https://stackoverflow.com/questions/22756067
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianThe traditional way of handling system services is to have a Manager and a ManagerService. The reason for this is that the Manager encapsulates all the functionality you want available to the user. PackageManager and ActivityManager are good examples of this but kind of large in scope. For a smaller example, I would look at DevicePolicyManager and DevicePolicyManagerService
You can see that the Manager isn't really doing anything at all, except wrapping the ugly try catch statement and making things look a little nicer. It is also nicely wrapping all the functionality that gets exposed to the developer. That is basically all you are getting out of the Manager.
If you look at any method that the Manager calls (in the service), you will see this enforceCrossUserPermission(userhandle) method. The service it self is doing permission checking. While the developer can get a handle on the service manually through the Stub, it still can't use any of the methods that the service provides if it is doing a security check.
The service can be rich and offer a lot of functionality to the system this way, but you can still expose some parts of the service to the user. As long as you perform a security check on the methods you don't want any random user to make use of, that functionality remains strictly part of the system.
To sum up, if you are planning on exposing a public SDK for your mod then you really should follow the pattern to make the user's lives easier. If you only want to provide services to the system however, you can just do some permission checking the same way as I linked above, and keep your functionality local to the system.
Just remember that any functionality you don't perform a security check on is essentially exposed to the user, and can be used how ever the user wants.
