backend/scripts/seed_test_users.py

@@ -80,7 +80,10 @@ def _display_code() -> str:
 
 
 async def main() -> None:
-    engine = create_async_engine(settings.DATABASE_URL, echo=False)
+    # Must use ADMIN_DATABASE_URL (BYPASSRLS) — Phase 4 enabled RLS on users.
+    # The app-role connection has no tenant context at seed time and would see 0 rows.
+    admin_url = getattr(settings, "ADMIN_DATABASE_URL", None) or settings.DATABASE_URL
+    engine = create_async_engine(admin_url, echo=False)
     password_hash = get_password_hash(SHARED_PASSWORD)
     now = datetime.now(timezone.utc)
     team_account_id: uuid.UUID | None = None