Add support for multiple allowed domains

remoting/host/remoting_me2me_host.cc

Index: remoting/host/remoting_me2me_host.cc
diff --git a/remoting/host/remoting_me2me_host.cc b/remoting/host/remoting_me2me_host.cc
index abda26939b3245542a784e5225c3bbb552acd8b3..ed1b2ab2857513c321eadae86294b807c59dae3f 100644
--- a/remoting/host/remoting_me2me_host.cc
+++ b/remoting/host/remoting_me2me_host.cc
@@ -287,10 +287,13 @@ class HostProcess : public ConfigWatcher::Delegate,
   void OnPolicyUpdate(std::unique_ptr<base::DictionaryValue> policies);
   void OnPolicyError();
   void ReportPolicyErrorAndRestartHost();
+  void HostDomainPolicyHelper(const std::vector<std::string>& domains);
   void ApplyHostDomainPolicy();
   void ApplyUsernamePolicy();
   bool OnClientDomainPolicyUpdate(base::DictionaryValue* policies);
+  bool OnClientDomainListPolicyUpdate(base::DictionaryValue* policies);
   bool OnHostDomainPolicyUpdate(base::DictionaryValue* policies);
+  bool OnHostDomainListPolicyUpdate(base::DictionaryValue* policies);
   bool OnUsernamePolicyUpdate(base::DictionaryValue* policies);
   bool OnNatPolicyUpdate(base::DictionaryValue* policies);
   bool OnRelayPolicyUpdate(base::DictionaryValue* policies);
@@ -369,7 +372,9 @@ class HostProcess : public ConfigWatcher::Delegate,
   std::unique_ptr<PolicyWatcher> policy_watcher_;
   PolicyState policy_state_ = POLICY_INITIALIZING;
   std::string client_domain_;
+  std::vector<std::string> client_domain_list_;
   std::string host_domain_;
+  std::vector<std::string> host_domain_list_;
   bool host_username_match_required_ = false;
   bool allow_nat_traversal_ = true;
   bool allow_relay_ = true;
@@ -1014,6 +1019,7 @@ void HostProcess::OnPolicyUpdate(
   bool restart_required = false;
   restart_required |= OnClientDomainPolicyUpdate(policies.get());
   restart_required |= OnHostDomainPolicyUpdate(policies.get());
+  restart_required |= OnHostDomainListPolicyUpdate(policies.get());
   restart_required |= OnCurtainPolicyUpdate(policies.get());
   // Note: UsernamePolicyUpdate must run after OnCurtainPolicyUpdate.
   restart_required |= OnUsernamePolicyUpdate(policies.get());
@@ -1062,29 +1068,46 @@ void HostProcess::ReportPolicyErrorAndRestartHost() {
   RestartHost(kHostOfflineReasonPolicyReadError);
 }
 
-void HostProcess::ApplyHostDomainPolicy() {
+template<typename T> struct S;
+
+void HostProcess::HostDomainPolicyHelper(

[Sergey Ulanov, 2017/02/10 22:25:13]

Maybe call this VerifyHostDomain()?
In general most function names should be verbs, except events handlers (e.g.
OnClick()).

I think the logic in this file could be much simpler if we avoid adding a new
policy and instead allow comma-separated list for the policy we already have.

+    const std::vector<std::string>& domains) {
   if (state_ != HOST_STARTED)
     return;
 
-  HOST_LOG << "Policy sets host domain: " << host_domain_;
+  HOST_LOG << "Policy sets host domains: " << base::JoinString(domains, ", ");
 
-  if (!host_domain_.empty()) {
-    // If the user does not have a Google email, their client JID will not be
-    // based on their email. In that case, the username/host domain policies
-    // would be meaningless, since there is no way to check that the JID
-    // trying to connect actually corresponds to the owner email in question.
-    if (host_owner_ != host_owner_email_) {
-      LOG(ERROR) << "The username and host domain policies cannot be enabled "
-                 << "for accounts with a non-Google email.";
-      ShutdownHost(kInvalidHostDomainExitCode);
-    }
+  // If the user does not have a Google email, their client JID will not be
+  // based on their email. In that case, the username/host domain policies
+  // would be meaningless, since there is no way to check that the JID
+  // trying to connect actually corresponds to the owner email in question.
+  if (host_owner_ != host_owner_email_) {
+    LOG(ERROR) << "The username and host domain policies cannot be enabled "
+               << "for accounts with a non-Google email.";
+    ShutdownHost(kInvalidHostDomainExitCode);
+    return;
+  }
 
-    if (!base::EndsWith(host_owner_, std::string("@") + host_domain_,
-                        base::CompareCase::INSENSITIVE_ASCII)) {
-      LOG(ERROR) << "The host domain does not match the policy.";
-      ShutdownHost(kInvalidHostDomainExitCode);
+  bool matched = false;
+  for (const std::string& domain : domains) {
+    if (base::EndsWith(host_owner_, std::string("@") + domain,
+                       base::CompareCase::INSENSITIVE_ASCII)) {
+      matched = true;
     }
   }
+  if (!matched) {
+    LOG(ERROR) << "The host domain does not match the policy.";
+    ShutdownHost(kInvalidHostDomainExitCode);
+  }
+}
+
+void HostProcess::ApplyHostDomainPolicy() {
+  if (!host_domain_.empty()) {
+    HostDomainPolicyHelper({host_domain_});
+  }
+  if (!host_domain_list_.empty()) {
+    HostDomainPolicyHelper(host_domain_list_);
+  }
 }
 
 bool HostProcess::OnHostDomainPolicyUpdate(base::DictionaryValue* policies) {
@@ -1096,7 +1119,36 @@ bool HostProcess::OnHostDomainPolicyUpdate(base::DictionaryValue* policies) {
     return false;
   }
 
-  ApplyHostDomainPolicy();
+  if (!host_domain_.empty()) {
+    HostDomainPolicyHelper({host_domain_});
+  }
+  return false;
+}
+
+bool HostProcess::OnHostDomainListPolicyUpdate(
+    base::DictionaryValue* policies) {
+  // Returns true if the host has to be restarted after this policy update.
+  DCHECK(context_->network_task_runner()->BelongsToCurrentThread());
+
+  const base::ListValue* list;
+  if (!policies->GetList(policy::key::kRemoteAccessHostDomainList, &list)) {
+    return false;
+  }
+
+  host_domain_list_.clear();
+  for (const auto &value : *list) {

[Sergey Ulanov, 2017/02/10 22:25:13]

Space goes after '&, not before it, i.e. 'const auto& value'.

+    const base::StringValue* domain;
+    if(!value->GetAsString(&domain)) {
+      // Should be prevented by policy validation
+      DCHECK(false);
+      continue;
+    }
+    host_domain_list_.push_back(domain->GetString());
+  }
+
+  if (!host_domain_list_.empty()) {
+    HostDomainPolicyHelper(host_domain_list_);
+  }
   return false;
 }