Skip to content

Non-public schema failure #257 #268

New issue
New issue
Closed
#278
Closed
Non-public schema failure #257#268
#278
Labels
bugSomething isn't working
@MagnusLarsAndersson

Description

@MagnusLarsAndersson
MagnusLarsAndersson
opened on Feb 1, 2026

Bug Description

Still non-public schema failure

Steps to Reproduce

  1. Define user and schema as follows:

    CREATE ROLE hindsight_user LOGIN PASSWORD 'password';
    GRANT CONNECT ON DATABASE postgres TO hindsight_user;
    GRANT TEMPORARY ON DATABASE postgres TO hindsight_user;
    GRANT CREATE ON DATABASE postgres TO hindsight_user;
    GRANT USAGE ON SCHEMA extensions TO hindsight_user;
    GRANT USAGE ON SCHEMA vault TO hindsight_user;
    GRANT USAGE ON SCHEMA graphql TO hindsight_user;
    GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA extensions TO hindsight_user;
    GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA vault TO hindsight_user;
    GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA graphql TO hindsight_user;
    ALTER DEFAULT PRIVILEGES IN SCHEMA extensions GRANT EXECUTE ON FUNCTIONS TO hindsight_user;
    ALTER DEFAULT PRIVILEGES IN SCHEMA vault GRANT EXECUTE ON FUNCTIONS TO hindsight_user;
    ALTER DEFAULT PRIVILEGES IN SCHEMA graphql GRANT EXECUTE ON FUNCTIONS TO hindsight_user;
    ALTER ROLE hindsight_user SET search_path = hindsight, extensions, vault, graphql, public;
    CREATE SCHEMA IF NOT EXISTS hindsight;
    ALTER SCHEMA hindsight OWNER TO hindsight_user;
    REVOKE ALL ON SCHEMA hindsight FROM PUBLIC;
    GRANT USAGE, CREATE ON SCHEMA hindsight TO hindsight_user;
    ALTER DEFAULT PRIVILEGES FOR ROLE hindsight_user IN SCHEMA hindsight GRANT ALL ON TABLES TO hindsight_user;
    ALTER DEFAULT PRIVILEGES FOR ROLE hindsight_user IN SCHEMA hindsight GRANT ALL ON SEQUENCES TO hindsight_user;
    ALTER DEFAULT PRIVILEGES FOR ROLE hindsight_user IN SCHEMA hindsight GRANT ALL ON FUNCTIONS TO hindsight_user;

  2. Set env variables in docker compose as follows:

    HINDSIGHT_API_DATABASE_URL: postgresql://hindsight_user:password@supabase-db:5432/postgres
    HINDSIGHT_API_DATABASE_SCHEMA: hindsight
    HINDSIGHT_API_DB_POOL_MIN_SIZE: 5
    HINDSIGHT_API_DB_POOL_MAX_SIZE: 100
    HINDSIGHT_API_DB_COMMAND_TIMEOUT: 60
    HINDSIGHT_API_DB_ACQUIRE_TIMEOUT: 30
    HINDSIGHT_API_RUN_MIGRATIONS_ON_STARTUP: True

Expected Behavior

Create bank in UI to work as intended

Actual Behavior

  1. Tables cretaed in schema hindsight as expected
  2. Server starts without any errors
  3. Attemp to create bank test in UI results in below error.

Version

0.4.7

LLM Provider

None

ERROR

File "/app/api/.venv/lib/python3.11/site-packages/asyncpg/connection.py", line 443, in _get_statement

statement = await self._protocol.prepare(

            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

File "asyncpg/protocol/protocol.pyx", line 165, in prepare

asyncpg.exceptions.InsufficientPrivilegeError: permission denied for schema public

API error: { detail: 'permission denied for schema public' }

2026-02-01 10:22:04,054 - ERROR - hindsight_api.api.http - Error in /v1/default/banks/test: permission denied for schema public

Traceback:

Traceback (most recent call last):

File "/app/api/hindsight_api/api/http.py", line 3091, in api_create_or_update_bank

await app.state.memory.get_bank_profile(bank_id, request_context=request_context)

File "/app/api/hindsight_api/engine/memory_engine.py", line 3418, in get_bank_profile

profile = await bank_utils.get_bank_profile(pool, bank_id)

          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

File "/app/api/hindsight_api/engine/retain/bank_utils.py", line 53, in get_bank_profile

row = await conn.fetchrow(

      ^^^^^^^^^^^^^^^^^^^^

File "/app/api/.venv/lib/python3.11/site-packages/asyncpg/connection.py", line 752, in fetchrow

data = await self._execute(

       ^^^^^^^^^^^^^^^^^^^^

File "/app/api/.venv/lib/python3.11/site-packages/asyncpg/connection.py", line 1873, in _execute

result, _ = await self.__execute(

            ^^^^^^^^^^^^^^^^^^^^^

File "/app/api/.venv/lib/python3.11/site-packages/asyncpg/connection.py", line 1970, in __execute

result, stmt = await self._do_execute(

               ^^^^^^^^^^^^^^^^^^^^^^^

File "/app/api/.venv/lib/python3.11/site-packages/asyncpg/connection.py", line 2021, in _do_execute

stmt = await self._get_statement(

       ^^^^^^^^^^^^^^^^^^^^^^^^^^

File "/app/api/.venv/lib/python3.11/site-packages/asyncpg/connection.py", line 443, in _get_statement

statement = await self._protocol.prepare(

            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

File "asyncpg/protocol/protocol.pyx", line 165, in prepare

asyncpg.exceptions.InsufficientPrivilegeError: permission denied for schema public

Error creating bank: SyntaxError: "undefined" is not valid JSON

at JSON.parse (<anonymous>)

at y (.next/server/chunks/[root-of-the-server]__ff94fc3c._.js:1:1901)

at async d (.next/server/chunks/[root-of-the-server]__ff94fc3c._.js:1:5098)

at async l (.next/server/chunks/[root-of-the-server]__ff94fc3c._.js:1:6139)

at async Module.T (.next/server/chunks/[root-of-the-server]__ff94fc3c._.js:1:7217)

2026-02-01 10:22:14,968 - INFO - hindsight_api.worker.poller - [WORKER_STATS] worker=8c63867fb601 slots=0/10 (consolidation=0/2) | available=10 (consolidation=2) | global: pending=0 (schemas: hindsight) | others: none | my_active: none

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions