Network traffic annotation added to supervised users.

chrome/browser/supervised_user/child_accounts/permission_request_creator_apiary.cc

Index: chrome/browser/supervised_user/child_accounts/permission_request_creator_apiary.cc
diff --git a/chrome/browser/supervised_user/child_accounts/permission_request_creator_apiary.cc b/chrome/browser/supervised_user/child_accounts/permission_request_creator_apiary.cc
index f887bb5ca9697af7709a4d452c8b91ef3a4af18b..9f5754a483c9a4d66876fd4009b4d5ab01c5ee2e 100644
--- a/chrome/browser/supervised_user/child_accounts/permission_request_creator_apiary.cc
+++ b/chrome/browser/supervised_user/child_accounts/permission_request_creator_apiary.cc
@@ -25,6 +25,7 @@
 #include "net/base/load_flags.h"
 #include "net/base/net_errors.h"
 #include "net/http/http_status_code.h"
+#include "net/traffic_annotation/network_traffic_annotation.h"
 #include "net/url_request/url_fetcher.h"
 #include "net/url_request/url_request_status.h"
 #include "url/gurl.h"
@@ -182,8 +183,30 @@ void PermissionRequestCreatorApiary::OnGetTokenSuccess(
   DCHECK(it != requests_.end());
   (*it)->access_token = access_token;
 
-  (*it)->url_fetcher = URLFetcher::Create((*it)->url_fetcher_id, GetApiUrl(),
-                                          URLFetcher::POST, this);
+  net::NetworkTrafficAnnotationTag traffic_annotation =
+      net::DefineNetworkTrafficAnnotation("...", R"(

[Bernhard Bauer, 2017/03/14 10:02:49]

permission_request_creator

[Ramin Halavati, 2017/03/14 10:56:20]

Done.

+        semantics {
+          sender: "..."

[Bernhard Bauer, 2017/03/14 10:02:49]

supervised_users

[Ramin Halavati, 2017/03/14 10:56:20]

Done.

+          description: "..."

[Bernhard Bauer, 2017/03/14 10:02:49]

Requests permission for the user to access a blocked site.

[Ramin Halavati, 2017/03/14 10:56:20]

Done.

+          trigger: "..."

[Bernhard Bauer, 2017/03/14 10:02:48]

Initiated by the user.

[Ramin Halavati, 2017/03/14 10:56:19]

Done.

+          data: "..."

[Bernhard Bauer, 2017/03/14 10:02:49]

The request is authenticated with an OAuth2 access token identifying the Google
account and contains the URL that the user requests access to.

[Ramin Halavati, 2017/03/14 10:56:20]

Done.

+          destination: WEBSITE/GOOGLE_OWNED_SERVICE/OTHER
+        }
+        policy {
+          cookies_allowed: false/true

[Bernhard Bauer, 2017/03/14 10:02:48]

false

[Ramin Halavati, 2017/03/14 10:56:20]

Done.

+          cookies_store: "..."

[Bernhard Bauer, 2017/03/14 10:02:49]

user

[Ramin Halavati, 2017/03/14 10:56:19]

Done.

+          setting: "..."

[Bernhard Bauer, 2017/03/14 10:02:48]

This feature is only enabled for child accounts. If sign-in is restricted to
accounts from a managed domain, those accounts are not going to be child
accounts.

[Ramin Halavati, 2017/03/14 10:56:19]

Done.

+          chrome_policy {
+            [POLICY_NAME] {

[Bernhard Bauer, 2017/03/14 10:02:48]

RestrictSigninToPattern

[Ramin Halavati, 2017/03/14 10:56:20]

Done.

+              policy_options {mode: MANDATORY/RECOMMENDED/UNSET}

[Bernhard Bauer, 2017/03/14 10:02:49]

MANDATORY

[Ramin Halavati, 2017/03/14 10:56:19]

Done.

+              [POLICY_NAME]: ... //(value to disable it)

[Bernhard Bauer, 2017/03/14 10:02:49]

"*@manageddomain.com"

[Ramin Halavati, 2017/03/14 10:56:19]

Done.

+            }
+          }
+          policy_exception_justification: "..."
+        })");
+  (*it)->url_fetcher =
+      URLFetcher::Create((*it)->url_fetcher_id, GetApiUrl(), URLFetcher::POST,
+                         this, traffic_annotation);
 
   data_use_measurement::DataUseUserData::AttachToFetcher(
       (*it)->url_fetcher.get(),