How to hide individual elements of the UI from anyone not logged in as a user

I saw a post about this recently but can’t find it now.
I just figured this out, and it seems quite useful.

OpenHAB is not setup for multi users yet (Hopefully one day it will be easy and done through the UI), So how do you deal with Guests and Children etc?

In widget YAML, there is an option for ‘users’, which returns the name and role of a user.
If you try the following, you can hide individual elements from any part of the ‘tree’ of F7 components, from anyone who is not logged in as a ‘user’.
You can test this by visiting your OpenHAB url in Incognito mode

visible: "=(!user) ? true : false"

This is an example that uses this technique to show/hide a footer I add to every page

component: f7-card
config:
  content: "* You are logged in as a Guest. Log in as an Administrator to see all controls"
  noBorder: true
  noShadow: true
  visible: "=(!user) ? true : false"
  style:
    background: hsla(0, 0%, 100%, 0)
    font-size: 12px
    margin-bottom: -10px
    margin-top: -20px
  textColor: gray

VIEW WHEN LOGGED IN


GUEST VIEW
You can remove individual buttons and switches, rows, columns, blocks, widgets etc

3 Likes

What a great idea.

I assume the same can be applied to “Admin” ?

Yes, this works in all kinds of ways, but I thought this was a good example.

You could try things like deactivating a control instead of hiding it, or sending someone to another page -

action: '=(user) ? "popup" : 
  "navigate"
  '

The last post I saw was going down the wrong rabbit hole of trying to add and remove users, but this doesn’t need any of that kind of configuration. I don’t think my own openHAB needs any more than admin and guest levels of security.

Indeed, does anyone really need more?

(Unless they want to divide up siblings etc)

This has been mentioned elsewhere and in the docs but I think it’s important to say here that this is not a security control. A clever or knowledgable user could still access those Items if they know where to look.

1 Like

Agreed and understood, but I’m not protecting against hackers with intent. I suspect I’d lose a battle like that anyway. This is to keep things simple for guests and visitors, and I think my kids are a few decades away from being able to hack their way in. What are they going to do anyway? Change my light switch setup? Anyone trying to hack me should probably try my social media etc before trying a smart home attack.

1 Like

Just want to emphasize that once more.

You also have a visibleTo property virtually everywhere in Pages, it accepts an array, so you can at any point choose which specific users or roles will see the component. It’s somewhat documented in https://www.openhab.org/docs/ui/building-pages.html#widgets-definition-usage

Examples:

visibleTo:
  - role:administrator
  - user:scott

Only the administrator and user roles are useable right now, you can’t really define new ones.

But not in tabbed pages. It would be nice to have this in openhab 4. See also here:

The “in” in “virtually everywhere in Pages” is important. A tabbed page is like a container that holds other pages. You can still get to the config for each individual tab, right? You can definitely configure the visibility for each individual widget on each tab, either right there of in the Item’s metadata when using the defaults.

1 Like

I see the technical aspect.

Yes, but the “visibleTo” option does not have an affect. Maybe I am doing something wrong?
At the moment I am on 3.4.2.

I don’t say this has to work. I only think it would be a nice feature to contol the visibility option on the top page, if you know what I mean.
Thanks. Br.

So that’s something different and might be a regression or bug that needs to be fixed. If there is a “visible to” option there, it should work.