id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
28262	Using lookup with autocreated fields crashes django admin	Michal Dabski	nobody	"Consider the following models:

{{{
class AuditSession(Model):
    auditor = models.ForeignKey(User)

class Institution(BaseModel):
    name = models.CharField(max_length=100)

class Auditor(BaseModel):
    user = models.OneToOneField(User)
    institution = models.ForeignKey(Institution, null=True, blank=True)
}}}

And the following filter in audit session admin: 
{{{
class AuditSessionAdmin(ModelAdmin):
    list_filter = (
        ('auditor__auditor__institution'),
    )
}}}

As of Django version 1.9 up to the latest release 1.11.1, the above lookup will raise server error when used by raising `DisallowedModelAdminLookup (Filtering by auditor__auditor__institution__id__exact not allowed)`. This is because the lookup uses reverse relation between User and Auditor model.

This lookup passes checks and only crashes when user tries to use the filter. I could not find the reasoning behind the implementation of lookup_allowed and why it would forbid using reverse relations. Nor could I find any documentation for this change in 1.9 release notes.
I have recently upgraded from django 1.8 where this lookup worked perfectly fine."	Bug	new	contrib.admin	1.11	Normal		admin,lookup_allowed		Unreviewed	0	0	0	0	0	0