#!/usr/bin/perl
use strict;
use warnings;

my $DEBUG = 1;

my $u = $ENV{USR} || $ENV{USER}; # Set default user to check permissions for
warn "DEBUG: Testing permissions against user '$u'\n" if $DEBUG;
my $g;
my $o;

my %P;
my $file;

while( $file = <STDIN> ) {
    chomp($file);
    if ($file && -e $file) {
        my @F = split /\//, $file;
        while(@F){
            $P{ join("/", @F) || "/" } = 0; # Build a list of Fully Qualified paths. Deduplicated.
            pop @F;
            $F[-1] .= "/" if @F; # also add the root path to check
        };
    }else{
        warn "Could not find file '$file' (maybe run this as root to get access to the file?)\n";
    }
}

for my $k (sort keys %P) {
    my @A = `getfacl "$k" 2>/dev/null | grep -v -e default: -e file:`; # grab output
    ($o) = map { /# owner: (\S+)/ } @A; # Get the file owner
    ($g) = map { /# group: (\S+)/ } @A; # Get the file group
    grep { s/user::/USER:$o:/} @A; # make native Linux dir/file permissions uppercase
    grep { s/group::/GROUP:$g:/} @A; # idem
    grep { s/other::/OTHER::/} @A; # idem
    $P{$k} = join "\n", grep { !/^#/ && /$u|^other/i } @A;
    $P{$k} =~ s/:[^:]+effective:/:/; # consider only effective permissions
    $P{$k} =~ s/\S+:---//g; #remove empty permissions
    $P{$k} =~ s/(?:user|group):[\s\S]*\K(other:.*)//mi;
    $P{$k} =~ s/[\n\r\s]+/ /g; # remove newlines
    $P{$k} = '---' if $P{$k} eq " "; # if no permissions, default to ---
};
for my $k (sort keys %P){
    print "$k $P{$k}\n";
}