问题
My app allows users to import their photos and videos from other apps. Now that Google replaced Google+ Photos with Google Photos, couple of things broke for me. One of these things is re-using imported files after app restart. I have a feeling they've tightened up the permissions given out when Google Photos returns the intent with the image URI, so after my app gets killed it no longer has the permission to access the uploaded file. I'm getting the Security expection:
java.lang.SecurityException: Permission Denial: opening provider com.google.android.apps.photos.contentprovider.MediaContentProvider from ProcessRecord{2c17ab9e 2124:com.myapp.myapp/u0a436} (pid=2124, uid=10436) that is not exported from uid 10427
EDIT:
I'm also getting the same problem with reusing files provided by com.google.android.apps.docs.sync.filemanager.FileProvider
Any suggestions/workaround? I know I can read the file before I lost permission so in theory I could copy it but I can't say I like this very much..
回答1:
Yep, this is by design, as described on Android Developer site.
For security reasons, the permissions are temporary, so once the client app's task stack is finished, the file is no longer accessible. You must get the file data when you receive the intent answer, in the onActivityResult method. Store a copy of the file data, because the file won't be available anymore when onActivityResult returns.
回答2:
You can reproduce this SecurityException Log when you use the "Google Photo" app.
Main cause of this problem is "Google Photo" shares ContentUri with fixed string like "content://com.google.android.apps.photos.contentprovider/1/1" and connect it with a static temporary values. "Google Photo" does not provide the file path when the actual Activity or Context which receives Intent.ACTION_SEND. Maybe, it is the policy of "Google Photo", not to expose the private image file to other app.
For example, you defines 2 Activity in Manifest file, Actvity A and Activity B. Activity A for receives the Intent.ACTION_SEND. Activity B for processing the image file. Activity A forward the intent to Activity B. Then Activity B is not the correct Activity to "Google Photo", you encounters the SecurityException.
So, I recommend you to save the file temporarily on Activity A and use the temporary file path on Activity B
回答3:
maybe you can try adding this user-permission into your manifest file.
<uses-permission android:name="com.google.android.providers.gsf.permission.READ_GSERVICES" />
回答4:
You need to set permissions explicitly to all packages match your intent. It happens in Android 4.4 usually.
you can use this utility to do that :
List<ResolveInfo> resInfoList = getContext().getPackageManager().queryIntentActivities(intent, PackageManager.MATCH_DEFAULT_ONLY);
for (ResolveInfo resolveInfo : resInfoList) {
String packageName = resolveInfo.activityInfo.packageName;
getContext().grantUriPermission(packageName, imageFileUri, Intent.FLAG_GRANT_WRITE_URI_PERMISSION | Intent.FLAG_GRANT_READ_URI_PERMISSION);
}
回答5:
Looks like this question is simular
I think when activity (not fragment) dies - all retrieved by it URI become invalidated
I also have the same problem - trying to upload picture in background. But user in UI thread may change activity and URI becomes invalid
回答6:
I have same issue with this, and you and try the follow work around methods:
Android 5.1.1 lollipop return null file path if image chosen from gallery
https://gist.github.com/alexzaitsev/75c9b36dfcffd545c676
Choosing photo using new Google Photos app is broken
来源:https://stackoverflow.com/questions/30572261/using-data-from-context-providers-or-requesting-google-photos-read-permission