diff --git a/seahub/test_utils.py b/seahub/test_utils.py
index e8221e12c2..fab49d5d1d 100644
--- a/seahub/test_utils.py
+++ b/seahub/test_utils.py
@@ -11,6 +11,8 @@ from seahub.base.accounts import User
 
 
 class Fixtures(Exam):
+    user_password = 'secret'
+    admin_password = 'secret'
 
     @fixture
     def user(self):
@@ -94,6 +96,6 @@ class Fixtures(Exam):
 class BaseTestCase(TestCase, Fixtures):
     def login_as(self, user):
         self.client.post(
-            reverse('auth_login'), {'username': user.username,
+            reverse('auth_login'), {'login': user.username,
                                     'password': 'secret'}
         )
diff --git a/seahub/views/sysadmin.py b/seahub/views/sysadmin.py
index f0ebc9a5e2..79240ceba9 100644
--- a/seahub/views/sysadmin.py
+++ b/seahub/views/sysadmin.py
@@ -1637,7 +1637,7 @@ def sys_sudo_mode(request):
 
     # here we can't use @sys_staff_required
     if not request.user.is_staff:
-        return Http404
+        raise Http404
 
     password_error = False
     if request.method == 'POST':
diff --git a/tests/seahub/views/test_sysadmin.py b/tests/seahub/views/test_sysadmin.py
index e20cea3ce3..72aee493b2 100644
--- a/tests/seahub/views/test_sysadmin.py
+++ b/tests/seahub/views/test_sysadmin.py
@@ -3,7 +3,7 @@ from django.http.cookie import parse_cookie
 from django.test import TestCase
 
 from seahub.base.accounts import User
-from seahub.test_utils import Fixtures
+from seahub.test_utils import Fixtures, BaseTestCase
 
 from seaserv import ccnet_threaded_rpc
 
@@ -119,3 +119,28 @@ class UserRemoveTest(TestCase, Fixtures):
         self.assertEqual(302, resp.status_code)
         assert 'Successfully deleted %s' % username in parse_cookie(resp.cookies)['messages']
         assert len(ccnet_threaded_rpc.search_emailusers('DB', username, -1, -1))  == 0
+
+
+class SudoModeTest(BaseTestCase):
+    def test_normal_user_raise_404(self):
+        self.login_as(self.user)
+
+        resp = self.client.get(reverse('sys_sudo_mode'))
+        self.assertEqual(404, resp.status_code)
+
+    def test_admin_get(self):
+        self.login_as(self.admin)
+
+        resp = self.client.get(reverse('sys_sudo_mode'))
+        self.assertEqual(200, resp.status_code)
+        self.assertTemplateUsed('sysadmin/sudo_mode.html')
+
+    def test_admin_post(self):
+        self.login_as(self.admin)
+
+        resp = self.client.post(reverse('sys_sudo_mode'), {
+            'username': self.admin.username,
+            'password': self.admin_password,
+        })
+        self.assertEqual(302, resp.status_code)
+        self.assertRedirects(resp, reverse('sys_useradmin'))