Lovelace Restriction Card - Client-side Security

Is it possible to only restrict the header of a card? I want to protect the header toggle (show a warning before) while the rest of the card should be clickable without any restrictions:

      - type: entities
        title: Alle Lichter (⚠)
        state_color: true
        show_header_toggle: true
        entities:
        ...

The thing is: the header toggle is linked to all entities listed in the entities section. If I would apply restriction card to a entity (as row) called All lights I can’t take advantage of that header toggle aggregation - but would need a separate script or run a service etc… Every possible workaround coming to my mind gets way too complicated - which is why I hope something is possible from the UI / restriction card side.

Can somebody help me what am I doing wrong, in the pop-up window to I don’t see the values evaluated:

        restrictions:
          block:
            text: I know she is cute, but she already had her meal ;)
            exemptions:
              - user: ec8de46da4594643986abcf16417ea0c
              - user: 3df675cbcf1f435f95333cbc90b64741
          confirm:
            text: >-
              Are you sure you want to dispense one more meal to Unut? She
              already had {{
              states('sensor.feeder_unut_weight_dispensed_today') }} {{
              state_attr('sensor.feeder_unut_weight_dispensed_today',
              'unit_of_measurement') }} today!
        type: custom:restriction-card
        row: true

The card does not support templates.

you can encapsulate this card inside a type: custom:config-template-card, set the variable there and use that in your popup like:

  type: custom:config-template-card
  entities:
    - '[[entity]]'
  variables:
    id: states[ '[[entity]]' ].attributes.friendly_name
  card:
    type: custom:mod-card
    card_mod:
      style:
        .: |
          ha-card {
            --restriction-lock-icon-size: 14px;
            --restriction-regular-lock-color: var(--background-color-on);
            --restriction-success-lock-color: var(--ok-color);
            --restriction-lock-opacity: 0.8;
          }
        restriction-card$: |
          ha-icon {
            display: flex;
            position: absolute;
            top: 8px;
            left: 40px;
            background: red;
            border-radius: 50%;
          }
    card:
      type: custom:restriction-card
      restrictions:
        confirm:
          text: ${'Wil je ' + id + ' schakelen?'}
      card:
        type: '[[type]]'
        entity: '[[entity]]'
        name: '[[name]]'
        tap_action:
          action: toggle

you could ofc use any template.

be aware though the card is reevaluated upon each state change for your variables, so could become a heavy element in your views

1 Like

Greetings everyone,
this is a great solution for blocking.
I wonder if it is possible to hide or mask the IP address of the password request pop up
Thank you

Please can someone help me understand why I can’t get restriction-card to toggle an input boolean. No action I do will give a logbook entry.

Have tried both pin protected and plain confirm.
Have tried call-service and action: toggle
Have tried a mix of all the options (shown below) and minimal options.
Plain button without the restriction-card will work.
What am I doing wrong?

type: custom:restriction-card
restrictions:
  confirm: null
  pin:
    code: 1234
    text: TV Lockout PIN code
    retry_delay: 0
    max_retries: unlimited
    max_retries_delay: 0
    exemptions:
      - user: null
card:
  type: button
  show_name: true
  show_icon: true
  entity: input_boolean.tv_lockout
  tap_action:
    action: call-service
    service: input_boolean.toggle
    target:
      entity_id:
        - input_boolean.tv_lockout

Restriction card does not toggle. It only prevents passing mouse events to the inner card.

Thanks. Simple user error.
Obvious now you say it otherwise it would not operate with more complex cards.

Anyone with an idea on this?

Then how can this be done so that it does trigger an input boolean? Or a script? Or something? It really wasn’t clear to me that this is the functionality and I wasted a half hour discovering this only when I found your comment.

What is “this”?
If you place , for instance, Entities card inside restriction-card, provide corresponding tap_action code on the Entities card.

How do I apply themes from themes.yml on a restriction-card ?

Thanks

You apply it to the card that the restriction card is applied to.

type: custom:restriction-card
### not here ###
condition:
  entity: input_boolean.unlock_restrictions
  value: 'off'
restrictions:
  pin:
    code: 1234
card:
  entity: switch.dishwasher
  template: switch_button
  type: custom:button-card
  ### apply your theme here ###

Hi

Can I check if this Restriction Card is still active?

I’m installing from HACS and it doesn’t seem to load. Other cards work fine.

Thanks

It’s still working for me. Clear your browser cache?

yea done that, and even reinstalled Chrome to check it’s not a browser issue

thanks anyway, but appreciate it there are any other pointers

edit:
the key steps in the manual process look to be completed otherwise:

but getting this:

edit:
the installation actually worked fine. the error above doesn’t mean anything.

restriction-card works as a wrapper rather than a card in itself. need to see Documentation for usage