Thank. I also don't see a command to extract a list of objects which have a certain user & group assigned to it.
If you are looking for a command to extract list of objects to which the specified user/group have permission, you can make use of infacmd getDomainObjectPermissions command.
Refer to following article for more information: Support
That won't help here because infacmd.sh cannot work on the contents of a PowerCenter repository. You have to stick with pmrep and pmcmd (in this case, pmrep will be the tool of choice).
Unfortunately there's no command (which I know of) to extract the permissions per repository folder. And to be honest my knowledge of the repository details doesn't extend to the point where I could tell you how the folder permissions are stored exactly. So don't have any repository query to retrieve this information.
In case your folders are organised by "project", the following idea might work for you.
Ask each of the "project" managers which folders belong to her/his project(s).
From this list you can prepare a list of "pmrep AssignPermission" statements for all folders which you know of.
For all repository folders not contained within this list, create kind of a "dummy" assignment to some repository manager.
Once you have created the security domains in your Informatica domain, synchronise users and groups (in the domain and to the repository), then run these assignment statements. This way all folders have the permissions your developers need (at least as far as they told you).
Now if any project manager or developer needs additional folder permissions beyond those from the statements executed earlier, they have to ask you to give them the needed permissions. If your project managers did their job well, this will not happen at all because they did tell you in advance which folders they need access to.