What is the feature / feedback ?
I run my own forest agent and I would like to use a dedicated DB credentials for Forest Admin (to not have the root DB pwd accessible in a .env file). It is not really possible today because doing so prevents Forest from displaying the “Related Data”, which is very important for Forest usability and overall UX.
What problem does this solve for you?
It’s a security measure. If my server ever gets compromised for whatever reason, I can delete the forest user and/or change its password (vs having my root DB credentials being compromised).
Who else would be using this feature?
Anybody running their own agent and somewhat careful about data security.
Concrete example
I created a forest_user role in my postgresql db, dedicated to forest admin. Pb: “Related data” won’t show whereas it shows if I use my admin db. After careful analysis, the only difference between the admin_user role and the forest_user role is that admin is the owner of the tables.
ChatGPT seems to concur:
Most Likely Explanation [to “Related Data” not working with forest_user role]:
Forest Admin uses introspection via
information_schemaand/or system catalogs, but only surfaces relations where the user is the owner of the referencing table.
In other words:
admin_user sees the related data because it owns the table
forest_user sees the schema but doesn’t own the table, so Forest skips rendering the relation.
This is consistent with other tools (e.g., Prisma, PostgREST) that filter relations based on ownership or full introspection rights.
Do you agree that this is the issue that prevents my forest_user user to be fully functional?
If so, is it something you could fix to allow the use of dedicated DB role for FA without losing the “Related Data” functionality?
