fix: Auto-provision dev-bypass-user with Admin roles on startup

create_mock_user.py

@@ -0,0 +1,49 @@
+import firebase_admin
+from firebase_admin import credentials, firestore
+import json
+import os
+
+# Manual init for script
+FIREBASE_CREDENTIALS_PATH = "serviceAccountKey.json"
+STORAGE_BUCKET = "bussymath.firebasestorage.app"
+
+if not firebase_admin._apps:
+    with open(FIREBASE_CREDENTIALS_PATH, "r", encoding="utf-8") as f:
+        cred_dict = json.load(f)
+    cred = credentials.Certificate(cred_dict)
+    firebase_admin.initialize_app(cred, {
+        'storageBucket': STORAGE_BUCKET
+    })
+
+db = firestore.client()
+
+def create_mock_user():
+    uid = "dev-bypass-user"
+    user_ref = db.collection('users').document(uid)
+    
+    today = "2026-03-12" # Static for bypass
+    month = "2026-03"
+    
+    user_data = {
+        'uid': uid,
+        'name': 'Dev Bypass User',
+        'status': 'approved',
+        'tier': 'student_premium',
+        'used_today': 0,
+        'used_tokens_this_month': 0,
+        'monthly_token_budget': 9999999,
+        'last_usage_month': month,
+        'quota': {
+            'limit': 9999,
+            'used_today': 0,
+            'last_reset_date': today,
+        },
+        'isAdmin': True,
+        'role': 'admin'
+    }
+    
+    user_ref.set(user_data, merge=True)
+    print(f"✅ Created mock user: {uid}")
+
+if __name__ == "__main__":
+    create_mock_user()

main.py

@@ -90,6 +90,34 @@ def verify_system_health():
     else:
         logger.info("✅ [HEALTH-CHECK] GOOGLE_API_KEY is detected.")
 
+def _ensure_dev_admin_exists():
+    """V5.9.6: Ensures dev-bypass-user exists with admin role in DEV mode."""
+    if IS_PRODUCTION:
+        return
+        
+    try:
+        db = firebase_manager.get_db()
+        if not db:
+            return
+            
+        uid = "dev-bypass-user"
+        user_ref = db.collection('users').document(uid)
+        doc = user_ref.get()
+        
+        # We always merge to ensure roles are correct even if doc exists
+        user_ref.set({
+            'uid': uid,
+            'name': 'Dev Bypass User (Admin)',
+            'isAdmin': True,
+            'role': 'admin',
+            'status': 'approved',
+            'tier': 'student_premium',
+            'monthly_token_budget': 9999999
+        }, merge=True)
+        logger.info(f"🛡️ [STARTUP] Dev admin user '{uid}' provisioned/verified.")
+    except Exception as e:
+        logger.error(f"❌ [STARTUP] Failed to provision dev admin: {e}")
+
 # --- INFRA HARDENING: Lifespan Context Manager ---
 @asynccontextmanager
 async def lifespan(app: FastAPI):
@@ -101,6 +129,9 @@ async def lifespan(app: FastAPI):
     loop.set_exception_handler(custom_async_exception_handler)
     logger.info("🛡️ [STARTUP] Global Async Exception Handler registered.")
     
+    # V5.9.6: Provision dev admin if needed
+    _ensure_dev_admin_exists()
+    
     yield # Yield control back to FastAPI
     
     # Shutdown Phase