diff --git a/cms/djangoapps/contentstore/tests/test_course_index.py b/cms/djangoapps/contentstore/tests/test_course_index.py
index f268eaf5f1..ec0c0b1f8e 100644
--- a/cms/djangoapps/contentstore/tests/test_course_index.py
+++ b/cms/djangoapps/contentstore/tests/test_course_index.py
@@ -1,29 +1,48 @@
 """
 Unit tests for getting the list of courses and the course outline.
 """
-from django.core.urlresolvers import reverse
+import json
 import lxml
+from django.core.urlresolvers import reverse
 
 from contentstore.tests.utils import CourseTestCase
 from xmodule.modulestore.django import loc_mapper
-from django.core.exceptions import PermissionDenied
+from xmodule.modulestore.tests.factories import CourseFactory
+from xmodule.modulestore import parsers
 
 class TestCourseIndex(CourseTestCase):
     """
     Unit tests for getting the list of courses and the course outline.
     """
-    def test_index(self):
+    def setUp(self):
+        """
+        Add a course with odd characters in the fields
+        """
+        super(TestCourseIndex, self).setUp()
+        # had a problem where index showed course but has_access failed to retrieve it for non-staff
+        self.odd_course = CourseFactory.create(
+            org='test.org_1-2',
+            number='test-2.3_course',
+            display_name='dotted.course.name-2',
+        )
+
+
+    def check_index_and_outline(self, authed_client):
         """
         Test getting the list of courses and then pulling up their outlines
         """
         index_url = reverse('contentstore.views.index')
-        index_response = self.client.get(index_url, {}, HTTP_ACCEPT='text/html')
+        index_response = authed_client.get(index_url, {}, HTTP_ACCEPT='text/html')
         parsed_html = lxml.html.fromstring(index_response.content)
         course_link_eles = parsed_html.find_class('course-link')
+        self.assertGreaterEqual(len(course_link_eles), 2)
         for link in course_link_eles:
-            self.assertRegexpMatches(link.get("href"), r'course/\w+\.\w+\.\w+.*/branch/\w+/block/.*')
+            self.assertRegexpMatches(
+                link.get("href"),
+                r'course/{0}+/branch/{0}+/block/{0}+'.format(parsers.ALLOWED_ID_CHARS)
+            )
             # now test that url
-            outline_response = self.client.get(link.get("href"), {}, HTTP_ACCEPT='text/html')
+            outline_response = authed_client.get(link.get("href"), {}, HTTP_ACCEPT='text/html')
             # ensure it has the expected 2 self referential links
             outline_parsed = lxml.html.fromstring(outline_response.content)
             outline_link = outline_parsed.find_class('course-link')[0]
@@ -31,6 +50,12 @@ class TestCourseIndex(CourseTestCase):
             course_menu_link = outline_parsed.find_class('nav-course-courseware-outline')[0]
             self.assertEqual(course_menu_link.find("a").get("href"), link.get("href"))
 
+    def test_is_staff_access(self):
+        """
+        Test that people with is_staff see the courses and can navigate into them
+        """
+        self.check_index_and_outline(self.client)
+
     def test_negative_conditions(self):
         """
         Test the error conditions for the access
@@ -38,6 +63,28 @@ class TestCourseIndex(CourseTestCase):
         locator = loc_mapper().translate_location(self.course.location.course_id, self.course.location, False, True)
         outline_url = reverse('contentstore.views.course_handler', kwargs={'course_url': unicode(locator)})
         # register a non-staff member and try to delete the course branch
-        non_staff_client = self.createNonStaffAuthedUserClient()
+        non_staff_client, _ = self.createNonStaffAuthedUserClient()
         response = non_staff_client.delete(outline_url, {}, HTTP_ACCEPT='application/json')
         self.assertEqual(response.status_code, 403)
+
+    def test_course_staff_access(self):
+        """
+        Make and register an course_staff and ensure they can access the courses
+        """
+        course_staff_client, course_staff = self.createNonStaffAuthedUserClient()
+        for course in [self.course, self.odd_course]:
+            permission_url = reverse("course_team_user", kwargs={
+                "org": course.location.org,
+                "course": course.location.course,
+                "name": course.location.name,
+                "email": course_staff.email,
+            })
+            self.client.post(
+                permission_url,
+                data=json.dumps({"role": "staff"}),
+                content_type="application/json",
+                HTTP_ACCEPT="application/json",
+            )
+
+        # test access
+        self.check_index_and_outline(course_staff_client)
diff --git a/cms/djangoapps/contentstore/tests/utils.py b/cms/djangoapps/contentstore/tests/utils.py
index 6a227d9a80..29c9e59d82 100644
--- a/cms/djangoapps/contentstore/tests/utils.py
+++ b/cms/djangoapps/contentstore/tests/utils.py
@@ -78,4 +78,4 @@ class CourseTestCase(ModuleStoreTestCase):
 
         client = Client()
         client.login(username=uname, password=password)
-        return client
+        return client, nonstaff