diff --git a/polar/users.polar b/polar/users.polar
index 63bd806..97f91cd 100644
--- a/polar/users.polar
+++ b/polar/users.polar
@@ -14,7 +14,7 @@ allow_field(user: User, _: Read, other_user: User, field) if
 allow_field(_, _: Read, _other_user: User, field: String) if
     field in ["created_at", "name", "role"];
 
-## admins can change everything for a user except the password
+## admins can update everything for a user except the password
 allow(user: User, update: UpdateUser, _other_user: User) if
     user.role = Role::Admin and
     update.password = nil;
@@ -30,7 +30,7 @@ allow(user: User, update: UpdateUser, other_user: User) if
 ## users can update themselves but not their role
 allow(user: User, update: UpdateUser, other_user: User) if
     user.id = other_user.id and
-    changes.role = nil;
+    update.role = nil;
 
 ## admins can delete other users
 allow(user: User, _: Delete, _other_user: User) if
diff --git a/src/main.rs b/src/main.rs
index 503715a..77a8c90 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -25,7 +25,10 @@ async fn main() -> anyhow::Result<()> {
     }
 
     if std::env::var_os("RUST_LOG").is_none() {
-        std::env::set_var("RUST_LOG", "mixini_server=debug,tower_http=debug")
+        std::env::set_var(
+            "RUST_LOG",
+            "mixini_server=debug,tower_http=debug,sea_orm=debug",
+        )
     }
     tracing_subscriber::fmt::init();
     server::run().await