Ensure WSGIPublisher starts / ends interaction.

Make it analogous to the ZServer publisher.

Cherry-pick 41594f6d from master.

doc/CHANGES.rst

@@ -181,6 +181,11 @@ http://docs.zope.org/zope2/
   Ported the ``shiftNameToApplication`` implementation from zope.publisher to
   ZPublisher.HTTPRequest.HTTPRequest.
 
+- Ensure that the ``WSGIPublisher`` begins and ends an *interaction*
+  at the request/response barrier. This is required for instance for
+  the ``checkPermission`` call to function without an explicit
+  ``interaction`` parameter.
+
 - Ensure that ObjectManager's ``get`` and ``__getitem__`` methods return only
   "items" (no attributes / methods from the class or from acquisition).
   Thanks to Richard Mitchell at Netsight for the report.

src/ZPublisher/WSGIPublisher.py

@@ -19,6 +19,7 @@ import transaction
 from zExceptions import Redirect
 from zExceptions import Unauthorized
 from zope.event import notify
+from zope.security.management import newInteraction, endInteraction
 from zope.publisher.skinnable import setDefaultSkin
 from ZServer.medusa.http_date import build_http_date
 
@@ -165,6 +166,7 @@ def publish(request, module_name,
     ) = _get_module_info(module_name)
 
     notify(PubStart(request))
+    newInteraction()
     request.processInputs()
     response = request.response
 
@@ -205,6 +207,8 @@ def publish(request, module_name,
     if result is not response:
         response.setBody(result)
 
+    endInteraction()
+
     notify(PubBeforeCommit(request))
     return response