Add policy to restrict client domain for Me2Me.

components/policy/resources/policy_templates.json

 {
 # policy_templates.json - Metafile for policy templates
 #
 # The content of this file is evaluated as a Python expression.
 #
 # This file is used as input to generate the following policy templates:
 # ADM, ADMX+ADML, MCX/plist and html documentation.
 #
 # Policy templates are user interface definitions or documents about the
 # policies that can be used to configure Chrome. Each policy is a name-value
@@ skipping 119 matching lines @@
 #   templates and documentation. The policy definition list that Chrome sees
 #   will include policies marked with 'future'. If a WIP policy isn't meant to
 #   be seen by the policy providers either, the 'supported_on' key should be set
 #   to an empty list.
 #
 # IDs:
 #   Since a Protocol Buffer definition is generated from this file, unique and
 #   persistent IDs for all fields (but not for groups!) are needed. These are
 #   specified by the 'id' keys of each policy. NEVER CHANGE EXISTING IDs,
 #   because doing so would break the deployed wire format!
-#   For your editing convenience: highest ID currently used: 315
+#   For your editing convenience: highest ID currently used: 316
 #
 # Placeholders:
 #   The following placeholder strings are automatically substituted:
 #     $1 -> Google Chrome / Chromium
 #     $2 -> Google Chrome OS / Chromium OS
 #     $3 -> Google Chrome Frame / Chromium Frame
 #     $6 is reserved for doc_writer
 #
 # Device Policy:
 #   An additional flag 'device_only' (optional, defaults to False) indicates
@@ skipping 543 matching lines @@
           'caption': '''Enable firewall traversal from remote access client''',
           'tags': [],
           'desc': '''This policy is no longer supported.
           Enables usage of STUN and relay servers when connecting to a remote client.
 
           If this setting is enabled, then this machine can discover and connect to remote host machines even if they are separated by a firewall.
 
           If this setting is disabled and outgoing UDP connections are filtered by the firewall, then this machine can only connect to host machines within the local network.''',
         },
         {
+          'name': 'RemoteAccessHostClientDomain',

[Jamie, 2016/01/28 01:02:22]

I'm not a fan of this name, but by convention, all host-side policies begin with
RemoteAccessHost, and since this restricts the client domain, it seems apt. I'm
open to alternatives.

+          'type': 'string',
+          'schema': { 'type': 'string' },
+          'supported_on': ['chrome.*:22-', 'chrome_os:41-'],
+          'features': {
+            'dynamic_refresh': True,
+            'per_profile': False,
+          },
+          'example_value': 'my-awesome-domain.com',
+          'id': 316,
+          'caption': '''Configure the required domain name for remote access clients''',
+          'tags': [],
+          'desc': '''Configures the required client domain name that will be imposed on remote access clients and prevents users from changing it.
+
+          If this setting is enabled, then only clients from the specified domain can connect to the host.
+
+          If this setting is disabled or not set, then client from any domain can connect to the host.''',

[Sergey Ulanov, 2016/01/28 19:42:46]

For Me2me host only owner can connect. I think it should be mentioned here. Also
maybe add a sentence about RemoteAccessHostDomain policy.

Also this policy is currently implemented for It2Me only, but it's not mentioned
in the description. Potentially this policy can be useful for Me2Me,
particularly if we were to add host sharing, so maybe implement it for me2me
too? Otherwise behavior with this this policy set and without
RemoteAccessHostDomain would not match what one would expect in that case.

[Jamie, 2016/01/29 02:23:27]

Done.

+        },
+        {
           'name': 'RemoteAccessHostFirewallTraversal',
           'type': 'main',
           'schema': { 'type': 'boolean' },
           'supported_on': ['chrome.*:14-', 'chrome_os:41-'],
           'features': {
             'dynamic_refresh': True,
             'per_profile': False,
           },
           'example_value': False,
           'id': 95,
@@ skipping 7563 matching lines @@
       'desc': '''Text appended in parentheses next to the policies top-level container to indicate that those policies are of the Recommended level''',
       'text': 'Default Settings (users can override)',
     },
     'doc_complex_policies_on_windows': {
       'desc': '''Text pointing the user to a help article for complex policies on Windows''',
       'text': '''encoded as a JSON string, for details see <ph name="COMPLEX_POLICIES_URL">https://www.chromium.org/administrators/complex-policies-on-windows<ex>https://www.chromium.org/administrators/complex-policies-on-windows</ex></ph>''',
     },
   },
   'placeholders': [],
 }