xcode 即使设置为“从不”,也可以访问 iOS11 照片库
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/46404628/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
iOS11 photo library access is possible even if settings are set to "never"
提问by gvuksic
if UIImagePickerController.isSourceTypeAvailable(.photoLibrary) {
let imagePicker = UIImagePickerController()
imagePicker.sourceType = .photoLibrary
imagePicker.allowsEditing = true
self.present(imagePicker, animated: true, completion: { })
}
Even if I set access to Photos in Settings to "Never" with above code I can still present image picker and show photos. I'll check for PHPhotoLibrary.authorizationStatus()before showing it, but I would like to know is this expected behaviour?
即使我使用上述代码将“设置”中的“照片”访问权限设置为“从不”,我仍然可以呈现图像选择器并显示照片。我会PHPhotoLibrary.authorizationStatus()在显示之前检查,但我想知道这是预期的行为吗?
回答by rickster
Okay, you can sort of piece this together from answers and comments already, but to try to tell a more complete story...
好的,你可以从答案和评论中拼凑起来,但要尝试讲述一个更完整的故事......
In iOS 11, UIImagePickerControllerruns as a separate process from your app. That means:
在 iOS 11 中,UIImagePickerController作为独立于您的应用程序的进程运行。这意味着:
- Your app can't see the user's whole Photos library — it gets read-only access just for whichever asset(s) the user chooses in the image picker.
- Because of (1), your app doesn't need the standard privacy authorization for Photos library access. The user explicitly chooses a specific asset (or multiple) for use in your app, which means the user is granting your app permission to read the asset(s) in question.
- 您的应用程序无法查看用户的整个照片库——它仅对用户在图像选择器中选择的任何资产获得只读访问权限。
- 由于 (1),您的应用不需要照片库访问的标准隐私授权。用户明确选择要在您的应用中使用的特定资产(或多个),这意味着用户授予您的应用读取相关资产的权限。
You can see more about this in the WWDC17 talk on PhotoKit.
您可以在 WWDC17 上关于 PhotoKit 的演讲中看到更多相关信息。
(By the way, this model matches what you've seen in the Contacts frameworksince iOS 9; if you show contact picker, your app only gets a one-time drop of contact information for the contact(s) the user picked, not ongoing read/write access to the Contacts database, so the contact picker doesn't require special privacy permission.)
(顺便说一句,此模型与您在iOS 9 以来在联系人框架中看到的相匹配;如果您显示联系人选择器,您的应用程序只会一次性删除用户选择的联系人的联系信息,而不是对联系人数据库的持续读/写访问,因此联系人选择器不需要特殊的隐私权限。)
PHPhotoLibraryand its authorization status reflect the global read/write permission for Photos access that users can control from Settings > Privacy. (That's the one where your Info.plist needs NSPhotoLibraryUsageDescription.) Any use of the PHPhotoLibraryAPI requires this permission, regardless of whether your app's use of that API is only for writing or only for reading. This has been true since PhotoKit was introduced in iOS 8.
PHPhotoLibrary及其授权状态反映了用户可以从“设置”>“隐私”控制的“照片”访问权限的全局读/写权限。(这是您的 Info.plist 需要的那个NSPhotoLibraryUsageDescription。)任何对PHPhotoLibraryAPI 的使用都需要此权限,无论您的应用程序对该 API 的使用是仅用于写入还是仅用于读取。自 iOS 8 中引入 PhotoKit 以来,情况一直如此。
If you're not using PHPhotoLibrary, PHAsset, etc, there are narrower permission options that are new in iOS 11 (and not part of the Photos.framework API):
如果您不使用PHPhotoLibrary、PHAsset等,则 iOS 11 中新增了更窄的权限选项(而不是 Photos.framework API 的一部分):
- As noted above,
UIImagePickerControllerdoesn't need blanket Privacy Settings permission because each use grants one-time read access for the specific assets chosen. If you need only to add new assets to the Photos library, use
UIImageWriteToSavedPhotosAlbumorUISaveVideoAtPathToSavedPhotosAlbum. With those you can putNSPhotoLibraryAddUsageDescriptionin your Info.plist — then the system's Privacy Settings will make clear to the user that they're not giving your permission to see or modify existing assets, only to add new ones.If the user grants add-only permission, it applies only to those UIKit functions — attempting to use
PHPhotoLibrarywill still prompt for (and require the Info.plist key for) read/write access.See this part of the WWDC17 talkfor more on the add-only privacy setting.
- 如上所述,
UIImagePickerController不需要一揽子隐私设置权限,因为每次使用都授予对所选特定资产的一次性读取访问权限。 如果您只需要向照片库添加新资源,请使用
UIImageWriteToSavedPhotosAlbum或UISaveVideoAtPathToSavedPhotosAlbum。有了这些你可以放在NSPhotoLibraryAddUsageDescription你的 Info.plist 中——然后系统的隐私设置会向用户明确表示他们不会允许你查看或修改现有资产,只会添加新资产。如果用户授予仅添加权限,则它仅适用于那些 UIKit 功能——尝试使用
PHPhotoLibrary仍将提示(并需要 Info.plist 键)读/写访问权限。有关仅添加隐私设置的更多信息,请参阅WWDC17 演讲的这一部分。
回答by Tarun Tyagi
Is this expected behaviour?- YES.
这是预期的行为吗?- 是的。
From the docs - https://developer.apple.com/documentation/uikit/uiimagepickercontroller/1619144-issourcetypeavailable
true if the device supports the specified source type; false if the specified source type is not available.
如果设备支持指定的源类型,则为 true;如果指定的源类型不可用,则为 false。
It tells you if the device supports the source type and not if the app has the permission to access it.
它会告诉您设备是否支持源类型,而不是应用程序是否有权访问它。
As you already mentioned in the question, PHPhotoLibrary.authorizationStatus()would be correct way to check this.
正如您在问题中已经提到的PHPhotoLibrary.authorizationStatus()那样,检查这一点是正确的方法。
回答by Gleb A.
This (new) behaviour doessound logical to me, here's why. When using UIImagePickerControlleryour app doesn't actually get access to anyphotos. It only sees the one your user has picked, when that happens; and if the user taps Cancel in the picker none of those become available to the app.
这(新的)行为不健全的逻辑对我来说,这里的原因。使用UIImagePickerController您的应用程序时实际上无法访问任何照片。当发生这种情况时,它只会看到您的用户选择的那个;如果用户在选择器中点击取消,则应用程序将无法使用这些选项。
PHPhotoLibraryis part of a separate framework, Photos, where you can do a lot of stuff with the user's photo library, and therefore need permission.
PHPhotoLibrary是单独框架Photos 的一部分,您可以在其中使用用户的照片库做很多事情,因此需要许可。
So if you are only using UIImagePickerControllerI'd suggest notmixing Photos stuff in.
所以如果你只使用UIImagePickerController我建议不要混合照片的东西。
Disclaimer: haven't heard of any official statement from Apple folks. This forum threadlooks relevant, maybe we get a reply there. UPD:there it is, same idea.
免责声明:还没有听到苹果公司的任何官方声明。这个论坛帖子看起来很相关,也许我们会在那里得到答复。UPD:有,同样的想法。
Also, if you're evil enough you can theoretically fiddle with UIImagePickerControllerview hierarchy at runtime and examine whatever the user sees there. But that's again for Apple to deal with, we should just be nice :-)
此外,如果您足够邪恶,理论上您可以UIImagePickerController在运行时摆弄视图层次结构并检查用户在那里看到的任何内容。但这又是苹果要处理的,我们应该好好相处:-)
回答by LLIAJLbHOu
UIImagePickerController and PHPhotoLibrary responsible for different areas.
UIImagePickerController 和 PHPhotoLibrary 负责不同的区域。
You should check both: auth status and source availability.
您应该同时检查:身份验证状态和源可用性。
PHAuthorizationStatus
PH授权状态
Information about your app's authorization to accessthe user's Photos library.
有关您的应用访问用户照片库的授权的信息。
isSourceTypeAvailable
isSourceTypeAvailable
Discussion
Because a media source may not be present or may be unavailable, devices may not always support all source types.
For example, if you attempt to pick an image from the user's library and the library is empty, this method returns false. Similarly, if the camera is already in use, this method returns false.
讨论
由于媒体源可能不存在或不可用,因此设备可能并不总是支持所有源类型。
例如,如果您尝试从用户的库中选取图像并且该库为空,则此方法返回 false。同样,如果相机已在使用中,则此方法返回 false。
