To reproduce:

• In Differential or Diffusion, issue a query like "Responsible Users: epriestley, Authors or Auditors or Reviewers: alice".

Expected result:

• Query matches only audits/revisions with specific authors or auditors or reviewers.

Actual result:

• Query also matches audits/revisions where you or some project or package are a member of are an author/auditor/reviewer.

Diffusion example:

Differential example:

The way we build these queries ends up with WHERE clauses that are too permissive for these fields on one half of the UNION'd subquery.