user checks on read procs

src/Sql/Sql.sqlproj

@@ -172,5 +172,6 @@
     <Build Include="dbo\Stored Procedures\SubvaultUser_ReadPermissionsBySubvaultUserId.sql" />
     <Build Include="dbo\UserDefinedTypes\GuidIdArray.sql" />
     <Build Include="dbo\Stored Procedures\Cipher_UpdateWithSubvaults.sql" />
+    <Build Include="dbo\Stored Procedures\CipherDetails_ReadByIdUserId.sql" />
   </ItemGroup>
 </Project>

src/Sql/dbo/Stored Procedures/CipherDetails_ReadByIdUserId.sql

@@ -0,0 +1,24 @@
+CREATE PROCEDURE [dbo].[CipherDetails_ReadByIdUserId]
+    @Id UNIQUEIDENTIFIER,
+    @UserId UNIQUEIDENTIFIER
+AS
+BEGIN
+    SET NOCOUNT ON
+
+    SELECT DISTINCT
+        C.*
+    FROM
+        [dbo].[CipherDetailsView] C
+    LEFT JOIN
+        [dbo].[SubvaultCipher] SC ON SC.[CipherId] = C.[Id]
+    LEFT JOIN
+        [dbo].[SubvaultUser] SU ON SU.[SubvaultId] = SC.[SubvaultId]
+    LEFT JOIN
+        [dbo].[OrganizationUser] OU ON OU.[Id] = SU.[OrganizationUserId]
+    WHERE
+        C.Id = @Id
+        AND (
+            (C.[UserId] IS NOT NULL AND C.[UserId] = @UserId)
+            OR (OU.[UserId] = @UserId AND OU.[Status] = 2) -- 2 = Confirmed
+        )
+END

src/Sql/dbo/Stored Procedures/CipherDetails_ReadByTypeUserId.sql

@@ -5,11 +5,20 @@ AS
 BEGIN
     SET NOCOUNT ON
 
-    SELECT
-        *
+    SELECT DISTINCT
+        C.*
     FROM
-        [dbo].[CipherDetailsView]
+        [dbo].[CipherDetailsView] C
+    LEFT JOIN
+        [dbo].[SubvaultCipher] SC ON SC.[CipherId] = C.[Id]
+    LEFT JOIN
+        [dbo].[SubvaultUser] SU ON SU.[SubvaultId] = SC.[SubvaultId]
+    LEFT JOIN
+        [dbo].[OrganizationUser] OU ON OU.[Id] = SU.[OrganizationUserId]
     WHERE
-        [Type] = @Type
-        AND [UserId] = @UserId
+        C.[Type] = @Type
+        AND (
+            (C.[UserId] IS NOT NULL AND C.[UserId] = @UserId)
+            OR (OU.[UserId] = @UserId AND OU.[Status] = 2) -- 2 = Confirmed
+        )
 END

src/Sql/dbo/Stored Procedures/CipherDetails_ReadByUserId.sql

@@ -16,5 +16,5 @@ BEGIN
         [dbo].[OrganizationUser] OU ON OU.[Id] = SU.[OrganizationUserId]
     WHERE
         (C.[UserId] IS NOT NULL AND C.[UserId] = @UserId)
-        OR OU.[UserId] = @UserId
+        OR (OU.[UserId] = @UserId AND OU.[Status] = 2) -- 2 = Confirmed
 END

src/Sql/dbo/Stored Procedures/CipherDetails_ReadByUserIdHasSubvault.sql

@@ -15,5 +15,6 @@ BEGIN
     INNER JOIN
         [dbo].[OrganizationUser] OU ON OU.[Id] = SU.[OrganizationUserId]
     WHERE
-        [OU].[UserId] = @UserId
+        OU.[UserId] = @UserId 
+        AND OU.[Status] = 2 -- 2 = Confirmed
 END