WO2018049610A1 - Permission control method and device - Google Patents

Permission control method and device Download PDF

Info

Publication number
WO2018049610A1
WO2018049610A1 PCT/CN2016/099066 CN2016099066W WO2018049610A1 WO 2018049610 A1 WO2018049610 A1 WO 2018049610A1 CN 2016099066 W CN2016099066 W CN 2016099066W WO 2018049610 A1 WO2018049610 A1 WO 2018049610A1
Authority
WO
WIPO (PCT)
Prior art keywords
application
background
interface
permission
running
Prior art date
Application number
PCT/CN2016/099066
Other languages
French (fr)
Chinese (zh)
Inventor
伍亮雄
刘海涛
刘鸣
Original Assignee
北京小米移动软件有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 北京小米移动软件有限公司 filed Critical 北京小米移动软件有限公司
Priority to CN201680000872.5A priority Critical patent/CN106462698A/en
Priority to PCT/CN2016/099066 priority patent/WO2018049610A1/en
Publication of WO2018049610A1 publication Critical patent/WO2018049610A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Definitions

  • the present disclosure relates to the field of computer technologies, and in particular, to a rights control method and apparatus.
  • terminal devices such as mobile phones and tablets to expand the functions of the terminal devices.
  • the operating system of the terminal device allows the application to pop up the interface when it runs in the background.
  • Some applications can use this function to pop up the setting interface when running in the background, such as the function guiding interface, the information pushing interface, the advertising interface, and the like.
  • Embodiments of the present disclosure provide a method and apparatus for controlling rights.
  • the technical solution is as follows:
  • an access control method comprising:
  • the background startup interface permission refers to the permission of the application to pop up the interface when running in the background
  • the detecting whether the application has the background startup interface right includes:
  • the middle query obtains whether the application has the permission of the background startup interface
  • the method further includes:
  • the identifier of the application includes: a package name of the application and a UID (User Identification) corresponding to the current system.
  • UID User Identification
  • the detecting whether the application is running in the background includes:
  • system top stack application refers to an application currently running in the foreground
  • the application is the system top-of-stack application, it is determined that the application is running in the foreground.
  • the prohibiting the interface of the application from popping up includes:
  • the method further includes:
  • an authority control apparatus comprising:
  • the request acquisition module is configured to obtain an interface startup request sent by the application
  • Running a detection module configured to detect whether the application is running in the background
  • the permission detection module is configured to detect, when the application is running in the background, whether the application has the background startup interface authority; wherein the background startup interface permission refers to the permission of the application to pop up the interface when running in the background;
  • the pop-up module is disabled, and is configured to prohibit the interface of the application from popping up when the application does not have the permission of the background startup interface.
  • the permission detection module includes:
  • the method call submodule is configured to invoke a permission detection method of the application rights manager, and send a permission detection request to the permission detection method; wherein the permission detection request carries an identifier of the application, and the permission detection method uses Querying, by the application rights manager, whether the application has the background startup interface authority;
  • the result obtaining sub-module is configured to obtain the permission detection result returned by the permission detection method, wherein the permission detection result is: the application has the background startup interface authority, or the application does not have the background Start interface permissions.
  • the device further includes:
  • An identifier obtaining module configured to obtain an identifier of the application from the interface startup request
  • the identifier of the application includes: a package name of the application and a UID corresponding to the current system.
  • the running detection module includes:
  • a top-of-stack acquisition sub-module configured to acquire a system stack top application, where the system top-of-stack application refers to an application currently running in the foreground;
  • An application detection submodule configured to detect whether the application is the system top application
  • a first determining submodule configured to determine that the application is running in the background when the application is not the system top application
  • the second determining submodule is configured to determine that the application is running in the foreground when the application is the system stack top application.
  • the prohibiting pop-up module is configured to terminate execution of the interface startup request.
  • the device further includes:
  • a receiving module configured to receive a recommendation switch setting of the background startup interface permission of the application sent by the cloud server, where the recommendation switch is set by the cloud server according to the permission to open the background startup interface for the application The number of users and the number of users who have turned off the background startup interface rights for the application;
  • the permission switch module is configured to enable or disable the background startup interface authority for the application according to the recommended switch setting.
  • an authority control apparatus comprising:
  • a memory for storing executable instructions of the processor
  • processor is configured to:
  • the background startup interface permission refers to the permission of the application to pop up the interface when running in the background
  • FIG. 1 is a flowchart of a method for detecting rights according to an exemplary embodiment
  • FIG. 2A is a block diagram of an authority control apparatus according to an exemplary embodiment
  • 2B is a block diagram of an authority control apparatus according to another exemplary embodiment
  • FIG. 3 is a block diagram of an apparatus, according to an exemplary embodiment.
  • the embodiments of the present disclosure provide a method for controlling rights, and an apparatus based on the method, to solve the problems in the related art.
  • the core idea of the technical solution provided by the embodiment of the present disclosure is to add a background startup interface permission in the Application Operations Manager, and the background startup interface permission refers to the permission of the application to pop up the interface when running in the background.
  • the device manages whether each application installed in the terminal device has the permission, and only allows the application having the permission of the background startup interface to pop up the interface when running in the background, so as to prevent the unauthorized application from abusing the function of popping up the interface when running in the background.
  • the method provided by the embodiment of the present disclosure may be a terminal device, such as a mobile phone, a tablet computer, an e-book reader, a multimedia playback device, a PDA (Personal Digital Assistant), a wearable device, or the like.
  • the type of the operating system of the terminal device is not limited, such as an Android (Android) operating system, an iOS operating system, a Windows Phone operating system, and the like.
  • FIG. 1 is a flowchart of a method for detecting rights according to an exemplary embodiment. This method can be applied to a terminal device. The method can include the following steps:
  • step 101 an interface startup request sent by the application is obtained.
  • an interface startup request is sent to the system service, and the interface startup request is used to request the display interface.
  • the type of the application is not limited, and may be various types of applications installed and operated in the terminal device, such as a social application, a call communication application, an online shopping payment application, a living consumer application, a video playback application, and security. Antivirus applications, browsers, etc.
  • the interface of the application is a user interface (UI).
  • UI user interface
  • the interface is represented by activity.
  • the system service may be an interface startup management service, such as an ActivityStack Supervisor of the Android system, and an interface startup management service is used to manage the interface startup in the system.
  • the interface startup management service provides an ActivityStackSupervisor.startActivityLocked method, and the application can send an interface startup request to the interface startup management service by calling the method.
  • step 102 it is detected whether the application is running in the background.
  • the system service detects if the app is running in the background.
  • the application runs in the foreground, which means that the application runs directly from the window and displays an interface that can interact with the user.
  • the application runs in the background, which means that the application runs in the resource manager. Generally, the interface is not displayed, but the system resources are occupied.
  • this step includes the following substeps:
  • the system stack top application refers to an application that is currently running in the foreground. By acquiring the system stack top application, whether the application of the system stack top application and the above sending interface startup request is the same application, if the two are the same application, the sending is performed. The application of the interface startup request runs in the foreground, otherwise the application that determines the sending interface startup request runs in the background.
  • step 103 if the application is running in the background, it is detected whether the application has the background startup interface authority.
  • the background startup interface permission refers to the permission of the application to pop up the interface when running in the background.
  • the pop-up interface when the application is running in the background refers to triggering the display of an interface superimposed on the interface of the application currently running in the foreground for display when the application is running in the background.
  • the system can perform rights management on the function of the pop-up interface in the background runtime.
  • the name of the background startup interface permission is OP_BACKGROUND_START_ACTIVITY
  • the identifier (also called value) of the background startup interface permission is 10021, which is used to uniquely identify the permission.
  • the identifiers corresponding to different permissions are also different.
  • this step may include the following sub-steps:
  • the permission detection request carries an identifier of the application, and the identifier of the application is used to uniquely identify an application.
  • the identifier of the application includes: a package name of the application and a UID corresponding to the current system.
  • the application package name and the UID corresponding to the current system can uniquely identify an application in the current system. Even if the terminal device supports multiple systems, the system can distinguish the system and accurately determine the application that makes the request in the current system.
  • the application may carry the identifier of the application in the interface startup request, and accordingly, the system service may obtain the identifier of the application from the interface startup request.
  • the permission detection method is used to query whether the application has the background startup interface permission from the application permission manager.
  • the ActivityStackSupervisor may call the AppOpsManager.checkOpNoThrow method, and send a permission detection request carrying the identifier of the application to the method.
  • the permission detection result is: the application has the background startup interface authority, or the application does not have Start the interface permissions in the background.
  • the application permission manager queries whether the application has the background startup interface permission. If the application has the background startup interface permission, the AppOpsManager.checkOpNoThrow method returns information indicating the information to the WindowManagerService; if the application does not have the background startup interface permission, the AppOpsManager.checkOpNoThrow method returns information indicating that the information is not available to the WindowManagerService.
  • an example of code that implements the ability to detect whether an application has background launch interface permissions is as follows:
  • the system service processes the interface startup request according to the original normal processing flow, and executes logic of the subsequent startup interface (activity).
  • step 104 if the application does not have the background startup interface permission, the application interface is prohibited from popping up.
  • the system service prohibits the interface that the application requests to display from popping up. That is, the interface of the system service prohibiting the application from being requested to be displayed is superimposed on the interface of the application currently running in the foreground.
  • the system service terminates the execution interface startup request, and does not execute the logic of the subsequent startup interface (activity).
  • the system service processes the interface startup request according to the original normal processing flow, and executes the logic of the subsequent startup interface (activity).
  • the method provided in this embodiment detects whether the application is running in the background after acquiring the interface initiated by the application, and if it detects that the application is running in the background, it continues to detect whether the application has the background startup interface permission. If the application does not have the background startup interface permission, the application interface is prohibited from popping up; because the background startup interface permission is added, only the application having the background startup interface permission is allowed to pop up in the background to avoid unauthorized application abuse.
  • the function of pop-up interface when running in the background avoids affecting user operations and providing system performance.
  • the application has the background startup interface permission, which can be set by the system default or by the user.
  • the cloud server corresponding to the operating system can be separately counted for each application to be turned on/off.
  • the cloud server collects the number of users who have the background startup interface permission for the application and the number of users who turn off the background startup interface permission for the application.
  • the recommendation switch setting of the background startup interface permission of the application is determined.
  • the cloud server determines the recommended switch setting of the background startup interface permission of the application according to the proportion of the number of users who open the background startup interface permission for the application and the number of users who turn off the background startup interface authority.
  • the cloud server may send the recommended switch setting of the background startup interface permission of the application to the terminal device; correspondingly, the terminal device receives the recommended switch setting of the background startup interface permission of the application sent by the cloud server.
  • the recommended switch setting refers to the permission to enable or disable the background startup interface.
  • the terminal device sets the right to enable or disable the background startup interface according to the recommended switch setting.
  • the terminal device automatically sets the background startup interface permission to be turned on or off according to the recommended switch setting. For example, if the recommended switch is set to be on, the terminal device turns on the background startup interface permission for the application; if the recommended switch is set to off, the terminal device turns off the background startup interface permission for the application.
  • the terminal device displays the recommended switch setting, and the user sets the permission of the user to enable or disable the background startup interface according to the recommended switch setting and the actual requirement of the user, and the terminal device acquires the permission setting indication set by the user, according to The permission setting set by the user indicates that the background startup interface permission is turned on or off for the application.
  • the cloud server may send a recommendation switch setting of the background startup interface permission of the application to the terminal device; the cloud server may also send the recommendation of the background startup interface permission of the application to the terminal device every predetermined time interval. Switch settings.
  • the cloud server determines the recommendation of the background startup interface permission of the application.
  • the switch is set to be turned on; if the number of users who have the background startup interface permission for the application is less than the number of users who have turned off the background startup interface permission for the application, the cloud server determines that the recommendation switch of the background startup interface permission of the application is set to off.
  • the cloud server determines the recommended switch setting of the background startup interface permission of the application. If the ratio of the number of users who have enabled the background startup interface to the total number of users is less than the second threshold, the cloud server determines that the recommended switch of the background startup interface permission of the application is set to off.
  • the first threshold is equal to the second threshold, or the first threshold is greater than the second threshold.
  • the total number of users refers to the sum of the number of users who have the background startup interface permission for the application and the number of users who have turned off the background startup interface permissions for the application.
  • the switch control of the background startup interface permission of each application can be correspondingly increased, so that the user can customize the setting through the switch control.
  • the above-mentioned switch control is added, and the user can turn on or off the background startup interface authority for the application by adjusting the switch control.
  • FIG. 2A is a block diagram of an authority control apparatus according to an exemplary embodiment.
  • the apparatus has a function of implementing the above-described method examples, and the functions may be implemented by hardware or by hardware to execute corresponding software.
  • the apparatus may include: a request acquisition module 210, a operation detection module 220, an authority detection module 230, and a prohibition pop-up module 240.
  • the request obtaining module 210 is configured to acquire an interface startup request sent by the application.
  • the operation detection module 220 is configured to detect whether the application is running in the background.
  • the permission detection module 230 is configured to detect whether the application has a background startup interface right when the application is running in the background.
  • the background startup interface permission refers to the permission of the application to pop up the interface when running in the background.
  • the pop-up module 240 is configured to prevent the interface of the application from popping up when the application does not have the background startup interface right.
  • the device detects whether the application is running in the background after acquiring the interface initiated by the application, and if it detects that the application is running in the background, it continues to detect whether the application has the background startup interface permission. If the application does not have the background startup interface permission, the application interface is prohibited from popping up; because the background startup interface permission is added, only the application having the background startup interface permission is allowed to pop up in the background to avoid unauthorized application abuse.
  • the function of pop-up interface when running in the background avoids affecting user operations and providing system performance.
  • the rights detection module 230 includes a method invocation submodule 230a and a result obtaining submodule 230b.
  • the method invocation sub-module 230a is configured to invoke a permission detection method of the application rights manager, and send a permission detection request to the permission detection method.
  • the privilege detection request carries the identifier of the application, and the privilege detection method is used to query, from the application privilege manager, whether the application has the background startup interface privilege.
  • the result obtaining submodule 230b is configured to acquire the authority detection result returned by the authority detecting method.
  • the result of the permission detection is: the application has the background startup interface authority, or the application does not have the background startup interface authority.
  • the apparatus further includes: an identifier acquisition module 250.
  • the identity obtaining module 250 is configured to obtain an identifier of the application from the interface initiation request.
  • the identifier of the application includes: a package name of the application and a UID corresponding to the current system.
  • the operation detecting module 220 includes: a top-of-stack acquisition sub-module 220a, an application detection sub-module 220b, and a first determiner. Module 220c and second determination sub-module 220d.
  • the top-of-stack acquisition sub-module 220a is configured to acquire a system top-of-stack application, which refers to an application currently running in the foreground.
  • the application detection sub-module 220b is configured to detect whether the application is the system top-of-stack application.
  • the first determining sub-module 220c is configured to determine that the application is running in the background when the application is not the system top-of-stack application.
  • the second determining sub-module 220d is configured to determine that the application is running in the foreground when the application is the system top-of-stack application.
  • the disable pop-up module 240 is configured to terminate execution of the interface launch request.
  • the apparatus further includes: a setting receiving module and a rights switch module.
  • a receiving module configured to receive a recommendation switch setting of the background startup interface permission of the application sent by the cloud server, where the recommendation switch is set by the cloud server according to the permission to open the background startup interface for the application The number of users and the number of users who have turned off the background launch interface permissions for the application.
  • the permission switch module is configured to enable or disable the background startup interface authority for the application according to the recommended switch setting.
  • An exemplary embodiment of the present disclosure also provides an authority control apparatus capable of implementing the authority control method provided by the present disclosure.
  • the apparatus includes a processor and a memory for storing executable instructions of the processor.
  • the processor is configured to:
  • the background startup interface permission refers to the permission of the application to pop up the interface when running in the background
  • the processor is configured to:
  • the middle query obtains whether the application has the permission of the background startup interface
  • the processor is further configured to:
  • the identifier of the application includes: a package name of the application and a UID corresponding to the current system.
  • the processor is configured to:
  • system top stack application refers to an application currently running in the foreground
  • the application is the system top-of-stack application, it is determined that the application is running in the foreground.
  • the processor is configured to:
  • the processor is further configured to:
  • FIG. 3 is a block diagram of an apparatus 300, according to an exemplary embodiment.
  • device 300 can be a mobile phone, a computer, a digital broadcast terminal, a messaging device, a gaming console, a tablet device, a medical device, a fitness device, a personal digital assistant, and the like.
  • apparatus 300 can include one or more of the following components: processing component 302, memory 304, power component 306, multimedia component 308, audio component 310, input/output (I/O) interface 312, sensor component 314, and Communication component 316.
  • Processing component 302 typically controls the overall operation of device 300, such as operations associated with display, telephone calls, data communications, camera operations, and recording operations.
  • Processing component 302 can include one or more processors 320 to execute instructions to perform all or part of the steps described above.
  • processing component 302 can include one or more modules to facilitate interaction between component 302 and other components.
  • processing component 302 can include a multimedia module to facilitate interaction between multimedia component 308 and processing component 302.
  • Memory 304 is configured to store various types of data to support operation at device 300. Examples of such data include instructions for any application or method operating on device 300, contact data, phone book data, messages, pictures, videos, and the like.
  • the memory 304 can be implemented by any type of volatile or non-volatile storage device, or a combination thereof, such as static random access memory (SRAM), electrically erasable programmable read only memory (EEPROM), erasable.
  • SRAM static random access memory
  • EEPROM electrically erasable programmable read only memory
  • EPROM Electrically erasable programmable read only memory
  • PROM Programmable Read Only Memory
  • ROM Read Only Memory
  • Magnetic Memory Flash Memory
  • Disk Disk or Optical Disk.
  • Power component 306 provides power to various components of device 300.
  • Power component 306 can include a power management system, one or more power sources, and other components associated with generating, managing, and distributing power for device 300.
  • the multimedia component 308 includes a screen between the device 300 and the user that provides an output interface.
  • the screen can include a liquid crystal display (LCD) and a touch panel (TP). If the screen includes a touch panel, the screen can be implemented as a touch screen to receive input signals from the user.
  • the touch panel includes one or more touch sensors to sense touch, slide, and hand on the touch panel Potential. The touch sensor may sense not only the boundary of the touch or sliding action, but also the duration and pressure associated with the touch or slide operation.
  • the multimedia component 308 includes a front camera and/or a rear camera. When the device 300 is in an operation mode, such as a shooting mode or a video mode, the front camera and/or the rear camera can receive external multimedia data. Each front and rear camera can be a fixed optical lens system or have focal length and optical zoom capabilities.
  • the audio component 310 is configured to output and/or input an audio signal.
  • audio component 310 includes a microphone (MIC) that is configured to receive an external audio signal when device 300 is in an operational mode, such as a call mode, a recording mode, and a voice recognition mode.
  • the received audio signal may be further stored in memory 304 or transmitted via communication component 316.
  • audio component 310 also includes a speaker for outputting an audio signal.
  • the I/O interface 312 provides an interface between the processing component 302 and the peripheral interface module, which may be a keyboard, a click wheel, a button, or the like. These buttons may include, but are not limited to, a home button, a volume button, a start button, and a lock button.
  • Sensor assembly 314 includes one or more sensors for providing status assessment of various aspects to device 300.
  • sensor assembly 314 can detect an open/closed state of device 300, relative positioning of components, such as the display and keypad of device 300, and sensor component 314 can also detect a change in position of one component of device 300 or device 300. The presence or absence of user contact with device 300, device 300 orientation or acceleration/deceleration, and temperature variation of device 300.
  • Sensor assembly 314 can include a proximity sensor configured to detect the presence of nearby objects without any physical contact.
  • Sensor assembly 314 may also include a light sensor, such as a CMOS or CCD image sensor, for use in imaging applications.
  • the sensor assembly 314 can also include an acceleration sensor, a gyro sensor, a magnetic sensor, a pressure sensor, or a temperature sensor.
  • Communication component 316 is configured to facilitate wired or wireless communication between device 300 and other devices.
  • the device 300 can access a wireless network based on a communication standard, such as Wi-Fi, 2G or 3G, or a combination thereof.
  • communication component 316 receives broadcast signals or broadcast associated information from an external broadcast management system via a broadcast channel.
  • the communication component 316 also includes a near field communication (NFC) module to facilitate short range communication.
  • NFC near field communication
  • the NFC module can be implemented based on radio frequency identification (RFID) technology, infrared data association (IrDA) technology, ultra-wideband (UWB) technology, Bluetooth (BT) technology, and other technologies.
  • RFID radio frequency identification
  • IrDA infrared data association
  • UWB ultra-wideband
  • Bluetooth Bluetooth
  • device 300 may be implemented by one or more application specific integrated circuits (ASIC), digital signal processor (DSP), digital signal processing device (DSPD), programmable logic device (PLD), field programmable gate array (FPGA), controller, microcontroller, microprocessor or other electronics Component implementation for performing the above method.
  • ASIC application specific integrated circuits
  • DSP digital signal processor
  • DSPD digital signal processing device
  • PLD programmable logic device
  • FPGA field programmable gate array
  • controller microcontroller, microprocessor or other electronics Component implementation for performing the above method.
  • non-transitory computer readable storage medium comprising instructions, such as a memory 304 comprising instructions executable by processor 320 of apparatus 300 to perform the above method.
  • the non-transitory computer readable storage medium may be a ROM, a random access memory (RAM), a CD-ROM, a magnetic tape, a floppy disk, and an optical data storage device.
  • a non-transitory computer readable storage medium when instructions in the storage medium are executed by a processor of apparatus 300, to enable apparatus 300 to perform the above method.
  • a plurality as referred to herein means two or more.
  • "and/or” describing the association relationship of the associated objects, indicating that there may be three relationships, for example, A and/or B, which may indicate that there are three cases where A exists separately, A and B exist at the same time, and B exists separately.
  • the character "/" generally indicates that the contextual object is an "or" relationship.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • User Interface Of Digital Computer (AREA)
  • Stored Programmes (AREA)

Abstract

Disclosed are a permission control method and device, belonging to the technical field of computers. The method comprises: obtaining an interface startup request sent by an application; detecting whether the application is running in the background; if the application is running in the background, detecting whether the application has a background interface startup permission, the background interface startup permission referring to a permission for the application to pop up an interface while running in the background; if the application does not have the background interface startup permission, prohibiting the application from popping up an interface. The background interface startup permission only permits applications which have the background interface startup permission to pop up an interface while running in the background, thereby preventing unpermitted applications from misusing the function of popping up an interface while running in the background, preventing user operations from being affected, and increasing system performance.

Description

权限控制方法及装置Authority control method and device 技术领域Technical field
本公开涉及计算机技术领域,特别涉及一种权限控制方法及装置。The present disclosure relates to the field of computer technologies, and in particular, to a rights control method and apparatus.
背景技术Background technique
用户可在诸如手机、平板电脑之类的终端设备中安装各类应用,以扩展终端设备的功能。Users can install various applications in terminal devices such as mobile phones and tablets to expand the functions of the terminal devices.
在相关技术中,终端设备的操作系统允许应用在后台运行时弹出界面。一些应用通过该功能可以在后台运行时弹出设定界面,如功能引导界面、信息推送界面、广告界面等。In the related art, the operating system of the terminal device allows the application to pop up the interface when it runs in the background. Some applications can use this function to pop up the setting interface when running in the background, such as the function guiding interface, the information pushing interface, the advertising interface, and the like.
发明内容Summary of the invention
本公开实施例提供了一种权限控制方法及装置。所述技术方案如下:Embodiments of the present disclosure provide a method and apparatus for controlling rights. The technical solution is as follows:
根据本公开实施例的第一方面,提供了一种权限控制方法,所述方法包括:According to a first aspect of an embodiment of the present disclosure, there is provided an access control method, the method comprising:
获取应用发送的界面启动请求;Obtain an interface startup request sent by the application;
检测所述应用是否在后台运行;Detecting whether the application is running in the background;
若所述应用在后台运行,则检测所述应用是否具备后台启动界面权限;其中,所述后台启动界面权限是指应用在后台运行时弹出界面的权限;If the application is running in the background, detecting whether the application has the background startup interface permission; wherein the background startup interface permission refers to the permission of the application to pop up the interface when running in the background;
若所述应用不具备所述后台启动界面权限,则禁止所述应用的界面弹出。If the application does not have the background startup interface right, the interface of the application is prohibited from popping up.
可选地,所述检测所述应用是否具备后台启动界面权限,包括:Optionally, the detecting whether the application has the background startup interface right includes:
调用应用权限管理器的权限检测方法,向所述权限检测方法发送权限检测请求;其中,所述权限检测请求中携带所述应用的标识,所述权限检测方法用于从所述应用权限管理器中查询获取所述应用是否具备所述后台启动界面权限;Calling the permission detection method of the application rights manager, and sending the permission detection request to the permission detection method; wherein the permission detection request carries an identifier of the application, and the permission detection method is used to use the application permission manager The middle query obtains whether the application has the permission of the background startup interface;
获取所述权限检测方法返回的权限检测结果;其中,所述权限检测结果为:所述应用具备所述后台启动界面权限,或者,所述应用不具备所述后台启动界面权限。Acquiring the permission detection result returned by the permission detection method; wherein the permission detection result is: the application has the background startup interface authority, or the application does not have the background startup interface authority.
可选地,所述方法还包括: Optionally, the method further includes:
从所述界面启动请求中获取所述应用的标识;Obtaining an identifier of the application from the interface startup request;
其中,所述应用的标识包括:所述应用的包名和当前系统所对应的UID(User Identification,用户个人身份识别码)。The identifier of the application includes: a package name of the application and a UID (User Identification) corresponding to the current system.
可选地,所述检测所述应用是否在后台运行,包括:Optionally, the detecting whether the application is running in the background includes:
获取系统栈顶应用,所述系统栈顶应用是指当前正在前台运行的应用;Obtaining a system stack top application, where the system top stack application refers to an application currently running in the foreground;
检测所述应用是否为所述系统栈顶应用;Detecting whether the application is the system top application;
若所述应用不是所述系统栈顶应用,则确定所述应用在后台运行;If the application is not the system stack top application, determining that the application is running in the background;
若所述应用是所述系统栈顶应用,则确定所述应用在前台运行。If the application is the system top-of-stack application, it is determined that the application is running in the foreground.
可选地,所述禁止所述应用的界面弹出,包括:Optionally, the prohibiting the interface of the application from popping up includes:
终止执行所述界面启动请求。The execution of the interface startup request is terminated.
可选地,所述方法还包括:Optionally, the method further includes:
接收云端服务器发送的所述应用的所述后台启动界面权限的推荐开关设置,所述推荐开关设置由所述云端服务器根据为所述应用开启所述后台启动界面权限的用户数量和为所述应用关闭所述后台启动界面权限的用户数量确定;Receiving a recommendation switch setting of the background startup interface permission of the application sent by the cloud server, where the recommendation switch is set by the cloud server according to the number of users who open the background startup interface permission for the application and is the application The number of users who close the permission of the background startup interface is determined;
根据所述推荐开关设置为所述应用开启或关闭所述后台启动界面权限。And setting, according to the recommendation switch, the right to enable or disable the background startup interface.
根据本公开实施例的第二方面,提供了一种权限控制装置,所述装置包括:According to a second aspect of the embodiments of the present disclosure, there is provided an authority control apparatus, the apparatus comprising:
请求获取模块,被配置为获取应用发送的界面启动请求;The request acquisition module is configured to obtain an interface startup request sent by the application;
运行检测模块,被配置为检测所述应用是否在后台运行;Running a detection module configured to detect whether the application is running in the background;
权限检测模块,被配置为当所述应用在后台运行时,检测所述应用是否具备后台启动界面权限;其中,所述后台启动界面权限是指应用在后台运行时弹出界面的权限;The permission detection module is configured to detect, when the application is running in the background, whether the application has the background startup interface authority; wherein the background startup interface permission refers to the permission of the application to pop up the interface when running in the background;
禁止弹出模块,被配置为当所述应用不具备所述后台启动界面权限时,禁止所述应用的界面弹出。The pop-up module is disabled, and is configured to prohibit the interface of the application from popping up when the application does not have the permission of the background startup interface.
可选地,所述权限检测模块,包括:Optionally, the permission detection module includes:
方法调用子模块,被配置为调用应用权限管理器的权限检测方法,向所述权限检测方法发送权限检测请求;其中,所述权限检测请求中携带所述应用的标识,所述权限检测方法用于从所述应用权限管理器中查询获取所述应用是否具备所述后台启动界面权限;The method call submodule is configured to invoke a permission detection method of the application rights manager, and send a permission detection request to the permission detection method; wherein the permission detection request carries an identifier of the application, and the permission detection method uses Querying, by the application rights manager, whether the application has the background startup interface authority;
结果获取子模块,被配置为获取所述权限检测方法返回的权限检测结果;其中,所述权限检测结果为:所述应用具备所述后台启动界面权限,或者,所述应用不具备所述后台启动界面权限。 The result obtaining sub-module is configured to obtain the permission detection result returned by the permission detection method, wherein the permission detection result is: the application has the background startup interface authority, or the application does not have the background Start interface permissions.
可选地,所述装置还包括:Optionally, the device further includes:
标识获取模块,被配置为从所述界面启动请求中获取所述应用的标识;An identifier obtaining module, configured to obtain an identifier of the application from the interface startup request;
其中,所述应用的标识包括:所述应用的包名和当前系统所对应的UID。The identifier of the application includes: a package name of the application and a UID corresponding to the current system.
可选地,所述运行检测模块,包括:Optionally, the running detection module includes:
栈顶获取子模块,被配置为获取系统栈顶应用,所述系统栈顶应用是指当前正在前台运行的应用;a top-of-stack acquisition sub-module configured to acquire a system stack top application, where the system top-of-stack application refers to an application currently running in the foreground;
应用检测子模块,被配置为检测所述应用是否为所述系统栈顶应用;An application detection submodule configured to detect whether the application is the system top application;
第一确定子模块,被配置为当所述应用不是所述系统栈顶应用时,确定所述应用在后台运行;a first determining submodule configured to determine that the application is running in the background when the application is not the system top application;
第二确定子模块,被配置为当所述应用是所述系统栈顶应用时,确定所述应用在前台运行。The second determining submodule is configured to determine that the application is running in the foreground when the application is the system stack top application.
可选地,所述禁止弹出模块,被配置为终止执行所述界面启动请求。Optionally, the prohibiting pop-up module is configured to terminate execution of the interface startup request.
可选地,所述装置还包括:Optionally, the device further includes:
设置接收模块,被配置为接收云端服务器发送的所述应用的所述后台启动界面权限的推荐开关设置,所述推荐开关设置由所述云端服务器根据为所述应用开启所述后台启动界面权限的用户数量和为所述应用关闭所述后台启动界面权限的用户数量确定;a receiving module configured to receive a recommendation switch setting of the background startup interface permission of the application sent by the cloud server, where the recommendation switch is set by the cloud server according to the permission to open the background startup interface for the application The number of users and the number of users who have turned off the background startup interface rights for the application;
权限开关模块,被配置为根据所述推荐开关设置为所述应用开启或关闭所述后台启动界面权限。The permission switch module is configured to enable or disable the background startup interface authority for the application according to the recommended switch setting.
根据本公开实施例的第三方面,提供了一种权限控制装置,所述装置包括:According to a third aspect of the embodiments of the present disclosure, there is provided an authority control apparatus, the apparatus comprising:
处理器;processor;
用于存储所述处理器的可执行指令的存储器;a memory for storing executable instructions of the processor;
其中,所述处理器被配置为:Wherein the processor is configured to:
获取应用发送的界面启动请求;Obtain an interface startup request sent by the application;
检测所述应用是否在后台运行;Detecting whether the application is running in the background;
若所述应用在后台运行,则检测所述应用是否具备后台启动界面权限;其中,所述后台启动界面权限是指应用在后台运行时弹出界面的权限;If the application is running in the background, detecting whether the application has the background startup interface permission; wherein the background startup interface permission refers to the permission of the application to pop up the interface when running in the background;
若所述应用不具备所述后台启动界面权限,则禁止所述应用的界面弹出。If the application does not have the background startup interface right, the interface of the application is prohibited from popping up.
本公开实施例提供的技术方案可以包括以下有益效果:The technical solutions provided by the embodiments of the present disclosure may include the following beneficial effects:
通过在获取到应用发送的界面启动请求之后,检测应用是否在后台运行, 若检测到应用在后台运行,则继续检测该应用是否具备后台启动界面权限,如果应用不具备该后台启动界面权限,则禁止应用的界面弹出;由于增加了后台启动界面权限,仅允许具备该后台启动界面权限的应用在后台运行时弹出界面,避免未经允许的应用滥用在后台运行时弹出界面的功能,避免影响用户操作,提供系统性能。Detect whether the application is running in the background after the request is initiated by the interface sent by the application. If it is detected that the application is running in the background, it continues to detect whether the application has the background startup interface right. If the application does not have the background startup interface permission, the application interface is prohibited from popping up; since the background startup interface permission is added, only the background is allowed. The application that launches the interface permission pops up the interface when running in the background, avoiding the function of popping up the interface when running in the background without the permission of the application, avoiding affecting the user operation and providing system performance.
应当理解的是,以上的一般描述和后文的细节描述仅是示例性和解释性的,并不能限制本公开。The above general description and the following detailed description are intended to be illustrative and not restrictive.
附图说明DRAWINGS
此处的附图被并入说明书中并构成本说明书的一部分,示出了符合本公开的实施例,并与说明书一起用于解释本公开的原理。The accompanying drawings, which are incorporated in the specification
图1是根据一示例性实施例示出的一种权限检测方法的流程图;FIG. 1 is a flowchart of a method for detecting rights according to an exemplary embodiment;
图2A是根据一示例性实施例示出的一种权限控制装置的框图;2A is a block diagram of an authority control apparatus according to an exemplary embodiment;
图2B是根据另一示例性实施例示出的一种权限控制装置的框图;2B is a block diagram of an authority control apparatus according to another exemplary embodiment;
图3是根据一示例性实施例示出的一种装置的框图。FIG. 3 is a block diagram of an apparatus, according to an exemplary embodiment.
具体实施方式detailed description
这里将详细地对示例性实施例进行说明,其示例表示在附图中。下面的描述涉及附图时,除非另有表示,不同附图中的相同数字表示相同或相似的要素。以下示例性实施例中所描述的实施方式并不代表与本公开相一致的所有实施方式。相反,它们仅是与如所附权利要求书中所详述的、本公开的一些方面相一致的装置和方法的例子。Exemplary embodiments will be described in detail herein, examples of which are illustrated in the accompanying drawings. The following description refers to the same or similar elements in the different figures unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present disclosure. Instead, they are merely examples of devices and methods consistent with aspects of the present disclosure as detailed in the appended claims.
在相关技术中,由于操作系统向应用提供了在后台运行时弹出界面的功能,但并未对使用该功能的权限进行控制,导致部分应用滥用该功能,影响用户操作及系统性能。例如,当用户正在观看视频的过程中,另一后台运行的应用弹出一广告界面,叠加在当前的视频播放界面之上,影响到用户正常观看。基于此,本公开实施例提供了一种权限控制方法,和基于这个方法的装置,以解决上述相关技术中存在的问题。本公开实施例提供的技术方案,核心思想是在应用权限管理器(Application Operations Manager)中增加后台启动界面权限,后台启动界面权限是指应用在后台运行时弹出界面的权限。通过应用权限管理 器对终端设备中安装的各个应用是否具备该权限进行管理,仅允许具备该后台启动界面权限的应用在后台运行时弹出界面,避免未经允许的应用滥用在后台运行时弹出界面的功能。In the related art, since the operating system provides the function of popping up the interface when running in the background, the right to use the function is not controlled, which causes some applications to abuse the function, affecting user operations and system performance. For example, when the user is watching the video, another background running application pops up an advertising interface, which is superimposed on the current video playing interface, affecting the normal viewing of the user. Based on this, the embodiments of the present disclosure provide a method for controlling rights, and an apparatus based on the method, to solve the problems in the related art. The core idea of the technical solution provided by the embodiment of the present disclosure is to add a background startup interface permission in the Application Operations Manager, and the background startup interface permission refers to the permission of the application to pop up the interface when running in the background. Manage by application rights The device manages whether each application installed in the terminal device has the permission, and only allows the application having the permission of the background startup interface to pop up the interface when running in the background, so as to prevent the unauthorized application from abusing the function of popping up the interface when running in the background.
本公开实施例提供的方法,各步骤的执行主体可以是终端设备,如手机、平板电脑、电子书阅读器、多媒体播放设备、PDA(Personal Digital Assistant,个人数字助理)、可穿戴设备等。在本公开实施例中,对终端设备的操作系统的类型不作限定,如Android(安卓)操作系统、iOS操作系统、Windows Phone操作系统等。The method provided by the embodiment of the present disclosure may be a terminal device, such as a mobile phone, a tablet computer, an e-book reader, a multimedia playback device, a PDA (Personal Digital Assistant), a wearable device, or the like. In the embodiment of the present disclosure, the type of the operating system of the terminal device is not limited, such as an Android (Android) operating system, an iOS operating system, a Windows Phone operating system, and the like.
图1是根据一示例性实施例示出的一种权限检测方法的流程图。该方法可应用于终端设备中。该方法可以包括如下几个步骤:FIG. 1 is a flowchart of a method for detecting rights according to an exemplary embodiment. This method can be applied to a terminal device. The method can include the following steps:
在步骤101中,获取应用发送的界面启动请求。In step 101, an interface startup request sent by the application is obtained.
当应用需要显示界面时,向系统服务发送界面启动请求,界面启动请求用于请求显示界面。在本公开实施例中,对应用的种类不作限定,其可以是终端设备中安装运行的各类应用程序,如社交应用、通话通讯应用、网购支付应用、生活消费类应用、影音播放应用、安全杀毒应用、浏览器等。在本公开实施例中,应用的界面即为用户界面(User Interface,UI)。在Android系统中,界面以activity表示。在本公开实施例中,系统服务可以是界面启动管理服务,如Android系统的ActivityStackSupervisor,界面启动管理服务用于对系统中的界面启动进行管理。When the application needs to display the interface, an interface startup request is sent to the system service, and the interface startup request is used to request the display interface. In the embodiment of the present disclosure, the type of the application is not limited, and may be various types of applications installed and operated in the terminal device, such as a social application, a call communication application, an online shopping payment application, a living consumer application, a video playback application, and security. Antivirus applications, browsers, etc. In the embodiment of the present disclosure, the interface of the application is a user interface (UI). In the Android system, the interface is represented by activity. In the embodiment of the present disclosure, the system service may be an interface startup management service, such as an ActivityStack Supervisor of the Android system, and an interface startup management service is used to manage the interface startup in the system.
以Android系统为例,界面启动管理服务提供有ActivityStackSupervisor.startActivityLocked方法,应用可通过调用该方法向界面启动管理服务发送界面启动请求。Taking the Android system as an example, the interface startup management service provides an ActivityStackSupervisor.startActivityLocked method, and the application can send an interface startup request to the interface startup management service by calling the method.
在步骤102中,检测应用是否在后台运行。In step 102, it is detected whether the application is running in the background.
系统服务检测该应用是否在后台运行。其中,应用在前台运行,是指应用直接由窗口运行,显示有能和用户交互的界面。应用在后台运行,是指应用在资源管理器中运行,一般不显示有界面,但占用系统资源。The system service detects if the app is running in the background. The application runs in the foreground, which means that the application runs directly from the window and displays an interface that can interact with the user. The application runs in the background, which means that the application runs in the resource manager. Generally, the interface is not displayed, but the system resources are occupied.
在一个示例中,本步骤包括如下几个子步骤:In one example, this step includes the following substeps:
1、获取系统栈顶应用;1. Obtain the system top application;
2、检测应用是否为系统栈顶应用;2. Detect whether the application is a system top application;
3、若应用不是系统栈顶应用,则确定应用在后台运行; 3. If the application is not a system stack top application, it is determined that the application is running in the background;
4、若应用是系统栈顶应用,则确定应用在前台运行。4. If the application is a system stack top application, it is determined that the application is running in the foreground.
系统栈顶应用是指当前正在前台运行的应用,通过获取系统栈顶应用,比对系统栈顶应用与上述发送界面启动请求的应用是否为同一应用,若两者为同一应用,则说明该发送界面启动请求的应用在前台运行,否则确定该发送界面启动请求的应用在后台运行。The system stack top application refers to an application that is currently running in the foreground. By acquiring the system stack top application, whether the application of the system stack top application and the above sending interface startup request is the same application, if the two are the same application, the sending is performed. The application of the interface startup request runs in the foreground, otherwise the application that determines the sending interface startup request runs in the background.
在步骤103中,若应用在后台运行,则检测应用是否具备后台启动界面权限。In step 103, if the application is running in the background, it is detected whether the application has the background startup interface authority.
当系统服务检测出应用在后台运行时,系统服务继续检测应用是否具备后台启动界面权限。其中,后台启动界面权限是指应用在后台运行时弹出界面的权限。在本公开实施例中,应用在后台运行时弹出界面是指应用在后台运行时,触发显示一界面叠加在当前正在前台运行的应用的界面之上进行显示。在本公开实施例中,通过预先在应用权限管理器中增加后台启动界面权限,使得系统能够对在后台运行时弹出界面的功能进行权限管理。示例性地,后台启动界面权限的名称为OP_BACKGROUND_START_ACTIVITY,后台启动界面权限的标识(也称为值)为10021,用于唯一标识该权限。在应用权限管理器中,不同的权限所对应的标识也不同。When the system service detects that the application is running in the background, the system service continues to detect whether the application has the background startup interface permission. The background startup interface permission refers to the permission of the application to pop up the interface when running in the background. In the embodiment of the present disclosure, the pop-up interface when the application is running in the background refers to triggering the display of an interface superimposed on the interface of the application currently running in the foreground for display when the application is running in the background. In the embodiment of the present disclosure, by adding the background startup interface authority in the application rights manager in advance, the system can perform rights management on the function of the pop-up interface in the background runtime. Exemplarily, the name of the background startup interface permission is OP_BACKGROUND_START_ACTIVITY, and the identifier (also called value) of the background startup interface permission is 10021, which is used to uniquely identify the permission. In the application rights manager, the identifiers corresponding to different permissions are also different.
可选地,本步骤可以包括如下几个子步骤:Optionally, this step may include the following sub-steps:
1、调用应用权限管理器的权限检测方法,向权限检测方法发送权限检测请求;1. Calling the permission detection method of the application rights manager, and sending a permission detection request to the permission detection method;
其中,权限检测请求中携带应用的标识,应用的标识用于唯一标识一个应用。可选地,应用的标识包括:应用的包名(packagename)和当前系统所对应的UID。应用的包名和当前系统所对应的UID可唯一标识当前系统中的一个应用,即便是终端设备支持多系统,也能够对系统进行区分,准确确定当前系统中发出请求的应用。另外,应用可在界面启动请求中携带应用的标识,相应地,系统服务可从界面启动请求中获取应用的标识。The permission detection request carries an identifier of the application, and the identifier of the application is used to uniquely identify an application. Optionally, the identifier of the application includes: a package name of the application and a UID corresponding to the current system. The application package name and the UID corresponding to the current system can uniquely identify an application in the current system. Even if the terminal device supports multiple systems, the system can distinguish the system and accurately determine the application that makes the request in the current system. In addition, the application may carry the identifier of the application in the interface startup request, and accordingly, the system service may obtain the identifier of the application from the interface startup request.
权限检测方法用于从应用权限管理器中查询获取应用是否具备后台启动界面权限。以Android系统为例,ActivityStackSupervisor可调用AppOpsManager.checkOpNoThrow方法,并向该方法发送携带有应用的标识的权限检测请求。The permission detection method is used to query whether the application has the background startup interface permission from the application permission manager. Taking the Android system as an example, the ActivityStackSupervisor may call the AppOpsManager.checkOpNoThrow method, and send a permission detection request carrying the identifier of the application to the method.
2、获取权限检测方法返回的权限检测结果;2. Obtain the permission detection result returned by the permission detection method;
其中,权限检测结果为:应用具备后台启动界面权限,或者,应用不具备 后台启动界面权限。仍然以Android系统为例,AppOpsManager.checkOpNoThrow方法被调用之后,根据应用的标识,从应用权限管理器中查询获取应用是否具备后台启动界面权限。若应用具备后台启动界面权限,则AppOpsManager.checkOpNoThrow方法向WindowManagerService返回用于指示具备的信息;若应用不具备后台启动界面权限,则AppOpsManager.checkOpNoThrow方法向WindowManagerService返回用于指示不具备的信息。Among them, the permission detection result is: the application has the background startup interface authority, or the application does not have Start the interface permissions in the background. Still taking the Android system as an example, after the AppOpsManager.checkOpNoThrow method is called, according to the application identifier, the application permission manager queries whether the application has the background startup interface permission. If the application has the background startup interface permission, the AppOpsManager.checkOpNoThrow method returns information indicating the information to the WindowManagerService; if the application does not have the background startup interface permission, the AppOpsManager.checkOpNoThrow method returns information indicating that the information is not available to the WindowManagerService.
在一个示例中,用于实现检测应用是否具备后台启动界面权限的代码示例如下:In one example, an example of code that implements the ability to detect whether an application has background launch interface permissions is as follows:
Figure PCTCN2016099066-appb-000001
Figure PCTCN2016099066-appb-000001
Figure PCTCN2016099066-appb-000002
Figure PCTCN2016099066-appb-000002
另外,若系统服务在步骤102中检测出应用在前台运行,则系统服务按照原始的正常处理流程对界面启动请求进行处理,执行后续启动界面(activity)的逻辑。In addition, if the system service detects that the application is running in the foreground in step 102, the system service processes the interface startup request according to the original normal processing flow, and executes logic of the subsequent startup interface (activity).
在步骤104中,若应用不具备后台启动界面权限,则禁止应用的界面弹出。In step 104, if the application does not have the background startup interface permission, the application interface is prohibited from popping up.
若应用不具备后台启动界面权限,则系统服务禁止应用所请求显示的界面弹出。也即,系统服务禁止应用所请求显示的界面叠加显示于当前在前台运行的应用的界面之上。If the application does not have the background startup interface permission, the system service prohibits the interface that the application requests to display from popping up. That is, the interface of the system service prohibiting the application from being requested to be displayed is superimposed on the interface of the application currently running in the foreground.
在一个示例中,若应用不具备后台启动界面权限,则系统服务终止执行界面启动请求,不执行后续启动界面(activity)的逻辑。In an example, if the application does not have the background startup interface permission, the system service terminates the execution interface startup request, and does not execute the logic of the subsequent startup interface (activity).
另外,若应用具备后台启动界面权限,则系统服务按照原始的正常处理流程对界面启动请求进行处理,执行后续启动界面(activity)的逻辑。In addition, if the application has the background startup interface permission, the system service processes the interface startup request according to the original normal processing flow, and executes the logic of the subsequent startup interface (activity).
综上所述,本实施例提供的方法,通过在获取到应用发送的界面启动请求之后,检测应用是否在后台运行,若检测到应用在后台运行,则继续检测该应用是否具备后台启动界面权限,如果应用不具备该后台启动界面权限,则禁止应用的界面弹出;由于增加了后台启动界面权限,仅允许具备该后台启动界面权限的应用在后台运行时弹出界面,避免未经允许的应用滥用在后台运行时弹出界面的功能,避免影响用户操作,提供系统性能。In summary, the method provided in this embodiment detects whether the application is running in the background after acquiring the interface initiated by the application, and if it detects that the application is running in the background, it continues to detect whether the application has the background startup interface permission. If the application does not have the background startup interface permission, the application interface is prohibited from popping up; because the background startup interface permission is added, only the application having the background startup interface permission is allowed to pop up in the background to avoid unauthorized application abuse. The function of pop-up interface when running in the background avoids affecting user operations and providing system performance.
需要补充说明的是,应用是否具备后台启动界面权限,可以由系统默认设置,也可由用户自定义设置。It should be added that the application has the background startup interface permission, which can be set by the system default or by the user.
可选地,操作系统所对应的云端服务器中可分别统计为各个应用开启/关闭 后台启动界面权限的用户数量。对于某一应用来说,云端服务器统计为该应用开启后台启动界面权限的用户数量和为该应用关闭后台启动界面权限的用户数量,根据上述统计结果确定该应用的后台启动界面权限的推荐开关设置。示例性地,云端服务器根据为该应用开启后台启动界面权限的用户数量和关闭后台启动界面权限的用户数量的比例,确定该应用的后台启动界面权限的推荐开关设置。在终端设备安装该应用之后,云端服务器可将该应用的后台启动界面权限的推荐开关设置发送给终端设备;相应地,终端设备接收云端服务器发送的该应用的后台启动界面权限的推荐开关设置。推荐开关设置是指推荐开启或关闭后台启动界面权限。终端设备根据推荐开关设置为应用开启或关闭后台启动界面权限。在一个示例中,终端设备根据该推荐开关设置自动设置为该应用开启或关闭后台启动界面权限。例如,若推荐开关设置为开启,则终端设备为应用开启后台启动界面权限;若推荐开关设置为关闭,则终端设备为应用关闭后台启动界面权限。在另一示例中,终端设备将该推荐开关设置进行显示,由用户结合该推荐开关设置和自身实际需求设置为该应用开启或关闭后台启动界面权限,终端设备获取用户设置的权限设置指示,根据用户设置的权限设置指示为应用开启或关闭后台启动界面权限。另外,云端服务器可在终端设备安装应用之后,向终端设备发送该应用的后台启动界面权限的推荐开关设置;云端服务器也可每隔预定时间间隔向终端设备发送该应用的后台启动界面权限的推荐开关设置。Optionally, the cloud server corresponding to the operating system can be separately counted for each application to be turned on/off. The number of users who started the interface permissions in the background. For an application, the cloud server collects the number of users who have the background startup interface permission for the application and the number of users who turn off the background startup interface permission for the application. According to the above statistics, the recommendation switch setting of the background startup interface permission of the application is determined. . Exemplarily, the cloud server determines the recommended switch setting of the background startup interface permission of the application according to the proportion of the number of users who open the background startup interface permission for the application and the number of users who turn off the background startup interface authority. After the terminal device installs the application, the cloud server may send the recommended switch setting of the background startup interface permission of the application to the terminal device; correspondingly, the terminal device receives the recommended switch setting of the background startup interface permission of the application sent by the cloud server. The recommended switch setting refers to the permission to enable or disable the background startup interface. The terminal device sets the right to enable or disable the background startup interface according to the recommended switch setting. In one example, the terminal device automatically sets the background startup interface permission to be turned on or off according to the recommended switch setting. For example, if the recommended switch is set to be on, the terminal device turns on the background startup interface permission for the application; if the recommended switch is set to off, the terminal device turns off the background startup interface permission for the application. In another example, the terminal device displays the recommended switch setting, and the user sets the permission of the user to enable or disable the background startup interface according to the recommended switch setting and the actual requirement of the user, and the terminal device acquires the permission setting indication set by the user, according to The permission setting set by the user indicates that the background startup interface permission is turned on or off for the application. In addition, after the terminal device installs the application, the cloud server may send a recommendation switch setting of the background startup interface permission of the application to the terminal device; the cloud server may also send the recommendation of the background startup interface permission of the application to the terminal device every predetermined time interval. Switch settings.
在一个示例中,对于某一应用来说,若为该应用开启后台启动界面权限的用户数量大于为该应用关闭后台启动界面权限的用户数量,则云端服务器确定该应用的后台启动界面权限的推荐开关设置为开启;若为该应用开启后台启动界面权限的用户数量小于为该应用关闭后台启动界面权限的用户数量,则云端服务器确定该应用的后台启动界面权限的推荐开关设置为关闭。In an example, for an application, if the number of users who open the background startup interface permission for the application is greater than the number of users who turn off the background startup interface permission for the application, the cloud server determines the recommendation of the background startup interface permission of the application. The switch is set to be turned on; if the number of users who have the background startup interface permission for the application is less than the number of users who have turned off the background startup interface permission for the application, the cloud server determines that the recommendation switch of the background startup interface permission of the application is set to off.
在另一示例中,对于某一应用来说,若为该应用开启后台启动界面权限的用户数量占用户总数的比例大于第一阈值,则云端服务器确定该应用的后台启动界面权限的推荐开关设置为开启;若为该应用开启后台启动界面权限的用户数量占用户总数的比例小于第二阈值,则云端服务器确定该应用的后台启动界面权限的推荐开关设置为关闭。其中,第一阈值等于第二阈值,或者,第一阈值大于第二阈值。用户总数是指为该应用开启后台启动界面权限的用户数量与为该应用关闭后台启动界面权限的用户数量的总和。 In another example, for a certain application, if the ratio of the number of users who open the background startup interface permission to the total number of users is greater than the first threshold, the cloud server determines the recommended switch setting of the background startup interface permission of the application. If the ratio of the number of users who have enabled the background startup interface to the total number of users is less than the second threshold, the cloud server determines that the recommended switch of the background startup interface permission of the application is set to off. The first threshold is equal to the second threshold, or the first threshold is greater than the second threshold. The total number of users refers to the sum of the number of users who have the background startup interface permission for the application and the number of users who have turned off the background startup interface permissions for the application.
另外,为了便于用户调整应用的后台启动界面权限的开关。终端设备的系统设置中可相应增加各个应用的后台启动界面权限的开关控件,以便于用户通过该开关控件进行自定义设置。例如,在设置功能—授权管理功能—应用权限管理功能中增加上述开关控件,用户通过调节开关控件便可为应用开启或关闭后台启动界面权限。In addition, in order to facilitate the user to adjust the switch of the background startup interface permissions of the application. In the system setting of the terminal device, the switch control of the background startup interface permission of each application can be correspondingly increased, so that the user can customize the setting through the switch control. For example, in the setting function-authorization management function-application authority management function, the above-mentioned switch control is added, and the user can turn on or off the background startup interface authority for the application by adjusting the switch control.
下述为本公开装置实施例,可以用于执行本公开方法实施例。对于本公开装置实施例中未披露的细节,请参照本公开方法实施例。The following is an apparatus embodiment of the present disclosure, which may be used to implement the method embodiments of the present disclosure. For details not disclosed in the disclosed device embodiments, please refer to the method embodiments of the present disclosure.
图2A是根据一示例性实施例示出的一种权限控制装置的框图。该装置具有实现上述方法示例的功能,所述功能可以由硬件实现,也可以由硬件执行相应的软件实现。该装置可以包括:请求获取模块210、运行检测模块220、权限检测模块230和禁止弹出模块240。FIG. 2A is a block diagram of an authority control apparatus according to an exemplary embodiment. The apparatus has a function of implementing the above-described method examples, and the functions may be implemented by hardware or by hardware to execute corresponding software. The apparatus may include: a request acquisition module 210, a operation detection module 220, an authority detection module 230, and a prohibition pop-up module 240.
请求获取模块210,被配置为获取应用发送的界面启动请求。The request obtaining module 210 is configured to acquire an interface startup request sent by the application.
运行检测模块220,被配置为检测所述应用是否在后台运行。The operation detection module 220 is configured to detect whether the application is running in the background.
权限检测模块230,被配置为当所述应用在后台运行时,检测所述应用是否具备后台启动界面权限。其中,所述后台启动界面权限是指应用在后台运行时弹出界面的权限。The permission detection module 230 is configured to detect whether the application has a background startup interface right when the application is running in the background. The background startup interface permission refers to the permission of the application to pop up the interface when running in the background.
禁止弹出模块240,被配置为当所述应用不具备所述后台启动界面权限时,禁止所述应用的界面弹出。The pop-up module 240 is configured to prevent the interface of the application from popping up when the application does not have the background startup interface right.
综上所述,本实施例提供的装置,通过在获取到应用发送的界面启动请求之后,检测应用是否在后台运行,若检测到应用在后台运行,则继续检测该应用是否具备后台启动界面权限,如果应用不具备该后台启动界面权限,则禁止应用的界面弹出;由于增加了后台启动界面权限,仅允许具备该后台启动界面权限的应用在后台运行时弹出界面,避免未经允许的应用滥用在后台运行时弹出界面的功能,避免影响用户操作,提供系统性能。In summary, the device provided in this embodiment detects whether the application is running in the background after acquiring the interface initiated by the application, and if it detects that the application is running in the background, it continues to detect whether the application has the background startup interface permission. If the application does not have the background startup interface permission, the application interface is prohibited from popping up; because the background startup interface permission is added, only the application having the background startup interface permission is allowed to pop up in the background to avoid unauthorized application abuse. The function of pop-up interface when running in the background avoids affecting user operations and providing system performance.
在基于图2A所示实施例提供的一个可选实施例中,如图2B所示,所述权限检测模块230,包括:方法调用子模块230a和结果获取子模块230b。In an optional embodiment provided based on the embodiment shown in FIG. 2A, as shown in FIG. 2B, the rights detection module 230 includes a method invocation submodule 230a and a result obtaining submodule 230b.
方法调用子模块230a,被配置为调用应用权限管理器的权限检测方法,向所述权限检测方法发送权限检测请求。其中,所述权限检测请求中携带所述应用的标识,所述权限检测方法用于从所述应用权限管理器中查询获取所述应用是否具备所述后台启动界面权限。 The method invocation sub-module 230a is configured to invoke a permission detection method of the application rights manager, and send a permission detection request to the permission detection method. The privilege detection request carries the identifier of the application, and the privilege detection method is used to query, from the application privilege manager, whether the application has the background startup interface privilege.
结果获取子模块230b,被配置为获取所述权限检测方法返回的权限检测结果。其中,所述权限检测结果为:所述应用具备所述后台启动界面权限,或者,所述应用不具备所述后台启动界面权限。The result obtaining submodule 230b is configured to acquire the authority detection result returned by the authority detecting method. The result of the permission detection is: the application has the background startup interface authority, or the application does not have the background startup interface authority.
在基于图2A所示实施例提供的另一可选实施例中,如图2B所示,所述装置还包括:标识获取模块250。In another optional embodiment provided based on the embodiment shown in FIG. 2A, as shown in FIG. 2B, the apparatus further includes: an identifier acquisition module 250.
标识获取模块250,被配置为从所述界面启动请求中获取所述应用的标识。其中,所述应用的标识包括:所述应用的包名和当前系统所对应的UID。The identity obtaining module 250 is configured to obtain an identifier of the application from the interface initiation request. The identifier of the application includes: a package name of the application and a UID corresponding to the current system.
在基于图2A所示实施例提供的另一可选实施例中,如图2B所示,所述运行检测模块220,包括:栈顶获取子模块220a、应用检测子模块220b、第一确定子模块220c和第二确定子模块220d。In another optional embodiment provided based on the embodiment shown in FIG. 2A, as shown in FIG. 2B, the operation detecting module 220 includes: a top-of-stack acquisition sub-module 220a, an application detection sub-module 220b, and a first determiner. Module 220c and second determination sub-module 220d.
栈顶获取子模块220a,被配置为获取系统栈顶应用,所述系统栈顶应用是指当前正在前台运行的应用。The top-of-stack acquisition sub-module 220a is configured to acquire a system top-of-stack application, which refers to an application currently running in the foreground.
应用检测子模块220b,被配置为检测所述应用是否为所述系统栈顶应用。The application detection sub-module 220b is configured to detect whether the application is the system top-of-stack application.
第一确定子模块220c,被配置为当所述应用不是所述系统栈顶应用时,确定所述应用在后台运行。The first determining sub-module 220c is configured to determine that the application is running in the background when the application is not the system top-of-stack application.
第二确定子模块220d,被配置为当所述应用是所述系统栈顶应用时,确定所述应用在前台运行。The second determining sub-module 220d is configured to determine that the application is running in the foreground when the application is the system top-of-stack application.
在基于图2A所示实施例提供的另一可选实施例中,所述禁止弹出模块240,被配置为终止执行所述界面启动请求。In another optional embodiment provided based on the embodiment illustrated in FIG. 2A, the disable pop-up module 240 is configured to terminate execution of the interface launch request.
在基于图2A所示实施例提供的另一可选实施例中,所述装置还包括:设置接收模块和权限开关模块。In another optional embodiment provided based on the embodiment shown in FIG. 2A, the apparatus further includes: a setting receiving module and a rights switch module.
设置接收模块,被配置为接收云端服务器发送的所述应用的所述后台启动界面权限的推荐开关设置,所述推荐开关设置由所述云端服务器根据为所述应用开启所述后台启动界面权限的用户数量和为所述应用关闭所述后台启动界面权限的用户数量确定。a receiving module configured to receive a recommendation switch setting of the background startup interface permission of the application sent by the cloud server, where the recommendation switch is set by the cloud server according to the permission to open the background startup interface for the application The number of users and the number of users who have turned off the background launch interface permissions for the application.
权限开关模块,被配置为根据所述推荐开关设置为所述应用开启或关闭所述后台启动界面权限。The permission switch module is configured to enable or disable the background startup interface authority for the application according to the recommended switch setting.
需要说明的一点是,上述实施例提供的装置在实现其功能时,仅以上述各个功能模块的划分进行举例说明,实际应用中,可以根据实际需要而将上述功能分配由不同的功能模块完成,即将设备的内容结构划分成不同的功能模块, 以完成以上描述的全部或者部分功能。It should be noted that, when the device provided by the foregoing embodiment implements its function, only the division of each functional module described above is illustrated. In actual applications, the function distribution may be completed by different functional modules according to actual needs. Divide the content structure of the device into different functional modules. To complete all or part of the functions described above.
关于上述实施例中的装置,其中各个模块执行操作的具体方式已经在有关该方法的实施例中进行了详细描述,此处将不做详细阐述说明。With regard to the apparatus in the above embodiments, the specific manner in which the respective modules perform the operations has been described in detail in the embodiment relating to the method, and will not be explained in detail herein.
本公开一示例性实施例还提供了一种权限控制装置,能够实现本公开提供的权限控制方法。该装置包括:处理器,以及用于存储处理器的可执行指令的存储器。其中,处理器被配置为:An exemplary embodiment of the present disclosure also provides an authority control apparatus capable of implementing the authority control method provided by the present disclosure. The apparatus includes a processor and a memory for storing executable instructions of the processor. Wherein the processor is configured to:
获取应用发送的界面启动请求;Obtain an interface startup request sent by the application;
检测所述应用是否在后台运行;Detecting whether the application is running in the background;
若所述应用在后台运行,则检测所述应用是否具备后台启动界面权限;其中,所述后台启动界面权限是指应用在后台运行时弹出界面的权限;If the application is running in the background, detecting whether the application has the background startup interface permission; wherein the background startup interface permission refers to the permission of the application to pop up the interface when running in the background;
若所述应用不具备所述后台启动界面权限,则禁止所述应用的界面弹出。If the application does not have the background startup interface right, the interface of the application is prohibited from popping up.
可选地,处理器被配置为:Optionally, the processor is configured to:
调用应用权限管理器的权限检测方法,向所述权限检测方法发送权限检测请求;其中,所述权限检测请求中携带所述应用的标识,所述权限检测方法用于从所述应用权限管理器中查询获取所述应用是否具备所述后台启动界面权限;Calling the permission detection method of the application rights manager, and sending the permission detection request to the permission detection method; wherein the permission detection request carries an identifier of the application, and the permission detection method is used to use the application permission manager The middle query obtains whether the application has the permission of the background startup interface;
获取所述权限检测方法返回的权限检测结果;其中,所述权限检测结果为:所述应用具备所述后台启动界面权限,或者,所述应用不具备所述后台启动界面权限。Acquiring the permission detection result returned by the permission detection method; wherein the permission detection result is: the application has the background startup interface authority, or the application does not have the background startup interface authority.
可选地,处理器还被配置为:Optionally, the processor is further configured to:
从所述界面启动请求中获取所述应用的标识;Obtaining an identifier of the application from the interface startup request;
其中,所述应用的标识包括:所述应用的包名和当前系统所对应的UID。The identifier of the application includes: a package name of the application and a UID corresponding to the current system.
可选地,处理器被配置为:Optionally, the processor is configured to:
获取系统栈顶应用,所述系统栈顶应用是指当前正在前台运行的应用;Obtaining a system stack top application, where the system top stack application refers to an application currently running in the foreground;
检测所述应用是否为所述系统栈顶应用;Detecting whether the application is the system top application;
若所述应用不是所述系统栈顶应用,则确定所述应用在后台运行;If the application is not the system stack top application, determining that the application is running in the background;
若所述应用是所述系统栈顶应用,则确定所述应用在前台运行。If the application is the system top-of-stack application, it is determined that the application is running in the foreground.
可选地,处理器被配置为:Optionally, the processor is configured to:
终止执行所述界面启动请求。The execution of the interface startup request is terminated.
可选地,处理器还被配置为: Optionally, the processor is further configured to:
接收云端服务器发送的所述应用的所述后台启动界面权限的推荐开关设置,所述推荐开关设置由所述云端服务器根据为所述应用开启所述后台启动界面权限的用户数量和为所述应用关闭所述后台启动界面权限的用户数量确定;Receiving a recommendation switch setting of the background startup interface permission of the application sent by the cloud server, where the recommendation switch is set by the cloud server according to the number of users who open the background startup interface permission for the application and is the application The number of users who close the permission of the background startup interface is determined;
根据所述推荐开关设置为所述应用开启或关闭所述后台启动界面权限。And setting, according to the recommendation switch, the right to enable or disable the background startup interface.
图3是根据一示例性实施例示出的一种装置300的框图。例如,装置300可以是移动电话,计算机,数字广播终端,消息收发设备,游戏控制台,平板设备,医疗设备,健身设备,个人数字助理等。FIG. 3 is a block diagram of an apparatus 300, according to an exemplary embodiment. For example, device 300 can be a mobile phone, a computer, a digital broadcast terminal, a messaging device, a gaming console, a tablet device, a medical device, a fitness device, a personal digital assistant, and the like.
参照图3,装置300可以包括以下一个或多个组件:处理组件302,存储器304,电源组件306,多媒体组件308,音频组件310,输入/输出(I/O)接口312,传感器组件314,以及通信组件316。Referring to FIG. 3, apparatus 300 can include one or more of the following components: processing component 302, memory 304, power component 306, multimedia component 308, audio component 310, input/output (I/O) interface 312, sensor component 314, and Communication component 316.
处理组件302通常控制装置300的整体操作,诸如与显示,电话呼叫,数据通信,相机操作和记录操作相关联的操作。处理组件302可以包括一个或多个处理器320来执行指令,以完成上述的方法的全部或部分步骤。此外,处理组件302可以包括一个或多个模块,便于处理组件302和其他组件之间的交互。例如,处理组件302可以包括多媒体模块,以方便多媒体组件308和处理组件302之间的交互。 Processing component 302 typically controls the overall operation of device 300, such as operations associated with display, telephone calls, data communications, camera operations, and recording operations. Processing component 302 can include one or more processors 320 to execute instructions to perform all or part of the steps described above. Moreover, processing component 302 can include one or more modules to facilitate interaction between component 302 and other components. For example, processing component 302 can include a multimedia module to facilitate interaction between multimedia component 308 and processing component 302.
存储器304被配置为存储各种类型的数据以支持在装置300的操作。这些数据的示例包括用于在装置300上操作的任何应用程序或方法的指令,联系人数据,电话簿数据,消息,图片,视频等。存储器304可以由任何类型的易失性或非易失性存储设备或者它们的组合实现,如静态随机存取存储器(SRAM),电可擦除可编程只读存储器(EEPROM),可擦除可编程只读存储器(EPROM),可编程只读存储器(PROM),只读存储器(ROM),磁存储器,快闪存储器,磁盘或光盘。 Memory 304 is configured to store various types of data to support operation at device 300. Examples of such data include instructions for any application or method operating on device 300, contact data, phone book data, messages, pictures, videos, and the like. The memory 304 can be implemented by any type of volatile or non-volatile storage device, or a combination thereof, such as static random access memory (SRAM), electrically erasable programmable read only memory (EEPROM), erasable. Programmable Read Only Memory (EPROM), Programmable Read Only Memory (PROM), Read Only Memory (ROM), Magnetic Memory, Flash Memory, Disk or Optical Disk.
电源组件306为装置300的各种组件提供电力。电源组件306可以包括电源管理系统,一个或多个电源,及其他与为装置300生成、管理和分配电力相关联的组件。 Power component 306 provides power to various components of device 300. Power component 306 can include a power management system, one or more power sources, and other components associated with generating, managing, and distributing power for device 300.
多媒体组件308包括在所述装置300和用户之间的提供一个输出接口的屏幕。在一些实施例中,屏幕可以包括液晶显示器(LCD)和触摸面板(TP)。如果屏幕包括触摸面板,屏幕可以被实现为触摸屏,以接收来自用户的输入信号。触摸面板包括一个或多个触摸传感器以感测触摸、滑动和触摸面板上的手 势。所述触摸传感器可以不仅感测触摸或滑动动作的边界,而且还检测与所述触摸或滑动操作相关的持续时间和压力。在一些实施例中,多媒体组件308包括一个前置摄像头和/或后置摄像头。当装置300处于操作模式,如拍摄模式或视频模式时,前置摄像头和/或后置摄像头可以接收外部的多媒体数据。每个前置摄像头和后置摄像头可以是一个固定的光学透镜系统或具有焦距和光学变焦能力。The multimedia component 308 includes a screen between the device 300 and the user that provides an output interface. In some embodiments, the screen can include a liquid crystal display (LCD) and a touch panel (TP). If the screen includes a touch panel, the screen can be implemented as a touch screen to receive input signals from the user. The touch panel includes one or more touch sensors to sense touch, slide, and hand on the touch panel Potential. The touch sensor may sense not only the boundary of the touch or sliding action, but also the duration and pressure associated with the touch or slide operation. In some embodiments, the multimedia component 308 includes a front camera and/or a rear camera. When the device 300 is in an operation mode, such as a shooting mode or a video mode, the front camera and/or the rear camera can receive external multimedia data. Each front and rear camera can be a fixed optical lens system or have focal length and optical zoom capabilities.
音频组件310被配置为输出和/或输入音频信号。例如,音频组件310包括一个麦克风(MIC),当装置300处于操作模式,如呼叫模式、记录模式和语音识别模式时,麦克风被配置为接收外部音频信号。所接收的音频信号可以被进一步存储在存储器304或经由通信组件316发送。在一些实施例中,音频组件310还包括一个扬声器,用于输出音频信号。The audio component 310 is configured to output and/or input an audio signal. For example, audio component 310 includes a microphone (MIC) that is configured to receive an external audio signal when device 300 is in an operational mode, such as a call mode, a recording mode, and a voice recognition mode. The received audio signal may be further stored in memory 304 or transmitted via communication component 316. In some embodiments, audio component 310 also includes a speaker for outputting an audio signal.
I/O接口312为处理组件302和外围接口模块之间提供接口,上述外围接口模块可以是键盘,点击轮,按钮等。这些按钮可包括但不限于:主页按钮、音量按钮、启动按钮和锁定按钮。The I/O interface 312 provides an interface between the processing component 302 and the peripheral interface module, which may be a keyboard, a click wheel, a button, or the like. These buttons may include, but are not limited to, a home button, a volume button, a start button, and a lock button.
传感器组件314包括一个或多个传感器,用于为装置300提供各个方面的状态评估。例如,传感器组件314可以检测到装置300的打开/关闭状态,组件的相对定位,例如所述组件为装置300的显示器和小键盘,传感器组件314还可以检测装置300或装置300一个组件的位置改变,用户与装置300接触的存在或不存在,装置300方位或加速/减速和装置300的温度变化。传感器组件314可以包括接近传感器,被配置用来在没有任何的物理接触时检测附近物体的存在。传感器组件314还可以包括光传感器,如CMOS或CCD图像传感器,用于在成像应用中使用。在一些实施例中,该传感器组件314还可以包括加速度传感器,陀螺仪传感器,磁传感器,压力传感器或温度传感器。 Sensor assembly 314 includes one or more sensors for providing status assessment of various aspects to device 300. For example, sensor assembly 314 can detect an open/closed state of device 300, relative positioning of components, such as the display and keypad of device 300, and sensor component 314 can also detect a change in position of one component of device 300 or device 300. The presence or absence of user contact with device 300, device 300 orientation or acceleration/deceleration, and temperature variation of device 300. Sensor assembly 314 can include a proximity sensor configured to detect the presence of nearby objects without any physical contact. Sensor assembly 314 may also include a light sensor, such as a CMOS or CCD image sensor, for use in imaging applications. In some embodiments, the sensor assembly 314 can also include an acceleration sensor, a gyro sensor, a magnetic sensor, a pressure sensor, or a temperature sensor.
通信组件316被配置为便于装置300和其他设备之间有线或无线方式的通信。装置300可以接入基于通信标准的无线网络,如Wi-Fi,2G或3G,或它们的组合。在一个示例性实施例中,通信组件316经由广播信道接收来自外部广播管理系统的广播信号或广播相关信息。在一个示例性实施例中,所述通信组件316还包括近场通信(NFC)模块,以促进短程通信。例如,在NFC模块可基于射频识别(RFID)技术,红外数据协会(IrDA)技术,超宽带(UWB)技术,蓝牙(BT)技术和其他技术来实现。 Communication component 316 is configured to facilitate wired or wireless communication between device 300 and other devices. The device 300 can access a wireless network based on a communication standard, such as Wi-Fi, 2G or 3G, or a combination thereof. In an exemplary embodiment, communication component 316 receives broadcast signals or broadcast associated information from an external broadcast management system via a broadcast channel. In an exemplary embodiment, the communication component 316 also includes a near field communication (NFC) module to facilitate short range communication. For example, the NFC module can be implemented based on radio frequency identification (RFID) technology, infrared data association (IrDA) technology, ultra-wideband (UWB) technology, Bluetooth (BT) technology, and other technologies.
在示例性实施例中,装置300可以被一个或多个应用专用集成电路 (ASIC)、数字信号处理器(DSP)、数字信号处理设备(DSPD)、可编程逻辑器件(PLD)、现场可编程门阵列(FPGA)、控制器、微控制器、微处理器或其他电子元件实现,用于执行上述方法。In an exemplary embodiment, device 300 may be implemented by one or more application specific integrated circuits (ASIC), digital signal processor (DSP), digital signal processing device (DSPD), programmable logic device (PLD), field programmable gate array (FPGA), controller, microcontroller, microprocessor or other electronics Component implementation for performing the above method.
在示例性实施例中,还提供了一种包括指令的非临时性计算机可读存储介质,例如包括指令的存储器304,上述指令可由装置300的处理器320执行以完成上述方法。例如,所述非临时性计算机可读存储介质可以是ROM、随机存取存储器(RAM)、CD-ROM、磁带、软盘和光数据存储设备等。In an exemplary embodiment, there is also provided a non-transitory computer readable storage medium comprising instructions, such as a memory 304 comprising instructions executable by processor 320 of apparatus 300 to perform the above method. For example, the non-transitory computer readable storage medium may be a ROM, a random access memory (RAM), a CD-ROM, a magnetic tape, a floppy disk, and an optical data storage device.
一种非临时性计算机可读存储介质,当所述存储介质中的指令由装置300的处理器执行时,使得装置300能够执行上述方法。A non-transitory computer readable storage medium, when instructions in the storage medium are executed by a processor of apparatus 300, to enable apparatus 300 to perform the above method.
应当理解的是,在本文中提及的“多个”是指两个或两个以上。“和/或”,描述关联对象的关联关系,表示可以存在三种关系,例如,A和/或B,可以表示:单独存在A,同时存在A和B,单独存在B这三种情况。字符“/”一般表示前后关联对象是一种“或”的关系。It should be understood that "a plurality" as referred to herein means two or more. "and/or", describing the association relationship of the associated objects, indicating that there may be three relationships, for example, A and/or B, which may indicate that there are three cases where A exists separately, A and B exist at the same time, and B exists separately. The character "/" generally indicates that the contextual object is an "or" relationship.
本领域技术人员在考虑说明书及实践这里公开的发明后,将容易想到本公开的其它实施方案。本申请旨在涵盖本公开的任何变型、用途或者适应性变化,这些变型、用途或者适应性变化遵循本公开的一般性原理并包括本公开未公开的本技术领域中的公知常识或惯用技术手段。说明书和实施例仅被视为示例性的,本公开的真正范围和精神由下面的权利要求指出。Other embodiments of the present disclosure will be apparent to those skilled in the <RTIgt; The present application is intended to cover any variations, uses, or adaptations of the present disclosure, which are in accordance with the general principles of the disclosure and include common general knowledge or common technical means in the art that are not disclosed in the present disclosure. . The specification and examples are to be regarded as illustrative only,
应当理解的是,本公开并不局限于上面已经描述并在附图中示出的精确结构,并且可以在不脱离其范围进行各种修改和改变。本公开的范围仅由所附的权利要求来限制。 It is to be understood that the invention is not limited to the details of the details and The scope of the disclosure is to be limited only by the appended claims.

Claims (13)

  1. 一种权限控制方法,其特征在于,所述方法包括:A method for controlling rights, characterized in that the method comprises:
    获取应用发送的界面启动请求;Obtain an interface startup request sent by the application;
    检测所述应用是否在后台运行;Detecting whether the application is running in the background;
    若所述应用在后台运行,则检测所述应用是否具备后台启动界面权限;其中,所述后台启动界面权限是指应用在后台运行时弹出界面的权限;If the application is running in the background, detecting whether the application has the background startup interface permission; wherein the background startup interface permission refers to the permission of the application to pop up the interface when running in the background;
    若所述应用不具备所述后台启动界面权限,则禁止所述应用的界面弹出。If the application does not have the background startup interface right, the interface of the application is prohibited from popping up.
  2. 根据权利要求1所述的方法,其特征在于,所述检测所述应用是否具备后台启动界面权限,包括:The method according to claim 1, wherein the detecting whether the application has a background startup interface permission comprises:
    调用应用权限管理器的权限检测方法,向所述权限检测方法发送权限检测请求;其中,所述权限检测请求中携带所述应用的标识,所述权限检测方法用于从所述应用权限管理器中查询获取所述应用是否具备所述后台启动界面权限;Calling the permission detection method of the application rights manager, and sending the permission detection request to the permission detection method; wherein the permission detection request carries an identifier of the application, and the permission detection method is used to use the application permission manager The middle query obtains whether the application has the permission of the background startup interface;
    获取所述权限检测方法返回的权限检测结果;其中,所述权限检测结果为:所述应用具备所述后台启动界面权限,或者,所述应用不具备所述后台启动界面权限。Acquiring the permission detection result returned by the permission detection method; wherein the permission detection result is: the application has the background startup interface authority, or the application does not have the background startup interface authority.
  3. 根据权利要求2所述的方法,其特征在于,所述方法还包括:The method of claim 2, wherein the method further comprises:
    从所述界面启动请求中获取所述应用的标识;Obtaining an identifier of the application from the interface startup request;
    其中,所述应用的标识包括:所述应用的包名和当前系统所对应的用户个人身份识别码UID。The identifier of the application includes: a package name of the application and a user personal identification code UID corresponding to the current system.
  4. 根据权利要求1至3任一项所述的方法,其特征在于,所述检测所述应用是否在后台运行,包括:The method according to any one of claims 1 to 3, wherein the detecting whether the application is running in the background comprises:
    获取系统栈顶应用,所述系统栈顶应用是指当前正在前台运行的应用;Obtaining a system stack top application, where the system top stack application refers to an application currently running in the foreground;
    检测所述应用是否为所述系统栈顶应用;Detecting whether the application is the system top application;
    若所述应用不是所述系统栈顶应用,则确定所述应用在后台运行;If the application is not the system stack top application, determining that the application is running in the background;
    若所述应用是所述系统栈顶应用,则确定所述应用在前台运行。 If the application is the system top-of-stack application, it is determined that the application is running in the foreground.
  5. 根据权利要求1至4任一项所述的方法,其特征在于,所述禁止所述应用的界面弹出,包括:The method according to any one of claims 1 to 4, wherein the prohibiting the interface of the application from popping up comprises:
    终止执行所述界面启动请求。The execution of the interface startup request is terminated.
  6. 根据权利要求1至5任一项所述的方法,其特征在于,所述方法还包括:The method according to any one of claims 1 to 5, further comprising:
    接收云端服务器发送的所述应用的所述后台启动界面权限的推荐开关设置,所述推荐开关设置由所述云端服务器根据为所述应用开启所述后台启动界面权限的用户数量和为所述应用关闭所述后台启动界面权限的用户数量确定;Receiving a recommendation switch setting of the background startup interface permission of the application sent by the cloud server, where the recommendation switch is set by the cloud server according to the number of users who open the background startup interface permission for the application and is the application The number of users who close the permission of the background startup interface is determined;
    根据所述推荐开关设置为所述应用开启或关闭所述后台启动界面权限。And setting, according to the recommendation switch, the right to enable or disable the background startup interface.
  7. 一种权限控制装置,其特征在于,所述装置包括:A permission control device, characterized in that the device comprises:
    请求获取模块,被配置为获取应用发送的界面启动请求;The request acquisition module is configured to obtain an interface startup request sent by the application;
    运行检测模块,被配置为检测所述应用是否在后台运行;Running a detection module configured to detect whether the application is running in the background;
    权限检测模块,被配置为当所述应用在后台运行时,检测所述应用是否具备后台启动界面权限;其中,所述后台启动界面权限是指应用在后台运行时弹出界面的权限;The permission detection module is configured to detect, when the application is running in the background, whether the application has the background startup interface authority; wherein the background startup interface permission refers to the permission of the application to pop up the interface when running in the background;
    禁止弹出模块,被配置为当所述应用不具备所述后台启动界面权限时,禁止所述应用的界面弹出。The pop-up module is disabled, and is configured to prohibit the interface of the application from popping up when the application does not have the permission of the background startup interface.
  8. 根据权利要求7所述的装置,其特征在于,所述权限检测模块,包括:The device according to claim 7, wherein the authority detecting module comprises:
    方法调用子模块,被配置为调用应用权限管理器的权限检测方法,向所述权限检测方法发送权限检测请求;其中,所述权限检测请求中携带所述应用的标识,所述权限检测方法用于从所述应用权限管理器中查询获取所述应用是否具备所述后台启动界面权限;The method call submodule is configured to invoke a permission detection method of the application rights manager, and send a permission detection request to the permission detection method; wherein the permission detection request carries an identifier of the application, and the permission detection method uses Querying, by the application rights manager, whether the application has the background startup interface authority;
    结果获取子模块,被配置为获取所述权限检测方法返回的权限检测结果;其中,所述权限检测结果为:所述应用具备所述后台启动界面权限,或者,所述应用不具备所述后台启动界面权限。The result obtaining sub-module is configured to obtain the permission detection result returned by the permission detection method, wherein the permission detection result is: the application has the background startup interface authority, or the application does not have the background Start interface permissions.
  9. 根据权利要求8所述的装置,其特征在于,所述装置还包括:The device according to claim 8, wherein the device further comprises:
    标识获取模块,被配置为从所述界面启动请求中获取所述应用的标识;An identifier obtaining module, configured to obtain an identifier of the application from the interface startup request;
    其中,所述应用的标识包括:所述应用的包名和当前系统所对应的用户个 人身份识别码UID。The identifier of the application includes: a package name of the application and a user corresponding to the current system. Human identification code UID.
  10. 根据权利要求7至9任一项所述的装置,其特征在于,所述运行检测模块,包括:The device according to any one of claims 7 to 9, wherein the operation detecting module comprises:
    栈顶获取子模块,被配置为获取系统栈顶应用,所述系统栈顶应用是指当前正在前台运行的应用;a top-of-stack acquisition sub-module configured to acquire a system stack top application, where the system top-of-stack application refers to an application currently running in the foreground;
    应用检测子模块,被配置为检测所述应用是否为所述系统栈顶应用;An application detection submodule configured to detect whether the application is the system top application;
    第一确定子模块,被配置为当所述应用不是所述系统栈顶应用时,确定所述应用在后台运行;a first determining submodule configured to determine that the application is running in the background when the application is not the system top application;
    第二确定子模块,被配置为当所述应用是所述系统栈顶应用时,确定所述应用在前台运行。The second determining submodule is configured to determine that the application is running in the foreground when the application is the system stack top application.
  11. 根据权利要求7至10任一项所述的装置,其特征在于,A device according to any one of claims 7 to 10, characterized in that
    所述禁止弹出模块,被配置为终止执行所述界面启动请求。The prohibition pop-up module is configured to terminate execution of the interface initiation request.
  12. 根据权利要求7至11任一项所述的装置,其特征在于,所述装置还包括:The device according to any one of claims 7 to 11, wherein the device further comprises:
    设置接收模块,被配置为接收云端服务器发送的所述应用的所述后台启动界面权限的推荐开关设置,所述推荐开关设置由所述云端服务器根据为所述应用开启所述后台启动界面权限的用户数量和为所述应用关闭所述后台启动界面权限的用户数量确定;a receiving module configured to receive a recommendation switch setting of the background startup interface permission of the application sent by the cloud server, where the recommendation switch is set by the cloud server according to the permission to open the background startup interface for the application The number of users and the number of users who have turned off the background startup interface rights for the application;
    权限开关模块,被配置为根据所述推荐开关设置为所述应用开启或关闭所述后台启动界面权限。The permission switch module is configured to enable or disable the background startup interface authority for the application according to the recommended switch setting.
  13. 一种权限控制装置,其特征在于,所述装置包括:A permission control device, characterized in that the device comprises:
    处理器;processor;
    用于存储所述处理器的可执行指令的存储器;a memory for storing executable instructions of the processor;
    其中,所述处理器被配置为:Wherein the processor is configured to:
    获取应用发送的界面启动请求;Obtain an interface startup request sent by the application;
    检测所述应用是否在后台运行;Detecting whether the application is running in the background;
    若所述应用在后台运行,则检测所述应用是否具备后台启动界面权限;其 中,所述后台启动界面权限是指应用在后台运行时弹出界面的权限;If the application is running in the background, detecting whether the application has the background startup interface permission; The background startup interface permission refers to the permission of the application to pop up the interface when running in the background;
    若所述应用不具备所述后台启动界面权限,则禁止所述应用的界面弹出。 If the application does not have the background startup interface right, the interface of the application is prohibited from popping up.
PCT/CN2016/099066 2016-09-14 2016-09-14 Permission control method and device WO2018049610A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201680000872.5A CN106462698A (en) 2016-09-14 2016-09-14 Authority control method and authority control device
PCT/CN2016/099066 WO2018049610A1 (en) 2016-09-14 2016-09-14 Permission control method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2016/099066 WO2018049610A1 (en) 2016-09-14 2016-09-14 Permission control method and device

Publications (1)

Publication Number Publication Date
WO2018049610A1 true WO2018049610A1 (en) 2018-03-22

Family

ID=58215184

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/099066 WO2018049610A1 (en) 2016-09-14 2016-09-14 Permission control method and device

Country Status (2)

Country Link
CN (1) CN106462698A (en)
WO (1) WO2018049610A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111984340A (en) * 2020-08-20 2020-11-24 北京像素软件科技股份有限公司 Application program starting method and device, readable storage medium and electronic equipment
CN113504855A (en) * 2021-07-13 2021-10-15 读书郎教育科技有限公司 Prompting and aging control method and device for Android application permission confirmation

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107016281A (en) * 2017-03-23 2017-08-04 北京金山安全软件有限公司 Permission setting method and device of application program and electronic equipment
CN107423164B (en) * 2017-07-21 2021-02-09 北京小米移动软件有限公司 Application restart method and device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105426703A (en) * 2015-10-30 2016-03-23 安一恒通(北京)科技有限公司 Application processing method and apparatus
CN105487758A (en) * 2015-12-11 2016-04-13 小米科技有限责任公司 Method and device for popup control of application software, and terminal equipment
CN105631311A (en) * 2015-04-27 2016-06-01 宇龙计算机通信科技(深圳)有限公司 Application program authority management method and device as well as terminal

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104378384A (en) * 2014-12-01 2015-02-25 深圳如果技术有限公司 Access control method, access control equipment and cloud server
CN104820791B (en) * 2015-05-19 2017-12-15 大唐网络有限公司 The authority control method and system of application software
CN105553963B (en) * 2015-12-10 2019-11-29 小米科技有限责任公司 The control method and device of positioning service

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105631311A (en) * 2015-04-27 2016-06-01 宇龙计算机通信科技(深圳)有限公司 Application program authority management method and device as well as terminal
CN105426703A (en) * 2015-10-30 2016-03-23 安一恒通(北京)科技有限公司 Application processing method and apparatus
CN105487758A (en) * 2015-12-11 2016-04-13 小米科技有限责任公司 Method and device for popup control of application software, and terminal equipment

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111984340A (en) * 2020-08-20 2020-11-24 北京像素软件科技股份有限公司 Application program starting method and device, readable storage medium and electronic equipment
CN111984340B (en) * 2020-08-20 2024-05-14 北京像素软件科技股份有限公司 Application program starting method and device, readable storage medium and electronic equipment
CN113504855A (en) * 2021-07-13 2021-10-15 读书郎教育科技有限公司 Prompting and aging control method and device for Android application permission confirmation
CN113504855B (en) * 2021-07-13 2023-06-16 读书郎教育科技有限公司 Prompting and aging control method and device for confirming Android application permission

Also Published As

Publication number Publication date
CN106462698A (en) 2017-02-22

Similar Documents

Publication Publication Date Title
JP6101866B2 (en) Child mode processing method, apparatus, program, and recording medium
US10129044B2 (en) Method and apparatus for controlling smart device
US9860844B2 (en) Method and apparatus of temperature control
US10075445B2 (en) Methods and devices for permission management
WO2017113660A1 (en) Application program management method and device
US20170289181A1 (en) Payment method, apparatus and medium
CN106528081B (en) Operation execution method and device
US11281363B2 (en) Method and device for setting identity image
WO2018049610A1 (en) Permission control method and device
JP6276863B2 (en) Traffic control method and apparatus for mobile router
CN110647373A (en) Application page intercepting method and device
US20170293494A1 (en) Method and device for starting application interface
WO2018049609A1 (en) Permission control method and device
WO2018072193A1 (en) Method and device for controlling application to start automatically
US10027629B2 (en) Short message service reading method and device
WO2018049611A1 (en) Permission control method and device
CN107463809B (en) Application icon display method and device
CN107656616B (en) Input interface display method and device and electronic equipment
CN106201738B (en) System broadcast calling method and device
WO2017166461A1 (en) Method and apparatus for managing application program call
US9674768B2 (en) Method and device for accessing wireless network
CN107894909B (en) Method, device and storage medium for limiting Activity starting
CN107357643B (en) Application calling method and device and computer readable storage medium
CN113806741A (en) Information processing method and device
CN107133531B (en) Application lock use reminding method and device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16915995

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16915995

Country of ref document: EP

Kind code of ref document: A1