mmangino-facebooker 1.0.13 → 1.0.14

data/History.txt

@@ -1,4 +1,4 @@
-=== x.x.x / 2009-xx-xx
+=== 1.0.13 / 2009-02-26
 
 * Modified fql_query to return results as Hashes as a last resort [Alan Larkin]
 * fixed typo in set app properties parser [Andrew Grim, shane]

data/lib/facebooker/admin.rb

@@ -18,6 +18,20 @@ module Facebooker
       hash = JSON.parse(CGI.unescapeHTML(json))
       @properties = ApplicationProperties.from_hash(hash)
     end
+    
+    # ** BETA ***
+    # +restrictions+: Hash of restrictions you want to set.
+    def set_restriction_info(restrictions)
+      restrictions = restrictions.respond_to?(:to_json) ? restrictions.to_json : restrictions
+      (@session.post 'facebook.admin.setRestrictionInfo', :restriction_str => restrictions) == '1'
+    end
+    
+    # ** BETA ***
+    def get_restriction_info(*restrictions)
+      json = @session.post('facebook.admin.getRestrictionInfo')
+      hash = JSON.parse(CGI.unescapeHTML(json))
+      @restrictions = ApplicationRestrictions.from_hash(hash)
+    end
   
     # Integration points include..
     #   :notifications_per_day, :requests_per_day, :emails_per_day, :email_disable_message_location

data/lib/facebooker/model.rb

@@ -119,10 +119,10 @@ module Facebooker
     ##
     # Set model's attributes via Hash.  Keys should map directly to the model's attribute names.
     def populate_from_hash!(hash)
-      unless hash.empty?
+      unless hash.nil? || hash.empty?
         hash.each do |key, value|
           set_attr_method = "#{key}="
-          if respond_to?(set_attr_method)
+          if !value.nil? and respond_to?(set_attr_method)
             self.__send__(set_attr_method, value) 
           else
             Facebooker::Logging.log_info("**Warning**, Attempt to set non-attribute: #{key}",hash)

data/lib/facebooker/models/user.rb

@@ -10,8 +10,8 @@ module Facebooker
       include Model
       attr_accessor :message, :time, :status_id
     end
-    FIELDS = [:status, :political, :pic_small, :name, :quotes, :is_app_user, :tv, :profile_update_time, :meeting_sex, :hs_info, :timezone, :relationship_status, :hometown_location, :about_me, :wall_count, :significant_other_id, :pic_big, :music, :uid, :work_history, :sex, :religion, :notes_count, :activities, :pic_square, :movies, :has_added_app, :education_history, :birthday, :first_name, :meeting_for, :last_name, :interests, :current_location, :pic, :books, :affiliations, :locale, :profile_url, :proxied_email,:email_hashes]
-    STANDARD_FIELDS = [:uid, :first_name, :last_name, :name, :timezone, :birthday, :sex, :affiliations, :locale, :profile_url]
+    FIELDS = [:status, :political, :pic_small, :name, :quotes, :is_app_user, :tv, :profile_update_time, :meeting_sex, :hs_info, :timezone, :relationship_status, :hometown_location, :about_me, :wall_count, :significant_other_id, :pic_big, :music, :uid, :work_history, :sex, :religion, :notes_count, :activities, :pic_square, :movies, :has_added_app, :education_history, :birthday, :first_name, :meeting_for, :last_name, :interests, :current_location, :pic, :books, :affiliations, :locale, :profile_url, :proxied_email, :email_hashes, :allowed_restrictions]
+    STANDARD_FIELDS = [:uid, :first_name, :last_name, :name, :timezone, :birthday, :sex, :affiliations, :locale, :profile_url, :pic_square]
     populating_attr_accessor *FIELDS
     attr_reader :affiliations
     populating_hash_settable_accessor :current_location, Location

data/lib/facebooker/parser.rb

@@ -144,6 +144,12 @@ module Facebooker
       array_of_hashes(element('pages_getInfo_response', data), 'page')
     end
   end
+  
+  class PagesIsFan < Parser#:nodoc:
+    def self.process(data)
+      element('pages_isFan_response', data).text_value == '1'
+    end
+  end  
 
   class PublishStoryToUser < Parser#:nodoc:
     def self.process(data)
@@ -199,6 +205,18 @@ module Facebooker
     end
   end
   
+  class SetRestrictionInfo < Parser#:nodoc:
+    def self.process(data)
+      element('admin_setRestrictionInfo_response', data).text_value
+    end
+  end  
+  
+  class GetRestrictionInfo < Parser#:nodoc:
+    def self.process(data)
+      element('admin_getRestrictionInfo_response', data).text_value
+    end
+  end
+  
   class GetAllocation < Parser#:nodoc:
     def self.process(data)
       element('admin_getAllocation_response', data).text_value
@@ -484,7 +502,7 @@ module Facebooker
       if response_element
         hash = hashinate(response_element)
         exception = EXCEPTIONS[Integer(hash['error_code'])] || StandardError
-        raise exception.new(hash['error_msg'])
+        raise exception, hash['error_msg']
       end
     end
   end
@@ -501,6 +519,7 @@ module Facebooker
       'facebook.users.hasAppPermission' => UserHasPermission,
       'facebook.pages.isAdmin' => PagesIsAdmin,
       'facebook.pages.getInfo' => PagesGetInfo,
+      'facebook.pages.isFan' => PagesIsFan,      
       'facebook.friends.get' => GetFriends,
       'facebook.friends.getLists' => FriendListsGet,
       'facebook.friends.areFriends' => AreFriends,
@@ -526,6 +545,8 @@ module Facebooker
       'facebook.data.getCookies' => GetCookies,
       'facebook.admin.setAppProperties' => SetAppProperties,
       'facebook.admin.getAppProperties' => GetAppProperties,
+      'facebook.admin.setRestrictionInfo' => SetRestrictionInfo,
+      'facebook.admin.getRestrictionInfo' => GetRestrictionInfo,
       'facebook.admin.getAllocation' => GetAllocation,
       'facebook.batch.run' => BatchRun,
       'facebook.fql.query' => FqlQuery,

data/lib/facebooker/rails/controller.rb

@@ -6,7 +6,7 @@ module Facebooker
       include Facebooker::Rails::ProfilePublisherExtensions
       def self.included(controller)
         controller.extend(ClassMethods)
-        controller.before_filter :set_adapter
+        #controller.before_filter :set_adapter <-- security hole noted by vchu
         controller.before_filter :set_fbml_format
         controller.helper_attr :facebook_session_parameters
         controller.helper_method :request_comes_from_facebook?
@@ -21,16 +21,26 @@ module Facebooker
         {:fb_sig_session_key=>params[:fb_sig_session_key]}
       end
       
+      def create_facebook_session
+        secure_with_facebook_params! || secure_with_cookies! || secure_with_token!
+      end
       
       def set_facebook_session
-        returning session_set = session_already_secured? ||  secure_with_facebook_params! || secure_with_cookies! || secure_with_token!  do
-          if session_set
-            capture_facebook_friends_if_available! 
-            Session.current = facebook_session
-          end
+        # first, see if we already have a session
+        session_set = session_already_secured?
+        # if not, see if we can load it from the environment
+        unless session_set
+          session_set = create_facebook_session
+          session[:facebook_session] = @facebook_session if session_set
         end
+        if session_set
+          capture_facebook_friends_if_available! 
+          Session.current = facebook_session
+        end
+        return session_set
       end
       
+      
       def facebook_params
         @facebook_params ||= verified_facebook_params
       end      
@@ -101,7 +111,7 @@ module Facebooker
           
           @facebook_session = new_facebook_session
           @facebook_session.secure_with!(parsed['session_key'],parsed['user'],parsed['expires'],parsed['ss'])
-          session[:facebook_session] = @facebook_session
+          @facebook_session
       end
     
       def secure_with_token!
@@ -109,7 +119,7 @@ module Facebooker
           @facebook_session = new_facebook_session
           @facebook_session.auth_token = params['auth_token']
           @facebook_session.secure!
-          session[:facebook_session] = @facebook_session
+          @facebook_session
         end
       end
       
@@ -119,7 +129,7 @@ module Facebooker
         if ['user', 'session_key'].all? {|element| facebook_params[element]}
           @facebook_session = new_facebook_session
           @facebook_session.secure_with!(facebook_params['session_key'], facebook_params['user'], facebook_params['expires'])
-          session[:facebook_session] = @facebook_session
+          @facebook_session
         end
       end
       

data/lib/facebooker/rails/helpers/fb_connect.rb

@@ -11,27 +11,56 @@ module Facebooker
           end
         end
         
-        def init_fb_connect(*required_features)
+        def init_fb_connect(*required_features,&proc)
+          additions = ""
+          if block_given?
+            additions = capture(&proc)
+          end
           init_string = "FB.Facebook.init('#{Facebooker.api_key}','/xd_receiver.html');"
           unless required_features.blank?
              init_string = <<-FBML
               Element.observe(window,'load', function() {
                 FB_RequireFeatures(#{required_features.to_json}, function() {
                   #{init_string}
+                  #{additions}
                 });
               });
               FBML
           end
-          javascript_tag init_string
+          if block_given?
+            concat javascript_tag(init_string)
+          else
+            javascript_tag init_string
+          end
         end
         
         def fb_login_button(callback=nil)
           content_tag("fb:login-button",nil,(callback.nil? ? {} : {:onlogin=>callback}))
         end
+        def fb_login_and_redirect(url)
+          js = update_page do |page|
+            page.call "FB.Connect.logoutAndRedirect",url
+          end
+          content_tag("fb:login-button",nil,:onlogin=>js)
+        end
         
         def fb_unconnected_friends_count
           content_tag "fb:unconnected-friends-count",nil
         end
+        
+        def fb_logout_link(text,url)
+          js = update_page do |page|
+            page.call "FB.Connect.logoutAndRedirect",url
+          end
+          link_to_function text, js
+        end
+        
+        def fb_user_action(action)
+          update_page do |page|
+            page.call "FB.Connect.showFeedDialog",action.template_id,action.data,action.target_ids,action.body_general,nil,"FB.RequireConnect.promptConnect"
+          end
+        end
+        
       end
     end
   end

data/lib/facebooker/session.rb

@@ -234,6 +234,11 @@ module Facebooker
       end
     end
 
+    # Takes page_id and uid, returns true if uid is a fan of the page_id
+    def is_fan(page_id, uid)
+      post('facebook.pages.isFan', :page_id=>page_id, :uid=>uid)
+    end    
+
     #
     # Returns a proxy object for handling calls to Facebook cached items
     # such as images and FBML ref handles

data/lib/facebooker/version.rb

@@ -1,8 +1,8 @@
 module Facebooker #:nodoc:
   module VERSION #:nodoc:
-    MAJOR = 0
-    MINOR = 9
-    TINY  = 9
+    MAJOR = 1
+    MINOR = 0
+    TINY  = 13
 
     STRING = [MAJOR, MINOR, TINY].join('.')
   end

data/lib/facebooker.rb

@@ -161,6 +161,7 @@ require 'facebooker/models/page'
 require 'facebooker/models/photo'
 require 'facebooker/models/cookie'
 require 'facebooker/models/applicationproperties'
+require 'facebooker/models/applicationrestrictions'
 require 'facebooker/models/tag'
 require 'facebooker/models/user'
 require 'facebooker/models/info_item'

data/test/facebook_admin_test.rb

@@ -32,6 +32,20 @@ class FacebookAdminTest < Test::Unit::TestCase
     assert_equal 0, p.dev_mode
     assert_equal 'my_canvas', p.canvas_name
   end
+  
+  def test_can_set_restriction_info
+    restrictions = {:age => '21', :type => 'alcohol'}
+    flexmock(@session).should_receive(:post).with('facebook.admin.setRestrictionInfo', :restriction_str => restrictions.to_json).and_return('1').once
+    assert(@session.admin.set_restriction_info(restrictions))
+  end
+  
+  def test_can_get_restriction_info
+    mock_http = establish_session
+    mock_http.should_receive(:post_form).and_return(example_get_restriction_info_xml).once.ordered(:posts)
+    r = @session.admin.get_restriction_info
+    assert_equal 'alcohol', r.type
+    assert_equal '21', r.age
+  end
 
   def test_can_get_allocation
     mock_http = establish_session
@@ -61,6 +75,18 @@ class FacebookAdminTest < Test::Unit::TestCase
     XML
   end
   
+  def example_get_restriction_info_xml
+    <<-XML
+    <?xml version="1.0" encoding="UTF-8"?>
+    <admin_getRestrictionInfo_response
+      xmlns="http://api.facebook.com/1.0/"
+      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+      xsi:schemaLocation="http://api.facebook.com/1.0/http://api.facebook.com/1.0/facebook.xsd">
+        {&quot;age&quot;:&quot;21&quot;,&quot;location&quot;:&quot;&quot;,&quot;age_distribution&quot;:&quot;&quot;,&quot;type&quot;:&quot;alcohol&quot;}
+    </admin_getRestrictionInfo_response>
+    XML
+  end
+  
   def example_get_allocation_xml
     <<-XML
     <?xml version="1.0" encoding="UTF-8"?>

data/test/facebooker_test.rb

@@ -321,6 +321,16 @@ class TestFacebooker < Test::Unit::TestCase
     assert_equal false, @session.post('facebook.pages.isAdmin', :page_id => 123)
   end
 
+  def test_pages_is_fan_true
+    expect_http_posts_with_responses(example_pages_is_fan_true_xml)
+    assert_equal true, @session.post('facebook.pages.isFan', :page_id => 123)
+  end
+
+  def test_pages_is_fan_false
+    expect_http_posts_with_responses(example_pages_is_fan_false_xml)
+    assert_equal false, @session.post('facebook.pages.isFan', :page_id => 123)
+  end
+
   def test_users_set_status_true
     expect_http_posts_with_responses(example_users_set_status_true_xml)
     assert_equal true, @session.post('facebook.users.setStatus', :uid => 123, :status => 'message')
@@ -401,6 +411,20 @@ class TestFacebooker < Test::Unit::TestCase
     XML
   end
 
+  def example_pages_is_fan_true_xml
+    <<-XML
+    <?xml version="1.0" encoding="UTF-8"?>
+      <pages_isFan_response xmlns="http://api.facebook.com/1.0/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://api.facebook.com/1.0/ http://api.facebook.com/1.0/facebook.xsd">1</pages_isFan_response>
+    XML
+  end
+
+  def example_pages_is_fan_false_xml
+    <<-XML
+    <?xml version="1.0" encoding="UTF-8"?>
+      <pages_isFan_response xmlns="http://api.facebook.com/1.0/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://api.facebook.com/1.0/ http://api.facebook.com/1.0/facebook.xsd">0</pages_isFan_response>
+    XML
+  end
+
   def example_users_set_status_true_xml
     <<-XML
     <?xml version="1.0" encoding="UTF-8"?>

data/test/model_test.rb

@@ -87,5 +87,39 @@ class TestFacebooker < Test::Unit::TestCase
       t.first_name
     }
   end
+
+  def test_populate_from_hash_e_should_call_a_setter_for_a_key
+    t = PopulatingThing.new
+    flexmock(t).should_receive('mykey=').with('a value')
+    t.populate_from_hash!({ :mykey => 'a value' })
+  end
+  
+  def test_populate_from_hash_e_should_call_a_setter_for_a_key_if_the_value_is_false
+    t = PopulatingThing.new
+    flexmock(t).should_receive('mykey=').with(false)
+    t.populate_from_hash!({ :mykey => false })
+  end
+
+  def test_populate_from_hash_e_should_call_not_a_setter_for_a_key_if_the_value_is_nil
+    t = PopulatingThing.new
+    flexmock(t).should_receive('mykey=').never
+    t.populate_from_hash!({ :mykey => nil })
+  end
+
+  def test_populate_from_hash_should_check_for_an_empty_hash
+    t = PopulatingThing.new
+    hash = {}
+    flexmock(hash).should_receive('empty?')
+    t.populate_from_hash!(hash)
+  end
+
+  def test_populate_from_hash_should_check_for_a_nil_param
+    t = PopulatingThing.new
+    hash = nil
+    assert_nothing_raised do
+      t.populate_from_hash!(hash)
+    end
+  end
+
 end
 

data/test/rails_integration_test.rb

@@ -18,10 +18,25 @@ begin
     map.connect ':controller/:action/:id', :controller => "plain_old_rails"
   end  
   
+  module FBConnectTestHelpers
+    def setup_fb_connect_cookies(params=cookie_hash_for_auth)
+      params.each {|k,v| @request.cookies[ENV['FACEBOOK_API_KEY']+k] = CGI::Cookie.new(ENV['FACEBOOK_API_KEY']+k,v)} 
+    end
+  
+    def expired_cookie_hash_for_auth
+      {"_ss" => "not_used", "_session_key"=> "whatever", "_user"=>"77777", "_expires"=>"#{1.day.ago.to_i}"}
+    end
+
+    def cookie_hash_for_auth
+      {"_ss" => "not_used", "_session_key"=> "whatever", "_user"=>"77777", "_expires"=>"#{1.day.from_now.to_i}"}
+    end
+  end
   class NoisyController < ActionController::Base
     include Facebooker::Rails::Controller
     def rescue_action(e) raise e end
   end
+  
+  
   class ControllerWhichRequiresExtendedPermissions< NoisyController
     ensure_authenticated_to_facebook
     before_filter :ensure_has_status_update
@@ -32,6 +47,13 @@ begin
     end
   end
   
+  class FBConnectController < NoisyController
+    before_filter :create_facebook_session
+    def index
+      render :text => 'score!'
+    end
+  end
+  
   class ControllerWhichRequiresFacebookAuthentication < NoisyController
     ensure_authenticated_to_facebook
     def index
@@ -139,6 +161,29 @@ begin
     end
   end
   
+  class RailsIntegrationTestForFBConnect < Test::Unit::TestCase
+    include FBConnectTestHelpers
+    
+    def setup
+      ENV['FACEBOOK_CANVAS_PATH'] ='facebook_app_name'
+      ENV['FACEBOOK_API_KEY'] = '1234567'
+      ENV['FACEBOOK_SECRET_KEY'] = '7654321'
+      @controller = FBConnectController.new
+      @request    = ActionController::TestRequest.new
+      @response   = ActionController::TestResponse.new
+      @controller.stubs(:verify_signature).returns(true)
+              
+    end
+    
+    def test_doesnt_set_cookie_but_facebook_session_is_available
+      setup_fb_connect_cookies
+      get :index
+      assert_not_nil @controller.facebook_session
+      assert_nil @response.cookies[:facebook_session] 
+      
+    end
+  end
+  
   class RailsIntegrationTestForNonFacebookControllers < Test::Unit::TestCase
     def setup
       ENV['FACEBOOK_CANVAS_PATH'] ='facebook_app_name'
@@ -256,6 +301,7 @@ class RailsIntegrationTestForApplicationInstallation < Test::Unit::TestCase
 end
   
 class RailsIntegrationTest < Test::Unit::TestCase
+  include FBConnectTestHelpers
   def setup
     ENV['FACEBOOK_CANVAS_PATH'] ='root'
     ENV['FACEBOOK_API_KEY'] = '1234567'
@@ -373,19 +419,19 @@ class RailsIntegrationTest < Test::Unit::TestCase
       session_params = { 'session_key' => '123', 'uid' => '321' }
       session_mock.should_receive(:post).with('facebook.auth.getSession', :auth_token => auth_token).once.and_return(session_params).ordered
       flexmock(@controller).should_receive(:new_facebook_session).once.and_return(session).ordered
-      expired_cookie_hash_for_auth.each {|k,v| @request.cookies[ENV['FACEBOOK_API_KEY']+k] = CGI::Cookie.new(ENV['FACEBOOK_API_KEY']+k,v)} 
+      setup_fb_connect_cookies(expired_cookie_hash_for_auth)
       get :index, modified_params
       assert_equal(321, @controller.facebook_session.user.id)
   end
           
   def test_session_can_be_secured_with_cookies
-    cookie_hash_for_auth.each {|k,v| @request.cookies[ENV['FACEBOOK_API_KEY']+k] = CGI::Cookie.new(ENV['FACEBOOK_API_KEY']+k,v)} 
+    setup_fb_connect_cookies
     get :index, example_rails_params_for_fb_connect
     assert_equal(77777, @controller.facebook_session.user.id)
     end
   
   def test_session_does_NOT_secure_with_expired_cookies
-    expired_cookie_hash_for_auth.each {|k,v| @request.cookies[ENV['FACEBOOK_API_KEY']+k] = CGI::Cookie.new(ENV['FACEBOOK_API_KEY']+k,v)} 
+    setup_fb_connect_cookies(expired_cookie_hash_for_auth)
     get :index, example_rails_params_for_fb_connect
     assert_nil(@controller.facebook_session)
   end
@@ -462,7 +508,6 @@ class RailsIntegrationTest < Test::Unit::TestCase
     
   end
   
-  private
   def example_rails_params_for_fb_connect
     {"action"=>"index", "controller"=>"controller_which_requires_facebook_authentication"}
   end
@@ -939,6 +984,23 @@ class RailsHelperTest < Test::Unit::TestCase
     assert @h.init_fb_connect("XFBML").match(/XFBML/)
   end
   
+  def test_init_fb_connect_with_features_and_body
+    @h.expects(:capture).returns("Body Content")
+    
+    @h.init_fb_connect("XFBML") do
+    end
+    assert @h.output_buffer =~ /Body Content/
+  end
+  
+  def test_fb_login_and_redirect
+    assert_equal @h.fb_login_and_redirect("/path"),"<fb:login-button onlogin=\"FB.Connect.logoutAndRedirect(&quot;/path&quot;);\"></fb:login-button>"
+  end
+  
+  def test_fb_logout_link
+    assert_equal @h.fb_logout_link("Logout","My URL"),"<a href=\"#\" onclick=\"FB.Connect.logoutAndRedirect(&quot;My URL&quot;);; return false;\">Logout</a>"
+  end
+  
+  
   def test_fb_connect_javascript_tag
     assert_equal "<script src=\"http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php\" type=\"text/javascript\"></script>",
       @h.fb_connect_javascript_tag

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: mmangino-facebooker
 version: !ruby/object:Gem::Version 
-  version: 1.0.13
+  version: 1.0.14
 platform: ruby
 authors: 
 - Chad Fowler
@@ -17,6 +17,7 @@ default_executable:
 dependencies: 
 - !ruby/object:Gem::Dependency 
   name: hoe
+  type: :development
   version_requirement: 
   version_requirements: !ruby/object:Gem::Requirement 
     requirements: