding to the authority request;
and if the authorized authority information set does not contain the target authority information, judging that the user triggering the operation instruction does not have the authority corresponding to the authority request.
Optionally, after the step of inputting the application identifier into a preset authority frame, determining target authority information corresponding to the application identifier, and determining whether the user triggering the operation instruction has authority corresponding to the authority request according to the target authority information, the method includes:
if the user triggering the operation instruction does not have the corresponding authority of the authority request, acquiring identity information contained in the operation instruction;
acquiring preset standard information, and comparing the preset standard information with the identity information;
if the preset standard information is matched with the identity information, authorization prompt information is output so that the user triggering the operation instruction grants the corresponding authority of the authority request.
Optionally, if the user triggering the operation instruction already has the right corresponding to the right request, after the step of executing the operation instruction, the method includes:
generating prompt information containing the target permission information so that a user can confirm whether to maintain the state of permission corresponding to the permission request;
judging whether to maintain the authorization state of the authority corresponding to the authority request based on a confirmation instruction of a user;
if the grant state of the authority corresponding to the authority request is maintained, the authority corresponding to the authority request is used as a permanent authority;
and if the grant state of the authority corresponding to the authority request is not maintained, taking the authority corresponding to the authority request as a temporary authority.
Optionally, if the user triggering the operation instruction already has the right corresponding to the right request, after the step of executing the operation instruction, the method includes:
when the condition that the preset authority resetting condition is met is detected, displaying authority resetting prompt information so that a user can confirm whether to reset the authority or not according to the prompt information;
receiving a confirmation instruction of authority resetting, acquiring the authorized authority information set, and deleting the authorized authority information in the authorized authority information set;
and when receiving the operation instruction, comparing the operation instruction with the permission related instruction set of the preset system to carry out permission secondary application.
Optionally, if the user triggering the operation instruction already has the right corresponding to the right request, after the step of executing the operation instruction, the method includes:
receiving a batch authorization request triggered based on an application, and acquiring an application operation instruction set in the application;
comparing each application operation instruction in the application operation instruction set with a permission related instruction set of a preset system, and acquiring an operation instruction to be authorized in each application operation instruction in the permission related instruction set;
and displaying the operation instruction to be authorized, and generating prompt information for the user to perform batch authorization.
In addition, to achieve the above object, the present invention further provides an apparatus for managing android permissions, including:
the receiving and comparing module is used for receiving an operation instruction, comparing the operation instruction with a permission related instruction set of a preset system, and judging whether the operation instruction is a target permission related instruction in the permission related instruction set;
the acquisition and calling module is used for acquiring an application identifier of the target authority related instruction for applying the authority and calling a preset authority frame if the operation instruction is the target authority related instruction in the authority related instruction set;
the input judgment module is used for inputting the application identifier into a preset authority frame, determining target authority information corresponding to the application identifier, and judging whether a user triggering the operation instruction has authority corresponding to an authority request according to the target authority information;
and the instruction execution module is used for executing the operation instruction if the user triggering the operation instruction has the corresponding authority of the authority request.
In addition, in order to achieve the above object, the present invention also provides a terminal;
the terminal includes: a memory, a processor, and a hypervisor stored on the memory and executable on the processor, wherein:
the android privilege management program realizes the steps of the android privilege management method when being executed by the processor.
In addition, to achieve the above object, the present invention also provides a computer storage medium;
the computer storage medium stores a management program of the android permission, and the management program of the android permission realizes the steps of the management method of the android permission when being executed by the processor.
According to the management method, device, terminal and computer storage medium for the android permission, provided by the embodiment of the invention, the terminal receives an operation instruction, compares the operation instruction with a permission related instruction set of a preset system to judge whether the operation instruction is a target permission related instruction in the permission related instruction set; if so, acquiring an application identifier of the target authority related instruction for applying the authority, and calling a preset authority frame; inputting the application identifier into a preset authority frame, determining target authority information corresponding to the application identifier, and judging whether a user triggering the operation instruction has authority corresponding to an authority request according to the target authority information; and if the user triggering the operation instruction has the corresponding authority of the authority request, executing the operation instruction. The terminal all carries out the judgement of authority when user's triggering operation at every turn, prevents that the terminal information potential safety hazard that the authority that can't revoke awards leads to, and android authority management is more convenient, writes into the relevant code of authority in using simultaneously and presets the authority frame for the well code of using is simplified more, and the code readability and the expansibility of using are stronger.
Drawings
FIG. 1 is a schematic diagram of an apparatus in a hardware operating environment according to an embodiment of the present invention;
FIG. 2 is a flowchart illustrating a first embodiment of a method for managing android permissions according to the present invention;
FIG. 3 is a detailed flowchart of step S11 of the management method for android permissions in FIG. 2;
FIG. 4 is a detailed flowchart of step S13 of the management method for android permissions in FIG. 2;
FIG. 5 is a flowchart illustrating a second embodiment of a method for managing android permissions according to the present invention;
FIG. 6 is a flowchart illustrating a third embodiment of a method for managing android permissions according to the present invention;
FIG. 7 is a flowchart illustrating a fourth embodiment of a method for managing android permissions according to the present invention;
fig. 8 is a schematic functional module diagram of an embodiment of an apparatus for managing android permissions according to the present invention.
The implementation, functional features and advantages of the objects of the present invention will be further explained with reference to the accompanying drawings.
Detailed Description
It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
Because there are two rights management methods commonly used in the prior art, one method is as follows: setting the authority as a default use authority, namely, a default user grants the corresponding authority of the Android application, the default authorization cannot revoke the granted authority or perform any limitation on the corresponding authority, namely, after the user grants the authorization or rejects the authorization, the terminal cannot adjust an operation instruction corresponding to the user granting the authorization or rejecting the authorization, and an authorization range is set, for example, an enabling instruction of the camera in the wechat scanning, once the user grants the enabling instruction of the wechat camera, the terminal takes the wechat starting camera as the default authorization and automatically performs two-dimensional code scanning of the camera in the later period; another method is to re-determine the authority, that is, add an authority request instruction at a code position corresponding to the operation instruction, check whether the authority is owned at the place where the authority is used, apply for the authority if the authority is not used, and then perform logic processing after processing an authorization callback, that is, granting authorization or rejecting authorization, if the service scenario is complicated, the application authority and the processing callback are at different places, and code response confusion may occur. The code in the existing mode has poor expandability and readability and is inconvenient to maintain; for example, the start instruction of the camera in the WeChat "scan" is that a user permission application request is made each time the start instruction of the camera triggered by the user based on the WeChat "scan" is detected, so that the code information of permission application is required to be set in the code for multiple times; the two permission determination schemes cannot well solve the problem of android permission grant when the android permission grant is solved, the permission management method in the first method cannot finely manage the permissions, and the terminal has potential safety hazards; in the second method, the right management method needs to set a right related code behind the operation instruction code, which results in complex applied codes.
The main solution of the embodiment of the invention is as follows: setting a preset authority frame on an application, wherein the preset authority frame comprises authority related codes in a preset format, and when an operation instruction relates to an authority request, calling the preset authority frame to confirm the authority request, for example, a start instruction about a camera in WeChat 'scanning', and a start instruction of the camera relates to the authority request, calling the preset authority frame, and using the codes in the preset authority frame to determine whether a terminal has an operation authority for starting the camera (whether a user grants the operation authority for starting the camera), and if the terminal has the operation authority for starting the camera, starting the camera to scan; and if the terminal does not have the operation authority for starting the camera, displaying prompt information to prompt a user to grant the operation authority for starting the camera.
The invention provides a solution, which is characterized in that the operation authority in the android system is processed by utilizing the code in the preset authority frame, so that the authority management under the android system is more efficient, meanwhile, the safety of the authority of the android system is improved, the expandability and readability of the code are improved, and the code is convenient to maintain.
As shown in fig. 1, fig. 1 is a schematic structural diagram of a terminal in a hardware operating environment according to an embodiment of the present invention (the terminal in the present invention may also be called an android privilege management device, and an android privilege management apparatus may be a component of the terminal, or may independently form the terminal).
The terminal of the embodiment of the invention can be a fixed terminal or a mobile terminal, wherein the fixed terminal is an Internet of things device, an intelligent air conditioner with a networking function, an intelligent lamp, an intelligent power supply and the like; and the mobile terminal is a terminal device with a display function, such as an AR/VR device with a networking function, a smart sound box, an automatic driving automobile, a PC, a smart phone, a tablet computer, an electronic book reader, a portable computer and the like.
As shown in fig. 1, the terminal may include: a processor 1001, such as a CPU (e.g., a Central Processing Unit), a network interface 1004, a user interface 1003, a memory 1005, and a communication bus 1002. Wherein a communication bus 1002 is used to enable connective communication between these components. The user interface 1003 may include a Display screen (Display), an input unit such as a Keyboard (Keyboard), and the optional user interface 1003 may also include a standard wired interface, a wireless interface. The network interface 1004 may optionally include a standard wired interface, a WIreless interface (e.g., a WIFI interface, WIreless-FIdelity). The memory 1005 may be a Random Access Memory (RAM) memory or a non-volatile memory (e.g., a disk memory). The memory 1005 may alternatively be a storage device separate from the processor 1001.
Those skilled in the art will appreciate that the terminal structure shown in fig. 1 is not intended to be limiting and may include more or fewer components than those shown, or some components may be combined, or a different arrangement of components. In the terminal shown in fig. 1, the network interface 1004 is mainly used for connecting to a backend server and performing data communication with the backend server; the user interface 1003 is mainly used for connecting a client (user side) and performing data communication with the client; the processor 1001 may be configured to invoke a management application program of the android privilege stored in the memory 1005, and execute the steps in the management method of the android privilege provided in the following embodiment of the present invention.
Referring to fig. 2, in a first embodiment of the management method of the android permission of the present invention, the management method of the android permission includes:
receiving an operation instruction, and comparing the operation instruction with a permission related instruction set of a preset system to judge whether the operation instruction is a target permission related instruction in the permission related instruction set;
if the operation instruction is a target authority related instruction in the authority related instruction set, acquiring an application identifier of the target authority related instruction for applying authority, and calling a preset authority frame;
inputting the application identifier into a preset authority frame, determining target authority information corresponding to the application identifier, and judging whether a user triggering the operation instruction has authority corresponding to an authority request according to the target authority information;
and if the user triggering the operation instruction has the corresponding authority of the authority request, executing the operation instruction.
Before this embodiment, a preset authority frame is required to be set in a terminal or an application, where the preset authority frame refers to a formatting code for authority application, authority query, and/or authority reset, and the terminal uses the preset authority frame to implement application processing, authority query, authority reset of an authority during software operation, and provides a callback method for successful authorization and a callback method for unsuccessful authorization, and the code in the preset authority frame can be used as a custom code and also provides a code with a uniform format, and when the terminal calls the preset authority frame, adding the specific parameters to the corresponding position of the code in the preset authority frame, performing authority processing, for example, when the terminal does not have the right of the operation instruction, a code in the preset right frame renders a prompt box to remind the user that the user needs to open the corresponding right to normally perform subsequent operations.
Step S11, receiving an operation instruction, and comparing the operation instruction with a permission related instruction set of a preset system to determine whether the operation instruction is a target permission related instruction in the permission related instruction set.
The method comprises the steps that a terminal receives an operation instruction, wherein a user can trigger the operation instruction on system software or trigger the operation instruction on application software, the trigger operation instruction can be triggered manually or by voice, and the like, the terminal compares the operation instruction triggered by the user with an authority related instruction set of a preset system (the preset system is a Google system, namely, the existing Android system is an open source code operation system and is mainly used for mobile equipment such as smart phones and tablet computers, Google issues source codes in a source license opening authorization mode, and the authority control authority in the Android system is controlled by the Google system), wherein the authority related instruction set is a preset instruction set in the Google system, all instructions required to apply for authorities are contained in the authority related instruction set, and if the operation instruction is a target authority related instruction in the authority related instruction set, determining that the operation instruction relates to a permission request; and if the operation instruction is not the target authority related instruction in the authority related instruction set, judging that the operation instruction does not relate to the authority request.
It should be added that some operation instructions do not relate to a permission request, and the operation instructions relating to permission request permission refer to operation instructions requiring user authorization, where what requires user authorization includes authorized and unauthorized, and authorized includes: the authorization in the invention refers to that after the user is authorized, the terminal judges that the user triggering the operation instruction has the corresponding authority of the authority request, and the terminal executes the operation instruction.
Specifically, referring to fig. 3, step S11 includes:
and step S111, receiving an operation instruction triggered by a user based on the terminal, and comparing the operation instruction with an authority related instruction set in the Google system.
The terminal receives an operation instruction triggered by a user, for example, the user clicks navigation on a terminal height map to trigger an operation instruction determined by the user position, the terminal receives the instruction determined by the user position, and the operation instruction determined by the user position is compared with an authority related instruction set in the google system.
Step S112, determine whether the permission-related instruction set includes an operation instruction.
The terminal judges whether the permission related instruction set contains an operation instruction, namely, the terminal compares the operation instruction of the user in the Google system in an open source mode to determine whether the permission related instruction set of the Google system contains the operation instruction triggered by the user.
Step S113, if the permission-related instruction set includes an operation instruction, determining that the operation instruction is a target permission-related instruction in the permission-related instruction set.
If the permission related instruction set contains the operation instruction, the terminal judges that the operation instruction is the target permission related instruction in the permission related instruction set, and the operation instruction relates to the permission request. That is, the operation instruction triggered by the user needs to be processed by applying the authority in the application running process. And if the permission related instruction set does not contain the operation instruction, judging that the operation instruction is not the target permission related instruction in the permission related instruction set.
Step S12, if the operation instruction is a target authority related instruction in the authority related instruction set, obtaining an application identifier for applying for an authority of the target authority related instruction, and calling a preset authority frame.
And if the operation instruction is a target authority related instruction in the authority related instruction set, the terminal acquires request information of the authority request, wherein the request information refers to information such as authority types, application identifications, authority ranges and the like corresponding to the operation instruction, and when the terminal acquires the authority request information, the terminal executes a set calling code and jumps to a code corresponding to a preset authority frame when the calling code runs so as to run the code in the preset authority frame.
Step S13, inputting the application identification into a preset authority frame, determining the target authority information corresponding to the application identification, and judging whether the user triggering the operation instruction has the authority corresponding to the authority request according to the target authority information.
The terminal inputs the request information into a preset authority frame, namely, the terminal establishes an association relation between the request information and a filling position corresponding to a code in the preset authority frame, the terminal inputs the request information to a position corresponding to the code in the preset authority frame according to the association relation, the terminal executes the preset code in the preset authority frame, determines the corresponding authority of the authority request through code running (the authority corresponding to the authority request is also called the authority corresponding to an operation instruction), meanwhile, the terminal feeds back the running information in real time in the code executing process, receives feedback information and judges whether a user triggering the operation instruction has the authority corresponding authority of the authority request according to the feedback information, for example, the code comprises a terminal authority inquiry instruction, the terminal obtains an authorized authority information set of the user in the terminal according to the inquiry instruction, and the terminal compares the authority corresponding to the authority request with the authority in the authorized authority information set, if the authorized authority information set contains the target authority information, judging that the user triggering the operation instruction has the authority corresponding to the authority request; and if the authorized authority information set does not contain the target authority information, judging that the user triggering the operation instruction does not have the authority corresponding to the authority request.
Specifically, referring to fig. 4, step S13 includes:
step S131, when receiving the calling instruction of the preset authority frame, inputting the application identifier into the corresponding position of the preset code in the preset authority frame.
When the terminal receives a call instruction of the preset authority frame, the terminal inputs request information into a corresponding position of a preset code in the preset authority frame, namely, the preset authority frame only contains a formatting code, detailed information of each operation instruction is not added in the middle, and the terminal inputs the request information into the corresponding position of the preset code in the preset authority frame, so that the preset code in the preset authority frame is associated with the operation instruction when running.
Step S132, running a preset code carrying the application identifier, determining the target authority information corresponding to the application identifier, and acquiring the authorized authority information set of the terminal.
When the terminal confirms that the input of the request information is finished, the terminal runs a preset code carrying the request information, determines the corresponding authority of the authority request according to a code running result, and after the corresponding authority of the authority request is determined, triggers an inquiry request of the authority which the terminal already has, namely, determines which authority of the authorized authority information set exists, for example, when the terminal receives the inquiry request, the terminal inquires the authorized authority information set.
Step S133, determining whether the authorized authority information set includes the target authority information.
And the terminal compares the authorized authority information set with the authority corresponding to the authority request, so that the terminal determines whether the user has been granted the authority corresponding to the authority request in the earlier stage.
Step S134, if the authorized permission information set includes the target permission information, it is determined that the user triggering the operation instruction has permission corresponding to the permission request.
If the authorized authority information set contains the target authority information, namely, the user has granted the authority corresponding to the authority request in the earlier period, and the user triggering the operation instruction is judged to have the authority corresponding to the authority request.
Step S135, if the authorized permission information set does not include the target permission information, determining that the user triggering the operation instruction does not have the permission corresponding to the permission request.
If the authorized authority information set does not contain the target authority information, namely, the user does not grant the authority corresponding to the authority request in the earlier period, and the user triggering the operation instruction is judged not to have the authority corresponding to the authority request.
Step S14, if the user triggering the operation instruction already has the corresponding authority of the authority request, the operation instruction is executed.
And when the user triggering the operation instruction is determined to have the corresponding authority of the authority request, the terminal executes the operation instruction triggered by the user.
The terminal can all carry out the judgement of authority in this embodiment when the user triggers operating command at every turn, prevents that the terminal information potential safety hazard that the authority that can't revoke awards leads to, and android authority management is more convenient, writes into the relevant code of authority in using simultaneously and presets the authority frame for the well code of using is simplified more, and the code readability and the expansibility of using are stronger.
Further, step S14 may be followed by:
step a, generating prompt information containing the target permission information so that a user can confirm whether to maintain the state of permission corresponding to the permission request;
b, judging whether to maintain the authorization state of the authority corresponding to the authority request based on the confirmation instruction of the user;
step c, if the granting state of the corresponding authority of the authority request is maintained, the corresponding authority of the authority request is used as a permanent authority;
and d, if the granting state of the authority corresponding to the authority request is not maintained, taking the authority corresponding to the authority request as a temporary authority.
Specifically, after determining that the user triggering the operation instruction has the corresponding authority of the authority request, the terminal acquires target authority information of the corresponding authority of the authority request and generates prompt information containing the target authority information, so that the user can confirm whether to maintain the state of the corresponding authority of the authority request and confirm whether to maintain the state of the corresponding authority of the authority request; namely, the terminal displays a prompt message to prompt the user whether to maintain the authorization state of the authority corresponding to the authority request, and if the user selects to maintain the authorization state of the authority corresponding to the authority request, the terminal determines the authority to be the long-term authority or the permanent authorization; and if the user chooses not to maintain the grant state of the authority corresponding to the authority request, the terminal takes the authority corresponding to the authority request as a temporary authority.
In this embodiment, after determining that the terminal has the permission corresponding to the permission request, the terminal further sets a user option, and the user can select to set a temporary permission, which can both meet the operation requirement of the user and ensure the security of the terminal, and the user can select to set a permanent permission, which can reduce the operation of the user, and in this embodiment, the security and the convenience are both important.
Further, referring to fig. 5, a second embodiment of the method for managing android permissions is proposed on the basis of the first embodiment of the present invention, and this embodiment is after step S13 in the first embodiment, that is, step S13 and the previous steps in the first embodiment are omitted in fig. 5.
The difference between this embodiment and the first embodiment of the present invention is that, in this embodiment, an operation step in which the terminal does not have a right corresponding to the right request is specifically described, and the method for managing the android right includes:
step S21, if the user triggering the operation instruction does not have the corresponding authority of the authority request, acquiring the identity information included in the operation instruction.
If the user triggering the operation instruction does not have the corresponding authority of the authority request, that is, the user does not grant the corresponding authority of the authority request in the terminal, the terminal acquires the identity information carried by the user when the user triggers the operation instruction, for example, when the user manually clicks the trigger operation instruction, the terminal acquires the fingerprint information of the user, and uses the fingerprint information of the user as the identity information, and associates the identity information of the user with the operation instruction.
Step S22, obtaining preset standard information, and comparing the preset standard information with the identity information.
The terminal acquires preset standard information, wherein the preset standard information refers to standard identity information stored by a user, and the preset standard information comprises the following steps: the terminal compares the preset standard information with the identity information, namely, the terminal compares the preset standard information with the identity information to judge whether the current user is the owner of the terminal.
And step S23, if the preset standard information is matched with the identity information, outputting authorization prompt information to enable the user triggering the operation instruction to grant the corresponding authority of the authority request.
If the preset standard information is matched with the identity information, wherein the matching of the preset standard information and the identity information can mean that the fingerprint of the user is the same as the preset fingerprint, or the voice of the user is the same as the preset voice through voice analysis, and the terminal judges that the current user is the owner of the terminal when the preset standard information is matched with the identity information, determines that the user corresponding to the identity information has the qualification of applying the authority, and outputs prompt information of the authority to trigger the user of the operation instruction to grant the authority to request the corresponding authority; if the preset standard information is not matched with the identity information, the current user is judged to be not the owner of the terminal but the temporary holder of the terminal, the terminal obtains the qualification that the user corresponding to the identity information does not have the application authority, and the temporary holder of the current terminal cannot perform terminal operation authorization.
In this embodiment, when it is determined that the terminal does not have the right corresponding to the right request, the terminal acquires identity information included in the operation instruction; the terminal compares the acquired identity information with the pre-stored standard information to determine whether the current user is the owner of the terminal, and determines whether the user can authorize the operation instruction according to the identity verification result, so that the security of the terminal information is improved.
Further, referring to fig. 6, a third embodiment of the management method of android permissions according to the present invention is proposed on the basis of the first embodiment of the present invention, and this embodiment may be performed before any step in the first embodiment, and this embodiment may also be combined with other embodiments.
The difference between this embodiment and the first embodiment of the present invention is that the embodiment specifically describes an operation step of resetting a terminal permission, and the android permission management method includes:
and step S31, when the preset authority resetting condition is detected to be met, displaying the authority resetting prompt information for the user to confirm whether to reset the authority according to the prompt information.
When the terminal detects that the preset authority resetting condition is met, wherein the authority resetting condition can be manually set by a user or automatically set by a system, for example, one-time authority resetting is preset for three months, and when the terminal detects that the time of three months is up, the authority resetting condition is met; or if the authority authorization amount of the preset application exceeds 80%, performing terminal authorization, if the authority authorization amount of the terminal application exceeds 80%, meeting the authority resetting condition, and displaying the authority resetting prompt information so that the user can select whether to perform the authority resetting according to the prompt information.
And step S32, receiving a confirmation instruction of authority resetting, acquiring the authorized authority information set, and deleting the authorized authority information in the authorized authority information set.
And the terminal receives a confirmation instruction of permission resetting, namely, the user agrees to carry out terminal re-authorization, acquires the authorized permission information set, namely, acquires all the authorized operation permissions of the terminal, deletes the authorized permission information in the authorized permission information set, and re-authorization is needed when the user operates.
And step S33, when receiving the operation instruction, comparing the operation instruction with the permission related instruction set of the preset system to perform the step of permission secondary application.
When the terminal receives the operation instruction, the step of comparing the operation instruction with the permission related instruction set of the preset system is executed to carry out permission secondary application, namely, after the terminal resets the terminal permission, when the terminal receives the operation instruction of the user, the step in the first embodiment of the invention is carried out.
The terminal sets up the trigger condition that the authority resets in this embodiment, and the user can reset the authority in the terminal, and the security of terminal authority can be guaranteed in the authority reset, realizes that the management of terminal android authority is more convenient.
Further, referring to fig. 7, a fourth embodiment of the management method of android permissions according to the present invention is provided on the basis of the first embodiment of the present invention, and this embodiment may be performed before any step in the first embodiment, and this embodiment may also be combined with other embodiments.
The difference between this embodiment and the first embodiment of the present invention is that the embodiment specifically describes a batch authorization operation, and the android permission management method includes:
and step S41, receiving a batch authorization request triggered by the application, and acquiring an application operation instruction set in the application.
The user can carry out batch authorization on the appointed application, repeated authorization operation of the user is avoided, the user can trigger a batch authorization request on the application, the triggering mode of the authorization request is not limited, the terminal receives the batch authorization request triggered based on the application, and all operation instructions contained in the application are obtained to form an application operation instruction set.
Step S42, comparing each application operation instruction in the application operation instruction set with an authority related instruction set of a preset system, and obtaining that each application operation instruction is an operation instruction to be authorized in the authority related instruction set.
The terminal compares each application operation instruction in the application operation instruction set with the permission related instruction set of the preset system, namely, the application comprises the operation instruction, the terminal compares the operation instruction in the application with the instruction in the permission related instruction set of the preset system (Google system), if the operation instruction in the application is the same as the permission related instruction, the operation instruction in the application relates to the permission, and the terminal acquires the operation instruction to be authorized, which relates to the permission request, in all the operation instructions.
And step S43, displaying the operation instruction to be authorized, and generating prompt information for the user to perform batch authorization.
And the terminal displays the operation instruction to be authorized and generates prompt information, and the user determines whether to perform batch authorization according to the generated prompt information.
In this embodiment, the terminal screens the operation instructions related to the permission of the application instruction, and batch authorization of the application android permission can be performed, so that the operation of the user is more convenient and faster, and the repeated authorization of the user is prevented.
In addition, referring to fig. 8, an embodiment of the present invention further provides a device for managing an android permission, where the device for managing an android permission includes:
the receiving and comparing module 10 is configured to receive an operation instruction, compare the operation instruction with a permission related instruction set of a preset system, and determine whether the operation instruction is a target permission related instruction in the permission related instruction set;
the obtaining and calling module 30 is configured to obtain an application identifier of the target permission related instruction for applying the permission and call a preset permission frame if the operation instruction is the target permission related instruction in the permission related instruction set;
an input judgment module 30, configured to input the application identifier into a preset authority framework, determine target authority information corresponding to the application identifier, and judge, according to the target authority information, whether a user triggering the operation instruction already has an authority corresponding to an authority request;
and the instruction executing module 40 is configured to execute the operation instruction if the user triggering the operation instruction already has the authority corresponding to the authority request.
Optionally, the receiving and comparing module 10 includes:
the receiving and comparing unit is used for receiving an operation instruction triggered by a user based on a terminal and comparing the operation instruction with a permission related instruction set in the Google system;
the judging unit is used for judging whether the permission related instruction set contains an operation instruction or not;
the first judging unit is used for judging that the operation instruction is a target authority related instruction in the authority related instruction set if the authority related instruction set comprises the operation instruction;
and the second judging unit is used for judging that the operation instruction is not the target authority related instruction in the authority related instruction set if the authority related instruction set does not contain the operation instruction.
Further, the input judgment module 30 further includes:
the calling input unit is used for inputting the application identifier into the corresponding position of the preset code in the preset authority frame when receiving a calling instruction of the preset authority frame;
the operation determining unit is used for operating a preset code carrying the application identifier, determining target authority information corresponding to the application identifier and acquiring an authorized authority information set of the terminal;
the judging unit is used for judging whether the authorized authority information set contains the target authority information or not;
the first judgment unit is used for judging that the user triggering the operation instruction has the corresponding authority of the authority request if the authorized authority information set contains the target authority information;
and the second judging unit is used for judging that the user triggering the operation instruction does not have the corresponding authority of the authority request if the authorized authority information set does not contain the target authority information.
Optionally, the apparatus for managing android permissions includes:
the information acquisition module is used for acquiring the identity information contained in the operation instruction if the user triggering the operation instruction does not have the corresponding authority of the authority request;
the acquisition and comparison module is used for acquiring preset standard information and comparing the preset standard information with the identity information;
and the matching prompt module is used for outputting authorization prompt information if the preset standard information is matched with the identity information so as to enable the user triggering the operation instruction to grant the corresponding authority of the authority request.
Optionally, the apparatus for managing android permissions includes:
the right maintaining prompt module is used for generating prompt information containing the target right information so that a user can confirm whether the state of the right corresponding to the right request is maintained or not;
the instruction judging module is used for judging whether to maintain the granting state of the authority corresponding to the authority request based on the confirmation instruction of the user;
the permission maintaining module is used for taking the permission corresponding to the permission request as a permanent permission if the granting state of the permission corresponding to the permission request is maintained;
and the permission canceling module is used for taking the permission corresponding to the permission request as a temporary permission if the granting state of the permission corresponding to the permission request is not maintained.
Optionally, the apparatus for managing android permissions includes:
the authority resetting module is used for displaying authority resetting prompt information when the preset authority resetting condition is detected to be met, so that a user can confirm whether to reset the authority according to the prompt information;
the confirmation deleting module is used for receiving a confirmation instruction of authority resetting, acquiring the authorized authority information set and deleting the authorized authority information in the authorized authority information set;
and the secondary application module is used for comparing the operation instruction with the permission related instruction set of the preset system when receiving the operation instruction so as to carry out the step of permission secondary application.
Optionally, the apparatus for managing android permissions further includes:
the batch authorization module is used for receiving a batch authorization request triggered based on an application and acquiring an application operation instruction set in the application;
the comparison acquisition module is used for comparing each application operation instruction in the application operation instruction set with a permission related instruction set of a preset system and acquiring an operation instruction to be authorized in each application operation instruction in the permission related instruction set;
and the display authorization module is used for displaying the operation instruction to be authorized and generating prompt information so as to allow the user to carry out batch authorization.
The steps implemented by each functional module of the management apparatus for android permissions may refer to each embodiment of the management method for android permissions of the present invention, and are not described herein again.
In addition, the embodiment of the invention also provides a computer storage medium.
The computer storage medium stores a management program of the android permission, and when the management program of the android permission is executed by the processor, the operation in the management method of the android permission provided by the embodiment is realized.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity/action/object from another entity/action/object without necessarily requiring or implying any actual such relationship or order between such entities/actions/objects; the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or system. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or system that comprises the element.
The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium (e.g., ROM/RAM, magnetic disk, optical disk) as described above and includes instructions for enabling a terminal device (e.g., a mobile phone, a computer, a server, an air conditioner, or a network device) to execute the method according to the embodiments of the present invention.
The above description is only a preferred embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes, which are made by using the contents of the present specification and the accompanying drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.
Claims (10)
1. A management method of android permissions is characterized by comprising the following steps:
receiving an operation instruction, and comparing the operation instruction with a permission related instruction set of a preset system to judge whether the operation instruction is a target permission related instruction in the permission related instruction set;
if the operation instruction is a target authority related instruction in the authority related instruction set, acquiring an application identifier of the target authority related instruction for applying authority, and calling a preset authority frame;
inputting the application identifier into a preset authority frame, determining target authority information corresponding to the application identifier, and judging whether a user triggering the operation instruction has authority corresponding to an authority request according to the target authority information;
if the user triggering the operation instruction has the corresponding authority of the authority request, executing the operation instruction;
if the user triggering the operation instruction already has the corresponding authority of the authority request, after the step of executing the operation instruction, the method further comprises the following steps:
generating prompt information containing the target authority information so that a user can feed back authority setting information based on the target authority information, wherein the authority setting information comprises temporary authority and permanent authority;
and modifying the state of the authority corresponding to the authority request according to the authority setting information.
2. The android privilege management method of claim 1, wherein the step of receiving the operation instruction, comparing the operation instruction with a privilege relevant instruction set of a preset system to determine whether the operation instruction is a target privilege relevant instruction in the privilege relevant instruction set comprises:
receiving an operation instruction triggered by a user based on a terminal, and comparing the operation instruction with an authority related instruction set in a Google system;
judging whether the permission related instruction set contains the operation instruction or not;
if the permission related instruction set contains the operation instruction, judging that the operation instruction is a target permission related instruction in the permission related instruction set;
and if the permission related instruction set does not contain the operation instruction, judging that the operation instruction is not the target permission related instruction in the permission related instruction set.
3. The android privilege management method of claim 1, wherein the step of inputting the application identifier into a preset privilege frame, determining target privilege information corresponding to the application identifier, and determining whether a user triggering the operation instruction has a privilege requesting a corresponding privilege according to the target privilege information further comprises:
when a calling instruction of a preset authority frame is received, the application identification is input to the corresponding position of a preset code in the preset authority frame;
running a preset code carrying the application identifier, determining target authority information corresponding to the application identifier, and acquiring an authorized authority information set of the terminal;
judging whether the authorized authority information set contains the target authority information or not;
if the authorized authority information set contains the target authority information, judging that the user triggering the operation instruction has the authority corresponding to the authority request;
and if the authorized authority information set does not contain the target authority information, judging that the user triggering the operation instruction does not have the authority corresponding to the authority request.
4. The android privilege management method of claim 1, wherein after the step of inputting the application identifier into a preset privilege frame, determining target privilege information corresponding to the application identifier, and determining whether a user triggering the operation instruction has a privilege requesting a corresponding privilege according to the target privilege information, the method comprises:
if the user triggering the operation instruction does not have the corresponding authority of the authority request, acquiring identity information contained in the operation instruction;
acquiring preset standard information, and comparing the preset standard information with the identity information;
if the preset standard information is matched with the identity information, authorization prompt information is output so that the user triggering the operation instruction grants the corresponding authority of the authority request.
5. The method for managing android permissions according to claim 1, wherein after the step of executing the operation instruction if the user triggering the operation instruction already has the permission to request the corresponding permission, the method comprises:
generating prompt information containing the target permission information so that a user can confirm whether to maintain the state of permission corresponding to the permission request;
judging whether to maintain the authorization state of the authority corresponding to the authority request based on a confirmation instruction of a user;
if the grant state of the authority corresponding to the authority request is maintained, the authority corresponding to the authority request is used as a permanent authority;
and if the grant state of the authority corresponding to the authority request is not maintained, taking the authority corresponding to the authority request as a temporary authority.
6. The method for managing android permissions of claim 3, wherein after the step of executing the operation instruction if the user triggering the operation instruction already has the permission to request the corresponding permission, the method comprises:
when the condition that the preset authority resetting condition is met is detected, displaying authority resetting prompt information so that a user can confirm whether to reset the authority or not according to the prompt information;
receiving a confirmation instruction of authority resetting, acquiring the authorized authority information set, and deleting the authorized authority information in the authorized authority information set;
and when receiving the operation instruction, comparing the operation instruction with the permission related instruction set of the preset system to carry out permission secondary application.
7. The method for managing android permissions according to claim 1, wherein after the step of executing the operation instruction if the user triggering the operation instruction already has the permission to request the corresponding permission, the method further comprises:
receiving a batch authorization request triggered based on an application, and acquiring an application operation instruction set in the application;
comparing each application operation instruction in the application operation instruction set with a permission related instruction set of a preset system, and acquiring an operation instruction to be authorized in each application operation instruction in the permission related instruction set;
and displaying the operation instruction to be authorized, and generating prompt information for the user to perform batch authorization.
8. An apparatus for managing android permissions, the apparatus comprising:
the receiving and comparing module is used for receiving an operation instruction, comparing the operation instruction with a permission related instruction set of a preset system, and judging whether the operation instruction is a target permission related instruction in the permission related instruction set;
the acquisition and calling module is used for acquiring an application identifier of the target authority related instruction for applying the authority and calling a preset authority frame if the operation instruction is the target authority related instruction in the authority related instruction set;
the input judgment module is used for inputting the application identifier into a preset authority frame, determining target authority information corresponding to the application identifier, and judging whether a user triggering the operation instruction has authority corresponding to an authority request according to the target authority information;
the instruction execution module is used for executing the operation instruction if the user triggering the operation instruction has the corresponding authority of the authority request;
the instruction execution module is further used for generating prompt information containing the target authority information so that a user can feed back authority setting information based on the target authority information, and the authority setting information comprises temporary authority and permanent authority;
and modifying the state of the authority corresponding to the authority request according to the authority setting information.
9. A terminal, characterized in that the terminal comprises: a memory, a processor, and a hypervisor stored on the memory and executable on the processor, wherein: the android rights management program, when executed by the processor, implementing the steps of the android rights management method of any of claims 1 to 7.
10. A computer storage medium, characterized in that the computer storage medium has stored thereon a hypervisor of android permissions, which when executed by a processor implements the steps of the method of management of android permissions of any of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810337547.9A CN108549799B (en) | 2018-04-13 | 2018-04-13 | Android permission management method and device, terminal and computer storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810337547.9A CN108549799B (en) | 2018-04-13 | 2018-04-13 | Android permission management method and device, terminal and computer storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108549799A CN108549799A (en) | 2018-09-18 |
| CN108549799B true CN108549799B (en) | 2022-02-01 |
Family
ID=63514961
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810337547.9A Active CN108549799B (en) | 2018-04-13 | 2018-04-13 | Android permission management method and device, terminal and computer storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108549799B (en) |
Families Citing this family (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109344634B (en) * | 2018-09-28 | 2021-04-13 | 东软集团股份有限公司 | Permission granting method and device for application, terminal and computer readable storage medium |
| CN109711141A (en) * | 2018-11-05 | 2019-05-03 | 中兴通讯股份有限公司 | The processing method and processing device of the call request of sensitive permission module in terminal |
| CN109920191B (en) * | 2019-01-16 | 2023-02-03 | 深圳壹账通智能科技有限公司 | Fire alarm method, fire alarm device, computer equipment and storage medium |
| CN110727936B (en) * | 2019-08-26 | 2022-10-21 | 上海商米科技集团股份有限公司 | Method and device for authorizing application |
| CN111460428B (en) * | 2020-03-20 | 2022-11-18 | 浪潮通用软件有限公司 | Authority management method and device of android system and readable medium |
| CN112118611B (en) * | 2020-09-22 | 2022-09-16 | 上海连尚网络科技有限公司 | Method and device for connecting wireless hotspot |
| CN112199255A (en) * | 2020-10-15 | 2021-01-08 | Oppo广东移动通信有限公司 | Authority use monitoring method, device, equipment and storage medium |
| CN113296657B (en) * | 2021-06-30 | 2022-03-18 | 中国平安人寿保险股份有限公司 | Dangerous authority management method, device, equipment and storage medium of android system |
| CN113835737A (en) * | 2021-08-24 | 2021-12-24 | 交控科技股份有限公司 | Method and system for adding authority to front-end project |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104346566A (en) * | 2013-07-31 | 2015-02-11 | 腾讯科技(深圳)有限公司 | Method, device, terminal, server and system for detecting privacy authority risks |
| CN104506630A (en) * | 2014-12-25 | 2015-04-08 | 深圳市华宝电子科技有限公司 | Method, server and system for generating authority data on basis of user roles |
| CN106790315A (en) * | 2017-04-01 | 2017-05-31 | 深圳天珑无线科技有限公司 | A kind of right management method and device |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060140144A1 (en) * | 2004-12-27 | 2006-06-29 | Motorola, Inc. | Method and system for providing an open gateway initiative bundle over the air |
-
2018
- 2018-04-13 CN CN201810337547.9A patent/CN108549799B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104346566A (en) * | 2013-07-31 | 2015-02-11 | 腾讯科技(深圳)有限公司 | Method, device, terminal, server and system for detecting privacy authority risks |
| CN104506630A (en) * | 2014-12-25 | 2015-04-08 | 深圳市华宝电子科技有限公司 | Method, server and system for generating authority data on basis of user roles |
| CN106790315A (en) * | 2017-04-01 | 2017-05-31 | 深圳天珑无线科技有限公司 | A kind of right management method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108549799A (en) | 2018-09-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108549799B (en) | Android permission management method and device, terminal and computer storage medium | |
| CN110519115B (en) | Gateway interface test method, terminal device, storage medium and device | |
| US20160352723A1 (en) | Method, and apparatus for authenticating access | |
| CN100583114C (en) | System and method for remote security enablement | |
| US11777939B2 (en) | Method and device for processing information, and storage medium | |
| CN109102593B (en) | Method and apparatus for managing vehicle control authority | |
| CN103905651A (en) | Method and system for application permission management in intelligent terminal | |
| CN110008690B (en) | Authority management method, device, equipment and medium for terminal application | |
| CN106330958A (en) | Secure accessing method and device | |
| CN110909330A (en) | Vehicle networking platform authorization method, device, equipment and storage medium | |
| CN110853207A (en) | Hotel elevator visitor access authority management method and device and readable storage medium | |
| CN111090866A (en) | Application authority management method, mobile terminal and computer readable storage medium | |
| CN107742344B (en) | Access control method, system and storage medium | |
| CN114237454A (en) | Project display method and device, electronic equipment, storage medium and product | |
| CN110619221A (en) | Virtual authorization method, device, terminal equipment and storage medium | |
| US8477942B2 (en) | Method and apparatus for managing service lists | |
| CN107423785B (en) | Work task confirmation method, system, device and storage medium based on two-dimension code | |
| CN109189294B (en) | Control method and device of electronic control equipment and computer readable storage medium | |
| CN111045725A (en) | Control method, device and storage medium of code management system | |
| CN113296657B (en) | Dangerous authority management method, device, equipment and storage medium of android system | |
| WO2014115514A1 (en) | Program for managing permission/non-permission to activate application | |
| KR101578383B1 (en) | System and method of controlling user device using profile | |
| CN114584939A (en) | Application use delay method, device, equipment and storage medium | |
| CN116992424B (en) | Authorization code using method, device and system | |
| CN114500256B (en) | Distribution network method and device of terminal equipment, router equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |