1.通过命令查看应用权限:
adb shell dumpsys package "xxx.xxx.xxx"    //如adb shell dumpsys package com.tencent.androidqqmail

重要的权限debug命令。得到的信息的具体解释见以下内容。

2.应用中权限的分类:
(1).自定义权限
Permissions:
  Permission [com.android.launcher3.permission.READ_SETTINGS] (adf0ebe):
    sourcePackage=com.android.launcher3
    uid=10106 gids=null type=0 prot=signature|privileged
    perm=Permission{c6b5b1f com.android.launcher3.permission.READ_SETTINGS}
    packageSetting=PackageSetting{8736e6c com.android.launcher3/10106}

Permissions:
  Permission [com.android.launcher3.permission.WRITE_SETTINGS] (8531c35):
    sourcePackage=com.android.launcher3
    uid=10106 gids=null type=0 prot=signature|privileged
    perm=Permission{3f958ca com.android.launcher3.permission.WRITE_SETTINGS}
    packageSetting=PackageSetting{8736e6c com.android.launcher3/10106}

(2).应用所有的权限列表
Packages:
  Package [com.android.launcher3] (8736e6c):
    userId=10106
    pkg=Package{dbc3796 com.android.launcher3}
    codePath=/system/product/priv-app/Launcher3QuickStep
    resourcePath=/system/product/priv-app/Launcher3QuickStep
    legacyNativeLibraryDir=/system/product/priv-app/Launcher3QuickStep/lib
    primaryCpuAbi=null
    secondaryCpuAbi=null
    versionCode=29 minSdk=29 targetSdk=29
    versionName=10
    splits=[base]
    apkSigningVersion=3
    applicationInfo=ApplicationInfo{e2646b1 com.android.launcher3}
    flags=[ SYSTEM HAS_CODE ALLOW_CLEAR_USER_DATA ALLOW_BACKUP KILL_AFTER_RESTORE RESTORE_ANY_VERSION ]
    privateFlags=[ PRIVATE_FLAG_ACTIVITIES_RESIZE_MODE_RESIZEABLE_VIA_SDK_VERSION ALLOW_AUDIO_PLAYBACK_CAPTURE PARTIALLY_DIRECT_BOOT_AWARE PRIVILEGED PRODUCT ]
    dataDir=/data/user/0/com.android.launcher3
    supportsScreens=[small, medium, large, xlarge, resizeable, anyDensity]
    timeStamp=2020-03-06 16:23:16
    firstInstallTime=2020-03-06 16:23:16
    lastUpdateTime=2020-03-06 16:23:16
    signatures=PackageSignatures{6178f17 version:3, signatures:[b4addb29], past signatures:[]}
    installPermissionsFixed=true
    pkgFlags=[ SYSTEM HAS_CODE ALLOW_CLEAR_USER_DATA ALLOW_BACKUP KILL_AFTER_RESTORE RESTORE_ANY_VERSION ]
    declared permissions:
      com.android.launcher3.permission.READ_SETTINGS: prot=signature|privileged, INSTALLED
      com.android.launcher3.permission.WRITE_SETTINGS: prot=signature|privileged, INSTALLED
      com.android.launcher.permission.INSTALL_SHORTCUT: prot=dangerous
    requested permissions:
      android.permission.CONTROL_REMOTE_APP_TRANSITION_ANIMATIONS
      com.android.launcher.permission.READ_SETTINGS
      com.android.launcher.permission.WRITE_SETTINGS
      com.android.launcher3.permission.READ_SETTINGS
      com.android.launcher3.permission.WRITE_SETTINGS
      android.permission.ACCESS_NETWORK_STATE
      android.permission.ACCESS_WIFI_STATE
      android.permission.CHANGE_NETWORK_STATE
      android.permission.READ_PHONE_STATE
      android.permission.INTERNET
      android.permission.WRITE_OWNER_DATA
      android.permission.WRITE_EXTERNAL_STORAGE: restricted=true
      android.permission.ACCESS_COARSE_LOCATION
      android.permission.ACCESS_FINE_LOCATION
      android.permission.READ_EXTERNAL_STORAGE: restricted=true
      android.permission.MOUNT_UNMOUNT_FILESYSTEMS
      android.permission.GET_APP_GRANTED_URI_PERMISSIONS
      android.permission.FORCE_PERSISTABLE_URI_PERMISSIONS
      android.permission.READ_SMS: restricted=true
      android.permission.KILL_BACKGROUND_PROCESSES
      android.permission.FORCE_STOP_PACKAGES
      android.permission.VIBRATE
      android.permission.READ_CALL_LOG: restricted=true
      android.permission.REQUEST_INSTALL_PACKAGES
      android.permission.READ_CALENDAR
      android.permission.WRITE_CALENDAR
      android.permission.CALL_PHONE
      android.permission.SET_WALLPAPER
      android.permission.SET_WALLPAPER_HINTS
      android.permission.BIND_APPWIDGET
      android.permission.RECEIVE_BOOT_COMPLETED
      android.permission.REQUEST_DELETE_PACKAGES
      android.permission.PACKAGE_USAGE_STATS
      android.permission.READ_FRAME_BUFFER
      android.permission.WAKE_LOCK
      android.permission.FOREGROUND_SERVICE
      android.permission.SYSTEM_ALERT_WINDOW
    install permissions:
      com.android.launcher3.permission.READ_SETTINGS: granted=true
      android.permission.SYSTEM_ALERT_WINDOW: granted=true
      android.permission.CHANGE_NETWORK_STATE: granted=true
      android.permission.FOREGROUND_SERVICE: granted=true
      android.permission.RECEIVE_BOOT_COMPLETED: granted=true
      com.android.launcher3.permission.WRITE_SETTINGS: granted=true
      android.permission.INTERNET: granted=true
      android.permission.CONTROL_REMOTE_APP_TRANSITION_ANIMATIONS: granted=true
      android.permission.BIND_APPWIDGET: granted=true
      android.permission.PACKAGE_USAGE_STATS: granted=true
      android.permission.MOUNT_UNMOUNT_FILESYSTEMS: granted=true
      android.permission.FORCE_PERSISTABLE_URI_PERMISSIONS: granted=true
      android.permission.ACCESS_NETWORK_STATE: granted=true
      android.permission.SET_WALLPAPER: granted=true
      android.permission.KILL_BACKGROUND_PROCESSES: granted=true
      android.permission.REQUEST_DELETE_PACKAGES: granted=true
      android.permission.SET_WALLPAPER_HINTS: granted=true
      android.permission.FORCE_STOP_PACKAGES: granted=true
      android.permission.VIBRATE: granted=true
      android.permission.ACCESS_WIFI_STATE: granted=true
      android.permission.REQUEST_INSTALL_PACKAGES: granted=true
      android.permission.READ_FRAME_BUFFER: granted=true
      android.permission.GET_APP_GRANTED_URI_PERMISSIONS: granted=true
      android.permission.WAKE_LOCK: granted=true
    User 0: ceDataInode=4456624 installed=true hidden=false suspended=false stopped=false notLaunched=false enabled=0 instant=false virtual=false
      gids=[3003]
      runtime permissions:
        android.permission.READ_SMS: granted=false, flags=[ USER_SENSITIVE_WHEN_GRANTED|RESTRICTION_UPGRADE_EXEMPT]
        android.permission.READ_CALENDAR: granted=false, flags=[ USER_SENSITIVE_WHEN_GRANTED]
        android.permission.READ_CALL_LOG: granted=false, flags=[ USER_SENSITIVE_WHEN_GRANTED|RESTRICTION_UPGRADE_EXEMPT]
        android.permission.ACCESS_FINE_LOCATION: granted=true, flags=[ GRANTED_BY_DEFAULT]
        android.permission.READ_EXTERNAL_STORAGE: granted=false, flags=[ USER_SENSITIVE_WHEN_GRANTED|RESTRICTION_UPGRADE_EXEMPT]
        android.permission.ACCESS_COARSE_LOCATION: granted=true, flags=[ GRANTED_BY_DEFAULT]
        android.permission.READ_PHONE_STATE: granted=false, flags=[ USER_SENSITIVE_WHEN_GRANTED]
        android.permission.CALL_PHONE: granted=false, flags=[ USER_SENSITIVE_WHEN_GRANTED]
        android.permission.WRITE_CALENDAR: granted=false, flags=[ USER_SENSITIVE_WHEN_GRANTED]
        android.permission.WRITE_EXTERNAL_STORAGE: granted=false, flags=[ USER_SENSITIVE_WHEN_GRANTED|RESTRICTION_UPGRADE_EXEMPT]
        
3.应用中权限分类
(1).declared permissions :自定义权限
作用：与其他应用分享自己的资源和功能.
By defining custom permissions, an app can share its resources and capabilities with other apps.

为了创建自定义权限，你需要在你应用的AndroidManifest.xml里用一个或多个<permission>来声明。
比如说，一个应用想控制启动它的activity对象，那么可以像下面一个声明一个自定义权限：

<manifest
  xmlns:android="http://schemas.android.com/apk/res/android"
  package="com.example.myapp" >
    
    <permission
      android:name="com.example.myapp.permission.DEADLY_ACTIVITY"
      android:label="@string/permlab_deadlyActivity"
      android:description="@string/permdesc_deadlyActivity"
      android:permissionGroup="android.permission-group.COST_MONEY"
      android:protectionLevel="dangerous" />
    ...
</manifest>

protectionLevel：这个属性是必须的，告知系统权限的等级，有如下几种等级：normal,dangerous,signature,signatureOrSystem。

permissionGroup：这个属性是可选的，只被用来帮助系统呈现权限给用户。
在大多数情况，你应该将其设置为一个标准的系统权限组（在android.Manifest.permission_group中列出的）.
虽然你可以自己定义一个权限组，但是我们更建议使用存在的权限组，因为可以简化呈现给用户的UI。

label和description：你需要为自定义权限提供label和description。
这些都是用户可以看到的字符串资源，label对应于标签，description对应于权限细节。
label建议写的短一些，而description建议为几句话描述一下权限允许持有者可以做什么。
我们推荐两段式描述，第一句描述一下权限，第二句描述一下如果应用获取了对应权限会有什么风险。

"normal"    
The default value. A lower-risk permission that gives requesting applications access to isolated application-level features, with minimal risk to other applications, the system, or the user. 
The system automatically grants this type of permission to a requesting application at installation, without asking for the user's explicit approval (though the user always has the option to review these permissions before installing).
"dangerous"    
A higher-risk permission that would give a requesting application access to private user data or control over the device that can negatively impact the user. 
Because this type of permission introduces potential risk, the system may not automatically grant it to the requesting application. 
For example, any dangerous permissions requested by an application may be displayed to the user and require confirmation before proceeding, or some other approach may be taken to avoid the user automatically allowing the use of such facilities.
"signature"    
A permission that the system grants only if the requesting application is signed with the same certificate as the application that declared the permission.
 If the certificates match, the system automatically grants the permission without notifying the user or asking for the user's explicit approval.
"signatureOrSystem"    
A permission that the system grants only to applications that are in the Android system image or that are signed with the same certificate as the application that declared the permission.
 Please avoid using this option, as the signature protection level should be sufficient for most needs and works regardless of exactly where applications are installed.
 The "signatureOrSystem" permission is used for certain special situations where multiple vendors have applications built into a system image and need to share specific features explicitly because they are being built together.

(2).requested permissions :请求权限
是应用所需权限的集合，包含其他权限：declared permissions ,install permissions ,runtime permissions. 

(3).install permissions :安装权限
Android 6.0之前的manifest里包含的所有权限声明都可以当做install permissions。
Android 6.0及以后的版本manifest里除了dangerous permissions即runtime permissions外则都属于install permissions。

安装时权限（Android 5.1 及更低版本）：用户在安装或更新应用时，向应用授予危险权限。OEM/运营商可以在不通知用户的情况下，预先安装具有预授权的应用。

(4).runtime permissions  : 运行时权限
运行时权限（Android 6.0 及更高版本）：用户在应用运行时向应用授予危险权限。
应用决定何时申请权限（例如，在应用启动或用户访问特定功能时申请权限）。但必须允许用户授予/拒绝授予应用访问特定权限组的权限。

4.用户可以在"Settings"->"Apps & notification"->"App info"->"Permissions"中查看具体应用的权限。
也可以在"Settings"->"Apps & notification"->"Permission manager"中查看所有权限情况。

5.查看data/system/packages.xml中的权限情况
如：查看packages.xml中packageinstaller的权限信息：

<package name="com.android.packageinstaller" codePath="/system/priv-app/PackageInstaller" nativeLibraryPath="/system/priv-app/PackageInstaller/lib" publicFlags="810040901" privateFlags="8" ft="11e8f7d4c00" it="11e8f7d4c00" ut="11e8f7d4c00" version="29" userId="10049" isOrphaned="true">
    <sigs count="1" schemeVersion="3">
        <cert index="1" />
    </sigs>
    <perms>
        <item name="android.permission.USE_RESERVED_DISK" granted="true" flags="0" />
        <item name="android.permission.INSTALL_PACKAGES" granted="true" flags="0" />
        <item name="android.permission.RECEIVE_BOOT_COMPLETED" granted="true" flags="0" />
        <item name="android.permission.INTERACT_ACROSS_USERS_FULL" granted="true" flags="0" />
        <item name="android.permission.PACKAGE_USAGE_STATS" granted="true" flags="0" />
        <item name="android.permission.SUBSTITUTE_NOTIFICATION_APP_NAME" granted="true" flags="0" />
        <item name="android.permission.READ_INSTALL_SESSIONS" granted="true" flags="0" />
        <item name="android.permission.MANAGE_USERS" granted="true" flags="0" />
        <item name="android.permission.HIDE_NON_SYSTEM_OVERLAY_WINDOWS" granted="true" flags="0" />
        <item name="android.permission.MANAGE_APP_OPS_MODES" granted="true" flags="0" />
        <item name="android.permission.UPDATE_APP_OPS_STATS" granted="true" flags="0" />
        <item name="android.permission.DELETE_PACKAGES" granted="true" flags="0" />
    </perms>
    <proper-signing-keyset identifier="1" />
</package>