I have done this as you described and it is a correct way to do it. No performances issues met.
As a hint you can make an extra entity (MyRoles) to control the visibility, language and assignability of the roles.
Edit: About customization. Images per customer are in the model. So every client has its own logo. The forms are translated by Mendix, works perfect.
User definable data like categories, departments etc are translated with separate entities, xpath constraint over the user_language association, etc, etc. Too much for now, but if you need more information, contact me.