Hi, I’d like to share the way I approached the configuration of a guest user in my HA and how I worked around some well-known limitations, especially those related to the lack of a global sidebar / default dashboard configuration.
My requirements:
-
Guest user allowed to login only from the internal network
-
Only specific views available to the guest user
-
No need for the guest user to switch to a different dashboard once logged in
-
No unnecessary items to show up in the sidebar for the guest user (including logbook, media, history, etc)
Basically a sort of kiosk mode without using frontend hacks (https://github.com/maykar/kiosk-mode is now deprecated, https://github.com/Villhellm/custom-sidebar is no more working in latest HA versions, https://github.com/galloween/custom-sidebar-v2 works only for admin users).
Requirement #1 is the simplest: just create a guest user with a simple password and toggle the Can only log in from the local network
option.
Requirement #2 is also stright-forward: create a dashboard, add a View for the guest user, under Visibility
allow the guest user only to access that view, disable the guest user to access any other view of the dashboard.
Requirement #3 is tricky. As we know there is no global default dashboard configuration, it is per-user / per-device.
This means the guest user, upon the first login, lands in the over-complicated Overview
dashboard and should go in his profile to change the default dashboard. Not something I want them to do neither I want to do it on their behalf.
After reading tons of posts here, the simplest approach I found is to take control of the Overview
dashboard (if I need the same content I can always create a brand new admin-only dashboard) and put all my views there (both for regular and guest users).
True, the name of the Overview
dashboard cannot be change as well as the icon but at least in this way every user (guests or not), when logging in, will land to a dashboard populated with the contents I want.
Requirement #4 was also a challenge. As we know also the order in which the items show up in the sidebar and which one is hidden or not is per-user / per-device. The way I approched it was the following:
-
I migrated all my dashbaords into views in order to have a single dashboard only (the
Overview
one). This is not mandatory of course, just an implementation choice, to avoid taking care of the order in which dashbaords are listed in the sidebar -
I disabled in my configuration
Energy
,Map
andMedia
since not using them at all (Ref. How can I hide the Energy/Media/Map tabs from the sidebar? - #9 by petro) resulting in the entries to disappear from the sidebar. This required switching fromdefault_config
to a long list taken from Default Config - Home Assistant and commeting out those not needed -
For
Logbook
andHistory
, which are something I need as an admin but don’t want the other users to access and see, I made them available for admin users only, opting for the approach described in Admin only access for Logbook and History menus - #44 by dan_mc. This required to copy the code of the two components from/usr/src/homeassistant/homeassistant/components
or core/homeassistant/components at master · home-assistant/core · GitHub intoconfig/custom_components
, addversion
to the manifest file and making the views admin-only inasync_register_built_in_panel()
as described in the other post. Of course maintenance of this could be time-consuming since theoretically the code should be updated upon each upgrade
In this way not only guest user but also any user on any deice, has no need to touch the sidebar, hide unnecessary entries or set a default dashboard
Hope can be helpful
Thanks