Add method to report fraud

[kozikkamil]

Description

Adds a method to report potential fraud:

1. Gets all labels created by the user in this project
2. Creates a Trust & Safety case for the user (MANUAL event type, HIGH severity)
3. Removes the user from the project (prevents creating more labels)
4. Deletes all the user's labels

Fixes # (issue)

Type of change

Please delete options that are not relevant.

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Document change (fix typo or modifying any markdown files, code comments or anything in the examples folder only)

All Submissions

• Have you followed the guidelines in our Contributing document?
• Have you provided a description?
• Are your changes properly formatted?

New Feature Submissions

• Does your submission pass tests?
• Have you added thorough tests for your new feature?
• Have you commented your code, particularly in hard-to-understand areas?
• Have you added a Docstring?

Changes to Core Features

• Have you written new tests for your core changes, as applicable?
• Have you successfully run tests with your changes locally?
• Have you updated any code comments, as applicable?

---

Note

Introduces a fraud-report flow that files a T&S case, removes a user from a project, and deletes their labels; adds created_by label filtering and a client API to delete project memberships.

• Alignerr:
  • Fraud reporting: New AlignerrProject.report_fraud(user_id, reason, custom_metadata) orchestrates:
    • Fetch user’s labels (_get_user_labels)
    • Create T&S case via GraphQL (_create_trust_safety_case)
    • Remove user from project (_remove_user_from_project using client delete_project_memberships)
    • Bulk delete labels (_delete_user_labels)
• Labelbox SDK – Project:
  • Project.labels(..., created_by=...): add filter to query labels by creator (user ID or User).
  • Project.delete_labels_by_user(user_id): soft-delete labels for a user in chunks.
• Labelbox SDK – Client:
  • Client.delete_project_memberships(project_id, user_ids): GraphQL mutation to remove users from a project.

^{Written by Cursor Bugbot for commit 2ce41dc. This will update automatically on new commits. Configure here.}

[mrobers1982]

nit: I assume in practice the list of ids is not too long; otherwise we should chunk it.

[mrobers1982]

In the future, you might consider moving this logic to the server.

[cursor]

Bug: Label deletion missing chunking could overwhelm API

The _delete_user_labels method calls Entity.Label.bulk_delete(labels) without chunking, while the similar delete_labels_by_user method in project.py explicitly chunks at 500 with documentation stating this is "to avoid overwhelming the API". The report_fraud method uses the non-chunking version, which could fail when a fraudulent user has many labels—exactly the scenario where large label counts are likely.

Additional Locations (1)

• libs/labelbox/src/labelbox/schema/project.py#L419-L426