do not skip privacy level check on unauthenticated user

Bengfort requested to merge avoid-skip-privacy-level into main

We do not currently use this mixin without also requiring authentication. Still this is a potential footgun.

Note that PermissionRequiredMixin must come after this one, so in thise code the regulat authentication/permission checks have not yet run.

Merge request reports