Lovelace Restriction Card - Client-side Security

e-raser · March 13, 2024, 12:16pm

Is it possible to only restrict the header of a card? I want to protect the header toggle (show a warning before) while the rest of the card should be clickable without any restrictions:

      - type: entities
        title: Alle Lichter (⚠)
        state_color: true
        show_header_toggle: true
        entities:
        ...

The thing is: the header toggle is linked to all entities listed in the entities section. If I would apply restriction card to a entity (as row) called All lights I can’t take advantage of that header toggle aggregation - but would need a separate script or run a service etc… Every possible workaround coming to my mind gets way too complicated - which is why I hope something is possible from the UI / restriction card side.

eastern_blok · March 17, 2024, 9:51pm

Can somebody help me what am I doing wrong, in the pop-up window to I don’t see the values evaluated:

        restrictions:
          block:
            text: I know she is cute, but she already had her meal ;)
            exemptions:
              - user: ec8de46da4594643986abcf16417ea0c
              - user: 3df675cbcf1f435f95333cbc90b64741
          confirm:
            text: >-
              Are you sure you want to dispense one more meal to Unut? She
              already had {{
              states('sensor.feeder_unut_weight_dispensed_today') }} {{
              state_attr('sensor.feeder_unut_weight_dispensed_today',
              'unit_of_measurement') }} today!
        type: custom:restriction-card
        row: true

Ildar_Gabdullin · March 18, 2024, 1:24pm

The card does not support templates.

Mariusthvdb · March 18, 2024, 1:36pm

you can encapsulate this card inside a type: custom:config-template-card, set the variable there and use that in your popup like:

  type: custom:config-template-card
  entities:
    - '[[entity]]'
  variables:
    id: states[ '[[entity]]' ].attributes.friendly_name
  card:
    type: custom:mod-card
    card_mod:
      style:
        .: |
          ha-card {
            --restriction-lock-icon-size: 14px;
            --restriction-regular-lock-color: var(--background-color-on);
            --restriction-success-lock-color: var(--ok-color);
            --restriction-lock-opacity: 0.8;
          }
        restriction-card$: |
          ha-icon {
            display: flex;
            position: absolute;
            top: 8px;
            left: 40px;
            background: red;
            border-radius: 50%;
          }
    card:
      type: custom:restriction-card
      restrictions:
        confirm:
          text: ${'Wil je ' + id + ' schakelen?'}
      card:
        type: '[[type]]'
        entity: '[[entity]]'
        name: '[[name]]'
        tap_action:
          action: toggle

you could ofc use any template.

be aware though the card is reevaluated upon each state change for your variables, so could become a heavy element in your views

Mister.Gatti · March 20, 2024, 5:50pm

Greetings everyone,
this is a great solution for blocking.
I wonder if it is possible to hide or mask the IP address of the password request pop up
Thank you

crashmatt · March 29, 2024, 7:14pm

Please can someone help me understand why I can’t get restriction-card to toggle an input boolean. No action I do will give a logbook entry.

Have tried both pin protected and plain confirm.
Have tried call-service and action: toggle
Have tried a mix of all the options (shown below) and minimal options.
Plain button without the restriction-card will work.
What am I doing wrong?

type: custom:restriction-card
restrictions:
  confirm: null
  pin:
    code: 1234
    text: TV Lockout PIN code
    retry_delay: 0
    max_retries: unlimited
    max_retries_delay: 0
    exemptions:
      - user: null
card:
  type: button
  show_name: true
  show_icon: true
  entity: input_boolean.tv_lockout
  tap_action:
    action: call-service
    service: input_boolean.toggle
    target:
      entity_id:
        - input_boolean.tv_lockout

Ildar_Gabdullin · March 30, 2024, 8:49am

Restriction card does not toggle. It only prevents passing mouse events to the inner card.

crashmatt · March 30, 2024, 4:32pm

Thanks. Simple user error.
Obvious now you say it otherwise it would not operate with more complex cards.

e-raser · April 4, 2024, 1:47pm

Anyone with an idea on this?

b24home · April 8, 2024, 3:03pm

Then how can this be done so that it does trigger an input boolean? Or a script? Or something? It really wasn’t clear to me that this is the functionality and I wasted a half hour discovering this only when I found your comment.

Ildar_Gabdullin · April 8, 2024, 6:40pm

What is “this”?
If you place , for instance, Entities card inside restriction-card, provide corresponding tap_action code on the Entities card.

Dal · April 10, 2024, 7:18pm

How do I apply themes from themes.yml on a restriction-card ?

Thanks

tom_l · April 10, 2024, 9:55pm

You apply it to the card that the restriction card is applied to.

type: custom:restriction-card
### not here ###
condition:
  entity: input_boolean.unlock_restrictions
  value: 'off'
restrictions:
  pin:
    code: 1234
card:
  entity: switch.dishwasher
  template: switch_button
  type: custom:button-card
  ### apply your theme here ###

PZ0013 · May 15, 2024, 2:42am

Hi

Can I check if this Restriction Card is still active?

I’m installing from HACS and it doesn’t seem to load. Other cards work fine.

Thanks

sparkydave · May 15, 2024, 2:48am

It’s still working for me. Clear your browser cache?

PZ0013 · May 15, 2024, 2:50am

yea done that, and even reinstalled Chrome to check it’s not a browser issue

thanks anyway, but appreciate it there are any other pointers

edit:
the key steps in the manual process look to be completed otherwise:

plugin downloaded:
plugin imported:

image872×355 20.9 KB

but getting this:

edit:
the installation actually worked fine. the error above doesn’t mean anything.

restriction-card works as a wrapper rather than a card in itself. need to see Documentation for usage

Stives25 · June 12, 2024, 3:49pm

Hi,
This map works but how do I modify it so that the code is in the secrets.yaml file?

type: custom:restriction-card
restrictions:
  confirm: null
  pin:
    text: Entrez le code
    code: 1234
card:
  type: custom:button-card
  show_entity_picture: true
  state:
    - value: 'off'
    - value: 'on'
  tap_action:
    action: call-service
    service: scene.turn_on
    service_data:
      entity_id: scene.portail_ouverture
  icon: mdi:remote
  color: rgb(68,115,158)
  name: Ouverture

Ildar_Gabdullin · June 12, 2024, 4:00pm

What do you mean by a “map”?
What do you mean by a “code”? A “card’s code” or an “option named ‘code’”?

Stives25 · June 12, 2024, 4:07pm

Card !
I would like the PIN “1234” to be stored in the secrets.yaml file

Ildar_Gabdullin · June 12, 2024, 4:09pm

Using secrets is only allowed in yaml-mode dashboards.

code: !secret my_super_secret_complex_pin