Add support for multiple allowed domains

components/policy/resources/policy_templates.json

 {
 # policy_templates.json - Metafile for policy templates
 #
 # The content of this file is evaluated as a Python expression.
 #
 # This file is used as input to generate the following policy templates:
 # ADM, ADMX+ADML, MCX/plist and html documentation.
 #
 # Policy templates are user interface definitions or documents about the
 # policies that can be used to configure Chrome. Each policy is a name-value
@@ skipping 121 matching lines @@
 #   templates and documentation. The policy definition list that Chrome sees
 #   will include policies marked with 'future'. If a WIP policy isn't meant to
 #   be seen by the policy providers either, the 'supported_on' key should be set
 #   to an empty list.
 #
 # IDs:
 #   Since a Protocol Buffer definition is generated from this file, unique and
 #   persistent IDs for all fields (but not for groups!) are needed. These are
 #   specified by the 'id' keys of each policy. NEVER CHANGE EXISTING IDs,
 #   because doing so would break the deployed wire format!
-#   For your editing convenience: highest ID currently used: 360
+#   For your editing convenience: highest ID currently used: 362
 #   And don't forget to also update the EnterprisePolicies enum of
 #   histograms.xml.
 #
 # Placeholders:
 #   The following placeholder strings are automatically substituted:
 #     $1 -> Google Chrome / Chromium
 #     $2 -> Google Chrome OS / Chromium OS
 #     $3 -> Google Chrome Frame / Chromium Frame
 #     $6 is reserved for doc_writer
 #
@@ skipping 621 matching lines @@
           'example_value': 'my-awesome-domain.com',
           'id': 316,
           'caption': '''Configure the required domain name for remote access clients''',
           'tags': [],
           'desc': '''Configures the required client domain name that will be imposed on remote access clients and prevents users from changing it.
 
           If this setting is enabled, then only clients from the specified domain can connect to the host.
 
           If this setting is disabled or not set, then the default policy for the connection type is applied. For remote assistance, this allows clients from any domain can connect to the host; for anytime remote access, only the host owner can connect.
 
+          This setting will not override RemoteAccessHostClientDomainList. If both are set, a client can only connect if accepted by both policies.
+
           See also RemoteAccessHostDomain.''',
         },
         {
+          'name': 'RemoteAccessHostClientDomainList',
+          'type': 'list',
+          'schema': {
+            'type': 'array',
+            'items': { 'type': 'string' },
+          },
+          'supported_on': ['chrome.*:58-', 'chrome_os:58-'],
+          'features': {
+            'dynamic_refresh': True,
+            'per_profile': False,
+          },
+          'example_value': ['my-awesome-domain.com', 'my-auxiliary-domain.com'],
+          'id': 362,
+          'caption': '''Configure the required domain names for remote access clients''',
+          'tags': [],
+          'desc': '''Configures the required client domain names that will be imposed on remote access clients and prevents users from changing it.
+
+          This setting is similar to RemoteAccessHostClientDomain, but allows multiple allowed domains to be specified.
+
+          If this setting is enabled, then only clients from one of the specified domains can connect to the host.
+
+          If this setting is disabled or not set, then the default policy for the connection type is applied. For remote assistance, this allows clients from any domain can connect to the host; for anytime remote access, only the host owner can connect.
+
+          This setting will not override RemoteAccessHostClientDomain. If both are set, a client can only connect if accepted by both policies.
+
+          See also RemoteAccessHostDomainList.''',
+        },
+        {
           'name': 'RemoteAccessHostFirewallTraversal',
           'type': 'main',
           'schema': { 'type': 'boolean' },
           'supported_on': ['chrome.*:14-', 'chrome_os:41-'],
           'features': {
             'dynamic_refresh': True,
             'per_profile': False,
           },
           'example_value': False,
           'id': 95,
@@ skipping 19 matching lines @@
           'example_value': 'my-awesome-domain.com',
           'id': 154,
           'caption': '''Configure the required domain name for remote access hosts''',
           'tags': [],
           'desc': '''Configures the required host domain name that will be imposed on remote access hosts and prevents users from changing it.
 
           If this setting is enabled, then hosts can be shared only using accounts registered on the specified domain name.
 
           If this setting is disabled or not set, then hosts can be shared using any account.
 
+          This setting will not override RemoteAccessHostDomainList. If both are set, a host can be shared by an account satisfying both policies.
+
           See also RemoteAccessHostClientDomain.''',
         },
         {
+          'name': 'RemoteAccessHostDomainList',

[Sergey Ulanov, 2017/02/10 22:25:13]

Instead of adding new policy can we just extend RemoteAccessHostDomain to allow
comma-separate list of domains?

Same question about RemoteAccessHostClientDomainList

[rkjnsn, 2017/02/11 00:50:11]

Personally, I don't like the idea of parsing our own list from a string field
when policies support list fields. We could do it, but I don't like it.

[Sergey Ulanov, 2017/02/11 01:03:48]

I agree it's not ideal, but having two policies for the same feature seems worse
(particularly because it greatly complicates the code that handles these
policies).

+          'type': 'list',
+          'schema': {
+            'type': 'array',
+            'items': {'type': 'string' },
+          },
+          'supported_on': ['chrome.*:58-', 'chrome_os:58-'],
+          'features': {
+            'dynamic_refresh': True,
+            'per_profile': False,
+          },
+          'example_value': ['my-awesome-domain.com', 'my-auxiliary-domain.com'],
+          'id': 361,
+          'caption': '''Configure the required domain names for remote access hosts''',
+          'tags': [],
+          'desc': '''Configures the required host domain names that will be imposed on remote access hosts and prevents users from changing it.
+
+          This setting is similar to RemoteAccessHostDomain, but allows multiple allowed domains to be specified.
+
+          If this setting is enabled, then hosts can be shared only using accounts registered on one of the specified domain names.
+
+          If this setting is disabled or not set, then hosts can be shared using any account.
+
+          This setting will not override RemoteAccessHostDomain. If both are set, a host can be shared by an account satisfying both policies.
+
+          See also RemoteAccessHostClientDomainList.''',
+        },
+        {
           'name': 'RemoteAccessHostRequireTwoFactor',
           'type': 'main',
           'schema': { 'type': 'boolean' },
           'supported_on': ['chrome.*:22-22'],
           'features': {
             'dynamic_refresh': True,
             'per_profile': False,
           },
           # Mark this 'removed' when https://crbug.com/100216 is resolved.
           'deprecated': True,
@@ skipping 8738 matching lines @@
       'desc': '''Text appended in parentheses next to the policies top-level container to indicate that those policies are of the Recommended level''',
       'text': 'Default Settings (users can override)',
     },
     'doc_complex_policies_on_windows': {
       'desc': '''Text pointing the user to a help article for complex policies on Windows''',
       'text': '''encoded as a JSON string, for details see <ph name="COMPLEX_POLICIES_URL">https://www.chromium.org/administrators/complex-policies-on-windows<ex>https://www.chromium.org/administrators/complex-policies-on-windows</ex></ph>''',
     },
   },
   'placeholders': [],
 }