Removed the old policy protobufs location.
The policy protobufs were duplicated at chrome/browser/policy/proto
so that the protofiles ebuild of ChromeOS could still fetch them.
That ebuild has been fixed in a separate CL at:
https://chromium-review.googlesource.com/#/c/182300/
BUG=327345
Review URL: https://codereview.chromium.org/137903004
git-svn-id: http://src.chromium.org/svn/trunk/src/chrome/browser/policy/proto@245133 4ff67af0-8c30-449e-8e8b-ad334ec8d88c
diff --git a/PRESUBMIT.py b/PRESUBMIT.py
deleted file mode 100644
index 50d1314..0000000
--- a/PRESUBMIT.py
+++ /dev/null
@@ -1,67 +0,0 @@
-# Copyright 2013 The Chromium Authors. All rights reserved.
-# Use of this source code is governed by a BSD-style license that can be
-# found in the LICENSE file.
-
-# TODO(joaodasilva): remove this file. http://crbug.com/327345
-
-import itertools
-
-def _CheckPolicyProtobufs(input_api, output_api):
- # List of pairs (A, B) where A should equal B.
- file_pairs = [
- ( 'chrome/browser/policy/proto/chromeos/chrome_device_policy.proto',
- 'chrome/browser/chromeos/policy/proto/chrome_device_policy.proto' ),
- ( 'chrome/browser/policy/proto/chromeos/install_attributes.proto',
- 'chrome/browser/chromeos/policy/proto/install_attributes.proto' ),
- ( 'chrome/browser/policy/proto/cloud/chrome_extension_policy.proto',
- 'components/policy/proto/chrome_extension_policy.proto' ),
- ( 'chrome/browser/policy/proto/cloud/device_management_backend.proto',
- 'components/policy/proto/device_management_backend.proto' ),
- ( 'chrome/browser/policy/proto/cloud/device_management_local.proto',
- 'components/policy/proto/device_management_local.proto' ),
- ( 'chrome/browser/policy/proto/PRESUBMIT.py',
- 'components/policy/proto/PRESUBMIT.py' ),
- ( 'chrome/browser/chromeos/policy/proto/PRESUBMIT.py',
- 'components/policy/proto/PRESUBMIT.py' ),
- ]
-
- root = input_api.change.RepositoryRoot()
- results = []
-
- for file_a, file_b in file_pairs:
- path_a = input_api.os_path.join(root, *file_a.split('/'))
- path_b = input_api.os_path.join(root, *file_b.split('/'))
- with open(path_a, 'r') as f_a:
- content_a = f_a.readlines()[3:]
- with open(path_b, 'r') as f_b:
- content_b = f_b.readlines()[3:]
- if content_a != content_b:
- # If you get this error then check |file_pairs| and make sure that the
- # contents of the files in each pair match.
- results.append(output_api.PresubmitError(
- '%s must equal %s. This is temporary until http://crbug.com/327345 '
- 'is fixed.' % (file_a, file_b)))
-
- # If new files are added then |file_pairs| must be updated.
- existing = frozenset(itertools.chain(*file_pairs))
- for f in input_api.AffectedFiles():
- if f.LocalPath() not in existing:
- # If you get this error then add an entry for the new files to
- # |file_pairs|.
- results.append(output_api.PresubmitError(
- 'Please add an entry for %s to %s/PRESUBMIT.py' %
- (f.LocalPath(), input_api.PresubmitLocalPath())))
-
- return results
-
-
-def _CommonChecks(input_api, output_api):
- return _CheckPolicyProtobufs(input_api, output_api)
-
-
-def CheckChangeOnUpload(input_api, output_api):
- return _CommonChecks(input_api, output_api)
-
-
-def CheckChangeOnCommit(input_api, output_api):
- return _CommonChecks(input_api, output_api)
diff --git a/chromeos/chrome_device_policy.proto b/chromeos/chrome_device_policy.proto
deleted file mode 100644
index b841f1f..0000000
--- a/chromeos/chrome_device_policy.proto
+++ /dev/null
@@ -1,585 +0,0 @@
-// Copyright (c) 2012 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-syntax = "proto2";
-
-option optimize_for = LITE_RUNTIME;
-
-package enterprise_management;
-
-message DevicePolicyRefreshRateProto {
- // In milliseconds.
- optional int64 device_policy_refresh_rate = 1;
-}
-
-message UserWhitelistProto {
- // If a UserWhitelistProto is included in the ChromeDeviceSettingsProto but
- // the user_whitelist field is empty then no user can sign-in.
- repeated string user_whitelist = 1;
-}
-
-message AllowNewUsersProto {
- // Determines whether we allow arbitrary users to log into the device.
- // This interacts with the UserWhitelistProto as follows:
- // allow_new_users | user_whitelist | anyone can log in
- //-----------------+--------------------+------------------
- // present, true | not present | Yes
- //-----------------+--------------------+------------------
- // present, true | present | Yes
- //-----------------+--------------------+------------------
- // present, false | not present | (Broken) Yes
- //-----------------+--------------------+------------------
- // present, false | present | No, W/L enforced
- //-----------------+--------------------+------------------
- // not present | not present | Yes
- //-----------------+--------------------+------------------
- // not present | present, empty | Yes
- //-----------------+--------------------+------------------
- // not present | present, non-empty | No, W/L enforced
- //-----------------+--------------------+------------------
- optional bool allow_new_users = 1 [default = true];
-}
-
-message GuestModeEnabledProto {
- // Determines if guests are allowed to log in to the device.
- optional bool guest_mode_enabled = 1 [default = true];
-}
-
-message ShowUserNamesOnSigninProto {
- // Determines if we show pods for existing users on the sign in screen.
- optional bool show_user_names = 1 [default = true];
-}
-
-message DataRoamingEnabledProto {
- // Determines if cellular data roaming is enabled.
- optional bool data_roaming_enabled = 1 [default = false];
-}
-
-message DeviceProxySettingsProto {
- // One of "direct", "auto_detect", "pac_script", "fixed_servers", "system"
- optional string proxy_mode = 1;
- optional string proxy_server = 2;
- optional string proxy_pac_url = 3;
- optional string proxy_bypass_list = 4;
-}
-
-// This is used by chromeos, make sure to do cleanup there before marking it as
-// obsolette.
-message CameraEnabledProto {
- optional bool camera_enabled = 1;
-}
-
-message MetricsEnabledProto {
- optional bool metrics_enabled = 1;
-}
-
-message ReleaseChannelProto {
- // One of "stable-channel", "beta-channel", or "dev-channel"
- optional string release_channel = 1;
-
- // If |release_channel_delegated| is set to true and the |release_channel|
- // field is not set or left empty, the user can select the channel. If the
- // |release_channel| is specified it will always override users choice!
- optional bool release_channel_delegated = 2;
-}
-
-message DeviceOpenNetworkConfigurationProto {
- // The network configuration blob. This is a JSON string as specified by ONC.
- optional string open_network_configuration = 1;
-}
-
-// Policies to turn on portions of the device status reports.
-message DeviceReportingProto {
- optional bool report_version_info = 1;
- optional bool report_activity_times = 2;
- optional bool report_boot_mode = 3;
- optional bool report_location = 4;
- optional bool report_network_interfaces = 5;
- optional bool report_users = 6;
-}
-
-message EphemeralUsersEnabledProto {
- // Determines whether users should be treated as ephemeral. In ephemeral users
- // mode, no cryptohome is created for the user, but a tmpfs mount is used
- // instead such that upon logout all user state is discarded.
- optional bool ephemeral_users_enabled = 1;
-}
-
-// Details of an extension to install as part of the AppPack.
-message AppPackEntryProto {
- optional string extension_id = 1;
- optional string update_url = 2;
-
- // This field was added but never used and there are no plans to support it
- // eventually either.
- optional bool OBSOLETE_online_only = 3 [deprecated = true];
-}
-
-message AppPackProto {
- // List of extensions to install as part of the AppPack.
- repeated AppPackEntryProto app_pack = 1;
-}
-
-// This is a special policy for kiosk/retail mode that specifies what apps
-// should be pinned to the launcher. For regular accounts, pinned apps are
-// controlled through user policy.
-message PinnedAppsProto {
- // App IDs for the apps to pin.
- repeated string app_id = 1;
-}
-
-message ForcedLogoutTimeoutsProto {
- // All timeouts are specified in milliseconds.
-
- // Specifies the timeout before an idle user session is terminated.
- // If this field is omitted or set to 0, no logout on idle will be performed.
- optional int64 idle_logout_timeout = 1;
-
- // Specifies the duration of a warning countdown before the user is logged out
- // because of idleness as specified by the |idle_logout_timeout| value.
- // This field is only used if |idle_logout_timeout| != 0 is specified.
- optional int64 idle_logout_warning_duration = 2;
-}
-
-message ScreenSaverProto {
- // Specifies the extension ID which is to be used as a screen saver on the
- // login screen if no user activity is present. Only respected if the device
- // is in RETAIL mode.
- optional string screen_saver_extension_id = 1;
-
- // Specifies the timeout before the screen saver is activated. If this field
- // is omitted or set to 0, no screen-saver will be started.
- // Measured in milliseconds.
- optional int64 screen_saver_timeout = 2;
-}
-
-// Enterprise controls for auto-update behavior of Chrome OS.
-message AutoUpdateSettingsProto {
- // True if we don't want the device to auto-update (target_version_prefix is
- // ignored in this case).
- optional bool update_disabled = 1;
-
- // Specifies the prefix of the target version we want the device to
- // update to, if it's on a older version. If the device is already on
- // a version with the given prefix, then there's no effect. If the device is
- // on a higher version, it will remain on the higher version as we
- // don't support rollback yet. The format of this version can be one
- // of the following:
- // ---------------------------------------------------------------------
- // "" (or not set at all): update to latest version available.
- // 1412.: update to any minor version of 1412 (e.g. 1412.24.34 or 1412.60.2)
- // 1412.2.: update to any minor version of 1412.2 (e.g. 1412.2.34 or 1412.2.2)
- // 1412.24.34: update to this specific version only
- // ---------------------------------------------------------------------
- optional string target_version_prefix = 2;
-
- // The Chrome browser version (e.g. "17.*") corresponding to the
- // target_version_prefix above. The target_version_prefix is the internal OS
- // version that external users normally are not aware of. This display_name
- // can be used by the devices to display a message to end-users about the auto
- // update setting.
- optional string target_version_display_name = 3;
-
- // Specifies the number of seconds up to which a device may randomly
- // delay its download of an update from the time the update was first pushed
- // out to the server. The device may wait a portion of this time in terms
- // of wall-clock-time and the remaining portion in terms of the number of
- // update checks. In any case, the scatter is upper bounded by a constant
- // amount of time so that a device does not ever get stuck waiting to download
- // an update forever.
- optional int64 scatter_factor_in_seconds = 4;
-
- // Enumerates network connection types.
- enum ConnectionType {
- CONNECTION_TYPE_ETHERNET = 0;
- CONNECTION_TYPE_WIFI = 1;
- CONNECTION_TYPE_WIMAX = 2;
- CONNECTION_TYPE_BLUETOOTH = 3;
- CONNECTION_TYPE_CELLULAR = 4;
- }
-
- // The types of connections that are OK to use for OS updates. OS updates
- // potentially put heavy strain on the connection due to their size and may
- // incur additional cost. Therefore, they are by default not enabled for
- // connection types that are considered expensive, which include WiMax,
- // Bluetooth and Cellular at the moment.
- repeated ConnectionType allowed_connection_types = 5;
-
- // This has been replaced by |reboot_after_update| below.
- optional bool OBSOLETE_reboot_after_update = 6 [deprecated = true];
-
- // True if AU payloads can be downloaded via HTTP. False otherwise.
- optional bool http_downloads_enabled = 7 [default = false];
-
- // True if the device should reboot automatically when an update has been
- // applied and a reboot is required to complete the update process.
- //
- // Note: Currently, automatic reboots are only enabled while the login screen
- // is being shown or a kiosk app session is in progress. This will change in
- // the future and the policy will always apply, regardless of whether a
- // session of any particular type is in progress or not.
- optional bool reboot_after_update = 8;
-
- // True if AU payloads may be shared with and consumed from other devices
- // on the LAN, using p2p. False otherwise.
- optional bool p2p_enabled = 9 [default = false];
-}
-
-message StartUpUrlsProto {
- // Specifies the URLs to be loaded on login to the anonymous account used if
- // the device is in RETAIL mode.
- repeated string start_up_urls = 1;
-}
-
-message SystemTimezoneProto {
- // Specifies an owner-determined timezone that applies to the login screen and
- // all users. Valid values are listed in "timezone_settings.cc". Additionally,
- // timezones from the "IANA Time Zone Database" (e.g. listed on wikipedia)
- // that are equivalent to one of the timezones in "timezone_settings.cc" are
- // valid. In case of an invalid value, the setting is still activated with a
- // fallback timezone (currently "GMT"). In case of an empty string or if no
- // value is provided, the timezone device setting is inactive. In that case,
- // the currently active timezone will remain in use however users can change
- // the timezone and the change is persistent. Thus a change by one user
- // affects the login-screen and all other users.
- optional string timezone = 1;
-}
-
-message SystemUse24HourClockProto {
- // Specifies an owner-determined clock format that applies to the login
- // screen and is used as a default for all user sessions. Users can still
- // override the format to use for their account.
- //
- // True and false select a 24 and 12 hour clock format, respectively. The
- // default format for the case the setting is not present is 24 hour clock.
- optional bool use_24hour_clock = 1;
-}
-
-// Parameters for Kiosk App device-local accounts.
-message KioskAppInfoProto {
- // Indicates the Kiosk App for the corresponding device-local account. The
- // string value should be a valid 32-character Chrome App identifier and
- // specifies the Kiosk App to download and run.
- optional string app_id = 1;
-
- // Obsolete: Kiosk Apps can only be installed from the Chrome Web Store.
- optional string OBSOLETE_update_url = 2 [deprecated = true];
-}
-
-// Describes a single device-local account.
-message DeviceLocalAccountInfoProto {
- // Deprecated: Account identifier for a public session device-local account.
- // Old code didn't have the |type| field, so it can't handle new types of
- // device-local accounts gracefully (i.e. ignoring unsupported types). New
- // code should instead set type to ACCOUNT_TYPE_PUBLIC_SESSION and write the
- // identifier to the |account_id| field below. If the |type| field is present,
- // |deprecated_public_session_id| will be ignored.
- optional string deprecated_public_session_id = 1;
-
- // Identifier for the device-local account. This is an opaque identifier that
- // is used to distinguish different device-local accounts configured. All
- // configured accounts on a device must have unique identifiers.
- optional string account_id = 2;
-
- // Indicates the type of device-local account.
- enum AccountType {
- // A login-less, policy-configured browsing session.
- ACCOUNT_TYPE_PUBLIC_SESSION = 0;
- // An account that serves as a container for a single full-screen app.
- ACCOUNT_TYPE_KIOSK_APP = 1;
- };
-
- // The account type.
- optional AccountType type = 3;
-
- // Kiosk App parameters, relevant if |type| is ACCOUNT_TYPE_KIOSK_APP.
- optional KioskAppInfoProto kiosk_app = 4;
-}
-
-message DeviceLocalAccountsProto {
- // The list of device-local accounts (i.e. accounts without an associated
- // cloud-backed profile) that are available on the device.
- repeated DeviceLocalAccountInfoProto account = 1;
-
- // The identifier of the device-local account to which the device
- // should be logged in automatically. Should be equal to one of the
- // ids in DeviceLocalAccountInfoProto.
- optional string auto_login_id = 2;
-
- // The amount of time, in milliseconds, that should elapse at the signin
- // screen without user interaction before automatically logging in.
- optional int64 auto_login_delay = 3;
-
- // Whether the keyboard shortcut to prevent zero-delay auto-login should be
- // enabled or not. If this keyboard shortcut is engaged, the auto-login will
- // be delayed by 3 seconds so administrators can log in or make configuration
- // changes.
- optional bool enable_auto_login_bailout = 4 [default = true];
-
- // Whether network configuration should be offered or not when the device
- // does not have access to the Internet. If the policy is omitted or set to
- // true, the network configuration will be offered. Otherwise, only an error
- // message is displayed.
- // Note: If both this policy and enable_auto_login_bailout policy above is
- // set to false, there are chances that the device might become totally
- // unusable when there is no Internet access and has to go through the
- // recovery process.
- optional bool prompt_for_network_when_offline = 5 [default = true];
-}
-
-message AllowRedeemChromeOsRegistrationOffersProto {
- // Chrome OS Registration service provides way for chromeos device users
- // to redeem electronic offers provided by service provider.
- // This value determines if users are allowed to redeem offers through
- // Chrome OS Registration service.
- optional bool allow_redeem_offers = 1 [default = true];
-}
-
-message StartUpFlagsProto {
- // The list of flags to be applied to chrome on start-up (back up store for
- // owner set flags in about:flags).
- repeated string flags = 1;
-}
-
-message UptimeLimitProto {
- // This has been replaced by |uptime_limit| below.
- optional int64 OBSOLETE_uptime_limit = 1 [deprecated = true];
-
- // Sets the length of device uptime after which an automatic reboot is
- // scheduled. An automatic reboot is scheduled at the selected time but may be
- // delayed on the device by up to 24 hours, e.g. if a user is currently using
- // the device or an app/extension has requested reboots to be inhibited
- // temporarily. The policy value should be specified in seconds.
- //
- // Note: Currently, automatic reboots are only enabled while the login screen
- // is being shown or a kiosk app session is in progress. This will change in
- // the future and the policy will always apply, regardless of whether a
- // session of any particular type is in progress or not.
- optional int64 uptime_limit = 2;
-}
-
-message VariationsParameterProto {
- // The string for the restrict parameter to be appended to the Variations URL
- // when pinging the Variations server.
- optional string parameter = 1;
-}
-
-message AttestationSettingsProto {
- // Attestation involves proving that a cryptographic key is protected by a
- // legitimate Chrome OS TPM and reporting the operating mode of the platform.
- // This setting enables enterprise attestation features at a device level. If
- // this is enabled a machine key will be generated and certified by the Chrome
- // OS CA. If this setting is disabled, even users with attestation settings
- // enabled will not be able to use those features on the device.
- optional bool attestation_enabled = 1 [default = false];
-
- // Chrome OS devices can use remote attestation (Verified Access) to get a
- // certificate issued by the Chrome OS CA that asserts the device is eligible
- // to play protected content. This process involves sending hardware
- // endorsement information to the Chrome OS CA which uniquely identifies the
- // device. This setting allows this feature to be disabled for the device
- // regardless of any user-specific settings.
- optional bool content_protection_enabled = 2 [default = true];
-}
-
-message AccessibilitySettingsProto {
- // Sets the default state of the large cursor accessibility feature on the
- // login screen. If this policy is set to true, the large cursor will be
- // enabled when the login screen is shown. If this policy is set to false, the
- // large cursor will be disabled when the login screen is shown. Users can
- // temporarily override this setting by enabling or disabling the large
- // cursor. However, the user's choice is not persistent and the default is
- // restored whenever the login screen is shown anew or the user remains idle
- // on the login screen for a minute. If this policy is left unset, the large
- // cursor is disabled when the login screen is first shown. Users can enable
- // or disable the large cursor anytime and its status on the login screen is
- // persisted between users.
- optional bool login_screen_default_large_cursor_enabled = 1;
-
- // Sets the default state of the spoken feedback accessibility feature on the
- // login screen. If this policy is set to true, spoken feedback will be
- // enabled when the login screen is shown. If this policy is set to false,
- // spoken feedback will be disabled when the login screen is shown. Users can
- // temporarily override this setting by enabling or disabling spoken feedback.
- // However, the user's choice is not persistent and the default is restored
- // whenever the login screen is shown anew or the user remains idle on the
- // login screen for a minute. If this policy is left unset, spoken feedback is
- // disabled when the login screen is first shown. Users can enable or disable
- // spoken feedback anytime and its status on the login screen is persisted
- // between users.
- optional bool login_screen_default_spoken_feedback_enabled = 2;
-
- // Sets the default state of the high contrast mode accessibility feature on
- // the login screen. If this policy is set to true, high contrast mode will be
- // enabled when the login screen is shown. If this policy is set to false,
- // high contrast mode will be disabled when the login screen is shown. Users
- // can temporarily override this setting by enabling or disabling high
- // contrast mode. However, the user's choice is not persistent and the default
- // is restored whenever the login screen is shown anew or the user remains
- // idle on the login screen for a minute. If this policy is left unset, high
- // contrast mode is disabled when the login screen is first shown. Users can
- // enable or disable high contrast mode anytime and its status on the login
- // screen is persisted between users.
- optional bool login_screen_default_high_contrast_enabled = 3;
-
- // Enumerates the screen magnifier types.
- enum ScreenMagnifierType {
- // Screen magnifier disabled.
- SCREEN_MAGNIFIER_TYPE_NONE = 0;
- // Full-screen magnifier enabled.
- SCREEN_MAGNIFIER_TYPE_FULL = 1;
- };
-
- // Sets the default type of screen magnifier that is enabled on the login
- // screen. If this policy is set, it controls the type of screen magnifier
- // that is enabled when the login screen is shown. Users can temporarily
- // override this setting by enabling or disabling the screen magnifier.
- // However, the user's choice is not persistent and the default is restored
- // whenever the login screen is shown anew or the user remains idle on the
- // login screen for a minute. If this policy is left unset, the screen
- // magnifier is disabled when the login screen is first shown. Users can
- // enable or disable the screen magnifier anytime and its status on the login
- // screen is persisted between users.
- optional ScreenMagnifierType login_screen_default_screen_magnifier_type = 4;
-}
-
-message SupervisedUsersSettingsProto {
- // Defines whether supervised users can be created on the device.
- optional bool supervised_users_enabled = 1;
-}
-
-message LoginScreenPowerManagementProto {
- // Configures power management on the login screen. The policy should be
- // specified as a string that expresses the individual settings in JSON
- // format, conforming to the following schema:
- // {
- // "type": "object",
- // "properties": {
- // "AC": {
- // "description": "Power management settings applicable only when
- // running on AC power",
- // "type": "object",
- // "properties": {
- // "Delays": {
- // "type": "object",
- // "properties": {
- // "ScreenDim": {
- // "description": "The length of time without user input after
- // which the screen is dimmed, in milliseconds",
- // "type": "integer",
- // "minimum": 0
- // },
- // "ScreenOff": {
- // "description": "The length of time without user input after
- // which the screen is turned off, in
- // milliseconds",
- // "type": "integer",
- // "minimum": 0
- // },
- // "Idle": {
- // "description": "The length of time without user input after
- // which the idle action is taken, in
- // milliseconds",
- // "type": "integer",
- // "minimum": 0
- // }
- // }
- // },
- // "IdleAction": {
- // "description": "Action to take when the idle delay is reached",
- // "enum": [ "Suspend", "Shutdown", "DoNothing" ]
- // }
- // }
- // },
- // "Battery": {
- // "description": "Power management settings applicable only when
- // running on battery power",
- // "type": "object",
- // "properties": {
- // "Delays": {
- // "type": "object",
- // "properties": {
- // "ScreenDim": {
- // "description": "The length of time without user input after
- // which the screen is dimmed, in milliseconds",
- // "type": "integer",
- // "minimum": 0
- // },
- // "ScreenOff": {
- // "description": "The length of time without user input after
- // which the screen is turned off, in
- // milliseconds",
- // "type": "integer",
- // "minimum": 0
- // },
- // "Idle": {
- // "description": "The length of time without user input after
- // which the idle action is taken, in
- // milliseconds",
- // "type": "integer",
- // "minimum": 0
- // }
- // }
- // },
- // "IdleAction": {
- // "description": "Action to take when the idle delay is reached",
- // "enum": [ "Suspend", "Shutdown", "DoNothing" ]
- // }
- // }
- // },
- // "LidCloseAction": {
- // "description": "Action to take when the lid is closed",
- // "enum": [ "Suspend", "Shutdown", "DoNothing" ]
- // },
- // "UserActivityScreenDimDelayScale": {
- // "description": "Percentage by which the screen dim delay is scaled
- // when user activity is observed while the screen is
- // dimmed or soon after the screen has been turned off",
- // "type": "integer",
- // "minimum": 0
- // }
- // }
- // }
- optional string login_screen_power_management = 1;
-}
-
-message AutoCleanupSettigsProto {
- // Configures strategy for automatic clean-up process that is run when device
- // runs out of free disk space. One of "remove-lru", "remove-lru-if-dormant".
- optional string clean_up_strategy = 1;
-}
-
-message ChromeDeviceSettingsProto {
- optional DevicePolicyRefreshRateProto device_policy_refresh_rate = 1;
- optional UserWhitelistProto user_whitelist = 2;
- optional GuestModeEnabledProto guest_mode_enabled = 3;
- optional DeviceProxySettingsProto device_proxy_settings = 4;
- optional CameraEnabledProto camera_enabled = 5;
- optional ShowUserNamesOnSigninProto show_user_names = 6;
- optional DataRoamingEnabledProto data_roaming_enabled = 7;
- optional AllowNewUsersProto allow_new_users = 8;
- optional MetricsEnabledProto metrics_enabled = 9;
- optional ReleaseChannelProto release_channel = 10;
- optional DeviceOpenNetworkConfigurationProto open_network_configuration = 11;
- optional DeviceReportingProto device_reporting = 12;
- optional EphemeralUsersEnabledProto ephemeral_users_enabled = 13;
- optional AppPackProto app_pack = 14;
- optional ForcedLogoutTimeoutsProto forced_logout_timeouts = 15;
- optional ScreenSaverProto login_screen_saver = 16;
- optional AutoUpdateSettingsProto auto_update_settings = 17;
- optional StartUpUrlsProto start_up_urls = 18;
- optional PinnedAppsProto pinned_apps = 19;
- optional SystemTimezoneProto system_timezone = 20;
- optional DeviceLocalAccountsProto device_local_accounts = 21;
- optional AllowRedeemChromeOsRegistrationOffersProto allow_redeem_offers = 22;
- optional StartUpFlagsProto start_up_flags = 23;
- optional UptimeLimitProto uptime_limit = 24;
- optional VariationsParameterProto variations_parameter = 25;
- optional AttestationSettingsProto attestation_settings = 26;
- optional AccessibilitySettingsProto accessibility_settings = 27;
- optional SupervisedUsersSettingsProto supervised_users_settings = 28;
- optional LoginScreenPowerManagementProto login_screen_power_management = 29;
- optional SystemUse24HourClockProto use_24hour_clock = 30;
- optional AutoCleanupSettigsProto auto_clean_up_settings = 31;
-}
diff --git a/chromeos/install_attributes.proto b/chromeos/install_attributes.proto
deleted file mode 100644
index f1442f4..0000000
--- a/chromeos/install_attributes.proto
+++ /dev/null
@@ -1,20 +0,0 @@
-// Copyright (c) 2011 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-syntax = "proto2";
-
-option optimize_for = LITE_RUNTIME;
-
-package cryptohome;
-
-// This must match install_attributes.proto in the Chromium OS cryptohome
-// repository. Only the fields that are relevant to the browser are present
-// here.
-message SerializedInstallAttributes {
- message Attribute {
- required string name = 1;
- required bytes value = 2;
- }
- repeated Attribute attributes = 2;
-}
diff --git a/cloud/chrome_extension_policy.proto b/cloud/chrome_extension_policy.proto
deleted file mode 100644
index 27da746..0000000
--- a/cloud/chrome_extension_policy.proto
+++ /dev/null
@@ -1,43 +0,0 @@
-// Copyright (c) 2013 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-syntax = "proto2";
-
-option optimize_for = LITE_RUNTIME;
-
-package enterprise_management;
-
-// Describes how to retrieve policy data for a particular extension. The
-// extension ID is in the |settings_entity_id| field of the PolicyData message
-// that contains the ExternalPolicyData in its |policy_value| field.
-message ExternalPolicyData {
- // A URL where the policy data can be downloaded from.
- optional string download_url = 1;
-
- // SHA-1 hash of the data at |download_url|. This is used to verify the
- // integrity of the data, and to detect updates on the client side: the client
- // downloads the data when its local hash does not match |secure_hash|.
- optional bytes secure_hash = 2;
-
- // An authentication method that can be used to verify that the client is
- // authorized to download |download_url|.
- enum AuthMethod {
- // No authentication is performed; knowledge of the URL is enough to
- // authorize its download.
- NONE = 0;
-
- // The HTTP GET request sent to |download_url| must include an
- // "Authorization: " HTTP header of the GoogleDMToken type. Its value is the
- // same as the DMToken used for the policy fetch.
- DMTOKEN = 1;
-
- // The HTTP GET request sent to |download_url| must include an
- // "Authorization: " HTTP header of the "OAuth" type. Its value is a valid
- // Google Accounts OAuth access token.
- OAUTH = 2;
- }
-
- // The authentication method that the client must use to fetch |download_url|.
- optional AuthMethod download_auth_method = 3 [default = NONE];
-}
diff --git a/cloud/device_management_backend.proto b/cloud/device_management_backend.proto
deleted file mode 100644
index 7bda9e6..0000000
--- a/cloud/device_management_backend.proto
+++ /dev/null
@@ -1,630 +0,0 @@
-// Copyright (c) 2012 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-syntax = "proto2";
-
-option optimize_for = LITE_RUNTIME;
-
-package enterprise_management;
-
-// Request from device to server to register device.
-message DeviceRegisterRequest {
- // Reregister device without erasing server state. It can be used
- // to refresh dmtoken etc. Client MUST set this value to true if it
- // reuses an existing device id.
- optional bool reregister = 1;
-
- // Device register type. This field does not exist for TT release.
- // When a client requests for policies, server should verify the
- // client has been registered properly. For example, a client must
- // register with type DEVICE in order to retrieve device policies.
- enum Type {
- TT = 0; // Register for TT release.
- USER = 1; // Register for Chrome OS user polices.
- DEVICE = 2; // Register for device policies.
- BROWSER = 3; // Register for Chrome user policies.
- ANDROID_BROWSER = 4; // Register for Android Chrome browser user policies.
- IOS_BROWSER = 5; // Register for iOS Chrome browser user policies.
- }
- // NOTE: we also use this field to detect client version. If this
- // field is missing, then the request comes from TT. We will remove
- // Chrome OS TT support once it is over.
- optional Type type = 2 [default = TT];
-
- // Machine hardware id, such as serial number.
- // This field is required if register type == DEVICE.
- optional string machine_id = 3;
-
- // Machine model name, such as "ZGA", "Cr-48", "Nexus One". If the
- // model name is not available, client SHOULD send generic name like
- // "Android", or "Chrome OS".
- optional string machine_model = 4;
-
- // When true, indicates that the |machine_id| has been identified as auto-
- // enrollment candidate on the client and the server can use it to verify
- // that the client is to be enrolled in the correct mode.
- // Defaults to false when not present.
- optional bool auto_enrolled = 5;
-
- // Indicates a requisition of the registering entity that the server can act
- // upon. This allows clients to pass hints e.g. at device enrollment time
- // about the intended use of the device.
- optional string requisition = 6;
-}
-
-// Response from server to device register request.
-message DeviceRegisterResponse {
- // Device management token for this registration. This token MUST be
- // part of HTTP Authorization header for all future requests from
- // device to server.
- required string device_management_token = 1;
-
- // Device display name. By default, server generates the name in
- // the format of "Machine Model - Machine Id". However, domain
- // admin can update it using CPanel, so do NOT treat it as constant.
- optional string machine_name = 2;
-
- // Enum listing the possible modes the device should be locked into when the
- // registration is finished.
- enum DeviceMode {
- // In ENTERPRISE mode the device has no local owner and device settings are
- // controlled through the cloud policy infrastructure. Auto-enrollment is
- // supported in that mode.
- ENTERPRISE = 0;
- // Devices in RETAIL mode also have no local owner and get their device
- // settings from the cloud, but additionally this mode enables the demo
- // account on the device.
- RETAIL = 1;
- }
- optional DeviceMode enrollment_type = 3 [default = ENTERPRISE];
-}
-
-// Request from device to server to unregister device.
-// GoogleDMToken MUST be in HTTP Authorization header.
-message DeviceUnregisterRequest {
-}
-
-// Response from server to device for unregister request.
-message DeviceUnregisterResponse {
-}
-
-// Request from device to server to upload device EMCert
-// (enteprise machine cert used for remote attestation).
-// GoogleDMToken MUST be in HTTP Authorization header.
-message DeviceCertUploadRequest {
- // EMCert in X.509 format.
- optional bytes device_certificate = 1;
-}
-
-// Response from server to device for cert upload request.
-message DeviceCertUploadResponse {
-}
-
-// Request to access a Google service with the given scope.
-message DeviceServiceApiAccessRequest {
- // The list of auth scopes the device requests from DMServer.
- repeated string auth_scope = 1;
-
- // OAuth2 client ID to which the returned authorization code is bound.
- optional string oauth2_client_id = 2;
-}
-
-message DeviceServiceApiAccessResponse {
- // The OAuth2 authorization code for the requested scope(s).
- // This can be exchanged for a refresh token.
- optional string auth_code = 1;
-}
-
-message PolicyFetchRequest {
- // This is the policy type, which maps to D3 policy type internally.
- // By convention, we use "/" as separator to create policy namespace.
- // The policy type names are case insensitive.
- //
- // Possible values for Chrome OS are:
- // google/chromeos/device => ChromeDeviceSettingsProto
- // google/chromeos/user => ChromeSettingsProto
- // google/chromeos/publicaccount => ChromeSettingsProto
- // google/chrome/extension => ExternalPolicyData
- // google/android/user => ChromeSettingsProto
- // google/ios/user => ChromeSettingsProto
- optional string policy_type = 1;
-
- // This is the last policy timestamp that client received from server.
- optional int64 timestamp = 2;
-
- // Tell server what kind of security signature is required.
- enum SignatureType {
- NONE = 0;
- SHA1_RSA = 1;
- }
- optional SignatureType signature_type = 3 [default = NONE];
-
- // The version number of the public key that is currently stored
- // on the client. This should be the last number the server had
- // supplied as new_public_key_version in PolicyData.
- // This field is unspecified if the client does not yet have a
- // public key.
- optional int32 public_key_version = 4;
-
- // Machine hardware id, such as serial number.
- // This field is should be set only if the serial number for the device is
- // missing from the server, as indicated by the valid_serial_number_missing
- // field in the last policy fetch response.
- optional string machine_id = 5;
-
- // This field is used for devices to send the additional ID to fetch settings.
- // Retrieving some settings requires more than just device or user ID.
- // For example, to retrieve public account, devices need to pass in
- // public account ID in addition to device ID. To retrieve extension or
- // plug-in settings, devices need to pass in extension/plug-in ID in
- // addition to user ID.
- // policy_type represents the type of settings (e.g. public account,
- // extension) devices request to fetch.
- optional string settings_entity_id = 6;
-
- // If this fetch is due to a policy invalidation, this field contains the
- // version provided with the invalidation. The server interprets this value
- // and the value of invalidation_payload to fetch the up-to-date policy.
- optional int64 invalidation_version = 7;
-
- // If this fetch is due to a policy invalidation, this field contains the
- // payload delivered with the invalidation. The server interprets this value
- // and the value of invalidation_version to fetch the up-to-date policy.
- optional bytes invalidation_payload = 8;
-}
-
-// This message is included in serialized form in PolicyFetchResponse
-// below. It may also be signed, with the signature being created for
-// the serialized form.
-message PolicyData {
- // See PolicyFetchRequest.policy_type.
- optional string policy_type = 1;
-
- // [timestamp] is milliseconds since Epoch in UTC timezone. It is
- // included here so that the time at which the server issued this
- // response cannot be faked (as protection against replay attacks).
- // It is the timestamp generated by DMServer, NOT the time admin
- // last updated the policy or anything like that.
- optional int64 timestamp = 2;
-
- // The DM token that was used by the client in the HTTP POST header
- // for authenticating the request. It is included here again so that
- // the client can verify that the response is meant for him (and not
- // issued by a replay or man-in-the-middle attack).
- optional string request_token = 3;
-
- // The serialized value of the actual policy protobuf. This can be
- // deserialized to an instance of, for example, ChromeSettingsProto,
- // ChromeDeviceSettingsProto, or ExternalPolicyData.
- optional bytes policy_value = 4;
-
- // The device display name assigned by the server. It is only
- // filled if the display name is available.
- //
- // The display name of the machine as generated by the server or set
- // by the Administrator in the CPanel GUI. This is the same thing as
- // |machine_name| in DeviceRegisterResponse but it might have
- // changed since then.
- optional string machine_name = 5;
-
- // Version number of the server's current public key. (The key that
- // was used to sign this response. Numbering should start at 1 and be
- // increased by 1 at each key rotation.)
- optional int32 public_key_version = 6;
-
- // The user this policy is intended for. In case of device policy, the name
- // of the owner (who registered the device).
- optional string username = 7;
-
- // In this field the DMServer should echo back the "deviceid" HTTP parameter
- // from the request.
- optional string device_id = 8;
-
- // Indicates which state this association with DMServer is in. This can be
- // used to tell the client that it is not receiving policy even though the
- // registration with the server is kept active.
- enum AssociationState {
- // Association is active and policy is pushed.
- ACTIVE = 0;
- // Association is alive, but the corresponding domain is not managed.
- UNMANAGED = 1;
- // Client got dropped on the server side.
- DEPROVISIONED = 2;
- }
- optional AssociationState state = 9 [default = ACTIVE];
-
- // Indicates if the the server cannot find a valid serial number for the
- // device. If this flag is set, the device should send the valid serial
- // number with a device policy fetch request. Note that this only
- // applies to device policy.
- optional bool valid_serial_number_missing = 10;
-
- // Indicates which public account or extension/plug-in this policy data is
- // for. See PolicyFetchRequest.settings_entity_id for more details.
- optional string settings_entity_id = 11;
-
- // Indicates the identity the device service account is associated with.
- // This is only sent as part of device policy fetch.
- optional string service_account_identity = 12;
-
- // The object source which hosts policy objects within the invalidation
- // service. This value is combined with invalidation_name to form the object
- // id used to register for invalidations to this policy.
- optional int32 invalidation_source = 13;
-
- // The name which uniquely identifies this policy within the invalidation
- // service object source. This value is combined with invalidation_source to
- // form the object id used to register for invalidations to this policy.
- optional bytes invalidation_name = 14;
-}
-
-message PolicyFetchResponse {
- // Since a single policy request may ask for multiple policies, we
- // provide separate error code for each individual policy fetch.
-
- // We will use standard HTTP Status Code as error code.
- optional int32 error_code = 1;
-
- // Human readable error message for customer support purpose.
- optional string error_message = 2;
-
- // This is a serialized |PolicyData| protobuf (defined above).
- optional bytes policy_data = 3;
-
- // Signature of the policy data above.
- optional bytes policy_data_signature = 4;
-
- // If the public key has been rotated on the server, the new public
- // key is sent here. It is already used for |policy_data_signature|
- // above, whereas |new_public_key_signature| is created using the
- // old key (so the client can trust the new key). If this is the
- // first time when the client requests policies (so it doesn't have
- // on old public key), then |new_public_key_signature| is empty.
- optional bytes new_public_key = 5;
- optional bytes new_public_key_signature = 6;
-}
-
-// Request from device to server for reading policies.
-message DevicePolicyRequest {
- // The policy fetch request. If this field exists, the request must
- // comes from a non-TT client. The repeated field allows client to
- // request multiple policies for better performance.
- repeated PolicyFetchRequest request = 3;
-}
-
-// Response from server to device for reading policies.
-message DevicePolicyResponse {
- // The policy fetch response.
- repeated PolicyFetchResponse response = 3;
-}
-
-message TimePeriod {
- // [timestamp] is milli seconds since Epoch in UTC timezone.
- optional int64 start_timestamp = 1;
- optional int64 end_timestamp = 2;
-}
-
-message ActiveTimePeriod {
- optional TimePeriod time_period = 1;
-
- // The active duration during the above time period.
- // The unit is milli-second.
- optional int32 active_duration = 2;
-}
-
-// This captures launch events for one app/extension or other installments.
-message InstallableLaunch {
- optional string install_id = 1;
-
- // Time duration where this report covers. These are required
- // and the record will be ignored if not set.
- optional TimePeriod duration = 2;
-
- // Client will send at most 50 timestamps to DM. All the rest
- // launch activities will be summed into the total count.
- // We will distribute the count evenly among the time span when
- // doing time based aggregation.
- repeated int64 timestamp = 3;
- optional int64 total_count = 4;
-}
-
-// Used to report the device location.
-message DeviceLocation {
- enum ErrorCode {
- ERROR_CODE_NONE = 0;
- ERROR_CODE_POSITION_UNAVAILABLE = 1;
- }
-
- // Latitude in decimal degrees north (WGS84 coordinate frame).
- optional double latitude = 1;
-
- // Longitude in decimal degrees west (WGS84 coordinate frame).
- optional double longitude = 2;
-
- // Altitude in meters (above WGS84 datum).
- optional double altitude = 3;
-
- // Accuracy of horizontal position in meters.
- optional double accuracy = 4;
-
- // Accuracy of altitude in meters.
- optional double altitude_accuracy = 5;
-
- // Heading in decimal degrees clockwise from true north.
- optional double heading = 6;
-
- // Horizontal component of device velocity in meters per second.
- optional double speed = 7;
-
- // Time of position measurement in milisecons since Epoch in UTC time.
- optional int64 timestamp = 8;
-
- // Error code, see enum above.
- optional ErrorCode error_code = 9;
-
- // Human-readable error message.
- optional string error_message = 10;
-}
-
-// Details about a network interface.
-message NetworkInterface {
- // Indicates the type of network device.
- enum NetworkDeviceType {
- TYPE_ETHERNET = 0;
- TYPE_WIFI = 1;
- TYPE_WIMAX = 2;
- TYPE_BLUETOOTH = 3;
- TYPE_CELLULAR = 4;
- }
-
- // Network device type.
- optional NetworkDeviceType type = 1;
-
- // MAC address (if applicable) of the corresponding network device. This is
- // formatted as an ASCII string with 12 hex digits. Example: A0B1C2D3E4F5.
- optional string mac_address = 2;
-
- // MEID (if applicable) of the corresponding network device. Formatted as
- // ASCII string composed of 14 hex digits. Example: A10000009296F2.
- optional string meid = 3;
-
- // IMEI (if applicable) of the corresponding network device. 15-16 decimal
- // digits encoded as ASCII string. Example: 355402040158759.
- optional string imei = 4;
-}
-
-// Details about a device user.
-message DeviceUser {
- // Types of device users which can be reported.
- enum UserType {
- // A user managed by the same domain as the device.
- USER_TYPE_MANAGED = 0;
-
- // A user not managed by the same domain as the device.
- USER_TYPE_UNMANAGED = 1;
- }
-
- // The type of the user.
- required UserType type = 1;
-
- // Email address of the user. Present only if the user type is managed.
- optional string email = 2;
-}
-
-// Report device level status.
-message DeviceStatusReportRequest {
- // The OS version reported by the device is a platform version
- // e.g. 1435.0.2011_12_16_1635.
- optional string os_version = 1;
- optional string firmware_version = 2;
-
- // "Verified", "Dev". Same as verified mode.
- // If the mode is unknown, this field should not be set.
- optional string boot_mode = 3;
-
- // Device active times collection since last report rpc call.
- // No longer used -- use active_period instead.
- repeated TimePeriod active_time = 4 [deprecated = true];
-
- // The browser version string as shown in the About dialog.
- // e.g. 17.0.963.18.
- optional string browser_version = 5;
-
- // A list of periods when the device was active, aggregated by day.
- repeated ActiveTimePeriod active_period = 6;
-
- // The device location.
- optional DeviceLocation device_location = 7;
-
- // List of network interfaces.
- repeated NetworkInterface network_interface = 8;
-
- // List of recent device users, in descending order by last login time.
- repeated DeviceUser user = 9;
-}
-
-// Report session (a user on one device) level status.
-message SessionStatusReportRequest {
- // Installed apps for this user on this device.
- repeated string installed_app_id = 1;
-
- // Installed extensions for this user on this device.
- repeated string installed_extension_id = 2;
-
- // One stat per app for top 30 apps.
- repeated InstallableLaunch app_launch_stat = 3;
-}
-
-// Response from DMServer to update devices' status.
-// It is possible that status report fails but policy request succeed. In such
-// case, the DeviceStatusReportResponse will contain an error code and the
-// device should re-send status report data in the next policy request. The
-// device should re-send report data if policy request fails, even if
-// DeviceStatusReportResponse contains no error code.
-message DeviceStatusReportResponse {
- optional int32 error_code = 1;
-
- // Human readable error message for customer support purpose.
- optional string error_message = 2;
-}
-
-// Response from DMServer to update user devices' status.
-// It is possible that status report fails but policy request succeed. In such
-// case, the SessionStatusReportResponse will contain an error code and the
-// device should re-send status report data in the next policy request. The
-// device should re-send report data if policy request fails, even if
-// SessionStatusReportResponse contains no error code.
-message SessionStatusReportResponse {
- optional int32 error_code = 1;
-
- // Human readable error message for customer support purpose.
- optional string error_message = 2;
-}
-
-// Request from device to server to determine whether the device should
-// go through enterprise enrollment. Unlike the other requests, this request is
-// not authenticated.
-message DeviceAutoEnrollmentRequest {
- // SHA-256 hash of the device's serial number, mod |modulus|.
- // Should always be present.
- optional int64 remainder = 1;
-
- // Modulus of the hash used by the client. Should always be present. This
- // is the number of buckets the client thinks the server has. For now,
- // it is a power of 2, but due to the strict constraint on how many serial
- // numbers a bucket can contain, it may become non power of 2. If that
- // happens, client-side needs to change its assumption.
- optional int64 modulus = 2;
-}
-
-// Response from server to auto-enrollment detection request.
-message DeviceAutoEnrollmentResponse {
- // If this field is present, the other fields are ignored and the client
- // should send a new DeviceAutoEnrollmentRequest with a new |remainder|
- // computed using this new |modulus|. If this field is empty, the client's
- // request was accepted.
- // DMServer guarantees that if the modulus sent by client in
- // DeviceAutoEnrollmentRequest matches server's expectation, this field
- // is unset.
- optional int64 expected_modulus = 1;
-
- // List of hashes in the client's hash bucket. If the client's hash matches
- // any in this list, the client device should do enterprise enrollment.
- // If it matches none, enrollment should be optional.
- // Each entry has exactly 256 bits (32 bytes).
- repeated bytes hash = 2;
-}
-
-// Request from the DMAgent on the device to the DMServer. This is
-// container for all requests from device to server. The overall HTTP
-// request MUST be in the following format:
-//
-// * HTTP method is POST
-// * Data mime type is application/x-protobuffer
-// * HTTP parameters are (all required, all case sensitive):
-// * request: MUST BE one of
-// * cert_upload
-// * enterprise_check
-// * ping
-// * policy
-// * register
-// * status
-// * unregister
-// * api_authorization
-//
-// * devicetype: MUST BE "1" for Android or "2" for Chrome OS.
-// * apptype: MUST BE Android or Chrome.
-// * deviceid: MUST BE no more than 64-char in [\x21-\x7E].
-// * agent: MUST BE no more than 64-char long.
-// * HTTP Authorization header MUST be in the following formats:
-// * For register and ping requests
-// Authorization: GoogleLogin auth=<auth cookie for Mobile Sync>
-//
-// * For unregister, policy, status, and cert_upload requests
-// Authorization: GoogleDMToken token=<dm token from register>
-//
-// * The Authorization header isn't used for enterprise_check
-// request, nor for register requests using OAuth. In the latter case,
-// the OAuth token is passed in the "oauth" parameter.
-//
-// DeviceManagementRequest should only contain one request which matches the
-// HTTP query parameter - request, as listed below. Other requests within the
-// container will be ignored.
-// cert_upload: cert_upload_request
-// enterprise_check: auto_enrollment_request
-// ping: policy_request
-// policy: policy_request
-// register: register_request
-// status: device_status_report_request or session_status_report_request
-// unregister: unregister_request
-//
-//
-message DeviceManagementRequest {
- // Register request.
- optional DeviceRegisterRequest register_request = 1;
-
- // Unregister request.
- optional DeviceUnregisterRequest unregister_request = 2;
-
- // Policy request.
- optional DevicePolicyRequest policy_request = 3;
-
- // Update status.
- optional DeviceStatusReportRequest device_status_report_request = 4;
- optional SessionStatusReportRequest session_status_report_request = 5;
-
- // Auto-enrollment detection.
- optional DeviceAutoEnrollmentRequest auto_enrollment_request = 6;
-
- // EMCert upload (for remote attestation)
- optional DeviceCertUploadRequest cert_upload_request = 7;
-
- // Request for OAuth2 authorization codes to access Google services.
- optional DeviceServiceApiAccessRequest service_api_access_request = 8;
-}
-
-// Response from server to device.
-//
-// The server uses the following numbers as HTTP status codes
-// to report top-level errors.
-//
-// 200 OK: valid response is returned to client.
-// 400 Bad Request: invalid argument.
-// 401 Unauthorized: invalid auth cookie or DM token.
-// 403 Forbidden: device management is not allowed.
-// 404 Not Found: the request URL is invalid.
-// 410 Device Not Found: the device id is not found.
-// 491 Request Pending: the request is pending approval.
-// 500 Internal Server Error: most likely a bug in DM server.
-// 503 Service Unavailable: most likely a backend error.
-// 901 Device Not Found: the device id is not found.
-// 902 Policy Not Found: the policy is not found.
-message DeviceManagementResponse {
- // Error message.
- optional string error_message = 2;
-
- // Register response
- optional DeviceRegisterResponse register_response = 3;
-
- // Unregister response
- optional DeviceUnregisterResponse unregister_response = 4;
-
- // Policy response.
- optional DevicePolicyResponse policy_response = 5;
-
- // Device status report response.
- optional DeviceStatusReportResponse device_status_report_response = 6;
-
- // Session status report response.
- optional SessionStatusReportResponse session_status_report_response = 7;
-
- // Auto-enrollment detection response.
- optional DeviceAutoEnrollmentResponse auto_enrollment_response = 8;
-
- // EMCert upload response.
- optional DeviceCertUploadResponse cert_upload_response = 9;
-
- // Response to OAuth2 authorization code request.
- optional DeviceServiceApiAccessResponse service_api_access_response = 10;
-}
diff --git a/cloud/device_management_local.proto b/cloud/device_management_local.proto
deleted file mode 100644
index 122e863..0000000
--- a/cloud/device_management_local.proto
+++ /dev/null
@@ -1,31 +0,0 @@
-// Copyright (c) 2011 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-syntax = "proto2";
-
-option optimize_for = LITE_RUNTIME;
-
-package enterprise_management;
-
-import "device_management_backend.proto";
-
-// Wrapper around CloudPolicyResponse/DevicePolicyResponse for caching on disk.
-message CachedCloudPolicyResponse {
- // The DevicePolicyResponse wrapped by this message.
- optional DevicePolicyResponse device_policy = 1;
- // Timestamp noting when the |unmanaged| flag was set. The meaning is
- // milliseconds since 1970. When caching (deprecated) DevicePolicyResponses,
- // this timestamp also notes when the response was cached.
- optional uint64 timestamp = 2;
- // Flag that is set to true if this device is not managed.
- optional bool unmanaged = 3;
- // The PolicyFetchResponse wrapped by this message.
- optional PolicyFetchResponse cloud_policy = 4;
-}
-
-// Encapsulates a device ID and the associated device token.
-message DeviceCredentials {
- optional string device_id = 1;
- optional string device_token = 2;
-}
