Do Facebook API Settings allow developer only access? - ruby

I am working on an app in ruby using:koala:omniauth
When I click share to wall from the application it allows me to share and
changes my permission accordingly. When I use an account that is not setup as a developer it sends 200 error "permissions not provided." but does not ask for "permissions" like it did with the account connected to facebook developer.
Is there a setting somewhere on Facebook developer that controls this?
I would like all users to be re-asked the permission and not just developers of the app.

Yes, you need to ask Facebook to review the app for special permissions..

Related

How can we add a bot when we are not the owner of the server?

I'm writing a bot for someone in python using Discord.py. Kindly share some knowledge regarding this issue.
To add a bot to a server you need to firstly have the "Manage Server" or "Administrator" permission in that server.
Then head to the Discord Developer Portal > Your Application > OAuth2 and click on the scopes you need ("Bot" is the one needed for bot commands although you will need "applications.commands" if you plan to use the new slash commands. It will generate a link that you (or someone else, if you have made it a public bot in the bot tab of the portal) can click on to add the bot to their server.
A bot must be created. To do this, log into the Discord Developer Portal and see your applications there.
To make the whole thing a bot navigate in your application as followed:
Application - New Application - Bot - Add Bot
To add the necessary permissions I recommend the following page:
https://discordapi.com/permissions.html#
Here you will get a number spit out when you are done.
To add the bot you need the Manage Server or Administrator permission. The bot does not have to be public, because you as the owner can always add it, but not others if it is set to "Private".
The invitation link is/can be structured as followed:
https://discord.com/oauth2/authorize?client_id=ApplicationID&scope=bot&permissions=Permissions
Just add the ApplicationID (You can find it in the Developer Portal of the application under "General Information") and the permissions of Discord Permissions Calculator to the end.
(Replace the words with your Application ID and the permission "code".)
You can't do this unless you selfbot, however this is against Discord's ToS and the account that you're using can get banned because Discord often checks for people who selfbot.

What does Google Play do with the Privacy Policy Link I provide it with?

I am developing an app that will stand on its own without a Website (at the moment).
According to Google Play, I must provide a Privacy Policy URL because my app requires the android.permission.CAMERA permission.
I know that I can place a Privacy Policy on a static hosted Website and give that URL to Google Play, but I would like to know what Google Play will use that URL for.
Does it just give the users the link and if clicked will take the user to the static page where the privacy policy is hosted?
Does it crawl the page and extracts information from it to display the info within the Play Store?
Thanks
There are 2 types of permissions : Normal and Dangerous as listed here
The purpose of a permission is to protect the privacy of an Android
user.
Android apps must request permission to access sensitive user data (such as contacts and SMS), as well as certain system features (such as camera and internet). Depending on the feature, the system might grant the permission automatically or might prompt the user to approve the request.
read more here : https://developer.android.com/guide/topics/permissions/overview
So if you using some of Dangerous level permissions in your app , google will definitely ask you to provide Privacy Policy before uploding apk to playstore .
so if you not provide link , they will not approve your apk build to publish in playstore.
Yes , they also display Privacy Policy Link to all users in ADDITIONAL INFORMATION section in Playstore .
For Example See Below Picture :

How to get authorization for accessing Google Play developer API

I am trying to access Google play developer API https://developers.google.com/android-publisher/ to build an inapp purchase product for my company Application.
We have to get authorization to make a GET call to the Google play developer API. https://developers.google.com/android-publisher/api-ref/purchases/subscriptions/get
I followed the steps presented here. https://developers.google.com/android-publisher/authorization
Created an Oauth client and and also service account. The gmail account I used was part of the 'Users and permissions' in play.google.com console.
But when I tried to access the API, I got an error
As I started searching about this error, I understood that there is something else called 'API Access' in play.google.com. When I tried to access it, All I saw was
But I saw in other posts that there exists a screen with details like
https://i.stack.imgur.com/Hdjjy.png
So how can I go forward to access API. I did everything as mentioned in documentation of google but it didnt work. Also I dont have access to see the screen of 'API Access'.
Also I am confused, if you can create service accounts from both 'API Access' screen and also from 'credentials' screen in console.developers.com, which one should be used ?
Just to check you understand there are a few different APIs to do with in-app purchases.
Play billing library is designed to be used in your app. This is what allows users to buy things from your app
Configuring in app products. When your app supports in-app products you have to support what the products are and the prices. This is done via the Play console, either manually or in batches uploading CSV files.
Finally is the API you refer to in your question. This is not designed for use in your app, and you don't have to use it to support in-app products. Instead this API allows your server (not app) to validate a user's purchase. In order to use this API, you need to enable the "API access" in the page you found. This can only be enabled by the account owner for the Play console, for security reasons. You will need to find the Owner of your Google Play account, and get them to log in and create a service account which has API access.
I am able to access it now. I am not the owner of the Google Play console.That was the issue. You just have to go to API Access page and click on "create OAuth Client" or "create Service Account ".
You can use those credentials to access API from postman or through your code.

Google Marketplace SDK - Test Install Flow issue

I have created an app in the Google Apps Marketplace SDK and now I have the "Test Install Flow" button, which is fine,. however, when I click it, a popup for business account signup appears and asks me to set up a real Google business account. How can I simply test it with the same developer account I have?
Had the same issue. It occurs when you first log in to Google with a non-Google Apps account (like a free Gmail account), after which Google Apps accounts are added (i.e. are logged in).
As Ben Clifford suggests in comments, one needs to be signed in first with a Google Apps account (after logging out completely). As a best practice, use Google Apps accounts in one web browser, and free Gmail account(s) in a different browser - to avoid further issues.
You have to test it with a Google Apps account. Apparently yours is not one of those, so they're asking you to sign up. If you have a different Google account that has Google Apps already, you can add that account to the project in Permissions -> Add Member, and then use "Test Install Flow" while logged in as that other account.

Access user accounts in a domain without administrator rights

I am making a very simple marketplace app using the new SDK (Oauth 2.0). One of the steps would be to automatically invite team members for a closed group so I would need access to team members (users in same domain) from the user that is starting the process going through the default "navigator icon in google navigation menu".
This is working fine, however it is only working for administrators (tried with both Directory API and Profiles data API).Is there a way to simply "read" the email from users without needing to have administrator rights? It seems quite an overkill to ask a user to be administrator just for the purpose of being able to invite his team members.
These email addresses are in the user contact list for example, when writing an email they are automatically there so it shoulnt be much of permission problem I guess. can anyone help a bit on how I can accomplish this? Maybe a different API that I have not found?
Very much appreciated,
Best regards,
Joao Garin
You can use "Service Accounts" to access the Directory API on behalf of the Administrator when any user accesses the App.
The Drive API has a really good set of samples here - https://developers.google.com/drive/delegation
This same technique will work with Admin SDK. The end result is the auth is not made on behalf of the user at the keyboard but as an authorized Service Account. This Service Account is authorized by the admin at the time of install.

Resources