codeinthehole · October 7, 2025 08:53
diff --git a/list_1pw_user_items.sh b/list_1pw_user_items.sh
 #!/usr/bin/env bash
 # 
 # Print a TSV of items that are accessible by a given user.

 set -e

 export OP_FORMAT=json


 function main() {
    email="$1"

    # Print header
    printf "%s\t%s\t%s\t%s\n" "item_id" "item_name" "vault_name" "access"

    # Print items accessible via a group->vault access route.
    user_groups "$email" | while IFS=$'\t' read -r group_id group_name; do
        group_vaults "$group_id" | while IFS=$'\t' read -r vault_id vault_name; do
            vault_items "$vault_id" | while IFS=$'\t' read -r item_id item_name; do
                printf "%s\t%s\t%s\t%s\n" "$item_id" "$item_name" "$vault_name" "via group '$group_name'"
            done
        done
    done

    # Print items accessible via a direct user assignment to a vault.
    user_vaults "$email" | while IFS=$'\t' read -r vault_id vault_name; do
        vault_items "$vault_id" | while IFS=$'\t' read -r item_id item_name; do
            printf "%s\t%s\t%s\t%s\n" "$item_id" "$item_name" "$vault_name" "via direct vault access"
        done
    done
 }

 function user_groups() {
    op group list --user="$1" | jq -r '.[] | [ .id, .name ] | @tsv'
 }

 function group_vaults() {
    op vault list --group="$1" | jq -r '.[] | [ .id, .name ] | @tsv'
 }

 function vault_items() {
    op item list --vault="$1" | jq -r '.[] | [ .id, .title ] | @tsv'
 }

 function user_vaults() {
    op vault list --user="$1" | jq -r '.[] | [ .id, .name ] | @tsv'
 }

 main "$@"
	#!/usr/bin/env bash
	#
	# Print a TSV of items that are accessible by a given user.

	set -e

	export OP_FORMAT=json


	function main() {
	email="$1"

	# Print header
	printf "%s\t%s\t%s\t%s\n" "item_id" "item_name" "vault_name" "access"

	# Print items accessible via a group->vault access route.
	user_groups "$email" \| while IFS=$'\t' read -r group_id group_name; do
	group_vaults "$group_id" \| while IFS=$'\t' read -r vault_id vault_name; do
	vault_items "$vault_id" \| while IFS=$'\t' read -r item_id item_name; do
	printf "%s\t%s\t%s\t%s\n" "$item_id" "$item_name" "$vault_name" "via group '$group_name'"
	done
	done
	done

	# Print items accessible via a direct user assignment to a vault.
	user_vaults "$email" \| while IFS=$'\t' read -r vault_id vault_name; do
	vault_items "$vault_id" \| while IFS=$'\t' read -r item_id item_name; do
	printf "%s\t%s\t%s\t%s\n" "$item_id" "$item_name" "$vault_name" "via direct vault access"
	done
	done
	}

	function user_groups() {
	op group list --user="$1" \| jq -r '.[] \| [ .id, .name ] \| @tsv'
	}

	function group_vaults() {
	op vault list --group="$1" \| jq -r '.[] \| [ .id, .name ] \| @tsv'
	}

	function vault_items() {
	op item list --vault="$1" \| jq -r '.[] \| [ .id, .title ] \| @tsv'
	}

	function user_vaults() {
	op vault list --user="$1" \| jq -r '.[] \| [ .id, .name ] \| @tsv'
	}

	main "$@"