1.<uses-permission>:
官方描述:
If an application needs access to a feature protected by a permission, it must declare that it requires that permission with a <uses-permission>
element in the manifest. Then, when the application is installed on the device, the installer determines whether or not to grant the requested
permission by checking the authorities that signed the application's certificates and, in some cases, asking the user. If the permission is granted,
the application is able to use the protected features. If not, its attempts to access those features will simply fail without any notification to the user.
如果一个应用需要访问一个受permission保护的特性,那这个应用必须在 manifest中以 <uses-permission> 节点声明它所需要的权限。当这个应用安装在设备的时候,
安装器会决定是否授予它所声明的权限,这有时候会询问用户。如果权限被授予了,这个应用才能使用受保护的特性,否则的话, 访问失败并且 不会 通知用户。
注意:不一定是调用其他应用程序才要声明 <uses-permission> ,有时甚至调用自己应用的程序的组件都要声明!!!(下面的例子会说到)
2. <permission>:
An application can also protect its own components (activities, services, broadcast receivers, and content providers) with permissions.
It can employ any of the permissions defined by Android (listed in android.Manifest.permission ) or declared by other applications. Or
it can define its own. A new permission is declared with the <permission> element.
一个应用程序也能用 permissions 保护自己的组件,它能使用android系统定义的或者其他应用定义的又或者自身应用定义的permissions,如果要想定义一个新的permission,
可以用 <permission> 节点来定义。如下:
<permission android:description="string resource" android:icon="drawable resource" android:label="string resource" android:name="string" android:permissionGroup="string" android:protectionLevel=["normal" | "dangerous" | "signature" | "signatureOrSystem"] />
For example, an activity could be protected as follows:
<manifest . . . > <permission android:name="com.example.project.DEBIT_ACCT" . . . /> <uses-permission android:name="com.example.project.DEBIT_ACCT" /> . . . <application . . .> <activity android:name="com.example.project.FreneticActivity" android:permission="com.example.project.DEBIT_ACCT" . . . > . . . </activity> </application> </manifest>
Note that, in this example, the DEBIT_ACCT permission is not only declared with the <permission> element, its use is also requested with the <uses-permission>element.
Its use must be requested in order for other components of the application to launch the protected activity, even though the protection is imposed by the application itself. If, in the same example, the permission attribute was set to a permission declared elsewhere (such as android.permission.CALL_EMERGENCY_NUMBERS , it would not have been
necessary to declare it again with a <permission> element. However, it would still have been necessary to request its use with <uses-permission> .
注意的是,在这个例子中, DEBIT_ACCT这个权限不仅在<permission>中声明,并且也在<uses-permission>中声明,要想在这应用的其他组件启动这个受保护的activity时,
在<uses-permission>中声明DEBIT_ACCT这个权限是必须的,即使这个保护是这个应用本身加上的。(这印证了上面第1点说的)。
注意,如果添加的permission是其他地方定义的,那就没必要再<permission>声明一次,但是,仍然用<uses-permission>声明这个权限。
参考:
http://developer.android.com/guide/topics/manifest/manifest-intro.html#perms
http://berdy.iteye.com/blog/1782854
http://blog.csdn.net/lilu_leo/article/details/6940941