Fixed #12557 - AnonymousUser should check auth backends for permissions

Thanks to hvdklauw for the idea and work on the patch.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@12316 bcc190cf-cafb-0310-a4f2-bffc1f526a37

docs/internals/deprecation.txt

@@ -13,9 +13,9 @@ their deprecation, as per the :ref:`Django deprecation policy
           hooking up admin URLs.  This has been deprecated since the 1.1
           release.
 
-        * Authentication backends need to define the boolean attribute
-          ``supports_object_permissions``. The old backend style is deprecated
-          since the 1.2 release.
+        * Authentication backends need to define the boolean attributes
+          ``supports_object_permissions`` and ``supports_anonymous_user``.
+          The old backend style is deprecated since the 1.2 release.
 
     * 1.4
         * ``CsrfResponseMiddleware``.  This has been deprecated since the 1.2
@@ -56,6 +56,11 @@ their deprecation, as per the :ref:`Django deprecation policy
           permission checking. The ``supports_object_permissions`` variable
           is not checked any longer and can be removed.
 
+        * Authentication backends need to support the ``AnonymousUser``
+          being passed to all methods dealing with permissions.
+          The ``supports_anonymous_user`` variable is not checked any
+          longer and can be removed.
+
         * The ability to specify a callable template loader rather than a
           ``Loader`` class will be removed, as will the ``load_template_source``
           functions that are included with the built in template loaders for