0

If people remove an application in their facebook settings they are able to do that without checking "remove all app activities".

enter image description here

(Screen is german, but the text right to the checkbox says: "Remove all app activities")

Im using this code snippet for authentication:

$user = null;
$facebook = new Facebook(array(
  'appId'  => 'MYID',
  'secret' => 'MYSECRET',
  'cookie' => true
));
$user = $facebook->getUser();
if (!$user)
{
   //Request new Authentication, get Permissions and Token
}
else
{
   //Start App
}

If someone removed the App without checking that option, he can still visit my app and $user still contains the user id so no new authentication process is initiated.

But I do really wonder, what exactly is removed if you are not checking that option and if really all my permissions are still there? Otherwise if not, how can I detect this kind of "light deletion"?

SamiSalami
  • 667
  • 2
  • 10
  • 22

1 Answers1

1

The option only prevents things from being shared on their profile. They have not removed the app entirely, which is why you don't need to re-auth them.

They would need to remove the app from the App Settings Page. This will remove all access to the user's profile and then you would need to re-auth the user.

Niraj Shah
  • 15,087
  • 3
  • 41
  • 60
  • So all permissions are still given? Even the permission to post on their wall? That would be content sharing on their profile after all. – SamiSalami Aug 07 '12 at 11:50
  • The checkbox means the user has removed the permission to publish to wall. As this is an app activity. – Niraj Shah Aug 07 '12 at 12:17
  • Well if a wall post is a must for the process in the app, it is somehow a problem, that the user can alter the permissions, but I guess I will have to detect that change and ask for his permission again :-) – SamiSalami Aug 07 '12 at 13:01
  • 1
    You can detect which permissions the user has allowed, and then prompt them for it again. Read up on the Facebook documentation. – Niraj Shah Aug 07 '12 at 13:05
  • Yeah, thank you very much, for other people who are stuck at this point here are all methods to get the granted permissions explained: http://www.masteringapi.com/tutorials/how-to-check-if-user-has-certian-permission-facebook-api/22/ – SamiSalami Aug 07 '12 at 14:02