Added set status and extended permission code

git-svn-id: svn+ssh://rubyforge.org/var/svn/facebooker/trunk/facebooker@214 06148572-b36b-44fe-9aa8-f68b04d8b080
taasaa · May 13, 2008 · 1c5eefa · 1c5eefa
1 parent 2997596
commit 1c5eefa
Show file tree

Hide file tree

Showing 6 changed files with 115 additions and 3 deletions.
diff --git a/lib/facebooker/models/user.rb b/lib/facebooker/models/user.rb
@@ -158,6 +158,25 @@ def set_profile_fbml(profile_fbml, mobile_fbml, profile_action_fbml)
       session.post('facebook.profile.setFBML', parameters)
     end
 
+    ##
+    # Set the status of the user
+    #
+    # DOES NOT prepend "is" to the message
+    #
+    # requires extended permission. 
+    def status=(message)
+      case message
+      when String
+        session.post('facebook.users.setStatus',:status=>message,:status_includes_verb=>1) do |ret|
+          ret
+        end
+      when Status
+        @status = message
+      when Hash
+        @status = Status.from_hash(message)
+      end
+    end
+
     ##
     # Convenience method to send email to the current user
     def send_email(subject, text=nil, fbml=nil)

diff --git a/lib/facebooker/parser.rb b/lib/facebooker/parser.rb
@@ -340,6 +340,12 @@ def self.are_friends?(raw_value)
       end
     end
   end
+
+  class SetStatus < Parser
+    def self.process(data)
+      element('users_setStatus_response',data)=='1'
+    end
+  end
 
   class Errors < Parser#:nodoc:
     EXCEPTIONS = {
@@ -353,6 +359,7 @@ class Errors < Parser#:nodoc:
       103 => Facebooker::Session::CallOutOfOrder,
       104 => Facebooker::Session::IncorrectSignature,
       120 => Facebooker::Session::InvalidAlbumId,
+      250 => Facebooker::Session::ExtendedPermissionRequired,
       321 => Facebooker::Session::AlbumIsFull,
       324 => Facebooker::Session::MissingOrInvalidImageFile,
       325 => Facebooker::Session::TooManyUnapprovedPhotosPending,
@@ -393,6 +400,7 @@ class Parser
       'facebook.auth.createToken' => CreateToken,
       'facebook.auth.getSession' => GetSession,
       'facebook.users.getInfo' => UserInfo,
+      'facebook.users.setStatus' => SetStatus,
       'facebook.friends.get' => GetFriends,
       'facebook.friends.areFriends' => AreFriends,
       'facebook.friends.getAppUsers' => GetAppUsers,

diff --git a/lib/facebooker/rails/controller.rb b/lib/facebooker/rails/controller.rb
@@ -145,6 +145,24 @@ def application_is_installed?
         facebook_params['added']
       end
 
+      def ensure_has_status_update
+        has_extended_permission?("status_update") || application_needs_permission("status_update")
+      end
+      def ensure_has_photo_upload
+        has_extended_permission?("photo_upload") || application_needs_permission("photo_upload")
+      end
+      def ensure_has_create_listing
+        has_extended_permission?("create_listing") || application_needs_permission("create_listing")
+      end
+
+      def application_needs_permission(perm)
+        redirect_to(facebook_session.permission_url(perm))
+      end
+
+      def has_extended_permission?(perm)
+        params["fb_sig_ext_perms"] and params["fb_sig_ext_perms"].include?(perm)
+      end
+
       def ensure_authenticated_to_facebook
         set_facebook_session || create_new_facebook_session_and_redirect!
       end

diff --git a/lib/facebooker/session.rb b/lib/facebooker/session.rb
@@ -45,6 +45,7 @@ class InvalidAlbumId < StandardError; end
     class AlbumIsFull < StandardError; end
     class MissingOrInvalidImageFile < StandardError; end
     class TooManyUnapprovedPhotosPending < StandardError; end
+    class ExtendedPermissionRequired < StandardError; end
 
     API_SERVER_BASE_URL       = "api.facebook.com"
     API_PATH_REST             = "/restserver.php"
@@ -88,16 +89,28 @@ def install_url(options={})
       "http://www.facebook.com/install.php?api_key=#{@api_key}&v=1.0#{install_url_optional_parameters(options)}"
     end
 
+    def permission_url(permission,options={})
+      options = default_login_url_options.merge(options)
+      "http://www.facebook.com/authorize.php?api_key=#{@api_key}&v=1.0&ext_perm=#{permission}#{install_url_optional_parameters(options)}"
+    end
+
     def install_url_optional_parameters(options)
-      optional_parameters = []
-      optional_parameters << "&next=#{CGI.escape(options[:next])}" if options[:next]
+      optional_parameters = []      
+      optional_parameters += add_next_parameters(options)
       optional_parameters.join
     end
 
+    def add_next_parameters(options)
+      opts = []
+      opts << "&next=#{CGI.escape(options[:next])}" if options[:next]
+      opts << "&next_cancel=#{CGI.escape(options[:next_cancel])}" if options[:next_cancel]
+      opts
+    end
+
     def login_url_optional_parameters(options)
       # It is important that unused options are omitted as stuff like &canvas=false will still display the canvas. 
       optional_parameters = []
-      optional_parameters << "&next=#{CGI.escape(options[:next])}" if options[:next]
+      optional_parameters += add_next_parameters(options)
       optional_parameters << "&skipcookie=true" if options[:skip_cookie]
       optional_parameters << "&hide_checkbox=true" if options[:hide_checkbox]
       optional_parameters << "&canvas=true" if options[:canvas]

diff --git a/test/rails_integration_test.rb b/test/rails_integration_test.rb
@@ -22,6 +22,15 @@ class NoisyController < ActionController::Base
     include Facebooker::Rails::Controller
     def rescue_action(e) raise e end
   end
+  class ControllerWhichRequiresExtendedPermissions< NoisyController
+    ensure_authenticated_to_facebook
+    before_filter :ensure_has_status_update
+    before_filter :ensure_has_photo_upload
+    before_filter :ensure_has_create_listing
+    def index
+      render :text => 'score!'
+    end
+  end
 
   class ControllerWhichRequiresFacebookAuthentication < NoisyController
     ensure_authenticated_to_facebook
@@ -135,6 +144,44 @@ def example_rails_params_including_fb(options={})
 
   end
 
+class RailsIntegrationTestForExtendedPermissions < Test::Unit::TestCase
+  def setup
+    ENV['FACEBOOK_API_KEY'] = '1234567'
+    ENV['FACEBOOK_SECRET_KEY'] = '7654321'
+    @controller = ControllerWhichRequiresExtendedPermissions.new
+    @request    = ActionController::TestRequest.new
+    @response   = ActionController::TestResponse.new
+    @controller.stubs(:verify_signature).returns(true)
+  end
+
+  def test_redirects_without_set_status
+    post :index,example_rails_params_including_fb
+    assert_response :success
+    assert_equal("<fb:redirect url=\"http://www.facebook.com/authorize.php?api_key=1234567&v=1.0&ext_perm=status_update\" />", @response.body)
+  end
+  def test_redirects_without_photo_upload
+    post :index,example_rails_params_including_fb.merge(:fb_sig_ext_perms=>"status_update")
+    assert_response :success
+    assert_equal("<fb:redirect url=\"http://www.facebook.com/authorize.php?api_key=1234567&v=1.0&ext_perm=photo_upload\" />", @response.body)
+  end
+  def test_redirects_without_create_listing
+    post :index,example_rails_params_including_fb.merge(:fb_sig_ext_perms=>"status_update,photo_upload")
+    assert_response :success
+    assert_equal("<fb:redirect url=\"http://www.facebook.com/authorize.php?api_key=1234567&v=1.0&ext_perm=create_listing\" />", @response.body)
+  end
+
+  def test_renders_with_permission
+    post :index,example_rails_params_including_fb.merge(:fb_sig_ext_perms=>"status_update,photo_upload,create_listing")
+    assert_response :success
+    assert_equal("score!", @response.body)
+
+  end
+  private
+    def example_rails_params_including_fb
+      {"fb_sig_time"=>"1186588275.5988", "fb_sig"=>"7371a6400329b229f800a5ecafe03b0a", "action"=>"index", "fb_sig_in_canvas"=>"1", "fb_sig_session_key"=>"c452b5d5d60cbd0a0da82021-744961110", "controller"=>"controller_which_requires_facebook_authentication", "fb_sig_expires"=>"0", "fb_sig_friends"=>"417358,702720,1001170,1530839,3300204,3501584,6217936,9627766,9700907,22701786,33902768,38914148,67400422,135301144,157200364,500103523,500104930,500870819,502149612,502664898,502694695,502852293,502985816,503254091,504510130,504611551,505421674,509229747,511075237,512548373,512830487,517893818,517961878,518890403,523589362,523826914,525812984,531555098,535310228,539339781,541137089,549405288,552706617,564393355,564481279,567640762,568091401,570201702,571469972,573863097,574415114,575543081,578129427,578520568,582262836,582561201,586550659,591631962,592318318,596269347,596663221,597405464,599764847,602995438,606661367,609761260,610544224,620049417,626087078,628803637,632686250,641422291,646763898,649678032,649925863,653288975,654395451,659079771,661794253,665861872,668960554,672481514,675399151,678427115,685772348,686821151,687686894,688506532,689275123,695551670,710631572,710766439,712406081,715741469,718976395,719246649,722747311,725327717,725683968,725831016,727580320,734151780,734595181,737944528,748881410,752244947,763868412,768578853,776596978,789728437,873695441", "fb_sig_added"=>"0", "fb_sig_api_key"=>"b6c9c857ac543ca806f4d3187cd05e09", "fb_sig_user"=>"744961110", "fb_sig_profile_update_time"=>"1180712453"}
+    end
+
+end  
 
 class RailsIntegrationTestForApplicationInstallation < Test::Unit::TestCase
   def setup

diff --git a/test/user_test.rb b/test/user_test.rb
@@ -73,6 +73,13 @@ def test_can_send_email
     @user.send_email("subject", nil, "body fbml")
   end
 
+  def test_can_set_status_with_string
+    @session.expects(:post).with('facebook.users.setStatus', :status=>"my status",:status_includes_verb=>1)
+    @user.status="my status"
+  end
+
+
+
   def test_to_s
     assert_equal("1234",@user.to_s)
   end