polis icon indicating copy to clipboard operation
polis copied to clipboard
verified publisher icon compdemocracy

Make scope of Facebook permissions/privacy configurable

Open patcon opened this issue 5 years ago • 8 comments

Re-ticketed from https://github.com/pol-is/polisClientAdmin/pull/20 (see for details)

To Dos

  • [x] write code
  • [x] doc feature (~~including in relation to GDPR/privacy~~)

patcon avatar May 08 '20 14:05 patcon

Would a good approach to this be to default to the minimum possible permissions to log in (public_profile), but allow admin to add each additional permission as comma-separated string in config. Functionality will be enabled if a permission is there, but gracefully still function without it.

Relevant code:

https://github.com/pol-is/polisServer/blob/5ac29b7245a7b198e40d1727ea246ed25acfecb7/client-admin/src/actions/index.js#L568-L580

https://github.com/pol-is/polisServer/blob/5ac29b7245a7b198e40d1727ea246ed25acfecb7/client-participation/js/util/facebookButton.js#L62-L79

FB Permissions doc: https://developers.facebook.com/docs/facebook-login/permissions/

We should prob document which features each permission scope facilitates. Would also love to find/document where in the code relevant fields are used.

  • public_profile (default): documentation of fields
  • email: subscribing to convos, and logging in, ...?
  • user_location: get account-holder's city name. not sure why used.
  • user_friends: get list of account-holders friends who are ALSO using pol.is via FB. this allows showing someone's friends in the visualization.

EDIT: Ah, seems they're all already optional, just bc of how FB works -- i'm new here :)

patcon avatar May 12 '20 00:05 patcon

Hm. Seems that user_locations is only requested in one client's FB button login (client-participation but not client-admin). And while there is still a participant_location database table in server, and an endpoint /api/v3/locations, and some spots in client-participation.

Mind if we strip out the user_location perm vestiges and endpoints?

patcon avatar May 12 '20 01:05 patcon

@metasoarous @colinmegill can email permission also be left out without breaking functionality?

patcon avatar May 12 '20 01:05 patcon

@urakagi why did you limit the fields returned via /me?fields=foo,bar? Was it just to create clarity that only fields foo and bar were being used by you?

patcon avatar May 12 '20 01:05 patcon

@patcon I think it's because Facebook changed the API and now you need to write like that instead. I can't recall but maybe the parameter object was deprecated and actually do nothing, I just didn't remove it. Please check Facebook's API document for the correct code.

urakagi avatar May 12 '20 06:05 urakagi

By default, new FB apps require their associated webapps to be served via https: Screen Shot 2020-05-12 at 5 22 40 PM

This can be disabled, but it seems just as simple to create a self-signed cert within docker -- it can be done with the tiny docker image omgwtfssl image: https://github.com/paulczar/omgwtfssl

patcon avatar May 12 '20 20:05 patcon

Code spike here: https://github.com/pol-is/polisServer/pull/253

patcon avatar May 12 '20 21:05 patcon

Re: Facebook login and GDPR: https://www.facebook.com/business/m/one-sheeters/gdpr-developer-faqs

Do developers need additional disclosures or consent to use Facebook Login and Account Kit?

In the case of Account Kit, [...]

Facebook Login does not collect consent to process data about a data subject on behalf of your business. If you plan to use consent as a basis for processing data, you must collect that consent separately yourself pursuant to your Privacy Policies [#226], as noted in our Platform Policy.

patcon avatar May 12 '20 21:05 patcon