Should admin account be in the same user class as a customer?

I learn Grails and Spring Security plugin.

I don't know how to design sample web application with two l开发者_如何学JAVAayers: customer can view product and categories and order a product (if he/she is registered and logged in) and admin who can logged in to admin panel where he/she can manage categories and products (CRUD). My question is: should all users (admin and customer) be in one User class? I suppose that all apllication (catalog and admin panel) should be secured by Spring Security plugin.

If you're using the Spring Security plugin then the default behavior assumes all users are instances of the same class. You can distinguish between an administrator and a customer by checking what's returned by the roles property of the user class.

The plugin provides a service and various Grails tags that you can use to figure out whether a user is an administrator, a cusomer, is authenticated, etc.

yes all users should be one class. and then you assign roles to each user. for example a user can have the ROLE_USER, and another user can have the ROLE_USER,ROLE_ADMIN