#!/opt/homebrew/bin/python3

# Process JSON output from 1Password CLI to rename imported vaults, grant admins manage access, and delete old vaults.
# run `op signin` prior to running script.
# script takes as input the output from `op vault list --group Owners --format=jsonimport json, sys, pathlib, subprocess > filename.json`

def main():
    # grab filename and validate exists: 
    if len(sys.argv) != 2:
        sys.exit("Error: Please provide one filename as argument")
    input_file = sys.argv[1]
    for filename in input_file:
        if not pathlib.Path(filename).is_file():
            sys.exit("Error: File not found.")
        # open file and parse vault records: 
        with open(filename, 'r') as f:
            vaults = json.load(f)
        # iterate through each vault in the JSON file
        for vault in vaults:
            if vault["name"].startswith("Imported "):
                # rename the vault and add 'manage' permissions for Administrators group. Can substitute a group ID instead of group name. 
                # Printed out commands on first run to verify output before translating to subprocess.run() format -- couldn't figure out
                # how to "print" that command to a variable to pass to subprocess.run()...
                #print("op vault edit", vault["id"], "--name", vault["name"].replace['Imported ', ''])
                #print("op vault group grant --vault", vault['id'], "--group Administrators --permissions manage_vault")
                subprocess.run(["op", "vault", "edit", vault["id"], "--name", vault["name"].replace('Imported ', '')])
                subprocess.run(["op", "vault", "group", "grant", "--vault", vault["id"], "--group", "Administrators","--permissions","manage_vault"])
            if vault["name"].startswith("Shared-"):
                # delete the old/test vaults named as specified.
                #print("op vault rm", vault['id'])
                subprocess.run(["op", "vault", "rm", vault["id"]])

if __name__ == '__main__':
  main()