我有授予的反向权限的应用程序的麻烦，我 希望提供与敏感数据以控制的方式。

I am having trouble granting "reverse permissions" for apps that I wish to provide with sensitive data in a controlled manner.

我的应用程序是一个时间跟踪和，因为时间跟踪日志 可考虑的个人信息，我创建了一个许可 访问它，并赋予它android.permission- group.PERSONAL_INFO权限组。

My application is a time tracker and, because the time-tracking log could be considered personal information, I have created a permission for accessing it and assigned it the android.permission- group.PERSONAL_INFO permission group.

从手机中导出的时间记录，我将送能力 日志作为电子邮件附件。该附件由一个产生 是受我的新追加的权限保护的内容提供者。我的 code发送的邮件看起来是这样的：

To export the time log from the phone I am adding the ability to send the log as an email attachment. The attachment is generated by a content provider that is protected by my newly added permission. My code for sending the email looks like this:

   String email = "someone@example.com";
   Uri uri = TimeLog.CSVAttachment.CONTENT_URI;
   Intent i = new Intent(Intent.ACTION_SEND, uri);
   i.setType("text/csv");
   i.putExtra(Intent.EXTRA_EMAIL, new String[]{email});
   i.putExtra(Intent.EXTRA_SUBJECT, "Time log");
   i.putExtra(Intent.EXTRA_TEXT, "Hello World!");
   i.putExtra(Intent.EXTRA_STREAM, uri);
   i.addFlags(Intent.FLAG_GRANT_READ_URI_PERMISSION);
   startActivity(i);

在我的HTC手机运行它，我得到的Gmail之间弹出的选择 和HTC的邮件。选择Gmail中，我得到这个异​​常的Gmail应用程序：

When running it on my HTC phone, I get a pop-up choice between Gmail and HTC mail. Choosing Gmail, I get this exception in the Gmail app:

ERROR/AndroidRuntime(8169): Caused by: java.lang.SecurityException:
Permission Denial: reading com.mycompany.timelog.TimeLog uri
content://com.mycompany.timelog/csv_attachment from pid=8169,
uid=10035 requires com.mycompany.timelog.permission.READ_TIME_LOG

我确实有安卓grantUriPermissions =真正的在我的供应商确定，但 这不是帮助。我有一个理论，为什么出现这种情况。我有 预计FLAG_GRANT_READ_URI_PERMISSION给Gmail的权利 访问我的内容提供商，但我认为真正的情况是， 此权限被授予 com.android.internal.app.ResolverActivity因为有多个 一场比赛的意图和Android创造了一个包装活动 显示所述选择的用户。

I do have android:grantUriPermissions="true" set on my provider but that's not helping. I have a theory about why this happens. I had expected FLAG_GRANT_READ_URI_PERMISSION to give Gmail the right to access my content provider, but I think what really happens is that this permission is granted to com.android.internal.app.ResolverActivity because there is more than one match for the Intent and Android creates a wrapper activity for displaying the choice to the user.

于是，我试着硬编码到这一点我的应用程序只是用于测试：

So, I've tried hard-coding this into my app just for testing:

   grantUriPermission("com.google.android.gm", uri,
       Intent.FLAG_GRANT_READ_URI_PERMISSION);

这使得Gmail中正确显示的电子邮件，我可以preSS 发送。不幸的是，在Gmail已经关闭，我得到这个例外 com.google.process.gapps：

This allows Gmail to display the email correctly and I can press "Send". Unfortunately, after GMail has closed I get this exception in com.google.process.gapps:

ERROR / AndroidRuntime（7617）：java.lang.SecurityException异常：权限 拒绝：读取com.mycompany.timelog.TimeLog URI 内容：//com.mycompany.timelog/csv_attachment从PID = 7617， UID = 10011要求 com.mycompany.timelog.permission.READ_TIME_LOG

ERROR/AndroidRuntime(7617): java.lang.SecurityException: Permission Denial: reading com.mycompany.timelog.TimeLog uri content://com.mycompany.timelog/csv_attachment from pid=7617, uid=10011 requires com.mycompany.timelog.permission.READ_TIME_LOG

请注意，这是从一个不同的PID和UID到来。这是因为 到openAssetFile实际调用一些同步提供情况 属于不同的包组件 （com.google.android.googleapps？）。

Note that this is coming from a different PID and UID. This is because the actual call to openAssetFile happens from some sync provider component that belongs to a different package (com.google.android.googleapps?).

虽然我最终找到一种方法来授予权限一些希望 我的 ACTION_SEND 意图的最终接收者，一个事实，即通话 一些完全不同的，实际上到openAssetFile发生 不相关的包装让我感到困惑，如何授予的权限是 应该工作

While I had some hope of eventually finding a way to grant permissions to the final receiver of my ACTION_SEND intent, the fact that the call to openAssetFile happens from some entirely different and practically unrelated package leaves me baffled as to how permission granting is supposed to work.

所以，最后我的问题是，因为日志是敏感数据， 我将如何让同时保持高它被作为电子邮件附件 用户的隐私（例如，而不会使附着世界 可读）？

So ultimately my question is, given that the log is sensitive data, how would I allow it to be emailed as an attachment while honoring the privacy of the user (e.g. without making the attachment world readable)?

推荐答案

从未来亲爱的人，

好像连谷歌自己解决这个问题的另一种方式，我迷迷糊糊，而试图解决同样的问题时。

It seems even google itself solves this problem in another way which i stumbled upon while trying to solve this same problem.

如果你看一下 com.android.contacts.detail.ContactLoaderFragment 你的方法私人乌里得到preAuthorizedUri（URI URI找到）：

If you look at com.android.contacts.detail.ContactLoaderFragment you find in the method private Uri getPreAuthorizedUri(Uri uri):

mContext.getContentResolver().call(
            ContactsContract.AUTHORITY_URI,
            ContactsContract.Authorization.AUTHORIZATION_METHOD,
            null,
            uriBundle);

解析为 com.android.providers.contacts.ContactsProvider2 其中，类似的通话方法的URI添加到地图米preAuthorizedUris 被用在查询/更新/... - 方法。

Which resolves to com.android.providers.contacts.ContactsProvider2 where a similar call method add the uri to a map mPreAuthorizedUris which is used in the query/update/...-methods.

这调用的返回值被放在意图再使用。

The return value of that call is put in the Intent and then used.