Add support for multiple allowed domains

remoting/host/policy_watcher.cc

Index: remoting/host/policy_watcher.cc
diff --git a/remoting/host/policy_watcher.cc b/remoting/host/policy_watcher.cc
index 569e3289c887f130aa6dcbf0dc79105f2a27f629..6b868cf3b5fb7edd92ab9234bf81ef3e0b5453b7 100644
--- a/remoting/host/policy_watcher.cc
+++ b/remoting/host/policy_watcher.cc
@@ -181,8 +181,10 @@ PolicyWatcher::PolicyWatcher(
   default_values_->SetBoolean(key::kRemoteAccessHostFirewallTraversal, true);
   default_values_->SetBoolean(key::kRemoteAccessHostRequireCurtain, false);
   default_values_->SetBoolean(key::kRemoteAccessHostMatchUsername, false);
-  default_values_->SetString(key::kRemoteAccessHostClientDomain, std::string());
-  default_values_->SetString(key::kRemoteAccessHostDomain, std::string());
+  default_values_->Set(key::kRemoteAccessHostClientDomainList,
+                       base::MakeUnique<base::ListValue>());
+  default_values_->Set(key::kRemoteAccessHostDomainList,
+                       base::MakeUnique<base::ListValue>());
   default_values_->SetString(key::kRemoteAccessHostTalkGadgetPrefix,
                              kDefaultHostTalkGadgetPrefix);
   default_values_->SetString(key::kRemoteAccessHostTokenUrl, std::string());
@@ -232,6 +234,7 @@ bool PolicyWatcher::NormalizePolicies(base::DictionaryValue* policy_dict) {
       LOG(WARNING) << "Unknown (unrecognized or unsupported) policy: " << path
                    << ": " << error;
     }
+    HandleDeprecatedPolicies(policy_dict);
     return true;
   } else {
     LOG(ERROR) << "Invalid policy contents: " << path << ": " << error;
@@ -239,6 +242,33 @@ bool PolicyWatcher::NormalizePolicies(base::DictionaryValue* policy_dict) {
   }
 }
 
+void PolicyWatcher::HandleDeprecatedPolicies(base::DictionaryValue* dict) {
+  // RemoteAccessHostDomain
+  if (dict->HasKey(policy::key::kRemoteAccessHostDomain)) {
+    if (!dict->HasKey(policy::key::kRemoteAccessHostDomainList)) {
+      std::string domain;
+      dict->GetString(policy::key::kRemoteAccessHostDomain, &domain);
+      auto list = base::MakeUnique<base::ListValue>();
+      list->AppendString(domain);
+      dict->Set(policy::key::kRemoteAccessHostDomainList, std::move(list));
+    }
+    dict->Remove(policy::key::kRemoteAccessHostDomain, nullptr);
+  }
+
+  // RemoteAccessHostClientDomain
+  if (dict->HasKey(policy::key::kRemoteAccessHostClientDomain)) {
+    if (!dict->HasKey(policy::key::kRemoteAccessHostClientDomainList)) {
+      std::string domain;
+      dict->GetString(policy::key::kRemoteAccessHostClientDomain, &domain);
+      auto list = base::MakeUnique<base::ListValue>();
+      list->AppendString(domain);
+      dict->Set(policy::key::kRemoteAccessHostClientDomainList,
+                std::move(list));
+    }
+    dict->Remove(policy::key::kRemoteAccessHostClientDomain, nullptr);
+  }
+}

[Jamie, 2017/04/19 00:29:02]

Does the existing PolicyWatcher test code cover this?

[rkjnsn, 2017/04/19 16:45:26]

It's getting exercised by the It2MeHost tests, but it probably makes sense to
add an explicit test in the PolicyWatcher tests.

+
 namespace {
 void CopyDictionaryValue(const base::DictionaryValue& from,
                          base::DictionaryValue& to,