Is it possible to retireve from Facebook both basic information and additional variables at the same time? For example, using .NET sdk and calling
client.Get("me")
I will get name, first_name, last_name, etc. and other public information.
I can also run
client.Get("me", new { fields = "name,photos" })
but this gives me only variables I've asked for, without basic information. Do I need to call it twice? Eventually I could use the second option and ask for all basic fields individually like username, gender, but in this case how to ask for "other public information" as well?
Thanks in advance
Bartek
Your point is interesting. But /me only works as a shortcut to quickly get all basic fields at once. You have to override it.
Don't call it twice, since API requests take some time. I advice you to make only one complete request by specifying all the fields you really need.
Related
From my understanding, we can retrieve user information via something like this:
$cordovaFacebook.api(
"me?fields=name,email,picture", ["public_profile", "email"])
.then(function (response) {
console.log(response);
}, error);
How can we directly get all available information without listing out one by one?
How can we directly get all available information without listing out one by one?
You can’t.
With API v2.4, Facebook has reduced the number of fields returned by default for the various endpoints, to improve performance (especially with regard to mobile connections.)
That was a deliberate decision – and to allow for a “way around” it, would just make a lot of lazy-a** developers still just request them all ;-)
Perhaps you have heard at some point, that in SQL f.e. a SELECT * is considered bad practice as well – this is pretty much the same case here. You are supposed to explicitly ask for the data you need now – and not just go “I’ll request it all, and figure out what I could possible use it for later.”
If you are not sure what fields are available for a certain endpoint – then either consult the documentation for that endpoint, or use Introspection to get a list of all fields.
For python, library Facepy already wrap the get function to get all fields possible.
The API documented here - http://developer.yammer.com/restapi/#rest-users clearly states:
"4) Alias to /api/v1/users/current user’s id.format. Supports include_followed_users, include_followed_tags, and include_group_memberships parameters.
GET https://www.yammer.com/api/v1/users/by_email.json?email=user#domain.com`
Yet, when we try this, it does not return any followed user information at all! The request we're using is like so:
https://www.yammer.com/api/v1/users/by_email.json?email=me#company.com&include_followed_users=true
However, this request DOES return followed users, but only for the current user:
https://www.yammer.com/api/v1/users/current.json?include_followed_users=true
Am I missing something completely obvious and being stupid or is there a real issue here? If this was taken out for whatever reason, then you'd have thought that the API documentation would have been updated.
The Yammer Team did eventually get back to me on this. Their response below:
(I've removed https://www.yammer.com from URLs because I don't have enough rep' to post more links)
Hey Jason Dunbar looks like the documentation here is wrong.
I looked in to this and had some conversations with a few engineers this week and have the following (albeit more arduous workaround):
1) Call get user by email endpoint and retrieve the id attribute from here: /api/v1/users/by_email.json?email=user…
2) To grab following users, take that id and:
GET /api/v1/users/following/[:id].json
3) To grab group memberships for that user you'll need to impersonate him/her (verified admin only) and
GET /api/v1/users/current.json
We'll get the documentation updated ASAP with this. Also happy to keep the conversation going to help if needed.
Make sure you are setting the email parameter to the user's email that they are registered with.
E.G. if your company has multiple domains but the Yammer network is under bigco.com and the user is registered with an email under bigcosubsidiary.com you'll need to make a request to the API with user#bigcosubsidiary.com.
-as mentioned - it looks like its only for current.json - you can check it here http://yammer-dev.herokuapp.com/endpoints/4 - hope it helps.
Rich
I have just implemented the HWIOAuthBundle in my symfony project. Actually, it is configured with facebook and I am wondering if it supports retrieving friends list, gender and country?
If yes, could you please provide me an example of code for the function public function loadUserByOAuthUserResponse(UserResponseInterface $response)?
It would be really helpful.
Thanks.
I found the solution by my self!!!
HWIOAuthBundle supports retrieving any thing you want. All what you have to do is to specify it in the facebook api then through the method getResponse() you will have access to them.
$attr=$response->getResponse();
// then get your field like this
$user->setGender($attr['gender']);
I guess now it is easy.
I am working with GWT / RequestFactory and a set of customer requirements regarding permissions. Let me explain a basic example:
Every user is assigned to a company. Every user should be able to edit company's core data - but only e.g contact information, website etc. Security-relevant ones like BIC/SWIFT, IBAN, Company name and so on can only be changed if the user has a certain permission XY.
So far so good, on the client side I can check the permissions and disable those fields the user is not allowed to edit. But what would be the most elegant way to ensure on the server side that those fields have not been set without permission?
My problem is that I cannot track changes on the server side. Having #PreAuthorize on every setter is not an option too, because it would end in an authorization-massacre in each and every entity.
At the moment I am following a workaround: every field that is secured / depends on a given permission is passed as an argument to the entity-method and is excluded from the proxy. That way, values cannot be set using the proxy and I can check in my server code if the user has permissions. If not, nothing happens. If user has permissions, I set the values manually. But that produces a lot of boilerplate-code and ugly method signatures because the number of values passed to the method could get large.
I hope you understand my issue. I'm looking forward for your opinions and tips. Thank you in advance.
Well, you can receive many answers (different each other), and all of them could be right, so, at the end is your call. Wait for others answers. I am going to give you the approach that I followed (and it worked pretty well). :D.
Under my opinion, the server should do less as possible, so keep the logic for allowing modify each param on the server I think it is not a scalable solution (if your system has 1M users modifying everything at the same time, will your server work fluent?). I prefer let the client do the job (like Roomba :D).
For solving that problem, in our system we implemented an Access Control List solution. You can store in your db, on each user entity, a list with granted permissions. So, when that information arrives to the client (after user's log in, for example), you can get them, and show the fields that he/she is allow to modify.
Something like:
if (canModifyPersonalDetails(user.getAcls(), ...) ) {
//show labels ...
}
if (canModifyBankDetails(user.getAcls(), ...) ) {
//show labels
}
You can not avoid server call for log in, so it is not a big deal send the extra information (think about the ACLs could be simple list of integers 0 means personal details, 1 bank details....).
If you are dealing with very compromised information and you prefer do some stuff on the server, in that case probably I'd set up a security level, when you are persisting/updating your proxy, I'd do something like:
if (isAllowForPersonalDetails(user.getSecurityCode()) {
//update the modified personal details
}
if (isAllowForBankDetails(user.getSecurityCode()) {
//update the modified bank details
}
user.update();
I am a big fan of clear User GUI's, and a very big fan of let the server free as much as possible, so I prefer the first option. But if you have constraints for modifying user entity in db, or you prefer do not modify your views, or any constraint with security, maybe the second option is the best one for you.
Hope that helps!
I have built a Facebook app using OpenGraph that permits the users to write reviews on concerts, so that I've defined a concert_id attribute on which the user can insert a review.
Now I would like to show all the reviews inserted for a certain concert_id but cannot find a way. If I do (in JS)
FB.api('/me/MY_APP:action', { limit: 0}, function(response) {
console.log(response);
});
I get all items. This app has to be consumed by mobile, I think it is bad to get all items and, then, filtering only the concert_id i need. What do I have to do to apply a where condition in OpenGraph to a custom action?
As far as I can tell from the API and the Facebook developer pages, it's not possible to filter a call by custom action property using the public Open Graph API.
Two options I can think of:
Option 1:
Implement the category filter by creating custom category objects:
if "review" is a custom action and
GET https://graph.facebook.com/me/[name_space]:review
returns all review actions then
GET https://graph.facebook.com/me/[name_space]:review/scifi_movie
GET https://graph.facebook.com/me/[name_space]:review/action_movie
return actions specific to movie type, where scifi_movie and action_movie are custom objects. You would need to create one object type for each category.
Option 2:
Implement a custom action for each category, e.g.
review_scifi_movie
review_action_movie
These are not particularly elegant solutions but perhaps useful as a hack if nothing else works and you really don't want to do filtering on client side.
The Facebook API will not return individual published objects for a particular action, but that's not your only problem. By the look of it, you're trying to bring in ALL the reviews given for a concert, right? (Meaning those by other users too).
The "/me/" part of the Facebook API call will only return those published actions made by the user that is currently logged in. That won't work for you, as you want those of all your users
The only suggestion I can give is to create a simple web service, where you store all the reviews given for the various concerts. Use this service to pull in reviews given for a particular concert. (I use a similar methodology for reviews in an app of my own).
I dont understand javascript or opengraph..
But when I required in JAVA to fetch reviews made by any user I have used FQL for that and It retrived me all the reviews and FQL also used to fetch all the tables related to Facebook.
I don't think that you can pull that off with the JS SDK.
You can do that in your server though, and since this is a mobile app (or has a mobile version) then that's another good reason to remove this from the client responsibility.
In the server side you can ask facebook for the published actions as you posted, filter them and then return the response.
Another thing that you can do is to save each published action in your db (on each action post you should get an id back from facebook, just persist that) and then you can easily filter the published actions according to what ever criteria you want/need (since you are no longer restricted by the facebook api).
The open graph thing is still pretty new and not tat mature, for example you can't use FQL with it, something that could have been handy for your case.
Regardless though I think that a server solution is best for calculations when mobile is concerned.
i don't know exactly but try this
if (session.authResponse) {
FB.api('/me', {
fields: 'name, picture' // here mention your fields
},
function(response) {
if (!response.error) {
//here response value
});