Platform Architecture
True No-Code / Low-Code System

UNENTROPY is metadata-driven by design: zero hardcoded models, dynamic reflection, universal CRUD, controlled JSONB grouping, and multi-layered security — built for regulated environments.

Start: Zero Models → 5-Layer Security

🎯 Zero Hardcoded Models

Unlike traditional platforms that require Python/Java model classes for every entity, UNENTROPY uses SQLAlchemy Core + reflection. One controller supports all modules.

0 ORM Models
Reflection
Reusable CRUD
Traditional approach: Add 1 field → update model → controller → migration → deploy → ~4 hours
UNENTROPY approach: Add 1 field → update metadata JSON → deploy metadata → ~5 minutes

📋 Metadata-Driven Everything

Your single source of truth lives in metadata (example: schemaMetadata.json) defining tables, columns, types, grouping, and relationships.

Whitelists
Relationships
Type rules

🔁 Flow: Metadata → Backend → Secure Execution

Metadata config is read at runtime. Backend builds allowed table/column whitelists, validates schema, and executes only parameterized operations.

  • schemaMetadata.json defines entity structure
  • Backend validates allowed identifiers
  • Queries executed using parameterization
  • Works for all modules without code changes

⏱ Time Savings Comparison

Side-by-side comparison of traditional hardcoded builds vs metadata-driven workflow.

98% faster
Less maintenance
Scenario Traditional UNENTROPY Outcome
Add 1 Field ~4 hours model + controller + migration + deploy ~5 minutes metadata only 98% faster
Add 10 Fields ~2 days multiple files + testing + deploy ~30 minutes bulk metadata update 95% faster
Add New Module ~1 week models + controllers + services + UI ~2 hours tables + metadata + UI builder 97% faster
Change Table Structure ~3 hours migration + deploy ~10 minutes ALTER + metadata 94% faster
Support 5 Modules 5 implementations 5x maintenance 1 shared engine reusable for all 80% less code

🔄 Universal CRUD Service

The same service handles Create / Read / Update / Delete for every entity — no model classes needed.

Pagination
Relationships
Caching

✅ What it supports

  • Create, Read, Update, Delete operations
  • Pagination and filtering
  • Relationship handling (one-to-many, many-to-many)
  • JSONB merge support
  • Table caching for performance
  • Automatic type conversion

📦 Automatic JSONB Grouping

Frontend can send flat field keys. Backend automatically groups them into JSONB columns based on metadata, and flattens them back on read.

Merge
Flatten
Bidirectional
// Frontend sends individual fields { "trainingRequired": true, "trainingDescription": "All operators", "trainingAudience": "Production team" } // Backend automatically groups into JSONB { "training_data": { "required": true, "description": "All operators", "audience": "Production team" } } // On READ: Backend flattens JSONB back to individual fields // Bidirectional transformation!

🛡️ 5-Layer Security Architecture

SQL injection is structurally prevented using multiple layers: parameterization, whitelist, sanitization and schema validation.

5 Layers
Whitelist
Schema guardrails

🧱 Layers

  • Layer 1: Parameterized SQLAlchemy Core queries
  • Layer 2: Table/column whitelist from metadata
  • Layer 3: Input sanitization (identifiers & keyword checks)
  • Layer 4: Type checking and constraints
  • Layer 5: Schema validation against actual DB schema
Result: This approach makes injection “impossible by design”, not “unlikely by validation”.

🧪 Real-World Example

Scenario: Add an “Estimated Cost” field into Change Control — compare traditional vs UNENTROPY.

Less people
Less time

❌ Traditional Way

Typically involves developer + QA cycles + migration management.

  • Alter table
  • Update model + controller
  • Write migration
  • Staging deploy + QA testing
  • Prod deploy + monitoring
Time: ~2 days • People: ~4

✅ UNENTROPY Way

Metadata + builder update + immediate test, minimal cycle time.

  • Alter table
  • Update metadata JSON
  • Add field in UI builder
  • Test immediately
  • Deploy metadata file
Time: ~1 hour • People: ~1

✨ Platform Capabilities (Summary)

A single engine powering multiple builders and enterprise-ready compliance controls.

Builders
Events
Hooks

🚀 What you can do

  • Add 100 fields → update metadata → zero code changes
  • Add a new module → create table + metadata → reuse same controller
  • Change table structure → ALTER + metadata → automatic compatibility
  • Scale to enterprise → same architecture, more entities
  • Extend with hooks → validation & business logic
  • Integrate easily → API-first patterns