Closed mclei closed 1 year ago
technyon
commented
1 year ago What's your reason not to trust HA with controlling the lock?
Enabling/disabling lock actions altogether should be easy, basically it would be a read-only mode. Fine-grained control over every you can or can't do is more complicated. There's not only locking, but also making changes to the configuration, configuring keypad codes and so on.
mundschenk-at
commented
1 year ago I can't speak for the OP, @technyon, but I am assuming the issue is remote access. You might want to be able to see whether the door is locked in an exposed HA instance, but not want an attacker to be able to use that access to open your front door. (Whether that's a likely attack scenario is worth another discussion of course.)
technyon
commented
1 year ago I mean if that's issue, maybe it's better to secure the remote access ... but fair enough. Like I said, restricting all operations like locking, config changes and so on would be easy.
P.S.: Or maybe 3 settings: Allow all, allow only lock, allow none
mclei
commented
1 year ago Yes, the reason is security. I want the person to be really standing in front of the door to open it. So, only the official app should be able to do it.
Home Assistant is complex project and yes, I can try to secure the access, but it will be never 100%. I can try to secure it on MQTT level, and do not allow anybody to post to nuki's topic, but it is still a network access and even more - WiFi connection, that could be abused remotely.
The read-only would be good, as I will still get all the events from the lock. But as I have described, distinguishing between lock and unlock will be even better.
PS: I have already posted this request on Nuki developers forum, to have this limitation directly in Nuki Bridge, but it seems, they do not want to touch it at all, as they have now Smartlock 3 Pro working without Bridge.
technyon
commented
1 year ago I think I'd go for those three settings, as it's a lot easier to implement. And I can't really think of a use case where I only want to unlock but not to lock.
mclei
commented
1 year ago I think I'd go for those three settings, as it's a lot easier to implement. And I can't really think of a use case where I only want to unlock but not to lock.
Yes, its OK. Thanks.
technyon
commented
1 year ago Hi,
you can give this binary a try. There's a drop down in the NUKI Configuration section to set the access level.
technyon
commented
1 year ago Implemented in version 8.23
I would like to be able to limit the available operations through the MQTT. The reason is, that I only trust the native application to allow "unlock" the smartlock. But I still want the full integration with Home Assistant using MQTT, so the state will update in HA or locking.
For example I want to lock the smartlock when some conditions are met, like leaving the home. But to unlock it, I need to use only my phone.
In the Web UI, there can be just checkboxes for every operation, like "unlock", "open", "lock", "ring to open", etc .... and I can enable/disable particular operation. Disabled operations will be just ignored when received through MQTT.