Protected switches

Use this forum to discuss possible implementation of a new feature before opening a ticket.
A developer shall edit the topic title with "[xxx]" where xxx is the id of the accompanying tracker id.
Duplicate posts about the same id. +1 posts are not allowed.

Moderators: leecollings, remb0

Post Reply
lost
Posts: 616
Joined: Thursday 10 November 2016 9:30
Target OS: Raspberry Pi / ODroid
Domoticz version:
Contact:

Protected switches

Post by lost »

Hello,
Small suggestion after one of my childs managed to bypass a protected switch (at home/from LAN, so default admin user): He did not change current (not visible from the interface) password in configuration, I would have soon noticed, but was just setting a schedule to set required state a few minutes ahead... and erasing this schedule after state change!

=> Would be nice, for protected switches, to have schedule button need the password (currently, only direct state change needs it).

Of course, that's not bulletproof & I could already enforce admin password even for LAN access but this would be a bit cumbersome.

Another option may be to be able to have a simple user (or even spectator) being default without password on LAN instead of admin but I could not find a way to do this & may be a bit more complex change (as this should allow re-login to admin from the interface for configuration stuff, even if admin:passwd in URL may also do the job).

So I think needing protected switch password to access schedules may be a good compromise to avoid child's not already digging too much into the system being able to remove a wifi AP disable switch schedule or add one to be able to use internet from their bedrooms at night! :twisted:
User avatar
waltervl
Posts: 5148
Joined: Monday 28 January 2019 18:48
Target OS: Linux
Domoticz version: 2024.7
Location: NL
Contact:

Re: Protected switches

Post by waltervl »

You can also allow your own devices (IP's) to the trusted network setting and not allowing your child device to allow without login.
Domoticz running on Udoo X86 (on Ubuntu)
Devices/plugins: ZigbeeforDomoticz (with Xiaomi, Ikea, Tuya devices), Nefit Easy, Midea Airco, Omnik Solar, Goodwe Solar
lost
Posts: 616
Joined: Thursday 10 November 2016 9:30
Target OS: Raspberry Pi / ODroid
Domoticz version:
Contact:

Re: Protected switches

Post by lost »

waltervl wrote: Friday 31 May 2024 15:01 You can also allow your own devices (IP's) to the trusted network setting and not allowing your child device to allow without login.
Yes, I already think about this also. But smartphones use DHCP and may get any addr in range for me & my wife (and well, WAF must be considered!). My son is a bit tricky and already managed to hide an ethernet plug (still have a few areas that were not easy to wire in my home) to be able to restore wifi access (he uses from his bed, ready to hide the laptop if we move!), an old forgotten phone with no more sim inside that'll get an unrestricted IP to disable a schedule before it triggers... even an eBook reader with a wifi, even if not very confortable to use. Sometimes, I really think about using handcuffsf!

But if that's no easy deal, forget it! That's my corner case must admit.
User avatar
waltervl
Posts: 5148
Joined: Monday 28 January 2019 18:48
Target OS: Linux
Domoticz version: 2024.7
Location: NL
Contact:

Re: Protected switches

Post by waltervl »

You should only give your wife's phone and your phone a fixed IP and enter the server IP, yours and your wife's IP in the trusted network setting. All the rest of the devices will have to login...
Domoticz running on Udoo X86 (on Ubuntu)
Devices/plugins: ZigbeeforDomoticz (with Xiaomi, Ikea, Tuya devices), Nefit Easy, Midea Airco, Omnik Solar, Goodwe Solar
Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest