Transactions in Controllers: A Red Flag in Clean Code

🚀 DAY 41/100 – Controller Design Best Practices & DTO vs Entity In backend development, writing APIs is not enough. How you structure your controllers and manage data flow defines the quality, scalability, and maintainability of your application. Two concepts that every Spring Boot developer must master early: 👉 Controller Design Best Practices 👉 DTO vs Entity separation A well-designed controller should act only as a request handler, not a business logic layer. Key principles: • Keep controllers thin (delegate logic to service layer) • Use proper HTTP methods & status codes • Validate requests using @Valid • Maintain consistent API structure (/api/v1/...) • Handle exceptions using global handlers (@RestControllerAdvice) 📘 DTO vs Entity (Critical Concept) One of the most common mistakes in early backend projects is exposing entities directly. Why this is a problem: • Security risks (sensitive fields exposed) • Tight coupling between API & database • Poor flexibility for future changes Solution: ✔ Use DTOs for request/response ✔ Keep entities internal to persistence layer ✔ Map between DTO ↔ Entity in service layer 📘 What’s Covered in the Document • Controller responsibilities & anti-patterns • DTO vs Entity deep comparison • Mapping strategies (manual + tools) • Layered architecture breakdown • Interview questions with detailed answers 📄 I’ve compiled everything into a clean, revision-friendly document with examples and code snippets. If you're preparing for Java / Spring Boot / Backend roles (0–3 YOE): 📌 Save this — these are core concepts asked in interviews 🔁 Repost — helps others learning backend fundamentals Follow Surya Mahesh Kolisetty and continue the journey with #100DaysOfBackend #Java #SpringBoot #BackendDevelopment #API #CFBR #Connections #SoftwareEngineering #InterviewPrep #Developers #Programming #LearningInPublic #CleanCode #SystemDesign

Your transaction works perfectly… ✅ Until you call 𝗮𝗻𝗼𝘁𝗵𝗲𝗿 𝗺𝗲𝘁𝗵𝗼𝗱 inside it. Suddenly things behave… differently. Why? 𝗣𝗿𝗼𝗽𝗮𝗴𝗮𝘁𝗶𝗼𝗻. If you’re using `@Transactional` and not thinking about propagation, you’re basically saying: “Spring… you decide.” So what is propagation? It defines how a transaction behaves when one method calls another. Simple idea. But huge impact. Let’s break it down with real-world scenarios 🔹 REQUIRED (default) “Join if exists, else create” 💡 Example: Placing an order → Payment service called Both run in the "same transaction". If payment fails → everything rolls back. 🔹 REQUIRES_NEW “Always start fresh” 💡 Example: Order fails ❌ But you still want to "log the failure" Logging runs in a separate transaction → it gets saved ✅ 🔹 SUPPORTS “Join if exists, else run without transaction” 💡 Example: Fetching optional audit data Transaction or not… it doesn’t care. 🔹 NOT_SUPPORTED “Run without transaction” 💡 Example: Heavy read operation where transaction overhead is unnecessary Suspends existing transaction ⏸️ 🔹 MANDATORY “Transaction must exist” 💡 Example: Critical financial operation If no transaction → throw error 🚨 🔹 NEVER “Transaction must NOT exist” 💡 Example: A method that should never be part of a transaction If one exists → exception 💥 🔹 NESTED “Transaction inside a transaction” 💡 Example: Partial rollback scenario Inner transaction fails → outer can still continue Here’s the real insight Most bugs in transaction handling don’t come from syntax… They come from 𝘄𝗿𝗼𝗻𝗴 𝗽𝗿𝗼𝗽𝗮𝗴𝗮𝘁𝗶𝗼𝗻 choices. Using `@Transactional` is easy. Using it correctly is what makes you a solid backend developer. Next time you add `@Transactional`, don’t stop there… Ask: “How should this transaction behave?” #CoreJava #SpringBoot #JavaDeveloper #Transactional #BackendDevelopment #SoftwareEngineering #Developers #Programming #Developers #RDBMS #SQL #JPA #Hibernate #Database #Microservices #aswintech #SystemDesign

🚀 Most developers use @Transactional… but don’t understand how it actually works. And that’s where bugs start. Let’s simplify it 👇 --- 👉 What does @Transactional do? It ensures that a group of database operations: ✔ Either ALL succeed ✔ Or ALL fail (rollback) --- 💡 Example: @Transactional public void placeOrder() { saveOrder(); makePayment(); } 👉 If makePayment() fails ❌ → saveOrder() will also be rolled back --- 🔥 But here’s the catch (VERY IMPORTANT): @Transactional works using Spring AOP (proxy) 👉 Spring creates a proxy around your class → That proxy manages transaction start/commit/rollback --- ⚠️ Common mistake (many developers miss this): @Service public class OrderService { @Transactional public void createOrder() { saveOrder(); // ❌ Transaction may NOT work } @Transactional public void saveOrder() { // DB logic } } 👉 Why? Because internal method calls bypass the proxy 😮 --- ❌ Result: Transaction might not be applied properly --- ✅ Fix: Option 1: Call method from another service (bean) Option 2: Design properly (separate responsibilities) --- 🔥 Real-world impact: In payment systems: ❌ Partial data saved ❌ Inconsistent state This can cause serious bugs 🚨 --- 📌 Key Takeaway: @Transactional is NOT magic → It depends on proxy behavior Understand this = avoid production bugs --- Follow for more real backend learnings 🚀 #SpringBoot #Java #BackendDevelopment #SystemDesign #SoftwareEngineer

𝗔𝗳𝘁𝗲𝗿 𝗿𝗲𝘃𝗶𝗲𝘄𝗶𝗻𝗴 𝗵𝘂𝗻𝗱𝗿𝗲𝗱𝘀 𝗼𝗳 𝗣𝗥𝘀, 𝗜 𝗸𝗲𝗲𝗽 𝘀𝗲𝗲𝗶𝗻𝗴 𝘁𝗵𝗲 𝘀𝗮𝗺𝗲 𝗽𝗲𝗿𝗳𝗼𝗿𝗺𝗮𝗻𝗰𝗲 𝗶𝘀𝘀𝘂𝗲. The developer did everything right: clean code, proper repository, correct relationships. And yet, the application was making 𝟱𝟬 𝗱𝗮𝘁𝗮𝗯𝗮𝘀𝗲 𝗾𝘂𝗲𝗿𝗶𝗲𝘀 to display a single page. Nobody noticed. Until production. This is the N+1 problem. In simple terms: instead of 1 query, your app makes 1 + N, one for each item. You don't see it in your code. You see it in your logs: 1 query for orders, then 1 query per customer. 500 orders = 501 queries. The reflex fix? Switch to EAGER loading. That's often the wrong answer. The real fix is understanding 𝘄𝗵𝗮𝘁 𝘆𝗼𝘂'𝗿𝗲 𝗹𝗼𝗮𝗱𝗶𝗻𝗴 𝗮𝗻𝗱 𝘄𝗵𝗲𝗻. Need the data always? use JOIN FETCH Need it sometimes? use @EntityGraph Need full control? use DTO query N+1 is not a JPA bug. It's a judgment problem: the difference between code that works locally and systems that perform in production. I've attached a visual breakdown of these 3 approaches with real examples. Have you ever shipped something that worked perfectly in dev… but broke in production? #Java #SpringBoot #JPA #Hibernate #Backend #Performance #SoftwareEngineering

One of the most abused annotations in Spring is @Transactional. People treat it like a “wrap everything and forget” switch. I’ve seen methods like this: 👉 save to DB 👉 call external payment API 👉 send email 👉 call another microservice 👉 update DB again All inside ONE transaction. Looks clean. Feels safe. It’s not. Because the moment you mix DB + external calls inside a transaction, things start getting messy: ⚠️ external APIs are slow ⚠️ transactions stay open longer (locks, performance issues) ⚠️ if API fails → DB rolls back, but external system doesn’t ⚠️ debugging becomes painful Now you have inconsistent systems and no clear recovery path. The better way? Keep @Transactional boring. ✔️ only DB operations inside ✔️ keep it short ✔️ do external calls before or after ✔️ think about failure scenarios explicitly @Transaction is not a safety net. It’s a boundary. Use it wrong → hidden bugs Use it right → stable systems Learned this the hard way 🙂 #Java #SpringBoot #BackendEngineering #SystemDesign #Microservices #CodeQuality

Inside a Spring Boot Request — What really happens? Most developers stop at writing controllers. But real engineering starts when you understand what happens under the hood. I came across this deep dive by Coding Shuttle and it perfectly breaks down the full request lifecycle Complete flow (simplified): 1️⃣ Client sends HTTP request → reaches embedded server (Tomcat) 2️⃣ Thread from pool is assigned (thread-per-request model) 3️⃣ Request passes through Security Filter Chain (authentication happens) 4️⃣ DispatcherServlet routes request → correct controller 5️⃣ Controller → Service → Repository (business + DB logic) 6️⃣ Transaction starts → DB connection taken from pool 7️⃣ Query executes → response object created 8️⃣ Response serialized (JSON via Jackson) 9️⃣ Thread released back to pool Key insights most developers ignore: 👉 Everything runs on one thread (unless you break it with async/reactive) 👉 Security & Transactions are ThreadLocal-bound 👉 DB connections are limited → can become bottleneck 👉 Threads + DB pool + latency = your real system limits 3 Real Bottlenecks in every Spring Boot app: • Thread pool (Tomcat) • Connection pool (HikariCP) • Database capacity If any one fails → your system slows or crashes. Why this matters? Understanding this helps you: ✔ Debug production issues ✔ Optimize performance ✔ Design scalable systems ✔ Crack backend interviews with confidence Final Thought: Writing APIs is easy. Understanding execution flow is what makes you a backend engineer. Highly recommended read if you're working with Spring Boot: Inside a Spring Boot Request — Threads, Security, Transactions & System Limits Explained #SpringBoot #Java #BackendDevelopment #Microservices #SystemDesign #SoftwareEngineering

6 Pillars of code quality I’ve recently been reading 'Good Code, Bad Code' by Manning, and the section on the 6 Pillars of Code Quality really resonated with me. I figured it would be a great idea to summarize my takeaways in this blog post. To make things more practical, I’ve included code examples in .NET (C#), Spring, and Go based on my own understanding of these concepts....

Stop designing APIs like it's 2015. Most developers still make these 7 mistakes that silently kill performance, scalability, and developer experience. After 14 years of building distributed systems, here's what I've learned the hard way: 1. Returning entire objects when clients need 2 fields Use field filtering: GET /users?fields=name,email Your bandwidth bill will thank you. 2. No versioning strategy from Day 1 "We'll add it later" = breaking 50 clients at 2 AM. Start with /v1/ in your URL or use header-based versioning. 3. Using HTTP 200 for everything 200 with {"error": "not found"} is NOT okay. Use proper status codes: 201, 204, 400, 404, 429. 4. Ignoring pagination on list endpoints Returning 10,000 records in one response? Your database and your users are both crying. 5. Synchronous processing for long-running tasks Don't make clients wait 30 seconds. Return 202 Accepted + a polling URL or use WebSockets. 6. No rate limiting until the system crashes Rate limit from Day 1. Not after the incident postmortem. Use token bucket or sliding window algorithms. 7. Inconsistent naming conventions /getUsers, /fetch_orders, /retrieveProducts? Pick ONE style (camelCase or snake_case) and stick to it. Good API design is not about following REST rules perfectly. It's about making life easier for the developers consuming your API. Which of these mistakes have you seen (or made)? Drop your biggest API horror story below. Follow Kuldeep Singh for daily System Design & Java insights. #SystemDesign #APIDesign #Java #Microservices #SoftwareArchitecture #BackendDevelopment #SpringBoot #TechLeadership #Programming #WebDevelopment

Not every API should return Entity objects. Spring Boot experts use DTOs and Projections for read performance. Most developers do this: @GetMapping("/users") public List<User> getUsers() { return userRepository.findAll(); } It works… but it’s not optimal. ⸻ ❌ Problem Returning Entity: • Loads unnecessary fields • Fetches relationships lazily • Slower response • Tight coupling with DB ⸻ 🧠 Better Option 1 — DTO public class UserDto { private String name; private String email; } Mapping: return users.stream() .map(user -> new UserDto( user.getName(), user.getEmail())) .toList(); ⸻ ⚡ Best Option — Projection (Expert Way) Spring Boot supports interface-based projections: public interface UserProjection { String getName(); String getEmail(); } Repository: List<UserProjection> findAllProjectedBy(); Only required fields are fetched. ⸻ 💡 When to Use Use Entity → write operations Use DTO → API responses Use Projection → read-only optimized queries ⸻ 🧠 Expert Rule Write APIs for write flexibility Read APIs for performance ⸻ Day 18 of becoming production-ready with Spring Boot. Question: Do you use DTO or Projection for read APIs? ⸻ #Java #SpringBoot #BackendEngineering #Performance #SoftwareArchitecture

🚀 Spring Boot – Full Flow & Clean Architecture Today I focused on understanding the complete end-to-end flow of a Spring Boot application and how real-world backend systems are structured. 🧠 Core Flow: Client → Controller → DTO (Validation) → Service → Repository → Database → JSON Response ⚠️ Error Flow: Validation/Exception → Global Handler → Structured Error Response 💡 Key Learnings: ✔️ DTO handles validation and safe data transfer ✔️ Service layer contains business logic (application brain) ✔️ Repository interacts with the database using JPA ✔️ Global exception handling ensures clean and consistent APIs 🏗️ Project Structure (Industry Standard): controller • service • repository • dto • entity • exception • config ✨ This separation of concerns makes applications scalable, maintainable, and team-friendly. 💻 DSA Practice: • Two Sum (HashMap optimization) • Reverse string & valid palindrome 🔍 Understanding how each layer connects has given me much better clarity on building production-ready backend systems. #SpringBoot #Java #BackendDevelopment #RESTAPI #Microservices #CleanArchitecture #DSA #LearningInPublic #SoftwareEngineering