Why would the permissions change so often?
If I were to be hand-coding the SQL, I would probably normally include some sort of where clause that references the permission information
What prevents you from writing the equivalent query in JPQL or, if need be, in native SQL?
I'd never seen any examples using a JPQL update. I suspected something like that must exist but didn't know exactly what I didn't know. ;)
As far as permissions changing often...I have a few cases where it can happen and just want to be as correct as possible. Here's one example...I'm building a community-type website where users can send messages to each other. However, if someone is being a pain, they can be blocked by another user. Under those circumstances I don't want the blocked user to be able to contact the blocking user at all.
BTW, do you know if there is any way to just add a WHERE clause onto the SQL Hibernate generates? In some cases I have really complex persistent object graphs and it could be a real pain to have to generate the proper JPQL. Thanks again for the input.
As for JPQL updates, you should check this out:
"do you know if there is any way to just add a WHERE clause onto the SQL Hibernate generates?"
I don't think there is. It's either JPQL or native SQL. I doubt you can modify the query after it's generated.