#!/usr/bin/env ruby
# Usage: ssh-list-authorized-keys [username]

load "#{File.dirname(__FILE__)}/common.rb"

all_users = load_all_users.values

groupnames = ARGV & cfg["ssh_pseudo_users"]
usernames = ARGV & all_users.map{|u|u["username"]}

users = all_users.find_all{|u|
	# [ username was listed         ] or [ the user is in a listed group     ]
	usernames.include?(u["username"]) or not (u["groups"] & groupnames).empty?
}

# Buffer the output to avoid EPIPE when the reader hangs up early
output=""
users.each do |user|
	if user["ssh_keys"]
		user["ssh_keys"].each do |addr,key|
			output+="#{key} #{user["fullname"]} (#{user["username"]}) <#{addr}>\n"
		end
	end
end
print output
