Facebook test users can't do wall post

For our website, we do a lot of automated tests. So, recently I've just written a method using Facebook Graph API that create a wall post on feed. This method works when I test it live using real facebook accounts. However, when I use facebook test users (with permission set to "publish_stream"), then I get 403 forbidden.

Are "test users" not allowed to make wall post? or is there something that I am not doing right?

This is my test code written in groovy

void testPostMessageOnWall() {
    def appAccessToken = facebookService.getAppAccessToken()
    assertNotNull appAccessToken

    def testUser1 = facebookService.createTestAccount("Ryoko UserOne", appAccessToken)
    assertNotNull testUser1
    def testUser2 = facebookService.createTestAccount("Ryoko UserTwo", appAccessToken)
    assertNotNull testUser2

    def response = facebookService.connectTwoTestAccount(testUser1.id, testUser1.access_token, testUser2.id, testUser2.access_token)
    assertTrue response

    println testUser1
    println testUser2

    def postResponse = facebookService.postMessageOnWall([accessToken:testUser1.access_token,
                                                          from:testUser1.id,
                                                          to:testUser2.id,
                                                          message:"Join ryoko.it. It's nice there!",
                                                          link:"http://ryoko.it",
                                                          name:"name of website",
                                                          caption:"ryoko.it",
                                                          description:"description",
                                                          picture:"http://ryoko.it/images/ryoko.png"
                                                          ])

    println postResponse
    assertNotNull postResponse

    facebookService.deleteTestAccount(testUser1.id, testUser1.access_token)
    facebookService.deleteTestAccount(testUser2.id, testUser2.access_token)
}

This test makes two test users/accounts and make them friends of each other, then testUser1 post something in testUser2's wall. It fails in line: assertNotNull postResponse.

This is the header of the response:

Date: Thu, 01 Sep 2011 18:39:10 GMT
WWW-Authenticate: OAuth "Facebook Platform" "insufficient_scope" "(#200) The user hasn't    authorized the application to perform this action"
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
X-Cnection: close
X-FB-Rev: 433230
Content-Length: 146
Pragma: no-cache
X-FB-Server: 10.64.212.43
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-store
Expires: Sat, 01 Jan 2000 00:00:00 GMT

data:
{
  "error": {
    "type": "OAuthException",
    "message": "(#200) The user hasn't authorized the application to perform this action"
   }
}

The user is created as such:

def createTestAccount(fullname, appAccessToken) {
    def accessToken = appAccessToken
    def urlString = "${GRAPH_API_URL}/${APP_ID}/accounts/test-users?installed=true"
    def encodedFullname = URLEncoder.encode(fullname, "UTF-8")
    urlString += "&name=${encodedFullname}"
    urlString += "&permission=create_note,email,offline_access,photo_upload,publish_stream,read_friendlists,share_item,status_update,video_upload"
    urlString += "&method=post"
    urlString += "&access_token=${accessToken}"
    def url = new URL(urlString)
    def connection = url.openConnection()
    def userDetails

    if (connection.responseCode == 200) {
        userDetails = JSON.parse(connection.content.text)
    }
    else {
        println "[FACEBOOK]\tResponse code ${connection.responseCode}: ${connection.responseMessage} [${urlString}]"
    }

    userDetails
}

and the post message goes like this:

def postMessageOnWall(params) {
    assert params.accessToken
    assert params.from
    assert params.to

    def content = "access_token=${postEncode(params.accessToken)}"
    if (params.message)     content += "&message=${postEncode(params.message)}"
    if (params.link)        content += "&link=${postEncode(params.link)}"
    if (params.name)        content += "&name=${postEncode(params.name)}"
    if (params.caption)     content += "&caption=${postEncode(params.caption)}"
    if (params.description) content += "&description=${postEncode(params.description)}"
    if (params.picture)     content += "&picture=${postEncode(params.picture)}"
    if (params.from)        content += "&from=${postEncode(params.from)}"
    if (params.to)          content += "&to=${postEncode(params.to)}"

    def urlString = "${GRAPH_API_URL}/${params.to}/feed"
    def url = new URL(urlString)
    def connection = url.openConnection()
    connection.doOutput = true
    connection.setRequestMethod("POST")
    connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded")
    connecti开发者_运维知识库on.setRequestProperty("Content-Length", "${content.size()}")

    println content

    def writer = new OutputStreamWriter(connection.outputStream)
    writer.write(content)
    writer.flush()
    writer.close()
    connection.connect()

    def response

    if (connection.responseCode == 200) {
        response = JSON.parse(connection.content.text)
    }
    else {
        println "[FACEBOOK]\tResponse code ${connection.responseCode}: ${connection.responseMessage} [${urlString}]"
    }

    println "response: ${response}"

    response
}

Even though it works using real facebook accounts (by filling in the id and access token manually), this still bothers me. I'm genuinely curious about you think the problem might be.

In your createTestAccount(), the query parameter 'permission' should be 'permissions' (in plural form).