v0.11.26 new rules for default admin user

backend/src/models/db.js

@@ -283,8 +283,8 @@ async function seedAdmin(schema) {
   if (!existing) {
     const hash = bcrypt.hashSync(adminPass, 10);
     const ur = await queryResult(schema, `
-      INSERT INTO users (name, email, password, role, status, is_default_admin, must_change_password)
-      VALUES ($1, $2, $3, 'admin', 'active', TRUE, TRUE) RETURNING id
+      INSERT INTO users (name, email, password, role, status, is_default_admin, must_change_password, avatar)
+      VALUES ($1, $2, $3, 'admin', 'active', TRUE, TRUE, '/avatar/admin.png') RETURNING id
     `, [adminName, adminEmail, hash]);
     const adminId = ur.rows[0].id;
 
@@ -312,6 +312,10 @@ async function seedAdmin(schema) {
   }
 
   console.log(`[DB:${schema}] Default admin exists (id=${existing.id})`);
+  // Always ensure admin has the fixed avatar
+  await exec(schema,
+    "UPDATE users SET avatar='/avatar/admin.png', updated_at=NOW() WHERE is_default_admin=TRUE AND (avatar IS NULL OR avatar != '/avatar/admin.png')"
+  );
   if (pwReset) {
     const hash = bcrypt.hashSync(adminPass, 10);
     await exec(schema,