了解如何在应用配置文件中配置和添加权限。
当开发需要访问用户设备上的潜在敏感信息(例如位置或联系人)的原生应用时,应用必须首先请求用户的许可。例如,要访问用户的媒体库,应用需要运行 MediaLibrary.requestPermissionsAsync()。
¥When developing a native app that requires access to potentially sensitive information on a user's device, such as their location or contacts, the app must request the user's permission first. For example, to access the user's media library, the app will need to run MediaLibrary.requestPermissionsAsync().
独立和 开发构建 中的权限需要原生构建时配置,然后才能使用运行时 JavaScript 代码请求。在 Expo 应用中测试项目时不需要这样做。
¥Permissions in standalone and development builds require native build-time configuration before they can be requested using runtime JavaScript code. This is not required when testing projects in the Expo Go app.
如果你没有正确配置或解释原生权限,可能会导致你的应用被拒绝或从商店下架。
¥If you don't configure or explain the native permissions properly it may result in your app getting rejected or pulled from the stores.
¥Android
使用 应用配置 中的 android.permissions 和 android.blockedPermissions 键配置权限。
¥Permissions are configured with the android.permissions and android.blockedPermissions keys in your app config.
大多数权限由你在应用中使用的库自动添加,无论是使用 配置插件 还是使用包级 AndroidManifest.xml。你只需要使用 android.permissions 添加默认情况下未包含在库中的其他权限。
¥Most permissions are added automatically by libraries that you use in your app either with config plugins or with a package-level AndroidManifest.xml. You only need to use android.permissions to add additional permissions that are not included by default in a library.
{
"android": {
"permissions": ["android.permission.SCHEDULE_EXACT_ALARM"]
}
}
删除包级 AndroidManifest.xml 文件添加的权限的唯一方法是使用 android.blockedPermissions 属性阻止它们。为此,请指定完整的权限名称。例如,如果你想删除 expo-av 添加的录音权限:
¥The only way to remove permissions that are added by package-level AndroidManifest.xml files is to block them with the android.blockedPermissions property. To do this, specify the full permission name. For example, if you want to remove the audio recording permissions added by expo-av:
{
"android": {
"blockedPermissions": ["android.permission.RECORD_AUDIO"]
}
}
请参阅 android.permissions 了解默认 预构建模板 中包含哪些权限。
¥See android.permissions to learn about which permissions are included in the default prebuild template.
没有正当理由而使用危险或签名权限的应用可能会被 Google 拒绝。确保在提交应用时遵循 Android 权限最佳实践。
¥Apps using dangerous or signature permissions without valid reasons may be rejected by Google. Ensure you follow the Android permissions best practices when submitting your app.
修改 AndroidManifest.xml 以排除特定权限:将 tools:node="remove" 属性添加到 <use-permission> 标记以确保将其删除,即使它包含在库 AndroidManifest.xml 中也是如此。
¥Modify AndroidManifest.xml to exclude specific permissions: add the tools:node="remove" attribute to a <use-permission> tag to ensure it is removed, even if it's included in a library AndroidManifest.xml.
<manifest xmlns:tools="http://schemas.android.com/tools">
<uses-permission tools:node="remove" android:name="android.permission.ACCESS_FINE_LOCATION" />
</manifest>
你必须先在
<manifest>上定义xmlns:tools属性,然后才能在权限上使用tools:node属性。¥You have to define the
xmlns:toolsattribute on<manifest>before you can use thetools:nodeattribute on permissions.
¥iOS
你的 iOS 应用可以向用户请求系统权限。例如,要使用设备的相机或访问照片,Apple 需要说明你的应用如何使用这些数据。大多数软件包都会自动提供 配置插件 给定权限的样板原因。这些默认消息很可能需要根据你的特定用例进行定制,以便你的应用被 App Store 接受。
¥Your iOS app can ask for system permissions from the user. For example, to use the device's camera or access photos, Apple requires an explanation for how your app makes use of that data. Most packages will automatically provide a boilerplate reason for a given permission with config plugins. These default messages will most likely need to be tailored to your specific use case for your app to be accepted by the App Store.
要设置权限消息,请使用 应用配置 中的 ios.infoPlist 键,例如:
¥To set permission messages, use the ios.infoPlist key in your app config, for example:
{
"ios": {
"infoPlist": {
"NSCameraUsageDescription": "This app uses the camera to scan barcodes on event tickets."
}
}
}
其中许多属性还可以使用与添加它们的库关联的 配置插件 属性直接进行配置。例如,使用 expo-media-library,你可以像这样配置照片权限消息:
¥Many of these properties are also directly configurable using the config plugin properties associated with the library that adds them. For example, with expo-media-library you can configure photo permission messages like this:
{
"plugins": [
[
"expo-media-library",
{
"photosPermission": "Allow $(PRODUCT_NAME) to access your photos.",
"savePhotosPermission": "Allow $(PRODUCT_NAME) to save photos."
}
]
]
}
对 Info.plist 的更改无法通过无线方式更新,只有在你提交新的原生二进制文件时才会部署它们,例如:使用 eas build。
¥Changes to the Info.plist cannot be updated over-the-air, they will only be deployed when you submit a new native binary, eg: with eas build.
苹果官方 权限消息建议。
¥Apple's official permission message recommendations.
直接在 Info.plist 文件中添加和修改权限消息值。我们建议直接在 Xcode 中执行此操作以进行自动补全。
¥Add and modify the permission message values in Info.plist file directly. We recommend doing this directly in Xcode for autocompletion.
在网络上,像 Camera 和 Location 这样的权限只能从 安全上下文 请求。例如,使用 https:// 或 http://localhost。此限制类似于 Android 的清单权限和 iOS 的 Info.plist 使用消息,并且强制执行以提高隐私性。
¥On the web, permissions like the Camera and Location can only be requested from a secure context. For example, using https:// or http://localhost. This limitation is similar to Android's manifest permissions and iOS's Info.plist usage messages and is enforced to increase privacy.
¥Resetting permissions
通常,你希望能够测试用户拒绝权限时会发生什么,以确保你的应用正常反应。Android 和 iOS 上的操作系统级别限制禁止应用多次请求相同的权限(你可以想象,如果用户在拒绝权限后反复提示权限,这会是多么烦人)。要测试涉及开发权限的不同流程,你可能需要卸载并重新安装原生应用。
¥Often you want to be able to test what happens when a user rejects permissions, to ensure your app reacts gracefully. An operating-system level restriction on both Android and iOS prohibits an app from asking for the same permission more than once (you can imagine how this could be annoying for the user to be repeatedly prompted for permissions after rejecting them). To test different flows involving permissions in development, you may need to uninstall and reinstall the native app.
在 Expo 中测试时,你可以通过运行 npx expo start 并在 Expo CLI 终端 UI 中按 i 或 a 来删除应用并重新安装。
¥When testing in Expo Go, you can delete the app and reinstall it by running npx expo start and pressing i or a in the Expo CLI Terminal UI.