diff --git a/arkindex/project/mixins.py b/arkindex/project/mixins.py
index 41ba1a4ff34a9e7bb32617c2abab3f245c5ae6e4..3bde7174d06e5bfcaebbd992a8e76fa2218f88ee 100644
--- a/arkindex/project/mixins.py
+++ b/arkindex/project/mixins.py
@@ -20,6 +20,8 @@ class ACLMixin(object):
     """
     Access control mixin using the generic Right table.
     """
+    _user = None
+
     def __init__(self, user=None):
         self._user = user
 
@@ -33,7 +35,9 @@ class ACLMixin(object):
         # Handle special authentications
         if level <= Role.Guest.value and getattr(instance, 'public', False):
             return True
-        if self.user.is_admin or self.user.is_internal:
+        if self.user.is_anonymous:
+            return False
+        elif self.user.is_admin or self.user.is_internal:
             return True
 
         return instance.memberships.filter(