Edits.

django/contrib/auth/backends.py

@@ -134,20 +134,19 @@ def with_perm(self, perm, is_active=True, include_superusers=True, obj=None):
         if obj is not None:
             return UserModel._default_manager.none()
 
-        q0 = Q(group__user=OuterRef('pk')) | Q(user=OuterRef('pk'))
+        permission_q = Q(group__user=OuterRef('pk')) | Q(user=OuterRef('pk'))
         if isinstance(perm, Permission):
-            q0 &= Q(pk=perm.pk)
+            permission_q &= Q(pk=perm.pk)
         else:
-            q0 &= Q(codename=codename, content_type__app_label=app_label)
+            permission_q &= Q(codename=codename, content_type__app_label=app_label)
 
-        q1 = Q(has_permission=True)
+        user_q = Exists(Permission.objects.filter(permission_q))
         if include_superusers:
-            q1 |= Q(is_superuser=True)
+            user_q |= Q(is_superuser=True)
         if is_active is not None:
-            q1 &= Q(is_active=is_active)
+            user_q &= Q(is_active=is_active)
 
-        has_permission = Exists(Permission.objects.filter(q0))
-        return UserModel._default_manager.annotate(has_permission=has_permission).filter(q1)
+        return UserModel._default_manager.filter(user_q)
 
     def get_user(self, user_id):
         try:

docs/releases/3.0.txt

@@ -127,6 +127,7 @@ Minor features
 
 * :attr:`~django.contrib.auth.models.CustomUser.REQUIRED_FIELDS` now supports
   :class:`~django.db.models.ManyToManyField`\s.
+
 * The new
   :meth:`UserManager.with_perm() <django.contrib.auth.models.UserManager.with_perm>`
   method returns all users that have the specified permission.