Facebook Apps: Additional permissions

I have a working Facebook app that most users will use just once. Leading into the Facebook workflow, users indicate if they want their wall to be written to or not. Based on that, I either ask for the publish_stream permission or not.

Later, a small percentage of users will come back and use the app again. Some of the people who previously did not want to write to the wall (and thusly I d开发者_如何学Pythonidn't ask for publish_stream) now want to write to their wall.

How do I request an additional permission after the user has already authorized the app?

Similarly, how can I query a user to list which permissions they have already granted?

It's as simple as adding the new permission to a new fb:login-button:

<fb:login-button scope="publish_stream">
  Let me write on your wall!
</fb:login-button>

So for example you have the above hidden in a DIV and if the user tick a checkbox you show the DIV and prompt the new permission!

A good live example of this is on the Facebook Test Console:

1. Click login to "add" the application
2. Then click on examples
3. Under fb.api choose does-like

Now you can see that even after being *connected to the application (test console app), you can actually have another login button to prompt the user!

EDIT:
To check if the user has granted your application a permission, just use this FQL:

SELECT read_stream,offline_access FROM permissions WHERE uid=me()

This would return something like:

[
  {
    "read_stream": 1,
    "offline_access": 0
  }
]

To test it, just use the test console posted early.

EDIT 2:
To construct the link yourself without XFBML or Javascript, you just need to add the scope parameter with the additional perms (reference):

https://www.facebook.com/dialog/oauth?
     client_id=YOUR_APP_ID&redirect_uri=YOUR_URL&scope=publish_stream

Or if your are using the PHP-SDK:

$loginUrl = $facebook->getLoginUrl(array(
    "scope" => "publish_stream"
));

I was looking at this the other day! If you read through http://developers.facebook.com/docs/authentication, there are several different ways of displaying a little popup box to request extra permissions.

I'm not sure how this works with a Facebook App, but I know on a website using Facebook Connect, if you try to request permissions that the user already has accepted, then the page automatically redirects back to the redirect_url that you set.