Facebook application - extended permissions - facebook

I been reading about Facebook applications for a couple of days now. I created an application and got an ID and SECRET.
The documentation recommends to use "Graph" for gaining extended permissions.
My question is, is it optional to have a popup, just like the rest of Facebook's popups? (a layer on-top the current screen, without an actual 'Window')?
My application is inside facebook, accessible using http://apps.facebook.com//
My goal is to ask friends of mine to grant this application: publish_stream and offline_access. Then I'm supposed to store their UIDs while granting, and I'm entitled to automatically share items on their "stream"? even a week after they've logged off?
Thanks.
Doori Bar

Yes, that's the idea. You request the permissions when they log in to the application and then iterate over the response to see if they actually granted them. If they did you can then use the information to publish to the stream.

Related

Having permission for read_stream, manage_notifications, publish_actions

Okay, this is a rather specific question but I'll ask it here since I don't find any form on FB's website, this looks like it's the official place for FB support so here I am !
I am a part of a company which produces a unique web application for visually impaired people. Long story short, we take content from a bunch of websites and webservices and centralize everything in a single application, which is accessible, vocalized and controllable using the keyboard.
We would like to add a Facebook client to the application, using the Graph API. To make an acceptable client we would need "risky" permissions such as read_stream and manage_notifications, but I read that they are only granted for Facebook Clients written for a platform on which a FB client does not already exist.
So here is my question : do I have any chance to have any of these permissions granted, or am I wasting my time developing an app which will never be approved ? In order to submit the app for reviewing I must start to write it, and I wonder if it will be worth of my time.
Thanks :)
As WizKid stated, read_stream and manage_notifications are not granted to anyone but are kept in the documentation for legacy purposes.

How Do I Share to Facebook With Custom Text

I have a task to add links to a web page to enable the user to post a short message to Facebook. There may be multiple messages on the page, each with its own link. The intent is to launch a Facebook share dialog pre-populated with the text of the message which the user can then modify, accept and/or reject.
I'm pretty new to programming anything for Facebook. I'm fairly confused and am not sure what to ask first, so I'll go with a very basic question: what's the simplest way to do this? I gather from Facebook's documentation that I probably have to use the Javascript SDK and/or the Open Graph technology. Is this correct, or is there another option I'm missing? Is there a really clear example of this kind of solution anywhere?
Thanks!
You have to create a facebook app first so you have your app_id and app_secret.
After that you need to request permissions to the user to publish_actions. If the user accepts, you'll receive a token (you need to store it in db). If you need to publish actions in a user page instead of his own page, you also need the manage_pages permission.
You need to read the facebook graph api documentation to understand how all this works.
The access token you receive expires after certain time. So, when you receive it, you can ask for a long lived token. The page tokens doesn't expire.
Facebook evaluates your app before approving it to be in production. They ask a couple of questions about how you'll use the user's token and data. You might have to put pictures of the flow too.
As far as I know, Facebook won't allow you to send pre populated messages to the user's wall. They user has to write it.
Hope it helped a bit!

App autopost to Facebook

So, I want to build a web app that posts let say funny cat pics to a users Facebook wall. The user allows the web app to do this via the publish_actions command. Yeah, I know this sounds spammy but it isn't.
Now, on Facebook Developer documentation pages it's described as follows:
"Enables your app to post content, comments and likes to a user's
stream and requires extra permissions from a person using your app.
So, to me this sounds that it's possible for an web app to publish content without the need for the user to grant every single update?
But, reading about it in the "Login Best Practices" section I read the following sentence:
When displaying the Log in with Facebook button, emphasize that
your app will not post to Facebook without people's permission
Source:
https://developers.facebook.com/docs/facebook-login/checklist
So, my question is – is it or isn't it possible?
To my knowledge, the publish_actions permission allows your app to post to the user's wall without having facebook itself ask for permission again.
However, it is good ("best") practice to always make it explicitly clear inside your app that "by clicking here, I will post to your timeline".
Basically, this is Facebook saying that you should handle this asking inside your application, in a way that best fits your application's logic.

get facebook post list of a specific user with a third part app

Do you know if is there any way to collect last user's post on personal wall/timeline?
I need to know how many and which youtube videos has been shared by an user, reading them from his open graph profile.
I've never wrote any facebook app, but using the Open Graph Explorer seems that this kind of information is available if the user has set to "public" the privacy options of a post that contains a Youtube video.
My question is: could a third party app ask for the permission to read that kind of information? Could it have access to these posts also if they are not set as "public" by their owners?
EDIT: Could an app have access to user's posts like another friend of that user?
You can read the user's wall by creating an app with the read_stream permission and after the user grant you access by hitting the me/feed connection. But creating a 'listening' tool app is not recommended, if your app has no value for its users then you may need to rethink your app mission.

Facebook Policies: Can my application automatically post stories to my Facebook stream?

According to the Facebook Platform Policies:
You must not pre-fill the user_message
parameter or content sent via an
extended permission (such as a status
update or note), unless the user
generated the content earlier in the
workflow.
Does that mean that I can't publish stories to the stream automatically, even if the user agreed to?
I've seen apps (such as PlayStation Network, Foto Diaria) that publish stories automatically.
PlayStation Network publishes stories about actions you did in PS3 games and Foto Diaria publishes a picture from your wall every day. In both cases the attachment is created by the application, and the user message is empty. Could that mean that publishing stories with an empty user message (empty, not absent) is not considered pre-filling?
EDIT: I need to know what is allowed or not by the Facebook Platform Policies, not how to post stories.
If you ask the user for the publish_stream extended permission then you'll be able to post automatically whilst the user is interacting with the application. You can pre-fill the user message only if it's something that the user has entered earlier in the process e.g. if you've asked them to comment on a piece of content and then publish a story about the comment. If in doubt, leave it blank.
If you want to publish automatically even when the user isn't online then you'll also need them to grant the application the offline_access extended permission. In this case you'll also need to store the session key that Facebook gives you for that user.
https://developers.facebook.com/docs/guides/policy/examples_and_explanations/stream_stories/
Check this out. The Platform policies section of the FB Dev site has some additional documents to allow you gain a better understanding of the guidelines for sharing.
Please also read the section about User Feedback.
https://developers.facebook.com/docs/guides/policy/examples_and_explanations/user_feedback/
Hope this helps.
We can ask user to grain of offline_access permission, which is access to user profile at anytime, even if user is not online. But this permission will no longer available.
I agree that this permission is so harmful to user.
But it still useful if owner app want to post to their own account during user use their app. If you want to post to your self account, you can manually grain offline_access to your app, and select access_token and keep it in your own app, and use it when you need to post your account. It make sense that Facebook should allow developer to do this task.
it is simply forbidden but, there is a catch about it, if is text prepared by user previously, you can post that text later and I think you are able to add your own text to that. But not so sure..
I'm saying this based on McDonald's Canada's yourquestions app, you can ask questions to them, whenever its answered they posting to your wall.
But to clarify that, as a PMD I'll ask to FB personally and let you know what is the answer is.