array( 'title' => t('Edit own extended Facebook permissions'), ), ); } function fb_permission_access_perms($perms) { if (is_string($perms)) { $perms = explode(',', $perms); } $count = 0; extract(fb_vars()); if ($fbu) { try { $api_data = fb_api('me/permissions'); $granted = $api_data['data'][0]; foreach ($perms as $perm) { if (empty($granted[$perm]) || !$granted[$perm]) { $auth_url = url('http://www.facebook.com/dialog/oauth/', array( 'query' => array( 'scope' => implode(',', $perms), 'client_id' => $fb_app->id, 'redirect_uri' => url(request_path(), array('absolute' => TRUE)), 'response_type' => 'token', ), 'absolute' => TRUE, )); drupal_set_message(t('Additional permissions are required. Grant permissions to continue.', array( '!url' => $auth_url, )), 'error'); $GLOBALS['_fb_permission_extra_perms'] = $perms; return FALSE; } else { $count++; } } } catch (Exception $e) { fb_log_exception($e, __FUNCTION__); } } else { // User not connected. // Ensure all connect buttons on this page include these perms. $GLOBALS['_fb_permission_extra_perms'] = $perms; drupal_set_message(t('Facebook Connect is required. !login_button', array( '!login_button' => theme('fb_login_button', array( 'text' => t('Connect to continue'), )), )),'error'); } return ($count == count($perms)); } /** * Helper function for menu item access check. */ function fb_permission_access_own($account, $perm) { if (fb_facebook_user()) { return ($GLOBALS['user']->uid == $account->uid && user_access($perm)); } } // TODO: make this work. function fb_permission_fb($op, $data, &$return) { if ($op == FB_OP_JS && FALSE) { // Disabled because the login popup not really working. // fb.module is adding javascript to the page footer. if (!empty($GLOBALS['_fb_permission_extra_perms'])) { // We know from access hook that additional perms are required. // Use javascript to ask for them. $perms = array(); drupal_alter('fb_required_perms', $perms); $perm_string = json_encode(implode(',', $perms)); $return['fb_permission_0'] = "debugger;"; $return['fb_permission'] = "FB.login(function(response){}, {scope:$perm_string});"; // Haven't figured out how to make this dialog work. //$return['fb_permission'] = "FB.ui({method:'oauth',scope:$perm_string}, function(response){debugger;});"; //dpm($return); } } } /** * Which permissions can we prompt for? * * @TODO - update this list and/or make it customizable. */ function fb_permission_map($fb) { static $perms; // http://developers.facebook.com/docs/reference/fql/permissions_info $result = fb_fql_query($fb, "SELECT permission_name, header, summary FROM permissions_info WHERE 1", // FQL, no {curly_brackets} array('access_token' => fb_get_token($fb))); if (!isset($perms)) { foreach ($result as $data) { $perms[$data['permission_name']] = 'Allow %application to ' . strtolower($data['summary'] ? $data['summary'] : 'access ' . $data['header']); } } return $perms; } /** * Implements hook_fb_required_perms_alter(). * * fb_connect.module can calls this to learn when perms to add to login-button. */ function fb_permission_fb_required_perms_alter(&$perms) { global $_fb, $_fb_app; $fb_app_data = fb_get_app_data($_fb_app); if (isset($fb_app_data['fb_permission'])) { $fb_permission_data = $fb_app_data['fb_permission']; foreach ($fb_permission_data['prompt'] as $key => $value) { if ($value) { $perms[$key] = $key; } } } if (!empty($GLOBALS['_fb_permission_extra_perms'])) { // Some page require additional perms, and it makes sense to include those on all connect buttons and links. foreach ($GLOBALS['_fb_permission_extra_perms'] as $key) { $perms[$key] = $key; } } } /** * Implements hook_user_categories(). */ function fb_permission_user_categories() { $items = array(); // A tab for each application foreach (fb_get_all_apps() as $fb_app) { // TODO: limit only to apps which can be added to a user's account. $items[] = array( 'name' => $fb_app->label, 'title' => $fb_app->title, 'access callback' => 'fb_permission_access_own', 'access arguments' => array(1, 'edit own extended permissions'), 'weight' => 2); } return $items; } /** * Implements hook_form_FORM_ID_alter() */ function fb_permission_form_user_profile_form_alter(&$form, &$form_state) { $category = $form['#user_category']; $account = $form_state['user']; // See if the category corresponds to a facebook app. $fb_app = fb_get_app(array('label' => $category)); if ($fb_app) { $fb = fb_api_init($fb_app); $map = fb_permission_map($fb); // All known permissions. // Show only permissions we've configured for this app. $fb_app_data = fb_get_app_data($fb_app); $fb_permission_data = $fb_app_data['fb_permission']; if (is_array($fb_permission_data['map'])) { foreach ($fb_permission_data['map'] as $key => $value) { if (!$value) unset($map[$key]); } } /* Should not be necessary to wrap in serverfbml, as prompt-permission is documented as XFBML. $form = array( 'perms' => array( '#prefix' => '