Postgres Queries have wrong where clause

SELECT c0."id", c0."first_name", c0."last_name", c0."title", c0."legal_entity_name", c0."is_legal_entity" FROM "contact" AS c0 WHERE (false) []

SELECT c0."id", c0."first_name", c0."last_name", c0."title", c0."legal_entity_name", c0."is_legal_entity" FROM "contact" AS c0 WHERE (false) []

defmodule Demo.Auth.Resources.User do
  @moduledoc """
  The Logged in User
  """
  use Demo.AuditedResource,
    data_layer: AshPostgres.DataLayer,
    extensions: [AshGraphql.Resource]

  attributes do
    uuid_primary_key :id, generated?: false

    attribute :email, :string
    attribute :email_confirmed_at, :utc_datetime

    attribute :contact_id, :uuid

    attribute :features, Demo.Auth.Resources.User.Features

    #  attribute :roles, {:array, :atom}

    create_timestamp :inserted_at
    update_timestamp :updated_at
  end

  rbac do
    bypass(:admin)
    role(:user, [:id, :email, :email_confirmed_at, :contact, :contact_id, :features])
  end

  audit do
    actors?(false)
    timestamps?(false)
  end

  graphql do
    type :user

    queries do
      read_one :user, :current_user
    end
  end

  relationships do
    belongs_to :contact, Demo.CustomerService.Resources.Contact do
      filterable? false
      api Demo.CustomerService.Api
    end
  end

  actions do
    defaults [:read, :create, :update]

    read :current_user do
      get? true
    end
  end

  policies do
    policy always() do
      forbid_unless(actor_present())

      authorize_if(expr(id == type(^actor(:id), Ash.Type.UUID)))

      forbid_if(always())
    end
  end

  postgres do
    repo Demo.Repo
    table "user"
  end
end

defmodule Demo.Auth.Resources.User do
  @moduledoc """
  The Logged in User
  """
  use Demo.AuditedResource,
    data_layer: AshPostgres.DataLayer,
    extensions: [AshGraphql.Resource]

  attributes do
    uuid_primary_key :id, generated?: false

    attribute :email, :string
    attribute :email_confirmed_at, :utc_datetime

    attribute :contact_id, :uuid

    attribute :features, Demo.Auth.Resources.User.Features

    #  attribute :roles, {:array, :atom}

    create_timestamp :inserted_at
    update_timestamp :updated_at
  end

  rbac do
    bypass(:admin)
    role(:user, [:id, :email, :email_confirmed_at, :contact, :contact_id, :features])
  end

  audit do
    actors?(false)
    timestamps?(false)
  end

  graphql do
    type :user

    queries do
      read_one :user, :current_user
    end
  end

  relationships do
    belongs_to :contact, Demo.CustomerService.Resources.Contact do
      filterable? false
      api Demo.CustomerService.Api
    end
  end

  actions do
    defaults [:read, :create, :update]

    read :current_user do
      get? true
    end
  end

  policies do
    policy always() do
      forbid_unless(actor_present())

      authorize_if(expr(id == type(^actor(:id), Ash.Type.UUID)))

      forbid_if(always())
    end
  end

  postgres do
    repo Demo.Repo
    table "user"
  end
end