id summary reporter owner description type status component version severity resolution keywords cc stage has_patch needs_docs needs_tests needs_better_patch easy ui_ux 32097 Staff users cannot acess admin site Jaff Cunha nobody "I'm using Django 3.1.2 and staff users added by superuser in the admin site can't access the same admin site after login. All pages in /admin/ return 403 forbidden error. I'm using Windows 10, Python 3.8.5, inside a virtual environment (venv). My commands were made in Git Bash. It first happened in other project, so i created a new one to try. It's the same error in Firefox, Edge and Chrome. Exactly what i did: **Git Bash:** {{{ $ mkdir test_staff $ cd test_staff/ $ python -m venv venv_dev $ source venv_dev/Scripts/activate $ pip install Django==3.1.2 $ pip list Package Version ---------- ------- asgiref 3.2.10 Django 3.1.2 pip 20.1.1 pytz 2020.1 setuptools 47.1.0 sqlparse 0.4.1 $ django-admin startproject mysite $ cd mysite/ $ python manage.py migrate $ winpty python manage.py createsuperuser username: admin password: 12345 $ python manage.py runserver }}} **Browser:** Login with ""admin"" user: ''http://localhost:8000/admin/login'' Add staff user: ''http://localhost:8000/admin/auth/user/add/'' - username: ''staff_user'' - password: ''Ax47y](U[1fpw;8H2?})'' - Save and continue editing - staff status = True - Save Logout: ''http://localhost:8000/admin/logout/'' Login with ""staff_user"": ''http://localhost:8000/admin/login'' Result: [[Image(https://i.imgur.com/IQgluU2.png)]] **Git Bash:** {{{ [09/Oct/2020 12:49:39] ""GET /admin/ HTTP/1.1"" 200 2282 }}} Other URL: [[Image(https://i.imgur.com/sq2XPXo.png)]] **Git Bash:** {{{ Forbidden (Permission denied): /admin/auth/user/ Traceback (most recent call last): File ""C:\Users\DELL\Documents\github\test_staff\venv_dev\lib\site-packages\django\core\handlers\exception.py"", line 47, in inner response = get_response(request) File ""C:\Users\DELL\Documents\github\test_staff\venv_dev\lib\site-packages\django\core\handlers\base.py"", line 179, in _get_response response = wrapped_callback(request, *callback_args, **callback_kwargs) File ""C:\Users\DELL\Documents\github\test_staff\venv_dev\lib\site-packages\django\contrib\admin\options.py"", line 614, in wrapper return self.admin_site.admin_view(view)(*args, **kwargs) File ""C:\Users\DELL\Documents\github\test_staff\venv_dev\lib\site-packages\django\utils\decorators.py"", line 130, in _wrapped_view response = view_func(request, *args, **kwargs) File ""C:\Users\DELL\Documents\github\test_staff\venv_dev\lib\site-packages\django\views\decorators\cache.py"", line 44, in _wrapped_view_func response = view_func(request, *args, **kwargs) File ""C:\Users\DELL\Documents\github\test_staff\venv_dev\lib\site-packages\django\contrib\admin\sites.py"", line 233, in inner return view(request, *args, **kwargs) File ""C:\Users\DELL\Documents\github\test_staff\venv_dev\lib\site-packages\django\utils\decorators.py"", line 43, in _wrapper return bound_method(*args, **kwargs) File ""C:\Users\DELL\Documents\github\test_staff\venv_dev\lib\site-packages\django\utils\decorators.py"", line 130, in _wrapped_view response = view_func(request, *args, **kwargs) File ""C:\Users\DELL\Documents\github\test_staff\venv_dev\lib\site-packages\django\contrib\admin\options.py"", line 1690, in changelist_view raise PermissionDenied django.core.exceptions.PermissionDenied [09/Oct/2020 12:53:50] ""GET /admin/auth/user/ HTTP/1.1"" 403 135 }}}" Bug closed contrib.admin 3.1 Normal invalid Staff, Admin Site, 403, PermissionDenied Unreviewed 0 0 0 0 0 0