priv/repo/seeds.exs

@@ -202,6 +202,37 @@ admin_user_with_role =
       raise "Failed to load admin user: #{inspect(error)}"
   end
 
+# Create system user for systemic operations (email sync, validations, cycle generation)
+# This user is used by Mv.Helpers.SystemActor for operations that must always run
+system_user_email = "system@mila.local"
+
+case Accounts.User
+     |> Ash.Query.filter(email == ^system_user_email)
+     |> Ash.read_one(domain: Mv.Accounts) do
+  {:ok, existing_system_user} when not is_nil(existing_system_user) ->
+    # System user already exists - ensure it has admin role
+    existing_system_user
+    |> Ash.Changeset.for_update(:update, %{})
+    |> Ash.Changeset.manage_relationship(:role, admin_role, type: :append_and_remove)
+    |> Ash.update!()
+
+  {:ok, nil} ->
+    # System user doesn't exist - create it with admin role
+    # Note: No password is set - this user should never be used for login
+    Accounts.create_user!(%{email: system_user_email},
+      upsert?: true,
+      upsert_identity: :unique_email
+    )
+    |> Ash.Changeset.for_update(:update, %{})
+    |> Ash.Changeset.manage_relationship(:role, admin_role, type: :append_and_remove)
+    |> Ash.update!()
+
+  {:error, error} ->
+    # Log error but don't fail seeds - SystemActor will fall back to admin user
+    IO.puts("Warning: Failed to create system user: #{inspect(error)}")
+    IO.puts("SystemActor will fall back to admin user (#{admin_email})")
+end
+
 # Load all membership fee types for assignment
 # Sort by name to ensure deterministic order
 all_fee_types =