I’ve been using OpenHAB for quite some time across multiple projects. It’s a great product, but there’s one issue that prevents full implementation—it lacks proper user access control:
- When defining pages, it’s possible to specify which users can open them. However, any user can still modify “Items” values via the REST API.
- Any user can see all “Items.”
For example, if a building has a tenant, how can access be restricted so they only see and control their designated “Items”?
Could this be addressed in the future?