blob: 2ea880939f4f79e00e31f74cbbef5a949077da7a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
|
// Copyright 2017 The Chromium OS Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
syntax = "proto2";
option optimize_for = LITE_RUNTIME;
package login_manager;
// Specifies the account type that the |account_id| in PolicyDescriptor
// references.
enum PolicyAccountType {
// |account_id| must be empty. Policy is stored in a device-wide root-owned
// location.
ACCOUNT_TYPE_DEVICE = 0;
// |account_id| references a user account. Policy is stored on the user's
// cryptohome.
ACCOUNT_TYPE_USER = 1;
// |account_id| references a user account where the user session hasn't been
// added to Session Manager yet. Special case to retrieve user policy on the
// login screen.
ACCOUNT_TYPE_SESSIONLESS_USER = 2;
// |account_id| references a device local account. Policy is stored in a
// device-wide root-owned location in a folder that depends on |account_id|.
ACCOUNT_TYPE_DEVICE_LOCAL_ACCOUNT = 3;
// Next ID to use: 4
};
// Within a given account, policies are namespaced by a
// (|domain|, |component_id|) pair in PolicyDescriptor.
// The meaning of the |component_id| depends on the domain, see below.
enum PolicyDomain {
// Domain for Chrome policies. |component_id| must be empty.
POLICY_DOMAIN_CHROME = 0;
// Domain for policies for regular Chrome extensions. |component_id| must be
// equal to the extension ID.
POLICY_DOMAIN_EXTENSIONS = 1;
// Domain for policies for Chrome extensions running under the Chrome OS
// signin profile. |component_id| must be equal to the extension ID.
POLICY_DOMAIN_SIGNIN_EXTENSIONS = 2;
// Next ID to use: 3
};
// Descriptor for policy blobs to give SessionManager's StorePolicy*Ex and
// RetrievePolicyEx enough context to decide how to store policy.
message PolicyDescriptor {
// The pair (|account_type|, |account_id|) determines the account for policy
// storage.
optional PolicyAccountType account_type = 1;
// The meaning of |account_id| depends on |account_type|, see
// PolicyAccountType.
optional string account_id = 2;
// The pair (|domain|, |component_id|) determines the namespace for policy
// storage.
optional PolicyDomain domain = 3;
// The meaning of |component_id| depends on |domain|, see PolicyDomain.
optional string component_id = 4;
// Next ID to use: 5
}
|
