Clamp to perms

src/registrar/models/user.py

@@ -301,6 +301,11 @@ class User(AbstractUser):
             or self._has_portfolio_permission(User.UserPortfolioPermissionChoices.VIEW_CREATED_REQUESTS)
             # or self._has_portfolio_permission(User.UserPortfolioPermissionChoices.EDIT_REQUESTS)
         )
+    
+    
+    def has_view_all_domains_permission(self):
+        """Determines if the current user can view all available domains in a given portfolio"""
+        return self._has_portfolio_permission(User.UserPortfolioPermissionChoices.VIEW_ALL_DOMAINS)
 
     @classmethod
     def needs_identity_verification(cls, email, uuid):

src/registrar/utility/csv_export.py

@@ -578,8 +578,15 @@ class DomainDataTypeUser(DomainDataType):
             # Return nothing
             return Q(id__in=[])
 
-        user_domain_roles = UserDomainRole.objects.filter(user=request.user)
-        domain_ids = user_domain_roles.values_list("domain_id", flat=True)
+        if (
+            request.user.has_base_portfolio_permission() and 
+            request.user.has_view_all_domains_permission()
+        ):
+            models = DomainInformation.objects.filter(portfolio=request.user.portfolio)
+        else:
+            models = UserDomainRole.objects.filter(user=request.user)
+
+        domain_ids = models.values_list("domain_id", flat=True)
         return Q(domain__id__in=domain_ids)