我的数据库设计好吗？

Question

I am building a market place application.I am designing the applications. I have two three kind of users :

1. admin : user who do administration tasks disable an account, add information to user, enable account, send message to user,...

2. seller : user who create a product in the web site and sell it create product, edit product, deactivate product, change price

3. buyer : user who buy product

So it's user : A- has his own rights ( what is allowed to do ) B- has his own informations. The seller will have a list of product while the buyer will have the list of transaction.

I manage the user authentication and authorization using Spring Security Framework. My application is developped in Java / Hibernate / Spring / AngularJS / Bootstrap. I can manage rights with Spring security. This is not the problem.

My question is about user information. Is it better to have an the following table :

@Entity
@Table(name = "T_USER")
@Cache(usage = CacheConcurrencyStrategy.NONSTRICT_READ_WRITE)
@Inheritance(strategy=InheritanceType.JOINED)
public class User extends AbstractAuditingEntity implements Serializable {

    @NotNull
    @Size(min = 0, max = 50)
    @Id
    @Column(length = 50)
    private String login;

    @JsonIgnore
    @Size(min = 0, max = 100)
    @Column(length = 100)
    private String password;

    @Size(min = 0, max = 50)
    @Column(name = "first_name", length = 50)
    private String firstName;

    @Size(min = 0, max = 50)
    @Column(name = "last_name", length = 50)
    private String lastName;

    @Email
    @Size(min = 0, max = 100)
    @Column(length = 100)
    private String email;

//others attributes,getters and setters
}

The subclasses

 @Entity
    @Table(name = "T_ADMIN")
    @Cache(usage = CacheConcurrencyStrategy.NONSTRICT_READ_WRITE)
    public class Admin extends extends User{ 
// specific informations
}

 @Entity
    @Table(name = "T_SELLER")
    @Cache(usage = CacheConcurrencyStrategy.NONSTRICT_READ_WRITE)
    public class Seller extends extends User{ 
// specific informations
}

 @Entity
    @Table(name = "T_BUYER")
    @Cache(usage = CacheConcurrencyStrategy.NONSTRICT_READ_WRITE)
    public class Buyer extends User{ 
// specific informations
}

After the user is authenticate, i can use the following userServiceDetails to add information specific to the type of user :

public class UserDetailServiceImpl implements UserDetailsService {
 private UserDAO userdao;

 public void setUserdao(UserDAO userdao) {
  this.userdao = userdao;
 }

 // this class is used by spring controller to authenticate and authorize
 // user
 @Override
 public UserDetails loadUserByUsername(String userId)
   throws UsernameNotFoundException {
  com.model.User u;
  try {
   u = userdao.get(userId);
   if (u == null)
    throw new UsernameNotFoundException("user name not found");

  } catch (DAOException e) {
   throw new UsernameNotFoundException("database error ");
  }
  return buildUserFromUserEntity(u);

 }

 private User buildUserFromUserEntity(com.model.User userEntity) {
  // convert model user to spring security user
  String username = userEntity.getUserId();
  String password = userEntity.getPassword();
  boolean enabled = true;
  boolean accountNonExpired = true;
  boolean credentialsNonExpired = true;
  boolean accountNonLocked = true;
  GrantedAuthority[] authorities = user.getAuthorities();
 User user = null;

if(authorities[0].getName.equals("ROLE_ADMIN"){
    user =  new Admin(username, password, enabled,
    accountNonExpired, credentialsNonExpired, accountNonLocked,
    authorities);
// set admin informations
}
else if(authorities[0].getName.equals("ROLE_SELLER"){
  user =  new Seller(username, password, enabled,
    accountNonExpired, credentialsNonExpired, accountNonLocked,
    authorities);
// set seller informations
} 
else if(authorities[0].getName.equals("ROLE_BUYER"){
  user =  new Buyer(username, password, enabled,
    accountNonExpired, credentialsNonExpired, accountNonLocked,
    authorities);
// set buyer informations
}


  return user;
 }

}

I am wondering is my database design about user hierarchy is good ?

Answer 1

I would say go ahead with your implementation of it.

The only thing I can advise is that if you're doing queries with the SELLERS and BUYERS, the querys will be alot faster if you split them into different tables instead of one.

Answer 2

I don't know the specs of your application, so it may be perfectly correct, but your design don't lets a user to be a seller and a buyer at the same time.

I think it will be more flexible if you only have one table for users and, on login, compose a list of roles for this user, so an user could have many roles, each one with their info and relationships.