One can counter with this that the non-standard build was an alfa test intended for testers to exercise the new features in the binding. In the commercial world there simply would not have been and still would not be any support for security until OH 2.4 gets released. What you are describing is not standard operating procedure for typical OH users. It was intended for the alpha and beta testers. The only reason so many people who are not necessarily testers went down that path is because many people would not or could not wait for the fully tested and merged in version became available.
Many on this forum, myself included, would argue there should be two UIs. One UI created for the users of the home automation and one UI created for the builders of the home automation. You don’t want to present a UI designed around managing Things and Items and bindings and such to your house guests.
But ultimately this is not something that OH can control short of shutting off the REST API entirely. Anyone can write any UI they want. It’s an open interface. And it’s an opensource issue. I don’t think you will ever see this addressed until and unless someone creates a commercial offering based on ESH.
OH is and always will be a more open and inclusive platform. And I think that is an important point for people to realize. OH is not intended to become some polished and unified commercial offering. The trademarks and licensing would prevent that. This is why there is an ESH in the first place. So from that perspective, OH is and always will be something more on the bleeding edge and more something used by enthusiasts and hobbiests. That is what it is here for.
Have you explored the Expire based binding? I’m not arguing against the idea (I like it), just offering less code intensive ways to do this now. See Design Pattern: Expire Binding Based Timers.
I’m still exploring the Experimental Rules Engine but I think this is something that might be doable with a minimum amount of code.
