diff --git a/adminlte2_pdq/middleware.py b/adminlte2_pdq/middleware.py
index a2fc91fef0d435918f2e921e1fbf873c6b56ac3c..0463a6f315ceadc6efe27cb2a39d764ba195d0e6 100644
--- a/adminlte2_pdq/middleware.py
+++ b/adminlte2_pdq/middleware.py
@@ -120,6 +120,7 @@ class AuthMiddleware:
current_url_name in STRICT_POLICY_WHITELIST
or fully_qualified_url_name in STRICT_POLICY_WHITELIST
or path in STRICT_POLICY_WHITELIST
+ or app_name == 'admin'
):
exempt = True
diff --git a/tests/test_middleware.py b/tests/test_middleware.py
index 160a16d7cb7a237149d7ea50dcaea367e1fe84c6..00871fb51abb0f57fbb3e3839d2e32080383bfa1 100644
--- a/tests/test_middleware.py
+++ b/tests/test_middleware.py
@@ -328,6 +328,25 @@ class MiddlewareTestCase(TestCase):
self.assertEqual(response.status_code, 200)
self.assertContains(response, "Demo CSS")
+ # **************************************************************************
+ # Logged In User - All Perms - Staff Status - Can see Admin page.
+ # **************************************************************************
+
+ @patch('adminlte2_pdq.middleware.LOGIN_REQUIRED', True)
+ @patch('adminlte2_pdq.middleware.STRICT_POLICY', True)
+ def test_middleware_allows_admin_when_user_logged_in_login_on_strict_on_login_wl_on_strict_wl_on(self):
+ """test_middleware_allows_admin_when_user_logged_in_login_on_strict_on_login_wl_on_strict_wl_on"""
+ self.test_user_w_perms.is_staff = True
+ self.test_user_w_perms.save()
+ self.client.force_login(self.test_user_w_perms)
+ response = self.client.get(
+ reverse('admin:auth_user_changelist'),
+ follow=True
+ )
+ print(response.content.decode())
+ self.assertEqual(response.status_code, 200)
+ self.assertContains(response, "Select user to change")
+
# **************************************************************************
# Logged In User - All Perms - Visiting 404
# **************************************************************************