fix: read real users from eventify-django SQLite via secondary database

The admin_api was querying eventify-backend's empty PostgreSQL. Real users
live in eventify-django's SQLite (db.sqlite3 on host). Fix:

- settings.py: auto-adds 'users_db' database config when users_db.sqlite3
  is mounted into the container (read-only volume in docker-compose)
- views.py: _user_db() helper selects the correct database alias;
  _user_qs() defers 'partner' field (absent from older SQLite schema)
- UserMetricsView, UserListView, UserDetailView, UserStatusView all use
  _user_qs() so they query the 25 real registered customers

admin_api/views.py

@@ -488,6 +488,19 @@ _USER_ROLE_MAP = {
     'partner_staff': 'Partner', 'partner_customer': 'Partner',
 }
 
+def _user_db():
+    """Return the database alias that holds real user data.
+    Uses 'users_db' (SQLite from eventify-django) when mounted, else 'default'."""
+    from django.conf import settings
+    return 'users_db' if 'users_db' in settings.DATABASES else 'default'
+
+
+def _user_qs(User):
+    """Base queryset for end-user lookups: correct database, partner field deferred
+    (SQLite schema predates the partner_id column added in eventify-backend)."""
+    return User.objects.using(_user_db()).defer('partner')
+
+
 def _serialize_user(u):
     full_name = f'{u.first_name} {u.last_name}'.strip() or u.username
     role_key = u.role if u.role else ('customer' if getattr(u, 'is_customer', False) else 'staff')
@@ -540,7 +553,7 @@ class UserMetricsView(APIView):
         today = timezone.now().date()
         week_ago = today - datetime.timedelta(days=7)
         # Customers = all non-superuser accounts (end users registered via mobile/web)
-        customer_qs = User.objects.filter(is_superuser=False)
+        customer_qs = _user_qs(User).filter(is_superuser=False)
         return Response({
             'total':       customer_qs.count(),
             'active':      customer_qs.filter(is_active=True).count(),
@@ -557,7 +570,7 @@ class UserListView(APIView):
         from django.db.models import Q
         User = get_user_model()
         # Customers = all non-superuser accounts (end users registered via mobile/web)
-        qs = User.objects.filter(is_superuser=False)
+        qs = _user_qs(User).filter(is_superuser=False)
         if s := request.GET.get('status'):
             if s == 'Active':
                 qs = qs.filter(is_active=True)
@@ -591,7 +604,7 @@ class UserDetailView(APIView):
         from django.contrib.auth import get_user_model
         from django.shortcuts import get_object_or_404
         User = get_user_model()
-        u = get_object_or_404(User, pk=pk)
+        u = get_object_or_404(_user_qs(User), pk=pk)
         return Response(_serialize_user(u))
 
 
@@ -602,7 +615,7 @@ class UserStatusView(APIView):
         from django.contrib.auth import get_user_model
         from django.shortcuts import get_object_or_404
         User = get_user_model()
-        u = get_object_or_404(User, pk=pk)
+        u = get_object_or_404(_user_qs(User), pk=pk)
         action = request.data.get('action')
         if action in ('suspend', 'ban'):
             u.is_active = False

eventify/settings.py

@@ -176,3 +176,16 @@ SIMPLE_JWT = {
     'USER_ID_FIELD': 'id',
     'USER_ID_CLAIM': 'user_id',
 }
+
+# ---------------------------------------------------------------------------
+# Secondary read-only database: real user data from eventify-django SQLite
+# Activated automatically when users_db.sqlite3 is mounted into the container
+# ---------------------------------------------------------------------------
+import os as _os
+_sqlite_users = BASE_DIR / 'users_db.sqlite3'
+if _os.path.exists(_sqlite_users):
+    DATABASES['users_db'] = {
+        'ENGINE': 'django.db.backends.sqlite3',
+        'NAME': _sqlite_users,
+        'OPTIONS': {'check_same_thread': False},
+    }