Advanced — Backend#
Recipes for things the default CRUD flow doesn’t cover. Each topic is standalone.
| Topic | Scenario |
|---|---|
| Custom query filters | Inject tenant / visibility rules from applyQueryFilter; filter by parent-table columns |
| Native SQL reports | Publish a hand-written SQL endpoint via NativeQueryHandler |
| Bulk exports | Stream large CSV / Excel result sets |
| Cross-entity business validation | Multi-table validation in lifecycle hooks (invoice vs. contract ceiling, status-based edit locks) |
| Dynamic native queries with JSqlParser | Composable dashboard SQL with programmatic WHERE injection |
| Custom controllers with Palmyra ACL | Non-CRUD endpoints (payments, approvals) secured via @PreAuthorize + hasPermission |
| Approval workflow with audit trail | Multi-step state machine with field-level before/after diff logging |
| Row-level data scoping | Restrict which rows a user sees based on department / role assignment |
| Email with outbox pattern | Deferred email + @Scheduled background jobs — email queue, snapshots, file cleanup |
| Child entity handlers with nested URLs | Parent-scoped line items — URL-driven FK injection, query scoping, cross-entity stock updates |
| Automatic JPA audit fields | @EntityListeners + Spring Security for createdBy / updatedBy on JPA-managed saves |