I like the proposed approach.
For me “receive only” means “accept stuff, but don’t alter the cluster with local changes, while being data-safe first and never auto-wipe stuff”. And the described behavior is what would I expect.
Typical use-case: backup/accumulator/replication node, in conjunction with some versioning scheme.
Only minor notice: I think the “override/revert” buttons’ naming will confuse some users (“is remote devices state will be overridden or local?” “revert which changes, local or remote?”). I don’t have a clear solution, but it should emphasize in a non-ambiguous way what is going to be deleted/overwritten.