提交 d537e697 编写于 作者: A Annie_wang

update docs

Signed-off-by: NAnnie_wang <annie.wangli@huawei.com>
上级 e7a61f77
...@@ -125,7 +125,7 @@ User authorization is required when an application needs to access user privacy ...@@ -125,7 +125,7 @@ User authorization is required when an application needs to access user privacy
> **NOTE** > **NOTE**
> >
> Each time before an API protected by a **user_grant** permission is called, **requestPermissionsFromUser()** will be called to request user authorization. After the permission is granted, the user may revoke the authorization in **Settings**. Therefore, the previous authorization status cannot be persistent. > Each time before an API protected by a **user_grant** permission is called, **[requestPermissionsFromUser()](../reference/apis/js-apis-abilityAccessCtrl.md#requestpermissionsfromuser9)** will be called to request user authorization. After the permission is granted, the user may revoke the authorization in **Settings**. Therefore, the previous authorization status cannot be persistent.
### Stage Model ### Stage Model
......
...@@ -39,10 +39,14 @@ The figure below illustrates the process. ...@@ -39,10 +39,14 @@ The figure below illustrates the process.
![](figures/permission-workflow.png) ![](figures/permission-workflow.png)
**NOTE**
1. Refer to the figure below to determine whether an application can apply for a permission. 1. Refer to the figure below to determine whether an application can apply for a permission.
![](figures/permission-application-process.png) ![](figures/permission-application-process.png)
**NOTE**
1. See [Permission Levels](#permission-levels) for details about the mapping between the application Ability Privilege Level (APL) and the permission level. 1. See [Permission Levels](#permission-levels) for details about the mapping between the application Ability Privilege Level (APL) and the permission level.
2. The permission authorization modes include user_grant (permission granted by the user) and system_grant (permission granted by the system). For details, see [Permission Types](#permission-types). 2. The permission authorization modes include user_grant (permission granted by the user) and system_grant (permission granted by the system). For details, see [Permission Types](#permission-types).
...@@ -58,6 +62,8 @@ The figure below shows the permission verification process. ...@@ -58,6 +62,8 @@ The figure below shows the permission verification process.
![](figures/permission-verify-process.png) ![](figures/permission-verify-process.png)
**NOTE**
1: An application permission can be used to control the access to an API that has sensitive data involved or security threats on core abilities. 1: An application permission can be used to control the access to an API that has sensitive data involved or security threats on core abilities.
2: The API can be protected by a permission in the [ACL](#acl). For example, if contact information is involved in an API provided by an application, you can use a contact-related permission to protect the API. 2: The API can be protected by a permission in the [ACL](#acl). For example, if contact information is involved in an API provided by an application, you can use a contact-related permission to protect the API.
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册