In the current implementation, a change may only be set to private by
its owner. In cases where a user has uploaded a change that should be
private (i.e. they have accidentally included sensitive information),
but the user is not available or not responding to requests to set it
private, the site administrator should be able to set it.
In future we may also want to allow project owners to set other users'
changes to private. This is not done in this commit as it is not yet
clear if the project owner related permission checks are going to be
migrated to the new permission backend.
Change-Id: I48da68e823c4e3fc5f58f21acb4e26d193606978
540c84296d