When querying accessible review groups with the permission allowing a

user to see invite-only groups and without restricting to visible review

groups, the query would only return groups that the user is a member of.

This isn't correct behavior, as they should have seen all applicable

review groups, regardless of membership.
The reason this failed was that we had a part of the query that checked

if a user was a member, and this was meant to be an OR on top of other

accessibility checks. In this case, those were turned off, meaning the

only check left was the membership check.
This is not a security issue. It didn't expose any information. Quite

the opposite: It prevented users from seeing information they had access

to with this specific set of flags.
The logic now avoids the membership check in this particular case.

All unit tests passed. Verified they failed prior to this test.
Tested this with some other in-progress fixes, which exposed this bug.